Configuring the Identity Authentication Service for the Ironic Service

Perform the following operations on the controller node.

Log in to the OpenStack CLI as the user admin, create BMS user ironic and set its password.
1 2
source /etc/keystone/admin-openrc openstack user create --password-prompt ironic
The password for the ironic user must be the same as the password of the Ironic database described in Creating a BMS Database.

Use the service tenant and assign the admin role to the ironic user.

openstack role add --project service --user ironic admin

openstack service create --name ironic --description "Ironic baremetal provisioning service" baremetal

Create an Ironic endpoint in Keystone.

openstack endpoint create --region RegionOne baremetal admin http://$IRONIC_NODE:6385
openstack endpoint create --region RegionOne baremetal public http://$IRONIC_NODE:6385
openstack endpoint create --region RegionOne baremetal internal http://$IRONIC_NODE:6385

You can change the value as required. In the preceding command, IRONIC_NODE is the hostname of the ironic-api subservice, that is, baremetal.

Parent topic: Integrating the Ironic Service with Other OpenStack Services