#Controller Node 설정
1) Add a User and Database on MariaDB for Keystone.
[root@Controller ~]# mysql -u root -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 9
Server version: 10.3.10-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> create database keystone;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> grant all privileges on keystone.* to keystone@'localhost' identified by 'password';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> grant all privileges on keystone.* to keystone@'%' identified by 'password';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> exit
Bye
2) Install Keystone.
[root@Controller ~]# yum --enablerepo=centos-openstack-stein,epel -y install openstack-keystone openstack-utils python-openstackclient httpd mod_wsgi
3) Configure Keystone.
[root@Controller ~]# vi /etc/keystone/keystone.conf
# 475줄 수정
memcache_servers = 10.0.0.30:11211
# 613줄 수정
connection = mysql+pymysql://keystone:password@10.0.0.30/keystone
[token]
# 2538줄 수정
provider = fernet
[root@Controller ~]# su -s /bin/bash keystone -c "keystone-manage db_sync"
[root@Controller ~]# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
[root@Controller ~]# keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
[root@Controller ~]# export controller=10.0.0.30
[root@Controller ~]# keystone-manage bootstrap --bootstrap-password adminpassword \
--bootstrap-admin-url http://$controller:5000/v3/ \
--bootstrap-internal-url http://$controller:5000/v3/ \
--bootstrap-public-url http://$controller:5000/v3/ \
--bootstrap-region-id RegionOne
4) If SELinux is enabled, change boolean settings.
[root@Controller ~]# setsebool -P httpd_use_openstack on
[root@Controller ~]# setsebool -P httpd_can_network_connect on
[root@Controller ~]# setsebool -P httpd_can_network_connect_db on
5) firewall 포트 허용
[root@Controller ~]# firewall-cmd --add-port=5000/tcp --permanent
success
[root@Controller ~]# firewall-cmd --reload
success
6) Keystone 설정 활성화 및 httpd 시작
[root@Controller ~]# ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/
[root@Controller ~]# systemctl start httpd
[root@Controller ~]# systemctl enable httpd
7) 오픈스택 서비스 접근을 위한 토큰 파일 생성
[root@Controller ~]# vi ~/keystonerc
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=adminpassword
export OS_AUTH_URL=http://10.0.0.30:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
export PS1='[\u@\h \W(keystone)]\$ '
[root@Controller ~]# chmod 600 ~/keystonerc
[root@Controller ~]# source ~/keystonerc
[root@Controller ~(keystone)]# echo "source ~/keystonerc " >> ~/.bash_profile
8) 프로젝트 생성
[root@Controller ~(keystone)]# openstack project create --domain default --description "Service Project" service
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Service Project |
| domain_id | default |
| enabled | True |
| id | c5e87c9b460e4f16801b4102019c97e6 |
| is_domain | False |
| name | service |
| parent_id | default |
| tags | [] |
+-------------+----------------------------------+
[root@Controller ~(keystone)]# openstack project list
+----------------------------------+---------+
| ID | Name |
+----------------------------------+---------+
| 183a5ed32a77427986038c176b605d73 | admin |
| c5e87c9b460e4f16801b4102019c97e6 | service |
+----------------------------------+---------+
'서버 > Cloud' 카테고리의 다른 글
| 오픈스택 클라우드 서버 구축(Stein)(6)-네트워크 서비스(Neutron) 설치 및 설정 (0) | 2023.02.02 |
|---|---|
| 오픈스택 클라우드 서버 구축(Stein)(5)-컴퓨트 서비스(Nova) 설치 및 설정 (0) | 2023.02.02 |
| 오픈스택 클라우드 서버 구축(Stein)(4)-이미지 서비스(Glance) 설치 및 설정 (0) | 2023.02.02 |
| 오픈스택 클라우드 서버 구축(Stein)(2)-오픈스택 기본 패키지 설정 (0) | 2023.02.02 |
| 오픈스택 클라우드 서버 구축(Stein)(1)-공통 기본 설정 (0) | 2023.02.02 |
