このエントリーをはてなブックマークに追加

1.2.7. Keystoneの設定

Glance,Horizonなどの認証のためにKeystoneのテナント、サービス、認証ユーザの設定を行います。

#sudo stop keystone
#sudo mysql -u root -pnova -e "drop database keystone;"
#sudo mysql -u root -pnova -e "create database keystone;"
#sudo start keystone
SERVICE_TOKEN=999888777666
ADMIN_PASSWORD=password
DEMO_PASSWORD=password
NOVA_HOST=stack01
EC2_HOST=stack01
GLANCE_HOST=stack01
SWIFT_HOST=stack01
KEYSTONE_HOST=stack01
KEYSTONE_PROTOCOL=http
HORIZON_HOST=stack01

# Tenants
#keystone-manage tenant lilst
keystone-manage $* tenant add adminTenant
keystone-manage $* tenant add demoTenant

# Users
#keystone-manage user list
keystone-manage $* user add admin $ADMIN_PASSWORD
keystone-manage $* user add demo $DEMO_PASSWORD

# Roles
#keystone-manage role list
keystone-manage $* role add Admin
keystone-manage $* role add Member
keystone-manage $* role add KeystoneAdmin
keystone-manage $* role add KeystoneServiceAdmin
keystone-manage $* role grant Admin admin adminTenant
keystone-manage $* role grant Member demo demoTenant
keystone-manage $* role grant Admin admin demoTenant
keystone-manage $* role grant Admin admin
keystone-manage $* role grant KeystoneAdmin admin
keystone-manage $* role grant KeystoneServiceAdmin admin
keystone-manage $* role grant Member demo demoTenant

# Services
#keystone-manage service list
keystone-manage $* service add nova compute "Nova Compute Service"
keystone-manage $* service add glance image "Glance Image Service"
keystone-manage $* service add keystone identity "Keystone Identity Service"
keystone-manage $* service add swift object-store "Swift Service"
keystone-manage $* service add ec2 ec2 "EC2 Compatability Layer"

#endpointTemplates
#keystone-manage endpointTemplates list
keystone-manage $* endpointTemplates add RegionOne nova http://$NOVA_HOST:8774/v1.1/%tenant_id% http://$NOVA_HOST:8774/v1.1/%tenant_id% http://$NOVA_HOST:8774/v1.1/%tenant_id% 1 1
keystone-manage $* endpointTemplates add RegionOne glance http://$GLANCE_HOST:9292/v1.1/%tenant_id% http://$GLANCE_HOST:9292/v1.1/%tenant_id% http://$GLANCE_HOST:9292/v1.1/%tenant_id% 1 1
keystone-manage $* endpointTemplates add RegionOne keystone $KEYSTONE_PROTOCOL://$KEYSTONE_HOST:5000/v2.0 $KEYSTONE_PROTOCOL://$KEYSTONE_HOST:35357/v2.0 $KEYSTONE_PROTOCOL://$KEYSTONE_HOST:5000/v2.0 1 1
keystone-manage $* endpointTemplates add RegionOne swift http://$SWIFT_HOST:8080/v1/AUTH_%tenant_id% http://$SWIFT_HOST:8080/ http://$SWIFT_HOST:8080/v1/AUTH_%tenant_id% 1 1
keystone-manage $* endpointTemplates add RegionOne ec2 http://$EC2_HOST:8773/services/Cloud http://$EC2_HOST:8773/services/Admin http://$EC2_HOST:8773/services/Cloud 1 1

# Tokens
#keystone-manage token list
keystone-manage $* token add $SERVICE_TOKEN admin adminTenant 2015-02-05T00:00

# EC2 related creds - note we are setting the secret key to ADMIN_PASSWORD
#keystone-manage credentials list
keystone-manage $* credentials add admin EC2 'admin' $ADMIN_PASSWORD adminTenant
#keystone-manage $* credentials add demo EC2 'demo' $DEMO_PASSWORD demoTnant

#Checksudo apt-get install curl -y
#curl http://$NOVA_HOST:35357
#sudo apt-get install curl -y
#curl http://$NOVA_HOST:35357
#curl -d '{"auth": {"tenantName": "admin", "passwordCredentials":{"username": "admin", "password": "$ADMIN_PASSWORD"}} }' -H "Content-type:application/json" http://$$NOVA_HOST:35357/v2.0/tokens | python -mjson.tool
#curl -d '{"passwordCredentials":{"username": "admin", "password": "password"}}' -H "Content-type: application/json" http://$NOVA_HOST:35357/v2.0/tokens
#curl -H "X-Auth-Token:$SERVICE_TOKEN" http://localhost:35357/v2.0/tenants
#{"IdentityFault": {"message": "Unhandled error", "code": "500", "details": "Template u'/usr/keystone/content/admin/version.json.tpl' not found at line 0 column 0"}}

#の部分は実験用です。

前のトピックへ

1.2.6. sudoの設定

次のトピックへ

1.2.8. Openstackを構成するコンポーネントの起動スクリプト作成

このページ