Data Model
Keystone was designed from the ground up to be amenable to multiple styles of backends and as such many of the methods and data types will happily accept more data than they know what to do with and pass them on to a backend.
There are a few main data types:
- User: has account credentials, is associated with one or more tenants
- Tenant: unit of ownership in openstack, contains one or more users
- Role: a first-class piece of metadata associated with many user-tenant pairs.
- Token: identifying credential associated with a user or user and tenant
- Extras: bucket of key-value metadata associated with a user-tenant pair.
- Rule: describes a set of requirements for performing an action.
While the general data model allows a many-to-many relationship between Users and Tenants and a many-to-one relationship between Extras and User-Tenant pairs, the actual backend implementations take varying levels of advantage of that functionality.
沒有留言:
張貼留言