OpenStack:安装Keystone
>安装Keystone
1. 安装
# apt-get install keystone
2. 创建db
create database keystone;
grant all privileges on keystone.* to 'keystone'@'%' identified by 'openstack';
grant all privileges on keystone.* to 'keystone'@'localhost' identified by 'openstack';
3. 配置/etc/keystone/keystone.conf
[sql]
# The SQLAlchemy connection string used to connect to the database
connection = mysql://keystone:openstack@controller/keystone
rm -f /var/lib/keystone/keystone.db
4. 初始表:
# keystone-manage db_sync
5. 重启keystone服务.
# service keystone restart
6. 首次super用户登陆:
在/etc/keystone/keystone.conf设置admin_token
[DEFAULT]
# A "shared secret" between keystone and other openstack services
admin_token = openstack
然后设置环境变量:
# export OS_SERVICE_TOKEN=openstack
# export OS_SERVICE_ENDPOINT=http://controller:35357/v2.0
7. 注册:service,endpoint.
keystone service-create \
--name=keystone --type=identity \
--description="Keystone Identity Service";
keystone endpoint-create \
--service-id=189ad72176dc41829d2fa40a65fd86b8 \
--publicurl=http://controller:5000/v2.0 \
--internalurl=http://controller:5000/v2.0 \
--adminurl=http://controller:35357/v2.0;
8. 顺便创建Admin, 之后super要注释
# keystone tenant-create --name=admin --description="Admin Tenant"
# keystone user-create --name=admin --pass=openstack
# keystone role-create --name=admin
# keystone user-role-add --user=admin --tenant=admin --role=admin
-------------------------------------
9. 顺便创建普通用户
# keystone tenant-create --name=game --description="Game Tenant"
# keystone user-create --name=game --pass=openstack
# keystone user-role-add --user=game --tenant=game --role=_member_
# keystone user-role-list --tenant game --user game