12. 安装及部署keystone

 

 

 

命令行里登录openstack的方式有两种：

一种是密码登录： 在keystone里存在已经创建的用户和密码

另外一种是token的方式登录： 生成token，使用这个token登录openstack

 

单独如何安装keystone：

生成一个token值，写入keystone的配置文件中

# openssl rand -hex 10

写入配置文件中

 

需要数据库，安装：

 

最好修改character=utf8 ，之后重启服务

 

 

创建keystone数据库：

MariaDB [keystone]> grant all privilegeson keystone.* to [email protected]'%' identified by 'redhat';

Query OK, 0 rows affected (0.00 sec)

 

MariaDB [keystone]> grant all privilegeson keystone.* to [email protected]'localhost' identified by 'redhat';

Query OK, 0 rows affected (0.00 sec)

 

MariaDB [keystone]> grant all privilegeson keystone.* to [email protected]'192.168.179.140' identified by 'redhat';

Query OK, 0 rows affected (0.00 sec)

 

使用keystone用户登录到数据库：

 

继续修改keystone配置文件如下：

修改keystone的数据库：

mysql://用户名：密码@数据库的IP/数据库名称

keystone的服务端口，0.0.0.0 表示监听所有的接口

 

 

 

 

管理端口35357

rabbitmq配置：

 

 

 

至此，配置完毕。

 

同步数据库：

 

 

 

重启openstack-keystone服务失败之后

[[email protected] keystone]# systemctl statusopenstack-keystone.service

● openstack-keystone.service - OpenStackIdentity Service (code-named Keystone)

  Loaded: loaded (/usr/lib/systemd/system/openstack-keystone.service;disabled; vendor preset: disabled)

  Active: failed (Result: start-limit) since Sat 2018-01-13 19:10:26 CST;52s ago

 Process: 9582 ExecStart=/usr/bin/keystone-all (code=exited, status=1/FAILURE)

 MainPID: 9582 (code=exited, status=1/FAILURE)

 

Jan 13 19:10:26 osp3.coa.com systemd[1]: Unitopenstack-keystone.service entered failed state.

Jan 13 19:10:26 osp3.coa.com systemd[1]:openstack-keystone.service failed.

Jan 13 19:10:26 osp3.coa.com systemd[1]:openstack-keystone.service holdoff time over, scheduling restart.

Jan 13 19:10:26 osp3.coa.com systemd[1]:start request repeated too quickly for openstack-keystone.service

Jan 13 19:10:26 osp3.coa.com systemd[1]:Failed to start OpenStack Identity Service (code-named Keystone).

Jan 13 19:10:26 osp3.coa.com systemd[1]: Unitopenstack-keystone.service entered failed state.

Jan 13 19:10:26 osp3.coa.com systemd[1]:openstack-keystone.service failed.

[[email protected] keystone]# journalctl -xe

Jan 13 19:10:26 osp3.coa.comkeystone-all[9582]: File"/usr/lib/python2.7/site-packages/oslo_log/log.py", line 314, in_setup_logging_from_conf

Jan 13 19:10:26 osp3.coa.comkeystone-all[9582]: filelog = logging.handlers.WatchedFileHandler(logpath)

Jan 13 19:10:26 osp3.coa.comkeystone-all[9582]: File "/usr/lib64/python2.7/logging/handlers.py",line 392, in __init__

Jan 13 19:10:26 osp3.coa.comkeystone-all[9582]: logging.FileHandler.__init__(self, filename, mode,encoding, delay)

Jan 13 19:10:26 osp3.coa.com keystone-all[9582]:File "/usr/lib64/python2.7/logging/__init__.py", line 902, in__init__

Jan 13 19:10:26 osp3.coa.comkeystone-all[9582]: StreamHandler.__init__(self, self._open())

Jan 13 19:10:26 osp3.coa.comkeystone-all[9582]: File "/usr/lib64/python2.7/logging/__init__.py",line 925, in _open

Jan 13 19:10:26 osp3.coa.comkeystone-all[9582]: stream = open(self.baseFilename, self.mode)

Jan 1319:10:26 osp3.coa.com keystone-all[9582]: IOError: [Errno 13] Permissiondenied: '/var/log/keystone/keystone.log'

Jan 13 19:10:26 osp3.coa.com systemd[1]:openstack-keystone.service: main process exited, code=exited, status=1/FAILURE

Jan 13 19:10:26 osp3.coa.com systemd[1]:Failed to start OpenStack Identity Service (code-named Keystone).

-- Subject: Unit openstack-keystone.servicehas failed

-- Defined-By: systemd

-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel

--

-- Unit openstack-keystone.service hasfailed.

--

-- The result is failed.

Jan 13 19:10:26 osp3.coa.com systemd[1]: Unitopenstack-keystone.service entered failed state.

Jan 13 19:10:26 osp3.coa.com systemd[1]:openstack-keystone.service failed.

Jan 13 19:10:26 osp3.coa.com systemd[1]:openstack-keystone.service holdoff time over, scheduling restart.

Jan 13 19:10:26 osp3.coa.com systemd[1]:start request repeated too quickly for openstack-keystone.service

Jan 13 19:10:26 osp3.coa.com systemd[1]:Failed to start OpenStack Identity Service (code-named Keystone).

-- Subject: Unit openstack-keystone.servicehas failed

-- Defined-By: systemd

-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel

--

-- Unit openstack-keystone.service hasfailed.

--

-- The result is failed.

Jan 13 19:10:26 osp3.coa.com systemd[1]: Unitopenstack-keystone.service entered failed state.

Jan 13 19:10:26 osp3.coa.com systemd[1]:openstack-keystone.service failed.

 

修改配置文件权限：

修改日志权限：

 

再次重启：