openstack认证服务Keystone 介绍 Keystone作用:
1.用户与认证:用户权限与用户行为跟踪;
2.服务目录:提供一个服务目录,包括所有服务项和相关Api的断点
3.SOA相关知识 Keystone主要两大功能用户认证 服务目录(相当于一个注册中心) 用户认证几大名词介绍User:用户
它是用一个数字代表使用openstack云服务的一个人、系统、或服务。身份验证服务将会验证传入的由用户声明将调用的请求
一个租户可以有多个用户
一个用户可以属于一个或多个租户
用户对租户和操作权限由用户在租户中承担的角色来决定。 Project:项目
它是各个服务中的一些可以访问的资源集合或者说叫资源组。它是一个容器,用于组织和隔离资源,或标识对象。 Token:令牌 Role:角色
代表一组用户可以访问的资源权限,例如Nova中的虚拟机、Glance中的镜像 服务目录两大名词介绍Service:服务
Service即服务,如Nova、Glance、Swift。根据前三个概念(User,Tenant和Role)一个服务可以确认当前用户是否具有访问其资源的权限。但是当一个user尝试着访问其租户内的service时,他必须知道这个service是否存在以及如何访问这个service。 Endpoint:端点
Endpoint翻译为“端点”,我们可以理解它是一个服务暴露出来的访问点,如果需要访问一个服务,则必须知道他的endpoint。Endpoint的每个URL都对应一个服务实例的访问地址,并且具有public、orivate和admin这三种权限。pubic url可以完全被全局访问,private url只能被局域网访问,admin url被从常规的访问中分离。 安装KeyStone安装Openstack验证服务KeyStone - [iyunv@linux-node1 ~]# yum install -y openstack-keystone httpd mod_wsgi memcached python-memcached
提示: wsgi是python一个cgi的接口(keystone需要使用httpd来运行) 注意!
编辑文件/etc/keystone/keystone.conf,我们管理keystone只需要修改keystone的配置文件即可
在配置文件里面以[xxx]里面的内容叫做配置栏目(类似于mysql配置文件[mysqld]下面) 在[DEFAULT]部分,定义初始管理令牌的值:
我们使用openssl生成一个随机值 - [iyunv@linux-node1 ~]# openssl rand -hex 10
- 1b0abfc7e9a314a0fd7f
- [iyunv@linux-node1 ~]# vim /etc/keystone/keystone.conf
- [DEFAULT]
- admin_token = 1b0abfc7e9a314a0fd7f
keystone默认没有用户,需要进行创建用户。这样我们在配置文件中加入admin_token,在没有用户的情况下可以使用admin_token进行访问。还可以设置不用用户名和密码。简单来说admin_token就是初始化时候超级管理员的用户 在[database]部分,配置数据库访问: - [database]
- connection = mysql+pymysql://keystone:keystone@192.168.56.11/keystone
用户名:密码:数据库地址:数据库名称
因为我们需要将用户密码保存到数据库中,所以我们要配置数据库 配置Fernet UUID令牌的提供者
提供令牌有四种方式[fernet|pkiz|pki|uuid]默认是uuid - [token]
- provider = fernet
- driver = memcache
默认是存储在sql中,我们需要将它修改为memcache 提示:关于为什么选择fernet我们可以参考下方文章 配置memcached - [memcache]
- servers = 192.168.56.11:11211
提示:官方默认是localhost,但是如果是正式生产环境可能在另一台服务器上 总结keystone有以下配置 - [iyunv@linux-node1 ~]# grep '^[a-Z]' /etc/keystone/keystone.conf
- [DEFAULT]
- admin_token = 1b0abfc7e9a314a0fd7f
- [database]
- connection = mysql +pymysql
- ://keystone:keystone@192.168.56.11/keystone
- [memcached]
- servers = 192.168.56.11:11211
- [token]
- provider = fernet
- driver = memcache
初始化数据库 - [iyunv@linux-node1 ~]# su -s /bin/sh -c "keystone-manage db_sync" keystone
会自动找到keystone配置文件里的mysql连接,来帮我们创建数据库中的表 问题:我们为什么要使用keystone用户去同步数据库呢?
因为同步数据库会在/var/log/keystone去写一个日志,如果使用root权限,keystone启动时会读取这个日志,那么将无法进行读取出现启动错误的情况 检查表是否创建成功 - [iyunv@linux-node1 ~]# mysql -h 192.168.56.11 -ukeystone -pkeystone -e "use keystone;show tables;"
温馨提示:如果查看表的时候发现没有,那么我们就应该排查/var/log/keystone.log 在群里问问题必须自己先看了没有问题在进行提问 初始化Fernet keys;
创建相关的证书 - [iyunv@linux-node1 ~]# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
执行完命令之后会在/etc/keystone下生成fernet-keys目录,它的权限是keystone里面存放这一些相关证书 提示:我们要注意/etc/keystone/keystone.conf文件的权限 启动memcached并设置开启激动 - [iyunv@linux-node1 ~]# systemctl start memcached.service
- [iyunv@linux-node1 ~]# systemctl enable memcached.service
- Created symlink from /etc/systemd/system/multi-user.target.wants/memcached.service to /usr/lib/systemd/system/memcached.service.
检查
我们需要检查是否有11211 memcached的端口 查看配置文件 - [iyunv@linux-node1 ~]# cat /etc/sysconfig/memcached
- PORT="11211" #端口号
- USER="memcached" #用户
- MAXCONN="1024" #最大连接数
- CACHESIZE="64" #大小64兆
- OPTIONS=""
配置Http
因为我们当时是安装了一个连接httpd用的一个api,简单的来说我们要通过apache来启动keystone 配置/etc/httpd/conf/httpd.conf文件,配置ServerName 选项为控制节点,如果我们不修改servername那么keystone将无法启动 - [iyunv@linux-node1 ~]# vim /etc/httpd/conf/httpd.conf
- ServerName 192.168.56.11:80
创建文件/etc/httod/conf.d/wsgi-keystone.conf - [iyunv@linux-node1 ~]# cat /etc/httpd/conf.d/wsgi-keystone.conf
- Listen 5000
- Listen 35357
- WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
- WSGIProcessGroup keystone-public
- WSGIScriptAlias / /usr/bin/keystone-wsgi-public
- WSGIApplicationGroup %{GLOBAL}
- WSGIPassAuthorization On
- ErrorLogFormat "%{cu}t %M"
- ErrorLog /var/log/httpd/keystone-error.log
- CustomLog /var/log/httpd/keystone-access.log combined
- Require all granted
- WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
- WSGIProcessGroup keystone-admin
- WSGIScriptAlias / /usr/bin/keystone-wsgi-admin
- WSGIApplicationGroup %{GLOBAL}
- WSGIPassAuthorization On
- ErrorLogFormat "%{cu}t %M"
- ErrorLog /var/log/httpd/keystone-error.log
- CustomLog /var/log/httpd/keystone-access.log combined
- Require all granted
启动并设置开机启动 - [iyunv@linux-node1 ~]# systemctl enable httpd.service
- Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.
- [iyunv@linux-node1 ~]# systemctl start httpd.service
检查
如果没有启动我们要查看/var/log/keystone/keystone.log并需要开启debug日志
开启debug日志如下: - [iyunv@linux-node1 ~]# vim /etc/keystone/keystone.conf
- #debug = true
- 将false修改为true将开启
排错方案如下:如果服务出现异常,首先先打开debug 然后重启服务 查看日志 以上就是keystone安装,下面我们还需要设置keystone
因为我们要连接到keystone所以需要创建keystone用户,keystone还需要自己进行注册服务 连接keystone有俩种方式:
一种是使用keystone –os-username –os-password
另一种是使用环境变量 我们如果想连接到keystone上,需要有3个环境变量1.设置admin_token环境变量 - [iyunv@linux-node1 ~]# export OS_TOKEN=1b0abfc7e9a314a0fd7f
- admin_token后面的值是我们在keystone.conf里面写的
2.设置连接到keystone的地址(配置端点URL) - [iyunv@linux-node1 ~]# export OS_URL=http://192.168.56.11:35357/v3
- 设置keystone的admin(35357)端口 v3是用第三个版本
3.配置认证API版本 - [iyunv@linux-node1 ~]# export OS_IDENTITY_API_VERSION=3
通过admin的token设置环境变量进行操作:: - [iyunv@linux-host1 ~]# export OS_TOKEN=1b0abfc7e9a314a0fd7f #keystone配置文件中定义的token的值
- [iyunv@linux-host1 ~]# export OS_URL=http://192.168.56.11:35357/v3 #keystone地址、端口和验证版本,35357是keystone的admin端口,5000是public端口
- [iyunv@linux-host1 ~]# export OS_IDENTITY_API_VERSION=3 #配置API版本的环境变量
创建域、项目、用户和角色创建default域 - [iyunv@linux-node1 ~]# openstack domain create --description "Default Domain" Default
- +-------------+----------------------------------+
- | Field | Value |
- +-------------+----------------------------------+
- | description | Default Domain |
- | enabled | True |
- | id | 8af40091347e4b109d44feae01fc4356 |
- | name | Default |
- +-------------+----------------------------------+
- --description是域的描述,最后一个是域的名称
提示:只有在环境变量下才可以创建这个域,并且生成的ID是随机的 为了进行管理操作,创建管理的项目、用户和角色 创建admin项目 相当于管理的,可以管理所有的云主机 - [iyunv@linux-node1 ~]# openstack project create --domain default --description "Admin Project" admin
- +-------------+----------------------------------+
- | Field | Value |
- +-------------+----------------------------------+
- | description | Admin Project |
- | domain_id | 8af40091347e4b109d44feae01fc4356 |
- | enabled | True |
- | id | 026a58f98402437fa95ef4a21fbd4d1a |
- | is_domain
- | False |
- | name | admin |
- | parent_id | 8af40091347e4b109d44feae01fc4356 |
- +-------------+----------------------------------+
- #命令格式为openstack project --domain 域 --description "描述" 项目名
创建admin用户
密码我们设置为admin - [iyunv@linux-node1 ~]# openstack user create --domain default --password-prompt admin
- User Password:
- Repeat User Password:
- +-----------+----------------------------------+
- | Field | Value |
- +-----------+----------------------------------+
- | domain_id | 8af40091347e4b109d44feae01fc4356 |
- | enabled | True |
- | id | a809e8be52c84732aecd8ebb93481d65 |
- | name | admin |
- +-----------+----------------------------------+
提示:密码请设置跟我一致! 创建admin角色
角色就是在一个项目里面有多个角色,我们只能创建在配置文件中设置的角色。配置路径/etc/keystone/policy.json - [iyunv@linux-node1 ~]# openstack role create admin
- +-----------+----------------------------------+
- | Field | Value |
- +-----------+----------------------------------+
- | domain_id | None |
- | id | c934dad680e142d09c434e2301b2a9bf |
- | name | admin |
- +-----------+----------------------------------+
添加admin角色到admin项目和用户上
把admin用户添加到admin项目并授权admin的角色,角色就是admin权利的集合 - [iyunv@linux-node1 ~]# openstack role add --project admin --user admin admin
小结:前三个环境变量是为了连接到keystone上,后面的就是为了创建域、项目、用户和角色,给域、项目、用户和角色做了一个关联 创建一个demo项目
demo项目就类似于我们去阿里云上注册了一个账号,基本流程跟创建admin是一样的 - [iyunv@linux-node1 ~]# openstack project create --domain default --description "Demo Project" demo
- +-------------+----------------------------------+
- | Field | Value |
- +-------------+----------------------------------+
- | description | Demo Project |
- | domain_id | 8af40091347e4b109d44feae01fc4356 |
- | enabled | True |
- | id | ff5398ee1b2e4d00bafd57f82dc150e6 |
- | is_domain | False |
- | name | demo |
- | parent_id | 8af40091347e4b109d44feae01fc4356 |
- +-------------+----------------------------------+
创建demo用户 - [iyunv@linux-node1 ~]# openstack user create --domain default --password-prompt demo
- User Password:
- Repeat User Password:
- +-----------+----------------------------------+
- | Field | Value |
- +-----------+----------------------------------+
- | domain_id | 8af40091347e4b109d44feae01fc4356 |
- | enabled | True |
- | id | a78ec26501374df4a574bd3f8153d67f |
- | name | demo |
- +-----------+----------------------------------+
- 密码设置为demo
创建角色User - [iyunv@linux-node1 ~]# openstack role create user
- +-----------+----------------------------------+
- | Field | Value |
- +-----------+----------------------------------+
- | domain_id | None |
- | id | 4161dec8714f468f832a55a6ec2abb9e |
- | name | user |
- +-----------+----------------------------------+
- 提示:角色一共就只有两种,一个是admin另一个就是user了
授权 - [iyunv@linux-node1 ~]# openstack role add --project demo --user demo user
- 把demo用户添加到demo项目并授予user角色
创建一个service项目
我们各个服务之间需要去访问keystone,那么访问keystone就需要做认证,就需要我们创建用户,这个用户就要属于一个项目。所以我们要先创建一个server项目然后我们还需要给每个项目单独创建一个用户 - [iyunv@linux-node1 ~]# openstack project create --domain default --description "Demo Project" service
- +-------------+----------------------------------+
- | Field | Value |
- +-------------+----------------------------------+
- | description | Demo Project |
- | domain_id | 8af40091347e4b109d44feae01fc4356 |
- | enabled | True |
- | id | 1c2419156c1b4214b53c50f3f075aeb3 |
- | is_domain | False |
- | name | service |
- | parent_id | 8af40091347e4b109d44feae01fc4356 |
- +-------------+----------------------------------+
提示:我们创建server项目是给服务用户用的,现在我们就需要创建openstack组件所有的服务的用户,openstack官方文档是没操作一个服务就创建一个用户,我们在这直接创建完所有用户 创建glance用户 - [iyunv@linux-node1 ~]# openstack user create --domain default --password-prompt glance
- User Password:
- Repeat User Password:
- +-----------+----------------------------------+
- | Field | Value |
- +-----------+----------------------------------+
- | domain_id | 8af40091347e4b109d44feae01fc4356 |
- | enabled | True |
- | id | c57d19c6b3784c53b40c48013c11530a |
- | name | glance |
- +-----------+----------------------------------+
- 授权
- [iyunv@linux-node1 ~]# openstack role add --project service --user glance admin
创建Nova用户 - [iyunv@linux-node1 ~]# openstack user create --domain default --password-prompt nova
- User Password:
- Repeat User Password:
- +-----------+----------------------------------+
- | Field | Value |
- +-----------+----------------------------------+
- | domain_id | 8af40091347e4b109d44feae01fc4356 |
- | enabled | True |
- | id | c9a1b50f0b1c42b4a218b2e8dc43078c |
- | name | nova |
- +-----------+----------------------------------+
- [iyunv@linux-node1 ~]# openstack role add --project service --user nova admin
创建neutron用户并授权 - [iyunv@linux-node1 ~]# openstack user create --domain default --password-prompt neutron
- User Password:
- Repeat User Password:
- +-----------+----------------------------------+
- | Field | Value |
- +-----------+----------------------------------+
- | domain_id | 8af40091347e4b109d44feae01fc4356 |
- | enabled | True |
- | id | 99939909b95f4d8aa2ad59622ae10432 |
- | name | neutron |
- +-----------+----------------------------------+
- [iyunv@linux-node1 ~]# openstack role add --project service --user neutron admin
创建glance用户并授权 - [iyunv@linux-host1 ~]# openstack user create --domain default --password-prompt glance
- User Password:
- Repeat User Password:
- +-----------+----------------------------------+
- | Field | Value |
- +-----------+----------------------------------+
- | domain_id | f5282392070044e18b5e93299ee15b5a |
- | enabled | True |
- | id | 4ee18653aa5b47f293fdf8ed658b221c |
- | name | glance |
- +-----------+----------------------------------+
- [iyunv@linux-node1 ~]# openstack role add --project service --user glance admin
温馨提示:如果出现错误可以使用以下命令进行排错
用户相关设置:openstack user –help - [iyunv@linux-node1 ~]# openstack user --help
- Command "user" matches:
- user create
- user delete
- user list
- user password set
- user set
- user show
服务相关设置: - [iyunv@linux-node1 ~]# openstack service --help
- Command "service" matches:
- service create
- service delete
- service list
- service provider create
- service provider delete
- service provider list
- service provider set
- service provider show
- service set
- service show
- openstack project list查看是否有项目
- openstack user list 查看是否有用户
以上就是keystone的用户部署 keystone还有一个功能是服务注册,我们需要将服务注册到上面来 服务注册创建服务 - [iyunv@linux-node1 ~]# openstack service create --name keystone --description "OpenStack Identity" identity
- +-------------+----------------------------------+
- | Field | Value |
- +-------------+----------------------------------+
- | description | OpenStack Identity |
- | enabled | True |
- | id | 22e86b1d085d46d58b5db1aae7f8d26d |
- | name | keystone |
- | type | identity |
- +-------------+----------------------------------+
- 其他服务过来找的时候就会查找是否含有类似为identity
创建endpoint
前文介绍: Endpoint翻译为“端点”,我们可以理解它是一个服务暴露出来的访问点,如果需要访问一个服务,则必须知道他的endpoint。Endpoint的每个URL都对应一个服务实例的访问地址,并且具有public、orivate和admin这三种权限。pubic url可以完全被全局访问,private url只能被局域网访问,admin url被从常规的访问中分离。 创建公有端点(public) - [iyunv@linux-node1 ~]# openstack endpoint create --region RegionOne identity public http://192.168.56.11:5000/v3
- +--------------+----------------------------------+
- | Field | Value |
- +--------------+----------------------------------+
- | enabled | True |
- | id | 041e59113fb84bc1955b4853719e5bdf |
- | interface | public |
- | region | RegionOne |
- | region_id | RegionOne |
- | service_id | 22e86b1d085d46d58b5db1aae7f8d26d |
- | service_name | keystone |
- | service_type | identity |
- | url | http://192.168.56.11:5000/v3 |
- +--------------+----------------------------------+
创建私有端点(internal) - [iyunv@linux-node1 ~]# openstack endpoint create --region RegionOne identity internal http://192.168.56.11:5000/v3
- +--------------+----------------------------------+
- | Field | Value |
- +--------------+----------------------------------+
- | enabled | True |
- | id | 5dbf154c482144848a45314c38d86751 |
- | interface | internal |
- | region | RegionOne |
- | region_id | RegionOne |
- | service_id | 22e86b1d085d46d58b5db1aae7f8d26d |
- | service_name | keystone |
- | service_type | identity |
- | url | http://192.168.56.11:5000/v3 |
- +--------------+----------------------------------+
创建admin
我们需要将端口改成35357,因为keystone比较特殊,需要单独一个端口 - [iyunv@linux-node1 ~]# openstack endpoint create --region RegionOne identity admin http://192.168.56.11:35357/v3
- +--------------+----------------------------------+
- | Field | Value |
- +--------------+----------------------------------+
- | enabled | True |
- | id | 30138e420b5b4625a9c8ee2bca56b2d5 |
- | interface | admin |
- | region | RegionOne |
- | region_id | RegionOne |
- | service_id | 22e86b1d085d46d58b5db1aae7f8d26d |
- | service_name | keystone |
- | service_type | identity |
- | url | http://192.168.56.11:35357/v3 |
- +--------------+----------------------------------+
- 温馨提示:如果一不小心输入错了,需要将三个端点删除从新创建
检查keystone是否安装成功
测试之前我们需要删除删除环境变量unset OS_TOKEN OS_URL
账号是admin,密码我们设置的是admin - [iyunv@linux-node1 ~]# openstack --os-auth-url http://192.168.56.11:35357/v3
- > --os-project-domain-name default --os-user-domain-name default
- > --os-project-name admin --os-username admin token issue
- Password:
- +------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
- | Field | Value |
- +------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
- | expires | 2016-11-17T04:51:30.580499Z |
- | id | gAAAAABYLSlCWrN1SZuiZsXNPLo5-JosU1wrgfiwxHBTYPFqfStOZNa8jFSyYhMSPeeC5Fj1qHTJ9ct67IzqjhFcpWrsj7dkRPajxh7NbUAoJsM7aeRJTgWCx7oWQgoR5VqcItnu0ru_45we71BG_mrd9fJxRinPbbDbjEMkpGSN |
- | | XJeOyhSCYrA |
- | project_id | 026a58f98402437fa95ef4a21fbd4d1a |
- | user_id | a809e8be52c84732aecd8ebb93481d65 |
- +------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
用这个用户名和密码获取一个token,如果可以获取到说明正常,如果没有获取到说明失败 测试demo用户
密码我们同样设置的是demo - [iyunv@linux-node1 ~]# openstack --os-auth-url http://192.168.56.11:5000/v3
- > --os-project-domain-name default --os-user-domain-name default
- > --os-project-name demo --os-username demo token issue
- Password:
- +------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
- | Field | Value |
- +------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
- | expires | 2016-11-17T04:56:37.343347Z |
- | id | gAAAAABYLSp17aa9fPaMORIV-wpQa2cxCHfBiU5RbhlW8fPu-uIUsKuXj4gaI8NWLCj7Y3GIam8752UY0miXJxnvJ7ew3lMPpCnYLPrObmvXmo1yeKa391u9yucUbKGIX-ma- |
- | | O0iijuy7-XNcGbKa2Ylwij3j3xbyaIUwiiRddnObNx3ZPVjTEo |
- | project_id | ff5398ee1b2e4d00bafd57f82dc150e6 |
- | user_id | a78ec26501374df4a574bd3f8153d67f |
- +------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
创建脚本
创建admin和demo项目和用户创建客户端环境变量脚本,为了以后的方便而创建 - [iyunv@linux-node1 ~]# cat admin-openstack.sh
- export OS_PROJECT_DOMAIN_NAME=default
- export OS_USER_DOMAIN_NAME=default
- export OS_PROJECT_NAME=admin
- export OS_USERNAME=admin
- export OS_PASSWORD=admin
- export OS_AUTH_URL=http://192.168.56.11:35357/v3
- export OS_IDENTITY_API_VERSION=3
- export OS_IMAGE_API_VERSION=2
测试脚本是否生效
创建完成后,我们下次在想验证token就可以直接使用命令来执行 - [iyunv@linux-node1 ~]# source admin-openstack.sh
- [iyunv@linux-node1 ~]# openstack token issue
- +------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
- | Field | Value |
- +------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
- | expires | 2016-11-17T07:52:13.398484Z |
- | id | gAAAAABYLVOdq_gR3JayGSrGeEnJZJHeCxAmkxpAZ9asbj8IH91-jDgImQrVprlPvMO2qXlLAAV3mShVSvEOmMoGpDaCG_ulcr0EB0xo1v- |
- | | p171xzH3E7ke5NaNNdZWOlIfFmLACa7sA5wULKVz7kSBbS4g_h_bJq0lxr7ev4MX8FsWRnmmtGZI |
- | project_id | 026a58f98402437fa95ef4a21fbd4d1a |
- | user_id | a809e8be52c84732aecd8ebb93481d65 |
- +------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
- [iyunv@linux-node1 ~]#
编写demo的环境 - [iyunv@linux-node1 ~]# cat demo-openstack.sh
- export OS_PROJECT_DOMAIN_NAME=default
- export OS_USER_DOMAIN_NAME=default
- export OS_PROJECT_NAME=demo
- export OS_USERNAME=demo
- export OS_PASSWORD=demo
- export OS_AUTH_URL=http://192.168.56.11:5000/v3
- export OS_IDENTITY_API_VERSION=3
- export OS_IMAGE_API_VERSION=2
- [iyunv@linux-node1 ~]# source demo-openstack.sh
- [iyunv@linux-node1 ~]# openstack token issue
- +------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
- | Field | Value |
- +------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
- | expires | 2016-11-17T07:54:19.996447Z |
- | id | gAAAAABYLVQc_H2-tIGst4GvEhpu03taLaXP9yE1Yru2foNEzvdW5zFErR_8nvyqkZ2-f8HoHSOpVcRvDPxbujk93uB4a0meYWRS6Ve5zYFZ7v74CbmMRkB-f7hThsTET1uazzKDXFP46gzBV3G135NT-xdjKp- |
- | | pQv58ZNm7BVHSXVtMIES289M |
- | project_id | ff5398ee1b2e4d00bafd57f82dc150e6 |
- | user_id | a78ec26501374df4a574bd3f8153d67f |
- +------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
以后我们要执行openstack命令,直接执行这个环境变量即可 ———以上就是keystone的配置———-
|