OpenStack Juno: Installation using VirtualBox & Ubuntu 14.10 ( Identity Service - Keystone ) - 2



In Controller Node


# apt-get install mariadb-server python-mysqldb

# nano /etc/mysql/my.cnf

[mysqld]
...
bind-address = 10.10.10.10

[mysqld]
...
default-storage-engine = innodb
innodb_file_per_table
collation-server = utf8_general_ci
init-connect = 'SET NAMES utf8'
character-set-server = utf8

# service mysql restart

# mysql_secure_installation

# apt-get install rabbitmq-server

# rabbitmqctl change_password guest openstack

# mysql -u root -p

> CREATE DATABASE keystone;

> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'openstack';

> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'openstack';

> exit

# apt-get install keystone python-keystoneclient

# nano /etc/keystone/keystone.conf

[DEFAULT]
...
admin_token = openstack

[database]
...
connection = mysql://keystone:openstack@controller/keystone

[token]
...
provider = keystone.token.providers.uuid.Provider
driver = keystone.token.persistence.backends.sql.Token

[revoke]
...
driver = keystone.contrib.revoke.backends.sql.Revoke

[DEFAULT]
...
verbose = True

# keystone-manage db_sync

# service keystone restart

# rm -f /var/lib/keystone/keystone.db

# export OS_SERVICE_TOKEN=openstack

# export OS_SERVICE_TOKEN=openstack

# export OS_SERVICE_ENDPOINT=http://controller:35357/v2.0

# keystone tenant-create --name admin --description "Admin Tenant"

# keystone user-create --name admin --pass openstack --email admin@example.com

# keystone role-create --name admin

# keystone user-role-add --user admin --tenant admin --role admin

# keystone tenant-create --name demo --description "Demo Tenant"

# keystone user-create --name demo --tenant demo --pass DEMO_PASS --email demo@example.com

# keystone tenant-create --name service --description "Service Tenant"

# keystone service-create --name keystone --type identity --description "OpenStack Identity"

# keystone endpoint-create --service-id $(keystone service-list | awk '/ identity / {print $2}') --publicurl http://controller:5000/v2.0 --internalurl http://controller:5000/v2.0 --adminurl http://controller:35357/v2.0 --region regionOne

# unset OS_SERVICE_TOKEN OS_SERVICE_ENDPOINT

# keystone --os-tenant-name admin --os-username admin --os-password openstack --os-auth-url http://controller:35357/v2.0 token-get

# keystone --os-tenant-name admin --os-username admin --os-password openstack --os-auth-url http://controller:35357/v2.0 tenant-list

# keystone --os-tenant-name admin --os-username admin --os-password openstack --os-auth-url http://controller:35357/v2.0 user-list

# keystone --os-tenant-name admin --os-username admin --os-password openstack --os-auth-url http://controller:35357/v2.0 role-list

# keystone --os-tenant-name demo --os-username demo --os-password openstack --os-auth-url http://controller:35357/v2.0 token-get

# touch admin-openrc.sh

export OS_TENANT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=openstack
export OS_AUTH_URL=http://controller:35357/v2.0

# touch demo-openrc.sh

export OS_TENANT_NAME=demo
export OS_USERNAME=demo
export OS_PASSWORD=openstack
export OS_AUTH_URL=http://controller:5000/v2.0

# source admin-openrc.sh


7 comments:

  1. # keystone tenant-create --name admin --description "Admin Tenant"

    Unable to establish connection to http://controller:35357/v2.0/tenants

    Any advice? Every thing else uptill here is exacty as you have described

    ReplyDelete
  2. Hi, i am facing the same issue.. i followed the steps above and it is giving me
    Unable to establish connection to http://controller:35357/v2.0/tenants

    ReplyDelete
  3. I noticed when i disabled the following values in the /etc/keystone/keystone.conf
    [token]
    ...
    provider = keystone.token.providers.uuid.Provider
    driver = keystone.token.persistence.backends.sql.Token

    [revoke]
    ...
    driver = keystone.contrib.revoke.backends.sql.Revoke

    i get to proceed and create the tenant.

    ReplyDelete
  4. So, how is it going after disabling the above 2 values? any new errors?

    ReplyDelete
  5. OK so somehow, that worked for me too. but ae we suppose to disable it? maybe we got cleared from this step. are you seeing any issues after proceding?

    ReplyDelete
  6. i got an issue with glance authentication. Not sure if it is related to how i set the keystone.
    "unable to establish connection to http //controller:35357/v2.0/tenants"

    ReplyDelete
  7. check it ll be a mistake in config or in endpoint

    ReplyDelete

 

Flickr Photostream

Twitter Updates