安装配置

Before you configure the OpenStack Identity service, you must create a database and an administration token.

一、创建keystone数据库并授权

1.登陆数据库

mysql -u root -p

2.创建数据库并授权

CREATE DATABASE keystone;

GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'KEYSTONE_DBPASS';

GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'KEYSTONE_DBPASS';

Replace KEYSTONE_DBPASS with a suitable password.

二、创建管理员token

openssl rand -hex

记住token值

三、安装配置keystone

1.安装keystone

yum install openstack-keystone httpd mod_wsgi python-openstackclient memcached python-memcached

2.Start the Memcached service and configure it to start when the system boots

systemctl enable memcached.service

systemctl start memcached.service

3.Edit the /etc/keystone/keystone.conf file and complete the following actions

a.In the [DEFAULT] section, define the value of the initial administration token:

[DEFAULT]

...

admin_token = ADMIN_TOKEN

Replace ADMIN_TOKEN with the random value that you generated in a previous step.

b.In the [database] section, configure database access:

[database]

...

connection = mysql://keystone:KEYSTONE_DBPASS@controller/keystone

Replace KEYSTONE_DBPASS with the password you chose for the database.

c.In the [memcache] section, configure the Memcache service:

[memcache]

...

servers = localhost:

d.In the [token] section, configure the UUID token provider and Memcached driver:

[token]

...

provider = keystone.token.providers.uuid.Provider

driver = keystone.token.persistence.backends.memcache.Token

e.In the [revoke] section, configure the SQL revocation driver:

[revoke]

...

driver = keystone.contrib.revoke.backends.sql.Revoke

f.(Optional) To assist with troubleshooting, enable verbose logging in the [DEFAULT] section:

[DEFAULT]

...

verbose = True

4.Populate the Identity service database:

su -s /bin/sh -c "keystone-manage db_sync" keystone

四、To configure the Apache HTTP server

1.Edit the /etc/httpd/conf/httpd.conf file and configure the ServerName option to reference the controller node:

ServerName controller

2.Create the /etc/httpd/conf.d/wsgi-keystone.conf file with the following content:

Listen

Listen 

<VirtualHost *:>

    WSGIDaemonProcess keystone-public processes= threads= user=keystone group=keystone display-name=%{GROUP}

    WSGIProcessGroup keystone-public

    WSGIScriptAlias / /var/www/cgi-bin/keystone/main

    WSGIApplicationGroup %{GLOBAL}

    WSGIPassAuthorization On

    LogLevel info

    ErrorLogFormat "%{cu}t %M"

    ErrorLog /var/log/httpd/keystone-error.log

    CustomLog /var/log/httpd/keystone-access.log combined

</VirtualHost>

<VirtualHost *:>

    WSGIDaemonProcess keystone-admin processes= threads= user=keystone group=keystone display-name=%{GROUP}

    WSGIProcessGroup keystone-admin

    WSGIScriptAlias / /var/www/cgi-bin/keystone/admin

    WSGIApplicationGroup %{GLOBAL}

    WSGIPassAuthorization On

    LogLevel info

    ErrorLogFormat "%{cu}t %M"

    ErrorLog /var/log/httpd/keystone-error.log

    CustomLog /var/log/httpd/keystone-access.log combined

</VirtualHost>

3.Create the directory structure for the WSGI components:

mkdir -p /var/www/cgi-bin/keystone

4.Copy the WSGI components from the upstream repository into this directory:

curl http://git.openstack.org/cgit/openstack/keystone/plain/httpd/keystone.py?h=stable/kilo | tee /var/www/cgi-bin/keystone/main /var/www/cgi-bin/keystone/admin

5.Adjust ownership and permissions on this directory and the files in it:

chown -R keystone:keystone /var/www/cgi-bin/keystone

chmod  /var/www/cgi-bin/keystone/*

6.启动Apache服务,设置开机自起

systemctl enable httpd.service

systemctl start httpd.service

Openstack(Kilo)安装系列之Keystone(三)的更多相关文章

  1. Openstack(Kilo)安装系列之Keystone(四)

    创建租间.用户.角色 一.To configure prerequisites 1.Configure the authentication token: export OS_TOKEN=ADMIN_ ...

  2. Openstack(Kilo)安装系列之Keystone(五)

    Create OpenStack client environment scripts To create the scripts Create client environment scripts ...

  3. Openstack(Kilo)安装系列之glance(六)

    安装配置 Before you install and configure the Image service, you must create a database, service credent ...

  4. Openstack(Kilo)安装系列之环境准备(二)

    控制节点.网络节点.计算节点: 一.配置源 1.配置EPEL源 yum install http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-rel ...

  5. Openstack(Kilo)安装系列之环境准备(一)

    本文采用VMware虚拟环境,使用CentOS 7.1作为openstack的基础环境. 一.基础平台 1.一台装有VMware的windows系统(可联网) 2.CentOS 7.1 64bit镜像 ...

  6. Openstack(Kilo)安装系列之neutron(九)

    控制节点 Before you configure the OpenStack Networking (neutron) service, you must create a database, se ...

  7. Openstack(Kilo)安装系列之nova(八)

    计算节点 To install and configure the Compute hypervisor components 1.Install the packages: yum install ...

  8. Openstack(Kilo)安装系列之nova(七)

    控制节点 Before you install and configure the Compute service, you must create a database, service crede ...

  9. OpenStack实践系列②认证服务Keystone

    OpenStack实践系列②认证服务Keystone 三.实战OpenStack之控制节点3.1 CentOS7的时间同步服务器chrony 下载chrony # yum install -y chr ...

随机推荐

  1. Mach-O文件格式和程序从载入到运行过程

    > 之前深入了解过.过去了一年多的时间.如今花些时间好好总结下,毕竟好记性不如烂笔头. 其次另一个目的,对于mach-o文件结构.关于动态载入信息那个数据区中,命令含义没有深刻掰扯清除,希望有同 ...

  2. HipHop PHP简介(转)

    HipHop PHP是FaceBook的一个开源项目,它优化了FaceBook网站Web服务器的运行速度. HipHop 是一个源代码转换器.它将 PHP 代码转换为高度优化的 C++ 代码,然后再使 ...

  3. [Exception Android 19] - android.widget.HeaderViewListAdapter.isEnabled

    java.lang.IndexOutOfBoundsException: Invalid index , size at java.util.ArrayList.throwIndexOutOfBoun ...

  4. JDBC2.0操作:结果集,更新,插入,删除,批处理语句

    JDBC对ResultSet的支持 JDBC最重要的概念是批处理,可以一次完成多个语句的执行. 可滚动的结果集. 如果想创建可滚动的结果集,则在创建PrepareStatement时候必须指定创建的类 ...

  5. DDL语句--改动表

    改动表是指改动数据库中已经存在的表的定义.改动表比又一次定义表简单.不须要又一次载入数据.也不会影响正在进行的服务. MySQL中通过ALTER TABLE语句来改动表.改动表包含改动表名.改动字段数 ...

  6. 【转帖】Servlet 3.0 新特性详解

    http://www.ibm.com/developerworks/cn/java/j-lo-servlet30/ Servlet 3.0 新特性概述 Servlet 3.0 作为 Java EE 6 ...

  7. mysql中如何统计某字段里某个字符的个数

    select * from order where length(order_num)-length(replace(order_num,'8','')) = 4

  8. R快速创建个文件

    cat("TITLE extra line", "2 3 5 7", "11 13 17", file="ex.data" ...

  9. C语言之指针基础概念

    今天就写一下关于C语言指针的一些感想吧. 很多同学都搞不懂指针,我一开始也云里雾里没看懂指针,而且老师又把指针说得很难的样子.其实主要是把指针”*“的作用给弄混了,不用畏惧,细心点看就可以了. 首先简 ...

  10. mysql产生随机数并连接字符串

    concat('a','b','c');//连接字符串 rand();//产生随机数 floor();//取整数 UPDATE user set reg_ip= concat(floor(RAND() ...