keystone的手动安装
2015-07-07 21:23
281 查看
controller:
yum install openstack-keystone python-keystoneclient -y
openstack-config --set /etc/keystone/keystone.conf \
database connection mysql://keystone:openstack@10.0.0.10/keystone
mysql -u root -popenstack
mysql> CREATE DATABASE keystone;
mysql> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' \
IDENTIFIED BY 'openstack';
mysql> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' \
IDENTIFIED BY 'openstack';
mysql> exit
su -s /bin/sh -c "keystone-manage db_sync" keystone
openstack-config --set /etc/keystone/keystone.conf DEFAULT admin_token $ADMIN_TOKEN
keystone-manage pki_setup --keystone-user keystone --keystone-group keystone
chown -R keystone:keystone /etc/keystone/ssl
chmod -R o-rwx /etc/keystone/ssl
service openstack-keystone start
chkconfig openstack-keystone on
(crontab -l -u keystone 2>&1 | grep -q token_flush) || \
echo '@hourly /usr/bin/keystone-manage token_flush >/var/log/keystone/
keystone-tokenflush.log 2>&1' >> /var/spool/cron/keystone
export OS_SERVICE_TOKEN=$ADMIN_TOKEN
export OS_SERVICE_ENDPOINT=http://10.0.0.10:35357/v2.0
创建管理员用户
eystone user-create --name=admin --pass=admin --email=admin@11.com
创建管理员角色
keystone role-create --name=admin
创建管理员租户
keystone tenant-create --name=admin --description="Admin Tenant"
绑定用户角色一个管理员角色一个普通用户角色
keystone user-role-add --user=admin --tenant=admin --role=admin
keystone user-role-add --user=admin --role=_member_ --tenant=admin
创建一个普通用户
keystone user-create --name=demo --pass=demo --email=demo@11.com
keystone tenant-create --name=demo --description="Demo Tenant"
keystone user-role-add --user=demo --role=_member_ --tenant=demo
创建service租户
keystone tenant-create --name=service --description="Service Tenant"
创建认证服务
keystone service-create --name=keystone --type=identity --description="OpenStack Identity"
创建认证服务的端口
keystone endpoint-create \
--service-id=$(keystone service-list | awk '/ identity / {print $2}') \
--publicurl=http://controller:5000/v2.0 \
--internalurl=http://controller:5000/v2.0 \
--adminurl=http://controller:35357/v2.0
unset OS_SERVICE_TOKEN OS_SERVICE_ENDPOINT
keystone --os-username=admin --os-password=admin --os-auth-url=http://10.0.0.10:35357/v2.0 token-get
keystone --os-username=admin --os-password=admin \
--os-tenant-name=admin --os-auth-url=http://controller:35357/v2.0 token-get
vim admin-openrc.sh
export OS_USERNAME=admin
export OS_PASSWORD=admin
export OS_TENANT_NAME=admin
export OS_AUTH_URL=http://10.0.0.10:35357/v2.0
source admin-openrc.sh
vim demo-openrc.sh
export OS_USERNAME=demo
export OS_PASSWORD=demo
export OS_TENANT_NAME=demo
export OS_AUTH_URL=http://10.0.0.10:35357/v2.0
keystone token-get
keystone user-list
keystone user-role-list --user admin --tenant admin
本文出自 “gaogaozi” 博客,请务必保留此出处http://hangtiangazi.blog.51cto.com/8584103/1671824
yum install openstack-keystone python-keystoneclient -y
openstack-config --set /etc/keystone/keystone.conf \
database connection mysql://keystone:openstack@10.0.0.10/keystone
mysql -u root -popenstack
mysql> CREATE DATABASE keystone;
mysql> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' \
IDENTIFIED BY 'openstack';
mysql> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' \
IDENTIFIED BY 'openstack';
mysql> exit
su -s /bin/sh -c "keystone-manage db_sync" keystone
openstack-config --set /etc/keystone/keystone.conf DEFAULT admin_token $ADMIN_TOKEN
keystone-manage pki_setup --keystone-user keystone --keystone-group keystone
chown -R keystone:keystone /etc/keystone/ssl
chmod -R o-rwx /etc/keystone/ssl
service openstack-keystone start
chkconfig openstack-keystone on
(crontab -l -u keystone 2>&1 | grep -q token_flush) || \
echo '@hourly /usr/bin/keystone-manage token_flush >/var/log/keystone/
keystone-tokenflush.log 2>&1' >> /var/spool/cron/keystone
export OS_SERVICE_TOKEN=$ADMIN_TOKEN
export OS_SERVICE_ENDPOINT=http://10.0.0.10:35357/v2.0
创建管理员用户
eystone user-create --name=admin --pass=admin --email=admin@11.com
创建管理员角色
keystone role-create --name=admin
创建管理员租户
keystone tenant-create --name=admin --description="Admin Tenant"
绑定用户角色一个管理员角色一个普通用户角色
keystone user-role-add --user=admin --tenant=admin --role=admin
keystone user-role-add --user=admin --role=_member_ --tenant=admin
创建一个普通用户
keystone user-create --name=demo --pass=demo --email=demo@11.com
keystone tenant-create --name=demo --description="Demo Tenant"
keystone user-role-add --user=demo --role=_member_ --tenant=demo
创建service租户
keystone tenant-create --name=service --description="Service Tenant"
创建认证服务
keystone service-create --name=keystone --type=identity --description="OpenStack Identity"
创建认证服务的端口
keystone endpoint-create \
--service-id=$(keystone service-list | awk '/ identity / {print $2}') \
--publicurl=http://controller:5000/v2.0 \
--internalurl=http://controller:5000/v2.0 \
--adminurl=http://controller:35357/v2.0
unset OS_SERVICE_TOKEN OS_SERVICE_ENDPOINT
keystone --os-username=admin --os-password=admin --os-auth-url=http://10.0.0.10:35357/v2.0 token-get
keystone --os-username=admin --os-password=admin \
--os-tenant-name=admin --os-auth-url=http://controller:35357/v2.0 token-get
vim admin-openrc.sh
export OS_USERNAME=admin
export OS_PASSWORD=admin
export OS_TENANT_NAME=admin
export OS_AUTH_URL=http://10.0.0.10:35357/v2.0
source admin-openrc.sh
vim demo-openrc.sh
export OS_USERNAME=demo
export OS_PASSWORD=demo
export OS_TENANT_NAME=demo
export OS_AUTH_URL=http://10.0.0.10:35357/v2.0
keystone token-get
keystone user-list
keystone user-role-list --user admin --tenant admin
本文出自 “gaogaozi” 博客,请务必保留此出处http://hangtiangazi.blog.51cto.com/8584103/1671824
相关文章推荐
- leetcode 008 —— String to Integer (atoi)
- 将 EGL 代码与 DXGI 和 Direct3D 进行比较
- 加密技术在移动开发中的应用
- 瀑布流和图片缩放swift版
- Activity的四种launchMode
- leetCode 28.Implement strStr() (实现字符串匹配函数) 解题思路和方法
- bzoj-3172 单词
- WCF - Architecture
- 《opencv 入门教程》
- Windows下SVN命令行工具使用详解
- 什么是高大上的数据分析方法?
- Windows下SVN命令行工具使用详解
- EL表达式整理总结
- 推荐系统中常用算法 以及优点缺点对比
- 【android】开发笔记---存储篇
- iis 在站点中新建虚拟目录站点之后,虚拟目录中的 web.config 与 主站点中的 web.config冲突解决方案
- ASP.NET MVC WebApi 返回数据类型序列化控制(json,xml)
- C语言求大数阶乘
- Java 多线程
- 准备面试可以关注的问题------胡老师给的金玉良言