Note: This post has been edited and updated multiple times, and the most recent and accurate copy of this post can be found on the IBM developerWorks website, in a blog post titled, Administering Your IBM Cloud Account – A script to help.
As many of you know, if I have to do something more than two or three times, I tend to put in some effort to script it. I know a lot of what I can do on the command line with the IBM Cloud, but I don’t always remember the exact syntax for all of those bx command line commands. I also like to have something that I can call from the command line, so I can just script up common administrative scenarios.
Other Options
There are some options which already exist out there. I wasn’t aware of some of them, and none of them allow for scripting access. One of the best that I have seen is the interactive application discussed in the blog post on Real-Time Billing Insights From Your IBM Cloud Account, written by Maria Borbones Garcia. Her Billing Insights app is already deployed out on Bluemix. It’s nice – suggest you go and try it out. She also points you to her mybilling project on GitHub, which means that you can download and deploy this app for yourself (and even contribute to the project). Another project that I have seen is the My Console project, which will show a different view of your IBM Cloud account.
Why Create a Script?
This all came home to me this past week as I began to administer a series of accounts associated with a Beta effort at IBM (which I’ll probably expand upon once the closed beta is complete). I have 20 different IBM Cloud accounts, and I need to manage the billing, users, and policies for each of these accounts. I can do it all from the console, but that can take time, and I can make mistakes. The other thing that I thought of was that I often get questions from our customers about, “How do I track what my users are using, and what our current bill is?”. So that led me to begin writing up a Python script that would allow you to quickly and easily do these types of things.
So I began to develop the IBM_Cloud_Admin tool, which you can see the code for in its GitHub repository. Go ahead and download a copy of it from GitHub. This is a simple Python script, and it just executes a bunch of IBM Cloud CLI commands for you. If you go through a session and then look at your logfile, you can see all the specific command line commands issued, and see the resulting output from those commands. This allows you to do things in this tool, and then quickly look in the log file and strip out the commands that YOU need for your own scripts.
How To Use The Script
To run the script, you can just type in:
python IBM_Cloud_Admin.py -t apiKey.json
The script has a few different modes it can run in.
- If you use the -t flag, it will use an API Key file, which you can get from your IBM Cloud account, to log into the IBM Cloud. This is the way that I like to use it.
- If you don’t use the -t flag, you’ll need to supply a username and password for your IBM Cloud account using the -u and -p flags.
- If you use the -b flag (for billing information), then you will run in batch mode. This will get billing information for the account being logged into, and then quit. You can use this mode in a script, since it does not require any user input.
- If you don’t use the -b flag (for billing information), then you will run in interactive mode. This will display menus on the command line that you can choose from.
The Output Files
There are a number of output files from this tool. There is the IBM_Cloud_Admin.output.log file, which contains a log of your session and will show you the IBM Cloud command line commands issued by the tool, and the responses returned. This is a good way to get familiar with the IBM Cloud command line commands, so you can use them in custom scripts for your own use.
You may also see files with names like, MyProj_billing _summary.csv and MyProj_billing _by_org.json. These are billing reports that you generated from the tool. Here is a list of the reports, and what they contain.
- MyProj_billing _summary.csv – this CSV file contains billing summary data for your account for the current month.
- MyProj_billing _summary.json – this JSON file contains billing summary data for your account for the current month. It shows the raw JSON output from the IBM Cloud CLI.
- MyProj_billing _by_org.csv – this CSV file contains billing details data for your account, split out by org and space, for the current month.
- MyProj_billing _by_org.json – this JSON file contains billing details data for your account, split out by org and space, for the current month. It shows the raw JSON output from the IBM Cloud CLI.
- MyProj_annual_billing _summary.csv – this CSV file contains billing summary data for your account for the past year.
- MyProj_annual_billing _summary.json – this JSON file contains billing summary data for your account for the past year. It shows the raw JSON output from the IBM Cloud CLI.
- MyProj_annual_billing _by_org.csv – this CSV file contains billing details data for your account, split out by org and space, for the past year.
- MyProj_annual_billing _by_org.json – this JSON file contains billing details data for your account, split out by org and space, for the past year. It shows the raw JSON output from the IBM Cloud CLI.
Use the JSON output files as inputs to further processing that you might want to do of your IBM Cloud usage data. The CSV files can be used as inputs to spreadsheets and pivot tables that you can build that will show you details on usage from an account perspective, as well as from an organization and space perspective.
Getting Your Api Key File
I’ve mentioned the API key file a couple of times here. If you are not familiar with what an API Key file is, then you’ll want to read this section. An API Key is a small text file which contains some JSON based information, which when used properly with the IBM Cloud command line tool, will allow anyone to log into the IBM Cloud environment as a particular user, without having to supply a password. The API Key file is your combined username/password. Because of this, do NOT share API keyfiles with others, and you should rotate your API Key files periodically, just in case your keyfile has become compromised.
Getting an API Key on IBM Cloud is really easy.
- Log into the IBM Cloud, and navigate to your account settings in the upper right hand corner of the IBM Cloud in your web browser. Select Manage > Security > Platform API Keys.
- Click on the blue Create button.
- In the resulting dialog, select a name for your API Key (something that will tell you which IBM Cloud account the key is associated with), give a short description, and hit the blue Create button.
- You should now see a page indicating that your API Key has been successfully created. If not, then start over again from the beginning. If you have successfully created an API Key, download it to your machine, and store it somewhere secure.
Note: A quick note on API Keys. For security reasons, I suggest that you periodically destroy API Keys and re-create them (commonly called rotating your API keys or access tokens). Then if someone had access to your data by having one of your API keys, they will lose this access.
Other Tasks
Do you have other administrative tasks that you would like to see the tool handle? Find a bug? Want to help improve the tool by building a nice interface for it? Just contact me through the GitHub repository, join the project, and add issues for problems, bugs, and enhancement requests.
A Final Thought
This script is a quick hacked together Python script – nothing more and nothing less. The code isn’t pretty, and there are better ways to do some of the things that I have done here – but I was focused on getting something working quickly, and not on efficiency or Python coding best practices. I would not expect anyone to base their entire IBM Cloud administration on this tool – but it’s handy to use if you need something quick, and cannot remember those IBM Cloud command line commands.