3973d7eecb
backport: havana Change-Id: Icd74a1a4db8ec477e48d49475c405d3b09e52c1c Partial-Bug: #1121866
69 lines
3.2 KiB
XML
69 lines
3.2 KiB
XML
<section xmlns="http://docbook.org/ns/docbook"
|
|
xmlns:xlink="http://www.w3.org/1999/xlink"
|
|
xml:id="keystone-services"
|
|
os="rhel;centos;fedora;opensuse;sles;ubuntu">
|
|
<title>Define services and API endpoints</title>
|
|
<para>The Identity Service also tracks what OpenStack services are installed
|
|
and where to locate them on the network. Run these commands for each
|
|
service in your OpenStack installation:</para>
|
|
<itemizedlist>
|
|
<listitem>
|
|
<para><command>keystone service-create</command>. Describes the
|
|
service.</para>
|
|
</listitem>
|
|
<listitem>
|
|
<para><command>keystone endpoint-create</command>. Associates
|
|
API endpoints with the service.</para>
|
|
</listitem>
|
|
</itemizedlist>
|
|
<para>For now, create a service for the Identity Service itself that
|
|
uses normal authentication instead of the authorization token when
|
|
you run the <command>keystone</command> command in the
|
|
future.</para>
|
|
<procedure>
|
|
<step>
|
|
<para>Create a service entry for the Identity Service:</para>
|
|
<screen><prompt>#</prompt> <userinput>keystone service-create --name=keystone --type=identity \
|
|
--description="Keystone Identity Service"</userinput>
|
|
<computeroutput>+-------------+----------------------------------+
|
|
| Property | Value |
|
|
+-------------+----------------------------------+
|
|
| description | Keystone Identity Service |
|
|
| id | 15c11a23667e427e91bc31335b45f4bd |
|
|
| name | keystone |
|
|
| type | identity |
|
|
+-------------+----------------------------------+</computeroutput></screen>
|
|
<para>The service ID is randomly generated and is different from
|
|
the one shown here.</para>
|
|
</step>
|
|
<step>
|
|
<para>Specify an API endpoint for the Identity Service by using
|
|
the returned service ID. When you specify an endpoint, you
|
|
provide URLs for the public API, internal API, and admin API.
|
|
In this guide, the <literal>controller</literal> host name is
|
|
used. Note that the Identity Service uses a different port for
|
|
the admin API.</para>
|
|
<screen><prompt>#</prompt> <userinput>keystone endpoint-create \
|
|
--service-id=<replaceable>the_service_id_above</replaceable> \
|
|
--publicurl=http://<replaceable>controller</replaceable>:5000/v2.0 \
|
|
--internalurl=http://<replaceable>controller</replaceable>:5000/v2.0 \
|
|
--adminurl=http://<replaceable>controller</replaceable>:35357/v2.0</userinput>
|
|
<computeroutput>+-------------+-----------------------------------+
|
|
| Property | Value |
|
|
+-------------+-----------------------------------+
|
|
| adminurl | http://controller:35357/v2.0 |
|
|
| id | 11f9c625a3b94a3f8e66bf4e5de2679f |
|
|
| internalurl | http://controller:5000/v2.0 |
|
|
| publicurl | http://controller:5000/v2.0 |
|
|
| region | regionOne |
|
|
| service_id | 15c11a23667e427e91bc31335b45f4bd |
|
|
+-------------+-----------------------------------+</computeroutput></screen>
|
|
</step>
|
|
<step>
|
|
<para>As you add other services to your OpenStack installation,
|
|
call these commands to register the services with the Identity
|
|
Service.</para>
|
|
</step>
|
|
</procedure>
|
|
</section>
|