Red Hat Summit Red Hat SummitSupportoConsoleSviluppatoriInizia una provaContatti

Questo contenuto non è disponibile nella lingua selezionata.

3.6. Create the Identity Service Endpoint

Once the Identity service has been started, its API endpoint must be defined. Some OpenStack services, including the dashboard, will not work unless this record is present.
All steps in this procedure must be performed on the Identity server, while logged in as the root user.

Procedure 3.10. Creating the Identity Service Endpoint

  1. Set up the shell to access Keystone as the admin user: 
    # source ~/keystonerc_admin
    Copy to Clipboard Toggle word wrap
  2. Set the OS_SERVICE_TOKEN environment variable to the administration token. This is done by reading the token file created when setting the administration token: 
    [(keystone_admin)]# export OS_SERVICE_TOKEN=`cat ~/ks_admin_token`
    Copy to Clipboard Toggle word wrap
  3. Set the OS_SERVICE_ENDPOINT environment variable to point to the server hosting the Identity service: 
    [(keystone_admin]# export OS_SERVICE_ENDPOINT='http://IP:35357/v2.0'
    Copy to Clipboard Toggle word wrap
    Replace IP with the IP address or host name of the Identity server.
  4. Create a service entry for the Identity service: 
    [(keystone_admin)]# keystone service-create --name=keystone --type=identity \
   --description="Keystone Identity service"
+-------------+----------------------------------+
|   Property  |              Value               |
+-------------+----------------------------------+
| description |     Keystone Identity service    |
| enabled     |               True               |
| id          | a8bff1db381f4751bd8ac126464511ae |
| name        |             keystone             |
| type        |             identity             |
+-------------+----------------------------------+
    Copy to Clipboard Toggle word wrap
  5. Create an endpoint entry for the v2.0 API Identity service: 
    [(keystone_admin)]# keystone endpoint-create \
   --service keystone \
   --publicurl 'https://IP:443/v2.0' \
   --adminurl 'https://IP:443/v2.0' \
   --internalurl 'https://IP:5000/v2.0' \
   --region 'RegionOne'
+-------------+----------------------------------+
|   Property  |              Value               |
+-------------+----------------------------------+
| adminurl    |       https://IP:443/keystone/admin       |
| id          | 1295011fdc874a838f702518e95a0e13 |
| internalurl |       https://IP:5000/v2.0        |
| publicurl   |       https://IP:443/keystone/main        |
| region      |             RegionOne            |
| service_id  |                 ID               |
+-------------+----------------------------------+
    Copy to Clipboard Toggle word wrap
    Replace IP with the IP address or host name of the Identity server.

    Note

    By default, the endpoint is created in the default region, RegionOne. If you need to specify a different region when creating an endpoint, use the --region argument.

3.6.1. Service Regions
Copia collegamento

Each service cataloged in the Identity service is identified by its region, which typically represents a geographical location, and its endpoint. In a Red Hat OpenStack Platform environment with multiple Compute deployments, regions allow for the discrete separation of services, and are a robust way to share some infrastructure between Compute installations, while allowing for a high degree of failure tolerance.
Administrators determine which services are shared between regions and which services are used only with a specific region. By default, when an endpoint is defined and no region is specified, it is created in the region named RegionOne.
To begin using separate regions, specify the --region argument when adding service endpoints: 
[(keystone_admin)]# keystone endpoint-create --region 'RegionOne' \
   --service SERVICENAME\   
   --publicurl PUBLICURL
   --adminurl ADMINURL
   --internalurl INTERNALURL
Copy to Clipboard Toggle word wrap
Replace REGION with the name of the region to which the endpoint belongs. When sharing an endpoint between regions, create an endpoint entry containing the same URLs for each applicable region. For information on setting the URLs for each service, see the Identity service configuration information of the service in question.

Example 3.1. Endpoints Within Discrete Regions

In this example, the APAC and EMEA regions share an Identity server (identity.example.com) endpoint, while providing region specific compute API endpoints: 
$ keystone endpoint-list
+---------+--------+------------------------------------------------------+
|   id    | region |                      publicurl                       |
+---------+--------+------------------------------------------------------+
| 0d8b... |  APAC  |         http://identity.example.com:5000/v3          |
| 769f... |  EMEA  |         http://identity.example.com:5000/v3          |
| 516c... |  APAC  |  http://nova-apac.example.com:8774/v2/%(tenant_id)s  |
| cf7e... |  EMEA  |  http://nova-emea.example.com:8774/v2/%(tenant_id)s  |
+---------+--------+------------------------------------------------------+
Copy to Clipboard Toggle word wrap
Torna in cima
Red Hat logoGithubredditYoutubeTwitter

Formazione

Prova, acquista e vendi

Community

Informazioni sulla documentazione di Red Hat

Aiutiamo gli utenti Red Hat a innovarsi e raggiungere i propri obiettivi con i nostri prodotti e servizi grazie a contenuti di cui possono fidarsi. Esplora i nostri ultimi aggiornamenti.

Rendiamo l’open source più inclusivo

Red Hat si impegna a sostituire il linguaggio problematico nel codice, nella documentazione e nelle proprietà web. Per maggiori dettagli, visita il Blog di Red Hat.

Informazioni su Red Hat

Forniamo soluzioni consolidate che rendono più semplice per le aziende lavorare su piattaforme e ambienti diversi, dal datacenter centrale all'edge della rete.

Theme

© 2025 Red Hat