Bug #1194885 “Keystone V3 - add side-by-side comparison of V2 an...” : Bugs : openstack-api-site

Diane Fleming (diane-fleming) on 2013-06-26

Changed in openstack-api-site:
assignee:	nobody → Diane Fleming (diane-fleming)
importance:	Undecided → High

Revision history for this message

Dolph Mathews (dolph) wrote on 2013-06-26:

#1

Is this supposed to document both the v2 admin AND public API's against the entire v3 API?

More than likely, most users will only need to understand the transition from the v2 public API to the equivalent calls in v3 (or at least, that would be the most important place to start). Everyone uses auth but not everyone uses the identity management features (CRUD on domains, projects, users, roles, etc).

Diane Fleming (diane-fleming) on 2013-07-16

Changed in openstack-api-site:
status:	New → Confirmed
milestone:	none → havana

Diane Fleming (diane-fleming) on 2013-09-22

Changed in openstack-api-site:
milestone:	havana → icehouse

Diane Fleming (diane-fleming) on 2014-03-20

Changed in openstack-api-site:
assignee:	Diane Fleming (diane-fleming) → nobody

Akihiro Motoki (amotoki) on 2014-04-01

tags:

added: identity-api

Diane Fleming (diane-fleming) on 2014-04-09

Changed in openstack-api-site:
milestone:	icehouse → none

Revision history for this message

Lysander David (lysander-david) wrote on 2014-08-14:

#2

I am unable to reach the link from the Bug Description

https://one.rackspace.com/display/auth/Keystone+client%2C+V2+API%2C+V3+API+matrix

It times out for me.

Would someone know of a location where the keystone v2 to v3 comparison should be entered ?

Revision history for this message

Dolph Mathews (dolph) wrote on 2014-08-14:

#3

one.rackspace.com looks like an internal link. Can someone publish that publicly, somehow?

Revision history for this message

Anne Gentle (annegentle) wrote on 2014-11-19:

#4

Download full text (8.1 KiB)

Here's the HTML of the table comparison.

<table>
 <tbody>
 <tr>
 <th>Feature</th>
 <th>Description</th>
 <th>Keystone Client (using 2.0)</th>
 <th>Curl - using V2.0 API</th>
 <th>V3 API</th>
 <th colspan="1">Observations</th>
 </tr>
 <tr>
 <td>List Users</td>
 <td>List all users that the supplied token has visibility to</td>
 <td>keystone --token ADMIN --endpoint <a href="http://localhost:35357/v2.0/">http://localhost:35357/v2.0/</a> user-list</td>
 <td>
 curl <a href="http://166.78.146.147:35357/v2.0/users">http://locahost:35357/v2.0/users</a> -H "X-Auth-Token: ADMIN"
 <ac:structured-macro ac:name="code">
 <ac:plain-text-body><![CDATA[{
"users": [
{
"email": "<email address hidden>",
"enabled": true,
"id": "45214d3ed59b46458c5d2ae9431fbbb7",
"name": "joe",
"tenantId": "26772165df7f4e418706a7ab875b6312"
}
]
}]]></ac:plain-text-body>
 </ac:structured-macro>
 </td>
 <td>
 curl <a href="http://166.78.146.147:35357/v3/users">http://localhost:35357/v3/users</a> -H "X-Auth-Token: ADMIN"
 <ac:structured-macro ac:name="code">
 <ac:plain-text-body><![CDATA[{
"links": {
"next": null,
"previous": null,
"self": "http://localhost:5000/v3/users"
},
"users": [
{
"domain_id": "default",
"email": "<email address hidden>",
"enabled": true,
"id": "45214d3ed59b46458c5d2ae9431fbbb7",
"links": {
"self": "http://localhost:5000/v3/users/45214d3ed59b46458c5d2ae9431fbbb7"
},
"name": "joe",
"tenantId": "26772165df7f4e418706a7ab875b6312"
}
]
}]]></ac:plain-text-body>
 </ac:structured-macro>
 </td>
 <td colspan="1"> </td>
 </tr>
 <tr>
 <td colspan="1">Create User</td>
 <td colspan="1">Create a new user</td>
 <td colspan="1">keystone --token ADMIN --endpoint <a href="http://localhost:35357/v2.0/">http://localhost:35357/v2.0/</a> user-create --name joe --tenant_id 26772165df7f4e418706a7ab875b6312 --pass password1 --email <a href="mailto:<email address hidden>"><email address hidden></a> --enabled true</td>
 <td colspan="1">
 curl <a href="http://166.78.146.147:35357/v2.0/tenants">http://localhost:35357/v2.0</a>/users -d '{"user":{"username":"joe","email":"<a href="mailto:<email address hidden>"><email address hidden></a>","enabled":true, "name":"Joe", "OS-KSADM":"secrete"}}' -H "Content-type: application/json" -H "X-Auth-Token: ADMIN"
 
 
 </td>
 <td colspan="1"> </td>
 <td colspan="1">
 Name required attribute in Keystone v2, but username is not...
 Case sensitive username.
 Another API call needed in v2 to associate user with tenant.
 
 </td>
 </tr>
 <tr>
 <td>Create Tenant</td>
 <td>Create a new tenant (or project for v3 lingo)</td>
 <td>keystone --token ADMIN --endpoint <a href="http://localhost:35357/v2.0/">http://localhost:35357/v2.0/</a> tenant-create --name tenant01 --description "tenant for tenant sake" --enable true</td>
 <td>
 curl <a href="http://166.78.146.147:35357/v2.0/tenants">http://localhost:35357/v2.0/tenants</a> -H "X-Auth-Token: ADMI...

Here's the HTML of the table comparison.

<table>
 <tbody>
 <tr>
 <th>Feature</th>
 <th>Description</th>
 <th>Keystone Client (using 2.0)</th>
 <th>Curl - using V2.0 API</th>
 <th>V3 API</th>
 <th colspan="1">Observations</th>
 </tr>
 <tr>
 <td>List Users</td>
 <td>List all users that the supplied token has visibility to</td>
 <td>keystone --token ADMIN --endpoint <a href="http://localhost:35357/v2.0/">http://localhost:35357/v2.0/</a> user-list</td>
 <td>
 curl <a href="http://166.78.146.147:35357/v2.0/users">http://locahost:35357/v2.0/users</a> -H "X-Auth-Token: ADMIN"
 <ac:structured-macro ac:name="code">
 <ac:plain-text-body><![CDATA[{
 "users": [
 {
 "email": "joe@joe.com", 
 "enabled": true, 
 "id": "45214d3ed59b46458c5d2ae9431fbbb7", 
 "name": "joe", 
 "tenantId": "26772165df7f4e418706a7ab875b6312"
 }
 ]
}]]></ac:plain-text-body>
 </ac:structured-macro>
 </td>
 <td>
 curl <a href="http://166.78.146.147:35357/v3/users">http://localhost:35357/v3/users</a> -H "X-Auth-Token: ADMIN"
 <ac:structured-macro ac:name="code">
 <ac:plain-text-body><![CDATA[{
 "links": {
 "next": null, 
 "previous": null, 
 "self": "http://localhost:5000/v3/users"
 }, 
 "users": [
 {
 "domain_id": "default", 
 "email": "joe@joe.com", 
 "enabled": true, 
 "id": "45214d3ed59b46458c5d2ae9431fbbb7", 
 "links": {
 "self": "http://localhost:5000/v3/users/45214d3ed59b46458c5d2ae9431fbbb7"
 }, 
 "name": "joe", 
 "tenantId": "26772165df7f4e418706a7ab875b6312"
 }
 ]
}]]></ac:plain-text-body>
 </ac:structured-macro>
 </td>
 <td colspan="1"> </td>
 </tr>
 <tr>
 <td colspan="1">Create User</td>
 <td colspan="1">Create a new user</td>
 <td colspan="1">keystone --token ADMIN --endpoint <a href="http://localhost:35357/v2.0/">http://localhost:35357/v2.0/</a> user-create --name joe --tenant_id 26772165df7f4e418706a7ab875b6312 --pass password1 --email <a href="mailto:joe@joe.com">joe@joe.com</a> --enabled true</td>
 <td colspan="1">
 curl <a href="http://166.78.146.147:35357/v2.0/tenants">http://localhost:35357/v2.0</a>/users -d '{"user":{"username":"joe","email":"<a href="mailto:joe@openstack.org">joe@openstack.org</a>","enabled":true, "name":"Joe", "OS-KSADM":"secrete"}}' -H "Content-type: application/json" -H "X-Auth-Token: ADMIN"
  
  
 </td>
 <td colspan="1"> </td>
 <td colspan="1">
 Name required attribute in Keystone v2, but username is not...
 Case sensitive username.
 Another API call needed in v2 to associate user with tenant.
  
 </td>
 </tr>
 <tr>
 <td>Create Tenant</td>
 <td>Create a new tenant (or project for v3 lingo)</td>
 <td>keystone --token ADMIN --endpoint <a href="http://localhost:35357/v2.0/">http://localhost:35357/v2.0/</a> tenant-create --name tenant01 --description "tenant for tenant sake" --enable true</td>
 <td>
 curl <a href="http://166.78.146.147:35357/v2.0/tenants">http://localhost:35357/v2.0/tenants</a> -H "X-Auth-Token: ADMIN" -X POST -d '{"tenant":{"name":"tenant02","description":"tenant tenant", "enabled":true}}' -H "Content-type: application/json"
  
 <ac:structured-macro ac:name="code">
 <ac:plain-text-body><![CDATA[{
 "tenant": 
 {
 "description": "tenant tenant", 
 "enabled": true, 
 "id": "e92d66cd3aed46ad8d47d2055f63b796", 
 "name": "tenant02"
 }
}]]></ac:plain-text-body>
 </ac:structured-macro>
 </td>
 <td>
 curl <a href="http://166.78.146.147:35357/v3/projects">http://localhost:35357/v3/projects</a> -H "X-Auth-Token: ADMIN" -H "Content-type: application/json" -d '{"project": {"domain_id":"123","enabled":true,"name":"Project-X"}}'
  
 <ac:structured-macro ac:name="code">
 <ac:plain-text-body><![CDATA[{
 "project": 
 {
 "description": "", 
 "links": 
 {
 "self":"http://localhost:5000/v3/projects/9dcdb57f6e5345afb50cafed9b13b52b"
 }, 
 "enabled": true, 
 "id": "9dcdb57f6e5345afb50cafed9b13b52b", 
 "domain_id": "123", 
 "name": "Project-X"
 }
}]]></ac:plain-text-body>
 </ac:structured-macro>
  
  
 </td>
 <td colspan="1">
 Tenants in v2 can be seen as projects in v3.
 Projects in v3 can be seen as tenants in v2.
 Projects in v3 can be created, referencing a domain that doesn't yet exist. (In the example to the left, domain "123" wasn't created and still isn't shown on a get v3/domains call
 </td>
 </tr>
 <tr>
 <td>List Domains</td>
 <td>List all the domains the supplied token has visibility to</td>
 <td>N/A</td>
 <td>N/A</td>
 <td>
 curl <a href="http://166.78.146.147:35357/v3/domains">http://localhost:35357/v3/domains</a> -H "X-Auth-Token: ADMIN" | python -mjson.tool
  
 <ac:structured-macro ac:name="code">
 <ac:plain-text-body><![CDATA[{
 "domains": [
 {
 "description": "Owns users and tenants (i.e. projects) available on Identity API v2.", 
 "enabled": true, 
 "id": "default", 
 "links": {
 "self": "http://localhost:5000/v3/domains/default"
 }, 
 "name": "Default"
 }
 ], 
 "links": {
 "next": null, 
 "previous": null, 
 "self": "http://localhost:5000/v3/domains"
 }
}]]></ac:plain-text-body>
 </ac:structured-macro>
 </td>
 <td colspan="1"> </td>
 </tr>
 <tr>
 <td>Add Domain</td>
 <td>Create a new domain</td>
 <td>N/A</td>
 <td>N/A</td>
 <td>
 curl <a href="http://166.78.146.147:35357/v3/domains">http://localhost:35357/v3/domains</a> -H "X-Auth-Token: ADMIN" -H "Content-type: application/json" -d '{"domain":{"enabled":true, "name":"CustomerX"}}' | python -mjson.tool
  
 <ac:structured-macro ac:name="code">
 <ac:plain-text-body><![CDATA[{
 "domain": {
 "enabled": true, 
 "id": "fbff0b59b2ae4be5836195b978f2d101", 
 "links": {
 "self": "http://localhost:5000/v3/domains/fbff0b59b2ae4be5836195b978f2d101"
 }, 
 "name": "CustomerX"
 }
}]]></ac:plain-text-body>
 </ac:structured-macro>
 </td>
 <td colspan="1"> </td>
 </tr>
 <tr>
 <td colspan="1">Add Role</td>
 <td colspan="1">Add a new role</td>
 <td colspan="1">keystone --token ADMIN --endpoint <a href="http://localhost:35357/v2.0">http://localhost:35357/v2.0</a> role-create --name user</td>
 <td colspan="1">
 curl <a href="http://166.78.146.147:35357/v2.0/OS-KSADM/roles">http://166.78.146.147:35357/v2.0/OS-KSADM/roles</a> -H "X-Auth-Token: ADMIN" -d '{"role":{"name":"SysAdmni", "description":"Role for doing sys adminy things"}}' -H "Content-type: application/json"
 <ac:structured-macro ac:name="code">
 <ac:plain-text-body><![CDATA[{
 "role": 
 {
 "description": "Role for doing sys adminy things", 
 "name": "SysAdmni", 
 "id": "c6d7d36aaa7344efbf9e24af2223de72"
 }
}]]></ac:plain-text-body>
 </ac:structured-macro>
 </td>
 <td colspan="1">
 curl <a href="http://166.78.146.147:35357/v3/roles">http://localhost:35357/v3/roles</a> -H "X-AUTH-TOKEN: ADMIN" -H "Content-type: application/json" -d '{"role":{"name":"SysAdmin","description":"Sys Admin created via v3"}}' | python -mjson.tool 
 
 
 <ac:structured-macro ac:name="code">
 <ac:plain-text-body><![CDATA[{
 "role": {
 "description": "Sys Admin created via v3", 
 "id": "dd8312d819f44f0398092601c2643000", 
 "links": {
 "self": "http://localhost:5000/v3/roles/dd8312d819f44f0398092601c2643000"
 }, 
 "name": "SysAdmin"
 }
}]]></ac:plain-text-body>
 </ac:structured-macro>
 </td>
 <td colspan="1">
 description not listed in v3 doc, but i was able to add it anyway.
  
 V3 doc: <a href="https://github.com/openstack/identity-api/blob/master/openstack-identity-api/src/markdown/identity-api-v3.md">https://github.com/openstack/identity-api/blob/master/openstack-identity-api/src/markdown/identity-api-v3.md</a>
 
 </td>
 </tr>
 </tbody>
</table>

Revision history for this message

Anne Gentle (annegentle) wrote on 2014-11-19:

#5

I think this table could be added to the keystone v3 specification document as a useful reference. Source files live here: https://github.com/openstack/keystone-specs/tree/master/api/v3 I would suggest adding a new RST file there.

I'm not sure I want it in the end user guide since that guide doesn't really document curl commands.

The comparison could also be written with example CLI commands, then that might belong in the End User Guide.

Changed in openstack-api-site:
status:	Confirmed → Triaged

Revision history for this message

Diane Fleming (diane-fleming) wrote on 2015-05-31:

#6

https://review.openstack.org/187027

Changed in openstack-api-site:
assignee:	nobody → Diane Fleming (diane-fleming)
milestone:	none → kilo
status:	Triaged → Confirmed
status:	Confirmed → In Progress

Tom Fifield (fifieldt) on 2015-06-11

Changed in openstack-api-site:
milestone:	kilo → liberty

Anne Gentle (annegentle) on 2015-07-16

Changed in openstack-api-site:
status:	In Progress → Fix Released

openstack-api-site

Keystone V3 - add side-by-side comparison of V2 and V3 to the docs

Bug Description

Other bug subscribers

Remote bug watches