Установка и настройка Keystone для Openstack Queens на RHEL - PullRequest
Новая
       36

Установка и настройка Keystone для Openstack Queens на RHEL

0 голосов
/ 12 июня 2018 
Run the following command to install the packages:

# yum install openstack-keystone httpd mod_wsgi

Edit the /etc/keystone/keystone.conf file and complete the following actions:

    In the [database] section, configure database access:

    [database]
    # ...
    connection = mysql+pymysql://keystone:KEYSTONE_DBPASS@controller/keystone

    Replace KEYSTONE_DBPASS with the password you chose for the database.


    Note

    Comment out or remove any other connection options in the [database] section.

    In the [token] section, configure the Fernet token provider:

    [token]
    # ...
    provider = fernet

Populate the Identity service database:

# su -s /bin/sh -c "keystone-manage db_sync" keystone

Initialize Fernet key repositories:

# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
# keystone-manage credential_setup --keystone-user keystone --keystone-group keystone

Bootstrap the Identity service:


Note

Before the Queens release, keystone needed to be run on two separate ports to accomodate the Identity v2 API which ran a separate admin-only service commonly on port 35357. With the removal of the v2 API, keystone can be run on the same port for all interfaces.

# keystone-manage bootstrap --bootstrap-password ADMIN_PASS \
  --bootstrap-admin-url http://controller:5000/v3/ \
  --bootstrap-internal-url http://controller:5000/v3/ \
  --bootstrap-public-url http://controller:5000/v3/ \
  --bootstrap-region-id RegionOne

Replace ADMIN_PASS with a suitable password for an administrative user.

Настройка HTTP-сервера Apache¶ 

Edit the /etc/httpd/conf/httpd.conf file and configure the ServerName option to reference the controller node:

ServerName controller

Create a link to the /usr/share/keystone/wsgi-keystone.conf file:

# ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/

Завершение установки¶ 

Start the Apache HTTP service and configure it to start when the system boots:

# systemctl enable httpd.service
# systemctl start httpd.service

Configure the administrative account

$ export OS_USERNAME=admin
$ export OS_PASSWORD=ADMIN_PASS
$ export OS_PROJECT_NAME=admin
$ export OS_USER_DOMAIN_NAME=Default
$ export OS_PROJECT_DOMAIN_NAME=Default
$ export OS_AUTH_URL=http://controller:35357/v3
$ export OS_IDENTITY_API_VERSION=3

После завершения этих настроек: я запустил openstack domain create --descriptionПример «Домена примера»

Вывод: Служба недоступна (HTTP 503) Проверены все файлы конфигурации, такие как keystone.conf, Httpd.conf и т. Д., Но не удается получить доступ ккорень проблемы.

Есть предложения?

...