Merge "Move Nova account creation out of keystone_data.sh"

This commit is contained in:
Jenkins 2012-12-12 15:03:06 +00:00 committed by Gerrit Code Review
commit 63ea3185de
3 changed files with 43 additions and 24 deletions

View File

@ -5,7 +5,6 @@
# Tenant User Roles
# ------------------------------------------------------------------
# service glance admin
# service nova admin, [ResellerAdmin (swift only)]
# service quantum admin # if enabled
# service swift admin # if enabled
# service cinder admin # if enabled
@ -53,29 +52,8 @@ RESELLER_ROLE=$(get_id keystone role-create --name=ResellerAdmin)
# Services
# --------
# Nova
if [[ "$ENABLED_SERVICES" =~ "n-api" ]]; then
NOVA_USER=$(get_id keystone user-create \
--name=nova \
--pass="$SERVICE_PASSWORD" \
--tenant_id $SERVICE_TENANT \
--email=nova@example.com)
keystone user-role-add \
--tenant_id $SERVICE_TENANT \
--user_id $NOVA_USER \
--role_id $ADMIN_ROLE
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
NOVA_SERVICE=$(get_id keystone service-create \
--name=nova \
--type=compute \
--description="Nova Compute Service")
keystone endpoint-create \
--region RegionOne \
--service_id $NOVA_SERVICE \
--publicurl "http://$SERVICE_HOST:\$(compute_port)s/v2/\$(tenant_id)s" \
--adminurl "http://$SERVICE_HOST:\$(compute_port)s/v2/\$(tenant_id)s" \
--internalurl "http://$SERVICE_HOST:\$(compute_port)s/v2/\$(tenant_id)s"
fi
if [[ "$ENABLED_SERVICES" =~ "n-api" ]] && [[ "$ENABLED_SERVICES" =~ "swift" ]]; then
NOVA_USER=$(keystone user-list | awk "/ nova / { print \$2 }")
# Nova needs ResellerAdmin role to download images when accessing
# swift through the s3 api.
keystone user-role-add \

View File

@ -277,6 +277,46 @@ EOF'
fi
}
# create_nova_accounts() - Set up common required nova accounts
# Tenant User Roles
# ------------------------------------------------------------------
# service nova admin, [ResellerAdmin (swift only)]
# Migrated from keystone_data.sh
create_nova_accounts() {
SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
# Nova
if [[ "$ENABLED_SERVICES" =~ "n-api" ]]; then
NOVA_USER=$(keystone user-create \
--name=nova \
--pass="$SERVICE_PASSWORD" \
--tenant_id $SERVICE_TENANT \
--email=nova@example.com \
| grep " id " | get_field 2)
keystone user-role-add \
--tenant_id $SERVICE_TENANT \
--user_id $NOVA_USER \
--role_id $ADMIN_ROLE
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
NOVA_SERVICE=$(keystone service-create \
--name=nova \
--type=compute \
--description="Nova Compute Service" \
| grep " id " | get_field 2)
keystone endpoint-create \
--region RegionOne \
--service_id $NOVA_SERVICE \
--publicurl "http://$SERVICE_HOST:\$(compute_port)s/v2/\$(tenant_id)s" \
--adminurl "http://$SERVICE_HOST:\$(compute_port)s/v2/\$(tenant_id)s" \
--internalurl "http://$SERVICE_HOST:\$(compute_port)s/v2/\$(tenant_id)s"
fi
fi
}
# create_nova_conf() - Create a new nova.conf file
function create_nova_conf() {
# Remove legacy ``nova.conf``

View File

@ -940,6 +940,7 @@ if is_service_enabled key; then
export OS_SERVICE_TOKEN=$SERVICE_TOKEN
export OS_SERVICE_ENDPOINT=$SERVICE_ENDPOINT
create_keystone_accounts
create_nova_accounts
# ``keystone_data.sh`` creates services, admin and demo users, and roles.
ADMIN_PASSWORD=$ADMIN_PASSWORD SERVICE_TENANT_NAME=$SERVICE_TENANT_NAME SERVICE_PASSWORD=$SERVICE_PASSWORD \