Scribd
Upload
26 views10 pages

OpenStack Victoria Lesson 3

This document outlines a lesson on the Keystone project in OpenStack. It describes Keystone's role in providing identity, token, catalog, and policy services. It defines key concepts used by Keystone like projects, domains, users, roles, tokens, and the catalog. It also provides an overview of Keystone's token provider, database backend, commands, and user interface. The lesson concludes with assigning students a homework task to interact with Keystone and capture screenshots.

Uploaded by

Cá Xấu
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
26 views10 pages

OpenStack Victoria Lesson 3

This document outlines a lesson on the Keystone project in OpenStack. It describes Keystone's role in providing identity, token, catalog, and policy services. It defines key concepts used by Keystone like projects, domains, users, roles, tokens, and the catalog. It also provides an overview of Keystone's token provider, database backend, commands, and user interface. The lesson concludes with assigning students a homework task to interact with Keystone and capture screenshots.

Uploaded by

Cá Xấu
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 10

12/11/2020

Outline
1. What is Cloud computing & OpenStack

2. LAB1: Install OpenStack with DevStack

3. Project Keystone

4. Project Glance

5. LAB2: Install manual OpenStack (1)

6. Project Nova & Placement

7. Project Neutron (1)

8. Project Neutron (2)

9. LAB3: Install manual OpenStack (2)

10. Project Cinder

11. Project Horizon

12. LAB4: Install manual OpenStack (3)

51 © Copyright 2020 ITFORVN.


51

51

Lesson 3
Project Keystone
Trình bày: Nguyễn Trọng Tấn

52

1
12/11/2020

Mục tiêu

1. Nắm được chức năng, nhiệm vụ, kiến trúc của Keystone

53 © Copyright 2020 ITFORVN.


53

53

Keystone
Overview

Keystone is an OpenStack project that provides


identity, token, catalog and policy services. It’s a
shared service for authentication and authorization
broker between OpenStack and other identity
services.

Keystone – identity service

https://superuser.openstack.org/articles/openstack-keystone-project-update-denver/

54 © Copyright 2020 ITFORVN.


54

54

2
12/11/2020

Keystone
Overview

55 © Copyright 2020 ITFORVN.


55

55

Keystone
Concepts

 Project: A Project is an abstraction used by other OpenStack


services to group and isolate resources (e.g., servers, images,
etc.)

 Domain: A domain provide the ability to isolate the visibility


of a set of Projects and Users (and User Groups) to a specific
organization

 Users and User groups (actor): Groups are a collection


of Users. Users are individuals who will end up using your cloud

 Roles: Roles are used in Keystone to convey a sense of


Authorization

 Assignment: The combination of an actor, a


project/domain, and a role.

https://leftasexercise.com/2020/02/03/openstack-keystone-installation-and-overview/
56 © Copyright 2020 ITFORVN.
56

56

3
12/11/2020

Keystone
Concepts

 Token: A user calls any OpenStack API they need to prove who they are. Keystone is the OpenStack service
responsible for generating these tokens

 Catalog: The service catalog is essential for an OpenStack cloud. It contains the URLs and endpoints of the
different Cloud services

https://www.oreilly.com/library/view/identity-authentication-and/9781491941249/ch01.html

57 © Copyright 2020 ITFORVN.


57

57

Keystone
Token provider

https://github.com/hungnt1/Openstack_Research/blob/master/Keystone/7.%20Token-Keystone.md

58 © Copyright 2020 ITFORVN.


58

58

4
12/11/2020

Keystone
Fernet Tokens

https://github.com/hocchudong/thuctap012017/blob/master/DucPX/OpenStack/Keystone/docs/Token_Format.md
59 © Copyright 2020 ITFORVN.
59

59

Keystone
DB Backend

60 © Copyright 2020 ITFORVN.


60

60

5
12/11/2020

Keystone
Command

$ openstack token issue

$ openstack user list

$ openstack user show admin

$ openstack role assignment list --user admin -f json

$ openstack project list

$ openstack role list

$ openstack service list -f json

$ openstack endpoint list --service identity -f json

$ openstack catalog list

61 © Copyright 2020 ITFORVN.


61

61

Keystone
Keystone UI

62 © Copyright 2020 ITFORVN.


62

62

6
12/11/2020

Keystone
Keystone UI

63 © Copyright 2020 ITFORVN.


63

63

Keystone
Keystone UI

64 © Copyright 2020 ITFORVN.


64

64

7
12/11/2020

Keystone
Keystone UI

65 © Copyright 2020 ITFORVN.


65

65

Keystone
Keystone UI

66 © Copyright 2020 ITFORVN.


66

66

8
12/11/2020

Keystone
Keystone UI

67 © Copyright 2020 ITFORVN.


67

67

Tổng kết

• Project KeyStone

68 © Copyright 2020 ITFORVN.


68

68

9
12/11/2020

Bài tập
Thời gian làm bài: 40h
Hình thức nộp bài: Chụp ảnh màn hình  lưu ra file pdf
Nộp bài qua: portal.itforvn.com
Bài tập:
 Chạy lệnh tương tác với keystone theo hướng dẫn trong slide

 Tạo project, user mang tên của bạn trên giao diện. Ví dụ: tannt

 Chụp ảnh màn hình:

1. Kết quả các lệnh “list” về: user, project, role, service, endpoint, catalog

2. Thông tin về project, user mới tạo trên horizon

69 © Copyright 2020 ITFORVN.


69

69

Thank you

IMPORTANT NOTICE
The content of this presentation is strictly confidential. ITFORVN is the exclusive owner or licensee of the content, material, and information in this presentation.
Any reproduction, publication or reprint, in whole or in part, is strictly prohibited.

The information in this presentation may not be accurate, complete or up to date, and is provided without warranties or representations of any kind, either express or implied.
ITFORVN shall not be responsible for and disclaims any liability for any loss or damages, including without limitation, direct, indirect, incidental, consequential and special damages,
alleged to have been caused by or in connection with using and/or relying on the information contained in this presentation.

Copyright © for the entire content of this presentation: ITFORVN.


70 © Copyright 2020 ITFORVN.
70

70

10

You might also like