Merge "Move Nova account creation out of keystone_data.sh"
This commit is contained in:
commit
63ea3185de
@ -5,7 +5,6 @@
|
|||||||
# Tenant User Roles
|
# Tenant User Roles
|
||||||
# ------------------------------------------------------------------
|
# ------------------------------------------------------------------
|
||||||
# service glance admin
|
# service glance admin
|
||||||
# service nova admin, [ResellerAdmin (swift only)]
|
|
||||||
# service quantum admin # if enabled
|
# service quantum admin # if enabled
|
||||||
# service swift admin # if enabled
|
# service swift admin # if enabled
|
||||||
# service cinder admin # if enabled
|
# service cinder admin # if enabled
|
||||||
@ -53,29 +52,8 @@ RESELLER_ROLE=$(get_id keystone role-create --name=ResellerAdmin)
|
|||||||
# Services
|
# Services
|
||||||
# --------
|
# --------
|
||||||
|
|
||||||
# Nova
|
if [[ "$ENABLED_SERVICES" =~ "n-api" ]] && [[ "$ENABLED_SERVICES" =~ "swift" ]]; then
|
||||||
if [[ "$ENABLED_SERVICES" =~ "n-api" ]]; then
|
NOVA_USER=$(keystone user-list | awk "/ nova / { print \$2 }")
|
||||||
NOVA_USER=$(get_id keystone user-create \
|
|
||||||
--name=nova \
|
|
||||||
--pass="$SERVICE_PASSWORD" \
|
|
||||||
--tenant_id $SERVICE_TENANT \
|
|
||||||
--email=nova@example.com)
|
|
||||||
keystone user-role-add \
|
|
||||||
--tenant_id $SERVICE_TENANT \
|
|
||||||
--user_id $NOVA_USER \
|
|
||||||
--role_id $ADMIN_ROLE
|
|
||||||
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
|
|
||||||
NOVA_SERVICE=$(get_id keystone service-create \
|
|
||||||
--name=nova \
|
|
||||||
--type=compute \
|
|
||||||
--description="Nova Compute Service")
|
|
||||||
keystone endpoint-create \
|
|
||||||
--region RegionOne \
|
|
||||||
--service_id $NOVA_SERVICE \
|
|
||||||
--publicurl "http://$SERVICE_HOST:\$(compute_port)s/v2/\$(tenant_id)s" \
|
|
||||||
--adminurl "http://$SERVICE_HOST:\$(compute_port)s/v2/\$(tenant_id)s" \
|
|
||||||
--internalurl "http://$SERVICE_HOST:\$(compute_port)s/v2/\$(tenant_id)s"
|
|
||||||
fi
|
|
||||||
# Nova needs ResellerAdmin role to download images when accessing
|
# Nova needs ResellerAdmin role to download images when accessing
|
||||||
# swift through the s3 api.
|
# swift through the s3 api.
|
||||||
keystone user-role-add \
|
keystone user-role-add \
|
||||||
|
40
lib/nova
40
lib/nova
@ -277,6 +277,46 @@ EOF'
|
|||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# create_nova_accounts() - Set up common required nova accounts
|
||||||
|
|
||||||
|
# Tenant User Roles
|
||||||
|
# ------------------------------------------------------------------
|
||||||
|
# service nova admin, [ResellerAdmin (swift only)]
|
||||||
|
|
||||||
|
# Migrated from keystone_data.sh
|
||||||
|
create_nova_accounts() {
|
||||||
|
|
||||||
|
SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
|
||||||
|
ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
|
||||||
|
|
||||||
|
# Nova
|
||||||
|
if [[ "$ENABLED_SERVICES" =~ "n-api" ]]; then
|
||||||
|
NOVA_USER=$(keystone user-create \
|
||||||
|
--name=nova \
|
||||||
|
--pass="$SERVICE_PASSWORD" \
|
||||||
|
--tenant_id $SERVICE_TENANT \
|
||||||
|
--email=nova@example.com \
|
||||||
|
| grep " id " | get_field 2)
|
||||||
|
keystone user-role-add \
|
||||||
|
--tenant_id $SERVICE_TENANT \
|
||||||
|
--user_id $NOVA_USER \
|
||||||
|
--role_id $ADMIN_ROLE
|
||||||
|
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
|
||||||
|
NOVA_SERVICE=$(keystone service-create \
|
||||||
|
--name=nova \
|
||||||
|
--type=compute \
|
||||||
|
--description="Nova Compute Service" \
|
||||||
|
| grep " id " | get_field 2)
|
||||||
|
keystone endpoint-create \
|
||||||
|
--region RegionOne \
|
||||||
|
--service_id $NOVA_SERVICE \
|
||||||
|
--publicurl "http://$SERVICE_HOST:\$(compute_port)s/v2/\$(tenant_id)s" \
|
||||||
|
--adminurl "http://$SERVICE_HOST:\$(compute_port)s/v2/\$(tenant_id)s" \
|
||||||
|
--internalurl "http://$SERVICE_HOST:\$(compute_port)s/v2/\$(tenant_id)s"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
# create_nova_conf() - Create a new nova.conf file
|
# create_nova_conf() - Create a new nova.conf file
|
||||||
function create_nova_conf() {
|
function create_nova_conf() {
|
||||||
# Remove legacy ``nova.conf``
|
# Remove legacy ``nova.conf``
|
||||||
|
1
stack.sh
1
stack.sh
@ -940,6 +940,7 @@ if is_service_enabled key; then
|
|||||||
export OS_SERVICE_TOKEN=$SERVICE_TOKEN
|
export OS_SERVICE_TOKEN=$SERVICE_TOKEN
|
||||||
export OS_SERVICE_ENDPOINT=$SERVICE_ENDPOINT
|
export OS_SERVICE_ENDPOINT=$SERVICE_ENDPOINT
|
||||||
create_keystone_accounts
|
create_keystone_accounts
|
||||||
|
create_nova_accounts
|
||||||
|
|
||||||
# ``keystone_data.sh`` creates services, admin and demo users, and roles.
|
# ``keystone_data.sh`` creates services, admin and demo users, and roles.
|
||||||
ADMIN_PASSWORD=$ADMIN_PASSWORD SERVICE_TENANT_NAME=$SERVICE_TENANT_NAME SERVICE_PASSWORD=$SERVICE_PASSWORD \
|
ADMIN_PASSWORD=$ADMIN_PASSWORD SERVICE_TENANT_NAME=$SERVICE_TENANT_NAME SERVICE_PASSWORD=$SERVICE_PASSWORD \
|
||||||
|
Loading…
Reference in New Issue
Block a user