keystone 手动建立租户,用户,角色,服务,端口
建立租户:
root@cloud:~# keystone tenant-create --name=admin
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | |
| enabled | True |
| id | 139ea7b2f2444bcd85c327c1671708e1 |
| name | admin |
+-------------+----------------------------------+
root@cloud:~# keystone tenant-create --name=demo
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | |
| enabled | True |
| id | 8d428dd34477470d95ad6ad4df0d2dd4 |
| name | demo |
+-------------+----------------------------------+
root@cloud:~# keystone tenant-create --name=service
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | |
| enabled | True |
| id | 9fa61d1bd95d49d4be39658dc5b2a527 |
| name | service |
+-------------+----------------------------------+
查看建立的租户:
root@cloud:~# keystone tenant-list
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+----------------------------------+---------+---------+
| id | name | enabled |
+----------------------------------+---------+---------+
| 139ea7b2f2444bcd85c327c1671708e1 | admin | True |
| 8d428dd34477470d95ad6ad4df0d2dd4 | demo | True |
| 9fa61d1bd95d49d4be39658dc5b2a527 | service | True |
+----------------------------------+---------+---------+
root@cloud:~#
删除租户:
建立一个租户:
root@cloud:~# keystone tenant-create --name=test
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | |
| enabled | True |
| id | 2c5fd775f7d049a0a3116ec257c1c106 |
| name | test |
+-------------+----------------------------------+
查看租户:
root@cloud:~# keystone tenant-list
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+----------------------------------+---------+---------+
| id | name | enabled |
+----------------------------------+---------+---------+
| 139ea7b2f2444bcd85c327c1671708e1 | admin | True |
| 8d428dd34477470d95ad6ad4df0d2dd4 | demo | True |
| 9fa61d1bd95d49d4be39658dc5b2a527 | service | True |
| 2c5fd775f7d049a0a3116ec257c1c106 | test | True |
+----------------------------------+---------+---------+
删除租户:
root@cloud:~# keystone tenant-delete 2c5fd775f7d049a0a3116ec257c1c106
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
root@cloud:~#
查看是否删除:
root@cloud:~# keystone tenant-list
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+----------------------------------+---------+---------+
| id | name | enabled |
+----------------------------------+---------+---------+
| 139ea7b2f2444bcd85c327c1671708e1 | admin | True |
| 8d428dd34477470d95ad6ad4df0d2dd4 | demo | True |
| 9fa61d1bd95d49d4be39658dc5b2a527 | service | True |
+----------------------------------+---------+---------+
root@cloud:~#
建立用户:
建立admin用户:
root@cloud:~# keystone user-create --name=admin --pass=openstack --email=admin@domain.com #建立user用户不需要指定tenant,email不是固定的,根据环境选择
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| email | admin@domain.com |
| enabled | True |
| id | 94123525f8994a42a1d010bf728b4627 |
| name | admin |
| tenantId | |
+----------+----------------------------------+
root@cloud:~# 建立demo用户: 官方文档中这里tenant-id 后面加了=号这里不用等号也行,建议不加,应为后面建立令牌的时候是不加的。
root@cloud:~# keystone user-create --name=demo --pass=openstack --email=demo@domain.com --tenant-id 8d428dd34477470d95ad6ad4df0d2dd4
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| email | demo@domain.com |
| enabled | True |
| id | e1e98f7715094798a56f61dd1f85595e |
| name | demo |
| tenantId | 8d428dd34477470d95ad6ad4df0d2dd4 |
+----------+----------------------------------+
root@cloud:~#
建立角色:
root@cloud:~# keystone role-create --name=admin
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| id | 844d47b695c04c74bc8799b41450dc90 |
| name | admin |
+----------+----------------------------------+
root@cloud:~# keystone role-create --name=Member
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| id | 99643e947abf45f280f39ab06a9ff858 |
| name | Member |
+----------+----------------------------------+
root@cloud:~#
为用户在租户中添加角色:
先查看相应的ID
root@cloud:~# keystone user-list
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+----------------------------------+-------+---------+------------------+
| id | name | enabled | email |
+----------------------------------+-------+---------+------------------+
| 94123525f8994a42a1d010bf728b4627 | admin | True | admin@domain.com |
| e1e98f7715094798a56f61dd1f85595e | demo | True | demo@domain.com |
+----------------------------------+-------+---------+------------------+
root@cloud:~# keystone tenant-list
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+----------------------------------+---------+---------+
| id | name | enabled |
+----------------------------------+---------+---------+
| 139ea7b2f2444bcd85c327c1671708e1 | admin | True |
| 8d428dd34477470d95ad6ad4df0d2dd4 | demo | True |
| 9fa61d1bd95d49d4be39658dc5b2a527 | service | True |
+----------------------------------+---------+---------+
root@cloud:~# keystone role-list
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+----------------------------------+----------+
| id | name |
+----------------------------------+----------+
| 99643e947abf45f280f39ab06a9ff858 | Member |
| 9fe2ff9ee4384b1894a90878d3e92bab | _member_ |
| 844d47b695c04c74bc8799b41450dc90 | admin |
+----------------------------------+----------+
为用户在租户中添加角色:
root@cloud:~#
root@cloud:~# keystone user-role-add --user-id 94123525f8994a42a1d010bf728b4627 --tenant-id 139ea7b2f2444bcd85c327c1671708e1 --role-id 844d47b695c04c74bc8799b41450dc90
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
root@cloud:~#
注意role指定的是Member角色
root@cloud:~# keystone user-role-add --tenant-id 8d428dd34477470d95ad6ad4df0d2dd4 --user-id e1e98f7715094798a56f61dd1f85595e --role-id 99643e947abf45f280f39ab06a9ff858
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
root@cloud:~#
服务以及端口的建立:
root@cloud:~# keystone service-create --name nova --type compute --description 'OpenStack Compute Service'
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | OpenStack Compute Service |
| id | 50195c63e78749c4bfb0c4da8a121033 |
| name | nova |
| type | compute |
+-------------+----------------------------------+
root@cloud:~# keystone service-create --name cinder --type volume --description 'OpenStack Volume Service'
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | OpenStack Volume Service |
| id | 09dd98bd962b4e61b4377ba70a5d9c69 |
| name | cinder |
| type | volume |
+-------------+----------------------------------+
root@cloud:~# keystone service-create --name glance --type image --description 'OpenStack Image Service'
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | OpenStack Image Service |
| id | e0ef8e829b914147b6c49d281e4817db |
| name | glance |
| type | image |
+-------------+----------------------------------+
root@cloud:~# keystone service-create --name keystone --type identity --description 'OpenStack Identity'
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | OpenStack Identity |
| id | 9ccb0db9159648d89f276527c339cc40 |
| name | keystone |
| type | identity |
+-------------+----------------------------------+
root@cloud:~# keystone service-create --name ec2 --type ec2 --description 'OpenStack EC2 service'
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | OpenStack EC2 service |
| id | d2738dff2cd54615b7b2002081e21ff9 |
| name | ec2 |
| type | ec2 |
+-------------+----------------------------------+
root@cloud:~# keystone service-create --name quantum --type network --description 'OpenStack Networking service'
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | OpenStack Networking service |
| id | 8b3f86f20bf146068b898aac0dd3334f |
| name | quantum |
| type | network |
+-------------+----------------------------------+
root@cloud:~#
建立endpoint:
root@cloud:~# keystone endpoint-create --region RegionOne --service-id 50195c63e78749c4bfb0c4da8a121033 --publicurl 'http://10.10.10.10:8774/v2/$(tenant_id)s' --adminurl 'http://10.10.10.10:8774/v2/$(tenant_id)s'
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+-------------+------------------------------------------+
| Property | Value |
+-------------+------------------------------------------+
| adminurl | http://10.10.10.10:8774/v2/$(tenant_id)s |
| id | 520470e44d7a4bf088a93beb000a6f6b |
| internalurl | |
| publicurl | http://10.10.10.10:8774/v2/$(tenant_id)s |
| region | RegionOne |
| service_id | 50195c63e78749c4bfb0c4da8a121033 |
+-------------+------------------------------------------+
root@cloud:~#
root@cloud:~# keystone endpoint-create --region RegionOne --service-id 9ccb0db9159648d89f276527c339cc40 --publicurl 'http://10.10.10.10:5000/v2.0' --adminurl 'http://10.10.10.10:35357/v2.0' --internalurl 'http://10.10.10.10:5000/v2.0'
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| adminurl | http://10.10.10.10:35357/v2.0 |
| id | 59f4ccf564ce47fe8b141692288cb497 |
| internalurl | http://10.10.10.10:5000/v2.0 |
| publicurl | http://10.10.10.10:5000/v2.0 |
| region | RegionOne |
| service_id | 9ccb0db9159648d89f276527c339cc40 |
+-------------+----------------------------------+
root@cloud:~#
其他的端口建议在安装一个服务之后再建立,这样呢个将错误降低到最低。
keystone 手动建立租户,用户,角色,服务,端口的更多相关文章
- keystone 域-项目-用户-角色
https://docs.openstack.org/keystone/latest/ 官方文档 domain是认证边界,项目.用户属于域,然后通过角色把用户和项目关联起来. openstack ...
- Oracle只读用户角色的建立
授予某模式下对象读权限给角色,就可以建立Oracle只读用户角色,下文对该方法的实现步骤作了详细的介绍,供您参考学习. 下面为您介绍的是Oracle只读用户角色的建立方法,该方法供您参考,如果您在Or ...
- 邮件服务端口 port 25、109、110、143、465、995、993
邮件服务端口 port 25.109.110.143.465.995.993 25端口(SMTP):25端口为SMTP(Simple Mail TransferProtocol,简单邮件传输协议) ...
- Windows使用telnet验证服务端口是否通
使用telnet指令时,Windows需要开启Telnet服务. telnet不通的情况: a.端口对应的服务没启动,或者启动了服务端口不是对应的测试端口. b.端口受限不能访问. 以下内容转自:ht ...
- 七天学会ASP.NET MVC (五)——Layout页面使用和用户角色管理
系列文章 七天学会ASP.NET MVC (一)——深入理解ASP.NET MVC 七天学会ASP.NET MVC (二)——ASP.NET MVC 数据传递 七天学会ASP.NET MVC (三)— ...
- 将Apache手动安装成Windows的服务
将Apache手动安装成Windows的服务 可以选择在安装Apache时自动将其安装为一个服务.如果选择"for all users",那么Apache将会被安装为服务. 如果选 ...
- [转]扩展RBAC用户角色权限设计方案
原文地址:http://www.iteye.com/topic/930648 RBAC(Role-Based Access Control,基于角色的访问控制),就是用户通过角色与权限进行关联.简单地 ...
- 扩展RBAC用户角色权限设计方案
RBAC(Role-Based Access Control,基于角色的访问控制),就是用户通过角色与权限进行关联.简单地说,一个用户拥有若干角色,每一个角色拥有若干权限.这样,就构造成“用户-角色- ...
- Socket服务端口长连接最多能支持多少?
答案是无限的.视服务端的资源而不同. 以前一直认为服务端在Accept客户端连接后,会开启一个新的端口与客户端建立链路,但这是错误的.事实上,一个连路是由Server IP+server Port + ...
随机推荐
- 002.TPerlRegEx简单测试
我要做什么? 将一个字符串中的所有连续的数字替换成一个* 代码: program Project1; {$APPTYPE CONSOLE} uses System.SysUtils, PerlRegE ...
- NFS挂载及写入故障
最近在做架构时,分离出来一台图片服务器,图片服务器是通过NFS(网络文件系统)给两台web服务器提供图片存储的,在编辑NFS配置文件(/etc/exports)时:想了一下,允许访问NFS共享目录的范 ...
- VisualStudio自定义代码段_方法二
1.在项目中新增一个xml文件为vcoo.snippet,然后右键“插入代码段”,选择Snippet即可: 2.修改代码片段内容后保存: 3.VS菜单中选择“工具”-“代码段管理器”导入这个snipp ...
- 开发设计模式(一)Command模式
Command定义 将来自客户端的请求传入一个对象,无需了解这个请求激活的 动作或有关接受这个请求的处理细节. 这是一种两台机器之间通讯联系性质的模式,类似传统过程语 言的 CallBack功能. 优 ...
- javascript高级编程笔记03(正则表达式)
引用类型 检测数组 注:我们实际开发中经常遇到要把数组转化成以逗号隔开,我以前都是join来实现,其实又更简单的方法可以用toString方法,它会自动用逗号隔开转换成字符串,其实toString内部 ...
- 关于xcode6打包以及上线前企业部署测试的说明 --转自张诚教授微博
xcode6如何打包 首先clean然后点击归档 点击打包之后保存 点选第一个以后检查相关证书签名 那么我们开发完以后,在上线前如何给别人测试 有2种方法 1.使用299美金的企业开发者账号搭建企业部 ...
- poj 3373 Changing Digits (DFS + 记忆化剪枝+鸽巢原理思想)
http://poj.org/problem?id=3373 Changing Digits Time Limit: 3000MS Memory Limit: 65536K Total Submi ...
- 自适应网页设计(Responsive Web Design)(转)
随着3G的普及,越来越多的人使用手机上网. 移动设备正超过桌面设备,成为访问互联网的最常见终端.于是,网页设计师不得不面对一个难题:如何才能在不同大小的设备上呈现同样的网页? 手机的屏幕比较小,宽度通 ...
- 1182-IP地址转换
描述 给定一个点分十进制的IP地址,把这个IP地址转换为二进制形式. 输入 输入只有一行,一个点分十进制的IP地址 包括四个正整数,用三个.分开,形式为a.b.c.d 其中0<=a,b,c,d& ...
- ZOJ 3170 Friends
点我看题目 题意 : 就是有n个人,m对关系,每对关系的两个人是好朋友,这个关系是相互的,如果有两个人的共同好朋友超过k个,那这两个人也会是好朋友的,给你m对关系,给你足够长的时间,问你还能增加几对关 ...