Identity service keystone | what is openstack | how to make openstack commands | connect ubuntu with database | install ubuntu on virtualbox | commands for identity service keystone in cloud computing
2. R A B I A Z A F A R
1 7 5 8 1 5 5 6 - 0 4 5
M U B A R A K A N A Z I R
1 7 5 8 1 5 5 6 - 0 3 7
A Q S A R E H M A N
1 7 5 8 1 5 5 6 - 0 2 3
3. CONTENT
• Overview
• Install and configure
– Prerequisites
– Install and configure components
– Configure the apache HTTP server
– Finalize the installation
• Create a domain, projects, roles and user
• Verify operation
• Create OpenStack client environment scripts
– Creating the scripts
– Using the scripts
4. OPEN-STACK
• Open-stack is an open-source cloud computing software
platform which provides an IaaS service model. It consists of a
group of projects that allow managing storage and
networking resource through a web-based dashboard, CLI
tools, or a REST API.
5. COMPONENTS OF OPEN STACK
Open-stack consists of a number of components. At CERN, there are
deployed 6 components:
• Open-stack Compute (Nova)
• Block Storage (Cinder)
• Identity Service (Keystone)
• Image Service (Glance)Dashboard (Horizon)
• Orchestration (Heat)
• Dashboard (horizon)
6. IDENTITY SERVICE (KEYSTONE)
• Keystone integrates functions for authentication, authorization, registration of tenants
and users, granting tokens, and creating polices for users and services. The important
thing is that Keystone is used between all Open-stack services and provides a
catalogue of available services and locations of API endpoints.
7. IDENTITY SERVICE KEYSTONE
• Step 1: download and install oracle virtual box
• Step 2: download Ubuntu server
• Step 3: create a base machine with minimum software boot options
14. DATABASE ACCESS
• Exit from terminal
• Again open terminal and type command “mysql” and press enter and then enter
password.
• ALTER USER ‘root’@’localhost’ IDENTIFIED WITH mysql_native_password BY ‘password’;
• FLUSH PRIVILEGES;
17. INSTALL AND CONFIGURE COMPONENTS
• Run the following command to install packages:
– #apt install keystone
• Edit the /etc/keystone/keystone.conf file and complete the following actions;
– In the [database] section, configure database access:
– In the [token] section, configure the Fernet token provider:
• Populate the identity service database:
18. INSTALL AND CONFIGURE COMPONENTS
• Initialized fernet key respositories:
• Bootstrape the identity service:
• Configure HTTP service:
22. CREATE A DOMAIN, PROJECTS, USERS,
AND ROLES
• The Identity service provides authentication services for each OpenStack service. The
authentication service uses a combination of domains, projects, users, and roles.
• Although the “default” domain already exists from the keystone-manage
bootstrap step in this guide, a formal way to create a new domain would be:
23. CONTINUE…
• Service project contain a unique user for each service that we add in our environment:
• Create the service project:
28. VERIFY OPERATION
• Unset the temporary OS_AUTH_URL and OS_PASSWORD environment variable
(perform on controller node)
• As the admin user request an authentication token:
29. VERIFY OPERATION
• As the myuser user is created in previous, request an authentication token: