이 콘텐츠는 선택한 언어로 제공되지 않습니다.
3.5. Create an Administrator Account
The following procedure creates an administrative user and an associated tenant and role.
All steps in this procedure must be performed on the system hosting the Identity service, while logged in as a user who has access to a file containing the administration token.
Procedure 3.9. Creating an Administrator Account
- Set the
OS_SERVICE_TOKENenvironment variable to the value of the administration token. This is done by reading the token file created when setting the administration token:#export OS_SERVICE_TOKEN=`cat ~/ks_admin_token` - Set the
OS_SERVICE_ENDPOINTenvironment variable to point to the server hosting the Identity service:#export OS_SERVICE_ENDPOINT="http://IP:35357/v2.0"Replace IP with the IP address or host name of your Identity server. - Create an
adminuser:#keystone user-create --name admin --pass PASSWORD+----------+-----------------------------------+ | Property | Value | +----------+-----------------------------------+ | email | | | enabled | True | | id | 94d659c3c9534095aba5f8475c87091a | | name | admin | | tenantId | | +----------+-----------------------------------+Replace PASSWORD with a secure password for the account. - Create an
adminrole:#keystone role-create --name admin+----------+----------------------------------+ | Property | Value | +----------+----------------------------------+ | id | 78035c5d3cd94e62812d6d37551ecd6a | | name | admin | +----------+----------------------------------+ - Create an
admintenant:#keystone tenant-create --name admin+-------------+----------------------------------+ | Property | Value | +-------------+----------------------------------+ | description | | | enabled | True | | id | 6f8e3e36c4194b86b9a9b55d4b722af3 | | name | admin | +-------------+----------------------------------+ - Link the
adminuser and theadminrole together in the context of theadmintenant:#keystone user-role-add --user admin --role admin --tenant admin - The newly-created
adminaccount will be used for future management of the Identity service. To facilitate authentication, create akeystonerc_adminfile in a secure location such as the home directory of therootuser.Add these lines to the file to set the environment variables that will be used for authentication:unset OS_SERVICE_TOKEN unset OS_SERVICE_ENDPOINT export OS_USERNAME=admin export OS_TENANT_NAME=admin export OS_PASSWORD=PASSWORD export OS_AUTH_URL=http://IP:35357/v2.0/ export PS1='[\u@\h \W(keystone_admin)]\$ '
Replace PASSWORD with the password of theadminuser, and replace IP with the IP address or host name of the Identity server. - Load the environment variables used for authentication:
#source ~/keystonerc_admin
