Hi José,
I just fund the curl commands to get the token for version 3 and I will try to install the latest version of openstack client in a virtual env.
Thank you.
BR,
Cristian
De : José Ignacio Carretero [mailto:joseignacio.carretero at fiware.org]
Envoyé : lundi 16 octobre 2017 13:22
À : Cristian CMECIU <ccmeciu at images-et-reseaux.com>; Álvaro Alonso <aalonsog at dit.upm.es>
Cc : fiware-lab-federation-nodes at lists.fiware.org
Objet : Re: [Fiware-lab-federation-nodes] Instructions to upgrade Community users
Hi Cristian,
That last curl (the one to get the token) is for keystone v2.0 --- That works with url: http://cloud.lab.fiware.org:4730/v2.0/tokens
but it is deprecated and sometime it will be removed, despite of getting an unusable token out of Scope. --- Why not using openstack CLI tools?
1. Create a virtual environment for python:
virtualenv os
2. Install the Openstack tools (you'll need python 2.7 and python-dev installed in order to make this work):
source os/bin/activate
pip install python-openstackclient
3. Issue a token (not needed):
openstack token issue
4. Get user data:
openstack user show ${user_name}
---
Anyway, if you insist in using "curl", I'd suggest having installed the jq command (which is a json parser, etc. --- Just a wonderful tool to work with json input).
Getting a Token for Keystone V3:
data="{ \"auth\": {
\"identity\": {
\"methods\": [ \"password\" ],
\"password\": {
\"user\": {
\"name\": \"$OS_USERNAME\",
\"domain\": {\"id\":\"default\"},
\"password\": \"$OS_PASSWORD\"
}
}
}
}
}"
curl -i http://cloud.lab.fiware.org:4730/v3/auth/tokens -H "Content-Type: application/json"-d "$data" 2>/dev/null |awk '/^X-Subject-Token: / {print $2}'
Now, you can use the 2nd curl:
curl -H "X-Auth-Token: ${token}" -H "Accept: application/json" http://cloud.lab.fiware.org:4731/v3/users?name=${user_name}
Hope this helps.
Best regards,
José Ignacio
El 16/10/2017 a las 14:54, Cristian CMECIU escribió:
Hi Álvaro,
I didn’t succeeded to check if a user is created using:
curl -H "X-Auth-Token: {admin_token}" http://cloud.lab.fiware.org:4730/v3/users?name=“{user_email}<http://cloud.lab.fiware.org:4730/v3/users?name=%E2%80%9C%7buser_email%7d>”
Using v2.0 endpoint, I get the token but I get this error when I check the user:
{"error": {"message": "The resource could not be found.", "code": 404, "title": "Not Found"}}
For v3 version I cannot get any token:
# curl -d '{"auth":{"passwordCredentials":{"username": "admin-lannion", "password": "admin_passwd"}}}' -H 'Content-type: application/json' --url http://cloud.lab.fiware.org:4730/v3/tokens
Is there another way to get the admin token?
BR,
Cristian CMECIU
Fiware-Lab/ Lannion Region
Images et Réseaux Support Engineer
[FIWARE_lab]
De : fiware-lab-federation-nodes-bounces at lists.fiware.org<mailto:fiware-lab-federation-nodes-bounces at lists.fiware.org> [mailto:fiware-lab-federation-nodes-bounces at lists.fiware.org] De la part de Álvaro Alonso
Envoyé : mercredi 11 octobre 2017 16:12
À : fiware-lab-federation-nodes at lists.fiware.org<mailto:fiware-lab-federation-nodes at lists.fiware.org>
Objet : [Fiware-lab-federation-nodes] Instructions to upgrade Community users
Dear IOs,
I include below detailed instructions regarding how to upgrade users to community.
Please, note that actions like searching a user or project are usually done using Horizon filters. However, due to large number of entities we currently have in our Keystone instance, rendering those amount of users/projects in the interface is not feasible. For that reason we have enabled a pagination to display some entities (projects and users). Unfortunately, the filter just acts over the rendered entities so it is not posible to use it to find users or projects globally.
Instructions:
1. If the user is not created you have to create it.
2. If the user doesn’t have an associated project to create cloud resources, you have to create it and to assign the user as a member of the project.
3. Include in the metadata of the user (“description” field) the date in which the user has been upgraded to Community (with the format "community_started_at": "YYYY-MM-DD”).
- You can check if the user is already created using this API request: curl -H "X-Auth-Token: {admin_token}" http://cloud.lab.fiware.org:4730/v3/users?name=“{user_email}<http://cloud.lab.fiware.org:4730/v3/users?name=%E2%80%9C%7buser_email%7d>”
- In the user creation wizard, you can directly create an associated project to the user. Thus, the user is automatically associated as member of that project.
- Identity -> Users -> Create User
4. Assign the role “Community” in the domain “default” to the user.
- Identiity -> Domains -> Manage Members (Default Domain) -> Search the user in the left side bar -> Select the user (+ icon) -> Search the user in the right side bar -> Select Community role
5. If you want to assign different quotas than the default ones, assign the desired quotas to the created project in your node
- Projects -> Project details -> Modify quotas
- To find the project details you can use the URL https://cloud.lab.fiware.org/identity/{project_id<https://cloud.lab.fiware.org/identity/%7bproject_id>}detail/<https://cloud.lab.fiware.org/identity/9de7c6071e834a07a869969e467d099d/detail/>
- To find the project associated to a user you can check user details in https://cloud.lab.fiware.org/identity/users/{user_id}/detail/<https://cloud.lab.fiware.org/identity/users/%7Buser_id%7D/detail/>
- To check user id you can use the API curl -H "X-Auth-Token: {admin_token}" http://cloud.lab.fiware.org:4730/v3/users?name=“{user_email}<http://cloud.lab.fiware.org:4730/v3/users?name=%E2%80%9C%7buser_email%7d>”
6. Assign the corresponding endpoint_group to the project associated to the user
- curl -H "X-Auth-Token: {admin-token}” -X PUT http://cloud.lab.fiware.org:4730/v3//OS-EP-FILTER/endpoint_groups/{region_endpoint_group_id}/projects/{project_id}<http://cloud.lab.fiware.org:4730/v3/OS-EP-FILTER/endpoint_groups/%7Bregion_endpoint_group%7D/projects/%7Bproject_id%7D>
- IMPORTANT: if no endpoint group is assigned to a user, it has access to every node. So please, this step is very important.
- You can find your node’s endpoint group id in the attached document.
7. Notify the user of the account creation. Ask him/her to change the password the first time accessing the portal.
BR
--
Álvaro
__________________________________________________________________________________________
You can get more information about our cookies and privacy policies on the following links:
- http://forge.fiware.org/plugins/mediawiki/wiki/fiware/index.php/FIWARE_Privacy_Policy
- http://forge.fiware.org/plugins/mediawiki/wiki/fiware/index.php/Cookies_Policy_FIWARE
Fiware-lab-federation-nodes mailing list
Fiware-lab-federation-nodes at lists.fiware.org<mailto:Fiware-lab-federation-nodes at lists.fiware.org>
https://lists.fiware.org/listinfo/fiware-lab-federation-nodes
--
−−−
José Ignacio Carretero
FIWARE Cloud and Platform Expert
FIWARE Foundation
[FIWARE Foundation]
Franklinstrasse 13A
10587 Berlin
email: joseignacio.carretero at fiware.org<mailto:joseignacio.carretero at fiware.org>
www: http://fiware.org
twitter: @jicarreterogu @FIWARE
skype: jicarretero
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.fiware.org/private/fiware-lab-federation-nodes/attachments/20171016/a327ae74/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 6250 bytes
Desc: image001.png
URL: <https://lists.fiware.org/private/fiware-lab-federation-nodes/attachments/20171016/a327ae74/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 251283 bytes
Desc: image002.png
URL: <https://lists.fiware.org/private/fiware-lab-federation-nodes/attachments/20171016/a327ae74/attachment-0003.png>
You can get more information about our cookies and privacy policies clicking on the following links: Privacy policy Cookies policy