Install the OpenStack Identity Service on the controller node, together with python-keystoneclient (which is a dependency):
# apt-get install keystone
The Identity Service uses a database to store information. Specify the location of the database in the configuration file. In this guide, we use a MySQL database on the controller node with the username
keystone. ReplaceKEYSTONE_DBPASSEdit
/etc/keystone/keystone.confand change the[sql]section.... [sql] # The SQLAlchemy connection string used to connect to the database connection = mysql://keystone:KEYSTONE_DBPASS@controller/keystone ...By default, the Ubuntu packages create an SQLite database. Delete the
keystone.dbfile created in the/var/lib/keystone/directory so that it does not get used by mistake.Use the password that you set previously to log in as root. Create a
keystonedatabase user:# mysql -u root -p mysql> CREATE DATABASE keystone; mysql> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' \ IDENTIFIED BY '
KEYSTONE_DBPASS'; mysql> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' \ IDENTIFIED BY 'KEYSTONE_DBPASS';Create the database tables for the Identity Service:
# keystone-manage db_sync
Define an authorization token to use as a shared secret between the Identity Service and other OpenStack services. Use openssl to generate a random token and store it in the configuration file:
# openssl rand -hex 10
Edit
/etc/keystone/keystone.confand change the[DEFAULT]section, replacing ADMIN_TOKEN with the results of the command.[DEFAULT] # A "shared secret" between keystone and other openstack services admin_token = ADMIN_TOKEN ...
Restart the Identity Service:
# service keystone restart
