Openstak queens部署筆記(二) 安裝keystone
阿新 • • 發佈:2018-11-09
- 安裝keystone - 登入mysql伺服器中,建立資料庫keystone,授予訪問許可權 #mysql MariaDB [(none)]> CREATE DATABASE keystone; MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'Aa123456'; MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'Aa123456'; - 安裝配置元件 sudo apt install keystone apache2 libapache2-mod-wsgi vim /etc/keystone/keystone.conf [database] # ... connection = mysql+pymysql://keystone:[email protected]/keystone [token] provider = fernet - 初始化認證伺服器 sudo su -s /bin/sh -c "keystone-manage db_sync" keystone - 初始化令牌 sudo keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone sudo keystone-manage credential_setup --keystone-user keystone --keystone-group keystone - 引導身份認證 # keystone-manage bootstrap --bootstrap-password Aa123456 \ --bootstrap-admin-url http://controller:5000/v3/ \ --bootstrap-internal-url http://controller:5000/v3/ \ --bootstrap-public-url http://controller:5000/v3/ \ --bootstrap-region-id RegionOne - 配置apache vim /etc/apahce2/apahce2.conf ServerName controller sudo service apahce2 restart - 設定環境變數 export OS_USERNAME=admin export OS_PASSWORD=ADMIN_PASS export OS_PROJECT_NAME=admin export OS_USER_DOMAIN_NAME=Default export OS_PROJECT_DOMAIN_NAME=Default export OS_AUTH_URL=http://controller:5000/v3 export OS_IDENTITY_API_VERSION=3 - 建立使用者\組\服務 openstack project create --domain default --description "Service Project" service #建立Project 服務 openstack project create --domain default --description "Demo Project" demo #建立一個DemoProject openstack user create --domain default --password-prompt demo #建立Demo使用者 openstack role create user #建立使用者角色 openstack role add --project demo --user demo user #將Demo使用者新增至User角色 - 驗證 unset OS_AUTH_URL OS_PASSWORD openstack --os-auth-url http://controller:5000/v3 \ --os-project-domain-name Default --os-user-domain-name Default \ --os-project-name admin --os-username admin token issue openstack --os-auth-url http://controller:5000/v3 \ --os-project-domain-name Default --os-user-domain-name Default \ --os-project-name demo --os-username demo token issue - 建立環境指令碼 touch admin-openrc export OS_PROJECT_DOMAIN_NAME=Default export OS_USER_DOMAIN_NAME=Default export OS_PROJECT_NAME=admin export OS_USERNAME=admin export OS_PASSWORD=Aa123456 export OS_AUTH_URL=http://controller:5000/v3 export OS_IDENTITY_API_VERSION=3 export OS_IMAGE_API_VERSION=2 touch demo-openrc export OS_PROJECT_DOMAIN_NAME=default export OS_USER_DOMAIN_NAME=default export OS_PROJECT_NAME=demo export OS_USERNAME=demo export OS_PASSWORD=demo export OS_AUTH_URL=http://controller:5000/v3 export OS_IDENTITY_API_VERSION=3 export OS_IMAGE_API_VERSION=2 . admin-openrc openstack token issue
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value | +------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | expires | 2018-10-20T02:28:05+0000 | | id | gAAAAABbyoSl3qP_CQJ5N5QIbNwju5RN4MG6S2J1gqdoe1CikU2ateAQrGjkbMhV1CRBtodJgXIl2PJU2k8c-QHtZuVH6XhFPx_wxiw28Q6Ab6qBK6HVfY8Rj1Ew3KWNViKD4c6YMOvzMFL07f-LM17IwSAinRDeQSdZysBFbsOagXFSo1-Zym0 | | project_id | bc776f24088840dbb29017d069f564cb | | user_id | dac95fced5fe4606b1b72d4f4cb9b0de | +------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
-+