1、创建数据库
mysql -u root -p
MariaDB [(none)]>create database keystone;
Query OK,1 row affected (0.00sec)
MariaDB [(none)]>create database glance;
Query OK,1 row affected (0.00sec)
MariaDB [(none)]>create database nova;
Query OK,1 row affected (0.00sec)
MariaDB [(none)]>create database nova_api;
Query OK,1 row affected (0.00sec)
MariaDB [(none)]>create database neutron;
Query OK,1 row affected (0.00sec)
MariaDB [(none)]>create database cinder;
Query OK,1 row affected (0.00sec)
MariaDB [(none)]> grant all on keystone.* to 'keystone'@'localhost' identified by 'keystone';
Query OK,0 rows affected (0.00sec)
MariaDB [(none)]> grant all on keystone.* to 'keystone'@'%' identified by 'keystone';
Query OK,0 rows affected (0.00sec)
MariaDB [(none)]> grant all on glance.* to 'glance'@'localhost' identified by 'glance';
Query OK,0 rows affected (0.00sec)
MariaDB [(none)]> grant all on glance.* to 'glance'@'%' identified by 'glance';
Query OK,0 rows affected (0.00sec)
MariaDB [(none)]> grant all on nova.* to 'nova'@'localhost' identified by 'nova';
Query OK,0 rows affected (0.00sec)
MariaDB [(none)]> grant all on nova.* to 'nova'@'%' identified by 'nova';
Query OK,0 rows affected (0.01sec)
MariaDB [(none)]> grant all on nova_api.* to 'nova'@'localhost' identified by 'nova';
Query OK,0 rows affected (0.00sec)
MariaDB [(none)]> grant all on nova_api.* to 'nova'@'%' identified by 'nova';
Query OK,0 rows affected (0.00sec)
MariaDB [(none)]> grant all on nova_cell0.* to 'nova'@'localhost' identified by 'nova';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> grant all on nova_cell0.* to 'nova'@'%' identified by 'nova';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> grant all on neutron.* to 'neutron'@'localhost' identified by 'neutron';
Query OK,0 rows affected (0.00sec)
MariaDB [(none)]> grant all on neutron.* to 'neutron'@'%' identified by 'neutron';
Query OK,0 rows affected (0.00sec)
MariaDB [(none)]> grant all on cinder.* to 'cinder'@'localhost' identified by 'cinder';
Query OK,0 rows affected (0.00sec)
MariaDB [(none)]> grant all on cinder.* to 'cinder'@'%' identified by 'cinder';
Query OK,0 rows affected (0.00 sec)
2、配置keystone.conf配置文件
vim /etc/keystone/keystone.conf
[database]
connection= mysql+pymysql://keystone:keystone@192.168.90.254/keystone
3、初始化数据库
su -s /bin/sh -c "keystone-manage db_sync" keystone
4、验证数据库是否成功
mysql -h 192.168.90.254 -u keystone -pkeystone -e "use keystone;show tables;";
5、memcache配置
vim /etc/keystone/keystone.conf
[memchache]
servers=192.168.90.254:11211
6、安装memcache并配置
yum install memcached python-memcached
systemctl enable memcached.service
systemctl start memcached.service
7、更改连接memcache连接地址
vim /etc/sysconf/memcached
OPTIONS="-l 192.168.90.254,::1"
8、验证
netstat -tlp
9、更改令牌的提供者和驱动
vim /etc/keystone/keystone.conf
provider=fernet
driver= memcache
10、查看keystone.conf做了什么编辑
grep '^[a-z]' /etc/keystone/keystone.conf
connection = mysql+pymysql://keystone:keystone@192.168.90.254/keystone
servers = 192.168.90.254:11211
provider = fernet
driver = memcache
11、初始化key
keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
12、keystone服务注册
keystone-manage bootstrap --bootstrap-password admin \--bootstrap-admin-url http://192.168.90.254:35357/v3/ \
--bootstrap-internal-url http://192.168.90.254:5000/v3/ \
--bootstrap-public-url http://192.168.90.254:5000/v3/ \
--bootstrap-region-id RegionOne
13、配置Apache HTTP服务器
vim /etc/httpd/conf/httpd.conf
ServerName192.168.90.254:80
14、创建软链接
ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/
15、启动httpd
systemctl enable httpd.service
systemctl start httpd.service
16、配置keystone环境变量
export OS_USERNAME=admin
export OS_PASSWORD=admin
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://192.168.90.254:35357/v3
export OS_IDENTITY_API_VERSION=3
17、创建一个service项目
openstack project create --domain default\--description "Service Project" service
18、创建demo项目、用户、角色,将demo用户加入demo项目赋予user角色
openstack project create --domain default\--description "Demo Project"demo
openstack user create--domain default\--password-prompt demo
openstack role create user
openstack role add--project demo --user demo user
19、创建用户
openstack user create --domain default --password-prompt glance
openstack role add--project service --user glance admin
openstack user create--domain default --password-prompt nova
openstack role add--project service --user nova admin
openstack user create--domain default --password-prompt neutron
openstack role add--project service --user neutron admin
openstack user create--domain default --password-prompt cinder
openstack role add--project service --user cinder admin
openstack user create --domain default --password-prompt placement
openstack role add --project service --user placement admin
20、验证是否能请求到令牌
unset OS_AUTH_URL OS_PASSWORD
openstack--os-auth-url http://192.168.90.254:35357/v3 \
--os-project-domain-name default --os-user-domain-name default\--os-project-name admin --os-username admin token issue
openstack--os-auth-url http://192.168.90.254:5000/v3 \
--os-project-domain-name default --os-user-domain-name default\--os-project-name demo --os-username demo token issue
21、创建环境变量脚本
vim admin-openstack
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=admin
export OS_AUTH_URL=http://192.168.90.254:35357/v3
export OS_IDENTITY_API_VERSION=3export OS_IMAGE_API_VERSION=2vim demo-openstack
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=demo
export OS_USERNAME=demo
export OS_PASSWORD=demo
export OS_AUTH_URL=http://192.168.90.254:5000/v3
export OS_IDENTITY_API_VERSION=3export OS_IMAGE_API_VERSION=2