Nothing is more frustrating than not being able to log in to your cluster to see what is going on. Thankfully, OpenStack offers an authentication override to bypass authentication and allow you to make Keystone calls to see services, endpoints, and other Keystone resources. This is called using the Keystone admin service token. In Chapter 3, Identity Management, we looked at creating a keystonerc
file. To use this service token to override authentication, you need to use a similar methodology. Start by getting the current service token value from the keystone.conf
file:
$ grep admin_token /etc/keystone/keystone.conf
The value that keystone's admin_token
is set to can be passed with a service endpoint URL to Keystone and authentication will be overridden. Get the OS_AUTH_URL
environment variable from the keystonerc_admin
file you created, and create a new file with the following content. To keep it separate from your original keystonerc
file, give...