创建domain
[root@cc01 ~]# openstack domain create --description "Default Domain" default
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Default Domain |
| enabled | True |
| id | 011fbf8c04f1479ab1a4e49b019b22d1 |
| name | default |
+-------------+----------------------------------+
一、租户管理
创建租户
[root@cc10 ~]# openstack project create --domain default --description "hzbtest Project" hzbtest
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | hzbtest Project |
| domain_id | default |
| enabled | True |
| id | a18a50c3e0204fd9841751f0dbe93d66 |
| is_domain | False |
| name | hzbtest |
| parent_id | default |
+-------------+----------------------------------+
修改租户属性(以修改enabled和name为例子)
openstack project set --disable --name=hzbtest2 hzbtest
[root@cc10 ~]# openstack project show hzbtest2
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | hzbtest Project |
| domain_id | default |
| enabled | False |
| id | a18a50c3e0204fd9841751f0dbe93d66 |
| is_domain | False |
| name | hzbtest2 |
| parent_id | default |
+-------------+----------------------------------+
删除租户
openstack project delete hzbtest2
查询租户列表
[root@cc01 ~]# openstack project list
+----------------------------------+--------------------+
| ID | Name |
+----------------------------------+--------------------+ |
| 91550f3ddf5940ea9a9d17daaf6d1f5e | admin |
查看租户详情:
[root@cc01 ~]# openstack project show admin
+-------------+-----------------------------------------------+
| Field | Value |
+-------------+-----------------------------------------------+
| description | Bootstrap project for initializing the cloud. |
| domain_id | default |
| enabled | True |
| id | 91550f3ddf5940ea9a9d17daaf6d1f5e |
| is_domain | False |
| name | admin |
| parent_id | default |
+-------------+-----------------------------------------------+
二、用户管理
创建用户
[root@cc10 ~]# openstack user create --domain default --password-prompt hzbtest
User Password:
Repeat User Password:
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | a51a551644ed42ad84d7580be91f7fae |
| name | hzbtest |
+-----------+----------------------------------+
查看用户详情
[root@cc10 ~]# openstack user show hzbtest
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | a51a551644ed42ad84d7580be91f7fae |
| name | hzbtest |
+-----------+----------------------------------+
更新用户信息
usage: openstack user set [-h] [--name <name>] [--project <project>]
[--project-domain <project-domain>]
[--password <password>] [--password-prompt]
[--email <email-address>]
[--description <description>] [--enable | --disable]
<user>
[root@cc10 ~]# openstack user set --email=hzbtest@qq.com --description=xxx --password= hzbtest
[root@cc10 ~]# openstack user show hzbtest
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | xxx |
| domain_id | default |
| email | hzbtest@qq.com |
| enabled | True |
| id | a51a551644ed42ad84d7580be91f7fae |
| name | hzbtest |
+-------------+----------------------------------+
删除用户
openstack user delete hzbtest
查询用户列表
[root@cc01 ~]# openstack user list
+----------------------------------+---------------------------+
| ID | Name |
+----------------------------------+---------------------------+
| 01eef5e310e141cc8a3687dabc643676 | test_user |
查询某一租户下的所有用户
[root@cc01 ~]# openstack user list --project=admin
+----------------------------------+------------------+
| ID | Name |
+----------------------------------+------------------+
| f05b4e3b6585429e98f178934d71ae3e | admin |
| 99955f8cefeb4a6f945e06ec3f424b5d | pulsar@admin.com |
| 01eef5e310e141cc8a3687dabc643676 | test_user |
| 6e6d64905b0f419daaf424f678733dec | test123409 |
+----------------------------------+------------------+
三、角色管理
创建角色
[root@cc10 ~]# openstack role create hzb-role
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | None |
| id | 72744157e8ad4267ae7b8ffc4c00fb03 |
| name | hzb-role |
+-----------+----------------------------------+
角色相关的方法
[root@cc10 ~]# openstack role --help
Command "role" matches:
role add
role assignment list
role create
role delete
role list
role remove
role set
role show
将租户和用户加入到角色
openstack role add --project hzbtest --user hzbtest hzb-role
查看租户和用户的关系
[root@cc10 ~]# openstack role assignment list --user=hzbtest
+----------------------------------+----------------------------------+-------+----------------------------------+--------+-----------+
| Role | User | Group | Project | Domain | Inherited |
+----------------------------------+----------------------------------+-------+----------------------------------+--------+-----------+
| 72744157e8ad4267ae7b8ffc4c00fb03 | a51a551644ed42ad84d7580be91f7fae | | a21daa122cb54ca68fdcfeaad843c081 | | False |
+----------------------------------+----------------------------------+-------+----------------------------------+--------+-----------+
将role移除租户和用户
openstack role remove --user=hzbtest --project=hzbtest hzb-role