Identity Service Concepts – OpenStack Keystone

OpenStack Keystone Identity Service

Keystone is an OpenStack project that provides Identity, Token, Catalog and Policy services for use specifically by projects in the OpenStack family. It implements openstack’s identity api.
In this particular section, we will cover various openstack keystone identity service concepts:

1. Creating a sandbox environment using VirtualBox and Vagrant
2. Configuring Ubuntu Cloud archive
3. Installing OpenStack Identity service
4. Creating tenants
5. Configuring roles
6. Adding users
7. Defining service endpoints
8. Creating the service tenant and service users


The OpenStack Identity service, also known as Keystone, provides services for authenticating and managing user accounts and role information for our OpenStack cloud environment. It is a crucial service that underpins the authentication and verification between all of our OpenStack cloud services and is the first service that needs to be installed within an OpenStack environment. Authentication with OpenStack Identity service sends back an authorization token that is passed between the services, once validated. This token is subsequently used as your authentication and verification so that you can proceed to use that service, such as OpenStack Storage and Compute. As such, configuration of the OpenStack Identity service must be done first and consists of creating appropriate roles for users and services, tenants, the user accounts, and the service API endpoints that make up our cloud infrastructure. At the end of the above concepts, we will have the following environment setup:

In addition to creating OpenStack’s Identity Service, the Keystone also provides a wsgi middleware, as well as a python client library.

Enroll for Instructor Led Live mindmajix openstack training


Get Updates on Tech posts, Interview & Certification questions and training schedules