0. 下载安装openstack软件仓库(queens版本)
yum install centos-release-openstack-queens -y
yum install python-openstackclient -y
yum install openstack-selinux -y
1. 创建keystone数据库并授权
mysql -u root -p
CREATE DATABASE keystone;
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY '123456';
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY '123456';
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'topic' IDENTIFIED BY '123456';
2. 安装、配置组件
先安装Pip install python2-qpid-proton-0.22.0-1.el7.x86_64
再安装yum install openstack-keystone httpd mod_wsgi -y
生成一个随机值在初始的配置中作为管理员的令牌
openssl rand -hex 10
得到admin_token = xxxxxxxxx
3. 编辑 /etc/keystone/keystone.conf
[DEFAULT]
admin_token = xxxxxx #输入你上面获得的令牌
[database]
connection = mysql+pymysql://keystone:123456@192.168.241.133/keystone
[token]
provider = fernet
4. 初始化数据库
su -s /bin/sh -c "keystone-manage db_sync" keystone
keystone-manage db_sync
5. 初始化Fernet密钥库以生成令牌
keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
6. 对Keystone应用Bootstrap框架执行初始化操作 引导身份认证服务
keystone-manage bootstrap --bootstrap-password 123456 --bootstrap-admin-url http://IP地址:5000/v3/ --bootstrap-internal-url http://IP地址:5000/v3/ --bootstrap-public-url http://IP地址:5000/v3/ --bootstrap-region-id RegionOne
7. 配置Apache HTTP服务器
1)编辑/etc/httpd/conf/httpd.conf文件,配置ServerName选项,使其指向控制节点
ServerName IP地址
2)创建一个到/usr/share/keystone/wsgi-keystone.conf文件的链接文件
ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/
3)systemctl enable httpd
systemctl start httpd
4)设置环境变量,配置管理员账户
export OS_USERNAME=admin
export OS_PASSWORD=123456
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://192.168.241.133:5000/v3
export OS_IDENTITY_API_VERSION=3
将其中的ADMIN_PASS替换为上述keystone-manage bootstrap命令中使用的密码