From 50b153486274e5eff9549c55237129747723b51d Mon Sep 17 00:00:00 2001 From: Matthew Kassawara Date: Sat, 5 Jul 2014 01:29:27 +0000 Subject: [PATCH] Improve install guide keystone service section Improve the keystone service section of the installation guide as follows: 1) Clarify instructions. 2) Adjust titles. Change-Id: Ib359e699b3a3cb3e2bdd4d666e4e240bf642875a Implements: blueprint installation-guide-improvements --- .../section_keystone-services.xml | 91 ++++++++++++------- 1 file changed, 56 insertions(+), 35 deletions(-) diff --git a/doc/install-guide/section_keystone-services.xml b/doc/install-guide/section_keystone-services.xml index d5c8f66917f..b568f53152c 100644 --- a/doc/install-guide/section_keystone-services.xml +++ b/doc/install-guide/section_keystone-services.xml @@ -1,58 +1,79 @@ +
- Define services and API endpoints + xmlns:xi="http://www.w3.org/2001/XInclude" + xmlns:xlink="http://www.w3.org/1999/xlink" + version="5.0" + xml:id="keystone-services" os="ubuntu;rhel;centos;fedora;sles;opensuse"> + Create the service entity and API endpoint + After you create tenants, users, and roles, you must create the + service entity and + API endpoint for the Identity service. + To configure prerequisites - Register the identity service itself using the - OS_SERVICE_TOKEN environment variable, as set - previously, for authentication. + Set the OS_SERVICE_TOKEN and + OS_SERVICE_ENDPOINT environment variables, as described + in . + + + To create the service entity and API endpoint - Create a service entry for the Identity Service: - $ keystone service-create --name=keystone --type=identity \ + The Identity service manages a catalog of services in your + OpenStack environment. Services use this catalog to locate other + services in your environment. + Create the service entity for the Identity service: + $ keystone service-create --name keystone --type identity \ --description="OpenStack Identity" +-------------+----------------------------------+ | Property | Value | +-------------+----------------------------------+ -| description | OpenStack Identity | +| description | OpenStack Identity | | id | 15c11a23667e427e91bc31335b45f4bd | -| name | keystone | -| type | identity | +| name | keystone | +| type | identity | +-------------+----------------------------------+ - The service ID is randomly generated and is different from - the one shown here. + + Because OpenStack generates IDs dynamically, you will see + different values from this example command output. + - Specify an API endpoint for the Identity Service by using - the returned service ID. When you specify an endpoint, you - provide URLs for the public API, internal API, and admin API. - In this guide, the controller host name is - used. Note that the Identity Service uses a different port for - the admin API. + The Identity service manages a catalog of API endpoints associated + with the services in your OpenStack environment. Services use this + catalog to determine how to communicate with other services in your + environment. + OpenStack provides three API endpoint variations for each service: + admin, internal, and public. In a production environment, the variants + might reside on separate networks that service different types of users + for security reasons. For simplicity, this configuration uses the + management network for all variations. + Create the API endpoint for the Identity service: $ keystone endpoint-create \ --service-id=$(keystone service-list | awk '/ identity / {print $2}') \ --publicurl=http://controller:5000/v2.0 \ --internalurl=http://controller:5000/v2.0 \ --adminurl=http://controller:35357/v2.0 -+-------------+-----------------------------------+ -| Property | Value | -+-------------+-----------------------------------+ -| adminurl | http://controller:35357/v2.0 | -| id | 11f9c625a3b94a3f8e66bf4e5de2679f | -| internalurl | http://controller:5000/v2.0 | -| publicurl | http://controller:5000/v2.0 | -| region | regionOne | -| service_id | 15c11a23667e427e91bc31335b45f4bd | -+-------------+-----------------------------------+ ++-------------+----------------------------------+ +| Property | Value | ++-------------+----------------------------------+ +| adminurl | http://controller:35357/v2.0 | +| id | 11f9c625a3b94a3f8e66bf4e5de2679f | +| internalurl | http://controller:5000/v2.0 | +| publicurl | http://controller:5000/v2.0 | +| region | regionOne | +| service_id | 15c11a23667e427e91bc31335b45f4bd | ++-------------+----------------------------------+ + + This command references the ID of the service that you created + in the previous step. + - - You will need to create an additional endpoint for each service - added to your OpenStack environment. The sections of this guide - associated with the installation of each service include the - endpoint creation step specific to the service. - + Each service that you add to your OpenStack environment requires + adding information such as API endpoints to the Identity service. The + sections of this guide that cover service installation include steps + to add the appropriate information to the Identity service.