Move Nova account creation out of keystone_data.sh

Supports the coming HA/proxy configuration for Nova

Change-Id: I2baf1f51486537a1489f1376d38f5710bd96c314
This commit is contained in:
Dean Troyer 2012-12-11 16:52:37 -06:00
parent 00626a3186
commit a0dce264d9
3 changed files with 43 additions and 24 deletions

View File

@ -5,7 +5,6 @@
# Tenant User Roles # Tenant User Roles
# ------------------------------------------------------------------ # ------------------------------------------------------------------
# service glance admin # service glance admin
# service nova admin, [ResellerAdmin (swift only)]
# service quantum admin # if enabled # service quantum admin # if enabled
# service swift admin # if enabled # service swift admin # if enabled
# service cinder admin # if enabled # service cinder admin # if enabled
@ -53,29 +52,8 @@ RESELLER_ROLE=$(get_id keystone role-create --name=ResellerAdmin)
# Services # Services
# -------- # --------
# Nova if [[ "$ENABLED_SERVICES" =~ "n-api" ]] && [[ "$ENABLED_SERVICES" =~ "swift" ]]; then
if [[ "$ENABLED_SERVICES" =~ "n-api" ]]; then NOVA_USER=$(keystone user-list | awk "/ nova / { print \$2 }")
NOVA_USER=$(get_id keystone user-create \
--name=nova \
--pass="$SERVICE_PASSWORD" \
--tenant_id $SERVICE_TENANT \
--email=nova@example.com)
keystone user-role-add \
--tenant_id $SERVICE_TENANT \
--user_id $NOVA_USER \
--role_id $ADMIN_ROLE
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
NOVA_SERVICE=$(get_id keystone service-create \
--name=nova \
--type=compute \
--description="Nova Compute Service")
keystone endpoint-create \
--region RegionOne \
--service_id $NOVA_SERVICE \
--publicurl "http://$SERVICE_HOST:\$(compute_port)s/v2/\$(tenant_id)s" \
--adminurl "http://$SERVICE_HOST:\$(compute_port)s/v2/\$(tenant_id)s" \
--internalurl "http://$SERVICE_HOST:\$(compute_port)s/v2/\$(tenant_id)s"
fi
# Nova needs ResellerAdmin role to download images when accessing # Nova needs ResellerAdmin role to download images when accessing
# swift through the s3 api. # swift through the s3 api.
keystone user-role-add \ keystone user-role-add \

View File

@ -277,6 +277,46 @@ EOF'
fi fi
} }
# create_nova_accounts() - Set up common required nova accounts
# Tenant User Roles
# ------------------------------------------------------------------
# service nova admin, [ResellerAdmin (swift only)]
# Migrated from keystone_data.sh
create_nova_accounts() {
SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
# Nova
if [[ "$ENABLED_SERVICES" =~ "n-api" ]]; then
NOVA_USER=$(keystone user-create \
--name=nova \
--pass="$SERVICE_PASSWORD" \
--tenant_id $SERVICE_TENANT \
--email=nova@example.com \
| grep " id " | get_field 2)
keystone user-role-add \
--tenant_id $SERVICE_TENANT \
--user_id $NOVA_USER \
--role_id $ADMIN_ROLE
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
NOVA_SERVICE=$(keystone service-create \
--name=nova \
--type=compute \
--description="Nova Compute Service" \
| grep " id " | get_field 2)
keystone endpoint-create \
--region RegionOne \
--service_id $NOVA_SERVICE \
--publicurl "http://$SERVICE_HOST:\$(compute_port)s/v2/\$(tenant_id)s" \
--adminurl "http://$SERVICE_HOST:\$(compute_port)s/v2/\$(tenant_id)s" \
--internalurl "http://$SERVICE_HOST:\$(compute_port)s/v2/\$(tenant_id)s"
fi
fi
}
# create_nova_conf() - Create a new nova.conf file # create_nova_conf() - Create a new nova.conf file
function create_nova_conf() { function create_nova_conf() {
# Remove legacy ``nova.conf`` # Remove legacy ``nova.conf``

View File

@ -934,6 +934,7 @@ if is_service_enabled key; then
export OS_SERVICE_TOKEN=$SERVICE_TOKEN export OS_SERVICE_TOKEN=$SERVICE_TOKEN
export OS_SERVICE_ENDPOINT=$SERVICE_ENDPOINT export OS_SERVICE_ENDPOINT=$SERVICE_ENDPOINT
create_keystone_accounts create_keystone_accounts
create_nova_accounts
# ``keystone_data.sh`` creates services, admin and demo users, and roles. # ``keystone_data.sh`` creates services, admin and demo users, and roles.
ADMIN_PASSWORD=$ADMIN_PASSWORD SERVICE_TENANT_NAME=$SERVICE_TENANT_NAME SERVICE_PASSWORD=$SERVICE_PASSWORD \ ADMIN_PASSWORD=$ADMIN_PASSWORD SERVICE_TENANT_NAME=$SERVICE_TENANT_NAME SERVICE_PASSWORD=$SERVICE_PASSWORD \