Fix incorrect commands adding Gluon service to Keystone

The commands in appendix of gluon-auth.rst are not right and cause errors when running in terminal. The changes reference ocata doc: https://docs.openstack.org/ocata/install-guide-obs/neutron-controller-install.html Change-Id: If7a703add8d378dc9184f50dcc6dea56e69b3876 Closes-Bug: #1698245
2017-06-15 17:05:47 -07:00 · 2017-06-15 17:05:47 -07:00 · d435203e6c
parent 81d1dbe31e
commit d435203e6c
2 changed files with 50 additions and 49 deletions
--- a/doc/samples/policy.json
+++ b/doc/samples/policy.json
@ -1,35 +1,36 @@
 {
-	"owner": "tenant_id:%(tenant_id)s",
- 	"admin_or_owner": "rule:context_is_admin or rule:owner",
-	"context_is_advsvc":  "role:advsvc",
- 	"admin_or_network_owner": "rule:context_is_admin or tenant_id:%(network:tenant_id)s",
-	"admin_owner_or_network_owner": "rule:owner or rule:admin_or_network_owner",
-	"admin_only": "rule:context_is_admin",
-	"regular_user": "",
-	"default": "rule:admin_or_owner",
+    "context_is_admin": "role:admin",
+    "owner": "tenant_id:%(tenant_id)s",
+    "admin_or_owner": "rule:context_is_admin or rule:owner",
+    "context_is_advsvc":  "role:advsvc",
+    "admin_or_network_owner": "rule:context_is_admin or tenant_id:%(network:tenant_id)s",
+    "admin_owner_or_network_owner": "rule:owner or rule:admin_or_network_owner",
+    "admin_only": "rule:context_is_admin",
+    "regular_user": "",
+    "default": "rule:admin_or_owner",

-	"create_ports": "rule:admin_or_network_owner",
-	"get_ports": "rule:admin_or_owner",
-	"update_ports": "rule:admin_or_network_owner",
-	"delete_ports": "rule:admin_or_network_owner",
+    "create_ports": "rule:admin_or_network_owner",
+    "get_ports": "rule:admin_or_owner",
+    "update_ports": "rule:admin_or_network_owner",
+    "delete_ports": "rule:admin_or_network_owner",

-	"create_interfaces": "rule:admin_or_network_owner",
-	"get_interfaces": "rule:admin_or_owner",
-	"update_interfaces": "rule:admin_or_network_owner",
-	"delete_interfaces": "rule:admin_or_network_owner",
+    "create_interfaces": "rule:admin_or_network_owner",
+    "get_interfaces": "rule:admin_or_owner",
+    "update_interfaces": "rule:admin_or_network_owner",
+    "delete_interfaces": "rule:admin_or_network_owner",

-	"create_vpns": "rule:admin_or_network_owner",
- 	"get_vpns": "rule:admin_or_owner",
- 	"update_vpns": "rule:admin_or_network_owner",
-	"delete_vpns": "rule:admin_or_network_owner",
+    "create_vpns": "rule:admin_or_network_owner",
+    "get_vpns": "rule:admin_or_owner",
+    "update_vpns": "rule:admin_or_network_owner",
+    "delete_vpns": "rule:admin_or_network_owner",

-	"create_vpnbindings": "rule:admin_or_network_owner",
- 	"get_vpnbindings": "rule:admin_or_owner",
- 	"update_vpnbindings": "rule:admin_or_network_owner",
-	"delete_vpnbindings": "rule:admin_or_network_owner",
+    "create_vpnbindings": "rule:admin_or_network_owner",
+    "get_vpnbindings": "rule:admin_or_owner",
+    "update_vpnbindings": "rule:admin_or_network_owner",
+    "delete_vpnbindings": "rule:admin_or_network_owner",

-	"create_vpnafconfigs": "rule:admin_or_network_owner",
- 	"get_vpnafconfigs": "rule:admin_or_owner",
- 	"update_vpnafconfigs": "rule:admin_or_network_owner",
-	"delete_vpnafconfigs": "rule:admin_or_network_owner",
+    "create_vpnafconfigs": "rule:admin_or_network_owner",
+    "get_vpnafconfigs": "rule:admin_or_owner",
+    "update_vpnafconfigs": "rule:admin_or_network_owner",
+    "delete_vpnafconfigs": "rule:admin_or_network_owner",
 }
--- a/doc/source/devref/gluon-auth.rst
+++ b/doc/source/devref/gluon-auth.rst
@ -187,45 +187,45 @@ The pecan-wsgi service in the Neutron will be used as a reference code for Gluon
 Configuration
 ~~~~~~~~~~~~~
 The /etc/proton/proton.conf file can be used to configure the authentication details. A sample
-configuration is shown below.
+configuration is shown below. Change 127.0.0.1 to your keystone endpoint.

-	[api]
-	auth_strategy = keystone
+    [api]
+    auth_strategy = keystone

-	[keystone_authentication]
-	auth_uri = http://127.0.0.1/identity
-	project_domain_name = Default
-	project_name = service
-	user_domain_name = Default
-	password = welcome
-	username = gluon
-	auth_url = http://127.0.0.1/identity_admin
-	auth_type = password
+    [keystone_authtoken]
+    auth_uri = http://127.0.0.1:5000
+    project_domain_name = Default
+    project_name = service
+    user_domain_name = Default
+    password = <password>
+    username = gluon
+    auth_url = http://127.0.0.1:35357
+    auth_type = password

-	[oslo_policy]
-	policy_file = /etc/proton/policy.json
+    [oslo_policy]
+    policy_file = /etc/proton/policy.json

 Appendix
 --------
-Configuring identity details for Keystone:
+Configuring identity details for Keystone, change 10.0.2.15 to your gluon endpoint:

    1. Create gluon user:

-        > openstack user create --name gluon --pass <password>
+        > openstack user create --password <password> gluon

    2. Add the admin role to the gluon user:

-        > openstack user role add --user gluon --tenant service --role admin
+        > openstack role add --project service --user gluon admin

    3. Create the gluon service

-        > openstack service create --name gluon --type network --description "Gluon"
+        > openstack service create --name gluon --description "Gluon" network

    4. Create Gluon API endpoints

-        > openstack endpoint create —publicurl http://10.0.2.15:2705  \
-            —adminurl http://10.0.2.15:2705 —internalurl http://10.0.2.15:2705 \
-            —region regionOne gluon
+        > openstack endpoint create --publicurl http://10.0.2.15:2705  \
+            --adminurl http://10.0.2.15:2705 --internalurl http://10.0.2.15:2705 \
+            --region regionOne gluon

 Reference
 ---------