openstack(train版)快速安装部署-keystone服务(二)

1)mysql添加数据库,建立用户
mysql -u root -p
CREATE DATABASE keystone;
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' \
IDENTIFIED BY '123456';
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' \
IDENTIFIED BY '123456';
2)安装软件包并修改/etc/keystone/keystone.conf配置文件
yum install openstack-keystone httpd mod_wsgi -y
vi /etc/keystone/keystone.conf
#在 [database]部分, 配置数据库访问权限:
[database]
# ...
connection = mysql+pymysql://keystone:123456@controller/keystone
#在[token] 部分, 配置Fernet token provider
[token]
# ...
provider = fernet
也可以使用openstack配置工具
openstack-config --set /etc/keystone/keystone.conf database connection  mysql+pymysql://keystone:123456@controller/keystone
openstack-config --set /etc/keystone/keystone.conf token provider  fernet
3)同步认证服务数据库:
su -s /bin/sh -c "keystone-manage db_sync" keystone
4)初始化Fernet key库:
keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
keystone-manage credential_setup --keystone-user keystone --keystone-group keyston
5)、引导身份认证服务:
keystone-manage bootstrap --bootstrap-password 123456 \
    --bootstrap-admin-url http://controller:5000/v3/ \
    --bootstrap-internal-url http://controller:5000/v3/ \
    --bootstrap-public-url http://controller:5000/v3/ \
    --bootstrap-region-id RegionOne
6)、配置apache http服务
vim /etc/httpd/conf/httpd.conf修改ServerName controller
ServerName controller
#添加链接文件
ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/
#启动服务
systemctl enable httpd.service && systemctl start httpd.service
7)、配置administrative 账户
export OS_USERNAME=admin
export OS_PASSWORD=123456
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
8)、创建项目和用户
openstack project create --domain default   --description "Service Project"  service
openstack project create --domain default   --description "Demo Project" demo
openstack user create --domain default --password-prompt demo
openstack role create user
openstack role add --project demo --user demo user
#测试创建的用户验证是否通过
openstack --os-auth-url http://controller:5000/v3 \
  --os-project-domain-name Default --os-user-domain-name Default \
  --os-project-name admin --os-username admin token issue
openstack --os-auth-url http://controller:5000/v3 \
  --os-project-domain-name Default --os-user-domain-name Default \
  --os-project-name demo --os-username demo token issue
9)、建立admin-openrc环境变量文件
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=123456
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
#建立demo-openrc环境变量文件
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=demo
export OS_USERNAME=demo
export OS_PASSWORD=123456
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
 

  • 0
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 0
    评论

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值