1、Create the service entity and API endpoint | Create the service entity for the Identity service:
# keystone service-create --name keystone --type identity --description "OpenStack Identity"2、Create the API endpoint for the Identity service:
# keystone endpoint-create --service-id $(keystone service-list | awk '/ identity / {print $2}') --publicurl http://controller:5000/v2.0 --internalurl http://controller:5000/v2.0 --adminurl http://controller:35357/v2.0 --region regionOne3、察看keystone认证消息
[root@controller ~]# keystone user-list+----------------------------------+-------+---------+-------------------------+|id|name | enabled |email|+----------------------------------+-------+---------+-------------------------+| 7053cfacc4b047dcabe82f6be0e5dc77 | admin |True| admin@zhengyansheng.com || eea569106329465996e9e09a666838bd |demo |True|demo@zhengyansheng.com |+----------------------------------+-------+---------+-------------------------+[root@controller ~]# keystone tenant-list+----------------------------------+---------+---------+|id|name| enabled |+----------------------------------+---------+---------+| 307fd76766eb4b02a28779f4e88717ce |admin|True|| f054bd56851b4a318a19233a13e13d31 |demo|True|| d865c3b49f6f4bf7b2a0b93e0110e546 | service |True|+----------------------------------+---------+---------+[root@controller ~]# keystone service-list+----------------------------------+----------+----------+--------------------+|id|name|type|description|+----------------------------------+----------+----------+--------------------+| 9754f7bdf78c4000875f1aa5f3291b19 | keystone | identity | OpenStack Identity |+----------------------------------+----------+----------+--------------------+[root@controller ~]# keystone endpoint-list+----------------------------------+-----------+-----------------------------+-----------------------------+------------------------------+----------------------------------+|id|region|publicurl|internalurl|adminurl|service_id|+----------------------------------+-----------+-----------------------------+-----------------------------+------------------------------+----------------------------------+| 6831d6708fe4469fa653b9b5adf801d9 | regionOne | http://controller:5000/v2.0 | http://controller:5000/v2.0 | http://controller:35357/v2.0 | 9754f7bdf78c4000875f1aa5f3291b19 |+----------------------------------+-----------+-----------------------------+-----------------------------+------------------------------+----------------------------------+4、废除偶尔树立的情况变量
# unset OS_SERVICE_TOKEN # unset OS_SERVICE_ENDPOINT5、运用keystone举行用户认证
# keystone --os-tenant-name admin --os-username admin --os-password admin --os-auth-url http://controller:35357/v2.0 token-get# keystone --os-tenant-name admin --os-username admin --os-password admin --os-auth-url http://controller:35357/v2.0 tenant-list# keystone --os-tenant-name admin --os-username admin --os-password admin --os-auth-url http://controller:35357/v2.0 user-list# keystone --os-tenant-name admin --os-username admin --os-password admin --os-auth-url http://controller:35357/v2.0 role-list6、运用普遍用户demo认证尝试
# keystone --os-tenant-name demo --os-username demo --os-password demo --os-auth-url http://controller:35357/v2.0 token-get# keystone --os-tenant-name demo --os-username demo --os-password demo --os-auth-url http://controller:35357/v2.0 user-listYou are not authorized to perform the requested action: admin_required (HTTP 403)7、存户端cli吩咐行剧本
# vim ~/admin-openrc.sh export OS_TENANT_NAME=adminexport OS_USERNAME=adminexport OS_PASSWORD=adminexport OS_AUTH_URL=http://controller:35357/v2.0# vim ~/demo-openrc.shexport OS_TENANT_NAME=demoexport OS_USERNAME=demoexport OS_PASSWORD=demoexport OS_AUTH_URL=http://controller:5000/v2.0# source admin-openrc.sh8、尝试即使废除情况变量,经过keystone仍旧不妨认证经过证明keystone是摆设胜利的
四、安置glance组件
1、创造keystone数据库和受权用户
mysql -u root -pCREATE DATABASE glance;GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY 'glance';GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY 'glance';2、创造glance用户并介入到admin组中
# keystone user-create --name glance --pass glance# keystone user-role-add --user glance --tenant service --role admin3、创造glance效劳
# keystone service-create --name glance --type image --description "OpenStack Image Service"4、创造Identity的效劳考察rul
# keystone endpoint-create --service-id $(keystone service-list | awk '/ image / {print $2}') --publicurl http://controller:9292 --internalurl http://controller:9292 --adminurl http://controller:9292 --region regionOne5、安置摆设glance包
# yum -y install openstack-glance python-glanceclient6、窜改glance摆设文献
# cp /etc/glance/glance-api.conf /etc/glance/glance-api.conf.bak# vim /etc/glance/glance-api.conf[DEFAULT] verbose = True[database]connection = mysql://glance:glance@controller/glance[keystone_authtoken]auth_uri = http://controller:5000/v2.0identity_uri = http://controller:35357admin_tenant_name = serviceadmin_user = glanceadmin_password = glance[paste_deploy]flavor = keystone[glance_store]default_store = filefilesystem_store_datadir = /var/lib/glance/images/# cp /etc/glance/glance-registry.conf /etc/glance/glance-registry.conf.bak# vim /etc/glance/glance-registry.conf[DEFAULT]verbose = True[database]connection = mysql://glance:glance@controller/glance[keystone_authtoken]auth_uri = http://controller:5000/v2.0identity_uri = http://controller:35357admin_tenant_name = serviceadmin_user = glanceadmin_password = glance [paste_deploy]flavor = keystone7、同步glance到mariadb数据库
推荐阅读
- 免费好用的微信第三方 微信第三方免费平台哪个好
- vmware创建linux虚拟机教程 linux搭建虚拟机
- 亲呗贷款平台怎么样「亲呗贷款app下载」
- 正规肾脏交易平台 正规肾脏交易
- 推广平台排行榜 网络推广平台有哪些渠道
- 四库平台,四库一平台官网
- 正规赚佣金的平台「佣金赚钱平台」
- 二手名表交易平台哪家靠谱「正规二手表交易平台」
- 网店哪个平台最靠谱 在哪开网店比较好
- 找工作哪个平台最可靠真实 找工作软件哪个最靠谱