Update OBS install docs for v2 removal
With the removal of the v2 API, there is no reason to keep listening on multiple ports. Update the OBS install guide to only mention the one port. The openSUSE openstack-keystone package does not provide a default vhost config file so we can update this independently of any package changes in the distro. This also removes a few incorrect notes, one claiming that the distro package installed and started the nonexistent eventlet service and one claiming that port 5000 only allowed non-admin access. Change-Id: Ic06af94335598e0aadac20874d177e531069548a
This commit is contained in:
parent
4fdb363051
commit
4c99563b14
|
@ -56,13 +56,6 @@ Install and configure components
|
|||
|
||||
.. include:: shared/note_configuration_vary_by_distribution.rst
|
||||
|
||||
.. note::
|
||||
|
||||
This guide uses the Apache HTTP server with ``mod_wsgi`` to serve
|
||||
Identity service requests on ports 5000 and 35357. By default, the
|
||||
keystone service still listens on these ports. Therefore, this guide
|
||||
manually disables the keystone service.
|
||||
|
||||
.. note::
|
||||
|
||||
Starting with the Newton release, SUSE OpenStack packages are shipping
|
||||
|
@ -77,7 +70,7 @@ Install and configure components
|
|||
|
||||
.. code-block:: console
|
||||
|
||||
# zypper install openstack-keystone apache2-mod_wsgi
|
||||
# zypper install openstack-keystone
|
||||
|
||||
.. end
|
||||
|
||||
|
@ -135,7 +128,7 @@ Install and configure components
|
|||
.. code-block:: console
|
||||
|
||||
# keystone-manage bootstrap --bootstrap-password ADMIN_PASS \
|
||||
--bootstrap-admin-url http://controller:35357/v3/ \
|
||||
--bootstrap-admin-url http://controller:5000/v3/ \
|
||||
--bootstrap-internal-url http://controller:5000/v3/ \
|
||||
--bootstrap-public-url http://controller:5000/v3/ \
|
||||
--bootstrap-region-id RegionOne
|
||||
|
@ -164,7 +157,6 @@ Configure the Apache HTTP server
|
|||
.. code-block:: apache
|
||||
|
||||
Listen 5000
|
||||
Listen 35357
|
||||
|
||||
<VirtualHost *:5000>
|
||||
WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
|
||||
|
@ -181,21 +173,6 @@ Configure the Apache HTTP server
|
|||
</Directory>
|
||||
</VirtualHost>
|
||||
|
||||
<VirtualHost *:35357>
|
||||
WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
|
||||
WSGIProcessGroup keystone-admin
|
||||
WSGIScriptAlias / /usr/bin/keystone-wsgi-admin
|
||||
WSGIApplicationGroup %{GLOBAL}
|
||||
WSGIPassAuthorization On
|
||||
ErrorLogFormat "%{cu}t %M"
|
||||
ErrorLog /var/log/apache2/keystone.log
|
||||
CustomLog /var/log/apache2/keystone_access.log combined
|
||||
|
||||
<Directory /usr/bin>
|
||||
Require all granted
|
||||
</Directory>
|
||||
</VirtualHost>
|
||||
|
||||
.. end
|
||||
|
||||
#. Recursively change the ownership of the ``/etc/keystone`` directory:
|
||||
|
@ -228,7 +205,7 @@ Finalize the installation
|
|||
$ export OS_PROJECT_NAME=admin
|
||||
$ export OS_USER_DOMAIN_NAME=Default
|
||||
$ export OS_PROJECT_DOMAIN_NAME=Default
|
||||
$ export OS_AUTH_URL=http://controller:35357/v3
|
||||
$ export OS_AUTH_URL=http://controller:5000/v3
|
||||
$ export OS_IDENTITY_API_VERSION=3
|
||||
|
||||
.. end
|
||||
|
|
|
@ -21,7 +21,7 @@ services.
|
|||
|
||||
.. code-block:: console
|
||||
|
||||
$ openstack --os-auth-url http://controller:35357/v3 \
|
||||
$ openstack --os-auth-url http://controller:5000/v3 \
|
||||
--os-project-domain-name Default --os-user-domain-name Default \
|
||||
--os-project-name admin --os-username admin token issue
|
||||
|
||||
|
@ -64,9 +64,3 @@ services.
|
|||
+------------+-----------------------------------------------------------------+
|
||||
|
||||
.. end
|
||||
|
||||
.. note::
|
||||
|
||||
This command uses the password for the ``demo``
|
||||
user and API port 5000 which only allows regular (non-admin)
|
||||
access to the Identity service API.
|
||||
|
|
Loading…
Reference in New Issue