-
下载安装openstack软件仓库(queens版本)
yum install centos-release-openstack-queens -y
yum upgrade
yum install python-openstackclient -y
yum install openstack-selinux -y -
创建keystone数据库并授权
mysql -u root -p
CREATE DATAbase keystone;
GRANT ALL PRIVILEGES ON keystone.* TO ‘keystone’@‘localhost’ IDENTIFIED BY ‘123456’;
GRANT ALL PRIVILEGES ON keystone.* TO ‘keystone’@’%’ IDENTIFIED BY ‘123456’;
GRANT ALL PRIVILEGES ON keystone.* TO ‘keystone’@‘openstackcontroller’ IDENTIFIED BY ‘123456’;
(这里keystone是用户名,openstackcontroller是主机名,123456是密码)
- 安装、配置组件
yum install openstack-keystone httpd mod_wsgi -y
如果安装出现错误试一试强行安装
yum install -y python2-qpid-proton-0.22.0-1.el7.x86_64
再尝试openstack-keystone httpd mod_wsgi -y
生成一个随机值在初始的配置中作为管理员的令牌
openssl rand -hex 10
得到admin_token = xxxxxxxxx
3. 编辑 /etc/keystone/keystone.conf
[DEFAULT]
admin_token = xxxxxx #输入你上面获得的令牌
[database]
connection = mysql+pymysql://keystone:PASSWORD@controller/keystone
[token]
provider = fernet
(mysql+pymysql://keystone:PASSWORD@controller/keystone其中PASSWORD是密码,controller换成IP地址)
4. 初始化数据库
su -s /bin/sh -c “keystone-manage db_sync” keystone
keystone-manage db_sync
(这两个命令选择一个就可以)
5. 初始化Fernet密钥库以生成令牌
keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
- 对Keystone应用Bootstrap框架执行初始化操作 引导身份认证服务
keystone-manage bootstrap --bootstrap-password keystone --bootstrap-admin-url http://controller:5000/v3/ --bootstrap-internal-url http://controller:5000/v3/ --bootstrap-public-url http://controller:5000/v3/ --bootstrap-region-id RegionOne
(这里所有的controller都换成本机IP,bootstrap-password keystone处的password是自己的密码)
7. 配置Apache HTTP服务器
1)编辑/etc/httpd/conf/httpd.conf文件,配置ServerName选项,使其指向控制节点
ServerName controller
2)创建一个到/usr/share/keystone/wsgi-keystone.conf文件的链接文件
ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/
3)systemctl enable httpd
systemctl start httpd
4)设置环境变量,配置管理员账户
export OS_USERNAME=admin
export OS_PASSWORD=ADMIN_PASS #改成自己的密码
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://controller:5000/v3 #controller 改成IP
export OS_IDENTITY_API_VERSION=3
将其中的ADMIN_PASS替换为上述keystone-manage bootstrap命令中使用的密码
然后用IP查看
查看数据库内的表可以查找到20+的表
