stackube/install/openstack/deploy_openstack_keystone.sh

#!/bin/bash
# Copyright (c) 2017 OpenStack Foundation.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

#
# Dependencies:
#
# - ``OPENSTACK_ENDPOINT_IP``, ``KEYSTONE_API_IP``
# - ``MYSQL_HOST``, ``MYSQL_ROOT_PWD``
# - ``MYSQL_KEYSTONE_PWD``, ``KEYSTONE_ADMIN_PWD``  must be defined
#

programDir=`dirname $0`
programDir=$(readlink -f $programDir)
parentDir="$(dirname $programDir)"
programDirBaseName=$(basename $programDir)

set -o errexit
set -o nounset
set -o pipefail
set -x


## create db
docker exec stackube_openstack_kolla_toolbox /usr/bin/ansible localhost -m mysql_db  \
    -a "login_host=${MYSQL_HOST}
        login_port=3306
        login_user=root
        login_password=${MYSQL_ROOT_PWD}
        name=keystone"

docker exec stackube_openstack_kolla_toolbox /usr/bin/ansible localhost -m mysql_user  \
    -a "login_host=${MYSQL_HOST}
        login_port=3306
        login_user=root
        login_password=${MYSQL_ROOT_PWD}
        name=keystone
        password=${MYSQL_KEYSTONE_PWD}
        host=%
        priv=keystone.*:ALL
        append_privs=yes "


## log dir
mkdir -p /var/log/stackube/openstack
chmod 777 /var/log/stackube/openstack


## config files
mkdir -p /etc/stackube/openstack
cp -a ${programDir}/config_openstack/keystone /etc/stackube/openstack/
sed -i "s/__MYSQL_HOST__/${MYSQL_HOST}/g" /etc/stackube/openstack/keystone/keystone.conf
sed -i "s/__MYSQL_KWYSTONE_PWD__/${MYSQL_KEYSTONE_PWD}/g" /etc/stackube/openstack/keystone/keystone.conf
sed -i "s/__KEYSTONE_API_IP__/${KEYSTONE_API_IP}/g" /etc/stackube/openstack/keystone/wsgi-keystone.conf


# bootstrap_service
docker run --net host  \
    --name stackube_openstack_bootstrap_keystone  \
    -v /etc/stackube/openstack/keystone/:/var/lib/kolla/config_files/:ro  \
    -v /var/log/stackube/openstack:/var/log/kolla/:rw  \
    -e "KOLLA_BOOTSTRAP="  \
    -e "KOLLA_CONFIG_STRATEGY=COPY_ALWAYS" \
    kolla/centos-binary-keystone:4.0.0

docker rm stackube_openstack_bootstrap_keystone

docker run -d  --net host  \
    --name stackube_openstack_keystone  \
    -v /etc/stackube/openstack/keystone/:/var/lib/kolla/config_files/:ro  \
    -v /var/log/stackube/openstack:/var/log/kolla/:rw  \
    -e "KOLLA_SERVICE_NAME=keystone"  \
    -e "KOLLA_CONFIG_STRATEGY=COPY_ALWAYS" \
    --restart unless-stopped \
    kolla/centos-binary-keystone:4.0.0

sleep 10

# register
docker exec stackube_openstack_keystone kolla_keystone_bootstrap admin ${KEYSTONE_ADMIN_PWD} admin admin \
    https://${OPENSTACK_ENDPOINT_IP}:35358/v3 \
    https://${OPENSTACK_ENDPOINT_IP}:5001/v3 \
    https://${OPENSTACK_ENDPOINT_IP}:5001/v3 \
    RegionOne

docker exec stackube_openstack_kolla_toolbox /usr/bin/ansible localhost -m os_keystone_role  -a "name=_member_  auth='{{ openstack_keystone_auth }}' verify=False"  \
    -e "{'openstack_keystone_auth': {
           'auth_url': 'https://${OPENSTACK_ENDPOINT_IP}:35358/v3',
           'username': 'admin',
           'password': '${KEYSTONE_ADMIN_PWD}',
           'project_name': 'admin',
           'domain_name': 'default' } 
        }"


cat > /etc/stackube/openstack/admin-openrc.sh << EOF
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=admin
export OS_TENANT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=${KEYSTONE_ADMIN_PWD}
export OS_AUTH_URL=https://${OPENSTACK_ENDPOINT_IP}:35358/v3
export OS_INTERFACE=internal
export OS_IDENTITY_API_VERSION=3
export OS_CACERT=/etc/stackube/openstack/certificates/CA/int-ca/ca-chain.pem
EOF

exit 0