본문 바로가기
Cloud/Openstack

[Centos7/Openstack]Openstack구축(8)-Keystone

Juile 2023. 9. 28. 15:16 
[root@controller ~]# su -s /bin/sh -c "keystone-manage db_sync" keystone​
[root@controller ~]# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone

[root@controller ~]#  keystone-manage credential_setup --keystone-user keystone --keystone-group keystone

2023.09.28

 

Controller

 

[root@controller ~]# mysql -u root -p
Enter password:
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 19
Server version: 10.1.20-MariaDB MariaDB Server

Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]>

 

 

2.

MariaDB [(none)]> CREATE DATABASE keystone;
Query OK, 1 row affected (0.00 sec)

 

3.

MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' \
    -> IDENTIFIED BY 'dkagh1.';
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' \
    -> IDENTIFIED BY 'dkagh1.';
Query OK, 0 rows affected (0.00 sec)

 

 

[root@controller ~]# yum install openstack-keystone httpd mod_wsgi

 

[root@controller ~]# cat /etc/keystone/keystone.conf

[database]

#
# From oslo.db
#

# If True, SQLite uses synchronous mode. (boolean value)
#sqlite_synchronous = true

# The back end to use for the database. (string value)
# Deprecated group/name - [DEFAULT]/db_backend
#backend = sqlalchemy

# The SQLAlchemy connection string to use to connect to the database. (string
# value)
# Deprecated group/name - [DEFAULT]/sql_connection
# Deprecated group/name - [DATABASE]/sql_connection
# Deprecated group/name - [sql]/connection
connection = mysql+pymysql://keystone:dkagh1.@controller/keystone

 

[root@controller ~]# vi /etc/keystone/keystone.conf

[token]
# ...
provider = fernet

 

[root@controller ~]# su -s /bin/sh -c "keystone-manage db_sync" keystone

 

 

[root@controller ~]# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone

[root@controller ~]#  keystone-manage credential_setup --keystone-user keystone --keystone-group keystone

 

 

[root@controller ~]# keystone-manage bootstrap --bootstrap-password dkagh1. \
>	--bootstrap-admin-url http://controller:5000/v3/ \
>   --bootstrap-internal-url http://controller:5000/v3/ \
>   --bootstrap-public-url http://controller:5000/v3/ \
>   --bootstrap-region-id RegionOne

 

 

 

[root@controller ~]# vi /etc/httpd/conf/httpd.conf

ServerName controller

 

 

[root@controller ~]# ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/

 

 

[root@controller ~]# systemctl enable httpd.service
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.

[root@controller ~]# systemctl start httpd.service

[root@controller ~]# systemctl status httpd.service
● httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
   Active: active (running) since Thu 2023-09-28 14:10:50 KST; 5s ago
     Docs: man:httpd(8)
           man:apachectl(8)
 Main PID: 15591 (httpd)
   Status: "Processing requests..."
   CGroup: /system.slice/httpd.service
           ├─15591 /usr/sbin/httpd -DFOREGROUND
           ├─15592 (wsgi:keystone- -DFOREGROUND
           ├─15593 (wsgi:keystone- -DFOREGROUND
           ├─15594 (wsgi:keystone- -DFOREGROUND
           ├─15595 (wsgi:keystone- -DFOREGROUND
           ├─15596 (wsgi:keystone- -DFOREGROUND
           ├─15597 (wsgi:keystone- -DFOREGROUND
           ├─15598 (wsgi:keystone- -DFOREGROUND
           ├─15599 (wsgi:keystone- -DFOREGROUND
           ├─15600 (wsgi:keystone- -DFOREGROUND
           ├─15601 (wsgi:keystone- -DFOREGROUND
           ├─15605 /usr/sbin/httpd -DFOREGROUND
           ├─15606 /usr/sbin/httpd -DFOREGROUND
           ├─15607 /usr/sbin/httpd -DFOREGROUND
           ├─15614 /usr/sbin/httpd -DFOREGROUND
           └─15615 /usr/sbin/httpd -DFOREGROUND

Sep 28 14:10:50 controller systemd[1]: Starting The Apache HTTP Server...
Sep 28 14:10:50 controller systemd[1]: Started The Apache HTTP Server.

 

 

 

 

 

[root@controller ~]# cat admin-openrc
export OS_USERNAME=admin
export OS_PASSWORD=dkagh1.
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2

 

 

[root@controller ~]# cat demo-openrc
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=demo
export OS_USERNAME=demo
export OS_PASSWORD=DEMO_PASS
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2

 

[root@controller ~]# . admin-openrc
[root@controller ~]# openstack token issue
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field      | Value                                                                                                                                                                                   |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| expires    | 2023-09-28T07:02:09+0000                                                                                                                                                                |
| id         | gAAAAABlFRbhdD-ZiftLQSjgIDU1nJ6TlOLOHcAodLI9spwNaeNGwkvxCZ-shwmFYdz4F22p97z4EcNIomCOgkyK_3YoSNP2GyePx7glPDF84gNwbNpPHBuZaRp21Q33Q_8NpwufWVmUODejUldRYqhLo1mrFlGgXghrIkWJCcxTGYJLOM4un4Y |
| project_id | df4b07a3884a4fef9db605d762b5436b                                                                                                                                                        |
| user_id    | ed69a2c97f30415cbbe0f91b90a2413c                                                                                                                                                        |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+

 

 

 

 

'Cloud > Openstack' 카테고리의 다른 글

[Error][Centos7/Openstack]Openstack  (0) 2023.10.07
[Centos7/Openstack]OpenstackNOVA  (0) 2023.09.28
[Centos7/Openstack]Openstack구축(7)-Install Etcd  (0) 2023.09.28
[Centos7/Openstack]Openstack 구축(5) - Install Message Queu  (0) 2023.09.28
[Centos7/Openstack] Openstack 구축(4)-SQL DATABASE  (0) 2023.09.28

'Cloud/Openstack' Related Articles

티스토리툴바