From 9a808922c194929bff88bdc7dca4f8e2431de1a4 Mon Sep 17 00:00:00 2001 From: Peter Stachowski Date: Wed, 8 Apr 2015 19:48:09 +0000 Subject: [PATCH] Use openstack CLI instead of keystone When running './stack.sh' messages are output stating that the keystone CLI has been deprecated. These calls should be replaced to ones utilizing the openstack CLI program instead. Documentation examples were also updated to reflect the new syntax. Change-Id: Ib20b8940e317d150e5f6febb618e20bd85d13f8b Closes-Bug: #1441340 --- doc/source/eucarc.rst | 6 +++--- doc/source/guides/multinode-lab.rst | 26 +++++++++++++------------- eucarc | 4 ++-- exercises/client-args.sh | 2 +- lib/ironic | 2 +- stack.sh | 2 +- tools/upload_image.sh | 2 +- 7 files changed, 22 insertions(+), 22 deletions(-) diff --git a/doc/source/eucarc.rst b/doc/source/eucarc.rst index 1284b8883b..c2ecbc6732 100644 --- a/doc/source/eucarc.rst +++ b/doc/source/eucarc.rst @@ -13,7 +13,7 @@ EC2\_URL :: - EC2_URL=$(keystone catalog --service ec2 | awk '/ publicURL / { print $4 }') + EC2_URL=$(openstack catalog show ec2 | awk '/ publicURL: / { print $4 }') S3\_URL Set the S3 endpoint for euca2ools. The endpoint is extracted from @@ -21,14 +21,14 @@ S3\_URL :: - export S3_URL=$(keystone catalog --service s3 | awk '/ publicURL / { print $4 }') + export S3_URL=$(openstack catalog show s3 | awk '/ publicURL: / { print $4 }') EC2\_ACCESS\_KEY, EC2\_SECRET\_KEY Create EC2 credentials for the current tenant:user in Keystone. :: - CREDS=$(keystone ec2-credentials-create) + CREDS=$(openstack ec2 credentials create) export EC2_ACCESS_KEY=$(echo "$CREDS" | awk '/ access / { print $4 }') export EC2_SECRET_KEY=$(echo "$CREDS" | awk '/ secret / { print $4 }') diff --git a/doc/source/guides/multinode-lab.rst b/doc/source/guides/multinode-lab.rst index ff81c93975..d963243fa8 100644 --- a/doc/source/guides/multinode-lab.rst +++ b/doc/source/guides/multinode-lab.rst @@ -229,10 +229,10 @@ Additional Users ---------------- DevStack creates two OpenStack users (``admin`` and ``demo``) and two -tenants (also ``admin`` and ``demo``). ``admin`` is exactly what it +projects (also ``admin`` and ``demo``). ``admin`` is exactly what it sounds like, a privileged administrative account that is a member of -both the ``admin`` and ``demo`` tenants. ``demo`` is a normal user -account that is only a member of the ``demo`` tenant. Creating +both the ``admin`` and ``demo`` projects. ``demo`` is a normal user +account that is only a member of the ``demo`` project. Creating additional OpenStack users can be done through the dashboard, sometimes it is easier to do them in bulk from a script, especially since they get blown away every time ``stack.sh`` runs. The following steps are ripe @@ -243,21 +243,21 @@ for scripting: # Get admin creds . openrc admin admin - # List existing tenants - keystone tenant-list + # List existing projects + openstack project list # List existing users - keystone user-list + openstack user list - # Add a user and tenant + # Add a user and project NAME=bob PASSWORD=BigSecrete - TENANT=$NAME - keystone tenant-create --name=$NAME - keystone user-create --name=$NAME --pass=$PASSWORD - keystone user-role-add --user-id= --tenant-id= --role-id= - # member-role-id comes from the existing member role created by stack.sh - # keystone role-list + PROJECT=$NAME + openstack project create $PROJECT + openstack user create $NAME --password=$PASSWORD --project $PROJECT + openstack role add Member --user $NAME --project $PROJECT + # The Member role is created by stack.sh + # openstack role list Swift ----- diff --git a/eucarc b/eucarc index 343f4ccde2..1e672bd932 100644 --- a/eucarc +++ b/eucarc @@ -19,7 +19,7 @@ RC_DIR=$(cd $(dirname "${BASH_SOURCE:-$0}") && pwd) source $RC_DIR/openrc # Set the ec2 url so euca2ools works -export EC2_URL=$(keystone catalog --service ec2 | awk '/ publicURL / { print $4 }') +export EC2_URL=$(openstack catalog show ec2 | awk '/ publicURL: / { print $4 }') # Create EC2 credentials for the current user CREDS=$(openstack ec2 credentials create) @@ -29,7 +29,7 @@ export EC2_SECRET_KEY=$(echo "$CREDS" | awk '/ secret / { print $4 }') # Euca2ools Certificate stuff for uploading bundles # See exercises/bundle.sh to see how to get certs using nova cli NOVA_KEY_DIR=${NOVA_KEY_DIR:-$RC_DIR} -export S3_URL=$(keystone catalog --service s3 | awk '/ publicURL / { print $4 }') +export S3_URL=$(openstack catalog show s3 | awk '/ publicURL: / { print $4 }') export EC2_USER_ID=42 # nova does not use user id, but bundling requires it export EC2_PRIVATE_KEY=${NOVA_KEY_DIR}/pk.pem export EC2_CERT=${NOVA_KEY_DIR}/cert.pem diff --git a/exercises/client-args.sh b/exercises/client-args.sh index 2f85d98d8f..c33ef44e9a 100755 --- a/exercises/client-args.sh +++ b/exercises/client-args.sh @@ -69,7 +69,7 @@ if [[ "$ENABLED_SERVICES" =~ "key" ]]; then STATUS_KEYSTONE="Skipped" else echo -e "\nTest Keystone" - if keystone $TENANT_ARG $ARGS catalog --service identity; then + if openstack $TENANT_ARG $ARGS catalog show identity; then STATUS_KEYSTONE="Succeeded" else STATUS_KEYSTONE="Failed" diff --git a/lib/ironic b/lib/ironic index 7afed052e9..4ac0100410 100644 --- a/lib/ironic +++ b/lib/ironic @@ -765,7 +765,7 @@ function upload_baremetal_ironic_deploy { fi fi - local token=$(keystone token-get | grep ' id ' | get_field 2) + local token=$(openstack token issue -c id -f value) die_if_not_set $LINENO token "Keystone fail to get token" # load them into glance diff --git a/stack.sh b/stack.sh index 9ecc49c7ca..af44feb901 100755 --- a/stack.sh +++ b/stack.sh @@ -1173,7 +1173,7 @@ fi # See https://help.ubuntu.com/community/CloudInit for more on ``cloud-init`` if is_service_enabled g-reg; then - TOKEN=$(keystone token-get | grep ' id ' | get_field 2) + TOKEN=$(openstack token issue -c id -f value) die_if_not_set $LINENO TOKEN "Keystone fail to get token" echo_summary "Uploading images" diff --git a/tools/upload_image.sh b/tools/upload_image.sh index 5d23f31b9c..19c6b71976 100755 --- a/tools/upload_image.sh +++ b/tools/upload_image.sh @@ -32,7 +32,7 @@ if [[ -z "$1" ]]; then fi # Get a token to authenticate to glance -TOKEN=$(keystone token-get | grep ' id ' | get_field 2) +TOKEN=$(openstack token issue -c id -f value) die_if_not_set $LINENO TOKEN "Keystone fail to get token" # Glance connection info. Note the port must be specified.