Swift中配置Keystone服务(转)
Swift中配置Keystone服务
初始化工作
#后台启动Keystone服务
#keystone-all>/var/keystone-all/start.log 2>&1 &
设置环境变量
exportSERVICE_TOKEN=ADMIN
exportSERVICE_ENDPOINT=http://172.20.8.129:35357/v2.0
一、配置Keystone及Swift服务
1)配置Keystone服务,设置环境变量:
exportKEYSTONE_IP=172.20.8.129
exportKEYSTONE_PUBLIC_URL="http://$KEYSTONE_IP:5000/v2.0"
exportKEYSTONE_ADMIN_URL="http://$KEYSTONE_IP:35357/v2.0"
exportKEYSTONE_INTERNAL_URL=$KEYSTONE_PUBLIC_URL
# 创建keystone Identity Service
keystoneservice-create --name=keystone --type=identity --description="OpenStackIdentity Service"
执行命令后会产生一个service_id,假设service_id=123(假设);
# 创建keystone Identity Service Endpoint
keystoneendpoint-create --region regionOne --service_id 123 --publicurl$KEYSTONE_PUBLIC_URL --adminurl $KEYSTONE_ADMIN_URL --internal$KEYSTONE_INTERNAL_URL
2)配置Swift服务,设置环境变量:
exportSWIFT_IP=172.20.8.121
exportSWIFT_PUBLIC_URL="http://$SWIFT_IP/v1/AUTH_%(tenant_id)s"
exportSWIFT_ADMIN_URL="http://$SWIFT_IP/v1"
exportSWIFT_INTERNAL_URL=$SWIFT_PUBLIC_URL
# 创建Swift Storage Service
keystoneservice-create --name=swift --type=object-store --description="OpenStorage Service"
# 创建Proxy 1 Endpoint
keystoneendpoint-create --region regionOne --service_id3cd9d851838b45bfa7d5588c93c4c71f --publicurl $SWIFT_PUBLIC_URL --adminurl$SWIFT_ADMIN_URL --internal $SWIFT_INTERNAL_URL
二、测试:
1)初始化数据
# 创建租户
keystonetenant-create --name admin
# 创建角色
keystonerole-create --name admin
# 创建用户
keystoneuser-create --name admin --tenant_id 2547c154c94445939a750593b45a4873 --passadmin --email=yulai_li@163.com --enable=true
# 设置角色
keystoneuser-role-add --user_id=fdc90e350d66432a93ae0f8d9fe2d6bb--role_id=bbfe944287a640988171097cf4973886--tenant_id=2547c154c94445939a750593b45a4873
2)模拟浏览器请求测试:
# 获得token
curl -d'{"auth": {"tenantName": "admin", "passwordCredentials":{"username":"admin", "password": "admin"}}}' -H"Content-type: application/json"http://172.20.8.129:35357/v2.0/tokens | python -mjson.tool
# 访问account
curl -H"X-Auth-Token:75179a453b9f4bd88192ddf4267d8ee8" http://172.20.8.121/v1/AUTH_63f3d948ce8a4570b3f3958757e81667
三、附录
Restfull Api 初始化数据:
# 创建租户
curl -H"X-Auth-Token:81d84096ec694dbd904cab0963f50a90" -H"Content-type: application/json" -d'{"tenant":{"name":"urlTenant","description":"create by admin","enabled":true}}' http://172.20.8.129:35357/v2.0/tenants
# 创建用户
curl -H"X-Auth-Token:XXX" -H "Content-type: application/json" \
-d'{"user":{"name":"XXX","email":"alex.i@coolcloudz.com","enabled":true,"password":"admin","tenantId":"960c1e61371a41689689789aed0f2a43"}}'http://172.20.8.129:35357/v2.0/users
#设置角色tenants/%s/users/%s/roles/OS-KSADM/%s
curl -H"X-Auth-Token:3ada76d3fa404c7c8fd255b58f20a483" -H"Content-type: application/json" \
http://172.20.8.129:35357/v2.0/tenants/960c1e61371a41689689789aed0f2a43/users/XXX/roles/OS-KSADM/bbfe944287a640988171097cf4973886-X PUT