1、创建数据库

[root@controller ~]# mysql -u root -p
[root@controller ~]# CREATE DATABASE keystone;
[root@controller ~]# GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'PWS';
[root@controller ~]# GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'PWS';
[root@controller ~]# openssl rand -hex 10

2、安装keystone

yum install openstack-keystone httpd mod_wsgi python-openstackclient memcached python-memcached

3、启动memcache

# systemctl enable memcached.service
# systemctl start memcached.service

4、设置环境

  1. Edit the /etc/keystone/keystone.conf file and complete the following actions:
    1. In the [DEFAULT] section, define the value of the initial administration token:
      1
      2
      3
      [DEFAULT]
      ...
      admin_token = ADMIN_TOKEN
      Replace ADMIN_TOKEN with the random value that you generated in a previous step.
    2. In the [database] section, configure database access:
      1
      2
      3
      [database]
      ...
      connection = mysql://keystone:KEYSTONE_DBPASS@controller/keystone
      Replace KEYSTONE_DBPASS with the password you chose for the database.
    3. In the [memcache] section, configure the Memcache service:
      1
      2
      3
      [memcache]
      ...
      servers = localhost:11211
    4. In the [token] section, configure the UUID token provider and Memcached driver:
      1
      2
      3
      4
      [token]
      ...
      provider = keystone.token.providers.uuid.Provider
      driver = keystone.token.persistence.backends.memcache.Token
    5. In the [revoke] section, configure the SQL revocation driver:
      1
      2
      3
      [revoke]
      ...
      driver = keystone.contrib.revoke.backends.sql.Revoke
    6. (Optional) To assist with troubleshooting, enable verbose logging in the [DEFAULT] section:
      1
      2
      3
      [DEFAULT]
      ...
      verbose = True
  2. Populate the Identity service database:
    # su -s /bin/sh -c "keystone-manage db_sync" keystone

5、设置HTTP

  1. Edit the /etc/httpd/conf/httpd.conf file and configure the ServerName option to reference the controller node:

    ServerName controller
  2. Create the /etc/httpd/conf.d/wsgi-keystone.conf file with the following content:
    Listen 5000
    Listen 35357 <VirtualHost *:5000>
    WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
    WSGIProcessGroup keystone-public
    WSGIScriptAlias / /var/www/cgi-bin/keystone/main
    WSGIApplicationGroup %{GLOBAL}
    WSGIPassAuthorization On
    LogLevel info
    ErrorLogFormat "%{cu}t %M"
    ErrorLog /var/log/httpd/keystone-error.log
    CustomLog /var/log/httpd/keystone-access.log combined
    </VirtualHost> <VirtualHost *:35357>
    WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
    WSGIProcessGroup keystone-admin
    WSGIScriptAlias / /var/www/cgi-bin/keystone/admin
    WSGIApplicationGroup %{GLOBAL}
    WSGIPassAuthorization On
    LogLevel info
    ErrorLogFormat "%{cu}t %M"
    ErrorLog /var/log/httpd/keystone-error.log
    CustomLog /var/log/httpd/keystone-access.log combined
    </VirtualHost>
  3. Create the directory structure for the WSGI components:
    # mkdir -p /var/www/cgi-bin/keystone
  4. Copy the WSGI components from the upstream repository into this directory:
    # curl http://git.openstack.org/cgit/openstack/keystone/plain/httpd/keystone.py?h=stable/kilo \
    | tee /var/www/cgi-bin/keystone/main /var/www/cgi-bin/keystone/admin
  5. Adjust ownership and permissions on this directory and the files in it:
    # chown -R keystone:keystone /var/www/cgi-bin/keystone
    # chmod 755 /var/www/cgi-bin/keystone/*
  • Restart the Apache HTTP server:

    # systemctl enable httpd.service
    # systemctl start httpd.service
  • 6、设置HTTP

CentOS 7部署OpenStack(二)—安装keystone服务的更多相关文章

  1. openstack(Pike 版)集群部署(二)--- Keystone 部署

    一.介绍 参照官网部署:https://docs.openstack.org/keystone/queens/install/ 继续上一博客进行部署:http://www.cnblogs.com/we ...

  2. 002-官网安装openstack之-安装基础服务

    安装openstack基础服务 1.控制节点安装时间同步服务(chrony) (1)时间同步大体来说有两种方式: 一种是自己搭建时间同步服务器,各个需要同步时间的节点,与其同步时间 另一种则是使用nt ...

  3. CentOS 7下源码安装zabbix服务

    安装环境需要LAMP或者LNMP先搭建好 在此我使用上一篇搭建好的LNMP环境来安装zabbix 1.下载zabbix http://www.zabbix.com/download.php 2.安装及 ...

  4. openstack (3)---------部署memcached缓存服务,keystone服务

    一.memcached概念 Memcached 是一个开源的.高性能的分布式内存对象缓存系统.通过在内存中缓存数据和对象来减少读取数据库的次数,从而提高网站访问速度,加速动态WEB应用.减轻数据库负载 ...

  5. OpenStack 安装:keystone服务

    在前面的章节里面,我们配置了基本环境,也安装keystone服务,并且创建了keystone的数据库,在这一篇里面,我们说怎么配置keystone. 首先编辑keystone服务,需要修改如下数据 编 ...

  6. 4 云计算系列之Openstack简介与keystone安装

    preface KVM 是openstack虚拟化的基础, 再介绍了kvm虚拟化技术之后,我们介绍下openstack和如何搭建. Openstack组件 openstack架构图如下所示 那么我们就 ...

  7. OpenStack 安装 Keystone

    OpenStack 安装 Keystone 本篇主要记录一下 如何安装 openstack的 第一个组件 keystone 认证授权组件 openstack 版本 我选的是queens 版本 1.Op ...

  8. 照着官网来安装openstack pike之keystone安装

    openstack基础环境安装完成后,现在开启安装keystone服务(在控制节点上执行下面所有操作) 1.为keystone创建数据库 mysql -u root -p MariaDB [(none ...

  9. OpenStack之四: keystone验证服务(端口5000)

    #官网地址:https://docs.openstack.org/keystone/stein/install/keystone-install-rdo.html #:创建库,并授权 MariaDB ...

随机推荐

  1. canvas 画字

    用canvas画字还是头一回,要想和UI设计的画的一模一样还是真有些苦难,不过现在实现的效果已经很像了. <!--通过字体文件引入字体--><style>@font-face ...

  2. git subtree 使用

    这个是备忘录.原网页(https://medium.com/@porteneuve/mastering-git-subtrees-943d29a798ec , http://cncc.bingj.co ...

  3. epoll 反应堆

    epoll反应堆模型 ================================ 下面代码实现的思想:epoll反应堆模型:( libevent 网络编程开源库 核心思想) . 普通多路IO转接 ...

  4. 1.15 kickstart rpm yum

    ###########bootstrap 启动加载器 (pxelinux.0)传输pxelinux.cfg NIC #network interface PXEpxelinux.0/tftp/pxel ...

  5. Arcgis 图层编辑器“粘贴”功能菜单灰色不能使用的问题与解决办法

    本人由win7系统更换为win10系统,平常使用的arcgis10.2升级使用10.3版本,相应的VS2012也升级使用2013版本,但是在安装了之后发现"Editor"编辑工具中 ...

  6. unity, 调节图片导入尺寸

    unity中直接导入高清图,通过max size来调节图片尺寸. 打包的时候通过看editor log或通过插件来监视是否有过大尺寸的图片.

  7. linux 删除进程的多种方法

    kill pid kill -9 pid kill -15 pid pkill -f *.php kill -s 9 pid

  8. setTimeout()与setInterval()

    一.setTimeout与setInterval的用法(http://www.css88.com/archives/5804) setTimeout是超时调用,javascript是一个单线程的解析器 ...

  9. 文章汇总(包括NVMe SPDK vSAN Ceph xfs等)

    基础部分 NVMe驱动解析-前言 NVMe驱动解析-注册设备 NVMe驱动解析-关键的BAR空间 NVMe驱动解析-DMA传输(热门) NVMe驱动解析-响应I/O请求 用一个简单的例子窥探NVMe的 ...

  10. Query意图分析:记一次完整的机器学习过程(scikit learn library学习笔记)

    所谓学习问题,是指观察由n个样本组成的集合,并根据这些数据来预测未知数据的性质. 学习任务(一个二分类问题): 区分一个普通的互联网检索Query是否具有某个垂直领域的意图.假设现在有一个O2O领域的 ...