If you want to create a reseller_admin user with keystone, you should add this user in keystone with admin role. The admin role is the configuration of keysoneauth.
[filter:keystoneauth] use = egg:swift#keystoneauth operator_roles = admin, swiftoperator 2013/2/23 Kun Huang <[email protected]> > Back to my first question, should I create admin_user, admin_password, > admin_tenant_name by keystone command myself? > > > On Fri, Feb 22, 2013 at 9:02 AM, Kun Huang <[email protected]>wrote: > >> Dolph, thanks your advice, but in my environment, both below two case >> >> 1. setting admin_token,admin_user, admin_password, admin_tenant_name in >> proxy.conf and setting admin_token in keystone.conf >> 2. setting admin_user, admin_password, admin_tenant_name in proxy.conf >> and setting admin_token in keystone.conf >> >> only admin_token in keystone.conf is valuable. (default ADMIN) >> Should I create admin_user, admin_password, admin_tenant_name by keystone >> command myself? >> >> >> >> >> On Fri, Feb 22, 2013 at 1:45 AM, Dolph Mathews >> <[email protected]>wrote: >> >>> Setting the admin_token config is overriding the admin_user, >>> admin_password, and admin_tenant_name values by specifying a static token. >>> I'd recommend removing it and using the auth credentials you've already >>> provided. >>> >>> -Dolph >>> >>> >>> On Thu, Feb 21, 2013 at 3:10 AM, Kun Huang <[email protected]>wrote: >>> >>>> Following another question: >>>> In document: >>>> http://docs.openstack.org/developer/keystone/middleware_architecture.html >>>> , >>>> >>>> >>>> [filter:tokenauth] >>>> paste.filter_factory = keystone.middleware.auth_token:filter_factory >>>> auth_host = 127.0.0.1 >>>> auth_port = 35357 >>>> auth_protocol = http >>>> auth_uri = http://127.0.0.1:5000/ >>>> admin_token = Super999Sekret888Password777 >>>> admin_user = admin >>>> admin_password = SuperSekretPassword >>>> admin_tenant_name = service >>>> ;Uncomment next line and check ip:port to use memcached to cache tokens >>>> ;memcache_servers = 127.0.0.1:11211 >>>> >>>> That admin token is not admin_token = ADMIN in keystone, right? >>>> >>>> >>>> >>>> >>>> >>>> On Thu, Feb 21, 2013 at 4:06 PM, Kun Huang <[email protected]>wrote: >>>> >>>>> I'm building environment with Swift + Keystone. >>>>> I have set admin_user, admin_password, admin_tenant_name, but it >>>>> doesn't work. >>>>> I followed the document: >>>>> http://docs.openstack.org/developer/swift/overview_auth.html and chmouel's >>>>> blog: >>>>> http://blog.chmouel.com/2011/11/24/swift-and-keystone-middleware-part1/ >>>>> >>>>> My swift and keystone run well: >>>>> >>>>> [image: Inline image 1] >>>>> >>>>> But failed in curl: >>>>> [image: Inline image 2] >>>>> >>>>> I guess the value of admin_user/admin_password/admin_tenant_name >>>>> doesn't save in db. >>>>> >>>>> Which step do I missed? or some problems in my proxy config? >>>>> >>>>> Here is my current config. >>>>> [DEFAULT] >>>>> bind_port = 8888 >>>>> user = swift >>>>> >>>>> [pipeline:main] >>>>> pipeline = catch_errors healthcheck cache authtoken keystoneauth >>>>> proxy-server >>>>> >>>>> [app:proxy-server] >>>>> use = egg:swift#proxy >>>>> account_autocreate = true >>>>> >>>>> [filter:keystoneauth] >>>>> use = egg:swift#keystoneauth >>>>> operator_roles = admin, swiftoperator >>>>> >>>>> [filter:authtoken] >>>>> # Delaying the auth decision is required to support token-less >>>>> # usage for anonymous referrers ('.r:*'). >>>>> paste.filter_factory = >>>>> keystoneclient.middleware.auth_token:filter_factory >>>>> auth_host = keystonehost >>>>> auth_port = 35357 >>>>> auth_protocol = http >>>>> auth_uri = http://keystonehost:5000/ >>>>> admin_tenant_name = service >>>>> admin_user = swift >>>>> admin_password = password >>>>> >>>>> [filter:cache] >>>>> use = egg:swift#memcache >>>>> set log_name = cache >>>>> >>>>> [filter:catch_errors] >>>>> use = egg:swift#catch_errors >>>>> >>>>> [filter:healthcheck] >>>>> use = egg:swift#healthcheck >>>>> >>>> >>>> >>>> _______________________________________________ >>>> Mailing list: https://launchpad.net/~openstack >>>> Post to : [email protected] >>>> Unsubscribe : https://launchpad.net/~openstack >>>> More help : https://help.launchpad.net/ListHelp >>>> >>>> >>> >> > > _______________________________________________ > Mailing list: https://launchpad.net/~openstack > Post to : [email protected] > Unsubscribe : https://launchpad.net/~openstack > More help : https://help.launchpad.net/ListHelp > > -- 杨雨 Email: [email protected] GitHub: https://github.com/AlexYangYu Blog: http://alexyang.sinaapp.com Weibo: http://www.weibo.com/alexyangyu
_______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : [email protected] Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
