Swift中配置Keystone服務
初始化工作
#後臺啟動Keystone服務
#keystone-all>/var/keystone-all/start.log 2>&1 &
設定環境變數
exportSERVICE_TOKEN=ADMIN
exportSERVICE_ENDPOINT=http://172.20.8.129:35357/v2.0
一、配置Keystone及Swift服務
1)配置Keystone服務,設定環境變數:
exportKEYSTONE_IP=172.20.8.129
exportKEYSTONE_PUBLIC_URL="http://$KEYSTONE_IP:5000/v2.0"
exportKEYSTONE_ADMIN_URL="http://$KEYSTONE_IP:35357/v2.0"
exportKEYSTONE_INTERNAL_URL=$KEYSTONE_PUBLIC_URL
# 建立keystone Identity Service
keystoneservice-create --name=keystone --type=identity --description="OpenStackIdentity Service"
執行命令後會產生一個service_id,假設service_id=123(假設);
# 建立keystone Identity Service Endpoint
keystoneendpoint-create --region regionOne --service_id 123 --publicurl$KEYSTONE_PUBLIC_URL --adminurl $KEYSTONE_ADMIN_URL --internal$KEYSTONE_INTERNAL_URL
2)配置Swift服務,設定環境變數:
exportSWIFT_IP=172.20.8.121
exportSWIFT_PUBLIC_URL="http://$SWIFT_IP/v1/AUTH_%(tenant_id)s"
exportSWIFT_ADMIN_URL="http://$SWIFT_IP/v1"
exportSWIFT_INTERNAL_URL=$SWIFT_PUBLIC_URL
# 建立Swift Storage Service
keystoneservice-create --name=swift --type=object-store --description="OpenStorage Service"
# 建立Proxy 1 Endpoint
keystoneendpoint-create --region regionOne --service_id3cd9d851838b45bfa7d5588c93c4c71f --publicurl $SWIFT_PUBLIC_URL --adminurl$SWIFT_ADMIN_URL --internal $SWIFT_INTERNAL_URL
二、測試:
1)初始化資料
# 建立租戶
keystonetenant-create --name admin
# 建立角色
keystonerole-create --name admin
# 建立使用者
keystoneuser-create --name admin --tenant_id 2547c154c94445939a750593b45a4873 --passadmin --email=yulai_li@163.com --enable=true
# 設定角色
keystoneuser-role-add --user_id=fdc90e350d66432a93ae0f8d9fe2d6bb--role_id=bbfe944287a640988171097cf4973886--tenant_id=2547c154c94445939a750593b45a4873
2)模擬瀏覽器請求測試:
# 獲得token
curl -d'{"auth": {"tenantName": "admin", "passwordCredentials":{"username":"admin", "password": "admin"}}}' -H"Content-type: application/json"http://172.20.8.129:35357/v2.0/tokens | python -mjson.tool
# 訪問account
curl -H"X-Auth-Token:75179a453b9f4bd88192ddf4267d8ee8" http://172.20.8.121/v1/AUTH_63f3d948ce8a4570b3f3958757e81667
三、附錄
Restfull Api 初始化資料:
# 建立租戶
curl -H"X-Auth-Token:81d84096ec694dbd904cab0963f50a90" -H"Content-type: application/json" -d'{"tenant":{"name":"urlTenant","description":"create by admin","enabled":true}}' http://172.20.8.129:35357/v2.0/tenants
# 建立使用者
curl -H"X-Auth-Token:XXX" -H "Content-type: application/json" \
-d'{"user":{"name":"XXX","email":"alex.i@coolcloudz.com","enabled":true,"password":"admin","tenantId":"960c1e61371a41689689789aed0f2a43"}}'http://172.20.8.129:35357/v2.0/users
#設定角色tenants/%s/users/%s/roles/OS-KSADM/%s
curl -H"X-Auth-Token:3ada76d3fa404c7c8fd255b58f20a483" -H"Content-type: application/json" \
http://172.20.8.129:35357/v2.0/tenants/960c1e61371a41689689789aed0f2a43/users/XXX/roles/OS-KSADM/bbfe944287a640988171097cf4973886-X PUT