创建租间、用户、角色
一、To configure prerequisites
1.Configure the authentication token:
export OS_TOKEN=ADMIN_TOKEN
Replace ADMIN_TOKEN with the authentication token
2.Configure the endpoint URL:
export OS_URL=http://controller:35357/v2.0
二、To create the service entity and API endpoint
1.The Identity service manages a catalog of services in your OpenStack environment. Services use this catalog to determine the other services available in your environment.
openstack service create --name keystone --description "OpenStack Identity" identity
2.The Identity service manages a catalog of API endpoints associated with the services in your OpenStack environment. Services use this catalog to determine how to communicate with other services in your environment.
openstack endpoint create --publicurl http://controller:5000/v2.0 --internalurl http://controller:5000/v2.0 --adminurl http://controller:35357/v2.0 --region RegionOne identity
三、To create tenants, users, and roles
1.Create an administrative project, user, and role for administrative operations in your environment:
a.Create the admin project:
openstack project create --description "Admin Project" admin
b.Create the admin user:
openstack user create --password-prompt admin
c.Create the admin role:
openstack role create admin
d.Add the admin role to the admin project and user:
openstack role add --project admin --user admin admin
2.This guide uses a service project that contains a unique user for each service that you add to your environment.
a.Create the service project:
openstack project create --description "Service Project" service
3.Regular (non-admin) tasks should use an unprivileged project and user. As an example, this guide creates the demo project and user.
a.Create the demo project:
openstack project create --description "Demo Project" demo
b.Create the demo user:
openstack user create --password-prompt demo
c.Create the user role:
openstack role create user
d.Add the user role to the demo project and user:
openstack role add --project demo --user demo user