>安装Keystone
1. 安装
# apt-get install keystone
2. 创建db
create database keystone;
grant all privileges on keystone.* to 'keystone'@'%' identified by 'openstack';
grant all privileges on keystone.* to 'keystone'@'localhost' identified by 'openstack';
3. 配置/etc/keystone/keystone.conf
[sql]
# The SQLAlchemy connection string used to connect to the database
connection = mysql://keystone:openstack@controller/keystone

rm -f /var/lib/keystone/keystone.db
4. 初始表:
# keystone-manage db_sync

5. 重启keystone服务.
# service keystone restart

6. 首次super用户登陆:
在/etc/keystone/keystone.conf设置admin_token
[DEFAULT]
# A "shared secret" between keystone and other openstack services
admin_token = openstack
然后设置环境变量:
# export OS_SERVICE_TOKEN=openstack
# export OS_SERVICE_ENDPOINT=http://controller:35357/v2.0

7. 注册:service,endpoint.
keystone service-create \
--name=keystone --type=identity  \
--description="Keystone Identity Service";

keystone endpoint-create \
--service-id=189ad72176dc41829d2fa40a65fd86b8 \
--publicurl=http://controller:5000/v2.0 \
--internalurl=http://controller:5000/v2.0 \
--adminurl=http://controller:35357/v2.0;

8. 顺便创建Admin, 之后super要注释
# keystone tenant-create --name=admin --description="Admin Tenant"
# keystone user-create --name=admin --pass=openstack
# keystone role-create --name=admin
# keystone user-role-add --user=admin --tenant=admin --role=admin

-------------------------------------
9. 顺便创建普通用户
# keystone tenant-create --name=game --description="Game Tenant"
# keystone user-create --name=game --pass=openstack
# keystone user-role-add --user=game --tenant=game --role=_member_
# keystone user-role-list --tenant game --user game

04-15 00:36