In controller node
$ sudo apt-get install python-mysqldb mysql-server
*assign password for mysql
$ sudo nano /etc/mysql/my.cnf
[mysqld]
...
bind-address
= 192.168.0.10
*Enter your controller node ip here
$ sudo service mysql restart
$ sudo mysql_install_db
$ sudo mysql_secure_installation
*Enter yes for all
$ sudo apt-get install rabbitmq-server
$ sudo rabbitmqctl change_password guest openstack
*Here openstack is a rabbitmq server password
$ sudo apt-get install keystone
$ sudo nano /etc/keystone/keystone.conf
[sql]
# The SQLAlchemy connection string used to connect to the database
connection = mysql://keystone:openstack@controller/keystone
...
*Here openstack is a keystone database password and controller is hostname of current working node
$ sudo rm -f /var/lib/keystone/keystone.db
$ mysql -u root -p
mysql> CREATE DATABASE keystone;
mysql> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' \
IDENTIFIED BY openstack;
mysql> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' \
IDENTIFIED BY openstack;
*openstack > keystone database password
$ sudo keystone-manage db_sync
$ sudo nano /etc/keystone/keystone.conf
[DEFAULT]
# A "shared secret" between keystone and other openstack services
admin_token = openstack
...
*openstack > admin token password
$ sudo service keystone restart
$ export OS_SERVICE_TOKEN=openstack
$ export OS_SERVICE_ENDPOINT=http://controller:35357/v2.0
*openstack > admin token
$ keystone tenant-create --name=admin --description="Admin Tenant"
$ keystone tenant-create --name=service --description="Service Tenant"
$ keystone user-create --name=admin --pass=openstack --email=admin@controller
*openstack > admin password
$ keystone role-create --name=admin
$ keystone user-role-add --user=admin --tenant=admin --role=admin
$ keystone service-create --name=keystone --type=identity --description="Keystone Identity Service
$ keystone endpoint-create --service-id=the_service_id_above --publicurl=http://controller:5000/v2.0 --internalurl=http://controller:5000/v2.0 --adminurl=http://controller:35357/v2.0
*enter above displayed service id in place of
$ unset OS_SERVICE_TOKEN OS_SERVICE_ENDPOINT
$ keystone --os-username=admin --os-password=openstack --os-auth-url=http://controller:35357/v2.0 token-get
*openstack > admin password
$ keystone --os-username=admin --os-password=openstack --os-tenant-name=admin --os-auth-url=http://controller:35357/v2.0 token-get
*openstack > admin password
$ touch openrc.sh
export OS_USERNAME=admin
export OS_PASSWORD=openstack
export OS_TENANT_NAME=admin
export OS_AUTH_URL=http://controller:35357/v2.0
$ source openrc.sh
$ keystone token-get
$ keystone user-list
Hi,
ReplyDeleteThank you for your efforts !
Can you help me :
when I entre keystone tenant-create --name=admin --description="Admin Tenant"
I get this : Expecting authentication method via either a service token, --os-token or env[OS_SERVICE_TOKEN], or credentials, --os-username or env[OS_USERNAME].
Any hint !?
hicham, I have the same problem ... any solution?
ReplyDeleteI have some problem with this statement:
ReplyDelete$ keystone tenant-create --name=admin --description="Admin Tenant"
=> Authorization Failed: Unable to establish connection to http://controller:35357/v2.0/tokens
And I do not know how to create file "openrc.sh".
Can you help me ?
My email : truongvukhmt05@gmail.com
Thank you very much...