openstack之keystone安装

admin

在controller node上安装MySQL和keystone1、安装MySQL


sudo apt-get install mysql-server
Sudo apt-get install mysql-client
Sudo apt-get install libmysqlclient-dev2、root用户登录MySQL:


# mysql3、创建名为keystone的数据库:


CREATE DATABASE keystone;4、对keystone数据库授权:


GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' \
IDENTIFIED BY 'KEYSTONE_DBPASS';
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' \
IDENTIFIED BY 'KEYSTONE_DBPASS';
用自己的密码替换命令中的KEYSTONE_DBPASS5、退出数据库客户端.

6、安装keystone：


apt install keystone7、修改配置文件/etc/keystone/keystone.conf


a、 [database]
connection = mysql+pymysql://keystone:KEYSTONE_DBPASS@controller/keystone
其中KEYSTONE_DBPASS是数据库登录密码
b、[token]
provider = fernet8、数据库同步：


su -s /bin/sh -c "keystone-manage db_sync" keystone9、初始化数据库：


keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
keystone-manage credential_setup --keystone-user keystone --keystone-group keystone10、Bootstrap the Identity service：


keystone-manage bootstrap --bootstrap-password ADMIN_PASS \
--bootstrap-admin-url http://controller:35357/v3/ \
--bootstrap-internal-url http://controller:5000/v3/ \
--bootstrap-public-url http://controller:5000/v3/ \
--bootstrap-region-id RegionOne
其中Replace ADMIN_PASS with a suitable password for an administrative user11、配置Apache2的配置/etc/apache2/apache2.conf


文件中加入一行：ServerName controller12、重启服务：


service apache2 restart
rm -f /var/lib/keystone/keystone.db13、添加环境变量：


export OS_USERNAME=admin
export OS_PASSWORD=ADMIN_PASS
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://controller:35357/v3
export OS_IDENTITY_API_VERSION=3
其中Replace ADMIN_PASS with the password used in the keystone-manage bootstrap command in keystone-install-configure.14、执行命令：


openstack project create --domain default \
--description "Service Project" service15、执行命令：


openstack project create --domain default \
--description "Demo Project" demo16、执行命令：


openstack user create --domain default \
--password-prompt demo17、执行命令：


openstack role create user18、执行命令：


openstack role add --project demo --user demo user19、执行命令：


Edit the /etc/keystone/keystone-paste.ini file and remove admin_token_auth from the [pipeline:public_api], [pipeline:admin_api], and [pipeline:api_v3] sections.20、执行命令：


unset OS_AUTH_URL OS_PASSWORD21、执行命令：


openstack --os-auth-url http://controller:35357/v3 \
--os-project-domain-name default --os-user-domain-name default \
--os-project-name admin --os-username admin token issue22、执行命令：


openstack --os-auth-url http://controller:5000/v3 \
--os-project-domain-name default --os-user-domain-name default \
--os-project-name demo --os-username demo token issue23、执行命令：


vim /etc/admin-openrc
添加如下内容：
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=ADMIN_PASS
export OS_AUTH_URL=http://controller:35357/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
其中Replace ADMIN_PASS with the password you chose for the admin user in the Identity service.24、执行命令：


vim /etc/demo-openrc
添加如下内容：
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=demo
export OS_USERNAME=demo
export OS_PASSWORD=DEMO_PASS
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
其中Replace DEMO_PASS with the password you chose for the demo user in the Identity service25、执行命令：


. admin-openrc26、执行命令：


openstack token issue

声明:本文转载自网络。版权归原作者所有,如有侵权请联系删除。