• OpenStack Trail 部署文档(三)部署Keystone服务

    身份验证服务Keystone

    官方文档:https://docs.openstack.org/keystone/train/install/ 

    1、初始化数据库

    MariaDB [(none)]> CREATE DATABASE keystone;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'keystone123';

    2、安装Keystone

    [root@openstack-controller ~]# yum install openstack-keystone httpd mod_wsgi

    3、编辑配置文件:/etc/keystone/keystone.conf

    [database]
connection = mysql+pymysql://keystone:keystone123@openstack-controller.local/keystone
......
[token]
expiration = 3600
provider = fernet
......

    4、初始化数据库:

    [root@openstack-controller ~]# su -s /bin/sh -c "keystone-manage db_sync" keystone

    5、初始化密钥库:

    [root@openstack-controller ~]# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
[root@openstack-controller ~]# keystone-manage credential_setup --keystone-user keystone --keystone-group keystone

    6、创建身份服务:

    [root@openstack-controller ~]# keystone-manage bootstrap --bootstrap-password admin --bootstrap-admin-url http://openstack-controller.local:5000/v3/ --bootstrap-internal-url http://openstack-controller.local:5000/v3/ --bootstrap-public-url http://openstack-controller.local:5000/v3/ --bootstrap-region-id RegionOne

    7、配置Apache服务器: /etc/httpd/conf/httpd.conf

    ......
ServerName openstack-controller.local:80

    8、完成安装启动服务

    [root@openstack-controller ~]#  systemctl enable httpd.service
[root@openstack-controller ~]#  systemctl start httpd.service

    服务重启方法:systemctl restart httpd
    日志存放路径:/var/log/httpd/keystone.log

    用于验证身份的环境变量:/root/admin.sh

    #!/bin/bash
export OS_USERNAME=admin
export OS_PASSWORD=admin 
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://openstack-controller.local:5000/v3 
export OS_IDENTITY_API_VERSION=3

    服务验证方法:
    [root@openstack-controller ~]# source admin.sh
    [root@openstack-controller ~]# openstack user list

    创建测试domain:
    [root@openstack-controller ~]# openstack domain create --description "An Example Domain" example 
    创建service项目:
    [root@openstack-controller ~]# openstack project create --domain default --description "Service Project" service
    查看创建的domain:
    [root@openstack-controller ~]# openstack domain list
  • 相关阅读:
    Node Express 快速上手
    iPhone开发地图线路关键代码分享
    [转]iPhone本地化总结
    【转】iOS应用view之间数据传递的方式
    优化UITableView cell的滚动速度
    【转】实现Fruit Ninja 的刀光效果
    iOS开发相关资源
    temporary
    _In_ 是什么意思
    Using Run-Time Dynamic Linking(使用运行时动态链接库)
  • 原文地址:https://www.cnblogs.com/wubolive/p/14393472.html
Copyright © 2020-2023  润新知