Kilo 版 Keystone 数据库结构
在安装完keystone并利用keystone-manage命令同步数据库后,mysql(我使用的存储后端)中新加了如下表:
+------------------------+
| Tables_in_keystone |
+------------------------+
| access_token |
| assignment |
| consumer |
| credential |
| domain |
| endpoint |
| endpoint_group |
| federation_protocol |
| group |
| id_mapping |
| identity_provider |
| idp_remote_ids |
| mapping |
| migrate_version |
| policy |
| policy_association |
| project |
| project_endpoint |
| project_endpoint_group |
| region |
| request_token |
| revocation_event |
| role |
| sensitive_config |
| service |
| service_provider |
| token |
| trust |
| trust_role |
| user |
| user_group_membership |
| whitelisted_config |
+------------------------+
对它们进行分类,按照创建它们的代码所属的模块:
1. federation扩展
federation_protocol
identity_provider
service_provider
idp_remote_ids
mapping
2. oauth1扩展
access_token
consumer
request_token
3. endpoint_filter扩展
endpoint_group
project_endpoint
project_endpoint_group
4. endpoint_policy扩展
policy_association
5. revoke扩展
revocation_event
6. assignment
assignment
role
7. catalog
region
service
endpoint
8. credential
credential
9. identity
user
group
user_group_membership
id_mapping
10.policy
policy
11. resource
domain
project
whitelisted_config
sensitive_config
12. token
token
13. trust
trust
trust_role
14.
migrate_version
明细
1.1 federation_protocol:
+------------+-------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+------------+-------------+------+-----+---------+-------+
| id | varchar(64) | NO | PRI | NULL | |
| idp_id | varchar(64) | NO | PRI | NULL | |
| mapping_id | varchar(64) | NO | | NULL | |
+------------+-------------+------+-----+---------+-------+
1.2 identity_provider:
+-------------+-------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+-------------+-------------+------+-----+---------+-------+
| id | varchar(64) | NO | PRI | NULL | |
| enabled | tinyint(1) | NO | | NULL | |
| description | text | YES | | NULL | |
+-------------+-------------+------+-----+---------+-------+
1.3 service_provider:
+--------------------+--------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+--------------------+--------------+------+-----+---------+-------+
| auth_url | varchar(256) | NO | | NULL | |
| id | varchar(64) | NO | PRI | NULL | |
| enabled | tinyint(1) | NO | | NULL | |
| description | text | YES | | NULL | |
| sp_url | varchar(256) | NO | | NULL | |
| relay_state_prefix | varchar(256) | NO | | ss:mem: | |
+--------------------+--------------+------+-----+---------+-------+
1.4 idp_remote_ids
+-----------+--------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+-----------+--------------+------+-----+---------+-------+
| idp_id | varchar(64) | YES | MUL | NULL | |
| remote_id | varchar(255) | NO | PRI | NULL | |
+-----------+--------------+------+-----+---------+-------+
1.5 mapping:
+-------+-------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+-------+-------------+------+-----+---------+-------+
| id | varchar(64) | NO | PRI | NULL | |
| rules | text | NO | | NULL | |
+-------+-------------+------+-----+---------+-------+
2.1 access_token
+---------------------+-------------+------+-----+---------+-------+ | Field | Type | Null | Key | Default | Extra | +---------------------+-------------+------+-----+---------+-------+ | id | varchar(64) | NO | PRI | NULL | | | access_secret | varchar(64) | NO | | NULL | | | authorizing_user_id | varchar(64) | NO | MUL | NULL | | | project_id | varchar(64) | NO | | NULL | | | role_ids | text | NO | | NULL | | | consumer_id | varchar(64) | NO | MUL | NULL | | | expires_at | varchar(64) | YES | | NULL | | +---------------------+-------------+------+-----+---------+-------+
2.2 consumer:
+-------------+-------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+-------------+-------------+------+-----+---------+-------+
| id | varchar(64) | NO | PRI | NULL | |
| description | varchar(64) | YES | | NULL | |
| secret | varchar(64) | NO | | NULL | |
| extra | text | NO | | NULL | |
+-------------+-------------+------+-----+---------+-------+
2.3 request_token:
+----------------------+-------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+----------------------+-------------+------+-----+---------+-------+
| id | varchar(64) | NO | PRI | NULL | |
| request_secret | varchar(64) | NO | | NULL | |
| verifier | varchar(64) | YES | | NULL | |
| authorizing_user_id | varchar(64) | YES | | NULL | |
| requested_project_id | varchar(64) | NO | | NULL | |
| role_ids | text | YES | | NULL | |
| consumer_id | varchar(64) | NO | MUL | NULL | |
| expires_at | varchar(64) | YES | | NULL | |
+----------------------+-------------+------+-----+---------+-------+
3.1 endpoint_group:
+-------------+--------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+-------------+--------------+------+-----+---------+-------+
| id | varchar(64) | NO | PRI | NULL | |
| name | varchar(255) | NO | | NULL | |
| description | text | YES | | NULL | |
| filters | text | NO | | NULL | |
+-------------+--------------+------+-----+---------+-------+
3.2 project_endpoint:
+-------------+-------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+-------------+-------------+------+-----+---------+-------+
| endpoint_id | varchar(64) | NO | PRI | NULL | |
| project_id | varchar(64) | NO | PRI | NULL | |
+-------------+-------------+------+-----+---------+-------+
3.3 project_endpoint_group:
+-------------------+-------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+-------------------+-------------+------+-----+---------+-------+
| endpoint_group_id | varchar(64) | NO | PRI | NULL | |
| project_id | varchar(64) | NO | PRI | NULL | |
+-------------------+-------------+------+-----+---------+-------+
4 policy_association:
+-------------+-------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+-------------+-------------+------+-----+---------+-------+
| id | varchar(64) | NO | PRI | NULL | |
| policy_id | varchar(64) | NO | | NULL | |
| endpoint_id | varchar(64) | YES | MUL | NULL | |
| service_id | varchar(64) | YES | | NULL | |
| region_id | varchar(64) | YES | | NULL | |
+-------------+-------------+------+-----+---------+-------+
5. revocation_event:
+-----------------+-------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+-----------------+-------------+------+-----+---------+-------+
| id | varchar(64) | NO | PRI | NULL | |
| domain_id | varchar(64) | YES | | NULL | |
| project_id | varchar(64) | YES | | NULL | |
| user_id | varchar(64) | YES | | NULL | |
| role_id | varchar(64) | YES | | NULL | |
| trust_id | varchar(64) | YES | | NULL | |
| consumer_id | varchar(64) | YES | | NULL | |
| access_token_id | varchar(64) | YES | | NULL | |
| issued_before | datetime | NO | | NULL | |
| expires_at | datetime | YES | | NULL | |
| revoked_at | datetime | NO | MUL | NULL | |
| audit_id | varchar(32) | YES | | NULL | |
| audit_chain_id | varchar(32) | YES | | NULL | |
+-----------------+-------------+------+-----+---------+-------+
6.1 assignment:
+-----------+---------------------------------------------------------------+------+-----+---------+-------+ | Field | Type | Null | Key | Default | Extra | +-----------+---------------------------------------------------------------+------+-----+---------+-------+ | type | enum('UserProject','GroupProject','UserDomain','GroupDomain') | NO | PRI | NULL | | | actor_id | varchar(64) | NO | PRI | NULL | | | target_id | varchar(64) | NO | PRI | NULL | | | role_id | varchar(64) | NO | PRI | NULL | | | inherited | tinyint(1) | NO | | NULL | | +-----------+---------------------------------------------------------------+------+-----+---------+-------+
6.2 role:
+-------+--------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+-------+--------------+------+-----+---------+-------+
| id | varchar(64) | NO | PRI | NULL | |
| name | varchar(255) | NO | UNI | NULL | |
| extra | text | YES | | NULL | |
+-------+--------------+------+-----+---------+-------+
7.1 region:
+------------------+--------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+------------------+--------------+------+-----+---------+-------+
| id | varchar(255) | NO | PRI | NULL | |
| description | varchar(255) | NO | | NULL | |
| parent_region_id | varchar(255) | YES | | NULL | |
| extra | text | YES | | NULL | |
+------------------+--------------+------+-----+---------+-------+
7.2 service:
+---------+--------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+---------+--------------+------+-----+---------+-------+
| id | varchar(64) | NO | PRI | NULL | |
| type | varchar(255) | YES | | NULL | |
| enabled | tinyint(1) | NO | | 1 | |
| extra | text | YES | | NULL | |
+---------+--------------+------+-----+---------+-------+
7.3 endpoint
+--------------------+--------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+--------------------+--------------+------+-----+---------+-------+
| id | varchar(64) | NO | PRI | NULL | |
| legacy_endpoint_id | varchar(64) | YES | | NULL | |
| interface | varchar(8) | NO | | NULL | |
| service_id | varchar(64) | NO | MUL | NULL | |
| url | text | NO | | NULL | |
| extra | text | YES | | NULL | |
| enabled | tinyint(1) | NO | | 1 | |
| region_id | varchar(255) | YES | MUL | NULL | |
+--------------------+--------------+------+-----+---------+-------+
8. credential:
+------------+--------------+------+-----+---------+-------+ | Field | Type | Null | Key | Default | Extra | +------------+--------------+------+-----+---------+-------+ | id | varchar(64) | NO | PRI | NULL | | | user_id | varchar(64) | NO | | NULL | | | project_id | varchar(64) | YES | | NULL | | | blob | text | NO | | NULL | | | type | varchar(255) | NO | | NULL | | | extra | text | YES | | NULL | | +------------+--------------+------+-----+---------+-------+
9.1 user:
+--------------------+--------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+--------------------+--------------+------+-----+---------+-------+
| id | varchar(64) | NO | PRI | NULL | |
| name | varchar(255) | NO | | NULL | |
| extra | text | YES | | NULL | |
| password | varchar(128) | YES | | NULL | |
| enabled | tinyint(1) | YES | | NULL | |
| domain_id | varchar(64) | NO | MUL | NULL | |
| default_project_id | varchar(64) | YES | | NULL | |
+--------------------+--------------+------+-----+---------+-------+
9.2 group:
这张表的名称“group”和SQL关键字相同,因此查看的时候需要指定它是keystone.group。
+-------------+-------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+-------------+-------------+------+-----+---------+-------+
| id | varchar(64) | NO | PRI | NULL | |
| domain_id | varchar(64) | NO | MUL | NULL | |
| name | varchar(64) | NO | | NULL | |
| description | text | YES | | NULL | |
| extra | text | YES | | NULL | |
+-------------+-------------+------+-----+---------+-------+
9.3 user_group_membership:
+----------+-------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+----------+-------------+------+-----+---------+-------+
| user_id | varchar(64) | NO | PRI | NULL | |
| group_id | varchar(64) | NO | PRI | NULL | |
+----------+-------------+------+-----+---------+-------+
9.4 id_mapping:
+-------------+----------------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+-------------+----------------------+------+-----+---------+-------+
| public_id | varchar(64) | NO | PRI | NULL | |
| domain_id | varchar(64) | NO | MUL | NULL | |
| local_id | varchar(64) | NO | | NULL | |
| entity_type | enum('user','group') | NO | | NULL | |
+-------------+----------------------+------+-----+---------+-------+
10. policy:
+-------+--------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+-------+--------------+------+-----+---------+-------+
| id | varchar(64) | NO | PRI | NULL | |
| type | varchar(255) | NO | | NULL | |
| blob | text | NO | | NULL | |
| extra | text | YES | | NULL | |
+-------+--------------+------+-----+---------+-------+
11.1 domain:
+---------+-------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+---------+-------------+------+-----+---------+-------+
| id | varchar(64) | NO | PRI | NULL | |
| name | varchar(64) | NO | UNI | NULL | |
| enabled | tinyint(1) | NO | | NULL | |
| extra | text | YES | | NULL | |
+---------+-------------+------+-----+---------+-------+
11.2 project:
+-------------+-------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+-------------+-------------+------+-----+---------+-------+
| id | varchar(64) | NO | PRI | NULL | |
| name | varchar(64) | NO | | NULL | |
| extra | text | YES | | NULL | |
| description | text | YES | | NULL | |
| enabled | tinyint(1) | YES | | NULL | |
| domain_id | varchar(64) | NO | MUL | NULL | |
| parent_id | varchar(64) | YES | MUL | NULL | |
+-------------+-------------+------+-----+---------+-------+
11.3 whitelisted_config:
+-----------+--------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+-----------+--------------+------+-----+---------+-------+
| domain_id | varchar(64) | NO | PRI | NULL | |
| group | varchar(255) | NO | PRI | NULL | |
| option | varchar(255) | NO | PRI | NULL | |
| value | text | NO | | NULL | |
+-----------+--------------+------+-----+---------+-------+
11.4 sensitive_config:
+-----------+--------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+-----------+--------------+------+-----+---------+-------+
| domain_id | varchar(64) | NO | PRI | NULL | |
| group | varchar(255) | NO | PRI | NULL | |
| option | varchar(255) | NO | PRI | NULL | |
| value | text | NO | | NULL | |
+-----------+--------------+------+-----+---------+-------+
12. token:
+----------+-------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+----------+-------------+------+-----+---------+-------+
| id | varchar(64) | NO | PRI | NULL | |
| expires | datetime | YES | MUL | NULL | |
| extra | text | YES | | NULL | |
| valid | tinyint(1) | NO | | NULL | |
| trust_id | varchar(64) | YES | MUL | NULL | |
| user_id | varchar(64) | YES | MUL | NULL | |
+----------+-------------+------+-----+---------+-------+
13.1 trust:
+-----------------+-------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+-----------------+-------------+------+-----+---------+-------+
| id | varchar(64) | NO | PRI | NULL | |
| trustor_user_id | varchar(64) | NO | | NULL | |
| trustee_user_id | varchar(64) | NO | | NULL | |
| project_id | varchar(64) | YES | | NULL | |
| impersonation | tinyint(1) | NO | | NULL | |
| deleted_at | datetime | YES | | NULL | |
| expires_at | datetime | YES | | NULL | |
| remaining_uses | int(11) | YES | | NULL | |
| extra | text | YES | | NULL | |
+-----------------+-------------+------+-----+---------+-------+
13.2 trust_role:
+----------+-------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+----------+-------------+------+-----+---------+-------+
| trust_id | varchar(64) | NO | PRI | NULL | |
| role_id | varchar(64) | NO | PRI | NULL | |
+----------+-------------+------+-----+---------+-------+
14. migrate_version:
+-----------------+--------------+------+-----+---------+-------+ | Field | Type | Null | Key | Default | Extra | +-----------------+--------------+------+-----+---------+-------+ | repository_id | varchar(250) | NO | PRI | NULL | | | repository_path | mediumtext | YES | | NULL | | | version | int(11) | YES | | NULL | | +-----------------+--------------+------+-----+---------+-------+
