Next you add the default tenant, an administrator, roles, and users to get a working installation started. The initial tenant, username, and password is openstackdemo, admin, and secretword.
First, add two tenants, one named openstackDemo, one named adminTenant.
sudo keystone-manage tenant add openstackDemo sudo keystone-manage tenant add adminTenant
In return for these commands, you should see a SUCCESS message, such as:
SUCCESS: Tenant openstackDemo created.
Now, add users and assign their passwords.
sudo keystone-manage user add adminUser secretword sudo keystone-manage user add demoUser secretword
Now add an invented token (any combination of numbers and letters will do) to the admin user for the openstackdemo tenant and ensure there's an expiration date assigned. This one expires in about four years.
sudo keystone-manage token add 11121314151617181920 adminUser adminTenant 2015-02-05T00:0
If you see an error like "Creating a token requires a token id, user, tenant, and expiration" it's possible you're missing the expiration date.
Create the Admin role and the Member role.
sudo keystone-manage role add Admin sudo keystone-manage role add Member
Grant the Admin role to the admin user and then grant the Member role to the demo user.
sudo keystone-manage role grant Admin adminUser sudo keystone-manage role grant Member demoUser
Grant the Admin role to the adminUser user for the openstackDemo and adminTenant tenant. Grant the Member role to the demoUser for the openstackDemo tenant.
sudo keystone-manage role grant Admin adminUser openstackDemo sudo keystone-manage role grant Admin adminUser adminTenant sudo keystone-manage role grant Member demoUser openstackDemo
