6.3. Block Storage Prerequisite Configuration

6.3.1. Create the Block Storage Database

In this procedure the database and database user that will be used by the Block Storage services will be created. These steps must be performed while logged in to the database server as the root user.

Procedure 6.1. Creating the database to be used by Block Storage Services

  1. Connect to the database service using the mysql command. 
    # mysql -u root -p
  2. Create the cinder database. 
    mysql> CREATE DATABASE cinder;
  3. Create a cinder database user and grant it access to the cinder database. 
    mysql> GRANT ALL ON cinder.* TO 'cinder'@'%' IDENTIFIED BY 'PASSWORD';
    mysql> GRANT ALL ON cinder.* TO 'cinder'@'localhost' IDENTIFIED BY 'PASSWORD';
    Replace PASSWORD with a secure password that will be used to authenticate with the database server as this user.
  4. Flush the database privileges to ensure that they take effect immediately. 
    mysql> FLUSH PRIVILEGES;
  5. Exit the mysql client. 
    mysql> quit
The block storage database has been created. The database will be populated during service configuration.

6.3.2. Create the Block Storage Service Identity Records

The steps outlined in this procedure cover the creation of Identity records to support the Block Storage service:
  1. Create the cinder user, who has the admin role in the services tenant.
  2. Create the cinder service entry and assign it an endpoint.
These entries provide authentication for the Block Storage services, and guide other OpenStack services attempting to locate and access the volume functionality provided by Block Storage.
In order to proceed, you should have already performed the following (through the Identity service):
  1. Created an Administrator role named admin (refer to Section 3.8, “Create an Administrator Account” for instructions)
  2. Created the services tenant (refer to Section 3.10, “Create the Services Tenant” for instructions)

Note

The Deploying OpenStack: Learning Environments guide uses one tenant for all service users. For more information, refer to Section 3.10, “Create the Services Tenant”.
You can perform the following procedure from your Identity service host or on any machine where you've copied the keystonerc_admin file (which contains administrator credentials) and the keystone command-line utility is installed.

Procedure 6.2. Creating Identity records for the Block Storage service

  1. Authenticate as the administrator of the Identity service by running the source command on the keystonerc_admin file containing the required credentials. 
    # source ~/keystonerc_admin
  2. Create a user named cinder for the Block Storage service to use. 
    # keystone user-create --name cinder --pass PASSWORD
+----------+----------------------------------+
| Property |              Value               |
+----------+----------------------------------+
|  email   |                                  |
| enabled  |               True               |
|    id    | e1765f70da1b4432b54ced060139b46a |
|   name   |              cinder              |
| tenantId |                                  |
+----------+----------------------------------+
    Replace PASSWORD with a secure password that will be used by the Block Storage service when authenticating with the Identity service.
  3. Use the keystone user-role-add command to link the cinder user, admin role, and services tenant together: 
    # keystone user-role-add --user cinder --role admin --tenant services
  4. Create the cinder service entry: 
    # keystone service-create --name cinder \
        --type volume \
        --description "Cinder Volume Service"
+-------------+----------------------------------+
|   Property  |              Value               |
+-------------+----------------------------------+
| description |      Cinder Volume Service       |
|      id     | dfde7878671e484c9e581a3eb9b63e66 |
|     name    |              cinder              |
|     type    |              volume              |
+-------------+----------------------------------+
  5. Create the cinder endpoint entry. 
    # keystone endpoint-create \
        --service cinder \
        --publicurl "http://IP:8776/v1/\$(tenant_id)s" \
        --adminurl "http://IP:8776/v1/\$(tenant_id)s" \
        --internalurl "http://IP:8776/v1/\$(tenant_id)s"
    Replace IP with the IP address or host name of the system that will be hosting the Block Storage service API (openstack-cinder-api).

    Important

    If you intend to install and run multiple instances of the API service then you must repeat this step for the IP address or host name of each instance.
All supporting Identity service entries required by the Block Storage services have been created.