http://adam.younglogic.com/2013/09/keystone-v3-api-examples/
https://github.com/openstack/identity-api/blob/master/openstack-identity-api/v3/src/markdown/identity-api-v3.md
a)
Export the IP of OpenStack host
OPSENSTACK_HOST="192.168.56.101"
b)
#### Get token ####
#export TOKEN=`curl -si -d @keystone_auth_admin_cred.json -H "Content-type: application/json" http://$OPSENSTACK_HOST:35357/v3/auth/tokens | awk '/X-Subject-Token/ {print $2}'`
#### keystone_auth_admin_cred.json ####
{
"auth": {
"identity": {
"methods": [
"password"
],
"password": {
"user": {
"domain": {
"name": "Default"
},
"name": "admin",
"password": "password"
}
}
},
"scope": {
"project": {
"domain": {
"name": "Default"
},
"name": "demo"
}
}
}
}
b)
#### Check token ####
#echo $TOKEN
c)
#### List all users ####
##Port 35357
#curl -si -H"X-Auth-Token:$TOKEN" -H "Content-type: application/json" http://$OPSENSTACK_HOST:35357/v3/users
or
##Port 5000
#curl -si -H"X-Auth-Token:$TOKEN" -H "Content-type: application/json" http://$OPSENSTACK_HOST:5000/v3/users
d)
##Get all projects
#curl -si -H"X-Auth-Token:$TOKEN" -H "Content-type: application/json" http://$OPSENSTACK_HOST:5000/v3/projects
e)
##Get all domains
#curl -si -H"X-Auth-Token:$TOKEN" -H "Content-type: application/json" http://$OPSENSTACK_HOST:5000/v3/domains
f)
##Get all roles
#curl -si -H"X-Auth-Token:$TOKEN" -H "Content-type: application/json" http://$OPSENSTACK_HOST:5000/v3/roles
g)
Create User
#curl -si -H"X-Auth-Token:$TOKEN" -H "Content-type: application/json" http://$OPSENSTACK_HOST:35357/v3/users -d @keystone_create_user_cred.json
h)
Grant role to user on domain
#curl -si -X "PUT" -H"X-Auth-Token:$TOKEN" -H "Content-type: application/json" http://$OPSENSTACK_HOST:35357/v3/domains/default/users/a007766b3e1747f89548bf5bf517f05c/roles/b4a1700504ef4250af9feed3d892aba1
i)
Grant role to user on project.
* After this we will not get the error "You are not authorized for any projects" while login.
#curl -si -X "PUT" -H"X-Auth-Token:$TOKEN" -H "Content-type: application/json" http://$OPSENSTACK_HOST:35357/v3/projects/18dc2ae781034460a683eb9ca68a7b9c/users/a007766b3e1747f89548bf5bf517f05c/roles/b4a1700504ef4250af9feed3d892aba1
j)
mysql> use keystone
mysql> select id, name from project;
mysql> select id, name from domain;
mysql> select id, name from role;
mysql> select id, name from group;
https://github.com/openstack/identity-api/blob/master/openstack-identity-api/v3/src/markdown/identity-api-v3.md
a)
Export the IP of OpenStack host
OPSENSTACK_HOST="192.168.56.101"
b)
#### Get token ####
#export TOKEN=`curl -si -d @keystone_auth_admin_cred.json -H "Content-type: application/json" http://$OPSENSTACK_HOST:35357/v3/auth/tokens | awk '/X-Subject-Token/ {print $2}'`
#### keystone_auth_admin_cred.json ####
{
"auth": {
"identity": {
"methods": [
"password"
],
"password": {
"user": {
"domain": {
"name": "Default"
},
"name": "admin",
"password": "password"
}
}
},
"scope": {
"project": {
"domain": {
"name": "Default"
},
"name": "demo"
}
}
}
}
b)
#### Check token ####
#echo $TOKEN
c)
#### List all users ####
##Port 35357
#curl -si -H"X-Auth-Token:$TOKEN" -H "Content-type: application/json" http://$OPSENSTACK_HOST:35357/v3/users
or
##Port 5000
#curl -si -H"X-Auth-Token:$TOKEN" -H "Content-type: application/json" http://$OPSENSTACK_HOST:5000/v3/users
d)
##Get all projects
#curl -si -H"X-Auth-Token:$TOKEN" -H "Content-type: application/json" http://$OPSENSTACK_HOST:5000/v3/projects
e)
##Get all domains
#curl -si -H"X-Auth-Token:$TOKEN" -H "Content-type: application/json" http://$OPSENSTACK_HOST:5000/v3/domains
f)
##Get all roles
#curl -si -H"X-Auth-Token:$TOKEN" -H "Content-type: application/json" http://$OPSENSTACK_HOST:5000/v3/roles
g)
Create User
#curl -si -H"X-Auth-Token:$TOKEN" -H "Content-type: application/json" http://$OPSENSTACK_HOST:35357/v3/users -d @keystone_create_user_cred.json
h)
Grant role to user on domain
#curl -si -X "PUT" -H"X-Auth-Token:$TOKEN" -H "Content-type: application/json" http://$OPSENSTACK_HOST:35357/v3/domains/default/users/a007766b3e1747f89548bf5bf517f05c/roles/b4a1700504ef4250af9feed3d892aba1
i)
Grant role to user on project.
* After this we will not get the error "You are not authorized for any projects" while login.
#curl -si -X "PUT" -H"X-Auth-Token:$TOKEN" -H "Content-type: application/json" http://$OPSENSTACK_HOST:35357/v3/projects/18dc2ae781034460a683eb9ca68a7b9c/users/a007766b3e1747f89548bf5bf517f05c/roles/b4a1700504ef4250af9feed3d892aba1
j)
mysql> use keystone
mysql> select id, name from project;
mysql> select id, name from domain;
mysql> select id, name from role;
mysql> select id, name from group;
No comments:
Post a Comment