371a9655ec
As openstack installation guides suggest to run mysql with root shell user, mysql will not ask for password, so in controller-install-*.rst "-u root -p" is useless. Change-Id: I12807c72ee9fdbba6569e9b896bda22888c48a2d Related-Bug: #1785025
2.2 KiB
2.2 KiB
Prerequisites
Before you install and configure the Key Manager service, you must create a database, service credentials, and API endpoints.
To create the database, complete these steps:
Use the database access client to connect to the database server as the
rootuser:# mysqlCreate the
barbicandatabase:CREATE DATABASE barbican;Grant proper access to the
barbicandatabase:GRANT ALL PRIVILEGES ON barbican.* TO 'barbican'@'localhost' \ IDENTIFIED BY 'BARBICAN_DBPASS'; GRANT ALL PRIVILEGES ON barbican.* TO 'barbican'@'%' \ IDENTIFIED BY 'BARBICAN_DBPASS';Replace
BARBICAN_DBPASSwith a suitable password.Exit the database access client.
exit;
Source the
admincredentials to gain access to admin-only CLI commands:$ source admin-openrcTo create the service credentials, complete these steps:
Create the
barbicanuser:$ openstack user create --domain default --password-prompt barbicanAdd the
adminrole to thebarbicanuser:$ openstack role add --project service --user barbican adminCreate the
creatorrole:$ openstack role create creatorAdd the
creatorrole to thebarbicanuser:$ openstack role add --project service --user barbican creatorCreate the barbican service entities:
$ openstack service create --name barbican --description "Key Manager" key-manager
Create the Key Manager service API endpoints:
$ openstack endpoint create --region RegionOne \ key-manager public http://controller:9311 $ openstack endpoint create --region RegionOne \ key-manager internal http://controller:9311 $ openstack endpoint create --region RegionOne \ key-manager admin http://controller:9311