Centos7手动安装OpenStack Mitaka版本--KeyStone安装

本文涉及的产品
云数据库 RDS MySQL,集群版 2核4GB 100GB
推荐场景:
搭建个人博客
RDS MySQL Serverless 基础系列,0.5-2RCU 50GB
云数据库 RDS MySQL,高可用版 2核4GB 50GB
简介:

按照官方文档手动安装的话,基本上是复制粘贴的过程,小心点的话基本上能安装成功!如果报错我基本上干掉重来,我使用的是VM,有快照的...


创建Keystne数据库

[root@openstack-3 ~]# mysql -uroot -pzoomtech -e "CREATE DATABASE keystone"

[root@openstack-3 ~]# mysql -uroot -pzoomtech -e "GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'openstack'"

[root@openstack-3 ~]# mysql -uroot -pzoomtech -e "GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'openstack'"


[root@openstack-3 ~]# openssl rand -hex 10        #这步也可以不做

99ae168d4e7fd9b8434c


安装Keystone和Apache

[root@openstack-3 ~]# yum install openstack-keystone httpd mod_wsgi -y

[root@openstack-3 ~]# vim /etc/keystone/keystone.conf

[DEFAULT]

admin_token = nova

[database]

connection = mysql+pymysql://keystone:openstack@controller/keystone

[token]

provider = fernet


#同步Keystone数据库

[root@openstack-3 ~]# su -s /bin/sh -c "keystone-manage db_sync" keystone  

[root@openstack-3 ~]# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone


配置http服务器

[root@openstack-3 ~]# vim /etc/httpd/conf/httpd.conf

ServerName controller

[root@openstack-3 openstack]# vim /etc/httpd/conf.d/wsgi-keystone.conf

Listen 5000

Listen 35357

<VirtualHost *:5000>

    WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}

    WSGIProcessGroup keystone-public

    WSGIScriptAlias / /usr/bin/keystone-wsgi-public

    WSGIApplicationGroup %{GLOBAL}

    WSGIPassAuthorization On

    ErrorLogFormat "%{cu}t %M"

    ErrorLog /var/log/httpd/keystone-error.log

    CustomLog /var/log/httpd/keystone-access.log combined

    <Directory /usr/bin>

        Require all granted

    </Directory>

</VirtualHost>

<VirtualHost *:35357>

    WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}

    WSGIProcessGroup keystone-admin

    WSGIScriptAlias / /usr/bin/keystone-wsgi-admin

    WSGIApplicationGroup %{GLOBAL}

    WSGIPassAuthorization On

    ErrorLogFormat "%{cu}t %M"

    ErrorLog /var/log/httpd/keystone-error.log

    CustomLog /var/log/httpd/keystone-access.log combined

    <Directory /usr/bin>

        Require all granted

    </Directory>

</VirtualHost>


启动httpd

[root@openstack-3 openstack]# systemctl enable httpd.service

[root@openstack-3 openstack]# systemctl start httpd.service

[root@controller openstack]# ps aux | grep apache


Create the service entity and API endpoints

[root@openstack-3 openstack]# export OS_TOKEN=nova

[root@openstack-3 openstack]# export OS_URL=http://controller:35357/v3

[root@openstack-3 openstack]# export OS_IDENTITY_API_VERSION=3      


[root@openstack-3 ~]# openstack service create --name keystone --description "OpenStack Identity" identity

An unexpected error prevented the server from fulfilling your request. (HTTP 500) (Request-ID: req-e5e48c37-c638-4f3f-8bc2-a2f8d7d695c1)

[root@openstack-3 ~]#如果报上面错误,执行下面语句同步数据库可能会解决掉,我这样做是可以的。

[root@openstack-3 ~]# keystone-manage db_sync


[root@openstack-3 ~]# openstack service create --name keystone --description "OpenStack Identity" identity


创建EndPonit

[root@openstack-3 ~]# openstack endpoint create --region RegionOne identity public http://controller:5000/v3

[root@openstack-3 ~]# openstack endpoint create --region RegionOne identity internal http://controller:5000/v3

[root@openstack-3 ~]# openstack endpoint create --region RegionOne identity admin http://controller:35357/v3


命令输出如下:

[root@controller openstack]# openstack service create --name keystone --description "OpenStack Identity" identity

+-------------+----------------------------------+

| Field       | Value                            |

+-------------+----------------------------------+

| description | OpenStack Identity               |

| enabled     | True                             |

| id          | 71f18b0924e840fdb059a4f8b4a5f44b |

| name        | keystone                         |

| type        | identity                         |

+-------------+----------------------------------+

[root@controller openstack]# openstack endpoint create --region RegionOne identity public http://controller:5000/v3

+--------------+----------------------------------+

| Field        | Value                            |

+--------------+----------------------------------+

| enabled      | True                             |

| id           | b3a9aa4be69b4316823acc38bf56395f |

| interface    | public                           |

| region       | RegionOne                        |

| region_id    | RegionOne                        |

| service_id   | 71f18b0924e840fdb059a4f8b4a5f44b |

| service_name | keystone                         |

| service_type | identity                         |

| url          | http://controller:5000/v3        |

+--------------+----------------------------------+

[root@controller openstack]# openstack endpoint create --region RegionOne identity internal http://controller:5000/v3

+--------------+----------------------------------+

| Field        | Value                            |

+--------------+----------------------------------+

| enabled      | True                             |

| id           | 262b152352314e1b97486d6d98d207bc |

| interface    | internal                         |

| region       | RegionOne                        |

| region_id    | RegionOne                        |

| service_id   | 71f18b0924e840fdb059a4f8b4a5f44b |

| service_name | keystone                         |

| service_type | identity                         |

| url          | http://controller:5000/v3        |

+--------------+----------------------------------+

[root@controller openstack]#

[root@controller openstack]# openstack endpoint create --region RegionOne identity admin http://controller:35357/v3

+--------------+----------------------------------+

| Field        | Value                            |

+--------------+----------------------------------+

| enabled      | True                             |

| id           | a0d00e25ffba43adbc17cd741ea68d9f |

| interface    | admin                            |

| region       | RegionOne                        |

| region_id    | RegionOne                        |

| service_id   | 71f18b0924e840fdb059a4f8b4a5f44b |

| service_name | keystone                         |

| service_type | identity                         |

| url          | http://controller:35357/v3       |

+--------------+----------------------------------+

[root@controller openstack]#

 

创建域,项目,用户,角色

创建ADMIN

[root@openstack-3 ~]# openstack domain create --description "Default Domain" default

[root@openstack-3 ~]# openstack project create --domain default --description "Admin Project" admin

[root@openstack-3 ~]# openstack user create --domain default --password-prompt admin

User Password:  openpass

Repeat User Password: openpass

[root@openstack-3 ~]# openstack role create admin

[root@openstack-3 ~]# openstack role add --project admin --user admin admin


创建ADMIN 命令输出如下:

[root@controller openstack]# openstack domain create --description "Default Domain" default

+-------------+----------------------------------+

| Field       | Value                            |

+-------------+----------------------------------+

| description | Default Domain                   |

| enabled     | True                             |

| id          | a7585a6dc02547f69e322438df0a35b7 |

| name        | default                          |

+-------------+----------------------------------+

[root@controller openstack]# openstack project create --domain default --description "Admin Project" admin

+-------------+----------------------------------+

| Field       | Value                            |

+-------------+----------------------------------+

| description | Admin Project                    |

| domain_id   | a7585a6dc02547f69e322438df0a35b7 |

| enabled     | True                             |

| id          | c6e00eeb19dc488a98b4cda9c1d47a67 |

| is_domain   | False                            |

| name        | admin                            |

| parent_id   | a7585a6dc02547f69e322438df0a35b7 |

+-------------+----------------------------------+

[root@controller openstack]# openstack user create --domain default --password-prompt admin

User Password:opensack

Repeat User Password:opensack

+-----------+----------------------------------+

| Field     | Value                            |

+-----------+----------------------------------+

| domain_id | a7585a6dc02547f69e322438df0a35b7 |

| enabled   | True                             |

| id        | 4684290676cb4353b201ba34c82f3266 |

| name      | admin                            |

+-----------+----------------------------------+

[root@controller openstack]# openstack role create admin

+-----------+----------------------------------+

| Field     | Value                            |

+-----------+----------------------------------+

| domain_id | None                             |

| id        | 10ebb2ab331741d4b5639d8e2f8affd7 |

| name      | admin                            |

+-----------+----------------------------------+

[root@controller openstack]# openstack role add --project admin --user admin admin

[root@controller openstack]#


创建DEMO

[root@openstack-3 ~]# openstack project create --domain default --description "Service Project" service

[root@openstack-3 ~]# openstack project create --domain default --description "Demo Project" demo

[root@openstack-3 ~]# openstack user create --domain default --password-prompt demo

User Password: openpass

Repeat User Password:openpass

[root@openstack-3 ~]# openstack role create user

[root@openstack-3 ~]# openstack role add --project demo --user demo user


创建DEMO命令输出如下:

[root@controller openstack]# openstack project create --domain default --description "Service Project" service

+-------------+----------------------------------+

| Field       | Value                            |

+-------------+----------------------------------+

| description | Service Project                  |

| domain_id   | a7585a6dc02547f69e322438df0a35b7 |

| enabled     | True                             |

| id          | f7f43b236c554912a1403b51308ce335 |

| is_domain   | False                            |

| name        | service                          |

| parent_id   | a7585a6dc02547f69e322438df0a35b7 |

+-------------+----------------------------------+

[root@controller openstack]# openstack project create --domain default --description "Demo Project" demo

+-------------+----------------------------------+

| Field       | Value                            |

+-------------+----------------------------------+

| description | Demo Project                     |

| domain_id   | a7585a6dc02547f69e322438df0a35b7 |

| enabled     | True                             |

| id          | d1bebf9cd232413784f0d2dd11b5cccb |

| is_domain   | False                            |

| name        | demo                             |

| parent_id   | a7585a6dc02547f69e322438df0a35b7 |

+-------------+----------------------------------+

[root@controller openstack]# openstack user create --domain default --password-prompt demo

User Password:

User Password:

Repeat User Password:

+-----------+----------------------------------+

| Field     | Value                            |

+-----------+----------------------------------+

| domain_id | a7585a6dc02547f69e322438df0a35b7 |

| enabled   | True                             |

| id        | 47ee72bc938f4837aff59b1aea259151 |

| name      | demo                             |

+-----------+----------------------------------+

[root@controller openstack]# openstack role create user

+-----------+----------------------------------+

| Field     | Value                            |

+-----------+----------------------------------+

| domain_id | None                             |

| id        | 29d5319ab8a84ef783d7bac411b5d1cf |

| name      | user                             |

+-----------+----------------------------------+

[root@controller openstack]# openstack role add --project demo --user demo user

[root@controller openstack]#


基本安装完成,下面检查Keystone服务安装是否正常

 [root@openstack-3 openstack]# unset OS_TOKEN OS_URL

[root@openstack-3 openstack]# openstack --os-auth-url http://controller:35357/v3 --os-project-domain-name default --os-user-domain-name default --os-project-name admin --os-username admin token issue

Password: openpass

+------------+----------------------------------+

| Field      | Value                            |

+------------+----------------------------------+

| expires    | 2016-08-25T10:46:30.718408Z      |

| id         | 95428a3859844f85be75324fc019df5c |

| project_id | fa42862973b645cb92e1eef65849d7f0 |

| user_id    | 4555c09cb5af498da08c8db5e2478271 |

+------------+----------------------------------+

[root@openstack-3 openstack]# openstack --os-auth-url http://controller:5000/v3 --os-project-domain-name default --os-user-domain-name default --os-project-name demo --os-username demo token issue

Password:openpass

+------------+----------------------------------+

| Field      | Value                            |

+------------+----------------------------------+

| expires    | 2016-08-25T10:52:27.747840Z      |

| id         | a656497c53b84a3498fec04a34782192 |

| project_id | 3e63b063d87e4c96a17e0bb0dd37b283 |

| user_id    | 13b1033c0d724c019a7fe6826e687d03 |

+------------+----------------------------------+


创建admin-openrc脚本

[root@openstack-3 openstack]# vim admin-openrc

export OS_PROJECT_DOMAIN_NAME=default

export OS_USER_DOMAIN_NAME=default

export OS_PROJECT_NAME=admin

export OS_USERNAME=admin

export OS_PASSWORD=openpass

export OS_AUTH_URL=http://controller:35357/v3

export OS_IDENTITY_API_VERSION=3

export OS_IMAGE_API_VERSION=2


创建demo-openrc脚本

[root@openstack-3 openstack]# vim demo-openrc

export OS_PROJECT_DOMAIN_NAME=default

export OS_USER_DOMAIN_NAME=default

export OS_PROJECT_NAME=demo

export OS_USERNAME=demo

export OS_PASSWORD=DEMO_PASS

export OS_AUTH_URL=http://controller:5000/v3

export OS_IDENTITY_API_VERSION=3

export OS_IMAGE_API_VERSION=2


[root@openstack-3 openstack]# source admin-openrc

[root@openstack-3 openstack]# openstack token issue

+------------+----------------------------------+

| Field      | Value                            |

+------------+----------------------------------+

| expires    | 2016-08-26T02:16:13.904899Z      |

| id         | 01a61af82f6c46eb93acdd343f197fad |

| project_id | fa42862973b645cb92e1eef65849d7f0 |

| user_id    | 4555c09cb5af498da08c8db5e2478271 |

+------------+----------------------------------+

到此,Keystone安装完成




本文转自 OpenStack2015 51CTO博客,原文链接:http://blog.51cto.com/andyliu/1845085,如需转载请自行联系原作者

相关实践学习
如何在云端创建MySQL数据库
开始实验后,系统会自动创建一台自建MySQL的 源数据库 ECS 实例和一台 目标数据库 RDS。
全面了解阿里云能为你做什么
阿里云在全球各地部署高效节能的绿色数据中心,利用清洁计算为万物互联的新世界提供源源不断的能源动力,目前开服的区域包括中国(华北、华东、华南、香港)、新加坡、美国(美东、美西)、欧洲、中东、澳大利亚、日本。目前阿里云的产品涵盖弹性计算、数据库、存储与CDN、分析与搜索、云通信、网络、管理与监控、应用服务、互联网中间件、移动服务、视频服务等。通过本课程,来了解阿里云能够为你的业务带来哪些帮助 &nbsp; &nbsp; 相关的阿里云产品:云服务器ECS 云服务器 ECS(Elastic Compute Service)是一种弹性可伸缩的计算服务,助您降低 IT 成本,提升运维效率,使您更专注于核心业务创新。产品详情: https://www.aliyun.com/product/ecs
相关文章
|
12天前
|
Linux 虚拟化 数据安全/隐私保护
部署05-VMwareWorkstation中安装CentOS7 Linux操作系统, VMware部署CentOS系统第一步,下载Linux系统,/不要忘, CentOS -7-x86_64-DVD
部署05-VMwareWorkstation中安装CentOS7 Linux操作系统, VMware部署CentOS系统第一步,下载Linux系统,/不要忘, CentOS -7-x86_64-DVD
|
5天前
|
存储 Linux 网络安全
Centos安装Docker的详细安装步骤,Docker相关组件:docker-ce-cli、docker-ce和containerd.io的区别
Centos安装Docker的详细安装步骤,Docker相关组件:docker-ce-cli、docker-ce和containerd.io的区别;CentOS7安装DockerCompose;Docker镜像仓库
159 11
|
11天前
|
应用服务中间件 Linux 网络安全
CentOS 7 上安装 Nginx
在 CentOS 7 上安装 Nginx 的步骤包括:添加 EPEL 仓库,安装 Nginx,启动 Nginx,配置防火墙规则,最后通过访问服务器 IP 验证安装是否成功
|
12天前
|
关系型数据库 MySQL Linux
Linux部署实战前言,MySQL在CentOS安装【单机软件】,MySQL的安装需要root权限,yum install mysql,systemctl enable mysqld开机自启的意思
Linux部署实战前言,MySQL在CentOS安装【单机软件】,MySQL的安装需要root权限,yum install mysql,systemctl enable mysqld开机自启的意思
|
12天前
|
SQL 关系型数据库 MySQL
MYSQL8.0在CentOS安装[单机软件]
MYSQL8.0在CentOS安装[单机软件]
|
13天前
|
关系型数据库 MySQL Linux
Centos7下在线安装mysql
【7 月更文挑战第 2 天】Centos7、mysql
|
15天前
|
Linux 网络安全 开发工具
旧手机别再换盆了,教你使用Linux Deploy安装CentOS
旧手机别再换盆了,教你使用Linux Deploy安装CentOS
13 0
|
2月前
|
缓存 关系型数据库 MySQL
百度搜索:蓝易云【CentOS8服务器安装MySQL报错:no match mysql-community-server】
现在,你已经成功安装了MySQL服务器并解决了"no match mysql-community-server"的报错问题。祝你使用愉快!
65 1
|
1月前
|
Linux 数据库管理 Python
CentOS7编译安装Python3.10(含OpenSSL1.1.1安装),创建虚拟环境,运行Django项目(含sqlite版本报错)
CentOS7编译安装Python3.10(含OpenSSL1.1.1安装),创建虚拟环境,运行Django项目(含sqlite版本报错)
192 4
|
7月前
|
Linux Shell Swift
django(二)centos安装django3.2报错SQLite 3.8.3 or later is required (found 3.7.17)
我正在参加「掘金·启航计划」 Centos安装diango3.2框架请参照《django(一)ubuntu18.04安装框架》 在运行: 复制代码 python3 manage.py runserver 0.0.0.0:81 的时候报错: swift 复制代码 django.core.exceptions.ImproperlyConfigured: SQLite 3.8.3 or later is required (found 3.7.17). 报错的大体意思是:对sqlite最低版本的需求的3.8.3,但是现在只找到了3.7.17。
89 1

热门文章

最新文章