OpenStack GDL : Hacking keystone | 20 Octubre 2014

89 %
11 %
Information about OpenStack GDL : Hacking keystone | 20 Octubre 2014
Software

Published on October 21, 2014

Author: VictorMorales34

Source: slideshare.net

Description

Presentación utilizada durante la sesión de octubre de OpenStack GDL

1. Hacking Keystone Victor Morales @electrocucarach

2. Agenda • Context • What is keystone? • History • Demo # keystone-manage # keystone-all – Installation (operator perspective) – Installation (developer perspective)

3. Cloud computing is a specialized form of distributed computing that introduces utilization models for remotely provisioning scalable and measured IT resources. Organization name Month dd, yyyy

4. Service Models

5. Deployment models

6. OpenStack is a cloud operating system that controls large pools of compute, storage, and networking resources throughout a data center, all managed through a dashboard … 6

7. Definition Keystone is the identity service used by OpenStack for authentication (authN) and high-level authorization (authZ). It currently supports token-based authN and user-service authorization. If you're interested in identity for OpenStack, we hold public meetings weekly on IRC in #openstack-meeting, on Tuesdays at 18:00 UTC.

8. Releases • Essex: – Supports S3 token validation and additional Swift storage features • Folsom: – PKI Support for authentication. • Grizzly: – New API (V3) • Havana: – General performance improvements • Icehouse: – The assignments backend has now been completely separated from the identity backend. • Juno: – Multiple Identity backends – LDAPs now available – Keystone-to-Keystone Federation(experimental).

9. API • catalog • ec2- credentials – create – delete – get – List • endpoint – create – delete – get – list • password – update • role – create – delete – get – List • service – Create – Delete – get – list • tenant – create – delete – get – List • token – Get • user – create – delete – Get – list – update – password-update • user-role – add – list – Remove • discover • bootstrap • bash – completition

10. keystone-all It starts both the service and administrative APIs in a single process to provide catalog, authorization, and authentication services for OpenStack. --config-dir DIR Path to a config directory to pull *.conf files from --config-file PATH Path to a config file to use. Multiple config files can be specified, with values in later files taking precedence.

11. keystone-manage It’s the command line tool which interacts with the Keystone service to initialize and update data within Keystone. Generally, keystone-manage is only used for operations that cannot be accomplished with the HTTP API, such data import/export and database migrations. Available commands: • db_sync: Sync the database. • db_version: Print the current migration version of the database. • mapping_purge: Purge the identity mapping table. • pki_setup: Initialize the certificates used to sign tokens. • saml_idp_metadata: Generate identity provider metadata. • ssl_setup: Generate certificates for SSL. • token_flush: Purge expired tokens.

12. Installation 1/2 • Operator perspective (Ubuntu): # echo "deb http://ubuntu-cloud.archive.canonical.com/ubuntu precise-updates/icehouse main" >> /etc/apt/sources.list.d/icehouse.list # apt-get update # apt-get -y install ubuntu-cloud-keyring # apt-get update # apt-get -y install keystone Configure /etc/keystone/keystone.conf # keystone-manage db_sync # service keystone restart

13. Installation 2/2 • Developer perspective : $ sudo apt-get install –y git screen python-pip python-virtualenv python-dev libxml2-dev libxslt1-dev libsasl2-dev libsqlite3-dev libssl-dev libldap2-dev libffi-dev $ git clone https://github.com/openstack/keystone.git $ cd keystone $ python tools/install_venv.py $ mv etc/keystone.conf.sample etc/keystone.conf Configure /etc/keystone/keystone.conf $ tools/with_venv.sh bin/keystone-manage db_sync $ screen -dmS "keystone_service" tools/with_venv.sh bin/keystone-all

Add a comment

Related presentations

Speaker: Matt Stine Developing for the Cloud Track Marc Andressen has famou...

This presentation explains how to develop a Web API in Java using (JAX-RS or Restl...

1 App,

1 App,

November 10, 2014

How to bring innovation to your organization by streamlining the deployment proces...

Cisco Call-control solutions can handle voice, video and data

Nathan Sharp of Siemens Energy recently spoke at the SAP Project Management in Atl...

Related pages

CANCER 11 - 20 OCTUBRE 2014 - YouTube

EL HORÓSCOPO DEL (11 - 20 OCTUBRE 2014), PARA TODOS LOS NACIDOS BAJO EL SIGNO DE CANCER Participa de nuestro programa especialmente hecho para ...
Read more

GEMINIS 11 - 20 OCTUBRE 2014 - YouTube

EL HORÓSCOPO DEL (11 - 20 OCTUBRE 2014), PARA TODOS LOS NACIDOS BAJO EL SIGNO DE GEMINIS Participa de nuestro programa especialmente hecho para ...
Read more

OC03EF the river - Geocaching con Opencaching

20. octubre 2014, 10:30 Spinnenfinder ha encontrado el geocache Neben der schönen Aussicht fanden wir am Anfang des Multis den Sudpfannen- Brunnen sehr ...
Read more

Edición_20_octubre_2014 - Newsletter

Newsletter de InnovaSoft con información de Remuneraciones, Personal, RR HH y gestión de personas
Read more

Copy of SE 20 octubre 2014 by on Prezi

Make your likes visible on Facebook? Connect your Facebook account to Prezi and let your likes appear on your timeline. You can change this under Settings ...
Read more

20 octubre, 2014 – Espacio de Arpon Files

3 entradas publicado por Arpon Files en October 20, 2014 ... La Rama Dorada "¿Por qué repetir todo esto? Porque todos los días nacen nuevas generaciones.
Read more

20 octubre, 2014 – Malpartida de Plasencia

en 20 octubre, 2014 20 octubre, 2014 por Luis Blasco Martin en Malpartida de Plasencia Deja un comentario.
Read more

20 Octubre 2014 | Ana Rosa Quintana Vídeos

20 Octubre 2014; 29 Octubre 2014; 28 Octubre 2014; 24 Octubre 2014; 22 Octubre 2014; 30 Octubre 2014; 21 Octubre 2014; 15 Octubre 2014; 13 ...
Read more

DxTs programa 20 octubre 2014 on Vimeo

This is "DxTs programa 20 octubre 2014" by vision6tv on Vimeo, the home for high quality videos and the people who love them.
Read more