3.8. Create the Services Tenant
Tenants are used to aggregate service resources. Tenants are also known as projects. Per tenant, quota controls can be used to limit the numbers of resources.
Note
For more information about quotas, see the "Manage Projects" section in the Red Hat OpenStack Platform Administration Guide. This document is available from the following page:
Each user is assigned to a tenant. For regular users, the tenant typically represents their group, project, or organisation. For service users (the entity accessing the Identity service on behalf of the service), the tenant represents a service's geographical region. If the services in your environment are distributed, typically one service tenant is created for each endpoint on which services are running (excepting the Identity and dashboard services). If the services in your environment are deployed on a single node, only one service tenant is required, though it is possible to create more for administrative purposes.
The service setup examples in this guide assume that all services are deployed on one node, therefore only one service tenant is required. All such examples use the
services
tenant.
Note
Because administrators, regular users, and service users all need a tenant, at least three tenants are typically created, one for each group. To create administrative and regular users and tenants, see Section 3.5, “Create an Administrator Account” and Section 3.7, “Create a Regular User Account”.
Procedure 3.12. Creating the Services Tenant
- Set up the shell to access keystone as the administrative user:
#
source ~/keystonerc_admin
- Create the
services
tenant:[(keystone_admin)]#
keystone tenant-create --name services --description "Services Tenant"
+-------------+----------------------------------+ | Property | Value | +-------------+----------------------------------+ | description | Services Tenant | | enabled | True | | id | 7e193e36c4194b86b9a9b55d4b722af3 | | name | services | +-------------+----------------------------------+
Note
To obtain a list of all Identity service tenants and their IDs, run:
[(keystone_admin)]#
keystone tenant-list