1. 安裝並配置依賴環境
a).安裝周邊環境
yum install ntp
yum install qpid-cpp-server memcached
yum install mysql mysql-server MySQL-python
service mysqld start
chkconfig mysqld on
mysql_secure_installationb).配置mysql數據庫
修改MySQL的密碼:
mysql -urootupdate user set password=PASSWORD('111111') whereUser='root';
update user set host = '%' where user = 'root';
授權本地root用戶擁有所有數據庫的所有權限:
GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' WITH GRANT OPTION;
FLUSH PRIVILEGES;2. 在controller節點上安裝keystone組件
yum install openstack-utils
yum install openstack-keystone python-keystoneclient3.修改配置文件keystone.conf
openstack-config --set /etc/keystone/keystone.confsql connection mysql://keystone:[email protected]/keystone
4.創建相應數據庫和表
openstack-db--init --service keystone --password 111111
5.產生admin token
ADMIN_TOKEN=$(opensslrand -hex 10)
echo$ADMIN_TOKEN
openstack-config--set /etc/keystone/keystone.conf DEFAULT admin_token $ADMIN_TOKEN
6.創建簽名和證書
keystone-managepki_setup --keystone-user keystone --keystone-group keystone
7.啓動keystone
serviceopenstack-keystone start
chkconfigopenstack-keystone on
8.加入users和tenants
在~/.bashrc中加入:
export OS_SERVICE_TOKEN=$ADMIN_TOKEN(與/etc/keystone/keystone.conf中的admin_token一致)
exportOS_SERVICE_ENDPOINT=http://controller:35357/v2.0
keystone tenant-create --name=admin--description="Admin Tenant"
keystone tenant-create --name=service--description="Service Tenant"
keystone user-create --name=admin --pass=111111 [email protected]
keystone role-create --name=admin
keystone user-role-add --user=admin --tenant=admin --role=admin
9.定義服務和api端
keystone service-create --name=keystone--type=identity --description="Keystone IdentityService"
(下面黃線部分與生成的service-id一致)
keystone endpoint-create \
--service-id=575895199fb1436da95c3c3476e074f0 \
--publicurl=http://controller:5000/v2.0 \
--internalurl=http://controller:5000/v2.0 \
--adminurl=http://controller:35357/v2.0
10.驗證keystone的安裝unsetOS_SERVICE_TOKEN OS_SERVICE_ENDPOINT
用戶授權驗證:
keystone --os-username=admin --os-password=111111 --os-auth-url=http://controller:35357/v2.0token-get
租戶授權驗證:
keystone --os-username=admin --os-password=111111 --os-tenant-name=admin--os-auth-url=http://controller:35357/v2.0 token-get
在controller和compute節點的~/.bashrc中加入
export OS_USERNAME=admin
export OS_PASSWORD=111111 (前面設置的admin的密碼)
export OS_TENANT_NAME=admin
export OS_AUTH_URL=http://controller:35357/v2.0
分別修改controller和compute的hosts,加入controller和compute1的信息
hostname(/etc/sysconfig/network)分別改爲controller和compute1