Get your development environment set up according to Setting up a Keystone development environment.
We recommend establishing a virtualenv to run keystone within. To establish this environment, use the command:
$ python tools/install_venv.py
This will create a local virtual environment in the directory .venv. Once created, you can activate this virtualenv for your current shell using:
$ source .venv/bin/activate
The virtual environment can be disabled using the command:
$ deactivate
You can also use tools\with_venv.sh to prefix commands so that they run within the virtual environment. For more information on virtual environments, see virtualenv.
To run the keystone Admin and API server instances, use:
$ tools/with_venv.sh bin/keystone
To run client demo (with all auth middleware running locally on sample service):
$ tools/with_venv.sh examples/echo/bin/echod
which spins up a simple “echo” service on port 8090. To use a simple echo client:
$ python examples/echo/echo_client.py
You can interact with Keystone through the command line using keystone-manage which allows you to establish tenants, users, etc.
You can also interact with Keystone through it’s REST API. There is a python keystone client library python-keystoneclient which interacts exclusively through the REST API.
The easiest way to establish some base information in Keystone to interact with is to invoke:
$ tools/with_venv.sh bin/sampledata
You can see the details of what that creates in keystone/test/sampledata.py
You can enable a huge amount of additional data (debugging information) about the request and repsonse objects flowing through Keystone using the debugging WSGI middleware.
To enable this, just modify the pipelines in etc/keystone.conf, from:
[pipeline:admin]
pipeline =
urlnormalizer
admin_api
[pipeline:keystone-legacy-auth]
pipeline =
urlnormalizer
legacy_auth
d5_compat
service_api
... to:
[pipeline:admin]
pipeline =
debug
urlnormalizer
d5_compat
admin_api
[pipeline:keystone-legacy-auth]
pipeline =
debug
urlnormalizer
legacy_auth
d5_compat
service_api
Two simple and easy debugging tools are using the -d when you start keystone:
$ ./keystone -d
and the –trace-calls flag:
$ ./keystone -trace-calls
The -d flag outputs debug information to the console. The --trace-calls flag outputs extensive, nested trace calls to the console and highlights any errors in red.