keystone 手动建立租户,用户,角色,服务,端口
建立租户:
root@cloud:~# keystone tenant-create --name=admin
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | |
| enabled | True |
| id | 139ea7b2f2444bcd85c327c1671708e1 |
| name | admin |
+-------------+----------------------------------+
root@cloud:~# keystone tenant-create --name=demo
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | |
| enabled | True |
| id | 8d428dd34477470d95ad6ad4df0d2dd4 |
| name | demo |
+-------------+----------------------------------+
root@cloud:~# keystone tenant-create --name=service
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | |
| enabled | True |
| id | 9fa61d1bd95d49d4be39658dc5b2a527 |
| name | service |
+-------------+----------------------------------+
查看建立的租户:
root@cloud:~# keystone tenant-list
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+----------------------------------+---------+---------+
| id | name | enabled |
+----------------------------------+---------+---------+
| 139ea7b2f2444bcd85c327c1671708e1 | admin | True |
| 8d428dd34477470d95ad6ad4df0d2dd4 | demo | True |
| 9fa61d1bd95d49d4be39658dc5b2a527 | service | True |
+----------------------------------+---------+---------+
root@cloud:~#
删除租户:
建立一个租户:
root@cloud:~# keystone tenant-create --name=test
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | |
| enabled | True |
| id | 2c5fd775f7d049a0a3116ec257c1c106 |
| name | test |
+-------------+----------------------------------+
查看租户:
root@cloud:~# keystone tenant-list
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+----------------------------------+---------+---------+
| id | name | enabled |
+----------------------------------+---------+---------+
| 139ea7b2f2444bcd85c327c1671708e1 | admin | True |
| 8d428dd34477470d95ad6ad4df0d2dd4 | demo | True |
| 9fa61d1bd95d49d4be39658dc5b2a527 | service | True |
| 2c5fd775f7d049a0a3116ec257c1c106 | test | True |
+----------------------------------+---------+---------+
删除租户:
root@cloud:~# keystone tenant-delete 2c5fd775f7d049a0a3116ec257c1c106
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
root@cloud:~#
查看是否删除:
root@cloud:~# keystone tenant-list
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+----------------------------------+---------+---------+
| id | name | enabled |
+----------------------------------+---------+---------+
| 139ea7b2f2444bcd85c327c1671708e1 | admin | True |
| 8d428dd34477470d95ad6ad4df0d2dd4 | demo | True |
| 9fa61d1bd95d49d4be39658dc5b2a527 | service | True |
+----------------------------------+---------+---------+
root@cloud:~#
建立用户:
建立admin用户:
root@cloud:~# keystone user-create --name=admin --pass=openstack --email=admin@domain.com #建立user用户不需要指定tenant,email不是固定的,根据环境选择
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| email | admin@domain.com |
| enabled | True |
| id | 94123525f8994a42a1d010bf728b4627 |
| name | admin |
| tenantId | |
+----------+----------------------------------+
root@cloud:~# 建立demo用户: 官方文档中这里tenant-id 后面加了=号这里不用等号也行,建议不加,应为后面建立令牌的时候是不加的。
root@cloud:~# keystone user-create --name=demo --pass=openstack --email=demo@domain.com --tenant-id 8d428dd34477470d95ad6ad4df0d2dd4
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| email | demo@domain.com |
| enabled | True |
| id | e1e98f7715094798a56f61dd1f85595e |
| name | demo |
| tenantId | 8d428dd34477470d95ad6ad4df0d2dd4 |
+----------+----------------------------------+
root@cloud:~#
建立角色:
root@cloud:~# keystone role-create --name=admin
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| id | 844d47b695c04c74bc8799b41450dc90 |
| name | admin |
+----------+----------------------------------+
root@cloud:~# keystone role-create --name=Member
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| id | 99643e947abf45f280f39ab06a9ff858 |
| name | Member |
+----------+----------------------------------+
root@cloud:~#
为用户在租户中添加角色:
先查看相应的ID
root@cloud:~# keystone user-list
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+----------------------------------+-------+---------+------------------+
| id | name | enabled | email |
+----------------------------------+-------+---------+------------------+
| 94123525f8994a42a1d010bf728b4627 | admin | True | admin@domain.com |
| e1e98f7715094798a56f61dd1f85595e | demo | True | demo@domain.com |
+----------------------------------+-------+---------+------------------+
root@cloud:~# keystone tenant-list
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+----------------------------------+---------+---------+
| id | name | enabled |
+----------------------------------+---------+---------+
| 139ea7b2f2444bcd85c327c1671708e1 | admin | True |
| 8d428dd34477470d95ad6ad4df0d2dd4 | demo | True |
| 9fa61d1bd95d49d4be39658dc5b2a527 | service | True |
+----------------------------------+---------+---------+
root@cloud:~# keystone role-list
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+----------------------------------+----------+
| id | name |
+----------------------------------+----------+
| 99643e947abf45f280f39ab06a9ff858 | Member |
| 9fe2ff9ee4384b1894a90878d3e92bab | _member_ |
| 844d47b695c04c74bc8799b41450dc90 | admin |
+----------------------------------+----------+
为用户在租户中添加角色:
root@cloud:~#
root@cloud:~# keystone user-role-add --user-id 94123525f8994a42a1d010bf728b4627 --tenant-id 139ea7b2f2444bcd85c327c1671708e1 --role-id 844d47b695c04c74bc8799b41450dc90
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
root@cloud:~#
注意role指定的是Member角色
root@cloud:~# keystone user-role-add --tenant-id 8d428dd34477470d95ad6ad4df0d2dd4 --user-id e1e98f7715094798a56f61dd1f85595e --role-id 99643e947abf45f280f39ab06a9ff858
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
root@cloud:~#
服务以及端口的建立:
root@cloud:~# keystone service-create --name nova --type compute --description 'OpenStack Compute Service'
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | OpenStack Compute Service |
| id | 50195c63e78749c4bfb0c4da8a121033 |
| name | nova |
| type | compute |
+-------------+----------------------------------+
root@cloud:~# keystone service-create --name cinder --type volume --description 'OpenStack Volume Service'
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | OpenStack Volume Service |
| id | 09dd98bd962b4e61b4377ba70a5d9c69 |
| name | cinder |
| type | volume |
+-------------+----------------------------------+
root@cloud:~# keystone service-create --name glance --type image --description 'OpenStack Image Service'
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | OpenStack Image Service |
| id | e0ef8e829b914147b6c49d281e4817db |
| name | glance |
| type | image |
+-------------+----------------------------------+
root@cloud:~# keystone service-create --name keystone --type identity --description 'OpenStack Identity'
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | OpenStack Identity |
| id | 9ccb0db9159648d89f276527c339cc40 |
| name | keystone |
| type | identity |
+-------------+----------------------------------+
root@cloud:~# keystone service-create --name ec2 --type ec2 --description 'OpenStack EC2 service'
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | OpenStack EC2 service |
| id | d2738dff2cd54615b7b2002081e21ff9 |
| name | ec2 |
| type | ec2 |
+-------------+----------------------------------+
root@cloud:~# keystone service-create --name quantum --type network --description 'OpenStack Networking service'
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | OpenStack Networking service |
| id | 8b3f86f20bf146068b898aac0dd3334f |
| name | quantum |
| type | network |
+-------------+----------------------------------+
root@cloud:~#
建立endpoint:
root@cloud:~# keystone endpoint-create --region RegionOne --service-id 50195c63e78749c4bfb0c4da8a121033 --publicurl 'http://10.10.10.10:8774/v2/$(tenant_id)s' --adminurl 'http://10.10.10.10:8774/v2/$(tenant_id)s'
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+-------------+------------------------------------------+
| Property | Value |
+-------------+------------------------------------------+
| adminurl | http://10.10.10.10:8774/v2/$(tenant_id)s |
| id | 520470e44d7a4bf088a93beb000a6f6b |
| internalurl | |
| publicurl | http://10.10.10.10:8774/v2/$(tenant_id)s |
| region | RegionOne |
| service_id | 50195c63e78749c4bfb0c4da8a121033 |
+-------------+------------------------------------------+
root@cloud:~#
root@cloud:~# keystone endpoint-create --region RegionOne --service-id 9ccb0db9159648d89f276527c339cc40 --publicurl 'http://10.10.10.10:5000/v2.0' --adminurl 'http://10.10.10.10:35357/v2.0' --internalurl 'http://10.10.10.10:5000/v2.0'
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| adminurl | http://10.10.10.10:35357/v2.0 |
| id | 59f4ccf564ce47fe8b141692288cb497 |
| internalurl | http://10.10.10.10:5000/v2.0 |
| publicurl | http://10.10.10.10:5000/v2.0 |
| region | RegionOne |
| service_id | 9ccb0db9159648d89f276527c339cc40 |
+-------------+----------------------------------+
root@cloud:~#
其他的端口建议在安装一个服务之后再建立,这样呢个将错误降低到最低。
keystone 手动建立租户,用户,角色,服务,端口的更多相关文章
- keystone 域-项目-用户-角色
https://docs.openstack.org/keystone/latest/ 官方文档 domain是认证边界,项目.用户属于域,然后通过角色把用户和项目关联起来. openstack ...
- Oracle只读用户角色的建立
授予某模式下对象读权限给角色,就可以建立Oracle只读用户角色,下文对该方法的实现步骤作了详细的介绍,供您参考学习. 下面为您介绍的是Oracle只读用户角色的建立方法,该方法供您参考,如果您在Or ...
- 邮件服务端口 port 25、109、110、143、465、995、993
邮件服务端口 port 25.109.110.143.465.995.993 25端口(SMTP):25端口为SMTP(Simple Mail TransferProtocol,简单邮件传输协议) ...
- Windows使用telnet验证服务端口是否通
使用telnet指令时,Windows需要开启Telnet服务. telnet不通的情况: a.端口对应的服务没启动,或者启动了服务端口不是对应的测试端口. b.端口受限不能访问. 以下内容转自:ht ...
- 七天学会ASP.NET MVC (五)——Layout页面使用和用户角色管理
系列文章 七天学会ASP.NET MVC (一)——深入理解ASP.NET MVC 七天学会ASP.NET MVC (二)——ASP.NET MVC 数据传递 七天学会ASP.NET MVC (三)— ...
- 将Apache手动安装成Windows的服务
将Apache手动安装成Windows的服务 可以选择在安装Apache时自动将其安装为一个服务.如果选择"for all users",那么Apache将会被安装为服务. 如果选 ...
- [转]扩展RBAC用户角色权限设计方案
原文地址:http://www.iteye.com/topic/930648 RBAC(Role-Based Access Control,基于角色的访问控制),就是用户通过角色与权限进行关联.简单地 ...
- 扩展RBAC用户角色权限设计方案
RBAC(Role-Based Access Control,基于角色的访问控制),就是用户通过角色与权限进行关联.简单地说,一个用户拥有若干角色,每一个角色拥有若干权限.这样,就构造成“用户-角色- ...
- Socket服务端口长连接最多能支持多少?
答案是无限的.视服务端的资源而不同. 以前一直认为服务端在Accept客户端连接后,会开启一个新的端口与客户端建立链路,但这是错误的.事实上,一个连路是由Server IP+server Port + ...
随机推荐
- Python调试工具-Spyder
OS:Windows 7 关键字:Python IDE, Spyder 1.安装工具pip:https://pip.pypa.io/en/latest/installing.html 下载 get-p ...
- 图论(四)------非负权有向图的单源最短路径问题,Dijkstra算法
Dijkstra算法解决了有向图G=(V,E)上带权的单源最短路径问题,但要求所有边的权值非负. Dijkstra算法是贪婪算法的一个很好的例子.设置一顶点集合S,从源点s到集合中的顶点的最终最短路径 ...
- hdu 4570 Multi-bit Trie 区间DP入门
Multi-bit Trie 题意:将长度为n(n <= 64)的序列分成若干段,每段的数字个数不超过20,且每段的内存定义为段首的值乘以2^(段的长度):问这段序列总的内存最小为多少? 思路: ...
- .net entity framework 泛型 更新与增加记录
static public bool SaveOrUpdate<T>(T entity) where T: class { bool result = false; using (wech ...
- <一> SQL 基础
删除数据库 drop database database-name 创建新表格 create table tablename (col1 type1 [not null] [primary key], ...
- 增加字体和颜色样式-------CSS
通过使用CSS,控制文本的字体,风格和颜色 1.基本操作: body{ font-family: Verdana, Geneva, Tahoma, sans-serif } body{ font-si ...
- javascript移动设备触屏事件
ontouchstartontouchmoveontouchendontouchcancel 目前移动端浏览器均支持这4个触摸事件: /** * onTouchEvent */ var div = d ...
- ExtJS4.2学习(16)制作表单(转)
鸣谢:http://www.shuyangyang.com.cn/jishuliangongfang/qianduanjishu/2013-12-10/188.html --------------- ...
- jmeter linux使用经验小结
1. 确认务必安装了JDK,并且把路径配置OK.否则执行会报错. 2. 当做负载机时,在hosts 配置上 你的ip 你的hostname 或者使用./bin/jmeter-server ...
- JAVA 字符串编码总结
java 为了解决跨平台,字符串编码的有点特殊 String newStr = new String(oldStr.getBytes(), "UTF-8");java中的Strin ...