一、安装 OpenStack Identity Service
1. 约定: Keystone使用MySQL数据库存储相关数据,相关参数如下:
库名: keystone
账户: keystonedbadmin
密码: keystone4smtest
admin_token: SM_Token
2. 安装认证服务包
sudo apt-get install keystone -y
3. 编辑/etc/keystone/keystone.conf
sudo vi /etc/keystone/keystone.conf
更新db设置如下(注释掉原来的Sqlite信息):
[database]
# The SQLAlchemy connection string used to connect to the database
connection = mysql://keystonedbadmin:keystone4smtest@192.168.3.180/keystone
4. 删除SQLite数据库
sudo rm /var/lib/keystone/keystone.db
5. 在MySQL中根据前面的约定参数值创建数据库、用户、并配置权限、设置密码
sudo mysql -uroot -p#db4smtest# -e 'CREATE DATABASE keystone;'
sudo mysql -uroot -p#db4smtest# -e 'CREATE USER keystonedbadmin;'
sudo mysql -uroot -p#db4smtest# -e "GRANT ALL PRIVILEGES ON keystone.* TO 'keystonedbadmin'@'localhost' IDENTIFIED BY 'keystone4smtest';"
sudo mysql -uroot -p#db4smtest# -e "GRANT ALL PRIVILEGES ON keystone.* TO 'keystonedbadmin'@'%' IDENTIFIED BY 'keystone4smtest';"
sudo mysql -uroot -p#db4smtest# -e "SET PASSWORD FOR 'keystonedbadmin'@'%' = PASSWORD('keystone4smtest');"
注意:Keystone的用户名和密码也会贯穿OpenStack的其他组件,写入相关配置文件。
6. 创建Identity Service表
sudo keystone-manage db_sync
注意:通过这个步骤,会在MySQL的keystone数据库中创建一些表,正常情况下,执行该步骤会出现稍微的停顿,当然用户也可以进入mysql的keystone数据库下查看是否有相关表的生成,如果有就说明创建正确,如果没有,会影响后面的步骤执行。
sm@controller:~$ mysql -uroot -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 43
Server version: 5.5.40-0ubuntu0.14.04 (Ubuntu)
Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates.