这篇文章与我前面写的安装keystone有很大部分是相同,如果你看过前面的那篇文章这里略读主可以了
1.配置
也可参考:http://docs.openstack.org/trunk/openstack-compute/install/content/keystone-conf-file.html进行配置
[ugyn@cc keystone-2012.1]$ sudo chown -R ugyn:ugyn /etc/keystone
[ugyn@cc keystone-2012.1]$ mv /etc/keystone/logging.conf.sample /etc/keystone/logging.conf
1.2修改/etc/keystone/keystone.conf:
生成随机token:
[ugyn@cc keystone-2012.1]$ openssl rand -hex 10
7d97448231c0a2bac8a3
[ugyn@cc keystone-2012.1]$ vim /etc/keystone/keystone.conf
将生成的token替换admin_token的值
修改:#log_config = ./etc/logging.conf.sample
为:
log_config = /etc/keystone/logging.conf
修改:
[sql]
connection = sqlite:///keystone.db
idle_timeout = 200
为:
[sql]
connection = mysql://keystone:keystone@localhost/keystone
idle_timeout = 200
min_pool_size = 5
max_pool_size = 10
pool_timeout = 200
修改:
[catalog]
driver = keystone.catalog.backends.templated.TemplatedCatalog
template_file = ./etc/default_catalog.templates
为:
[catalog]
driver = keystone.catalog.backends.sql.Catalog
修改:
[token]
driver = keystone.token.backends.kvs.Tokens
为:
[token]
driver = keystone.token.backends.sql.Token
修改:
[ec2]
driver = keystone.contrib.ec2.backends.kvs.Ec2
为:
[ec2]
driver = keystone.contrib.ec2.backends.sql.Ec2
便于运行客户端命令创建以下文件并运行:
export SERVICE_TOKEN=7d97448231c0a2bac8a3
export SERVICE_ENDPOINT=http://127.0.0.1:35357/v2.0
export OS_USERNAME=nova
export OS_PASSWORD=service123
export OS_TENANT_NAME=service
export OS_AUTH_URL=http://127.0.0.1:5000/v2.0
说明:这里的用户数据是在下面2.3中脚本创建的,当设置了SERVICE_TOKEN、SERVICE_ENDPOINT可以运行任何的keystone命令,因此须小心
运行:
[ugyn@cc keystone-2012.1]$ source ~/.openstackrc
2.运行
2.1第一次运行时需创建数据表:
[ugyn@cc keystone-2012.1]$ keystone-manage db_sync
2.2运行keystone:
请新开一个终端或在后台运行
[ugyn@cc Desktop]$ keystone-all
2.3创建初始tenants、users、roles、services、endpoints:
修改tools/sample_data.sh,在文件开头添加以下内容:
[ugyn@cc keystone-2012.1]$ vim tools/sample_data.sh
#设置管理密码:
ADMIN_PASSWORD=admin123
#设置服务密码:
SERVICE_PASSWORD=service123
#要创建endpoint,请添加:
ENABLE_ENDPOINTS=ture
#要创建与swif相关的user,service:
ENABLE_SWIFT=ture
#要创建与quantum相关的user,service,添加:
#ENABLE_QUANTUM=ture
运行创建脚本:
[ugyn@cc keystone-2012.1]$ sudo tools/sample_data.sh
3.测试
3.1查看刚才创建的用户
[ugyn@cc keystone-2012.1]$ keystone user-list
3.2查看刚才创建的tenant
[ugyn@cc keystone-2012.1]$ keystone tenant-list
更多的操作请运行以下命令并自己测试
[ugyn@cc keystone-2012.1]$ keystone help