[ Previous: Pre-requisites (1/9) ] [ 2 / 9 : Keystone ] [ Next: Glance (3 / 9) ]
Create the database for Keystone service
create database keystone;
grant all privileges on keystone.* to keystone@'localhost' identified by 'password';
grant all privileges on keystone.* to keystone@'%' identified by 'password';
flush privileges;
exit
Install required packages
apt -y install keystone apache2 libapache2-mod-wsgi-py3 python3-oauth2client
Update the configurations in /etc/keystone/keystone.conf as shown below
[cache]
memcache_servers = 10.0.3.1:11211
[database]
connection = mysql+pymysql://keystone:password@10.0.3.1/keystone
[receipt]
provider = fernet
Populate the identity service database
su -s /bin/bash keystone -c "keystone-manage db_sync"
Initialize fernet – allow running keystone under another operating system user/group
keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
Bootstrap keystone.
keystone-manage bootstrap --bootstrap-password password --bootstrap-admin-url http://10.0.3.1:5000/v3/ --bootstrap-internal-url http://10.0.3.1:5000/v3/ --bootstrap-public-url http://10.0.3.1:5000/v3/ --bootstrap-region-id RegionOne
Edit ServerName configuration in /etc/apache2/apache2.conf as shown below. Note the usage of a hostname which resolves to node IP 10.0.3.1
#ServerRoot "/etc/apache2"
ServerName controller
Restart apache2
systemctl restart apache2
The OpenStack client makes use of values set in environment variables. Create a file named admin-rc which exports/sets values for environment variables.
Content of ~/admin-rc
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=password
export OS_AUTH_URL=http://10.0.3.1:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
Update ~/.bashrc file such that every time we log in the contents is sourced and environment variables are set.
chmod +x admin-rc
echo "source ~/admin-rc " >> ~/.bashrc
[ Previous: Pre-requisites (1/9) ] [ 2 / 9 : Keystone ] [ Next: Glance (3 / 9) ]