创建domain
[root@cc01 ~]# openstack domain create --description "Default Domain" default +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | Default Domain | | enabled | True | | id | 011fbf8c04f1479ab1a4e49b019b22d1 | | name | default | +-------------+----------------------------------+
一、租户管理
创建租户
[root@cc10 ~]# openstack project create --domain default --description "hzbtest Project" hzbtest +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | hzbtest Project | | domain_id | default | | enabled | True | | id | a18a50c3e0204fd9841751f0dbe93d66 | | is_domain | False | | name | hzbtest | | parent_id | default | +-------------+----------------------------------+
修改租户属性(以修改enabled和name为例子)
openstack project set --disable --name=hzbtest2 hzbtest
[root@cc10 ~]# openstack project show hzbtest2 +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | hzbtest Project | | domain_id | default | | enabled | False | | id | a18a50c3e0204fd9841751f0dbe93d66 | | is_domain | False | | name | hzbtest2 | | parent_id | default | +-------------+----------------------------------+
删除租户
openstack project delete hzbtest2
查询租户列表
[root@cc01 ~]# openstack project list
+----------------------------------+--------------------+
| ID | Name |
+----------------------------------+--------------------+ |
| 91550f3ddf5940ea9a9d17daaf6d1f5e | admin |
查看租户详情:
[root@cc01 ~]# openstack project show admin +-------------+-----------------------------------------------+ | Field | Value | +-------------+-----------------------------------------------+ | description | Bootstrap project for initializing the cloud. | | domain_id | default | | enabled | True | | id | 91550f3ddf5940ea9a9d17daaf6d1f5e | | is_domain | False | | name | admin | | parent_id | default | +-------------+-----------------------------------------------+
二、用户管理
创建用户
[root@cc10 ~]# openstack user create --domain default --password-prompt hzbtest User Password: Repeat User Password: +-----------+----------------------------------+ | Field | Value | +-----------+----------------------------------+ | domain_id | default | | enabled | True | | id | a51a551644ed42ad84d7580be91f7fae | | name | hzbtest | +-----------+----------------------------------+
查看用户详情
[root@cc10 ~]# openstack user show hzbtest +-----------+----------------------------------+ | Field | Value | +-----------+----------------------------------+ | domain_id | default | | enabled | True | | id | a51a551644ed42ad84d7580be91f7fae | | name | hzbtest | +-----------+----------------------------------+
更新用户信息
usage: openstack user set [-h] [--name <name>] [--project <project>] [--project-domain <project-domain>] [--password <password>] [--password-prompt] [--email <email-address>] [--description <description>] [--enable | --disable] <user>
[root@cc10 ~]# openstack user set --email=hzbtest@qq.com --description=xxx --password=12345678 hzbtest [root@cc10 ~]# openstack user show hzbtest +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | xxx | | domain_id | default | | email | hzbtest@qq.com | | enabled | True | | id | a51a551644ed42ad84d7580be91f7fae | | name | hzbtest | +-------------+----------------------------------+
删除用户
openstack user delete hzbtest
查询用户列表
[root@cc01 ~]# openstack user list
+----------------------------------+---------------------------+
| ID | Name |
+----------------------------------+---------------------------+
| 01eef5e310e141cc8a3687dabc643676 | test_user |
查询某一租户下的所有用户
[root@cc01 ~]# openstack user list --project=admin
+----------------------------------+------------------+
| ID | Name |
+----------------------------------+------------------+
| f05b4e3b6585429e98f178934d71ae3e | admin |
| 99955f8cefeb4a6f945e06ec3f424b5d | pulsar@admin.com |
| 01eef5e310e141cc8a3687dabc643676 | test_user |
| 6e6d64905b0f419daaf424f678733dec | test123409 |
+----------------------------------+------------------+
三、角色管理
创建角色
[root@cc10 ~]# openstack role create hzb-role
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | None |
| id | 72744157e8ad4267ae7b8ffc4c00fb03 |
| name | hzb-role |
+-----------+----------------------------------+
角色相关的方法
[root@cc10 ~]# openstack role --help Command "role" matches: role add role assignment list role create role delete role list role remove role set role show
将租户和用户加入到角色
openstack role add --project hzbtest --user hzbtest hzb-role
查看租户和用户的关系
[root@cc10 ~]# openstack role assignment list --user=hzbtest
+----------------------------------+----------------------------------+-------+----------------------------------+--------+-----------+
| Role | User | Group | Project | Domain | Inherited |
+----------------------------------+----------------------------------+-------+----------------------------------+--------+-----------+
| 72744157e8ad4267ae7b8ffc4c00fb03 | a51a551644ed42ad84d7580be91f7fae | | a21daa122cb54ca68fdcfeaad843c081 | | False |
+----------------------------------+----------------------------------+-------+----------------------------------+--------+-----------+
将role移除租户和用户
openstack role remove --user=hzbtest --project=hzbtest hzb-role