Centos7手动安装OpenStack Mitaka版本--KeyStone安装
按照官方文檔手動安裝的話,基本上是復制粘貼的過程,小心點的話基本上能安裝成功!如果報錯我基本上干掉重來,我使用的是VM,有快照的...
創(chuàng)建Keystne數(shù)據(jù)庫
[root@openstack-3 ~]# mysql -uroot -pzoomtech -e "CREATE DATABASE keystone"
[root@openstack-3 ~]# mysql -uroot -pzoomtech -e "GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'openstack'"
[root@openstack-3 ~]# mysql -uroot -pzoomtech -e "GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'openstack'"
[root@openstack-3 ~]# openssl rand -hex 10????????#這步也可以不做
99ae168d4e7fd9b8434c
安裝Keystone和Apache
[root@openstack-3 ~]# yum install openstack-keystone httpd mod_wsgi -y
[root@openstack-3 ~]# vim /etc/keystone/keystone.conf
[DEFAULT]
admin_token = nova
[database]
connection = mysql+pymysql://keystone:openstack@controller/keystone
[token]
provider =?fernet
#同步Keystone數(shù)據(jù)庫
[root@openstack-3 ~]# su -s /bin/sh -c "keystone-manage db_sync" keystone ?
[root@openstack-3 ~]# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
配置http服務器
[root@openstack-3 ~]# vim /etc/httpd/conf/httpd.conf
ServerName controller
[root@openstack-3 openstack]# vim /etc/httpd/conf.d/wsgi-keystone.conf
Listen 5000
Listen 35357
<VirtualHost *:5000>
? ? WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
? ? WSGIProcessGroup keystone-public
? ? WSGIScriptAlias / /usr/bin/keystone-wsgi-public
? ? WSGIApplicationGroup %{GLOBAL}
? ? WSGIPassAuthorization On
? ? ErrorLogFormat "%{cu}t %M"
? ? ErrorLog /var/log/httpd/keystone-error.log
? ? CustomLog /var/log/httpd/keystone-access.log combined
? ? <Directory /usr/bin>
? ? ? ? Require all granted
? ? </Directory>
</VirtualHost>
<VirtualHost *:35357>
? ? WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
? ? WSGIProcessGroup keystone-admin
? ? WSGIScriptAlias / /usr/bin/keystone-wsgi-admin
? ? WSGIApplicationGroup %{GLOBAL}
? ? WSGIPassAuthorization On
? ? ErrorLogFormat "%{cu}t %M"
? ? ErrorLog /var/log/httpd/keystone-error.log
? ? CustomLog /var/log/httpd/keystone-access.log combined
? ? <Directory /usr/bin>
? ? ? ? Require all granted
? ? </Directory>
</VirtualHost>
啟動httpd
[root@openstack-3 openstack]# systemctl enable httpd.service
[root@openstack-3 openstack]# systemctl start httpd.service
[root@controller openstack]# ps aux | grep apache
Create the service entity and API endpoints
[root@openstack-3 openstack]# export OS_TOKEN=nova
[root@openstack-3 openstack]# export OS_URL=http://controller:35357/v3
[root@openstack-3 openstack]# export OS_IDENTITY_API_VERSION=3 ? ? ?
[root@openstack-3 ~]# openstack service create --name keystone --description "OpenStack Identity" identity
An unexpected error prevented the server from fulfilling your request. (HTTP 500) (Request-ID: req-e5e48c37-c638-4f3f-8bc2-a2f8d7d695c1)
[root@openstack-3 ~]#如果報上面錯誤,執(zhí)行下面語句同步數(shù)據(jù)庫可能會解決掉,我這樣做是可以的。
[root@openstack-3 ~]# keystone-manage db_sync
[root@openstack-3 ~]# openstack service create --name keystone --description "OpenStack Identity" identity
創(chuàng)建EndPonit
[root@openstack-3 ~]# openstack endpoint create --region RegionOne identity public http://controller:5000/v3
[root@openstack-3 ~]# openstack endpoint create --region RegionOne identity internal http://controller:5000/v3
[root@openstack-3 ~]# openstack endpoint create --region RegionOne identity admin?http://controller:35357/v3
命令輸出如下:
[root@controller openstack]# openstack service create --name keystone --description "OpenStack Identity" identity
+-------------+----------------------------------+
| Field? ? ? ?| Value? ? ? ? ? ? ? ? ? ? ? ? ? ? |
+-------------+----------------------------------+
| description | OpenStack Identity? ? ? ? ? ? ? ?|
| enabled? ? ?| True? ? ? ? ? ? ? ? ? ? ? ? ? ? ?|
| id? ? ? ? ? | 71f18b0924e840fdb059a4f8b4a5f44b |
| name? ? ? ? | keystone? ? ? ? ? ? ? ? ? ? ? ? ?|
| type? ? ? ? | identity? ? ? ? ? ? ? ? ? ? ? ? ?|
+-------------+----------------------------------+
[root@controller openstack]# openstack endpoint create --region RegionOne identity public http://controller:5000/v3
+--------------+----------------------------------+
| Field? ? ? ? | Value? ? ? ? ? ? ? ? ? ? ? ? ? ? |
+--------------+----------------------------------+
| enabled? ? ? | True? ? ? ? ? ? ? ? ? ? ? ? ? ? ?|
| id? ? ? ? ? ?| b3a9aa4be69b4316823acc38bf56395f |
| interface? ? | public? ? ? ? ? ? ? ? ? ? ? ? ? ?|
| region? ? ? ?| RegionOne? ? ? ? ? ? ? ? ? ? ? ? |
| region_id? ? | RegionOne? ? ? ? ? ? ? ? ? ? ? ? |
| service_id? ?| 71f18b0924e840fdb059a4f8b4a5f44b |
| service_name | keystone? ? ? ? ? ? ? ? ? ? ? ? ?|
| service_type | identity? ? ? ? ? ? ? ? ? ? ? ? ?|
| url? ? ? ? ? | http://controller:5000/v3? ? ? ? |
+--------------+----------------------------------+
[root@controller openstack]# openstack endpoint create --region RegionOne identity internal http://controller:5000/v3
+--------------+----------------------------------+
| Field? ? ? ? | Value? ? ? ? ? ? ? ? ? ? ? ? ? ? |
+--------------+----------------------------------+
| enabled? ? ? | True? ? ? ? ? ? ? ? ? ? ? ? ? ? ?|
| id? ? ? ? ? ?| 262b152352314e1b97486d6d98d207bc |
| interface? ? | internal? ? ? ? ? ? ? ? ? ? ? ? ?|
| region? ? ? ?| RegionOne? ? ? ? ? ? ? ? ? ? ? ? |
| region_id? ? | RegionOne? ? ? ? ? ? ? ? ? ? ? ? |
| service_id? ?| 71f18b0924e840fdb059a4f8b4a5f44b |
| service_name | keystone? ? ? ? ? ? ? ? ? ? ? ? ?|
| service_type | identity? ? ? ? ? ? ? ? ? ? ? ? ?|
| url? ? ? ? ? | http://controller:5000/v3? ? ? ? |
+--------------+----------------------------------+
[root@controller openstack]#
[root@controller openstack]# openstack endpoint create --region RegionOne identity admin http://controller:35357/v3
+--------------+----------------------------------+
| Field? ? ? ? | Value? ? ? ? ? ? ? ? ? ? ? ? ? ? |
+--------------+----------------------------------+
| enabled? ? ? | True? ? ? ? ? ? ? ? ? ? ? ? ? ? ?|
| id? ? ? ? ? ?| a0d00e25ffba43adbc17cd741ea68d9f |
| interface? ? | admin? ? ? ? ? ? ? ? ? ? ? ? ? ? |
| region? ? ? ?| RegionOne? ? ? ? ? ? ? ? ? ? ? ? |
| region_id? ? | RegionOne? ? ? ? ? ? ? ? ? ? ? ? |
| service_id? ?| 71f18b0924e840fdb059a4f8b4a5f44b |
| service_name | keystone? ? ? ? ? ? ? ? ? ? ? ? ?|
| service_type | identity? ? ? ? ? ? ? ? ? ? ? ? ?|
| url? ? ? ? ? | http://controller:35357/v3? ? ? ?|
+--------------+----------------------------------+
[root@controller openstack]#
?
創(chuàng)建域,項目,用戶,角色
創(chuàng)建ADMIN
[root@openstack-3 ~]# openstack domain create --description "Default Domain" default
[root@openstack-3 ~]# openstack project create --domain default --description "Admin Project" admin
[root@openstack-3 ~]# openstack user create --domain default --password-prompt admin
User Password: ?openpass
Repeat User Password: openpass
[root@openstack-3 ~]# openstack role create admin
[root@openstack-3 ~]# openstack role add --project admin --user admin admin
創(chuàng)建ADMIN 命令輸出如下:
[root@controller openstack]# openstack domain create --description "Default Domain" default
+-------------+----------------------------------+
| Field? ? ? ?| Value? ? ? ? ? ? ? ? ? ? ? ? ? ? |
+-------------+----------------------------------+
| description | Default Domain? ? ? ? ? ? ? ? ? ?|
| enabled? ? ?| True? ? ? ? ? ? ? ? ? ? ? ? ? ? ?|
| id? ? ? ? ? | a7585a6dc02547f69e322438df0a35b7 |
| name? ? ? ? | default? ? ? ? ? ? ? ? ? ? ? ? ? |
+-------------+----------------------------------+
[root@controller openstack]# openstack project create --domain default --description "Admin Project" admin
+-------------+----------------------------------+
| Field? ? ? ?| Value? ? ? ? ? ? ? ? ? ? ? ? ? ? |
+-------------+----------------------------------+
| description | Admin Project? ? ? ? ? ? ? ? ? ? |
| domain_id? ?| a7585a6dc02547f69e322438df0a35b7 |
| enabled? ? ?| True? ? ? ? ? ? ? ? ? ? ? ? ? ? ?|
| id? ? ? ? ? | c6e00eeb19dc488a98b4cda9c1d47a67 |
| is_domain? ?| False? ? ? ? ? ? ? ? ? ? ? ? ? ? |
| name? ? ? ? | admin? ? ? ? ? ? ? ? ? ? ? ? ? ? |
| parent_id? ?| a7585a6dc02547f69e322438df0a35b7 |
+-------------+----------------------------------+
[root@controller openstack]# openstack user create --domain default --password-prompt admin
User Password:opensack
Repeat User Password:opensack
+-----------+----------------------------------+
| Field? ? ?| Value? ? ? ? ? ? ? ? ? ? ? ? ? ? |
+-----------+----------------------------------+
| domain_id | a7585a6dc02547f69e322438df0a35b7 |
| enabled? ?| True? ? ? ? ? ? ? ? ? ? ? ? ? ? ?|
| id? ? ? ? | 4684290676cb4353b201ba34c82f3266 |
| name? ? ? | admin? ? ? ? ? ? ? ? ? ? ? ? ? ? |
+-----------+----------------------------------+
[root@controller openstack]# openstack role create admin
+-----------+----------------------------------+
| Field? ? ?| Value? ? ? ? ? ? ? ? ? ? ? ? ? ? |
+-----------+----------------------------------+
| domain_id | None? ? ? ? ? ? ? ? ? ? ? ? ? ? ?|
| id? ? ? ? | 10ebb2ab331741d4b5639d8e2f8affd7 |
| name? ? ? | admin? ? ? ? ? ? ? ? ? ? ? ? ? ? |
+-----------+----------------------------------+
[root@controller openstack]# openstack role add --project admin --user admin admin
[root@controller openstack]#
創(chuàng)建DEMO
[root@openstack-3 ~]# openstack project create --domain default --description "Service Project" service
[root@openstack-3 ~]# openstack project create --domain default --description "Demo Project" demo
[root@openstack-3 ~]# openstack user create --domain default --password-prompt demo
User Password: openpass
Repeat User Password:openpass
[root@openstack-3 ~]# openstack role create user
[root@openstack-3 ~]# openstack role add --project demo --user demo user
創(chuàng)建DEMO命令輸出如下:
[root@controller openstack]# openstack project create --domain default --description "Service Project" service
+-------------+----------------------------------+
| Field? ? ? ?| Value? ? ? ? ? ? ? ? ? ? ? ? ? ? |
+-------------+----------------------------------+
| description | Service Project? ? ? ? ? ? ? ? ? |
| domain_id? ?| a7585a6dc02547f69e322438df0a35b7 |
| enabled? ? ?| True? ? ? ? ? ? ? ? ? ? ? ? ? ? ?|
| id? ? ? ? ? | f7f43b236c554912a1403b51308ce335 |
| is_domain? ?| False? ? ? ? ? ? ? ? ? ? ? ? ? ? |
| name? ? ? ? | service? ? ? ? ? ? ? ? ? ? ? ? ? |
| parent_id? ?| a7585a6dc02547f69e322438df0a35b7 |
+-------------+----------------------------------+
[root@controller openstack]# openstack project create --domain default --description "Demo Project" demo
+-------------+----------------------------------+
| Field? ? ? ?| Value? ? ? ? ? ? ? ? ? ? ? ? ? ? |
+-------------+----------------------------------+
| description | Demo Project? ? ? ? ? ? ? ? ? ? ?|
| domain_id? ?| a7585a6dc02547f69e322438df0a35b7 |
| enabled? ? ?| True? ? ? ? ? ? ? ? ? ? ? ? ? ? ?|
| id? ? ? ? ? | d1bebf9cd232413784f0d2dd11b5cccb |
| is_domain? ?| False? ? ? ? ? ? ? ? ? ? ? ? ? ? |
| name? ? ? ? | demo? ? ? ? ? ? ? ? ? ? ? ? ? ? ?|
| parent_id? ?| a7585a6dc02547f69e322438df0a35b7 |
+-------------+----------------------------------+
[root@controller openstack]# openstack user create --domain default --password-prompt demo
User Password:
User Password:
Repeat User Password:
+-----------+----------------------------------+
| Field? ? ?| Value? ? ? ? ? ? ? ? ? ? ? ? ? ? |
+-----------+----------------------------------+
| domain_id | a7585a6dc02547f69e322438df0a35b7 |
| enabled? ?| True? ? ? ? ? ? ? ? ? ? ? ? ? ? ?|
| id? ? ? ? | 47ee72bc938f4837aff59b1aea259151 |
| name? ? ? | demo? ? ? ? ? ? ? ? ? ? ? ? ? ? ?|
+-----------+----------------------------------+
[root@controller openstack]# openstack role create user
+-----------+----------------------------------+
| Field? ? ?| Value? ? ? ? ? ? ? ? ? ? ? ? ? ? |
+-----------+----------------------------------+
| domain_id | None? ? ? ? ? ? ? ? ? ? ? ? ? ? ?|
| id? ? ? ? | 29d5319ab8a84ef783d7bac411b5d1cf |
| name? ? ? | user? ? ? ? ? ? ? ? ? ? ? ? ? ? ?|
+-----------+----------------------------------+
[root@controller openstack]# openstack role add --project demo --user demo user
[root@controller openstack]#
基本安裝完成,下面檢查Keystone服務安裝是否正常
?[root@openstack-3 openstack]# unset OS_TOKEN OS_URL
[root@openstack-3 openstack]# openstack --os-auth-url http://controller:35357/v3 --os-project-domain-name default --os-user-domain-name default --os-project-name admin --os-username admin token issue
Password: openpass
+------------+----------------------------------+
| Field? ? ? | Value? ? ? ? ? ? ? ? ? ? ? ? ? ? |
+------------+----------------------------------+
| expires? ? | 2016-08-25T10:46:30.718408Z? ? ? |
| id? ? ? ? ?| 95428a3859844f85be75324fc019df5c |
| project_id | fa42862973b645cb92e1eef65849d7f0 |
| user_id? ? | 4555c09cb5af498da08c8db5e2478271 |
+------------+----------------------------------+
[root@openstack-3 openstack]# openstack --os-auth-url http://controller:5000/v3 --os-project-domain-name default --os-user-domain-name default --os-project-name demo --os-username demo token issue
Password:openpass
+------------+----------------------------------+
| Field? ? ? | Value? ? ? ? ? ? ? ? ? ? ? ? ? ? |
+------------+----------------------------------+
| expires? ? | 2016-08-25T10:52:27.747840Z? ? ? |
| id? ? ? ? ?| a656497c53b84a3498fec04a34782192 |
| project_id | 3e63b063d87e4c96a17e0bb0dd37b283 |
| user_id? ? | 13b1033c0d724c019a7fe6826e687d03 |
+------------+----------------------------------+
創(chuàng)建admin-openrc腳本
[root@openstack-3 openstack]# vim admin-openrc
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=openpass
export OS_AUTH_URL=http://controller:35357/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
創(chuàng)建demo-openrc腳本
[root@openstack-3 openstack]# vim demo-openrc
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=demo
export OS_USERNAME=demo
export OS_PASSWORD=DEMO_PASS
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
[root@openstack-3 openstack]# source admin-openrc
[root@openstack-3 openstack]# openstack token issue
+------------+----------------------------------+
| Field? ? ? | Value? ? ? ? ? ? ? ? ? ? ? ? ? ? |
+------------+----------------------------------+
| expires? ? | 2016-08-26T02:16:13.904899Z? ? ? |
| id? ? ? ? ?| 01a61af82f6c46eb93acdd343f197fad |
| project_id | fa42862973b645cb92e1eef65849d7f0 |
| user_id? ? | 4555c09cb5af498da08c8db5e2478271 |
+------------+----------------------------------+
到此,Keystone安裝完成
本文轉自 OpenStack2015 51CTO博客,原文鏈接:http://blog.51cto.com/andyliu/1845085,如需轉載請自行聯(lián)系原作者
總結
以上是生活随笔為你收集整理的Centos7手动安装OpenStack Mitaka版本--KeyStone安装的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: Asp.net在线压缩和解压缩简单实现(
- 下一篇: Centos 6.9 Kick Star