1、创建数据库

[root@controller ~]# mysql -u root -p
[root@controller ~]# CREATE DATABASE keystone;
[root@controller ~]# GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'PWS';
[root@controller ~]# GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'PWS';
[root@controller ~]# openssl rand -hex 10

2、安装keystone

yum install openstack-keystone httpd mod_wsgi python-openstackclient memcached python-memcached

3、启动memcache

# systemctl enable memcached.service
# systemctl start memcached.service

4、设置环境

  1. Edit the /etc/keystone/keystone.conf file and complete the following actions:
    1. In the [DEFAULT] section, define the value of the initial administration token:
      1
      2
      3
      [DEFAULT]
      ...
      admin_token = ADMIN_TOKEN
      Replace ADMIN_TOKEN with the random value that you generated in a previous step.
    2. In the [database] section, configure database access:
      1
      2
      3
      [database]
      ...
      connection = mysql://keystone:KEYSTONE_DBPASS@controller/keystone
      Replace KEYSTONE_DBPASS with the password you chose for the database.
    3. In the [memcache] section, configure the Memcache service:
      1
      2
      3
      [memcache]
      ...
      servers = localhost:11211
    4. In the [token] section, configure the UUID token provider and Memcached driver:
      1
      2
      3
      4
      [token]
      ...
      provider = keystone.token.providers.uuid.Provider
      driver = keystone.token.persistence.backends.memcache.Token
    5. In the [revoke] section, configure the SQL revocation driver:
      1
      2
      3
      [revoke]
      ...
      driver = keystone.contrib.revoke.backends.sql.Revoke
    6. (Optional) To assist with troubleshooting, enable verbose logging in the [DEFAULT] section:
      1
      2
      3
      [DEFAULT]
      ...
      verbose = True
  2. Populate the Identity service database:
    # su -s /bin/sh -c "keystone-manage db_sync" keystone

5、设置HTTP

  1. Edit the /etc/httpd/conf/httpd.conf file and configure the ServerName option to reference the controller node:

    ServerName controller
  2. Create the /etc/httpd/conf.d/wsgi-keystone.conf file with the following content:
    Listen 5000
    Listen 35357
    
    <VirtualHost *:5000>
        WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
        WSGIProcessGroup keystone-public
        WSGIScriptAlias / /var/www/cgi-bin/keystone/main
        WSGIApplicationGroup %{GLOBAL}
        WSGIPassAuthorization On
        LogLevel info
        ErrorLogFormat "%{cu}t %M"
        ErrorLog /var/log/httpd/keystone-error.log
        CustomLog /var/log/httpd/keystone-access.log combined
    </VirtualHost>
    
    <VirtualHost *:35357>
        WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
        WSGIProcessGroup keystone-admin
        WSGIScriptAlias / /var/www/cgi-bin/keystone/admin
        WSGIApplicationGroup %{GLOBAL}
        WSGIPassAuthorization On
        LogLevel info
        ErrorLogFormat "%{cu}t %M"
        ErrorLog /var/log/httpd/keystone-error.log
        CustomLog /var/log/httpd/keystone-access.log combined
    </VirtualHost>
  3. Create the directory structure for the WSGI components:
    # mkdir -p /var/www/cgi-bin/keystone
  4. Copy the WSGI components from the upstream repository into this directory:
    # curl http://git.openstack.org/cgit/openstack/keystone/plain/httpd/keystone.py?h=stable/kilo \
      | tee /var/www/cgi-bin/keystone/main /var/www/cgi-bin/keystone/admin
  5. Adjust ownership and permissions on this directory and the files in it:
    # chown -R keystone:keystone /var/www/cgi-bin/keystone
    # chmod 755 /var/www/cgi-bin/keystone/*
  • Restart the Apache HTTP server:

    # systemctl enable httpd.service
    # systemctl start httpd.service
  • 6、设置HTTP

CentOS 7部署OpenStack(二)—安装keystone服务的更多相关文章

  1. CentOS6.6部署OpenStack Havana(Nova-Network版)

    CentOS6.4部署OpenStack Havana(Nova-Network版) 一 基本设备介绍 测试环境 CentOS6.4 x64 OpenStack 服务 介绍 计算 (Compute) ...

  2. openstack组件之keystone

    一 什么是keystone keystone是 OpenStack Identity Service 的项目名称.它在整个体系中充当一个授权者的角色. Keystone项目的主要目的是给整个opens ...

  3. keystone系列二:keystone源码分析

    六 keystone架构 6.1 Keystone API Keystone API与Openstack其他服务的API类似,也是基于ReSTFul HTTP实现的. Keystone API划分为A ...

  4. openstack安装记录(二)keystone安装

    先决条件 在你配置 OpenStack 身份认证服务前,你必须创建一个数据库和管理员令牌. 完成下面的步骤以创建数据库: 用数据库连接客户端以 root 用户连接到数据库服务器: $ mysql -u ...

  5. Linux(CentOS、Ububtu)一键安装Openstack及其它参考文档汇总

    原文链接  http://www.aboutyun.com/thread-10920-1-1.html openstack相关资料 CentOS下一键安装Openstack  http://blog. ...

  6. 在Ubuntu 12.10 上安装部署Openstack

    OpenStack系统有几个关键的项目,它们能够独立地安装但是能够在你的云计算中共同工作.这些项目包括:OpenStack Compute,OpenStack Object Storage,OpenS ...

  7. OpenStack:安装Keystone

    >安装Keystone1. 安装# apt-get install keystone2. 创建dbcreate database keystone;grant all privileges on ...

  8. 决战大数据之二:CentOS 7 最新JDK 8安装

    决战大数据之二:CentOS 7 最新JDK 8安装 [TOC] 修改hostname # hostnamectl set-hostname node1 --static # reboot now 重 ...

  9. Anyconnect的VPN环境部署(1)-OpenConnect server(ocserv)服务安装

    打算在公司IDC机房部署一套VPN环境,经过考虑,最终决定采用Cisco下的开源技术AnyConnect.AnyConnect的优势有:1)长连接,待机不会断开:2)速度快,稳定性好:3)安全性好,全 ...

随机推荐

  1. sharepoint2010问卷调查(1)-实现问卷的图片调查(采用JS实现)

      1. 首先建立个图片库上传图片 2. 采用:评估范围(一系列选项或 Likert 范围)制作,如下图: http://win-i07fillcfom:8003/DocLib2/1.jpg http ...

  2. mormot THttpApiServer使用例子

    mormot THttpApiServer使用例子 THttpApiServer封装了WINDOWS的HTTPS.SYS. unit Unit1; interface uses Winapi.Wind ...

  3. MXNet符号编程

    构成符号: 符号对我们想要进行的计算进行了描述, 下图展示了符号如何对计算进行描述. 下图定义了符号变量A, 符号变量B, 生成了符号变量C, 其中, A, B为参数节点, C为内部节点! mxnet ...

  4. oracle11g RAC添加节点

    OS: [root@rac ~]# more /etc/oracle-releaseOracle Linux Server release 5.7 DB: SQL> SELECT * FROM ...

  5. System.Windows.Forms.AxHost.InvalidActiveXStateException”类型的异常在 ESRI.ArcGIS.AxControls.dll 中发生,但未在用户代码中进行处理

    private void CopyAndOverwriteMap() { //IObjectCopy接口变量申明 IObjectCopy objectCopy = new ObjectCopyClas ...

  6. javascript 冒泡

    http://www.cnblogs.com/hh54188/archive/2012/02/08/2343357.html http://blog.csdn.net/xuefeng0707/arti ...

  7. OC基础1:一些基本概念

    "OC基础"这个分类的文章是我在自学Stephen G.Kochan的<Objective-C程序设计第6版>过程中的笔记. 1.关于类方法和实例方法: (1).类方法 ...

  8. How to recover a skipped tablespace after an incomplete recovery with resetlogs? [ID 1561645.1]

    n this Document   Goal   Solution This document is being delivered to you via Oracle Support's Rapid ...

  9. FreeRTOS 中断优先级嵌套错误引发HardFault异常解决

          最近在使用FreeRTOS的时候,突然发现程序在运行了几分钟之后所有的任务都不再调用了,只有几个中断能正常使用,看来是系统挂掉了,连续测试了几次想找出问题,可是这个真的有点不知所措.   ...

  10. Java 的String类

    String类 1.String对象的初始化 由于String对象特别常用,所以在对String对象进行初始化时,Java提供了一种简化的特殊语法,格式如下: String s = “abc”; s ...