http://www.pubyun.com/blog/openstack/openstack-keystone-api-%E5%AE%9E%E9%AA%8Ccurl/
参考文档:
http://keystone.openstack.org/configuration.html
http://keystone.openstack.org/api_curl_examples.html
1、重要概念:
Admin Token
所有服务共享的一个密钥,如果设置不同,哪些依赖keystone的服务将无法正常工作。
Tenants
做keystone里,Tenants 是一个高层次的组,表示一组用户。一个tenant 是一个小组,共同拥有 Nova里的虚拟机,或者Swift里的容器。一个tenant可以有一个或者多个用户,用户可以属于一个或者多个tenant,针对每个tenant,用户拥有一个角色(role)。
Tenants are the high level grouping within Keystone that represent groups of users. A tenant is the grouping that owns virtual machines within Nova, or containers within Swift. A tenant can have zero or more users, Users can be associated with more than one tenant, and each tenant – user pairing can have a role associated with it.
认证几个要素:tenants, users, roles
业务端口:5000
管理端口:35357
2、业务API 测试:
获取版本号:
curl http://192.168.28.5:5000/ | python -mjson.tool
curl http://192.168.28.5:5000/v2.0/ | python -mjson.tool
获取api扩展:
curl http://192.168.28.5:5000/v2.0/extensions | python -mjson.tool
用普通用户登录:
curl -X POST -d ‘{“auth”: {“passwordCredentials”:{“username”: “admin”, “password”: “nova”}}}’ -H “Content-type: application/json” http://192.168.28.5:5000/v2.0/tokens | python -mjson.tool
查看自己的租户:
curl -H “X-Auth-Token:614be856b02449439b116c0b28e94217″ http://192.168.28.5:5000/v2.0/tenants | python -mjson.tool
3、管理API测试:
获取版本号:
curl http://192.168.28.5:35357/ | python -mjson.tool
curl http://192.168.28.5:35357/v2.0/ | python -mjson.tool
获取api扩展:
curl http://0.0.0.0:35357/v2.0/extensions | python -mjson.tool
curl -X POST -d ‘{“auth”: {“passwordCredentials”:{“username”: “admin”, “password”: “nova”}}}’ -H “Content-type: application/json” http://192.168.28.5:35357/v2.0/tokens | python -mjson.tool
用角色 admin 登录:
curl -X POST -d ‘{“auth”: {“tenantId”: “6a524dbe23dd4e4ab672cd163c85a27d”, “passwordCredentials”:{“username”: “admin”, “password”: “nova”}}}’ -H “Content-type: application/json” http://192.168.28.5:35357/v2.0/tokens | python -mjson.tool
校验 token 的有效,并返回token的信息:
curl -H “X-Auth-Token: 32efbc8c22af4ad6a8f03d051dc3413b” http://192.168.28.5:35357/v2.0/tokens/82c8d77cac0a4fdba83b2191185ddb39 |python -mjson.tool
使用 HEAD校验,如果返回码是 20X, 表示 token 有效:
curl -I -H “X-Auth-Token: 5a10b008add4435f8473d2b11d3ba8a8″ http://192.168.28.5:35357/v2.0/tokens/5a10b008add4435f8473d2b11d3ba8a8
这个api不对:
curl -H “X-Auth-Token:5a10b008add4435f8473d2b11d3ba8a8″ http://localhost:35357/v2.0/tokens/5a10b008add4435f8473d2b11d3ba8a8/endpoints
返回租户:
curl -H “X-Auth-Token:5a10b008add4435f8473d2b11d3ba8a8″ http://localhost:35357/v2.0/tenants|python -mjson.tool
返回某个租户:
curl -H “X-Auth-Token:5a10b008add4435f8473d2b11d3ba8a8″ http://localhost:35357/v2.0/tenants/6a524dbe23dd4e4ab672cd163c85a27d |python -mjson.tool
返回用户:
curl -H “X-Auth-Token:5a10b008add4435f8473d2b11d3ba8a8″ http://localhost:35357/v2.0/users|python -mjson.tool
返回某个用户:
curl -H “X-Auth-Token:5a10b008add4435f8473d2b11d3ba8a8″ http://localhost:35357/v2.0/users/3ff8fbca9794436c996d8c6e41427530|python -mjson.tool
返回某个租户上,用户授予的角色:
curl -H “X-Auth-Token:5a10b008add4435f8473d2b11d3ba8a8″ http://localhost:35357/v2.0/tenants/6a524dbe23dd4e4ab672cd163c85a27d/users/3ff8fbca9794436c996d8c6e41427530/roles |python -mjson.tool
返回某个用户的角色:(出错,没有实现,参见 https://bugs.launchpad.net/keystone/+bug/933565)
curl -H “X-Auth-Token:5a10b008add4435f8473d2b11d3ba8a8″ http://localhost:35357/v2.0/users/3ff8fbca9794436c996d8c6e41427530/roles
===========================动手实验部分=============================
Creating Users
Create the users by executing the following commands. In this case, we are creating four users - admin, nova, glance and swift
keystone user-create --name admin --pass admin --email admin@foobar.com keystone user-create --name nova --pass nova --email nova@foobar.com keystone user-create --name glance --pass glance --email glance@foobar.com keystone user-create --name swift --pass swift --email swift@foobar.com localadmin@OpenStack-1:~$ keystone user-list
+----------------------------------+---------+-------------------+--------+
| id | enabled | email | name |
+----------------------------------+---------+-------------------+--------+
| 2acc3e1b7f90484d88a51d668496b664 | True | swift@foobar.com | swift |
| 3e8c6c6a7013469cbf673538d9cca353 | True | admin@foobar.com | admin |
| 97f20d8dada74684940383217a5d77cc | True | nova@foobar.com | nova |
| d2536af05c1c4972aea56b0edbd9ea35 | True | glance@foobar.com | glance |
+----------------------------------+---------+-------------------+--------+
业务API 测试:
获取版本号:
curl http://192.168.26.128:5000/ | python -mjson.tool
curl http://192.168.26.128:5000/v2.0/ | python -mjson.tool
localadmin@OpenStack-1:~$ curl http://192.168.26.128:5000/ | python -mjson.tool
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 630 100 630 0 0 9200 0 --:--:-- --:--:-- --:--:-- 10500
{
"versions": {
"values": [
{
"id": "v2.0",
"links": [
{
"href": "http://192.168.26.128:5000/v2.0/",
"rel": "self"
},
{
"href": "http://docs.openstack.org/api/openstack-identity-service/2.0/content/",
"rel": "describedby",
"type": "text/html"
},
{
"href": "http://docs.openstack.org/api/openstack-identity-service/2.0/identity-dev-guide-2.0.pdf",
"rel": "describedby",
"type": "application/pdf"
}
],
"media-types": [
{
"base": "application/json",
"type": "application/vnd.openstack.identity-v2.0+json"
},
{
"base": "application/xml",
"type": "application/vnd.openstack.identity-v2.0+xml"
}
],
"status": "beta",
"updated": "2011-11-19T00:00:00Z"
}
]
}
}
localadmin@OpenStack-1:~$ curl http://192.168.26.128:5000/v2.0/ | python -mjson.tool
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 615 0 615 0 0 9919 0 --:--:-- --:--:-- --:--:-- 10081
{
"version": {
"id": "v2.0",
"links": [
{
"href": "http://192.168.26.128:5000/v2.0/",
"rel": "self"
},
{
"href": "http://docs.openstack.org/api/openstack-identity-service/2.0/content/",
"rel": "describedby",
"type": "text/html"
},
{
"href": "http://docs.openstack.org/api/openstack-identity-service/2.0/identity-dev-guide-2.0.pdf",
"rel": "describedby",
"type": "application/pdf"
}
],
"media-types": [
{
"base": "application/json",
"type": "application/vnd.openstack.identity-v2.0+json"
},
{
"base": "application/xml",
"type": "application/vnd.openstack.identity-v2.0+xml"
}
],
"status": "beta",
"updated": "2011-11-19T00:00:00Z"
}
}
获取api扩展:
curl http://192.168.26.128:5000/v2.0/extensions | python -mjson.tool
localadmin@OpenStack-1:~$ curl http://192.168.26.128:5000/v2.0/extensions | python -mjson.tool
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 30 0 30 0 0 1428 0 --:--:-- --:--:-- --:--:-- 2727
{
"extensions": {
"values": []
}
}
用普通用户登录:
curl -X POST -d '{"auth": {"passwordCredentials":{"username": "admin", "password": "admin"}}}' -H "Content-type: application/json" http://192.168.26.128:5000/v2.0/tokens | python -mjson.tool
localadmin@OpenStack-1:~$ curl -X POST -d '{"auth": {"passwordCredentials":{"username": "admin", "password": "admin"}}}' -H "Content-type: application/json" http://192.168.26.128:5000/v2.0/tokens | python -mjson.tool
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 320 0 244 100 76 2632 820 --:--:-- --:--:-- --:--:-- 2804
{
"access": {
"serviceCatalog": {},
"token": {
"expires": "2012-06-05T05:02:37Z",
"id": "c73b3cde38994acaaccba4b3fb19d3f5"
},
"user": {
"id": "3e8c6c6a7013469cbf673538d9cca353",
"name": "admin",
"roles": [],
"roles_links": [],
"username": "admin"
}
}
}
curl -X POST -d '{"auth": {"passwordCredentials":{"username": "nova", "password": "nova"}}}' -H "Content-type: application/json" http://192.168.26.128:5000/v2.0/tokens | python -mjson.tool
localadmin@OpenStack-1:~$ curl -X POST -d '{"auth": {"passwordCredentials":{"username": "nova", "password": "nova"}}}' -H "Content-type: application/json" http://192.168.26.128:5000/v2.0/tokens | python -mjson.tool
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 316 0 242 100 74 2725 833 --:--:-- --:--:-- --:--:-- 2915
{
"access": {
"serviceCatalog": {},
"token": {
"expires": "2012-06-05T05:03:46Z",
"id": "87ef70de64e844e0a165c5ff73b50935"
},
"user": {
"id": "97f20d8dada74684940383217a5d77cc",
"name": "nova",
"roles": [],
"roles_links": [],
"username": "nova"
}
}
}
curl -X POST -d '{"auth": {"passwordCredentials":{"username": "swift", "password": "swift"}}}' -H "Content-type: application/json" http://192.168.26.128:5000/v2.0/tokens | python -mjson.tool
localadmin@OpenStack-1:~$ curl -X POST -d '{"auth": {"passwordCredentials":{"username": "swift", "password": "swift"}}}' -H "Content-type: application/json" http://192.168.26.128:5000/v2.0/tokens | python -mjson.tool
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 320 0 244 100 76 2753 857 --:--:-- --:--:-- --:--:-- 3050
{
"access": {
"serviceCatalog": {},
"token": {
"expires": "2012-06-05T05:05:10Z",
"id": "3db07905ac854baf8776fb47e9b33019"
},
"user": {
"id": "2acc3e1b7f90484d88a51d668496b664",
"name": "swift",
"roles": [],
"roles_links": [],
"username": "swift"
}
}
}
curl -X POST -d '{"auth": {"passwordCredentials":{"username": "glance", "password": "glance"}}}' -H "Content-type: application/json" http://192.168.26.128:5000/v2.0/tokens | python -mjson.tool
localadmin@OpenStack-1:~$ curl -X POST -d '{"auth": {"passwordCredentials":{"username": "glance", "password": "glance"}}}' -H "Content-type: application/json" http://192.168.26.128:5000/v2.0/tokens | python -mjson.tool
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 324 0 246 100 78 2928 928 --:--:-- --:--:-- --:--:-- 3113
{
"access": {
"serviceCatalog": {},
"token": {
"expires": "2012-06-05T05:05:27Z",
"id": "4099cd0ae475460c90a7e32369b8127b"
},
"user": {
"id": "d2536af05c1c4972aea56b0edbd9ea35",
"name": "glance",
"roles": [],
"roles_links": [],
"username": "glance"
}
}
}
查看自己的租户:
User UserID Token ID
admin 3e8c6c6a7013469cbf673538d9cca353 c73b3cde38994acaaccba4b3fb19d3f5
nova 97f20d8dada74684940383217a5d77cc 87ef70de64e844e0a165c5ff73b50935
swift 2acc3e1b7f90484d88a51d668496b664 3db07905ac854baf8776fb47e9b33019
glance d2536af05c1c4972aea56b0edbd9ea35 4099cd0ae475460c90a7e32369b8127b
admin:
curl -H "X-Auth-Token:c73b3cde38994acaaccba4b3fb19d3f5" http://192.168.26.128:5000/v2.0/tenants | python -mjson.tool
nova:
curl -H "X-Auth-Token:87ef70de64e844e0a165c5ff73b50935" http://192.168.26.128:5000/v2.0/tenants | python -mjson.tool
swift:
curl -H "X-Auth-Token:3db07905ac854baf8776fb47e9b33019" http://192.168.26.128:5000/v2.0/tenants | python -mjson.tool
glance:
curl -H "X-Auth-Token:4099cd0ae475460c90a7e32369b8127b" http://192.168.26.128:5000/v2.0/tenants | python -mjson.tool
运行结果:
localadmin@OpenStack-1:~$ curl -H "X-Auth-Token:c73b3cde38994acaaccba4b3fb19d3f5" http://192.168.26.128:5000/v2.0/tenants | python -mjson.tool
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 133 0 133 0 0 2557 0 --:--:-- --:--:-- --:--:-- 3022
{
"tenants": [
{
"description": null,
"enabled": true,
"id": "938c2aeb59f842c58c03a1e5bbe50e20",
"name": "admin"
}
],
"tenants_links": []
}
localadmin@OpenStack-1:~$ curl -H "X-Auth-Token:87ef70de64e844e0a165c5ff73b50935" http://192.168.26.128:5000/v2.0/tenants | python -mjson.tool
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 135 0 135 0 0 5606 0 --:--:-- --:--:-- --:--:-- 6136
{
"tenants": [
{
"description": null,
"enabled": true,
"id": "a4a59e33b382439bab47cc8c2d01caf1",
"name": "service"
}
],
"tenants_links": []
}
localadmin@OpenStack-1:~$ curl -H "X-Auth-Token:3db07905ac854baf8776fb47e9b33019" http://192.168.26.128:5000/v2.0/tenants | python -mjson.tool
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 135 0 135 0 0 4664 0 --:--:-- --:--:-- --:--:-- 6136
{
"tenants": [
{
"description": null,
"enabled": true,
"id": "a4a59e33b382439bab47cc8c2d01caf1",
"name": "service"
}
],
"tenants_links": []
}
localadmin@OpenStack-1:~$ curl -H "X-Auth-Token:4099cd0ae475460c90a7e32369b8127b" http://192.168.26.128:5000/v2.0/tenants | python -mjson.tool
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 135 0 135 0 0 4421 0 --:--:-- --:--:-- --:--:-- 4821
{
"tenants": [
{
"description": null,
"enabled": true,
"id": "a4a59e33b382439bab47cc8c2d01caf1",
"name": "service"
}
],
"tenants_links": []
}
管理API测试:
获取版本号:
curl http://192.168.26.128:35357/ | python -mjson.tool
curl http://192.168.26.128:35357/v2.0/ | python -mjson.tool
运行结果:
localadmin@OpenStack-1:~$ curl http://192.168.26.128:35357/ | python -mjson.tool
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 631 100 631 0 0 9259 0 --:--:-- --:--:-- --:--:-- 10177
{
"versions": {
"values": [
{
"id": "v2.0",
"links": [
{
"href": "http://192.168.26.128:35357/v2.0/",
"rel": "self"
},
{
"href": "http://docs.openstack.org/api/openstack-identity-service/2.0/content/",
"rel": "describedby",
"type": "text/html"
},
{
"href": "http://docs.openstack.org/api/openstack-identity-service/2.0/identity-dev-guide-2.0.pdf",
"rel": "describedby",
"type": "application/pdf"
}
],
"media-types": [
{
"base": "application/json",
"type": "application/vnd.openstack.identity-v2.0+json"
},
{
"base": "application/xml",
"type": "application/vnd.openstack.identity-v2.0+xml"
}
],
"status": "beta",
"updated": "2011-11-19T00:00:00Z"
}
]
}
}
localadmin@OpenStack-1:~$ curl http://192.168.26.128:35357/v2.0/ | python -mjson.tool
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 616 0 616 0 0 8395 0 --:--:-- --:--:-- --:--:-- 9194
{
"version": {
"id": "v2.0",
"links": [
{
"href": "http://192.168.26.128:35357/v2.0/",
"rel": "self"
},
{
"href": "http://docs.openstack.org/api/openstack-identity-service/2.0/content/",
"rel": "describedby",
"type": "text/html"
},
{
"href": "http://docs.openstack.org/api/openstack-identity-service/2.0/identity-dev-guide-2.0.pdf",
"rel": "describedby",
"type": "application/pdf"
}
],
"media-types": [
{
"base": "application/json",
"type": "application/vnd.openstack.identity-v2.0+json"
},
{
"base": "application/xml",
"type": "application/vnd.openstack.identity-v2.0+xml"
}
],
"status": "beta",
"updated": "2011-11-19T00:00:00Z"
}
}
获取api扩展:
curl http://0.0.0.0:35357/v2.0/extensions | python -mjson.tool
运行结果:
localadmin@OpenStack-1:~$ curl http://0.0.0.0:35357/v2.0/extensions | python -mjson.tool
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 396 0 396 0 0 24336 0 --:--:-- --:--:-- --:--:-- 39600
{
"extensions": {
"values": [
{
"alias": "OS-KSADM",
"description": "Openstack extensions to Keystone v2.0 API enabling Admin Operations.",
"links": [
{
"href": "https://github.com/openstack/identity-api",
"rel": "describedby",
"type": "text/html"
}
],
"name": "Openstack Keystone Admin",
"namespace": "http://docs.openstack.org/identity/api/ext/OS-KSADM/v1.0",
"updated": "2011-08-19T13:25:27-06:00"
}
]
}
}
权限验证:
curl -X POST -d '{"auth": {"passwordCredentials":{"username": "admin", "password": "admin"}}}' -H "Content-type: application/json" http://192.168.26.128:35357/v2.0/tokens | python -mjson.tool
curl -X POST -d '{"auth": {"passwordCredentials":{"username": "nova", "password": "nova"}}}' -H "Content-type: application/json" http://192.168.26.128:35357/v2.0/tokens | python -mjson.tool
curl -X POST -d '{"auth": {"passwordCredentials":{"username": "swift", "password": "swift"}}}' -H "Content-type: application/json" http://192.168.26.128:35357/v2.0/tokens | python -mjson.tool
curl -X POST -d '{"auth": {"passwordCredentials":{"username": "glance", "password": "glance"}}}' -H "Content-type: application/json" http://192.168.26.128:35357/v2.0/tokens | python -mjson.tool
运行结果:
localadmin@OpenStack-1:~$ curl -X POST -d '{"auth": {"passwordCredentials":{"username": "admin", "password": "admin"}}}' -H "Content-type: application/json" http://192.168.26.128:35357/v2.0/tokens | python -mjson.tool
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 320 0 244 100 76 2218 690 --:--:-- --:--:-- --:--:-- 2259
{
"access": {
"serviceCatalog": {},
"token": {
"expires": "2012-06-05T05:30:40Z",
"id": "4dbb421c43c94fd6bdb9678fb0ae8e26"
},
"user": {
"id": "3e8c6c6a7013469cbf673538d9cca353",
"name": "admin",
"roles": [],
"roles_links": [],
"username": "admin"
}
}
}
localadmin@OpenStack-1:~$ curl -X POST -d '{"auth": {"passwordCredentials":{"username": "nova", "password": "nova"}}}' -H "Content-type: application/json" http://192.168.26.128:35357/v2.0/tokens | python -mjson.tool
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 316 0 242 100 74 2039 623 --:--:-- --:--:-- --:--:-- 2068
{
"access": {
"serviceCatalog": {},
"token": {
"expires": "2012-06-05T05:33:38Z",
"id": "2841da2fb72948529e6f9f89a87efceb"
},
"user": {
"id": "97f20d8dada74684940383217a5d77cc",
"name": "nova",
"roles": [],
"roles_links": [],
"username": "nova"
}
}
}
localadmin@OpenStack-1:~$ curl -X POST -d '{"auth": {"passwordCredentials":{"username": "swift", "password": "swift"}}}' -H "Content-type: application/json" http://192.168.26.128:35357/v2.0/tokens | python -mjson.tool
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 320 0 244 100 76 1973 614 --:--:-- --:--:-- --:--:-- 2067
{
"access": {
"serviceCatalog": {},
"token": {
"expires": "2012-06-05T05:33:55Z",
"id": "2042dee3e64846638779d129d03e8863"
},
"user": {
"id": "2acc3e1b7f90484d88a51d668496b664",
"name": "swift",
"roles": [],
"roles_links": [],
"username": "swift"
}
}
}
localadmin@OpenStack-1:~$ curl -X POST -d '{"auth": {"passwordCredentials":{"username": "glance", "password": "glance"}}}' -H "Content-type: application/json" http://192.168.26.128:35357/v2.0/tokens | python -mjson.tool
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 324 0 246 100 78 2699 855 --:--:-- --:--:-- --:--:-- 2733
{
"access": {
"serviceCatalog": {},
"token": {
"expires": "2012-06-05T05:34:05Z",
"id": "5895947fee934dd0944f4c834ff4c5c4"
},
"user": {
"id": "d2536af05c1c4972aea56b0edbd9ea35",
"name": "glance",
"roles": [],
"roles_links": [],
"username": "glance"
}
}
}
User User ID Token ID
admin 3e8c6c6a7013469cbf673538d9cca353 4dbb421c43c94fd6bdb9678fb0ae8e26
nova 97f20d8dada74684940383217a5d77cc 2841da2fb72948529e6f9f89a87efceb
swift 2acc3e1b7f90484d88a51d668496b664 2042dee3e64846638779d129d03e8863
glance d2536af05c1c4972aea56b0edbd9ea35 5895947fee934dd0944f4c834ff4c5c4
用角色 admin 登录:
curl -X POST -d '{"auth": {"tenantId": "938c2aeb59f842c58c03a1e5bbe50e20", "passwordCredentials":{"username": "admin", "password": "admin"}}}' -H "Content-type: application/json" http://localhost:35357/v2.0/tokens | python -mjson.tool
运行结果:
localadmin@OpenStack-1:~$ curl -X POST -d '{"auth": {"tenantId": "938c2aeb59f842c58c03a1e5bbe50e20", "passwordCredentials":{"username": "admin", "password": "admin"}}}' -H "Content-type: application/json" http://localhost:35357/v2.0/tokens | python -mjson.tool
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 2348 0 2224 100 124 13850 772 --:--:-- --:--:-- --:--:-- 14535
{
"access": {
"serviceCatalog": [
{
"endpoints": [
{
"adminURL": "http://192.168.26.128:8774/v2/938c2aeb59f842c58c03a1e5bbe50e20",
"internalURL": "http://192.168.26.128:8774/v2/938c2aeb59f842c58c03a1e5bbe50e20",
"publicURL": "http://192.168.26.128:8774/v2/938c2aeb59f842c58c03a1e5bbe50e20",
"region": "myregion"
}
],
"endpoints_links": [],
"name": "nova",
"type": "compute"
},
{
"endpoints": [
{
"adminURL": "http://192.168.26.128:9292/v1",
"internalURL": "http://192.168.26.128:9292/v1",
"publicURL": "http://192.168.26.128:9292/v1",
"region": "myregion"
}
],
"endpoints_links": [],
"name": "glance",
"type": "image"
},
{
"endpoints": [
{
"adminURL": "http://192.168.26.128:8776/v1/938c2aeb59f842c58c03a1e5bbe50e20",
"internalURL": "http://192.168.26.128:8776/v1/938c2aeb59f842c58c03a1e5bbe50e20",
"publicURL": "http://192.168.26.128:8776/v1/938c2aeb59f842c58c03a1e5bbe50e20",
"region": "myregion"
}
],
"endpoints_links": [],
"name": "volume",
"type": "volume"
},
{
"endpoints": [
{
"adminURL": "http://192.168.26.128:8773/services/Admin",
"internalURL": "http://192.168.26.128:8773/services/Cloud",
"publicURL": "http://192.168.26.128:8773/services/Cloud",
"region": "myregion"
}
],
"endpoints_links": [],
"name": "ec2",
"type": "ec2"
},
{
"endpoints": [
{
"adminURL": "http://192.168.26.128:8080/v1",
"internalURL": "http://192.168.26.128:8080/v1/AUTH_938c2aeb59f842c58c03a1e5bbe50e20",
"publicURL": "http://192.168.26.128:8080/v1/AUTH_938c2aeb59f842c58c03a1e5bbe50e20",
"region": "myregion"
}
],
"endpoints_links": [],
"name": "swift",
"type": "object-store"
},
{
"endpoints": [
{
"adminURL": "http://192.168.26.128:35357/v2.0",
"internalURL": "http://192.168.26.128:5000/v2.0",
"publicURL": "http://192.168.26.128:5000/v2.0",
"region": "myregion"
}
],
"endpoints_links": [],
"name": "keystone",
"type": "identity"
}
],
"token": {
"expires": "2012-06-05T05:49:43Z",
"id": "bba8b794a2e54663bfe4dbf903c9bce1",
"tenant": {
"description": null,
"enabled": true,
"id": "938c2aeb59f842c58c03a1e5bbe50e20",
"name": "admin"
}
},
"user": {
"id": "3e8c6c6a7013469cbf673538d9cca353",
"name": "admin",
"roles": [
{
"id": "fde51bfee49a49c6a7d718ea6d78eeff",
"name": "admin"
},
{
"id": "3544b420d0ac4b98a9192c102e17af3f",
"name": "Member"
}
],
"roles_links": [],
"username": "admin"
}
}
}
校验 token 的有效,并返回token的信息:
curl -H “X-Auth-Token: 32efbc8c22af4ad6a8f03d051dc3413b” http://192.168.28.5:35357/v2.0/tokens/82c8d77cac0a4fdba83b2191185ddb39 |python -mjson.tool
使用 HEAD校验,如果返回码是 20X, 表示 token 有效:
curl -I -H “X-Auth-Token: 5a10b008add4435f8473d2b11d3ba8a8″ http://192.168.28.5:35357/v2.0/tokens/5a10b008add4435f8473d2b11d3ba8a8
返回租户:
curl -H "X-Auth-Token:bba8b794a2e54663bfe4dbf903c9bce1" http://localhost:35357/v2.0/tenants|python -mjson.tool
运行结果:
localadmin@OpenStack-1:~$ curl -H "X-Auth-Token:bba8b794a2e54663bfe4dbf903c9bce1" http://localhost:35357/v2.0/tenants|python -mjson.tool
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 234 0 234 0 0 5989 0 --:--:-- --:--:-- --:--:-- 7090
{
"tenants": [
{
"description": null,
"enabled": true,
"id": "938c2aeb59f842c58c03a1e5bbe50e20",
"name": "admin"
},
{
"description": null,
"enabled": true,
"id": "a4a59e33b382439bab47cc8c2d01caf1",
"name": "service"
}
],
"tenants_links": []
}
返回租户:
curl -H "X-Auth-Token:bba8b794a2e54663bfe4dbf903c9bce1" http://localhost:35357/v2.0/tenants|python -mjson.tool
返回某个租户:
curl -H "X-Auth-Token:bba8b794a2e54663bfe4dbf903c9bce1" http://localhost:35357/v2.0/tenants/a4a59e33b382439bab47cc8c2d01caf1 |python -mjson.tool
返回用户:
curl -H "X-Auth-Token:bba8b794a2e54663bfe4dbf903c9bce1" http://localhost:35357/v2.0/users|python -mjson.tool
返回某个用户:
curl -H "X-Auth-Token:bba8b794a2e54663bfe4dbf903c9bce1" http://localhost:35357/v2.0/users/3e8c6c6a7013469cbf673538d9cca353|python -mjson.tool
运行结果:
localadmin@OpenStack-1:~$ curl -H "X-Auth-Token:bba8b794a2e54663bfe4dbf903c9bce1
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 234 0 234 0 0 7407 0 --:--:-- --:--:-- --:--:-- 7800
{
"tenants": [
{
"description": null,
"enabled": true,
"id": "938c2aeb59f842c58c03a1e5bbe50e20",
"name": "admin"
},
{
"description": null,
"enabled": true,
"id": "a4a59e33b382439bab47cc8c2d01caf1",
"name": "service"
}
],
"tenants_links": []
}
localadmin@OpenStack-1:~$ curl -H "X-Auth-Token:bba8b794a2e54663bfe4dbf903c9bce1 " http://localhost:35357/v2.0/tenants/a4a59e33b382439bab47cc8c2d01caf1 |python - mjson.tool
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 111 0 111 0 0 3174 0 --:--:-- --:--:-- --:--:-- 3964
{
"tenant": {
"description": null,
"enabled": true,
"id": "a4a59e33b382439bab47cc8c2d01caf1",
"name": "service"
}
}
localadmin@OpenStack-1:~$ curl -H "X-Auth-Token:bba8b794a2e54663bfe4dbf903c9bce1" http://localhost:35357/v2.0/users|python -mjson.tool
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 511 0 511 0 0 14227 0 --:--:-- --:--:-- --:--:-- 17620
{
"users": [
{
"email": "swift@foobar.com",
"enabled": true,
"id": "2acc3e1b7f90484d88a51d668496b664",
"name": "swift",
"tenantId": null
},
{
"email": "admin@foobar.com",
"enabled": true,
"id": "3e8c6c6a7013469cbf673538d9cca353",
"name": "admin",
"tenantId": null
},
{
"email": "nova@foobar.com",
"enabled": true,
"id": "97f20d8dada74684940383217a5d77cc",
"name": "nova",
"tenantId": null
},
{
"email": "glance@foobar.com",
"enabled": true,
"id": "d2536af05c1c4972aea56b0edbd9ea35",
"name": "glance",
"tenantId": null
}
]
}
localadmin@OpenStack-1:~$ curl -H "X-Auth-Token:bba8b794a2e54663bfe4dbf903c9bce1" http://localhost:35357/v2.0/users/3e8c6c6a7013469cbf673538d9cca353|python -mjson.tool
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 133 0 133 0 0 3493 0 --:--:-- --:--:-- --:--:-- 4750
{
"user": {
"email": "admin@foobar.com",
"enabled": true,
"id": "3e8c6c6a7013469cbf673538d9cca353",
"name": "admin",
"tenantId": null
}
}