Red Hat Summit Red Hat SummitSupportKonsoleEntwicklerDemo startenKontakt

Dieser Inhalt ist in der von Ihnen ausgewählten Sprache nicht verfügbar.

3.6. Create the Identity Service Endpoint

Once the Identity service has been started, its API endpoint must be defined. Some OpenStack services, including the dashboard, will not work unless this record is present.
All steps in this procedure must be performed on the Identity server, while logged in as the root user.

Procedure 3.10. Creating the Identity Service Endpoint

  1. Set up the shell to access Keystone as the admin user: 
    # source ~/keystonerc_admin
    Copy to Clipboard Toggle word wrap
  2. Set the OS_SERVICE_TOKEN environment variable to the administration token. This is done by reading the token file created when setting the administration token: 
    [(keystone_admin)]# export OS_SERVICE_TOKEN=`cat ~/ks_admin_token`
    Copy to Clipboard Toggle word wrap
  3. Set the OS_SERVICE_ENDPOINT environment variable to point to the server hosting the Identity service: 
    [(keystone_admin]# export OS_SERVICE_ENDPOINT='http://IP:35357/v2.0'
    Copy to Clipboard Toggle word wrap
    Replace IP with the IP address or host name of the Identity server.
  4. Create a service entry for the Identity service: 
    [(keystone_admin)]# keystone service-create --name=keystone --type=identity \
   --description="Keystone Identity service"
+-------------+----------------------------------+
|   Property  |              Value               |
+-------------+----------------------------------+
| description |     Keystone Identity service    |
| enabled     |               True               |
| id          | a8bff1db381f4751bd8ac126464511ae |
| name        |             keystone             |
| type        |             identity             |
+-------------+----------------------------------+
    Copy to Clipboard Toggle word wrap
  5. Create an endpoint entry for the v2.0 API Identity service: 
    [(keystone_admin)]# keystone endpoint-create \
   --service keystone \
   --publicurl 'https://IP:443/v2.0' \
   --adminurl 'https://IP:443/v2.0' \
   --internalurl 'https://IP:5000/v2.0' \
   --region 'RegionOne'
+-------------+----------------------------------+
|   Property  |              Value               |
+-------------+----------------------------------+
| adminurl    |       https://IP:443/keystone/admin       |
| id          | 1295011fdc874a838f702518e95a0e13 |
| internalurl |       https://IP:5000/v2.0        |
| publicurl   |       https://IP:443/keystone/main        |
| region      |             RegionOne            |
| service_id  |                 ID               |
+-------------+----------------------------------+
    Copy to Clipboard Toggle word wrap
    Replace IP with the IP address or host name of the Identity server.

    Note

    By default, the endpoint is created in the default region, RegionOne. If you need to specify a different region when creating an endpoint, use the --region argument.

3.6.1. Service Regions
Link kopieren

Each service cataloged in the Identity service is identified by its region, which typically represents a geographical location, and its endpoint. In a Red Hat OpenStack Platform environment with multiple Compute deployments, regions allow for the discrete separation of services, and are a robust way to share some infrastructure between Compute installations, while allowing for a high degree of failure tolerance.
Administrators determine which services are shared between regions and which services are used only with a specific region. By default, when an endpoint is defined and no region is specified, it is created in the region named RegionOne.
To begin using separate regions, specify the --region argument when adding service endpoints: 
[(keystone_admin)]# keystone endpoint-create --region 'RegionOne' \
   --service SERVICENAME\   
   --publicurl PUBLICURL
   --adminurl ADMINURL
   --internalurl INTERNALURL
Copy to Clipboard Toggle word wrap
Replace REGION with the name of the region to which the endpoint belongs. When sharing an endpoint between regions, create an endpoint entry containing the same URLs for each applicable region. For information on setting the URLs for each service, see the Identity service configuration information of the service in question.

Example 3.1. Endpoints Within Discrete Regions

In this example, the APAC and EMEA regions share an Identity server (identity.example.com) endpoint, while providing region specific compute API endpoints: 
$ keystone endpoint-list
+---------+--------+------------------------------------------------------+
|   id    | region |                      publicurl                       |
+---------+--------+------------------------------------------------------+
| 0d8b... |  APAC  |         http://identity.example.com:5000/v3          |
| 769f... |  EMEA  |         http://identity.example.com:5000/v3          |
| 516c... |  APAC  |  http://nova-apac.example.com:8774/v2/%(tenant_id)s  |
| cf7e... |  EMEA  |  http://nova-emea.example.com:8774/v2/%(tenant_id)s  |
+---------+--------+------------------------------------------------------+
Copy to Clipboard Toggle word wrap
Nach oben
Red Hat logoGithubredditYoutubeTwitter

Lernen

Testen, kaufen und verkaufen

Communitys

Über Red Hat Dokumentation

Wir helfen Red Hat Benutzern, mit unseren Produkten und Diensten innovativ zu sein und ihre Ziele zu erreichen – mit Inhalten, denen sie vertrauen können. Entdecken Sie unsere neuesten Updates.

Mehr Inklusion in Open Source

Red Hat hat sich verpflichtet, problematische Sprache in unserem Code, unserer Dokumentation und unseren Web-Eigenschaften zu ersetzen. Weitere Einzelheiten finden Sie in Red Hat Blog.

Über Red Hat

Wir liefern gehärtete Lösungen, die es Unternehmen leichter machen, plattform- und umgebungsübergreifend zu arbeiten, vom zentralen Rechenzentrum bis zum Netzwerkrand.

Theme

© 2025 Red Hat