Installing mysql rabbit server and configuring keystone ( OpenStack cloud installation - Havana )

In controller node

$ sudo apt-get install python-mysqldb mysql-server

*assign password for mysql

$ sudo nano /etc/mysql/my.cnf


*Enter your controller node ip here

$ sudo service mysql restart

$ sudo mysql_install_db

$ sudo mysql_secure_installation

*Enter yes for all

$ sudo apt-get install rabbitmq-server

$ sudo rabbitmqctl change_password guest openstack

*Here openstack is a rabbitmq server password

$ sudo apt-get install keystone

$ sudo nano /etc/keystone/keystone.conf

# The SQLAlchemy connection string used to connect to the database
connection = mysql://keystone:openstack@controller/keystone

*Here openstack is a keystone database password and controller is hostname of current working node

$ sudo rm -f /var/lib/keystone/keystone.db

$ mysql -u root -p
mysql> CREATE DATABASE keystone;
mysql> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' \
IDENTIFIED BY openstack;
mysql> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' \
IDENTIFIED BY openstack;

*openstack > keystone database password

$ sudo keystone-manage db_sync

$ sudo nano /etc/keystone/keystone.conf

# A "shared secret" between keystone and other openstack services
admin_token = openstack

*openstack > admin token password

$ sudo service keystone restart

$ export OS_SERVICE_TOKEN=openstack
$ export OS_SERVICE_ENDPOINT=http://controller:35357/v2.0

*openstack > admin token

$ keystone tenant-create --name=admin --description="Admin Tenant"
$ keystone tenant-create --name=service --description="Service Tenant"

$ keystone user-create --name=admin --pass=openstack --email=admin@controller

*openstack > admin password

$ keystone role-create --name=admin

$ keystone user-role-add --user=admin --tenant=admin --role=admin

$ keystone service-create --name=keystone --type=identity --description="Keystone Identity Service

$ keystone endpoint-create --service-id=the_service_id_above --publicurl=http://controller:5000/v2.0 --internalurl=http://controller:5000/v2.0 --adminurl=http://controller:35357/v2.0

*enter above displayed service id in place of


$ keystone --os-username=admin --os-password=openstack --os-auth-url=http://controller:35357/v2.0 token-get

*openstack > admin password

$ keystone --os-username=admin --os-password=openstack --os-tenant-name=admin --os-auth-url=http://controller:35357/v2.0 token-get

*openstack > admin password

$ touch

export OS_USERNAME=admin
export OS_PASSWORD=openstack
export OS_TENANT_NAME=admin
export OS_AUTH_URL=http://controller:35357/v2.0

$ source

$ keystone token-get

$ keystone user-list


  1. Hi,
    Thank you for your efforts !
    Can you help me :
    when I entre keystone tenant-create --name=admin --description="Admin Tenant"
    I get this : Expecting authentication method via either a service token, --os-token or env[OS_SERVICE_TOKEN], or credentials, --os-username or env[OS_USERNAME].

    Any hint !?

  2. hicham, I have the same problem ... any solution?

  3. I have some problem with this statement:
    $ keystone tenant-create --name=admin --description="Admin Tenant"
    => Authorization Failed: Unable to establish connection to http://controller:35357/v2.0/tokens
    And I do not know how to create file "".
    Can you help me ?
    My email :
    Thank you very much...



Flickr Photostream

Twitter Updates