[Fiware-lab-federation-nodes] Instructions to upgrade Community users

jicg joseignacio.carretero at fiware.org
Mon Oct 16 17:15:33 CEST 2017
Previous message: [Fiware-lab-federation-nodes] Instructions to upgrade Community users
Next message: [Fiware-lab-federation-nodes] R: Instructions to upgrade Community users
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
The last command would assign the PROJECT_ID: ...000004... to Lannion4
endpoint_group.
Regards,
José Ignacio
El lun, 16-10-2017 a las 14:49 +0000, Cristian CMECIU escribió:
> Hi José ,
>  
> For the point 6, I didn’t understand very well the way it works.
> From what I understand here we can link a project with a Region. It
> is possible to link a project to multiple Regions?
>  
> 6. Assign the corresponding endpoint_group to the project associated
> to the user
>  
>             - curl -H "X-Auth-Token: {admin-token}” -X PUT http://clo
> ud.lab.fiware.org:4730/v3//OS-EP-
> FILTER/endpoint_groups/{region_endpoint_group_id}/projects/{project_i
> d}
>  
> I used a test project_id and Lannion4 for {region_endpoint_group_id}
> => 72ea5ae5793e4e84a77c6e64687d8da4
> Do you think that is the right way to use this command?
> curl -H "X-Auth-Token: 1a9b21294d3f40…” -X PUT http://cloud.lab.fiwar
> e.org:4730/v3//OS-EP-
> FILTER/endpoint_groups/72ea5ae5793e4e84a77c6e64687d8da4/projects/0000
> 0000000000000000000000004...
>  
> BR,
> Cristian
>  
> De : José Ignacio Carretero [mailto:joseignacio.carretero at fiware.org]
>  
> Envoyé : lundi 16 octobre 2017 13:22
> À : Cristian CMECIU <ccmeciu at images-et-reseaux.com>; Álvaro Alonso 
> alonsog at dit.upm.es>
> Cc : fiware-lab-federation-nodes at lists.fiware.org
> Objet : Re: [Fiware-lab-federation-nodes] Instructions to upgrade
> Community users
>  
> Hi Cristian,
> That last curl (the one to get the token) is for keystone v2.0 ---
> That works with url: http://cloud.lab.fiware.org:4730/v2.0/tokens
> but it is deprecated and sometime it will be removed, despite of
> getting an unusable token out of Scope. --- Why  not using openstack
> CLI tools?
> 1. Create a virtual environment for python: 
>     virtualenv os
> 2. Install the Openstack tools (you'll need python 2.7 and python-dev 
> installed in order to make this work):  
>     source os/bin/activate
>     pip install python-openstackclient
> 3. Issue a token (not needed): 
>     openstack token issue
> 4. Get user data:
>     openstack user show ${user_name}
> 
> --- 
> 
> Anyway, if you insist in using "curl", I'd suggest having installed
> the jq command (which is a json parser, etc. --- Just a wonderful
> tool to work with json input).
> 
> Getting a Token for Keystone V3:
> data="{ \"auth\": {
>         \"identity\": {
>             \"methods\": [ \"password\" ],
>             \"password\": {
>                 \"user\": {
>                     \"name\": \"$OS_USERNAME\",
>                     \"domain\": {\"id\":\"default\"},
>                     \"password\": \"$OS_PASSWORD\"
>                 }
>             }
>         }
>     }
> }"
> curl -i http://cloud.lab.fiware.org:4730/v3/auth/tokens -H "Content-
> Type: application/json"-d  "$data" 2>/dev/null |awk '/^X-Subject-
> Token: / {print $2}'
> 
> Now, you can use the 2nd curl:
> curl -H "X-Auth-Token: ${token}" -H "Accept: application/json" http:/
> /cloud.lab.fiware.org:4731/v3/users?name=${user_name}
> 
> Hope this helps.
> 
> Best regards,
> José Ignacio
> 
> El 16/10/2017 a las 14:54, Cristian CMECIU escribió:
> Hi Álvaro,
>  
> I didn’t succeeded to check if a user is created using:
> curl -H "X-Auth-Token: {admin_token}" http://cloud.lab.fiware.org:473
> 0/v3/users?name=“{user_email}”
>  
> Using v2.0 endpoint, I get the token but I get this error  when I
> check the user:
> {"error": {"message": "The resource could not be found.", "code":
> 404, "title": "Not Found"}}
>  
> For v3 version I cannot get any token:
> # curl -d '{"auth":{"passwordCredentials":{"username": "admin-
> lannion", "password": "admin_passwd"}}}' -H 'Content-type:
> application/json' --url http://cloud.lab.fiware.org:4730/v3/tokens
>  
> Is there another way to get the admin token?
>  
> BR,
> Cristian CMECIU
> Fiware-Lab/ Lannion Region
> Images et Réseaux Support Engineer
>  
> 
>  
>  
>  
>  
> De : fiware-lab-federation-nodes-bounces at lists.fiware.org [mailto:fiw
> are-lab-federation-nodes-bounces at lists.fiware.org] De la part de
> Álvaro Alonso
> Envoyé : mercredi 11 octobre 2017 16:12
> À : fiware-lab-federation-nodes at lists.fiware.org
> Objet : [Fiware-lab-federation-nodes] Instructions to upgrade
> Community users
>  
> Dear IOs,
>  
> I include below detailed instructions regarding how to upgrade users
> to community. 
>  
> Please, note that actions like searching a user or project are
> usually done using Horizon filters. However, due to large number of
> entities we currently have in our Keystone instance, rendering those
> amount of users/projects in the interface is not feasible. For that
> reason we have enabled a pagination to display some entities
> (projects and users). Unfortunately, the filter just acts over the
> rendered entities so it is not posible to use it to find users or
> projects globally. 
>  
> Instructions: 
>  
> 1. If the user is not created you have to create it.
> 2. If the user doesn’t have an associated project to create cloud
> resources, you have to create it and to assign the user as a member
> of the project. 
> 3. Include in the metadata of the user (“description” field) the date
> in which the user has been upgraded to Community (with the format
> "community_started_at": "YYYY-MM-DD”).
>  
>             - You can check if the user is already created using this
> API request: curl -H "X-Auth-Token: {admin_token}" http://cloud.lab.f
> iware.org:4730/v3/users?name=“{user_email}”
>             - In the user creation wizard, you can directly create an
> associated project to the user. Thus, the user is automatically
> associated as member of that project.
>             - Identity -> Users -> Create User
>  
> 
> 4. Assign the role “Community” in the domain “default” to the user. 
>            
>             - Identiity -> Domains -> Manage Members (Default Domain)
> -> Search the user in the left side bar -> Select the user (+ icon)
> -> Search the user in the right side bar -> Select Community role
> 
> 5.  If you want to assign different quotas than the default ones,
> assign the desired quotas to the created project in your node 
>  
>             - Projects -> Project details -> Modify quotas
>             - To find the project details you can use the URL https:/
> /cloud.lab.fiware.org/identity/{project_id}detail/ 
>             - To find the project associated to a user you can check
> user details in https://cloud.lab.fiware.org/identity/users/{user_id}
> /detail/
>             - To check user id you can use the API curl -H "X-Auth-
> Token: {admin_token}" http://cloud.lab.fiware.org:4730/v3/users?name=
> “{user_email}”
>  
> 6. Assign the corresponding endpoint_group to the project associated
> to the user
>  
>             - curl -H "X-Auth-Token: {admin-token}” -X PUT http://clo
> ud.lab.fiware.org:4730/v3//OS-EP-
> FILTER/endpoint_groups/{region_endpoint_group_id}/projects/{project_i
> d}
>             - IMPORTANT: if no endpoint group is assigned to a user,
> it has access to every node. So please, this step is very important.
>             - You can find your node’s endpoint group id in the
> attached document.
>            
> 7. Notify the user of the account creation. Ask him/her to change the
> password the first time accessing the portal.
> 
> BR
> --
> Álvaro
> 
> 
> 
> _____________________________________________________________________
> _____________________
>  
> You can get more information about our cookies and privacy policies
> on the following links:
> - http://forge.fiware.org/plugins/mediawiki/wiki/fiware/index.php/FIW
> ARE_Privacy_Policy
> - http://forge.fiware.org/plugins/mediawiki/wiki/fiware/index.php/Coo
> kies_Policy_FIWARE
>  
> Fiware-lab-federation-nodes mailing list
> Fiware-lab-federation-nodes at lists.fiware.org
> https://lists.fiware.org/listinfo/fiware-lab-federation-nodes
>  
>  
> --
>  −−−
> José Ignacio Carretero 	      	
>  FIWARE Cloud and Platform Expert
> FIWARE Foundation  		  
>  Franklinstrasse 13A
> 10587 Berlin		
>  email: joseignacio.carretero at fiware.org
> www: http://fiware.org
> twitter: @jicarreterogu @FIWARE
> skype: jicarretero		
>  
-- 
 −−−
José Ignacio Carretero         	    

 FIWARE Cloud and Platform Expert
FIWARE Foundation        	
  
 Franklinstrasse 13A
10587 Berlin
 email: joseignacio.carretero at fiware.org
www: http://fiware.org
twitter: @jicarreterogu @FIWARE
skype: jicarretero	


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.fiware.org/private/fiware-lab-federation-nodes/attachments/20171016/efd13e41/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 6250 bytes
Desc: not available
URL: <https://lists.fiware.org/private/fiware-lab-federation-nodes/attachments/20171016/efd13e41/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 251283 bytes
Desc: not available
URL: <https://lists.fiware.org/private/fiware-lab-federation-nodes/attachments/20171016/efd13e41/attachment-0003.png>
Previous message: [Fiware-lab-federation-nodes] Instructions to upgrade Community users
Next message: [Fiware-lab-federation-nodes] R: Instructions to upgrade Community users
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Fiware-lab-federation-nodes mailing list
You can get more information about our cookies and privacy policies clicking on the following links: Privacy policy Cookies policy