root@cream-11:~# export OS_SERVICE_ENDPOINT=http://193.206.210.230:35357/v2.0 root@cream-11:~# keystone tenant-list +----------------------------------+------+---------+ | id | name | enabled | +----------------------------------+------+---------+ | ae8ccba0393b4038b50d590a90df94a8 | demo | True | +----------------------------------+------+---------+ ########### aiftim@cream-11:~$ cat keystone_rc export OS_SERVICE_TOKEN=XXXXXXXXX export OS_SERVICE_ENDPOINT=http://193.206.210.164:35357/v2.0 aiftim@cream-11:~$ keystone tenant-list +----------------------------------+------+---------+ | id | name | enabled | +----------------------------------+------+---------+ | ae8ccba0393b4038b50d590a90df94a8 | demo | True | +----------------------------------+------+---------+ aiftim@cream-11:~$ keystone user-list +----------------------------------+--------+---------+-----------------------------+ | id | name | enabled | email | +----------------------------------+--------+---------+-----------------------------+ | 924293d12b824286a4aef61c909ccc11 | nagios | True | stefano.stalio@lngs.infn.it | | c32d5b9e3b274734972134152fa829c4 | stalio | True | stefano.stalio@lngs.infn.it | +----------------------------------+--------+---------+-----------------------------+ aiftim@cream-11:~$ keystone role-list +----------------------------------+----------+ | id | name | +----------------------------------+----------+ | 9fe2ff9ee4384b1894a90878d3e92bab | _member_ | +----------------------------------+----------+ aiftim@cream-11:~$ keystone user-role-list --tenant-id ae8ccba0393b4038b50d590a90df94a8 --user-id 924293d12b824286a4aef61c909ccc11 +----------------------------------+----------+----------------------------------+----------------------------------+ | id | name | user_id | tenant_id | +----------------------------------+----------+----------------------------------+----------------------------------+ | 9fe2ff9ee4384b1894a90878d3e92bab | _member_ | 924293d12b824286a4aef61c909ccc11 | ae8ccba0393b4038b50d590a90df94a8 | +----------------------------------+----------+----------------------------------+----------------------------------+ aiftim@cream-11:~$ aiftim@cream-11:~$ keystone tenant-get ae8ccba0393b4038b50d590a90df94a8 +-------------+----------------------------------+ | Property | Value | +-------------+----------------------------------+ | description | Default Tenant | | enabled | True | | id | ae8ccba0393b4038b50d590a90df94a8 | | name | demo | +-------------+----------------------------------+ aiftim@cream-11:~$ aiftim@cream-11:~$ keystone role-create --name fake_role +----------+----------------------------------+ | Property | Value | +----------+----------------------------------+ | id | 95173c75c47b4701b78d74b185a11baa | | name | fake_role | +----------+----------------------------------+ aiftim@cream-11:~$ aiftim@cream-11:~$ keystone user-list +----------------------------------+--------+---------+-----------------------------+ | id | name | enabled | email | +----------------------------------+--------+---------+-----------------------------+ | a92f4071351d4d8b8db84b3834445d0d | caifti | True | | | 924293d12b824286a4aef61c909ccc11 | nagios | True | stefano.stalio@lngs.infn.it | | c32d5b9e3b274734972134152fa829c4 | stalio | True | stefano.stalio@lngs.infn.it | +----------------------------------+--------+---------+-----------------------------+ aiftim@cream-11:~$ keystone user-update a92f4071351d4d8b8db84b3834445d0d --email cristina.aiftimiei@pd.infn.it User has been updated. aiftim@cream-11:~$ keystone user-list +----------------------------------+--------+---------+-------------------------------+ | id | name | enabled | email | +----------------------------------+--------+---------+-------------------------------+ | a92f4071351d4d8b8db84b3834445d0d | caifti | True | cristina.aiftimiei@pd.infn.it | | 924293d12b824286a4aef61c909ccc11 | nagios | True | stefano.stalio@lngs.infn.it | | c32d5b9e3b274734972134152fa829c4 | stalio | True | stefano.stalio@lngs.infn.it | +----------------------------------+--------+---------+-------------------------------+ aiftim@cream-11:~$ keystone role-list +----------------------------------+-----------+ | id | name | +----------------------------------+-----------+ | 9fe2ff9ee4384b1894a90878d3e92bab | _member_ | | 95173c75c47b4701b78d74b185a11baa | fake_role | +----------------------------------+-----------+ aiftim@cream-11:~$ keystone user-role-add --user a92f4071351d4d8b8db84b3834445d0d --role 95173c75c47b4701b78d74b185a11baa --tenant ae8ccba0393b4038b50d590a90df94a8 aiftim@cream-11:~$ keystone user-role-list --user a92f4071351d4d8b8db84b3834445d0d --tenant ae8ccba0393b4038b50d590a90df94a8 +----------------------------------+-----------+----------------------------------+----------------------------------+ | id | name | user_id | tenant_id | +----------------------------------+-----------+----------------------------------+----------------------------------+ | 9fe2ff9ee4384b1894a90878d3e92bab | _member_ | a92f4071351d4d8b8db84b3834445d0d | ae8ccba0393b4038b50d590a90df94a8 | | 95173c75c47b4701b78d74b185a11baa | fake_role | a92f4071351d4d8b8db84b3834445d0d | ae8ccba0393b4038b50d590a90df94a8 | +----------------------------------+-----------+----------------------------------+----------------------------------+ aiftim@cream-11:~$ aiftim@cream-11:~$ keystone user-get a92f4071351d4d8b8db84b3834445d0d +----------+----------------------------------+ | Property | Value | +----------+----------------------------------+ | email | cristina.aiftimiei@pd.infn.it | | enabled | True | | id | a92f4071351d4d8b8db84b3834445d0d | | name | caifti | | tenantId | ae8ccba0393b4038b50d590a90df94a8 | +----------+----------------------------------+ ########## aiftim@cert-15:~$ chmod a+x check_keystone aiftim@cert-15:~$ ll check_keystone -rwxrwxr-x 1 aiftim aiftim 3318 Dec 17 20:44 check_keystone aiftim@cert-15:~$ ./check_keystone --auth_url http://193.206.210.164:35357/v2.0 --username caifti --tenant demo --password XXXXX --no-admin No handlers could be found for logger "keystoneclient.v2_0.client" Got token MIIDWQYJKoZIhvcNAQcCoIIDSjCCA0YCAQExCTAHBgUrDgMCGjCCAjIGCSqGSIb3DQEHAaCCAiMEggIfeyJhY2Nlc3MiOiB7InRva2VuIjogeyJpc3N1ZWRfYXQiOiAiMjAxMy0xMi0xN1QxOTo0NjozNC41MDQxNjgiLCAiZXhwaXJlcyI6ICIyMDEzLTEyLTE4VDE5OjQ2OjM0WiIsICJpZCI6ICJwbGFjZWhvbGRlciIsICJ0ZW5hbnQiOiB7ImRlc2NyaXB0aW9uIjogIkRlZmF1bHQgVGVuYW50IiwgImVuYWJsZWQiOiB0cnVlLCAiaWQiOiAiYWU4Y2NiYTAzOTNiNDAzOGI1MGQ1OTBhOTBkZjk0YTgiLCAibmFtZSI6ICJkZW1vIn19LCAic2VydmljZUNhdGFsb2ciOiBbXSwgInVzZXIiOiB7InVzZXJuYW1lIjogImNhaWZ0aSIsICJyb2xlc19saW5rcyI6IFtdLCAiaWQiOiAiYTkyZjQwNzEzNTFkNGQ4YjhkYjg0YjM4MzQ0NDVkMGQiLCAicm9sZXMiOiBbeyJuYW1lIjogIl9tZW1iZXJfIn0sIHsibmFtZSI6ICJmYWtlX3JvbGUifV0sICJuYW1lIjogImNhaWZ0aSJ9LCAibWV0YWRhdGEiOiB7ImlzX2FkbWluIjogMCwgInJvbGVzIjogWyI5ZmUyZmY5ZWU0Mzg0YjE4OTRhOTA4NzhkM2U5MmJhYiIsICI5NTE3M2M3NWM0N2I0NzAxYjc4ZDc0YjE4NWExMWJhYSJdfX19MYH-MIH8AgEBMFwwVzELMAkGA1UEBhMCVVMxDjAMBgNVBAgTBVVuc2V0MQ4wDAYDVQQHEwVVbnNldDEOMAwGA1UEChMFVW5zZXQxGDAWBgNVBAMTD3d3dy5leGFtcGxlLmNvbQIBATAHBgUrDgMCGjANBgkqhkiG9w0BAQEFAASBgKkUCae8Zs6vZk76Viz9BriYbywg-F5e-HwGRkugr4ThOpGEsNwpVZx6YnMQ3S4N7ABJ1leoW+l0p+Gdpvc1zmKkeEBdjc4fF4DCN1yswM8fLiPmzJ-G-bSGyNF8vr7Qs-HDj2q-oEXwJ+UDgK9v2yQSARejO9UaqU7rSGd8exxG for user a92f4071351d4d8b8db84b3834445d0d and tenant ae8ccba0393b4038b50d590a90df94a8 ################## # watch keystone --os-auth-url http://193.206.210.230:5000/v2.0 --os-username nagios --os-tenant-name demo --os-password nagioscheck tenant-list [Stefano Stalio]: ogni 2 secondi chiedo a keystone la lista dei tenant ################## aiftim@cream-11:~$ sudo tcpdump host 90.147.112.3 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 14:42:30.344331 IP cream-11.pd.infn.it.4567 > keystone-infn.lngs.infn.it.50158: Flags [P.], seq 3851667373:3851667453, ack 3594249748, win 669, options [nop,nop,TS val 164971837 ecr 131445405], length 80 14:42:30.361623 IP keystone-infn.lngs.infn.it.50158 > cream-11.pd.infn.it.4567: Flags [P.], seq 1:81, ack 80, win 645, options [nop,nop,TS val 131445494 ecr 164971837], length 80 14:42:30.361638 IP cream-11.pd.infn.it.4567 > keystone-infn.lngs.infn.it.50158: Flags [.], ack 81, win 669, options [nop,nop,TS val 164971841 ecr 131445494], length 0 14:42:30.362908 IP cream-11.pd.infn.it.4567 > keystone-infn.lngs.infn.it.50158: Flags [P.], seq 80:188, ack 81, win 669, options [nop,nop,TS val 164971842 ecr 131445494], length 108 14:42:30.369335 IP keystone-infn.lngs.infn.it.50158 > cream-11.pd.infn.it.4567: Flags [P.], seq 81:189, ack 80, win 645, options [nop,nop,TS val 131445496 ecr 164971837], length 108 14:42:30.406667 IP cream-11.pd.infn.it.4567 > keystone-infn.lngs.infn.it.50158: Flags [.], ack 189, win 669, options [nop,nop,TS val 164971853 ecr 131445496], length 0 14:42:30.419074 IP keystone-infn.lngs.infn.it.50158 > cream-11.pd.infn.it.4567: Flags [.], ack 188, win 645, options [nop,nop,TS val 131445509 ecr 164971842], length 0 […] 14:42:41.996447 IP cream-11.pd.infn.it.4567 > keystone-infn.lngs.infn.it.50158: Flags [P.], seq 10209:10317, ack 4969, win 669, options [nop,nop,TS val 164974750 ecr 131448403], length 108 14:42:42.009554 IP keystone-infn.lngs.infn.it.50158 > cream-11.pd.infn.it.4567: Flags [.], ack 10209, win 645, options [nop,nop,TS val 131448406 ecr 164974749], length 0 14:42:42.009672 IP keystone-infn.lngs.infn.it.50158 > cream-11.pd.infn.it.4567: Flags [P.], seq 4969:5077, ack 10209, win 645, options [nop,nop,TS val 131448406 ecr 164974749], length 108 14:42:42.046663 IP cream-11.pd.infn.it.4567 > keystone-infn.lngs.infn.it.50158: Flags [.], ack 5077, win 669, options [nop,nop,TS val 164974763 ecr 131448406], length 0 14:42:42.051164 IP keystone-infn.lngs.infn.it.50158 > cream-11.pd.infn.it.4567: Flags [.], ack 10317, win 645, options [nop,nop,TS val 131448417 ecr 164974750], length 0 aiftim@cream-11:~$ sudo tcpdump host 90.147.112.4 and port 5000 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 14:45:46.860020 IP keystone-infn-haproxy.lngs.infn.it.35261 > cream-11.pd.infn.it.5000: Flags [.], ack 3268833725, win 141, options [nop,nop,TS val 281812486 ecr 165020961], length 0 14:45:46.863449 IP keystone-infn-haproxy.lngs.infn.it.35261 > cream-11.pd.infn.it.5000: Flags [P.], seq 0:1210, ack 1, win 141, options [nop,nop,TS val 281812487 ecr 165020961], length 1210 14:45:46.863461 IP cream-11.pd.infn.it.5000 > keystone-infn-haproxy.lngs.infn.it.35261: Flags [.], ack 1210, win 145, options [nop,nop,TS val 165020967 ecr 281812487], length 0 14:45:46.879303 IP cream-11.pd.infn.it.5000 > keystone-infn-haproxy.lngs.infn.it.35261: Flags [P.], seq 1:274, ack 1210, win 145, options [nop,nop,TS val 165020971 ecr 281812487], length 273 14:45:46.912204 IP keystone-infn-haproxy.lngs.infn.it.35261 > cream-11.pd.infn.it.5000: Flags [F.], seq 1210, ack 274, win 163, options [nop,nop,TS val 281812499 ecr 165020971], length 0 14:45:46.912930 IP cream-11.pd.infn.it.5000 > keystone-infn-haproxy.lngs.infn.it.35261: Flags [F.], seq 274, ack 1211, win 145, options [nop,nop,TS val 165020979 ecr 281812499], length 0 14:45:46.933041 IP keystone-infn-haproxy.lngs.infn.it.35261 > cream-11.pd.infn.it.5000: Flags [.], ack 275, win 163, options [nop,nop,TS val 281812504 ecr 165020979], length 0 14:45:47.770032 IP keystone-infn-haproxy.lngs.infn.it.35267 > cream-11.pd.infn.it.5000: Flags [S], seq 2634218022, win 14600, options [mss 1460,sackOK,TS val 281812714 ecr 0,nop,wscale 7], length 0 14:45:47.770051 IP cream-11.pd.infn.it.5000 > keystone-infn-haproxy.lngs.infn.it.35267: Flags [S.], seq 1780273441, ack 2634218023, win 14480, options [mss 1460,sackOK,TS val 165021193 ecr 281812714,nop,wscale 7], length 0 14:45:47.790552 IP keystone-infn-haproxy.lngs.infn.it.35267 > cream-11.pd.infn.it.5000: Flags [.], ack 1, win 115, options [nop,nop,TS val 281812719 ecr 165021193], length 0 14:45:47.790570 IP keystone-infn-haproxy.lngs.infn.it.35267 > cream-11.pd.infn.it.5000: Flags [P.], seq 1:23, ack 1, win 115, options [nop,nop,TS val 281812719 ecr 165021193], length 22 14:45:47.790578 IP cream-11.pd.infn.it.5000 > keystone-infn-haproxy.lngs.infn.it.35267: Flags [.], ack 23, win 114, options [nop,nop,TS val 165021198 ecr 281812719], length 0 aiftim@cream-11:~$ sudo tcpdump -X host 90.147.112.4 and port 5000 |grep nagios tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 0x0120: 6e61 6d65 223a 2022 6e61 6769 6f73 222c name":."nagios", 0x0050: 226e 6167 696f 7322 2c20 2272 6f6c 6573 "nagios",."roles 0x00c0: 226e 6167 696f 7322 7d2c 2022 6d65 7461 "nagios"},."meta 0x0120: 6e61 6d65 223a 2022 6e61 6769 6f73 222c name":."nagios", 0x0050: 226e 6167 696f 7322 2c20 2272 6f6c 6573 "nagios",."roles 0x00c0: 226e 6167 696f 7322 7d2c 2022 6d65 7461 "nagios"},."meta 0x0120: 6e61 6d65 223a 2022 6e61 6769 6f73 222c name":."nagios", 0x0050: 226e 6167 696f 7322 2c20 2272 6f6c 6573 "nagios",."roles 0x00c0: 226e 6167 696f 7322 7d2c 2022 6d65 7461 "nagios"},."meta 0x0120: 6e61 6d65 223a 2022 6e61 6769 6f73 222c name":."nagios", 0x0050: 226e 6167 696f 7322 2c20 2272 6f6c 6573 "nagios",."roles 0x00c0: 226e 6167 696f 7322 7d2c 2022 6d65 7461 "nagios"},."meta 0x0120: 6e61 6d65 223a 2022 6e61 6769 6f73 222c name":."nagios", 0x0050: 226e 6167 696f 7322 2c20 2272 6f6c 6573 "nagios",."roles 0x00c0: 226e 6167 696f 7322 7d2c 2022 6d65 7461 "nagios"},."meta 0x0120: 6e61 6d65 223a 2022 6e61 6769 6f73 222c name":."nagios", 0x0050: 226e 6167 696f 7322 2c20 2272 6f6c 6573 "nagios",."roles 0x00c0: 226e 6167 696f 7322 7d2c 2022 6d65 7461 "nagios"},."meta 0x0120: 6e61 6d65 223a 2022 6e61 6769 6f73 222c name":."nagios", 0x0050: 226e 6167 696f 7322 2c20 2272 6f6c 6573 "nagios",."roles 0x00c0: 226e 6167 696f 7322 7d2c 2022 6d65 7461 "nagios"},."meta 0x0120: 6e61 6d65 223a 2022 6e61 6769 6f73 222c name":."nagios", 0x0050: 226e 6167 696f 7322 2c20 2272 6f6c 6573 "nagios",."roles 0x00c0: 226e 6167 696f 7322 7d2c 2022 6d65 7461 "nagios"},."meta ^C223 packets captured 223 packets received by filter 0 packets dropped by kernel 14:51:14.357391 IP keystone-infn-haproxy.lngs.infn.it.36367 > cream-11.pd.infn.it.5000: Flags [P.], seq 1:282, ack 1, win 115, options [nop,nop,TS val 281894361 ecr 165102836], length 281 0x0000: 4500 014d 2aee 4000 3906 b6b2 5a93 7004 E..M*.@.9...Z.p. 0x0010: c1ce d2a4 8e0f 1388 54c5 773a b6e3 1665 ........T.w:...e 0x0020: 8018 0073 124e 0000 0101 080a 10cd 5dd9 ...s.N........]. 0x0030: 09d7 44f4 504f 5354 202f 7632 2e30 2f74 ..D.POST./v2.0/t 0x0040: 6f6b 656e 7320 4854 5450 2f31 2e31 0d0a okens.HTTP/1.1.. 0x0050: 486f 7374 3a20 3930 2e31 3437 2e31 3132 Host:.90.147.112 0x0060: 2e34 3a35 3030 300d 0a43 6f6e 7465 6e74 .4:5000..Content 0x0070: 2d4c 656e 6774 683a 2031 3036 0d0a 636f -Length:.106..co 0x0080: 6e74 656e 742d 7479 7065 3a20 6170 706c ntent-type:.appl 0x0090: 6963 6174 696f 6e2f 6a73 6f6e 0d0a 6163 ication/json..ac 0x00a0: 6365 7074 2d65 6e63 6f64 696e 673a 2067 cept-encoding:.g 0x00b0: 7a69 702c 2064 6566 6c61 7465 0d0a 7573 zip,.deflate..us 0x00c0: 6572 2d61 6765 6e74 3a20 7079 7468 6f6e er-agent:.python 0x00d0: 2d6b 6579 7374 6f6e 6563 6c69 656e 740d -keystoneclient. 0x00e0: 0a0d 0a7b 2261 7574 6822 3a20 7b22 7465 ...{"auth":.{"te 0x00f0: 6e61 6e74 4e61 6d65 223a 2022 6465 6d6f nantName":."demo 0x0100: 222c 2022 7061 7373 776f 7264 4372 6564 ",."passwordCred 0x0110: 656e 7469 616c 7322 3a20 7b22 7573 6572 entials":.{"user 0x0120: 6e61 6d65 223a 2022 6e61 6769 6f73 222c name":."nagios", 0x0130: 2022 7061 7373 776f 7264 223a 2022 6e61 ."password":."na 0x0140: 6769 6f73 6368 6563 6b22 7d7d 7d gioscheck"}}}