{"id":228,"date":"2015-09-07T09:59:36","date_gmt":"2015-09-07T09:59:36","guid":{"rendered":"http:\/\/onlinelab.info\/?p=228"},"modified":"2015-09-07T09:59:36","modified_gmt":"2015-09-07T09:59:36","slug":"openstack-kilo-on-ubuntu-14-04-2-configure-keystone-2","status":"publish","type":"post","link":"https:\/\/www.asianux.org.vn\/index.php\/2015\/09\/07\/openstack-kilo-on-ubuntu-14-04-2-configure-keystone-2\/","title":{"rendered":"OpenStack Kilo on Ubuntu 14.04.2 \u2013 Configure KeyStone #2"},"content":{"rendered":"<figure id=\"attachment_8807\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-8807\" src=\"http:\/\/www.itzgeek.com\/wp-content\/uploads\/2015\/06\/OpenStack-Logo.png\" alt=\"OpenStack Logo\" width=\"200\" height=\"200\" title=\"\"><figcaption class=\"wp-caption-text\">OpenStack Logo<\/figcaption><\/figure>\n<p>This is guide takes you to the second part of configuring OpenStack identity service on controller node, you can also go through the previous article on <a href=\"http:\/\/www.itzgeek.com\/how-tos\/linux\/ubuntu-how-tos\/openstack-kilo-on-ubuntu-14-04-2-configure-keystone-1.html\" target=\"_blank\" rel=\"noopener\">configuring KeyStone #1<\/a>. Here we will be covering service entity and API end point creations.<\/p>\n<h2>Create the service entity and API endpoint:<\/h2>\n<p>To create the service entity and API endpoint, we have to export below variables to pass the value of authentication token.<\/p>\n<pre># export OS_TOKEN=<em><strong>43405b090eda983ddde2<\/strong>\u00a0 <\/em><strong>## Replace this token<em> (43405b090eda983ddde2 ) with OS_TOEKEN value from keystone.conf file.<\/em><\/strong><\/pre>\n<pre># export OS_URL=http:\/\/<strong><em>controller<\/em><\/strong>:35357\/v2.0\u00a0 <strong>## Replace controller with your controller ip.<\/strong><\/pre>\n<p>Create the service entity for the Identity service.<\/p>\n<pre># openstack service create --name keystone --description \"OpenStack Identity\" identity\n\n+-------------+----------------------------------+\n| Field\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 | Value\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n+-------------+----------------------------------+\n| description | OpenStack Identity\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n| enabled\u00a0\u00a0\u00a0\u00a0 | True\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n| id\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 | c65841b4f8df478cbc19524c09fd9724 |\n| name\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 | keystone\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n| type\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 | identity\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n+-------------+----------------------------------+<\/pre>\n<p>Verify the service.<\/p>\n<pre># openstack service list\n+----------------------------------+----------+----------+\n| ID\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 | Name\u00a0\u00a0\u00a0\u00a0 | Type\u00a0\u00a0\u00a0\u00a0 |\n+----------------------------------+----------+----------+\n| c65841b4f8df478cbc19524c09fd9724 | keystone | identity |\n+----------------------------------+----------+----------+<\/pre>\n<p>Create the identity service API endpoint.<\/p>\n<pre># openstack endpoint create \\\n--publicurl http:\/\/controller:5000\/v2.0 \\\n--internalurl http:\/\/controller:5000\/v2.0 \\\n--adminurl http:\/\/controller:35357\/v2.0 \\\n--region RegionOne \\\nidentity\n+--------------+----------------------------------+\n| Field\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 | Value\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n+--------------+----------------------------------+\n| adminurl\u00a0\u00a0\u00a0\u00a0 | http:\/\/controller:35357\/v2.0\u00a0\u00a0\u00a0\u00a0 |\n| id\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 | f402a9389d474c13a97a78a30f13c6e5 |\n| internalurl\u00a0 | http:\/\/controller:5000\/v2.0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n| publicurl\u00a0\u00a0\u00a0 | http:\/\/controller:5000\/v2.0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n| region\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 | RegionOne\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n| service_id\u00a0\u00a0 | c65841b4f8df478cbc19524c09fd9724 |\n| service_name | keystone\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n| service_type | identity\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n+--------------+----------------------------------+<\/pre>\n<p>Verify the endpoint details.<\/p>\n<pre># openstack endpoint list\n+----------------------------------+-----------+--------------+--------------+\n| ID\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 | Region\u00a0\u00a0\u00a0 | Service Name | Service Type |\n+----------------------------------+-----------+--------------+--------------+\n| f402a9389d474c13a97a78a30f13c6e5 | RegionOne | keystone\u00a0\u00a0\u00a0\u00a0 | identity\u00a0\u00a0\u00a0\u00a0 |\n+----------------------------------+-----------+--------------+--------------+<\/pre>\n<h2>Create projects, users, and roles:<\/h2>\n<p>Create a admin project, user and role for administration, we will use default domain for simplicity.<\/p>\n<p>Create the admin project.<\/p>\n<pre># openstack project create --description \"Admin Project\" admin\n+-------------+----------------------------------+\n| Field\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 | Value\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n+-------------+----------------------------------+\n| description | Admin Project\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n| enabled\u00a0\u00a0\u00a0\u00a0 | True\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n| id\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 | 9b05e6bffdb94c8081d665561d05e31e |\n| name\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 | admin\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n+-------------+----------------------------------+<\/pre>\n<p>Create the admin user.<\/p>\n<pre># openstack user create --password-prompt admin\nUser Password:\nRepeat User Password:\n+----------+----------------------------------+\n| Field\u00a0\u00a0\u00a0 | Value\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n+----------+----------------------------------+\n| email\u00a0\u00a0\u00a0 | None\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n| enabled\u00a0 | True\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n| id\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 | 127a9a6b822a4e3eba69fa54128873cd |\n| name\u00a0\u00a0\u00a0\u00a0 | admin\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n| username | admin\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n+----------+----------------------------------+<\/pre>\n<p>Create the admin role.<\/p>\n<pre># openstack role create admin\n+-------+----------------------------------+\n| Field | Value\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n+-------+----------------------------------+\n| id\u00a0\u00a0\u00a0 | 33af4f957aa34cc79451c23bf014af6f |\n| name\u00a0 | admin\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n+-------+----------------------------------+<\/pre>\n<p>Add admin role to admin project and user.<\/p>\n<pre># openstack role add --project admin --user admin admin\n+-------+----------------------------------+\n| Field | Value\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n+-------+----------------------------------+\n| id\u00a0\u00a0\u00a0 | 33af4f957aa34cc79451c23bf014af6f |\n| name\u00a0 | admin\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n+-------+----------------------------------+<\/pre>\n<p>Create the service project.<\/p>\n<pre># openstack project create --description \"Service Project\" service\n+-------------+----------------------------------+\n| Field\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 | Value\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n+-------------+----------------------------------+\n| description | Service Project\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n| enabled\u00a0\u00a0\u00a0\u00a0 | True\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n| id\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 | 39e1b9944e564ceb9e71c98623b676cd |\n| name\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 | service\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n+-------------+----------------------------------+<\/pre>\n<p>Create the demo project to use for normal user.<\/p>\n<pre>#\u00a0 openstack project create --description \"Demo Project\" demo\n+-------------+----------------------------------+\n| Field\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 | Value\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n+-------------+----------------------------------+\n| description | Demo Project\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n| enabled\u00a0\u00a0\u00a0\u00a0 | True\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n| id\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 | 909c4d7219c14a63aa0ef6f1ece18546 |\n| name\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 | demo\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n+-------------+----------------------------------+<\/pre>\n<p>Create the demo user.<\/p>\n<pre># openstack user create --password-prompt demo\nUser Password:\nRepeat User Password:\n+----------+----------------------------------+\n| Field\u00a0\u00a0\u00a0 | Value\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n+----------+----------------------------------+\n| email\u00a0\u00a0\u00a0 | None\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n| enabled\u00a0 | True\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n| id\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 | 453ce23fa9f347b5baa53210aff7f207 |\n| name\u00a0\u00a0\u00a0\u00a0 | demo\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n| username | demo\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n+----------+----------------------------------+<\/pre>\n<p>Create the user role.<\/p>\n<pre># openstack role create user\n+-------+----------------------------------+\n| Field | Value\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n+-------+----------------------------------+\n| id\u00a0\u00a0\u00a0 | fa78c101a7ed40b19de219e7d3eeda62 |\n| name\u00a0 | user\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n+-------+----------------------------------+<\/pre>\n<p>Add the user role to demo project and user.<\/p>\n<pre># openstack role add --project demo --user demo user\n+-------+----------------------------------+\n| Field | Value\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n+-------+----------------------------------+\n| id\u00a0\u00a0\u00a0 | fa78c101a7ed40b19de219e7d3eeda62 |\n| name\u00a0 | user\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 |\n+-------+----------------------------------+<\/pre>\n<h2>Verify operation:<\/h2>\n<pre># openstack project list\n+----------------------------------+---------+\n| ID\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 | Name\u00a0\u00a0\u00a0 |\n+----------------------------------+---------+\n| 39e1b9944e564ceb9e71c98623b676cd | service |\n| 909c4d7219c14a63aa0ef6f1ece18546 | demo\u00a0\u00a0\u00a0 |\n| 9b05e6bffdb94c8081d665561d05e31e | admin\u00a0\u00a0 |\n+----------------------------------+---------+<\/pre>\n<pre># openstack user list\n+----------------------------------+-------+\n| ID\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 | Name\u00a0 |\n+----------------------------------+-------+\n| 127a9a6b822a4e3eba69fa54128873cd | admin |\n| 453ce23fa9f347b5baa53210aff7f207 | demo\u00a0 |\n+----------------------------------+-------+<\/pre>\n<pre># openstack role list\n+----------------------------------+-------+\n| ID\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 | Name\u00a0 |\n+----------------------------------+-------+\n| 33af4f957aa34cc79451c23bf014af6f | admin |\n| fa78c101a7ed40b19de219e7d3eeda62 | user\u00a0 |\n+----------------------------------+-------+<\/pre>\n<p>Verify operation with role based access, to do that unset the exported variables.<\/p>\n<pre># unset OS_TOKEN OS_URL<\/pre>\n<p>Execute the following command to list the roles as admin\u00a0 user.<\/p>\n<pre># openstack --os-auth-url http:\/\/controller:35357 --os-project-name admin --os-username admin --os-auth-type password\u00a0 role list\nPassword:\n+----------------------------------+-------+\n| ID\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 | Name\u00a0 |\n+----------------------------------+-------+\n| 33af4f957aa34cc79451c23bf014af6f | admin |\n| fa78c101a7ed40b19de219e7d3eeda62 | user\u00a0 |\n+----------------------------------+-------+<\/pre>\n<p>Execute the following command to list the roles as demo user, you should get below error.<\/p>\n<pre># openstack --os-auth-url http:\/\/controller:35357 --os-project-name demo --os-username demo --os-auth-type password role list\nPassword:\nERROR: openstack You are not authorized to perform the requested action: admin_required (HTTP 403) (Request-ID: req-143ee967-4a26-4474-bf88-0b660354869d)<\/pre>\n<p>That\u2019s all, you have successfully configured KeyStone on Ubuntu 14.04.2<\/p>\n","protected":false},"excerpt":{"rendered":"<p>OpenStack Logo This is guide takes you to the second part of configuring OpenStack identity service on controller node, you can also go through the previous article on configuring KeyStone #1. Here we will be&hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11],"tags":[],"class_list":["post-228","post","type-post","status-publish","format-standard","hentry","category-virtualization"],"_links":{"self":[{"href":"https:\/\/www.asianux.org.vn\/index.php\/wp-json\/wp\/v2\/posts\/228","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.asianux.org.vn\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.asianux.org.vn\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.asianux.org.vn\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.asianux.org.vn\/index.php\/wp-json\/wp\/v2\/comments?post=228"}],"version-history":[{"count":0,"href":"https:\/\/www.asianux.org.vn\/index.php\/wp-json\/wp\/v2\/posts\/228\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.asianux.org.vn\/index.php\/wp-json\/wp\/v2\/media?parent=228"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.asianux.org.vn\/index.php\/wp-json\/wp\/v2\/categories?post=228"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.asianux.org.vn\/index.php\/wp-json\/wp\/v2\/tags?post=228"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}