OpenStack Icehouse : Keystone 設定#12014/05/13

	OpenStack Identity Service (Keystone) をインストールします。
[1]	Keystone インストール

root@dlp:~#

apt-get -y install keystone python-mysqldb

[2]	Keystone 用のユーザーとデータベースを MySQL に登録

root@dlp:~#

mysql -u root -p

Enter password:
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 72
Server version: 5.6.16-1~exp1 (Ubuntu)

Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

# 「keystone」データベース作成 ( 'password'の箇所は設定するパスワードを入力 )

mysql>

create database keystone character set utf8;

Query OK, 1 row affected (0.00 sec)

mysql>

grant all privileges on keystone.* to keystone@'localhost' identified by 'password';

Query OK, 0 rows affected (0.00 sec)

mysql>

grant all privileges on keystone.* to keystone@'%' identified by 'password';

Query OK, 0 rows affected (0.00 sec)

mysql>

flush privileges;

Query OK, 0 rows affected (0.00 sec)

mysql>

exit

Bye

[3]	Keystone の基本設定

root@dlp:~#

vi /etc/keystone/keystone.conf

# 13行目：コメント解除して適当な管理者用 Token に変更

admin_token =

admintoken

# 626行目：変更 ( MySQL に登録したもの )

connection =

mysql://keystone:password@10.0.0.30/keystone

# 1196行目：コメント解除して追記

token_format =

PKI

# 1199-1220行目：全てコメント解除して地域情報等を変更

certfile = /etc/keystone/ssl/certs/signing_cert.pem
keyfile = /etc/keystone/ssl/private/signing_key.pem
ca_certs = /etc/keystone/ssl/certs/ca.pem
ca_key = /etc/keystone/ssl/private/cakey.pem
key_size = 2048
valid_days = 3650
cert_subject =

/C=JP/ST=Hiroshima/L=Hiroshima/O=Server_World/CN=dlp.srv.world

root@dlp:~#

keystone-manage pki_setup --keystone-user keystone --keystone-group keystone

root@dlp:~#

keystone-manage db_sync

root@dlp:~#

initctl restart keystone

keystone start/running, process 10060