OpenStack provides
native support for tenant/project management through the OpenStack Keystone component.
The IBM® Cloud
Manager - Self Service has
its own tenant/project management system as well. To make the system
compatible and secure, the system is configured to be integrated.
Keystone is an OpenStack component
that provides identity, token, catalog, and policy services to projects
in the OpenStack family.
Upon first connecting to OpenStack , IBM Cloud
Manager - Self Service imports
all the projects that currently exist in OpenStack. The
current project membership is accepted and reflected in the IBM Cloud
Manager - Self Service user
interface.
When project management operations take place in OpenStack, the IBM Cloud
Manager - Self Service listens
for events that are generated by these actions and takes immediate
action to keep the systems in sync. For more information, see http://docs.openstack.org/developer/keystone/event_notifications.html.
For
user tenant membership operations, see liacauseros.dita.
Restriction: Administrators must not delete tenants/projects
that own any resources, this includes instances, images, and Neutron entities.
This will result in orphaned resources and inconsistencies between OpenStack and the IBM Cloud
Manager - Self Service component.
You are not allowed to change the name or delete the Public project
using Keystone.
Only membership changes and project description changes can be modified
in the Public project directly. To connect to OpenStack, IBM Cloud
Manager - Self Service uses
a service user account and a default service tenant. Some OpenStack installations
have user accounts specific to OpenStack components
(for example, Nova, Keystone, Neutron). These
and other service user accounts or service tenants in an OpenStack server
that do not represent an actual user account or tenant, can be added
to the list of service users and service tenants. By doing so, they
are ignored by IBM Cloud
Manager - Self Service and
those service users are not allowed to log into the IBM Cloud
Manager - Self Service interface.
To make this change, add the service users and tenants to the comma-separated
list of users in the com.ibm.cfs.cloud.openstack.service.users property,
or the comma-separated list of tenants in the com.ibm.cfs.cloud.openstack.service.tenants property,
in the openstack.properties file.