1.安装keystone
# yum install -y openstack-keystone httpd mod_wsgi memcached python-memcached2.设置Memcache开启启动并启动Memcached
[root@linux-node1 ~]# systemctl enable memcached.service [root@linux-node1 ~]# vim /etc/sysconfig/memcached PORT="11211" USER="memcached" MAXCONN="1024" CACHESIZE="64" OPTIONS="-l 192.168.56.11,::1" [root@linux-node1 ~]# systemctl start memcached.service3.Keystone配置
1)配置KeyStone数据库
[root@linux-node1 ~]# vim /etc/keystone/keystone.conf [database] connection = mysql+pymysql://keystone:keystone@192.168.56.11/keystone
2)设置Token和Memcached
[token] provider = fernet
3).同步数据库:
[root@linux-node1 ~]# su -s /bin/sh -c "keystone-manage db_sync" keystone [root@linux-node1 ~]# mysql -h 192.168.56.11 -ukeystone -pkeystone -e " use keystone;show tables;"
4)初始化fernet keys
[root@linux-node1 ~]# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone [root@linux-node1 ~]# keystone-manage credential_setup --keystone-user keystone --keystone-group keystone5)初始化keystone
[root@linux-node1 ~]# keystone-manage bootstrap --bootstrap-password admin --bootstrap-admin-url http://192.168.56.11:35357/v3/ --bootstrap-internal-url http://192.168.56.11:35357/v3/ --bootstrap-public-url http://192.168.56.11:5000/v3/ --bootstrap-region-id RegionOne6).验证Keystone配置
[root@linux-node1 ~]# grep "^[a-z]" /etc/keystone/keystone.conf connection = mysql+pymysql://keystone:keystone@192.168.56.11/keystone provider = fernet7)KeyStone启动 [root@linux-node1 ~]# vim /etc/httpd/conf/httpd.conf
ServerName 192.168.56.11:80 创建配置文件 [root@linux-node1 ~]# ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/
启动keystone,并查看端口。
[root@linux-node1 ~]# systemctl enable httpd.service [root@linux-node1 ~]# systemctl start httpd.service
设置环境变量
[root@linux-node1 ~]# export OS_USERNAME=admin [root@linux-node1 ~]# export OS_PASSWORD=admin [root@linux-node1 ~]# export OS_PROJECT_NAME=admin [root@linux-node1 ~]# export OS_USER_DOMAIN_NAME=Default [root@linux-node1 ~]# export OS_PROJECT_DOMAIN_NAME=Default [root@linux-node1 ~]# export OS_AUTH_URL=http://192.168.56.11:35357/v3 [root@linux-node1 ~]# export OS_IDENTITY_API_VERSION=3
创建项目和demo用户
# openstack project create --domain default --description "Demo Project" demo # openstack user create --domain default --password demo demo # openstack role create user # openstack role add --project demo --user demo user
创建Service项目
# openstack project create --domain default --description "Service Project" service创建glance用户
# openstack user create --domain default --password glance glance # openstack role add --project service --user glance admin创建nova用户
# openstack user create --domain default --password nova nova # openstack role add --project service --user nova admin创建placement用户
# openstack user create --domain default --password placement placement # openstack role add --project service --user placement admin创建Neutron用户
# openstack user create --domain default --password neutron neutron # openstack role add --project service --user neutron admin创建cinder用户
# openstack user create --domain default --password cinder cinder # openstack role add --project service --user cinder admin
验证Keystone
[root@linux-node1 ~]# unset OS_AUTH_URL OS_PASSWORD [root@linux-node1 ~]# openstack --os-auth-url http://192.168.56.11:35357/v3 --os-project-domain-name default --os-user-domain-name default --os-project-name admin --os-username admin token issue Password: … [root@linux-node1 ~]# openstack --os-auth-url http://192.168.56.11:5000/v3 --os-project-domain-name default --os-user-domain-name default --os-project-name demo --os-username demo token issue Password:
[root@linux-node1 ~]# vim /root/admin-openstack.sh export OS_PROJECT_DOMAIN_NAME=Default export OS_USER_DOMAIN_NAME=Default export OS_PROJECT_NAME=admin export OS_USERNAME=admin export OS_PASSWORD=admin export OS_AUTH_URL=http://192.168.56.11:35357/v3 export OS_IDENTITY_API_VERSION=3 export OS_IMAGE_API_VERSION=2
[root@linux-node1 ~]# vim /root/demo-openstack.sh export OS_PROJECT_DOMAIN_NAME=Default export OS_USER_DOMAIN_NAME=Default export OS_PROJECT_NAME=demo export OS_USERNAME=demo export OS_PASSWORD=demo export OS_AUTH_URL=http://192.168.56.11:5000/v3 export OS_IDENTITY_API_VERSION=3 export OS_IMAGE_API_VERSION=2
[root@linux-node1 ~]# source admin-openstack.sh [root@linux-node1 ~]# openstack token issue [root@linux-node1 ~]# source demo-openstack.sh [root@linux-node1 ~]# openstack token issue