openstack/devstack
Code Issues Proposed changes

Change most keystoneclient commands to openstacklient in libs

Browse Source 
migrated most keystoneclient commands from the following libs:
 ceilometer
 cinder
 ironic
 keystone
 marconi
 neutron
 nova
 savanna
 swift
 trove

Also need to set and unset openstackclient specific environment
variables from stack.sh

Change-Id: I725f30bc08e1df5a4c5770576c19ad1ddaeb843a
This commit is contained in:
Steve Martinelli 2014-01-24 13:02:26 -06:00
parent 824fac2cc7
commit 19685428e3
11 changed files with 206 additions and 177 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
lib/ceilometer
View File

@ -71,33 +71,33 @@ function is_ceilometer_enabled {
create_ceilometer_accounts() {
SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
# Ceilometer
if [[ "$ENABLED_SERVICES" =~ "ceilometer-api" ]]; then
CEILOMETER_USER=$(keystone user-create \
--name=ceilometer \
--pass="$SERVICE_PASSWORD" \
--tenant_id $SERVICE_TENANT \
--email=ceilometer@example.com \
CEILOMETER_USER=$(openstack user create \
ceilometer \
--password "$SERVICE_PASSWORD" \
--project $SERVICE_TENANT \
--email ceilometer@example.com \
| grep " id " | get_field 2)
keystone user-role-add \
--tenant-id $SERVICE_TENANT \
--user-id $CEILOMETER_USER \
--role-id $ADMIN_ROLE
openstack role add \
$ADMIN_ROLE \
--project $SERVICE_TENANT \
--user $CEILOMETER_USER
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
CEILOMETER_SERVICE=$(keystone service-create \
--name=ceilometer \
CEILOMETER_SERVICE=$(openstack service create \
ceilometer \
--type=metering \
--description="OpenStack Telemetry Service" \
| grep " id " | get_field 2)
keystone endpoint-create \
openstack endpoint create \
$CEILOMETER_SERVICE \
--region RegionOne \
--service_id $CEILOMETER_SERVICE \
--publicurl "$CEILOMETER_SERVICE_PROTOCOL://$CEILOMETER_SERVICE_HOST:$CEILOMETER_SERVICE_PORT" \
--adminurl "$CEILOMETER_SERVICE_PROTOCOL://$CEILOMETER_SERVICE_HOST:$CEILOMETER_SERVICE_PORT" \
--internalurl "$CEILOMETER_SERVICE_PROTOCOL://$CEILOMETER_SERVICE_HOST:$CEILOMETER_SERVICE_PORT"
--publicurl "$CEILOMETER_SERVICE_PROTOCOL://$CEILOMETER_SERVICE_HOST:$CEILOMETER_SERVICE_PORT/" \
--adminurl "$CEILOMETER_SERVICE_PROTOCOL://$CEILOMETER_SERVICE_HOST:$CEILOMETER_SERVICE_PORT/" \
--internalurl "$CEILOMETER_SERVICE_PROTOCOL://$CEILOMETER_SERVICE_HOST:$CEILOMETER_SERVICE_PORT/"
fi
fi
}

39
lib/cinder
View File

@ -330,45 +330,44 @@ function configure_cinder() {
# Migrated from keystone_data.sh
create_cinder_accounts() {
SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
# Cinder
if [[ "$ENABLED_SERVICES" =~ "c-api" ]]; then
CINDER_USER=$(keystone user-create \
--name=cinder \
--pass="$SERVICE_PASSWORD" \
--tenant-id $SERVICE_TENANT \
--email=cinder@example.com \
CINDER_USER=$(openstack user create \
cinder \
--password "$SERVICE_PASSWORD" \
--project $SERVICE_TENANT \
--email cinder@example.com \
| grep " id " | get_field 2)
keystone user-role-add \
--tenant-id $SERVICE_TENANT \
--user-id $CINDER_USER \
--role-id $ADMIN_ROLE
openstack role add \
$ADMIN_ROLE \
--project $SERVICE_TENANT \
--user $CINDER_USER
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
CINDER_SERVICE=$(keystone service-create \
--name=cinder \
CINDER_SERVICE=$(openstack service create \
cinder \
--type=volume \
--description="Cinder Volume Service" \
| grep " id " | get_field 2)
keystone endpoint-create \
openstack endpoint create \
$CINDER_SERVICE \
--region RegionOne \
--service_id $CINDER_SERVICE \
--publicurl "$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v1/\$(tenant_id)s" \
--adminurl "$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v1/\$(tenant_id)s" \
--internalurl "$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v1/\$(tenant_id)s"
CINDER_V2_SERVICE=$(keystone service-create \
--name=cinderv2 \
CINDER_V2_SERVICE=$(openstack service create \
cinderv2 \
--type=volumev2 \
--description="Cinder Volume Service V2" \
| grep " id " | get_field 2)
keystone endpoint-create \
openstack endpoint create \
$CINDER_V2_SERVICE \
--region RegionOne \
--service_id $CINDER_V2_SERVICE \
--publicurl "$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v2/\$(tenant_id)s" \
--adminurl "$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v2/\$(tenant_id)s" \
--internalurl "$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v2/\$(tenant_id)s"
fi
fi
}

30
lib/ironic
View File

@ -145,30 +145,30 @@ function create_ironic_cache_dir() {
# service ironic admin # if enabled
create_ironic_accounts() {
SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
# Ironic
if [[ "$ENABLED_SERVICES" =~ "ir-api" ]]; then
IRONIC_USER=$(keystone user-create \
--name=ironic \
--pass="$SERVICE_PASSWORD" \
--tenant-id $SERVICE_TENANT \
--email=ironic@example.com \
IRONIC_USER=$(openstack user create \
ironic \
--password "$SERVICE_PASSWORD" \
--project $SERVICE_TENANT \
--email ironic@example.com \
| grep " id " | get_field 2)
keystone user-role-add \
--tenant-id $SERVICE_TENANT \
--user_id $IRONIC_USER \
--role_id $ADMIN_ROLE
openstack role add \
$ADMIN_ROLE \
--project $SERVICE_TENANT \
--user $IRONIC_USER
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
IRONIC_SERVICE=$(keystone service-create \
--name=ironic \
IRONIC_SERVICE=$(openstack service create \
ironic \
--type=baremetal \
--description="Ironic baremetal provisioning service" \
| grep " id " | get_field 2)
keystone endpoint-create \
openstack endpoint create \
$IRONIC_SERVICE \
--region RegionOne \
--service_id $IRONIC_SERVICE \
--publicurl "$IRONIC_SERVICE_PROTOCOL://$IRONIC_HOSTPORT" \
--adminurl "$IRONIC_SERVICE_PROTOCOL://$IRONIC_HOSTPORT" \
--internalurl "$IRONIC_SERVICE_PROTOCOL://$IRONIC_HOSTPORT"

67
lib/keystone
View File

@ -275,60 +275,69 @@ function configure_keystone() {
create_keystone_accounts() {
# admin
ADMIN_TENANT=$(keystone tenant-create \
--name admin \
ADMIN_TENANT=$(openstack project create \
admin \
| grep " id " | get_field 2)
ADMIN_USER=$(keystone user-create \
--name admin \
--pass "$ADMIN_PASSWORD" \
ADMIN_USER=$(openstack user create \
admin \
--project "$ADMIN_TENANT" \
--email admin@example.com \
--password "$ADMIN_PASSWORD" \
| grep " id " | get_field 2)
ADMIN_ROLE=$(keystone role-create \
--name admin \
ADMIN_ROLE=$(openstack role create \
admin \
| grep " id " | get_field 2)
keystone user-role-add \
--user-id $ADMIN_USER \
--role-id $ADMIN_ROLE \
--tenant-id $ADMIN_TENANT
openstack role add \
$ADMIN_ROLE \
--project $ADMIN_TENANT \
--user $ADMIN_USER
# service
SERVICE_TENANT=$(keystone tenant-create \
--name $SERVICE_TENANT_NAME \
SERVICE_TENANT=$(openstack project create \
$SERVICE_TENANT_NAME \
| grep " id " | get_field 2)
# The Member role is used by Horizon and Swift so we need to keep it:
MEMBER_ROLE=$(keystone role-create --name=Member | grep " id " | get_field 2)
MEMBER_ROLE=$(openstack role create \
Member \
| grep " id " | get_field 2)
# ANOTHER_ROLE demonstrates that an arbitrary role may be created and used
# TODO(sleepsonthefloor): show how this can be used for rbac in the future!
ANOTHER_ROLE=$(keystone role-create --name=anotherrole | grep " id " | get_field 2)
ANOTHER_ROLE=$(openstack role create \
anotherrole \
| grep " id " | get_field 2)
# invisible tenant - admin can't see this one
INVIS_TENANT=$(keystone tenant-create --name=invisible_to_admin | grep " id " | get_field 2)
INVIS_TENANT=$(openstack project create \
invisible_to_admin \
| grep " id " | get_field 2)
# demo
DEMO_TENANT=$(keystone tenant-create \
--name=demo \
DEMO_TENANT=$(openstack project create \
demo \
| grep " id " | get_field 2)
DEMO_USER=$(keystone user-create \
--name demo \
--pass "$ADMIN_PASSWORD" \
DEMO_USER=$(openstack user create \
demo \
--project $DEMO_TENANT \
--email demo@example.com \
--password "$ADMIN_PASSWORD" \
| grep " id " | get_field 2)
keystone user-role-add --user-id $DEMO_USER --role-id $MEMBER_ROLE --tenant-id $DEMO_TENANT
keystone user-role-add --user-id $ADMIN_USER --role-id $ADMIN_ROLE --tenant-id $DEMO_TENANT
keystone user-role-add --user-id $DEMO_USER --role-id $ANOTHER_ROLE --tenant-id $DEMO_TENANT
keystone user-role-add --user-id $DEMO_USER --role-id $MEMBER_ROLE --tenant-id $INVIS_TENANT
openstack role add --project $DEMO_TENANT --user $DEMO_USER $MEMBER_ROLE
openstack role add --project $DEMO_TENANT --user $ADMIN_USER $ADMIN_ROLE
openstack role add --project $DEMO_TENANT --user $DEMO_USER $ANOTHER_ROLE
openstack role add --project $INVIS_TENANT --user $DEMO_USER $MEMBER_ROLE
# Keystone
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
KEYSTONE_SERVICE=$(keystone service-create \
--name keystone \
KEYSTONE_SERVICE=$(openstack service create \
keystone \
--type identity \
--description "Keystone Identity Service" \
| grep " id " | get_field 2)
keystone endpoint-create \
openstack endpoint create \
$KEYSTONE_SERVICE \
--region RegionOne \
--service_id $KEYSTONE_SERVICE \
--publicurl "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v$IDENTITY_API_VERSION" \
--adminurl "$KEYSTONE_AUTH_PROTOCOL://$KEYSTONE_AUTH_HOST:$KEYSTONE_AUTH_PORT/v$IDENTITY_API_VERSION" \
--internalurl "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v$IDENTITY_API_VERSION"

28
lib/marconi
View File

@ -151,27 +151,29 @@ function stop_marconi() {
}
function create_marconi_accounts() {
SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
MARCONI_USER=$(get_id keystone user-create --name=marconi \
--pass="$SERVICE_PASSWORD" \
--tenant-id $SERVICE_TENANT \
--email=marconi@example.com \
MARCONI_USER=$(openstack user create \
marconi \
--password "$SERVICE_PASSWORD" \
--project $SERVICE_TENANT \
--email marconi@example.com \
| grep " id " | get_field 2)
keystone user-role-add --tenant-id $SERVICE_TENANT \
--user-id $MARCONI_USER \
--role-id $ADMIN_ROLE
openstack role add \
$ADMIN_ROLE \
--project $SERVICE_TENANT \
--user $MARCONI_USER
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
MARCONI_SERVICE=$(keystone service-create \
--name=marconi \
MARCONI_SERVICE=$(openstack service create \
marconi \
--type=queuing \
--description="Marconi Service" \
| grep " id " | get_field 2)
keystone endpoint-create \
openstack endpoint create \
$MARCONI_SERVICE \
--region RegionOne \
--service_id $MARCONI_SERVICE \
--publicurl "http://$SERVICE_HOST:8888" \
--adminurl "http://$SERVICE_HOST:8888" \
--internalurl "http://$SERVICE_HOST:8888"

32
lib/neutron
View File

@ -332,29 +332,29 @@ function create_neutron_cache_dir() {
# Migrated from keystone_data.sh
function create_neutron_accounts() {
SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
if [[ "$ENABLED_SERVICES" =~ "q-svc" ]]; then
NEUTRON_USER=$(keystone user-create \
--name=neutron \
--pass="$SERVICE_PASSWORD" \
--tenant-id $SERVICE_TENANT \
--email=neutron@example.com \
NEUTRON_USER=$(openstack user create \
neutron \
--password "$SERVICE_PASSWORD" \
--project $SERVICE_TENANT \
--email neutron@example.com \
| grep " id " | get_field 2)
keystone user-role-add \
--tenant-id $SERVICE_TENANT \
--user-id $NEUTRON_USER \
--role-id $ADMIN_ROLE
openstack role add \
$ADMIN_ROLE \
--project $SERVICE_TENANT \
--user $NEUTRON_USER
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
NEUTRON_SERVICE=$(keystone service-create \
--name=neutron \
NEUTRON_SERVICE=$(openstack service create \
neutron \
--type=network \
--description="Neutron Service" \
| grep " id " | get_field 2)
keystone endpoint-create \
openstack endpoint create \
$NEUTRON_SERVICE \
--region RegionOne \
--service_id $NEUTRON_SERVICE \
--publicurl "http://$SERVICE_HOST:9696/" \
--adminurl "http://$SERVICE_HOST:9696/" \
--internalurl "http://$SERVICE_HOST:9696/"
@ -363,7 +363,7 @@ function create_neutron_accounts() {
}
function create_neutron_initial_network() {
TENANT_ID=$(keystone tenant-list | grep " demo " | get_field 1)
TENANT_ID=$(openstack project list | grep " demo " | get_field 1)
die_if_not_set $LINENO TENANT_ID "Failure retrieving TENANT_ID for demo"
# Create a small network

38
lib/nova
View File

@ -324,41 +324,41 @@ function configure_nova() {
# Migrated from keystone_data.sh
create_nova_accounts() {
SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
# Nova
if [[ "$ENABLED_SERVICES" =~ "n-api" ]]; then
NOVA_USER=$(keystone user-create \
--name=nova \
--pass="$SERVICE_PASSWORD" \
--tenant-id $SERVICE_TENANT \
--email=nova@example.com \
NOVA_USER=$(openstack user create \
nova \
--password "$SERVICE_PASSWORD" \
--project $SERVICE_TENANT \
--email nova@example.com \
| grep " id " | get_field 2)
keystone user-role-add \
--tenant-id $SERVICE_TENANT \
--user-id $NOVA_USER \
--role-id $ADMIN_ROLE
openstack role add \
$ADMIN_ROLE \
--project $SERVICE_TENANT \
--user $NOVA_USER
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
NOVA_SERVICE=$(keystone service-create \
--name=nova \
NOVA_SERVICE=$(openstack service create \
nova \
--type=compute \
--description="Nova Compute Service" \
| grep " id " | get_field 2)
keystone endpoint-create \
openstack endpoint create \
$NOVA_SERVICE \
--region RegionOne \
--service_id $NOVA_SERVICE \
--publicurl "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v2/\$(tenant_id)s" \
--adminurl "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v2/\$(tenant_id)s" \
--internalurl "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v2/\$(tenant_id)s"
NOVA_V3_SERVICE=$(keystone service-create \
--name=novav3 \
NOVA_V3_SERVICE=$(openstack service create \
novav3 \
--type=computev3 \
--description="Nova Compute Service V3" \
| grep " id " | get_field 2)
keystone endpoint-create \
openstack endpoint create \
$NOVA_V3_SERVICE \
--region RegionOne \
--service_id $NOVA_V3_SERVICE \
--publicurl "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v3" \
--adminurl "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v3" \
--internalurl "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v3"

30
lib/savanna
View File

@ -54,29 +54,29 @@ TEMPEST_SERVICES+=,savanna
# service savanna admin
function create_savanna_accounts() {
SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
SAVANNA_USER=$(keystone user-create \
--name=savanna \
--pass="$SERVICE_PASSWORD" \
--tenant-id $SERVICE_TENANT \
--email=savanna@example.com \
SAVANNA_USER=$(openstack user create \
savanna \
--password "$SERVICE_PASSWORD" \
--project $SERVICE_TENANT \
--email savanna@example.com \
| grep " id " | get_field 2)
keystone user-role-add \
--tenant-id $SERVICE_TENANT \
--user-id $SAVANNA_USER \
--role-id $ADMIN_ROLE
openstack role add \
$ADMIN_ROLE \
--project $SERVICE_TENANT \
--user $SAVANNA_USER
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
SAVANNA_SERVICE=$(keystone service-create \
--name=savanna \
SAVANNA_SERVICE=$(openstack service create \
savanna \
--type=data_processing \
--description="Savanna Data Processing" \
| grep " id " | get_field 2)
keystone endpoint-create \
openstack endpoint create \
$SAVANNA_SERVICE \
--region RegionOne \
--service_id $SAVANNA_SERVICE \
--publicurl "$SAVANNA_SERVICE_PROTOCOL://$SAVANNA_SERVICE_HOST:$SAVANNA_SERVICE_PORT/v1.1/\$(tenant_id)s" \
--adminurl "$SAVANNA_SERVICE_PROTOCOL://$SAVANNA_SERVICE_HOST:$SAVANNA_SERVICE_PORT/v1.1/\$(tenant_id)s" \
--internalurl "$SAVANNA_SERVICE_PROTOCOL://$SAVANNA_SERVICE_HOST:$SAVANNA_SERVICE_PORT/v1.1/\$(tenant_id)s"

48
lib/swift
View File

@ -527,39 +527,53 @@ function create_swift_accounts() {
KEYSTONE_CATALOG_BACKEND=${KEYSTONE_CATALOG_BACKEND:-sql}
SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
SWIFT_USER=$(keystone user-create --name=swift --pass="$SERVICE_PASSWORD" \
--tenant-id $SERVICE_TENANT --email=swift@example.com | grep " id " | get_field 2)
keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $SWIFT_USER --role-id $ADMIN_ROLE
SWIFT_USER=$(openstack user create \
swift \
--password "$SERVICE_PASSWORD" \
--project $SERVICE_TENANT \
--email=swift@example.com \
| grep " id " | get_field 2)
openstack role add \
$ADMIN_ROLE \
--project $SERVICE_TENANT \
--user $SWIFT_USER
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
SWIFT_SERVICE=$(keystone service-create --name=swift --type="object-store" \
--description="Swift Service" | grep " id " | get_field 2)
keystone endpoint-create \
SWIFT_SERVICE=$(openstack service create \
swift \
--type="object-store" \
--description="Swift Service" \
| grep " id " | get_field 2)
openstack endpoint create \
$SWIFT_SERVICE \
--region RegionOne \
--service_id $SWIFT_SERVICE \
--publicurl "http://$SERVICE_HOST:8080/v1/AUTH_\$(tenant_id)s" \
--adminurl "http://$SERVICE_HOST:8080" \
--internalurl "http://$SERVICE_HOST:8080/v1/AUTH_\$(tenant_id)s"
fi
SWIFT_TENANT_TEST1=$(keystone tenant-create --name=swifttenanttest1 | grep " id " | get_field 2)
SWIFT_TENANT_TEST1=$(openstack project create swifttenanttest1 | grep " id " | get_field 2)
die_if_not_set $LINENO SWIFT_TENANT_TEST1 "Failure creating SWIFT_TENANT_TEST1"
SWIFT_USER_TEST1=$(keystone user-create --name=swiftusertest1 --pass=$SWIFTUSERTEST1_PASSWORD --email=test@example.com | grep " id " | get_field 2)
SWIFT_USER_TEST1=$(openstack user create swiftusertest1 --password=$SWIFTUSERTEST1_PASSWORD \
--project "$SWIFT_TENANT_TEST1" --email=test@example.com | grep " id " | get_field 2)
die_if_not_set $LINENO SWIFT_USER_TEST1 "Failure creating SWIFT_USER_TEST1"
keystone user-role-add --user-id $SWIFT_USER_TEST1 --role-id $ADMIN_ROLE --tenant-id $SWIFT_TENANT_TEST1
openstack role add --user $SWIFT_USER_TEST1 --project $SWIFT_TENANT_TEST1 $ADMIN_ROLE
SWIFT_USER_TEST3=$(keystone user-create --name=swiftusertest3 --pass=$SWIFTUSERTEST3_PASSWORD --email=test3@example.com | grep " id " | get_field 2)
SWIFT_USER_TEST3=$(openstack user create swiftusertest3 --password=$SWIFTUSERTEST3_PASSWORD \
--project "$SWIFT_TENANT_TEST1" --email=test3@example.com | grep " id " | get_field 2)
die_if_not_set $LINENO SWIFT_USER_TEST3 "Failure creating SWIFT_USER_TEST3"
keystone user-role-add --user-id $SWIFT_USER_TEST3 --role-id $ANOTHER_ROLE --tenant-id $SWIFT_TENANT_TEST1
openstack role add --user $SWIFT_USER_TEST3 --project $SWIFT_TENANT_TEST1 $ANOTHER_ROLE
SWIFT_TENANT_TEST2=$(keystone tenant-create --name=swifttenanttest2 | grep " id " | get_field 2)
SWIFT_TENANT_TEST2=$(openstack project create swifttenanttest2 | grep " id " | get_field 2)
die_if_not_set $LINENO SWIFT_TENANT_TEST2 "Failure creating SWIFT_TENANT_TEST2"
SWIFT_USER_TEST2=$(keystone user-create --name=swiftusertest2 --pass=$SWIFTUSERTEST2_PASSWORD --email=test2@example.com | grep " id " | get_field 2)
SWIFT_USER_TEST2=$(openstack user create swiftusertest2 --password=$SWIFTUSERTEST2_PASSWORD \
--project "$SWIFT_TENANT_TEST2" --email=test2@example.com | grep " id " | get_field 2)
die_if_not_set $LINENO SWIFT_USER_TEST2 "Failure creating SWIFT_USER_TEST2"
keystone user-role-add --user-id $SWIFT_USER_TEST2 --role-id $ADMIN_ROLE --tenant-id $SWIFT_TENANT_TEST2
openstack role add --user $SWIFT_USER_TEST2 --project $SWIFT_TENANT_TEST2 $ADMIN_ROLE
}
# init_swift() - Initialize rings

29
lib/trove
View File

@ -71,28 +71,29 @@ function setup_trove_logging() {
create_trove_accounts() {
# Trove
SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
SERVICE_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
SERVICE_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
if [[ "$ENABLED_SERVICES" =~ "trove" ]]; then
TROVE_USER=$(keystone user-create \
--name=trove \
--pass="$SERVICE_PASSWORD" \
--tenant-id $SERVICE_TENANT \
--email=trove@example.com \
TROVE_USER=$(openstack user create \
trove \
--password "$SERVICE_PASSWORD" \
--project $SERVICE_TENANT \
--email trove@example.com \
| grep " id " | get_field 2)
keystone user-role-add --tenant-id $SERVICE_TENANT \
--user-id $TROVE_USER \
--role-id $SERVICE_ROLE
openstack role add \
$SERVICE_ROLE \
--project $SERVICE_TENANT \
--user $TROVE_USER
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
TROVE_SERVICE=$(keystone service-create \
--name=trove \
TROVE_SERVICE=$(openstack service create
trove \
--type=database \
--description="Trove Service" \
| grep " id " | get_field 2)
keystone endpoint-create \
openstack endpoint create \
$TROVE_SERVICE \
--region RegionOne \
--service_id $TROVE_SERVICE \
--publicurl "http://$SERVICE_HOST:8779/v1.0/\$(tenant_id)s" \
--adminurl "http://$SERVICE_HOST:8779/v1.0/\$(tenant_id)s" \
--internalurl "http://$SERVICE_HOST:8779/v1.0/\$(tenant_id)s"

4
stack.sh
View File

@ -925,6 +925,9 @@ if is_service_enabled key; then
# Do the keystone-specific bits from keystone_data.sh
export OS_SERVICE_TOKEN=$SERVICE_TOKEN
export OS_SERVICE_ENDPOINT=$SERVICE_ENDPOINT
# Add temporarily to make openstackclient work
export OS_TOKEN=$SERVICE_TOKEN
export OS_URL=$SERVICE_ENDPOINT
create_keystone_accounts
create_nova_accounts
create_cinder_accounts
@ -947,6 +950,7 @@ if is_service_enabled key; then
bash -x $FILES/keystone_data.sh
# Set up auth creds now that keystone is bootstrapped
unset OS_TOKEN OS_URL
export OS_AUTH_URL=$SERVICE_ENDPOINT
export OS_TENANT_NAME=admin
export OS_USERNAME=admin