先来说下nova api删除虚拟机的代码中有这么一个判断：

def _delete(self, context, instance, delete_type, cb, **instance_attrs):         if instance.disable_terminate:                # 会判断disable_terminate             LOG.info(_LI(‘instance termination disabled‘),                      instance=instance)             return

如果disable_terminate为true的话，，这个删除操作就直接返回了。

下面就是实现如何暴露这个属性的api

[root@node_172_16_214_226 ~(keystone_admin)]# vim /usr/lib/python2.7/site-packages/nova-4.0-py2.7.egg-info/entry_points.txt limits = nova.api.openstack.compute.limits:Limits lock_server = nova.api.openstack.compute.lock_server:LockServer disable_terminate_server = nova.api.openstack.compute.disable_terminate_server:DisableTerminateServer   # 新增这条

定义policy

[root@node_172_16_214_226 ~(keystone_admin)]# vim /etc/nova/policy.json         "os_compute_api:os-lock-server:unlock:unlock_override": "rule:admin_api", "os_compute_api:os-disable-terminate-server:disable_terminate": "rule:admin_or_owner",   # 新增 "os_compute_api:os-disable-terminate-server:enable_terminate": "rule:admin_or_owner",   #  新增

新增disable_terminate_server.py代码

[root@node_172_16_214_226 ~(keystone_admin)]# cat /usr/lib/python2.7/site-packages/nova/api/openstack/compute/disable_terminate_server.py # Copyright 2011 OpenStack Foundation # #   Licensed under the Apache License, Version 2.0 (the "License"); you may #   not use this file except in compliance with the License. You may obtain #   a copy of the License at # #        # #   Unless required by applicable law or agreed to in writing, software #   distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #   WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the #   License for the specific language governing permissions and limitations #   under the License. from nova.api.openstack import common from nova.api.openstack import extensions from nova.api.openstack import wsgi from nova import compute ALIAS = "os-disable-terminate-server" authorize = extensions.os_compute_authorizer(ALIAS) class DisableTerminateServerController(wsgi.Controller):     def __init__(self, *args, **kwargs):         super(DisableTerminateServerController, self).__init__(*args, **kwargs)         self.compute_api = compute.API(skip_policy_check=True)     @wsgi.response(202)     @extensions.expected_errors(404)     @wsgi.action(‘disable_terminate‘)     def disable_terminate(self, req, id, body):         """Disable terminate a server instance."""         context = req.environ[‘nova.context‘]         authorize(context, action=‘disable_terminate‘)         instance = common.get_instance(self.compute_api, context, id)         self.compute_api.disable_terminate(context, instance)     @wsgi.response(202)     @extensions.expected_errors(404)     @wsgi.action(‘enable_terminate‘)     def enable_terminate(self, req, id, body):         """Enable terminate a server instance."""         context = req.environ[‘nova.context‘]         authorize(context, action=‘enable_terminate‘)         instance = common.get_instance(self.compute_api, context, id)         self.compute_api.enable_terminate(context, instance)                   class DisableTerminateServer(extensions.V21APIExtensionBase):     """Enable/Disable terminate server actions."""     name = "DisableTerminateServer"     alias = ALIAS     version = 1     def get_controller_extensions(self):         controller = DisableTerminateServerController()         extension = extensions.ControllerExtension(self, ‘servers‘, controller)         return [extension]     def get_resources(self):         return []