初始化
更新时间:2023-12-15
确认Endpoint
在确认您使用SDK时配置的Endpoint时,可先参考阅读API参考中关于 API服务域名 的部分,理解Endpoint相关的概念。 百度智能云目前开放了多区域支持,请参考区域选择说明。 对应信息为:
| 访问区域 | 对应Endpoint |
|---|---|
| 北京 | eip.bj.baidubce.com |
| 广州 | eip.gz.baidubce.com |
| 苏州 | eip.su.baidubce.com |
| 香港 | eip.hkg.baidubce.com |
| 武汉 | eip.fwh.baidubce.com |
| 保定 | eip.bd.baidubce.com |
获取密钥
要使用百度智能云EIP,您需要拥有一个有效的 AK(Access Key ID)和SK(Secret Access Key)用来进行签名认证。AK/SK是由系统分配给用户的,均为字符串,用于标识用户,为访问EIP做签名验证。 可以通过如下步骤获得并了解您的AK/SK信息: 注册百度智能云账号 创建AK/SK
新建EipClient/EipGroupClient/EipBpClient/EipTpClient
EipClient/EipGroupClient/EipBpClient/EipTpClient是Eip服务的Python客户端,为开发者与Eip服务进行交互提供了一系列的方法。
使用AK/SK新建EipClient/EipGroupClient/EipBpClient/EipTpClient
- 在新建EipClient/EipGroupClient之前,需要先创建配置文件对EipClient/EipGroupClient/EipBpClient/EipTpClient进行配置,以下将此配置文件命名为eip_sample_conf.py,具体配置信息如下所示:
#!/usr/bin/env python
#coding=utf-8
# 导入Python标准日志模块
import logging
# 从Python SDK导入EIP配置管理模块以及安全认证模块
from baidubce.bce_client_configuration import BceClientConfiguration
from baidubce.auth.bce_credentials import BceCredentials
# 设置EipClient的Host,Access Key ID和Secret Access Key
eip_host = "eip.bj.baidubce.com"
access_key_id = "AK"
secret_access_key = "SK"
# 设置日志文件的句柄和日志级别
logger = logging.getLogger('baidubce.http.bce_http_client')
fh = logging.FileHandler("sample.log")
fh.setLevel(logging.DEBUG)
# 设置日志文件输出的顺序、结构和内容
formatter = logging.Formatter('%(asctime)s - %(name)s - %(levelname)s - %(message)s')
fh.setFormatter(formatter)
logger.setLevel(logging.DEBUG)
logger.addHandler(fh)
# 创建BceClientConfiguration
config = BceClientConfiguration(credentials=BceCredentials(access_key_id, secret_access_key), endpoint = eip_host)注意: 针对日志文件,Logging有如下级别:DEBUG,INFO,WARNING,ERROR,CRITICAL。
在上面代码中,access_key_id对应控制台中的“Access Key ID”,secret_access_key对应控制台中的“Access Key Secret”,获取方式请参考《操作指南 管理ACCESSKEY》。
上面的方式用户需要自己指定EIP的服务的域名,可以通过赋值给eip_host变量来指定。不指定时无需传入endpoint参数,默认为北京区域http://eip.bj.baidubce.com。
- 在完成上述配置之后,参考如下代码新建一个EipClient/EipGroupClient/EipBpClient/EipTpClient。
# 导入EipClientt配置文件
import eip_sample_conf
# 导入Eip相关模块
from baidubce import exception
from baidubce.services import eip
from baidubce.services.eip.eip_client import EipClient
from baidubce.services.eip.eip_group_client import EipGroupClient
from baidubce.services.eip.eip_bp_client import EipBpClient
from baidubce.services.eip.eip_tp_client import EipTpClient
# 新建EipClient
eip_client = EipClient(eip_sample_conf.config)
#新建EipGroupClient
eip_group_client = EipGroupClient(eip_sample_conf.config)
#新建EipBpClient
eip_bp_client = EipBpClient(eip_sample_conf.config)
#新建EipTpClient
eip_tp_client = EipTpClient(eip_sample_conf.config)使用STS创建EipClient/EipGroupClient/EipBpClient/EipTpClient
EIP可以通过STS机制实现第三方的临时授权访问。STS(Security Token Service)是百度智能云提供的临时授权服务。通过STS,您可以为第三方用户颁发一个自定义时效和权限的访问凭证。第三方用户可以使用该访问凭证直接调用百度智能云的API或SDK访问百度智能云资源。
通过STS方式访问EIP,用户需要先通过STS的client申请一个认证字符串,申请方式可参见百度智能云STS使用介绍。
- 获取临时token,创建配置文件"sts_sample_conf.py"对EipClient/EipGroupClient/EipBpClient/EipTpClient进行配置。
import logging
from baidubce.bce_client_configuration import BceClientConfiguration
from baidubce.auth.bce_credentials import BceCredentials
sts_host = "STS_HOST"
access_key_id = "AK"
secret_access_key = "SK"
logger = logging.getLogger('baidubce.services.sts.stsclient')
fh = logging.FileHandler("sample.log")
fh.setLevel(logging.DEBUG)
formatter = logging.Formatter('%(asctime)s - %(name)s - %(levelname)s - %(message)s')
fh.setFormatter(formatter)
logger.setLevel(logging.DEBUG)
logger.addHandler(fh)
config = BceClientConfiguration(credentials=BceCredentials(access_key_id, secret_access_key), endpoint=sts_host)注意: 目前使用STS配置client时,无论对应EIP服务的endpoint在哪里,endpoint都需配置为
http://sts.bj.baidubce.com。
- 新建StsClient,并使用获得的临时token,配置BceClientConfiguration。创建文件"sts_sample.py"通过StsClient申请一套AK、SK和token。
import sts_sample_conf
from baidubce.services.sts.sts_client import StsClient
from baidubce.bce_client_configuration import BceClientConfiguration
from baidubce.auth.bce_credentials import BceCredentials
sts_client = StsClient(sts_sample_conf.config)
duration_seconds = 3600
# you can specify limited permissions with ACL
access_dict = {}
access_dict["service"] = "your service words"
access_dict["region"] = "bj"
access_dict["effect"] = "Allow"
resource = ["*"]
access_dict["resource"] = resource
permission = ["READ"]
access_dict["permission"] = permission
access_control_list = {"accessControlList": [access_dict]}
# 新建StsClient
response = sts_client.get_session_token(acl=access_control_list, duration_seconds=duration_seconds)
sts_ak = str(response.access_key_id)
sts_sk = str(response.secret_access_key)
token = response.session_token
eip_host = "EIP_HOST"
# 配置BceClientConfiguration
config = BceClientConfiguration(credentials=BceCredentials(sts_ak, sts_sk), endpoint = eip_host, security_token=token)- 在完成上述配置之后,参考如下代码新建一个EipClient/EipGroupClient/EipBpClient/EipTpClient。
import sts_sample
# 导入EIP相关模块
from baidubce import exception
from baidubce.services import eip
from baidubce.services.eip.eip_client import EipClient
from baidubce.services.eip.eip_group_client import EipGroupClient
from baidubce.services.eip.eip_bp_client import EipBpClient
from baidubce.services.eip.eip_tp_client import EipTpClient
# 新建EipClient
eip_client = EipClient(sts_sample.config)
#新建EipGroupClient
eip_group_client = EipGroupClient(sts_sample.config)
#新建EipBpClient
eip_bp_client = EipBpClient(sts_sample.config)
#新建EipTpClient
eip_tp_client = EipTpClient(eip_sample_conf.config)配置HTTPS协议访问EIP/EIPGroup/EipBp/EipTp
EIP支持HTTPS传输协议,您可以通过如下两种方式在EIP Python SDK中使用HTTPS访问EIP服务:
- 在endpoint中指明https:
config = bce_client_configuration.BceClientConfiguration(
credentials = bce_credentials.BceCredentials(
access_key_id = 'your-ak',
secret_access_key = 'your-sk'
),
endpoint = 'https://eip.bj.baidubce.com'
)
eip_client = eip_client.EipClient(config)
eip_group_client = eip_group_client.EipGroupClient(config)
eip_bp_client = eip_bp_client.EipBpClient(config)
eip_tp_client = eip_tp_client_EipTpClient(config)- 通过在
protocol中指定https来设置HTTPS协议:
config = bce_client_configuration.BceClientConfiguration(
credentials = bce_credentials.BceCredentials(
access_key_id = 'your-ak',
secret_access_key = 'your-sk'
),
endpoint = 'eip.bj.baidubce.com',
protocol = baidubce.protocol.HTTPS
)
eip_client = eip_client.EipClient(config)
eip_group_client = eip_group_client.EipGroupClient(config)
eip_bp_client = eip_bp_client.EipBpClient(config)
eip_tp_client = eip_tp_client_EipTpClient(config)注意: 如果您在指定了endpoint的scheme的同时指定了protocol参数,则以endpoint为准。
config = bce_client_configuration.BceClientConfiguration(
credentials = bce_credentials.BceCredentials(
access_key_id = 'your-ak',
secret_access_key = 'your-sk'
),
endpoint = 'http://bj.bcebos.com',
protocol = baidubce.protocol.HTTPS
)
# 均为HTTP类型
eip_client = eip_client.EipClient(config)
eip_group_client = eip_group_client.EipGroupClient(config)
eip_bp_client = eip_bp_client.EipBpClient(config)
eip_tp_client = eip_tp_client_EipTpClient(config)配置EipClient/EipGroupClient/EipBpClient
设置网络参数
用户可以设置一些网络参数:
# 设置请求超时时间
eip_sample_conf.config.connection_timeout_in_mills = TIMEOUT
# 设置接收缓冲区大小
eip_sample_conf.config.recv_buf_size(BUF_SIZE)
# 设置发送缓冲区大小
eip_sample_conf.config.send_buf_size(BUF_SIZE)
# 设置连接重试策略
# 三次指数退避重试
eip_sample_conf.config.retry_policy = BackOffRetryPolicy()
# 不重试
eip_sample_conf.config.retry_policy = NoRetryPolicy()