From fed5f52c8a4358b784556903958f455481854b76 Mon Sep 17 00:00:00 2001
From: Colleen Murphy <colleen.murphy@suse.de>
Date: Fri, 7 Dec 2018 15:31:42 +0100
Subject: [PATCH] Consolidate catalog management guide

We already have an admin guide on creating services in the catalog and
creating service users, so reduce the duplication in the configuration
guide.

Change-Id: I1de964753b8c6c95af10b8c84501e4f74ca382e4
---
 .../admin/cli-keystone-manage-services.rst    | 18 ++++-
 doc/source/configuration.rst                  | 76 -------------------
 2 files changed, 16 insertions(+), 78 deletions(-)

diff --git a/doc/source/admin/cli-keystone-manage-services.rst b/doc/source/admin/cli-keystone-manage-services.rst
index efa7b2c0aa..fe00836421 100644
--- a/doc/source/admin/cli-keystone-manage-services.rst
+++ b/doc/source/admin/cli-keystone-manage-services.rst
@@ -128,13 +128,27 @@ Create service users
       +-------------+----------------------------------+
 
 #. Create service users for the relevant services for your
-   deployment.
+   deployment. For example:
+
+   .. code-block:: console
+
+    $ openstack user create nova --password Sekr3tPass
+    +---------------------+----------------------------------+
+    | Field               | Value                            |
+    +---------------------+----------------------------------+
+    | domain_id           | default                          |
+    | enabled             | True                             |
+    | id                  | 95ec3e1d5dd747f5a512d261731d29c7 |
+    | name                | nova                             |
+    | options             | {}                               |
+    | password_expires_at | None                             |
+    +---------------------+----------------------------------+
 
 #. Assign the admin role to the user-project pair.
 
    .. code-block:: console
 
-      $ openstack role add --project service --user SERVICE_USER_NAME admin
+      $ openstack role add --project service --user nova admin
       +-------+----------------------------------+
       | Field | Value                            |
       +-------+----------------------------------+
diff --git a/doc/source/configuration.rst b/doc/source/configuration.rst
index 81797afd4b..7ec941d0fd 100644
--- a/doc/source/configuration.rst
+++ b/doc/source/configuration.rst
@@ -18,82 +18,6 @@
 Configuring Keystone
 ====================
 
-Setting up other OpenStack Services
-===================================
-
-Creating Service Users
-----------------------
-
-To configure the OpenStack services with service users, we need to create
-a project for all the services, and then users for each of the services. We
-then assign those service users an ``admin`` role on the service project. This
-allows them to validate tokens - and to authenticate and authorize other user
-requests.
-
-Create a project for the services, typically named ``service`` (however, the
-name can be whatever you choose):
-
-.. code-block:: bash
-
-    $ openstack project create service
-
-Create service users for ``nova``, ``glance``, ``swift``, and ``neutron``
-(or whatever subset is relevant to your deployment):
-
-.. code-block:: bash
-
-    $ openstack user create nova --password Sekr3tPass --project service
-
-Repeat this for each service you want to enable.
-
-Create an administrative role for the service accounts, typically named
-``admin`` (however the name can be whatever you choose). For adding the
-administrative role to the service accounts, you'll need to know the
-name of the role you want to add. If you don't have it handy, you can look it
-up quickly with:
-
-.. code-block:: bash
-
-    $ openstack role list
-
-Once you have it, grant the administrative role to the service users.
-
-.. code-block:: bash
-
-    $ openstack role add admin --project service --user nova
-
-Defining Services
------------------
-
-Keystone also acts as a service catalog to let other OpenStack systems know
-where relevant API endpoints exist for OpenStack Services. The OpenStack
-Dashboard, in particular, uses this heavily - and this **must** be configured
-for the OpenStack Dashboard to properly function.
-
-The endpoints for these services are defined in a template, an example of
-which is in the project as the file ``etc/default_catalog.templates``.
-
-Keystone supports two means of defining the services, one is the catalog
-template, as described above - in which case everything is detailed in that
-template.
-
-The other is a SQL backend for the catalog service, in which case after
-Keystone is online, you need to add the services to the catalog:
-
-.. code-block:: bash
-
-    $ openstack service create compute --name nova \
-                                    --description "Nova Compute Service"
-    $ openstack service create ec2 --name ec2 \
-                                   --description "EC2 Compatibility Layer"
-    $ openstack service create image --name glance \
-                                      --description "Glance Image Service"
-    $ openstack service create identity --name keystone \
-                                        --description "Keystone Identity Service"
-    $ openstack service create object-store --name swift \
-                                     --description "Swift Service"
-
-
 Identity sources
 ================