OpenStack Identity Service underpins all of the OpenStack services. With OpenStack Image Service configured to use OpenStack Identity Service, the OpenStack Compute environment can now be used.
To begin with, log in to an Ubuntu client and ensure that Nova client is available. If it isn’t, it can be installed as follows:
sudo apt-get update sudo apt-get python-novaclient
To use OpenStack Identity Service as the authentication mechanism in our OpenStack environment, we need to set our environment variables accordingly. For our demo user, this is achieved as follows:
export OS_TENANT_NAME=cookbook export OS_USERNAME=admin export OS_PASSWORD=openstack export OS_AUTH_URL=https://192.168.100.200:5000/v2.0/ export OS_NO_CACHE=1 export OS_KEY=/vagrant/cakey.pem export OS_CACERT=/vagrant/ca.pem
Add these to a file called novarc
in your home area. We can then source these credentials each time by simply executing the following command:
novarc
Note that if the user credential environment variables have been set in a shell that has the SERVICE_TOKEN
and SERVICE_ENDPOINT
environment variables. These will override our user credentials set in this step. Remove the SERVICE_TOKEN
and SERVICE_ENDPOINT
variables before continuing.
nova keypair-add demo > demo.pem chmod 0600 *.pem
nova list nova credentials
Configuring our environment to use OpenStack Identity Service for authentication for Nova client, so that we can launch our instances, involves manually creating an environment resource file with the appropriate environment variables in.
Our environment passes on our username, password, and tenant to OpenStack Identity Service for authentication and passes back—behind the scenes—an appropriate token that validates our user. This allows us to seamlessly spin up instances within our tenancy (project) of cookbook.