首页 > 其他分享> > OpenStack Trail 部署文档（三）部署Keystone

OpenStack Trail 部署文档（三）部署Keystone

2021-02-09 17:02:26 作者：互联网

身份验证服务Keystone

官方文档：https://docs.openstack.org/keystone/train/install/

1、初始化数据库

MariaDB [(none)]> CREATE DATABASE keystone;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'keystone123';

2、安装Keystone

[root@openstack-controller ~]# yum install openstack-keystone httpd mod_wsgi

3、编辑配置文件：/etc/keystone/keystone.conf

[database]
connection = mysql+pymysql://keystone:keystone123@openstack-controller.itcast.cn/keystone
......
[token]
expiration = 3600
provider = fernet
......

4、初始化数据库：

[root@openstack-controller ~]# su -s /bin/sh -c "keystone-manage db_sync" keystone

5、初始化密钥库：

[root@openstack-controller ~]# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
[root@openstack-controller ~]# keystone-manage credential_setup --keystone-user keystone --keystone-group keystone

6、创建身份服务：

[root@openstack-controller ~]# keystone-manage bootstrap --bootstrap-password admin --bootstrap-admin-url http://openstack-controller.itcast.cn:5000/v3/ --bootstrap-internal-url http://openstack-controller.itcast.cn:5000/v3/ --bootstrap-public-url http://openstack-controller.itcast.cn:5000/v3/ --bootstrap-region-id RegionOne

7、配置Apache服务器： /etc/httpd/conf/httpd.conf

......
ServerName openstack-controller.itcast.cn:80

8、完成安装启动服务

[root@openstack-controller ~]#  systemctl enable httpd.service
[root@openstack-controller ~]#  systemctl start httpd.service

服务重启方法：systemctl restart httpd
日志存放路径：/var/log/httpd/keystone.log

用于验证身份的环境变量：/root/admin.sh

#!/bin/bash
export OS_USERNAME=admin
export OS_PASSWORD=admin 
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://openstack-controller.itcast.cn:5000/v3 
export OS_IDENTITY_API_VERSION=3

服务验证方法：
[root@openstack-controller ~]# source admin.sh
[root@openstack-controller ~]# openstack user list

创建测试domain：
[root@openstack-controller ~]# openstack domain create --description "An Example Domain" example
创建service项目：
[root@openstack-controller ~]# openstack project create --domain default --description "Service Project" service
查看创建的domain：
[root@openstack-controller ~]# openstack domain list

标签：部署,OS,--,controller,keystone,Keystone,openstack,OpenStack,root
来源： https://www.cnblogs.com/wubolive/p/14393472.html