8 Questions about OpenStack Identity Service (Keystone)

I'm studying for the Mirantis OpenStack Cloud Certification exam.  There's no official training material for Keystone yet (that I can find), so I'm writing my own questions based on what I've read.

OpenStack Identity Services (Keystone) - image from allthingsopen.com

1. How do you create a tenant?
  • keystone tenant-create --name <tenant-name>
2. Where is the primary Keystone configuration file and what is it called?
  • /etc/keystone.conf
3. Where is the PasteDeploy config file for Keystone and what is it's name?
  • /etc/keystone-paste.ini
4. What port does Keystone start a service on, by default?
  • 35357
5. How do you start Keystone services under Eventlet?
  • keystone-all
6. How do you initialize a new, empty Keystone database?
  • keystone-manage db_sync
7. With a SQL backend, how do you remove expired Keystone tokens?
  • keystone-manage token_flush
8. With a memcache backend, how do you remove expired Keystone tokens?
  • You don't.  The memcache backend automatically discards expired tokens and so flushing is unnecessary and if attempted will fail with a NotImplemented error.

Ref: http://docs.openstack.org/developer/keystone/configuration.html

No comments:

Post a Comment