Install the Identity service: sudo apt-get install keystone Install curl, a command-line tool for running REST API requests: sudo apt-get install curl After installing, you need to delete the sqlite database it creates, then change the configuration to point to the mysql database. Delete the keystone.db file created in the /var/lib/keystone/ directory.sudo rm /var/lib/keystone/keystone.db Configure the production-ready backend data store. For Compute you must use a SQLAlchemy-compatible database, such as MySQL or PostgreSQL. This example shows MySQL. First, install MySQL with: sudo apt-get install python-mysqldb mysql-server During the install, you'll be prompted for the mysql root password. Enter a password of your choice and verify it. Edit /etc/mysql/my.cnf to change "bind-address" from localhost (127.0.0.1) to any (0.0.0.0) and restart the mysql service: sudo sed -i 's/127.0.0.1/0.0.0.0/g' /etc/mysql/my.cnf sudo service mysql restart For MySQL, create a MySQL database named "keystone" and a MySQL user named "keystone". Grant the "keystone" user full access to the "keystone" MySQL database. Start the mysql command line client by running: mysql -u root -p Enter the mysql root user's password when prompted. To configure the MySQL database, create the keystone database. mysql> CREATE DATABASE keystone; Create a MySQL user for the newly-created keystone database that has full control of the database. mysql> GRANT ALL ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'yourpassword'; Enter quit at the mysql> prompt to exit MySQL. mysql> quit Edit /etc/keystone/keystone.conf to include the --sql_connection to use the backend data store you just created. Ensure that it is owned by root and chmod is set to 0640 since it contains your mysql password. (You do leave the "default_store" as sqlite, however.) sudo nano /etc/keystone/keystone.conf sudo chown keystone:root /etc/keystone/keystone.conf sudo chmod 0640 /etc/keystone/keystone.conf Here is an example section: [keystone.backends.sqlalchemy] # SQLAlchemy connection string for the reference implementation registry # server. Any valid SQLAlchemy connection string is fine. # See: http://bit.ly/ideIpI sql_connection = mysql://keystone:yourpassword@192.168.206.130/keystone backend_entities = ['UserRoleAssociation', 'Endpoints', 'Role', 'Tenant', 'User', 'Credentials', 'EndpointTemplates', 'Token', 'Service'] Edit /etc/keystone/keystone.conf to use the IP address and ports for your environment. Here is an example keystone.conf. Ensure that the ports for keystone are correct, since the default keystone auth port changed from 5001 to 35357 and the packages install a conf file with 5001 for the auth_port setting. Restart the Identity Service. sudo service keystone restart Next, you configure the Identity Service by defining roles and users.