Keystone安装配置
Keystone安装配置
0. 下载安装openstack软件仓库(queens版本)
yum install centos-release-openstack-queens -y
#看见complete则表示成功了(完成了)
yum upgrade
#看见complete则表示成功了(完成了)
yum install python-openstackclient -y
#看见complete则表示成功了(完成了)
yum install openstack-selinux -y
#看见complete则表示成功了(完成了)
1.创建keystone数据库并授权
mysql -u root -p
CREATE DATABASE keystone;
GRANT ALL PRIVILEGES ON keystone.* TO ‘keystone’@‘localhost’ IDENTIFIED BY ‘keystone’;
GRANT ALL PRIVILEGES ON keystone.* TO ‘keystone’@’%’ IDENTIFIED BY ‘keystone’;
GRANT ALL PRIVILEGES ON keystone.* TO ‘keystone’@‘openstackcontroller’ IDENTIFIED BY ‘keystone’;
2.安装、配置组件
yum install openstack-keystone httpd mod_wsgi -y
生成一个随机值在初始的配置中作为管理员的令牌
此处我报错了
我们此处强制安装
yum install -y python2-qpid-proton-0.22.0-1.el7.x86_64
#看见complete则表示成功了(完成了)
安装包python2-qpid-proton-0.22.0-1.el7.x86_64后再次安装、配置组件
yum install openstack-keystone httpd mod_wsgi -y
可以看到complete,安装成功了
openssl rand -hex 10
得到admin_token = xxxxxxxxx
3.编辑 /etc/keystone/keystone.conf
[DEFAULT]
admin_token = xxxxxx #输入你上面获得的令牌
[database]
connection = mysql+pymysql://keystone:PASSWORD@controller/keystone
[token]
provider = fernet
4.初始化数据库
keystone-manage db_sync
5.初始化Fernet密钥库以生成令牌
keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
6.对Keystone应用Bootstrap框架执行初始化操作 引导身份认证服务(此处为一行代码)
keystone-manage bootstrap --bootstrap-password keystone --bootstrap-admin-url http://controller:5000/v3/ --bootstrap-internal-url http://controller:5000/v3/ --bootstrap-public-url http://controller:5000/v3/ --bootstrap-region-id RegionOne
7.配置Apache HTTP服务器
1)编辑/etc/httpd/conf/httpd.conf文件,配置ServerName选项,使其指向控制节点
ServerName controller
vim /etc/httpd/conf/httpd.conf
2)创建一个到/usr/share/keystone/wsgi-keystone.conf文件的链接文件
ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/
3)systemctl enable httpd
systemctl start httpd
验证是否成功:
三种,缺一不可:
法一:网页输入虚拟机ip会出现下图的页面
法二:
法三:
没有发现密码,所以我们进行下面的操作。设置环境变量,配置管理员账户和密码
4)设置环境变量,配置管理员账户
export OS_USERNAME=admin
export OS_PASSWORD=ADMIN_PASS
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://controller:35357/v3
export OS_IDENTITY_API_VERSION=3
将其中的ADMIN_PASS替换为上述keystone-manage bootstrap命令中使用的密码
可以看见结果出来了,成功了
