3.10. Create the Services Tenant

Tenants are used to aggregate service resources (tenants are also known as projects). Per tenant, quota controls can be used to limit the numbers of resources.

Note

For more information about quotas, refer to the View and manage quotas section in the Red Hat Enterprise Linux OpenStack Platform Administration User Guide. This document is available from the following page:
https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux_OpenStack_Platform
Each user is assigned to a tenant. For regular users, their tenant typically represents their group, project, or organisation. For service users (the entity accessing the Identity service on behalf of the service), the tenant represents a service's geographical region. This means that if your cloud's services are:
  • Distributed, then typically one service tenant is created for each endpoint on which services are running (excepting the Identity and Dashboard services).
  • Deployed on a single node, then only one service tenant is required (but of course this is just one option; more can be created for administrative purposes).
The service setup examples in the Deploying OpenStack: Learning Environments guide assume that all services are deployed on one node, therefore only one service tenant is required. All such examples use the services tenant.

Note

Because administrators, regular users, and service users all need a tenant, at least three tenants are typically created, one for each group. To create administrative and regular users and tenants, refer to Section 3.8, “Create an Administrator Account” and Section 3.9, “Create a Regular User Account”.
To create the services tenant:

Procedure 3.12. Creating the services tenant

  1. Run the source command on the file containing the environment variables used to identify the Identity service administrator. 
    # source ~/keystonerc_admin
  2. Create the services tenant in the Identity service: 
    # keystone tenant-create --name services --description "Services Tenant"   
+-------------+----------------------------------+
|   Property  |              Value               |
+-------------+----------------------------------+
| description |         Services Tenant          |
| enabled     |              True                |
| id          | 7e193e36c4194b86b9a9b55d4b722af3 |
| name        |             services             |
+-------------+----------------------------------+

Note

To obtain a list of all Identity service tenants and their IDs, execute: 
# keystone tenant-list