2012年4月16日月曜日

OpenStack/Essex Configuration 02:KeyStone


このエントリーをはてなブックマークに追加


CentOS6.2上でOpenStack Essexを動かす。
全コンポーネントを連携させることが目標。

- OpenStack/Essex Configuration 01:DB, Queue
- OpenStack/Essex Configuration 02:KeyStone
- OpenStack/Essex Configuration 03:Swift
- OpenStack/Essex Configuration 04:Glance
- OpenStack/Essex Configuration 05:Nova
- OpenStack/Essex Configuration 06:Horizon

OpenStack/Essex RPMs
- OpenStack/Essex RPM Nova/Horizon
- OpenStack/Essex RPM Swift/Keystone/Glance


パッケージの導入

リポジトリはこちらを利用:http://kvps-27-34-160-192.secure.ne.jp/pub/openstack-essex/

[root@opst-ky ~]# yum install openstack-keystone
[root@opst-ky ~]# yum install openstack-python-keystoneclient
[root@opst-ky ~]# yum install MySQL-python

設定ファイルの編集

[root@opst-ky ~]# su - keystone
[keystone@opst-ky ~]$

ユーザ:keystoneはrpmインストール時に自動的に作成される。

[keystone@opst-ky ~]$ cd /etc/keystone/
[keystone@opst-ky keystone]$ ls -l
合計 16
-rwxr-xr-x 1 keystone keystone 1539  4月  8 10:58 2012 default_catalog.templates.sample
-rwxr-xr-x 1 keystone keystone 2721  4月  8 10:58 2012 keystone.conf.sample
-rwxr-xr-x 1 keystone keystone  758  4月  8 10:58 2012 logging.conf.sample
-rwxr-xr-x 1 keystone keystone   59  4月  8 10:58 2012 policy.json.sample
これらのファイルを編集していく。


keystone.conf

[keystone@opst-ky keystone]$ cp keystone.conf.sample keystone.conf
[keystone@opst-ky keystone]$ vim keystone.conf
[DEFAULT]
bind_host = 0.0.0.0
public_port = 5000
admin_port = 35357
admin_token = ADMIN_keystone_token
compute_port = 8774
verbose = True
debug = True
#log_config = ./etc/logging.conf.sample
log_file = /var/log/keystone/keystone.log

# ================= Syslog Options ============================
# Send logs to syslog (/dev/log) instead of to file specified
# by `log-file`
use_syslog = False

# Facility to use. If unset defaults to LOG_USER.
# syslog_log_facility = LOG_LOCAL0

[sql]
#connection = sqlite:///keystone.db
connection = mysql://keystone:db-keystone-pass@192.168.128.100/keystone
idle_timeout = 200

[ldap]
#url = ldap://localhost
#tree_dn = dc=example,dc=com
#user_tree_dn = ou=Users,dc=example,dc=com
#role_tree_dn = ou=Roles,dc=example,dc=com
#tenant_tree_dn = ou=Groups,dc=example,dc=com
#user = dc=Manager,dc=example,dc=com
#password = freeipa4all
#suffix = cn=example,cn=com

[identity]
driver = keystone.identity.backends.sql.Identity

[catalog]
driver = keystone.catalog.backends.templated.TemplatedCatalog
#template_file = ./etc/default_catalog.templates
template_file = /etc/keystone/default_catalog.templates

[token]
driver = keystone.token.backends.kvs.Token

# Amount of time a token should remain valid (in seconds)
expiration = 86400

[policy]
driver = keystone.policy.backends.rules.Policy

[ec2]
#driver = keystone.contrib.ec2.backends.kvs.Ec2
driver = keystone.contrib.ec2.backends.sql.Ec2

[filter:debug]
paste.filter_factory = keystone.common.wsgi:Debug.factory

[filter:token_auth]
paste.filter_factory = keystone.middleware:TokenAuthMiddleware.factory

[filter:admin_token_auth]
paste.filter_factory = keystone.middleware:AdminTokenAuthMiddleware.factory

[filter:xml_body]
paste.filter_factory = keystone.middleware:XmlBodyMiddleware.factory

[filter:json_body]
paste.filter_factory = keystone.middleware:JsonBodyMiddleware.factory

[filter:crud_extension]
paste.filter_factory = keystone.contrib.admin_crud:CrudExtension.factory

[filter:ec2_extension]
paste.filter_factory = keystone.contrib.ec2:Ec2Extension.factory

[app:public_service]
paste.app_factory = keystone.service:public_app_factory

[app:admin_service]
paste.app_factory = keystone.service:admin_app_factory

[pipeline:public_api]
pipeline = token_auth admin_token_auth xml_body json_body debug ec2_extension public_service

[pipeline:admin_api]
pipeline = token_auth admin_token_auth xml_body json_body debug ec2_extension crud_extension admin_service

[app:public_version_service]
paste.app_factory = keystone.service:public_version_app_factory

[app:admin_version_service]
paste.app_factory = keystone.service:admin_version_app_factory

[pipeline:public_version_api]
pipeline = xml_body public_version_service

[pipeline:admin_version_api]
pipeline = xml_body admin_version_service

[composite:main]
use = egg:Paste#urlmap
/v2.0 = public_api
/ = public_version_api

[composite:admin]
use = egg:Paste#urlmap
/v2.0 = admin_api
/ = admin_version_api


default_catalog.templates

[keystone@opst-ky keystone]$ cp default_catalog.templates.sample default_catalog.templates
[keystone@opst-ky keystone]$ vim default_catalog.templates

このファイルはOpenStackをユーザが利用する上で重要な「サービスエンドポイント」の定義を行う。
サービスエンドポイントについてはこちらを参照

http://openstack.jp/assets/files/20111119/OpenStackIdentity.pdf
http://2done.org/openstack/install/keystone.html#id10


# keystone
catalog.RegionOne.identity.publicURL = http://10.0.0.110:$(public_port)s/v2.0
catalog.RegionOne.identity.adminURL = http://192.168.128.110:$(admin_port)s/v2.0
catalog.RegionOne.identity.internalURL = http://172.26.0.110:$(public_port)s/v2.0
catalog.RegionOne.identity.name = Identity Service

# nova-compute
catalog.RegionOne.compute.publicURL = http://10.0.0.140:$(compute_port)s/v1.1/$(tenant_id)s
catalog.RegionOne.compute.adminURL = http://192.168.128.140:$(compute_port)s/v1.1/$(tenant_id)s
catalog.RegionOne.compute.internalURL = http://172.26.0.140:$(compute_port)s/v1.1/$(tenant_id)s
catalog.RegionOne.compute.name = Compute Service

# nova-volume
catalog.RegionOne.volume.publicURL = http://10.0.0.140:8776/v1/$(tenant_id)s
catalog.RegionOne.volume.adminURL = http://192.168.128.140:8776/v1/$(tenant_id)s
catalog.RegionOne.volume.internalURL = http://172.26.0.140:8776/v1/$(tenant_id)s
catalog.RegionOne.volume.name = Volume Service

# ec2
catalog.RegionOne.ec2.publicURL = http://10.0.0.140:8773/services/Cloud
catalog.RegionOne.ec2.adminURL = http://192.168.128.140:8773/services/Admin
catalog.RegionOne.ec2.internalURL = http://172.26.0.140:8773/services/Cloud
catalog.RegionOne.ec2.name = EC2 Service

# glance
catalog.RegionOne.image.publicURL = http://10.0.0.120:9292/v1
catalog.RegionOne.image.adminURL = http://192.168.128.120:9292/v1
catalog.RegionOne.image.internalURL = http://172.26.0.120:9292/v1
catalog.RegionOne.image.name = Image Service

# swift
catalog.RegionOne.object-store.publicURL = http://10.0.0.130:8080/v1/AUTH_$(tenant_id)s
catalog.RegionOne.object-store.adminURL = http://192.168.128.130:8080/
catalog.RegionOne.object-store.internalURL = http://172.26.0.130:8080/v1/AUTH_$(tenant_id)s
catalog.RegionOne.object-store.name = Swift Service


policy.json

[keystone@opst-ky keystone]$ cp policy.json.sample policy.json

特に編集せず。


keystoneの起動

[keystone@opst-ky keystone]$ keystone-all &


起動確認

■ログ

[root@opst-ky ~]# tail -f /var/log/keystone/keystone.log
2012-04-08 14:49:09    DEBUG [keystone.common.wsgi] Starting /usr/bin/keystone-all on 0.0.0.0:5000
2012-04-08 14:49:09    DEBUG [eventlet.wsgi.server] (1624) wsgi starting up on http://0.0.0.0:35357/
2012-04-08 14:49:09    DEBUG [eventlet.wsgi.server] (1624) wsgi starting up on http://0.0.0.0:5000/

■ポート

[keystone@opst-ky keystone]$ netstat -nap |grep python

(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
tcp        0      0 0.0.0.0:35357               0.0.0.0:*                   LISTEN      1624/python
tcp        0      0 0.0.0.0:5000                0.0.0.0:*                   LISTEN      1624/python


■プロセス

[keystone@opst-ky keystone]$ ps -ef |grep keystone-all
keystone  1624  1597  0 14:49 pts/1    00:00:00 /usr/bin/python /usr/bin/keystone-all


初期設定

[keystone@opst-ky keystone]$ export SERVICE_ENDPOINT=http://192.168.128.110:35357/v2.0
[keystone@opst-ky keystone]$ export SERVICE_TOKEN=ADMIN_keystone_token

■DBの初期化

[keystone@opst-ky keystone]$ keystone-manage db_sync

これによりMySQL上にテーブルが作成される。

[root@opst-db ~]# mysql -h 192.168.128.100 -u keystone -p
Enter password:
mysql>

mysql> show databases
| Database           |
|--------------------|
| information_schema |
| keystone           |
| test               |

mysql> use keystone
mysql> show tables;
| Tables_in_keystone     |
|------------------------|
| ec2_credential         |
| endpoint               |
| metadata               |
| migrate_version        |
| role                   |
| service                |
| tenant                 |
| token                  |
| user                   |
| user_tenant_membership |

設定の確認

[keystone@opst-ky keystone]$ keystone service-list

まだ何も情報を登録してないので、リストは空だが設定に不備があるとエラーになる。
エラーの場合は、ログを確認してエラーを解決する。

| id | name | type | description |
|----+------+------+-------------|
|    |      |      |             |



テナントの登録

[keystone@opst-ky keystone]$ keystone tenant-create --name="admin"
| Property    | Value                            |
|-------------+----------------------------------|
| description | None                             |
| enabled     | True                             |
| id          | e3f5826b96f74985b5ad673de64e0afd |
| name        | admin                            |

[keystone@opst-ky keystone]$ keystone tenant-create --name="service01"
| Property    | Value                            |
|-------------+----------------------------------|
| description | None                             |
| enabled     | True                             |
| id          | 0e60c80a5c3b4ff9a45c208486269f96 |
| name        | service01                        |

[keystone@opst-ky keystone]$ keystone tenant-create --name="demo"
| Property    | Value                            |
|-------------+----------------------------------|
| description | None                             |
| enabled     | True                             |
| id          | b38a3428d9b341bfbc9f616a28010e68 |
| name        | demo                             |

[keystone@opst-ky keystone]$ keystone tenant-create --name="invisible_to_admin"
| Property    | Value                            |
|-------------+----------------------------------|
| description | None                             |
| enabled     | True                             |
| id          | 6e1a37166e2e413e9b12a2cc0ca20ca9 |
| name        | invisible_to_admin               |

[keystone@opst-ky keystone]$ keystone tenant-list
| id                               | name               | enabled |
|----------------------------------+--------------------+---------|
| 0e60c80a5c3b4ff9a45c208486269f96 | service01          | True    |
| 6e1a37166e2e413e9b12a2cc0ca20ca9 | invisible_to_admin | True    |
| b38a3428d9b341bfbc9f616a28010e68 | demo               | True    |
| e3f5826b96f74985b5ad673de64e0afd | admin              | True    |

■DBの確認
mysql> select * from tenant;
| id                               | name               | extra                                  |
|----------------------------------+--------------------+----------------------------------------|
| e3f5826b96f74985b5ad673de64e0afd | admin              | {"enabled": true, "description": null} |
| 0e60c80a5c3b4ff9a45c208486269f96 | service01          | {"enabled": true, "description": null} |
| b38a3428d9b341bfbc9f616a28010e68 | demo               | {"enabled": true, "description": null} |
| 6e1a37166e2e413e9b12a2cc0ca20ca9 | invisible_to_admin | {"enabled": true, "description": null} |


ユーザの登録

[keystone@opst-ky keystone]$ keystone user-create --name=admin --pass="admin" --email=admin@example.com
[keystone@opst-ky keystone]$ keystone user-create --name=demo --pass="demo" --email=demo@example.com
[keystone@opst-ky keystone]$ keystone user-create --name=nova --pass="nova" --email=nova@example.com
[keystone@opst-ky keystone]$ keystone user-create --name=glance --pass="glance" --email=glance@example.com
[keystone@opst-ky keystone]$ keystone user-create --name=swift --pass="swift" --email=swift@example.com

[keystone@opst-ky keystone]$ keystone user-list
| id                               | enabled | email              | name   |
|----------------------------------+---------+--------------------+--------|
| 1ff2e19b2bf8449bba1f5fccce9f023d | True    | demo@example.com   | demo   |
| 5c68d3d474544a479f43b3d20d2a2caf | True    | swift@example.com  | swift  |
| 61f8dc5df0fb48a2867078476cdd5b66 | True    | glance@example.com | glance |
| b10e6c4b56b5454a9370de87ceb7759d | True    | nova@example.com   | nova   |
| bd5158ed087948dc974028036e5f65dd | True    | admin@example.com  | admin  |

■DBの確認

mysql> select * from user;
| id                               | name   | extra                                                                                                                                                                                                     |
|----------------------------------+--------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| bd5158ed087948dc974028036e5f65dd | admin  | {"password": "$6$rounds=40000$fJ7TZg/ymOyeqofP$7zKDN0pLnq4u9EwsGiO.loRRMPcIkfqHgycgbaqfQOwhig5omCaI52g0XdOqnrumJA.inVuSrCpYUepF2nxbb0", "enabled": true, "email": "admin@example.com", "tenantId": null}  |
| 1ff2e19b2bf8449bba1f5fccce9f023d | demo   | {"password": "$6$rounds=40000$pr/RaqG6JvvqGlIw$syGbK3BCds8hS745cEKzZPxkQe24B4ZggWFfRFpTGLLE/3ZZKfParBFaBktFcxVQI1p67qG.IvxCXbrd5ICiF1", "enabled": true, "email": "demo@example.com", "tenantId": null}   |
| b10e6c4b56b5454a9370de87ceb7759d | nova   | {"password": "$6$rounds=40000$Q/aNz6A0Gu6Umtao$3sgLHvTauE2TbeenECgv7eIrQrGjMC4FCK7C1jH1sGwrtoJUNKEqhxdNgT7y0FJmkSykcHoA6tFqvcz/zZLsv0", "enabled": true, "email": "nova@example.com", "tenantId": null}   |
| 61f8dc5df0fb48a2867078476cdd5b66 | glance | {"password": "$6$rounds=40000$LHWFCAuyxDnBRzSq$HDzCNU.tmX1w6N/j4sbIW3uudm3flkuLxQ3nfTHgY1yARf6xZbqX/CwRp0SuONg/6oOhpgj1u3bWcF7NRS/DQ/", "enabled": true, "email": "glance@example.com", "tenantId": null} |
| 5c68d3d474544a479f43b3d20d2a2caf | swift  | {"password": "$6$rounds=40000$RQR3KO1yHMqVk3O3$ZNgTFvgnFS9auXatrx794eCFduvxbZpRHPBRA1ZN5z1jLwtIAnHWJUExb6uSpOvSn/SdH4Wf0pkVlqzDXYH0m1", "enabled": true, "email": "swift@example.com", "tenantId": null}  |


ロールの登録

[keystone@opst-ky keystone]$ keystone role-create --name=admin
[keystone@opst-ky keystone]$ keystone role-create --name=Member
[keystone@opst-ky keystone]$ keystone role-create --name=KeystoneAdmin
[keystone@opst-ky keystone]$ keystone role-create --name=KeystoneServiceAdmin
[keystone@opst-ky keystone]$ keystone role-create --name=sysadmin
[keystone@opst-ky keystone]$ keystone role-create --name=netadmin

[keystone@opst-ky keystone]$ keystone role-list
| id                               | name                 |
|----------------------------------+----------------------|
| 0f3ccb94533f44d69816f3ce615499ca | KeystoneAdmin        |
| 149361074fc943b0a010cae2666f6a1c | netadmin             |
| 45855c93f8b7484f8f00c73b830e719f | Member               |
| 87782a629e8246e2a71e7ab7d8cadedc | sysadmin             |
| b8da27650f5b45bb9fce6183f0256a28 | KeystoneServiceAdmin |
| d6db3b3b678448ba84a334645ad9e4d1 | admin                |

■DBの確認

mysql> select * from role;
| id                               | name                 |
|----------------------------------+----------------------|
| d6db3b3b678448ba84a334645ad9e4d1 | admin                |
| 45855c93f8b7484f8f00c73b830e719f | Member               |
| 0f3ccb94533f44d69816f3ce615499ca | KeystoneAdmin        |
| b8da27650f5b45bb9fce6183f0256a28 | KeystoneServiceAdmin |
| 87782a629e8246e2a71e7ab7d8cadedc | sysadmin             |
| 149361074fc943b0a010cae2666f6a1c | netadmin             |


テナント、ユーザ、ロールの関連付け

この操作はユーザ、ロール、テナントのそれぞれのUIDを指定する必要がある。
export           ADMIN_USER=bd5158ed087948dc974028036e5f65dd
export            DEMO_USER=1ff2e19b2bf8449bba1f5fccce9f023d
export            NOVA_USER=b10e6c4b56b5454a9370de87ceb7759d
export          GLANCE_USER=61f8dc5df0fb48a2867078476cdd5b66
export           SWIFT_USER=5c68d3d474544a479f43b3d20d2a2caf

export           ADMIN_ROLE=d6db3b3b678448ba84a334645ad9e4d1
export          MEMBER_ROLE=45855c93f8b7484f8f00c73b830e719f
export        SYSADMIN_ROLE=87782a629e8246e2a71e7ab7d8cadedc
export        NETADMIN_ROLE=149361074fc943b0a010cae2666f6a1c
export   KEYSTONEADMIN_ROLE=0f3ccb94533f44d69816f3ce615499ca
export KEYSTONESERVICE_ROLE=b8da27650f5b45bb9fce6183f0256a28

export         ADMIN_TENANT=e3f5826b96f74985b5ad673de64e0afd
export          DEMO_TENANT=b38a3428d9b341bfbc9f616a28010e68
export         INVIS_TENANT=6e1a37166e2e413e9b12a2cc0ca20ca9
export       SERVICE_TENANT=0e60c80a5c3b4ff9a45c208486269f96
keystone user-role-add --user $ADMIN_USER  --role $ADMIN_ROLE           --tenant_id $ADMIN_TENANT
keystone user-role-add --user $DEMO_USER   --role $MEMBER_ROLE          --tenant_id $DEMO_TENANT
keystone user-role-add --user $DEMO_USER   --role $SYSADMIN_ROLE        --tenant_id $DEMO_TENANT
keystone user-role-add --user $DEMO_USER   --role $NETADMIN_ROLE        --tenant_id $DEMO_TENANT
keystone user-role-add --user $DEMO_USER   --role $MEMBER_ROLE          --tenant_id $INVIS_TENANT
keystone user-role-add --user $ADMIN_USER  --role $ADMIN_ROLE           --tenant_id $DEMO_TENANT
keystone user-role-add --user $ADMIN_USER  --role $KEYSTONEADMIN_ROLE   --tenant_id $ADMIN_TENANT
keystone user-role-add --user $ADMIN_USER  --role $KEYSTONESERVICE_ROLE --tenant_id $ADMIN_TENANT
keystone user-role-add --user $NOVA_USER   --role $ADMIN_ROLE           --tenant_id $SERVICE_TENANT
keystone user-role-add --user $GLANCE_USER --role $ADMIN_ROLE           --tenant_id $SERVICE_TENANT
keystone user-role-add --user $SWIFT_USER  --role $ADMIN_ROLE           --tenant_id $SERVICE_TENANT

■DBの確認


mysql> select * from metadata;
| user_id                          | tenant_id                        | data                                                                                                                    |
|----------------------------------+----------------------------------+-------------------------------------------------------------------------------------------------------------------------|
| bd5158ed087948dc974028036e5f65dd | e3f5826b96f74985b5ad673de64e0afd | {"roles": ["d6db3b3b678448ba84a334645ad9e4d1", "0f3ccb94533f44d69816f3ce615499ca", "b8da27650f5b45bb9fce6183f0256a28"]} |
| 1ff2e19b2bf8449bba1f5fccce9f023d | b38a3428d9b341bfbc9f616a28010e68 | {"roles": ["149361074fc943b0a010cae2666f6a1c", "45855c93f8b7484f8f00c73b830e719f", "87782a629e8246e2a71e7ab7d8cadedc"]} |
| 1ff2e19b2bf8449bba1f5fccce9f023d | 6e1a37166e2e413e9b12a2cc0ca20ca9 | {"roles": ["45855c93f8b7484f8f00c73b830e719f"]}                                                                         |
| bd5158ed087948dc974028036e5f65dd | b38a3428d9b341bfbc9f616a28010e68 | {"roles": ["d6db3b3b678448ba84a334645ad9e4d1"]}                                                                         |
| b10e6c4b56b5454a9370de87ceb7759d | 0e60c80a5c3b4ff9a45c208486269f96 | {"roles": ["d6db3b3b678448ba84a334645ad9e4d1"]}                                                                         |
| 61f8dc5df0fb48a2867078476cdd5b66 | 0e60c80a5c3b4ff9a45c208486269f96 | {"roles": ["d6db3b3b678448ba84a334645ad9e4d1"]}                                                                         |
| 5c68d3d474544a479f43b3d20d2a2caf | 0e60c80a5c3b4ff9a45c208486269f96 | {"roles": ["d6db3b3b678448ba84a334645ad9e4d1"]}                                                                         |

mysql> select * from user_tenant_membership;
| user_id                          | tenant_id                        |
|----------------------------------+----------------------------------|
| 1ff2e19b2bf8449bba1f5fccce9f023d | 6e1a37166e2e413e9b12a2cc0ca20ca9 |
| 1ff2e19b2bf8449bba1f5fccce9f023d | b38a3428d9b341bfbc9f616a28010e68 |
| 5c68d3d474544a479f43b3d20d2a2caf | 0e60c80a5c3b4ff9a45c208486269f96 |
| 61f8dc5df0fb48a2867078476cdd5b66 | 0e60c80a5c3b4ff9a45c208486269f96 |
| b10e6c4b56b5454a9370de87ceb7759d | 0e60c80a5c3b4ff9a45c208486269f96 |
| bd5158ed087948dc974028036e5f65dd | b38a3428d9b341bfbc9f616a28010e68 |
| bd5158ed087948dc974028036e5f65dd | e3f5826b96f74985b5ad673de64e0afd |


サービスの登録

サービスはdefault_catalog.templatesを参照して自動定義されるので登録は不要。


EC2クレデンシャルの登録

euca2oolsを利用するときに必要になる。

[keystone@opst-ky keystone]$ keystone ec2-credentials-create --tenant_id=$ADMIN_TENANT --user=$ADMIN_USER
| Property  | Value                            |
|-----------+----------------------------------|
| access    | cfe9fcf8f6414eb4b81fb380cd84688b |
| secret    | 626a34f0cca641d3b347850649969e5f |
| tenant_id | e3f5826b96f74985b5ad673de64e0afd |
| user_id   | bd5158ed087948dc974028036e5f65dd |

[keystone@opst-ky keystone]$ keystone ec2-credentials-create --tenant_id=$DEMO_TENANT --user=$DEMO_USER
| Property  | Value                            |
|-----------+----------------------------------|
| access    | b317a8e871a745409f53165cc50b3832 |
| secret    | 3e5b4054fd8340f68fef39a3c1bae9f8 |
| tenant_id | b38a3428d9b341bfbc9f616a28010e68 |
| user_id   | 1ff2e19b2bf8449bba1f5fccce9f023d |

■DBの確認

mysql> select * from ec2_credential;
| access                           | secret                           | user_id                          | tenant_id                        |
|----------------------------------+----------------------------------+----------------------------------+----------------------------------|
| cfe9fcf8f6414eb4b81fb380cd84688b | 626a34f0cca641d3b347850649969e5f | bd5158ed087948dc974028036e5f65dd | e3f5826b96f74985b5ad673de64e0afd |
| b317a8e871a745409f53165cc50b3832 | 3e5b4054fd8340f68fef39a3c1bae9f8 | 1ff2e19b2bf8449bba1f5fccce9f023d | b38a3428d9b341bfbc9f616a28010e68 |


動作確認

# curl -d '{"auth": {"tenantName": "admin", "passwordCredentials":{"username": "admin", "password": "admin" }}}' -H "Content-type:application/json" http://192.168.128.110:35357/v2.0/tokens | python -mjson.tool

% Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
106  2337  101  2337    0   107  11580    530 --:--:-- --:--:-- --:--:-- 13515
{
    "access": {   
        "serviceCatalog": [
            {
                "endpoints": [
                    {
                        "adminURL": "http://192.168.128.140:8774/v1.1/e3f5826b96f74985b5ad673de64e0afd",
                        "internalURL": "http://172.26.0.140:8774/v1.1/e3f5826b96f74985b5ad673de64e0afd",
                        "publicURL": "http://10.0.0.140:8774/v1.1/e3f5826b96f74985b5ad673de64e0afd",
                        "region": "RegionOne"
                    }
                ],
                "endpoints_links": [],
                "name": "Compute Service",
                "type": "compute"
            },
            {
                "endpoints": [
                    {
                        "adminURL": "http://192.168.128.120:9292/v1",
                        "internalURL": "http://172.26.0.120:9292/v1",
                        "publicURL": "http://10.0.0.120:9292/v1",
                        "region": "RegionOne"
                    }
                ],
                "endpoints_links": [],
                "name": "Image Service",
                "type": "image"
            },
            {
                "endpoints": [
                    {
                        "adminURL": "http://192.168.128.140:8776/v1/e3f5826b96f74985b5ad673de64e0afd",
                        "internalURL": "http://172.26.0.140:8776/v1/e3f5826b96f74985b5ad673de64e0afd",
                        "publicURL": "http://10.0.0.140:8776/v1/e3f5826b96f74985b5ad673de64e0afd",
                        "region": "RegionOne"
                    }
                ],
                "endpoints_links": [],
                "name": "Volume Service",
                "type": "volume"
            },

            {
                "endpoints": [
                    {
                        "adminURL": "http://192.168.128.140:8773/services/Admin",
                        "internalURL": "http://172.26.0.140:8773/services/Cloud",
                        "publicURL": "http://10.0.0.140:8773/services/Cloud",
                        "region": "RegionOne"
                    }
                ],
                "endpoints_links": [],
                "name": "EC2 Service",
                "type": "ec2"
            },
            {
                "endpoints": [
                    {
                        "adminURL": "http://192.168.128.130:8080/",
                        "internalURL": "http://172.26.0.130:8080/v1/AUTH_e3f5826b96f74985b5ad673de64e0afd",
                        "publicURL": "http://10.0.0.130:8080/v1/AUTH_e3f5826b96f74985b5ad673de64e0afd",
                        "region": "RegionOne"
                    }
                ],
                "endpoints_links": [],
                "name": "Swift Service",
                "type": "object-store"
            },
            {
                "endpoints": [
                    {
                        "adminURL": "http://192.168.128.110:35357/v2.0",
                        "internalURL": "http://172.26.0.110:5000/v2.0",
                        "publicURL": "http://10.0.0.110:5000/v2.0",
                        "region": "RegionOne"
                    }
                ],
                "endpoints_links": [],
                "name": "Identity Service",
                "type": "identity"
            }
        ],
        "token": {
            "expires": "2012-04-16T14:34:13Z",
            "id": "114041dfc6b5456e96db002a68b525f3",
            "tenant": {
                "description": null,
                "enabled": true,
                "id": "e3f5826b96f74985b5ad673de64e0afd",
                "name": "admin"
            }

        },
        "user": { 
            "id": "bd5158ed087948dc974028036e5f65dd",
            "name": "admin",
            "roles": [
                { 
                    "id": "d6db3b3b678448ba84a334645ad9e4d1",
                    "name": "admin"
                },
                { 
                    "id": "0f3ccb94533f44d69816f3ce615499ca",
                    "name": "KeystoneAdmin"
                },
                { 
                    "id": "b8da27650f5b45bb9fce6183f0256a28",
                    "name": "KeystoneServiceAdmin"
                } 
            ],
            "roles_links": [],
            "username": "admin"
        }
    }
}

1 件のコメント:

Roja Priya さんのコメント...

This information is impressive; I am inspired by your post writing style & how continuously you describe this topic. After reading your post, thanks for taking the time to discuss this, I feel happy about it and I love learning more about this topic.

best openstack training in chennai | openstack course fees in chennai | openstack certification in chennai | redhat openstack training in chennai

コメントを投稿