Canonical
on 16 April 2012
Keystone is an identity service written in Python that provides a pluggable back end, designed to support various protocols for authentication and authorisation (Basic Auth, OAuth, and OpenID, to give a few examples). Simply put, it allows clients to obtain security tokens to access different cloud services. Keystone was spawned from the OpenStack project and is designed to work with the OpenStack API.
The following tutorial is a brief walk-through the configuration of Keystone, based on the Essex-4 OpenStack release in Ubuntu 12.04. There were major changes made to Keystone during Essex-3 and Essex-4, so be sure you’re using the latest Essex-4 code. It is important to familiarise yourself with a few key concepts before continuing with the tutorial.
Throughout the tutorial, it is assumed we have three hosts, each with a separate IP address. The first host will be running the nova-api, the second host will consist of MySQL/Glance/Keystone and the third host will be referenced as a swift endpoint.
