Update OBS install docs for v2 removal

With the removal of the v2 API, there is no reason to keep listening on
multiple ports. Update the OBS install guide to only mention the one
port. The openSUSE openstack-keystone package does not provide a default
vhost config file so we can update this independently of any package
changes in the distro. This also removes a few incorrect notes, one
claiming that the distro package installed and started the nonexistent
eventlet service and one claiming that port 5000 only allowed non-admin
access.

Change-Id: Ic06af94335598e0aadac20874d177e531069548a
This commit is contained in:
Colleen Murphy 2018-02-08 15:46:41 +01:00
parent 4fdb363051
commit 4c99563b14
2 changed files with 4 additions and 33 deletions

View File

@ -56,13 +56,6 @@ Install and configure components
.. include:: shared/note_configuration_vary_by_distribution.rst
.. note::
This guide uses the Apache HTTP server with ``mod_wsgi`` to serve
Identity service requests on ports 5000 and 35357. By default, the
keystone service still listens on these ports. Therefore, this guide
manually disables the keystone service.
.. note::
Starting with the Newton release, SUSE OpenStack packages are shipping
@ -77,7 +70,7 @@ Install and configure components
.. code-block:: console
# zypper install openstack-keystone apache2-mod_wsgi
# zypper install openstack-keystone
.. end
@ -135,7 +128,7 @@ Install and configure components
.. code-block:: console
# keystone-manage bootstrap --bootstrap-password ADMIN_PASS \
--bootstrap-admin-url http://controller:35357/v3/ \
--bootstrap-admin-url http://controller:5000/v3/ \
--bootstrap-internal-url http://controller:5000/v3/ \
--bootstrap-public-url http://controller:5000/v3/ \
--bootstrap-region-id RegionOne
@ -164,7 +157,6 @@ Configure the Apache HTTP server
.. code-block:: apache
Listen 5000
Listen 35357
<VirtualHost *:5000>
WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
@ -181,21 +173,6 @@ Configure the Apache HTTP server
</Directory>
</VirtualHost>
<VirtualHost *:35357>
WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-admin
WSGIScriptAlias / /usr/bin/keystone-wsgi-admin
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
ErrorLogFormat "%{cu}t %M"
ErrorLog /var/log/apache2/keystone.log
CustomLog /var/log/apache2/keystone_access.log combined
<Directory /usr/bin>
Require all granted
</Directory>
</VirtualHost>
.. end
#. Recursively change the ownership of the ``/etc/keystone`` directory:
@ -228,7 +205,7 @@ Finalize the installation
$ export OS_PROJECT_NAME=admin
$ export OS_USER_DOMAIN_NAME=Default
$ export OS_PROJECT_DOMAIN_NAME=Default
$ export OS_AUTH_URL=http://controller:35357/v3
$ export OS_AUTH_URL=http://controller:5000/v3
$ export OS_IDENTITY_API_VERSION=3
.. end

View File

@ -21,7 +21,7 @@ services.
.. code-block:: console
$ openstack --os-auth-url http://controller:35357/v3 \
$ openstack --os-auth-url http://controller:5000/v3 \
--os-project-domain-name Default --os-user-domain-name Default \
--os-project-name admin --os-username admin token issue
@ -64,9 +64,3 @@ services.
+------------+-----------------------------------------------------------------+
.. end
.. note::
This command uses the password for the ``demo``
user and API port 5000 which only allows regular (non-admin)
access to the Identity service API.