zoukankan      html  css  js  c++  java

  • 3. Configure the Identity Service

    Controller Node:
    安装认证服务:
    1. sudo apt-get install keystone
     
    2. sudo vi /etc/keystone/keystone.conf
    [database]
    # The SQLAlchemy connection string used to connect to the database
    connection = mysql://keystone:KEYSTONE_DBPASS@controller/keystone
     
    3. sudo rm /var/lib/keystone/keystone.db
     
    4. 创建数据库
    mysql -u root -p
    CREATE DATABASE keystone;
    GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'KEYSTONE_DBPASS'; 
    GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%'  IDENTIFIED BY 'KEYSTONE_DBPASS'; 
     
    5. su -s /bin/sh -c "keystone-manage db_sync" keystone
     
    6. openssl rand -hex 10
     
    7. sudo vi /etc/keystone/keystone.conf
    [DEFAULT]
    admin_token = ADMIN_TOKEN (用6中生成的字符串替换这里)
    log_dir = /var/log/keystone
     
    8. sudo service keystone restart
     
    创建用户,租户,角色:
    1. 
    export OS_SERVICE_TOKEN=ADMIN_TOKEN
    export OS_SERVICE_ENDPOINT=http://controller:35357/v2.0
     
    2. 创建管理员
    keystone user-create --name=admin --pass=ADMIN_PASS --email=ADMIN_EMAIL
    keystone role-create --name=admin
    keystone tenant-create --name=admin --description="Admin Tenant"
    keystone user-role-add --user=admin --tenant=admin --role=admin
    keystone user-role-add --user=admin --role=_member_ --tenant=admin
     
    3. 创建普通用户
    keystone user-create --name=demo --pass=DEMO_PASS --email=DEMO_EMAIL
    keystone tenant-create --name=demo --description="Demo Tenant"
    keystone user-role-add --user=demo --role=_member_ --tenant=demo
     
    4. 创建服务租户
    keystone tenant-create --name=service --description="Service Tenant"
     
    定义服务和应用程序接口:
    1. keystone service-create --name=keystone --type=identity --description="OpenStack Identity"
    2. keystone endpoint-create
      --service-id=$(keystone service-list | awk '/ identity / {print $2}')
      --publicurl=http://controller:5000/v2.0
      --internalurl=http://controller:5000/v2.0
      --adminurl=http://controller:35357/v2.0
     
    验证认证服务是否安装成功:
    1. unset OS_SERVICE_TOKEN OS_SERVICE_ENDPOINT
     
    2. keystone --os-username=admin --os-password=ADMIN_PASS --os-auth-url=http://controller:35357/v2.0 token-get
     
    3. keystone --os-username=admin --os-password=ADMIN_PASS
      --os-tenant-name=admin --os-auth-url=http://controller:35357/v2.0
      token-get
     
    4. sudo vi admin-openrc.sh
    export OS_USERNAME=admin
    export OS_PASSWORD=ADMIN_PASS
    export OS_TENANT_NAME=admin
    export OS_AUTH_URL=http://controller:35357/v2.0
     
    5. source admin-openrc.sh
     
    6. keystone token-get
     
    7. keystone user-list
     
    8. keystone user-role-list --user admin --tenant admin
  • 相关阅读:
    LeetCode 40. 组合总和 II(Combination Sum II)
    LeetCode 129. 求根到叶子节点数字之和(Sum Root to Leaf Numbers)
    LeetCode 60. 第k个排列(Permutation Sequence)
    LeetCode 47. 全排列 II(Permutations II)
    LeetCode 46. 全排列(Permutations)
    LeetCode 93. 复原IP地址(Restore IP Addresses)
    LeetCode 98. 验证二叉搜索树(Validate Binary Search Tree)
    LeetCode 59. 螺旋矩阵 II(Spiral Matrix II)
    一重指针和二重指针
    指针的意义
  • 原文地址:https://www.cnblogs.com/IvanChen/p/4489386.html
Copyright © 2011-2022 走看看