93ca16c558
The name of the default domain in keystone is 'Default', not 'default', which is its ID. If a user copy and pastes the user_domain_name and project_domain_name settings from example [filter:authtoken] section in the install guide, the first time they run 'swift stat' they will meet a 401 error because keystone is trying to look up domains by name rather than ID. This patch corrects the docs so that they are copy-and-paste-proof, and also updates the keystone user creation example to demonstrate the correct domain ID. Change-Id: Ic595c2923b71d1c2ff2b4c9a773ea7742fdd029b
117 lines
5.2 KiB
Plaintext
117 lines
5.2 KiB
Plaintext
Prerequisites
|
|
-------------
|
|
|
|
The proxy service relies on an authentication and authorization mechanism such
|
|
as the Identity service. However, unlike other services, it also offers an
|
|
internal mechanism that allows it to operate without any other OpenStack
|
|
services. Before you configure the Object Storage service, you must
|
|
create service credentials and an API endpoint.
|
|
|
|
.. note::
|
|
|
|
The Object Storage service does not use an SQL database on the controller
|
|
node. Instead, it uses distributed SQLite databases on each storage node.
|
|
|
|
#. Source the ``admin`` credentials to gain access to admin-only CLI commands:
|
|
|
|
.. code-block:: console
|
|
|
|
$ . admin-openrc
|
|
|
|
#. To create the Identity service credentials, complete these steps:
|
|
|
|
* Create the ``swift`` user:
|
|
|
|
.. code-block:: console
|
|
|
|
$ openstack user create --domain default --password-prompt swift
|
|
User Password:
|
|
Repeat User Password:
|
|
+-----------+----------------------------------+
|
|
| Field | Value |
|
|
+-----------+----------------------------------+
|
|
| domain_id | default |
|
|
| enabled | True |
|
|
| id | d535e5cbd2b74ac7bfb97db9cced3ed6 |
|
|
| name | swift |
|
|
+-----------+----------------------------------+
|
|
|
|
* Add the ``admin`` role to the ``swift`` user:
|
|
|
|
.. code-block:: console
|
|
|
|
$ openstack role add --project service --user swift admin
|
|
|
|
.. note::
|
|
|
|
This command provides no output.
|
|
|
|
* Create the ``swift`` service entity:
|
|
|
|
.. code-block:: console
|
|
|
|
$ openstack service create --name swift \
|
|
--description "OpenStack Object Storage" object-store
|
|
+-------------+----------------------------------+
|
|
| Field | Value |
|
|
+-------------+----------------------------------+
|
|
| description | OpenStack Object Storage |
|
|
| enabled | True |
|
|
| id | 75ef509da2c340499d454ae96a2c5c34 |
|
|
| name | swift |
|
|
| type | object-store |
|
|
+-------------+----------------------------------+
|
|
|
|
#. Create the Object Storage service API endpoints:
|
|
|
|
.. code-block:: console
|
|
|
|
$ openstack endpoint create --region RegionOne \
|
|
object-store public http://controller:8080/v1/AUTH_%\(tenant_id\)s
|
|
+--------------+----------------------------------------------+
|
|
| Field | Value |
|
|
+--------------+----------------------------------------------+
|
|
| enabled | True |
|
|
| id | 12bfd36f26694c97813f665707114e0d |
|
|
| interface | public |
|
|
| region | RegionOne |
|
|
| region_id | RegionOne |
|
|
| service_id | 75ef509da2c340499d454ae96a2c5c34 |
|
|
| service_name | swift |
|
|
| service_type | object-store |
|
|
| url | http://controller:8080/v1/AUTH_%(tenant_id)s |
|
|
+--------------+----------------------------------------------+
|
|
|
|
$ openstack endpoint create --region RegionOne \
|
|
object-store internal http://controller:8080/v1/AUTH_%\(tenant_id\)s
|
|
+--------------+----------------------------------------------+
|
|
| Field | Value |
|
|
+--------------+----------------------------------------------+
|
|
| enabled | True |
|
|
| id | 7a36bee6733a4b5590d74d3080ee6789 |
|
|
| interface | internal |
|
|
| region | RegionOne |
|
|
| region_id | RegionOne |
|
|
| service_id | 75ef509da2c340499d454ae96a2c5c34 |
|
|
| service_name | swift |
|
|
| service_type | object-store |
|
|
| url | http://controller:8080/v1/AUTH_%(tenant_id)s |
|
|
+--------------+----------------------------------------------+
|
|
|
|
$ openstack endpoint create --region RegionOne \
|
|
object-store admin http://controller:8080/v1
|
|
+--------------+----------------------------------+
|
|
| Field | Value |
|
|
+--------------+----------------------------------+
|
|
| enabled | True |
|
|
| id | ebb72cd6851d4defabc0b9d71cdca69b |
|
|
| interface | admin |
|
|
| region | RegionOne |
|
|
| region_id | RegionOne |
|
|
| service_id | 75ef509da2c340499d454ae96a2c5c34 |
|
|
| service_name | swift |
|
|
| service_type | object-store |
|
|
| url | http://controller:8080/v1 |
|
|
+--------------+----------------------------------+
|
|
|