1. Install keystone
# yum install -y openstack-keystone httpd mod_wsgi memcached python-memcached2. Set Memcache open up and start Memcached
[root@linux-node1 ~]# systemctl enable memcached.service [root@linux-node1 ~]# vim /etc/sysconfig/memcached PORT="11211" USER="memcached" MAXCONN="1024" CACHESIZE="64" OPTIONS="-l 192.168.56.11,::1" [root@linux-node1 ~]# systemctl start memcached.service3.Keystone Configuration
1) Configuration Database KeyStone
[root@linux-node1 ~]# vim /etc/keystone/keystone.conf [database] connection = mysql+pymysql://keystone:[email protected]/keystone
2) Set the Token and Memcached
[token] provider = fernet
3) synchronization database:
[root@linux-node1 ~]# su -s /bin/sh -c "keystone-manage db_sync" keystone [root@linux-node1 ~]# mysql -h 192.168.56.11 -ukeystone -pkeystone -e " use keystone;show tables;"
4) the initialization fernet keys
[root@linux-node1 ~]# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone [root@linux-node1 ~]# keystone-manage credential_setup --keystone-user keystone --keystone-group keystone5) initialization keystone
[root@linux-node1 ~]# keystone-manage bootstrap --bootstrap-password admin \ --bootstrap-admin-url http://192.168.56.11:35357/v3/ \ --bootstrap-internal-url http://192.168.56.11:35357/v3/ \ --bootstrap-public-url http://192.168.56.11:5000/v3/ \ --bootstrap-region-id RegionOne6) Verify the configuration Keystone
[root@linux-node1 ~]# grep "^[a-z]" /etc/keystone/keystone.conf connection = mysql+pymysql://keystone:[email protected]/keystone provider = fernet7) KeyStone [root @ linux-node1 ~] # vim start /etc/httpd/conf/httpd.conf
ServerName 192.168.56.11:80 create a profile [root @ linux-node1 ~] # ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/
Start keystone, and view port.
[root@linux-node1 ~]# systemctl enable httpd.service [root@linux-node1 ~]# systemctl start httpd.service
Set Environment Variables
[root@linux-node1 ~]# export OS_USERNAME=admin [root@linux-node1 ~]# export OS_PASSWORD=admin [root@linux-node1 ~]# export OS_PROJECT_NAME=admin [root@linux-node1 ~]# export OS_USER_DOMAIN_NAME=Default [root@linux-node1 ~]# export OS_PROJECT_DOMAIN_NAME=Default [root@linux-node1 ~]# export OS_AUTH_URL=http://192.168.56.11:35357/v3 [root@linux-node1 ~]# export OS_IDENTITY_API_VERSION=3
Create a project and demo users
# openstack project create --domain default --description "Demo Project" demo # openstack user create --domain default --password demo demo # openstack role create user # openstack role add --project demo --user demo user
Creating Service Project
# openstack project create --domain default --description "Service Project" serviceCreate a glance User
# openstack user create --domain default --password glance glance # openstack role add --project service --user glance adminCreate a user nova
# openstack user create --domain default --password nova nova # openstack role add --project service --user nova adminUsers create placement
# openstack user create --domain default --password placement placement # openstack role add --project service --user placement adminUsers create Neutron
# openstack user create --domain default --password neutron neutron # openstack role add --project service --user neutron adminCreate a cinder user
# openstack user create --domain default --password cinder cinder # openstack role add --project service --user cinder admin
Verify Keystone
[root@linux-node1 ~]# unset OS_AUTH_URL OS_PASSWORD [root@linux-node1 ~]# openstack --os-auth-url http://192.168.56.11:35357/v3 \ --os-project-domain-name default --os-user-domain-name default \ --os-project-name admin --os-username admin token issue Password: … [root@linux-node1 ~]# openstack --os-auth-url http://192.168.56.11:5000/v3 \ --os-project-domain-name default --os-user-domain-name default \ --os-project-name demo --os-username demo token issue Password:
[root@linux-node1 ~]# vim /root/admin-openstack.sh export OS_PROJECT_DOMAIN_NAME=Default export OS_USER_DOMAIN_NAME=Default export OS_PROJECT_NAME=admin export OS_USERNAME=admin export OS_PASSWORD=admin export OS_AUTH_URL=http://192.168.56.11:35357/v3 export OS_IDENTITY_API_VERSION=3 export OS_IMAGE_API_VERSION=2
[root@linux-node1 ~]# vim /root/demo-openstack.sh export OS_PROJECT_DOMAIN_NAME=Default export OS_USER_DOMAIN_NAME=Default export OS_PROJECT_NAME=demo export OS_USERNAME=demo export OS_PASSWORD=demo export OS_AUTH_URL=http://192.168.56.11:5000/v3 export OS_IDENTITY_API_VERSION=3 export OS_IMAGE_API_VERSION=2
[root@linux-node1 ~]# source admin-openstack.sh [root@linux-node1 ~]# openstack token issue [root@linux-node1 ~]# source demo-openstack.sh [root@linux-node1 ~]# openstack token issue