1、创建数据库

[root@controller ~]# mysql -u root -p
[root@controller ~]# CREATE DATABASE keystone;
[root@controller ~]# GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'PWS';
[root@controller ~]# GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'PWS';
[root@controller ~]# openssl rand -hex 10

2、安装keystone

yum install openstack-keystone httpd mod_wsgi python-openstackclient memcached python-memcached

3、启动memcache

# systemctl enable memcached.service
# systemctl start memcached.service

4、设置环境

  1. Edit the /etc/keystone/keystone.conf file and complete the following actions:
    1. In the [DEFAULT] section, define the value of the initial administration token:
      1
      2
      3
      [DEFAULT]
      ...
      admin_token = ADMIN_TOKEN
      Replace ADMIN_TOKEN with the random value that you generated in a previous step.
    2. In the [database] section, configure database access:
      1
      2
      3
      [database]
      ...
      connection = mysql://keystone:KEYSTONE_DBPASS@controller/keystone
      Replace KEYSTONE_DBPASS with the password you chose for the database.
    3. In the [memcache] section, configure the Memcache service:
      1
      2
      3
      [memcache]
      ...
      servers = localhost:11211
    4. In the [token] section, configure the UUID token provider and Memcached driver:
      1
      2
      3
      4
      [token]
      ...
      provider = keystone.token.providers.uuid.Provider
      driver = keystone.token.persistence.backends.memcache.Token
    5. In the [revoke] section, configure the SQL revocation driver:
      1
      2
      3
      [revoke]
      ...
      driver = keystone.contrib.revoke.backends.sql.Revoke
    6. (Optional) To assist with troubleshooting, enable verbose logging in the [DEFAULT] section:
      1
      2
      3
      [DEFAULT]
      ...
      verbose = True
  2. Populate the Identity service database:
    # su -s /bin/sh -c "keystone-manage db_sync" keystone

5、设置HTTP

  1. Edit the /etc/httpd/conf/httpd.conf file and configure the ServerName option to reference the controller node:

    ServerName controller
  2. Create the /etc/httpd/conf.d/wsgi-keystone.conf file with the following content:
    Listen 5000
    Listen 35357
    
    <VirtualHost *:5000>
        WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
        WSGIProcessGroup keystone-public
        WSGIScriptAlias / /var/www/cgi-bin/keystone/main
        WSGIApplicationGroup %{GLOBAL}
        WSGIPassAuthorization On
        LogLevel info
        ErrorLogFormat "%{cu}t %M"
        ErrorLog /var/log/httpd/keystone-error.log
        CustomLog /var/log/httpd/keystone-access.log combined
    </VirtualHost>
    
    <VirtualHost *:35357>
        WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
        WSGIProcessGroup keystone-admin
        WSGIScriptAlias / /var/www/cgi-bin/keystone/admin
        WSGIApplicationGroup %{GLOBAL}
        WSGIPassAuthorization On
        LogLevel info
        ErrorLogFormat "%{cu}t %M"
        ErrorLog /var/log/httpd/keystone-error.log
        CustomLog /var/log/httpd/keystone-access.log combined
    </VirtualHost>
  3. Create the directory structure for the WSGI components:
    # mkdir -p /var/www/cgi-bin/keystone
  4. Copy the WSGI components from the upstream repository into this directory:
    # curl http://git.openstack.org/cgit/openstack/keystone/plain/httpd/keystone.py?h=stable/kilo \
      | tee /var/www/cgi-bin/keystone/main /var/www/cgi-bin/keystone/admin
  5. Adjust ownership and permissions on this directory and the files in it:
    # chown -R keystone:keystone /var/www/cgi-bin/keystone
    # chmod 755 /var/www/cgi-bin/keystone/*
  • Restart the Apache HTTP server:

    # systemctl enable httpd.service
    # systemctl start httpd.service
  • 6、设置HTTP

CentOS 7部署OpenStack(二)—安装keystone服务的更多相关文章

  1. CentOS6.6部署OpenStack Havana(Nova-Network版)

    CentOS6.4部署OpenStack Havana(Nova-Network版) 一 基本设备介绍 测试环境 CentOS6.4 x64 OpenStack 服务 介绍 计算 (Compute) ...

  2. openstack组件之keystone

    一 什么是keystone keystone是 OpenStack Identity Service 的项目名称.它在整个体系中充当一个授权者的角色. Keystone项目的主要目的是给整个opens ...

  3. keystone系列二:keystone源码分析

    六 keystone架构 6.1 Keystone API Keystone API与Openstack其他服务的API类似,也是基于ReSTFul HTTP实现的. Keystone API划分为A ...

  4. openstack安装记录(二)keystone安装

    先决条件 在你配置 OpenStack 身份认证服务前,你必须创建一个数据库和管理员令牌. 完成下面的步骤以创建数据库: 用数据库连接客户端以 root 用户连接到数据库服务器: $ mysql -u ...

  5. Linux(CentOS、Ububtu)一键安装Openstack及其它参考文档汇总

    原文链接  http://www.aboutyun.com/thread-10920-1-1.html openstack相关资料 CentOS下一键安装Openstack  http://blog. ...

  6. 在Ubuntu 12.10 上安装部署Openstack

    OpenStack系统有几个关键的项目,它们能够独立地安装但是能够在你的云计算中共同工作.这些项目包括:OpenStack Compute,OpenStack Object Storage,OpenS ...

  7. OpenStack:安装Keystone

    >安装Keystone1. 安装# apt-get install keystone2. 创建dbcreate database keystone;grant all privileges on ...

  8. 决战大数据之二:CentOS 7 最新JDK 8安装

    决战大数据之二:CentOS 7 最新JDK 8安装 [TOC] 修改hostname # hostnamectl set-hostname node1 --static # reboot now 重 ...

  9. Anyconnect的VPN环境部署(1)-OpenConnect server(ocserv)服务安装

    打算在公司IDC机房部署一套VPN环境,经过考虑,最终决定采用Cisco下的开源技术AnyConnect.AnyConnect的优势有:1)长连接,待机不会断开:2)速度快,稳定性好:3)安全性好,全 ...

随机推荐

  1. 前端 angular 和 bootstrap 的安装步骤

    1.安装bower模块: npm install -g bower --registry=http://registry.npm.taobao.org 2.创建.bowerrc 文件存放 前端相关的模 ...

  2. xcode8让真机测试支持ios8.0以下版本

    xcode8支持ios8以下真机测试方法: 1.应用程序-xcode 显示包内容-Contents-Developer-Platforms-iPhoneOS.platform-DeviceSuppor ...

  3. Centos配置查看

    Reference: [1] http://www.centoscn.com/CentOS/help/2013/0928/1743.html [2] http://www.cnblogs.com/hi ...

  4. U3D杂记

    1,点击UI上的登录按钮,从脚本发出ioo.netmanager.SendConnet->进入CS->soketclient.sendconnet...->netmanager调用 ...

  5. realmswift的使用

    官网:https://realm.io/ 1.说下数据库迁移的问题: 在func application(application: UIApplication, didFinishLaunchingW ...

  6. bootstrap fileinput-上传回调

    通过第三分jquery重新绑定一个重新加载事件 $("#file-4").on("fileuploaded", function(event, data, pr ...

  7. Linq To Sqlite 一一二二

    说在前头 之所以写下这些文字,主要是因为使用LINQ的同志们都觉它的美好(至于有多美好,各位心里知道,我就不在描述了,如果你是你还不了解LINQ,园子里有大把的文章),微软老哥只提供了自家的SQLSe ...

  8. 初识Python第二天(4)

    '.isdecimal()) print('壹'.isdecimal()) print('11d'.isdecimal()) #True #False #False #只有全部为unicode数字,全 ...

  9. Ubuntu配置pyethapp

    1. 安装系统依赖 apt-get install build-essential automake pkg-config libtool libffi-dev libgmp-dev 2. Clone ...

  10. 将数据库表导入到solr索引

    将数据库表导入到solr索引 编辑solrcofnig.xml添加处理器 <requestHandler name="/dataimport" class="org ...