45 lines
2.0 KiB
XML
45 lines
2.0 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<section xmlns="http://docbook.org/ns/docbook"
|
|
xmlns:xi="http://www.w3.org/2001/XInclude"
|
|
xmlns:xlink="http://www.w3.org/1999/xlink"
|
|
version="5.0"
|
|
xml:id="keystone-service-mgmt">
|
|
<title>Service management</title>
|
|
<para>The Identity Service provides
|
|
identity, token, catalog, and policy services.
|
|
It consists of:</para>
|
|
<itemizedlist>
|
|
<listitem>
|
|
<para><systemitem class="service">keystone Web Server Gateway
|
|
Interface (WSGI) service</systemitem>. Can be run in a
|
|
WSGI-capable web server such as Apache httpd to provide the
|
|
Identity Service. The service and administrative APIs are run as
|
|
separate instances of the WSGI service.
|
|
</para>
|
|
</listitem>
|
|
<listitem>
|
|
<para>Identity Service functions. Each has a pluggable back
|
|
end that allows different ways to use the particular
|
|
service. Most support standard back ends like LDAP or
|
|
SQL.</para>
|
|
</listitem>
|
|
<listitem>
|
|
<para><systemitem class="service">keystone-all</systemitem>.
|
|
Starts both the service and administrative APIs in a
|
|
single process. Using federation with keystone-all is not
|
|
supported. keystone-all is deprecated in favor of the WSGI
|
|
service.</para>
|
|
</listitem>
|
|
</itemizedlist>
|
|
<para>The Identity Service also maintains a user that
|
|
corresponds to each service, such as, a user named
|
|
<emphasis>nova</emphasis> for the Compute service, and
|
|
a special service tenant called
|
|
<emphasis>service</emphasis>.</para>
|
|
<para>For information about how to create services and
|
|
endpoints, see the <link
|
|
xlink:href="http://docs.openstack.org/user-guide-admin/index.html"
|
|
><citetitle>OpenStack Admin User
|
|
Guide</citetitle></link>.</para>
|
|
</section>
|