Remove v2.0 from documentation guides

This commit removes all references to v2.0 from various guides found
under doc/source/.

Change-Id: I7c2ef1c9323faccc1ec371803f85f34890481f32
This commit is contained in:
Lance Bragstad 2018-02-02 19:45:44 +00:00
parent d5e9c0b4fe
commit f6b6691d2e
7 changed files with 19 additions and 54 deletions

View File

@ -30,7 +30,7 @@ And set the following values in ``nova.conf`` as follows:
auth_strategy=keystone
[keystone_authtoken]
auth_uri = http://controller:5000/v2.0
auth_uri = http://controller:5000/v3
identity_uri = http://controller:35357
admin_user = admin
admin_password = SuperSekretPassword
@ -55,7 +55,7 @@ This sample paste config filter makes use of the ``admin_user`` and
[filter:authtoken]
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
auth_uri = http://controller:5000/v2.0
auth_uri = http://controller:5000/v3
identity_uri = http://controller:35357
auth_token = 012345SECRET99TOKEN012345
admin_user = admin

View File

@ -118,7 +118,6 @@ Here is a list of actions that are affected by the cached time:
* getting a new token
* revoking tokens
* validating tokens
* checking v2 tokens
* checking v3 tokens
The delete token API calls invalidate the cache for the tokens being

View File

@ -48,32 +48,3 @@ uses the `Python logging module`_, which provides extensive configuration
options that let you define the output levels and formats.
.. _`Python logging module`: https://docs.python.org/library/logging.html
User CRUD
---------
Identity provides a user CRUD (Create, Read, Update, and Delete) filter that
Administrators can add to the ``public_api`` pipeline. The user CRUD filter
enables users to use a HTTP PATCH to change their own password. To enable
this extension you should define a ``user_crud_extension`` filter, insert
it after the ``*_body`` middleware and before the ``public_service``
application in the ``public_api`` WSGI pipeline in
``keystone-paste.ini``. For example:
.. code-block:: ini
[filter:user_crud_extension]
paste.filter_factory = keystone.contrib.user_crud:CrudExtension.factory
[pipeline:public_api]
pipeline = sizelimit url_normalize request_id build_auth_context token_auth json_body ec2_extension user_crud_extension public_service
Each user can then change their own password with a HTTP PATCH.
.. code-block:: console
$ curl -X PATCH http://localhost:5000/v2.0/OS-KSCRUD/users/USERID -H "Content-type: application/json" \
-H "X_Auth_Token: AUTHTOKENID" -d '{"user": {"password": "ABCD", "original_password": "DCBA"}}'
In addition to changing their password, all current tokens for the user
are invalidated.

View File

@ -22,8 +22,7 @@ Setting an account lockout threshold
The account lockout feature limits the number of incorrect password attempts.
If a user fails to authenticate after the maximum number of attempts, the
service disables the user. Users can be re-enabled by explicitly setting the
enable user attribute with the update user API call, either
`v2.0`_ or `v3`_.
enable user attribute with the update user `v3`_ API call.
You set the maximum number of failed authentication attempts by setting
the ``lockout_failure_attempts``:
@ -227,6 +226,4 @@ old password.
.. _Security Hardening PCI-DSS: https://specs.openstack.org/openstack/keystone-specs/specs/keystone/newton/pci-dss.html
.. _v2.0: https://developer.openstack.org/api-ref/identity/v2-admin/index.html?expanded=update-user-admin-endpoint-detail#update-user-admin-endpoint
.. _v3: https://developer.openstack.org/api-ref/identity/v3/index.html#update-user

View File

@ -23,8 +23,7 @@ identity of the user.
Configuration
=============
In Identity API v2, there is no way to disable external authentication. In
order to activate the external authentication mechanism for Identity API v3,
In order to activate the external authentication mechanism for Identity API v3,
the ``external`` method must be in the list of enabled authentication methods.
By default it is enabled, so if you don't want to use external authentication,
remove it from the ``methods`` option in the ``auth`` section.

View File

@ -714,7 +714,7 @@ return an empty list from your new database):
.. code-block:: bash
$ openstack --os-token ADMIN --os-url http://127.0.0.1:35357/v2.0/ project list
$ openstack --os-token ADMIN --os-url http://127.0.0.1:35357/v3/ project list
.. NOTE::
@ -754,7 +754,7 @@ to be passed as arguments each time:
$ export OS_USERNAME=my_username
$ export OS_PASSWORD=my_password
$ export OS_PROJECT_NAME=my_project
$ export OS_AUTH_URL=http://localhost:35357/v2.0
$ export OS_AUTH_URL=http://localhost:35357/v3
For example, the commands ``user list``, ``token issue`` and ``project create``
can be invoked as follows:
@ -765,11 +765,11 @@ can be invoked as follows:
$ export OS_USERNAME=admin
$ export OS_PASSWORD=secret
$ export OS_PROJECT_NAME=admin
$ export OS_AUTH_URL=http://localhost:35357/v2.0
$ export OS_AUTH_URL=http://localhost:35357/v3
$ openstack user list
$ openstack project create demo
$ openstack token issue
# Using password authentication, with flags
$ openstack --os-username=admin --os-password=secret --os-project-name=admin --os-auth-url=http://localhost:35357/v2.0 user list
$ openstack --os-username=admin --os-password=secret --os-project-name=admin --os-auth-url=http://localhost:35357/v2.0 project create demo
$ openstack --os-username=admin --os-password=secret --os-project-name=admin --os-auth-url=http://localhost:35357/v3 user list
$ openstack --os-username=admin --os-password=secret --os-project-name=admin --os-auth-url=http://localhost:35357/v3 project create demo

View File

@ -62,15 +62,14 @@ Resource
The Resource service provides data about `projects` and `domains`.
Projects (Tenants)
^^^^^^^^^^^^^^^^^^
Projects
^^^^^^^^
``Projects`` (known as ``Tenants`` in v2.0) represent the base unit of
``ownership`` in OpenStack, in that all resources in OpenStack should be owned
by a specific project. A project itself must be owned by a specific domain, and
hence all project names are **not** globally unique, but unique to their
domain. If the domain for a project is not specified, then it is added to the
default domain.
``Projects`` represent the base unit of ``ownership`` in OpenStack, in that all
resources in OpenStack should be owned by a specific project. A project itself
must be owned by a specific domain, and hence all project names are **not**
globally unique, but unique to their domain. If the domain for a project is not
specified, then it is added to the default domain.
Domains
^^^^^^^
@ -276,9 +275,9 @@ interpolation)
.. code-block:: ini
[DEFAULT]
catalog.RegionOne.identity.publicURL = http://localhost:$(public_port)s/v2.0
catalog.RegionOne.identity.adminURL = http://localhost:$(public_port)s/v2.0
catalog.RegionOne.identity.internalURL = http://localhost:$(public_port)s/v2.0
catalog.RegionOne.identity.publicURL = http://localhost:$(public_port)s/v3
catalog.RegionOne.identity.adminURL = http://localhost:$(public_port)s/v3
catalog.RegionOne.identity.internalURL = http://localhost:$(public_port)s/v3
catalog.RegionOne.identity.name = 'Identity Service'