diff --git a/ansible/roles/keystone/tasks/bootstrap.yml b/ansible/roles/keystone/tasks/bootstrap.yml index 98610db349..c78e9347f4 100644 --- a/ansible/roles/keystone/tasks/bootstrap.yml +++ b/ansible/roles/keystone/tasks/bootstrap.yml @@ -8,6 +8,13 @@ container_environment: KOLLA_BOOTSTRAP: KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" + KEYSTONE_ADMIN_PASSWORD: "{{ keystone_admin_password }}" + REGION_NAME: "{{ openstack_region_name }}" + PUBLIC_URL: "http://{{ kolla_external_address }}:{{ keystone_public_port }}/v2.0" + INTERNAL_URL: "http://{{ kolla_internal_address }}:{{ keystone_public_port }}/v2.0" + ADMIN_URL: "http://{{ kolla_internal_address }}:{{ keystone_admin_port }}/v2.0" + OS_TOKEN: "{{ keystone_admin_token }}" + OS_URL: "http://{{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}:{{ keystone_admin_port }}/v2.0" container_image: "{{ docker_keystone_image_full }}" container_name: "bootstrap_keystone" container_restart_policy: "no" diff --git a/docker/centos/binary/keystone/Dockerfile b/docker/centos/binary/keystone/Dockerfile index e05db2fded..891d01ad86 100644 --- a/docker/centos/binary/keystone/Dockerfile +++ b/docker/centos/binary/keystone/Dockerfile @@ -3,17 +3,18 @@ MAINTAINER Kolla Project (https://launchpad.net/kolla) RUN yum -y install openstack-keystone \ python-keystoneclient \ + python-openstackclient \ httpd \ mod_wsgi \ && yum clean all -RUN mkdir -p /var/www/cgi-bin/keystone +RUN mkdir -p /var/www/cgi-bin/keystone /var/log/keystone RUN cp -a /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d RUN sed -i 's,/var/log/apache2,/var/log/httpd,' /etc/httpd/conf.d/wsgi-keystone.conf RUN sed -i -r 's,^(Listen 80),#\1,' /etc/httpd/conf/httpd.conf RUN cp -a /usr/share/keystone/keystone.wsgi /var/www/cgi-bin/keystone/main RUN cp -a /usr/share/keystone/keystone.wsgi /var/www/cgi-bin/keystone/admin -RUN chown -R keystone:keystone /var/www/cgi-bin/keystone +RUN chown -R keystone: /var/www/cgi-bin/keystone /var/log/keystone RUN chmod 755 /var/www/cgi-bin/keystone/* # Add start-up and check scripts diff --git a/docker/common/keystone/start.sh b/docker/common/keystone/start.sh index a7b2462b32..9a184787df 100755 --- a/docker/common/keystone/start.sh +++ b/docker/common/keystone/start.sh @@ -15,6 +15,23 @@ set_configs # of the KOLLA_BOOTSTRAP variable being set, including empty. if [[ "${!KOLLA_BOOTSTRAP[@]}" ]]; then su -s /bin/sh -c "keystone-manage db_sync" keystone + + # Start the api to set initial endpoint and users with the admin_token + $CMD + sleep 5 + + openstack service create --name keystone \ + --description "OpenStack Identity" identity + openstack endpoint create --region "${REGION_NAME}" \ + --publicurl "${PUBLIC_URL}" \ + --internalurl "${INTERNAL_URL}" \ + --adminurl "${ADMIN_URL}" identity + + openstack project create --description "Admin Project" admin + openstack user create --password "${KEYSTONE_ADMIN_PASSWORD}" admin + openstack role create admin + openstack role add --project admin --user admin admin + exit 0 fi diff --git a/etc/kolla/globals.yml b/etc/kolla/globals.yml index 4a0b8dddc0..09ae1f0428 100644 --- a/etc/kolla/globals.yml +++ b/etc/kolla/globals.yml @@ -65,10 +65,13 @@ neutron_interface: "{{ network_interface }}" # Openstack options #################### openstack_release: "latest" - openstack_logging_verbose: "True" openstack_logging_debug: "False" +openstack_region_name: "RegionOne" +keystone_public_port: "5000" +keystone_admin_port: "35357" + #################### # RabbitMQ options diff --git a/etc/kolla/passwords.yml b/etc/kolla/passwords.yml index 8d2c9c9346..204d68c9c3 100644 --- a/etc/kolla/passwords.yml +++ b/etc/kolla/passwords.yml @@ -19,6 +19,7 @@ docker_registry_password: # Openstack options #################### keystone_admin_token: "password" +keystone_admin_password: "password" keystone_database_password: "password"