d95c80d36f
Fixed merge conflict (RS) Signed-off-by: Rafael Jardim <rafaeljordao.jardim@windriver.com> Change-Id: I30b882a14196525f440db1108a56bbf862dfaf55 Signed-off-by: Ron Stone <ronald.stone@windriver.com>
86 lines
2.8 KiB
ReStructuredText
86 lines
2.8 KiB
ReStructuredText
|
|
.. fan1552681866651
|
|
.. _establish-keystone-credentials-from-a-linux-account:
|
|
|
|
===============================================================================
|
|
For StarlingX and Platform OpenStack CLIs from a Local LDAP Linux Account Login
|
|
===============================================================================
|
|
|
|
You can establish Keystone credentials for executing StarlingX and Platform
|
|
OpenStack |CLIs| for a local |LDAP| user, if required; this is not setup by
|
|
default.
|
|
|
|
.. contents::
|
|
:local:
|
|
:depth: 1
|
|
|
|
.. rubric:: |context|
|
|
|
|
For more information about :command:`ldapusersetup`, see :ref:`Create LDAP
|
|
Linux Accounts <create-ldap-linux-accounts>`.
|
|
|
|
User accounts created using :command:`ldapusersetup` have access to the
|
|
StarlingX |CLIs| \(system, fm, sw-patch, dcmanager, etc.\) and the platform
|
|
'OpenStack' CLI as part of the shell.
|
|
|
|
.. rubric:: |prereq|
|
|
|
|
.. _establish-keystone-credentials-from-a-linux-account-ul-qyv-fzm-ynb:
|
|
|
|
- You must have a platform Keystone user account. For more information about
|
|
creating Keystone users, managing keystone projects, users and roles, see
|
|
`https://docs.openstack.org/keystone/pike/admin/cli-manage-projects-users-and-roles.html
|
|
<https://docs.openstack.org/keystone/pike/admin/cli-manage-projects-users-and-roles.html>`__.
|
|
|
|
- It is recommended to use the same username for both your local |LDAP| user
|
|
and your Keystone user.
|
|
|
|
.. rubric:: |context|
|
|
|
|
You can establish Keystone credentials, in order to use the StarlingX and
|
|
Platform OpenStack |CLIs|, using one of the following methods:
|
|
|
|
.. rubric:: |proc|
|
|
|
|
.. _estabilish-keystone-credentials-from-a-linux-account-steps-hjs-dwm-ynb:
|
|
|
|
#. \(Method 1\) When you have logged into the Horizon Web interface with your
|
|
Keystone user credentials, download an OpenStack RC file \(openrc.sh\), and
|
|
use it to source the required environment within your local LDAP user shell
|
|
. For more information on downloading your OpenStack RC file from Horizon,
|
|
see, `http://docs.openstack.org <http://docs.openstack.org/>`__.
|
|
|
|
#. \(Method 2\) Add the required environment variables manually into a
|
|
wrcprc.sh file and use this to source the required environment within your
|
|
local |LDAP| user shell.
|
|
|
|
|
|
.. note::
|
|
For security and reliability, add all the variables.
|
|
|
|
**OS\_USERNAME**
|
|
the Keystone user name
|
|
|
|
**OS\_USER\_DOMAIN\_NAME**
|
|
the default domain for the user
|
|
|
|
**OS\_PROJECT\_NAME**
|
|
the tenant name
|
|
|
|
**OS\_PROJECT\_DOMAIN\_NAME**
|
|
the default domain for the project
|
|
|
|
**OS\_PASSWORD**
|
|
a clear text representation of the Keystone password
|
|
|
|
**OS\_AUTH\_URL**
|
|
the Keystone Authentication URL
|
|
|
|
**OS\_IDENTITY\_API\_VERSION**
|
|
the identity API version
|
|
|
|
**OS\_INTERFACE**
|
|
the interface
|
|
|
|
**OS\_REGION\_NAME**
|
|
the Keystone Region Name |