1 | 1 |
new file mode 100755 |
... | ... |
@@ -0,0 +1,86 @@ |
0 |
+[DEFAULT] |
|
1 |
+# Show more verbose log output (sets INFO log level output) |
|
2 |
+verbose = False |
|
3 |
+ |
|
4 |
+# Show debugging output in logs (sets DEBUG log level output) |
|
5 |
+debug = False |
|
6 |
+ |
|
7 |
+# Which backend store should Keystone use by default. |
|
8 |
+# Default: 'sqlite' |
|
9 |
+# Available choices are 'sqlite' [future will include LDAP, PAM, etc] |
|
10 |
+default_store = sqlite |
|
11 |
+ |
|
12 |
+# Log to this file. Make sure you do not set the same log |
|
13 |
+# file for both the API and registry servers! |
|
14 |
+log_file = /opt/keystone/keystone.log |
|
15 |
+ |
|
16 |
+# List of backends to be configured |
|
17 |
+backends = keystone.backends.sqlalchemy |
|
18 |
+#For LDAP support, add: ,keystone.backends.ldap |
|
19 |
+ |
|
20 |
+# Dictionary Maps every service to a header.Missing services would get header |
|
21 |
+# X_(SERVICE_NAME) Key => Service Name, Value => Header Name |
|
22 |
+service-header-mappings = { |
|
23 |
+ 'nova' : 'X-Server-Management-Url', |
|
24 |
+ 'swift' : 'X-Storage-Url', |
|
25 |
+ 'cdn' : 'X-CDN-Management-Url'} |
|
26 |
+ |
|
27 |
+# Address to bind the API server |
|
28 |
+# TODO Properties defined within app not available via pipeline. |
|
29 |
+service_host = 0.0.0.0 |
|
30 |
+ |
|
31 |
+# Port the bind the API server to |
|
32 |
+service_port = 5000 |
|
33 |
+ |
|
34 |
+# Address to bind the Admin API server |
|
35 |
+admin_host = 0.0.0.0 |
|
36 |
+ |
|
37 |
+# Port the bind the Admin API server to |
|
38 |
+admin_port = 5001 |
|
39 |
+ |
|
40 |
+#Role that allows to perform admin operations. |
|
41 |
+keystone-admin-role = Admin |
|
42 |
+ |
|
43 |
+#Role that allows to perform service admin operations. |
|
44 |
+keystone-service-admin-role = KeystoneServiceAdmin |
|
45 |
+ |
|
46 |
+[keystone.backends.sqlalchemy] |
|
47 |
+# SQLAlchemy connection string for the reference implementation registry |
|
48 |
+# server. Any valid SQLAlchemy connection string is fine. |
|
49 |
+# See: http://bit.ly/ideIpI |
|
50 |
+#sql_connection = sqlite:///keystone.db |
|
51 |
+sql_connection = mysql://root:nova@localhost/keystone |
|
52 |
+backend_entities = ['UserRoleAssociation', 'Endpoints', 'Role', 'Tenant', |
|
53 |
+ 'User', 'Credentials', 'EndpointTemplates', 'Token', |
|
54 |
+ 'Service'] |
|
55 |
+ |
|
56 |
+# Period in seconds after which SQLAlchemy should reestablish its connection |
|
57 |
+# to the database. |
|
58 |
+sql_idle_timeout = 30 |
|
59 |
+ |
|
60 |
+[pipeline:admin] |
|
61 |
+pipeline = |
|
62 |
+ urlrewritefilter |
|
63 |
+ admin_api |
|
64 |
+ |
|
65 |
+[pipeline:keystone-legacy-auth] |
|
66 |
+pipeline = |
|
67 |
+ urlrewritefilter |
|
68 |
+ legacy_auth |
|
69 |
+ RAX-KEY-extension |
|
70 |
+ service_api |
|
71 |
+ |
|
72 |
+[app:service_api] |
|
73 |
+paste.app_factory = keystone.server:service_app_factory |
|
74 |
+ |
|
75 |
+[app:admin_api] |
|
76 |
+paste.app_factory = keystone.server:admin_app_factory |
|
77 |
+ |
|
78 |
+[filter:urlrewritefilter] |
|
79 |
+paste.filter_factory = keystone.middleware.url:filter_factory |
|
80 |
+ |
|
81 |
+[filter:legacy_auth] |
|
82 |
+paste.filter_factory = keystone.frontends.legacy_token_auth:filter_factory |
|
83 |
+ |
|
84 |
+[filter:RAX-KEY-extension] |
|
85 |
+paste.filter_factory = keystone.contrib.extensions.service.raxkey.frontend:filter_factory |
... | ... |
@@ -222,12 +222,15 @@ mkdir -p $NOVA_DIR/networks |
222 | 222 |
# (re)create nova database |
223 | 223 |
mysql -uroot -p$MYSQL_PASS -e 'DROP DATABASE nova;' || true |
224 | 224 |
mysql -uroot -p$MYSQL_PASS -e 'CREATE DATABASE nova;' |
225 |
+mysql -uroot -p$MYSQL_PASS -e 'DROP DATABASE keystone;' || true |
|
226 |
+mysql -uroot -p$MYSQL_PASS -e 'CREATE DATABASE keystone;' |
|
225 | 227 |
$NOVA_DIR/bin/nova-manage db sync |
226 | 228 |
|
229 |
+# FIXME (anthony) keystone should use keystone.conf.example |
|
230 |
+KEYSTONE_CONF=$KEYSTONE_DIR/etc/keystone.conf |
|
231 |
+cp $DIR/files/keystone.conf $KEYSTONE_CONF |
|
232 |
+ |
|
227 | 233 |
# initialize keystone with default users/endpoints |
228 |
-rm -f /opt/keystone/keystone.db |
|
229 |
-# FIXME keystone creates a keystone.log wherever you run it from (bugify) |
|
230 |
-cd /tmp |
|
231 | 234 |
BIN_DIR=$KEYSTONE_DIR/bin bash $DIR/files/keystone_data.sh |
232 | 235 |
|
233 | 236 |
# create a small network |
... | ... |
@@ -261,7 +264,7 @@ screen_it g-api "cd $GLANCE_DIR; bin/glance-api --config-file=etc/glance-api.con |
261 | 261 |
screen_it g-reg "cd $GLANCE_DIR; bin/glance-registry --config-file=etc/glance-registry.conf" |
262 | 262 |
# keystone drops a keystone.log where if it is run, so change the path to |
263 | 263 |
# where it can write |
264 |
-screen_it key "cd /tmp; $KEYSTONE_DIR/bin/keystone --config-file $KEYSTONE_DIR/etc/keystone.conf" |
|
264 |
+screen_it key "cd /tmp; $KEYSTONE_DIR/bin/keystone --config-file $KEYSTONE_CONF" |
|
265 | 265 |
screen_it n-api "$NOVA_DIR/bin/nova-api" |
266 | 266 |
screen_it n-cpu "$NOVA_DIR/bin/nova-compute" |
267 | 267 |
screen_it n-net "$NOVA_DIR/bin/nova-network" |