diff --git a/doc/install-guide/section_keystone-install.xml b/doc/install-guide/section_keystone-install.xml
index 19f7b2c000..12159a7e83 100644
--- a/doc/install-guide/section_keystone-install.xml
+++ b/doc/install-guide/section_keystone-install.xml
@@ -71,7 +71,7 @@
Run the following command to install the packages:
# apt-get install keystone python-openstackclient apache2 libapache2-mod-wsgi memcached python-memcache
- # yum install openstack-keystone python-openstackclient memcached python-memcached
+ # yum install openstack-keystone httpd mod_wsgi python-openstackclient memcached python-memcached
# zypper install openstack-keystone python-openstackclient memcached python-python-memcached
@@ -269,19 +269,21 @@ admin_token = ADMIN_TOKEN
-
+
To configure the Apache HTTP server
- Edit the /etc/apache2/apache2.conf file and
- configure the ServerName option to reference the
- controller node:
+ Edit the /etc/apache2/apache2.conf
+ /etc/httpd/conf/httpd.conf
+ file and configure the ServerName option to
+ reference the controller node:
ServerName controller
Create the
- /etc/apache2/sites-available/wsgi-keystone.conf
+ /etc/apache2/sites-available/wsgi-keystone.conf
+ /etc/httpd/conf.d/wsgi-keystone.conf
file with the following content:
- Listen 5000
+ Listen 5000
Listen 35357
<VirtualHost *:5000>
@@ -310,13 +312,35 @@ Listen 35357
LogLevel info
ErrorLog /var/log/apache2/keystone-error.log
CustomLog /var/log/apache2/keystone-access.log combined
+</VirtualHost>
+ Listen 5000
+Listen 35357
+
+<VirtualHost *:5000>
+ WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone display-name=%{GROUP}
+ WSGIProcessGroup keystone-public
+ WSGIScriptAlias / /var/www/cgi-bin/keystone/main
+ WSGIApplicationGroup %{GLOBAL}
+ WSGIPassAuthorization On
+ LogLevel info
+ ErrorLogFormat "%{cu}t %M"
+ ErrorLog /var/log/httpd/keystone-error.log
+ CustomLog /var/log/httpd/keystone-access.log combined
+</VirtualHost>
+
+<VirtualHost *:35357>
+ WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone display-name=%{GROUP}
+ WSGIProcessGroup keystone-admin
+ WSGIScriptAlias / /var/www/cgi-bin/keystone/admin
+ WSGIApplicationGroup %{GLOBAL}
+ WSGIPassAuthorization On
+ LogLevel info
+ ErrorLogFormat "%{cu}t %M"
+ ErrorLog /var/log/httpd/keystone-error.log
+ CustomLog /var/log/httpd/keystone-access.log combined
</VirtualHost>
-
- Disable the default virtual host:
- # rm /etc/apache2/sites-enabled/000-default.conf
-
-
+
Enable the Identity service virtual hosts:
# ln -s /etc/apache2/sites-available/wsgi-keystone.conf /etc/apache2/sites-enabled
@@ -335,15 +359,24 @@ Listen 35357
in it:
# chown -R keystone:keystone /var/www/cgi-bin/keystone
# chmod 755 /var/www/cgi-bin/keystone/*
+ # restorecon /var/www/cgi-bin
+
+
+ Add the apache system user to the
+ keystone system group to permit access to the
+ Identity service configuration files by the Apache HTTP server:
+ # usermod -a -G keystone apache
To finalize installation
-
+
Restart the Apache HTTP server:
- # service apache2 restart
+ # service apache2 restart
+ # systemctl enable httpd.service
+# systemctl start httpd.service
-
+
Start the Identity service and configure it to start when the
system boots:
# systemctl enable openstack-keystone.service