Running Openstack-Keystone under Apache

  1. Install Keystone and Apache(HTTPD) Packages
    [root@deepaknode1 ~]# yum install openstack-keystone openstack-utils openldap-clients python-openstackclient httpd mod_wsgi -y
  2. Copy keystone.py to httpd configuration
    [root@deepaknode1 ~]# mkdir /var/www/cgi-bin/keystone

    [root@deepaknode1 ~]# cp /usr/lib/python2.7/site-packages/keystone/httpd/keystone.py /var/www/cgi-bin/keystone/admin

    [root@deepaknode1 ~]# cp /usr/lib/python2.7/site-packages/keystone/httpd/keystone.py /var/www/cgi-bin/keystone/main

  3. Create /etc/httpd/conf.d/wsgi-keystone.conf with following content
    [root@deepaknode1 ~]# cat /etc/httpd/conf.d/wsgi-keystone.conf
    WSGISocketPrefix /var/run/wsgi
    SetEnv APACHE_RUN_USER keystone
    SetEnv APACHE_RUN_GROUP keystone
    Listen 5000
    <VirtualHost *:5000>
    WSGIDaemonProcess keystone-public user=keystone group=keystone display-name=keystone-public
    WSGIProcessGroup keystone-public
    WSGIImportScript /var/www/cgi-bin/keystone/main process-group=keystone-public application-group=%{GLOBAL}
    WSGIScriptAlias / /var/www/cgi-bin/keystone/main
    ErrorLog /var/log/keystone/httpd-error.log
    LogLevel info
    CustomLog /var/log/keystone/httpd-access.log combined
    LimitRequestBody 16384
    </VirtualHost>

    Listen 35357
    <VirtualHost *:35357>
    WSGIDaemonProcess keystone-admin user=keystone group=keystone display-name=keystone-admin
    WSGIProcessGroup keystone-admin
    WSGIImportScript /var/www/cgi-bin/keystone/main process-group=keystone-admin application-group=%{GLOBAL}
    WSGIScriptAlias / /var/www/cgi-bin/keystone/admin
    ErrorLog /var/log/keystone/httpd-error.log
    LogLevel info
    CustomLog /var/log/keystone/httpd-access.log combined
    LimitRequestBody 16384
    </VirtualHost>

  4. Start httpd service. Make sure openstack-keystone service is not running.
    [root@deepaknode1 ~]# service httpd start
    [root@deepaknode3 ~]# service httpd status
    Redirecting to /bin/systemctl status httpd.service
    …..
    Main PID: 16430 (httpd)
    CGroup: /system.slice/httpd.service
    ├─14749 keystone-public -DFOREGROUND
    ├─14750 keystone-admin -DFOREGROUND
    ├─14755 /usr/sbin/httpd -DFOREGROUND
    ├─14756 /usr/sbin/httpd -DFOREGROUND
    ├─14757 /usr/sbin/httpd -DFOREGROUND
  5. Continue with remaining Openstack-Keystone configuration like database setup, User/Project/Role/Service/Endpoint creation.
    Refer https://deepakrghuge.wordpress.com/2015/10/06/configure-openstack-keystone-for-ibm-spectrum-scale-object-storage/ for remaining setup. Just make sure that use httpd.service to start/stop keystone service instead of openstack-keystone.service

“These are my personal views and do not necessarily reflect that of my employer”

Advertisements