openstack I版的搭建二

时间 2019-11-08 标签 openstack 搭建

[root@linux-node1 ~]# cd /usr/local/src/
html

[root@linux-node1 src]# cd keystone-2014.1html5

[root@linux-node1 keystone-2014.1]# python setup.py installnode

[root@linux-node1 keystone-2014.1]# cd etc/python

[root@linux-node1 etc]# llmysql

总用量 72linux

-rw-rw-r-- 1 1004 1004 1540 4月 17 17:19 default_catalog.templatessql

-rw-rw-r-- 1 1004 1004 38423 4月 17 17:19 keystone.conf.sample数据库

-rw-rw-r-- 1 1004 1004 3635 4月 17 17:19 keystone-paste.inijson

-rw-rw-r-- 1 1004 1004 1046 4月 17 17:19 logging.conf.samplevim

-rw-rw-r-- 1 1004 1004 6397 4月 17 17:19 policy.json

-rw-rw-r-- 1 1004 1004 9032 4月 17 17:19 policy.v3cloudsample.json

把keystone须要的目录建立了

[root@linux-node1 etc]# mkdir /etc/keystone

[root@linux-node1 etc]# mkdir /var/log/keystone

[root@linux-node1 etc]# mkdir /var/run/keystone

[root@linux-node1 etc]# cp keystone.conf.sample /etc/keystone/keystone.conf

[root@linux-node1 etc]# cp keystone-paste.ini /etc/keystone/

[root@linux-node1 etc]# cp logging.conf.sample /etc/keystone/logging.conf

[root@linux-node1 etc]# cp policy.json /etc/keystone/

[root@linux-node1 etc]# pwd

/usr/local/src/keystone-2014.1/etc

[root@linux-node1 etc]# cp * /etc/keystone/

cp是否覆盖"/etc/keystone/keystone-paste.ini" y

cp是否覆盖"/etc/keystone/policy.json" y

[root@linux-node1 etc]# ll /etc/keystone/

总用量 116

-rw-r--r-- 1 root root 1540 8月 18 19:15 default_catalog.templates

-rw-r--r-- 1 root root 38423 8月 18 19:11 keystone.conf

-rw-r--r-- 1 root root 38423 8月 18 19:15 keystone.conf.sample

-rw-r--r-- 1 root root 3635 8月 18 19:15 keystone-paste.ini

-rw-r--r-- 1 root root 1046 8月 18 19:12 logging.conf

-rw-r--r-- 1 root root 1046 8月 18 19:15 logging.conf.sample

-rw-r--r-- 1 root root 6397 8月 18 19:15 policy.json

-rw-r--r-- 1 root root 9032 8月 18 19:15 policy.v3cloudsample.json

建立PKI证书

[root@linux-node1 etc]# pwd

/usr/local/src/keystone-2014.1/etc

[root@linux-node1 etc]# keystone-manage pki_setup --keystone-user root --keystone-group root

Generating RSA private key, 2048 bit long modulus

..............................+++

.......+++

e is 65537 (0x10001)

Generating RSA private key, 2048 bit long modulus

.......+++

....................................................................................+++

e is 65537 (0x10001)

Using configuration from /etc/keystone/ssl/certs/openssl.conf

Check that the request matches the signature

Signature ok

The Subject's Distinguished Name is as follows

countryName :PRINTABLE:'US'

stateOrProvinceName :ASN.1 12:'Unset'

localityName :ASN.1 12:'Unset'

organizationName :ASN.1 12:'Unset'

commonName :ASN.1 12:'www.example.com'

Certificate is to be certified until Aug 15 11:18:48 2024 GMT (3650 days)

Write out database with 1 new entries

Data Base Updated

[root@linux-node1 etc]# chown -R root:root /etc/keystone/ssl

[root@linux-node1 etc]# chmod -R 750 /etc/keystone/ssl

[root@linux-node1 ~]# vim /etc/keystone/keystone.conf

[root@linux-node1 etc]# vim /etc/keystone/keystone.conf +625

connection=mysql://keystone:keystone@192.168.33.11/keystone

[root@linux-node1 etc]# cd ~

同步数据库

[root@linux-node1 ~]# keystone-manage db_sync

咱们能够查看一下keystone库里面有表了吗

[root@linux-node1 ~]# mysql -u root -popenstack -e "use keystone;show tables;"

+-----------------------+

| Tables_in_keystone |

+-----------------------+

| assignment |

| credential |

| domain |

| endpoint |

| group |

| migrate_version |

| policy |

| project |

| region |

| role |

| service |

| token |

| trust |

| trust_role |

| user |

| user_group_membership |

+-----------------------+

[root@linux-node1 ~]# grep '^[a-z]' /etc/keystone/keystone.conf

admin_token=ADMIN

debug=true

verbose=true

log_file=keystone.log

log_dir=/var/log/keystone

connection=mysql://keystone:keystone@192.168.33.11/keystone

启动keystone看报不报错

[root@linux-node1 ~]# keystone-all --config-file=/etc/keystone/keystone.conf

2014-08-18 19:38:48.689 4905 DEBUG keystone-all [-] ******************************************************************************** log_opt_values /usr/lib/python2.6/site-packages/oslo/config/cfg.py:1923

2014-08-18 19:38:48.690 4905 INFO keystone.common.environment [-] Environment configured as: eventlet

2014-08-18 19:38:50.210 4905 WARNING keystone.openstack.common.versionutils [-] Deprecated: keystone.middleware.core.XmlBodyMiddleware is deprecated as of Icehouse in favor of support for "application/json" only and may be removed in K.

2014-08-18 19:38:50.771 4905 INFO keystone.common.environment.eventlet_server [-] Starting /usr/bin/keystone-all on 0.0.0.0:35357

2014-08-18 19:38:50.827 4905 INFO keystone.common.environment.eventlet_server [-] Starting /usr/bin/keystone-all on 0.0.0.0:5000

2014-08-18 19:38:50.829 4905 INFO eventlet.wsgi.server [-] (4905) wsgi starting up on http://0.0.0.0:35357/

2014-08-18 19:38:50.839 4905 INFO eventlet.wsgi.server [-] (4905) wsgi starting up on http://0.0.0.0:5000/

咱们能够看到keystone服务是没有问题的。

keystone监听两个端口5000和35357

下面讲这两个端口是干什么用的

用自动启动的脚步

[root@linux-node1 ~]# rz

z waiting to receive.**B0100000023be50

[root@linux-node1 ~]# ll

总用量 56

-rw-------. 1 root root 1149 7月 22 19:08 anaconda-ks.cfg

-rw-r--r-- 1 root root 14344 7月 16 13:03 init.d.zip

-rw-r--r--. 1 root root 23833 7月 22 19:08 install.log

-rw-r--r--. 1 root root 7688 7月 22 19:07 install.log.syslog

[root@linux-node1 ~]# unzip init.d.zip

Archive: init.d.zip

creating: init.d/

inflating: init.d/openstack-cinder-api

inflating: init.d/openstack-cinder-scheduler

inflating: init.d/openstack-cinder-volume

inflating: init.d/openstack-glance-api

inflating: init.d/openstack-glance-registry

inflating: init.d/openstack-glance-scrubber

inflating: init.d/openstack-keystone

inflating: init.d/openstack-neutron-dhcp-agent

inflating: init.d/openstack-neutron-linuxbridge-agent

inflating: init.d/openstack-neutron-server

inflating: init.d/openstack-nova-api

inflating: init.d/openstack-nova-cert

inflating: init.d/openstack-nova-compute

inflating: init.d/openstack-nova-conductor

inflating: init.d/openstack-nova-consoleauth

inflating: init.d/openstack-nova-novncproxy

inflating: init.d/openstack-nova-scheduler

inflating: init.d/openstack-nova-spicehtml5proxy

[root@linux-node1 ~]# ll init.d

总用量 72

-rw-r--r-- 1 root root 2425 4月 29 20:16 openstack-cinder-api

-rw-r--r-- 1 root root 1981 4月 29 20:16 openstack-cinder-scheduler

-rw-r--r-- 1 root root 2300 4月 29 20:16 openstack-cinder-volume

-rw-r--r-- 1 root root 1834 5月 19 13:34 openstack-glance-api

-rw-r--r-- 1 root root 1839 5月 19 13:35 openstack-glance-registry

-rw-r--r-- 1 root root 1919 4月 29 20:16 openstack-glance-scrubber

-rw-r--r-- 1 root root 1541 4月 29 20:16 openstack-keystone

-rw-r--r-- 1 root root 1881 4月 29 20:16 openstack-neutron-dhcp-agent

-rw-r--r-- 1 root root 1926 4月 29 20:16 openstack-neutron-linuxbridge-agent

-rw-r--r-- 1 root root 1916 4月 29 20:16 openstack-neutron-server

-rw-r--r-- 1 root root 1502 4月 29 20:16 openstack-nova-api

-rw-r--r-- 1 root root 1503 4月 29 20:16 openstack-nova-cert

-rw-r--r-- 1 root root 1506 4月 29 20:16 openstack-nova-compute

-rw-r--r-- 1 root root 1508 4月 29 20:16 openstack-nova-conductor

-rw-r--r-- 1 root root 1510 4月 29 20:16 openstack-nova-consoleauth

-rw-r--r-- 1 root root 1509 4月 29 20:16 openstack-nova-novncproxy

-rw-r--r-- 1 root root 1508 4月 29 20:16 openstack-nova-scheduler

-rw-r--r-- 1 root root 1514 4月 29 20:16 openstack-nova-spicehtml5proxy

[root@linux-node1 init.d]# cp openstack-keystone /etc/init.d/

[root@linux-node1 init.d]# chmod +x /etc/init.d/openstack-keystone

[root@linux-node1 init.d]# chkconfig --add openstack-keystone

[root@linux-node1 init.d]# chkconfig openstack-keystone on

[root@linux-node1 init.d]# /etc/init.d/openstack-keystone start

正在启动 keystone [肯定]

咱们能够看一下openstack的日志

[root@linux-node1 init.d]# ll /var/log/keystone/

总用量 76

-rw-r--r-- 1 root root 76796 8月 18 19:46 keystone.log

[root@linux-node1 init.d]# cat /var/log/keystone/keystone.log

2014-08-18 19:46:25.948 5030 INFO eventlet.wsgi.server [-] (5030) wsgi starting up on http://0.0.0.0:35357/

2014-08-18 19:46:25.948 5030 INFO eventlet.wsgi.server [-] (5030) wsgi starting up on http://0.0.0.0:5000/

OK的。

[root@linux-node1 init.d]# /etc/init.d/openstack-keystone status

keystone (pid 5030) 正在运行...

用户-租户-角色

[root@linux-node1 ~]# keystone role-list

Expecting an auth URL via either --os-auth-url or env[OS_AUTH_URL]

加环境变量

[root@linux-node1 ~]# export OS_SERVICE_TOKEN=ADMIN

[root@linux-node1 ~]# export OS_SERVICE_ENDPOINT=http://192.168.33.11:35357/v2.0

[root@linux-node1 ~]# keystone role-list

+----------------------------------+----------+

| id | name |

+----------------------------------+----------+

| 9fe2ff9ee4384b1894a90878d3e92bab | _member_ |

+----------------------------------+----------+

[root@linux-node1 ~]# keystone --help|grep list

ec2-credentials-list

endpoint-list List configured service endpoints.

role-list List all roles.

service-list List all services in Service Catalog.

tenant-list List all tenants.

user-list List users.

user-role-list List roles granted to a user.

建立admin用户

[root@linux-node1 ~]# keystone user-create --name=admin --pass admin --email=admin@openstack.com

+----------+----------------------------------+

| Property | Value |

+----------+----------------------------------+

| email | admin@openstack.com |

| enabled | True |

| id | 440e5b8242f94bb68b2199055f0c897e |

| name | admin |

| username | admin |

+----------+----------------------------------+

建立admin角色

[root@linux-node1 ~]# keystone role-create --name=admin

+----------+----------------------------------+

| Property | Value |

+----------+----------------------------------+

| id | bc6aea9196214e3cadeb6eef1c10f04e |

| name | admin |

+----------+----------------------------------+

租户

[root@linux-node1 ~]# keystone tenant-create --name=admin --description="Admin Tenant"

+-------------+----------------------------------+

| Property | Value |

+-------------+----------------------------------+

| description | Admin Tenant |

| enabled | True |

| id | cdbb9a7dcd044328a7969bc8069624ae |

| name | admin |

+-------------+----------------------------------+

给用户增长权限

用户的权限是是由角色决定的，把admin用户填加到admin租户，填加了admin的角色

[root@linux-node1 ~]# keystone user-role-add --user=admin --tenant=admin --role=admin

再填加一个角色

[root@linux-node1 ~]# keystone user-role-add --user=admin --tenant=admin --role=_member_

查看一下

[root@linux-node1 ~]# keystone user-list

+----------------------------------+-------+---------+---------------------+

+----------------------------------+-------+---------+---------------------+

+----------------------------------+-------+---------+---------------------+

[root@linux-node1 ~]# keystone tenant-list

+----------------------------------+-------+---------+

| id | name | enabled |

+----------------------------------+-------+---------+

| cdbb9a7dcd044328a7969bc8069624ae | admin | True |

+----------------------------------+-------+---------+

[root@linux-node1 ~]# keystone role-list

+----------------------------------+----------+

| id | name |

+----------------------------------+----------+

| 9fe2ff9ee4384b1894a90878d3e92bab | _member_ |

| bc6aea9196214e3cadeb6eef1c10f04e | admin |

+----------------------------------+----------+

其实执行上面几个命令，其实就是从数据库里面查询，咱们能够从mysql数据库里面查看一下。

[root@linux-node1 ~]# mysql -uroot -popenstack

Welcome to the MySQL monitor. Commands end with ; or \g.

Your MySQL connection id is 8

Server version: 5.1.73-log Source distribution

Oracle is a registered trademark of Oracle Corporation and/or its

affiliates. Other names may be trademarks of their respective

owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> show databases;

+--------------------+

| Database |

+--------------------+

| information_schema |

| cinder |

| glance |

| keystone |

| mysql |

| neutron |

| nova |

| test |

+--------------------+

8 rows in set (0.04 sec)

mysql> use keystone;

Database changed

mysql> show tables

-> ;

+-----------------------+

| Tables_in_keystone |

+-----------------------+

| assignment |

| credential |

| domain |

| endpoint |

| group |

| migrate_version |

| policy |

| project |

| region |

| role |

| service |

| token |

| trust |

| trust_role |

| user |

| user_group_membership |

+-----------------------+

16 rows in set (0.01 sec)

[root@linux-node1 ~]# mysql -uroot -popenstack

Welcome to the MySQL monitor. Commands end with ; or \g.

Your MySQL connection id is 8

Server version: 5.1.73-log Source distribution

Oracle is a registered trademark of Oracle Corporation and/or its

affiliates. Other names may be trademarks of their respective

owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> show databases;

+--------------------+

| Database |

+--------------------+

| information_schema |

| cinder |

| glance |

| keystone |

| mysql |

| neutron |

| nova |

| test |

+--------------------+

8 rows in set (0.04 sec)

mysql> use keystone;

Database changed

mysql> show tables

-> ;

+-----------------------+

| Tables_in_keystone |

+-----------------------+

| assignment |

| credential |

| domain |

| endpoint |

| group |

| migrate_version |

| policy |

| project |

| region |

| role |

| service |

| token |

| trust |

| trust_role |

| user |

| user_group_membership |

+-----------------------+

16 rows in set (0.01 sec)

再建立一个demo的用户，作实验用户，由于普通用户和admin是不同的。

[root@linux-node1 ~]# keystone user-create --name=demo --pass=demo --email=demo@openstack.com

+----------+----------------------------------+

| Property | Value |

+----------+----------------------------------+

| email | demo@openstack.com |

| enabled | True |

| id | 712b14983af54467861bf32873dbd583 |

| name | demo |

| username | demo |

+----------+----------------------------------+

建立demo的租户

[root@linux-node1 ~]# keystone tenant-create --name=demo --description="demo Tenant"

+-------------+----------------------------------+

| Property | Value |

+-------------+----------------------------------+

| description | demo Tenant |

| enabled | True |

| id | ed844c55ff2a45da880c818e356f8a71 |

| name | demo |

+-------------+----------------------------------+

把用户demo，填加到demo租户里，赋予_member_角色，也能够理解为_member_的成员。这个租户成员，就能够管理租户的一些东西。

[root@linux-node1 ~]# keystone user-role-add --user=demo --tenant=demo --role=_member_

服务和端点，学习openstack要会架构的知识。

SOA:面向服务的一种体系结构

传统的架构：

10个节点的集群，个人性能仍是有瓶颈，就是你加到20台也会有瓶颈，由于涉及到cpu计算，就是你服务再多，仍是有瓶颈的。

因此说咱们作SOA，面向服务的架构，我把个人整个业务体系，拆除各个独立的子模块。而后给每一个模块作负载均衡。

如电商：浏览页面，查看商品、价格、加入购物车、对外提供API的接口

商品的全部属性、结算中心。规则：电商中比较复杂的地方，如电商促销。作服务化的处理。

keystone里面服务的概念

keystone能够理解为注册的中心，

访问点=API

经过端点来调用。

服务端点、服务目录

我要在服务上写我本身。

建立服务

Keystone 1.用户名密码验证的，2.服务目录的，便是各个服务都要在keystone上作注册

下面我就来建立服务，keystone自己的一个服务，他本身自己建立了一个服务

[root@linux-node1 ~]# keystone service-create --name=keystone --type=identity --description="Openstack Identity"

+-------------+----------------------------------+

| Property | Value |

+-------------+----------------------------------+

| description | Openstack Identity |

| enabled | True |

| id | 7073aac2d19341a7a7375f5b7756761f |

| name | keystone |

| type | identity |

+-------------+----------------------------------+

建立endpoint

首先，端点你要对应服务

[root@linux-node1 ~]# keystone endpoint-create \

> --service-id=7073aac2d19341a7a7375f5b7756761f \

> --publicurl=http://192.168.33.11:5000/v2.0 \

> --internalurl=http://192.168.33.11:5000/v2.0 \

> --adminurl=http://192.168.33.11:35357/v2.0

+-------------+----------------------------------+

| Property | Value |

+-------------+----------------------------------+

| adminurl | http://192.168.33.11:35357/v2.0 |

| id | b95098f0c78e4ea2a2b6131d725c97a4 |

| internalurl | http://192.168.33.11:5000/v2.0 |

| publicurl | http://192.168.33.11:5000/v2.0 |

| region | regionOne |

| service_id | 7073aac2d19341a7a7375f5b7756761f |

+-------------+----------------------------------+

复制便可

keystone endpoint-create --service-id=7073aac2d19341a7a7375f5b7756761f --publicurl=http://192.168.33.11:5000/v2.0 --internalurl=http://192.168.33.11:5000/v2.0 --adminurl=http://192.168.33.11:35357/v2.0

[root@linux-node1 ~]# keystone service-list

+----------------------------------+----------+----------+--------------------+

+----------------------------------+----------+----------+--------------------+

+----------------------------------+----------+----------+--------------------+

[root@linux-node1 ~]# keystone endpoint-list

[root@linux-node1 ~]# keystone --os-username=admin --os-password=admin --os-auth-url=http://192.168.33.11:35357/v2.0 token-get

WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).

'NoneType' object has no attribute 'has_service_catalog'

报错了，为何呢？由于刚才咱们在上面export了环境变量，由于前面没有admin用户。用了token.

[root@linux-node1 ~]# env

HOSTNAME=linux-node1.openstack.com

OS_SERVICE_TOKEN=ADMIN

TERM=xterm

SHELL=/bin/bash

HISTSIZE=1000

SSH_CLIENT=192.168.33.1 50008 22

OLDPWD=/root/init.d

SSH_TTY=/dev/pts/0

USER=root

LS_COLORS=rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:mi=01;05;37;41:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arj=01;31:*.taz=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.zip=01;31:*.z=01;31:*.Z=01;31:*.dz=01;31:*.gz=01;31:*.lz=01;31:*.xz=01;31:*.bz2=01;31:*.tbz=01;31:*.tbz2=01;31:*.bz=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.rar=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.jpg=01;35:*.jpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.axv=01;35:*.anx=01;35:*.ogv=01;35:*.ogx=01;35:*.aac=01;36:*.au=01;36:*.flac=01;36:*.mid=01;36:*.midi=01;36:*.mka=01;36:*.mp3=01;36:*.mpc=01;36:*.ogg=01;36:*.ra=01;36:*.wav=01;36:*.axa=01;36:*.oga=01;36:*.spx=01;36:*.xspf=01;36:

MAIL=/var/spool/mail/root

PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin

OS_SERVICE_ENDPOINT=http://192.168.33.11:35357/v2.0

PWD=/root

LANG=zh_CN.UTF-8

HISTCONTROL=ignoredups

SHLVL=1

HOME=/root

LOGNAME=root

CVS_RSH=ssh

SSH_CONNECTION=192.168.33.1 50008 192.168.33.11 22

LESSOPEN=|/usr/bin/lesspipe.sh %s

G_BROKEN_FILENAMES=1

_=/bin/env

[root@linux-node1 ~]# unset OS_SERVICE_TOKEN

[root@linux-node1 ~]# unset OS_SERVICE_ENDPOINT

[root@linux-node1 ~]# keystone --os-username=admin --os-password=admin --os-auth-url=http://192.168.33.11:35357/v2.0 token-get

显示结果以下，就证实keystone没有问题了。

咱们加上租户验证一下

[root@linux-node1 ~]# keystone --os-username=admin --os-password=admin --os-tenant-name=admin --os-auth-url=http://192.168.33.11:35357/v2.0 token-get

显示以下，证实咱们安装的keystone是没有问题的。

+----------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+

| Property | Value |

| expires | 2014-08-18T14:55:18Z |

| id | MIIC8QYJKoZIhvcNAQcCoIIC4jCCAt4CAQExCTAHBgUrDgMCGjCCAUcGCSqGSIb3DQEHAaCCATgEggE0eyJhY2Nlc3MiOiB7InRva2VuIjogeyJpc3N1ZWRfYXQiOiAiMjAxNC0wOC0xOFQxMzo1NToxOC4yMTk5OTAiLCAiZXhwaXJlcyI6ICIyMDE0LTA4LTE4VDE0OjU1OjE4WiIsICJpZCI6ICJwbGFjZWhvbGRlciJ9LCAic2VydmljZUNhdGFsb2ciOiBbXSwgInVzZXIiOiB7InVzZXJuYW1lIjogImFkbWluIiwgInJvbGVzX2xpbmtzIjogW10sICJpZCI6ICI0NDBlNWI4MjQyZjk0YmI2OGIyMTk5MDU1ZjBjODk3ZSIsICJyb2xlcyI6IFtdLCAibmFtZSI6ICJhZG1pbiJ9LCAibWV0YWRhdGEiOiB7ImlzX2FkbWluIjogMCwgInJvbGVzIjogW119fX0xggGBMIIBfQIBATBcMFcxCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVVbnNldDEOMAwGA1UEBwwFVW5zZXQxDjAMBgNVBAoMBVVuc2V0MRgwFgYDVQQDDA93d3cuZXhhbXBsZS5jb20CAQEwBwYFKw4DAhowDQYJKoZIhvcNAQEBBQAEggEABbw8iS43IEnSuZOsRu6ZGG-2KE-7l6JqeAtne3o8yXpzt+RgVo1HQBgkn8MZMJdu4ksZRsE370hshNDGiQ+sU+0So2vGgDRfkHV8DYNEsIHxBbzfe0kEvpmT9EHFJAcviAJFN32byAnz0BQOON50VGNKwrbPmKAkUNgx9G6AzsRzycwP-SPyLoQbUDo0BtN7AMVczTS-jl30F1DW1WIX5Xt6Dqtjd2svObJNeaBJyfq+88JooRihwbCu17LYYnMX0hwy893iQv2Jf55dBjN4m9J-iGbWX-ir9X7CT5y-3q5tB6B9hhjV-uP0hWwdAkacpFCWCrzXS2OXK71UL20d-A== |

| user_id | 440e5b8242f94bb68b2199055f0c897e |

[root@linux-node1 ~]# keystone --os-username=admin --os-password=admin --os-tenant-name=admin --os-auth-url=http://192.168.33.11:35357/v2.0 token-get

+-----------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+

| Property | Value |

| expires | 2014-08-18T15:00:31Z |

| id | MIIE9QYJKoZIhvcNAQcCoIIE5jCCBOICAQExCTAHBgUrDgMCGjCCA0sGCSqGSIb3DQEHAaCCAzwEggM4eyJhY2Nlc3MiOiB7InRva2VuIjogeyJpc3N1ZWRfYXQiOiAiMjAxNC0wOC0xOFQxNDowMDozMS43NzgzNjEiLCAiZXhwaXJlcyI6ICIyMDE0LTA4LTE4VDE1OjAwOjMxWiIsICJpZCI6ICJwbGFjZWhvbGRlciIsICJ0ZW5hbnQiOiB7ImRlc2NyaXB0aW9uIjogIkFkbWluIFRlbmFudCIsICJlbmFibGVkIjogdHJ1ZSwgImlkIjogImNkYmI5YTdkY2QwNDQzMjhhNzk2OWJjODA2OTYyNGFlIiwgIm5hbWUiOiAiYWRtaW4ifX0sICJzZXJ2aWNlQ2F0YWxvZyI6IFt7ImVuZHBvaW50cyI6IFt7ImFkbWluVVJMIjogImh0dHA6Ly8xOTIuMTY4LjMzLjExOjM1MzU3L3YyLjAiLCAicmVnaW9uIjogInJlZ2lvbk9uZSIsICJpbnRlcm5hbFVSTCI6ICJodHRwOi8vMTkyLjE2OC4zMy4xMTo1MDAwL3YyLjAiLCAiaWQiOiAiMTkxOGRlMWIzYjdiNDdmMmIxYmU0NDg5ZGNjODk2YjEiLCAicHVibGljVVJMIjogImh0dHA6Ly8xOTIuMTY4LjMzLjExOjUwMDAvdjIuMCJ9XSwgImVuZHBvaW50c19saW5rcyI6IFtdLCAidHlwZSI6ICJpZGVudGl0eSIsICJuYW1lIjogImtleXN0b25lIn1dLCAidXNlciI6IHsidXNlcm5hbWUiOiAiYWRtaW4iLCAicm9sZXNfbGlua3MiOiBbXSwgImlkIjogIjQ0MGU1YjgyNDJmOTRiYjY4YjIxOTkwNTVmMGM4OTdlIiwgInJvbGVzIjogW3sibmFtZSI6ICJfbWVtYmVyXyJ9LCB7Im5hbWUiOiAiYWRtaW4ifV0sICJuYW1lIjogImFkbWluIn0sICJtZXRhZGF0YSI6IHsiaXNfYWRtaW4iOiAwLCAicm9sZXMiOiBbIjlmZTJmZjllZTQzODRiMTg5NGE5MDg3OGQzZTkyYmFiIiwgImJjNmFlYTkxOTYyMTRlM2NhZGViNmVlZjFjMTBmMDRlIl19fX0xggGBMIIBfQIBATBcMFcxCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVVbnNldDEOMAwGA1UEBwwFVW5zZXQxDjAMBgNVBAoMBVVuc2V0MRgwFgYDVQQDDA93d3cuZXhhbXBsZS5jb20CAQEwBwYFKw4DAhowDQYJKoZIhvcNAQEBBQAEggEAY9m06bc0FAMspLNBjRWgifn5+3+K61AF9eYjowVZ1VuAXPycX3UUYW6pc6lrPUUKQe3SnhF1Iv3ue1FA+DWq5RAQ4txUjJuMcvhVt1LKgPDIc1HCGCRwD0hRKpyulNelH58AujW5JaRfL26TrJQAm26Noyfqmy+tyyiT9aUND4V3wyprzROv0p7bvAcrReTo9yJubW+PFgto2QMGKgncCEc8-RP9G8rTmvlAEh12ypMrN5rYt5RBEXYxiFGOPs0iTRONpyExrleP2+MyfL7XJHvR7shcCDy-lBfJe813IlG712FGwwF-RjlcjyJM5lwJ4RIgL2Nu8cjS0fcc0IjAug== |

| tenant_id | cdbb9a7dcd044328a7969bc8069624ae |

| user_id | 440e5b8242f94bb68b2199055f0c897e |

[root@linux-node1 ~]# keystone service-list

Expecting an auth URL via either --os-auth-url or env[OS_AUTH_URL]

[root@linux-node1 ~]#

[root@linux-node1 ~]# vim keystone-admin

[root@linux-node1 ~]# cat keystone-admin

export OS_TENANT_NAME=admin

export OS_USERNAME=admin

export OS_PASSWORD=admin

export OS_AUTH_URL=http://192.168.33.11:35357/v2.0

[root@linux-node1 ~]# source keystone-admin

[root@linux-node1 ~]# keystone token-get

如今咱们就能够查看了

[root@linux-node1 ~]# keystone service-list

'+----------------------------------+----------+----------+--------------------+

+----------------------------------+----------+----------+--------------------+

+----------------------------------+----------+----------+--------------------+

[root@linux-node1 ~]# keystone role-list

+----------------------------------+----------+

| id | name |

+----------------------------------+----------+

| 9fe2ff9ee4384b1894a90878d3e92bab | _member_ |

| bc6aea9196214e3cadeb6eef1c10f04e | admin |

+----------------------------------+----------+

[root@linux-node1 ~]# keystone tenant-list

+----------------------------------+-------+---------+

| id | name | enabled |

+----------------------------------+-------+---------+

| cdbb9a7dcd044328a7969bc8069624ae | admin | True |

| ed844c55ff2a45da880c818e356f8a71 | demo | True |

+----------------------------------+-------+---------+