Keystone kilo installation by source code
Thanks for this Blog,
https://developer.rackspace.com/blog/install-openstack-from-source/
But, as usual, the procedure is not simple like that since it always failure if we just follow the steps. So we modify the procedure and post it on my Blog.
installation
apt-get install -y mysql-server
sed -i "s/127.0.0.1/$MY_PRIVATE_IP\nskip-name-resolve\ncharacter-set-server = utf8\ncollation-server = utf8_general_ci\ninit-connect = 'SET NAMES utf8'/g" /etc/mysql/my.cnf
restart mysqlmysql -u root -pmysql -e "create database keystone;"
mysql -u root -pmysql -e "GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'keystone';"
mysql -u root -pmysql -e "GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'keystone';"apt-get install -y python-dev libmysqlclient-dev libffi-dev libssl-dev
pip install python-glanceclient python-keystoneclient python-openstackclient
pip install repoze.lru pbr mysql-pythonuseradd --home-dir "/var/lib/keystone" \
--create-home \
--system \
--shell /bin/false \
keystone
#Create essential dirs
mkdir -p /var/log/keystone
mkdir -p /etc/keystone
#Set ownership of the dirs
chown -R keystone:keystone /var/log/keystone
chown -R keystone:keystone /var/lib/keystone
chown keystone:keystone /etc/keystone
git clone https://github.com/openstack/keystone.git -b stable/kilo
cp -R keystone/etc/* /etc/keystone/
cd keystone
python setup.py install
pip install -r requirements.txtcp /etc/keystone/keystone.conf.sample /etc/keystone/keystone.conf
sed -i "s|database]|database]\nconnection = mysql://keystone:keystone@$MY_IP/keystone|g" /etc/keystone/keystone.conf
sed -i 's/#admin_token = ADMIN/admin_token = SuperSecreteKeystoneToken/g' /etc/keystone/keystone.confedit token section as followed.
[token]
provider = keystone.token.providers.uuid.Provider
driver = keystone.token.persistence.backends.sql.Tokenapt-get install python-mysqldb keystone-manage db_sync
Excute the folloing script, the keystone then started. ``` cat > /etc/init/keystone.conf << EOF description "Keystone API server" author "Soren Hansen soren@linux2go.dk"
start on runlevel [2345] stop on runlevel [!2345]
respawn
exec start-stop-daemon --start --chuid keystone --chdir /var/lib/keystone --name keystone --exec /usr/local/bin/keystone-all -- --config-file=/etc/keystone/keystone.conf --log-file=/var/log/keystone/keystone.log EOF
start keystone ```
Now you can use the following CLI to start/stop keystone.
service keystone start
service keystone stopcheck keystone daemon
root@keystonesource:~# ps aux|grep keystone
keystone 17495 2.3 6.1 171316 62004 ? Ss 18:24 0:07 /usr/bin/python /usr/local/bin/keystone-all --config-file=/etc/keystone/keystone.conf --log-file=/var/log/keystone/keystone.log
keystone 17625 0.0 6.8 275796 68964 ? S 18:24 0:00 /usr/bin/python /usr/local/bin/keystone-all --config-file=/etc/keystone/keystone.conf --log-file=/var/log/keystone/keystone.log
keystone 17626 0.0 6.8 276024 68956 ? S 18:24 0:00 /usr/bin/python /usr/local/bin/keystone-all --config-file=/etc/keystone/keystone.conf --log-file=/var/log/keystone/keystone.log
keystone 17627 0.0 5.8 171316 58228 ? S 18:24 0:00 /usr/bin/python /usr/local/bin/keystone-all --config-file=/etc/keystone/keystone.conf --log-file=/var/log/keystone/keystone.log
keystone 17628 0.0 5.8 171316 58228 ? S 18:24 0:00 /usr/bin/python /usr/local/bin/keystone-all --config-file=/etc/keystone/keystone.conf --log-file=/var/log/keystone/keystone.log
root 17721 0.0 0.2 10468 2136 pts/0 S+ 18:30 0:00 grep --color=auto keystone
access keystone
before we start to access keystone we might setup linux enviroment.
install keystone client
apt-get install python-keystoneclientedit openrc_admin
export OS_SERVICE_TOKEN=tokentoken
export OS_SERVICE_ENDPOINT=http://localhost:35357/v2.0execute the environment
source openrc_adminThen you can start to use keystone by CLI. If you are familar with restful api, you don't need to set up linux environment.
keystone --debug tenant-create --name admin --description "Admin Tenant"
keystone --debug tenant-list
adding Endpoint
root@keystonesource:~# keystone service-create --name service1 --type service1
/usr/local/lib/python2.7/dist-packages/keystoneclient/shell.py:65: DeprecationWarning: The keystone CLI is deprecated in favor of python-openstackclient. For a Python library, continue using python-keystoneclient.
'python-keystoneclient.', DeprecationWarning)
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | |
| enabled | True |
| id | 0204f666bfc24c9aa9f5922ce6c349b1 |
| name | service1 |
| type | service1 |
+-------------+----------------------------------+
root@keystonesource:~# keystone endpoint-create --region RegionTwo --service-id 0204f666bfc24c9aa9f5922ce6c349b1 --publicurl http://haha/v2 --adminurl http://lala/v2 --internalurl http://sasa/v2
/usr/local/lib/python2.7/dist-packages/keystoneclient/shell.py:65: DeprecationWarning: The keystone CLI is deprecated in favor of python-openstackclient. For a Python library, continue using python-keystoneclient.
'python-keystoneclient.', DeprecationWarning)
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| adminurl | http://lala/v2 |
| id | b7885c5ee730459aa464ef0cf8965794 |
| internalurl | http://sasa/v2 |
| publicurl | http://haha/v2 |
| region | RegionTwo |
| service_id | 0204f666bfc24c9aa9f5922ce6c349b1 |
+-------------+----------------------------------+
some error
/usr/local/lib/python2.7/dist-packages/keystoneclient/shell.py:65: DeprecationWarning: The keystone CLI is deprecated in favor of python-openstackclient. For a Python library, continue using python-keystoneclient.
'python-keystoneclient.', DeprecationWarning)show region endpoint
root@keystonesource:~# keystone --debug endpoint-list
/usr/local/lib/python2.7/dist-packages/keystoneclient/shell.py:65: DeprecationWarning: The keystone CLI is deprecated in favor of python-openstackclient. For a Python library, continue using python-keystoneclient.
'python-keystoneclient.', DeprecationWarning)
DEBUG:keystoneclient.session:REQ: curl -g -i -X GET http://localhost:35357/v2.0/endpoints -H "User-Agent: python-keystoneclient" -H "Accept: application/json" -H "X-Auth-Token: {SHA1}c6af3a86ea7fe57895754929accbf9869643da36"
INFO:urllib3.connectionpool:Starting new HTTP connection (1): localhost
DEBUG:urllib3.connectionpool:Setting read timeout to 600.0
DEBUG:urllib3.connectionpool:"GET /v2.0/endpoints HTTP/1.1" 200 243
DEBUG:keystoneclient.session:RESP: [200] date: Thu, 12 May 2016 10:29:01 GMT content-type: application/json content-length: 243 vary: X-Auth-Token x-openstack-request-id: req-1b0a5879-242f-4f49-b002-9558e04e1d2b
RESP BODY: {"endpoints": [{"internalurl": "http://sasa/v2", "adminurl": "http://lala/v2", "service_id": "0204f666bfc24c9aa9f5922ce6c349b1", "region": "RegionTwo", "enabled": true, "id": "b7885c5ee730459aa464ef0cf8965794", "publicurl": "http://haha/v2"}]}
+----------------------------------+-----------+----------------+----------------+----------------+----------------------------------+
| id | region | publicurl | internalurl | adminurl | service_id |
+----------------------------------+-----------+----------------+----------------+----------------+----------------------------------+
| b7885c5ee730459aa464ef0cf8965794 | RegionTwo | http://haha/v2 | http://sasa/v2 | http://lala/v2 | 0204f666bfc24c9aa9f5922ce6c349b1 |
+----------------------------------+-----------+----------------+----------------+----------------+----------------------------------+
--debug mode的情況下會顯示restapi的使用方式,但上述的token是假的,token可由自己設定的admin token去執行。
show endpoint
curl -g -i -X GET http://localhost:35357/v2.0/endpoints -H "Accept: application/json" -H "X-Auth-Token: tokentoken"
show tenant list
keystone --debug tenant-list
curl -g -i -X GET http://localhost:35357/v2.0/tenants -H "User-Agent: python-keystoneclient" -H "Accept: application/json" -H "X-Auth-Token: {SHA1}c6af3a86ea7fe57895754929accbf9869643da36"create tenant
keystone --debug tenant-create --name=demo
curl -g -i -X POST http://localhost:35357/v2.0/tenants -H "User-Agent: python-keystoneclient" -H "Content-Type: application/json" -H "Accept: application/json" -H "X-Auth-Token: {SHA1}c6af3a86ea7fe57895754929accbf9869643da36" -d '{"tenant": {"enabled": true, "name": "demo", "description": null}}'
No comments:
Post a Comment