openstack/python-keystoneclient
Code Issues Proposed changes

Merge "updating base keystoneclient documentation"

Browse Source
This commit is contained in:
Jenkins
2012-10-01 22:34:31 +00:00
committed by Gerrit Code Review
parent 539fb5f61c 135100a2ed
commit 91d582e2ce
3 changed files with 73 additions and 122 deletions
Download Patch File Download Diff File Expand all files Collapse all files

129
doc/source/releases.rst
View File

@@ -2,105 +2,32 @@
Release notes Release notes
============= =============
2.7.0 (October 21, 2011) 0.1.3 (August 31, 2012)
======================== =======================
* Forked from http://github.com/rackspace/python-novaclient * changed logging to report request and response independently in --debug mode
* Rebranded to python-keystoneclient * changed options to use hyphens instead of underscores
* Refactored to support Keystone API (auth, tokens, services, roles, tenants, * added support for PKI signed tokens with Keystone
0.1.2 (July 9, 2012)
====================
* added support for two-way SSL and --insecure option to allow for self-signed
certificates
* added support for password prompting if not provided
* added support for bash completion for keystone
* updated CLI options to use dashes instead of underscores
0.1.1 (June 25, 2012)
=====================
* corrected versioning
0.1.0 (March 29, 2012)
======================
* released with OpenStack Essex and Diablo compatibility
* forked from http://github.com/rackspace/python-novaclient
* refactored to support Keystone API (auth, tokens, services, roles, tenants,
users, etc.) users, etc.)
* removed legacy arguments of --username, --password, etc in migration to
2.5.8 (July 11, 2011) support a cross-openstack unified CLI convention defined at
===================== http://wiki.openstack.org/UnifiedCLI
* returns all public/private ips, not just first one * required service ID for listing endpoints
* better 'nova list' search options
2.5.7 - 2.5.6 = minor tweaks
2.5.5 (June 21, 2011)
=====================
* zone-boot min/max instance count added thanks to comstud
* create for user added thanks to cerberus
* fixed tests
2.5.3 (June 15, 2011)
=====================
* ProjectID can be None for backwards compatability.
* README/docs updated for projectId thanks to usrleon
2.5.1 (June 10, 2011)
=====================
* ProjectID now part of authentication
2.5.0 (June 3, 2011)
====================
* better logging thanks to GridDynamics
2.4.4 (June 1, 2011)
====================
* added support for GET /servers with reservation_id (and /servers/detail)
2.4.3 (May 27, 2011)
====================
* added support for POST /zones/select (client only, not cmdline)
2.4 (March 7, 2011)
===================
* added Jacob Kaplan-Moss copyright notices to older/untouched files.
2.3 (March 2, 2011)
===================
* package renamed to python-novaclient. Module to novaclient
2.2 (March 1, 2011)
===================
* removed some license/copywrite notices from source that wasn't
significantly changed.
2.1 (Feb 28, 2011)
==================
* shell renamed to nova from novatools
* license changed from BSD to Apache
2.0 (Feb 7, 2011)
=================
* Forked from https://github.com/jacobian/python-cloudservers
* Rebranded to python-novatools
* Auth URL support
* New OpenStack specific commands added (pause, suspend, etc)
1.2 (August 15, 2010)
=====================
* Support for Python 2.4 - 2.7.
* Improved output of :program:`cloudservers ipgroup-list`.
* Made ``cloudservers boot --ipgroup <name>`` work (as well as ``--ipgroup
<id>``).
1.1 (May 6, 2010)
=================
* Added a ``--files`` option to :program:`cloudservers boot` supporting
the upload of (up to five) files at boot time.
* Added a ``--key`` option to :program:`cloudservers boot` to key the server
with an SSH public key at boot time. This is just a shortcut for ``--files``,
but it's a useful shortcut.
* Changed the default server image to Ubuntu 10.04 LTS.

39
doc/source/shell.rst
View File

@@ -1,5 +1,5 @@
The :program:`keystone` shell utility The :program:`keystone` shell utility
========================================= =====================================
.. program:: keystone .. program:: keystone
.. highlight:: bash .. highlight:: bash
@@ -8,15 +8,36 @@ The :program:`keystone` shell utility
The :program:`keystone` shell utility interacts with OpenStack Keystone API The :program:`keystone` shell utility interacts with OpenStack Keystone API
from the command line. It supports the entirety of the OpenStack Keystone API. from the command line. It supports the entirety of the OpenStack Keystone API.
First, you'll need an OpenStack Keystone account. You get this by using the To communicate with the API, you will need to be authenticated - and the
`keystone-manage` command in OpenStack Keystone. :program:`keystone` provides multiple options for this.
You'll need to provide :program:`keystone` with your OpenStack username and While bootstrapping keystone the authentication is accomplished with a
password. You can do this with the :option:`--os-username`, :option:`--os-password`. shared secret token and the location of the keystone API endpoint. The
You can optionally specify a :option:`--os-tenant-id` or :option:`--os-tenant-name`, shared secret token is configured in keystone.conf as "admin_token".
to scope your token to a specific tenant. If you don't specify a tenant, you
will be scoped to your default tenant if you have one. Instead of using You can specify those values on the command line with :option:`--os-token`
options, it is easier to just set them as environment variables: and :option:`--os-endpoint`, or set them in environment variables:
.. envvar:: OS_SERVICE_TOKEN
Your keystone administrative token
.. envvar:: OS_SERVICE_ENDPOINT
Your keystone API endpoint
The command line options will override any environment variables set.
If you already have accounts, you can use your OpenStack username and
password. You can do this with the :option:`--os-username`,
:option:`--os-password`.
Keystone allows a user to be associated with one or more tenants. To specify
the tenant for which you want to authorize against, you may optionally
specify a :option:`--os-tenant-id` or :option:`--os-tenant-name`.
Instead of using options, it is easier to just set them as environment
variables:
.. envvar:: OS_USERNAME .. envvar:: OS_USERNAME

27
doc/source/using-api.rst
View File

@@ -13,11 +13,12 @@ The main concepts in the Keystone API are:
* endpoints * endpoints
The Keystone API lets you query and make changes through managers. For example, The Keystone API lets you query and make changes through managers. For example,
to maipulate tenants, you interact with a to manipulate tenants, you interact with a
``keystoneclient.v2_0.tenants.TenantManger`` object. ``keystoneclient.v2_0.tenants.TenantManger`` object.
You obtain access to managers through via atributes of the ``keystoneclient.v2_0.client.Client`` object. For example, the ``tenants`` attribute of the ``Client`` You obtain access to managers through via atributes of the
class is a tenant manager:: ``keystoneclient.v2_0.client.Client`` object. For example, the ``tenants``
attribute of the ``Client`` class is a tenant manager::
>>> from keystoneclient.v2_0 import client >>> from keystoneclient.v2_0 import client
>>> keystone = client.Client(...) >>> keystone = client.Client(...)
@@ -36,8 +37,8 @@ There are two ways to authenticate against Keystone:
If you are an administrator, you can authenticate by connecting to the admin If you are an administrator, you can authenticate by connecting to the admin
endpoint and using the admin token (sometimes referred to as the service endpoint and using the admin token (sometimes referred to as the service
token). The token is specified as the ``admin_token`` configuration option in your token). The token is specified as the ``admin_token`` configuration option in
keystone.conf config file, which is typically in /etc/keystone:: your keystone.conf config file, which is typically in /etc/keystone::
>>> from keystoneclient.v2_0 import client >>> from keystoneclient.v2_0 import client
>>> token = '012345SECRET99TOKEN012345' >>> token = '012345SECRET99TOKEN012345'
@@ -54,7 +55,7 @@ user::
>>> tenant_name='openstackDemo' >>> tenant_name='openstackDemo'
>>> auth_url='http://192.168.206.130:5000/v2.0' >>> auth_url='http://192.168.206.130:5000/v2.0'
>>> keystone = client.Client(username=username, password=password, >>> keystone = client.Client(username=username, password=password,
... tenant_name, auth_url=auth_url) ... tenant_name=tenant_name, auth_url=auth_url)
Creating tenants Creating tenants
================ ================
@@ -77,8 +78,9 @@ in the opoenstackDemo tenant. We first need to retrieve the tenant::
>>> keystone = client.Client(...) >>> keystone = client.Client(...)
>>> tenants = keystone.tenants.list() >>> tenants = keystone.tenants.list()
>>> my_tenant = [x for x in tenants if x.name=='openstackDemo'][0] >>> my_tenant = [x for x in tenants if x.name=='openstackDemo'][0]
>>> my_user = keystone.users.create(name="adminUser", password="secretword", >>> my_user = keystone.users.create(name="adminUser",
... tenant_id=my_tenant.id) ... password="secretword",
... tenant_id=my_tenant.id)
Creating roles and adding users Creating roles and adding users
=============================== ===============================
@@ -103,7 +105,8 @@ Compute service::
>>> keystone = client.Client(...) >>> keystone = client.Client(...)
>>> service = keystone.services.create(name="nova", service_type="compute", >>> service = keystone.services.create(name="nova", service_type="compute",
... description="Nova Compute Service") ... description="Nova Compute Service")
>>> keystone.endpoints.create(region="RegionOne", service_id=service.id, >>> keystone.endpoints.create(
... publicurl="http://192.168.206.130:8774/v2/%(tenant_id)s", ... region="RegionOne", service_id=service.id,
... adminurl="http://192.168.206.130:8774/v2/%(tenant_id)s", ... publicurl="http://192.168.206.130:8774/v2/%(tenant_id)s",
... internalurl="http://192.168.206.130:8774/v2/%(tenant_id)s") ... adminurl="http://192.168.206.130:8774/v2/%(tenant_id)s",
... internalurl="http://192.168.206.130:8774/v2/%(tenant_id)s")