openstack/openstack-manuals
Code Issues Proposed changes

Use openstack rather than keystone

Browse Source 
The keystone command is deprecated and should be not used in the
examples. The openstack command is the replacement.

The openstack command has handy options for extracting fields
so some of the commands were simplified.

The openstack command can use names when creating role
assignments and since this is more user-friendly the examples
were changed to use names rather than IDs.

Change-Id: Ic118284183001d10322cf357314672c5d98856a3
This commit is contained in:
Brant Knudson 2015-07-12 08:12:22 -05:00
parent 466d3b49c5
commit 147068841a
4 changed files with 70 additions and 80 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
doc/user-guide-admin/source/cli_cinder_quotas.rst
View File

@ -83,7 +83,7 @@ service quotas.
#. To update Block Storage service quotas, place
the tenant ID in a variable::
$ tenant=$(keystone tenant-list | awk '/tenantName/ {print $2}')
$ tenant=$(openstack project show -f value -c id tenantName)
#. Update a particular quota value::

104
doc/user-guide-admin/source/cli_keystone_manage_services.rst
View File

@ -39,21 +39,24 @@ Create a service
.. code::
$ keystone service-list
+----------------------------------+----------+----------+---------------------------+
| id | name | type | description |
+----------------------------------+----------+----------+---------------------------+
| 9816f1faaa7c4842b90fb4821cd09223 | cinder | volume | Cinder Volume Service |
| da8cf9f8546b4a428c43d5e032fe4afc | ec2 | ec2 | EC2 Compatibility Layer |
| 5f105eeb55924b7290c8675ad7e294ae | glance | image | Glance Image Service |
| dcaa566e912e4c0e900dc86804e3dde0 | keystone | identity | Keystone Identity Service |
| 4a715cfbc3664e9ebf388534ff2be76a | nova | compute | Nova Compute Service |
| 6feb2e0b98874d88bee221974770e372 | s3 | s3 | S3 |
+----------------------------------+----------+----------+---------------------------+
$ openstack service list
+----------------------------------+----------+------------+
| ID | Name | Type |
+----------------------------------+----------+------------+
| 9816f1faaa7c4842b90fb4821cd09223 | cinder | volume |
| 1250f64f31e34dcd9a93d35a075ddbe1 | cinderv2 | volumev2 |
| da8cf9f8546b4a428c43d5e032fe4afc | ec2 | ec2 |
| 5f105eeb55924b7290c8675ad7e294ae | glance | image |
| dcaa566e912e4c0e900dc86804e3dde0 | keystone | identity |
| 4a715cfbc3664e9ebf388534ff2be76a | nova | compute |
| 1aed4a6cf7274297ba4026cf5d5e96c5 | novav21 | computev21 |
| bed063c790634c979778551f66c8ede9 | neutron | network |
| 6feb2e0b98874d88bee221974770e372 | s3 | s3 |
+----------------------------------+----------+------------+
#. To create a service, run this command::
$ keystone service-create --name SERVICE_NAME --type SERVICE_TYPE --description SERVICE-DESCRIPTION
$ openstack service create --name SERVICE_NAME --description SERVICE_DESCRIPTION SERVICE_TYPE
The arguments are:
- ``service_name``: the unique name of the new service.
@ -67,34 +70,34 @@ Create a service
.. code::
$ keystone service-create --name swift --type object-store --description "object store service"
$ openstack service create --name swift --description "object store service" object-store
+-------------+----------------------------------+
| Property | Value |
| Field | Value |
+-------------+----------------------------------+
| description | object store service |
| enabled | True |
| id | 84c23f4b942c44c38b9c42c5e517cd9a |
| name | swift |
| type | object-store |
| description | object store service |
| enabled | True |
| id | 84c23f4b942c44c38b9c42c5e517cd9a |
| name | swift |
| type | object-store |
+-------------+----------------------------------+
#. To get details for a service, run this command::
$ keystone service-get SERVICE_ID
$ openstack service show SERVICE_TYPE|SERVICE_NAME|SERVICE_ID
For example:
.. code::
$ keystone service-get 84c23f4b942c44c38b9c42c5e517cd9a
$ openstack service show object-store
+-------------+----------------------------------+
| Property | Value |
| Field | Value |
+-------------+----------------------------------+
| description | object store service |
| enabled | True |
| id | 84c23f4b942c44c38b9c42c5e517cd9a |
| name | swift |
| type | object-store |
| description | object store service |
| enabled | True |
| id | 84c23f4b942c44c38b9c42c5e517cd9a |
| name | swift |
| type | object-store |
+-------------+----------------------------------+
Create service users
@ -104,56 +107,43 @@ Create service users
Typically, this project is named ``service``,
but choose any name you like::
$ keystone tenant-create --name service
The output shows the ID for the project.
Make a note of this ID. You need it to create
service users and assign roles.
$ openstack project create service
.. code::
+-------------+----------------------------------+
| Property | Value |
| Field | Value |
+-------------+----------------------------------+
| description | |
| enabled | True |
| id | 3e9f3f5399624b2db548d7f871bd5322 |
| name | service |
| description | None |
| enabled | True |
| id | 3e9f3f5399624b2db548d7f871bd5322 |
| name | service |
+-------------+----------------------------------+
#. Create service users for the relevant services for your
deployment.
#. To assign the admin role to the service user-project pairs,
run this command to get the ID of the admin role:
#. Assign the admin role to the user-project pair::
$ openstack role add --project service --user SERVICE_USER_NAME admin
.. code::
$ keystone role-list
+----------------------------------+---------------+
| id | name |
+----------------------------------+---------------+
| 71ccc37d41c8491c975ae72676db687f | Member |
| 149f50a1fe684bfa88dae76a48d26ef7 | ResellerAdmin |
| 9fe2ff9ee4384b1894a90878d3e92bab | _member_ |
| 6ecf391421604da985db2f141e46a7c8 | admin |
| deb4fffd123c4d02a907c2c74559dccf | anotherrole |
| bef1f95537914b1295da6aa038ef4de6 | new-role |
+----------------------------------+---------------+
#. Assign the admin role to the user-project pair::
$ keystone user-role-add --user SERVICE_USER_ID --role ADMIN_ROLE_ID --tenant SERVICE_PROJECT_ID
+-------+----------------------------------+
| Field | Value |
+-------+----------------------------------+
| id | 233109e756c1465292f31e7662b429b1 |
| name | admin |
+-------+----------------------------------+
Delete a service
~~~~~~~~~~~~~~~~
To delete a specified service, specify its ID::
$ keystone service-delete SERVICE_ID
$ openstack service delete SERVICE_TYPE|SERVICE_NAME|SERVICE_ID
For example:
.. code::
$ keystone service-delete 84c23f4b942c44c38b9c42c5e517cd9a
$ openstack service delete object-store

12
doc/user-guide-admin/source/cli_set_compute_quotas.rst
View File

@ -83,7 +83,7 @@ To view quota values for an existing tenant (project)
#. Place the tenant ID in a usable variable, as follows::
$ tenant=$(keystone tenant-list | awk '/TENANT_NAME/ {print $2}')
$ tenant=$(openstack project show -f value -c id TENANT_NAME)
#. List the currently set quota values for a tenant, as follows::
@ -113,7 +113,7 @@ To update quota values for an existing tenant (project)
-------------------------------------------------------
#. Obtain the tenant ID, as follows::
$ tenant=$(keystone tenant-list | awk '/TENANT_NAME/ {print $2}')
$ tenant=$(openstack project show -f value -c id TENANT_NAME)
#. Update a particular quota value, as follows::
@ -150,11 +150,11 @@ To view quota values for a tenant user
--------------------------------------
#. Place the user ID in a usable variable, as follows::
$ tenantUser=$(keystone user-list | awk '/USER_NAME/ {print $2}')
$ tenantUser=$(openstack user show -f value -c id USER_NAME)
#. Place the user's tenant ID in a usable variable, as follows::
$ tenant=$(keystone tenant-list | awk '/TENANT_NAME/ {print $2}')
$ tenant=$(openstack project show -f value -c id TENANT_NAME)
#. List the currently set quota values for a tenant user, as follows::
@ -184,11 +184,11 @@ To update quota values for a tenant user
----------------------------------------
#. Place the user ID in a usable variable, as follows::
$ tenantUser=$(keystone user-list | awk '/USER_NAME/ {print $2}')
$ tenantUser=$(openstack user show -f value -c id USER_NAME)
#. Place the user's tenant ID in a usable variable, as follows::
$ tenant=$(keystone tenant-list | awk '/USER_NAME/ {print $2}')
$ tenant=$(openstack project show -f value -c id TENANT_NAME)
#. Update a particular quota value, as follows::

32
doc/user-guide-admin/source/cli_set_quotas.rst
View File

@ -20,25 +20,25 @@ node.
.. note::
To view all tenants (projects), run::
$ keystone tenant-list
+----------------------------------+----------+---------+
| id | name | enabled |
+----------------------------------+----------+---------+
| e66d97ac1b704897853412fc8450f7b9 | admin | True |
| bf4a37b885fe46bd86e999e50adad1d3 | services | True |
| 21bd1c7c95234fd28f589b60903606fa | tenant01 | True |
| f599c5cd1cba4125ae3d7caed08e288c | tenant02 | True |
+----------------------------------+----------+---------+
$ openstack project list
+----------------------------------+----------+
| ID | Name |
+----------------------------------+----------+
| e66d97ac1b704897853412fc8450f7b9 | admin |
| bf4a37b885fe46bd86e999e50adad1d3 | services |
| 21bd1c7c95234fd28f589b60903606fa | tenant01 |
| f599c5cd1cba4125ae3d7caed08e288c | tenant02 |
+----------------------------------+----------+
To display all current users for a tenant, run::
$ keystone user-list --tenant-id tenantID
+----------------------------------+--------+---------+-------+
| id | name | enabled | email |
+----------------------------------+--------+---------+-------+
| ea30aa434ab24a139b0e85125ec8a217 | demo00 | True | |
| 4f8113c1d838467cad0c2f337b3dfded | demo01 | True | |
+----------------------------------+--------+---------+-------+
$ openstack user list --project PROJECT_NAME
+----------------------------------+--------+
| ID | Name |
+----------------------------------+--------+
| ea30aa434ab24a139b0e85125ec8a217 | demo00 |
| 4f8113c1d838467cad0c2f337b3dfded | demo01 |
+----------------------------------+--------+
.. toctree::