Openstack(Kilo)安装系列之Keystone(三)
2015-12-17 13:08
435 查看
安装配置
Before you configure the OpenStack Identity service, you must create a database and an administration token.
一、创建keystone数据库并授权
1.登陆数据库
2.创建数据库并授权
Replace
二、创建管理员token
记住token值
三、安装配置keystone
1.安装keystone
2.Start the Memcached service and configure it to start when the system boots
3.Edit the
a.In the
Replace
b.In the
Replace
c.In the
d.In the
e.In the
f.(Optional) To assist with troubleshooting, enable verbose logging in the
4.Populate the Identity service database:
四、To configure the Apache HTTP server
1.Edit the
2.Create the
3.Create the directory structure for the WSGI components:
4.Copy the WSGI components from the upstream repository into this directory:
5.Adjust ownership and permissions on this directory and the files in it:
6.启动Apache服务,设置开机自起
Before you configure the OpenStack Identity service, you must create a database and an administration token.
一、创建keystone数据库并授权
1.登陆数据库
mysql -u root -p
2.创建数据库并授权
CREATE DATABASE keystone; GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'KEYSTONE_DBPASS'; GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'KEYSTONE_DBPASS';
Replace
KEYSTONE_DBPASSwith a suitable password.
二、创建管理员token
openssl rand -hex 10
记住token值
三、安装配置keystone
1.安装keystone
yum install openstack-keystone httpd mod_wsgi python-openstackclient memcached python-memcached
2.Start the Memcached service and configure it to start when the system boots
systemctl enable memcached.service systemctl start memcached.service
3.Edit the
/etc/keystone/keystone.conffile and complete the following actions
a.In the
[DEFAULT]section, define the value of the initial administration token:
[DEFAULT] ... admin_token = ADMIN_TOKEN
Replace
ADMIN_TOKENwith the random value that you generated in a previous step.
b.In the
[database]section, configure database access:
[database] ... connection = mysql://keystone:KEYSTONE_DBPASS@controller/keystone
Replace
KEYSTONE_DBPASSwith the password you chose for the database.
c.In the
[memcache]section, configure the Memcache service:
[memcache] ... servers = localhost:11211
d.In the
[token]section, configure the UUID token provider and Memcached driver:
[token] ... provider = keystone.token.providers.uuid.Provider driver = keystone.token.persistence.backends.memcache.Token
e.In the
[revoke]section, configure the SQL revocation driver:
[revoke] ... driver = keystone.contrib.revoke.backends.sql.Revoke
f.(Optional) To assist with troubleshooting, enable verbose logging in the
[DEFAULT]section:
[DEFAULT] ... verbose = True
4.Populate the Identity service database:
su -s /bin/sh -c "keystone-manage db_sync" keystone
四、To configure the Apache HTTP server
1.Edit the
/etc/httpd/conf/httpd.conffile and configure the
ServerNameoption to reference the controller node:
ServerName controller
2.Create the
/etc/httpd/conf.d/wsgi-keystone.conffile with the following content:
Listen 5000 Listen 35357 <VirtualHost *:5000> WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP} WSGIProcessGroup keystone-public WSGIScriptAlias / /var/www/cgi-bin/keystone/main WSGIApplicationGroup %{GLOBAL} WSGIPassAuthorization On LogLevel info ErrorLogFormat "%{cu}t %M" ErrorLog /var/log/httpd/keystone-error.log CustomLog /var/log/httpd/keystone-access.log combined </VirtualHost> <VirtualHost *:35357> WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP} WSGIProcessGroup keystone-admin WSGIScriptAlias / /var/www/cgi-bin/keystone/admin WSGIApplicationGroup %{GLOBAL} WSGIPassAuthorization On LogLevel info ErrorLogFormat "%{cu}t %M" ErrorLog /var/log/httpd/keystone-error.log CustomLog /var/log/httpd/keystone-access.log combined </VirtualHost>
3.Create the directory structure for the WSGI components:
mkdir -p /var/www/cgi-bin/keystone
4.Copy the WSGI components from the upstream repository into this directory:
curl http://git.openstack.org/cgit/openstack/keystone/plain/httpd/keystone.py?h=stable/kilo | tee /var/www/cgi-bin/keystone/main /var/www/cgi-bin/keystone/admin
5.Adjust ownership and permissions on this directory and the files in it:
chown -R keystone:keystone /var/www/cgi-bin/keystone chmod 755 /var/www/cgi-bin/keystone/*
6.启动Apache服务,设置开机自起
systemctl enable httpd.service systemctl start httpd.service
相关文章推荐
- fedora21客户端登录centos7服务器创建ssh无密码
- [LINK]OpenResty
- Linux权限——文件权限修改
- Linux环境变量的设置和查看
- hadoop再次集群搭建(3)-如何选择相应的hadoop版本
- hadoop再次集群搭建(3)-如何选择相应的hadoop版本
- 初始化配置CentOS7
- 直接双击启动tomcat中的startup.bat闪退原因及解决方法
- nginx+uwsgi+django
- shell 命令之 find命令二
- ubuntu android环境搭建-转载自google官方网站
- hadoop再次集群搭建(2)-配置免秘钥ssh登录
- hadoop再次集群搭建(2)-配置免秘钥ssh登录
- hadoop再次集群搭建(1)-安装系统
- hadoop再次集群搭建(1)-安装系统
- 浅析tomcat nio 配置
- linux /proc/loadavg(平均负载)
- Shell脚本控制tomcat的docker容器的创建,删除,启动,关闭
- linux /proc/loadavg(平均负载)
- centos 7.0 java+tomcat+mysql 环境搭建