Configuring Keystone in OpenStack (Essex)

Canonical

on 16 April 2012

Keystone is an identity service written in Python that provides a pluggable back end, designed to support various protocols for authentication and authorisation (Basic Auth, OAuth, and OpenID, to give a few examples). Simply put, it allows clients to obtain security tokens to access different cloud services. Keystone was spawned from the OpenStack project and is designed to work with the OpenStack API.

The following tutorial is a brief walk-through the configuration of Keystone, based on the Essex-4 OpenStack release in Ubuntu 12.04. There were major changes made to Keystone during Essex-3 and Essex-4, so be sure you’re using the latest Essex-4 code. It is important to familiarise yourself with a few key concepts before continuing with the tutorial.

Throughout the tutorial, it is assumed we have three hosts, each with a separate IP address. The first host will be running the nova-api, the second host will consist of MySQL/Glance/Keystone and the third host will be referenced as a swift endpoint.

Ubuntu cloud

Ubuntu offers all the training, software infrastructure, tools, services and support you need for your public and private clouds.

Newsletter signup

Select topics you’re
interested in

In submitting this form, I confirm that I have read and agree to Canonical’s Privacy Notice and Privacy Policy.

Related posts

OpenStack Charms 20.02 – CephFS backend for Manila and more

Canonical is proud to announce the availability of OpenStack Charms 20.02. This new release introduces a range of exciting features and several improvements...

OpenStack vs VMware: Bringing costs down

Moving to OpenStack from VMware can significantly reduce the TCO associated with an initial roll-out and ongoing maintenance of your cloud infrastructure....

Lessons learned from 100+ private cloud builds

Building a private cloud based on OpenStack has typically been a complex process with uncertain build costs based on time and materials requiring specialised...