Merge "[install] Update keystone for Newton"
This commit is contained in:
Jenkins
Gerrit Code Review
commit
531118e545
@ -5,8 +5,8 @@ Install and configure
|
|||||||
|
|
||||||
This section describes how to install and configure the OpenStack
|
This section describes how to install and configure the OpenStack
|
||||||
Identity service, code-named keystone, on the controller node. For
|
Identity service, code-named keystone, on the controller node. For
|
||||||
performance, this configuration deploys Fernet tokens and the Apache
|
scalability purposes, this configuration deploys Fernet tokens and
|
||||||
HTTP server to handle requests.
|
the Apache HTTP server to handle requests.
|
||||||
|
|
||||||
Prerequisites
|
Prerequisites
|
||||||
-------------
|
-------------
|
||||||
@ -42,13 +42,6 @@ database and an administration token.
|
|||||||
|
|
||||||
* Exit the database access client.
|
* Exit the database access client.
|
||||||
|
|
||||||
#. Generate a random value to use as the administration token during
|
|
||||||
initial configuration:
|
|
||||||
|
|
||||||
.. code-block:: console
|
|
||||||
|
|
||||||
$ openssl rand -hex 10
|
|
||||||
|
|
||||||
Install and configure components
|
Install and configure components
|
||||||
--------------------------------
|
--------------------------------
|
||||||
|
|
||||||
@ -98,18 +91,6 @@ Install and configure components
|
|||||||
2. Edit the ``/etc/keystone/keystone.conf`` file and complete the following
|
2. Edit the ``/etc/keystone/keystone.conf`` file and complete the following
|
||||||
actions:
|
actions:
|
||||||
|
|
||||||
* In the ``[DEFAULT]`` section, define the value of the initial
|
|
||||||
administration token:
|
|
||||||
|
|
||||||
.. code-block:: ini
|
|
||||||
|
|
||||||
[DEFAULT]
|
|
||||||
...
|
|
||||||
admin_token = ADMIN_TOKEN
|
|
||||||
|
|
||||||
Replace ``ADMIN_TOKEN`` with the random value that you generated in a
|
|
||||||
previous step.
|
|
||||||
|
|
||||||
* In the ``[database]`` section, configure database access:
|
* In the ``[database]`` section, configure database access:
|
||||||
|
|
||||||
.. code-block:: ini
|
.. code-block:: ini
|
||||||
@ -138,11 +119,24 @@ Install and configure components
|
|||||||
|
|
||||||
Ignore any deprecation messages in this output.
|
Ignore any deprecation messages in this output.
|
||||||
|
|
||||||
4. Initialize Fernet keys:
|
4. Initialize Fernet key repositories:
|
||||||
|
|
||||||
.. code-block:: console
|
.. code-block:: console
|
||||||
|
|
||||||
# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
|
# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
|
||||||
|
# keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
|
||||||
|
|
||||||
|
5. Bootstrap the Identity service:
|
||||||
|
|
||||||
|
.. code-block:: console
|
||||||
|
|
||||||
|
# keystone-manage bootstrap --bootstrap-password ADMIN_PASSWORD \
|
||||||
|
--bootstrap-admin-url http://controller:35357/v3/ \
|
||||||
|
--bootstrap-internal-url http://controller:35357/v3/ \
|
||||||
|
--bootstrap-public-url http://controller:5000/v3/ \
|
||||||
|
--bootstrap-region-id RegionOne
|
||||||
|
|
||||||
|
Replace ``ADMIN_PASSWORD`` with a suitable password for an administrative user.
|
||||||
|
|
||||||
.. only:: obs or rdo or ubuntu
|
.. only:: obs or rdo or ubuntu
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user