OpenStack Identity Service – Bölüm 5
Merhaba,
İlk olarak servislerimizi oluşturmaya başlıyoruz.
[php]root@controller:/home/tayfun# export OS_TOKEN=35fe59312d1e2c988118
root@controller:/home/tayfun# export OS_URL=http://controller:35357/v2.0
root@controller:/home/tayfun# openstack service create \
> –name keystone –description “OpenStack Identity” identity
+————-+———————————-+
| Field | Value |
+————-+———————————-+
| description | OpenStack Identity |
| enabled | True |
| id | 95e2e4328c8546e5a8af5e705c1302b1 |
| name | keystone |
| type | identity |
+————-+———————————-+
API oluşturmak için aşağıdkai komutu kullanıyoruz.
[php]root@controller:/home/tayfun# openstack endpoint create \
> –publicurl http://controller:5000/v2.0 \
> –internalurl http://controller:5000/v2.0 \
> –adminurl http://controller:35357/v2.0 \
> –region RegionOne \
> identity
+————–+———————————-+
| Field | Value |
+————–+———————————-+
| adminurl | http://controller:35357/v2.0 |
| id | e2a722a9856b44b0bb124142340f1711 |
| internalurl | http://controller:5000/v2.0 |
| publicurl | http://controller:5000/v2.0 |
| region | RegionOne |
| service_id | 95e2e4328c8546e5a8af5e705c1302b1 |
| service_name | keystone |
| service_type | identity |
+————–+———————————-+
Yönetim operasyonu için admin ve demo projesi oluşturacağız. Devamında da bu projelere bir user ve role ekleyeceğiz.
[php]root@controller:/home/tayfun# openstack project create –description “Admin Project” admin
+————-+———————————-+
| Field | Value |
+————-+———————————-+
| description | Admin Project |
| enabled | True |
| id | bb91fe7da65d4be0b9bcc6083eb57dae |
| name | admin |
+————-+———————————-+
Yukarıda oluşturmuş olduğumuz Admin project için bir user tanımlıyoruz.
[php]root@controller:/home/tayfun# openstack user create –password-prompt admin
User Password:
Repeat User Password:
+———-+———————————-+
| Field | Value |
+———-+———————————-+
| email | None |
| enabled | True |
| id | 45588da11d6441fcbd8199df4cb47992 |
| name | admin |
| username | admin |
+———-+———————————-+
Yukarıda oluşturmuş olduğumuz user için yeni bir role oluşturuyoruz.
[php] root@controller:/home/tayfun# openstack role create admin+——-+———————————-+
| Field | Value |
+——-+———————————-+
| id | b5a70251e6e645dabdabea75e44ddeeb |
| name | admin |
+——-+———————————-+ [/php]
Yukarıda oluşturmuş olduğumuz proje ve user’i oluşturduğumuz role’e ekliyoruz.
[php] root@controller:/home/tayfun# openstack role add –project admin –user admin admin+——-+———————————-+
| Field | Value |
+——-+———————————-+
| id | b5a70251e6e645dabdabea75e44ddeeb |
| name | admin |
+——-+———————————-+ [/php]
Yeni bir Proje oluşturuyoruz. Service Project olarak ismini belirtiyoruz.
[php] root@controller:/home/tayfun# openstack project create –description “Service Project” service+————-+———————————-+
| Field | Value |
+————-+———————————-+
| description | Service Project |
| enabled | True |
| id | 50884ff3fc8e4f798c64ed2f853eee71 |
| name | service |
+————-+———————————-+ [/php]
Demo Project isimli yeni bir proje oluşturuyoruz.
[php] root@controller:/home/tayfun# openstack project create –description “Demo Project” demo+————-+———————————-+
| Field | Value |
+————-+———————————-+
| description | Demo Project |
| enabled | True |
| id | a6165c5d99fa44ef9b0fffc8b8fdec6d |
| name | demo |
+————-+———————————-+ [/php]
Demo Project’de kullanılmak üzere yeni bir user oluşturuyoruz.
[php] root@controller:/home/tayfun# openstack user create –password-prompt demoUser Password:
Repeat User Password:
+———-+———————————-+
| Field | Value |
+———-+———————————-+
| email | None |
| enabled | True |
| id | 7fc8e61dc4a04e1aadb08a1d394b322a |
| name | demo |
| username | demo |
+———-+———————————-+ [/php]
Demo için yeni bir user oluşturuyoruz.
[php] root@controller:/home/tayfun# openstack role create user+——-+———————————-+
| Field | Value |
+——-+———————————-+
| id | 8cc2609aec1a49d0a2047b5f787d3672 |
| name | user |
+——-+———————————-+ [/php]
Oluşurduğumuz demo user’ını role’e ekliyoruz.
[php]root@controller:/home/tayfun# openstack role add –project demo –user demo user
+——-+———————————-+
| Field | Value |
+——-+———————————-+
| id | 8cc2609aec1a49d0a2047b5f787d3672 |
| name | user |
+——-+———————————-+
Yapılan işlemleri verify yani doğrulanması için aşağıdaki komut’ları çalıştırıyoruz.
[php] root@controller:/home/tayfun# openstack –os-auth-url http://controller:35357 \> –os-project-name admin –os-username admin –os-auth-type password \
> token issue
Password:
+————+———————————-+
| Field | Value |
+————+———————————-+
| expires | 2016-05-13T21:45:40Z |
| id | 0f35dee4ed8a402f96d2b791aa335336 |
| project_id | bb91fe7da65d4be0b9bcc6083eb57dae |
| user_id | 45588da11d6441fcbd8199df4cb47992 |
+————+———————————-+
root@controller:/home/tayfun#
[/php] [php]root@controller:/home/tayfun# openstack –os-auth-url http://controller:35357 \
> –os-project-name admin –os-username admin –os-auth-type password \
> project list
Password:
+———————————-+———+
| ID | Name |
+———————————-+———+
| 50884ff3fc8e4f798c64ed2f853eee71 | service |
| a6165c5d99fa44ef9b0fffc8b8fdec6d | demo |
| bb91fe7da65d4be0b9bcc6083eb57dae | admin |
+———————————-+———+
> –os-project-name admin –os-username admin –os-auth-type password \
> user list
Password:
+———————————-+——-+
| ID | Name |
+———————————-+——-+
| 45588da11d6441fcbd8199df4cb47992 | admin |
| 7fc8e61dc4a04e1aadb08a1d394b322a | demo |
+———————————-+——-+ [/php] [php] root@controller:/home/tayfun# openstack –os-auth-url http://controller:35357 \
> –os-project-name admin –os-username admin –os-auth-type password \
> role list
Password:
+———————————-+——-+
| ID | Name |
+———————————-+——-+
| 8cc2609aec1a49d0a2047b5f787d3672 | user |
| b5a70251e6e645dabdabea75e44ddeeb | admin |
+———————————-+——-+ [/php] [php] root@controller:/home/tayfun# openstack –os-auth-url http://controller:5000 \
> –os-project-domain-id default –os-user-domain-id default \
> –os-project-name demo –os-username demo –os-auth-type password \
> token issue
Password:
+————+———————————-+
| Field | Value |
+————+———————————-+
| expires | 2016-05-13T23:26:00.965604Z |
| id | 77ef2e1136f240bc8c3287a3845f33bc |
| project_id | a6165c5d99fa44ef9b0fffc8b8fdec6d |
| user_id | 7fc8e61dc4a04e1aadb08a1d394b322a |
+————+———————————-+ [/php] demo ve admin kullanıcıları için script oluşturuyoruz. Environment üzerindeki testleri yaparken bize kolaylık sağlayacaktır.
Bunun için;
[php]vi admin-openrc.sh [/php]Yukarıdaki dizine giriş yapıyoruz ve aşağıdaki verileri bu dosyanın içine giriyoruz.
[php]export OS_PROJECT_DOMAIN_ID=default
export OS_USER_DOMAIN_ID=default
export OS_PROJECT_NAME=admin
export OS_TENANT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=ADMIN_PASS
export OS_AUTH_URL=http://controller:35357/v3
export OS_AUTH_TYPE=password
Aynı şekilde;
[php]vi demo-openrc.sh [/php]Bölümüne giriş yapıyoruz ve aşağıdaki verileri içine yazıyoruz.
[php]export OS_PROJECT_DOMAIN_ID=default
export OS_USER_DOMAIN_ID=default
export OS_PROJECT_NAME=demo
export OS_TENANT_NAME=demo
export OS_USERNAME=demo
export OS_PASSWORD=DEMO_PASS
export OS_AUTH_URL=http://controller:5000/v3
Script’i test etmek için admin-openrc.sh’i çalıştırıyoruz. Authtentication token’ı istemek için aşağıki komutu çalıştırıyoruz.
[php]root@controller:/home/tayfun# openstack token issue
+————+———————————-+
| Field | Value |
+————+———————————-+
| expires | 2016-05-16T21:38:01.849310Z |
| id | f264fb4c0e134eb28b5ed44e4e1e1cdc |
| project_id | bb91fe7da65d4be0b9bcc6083eb57dae |
| user_id | 45588da11d6441fcbd8199df4cb47992 |
+————+———————————-+
root@controller:/home/tayfun#
Bir sonraki bölümde Image service’i oluşturacağız.
Umarım faydalı olmuştur.
İyi çalışmalar.
hocam eski bi konu ama cevap verirseniz sevinirim
ERROR: cliff.app Unable to establish connection to http://controller:35357/v2.0/tenants
hatası alıyorum acaba ne yapabilirim 🙂