Merge "Move Nova account creation out of keystone_data.sh"
This commit is contained in:
commit
63ea3185de
@ -5,7 +5,6 @@
|
||||
# Tenant User Roles
|
||||
# ------------------------------------------------------------------
|
||||
# service glance admin
|
||||
# service nova admin, [ResellerAdmin (swift only)]
|
||||
# service quantum admin # if enabled
|
||||
# service swift admin # if enabled
|
||||
# service cinder admin # if enabled
|
||||
@ -53,29 +52,8 @@ RESELLER_ROLE=$(get_id keystone role-create --name=ResellerAdmin)
|
||||
# Services
|
||||
# --------
|
||||
|
||||
# Nova
|
||||
if [[ "$ENABLED_SERVICES" =~ "n-api" ]]; then
|
||||
NOVA_USER=$(get_id keystone user-create \
|
||||
--name=nova \
|
||||
--pass="$SERVICE_PASSWORD" \
|
||||
--tenant_id $SERVICE_TENANT \
|
||||
--email=nova@example.com)
|
||||
keystone user-role-add \
|
||||
--tenant_id $SERVICE_TENANT \
|
||||
--user_id $NOVA_USER \
|
||||
--role_id $ADMIN_ROLE
|
||||
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
|
||||
NOVA_SERVICE=$(get_id keystone service-create \
|
||||
--name=nova \
|
||||
--type=compute \
|
||||
--description="Nova Compute Service")
|
||||
keystone endpoint-create \
|
||||
--region RegionOne \
|
||||
--service_id $NOVA_SERVICE \
|
||||
--publicurl "http://$SERVICE_HOST:\$(compute_port)s/v2/\$(tenant_id)s" \
|
||||
--adminurl "http://$SERVICE_HOST:\$(compute_port)s/v2/\$(tenant_id)s" \
|
||||
--internalurl "http://$SERVICE_HOST:\$(compute_port)s/v2/\$(tenant_id)s"
|
||||
fi
|
||||
if [[ "$ENABLED_SERVICES" =~ "n-api" ]] && [[ "$ENABLED_SERVICES" =~ "swift" ]]; then
|
||||
NOVA_USER=$(keystone user-list | awk "/ nova / { print \$2 }")
|
||||
# Nova needs ResellerAdmin role to download images when accessing
|
||||
# swift through the s3 api.
|
||||
keystone user-role-add \
|
||||
|
40
lib/nova
40
lib/nova
@ -277,6 +277,46 @@ EOF'
|
||||
fi
|
||||
}
|
||||
|
||||
# create_nova_accounts() - Set up common required nova accounts
|
||||
|
||||
# Tenant User Roles
|
||||
# ------------------------------------------------------------------
|
||||
# service nova admin, [ResellerAdmin (swift only)]
|
||||
|
||||
# Migrated from keystone_data.sh
|
||||
create_nova_accounts() {
|
||||
|
||||
SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
|
||||
ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
|
||||
|
||||
# Nova
|
||||
if [[ "$ENABLED_SERVICES" =~ "n-api" ]]; then
|
||||
NOVA_USER=$(keystone user-create \
|
||||
--name=nova \
|
||||
--pass="$SERVICE_PASSWORD" \
|
||||
--tenant_id $SERVICE_TENANT \
|
||||
--email=nova@example.com \
|
||||
| grep " id " | get_field 2)
|
||||
keystone user-role-add \
|
||||
--tenant_id $SERVICE_TENANT \
|
||||
--user_id $NOVA_USER \
|
||||
--role_id $ADMIN_ROLE
|
||||
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
|
||||
NOVA_SERVICE=$(keystone service-create \
|
||||
--name=nova \
|
||||
--type=compute \
|
||||
--description="Nova Compute Service" \
|
||||
| grep " id " | get_field 2)
|
||||
keystone endpoint-create \
|
||||
--region RegionOne \
|
||||
--service_id $NOVA_SERVICE \
|
||||
--publicurl "http://$SERVICE_HOST:\$(compute_port)s/v2/\$(tenant_id)s" \
|
||||
--adminurl "http://$SERVICE_HOST:\$(compute_port)s/v2/\$(tenant_id)s" \
|
||||
--internalurl "http://$SERVICE_HOST:\$(compute_port)s/v2/\$(tenant_id)s"
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
# create_nova_conf() - Create a new nova.conf file
|
||||
function create_nova_conf() {
|
||||
# Remove legacy ``nova.conf``
|
||||
|
1
stack.sh
1
stack.sh
@ -940,6 +940,7 @@ if is_service_enabled key; then
|
||||
export OS_SERVICE_TOKEN=$SERVICE_TOKEN
|
||||
export OS_SERVICE_ENDPOINT=$SERVICE_ENDPOINT
|
||||
create_keystone_accounts
|
||||
create_nova_accounts
|
||||
|
||||
# ``keystone_data.sh`` creates services, admin and demo users, and roles.
|
||||
ADMIN_PASSWORD=$ADMIN_PASSWORD SERVICE_TENANT_NAME=$SERVICE_TENANT_NAME SERVICE_PASSWORD=$SERVICE_PASSWORD \
|
||||
|
Loading…
Reference in New Issue
Block a user