[OpenStack] openstack keystone api 实验(curl)（转载）（亲自动手实验，附带实验运行结果） - Openstack - 运维网

苏童发表于 2015-4-11 17:10:50

[OpenStack] openstack keystone api 实验(curl)（运维网）（亲自动手实验，附带实验运行结果）

　　
　　http://www.pubyun.com/blog/openstack/openstack-keystone-api-%E5%AE%9E%E9%AA%8Ccurl/
　　参考文档：
　　http://keystone.openstack.org/configuration.html
　　http://keystone.openstack.org/api_curl_examples.html
　　1、重要概念：
　　Admin Token
所有服务共享的一个密钥，如果设置不同，哪些依赖keystone的服务将无法正常工作。
　　Tenants
做keystone里，Tenants 是一个高层次的组，表示一组用户。一个tenant 是一个小组，共同拥有 Nova里的虚拟机，或者Swift里的容器。一个tenant可以有一个或者多个用户，用户可以属于一个或者多个tenant，针对每个tenant，用户拥有一个角色(role)。
Tenants are the high level grouping within Keystone that represent groups of users. A tenant is the grouping that owns virtual machines within Nova, or containers within Swift. A tenant can have zero or more users, Users can be associated with more than one tenant, and each tenant – user pairing can have a role associated with it.
　　认证几个要素：tenants, users, roles
　　业务端口：5000
管理端口：35357
2、业务API 测试：
　　获取版本号：
curl http://192.168.28.5:5000/ | python -mjson.tool
curl http://192.168.28.5:5000/v2.0/ | python -mjson.tool
　　获取api扩展：
curl http://192.168.28.5:5000/v2.0/extensions | python -mjson.tool
　　用普通用户登录：
curl -X POST -d ‘{“auth”: {“passwordCredentials”:{“username”: “admin”, “password”: “nova”}}}’ -H “Content-type: application/json” http://192.168.28.5:5000/v2.0/tokens | python -mjson.tool
　　查看自己的租户：
curl -H “X-Auth-Token:614be856b02449439b116c0b28e94217″ http://192.168.28.5:5000/v2.0/tenants | python -mjson.tool
　　3、管理API测试：
　　获取版本号：
curl http://192.168.28.5:35357/ | python -mjson.tool
curl http://192.168.28.5:35357/v2.0/ | python -mjson.tool
　　获取api扩展：
curl http://0.0.0.0:35357/v2.0/extensions | python -mjson.tool
　　curl -X POST -d ‘{“auth”: {“passwordCredentials”:{“username”: “admin”, “password”: “nova”}}}’ -H “Content-type: application/json” http://192.168.28.5:35357/v2.0/tokens | python -mjson.tool
　　用角色 admin 登录：
curl -X POST -d ‘{“auth”: {“tenantId”: “6a524dbe23dd4e4ab672cd163c85a27d”, “passwordCredentials”:{“username”: “admin”, “password”: “nova”}}}’ -H “Content-type: application/json” http://192.168.28.5:35357/v2.0/tokens | python -mjson.tool
　　校验 token 的有效，并返回token的信息：
curl -H “X-Auth-Token: 32efbc8c22af4ad6a8f03d051dc3413b” http://192.168.28.5:35357/v2.0/tokens/82c8d77cac0a4fdba83b2191185ddb39 |python -mjson.tool
　　使用 HEAD校验，如果返回码是 20X, 表示 token 有效：
curl -I -H “X-Auth-Token: 5a10b008add4435f8473d2b11d3ba8a8″ http://192.168.28.5:35357/v2.0/tokens/5a10b008add4435f8473d2b11d3ba8a8
　　这个api不对：
curl -H “X-Auth-Token:5a10b008add4435f8473d2b11d3ba8a8″ http://localhost:35357/v2.0/tokens/5a10b008add4435f8473d2b11d3ba8a8/endpoints
　　返回租户：
curl -H “X-Auth-Token:5a10b008add4435f8473d2b11d3ba8a8″ http://localhost:35357/v2.0/tenants|python -mjson.tool
　　返回某个租户：
curl -H “X-Auth-Token:5a10b008add4435f8473d2b11d3ba8a8″ http://localhost:35357/v2.0/tenants/6a524dbe23dd4e4ab672cd163c85a27d |python -mjson.tool
　　返回用户：
curl -H “X-Auth-Token:5a10b008add4435f8473d2b11d3ba8a8″ http://localhost:35357/v2.0/users|python -mjson.tool
　　返回某个用户：
curl -H “X-Auth-Token:5a10b008add4435f8473d2b11d3ba8a8″ http://localhost:35357/v2.0/users/3ff8fbca9794436c996d8c6e41427530|python -mjson.tool
　　返回某个租户上，用户授予的角色：
curl -H “X-Auth-Token:5a10b008add4435f8473d2b11d3ba8a8″ http://localhost:35357/v2.0/tenants/6a524dbe23dd4e4ab672cd163c85a27d/users/3ff8fbca9794436c996d8c6e41427530/roles |python -mjson.tool
　　返回某个用户的角色：（出错，没有实现，参见 https://bugs.launchpad.net/keystone/+bug/933565)
curl -H “X-Auth-Token:5a10b008add4435f8473d2b11d3ba8a8″ http://localhost:35357/v2.0/users/3ff8fbca9794436c996d8c6e41427530/roles
　　
　　===========================动手实验部分=============================
　　

Creating Users
　　Create the users by executing the following commands. In this case, we are creating four users - admin, nova, glance and swift

keystone user-create --name admin --pass admin --email admin@foobar.com
keystone user-create --name nova --pass nova --email nova@foobar.com
keystone user-create --name glance --pass glance --email glance@foobar.com
keystone user-create --name swift --pass swift --email swift@foobar.com
localadmin@OpenStack-1:~$ keystone user-list
+----------------------------------+---------+-------------------+--------+
|             id             | enabled |    email    |name|
+----------------------------------+---------+-------------------+--------+
| 2acc3e1b7f90484d88a51d668496b664 | True | swift@foobar.com| swift|
| 3e8c6c6a7013469cbf673538d9cca353 | True | admin@foobar.com| admin|
| 97f20d8dada74684940383217a5d77cc | True | nova@foobar.com | nova |
| d2536af05c1c4972aea56b0edbd9ea35 | True | glance@foobar.com | glance |
+----------------------------------+---------+-------------------+--------+

业务API 测试：
　　获取版本号：
curl http://192.168.26.128:5000/ | python -mjson.tool
curl http://192.168.26.128:5000/v2.0/ | python -mjson.tool
　　
　　localadmin@OpenStack-1:~$ curl http://192.168.26.128:5000/ | python -mjson.tool
% Total % Received % XferdAverage Speed Time Time TimeCurrent
                              DloadUpload Total Spent LeftSpeed
100 630100 630 0 0 9200    0 --:--:-- --:--:-- --:--:-- 10500
{
"versions": {
   "values": [
         {
            "id": "v2.0",
            "links": [
               {
                     "href": "http://192.168.26.128:5000/v2.0/",
                     "rel": "self"
               },
               {
                     "href": "http://docs.openstack.org/api/openstack-identity-service/2.0/content/",
                     "rel": "describedby",
                     "type": "text/html"
               },
               {
                     "href": "http://docs.openstack.org/api/openstack-identity-service/2.0/identity-dev-guide-2.0.pdf",
                     "rel": "describedby",
                     "type": "application/pdf"
               }
            ],
            "media-types": [
               {
                     "base": "application/json",
                     "type": "application/vnd.openstack.identity-v2.0+json"
               },
               {
                     "base": "application/xml",
                     "type": "application/vnd.openstack.identity-v2.0+xml"
               }
            ],
            "status": "beta",
            "updated": "2011-11-19T00:00:00Z"
         }
   ]
}
}
　　
　　localadmin@OpenStack-1:~$ curl http://192.168.26.128:5000/v2.0/ | python -mjson.tool
% Total % Received % XferdAverage Speed Time Time TimeCurrent
                              DloadUpload Total Spent LeftSpeed
100 615 0 615 0 0 9919    0 --:--:-- --:--:-- --:--:-- 10081
{
"version": {
   "id": "v2.0",
   "links": [
         {
            "href": "http://192.168.26.128:5000/v2.0/",
            "rel": "self"
         },
         {
            "href": "http://docs.openstack.org/api/openstack-identity-service/2.0/content/",
            "rel": "describedby",
            "type": "text/html"
         },
         {
            "href": "http://docs.openstack.org/api/openstack-identity-service/2.0/identity-dev-guide-2.0.pdf",
            "rel": "describedby",
            "type": "application/pdf"
         }
   ],
   "media-types": [
         {
            "base": "application/json",
            "type": "application/vnd.openstack.identity-v2.0+json"
         },
         {
            "base": "application/xml",
            "type": "application/vnd.openstack.identity-v2.0+xml"
         }
   ],
   "status": "beta",
   "updated": "2011-11-19T00:00:00Z"
}
}
　　获取api扩展：
curl http://192.168.26.128:5000/v2.0/extensions | python -mjson.tool
　　localadmin@OpenStack-1:~$ curl http://192.168.26.128:5000/v2.0/extensions | python -mjson.tool
% Total % Received % XferdAverage Speed Time Time TimeCurrent
                              DloadUpload Total Spent LeftSpeed
100 30 0 30 0 0 1428    0 --:--:-- --:--:-- --:--:--2727
{
"extensions": {
   "values": []
}
}
　　
　　用普通用户登录：
　　curl -X POST -d '{"auth": {"passwordCredentials":{"username": "admin", "password": "admin"}}}' -H "Content-type: application/json" http://192.168.26.128:5000/v2.0/tokens | python -mjson.tool
　　
　　localadmin@OpenStack-1:~$ curl -X POST -d '{"auth": {"passwordCredentials":{"username": "admin", "password": "admin"}}}' -H "Content-type: application/json" http://192.168.26.128:5000/v2.0/tokens | python -mjson.tool
% Total % Received % XferdAverage Speed Time Time TimeCurrent
                              DloadUpload Total Spent LeftSpeed
100 320 0 244100 76 2632 820 --:--:-- --:--:-- --:--:--2804
{
"access": {
   "serviceCatalog": {},
   "token": {
         "expires": "2012-06-05T05:02:37Z",
         "id": "c73b3cde38994acaaccba4b3fb19d3f5"
   },
   "user": {
         "id": "3e8c6c6a7013469cbf673538d9cca353",
         "name": "admin",
         "roles": [],
         "roles_links": [],
         "username": "admin"
   }
}
}
　　
　　curl -X POST -d '{"auth": {"passwordCredentials":{"username": "nova", "password": "nova"}}}' -H "Content-type: application/json" http://192.168.26.128:5000/v2.0/tokens | python -mjson.tool
　　
　　localadmin@OpenStack-1:~$ curl -X POST -d '{"auth": {"passwordCredentials":{"username": "nova", "password": "nova"}}}' -H "Content-type: application/json" http://192.168.26.128:5000/v2.0/tokens | python -mjson.tool
% Total % Received % XferdAverage Speed Time Time TimeCurrent
                              DloadUpload Total Spent LeftSpeed
100 316 0 242100 74 2725 833 --:--:-- --:--:-- --:--:--2915
{
"access": {
   "serviceCatalog": {},
   "token": {
         "expires": "2012-06-05T05:03:46Z",
         "id": "87ef70de64e844e0a165c5ff73b50935"
   },
   "user": {
         "id": "97f20d8dada74684940383217a5d77cc",
         "name": "nova",
         "roles": [],
         "roles_links": [],
         "username": "nova"
   }
}
}
　　curl -X POST -d '{"auth": {"passwordCredentials":{"username": "swift", "password": "swift"}}}' -H "Content-type: application/json" http://192.168.26.128:5000/v2.0/tokens | python -mjson.tool
　　
　　localadmin@OpenStack-1:~$ curl -X POST -d '{"auth": {"passwordCredentials":{"username": "swift", "password": "swift"}}}' -H "Content-type: application/json" http://192.168.26.128:5000/v2.0/tokens | python -mjson.tool
% Total % Received % XferdAverage Speed Time Time TimeCurrent
                              DloadUpload Total Spent LeftSpeed
100 320 0 244100 76 2753 857 --:--:-- --:--:-- --:--:--3050
{
"access": {
   "serviceCatalog": {},
   "token": {
         "expires": "2012-06-05T05:05:10Z",
         "id": "3db07905ac854baf8776fb47e9b33019"
   },
   "user": {
         "id": "2acc3e1b7f90484d88a51d668496b664",
         "name": "swift",
         "roles": [],
         "roles_links": [],
         "username": "swift"
   }
}
}
　　
　　curl -X POST -d '{"auth": {"passwordCredentials":{"username": "glance", "password": "glance"}}}' -H "Content-type: application/json" http://192.168.26.128:5000/v2.0/tokens | python -mjson.tool
　　
　　localadmin@OpenStack-1:~$ curl -X POST -d '{"auth": {"passwordCredentials":{"username": "glance", "password": "glance"}}}' -H "Content-type: application/json" http://192.168.26.128:5000/v2.0/tokens | python -mjson.tool
% Total % Received % XferdAverage Speed Time Time TimeCurrent
                              DloadUpload Total Spent LeftSpeed
100 324 0 246100 78 2928 928 --:--:-- --:--:-- --:--:--3113
{
"access": {
   "serviceCatalog": {},
   "token": {
         "expires": "2012-06-05T05:05:27Z",
         "id": "4099cd0ae475460c90a7e32369b8127b"
   },
   "user": {
         "id": "d2536af05c1c4972aea56b0edbd9ea35",
         "name": "glance",
         "roles": [],
         "roles_links": [],
         "username": "glance"
   }
}
}
　　查看自己的租户：
　　User UserID                         Token ID
admin3e8c6c6a7013469cbf673538d9cca353 c73b3cde38994acaaccba4b3fb19d3f5
nova 97f20d8dada74684940383217a5d77cc 87ef70de64e844e0a165c5ff73b50935
swift2acc3e1b7f90484d88a51d668496b664 3db07905ac854baf8776fb47e9b33019
glance d2536af05c1c4972aea56b0edbd9ea35 4099cd0ae475460c90a7e32369b8127b
　　
　　admin:
curl -H "X-Auth-Token:c73b3cde38994acaaccba4b3fb19d3f5" http://192.168.26.128:5000/v2.0/tenants | python -mjson.tool
　　nova:
　　curl -H "X-Auth-Token:87ef70de64e844e0a165c5ff73b50935" http://192.168.26.128:5000/v2.0/tenants | python -mjson.tool
　　swift:
　　curl -H "X-Auth-Token:3db07905ac854baf8776fb47e9b33019" http://192.168.26.128:5000/v2.0/tenants | python -mjson.tool
　　glance:
　　curl -H "X-Auth-Token:4099cd0ae475460c90a7e32369b8127b" http://192.168.26.128:5000/v2.0/tenants | python -mjson.tool
　　运行结果：
　　localadmin@OpenStack-1:~$ curl -H "X-Auth-Token:c73b3cde38994acaaccba4b3fb19d3f5" http://192.168.26.128:5000/v2.0/tenants | python -mjson.tool
% Total % Received % XferdAverage Speed Time Time TimeCurrent
                              DloadUpload Total Spent LeftSpeed
100 133 0 133 0 0 2557    0 --:--:-- --:--:-- --:--:--3022
{
"tenants": [
   {
         "description": null,
         "enabled": true,
         "id": "938c2aeb59f842c58c03a1e5bbe50e20",
         "name": "admin"
   }
],
"tenants_links": []
}
localadmin@OpenStack-1:~$ curl -H "X-Auth-Token:87ef70de64e844e0a165c5ff73b50935" http://192.168.26.128:5000/v2.0/tenants | python -mjson.tool
% Total % Received % XferdAverage Speed Time Time TimeCurrent
                              DloadUpload Total Spent LeftSpeed
100 135 0 135 0 0 5606    0 --:--:-- --:--:-- --:--:--6136
{
"tenants": [
   {
         "description": null,
         "enabled": true,
         "id": "a4a59e33b382439bab47cc8c2d01caf1",
         "name": "service"
   }
],
"tenants_links": []
}
localadmin@OpenStack-1:~$ curl -H "X-Auth-Token:3db07905ac854baf8776fb47e9b33019" http://192.168.26.128:5000/v2.0/tenants | python -mjson.tool
% Total % Received % XferdAverage Speed Time Time TimeCurrent
                              DloadUpload Total Spent LeftSpeed
100 135 0 135 0 0 4664    0 --:--:-- --:--:-- --:--:--6136
{
"tenants": [
   {
         "description": null,
         "enabled": true,
         "id": "a4a59e33b382439bab47cc8c2d01caf1",
         "name": "service"
   }
],
"tenants_links": []
}
localadmin@OpenStack-1:~$ curl -H "X-Auth-Token:4099cd0ae475460c90a7e32369b8127b" http://192.168.26.128:5000/v2.0/tenants | python -mjson.tool
% Total % Received % XferdAverage Speed Time Time TimeCurrent
                              DloadUpload Total Spent LeftSpeed
100 135 0 135 0 0 4421    0 --:--:-- --:--:-- --:--:--4821
{
"tenants": [
   {
         "description": null,
         "enabled": true,
         "id": "a4a59e33b382439bab47cc8c2d01caf1",
         "name": "service"
   }
],
"tenants_links": []
}
　　
　　
　　管理API测试：
　　获取版本号：
curl http://192.168.26.128:35357/ | python -mjson.tool
curl http://192.168.26.128:35357/v2.0/ | python -mjson.tool
　　运行结果：
　　localadmin@OpenStack-1:~$ curl http://192.168.26.128:35357/ | python -mjson.tool
% Total % Received % XferdAverage Speed Time Time TimeCurrent
                              DloadUpload Total Spent LeftSpeed
100 631100 631 0 0 9259    0 --:--:-- --:--:-- --:--:-- 10177
{
"versions": {
   "values": [
         {
            "id": "v2.0",
            "links": [
               {
                     "href": "http://192.168.26.128:35357/v2.0/",
                     "rel": "self"
               },
               {
                     "href": "http://docs.openstack.org/api/openstack-identity-service/2.0/content/",
                     "rel": "describedby",
                     "type": "text/html"
               },
               {
                     "href": "http://docs.openstack.org/api/openstack-identity-service/2.0/identity-dev-guide-2.0.pdf",
                     "rel": "describedby",
                     "type": "application/pdf"
               }
            ],
            "media-types": [
               {
                     "base": "application/json",
                     "type": "application/vnd.openstack.identity-v2.0+json"
               },
               {
                     "base": "application/xml",
                     "type": "application/vnd.openstack.identity-v2.0+xml"
               }
            ],
            "status": "beta",
            "updated": "2011-11-19T00:00:00Z"
         }
   ]
}
}
localadmin@OpenStack-1:~$ curl http://192.168.26.128:35357/v2.0/ | python -mjson.tool
% Total % Received % XferdAverage Speed Time Time TimeCurrent
                              DloadUpload Total Spent LeftSpeed
100 616 0 616 0 0 8395    0 --:--:-- --:--:-- --:--:--9194
{
"version": {
   "id": "v2.0",
   "links": [
         {
            "href": "http://192.168.26.128:35357/v2.0/",
            "rel": "self"
         },
         {
            "href": "http://docs.openstack.org/api/openstack-identity-service/2.0/content/",
            "rel": "describedby",
            "type": "text/html"
         },
         {
            "href": "http://docs.openstack.org/api/openstack-identity-service/2.0/identity-dev-guide-2.0.pdf",
            "rel": "describedby",
            "type": "application/pdf"
         }
   ],
   "media-types": [
         {
            "base": "application/json",
            "type": "application/vnd.openstack.identity-v2.0+json"
         },
         {
            "base": "application/xml",
            "type": "application/vnd.openstack.identity-v2.0+xml"
         }
   ],
   "status": "beta",
   "updated": "2011-11-19T00:00:00Z"
}
}
　　获取api扩展：
curl http://0.0.0.0:35357/v2.0/extensions | python -mjson.tool
　　运行结果：
　　localadmin@OpenStack-1:~$ curl http://0.0.0.0:35357/v2.0/extensions | python -mjson.tool
% Total % Received % XferdAverage Speed Time Time TimeCurrent
                              DloadUpload Total Spent LeftSpeed
100 396 0 396 0 024336    0 --:--:-- --:--:-- --:--:-- 39600
{
"extensions": {
   "values": [
         {
            "alias": "OS-KSADM",
            "description": "Openstack extensions to Keystone v2.0 API enabling Admin Operations.",
            "links": [
               {
                     "href": "https://github.com/openstack/identity-api",
                     "rel": "describedby",
                     "type": "text/html"
               }
            ],
            "name": "Openstack Keystone Admin",
            "namespace": "http://docs.openstack.org/identity/api/ext/OS-KSADM/v1.0",
            "updated": "2011-08-19T13:25:27-06:00"
         }
   ]
}
}
　　权限验证：
　　curl -X POST -d '{"auth": {"passwordCredentials":{"username": "admin", "password": "admin"}}}' -H "Content-type: application/json" http://192.168.26.128:35357/v2.0/tokens | python -mjson.tool
　　curl -X POST -d '{"auth": {"passwordCredentials":{"username": "nova", "password": "nova"}}}' -H "Content-type: application/json" http://192.168.26.128:35357/v2.0/tokens | python -mjson.tool
　　curl -X POST -d '{"auth": {"passwordCredentials":{"username": "swift", "password": "swift"}}}' -H "Content-type: application/json" http://192.168.26.128:35357/v2.0/tokens | python -mjson.tool
　　curl -X POST -d '{"auth": {"passwordCredentials":{"username": "glance", "password": "glance"}}}' -H "Content-type: application/json" http://192.168.26.128:35357/v2.0/tokens | python -mjson.tool
　　运行结果：
　　localadmin@OpenStack-1:~$ curl -X POST -d '{"auth": {"passwordCredentials":{"username": "admin", "password": "admin"}}}' -H "Content-type: application/json" http://192.168.26.128:35357/v2.0/tokens | python -mjson.tool
% Total % Received % XferdAverage Speed Time Time TimeCurrent
                              DloadUpload Total Spent LeftSpeed
100 320 0 244100 76 2218 690 --:--:-- --:--:-- --:--:--2259
{
"access": {
   "serviceCatalog": {},
   "token": {
         "expires": "2012-06-05T05:30:40Z",
         "id": "4dbb421c43c94fd6bdb9678fb0ae8e26"
   },
   "user": {
         "id": "3e8c6c6a7013469cbf673538d9cca353",
         "name": "admin",
         "roles": [],
         "roles_links": [],
         "username": "admin"
   }
}
}
localadmin@OpenStack-1:~$ curl -X POST -d '{"auth": {"passwordCredentials":{"username": "nova", "password": "nova"}}}' -H "Content-type: application/json" http://192.168.26.128:35357/v2.0/tokens | python -mjson.tool
% Total % Received % XferdAverage Speed Time Time TimeCurrent
                              DloadUpload Total Spent LeftSpeed
100 316 0 242100 74 2039 623 --:--:-- --:--:-- --:--:--2068
{
"access": {
   "serviceCatalog": {},
   "token": {
         "expires": "2012-06-05T05:33:38Z",
         "id": "2841da2fb72948529e6f9f89a87efceb"
   },
   "user": {
         "id": "97f20d8dada74684940383217a5d77cc",
         "name": "nova",
         "roles": [],
         "roles_links": [],
         "username": "nova"
   }
}
}
localadmin@OpenStack-1:~$ curl -X POST -d '{"auth": {"passwordCredentials":{"username": "swift", "password": "swift"}}}' -H "Content-type: application/json" http://192.168.26.128:35357/v2.0/tokens | python -mjson.tool
% Total % Received % XferdAverage Speed Time Time TimeCurrent
                              DloadUpload Total Spent LeftSpeed
100 320 0 244100 76 1973 614 --:--:-- --:--:-- --:--:--2067
{
"access": {
   "serviceCatalog": {},
   "token": {
         "expires": "2012-06-05T05:33:55Z",
         "id": "2042dee3e64846638779d129d03e8863"
   },
   "user": {
         "id": "2acc3e1b7f90484d88a51d668496b664",
         "name": "swift",
         "roles": [],
         "roles_links": [],
         "username": "swift"
   }
}
}
localadmin@OpenStack-1:~$ curl -X POST -d '{"auth": {"passwordCredentials":{"username": "glance", "password": "glance"}}}' -H "Content-type: application/json" http://192.168.26.128:35357/v2.0/tokens | python -mjson.tool
% Total % Received % XferdAverage Speed Time Time TimeCurrent
                              DloadUpload Total Spent LeftSpeed
100 324 0 246100 78 2699 855 --:--:-- --:--:-- --:--:--2733
{
"access": {
   "serviceCatalog": {},
   "token": {
         "expires": "2012-06-05T05:34:05Z",
         "id": "5895947fee934dd0944f4c834ff4c5c4"
   },
   "user": {
         "id": "d2536af05c1c4972aea56b0edbd9ea35",
         "name": "glance",
         "roles": [],
         "roles_links": [],
         "username": "glance"
   }
}
}
　　User User ID                                           Token ID
　　admin3e8c6c6a7013469cbf673538d9cca353 4dbb421c43c94fd6bdb9678fb0ae8e26
nova 97f20d8dada74684940383217a5d77cc 2841da2fb72948529e6f9f89a87efceb
swift2acc3e1b7f90484d88a51d668496b664 2042dee3e64846638779d129d03e8863
glance d2536af05c1c4972aea56b0edbd9ea35 5895947fee934dd0944f4c834ff4c5c4
　　
　　用角色 admin 登录：
curl -X POST -d '{"auth": {"tenantId": "938c2aeb59f842c58c03a1e5bbe50e20", "passwordCredentials":{"username": "admin", "password": "admin"}}}' -H "Content-type: application/json" http://localhost:35357/v2.0/tokens | python -mjson.tool
　　运行结果：
　　localadmin@OpenStack-1:~$ curl -X POST -d '{"auth": {"tenantId": "938c2aeb59f842c58c03a1e5bbe50e20", "passwordCredentials":{"username": "admin", "password": "admin"}}}' -H "Content-type: application/json" http://localhost:35357/v2.0/tokens | python -mjson.tool
% Total % Received % XferdAverage Speed Time Time TimeCurrent
                              DloadUpload Total Spent LeftSpeed
1002348 02224100 12413850 772 --:--:-- --:--:-- --:--:-- 14535
{
"access": {
   "serviceCatalog": [
         {
            "endpoints": [
               {
                     "adminURL": "http://192.168.26.128:8774/v2/938c2aeb59f842c58c03a1e5bbe50e20",
                     "internalURL": "http://192.168.26.128:8774/v2/938c2aeb59f842c58c03a1e5bbe50e20",
                     "publicURL": "http://192.168.26.128:8774/v2/938c2aeb59f842c58c03a1e5bbe50e20",
                     "region": "myregion"
               }
            ],
            "endpoints_links": [],
            "name": "nova",
            "type": "compute"
         },
         {
            "endpoints": [
               {
                     "adminURL": "http://192.168.26.128:9292/v1",
                     "internalURL": "http://192.168.26.128:9292/v1",
                     "publicURL": "http://192.168.26.128:9292/v1",
                     "region": "myregion"
               }
            ],
            "endpoints_links": [],
            "name": "glance",
            "type": "image"
         },
         {
            "endpoints": [
               {
                     "adminURL": "http://192.168.26.128:8776/v1/938c2aeb59f842c58c03a1e5bbe50e20",
                     "internalURL": "http://192.168.26.128:8776/v1/938c2aeb59f842c58c03a1e5bbe50e20",
                     "publicURL": "http://192.168.26.128:8776/v1/938c2aeb59f842c58c03a1e5bbe50e20",
                     "region": "myregion"
               }
            ],
            "endpoints_links": [],
            "name": "volume",
            "type": "volume"
         },
         {
            "endpoints": [
               {
                     "adminURL": "http://192.168.26.128:8773/services/Admin",
                     "internalURL": "http://192.168.26.128:8773/services/Cloud",
                     "publicURL": "http://192.168.26.128:8773/services/Cloud",
                     "region": "myregion"
               }
            ],
            "endpoints_links": [],
            "name": "ec2",
            "type": "ec2"
         },
         {
            "endpoints": [
               {
                     "adminURL": "http://192.168.26.128:8080/v1",
                     "internalURL": "http://192.168.26.128:8080/v1/AUTH_938c2aeb59f842c58c03a1e5bbe50e20",
                     "publicURL": "http://192.168.26.128:8080/v1/AUTH_938c2aeb59f842c58c03a1e5bbe50e20",
                     "region": "myregion"
               }
            ],
            "endpoints_links": [],
            "name": "swift",
            "type": "object-store"
         },
         {
            "endpoints": [
               {
                     "adminURL": "http://192.168.26.128:35357/v2.0",
                     "internalURL": "http://192.168.26.128:5000/v2.0",
                     "publicURL": "http://192.168.26.128:5000/v2.0",
                     "region": "myregion"
               }
            ],
            "endpoints_links": [],
            "name": "keystone",
            "type": "identity"
         }
   ],
   "token": {
         "expires": "2012-06-05T05:49:43Z",
         "id": "bba8b794a2e54663bfe4dbf903c9bce1",
         "tenant": {
            "description": null,
            "enabled": true,
            "id": "938c2aeb59f842c58c03a1e5bbe50e20",
            "name": "admin"
         }
   },
   "user": {
         "id": "3e8c6c6a7013469cbf673538d9cca353",
         "name": "admin",
         "roles": [
            {
               "id": "fde51bfee49a49c6a7d718ea6d78eeff",
               "name": "admin"
            },
            {
               "id": "3544b420d0ac4b98a9192c102e17af3f",
               "name": "Member"
            }
         ],
         "roles_links": [],
         "username": "admin"
   }
}
}
　　校验 token 的有效，并返回token的信息：
curl -H “X-Auth-Token: 32efbc8c22af4ad6a8f03d051dc3413b” http://192.168.28.5:35357/v2.0/tokens/82c8d77cac0a4fdba83b2191185ddb39 |python -mjson.tool
　　使用 HEAD校验，如果返回码是 20X, 表示 token 有效：
curl -I -H “X-Auth-Token: 5a10b008add4435f8473d2b11d3ba8a8″ http://192.168.28.5:35357/v2.0/tokens/5a10b008add4435f8473d2b11d3ba8a8
　　返回租户：
curl -H "X-Auth-Token:bba8b794a2e54663bfe4dbf903c9bce1" http://localhost:35357/v2.0/tenants|python -mjson.tool
　　运行结果：
　　localadmin@OpenStack-1:~$ curl -H "X-Auth-Token:bba8b794a2e54663bfe4dbf903c9bce1" http://localhost:35357/v2.0/tenants|python -mjson.tool
% Total % Received % XferdAverage Speed Time Time TimeCurrent
                              DloadUpload Total Spent LeftSpeed
100 234 0 234 0 0 5989    0 --:--:-- --:--:-- --:--:--7090
{
"tenants": [
   {
         "description": null,
         "enabled": true,
         "id": "938c2aeb59f842c58c03a1e5bbe50e20",
         "name": "admin"
   },
   {
         "description": null,
         "enabled": true,
         "id": "a4a59e33b382439bab47cc8c2d01caf1",
         "name": "service"
   }
],
"tenants_links": []
}
　　
　　返回租户：
curl -H "X-Auth-Token:bba8b794a2e54663bfe4dbf903c9bce1" http://localhost:35357/v2.0/tenants|python -mjson.tool
　　返回某个租户：
curl -H "X-Auth-Token:bba8b794a2e54663bfe4dbf903c9bce1" http://localhost:35357/v2.0/tenants/a4a59e33b382439bab47cc8c2d01caf1 |python -mjson.tool
　　返回用户：
curl -H "X-Auth-Token:bba8b794a2e54663bfe4dbf903c9bce1" http://localhost:35357/v2.0/users|python -mjson.tool
　　返回某个用户：
curl -H "X-Auth-Token:bba8b794a2e54663bfe4dbf903c9bce1" http://localhost:35357/v2.0/users/3e8c6c6a7013469cbf673538d9cca353|python -mjson.tool
　　运行结果：
　　localadmin@OpenStack-1:~$ curl -H "X-Auth-Token:bba8b794a2e54663bfe4dbf903c9bce1
% Total % Received % XferdAverage Speed Time Time TimeCurrent
                              DloadUpload Total Spent LeftSpeed
100 234 0 234 0 0 7407    0 --:--:-- --:--:-- --:--:--7800
{
"tenants": [
   {
         "description": null,
         "enabled": true,
         "id": "938c2aeb59f842c58c03a1e5bbe50e20",
         "name": "admin"
   },
   {
         "description": null,
         "enabled": true,
         "id": "a4a59e33b382439bab47cc8c2d01caf1",
         "name": "service"
   }
],
"tenants_links": []
}
localadmin@OpenStack-1:~$ curl -H "X-Auth-Token:bba8b794a2e54663bfe4dbf903c9bce1                                                                                     " http://localhost:35357/v2.0/tenants/a4a59e33b382439bab47cc8c2d01caf1 |python -                                                                                     mjson.tool
% Total % Received % XferdAverage Speed Time Time TimeCurrent
                              DloadUpload Total Spent LeftSpeed
100 111 0 111 0 0 3174    0 --:--:-- --:--:-- --:--:--3964
{
"tenant": {
   "description": null,
   "enabled": true,
   "id": "a4a59e33b382439bab47cc8c2d01caf1",
   "name": "service"
}
}
localadmin@OpenStack-1:~$ curl -H "X-Auth-Token:bba8b794a2e54663bfe4dbf903c9bce1" http://localhost:35357/v2.0/users|python -mjson.tool
% Total % Received % XferdAverage Speed Time Time TimeCurrent
                              DloadUpload Total Spent LeftSpeed
100 511 0 511 0 014227    0 --:--:-- --:--:-- --:--:-- 17620
{
"users": [
   {
         "email": "swift@foobar.com",
         "enabled": true,
         "id": "2acc3e1b7f90484d88a51d668496b664",
         "name": "swift",
         "tenantId": null
   },
   {
         "email": "admin@foobar.com",
         "enabled": true,
         "id": "3e8c6c6a7013469cbf673538d9cca353",
         "name": "admin",
         "tenantId": null
   },
   {
         "email": "nova@foobar.com",
         "enabled": true,
         "id": "97f20d8dada74684940383217a5d77cc",
         "name": "nova",
         "tenantId": null
   },
   {
         "email": "glance@foobar.com",
         "enabled": true,
         "id": "d2536af05c1c4972aea56b0edbd9ea35",
         "name": "glance",
         "tenantId": null
   }
]
}
localadmin@OpenStack-1:~$ curl -H "X-Auth-Token:bba8b794a2e54663bfe4dbf903c9bce1" http://localhost:35357/v2.0/users/3e8c6c6a7013469cbf673538d9cca353|python -mjson.tool
% Total % Received % XferdAverage Speed Time Time TimeCurrent
                              DloadUpload Total Spent LeftSpeed
100 133 0 133 0 0 3493    0 --:--:-- --:--:-- --:--:--4750
{
"user": {
   "email": "admin@foobar.com",
   "enabled": true,
   "id": "3e8c6c6a7013469cbf673538d9cca353",
   "name": "admin",
   "tenantId": null
}
}
　　
　　
　　

页: [1]

运维网's Archiver

[OpenStack] openstack keystone api 实验(curl)（运维网）（亲自动手实验，附带实验运行结果）