node1 host execution
1.mysql -u root -p
2.create database keystone; create a database
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| keystone |
| mysql |
| performance_schema |
+--------------------+
3. GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' \
-> IDENTIFIED BY 'KEYSTONE_DBPASS'; log on locally
4.GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' \
-> IDENTIFIED BY 'KEYSTONE_DBPASS'; remote login
Expand the contents of the remote database attempts to log on at
cd /etc/yum.repos.d/
ls
vim cdrom.repo create a local source
[peng]
name=peng
gpgcheck=0
enabled=1
baseurl = file: /// mnt
mount / dev / sr0 / mnt have CD and mount
yum clean all
yum makecache
Other terminal first download mariadb
yum install mariadb -y
keystone start is a need to start http http module in
5.yum install openstack-keystone httpd mod_wsgi -y
Modify the configuration file
6 cd /etc/keystone
ls
[root@node1 ~]# cd /etc/keystone
[root@node1 keystone]# ls
default_catalog.templates keystone.conf keystone-paste.ini logging.conf policy.json sso_callback_template.html
Make a backup copy keystone.conf keystone.beifen then edit to prevent modification errors
[Root @ node1 keystone] # ll see the specific permissions owner is a group of information
Total amount 260
-rw-r----- 1 root keystone 2303 7月 27 2018 default_catalog.templates
-rw-r----- 1 root root 117987 8月 1 18:42 keystone.beifen
-rw-r----- 1 root keystone 117987 8月 1 18:45 keystone.conf
-rw-r----- 1 root keystone 2759 7月 27 2018 keystone-paste.ini
-rw-r----- 1 root keystone 1046 7月 27 2018 logging.conf
-rw-r----- 1 keystone keystone 9821 7月 27 2018 policy.json
-rw-r----- 1 keystone keystone 665 7月 27 2018 sso_callback_template.html
7 vim keystone.conf
Delete the original contents of the file to copy the contents of the following configuration content of this page bottom content
keystone need to connect to a database in which machine Login Login to which the library
[database]
connection = mysql + pymysql: // keystone: KEYSTONE_DBPASS @ node1 / keystone need to be modified to node1
8.mysql -uroot -p123 keystone inside the database table does not need to import the contents of the table
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| keystone |
| mysql |
| performance_schema |
+--------------------+
4 rows in set (0.00 sec)
MariaDB [(none)]> use keystone
Database changed
MariaDB [keystone]> show tables;
Empty set (0.00 sec)
9. keystone database table inside the content import table is empty
[root@node1 ~]# cd /etc/keystone
[root@node1 keystone]# ls
default_catalog.templates keystone.conf logging.conf sso_callback_template.html
keystone.beifen keystone-paste.ini policy.json
[root@node1 keystone]# su -s /bin/sh -c "keystone-manage db_sync" keystone
[root @ node1 keystone] # in the import table keystone
su -s /bin/sh -c "keystone-manage db_sync" keystone
10. [root@node1 keystone]#
Establish keystone Users and Groups
keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
Authentication of identity information
keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
11.
[root@node1 keystone]#
keystone-manage bootstrap --bootstrap-password ADMIN_PASS \ password --bootstrap-admin-url http: // node1: 35357 / v3 / \ --bootstrap-internal-url http: // node1: 5000 / v3 / \ - -bootstrap-public-url http: // node1: 5000 / v3 / \ public service endpoint address --bootstrap-region-id RegionOne
12 vim /etc/httpd/conf/httpd.conf
13.ServerName controller into ServerName node1
14.
cd etc/httpd/conf.d/
ls
ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/
Nothing
[root@node1 conf.d]# ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/
[root@node1 conf.d]# ls
autoindex.conf cobbler.conf README userdir.conf welcome.conf wsgi-keystone.conf
15. systemctl start httpd.service 启动keystone
systemctl enable httpd.service
systemctl status httpd.service
The first machine installed keystone
16.[root@node1 ~]# cd
[root@node1 ~]#
vim openrc export OS_USERNAME = admin declare the variable name system users export OS_PASSWORD = ADMIN_PASS password export OS_PROJECT_NAME = domain xport OS_PROJECT_DOMAIN_NAME admin work project export OS_USER_DOMAIN_NAME = Default user work = Default export OS_AUTH_URL = http: // node1: 35357 / v3 certification address export OS_IDENTITY_API_VERSION = ipa version 3 certification
17 source openrc declare variables
Equivalent to step finished entering the account password and click the link
8.openstack user list to view the list of users openstack environment
19 openstack project list to see a list of items
20 openstack user create class create user openstack
21 openstack user delete class delete users
22 openstack role list list of roles
23 openstack role create user to create the role of a user
24 openstack role add --project demo --user demo user to create a user
eg : openstack role add --project admin --user yunwei admin
(Yunwei create a user in the admin project admin role)
25 Creating project
- 1. Create a demo of the user password is set to prompt field is set to default openstack user create --domain default \ --password = demo demo
- 2. 创建一个demo的项目 域设置为 default openstack project create --domain default \ --description "Demo Project" demo openstack project create --domain default \ --description "Service Project" service +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | Service Project | | domain_id | default | | enabled | True | | id | 24ac7f19cd944f4cba1d77469b2a73ed | | is_domain | False | | name | service | | parent_id | default | +-------------+----------------------------------+