Keystone Setup
Keystone is a Python application that requires a number of dependencies to be installed. This document covers how to use Python, pip, and virtualenv to set up an isolated test environment for running and testing Keystone.
Prerequisites
- Make sure Python is installed.
Install pip, the Python package tool. Installation instructions can be found here. pip can also be installed via Homebrew for Mac OS X users.
Install
virtualenv
andvirtualenvwrapper
:pip install virtualenv virtualenvwrapper`
Set up
virtualenvwrapper
. Add the following lines to your.bash_profile
to get thevirtualenvwrapper
scripts in the path.export WORKON_HOME=$HOME/.virtualenvs source /usr/local/bin/virtualenvwrapper.sh
Clone the Keystone repo:
git clone https://github.com/openstack/keystone.git
Navigate to the Keystone repo and checkout the proper tag:
git checkout grizzly-2
Create a Virtual Environment for Keystone
Run the following command to create a virtual environment:
mkvirtualenv keystone-test
The keystone-test
virtual environment is now created, activated, and
ready to use.
Install the Keystone dependencies
The dependencies for running Keystone can be found in
tools/pip-requires
. At the time of this writing, grizzly-2
is the
latest tag of Keystone and the dependencies are based on versions that
work with that tag. Use pip
to install the dependencies as follows:
pip install -r tools/pip-requires
Configure Keystone
The next step is to select the appropriate options in the
keystone.conf
configuration file. A sample configuration that is
useful for local testing with Riak CS can be found here. This configuration file sets up logging to
./log/keystone/keystone.log
and uses the templated catalog backend to
set up the Riak CS object store service. This catalog backend uses a
local file to populate the service catalog.
The default file in the previously referenced sample keystone.conf
file uses etc/default_catalog.templates
, but this can be changed. Set
the contents of etc/default_catalog.templates
to be the following:
# config for TemplatedCatalog, using camelCase
catalog.RegionOne.identity.publicURL = http://localhost:$(public_port)s/v2.0
catalog.RegionOne.identity.adminURL = http://localhost:$(admin_port)s/v2.0
catalog.RegionOne.identity.internalURL = http://localhost:$(public_port)s/v2.0
catalog.RegionOne.identity.name = Identity Service
catalog.RegionOne.object-store.publicURL = http://localhost:8080/v1/AUTH_$(tenant_id)s
catalog.RegionOne.object-store.adminURL = http://localhost:8080/
catalog.RegionOne.object-store.internalURL = http://localhost:8080/v1/AUTH_$(tenant_id)s
catalog.RegionOne.object-store.name = 'Object Store Service'
Optional configuration
For testing, it can be easier to configure keystone to use UUID as the
token format. To do this, edit keystone.conf
and set the following:
token_format = UUID
Prepare the database
./bin/keystone-manage db_sync
Run Keystone
./bin/keystone-all --config-file /
/<absolute-path-to-keystone-repo>/keystone/etc/keystone.conf -d --debug
The following script can be used to set a number of useful environment variables to make using the Keystone client less cumbersome.
#!/bin/bash
export OS_SERVICE_TOKEN=ADMIN
export OS_SERVICE_ENDPOINT=http://localhost:35357/v2.0
export OS_IDENTITY_API_VERSION=2.0
export OS_AUTH_URL=http://localhost:5000/v2.0
export OS_USERNAME=test
export OS_PASSWORD=test
export OS_TENANT_NAME=test