No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

OceanStor 9000 V300R006C00 Object Storage Service (Compatible with OpenStack Swift APIs) Administrator Guide 07

Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Connecting to the Keystone Server

Connecting to the Keystone Server

To use the object storage service, you need to interconnect OceanStor 9000 with the Keystone server to authenticate users.

Prerequisites

Make sure that the system time of Keystone is the same with that of OceanStor 9000, otherwise the authentication information will be invalid.

Context

Before using the object storage service, the administrator must connect the storage system to the Keystone authentication server, and must use Keystone API v3.0 to connect the Keystone server.

Procedure

  1. Log in to DeviceManager.
  2. Choose Settings > Storage Settings > Object Storage Service > Keystone Settings.
  3. Specify a Keystone server for the cluster.

    Table 6-2 describes related parameters.

    Table 6-2  Keystone basic information

    Parameter

    Description

    Value

    IP Address

    IP address of the Keystone server used for authentication.

    [Example]

    192.168.1.100

    Port

    Port of the Keystone server used for authentication.

    [Example]

    9999

  4. Configure authentication information for the Keystone server. The Keystone server authenticate access requests through users of the administrator tenant.

    Table 6-3 describes related parameters.

    Table 6-3  Keystone authentication information

    Parameter

    Description

    Value

    Administrator Tenant

    Administrator tenant name on the Keystone server.
    NOTE:
    Administrator Tenant, Username, and User Role are set on the Keystone server.

    [Default value]

    admin

    Username

    The name of a user in the administrator tenant you configure.

    [Example]

    None

    Password

    Password configured for a user of the administrator tenant.
    NOTE:
    The password is the password of User.

    [Example]

    None

    URI Prefix

    The URI prefix describes access requests. The prefix must be the same as that on the Keystone server. Otherwise, the authentication will fail.

    [Default value]

    AUTH_

    Service Prefix

    The prefix on the Keystone server.

    [Value range]

    The service prefix contains 1 to 63 letters, digits, hyphens (-), underscores (_), and slashes (/), and cannot start or end with a slash (/).

    [Default value]

    AUTH_

    User Role

    User role that can operate accounts. The entered user role must be consistent with that configured on the Keystone server. Otherwise, the user role cannot be used to operate accounts.

    [Value range]

    The user role contains a maximum of 4095 characters.

    [Default value]

    admin;swiftoperator

    NOTE:
    User roles are separated by commas (,).

    Authentication Protocol

    The cluster transfers user authenticated data information with the Keystone server through the configured protocol. The protocols are:
    • HTTP

      HTTP-based transmission is not encrypted and there may be security risks.

    • HTTPS

      HTTPS-based transmission is encrypted to protect security.

    [Default value]

    HTTPS

    Verify the Keystone server certificate

    Whether the cluster verifies the validity of Keystone server certificate automatically. If the Keystone server of a cluster is disabled, the communication between the cluster and the server may encounter security risks.

    NOTE:
    • When Authentication Protocol is HTTPS, you can select Verify the Keystone server certificate. In this case, you need to import the security certificate of the Keystone server. For details about how to import the security certificate of the Keystone server, see the OceanStor 9000Security Maintenance.
    • Setting Authentication Protocol to HTTP may incur security risks and is not recommended as a result.

    [Default value]

    Enabled

    API Version

    Version of the Keystone interface used for the interaction between clusters and the Keystone server. Only Keystone servers compatible with this version can be used as the authentication server of the cluster.

    [Example]

    V3.0

    NOTE:
    This parameter cannot be configured.

  5. Click Save.

    The Success dialog box is displayed.

  6. Click OK to complete the domain name configuration.
Translation
Download
Updated: 2019-04-28

Document ID: EDOC1000122524

Views: 11112

Downloads: 86

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next