{"id":1471,"date":"2024-08-28T15:34:44","date_gmt":"2024-08-28T07:34:44","guid":{"rendered":"https:\/\/www.chencuo.top\/?p=1471"},"modified":"2024-08-28T15:34:44","modified_gmt":"2024-08-28T07:34:44","slug":"openstack-v%e7%89%88-centos-stream-8-%e6%89%8b%e5%b7%a5%e6%90%ad%e5%bb%ba-keystone%e6%90%ad%e5%bb%ba","status":"publish","type":"post","link":"https:\/\/www.chencuo.top\/?p=1471","title":{"rendered":"openstack v\u7248 centos stream 8 \u624b\u5de5\u642d\u5efa\u2014\u2014Keystone\u642d\u5efa(\u4e8c)"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\"><strong>\u6ce8\u610f<\/strong><\/h2>\n\n\n\n<p>1.\u672c\u6559\u7a0b\u4e3aopenstack \u642d\u5efa\u5e73\u53f0victoria \u7248\uff0c\u865a\u62df\u673a\u4e3acentos stream 8<\/p>\n\n\n\n<p>2.\u672c\u6559\u7a0b\u8bbe\u8ba1\u5185\u5bb9\u975e\u5e38\u591a\uff0c\u5f88\u590d\u6742\uff0c\u4f46\u4e5f\u5f88\u6709\u6280\u5de7\uff0c\u8bf7\u6ce8\u610f\u6bcf\u4e00\u6b65\uff0c\u6211\u8bf4\u53ef\u4ee5\u66f4\u6539\u7684\u5730\u65b9\u53ef\u4ee5\u66f4\u6539\uff0c\u5176\u4f59\u5efa\u8bae\u548c\u6211\u4e00\u6837<\/p>\n\n\n\n<p>3.\u5185\u5bb9\u677f\u5757\u5927\u4f53\u5305\u62ec\uff1a\u57fa\u7840\u73af\u5883\u8bbe\u7f6e\uff0c keystone\u7ec4\u5efa\u5b89\u88c5\uff0cglance\u7ec4\u5efa\u5b89\u88c5\uff0cplacement\u7ec4\u5efa\u5b89\u88c5\uff0cnova\u7ec4\u5efa\u5b89\u88c5\uff0cneutron\u7ec4\u5efa\u5b89\u88c5\uff0cdashboard\u7ec4\u5efa\u5b89\u88c5<\/p>\n\n\n\n<p><strong>4.\u5bc6\u7801\u7ea6\u5b9a\uff1a\u672c\u6587\u6240\u6709\u548c\u6570\u636e\u5e93\u53ca\u6d88\u606f\u961f\u5217\u76f8\u5173\u7684\u5bc6\u7801\u7edf\u4e00\u8bbe\u5b9a rootroot\uff0copenstack \u7ec4\u4ef6\u7528\u6237\u5bc6\u7801\u7edf\u4e00\u8bbe\u5b9a redhat<\/strong><\/p>\n\n\n\n<p>5.\u5b66\u4e60\u6b64\u7ae0\u8282\uff0c\u4f60\u9700\u8981\u4e86\u89e3\u7684\u77e5\u8bc6\uff1a\u6570\u636e\u5e93sql\u4e2ddcl\u7528\u6237\u7ba1\u7406\u7684\u77e5\u8bc6\uff0clinux\u57fa\u7840\u547d\u4ee4\uff0copenstack\u57fa\u7840\u547d\u4ee4<\/p>\n\n\n\n<p>6.\u5b98\u65b9\u7f51\u5740\uff1a<\/p>\n\n\n\n<p><a href=\"https:\/\/docs.openstack.org\/install-guide\/environment.html\">OpenStack Docs: Keystone Installation Tutorial<\/a><\/p>\n\n\n\n<p>7.\u73af\u5883\u914d\u7f6e\uff1a<\/p>\n\n\n\n<p>\u73af\u5883\u7528\u5230 2\u53f0 \u865a\u62df\u673a\uff0c\u5355\u7f51\u5361\uff0c\u5e76\u4e3a\u5176\u914d\u7f6e \u9759\u6001 IP \u53ca DNS<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><tbody><tr><td>\u4e3b\u673a\u540d<\/td><td>ip<\/td><td>\u7f51\u5173<\/td><td>DNS<\/td><td>cpu\/\u5185\u5b58<\/td><td>\u78c1\u76d8<\/td><td>\u89d2\u8272<\/td><td>\u5907\u6ce8<\/td><\/tr><tr><td>controller<\/td><td>192.168.100.128<\/td><td>192.168.100.2<\/td><td>114.114.114.114<\/td><td>4c\/6g<\/td><td>100g<\/td><td>\u63a7\u5236\u8282\u70b9<\/td><td>\u5f00\u542f\u865a\u62df\u5316\u5f15\u64ce<\/td><\/tr><tr><td>compute<\/td><td>192.168.100.129<\/td><td>192.168.100.2<\/td><td>114.114.114.114<\/td><td>4c\/6g<\/td><td>100g<\/td><td>\u8ba1\u7b97\u8282\u70b9<\/td><td>\u5f00\u542f\u865a\u62df\u5316\u5f15\u64ce<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>\u6570\u636e\u5e93\u914d\u7f6e\uff08\u4ec5\u63a7\u5236\u8282\u70b9\uff09<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>\u6570\u636e\u5e93\u5efa\u7acb\u5e76\u6388\u6743<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>&#91;root@controller ~]# mysql -u root -prootroot\nWelcome to the MariaDB monitor.  Commands end with ; or \\g.\nYour MariaDB connection id is 15\nServer version: 10.3.28-MariaDB MariaDB Server\n\nCopyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.\n\nType 'help;' or '\\h' for help. Type '\\c' to clear the current input statement.\n\nMariaDB &#91;(none)]&gt; create database keystone;\nQuery OK, 1 row affected (0.001 sec)\n\nMariaDB &#91;(none)]&gt; grant all privileges on keystone.* to 'keystone'@'localhost' identified by 'rootroot';\n## \u4e3akeystone\u7528\u6237\u5728\u672c\u5730\u5bf9keystone\u6570\u636e\u5e93\u6240\u6709\u5bf9\u8c61\u7ed9\u4e88\u5168\u90e8\u6743\u9650\uff0c\u6307\u5b9a\u5bc6\u7801\u4e3arootroot\nQuery OK, 0 rows affected (0.002 sec)\n\nMariaDB &#91;(none)]&gt; grant all privileges on keystone.* to 'keystone'@'%' identified by 'rootroot';\n## \u4e3akeystone\u7528\u6237\u5728\u4efb\u4f55\u5730\u65b9\u5bf9keystone\u6570\u636e\u5e93\u6240\u6709\u5bf9\u8c61\u7ed9\u4e88\u5168\u90e8\u6743\u9650\uff0c\u6307\u5b9a\u5bc6\u7801\u4e3arootroot\nQuery OK, 0 rows affected (0.001 sec)\n\nMariaDB &#91;(none)]&gt; show databases;\n+--------------------+\n| Database           |\n+--------------------+\n| information_schema |\n| keystone           |\n| mysql              |\n| performance_schema |\n+--------------------+\n4 rows in set (0.002 sec)\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>\u5b89\u88c5keystone\u5305<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>&#91;root@controller ~]# yum install openstack-keystone httpd python3-mod_wsgi -y\n\u5df2\u5b89\u88c5:\n  apr-1.6.3-12.el8.x86_64                                                       \n  apr-util-1.6.1-9.el8.x86_64                                                   \n  apr-util-bdb-1.6.1-9.el8.x86_64                                               \n  apr-util-openssl-1.6.1-9.el8.x86_64                                           \n  centos-logos-httpd-85.8-2.el8.noarch                                          \n  httpd-2.4.37-64.module_el8+965+1ad5c49d.x86_64                                \n  httpd-filesystem-2.4.37-64.module_el8+965+1ad5c49d.noarch                     \n  httpd-tools-2.4.37-64.module_el8+965+1ad5c49d.x86_64                          \n  mod_http2-1.15.7-10.module_el8+1009+c203647a.x86_64                           \n  openstack-keystone-1:18.1.0-1.el8.noarch                                      \n  python-oslo-cache-lang-2.6.3-1.el8.noarch                                     \n  python-oslo-concurrency-lang-4.3.1-1.el8.noarch                               \n  python-oslo-db-lang-8.4.1-1.el8.noarch                                        \n  python-oslo-middleware-lang-4.1.1-2.el8.noarch                                \n  python-oslo-policy-lang-3.5.0-2.el8.noarch                                    \n  python-pycadf-common-3.1.1-2.el8.noarch                                       \n  python3-PyMySQL-0.10.1-2.module_el8+762+77bd8591.noarch                       \n  python3-alembic-1.4.2-5.el8.noarch                                            \n  python3-amqp-2.6.1-1.el8.noarch                                               \n  python3-aniso8601-8.0.0-1.el8.noarch                                          \n  python3-babel-2.5.1-7.el8.noarch                                              \n  python3-bcrypt-3.1.7-3.el8s.x86_64                                            \n  python3-cachetools-4.2.0-1.el8s.noarch                                        \n  python3-click-6.7-8.el8.noarch                                                \n  python3-defusedxml-0.7.1-1.el8.noarch                                         \n  python3-dns-1.15.0-12.el8.noarch                                              \n  python3-editor-1.0.4-4.el8.noarch                                             \n  python3-etcd3gw-0.2.5-1.el8.noarch                                            \n  python3-eventlet-0.25.2-3.1.el8.noarch                                        \n  python3-fasteners-0.14.1-20.el8.noarch                                        \n  python3-flask-1:1.1.1-1.el8.noarch                                            \n  python3-flask-restful-0.3.8-4.el8.noarch                                      \n  python3-future-0.18.2-3.el8.noarch                                            \n  python3-futurist-2.3.0-2.el8.noarch                                           \n  python3-greenlet-0.4.13-4.el8.x86_64                                          \n  python3-itsdangerous-0.24-14.el8.noarch                                       \n  python3-jinja2-2.10.1-5.el8.noarch                                            \n  python3-jsonschema-3.2.0-5.el8.noarch                                         \n  python3-jwt-1.6.1-2.el8.noarch                                                \n  python3-keystone-1:18.1.0-1.el8.noarch                                        \n  python3-keystonemiddleware-9.1.0-2.el8.noarch                                 \n  python3-kombu-1:4.6.11-2.el8.noarch                                           \n  python3-ldap-3.3.1-2.el8.x86_64                                               \n  python3-ldappool-2.4.0-5.el8.noarch                                           \n  python3-migrate-0.13.0-1.el8.noarch                                           \n  python3-mod_wsgi-4.6.4-5.el8.x86_64                                           \n  python3-monotonic-1.5-5.el8.noarch                                            \n  python3-oauthlib-2.1.0-1.el8.noarch                                           \n  python3-oslo-cache-2.6.3-1.el8.noarch                                         \n  python3-oslo-concurrency-4.3.1-1.el8.noarch                                   \n  python3-oslo-db-8.4.1-1.el8.noarch                                            \n  python3-oslo-messaging-12.5.2-1.el8.noarch                                    \n  python3-oslo-middleware-4.1.1-2.el8.noarch                                    \n  python3-oslo-policy-3.5.0-2.el8.noarch                                        \n  python3-oslo-service-2.4.1-1.el8.noarch                                       \n  python3-oslo-upgradecheck-1.1.1-2.el8.noarch                                  \n  python3-osprofiler-3.4.0-2.el8.noarch                                         \n  python3-passlib-1.7.2-3.el8.noarch                                            \n  python3-paste-3.5.0-1.el8.noarch                                              \n  python3-paste-deploy-2.1.0-3.el8.noarch                                       \n  python3-pyOpenSSL-19.0.0-1.el8.noarch                                         \n  python3-pyasn1-0.4.6-3.el8s.noarch                                            \n  python3-pyasn1-modules-0.4.6-3.el8s.noarch                                    \n  python3-pycadf-3.1.1-2.el8.noarch                                             \n  python3-pyngus-2.3.0-4.el8.noarch                                             \n  python3-pyrsistent-0.16.0-3.el8.x86_64                                        \n  python3-pysaml2-6.1.0-1.el8.noarch                                            \n  python3-qpid-proton-0.30.0-1.el8.x86_64                                       \n  python3-repoze-lru-0.7-6.el8s.noarch                                          \n  python3-routes-2.4.1-12.el8s.noarch                                           \n  python3-scrypt-0.8.0-11.el8.x86_64                                            \n  python3-sqlalchemy-1.3.2-3.module_el8+778+ea5e2816.x86_64                     \n  python3-sqlparse-0.3.1-3.el8.noarch                                           \n  python3-statsd-3.2.1-16.el8.noarch                                            \n  python3-tempita-0.5.1-25.el8s.noarch                                          \n  python3-vine-1.3.0-4.el8.noarch                                               \n  python3-webob-1.8.6-3.el8s.noarch                                             \n  python3-werkzeug-1.0.1-3.el8.noarch                                           \n  python3-yappi-1.2.5-1.el8.x86_64                                              \n  qpid-proton-c-0.30.0-1.el8.x86_64                                             \n\n\u5b8c\u6bd5\uff01\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>\u7f16\u8f91\u914d\u7f6e\u6587\u4ef6<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>&#91;root@controller ~]# vim \/etc\/keystone\/keystone.conf\n\u6709\u70b9\u591a\uff0c:\/database    \u5bfb\u627e\n\n&#91;database]\nconnection = mysql+pymysql:\/\/keystone:rootroot@controller\/keystone     ##590\u5de6\u53f3\n\n&#91;token]\nprovider = fernet   ##\u57282470\u5de6\u53f3\n\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>\u6570\u636e\u5e93\u521d\u59cb\u5316<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>&#91;root@controller ~]# mysql -u root -prootroot\nWelcome to the MariaDB monitor.  Commands end with ; or \\g.\nYour MariaDB connection id is 16\nServer version: 10.3.28-MariaDB MariaDB Server\n\nCopyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.\n\nType 'help;' or '\\h' for help. Type '\\c' to clear the current input statement.\n\nMariaDB &#91;(none)]&gt; use keystone\nDatabase changed\nMariaDB &#91;keystone]&gt; show databases;\n+--------------------+\n| Database           |\n+--------------------+\n| information_schema |\n| keystone           |\n| mysql              |\n| performance_schema |\n+--------------------+\n4 rows in set (0.001 sec)\n\nMariaDB &#91;keystone]&gt; show tables;   ##\u53ef\u4ee5\u770b\u5230\u5e76\u6ca1\u6709\u8868\nEmpty set (0.001 sec)\n\n##  \u9000\u51fa\uff01\uff01\uff01\uff01 ##\n\n&#91;root@controller ~]# su -s \/bin\/sh -c \"keystone-manage db_sync\" keystone   ## \u521d\u59cb\u5316\u8868\n&#91;root@controller ~]# mysql -u root -p rootroot\nEnter password: \nERROR 1049 (42000): Unknown database 'rootroot'\n&#91;root@controller ~]# mysql -u root -prootroot\nWelcome to the MariaDB monitor.  Commands end with ; or \\g.\nYour MariaDB connection id is 19\nServer version: 10.3.28-MariaDB MariaDB Server\n\nCopyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.\n\nType 'help;' or '\\h' for help. Type '\\c' to clear the current input statement.\n\nMariaDB &#91;(none)]&gt; use keystone\nReading table information for completion of table and column names\nYou can turn off this feature to get a quicker startup with -A\n\nDatabase changed\nMariaDB &#91;keystone]&gt; show tables;   ##\u518d\u6b21\u67e5\u770b\uff0c\u6709\u4e86\n+------------------------------------+\n| Tables_in_keystone                 |\n+------------------------------------+\n| access_rule                        |\n| access_token                       |\n| application_credential             |\n| application_credential_access_rule |\n| application_credential_role        |\n| assignment                         |\n| config_register                    |\n| consumer                           |\n| credential                         |\n| endpoint                           |\n| endpoint_group                     |\n| expiring_user_group_membership     |\n| federated_user                     |\n| federation_protocol                |\n| group                              |\n| id_mapping                         |\n| identity_provider                  |\n| idp_remote_ids                     |\n| implied_role                       |\n| limit                              |\n| local_user                         |\n| mapping                            |\n| migrate_version                    |\n| nonlocal_user                      |\n| password                           |\n| policy                             |\n| policy_association                 |\n| project                            |\n| project_endpoint                   |\n| project_endpoint_group             |\n| project_option                     |\n| project_tag                        |\n| region                             |\n| registered_limit                   |\n| request_token                      |\n| revocation_event                   |\n| role                               |\n| role_option                        |\n| sensitive_config                   |\n| service                            |\n| service_provider                   |\n| system_assignment                  |\n| token                              |\n| trust                              |\n| trust_role                         |\n| user                               |\n| user_group_membership              |\n| user_option                        |\n| whitelisted_config                 |\n+------------------------------------+\n49 rows in set (0.001 sec)\n\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>\u521d\u59cb\u5316\u5bc6\u94a5<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>&#91;root@controller ~]# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone\n&#91;root@controller ~]# keystone-manage credential_setup --keystone-user keystone --keystone-group keystone\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>\u521d\u59cb\u5316\u5f15\u5bfc\u8eab\u4efd\u8ba4\u8bc1<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>&#91;root@controller ~]# keystone-manage bootstrap --bootstrap-password rootroot \\\n --bootstrap-admin-url http:\/\/controller:5000\/v3\/ \\\n --bootstrap-internal-url http:\/\/controller:5000\/v3\/ \\\n --bootstrap-public-url http:\/\/controller:5000\/v3\/ \\\n --bootstrap-region-id RegionOne\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>\u914d\u7f6ehttpd\u670d\u52a1<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>&#91;root@controller ~]# vim \/etc\/httpd\/conf\/httpd.conf\n\n\u66f4\u6539\u6b64\u5904\n#\n#ServerName www.example.com:80\nServerName controller       ##\u63a7\u5236\u8282\u70b9\u4e3b\u673a\u540d\n#\n&#91;root@controller ~]# ln -s \/usr\/share\/keystone\/wsgi-keystone.conf \/etc\/httpd\/conf.d\/\n##\u8f6f\u94fe\u63a5\uff0c\u53ef\u4ee5\u65b9\u4fbf\u5730\u5728 HTTP \u670d\u52a1\u5668\u7684\u914d\u7f6e\u4e2d\u5305\u542b Keystone \u7684\u7279\u5b9a\u914d\u7f6e\n\n&#91;root@controller ~]# systemctl start httpd.service \n&#91;root@controller ~]# systemctl enable httpd.service \nCreated symlink \/etc\/systemd\/system\/multi-user.target.wants\/httpd.service \u2192 \/usr\/lib\/systemd\/system\/httpd.service.\n   \n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>\u8bbe\u7f6e\u73af\u5883\u53d8\u91cf<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>&#91;root@controller ~]# cat &lt;&lt;EOF > ~\/keystonerc_admin\n export OS_USERNAME=admin\n export OS_PASSWORD=rootroot\n export OS_PROJECT_NAME=admin\n export OS_USER_DOMAIN_NAME=Default\n export OS_PROJECT_DOMAIN_NAME=Default\n export OS_AUTH_URL=http:\/\/controller:5000\/v3\n export OS_IDENTITY_API_VERSION=3\n export PS1='&#91;\\u@\\h \\W(admin)]\\$ '\n EOF\n&#91;root@controller ~]# source keystonerc_admin \n&#91;root@controller ~(admin)]$ ll\n\u603b\u7528\u91cf 12\ndrwxr-xr-x. 2 root root    6 8\u6708  27 23:59 \u516c\u5171\ndrwxr-xr-x. 2 root root    6 8\u6708  27 23:59 \u6a21\u677f\ndrwxr-xr-x. 2 root root    6 8\u6708  27 23:59 \u89c6\u9891\ndrwxr-xr-x. 2 root root    6 8\u6708  27 23:59 \u56fe\u7247\ndrwxr-xr-x. 2 root root    6 8\u6708  27 23:59 \u6587\u6863\ndrwxr-xr-x. 2 root root    6 8\u6708  27 23:59 \u4e0b\u8f7d\ndrwxr-xr-x. 2 root root    6 8\u6708  27 23:59 \u97f3\u4e50\ndrwxr-xr-x. 2 root root    6 8\u6708  27 23:59 \u684c\u9762\n-rw-------. 1 root root 1250 8\u6708  27 23:37 anaconda-ks.cfg\n-rw-r--r--. 1 root root 1531 8\u6708  27 23:59 initial-setup-ks.cfg\n-rw-r--r--  1 root root  266 8\u6708  28 04:24 keystonerc_admin\n&#91;root@controller ~(admin)]$ \n<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>\u521b\u5efa\u5bf9\u8c61<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>\u521b\u5efa<\/strong>\u9879\u76ee<\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>&#91;root@controller ~(admin)]$ openstack project list\n+----------------------------------+-------+\n| ID                               | Name  |\n+----------------------------------+-------+\n| 660df1d651a940fda39757aee91856bf | admin |\n+----------------------------------+-------+\n&#91;root@controller ~(admin)]$ openstack project create --domain default --description \"Demo Project\" myproject\n+-------------+----------------------------------+\n| Field       | Value                            |\n+-------------+----------------------------------+\n| description | Demo Project                     |\n| domain_id   | default                          |\n| enabled     | True                             |\n| id          | 8350318c9bbf48ba83cf8b71027d264c |\n| is_domain   | False                            |\n| name        | myproject                        |\n| options     | {}                               |\n| parent_id   | default                          |\n| tags        | &#91;]                               |\n+-------------+----------------------------------+\n&#91;root@controller ~(admin)]$ openstack project create --domain default --description \"Service Project\" service\n+-------------+----------------------------------+\n| Field       | Value                            |\n+-------------+----------------------------------+\n| description | Service Project                  |\n| domain_id   | default                          |\n| enabled     | True                             |\n| id          | 578eca45e7e549858c97314e3f2ec1e3 |\n| is_domain   | False                            |\n| name        | service                          |\n| options     | {}                               |\n| parent_id   | default                          |\n| tags        | &#91;]                               |\n+-------------+----------------------------------+\n&#91;root@controller ~(admin)]$ openstack project list\n+----------------------------------+-----------+\n| ID                               | Name      |\n+----------------------------------+-----------+\n| 578eca45e7e549858c97314e3f2ec1e3 | service   |\n| 660df1d651a940fda39757aee91856bf | admin     |\n| 8350318c9bbf48ba83cf8b71027d264c | myproject |\n+----------------------------------+-----------+\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">\u521b\u5efa\u7528\u6237<\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>&#91;root@controller ~(admin)]$ openstack user create --domain default --password-prompt myuser\nUser Password:\nRepeat User Password:    ##\u5bc6\u7801\u4e3aredhat\n+---------------------+----------------------------------+\n| Field               | Value                            |\n+---------------------+----------------------------------+\n| domain_id           | default                          |\n| enabled             | True                             |\n| id                  | 9688822b0dcd41929430ab48335fceb2 |\n| name                | myuser                           |\n| options             | {}                               |\n| password_expires_at | None                             |\n+---------------------+----------------------------------+\n&#91;root@controller ~(admin)]$ openstack user list\n+----------------------------------+--------+\n| ID                               | Name   |\n+----------------------------------+--------+\n| cda7fc3c6ff74289b8f40e149d397710 | admin  |\n| 9688822b0dcd41929430ab48335fceb2 | myuser |\n+----------------------------------+--------+\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>\u521b\u5efa\u89d2\u8272\u53ca\u5173\u8054\u7528\u6237<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>&#91;root@controller ~(admin)]$ openstack role create myrole    ##\u53ef\u4ee5\u4e0d\u7528\u7ba1\uff0c\u5355\u7eaf\u62ff\u6765\u4ece\u6d4b\u8bd5\u7684\n+-------------+----------------------------------+ \n| Field       | Value                            |\n+-------------+----------------------------------+\n| description | None                             |\n| domain_id   | None                             |\n| id          | 4d4cab027e4c4268bc53cb57137ec0f3 |\n| name        | myrole                           |\n| options     | {}                               |\n+-------------+----------------------------------+\n&#91;root@controller ~(admin)]$ openstack role list   ##\u67e5\u770b\u89d2\u8272\u5efa\u7acb\u6210\u529f\u6ca1\n+----------------------------------+--------+\n| ID                               | Name   |\n+----------------------------------+--------+\n| 0dbb351126844ef69cf3e7765f72f651 | reader |\n| 242961b0b2e64490a7c4eb3cafc7179e | member |\n| 35eb6220a4b14503b1672de9f0ffcae9 | admin  |\n| 4d4cab027e4c4268bc53cb57137ec0f3 | myrole |\n+----------------------------------+--------+\n&#91;root@controller ~(admin)]$ openstack role assignment list --user myuser   ##\u67e5\u770b\u9879\u76ee\u7528\u6237\u89d2\u8272\u7ed1\u5b9a\u5217\u8868\uff0c\u6309\u9053\u7406\u7b2c\u4e00\u6b21\u662f\u6ca1\u6709\u7684\n\n&#91;root@controller ~(admin)]$ openstack role add --project myproject --user myuser member  ##\u8ba9myuser\u8fd9\u4e2a\u7528\u6237\u4ee5member\u89d2\u8272\u4e0emyproject\u5efa\u7acb\u5173\u8054\n&#91;root@controller ~(admin)]$ openstack role assignment list --user myuser ##\u80af\u5b9a\u6709\u54af\n+----------------------------------+----------------------------------+-------+----------------------------------+--------+--------+-----------+\n| Role                             | User                             | Group | Project                          | Domain | System | Inherited |\n+----------------------------------+----------------------------------+-------+----------------------------------+--------+--------+-----------+\n| 242961b0b2e64490a7c4eb3cafc7179e | 9688822b0dcd41929430ab48335fceb2 |       | 8350318c9bbf48ba83cf8b71027d264c |        |        | False     |\n+----------------------------------+----------------------------------+-------+----------------------------------+--------+--------+-----------+\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>\u9a8c\u8bc1\u8eab\u4efd\u6d4b\u8bd5<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>admin\u7528\u6237\n&#91;root@controller ~]# openstack --os-auth-url http:\/\/controller:5000\/v3 \\\n --os-project-domain-name Default --os-user-domain-name Default \\\n --os-project-name admin --os-username admin token issue\n\u4e0d\u5c0f\u5fc3\u9000\u51fa\u4e86 \u6ca1\u622a\u53d6\u5230\n\nmyuser\u7528\u6237\n&#91;root@controller ~(admin)]$ unset OS_AUTH_URL OS_PASSWORD\n&#91;root@controller ~(admin)]$ openstack --os-auth-url http:\/\/controller:5000\/v3 \\\n --os-project-domain-name Default --os-user-domain-name Default \\\n --os-project-name myproject --os-username myuser token issue\n&#91;root@controller ~(admin)]$ \n\n<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>\u521b\u5efa\u73af\u5883\u53d8\u91cf\u811a\u672c\uff08\u4ec5\u63a7\u5236\u8282\u70b9<\/strong>)<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>admin\u7528\u6237\u811a\u672c<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>&#91;root@controller ~]# \n\u8f93\u5165\uff1a\ncat &lt;&lt;EOF > ~\/keystonerc_admin\nexport OS_USERNAME=admin\nexport OS_PASSWORD=rootroot\nexport OS_PROJECT_NAME=admin\nexport OS_USER_DOMAIN_NAME=Default\nexport OS_PROJECT_DOMAIN_NAME=Default\nexport OS_AUTH_URL=http:\/\/controller:5000\/v3\nexport OS_IDENTITY_API_VERSION=3\nexport OS_IMAGE_API_VERSION=2\nexport PS1='&#91;\\u@\\h \\W(admin)]\\$ '\nEOF\n\n\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>myuser\u7528\u6237\u811a\u672c<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>&#91;root@controller ~]#\n\u8f93\u5165\uff1a\ncat &lt;&lt;EOF > ~\/keystonerc_user\nexport OS_PROJECT_DOMAIN_NAME=Default\nexport OS_USER_DOMAIN_NAME=Default\nexport OS_PROJECT_NAME=myproject\nexport OS_USERNAME=myuser\nexport OS_PASSWORD=redhat\nexport OS_AUTH_URL=http:\/\/controller:5000\/v3\nexport OS_IDENTITY_API_VERSION=3\nexport OS_IMAGE_API_VERSION=2\nexport PS1='&#91;\\u@\\h \\W(myuser)]\\$ '\nEOF<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>\u5207\u6362\u6d4b\u8bd5<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>&#91;root@controller ~]# source keystonerc_admin \n&#91;root@controller ~(admin)]$ source keystonerc_user \n&#91;root@controller ~(myuser)]$ \n<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"<p>\u6ce8\u610f 1.\u672c\u6559\u7a0b\u4e3aopenstack \u642d\u5efa\u5e73\u53f0victoria \u7248\uff0c\u865a\u62df\u673a\u4e3acentos stream 8 2 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5,9,14],"tags":[30,32],"class_list":["post-1471","post","type-post","status-publish","format-standard","hentry","category-5","category-9","category-14","tag-openstack","tag-victoria"],"_links":{"self":[{"href":"https:\/\/www.chencuo.top\/index.php?rest_route=\/wp\/v2\/posts\/1471","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.chencuo.top\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.chencuo.top\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.chencuo.top\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.chencuo.top\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1471"}],"version-history":[{"count":0,"href":"https:\/\/www.chencuo.top\/index.php?rest_route=\/wp\/v2\/posts\/1471\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.chencuo.top\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1471"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.chencuo.top\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1471"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.chencuo.top\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1471"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}