Init keystone data step by step ( by quqi99 )

现在的位置: 首页 > 综合 > 正文

Init keystone data step by step ( by quqi99 )

2014年02月26日 ⁄ 综合 ⁄ 共 7604字 ⁄ 字号小中大 ⁄ 评论关闭

Init keystone data step by step ( by quqi99 )

作者：张华发表于：2013-01-02
版权声明：可以任意转载，转载时请务必以超链接形式标明文章原始出处和作者信息及本版权声明

( http://blog.csdn.net/quqi99 )

8.1 Create the services:
        COMPUTE_ID=$(keystone service-create --name=nova --type=compute --description="Nova Compute Service" |awk -F "|" '$2 ~ /id/ {print $3}')
   keystone service-create --name nova-volume --type volume --description 'OpenStack Nova Volume Service'
   keystone service-create --name glance --type image --description 'OpenStack Image Service'
   keystone service-create --name keystone --type identity --description 'OpenStack Identity Service'
   keystone service-create --name quantum --type network --description 'Openstack Network Service'

   8.2 Create the endpoints:
        IDENTITY_ID=70490f9d704e4c368e697126c771e250
        COMPUTE_ID=5c4fd5fb7b054ce4af29ac4c17b7bee0
        VOLUME_ID=d0e33c89f72b4cffa2738a6e0ffb1828
        IMAGE_ID=7955a55492064fa8b70783616688f881
        NETWORD_ID=08c9dda3576347c49290eebebb7a39cb
        keystone endpoint-create --region=RegionOne --service_id=$IDENTITY_ID --publicurl='http://node1:$(public_port)s/v2.0' --internalurl='http://node1:$(public_port)s/v2.0' --adminurl='http://node1:$(admin_port)s/v2.0'
        keystone endpoint-create --region=RegionOne --service_id=$COMPUTE_ID --publicurl='http://node1:$(compute_port)s/v1.1/$(tenant_id)s' --internalurl='http://node1:$(compute_port)s/v1.1/$(tenant_id)s' --adminurl='http://node1:$(compute_port)s/v1.1/$(tenant_id)s'
        keystone endpoint-create --region=RegionOne --service_id=$VOLUME_ID --publicurl='http://node1:8776/v1/$(tenant_id)s' --internalurl='http://node1:8776/v1/$(tenant_id)s' --adminurl='http://node1:8776/v1/$(tenant_id)s'
        keystone endpoint-create --region=RegionOne --service_id=$IMAGE_ID --publicurl='http://node1:9292/v1' --internalurl='http://node1:9292/v1' --adminurl='http://node1:9292/v1'
        keystone endpoint-create --region=RegionOne --service_id=$NETWORD_ID --publicurl='http://node1:9696/' --internalurl='http://node1:9696/' --adminurl='http://node1:9696/'

   8.3 You can use following scripts to create admin user:
        SERVICE_TOKEN=ADMIN
   ADMIN_PASSWORD=password
   SERVICE_ENDPOINT=http://node1:35357/v2.0
   export SERVICE_TOKEN=$SERVICE_TOKEN
   export SERVICE_ENDPOINT=$SERVICE_ENDPOINT

   function get_id(){
      echo`$@ |grep id |awk '{print$4}'`
   }

   ADMIN_TENANT=`get_id keystonetenant-create --name=admin`
   ADMIN_USER=`get_id keystoneuser -create --name=admin --pass="$ADMIN_PASSWORD" --email=admin@example.com`
   ADMIN_ROLE=`get_id keystonerole -create --name=admin`
   KEYSTONESERVICE_ROLE=`get_id keystonerole -create --name=KeystoneServiceAdmin`
   keystone user-role-add --user-id $ADMIN_USER --role-id $ADMIN_ROLE --tenant_id $ADMIN_TENANT
   keystone user-role-add --user-id $ADMIN_USER --role-id $KEYSTONESERVICE_ROLE --tenant_id$ADMIN_TENANT
   echo$?

Or you can do it step by step as bellow:

       8.3.1 Create the roles:
       keystone role-create --name KeystoneServiceAdmin
       keystone role-create --name Admin
       keystone role-create --name Member
       keystone role-create --name sysadmin
       keystone role-create --name netadmin
       8.3.2 Create users and tenants, one user can visit multi tenants, admin user can visit all tenants.
       keystone tenant-create --name admin
       keystone tenant-create --name tenant1
       keystone tenant-create --name tenant2
       keystone user-create --name admin --tenant_id cfdf5ed5e5b44d04a608627775a8c5ed --pass password --email admin@cn.ibm.com --enabled true
       keystone user-create --name hua --tenant_id 82f45edf672b4d9280b59a046d906ef9 --pass password --email hua@cn.ibm.com --enabled true
       Note: for another tenant of user hua, we will associate using following command in the bellow:
       keystone user-role-add --user-id 10b10ece31cb4617ac36dac10249791c --role-id 0e79b691e5934e2ab41882f931fa8b7d --tenant_id=0215ab0266c54f578d34614d01a7d05d

       8.3.3 Only admin user can manage keystone, so need add the KeystoneServiceAdmin role to the admin user for each tenant:
          keystone user-role-add --user-id 198cb7a91a5d4e03b959924a16bf2fc9 --role-id 5beddbed11c6457989ef29295a3b6a05 --tenant_id=0215ab0266c54f578d34614d01a7d05d
          keystone user-role-add --user-id 198cb7a91a5d4e03b959924a16bf2fc9 --role-id 5beddbed11c6457989ef29295a3b6a05 --tenant_id=82f45edf672b4d9280b59a046d906ef9
          keystone user-role-add --user-id 198cb7a91a5d4e03b959924a16bf2fc9 --role-id 5beddbed11c6457989ef29295a3b6a05 --tenant_id=cfdf5ed5e5b44d04a608627775a8c5ed
       8.3.4 Add the Admin role to the admin user for each tenant:
          keystone user-role-add --user-id 198cb7a91a5d4e03b959924a16bf2fc9 --role-id 968b63e22684429fa3e66d99865038c4 --tenant_id=0215ab0266c54f578d34614d01a7d05d
          keystone user-role-add --user-id 198cb7a91a5d4e03b959924a16bf2fc9 --role-id 968b63e22684429fa3e66d99865038c4 --tenant_id=82f45edf672b4d9280b59a046d906ef9
          keystone user-role-add --user-id 198cb7a91a5d4e03b959924a16bf2fc9 --role-id 968b63e22684429fa3e66d99865038c4 --tenant_id=cfdf5ed5e5b44d04a608627775a8c5ed
       8.3.5 The common user hua have two tenants, should add the Member role to the hua user for each tenant:
          keystone user-role-add --user-id 10b10ece31cb4617ac36dac10249791c --role-id 0e79b691e5934e2ab41882f931fa8b7d --tenant_id=0215ab0266c54f578d34614d01a7d05d
          keystone user-role-add --user-id 10b10ece31cb4617ac36dac10249791c --role-id 0e79b691e5934e2ab41882f931fa8b7d --tenant_id=82f45edf672b4d9280b59a046d906ef9

【上篇】国培阶段性学习总结
【下篇】华尔街三原则”

作者: chromatic

该日志由 chromatic 于10年前发表在综合分类下，最后更新于 2014年02月26日.
转载请注明: Init keystone data step by step ( by quqi99 ) | 学步园 +复制链接

抱歉!评论已关闭.

学步园