Change most keystoneclient commands to openstacklient in libs

migrated most keystoneclient commands from the following libs:
 ceilometer
 cinder
 ironic
 keystone
 marconi
 neutron
 nova
 savanna
 swift
 trove

Also need to set and unset openstackclient specific environment
variables from stack.sh

Change-Id: I725f30bc08e1df5a4c5770576c19ad1ddaeb843a
This commit is contained in:
Steve Martinelli 2014-01-24 13:02:26 -06:00
parent 824fac2cc7
commit 19685428e3
11 changed files with 206 additions and 177 deletions

View File

@ -71,33 +71,33 @@ function is_ceilometer_enabled {
create_ceilometer_accounts() { create_ceilometer_accounts() {
SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }") SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }") ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
# Ceilometer # Ceilometer
if [[ "$ENABLED_SERVICES" =~ "ceilometer-api" ]]; then if [[ "$ENABLED_SERVICES" =~ "ceilometer-api" ]]; then
CEILOMETER_USER=$(keystone user-create \ CEILOMETER_USER=$(openstack user create \
--name=ceilometer \ ceilometer \
--pass="$SERVICE_PASSWORD" \ --password "$SERVICE_PASSWORD" \
--tenant_id $SERVICE_TENANT \ --project $SERVICE_TENANT \
--email=ceilometer@example.com \ --email ceilometer@example.com \
| grep " id " | get_field 2) | grep " id " | get_field 2)
keystone user-role-add \ openstack role add \
--tenant-id $SERVICE_TENANT \ $ADMIN_ROLE \
--user-id $CEILOMETER_USER \ --project $SERVICE_TENANT \
--role-id $ADMIN_ROLE --user $CEILOMETER_USER
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
CEILOMETER_SERVICE=$(keystone service-create \ CEILOMETER_SERVICE=$(openstack service create \
--name=ceilometer \ ceilometer \
--type=metering \ --type=metering \
--description="OpenStack Telemetry Service" \ --description="OpenStack Telemetry Service" \
| grep " id " | get_field 2) | grep " id " | get_field 2)
keystone endpoint-create \ openstack endpoint create \
$CEILOMETER_SERVICE \
--region RegionOne \ --region RegionOne \
--service_id $CEILOMETER_SERVICE \ --publicurl "$CEILOMETER_SERVICE_PROTOCOL://$CEILOMETER_SERVICE_HOST:$CEILOMETER_SERVICE_PORT/" \
--publicurl "$CEILOMETER_SERVICE_PROTOCOL://$CEILOMETER_SERVICE_HOST:$CEILOMETER_SERVICE_PORT" \ --adminurl "$CEILOMETER_SERVICE_PROTOCOL://$CEILOMETER_SERVICE_HOST:$CEILOMETER_SERVICE_PORT/" \
--adminurl "$CEILOMETER_SERVICE_PROTOCOL://$CEILOMETER_SERVICE_HOST:$CEILOMETER_SERVICE_PORT" \ --internalurl "$CEILOMETER_SERVICE_PROTOCOL://$CEILOMETER_SERVICE_HOST:$CEILOMETER_SERVICE_PORT/"
--internalurl "$CEILOMETER_SERVICE_PROTOCOL://$CEILOMETER_SERVICE_HOST:$CEILOMETER_SERVICE_PORT"
fi fi
fi fi
} }

View File

@ -330,45 +330,44 @@ function configure_cinder() {
# Migrated from keystone_data.sh # Migrated from keystone_data.sh
create_cinder_accounts() { create_cinder_accounts() {
SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }") SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }") ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
# Cinder # Cinder
if [[ "$ENABLED_SERVICES" =~ "c-api" ]]; then if [[ "$ENABLED_SERVICES" =~ "c-api" ]]; then
CINDER_USER=$(keystone user-create \ CINDER_USER=$(openstack user create \
--name=cinder \ cinder \
--pass="$SERVICE_PASSWORD" \ --password "$SERVICE_PASSWORD" \
--tenant-id $SERVICE_TENANT \ --project $SERVICE_TENANT \
--email=cinder@example.com \ --email cinder@example.com \
| grep " id " | get_field 2) | grep " id " | get_field 2)
keystone user-role-add \ openstack role add \
--tenant-id $SERVICE_TENANT \ $ADMIN_ROLE \
--user-id $CINDER_USER \ --project $SERVICE_TENANT \
--role-id $ADMIN_ROLE --user $CINDER_USER
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
CINDER_SERVICE=$(keystone service-create \ CINDER_SERVICE=$(openstack service create \
--name=cinder \ cinder \
--type=volume \ --type=volume \
--description="Cinder Volume Service" \ --description="Cinder Volume Service" \
| grep " id " | get_field 2) | grep " id " | get_field 2)
keystone endpoint-create \ openstack endpoint create \
$CINDER_SERVICE \
--region RegionOne \ --region RegionOne \
--service_id $CINDER_SERVICE \
--publicurl "$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v1/\$(tenant_id)s" \ --publicurl "$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v1/\$(tenant_id)s" \
--adminurl "$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v1/\$(tenant_id)s" \ --adminurl "$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v1/\$(tenant_id)s" \
--internalurl "$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v1/\$(tenant_id)s" --internalurl "$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v1/\$(tenant_id)s"
CINDER_V2_SERVICE=$(keystone service-create \ CINDER_V2_SERVICE=$(openstack service create \
--name=cinderv2 \ cinderv2 \
--type=volumev2 \ --type=volumev2 \
--description="Cinder Volume Service V2" \ --description="Cinder Volume Service V2" \
| grep " id " | get_field 2) | grep " id " | get_field 2)
keystone endpoint-create \ openstack endpoint create \
$CINDER_V2_SERVICE \
--region RegionOne \ --region RegionOne \
--service_id $CINDER_V2_SERVICE \
--publicurl "$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v2/\$(tenant_id)s" \ --publicurl "$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v2/\$(tenant_id)s" \
--adminurl "$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v2/\$(tenant_id)s" \ --adminurl "$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v2/\$(tenant_id)s" \
--internalurl "$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v2/\$(tenant_id)s" --internalurl "$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v2/\$(tenant_id)s"
fi fi
fi fi
} }

View File

@ -145,30 +145,30 @@ function create_ironic_cache_dir() {
# service ironic admin # if enabled # service ironic admin # if enabled
create_ironic_accounts() { create_ironic_accounts() {
SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }") SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }") ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
# Ironic # Ironic
if [[ "$ENABLED_SERVICES" =~ "ir-api" ]]; then if [[ "$ENABLED_SERVICES" =~ "ir-api" ]]; then
IRONIC_USER=$(keystone user-create \ IRONIC_USER=$(openstack user create \
--name=ironic \ ironic \
--pass="$SERVICE_PASSWORD" \ --password "$SERVICE_PASSWORD" \
--tenant-id $SERVICE_TENANT \ --project $SERVICE_TENANT \
--email=ironic@example.com \ --email ironic@example.com \
| grep " id " | get_field 2) | grep " id " | get_field 2)
keystone user-role-add \ openstack role add \
--tenant-id $SERVICE_TENANT \ $ADMIN_ROLE \
--user_id $IRONIC_USER \ --project $SERVICE_TENANT \
--role_id $ADMIN_ROLE --user $IRONIC_USER
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
IRONIC_SERVICE=$(keystone service-create \ IRONIC_SERVICE=$(openstack service create \
--name=ironic \ ironic \
--type=baremetal \ --type=baremetal \
--description="Ironic baremetal provisioning service" \ --description="Ironic baremetal provisioning service" \
| grep " id " | get_field 2) | grep " id " | get_field 2)
keystone endpoint-create \ openstack endpoint create \
$IRONIC_SERVICE \
--region RegionOne \ --region RegionOne \
--service_id $IRONIC_SERVICE \
--publicurl "$IRONIC_SERVICE_PROTOCOL://$IRONIC_HOSTPORT" \ --publicurl "$IRONIC_SERVICE_PROTOCOL://$IRONIC_HOSTPORT" \
--adminurl "$IRONIC_SERVICE_PROTOCOL://$IRONIC_HOSTPORT" \ --adminurl "$IRONIC_SERVICE_PROTOCOL://$IRONIC_HOSTPORT" \
--internalurl "$IRONIC_SERVICE_PROTOCOL://$IRONIC_HOSTPORT" --internalurl "$IRONIC_SERVICE_PROTOCOL://$IRONIC_HOSTPORT"

View File

@ -275,60 +275,69 @@ function configure_keystone() {
create_keystone_accounts() { create_keystone_accounts() {
# admin # admin
ADMIN_TENANT=$(keystone tenant-create \ ADMIN_TENANT=$(openstack project create \
--name admin \ admin \
| grep " id " | get_field 2) | grep " id " | get_field 2)
ADMIN_USER=$(keystone user-create \ ADMIN_USER=$(openstack user create \
--name admin \ admin \
--pass "$ADMIN_PASSWORD" \ --project "$ADMIN_TENANT" \
--email admin@example.com \ --email admin@example.com \
--password "$ADMIN_PASSWORD" \
| grep " id " | get_field 2) | grep " id " | get_field 2)
ADMIN_ROLE=$(keystone role-create \ ADMIN_ROLE=$(openstack role create \
--name admin \ admin \
| grep " id " | get_field 2) | grep " id " | get_field 2)
keystone user-role-add \ openstack role add \
--user-id $ADMIN_USER \ $ADMIN_ROLE \
--role-id $ADMIN_ROLE \ --project $ADMIN_TENANT \
--tenant-id $ADMIN_TENANT --user $ADMIN_USER
# service # service
SERVICE_TENANT=$(keystone tenant-create \ SERVICE_TENANT=$(openstack project create \
--name $SERVICE_TENANT_NAME \ $SERVICE_TENANT_NAME \
| grep " id " | get_field 2) | grep " id " | get_field 2)
# The Member role is used by Horizon and Swift so we need to keep it: # The Member role is used by Horizon and Swift so we need to keep it:
MEMBER_ROLE=$(keystone role-create --name=Member | grep " id " | get_field 2) MEMBER_ROLE=$(openstack role create \
Member \
| grep " id " | get_field 2)
# ANOTHER_ROLE demonstrates that an arbitrary role may be created and used # ANOTHER_ROLE demonstrates that an arbitrary role may be created and used
# TODO(sleepsonthefloor): show how this can be used for rbac in the future! # TODO(sleepsonthefloor): show how this can be used for rbac in the future!
ANOTHER_ROLE=$(keystone role-create --name=anotherrole | grep " id " | get_field 2) ANOTHER_ROLE=$(openstack role create \
anotherrole \
| grep " id " | get_field 2)
# invisible tenant - admin can't see this one # invisible tenant - admin can't see this one
INVIS_TENANT=$(keystone tenant-create --name=invisible_to_admin | grep " id " | get_field 2) INVIS_TENANT=$(openstack project create \
invisible_to_admin \
| grep " id " | get_field 2)
# demo # demo
DEMO_TENANT=$(keystone tenant-create \ DEMO_TENANT=$(openstack project create \
--name=demo \ demo \
| grep " id " | get_field 2) | grep " id " | get_field 2)
DEMO_USER=$(keystone user-create \ DEMO_USER=$(openstack user create \
--name demo \ demo \
--pass "$ADMIN_PASSWORD" \ --project $DEMO_TENANT \
--email demo@example.com \ --email demo@example.com \
--password "$ADMIN_PASSWORD" \
| grep " id " | get_field 2) | grep " id " | get_field 2)
keystone user-role-add --user-id $DEMO_USER --role-id $MEMBER_ROLE --tenant-id $DEMO_TENANT
keystone user-role-add --user-id $ADMIN_USER --role-id $ADMIN_ROLE --tenant-id $DEMO_TENANT openstack role add --project $DEMO_TENANT --user $DEMO_USER $MEMBER_ROLE
keystone user-role-add --user-id $DEMO_USER --role-id $ANOTHER_ROLE --tenant-id $DEMO_TENANT openstack role add --project $DEMO_TENANT --user $ADMIN_USER $ADMIN_ROLE
keystone user-role-add --user-id $DEMO_USER --role-id $MEMBER_ROLE --tenant-id $INVIS_TENANT openstack role add --project $DEMO_TENANT --user $DEMO_USER $ANOTHER_ROLE
openstack role add --project $INVIS_TENANT --user $DEMO_USER $MEMBER_ROLE
# Keystone # Keystone
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
KEYSTONE_SERVICE=$(keystone service-create \ KEYSTONE_SERVICE=$(openstack service create \
--name keystone \ keystone \
--type identity \ --type identity \
--description "Keystone Identity Service" \ --description "Keystone Identity Service" \
| grep " id " | get_field 2) | grep " id " | get_field 2)
keystone endpoint-create \ openstack endpoint create \
$KEYSTONE_SERVICE \
--region RegionOne \ --region RegionOne \
--service_id $KEYSTONE_SERVICE \
--publicurl "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v$IDENTITY_API_VERSION" \ --publicurl "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v$IDENTITY_API_VERSION" \
--adminurl "$KEYSTONE_AUTH_PROTOCOL://$KEYSTONE_AUTH_HOST:$KEYSTONE_AUTH_PORT/v$IDENTITY_API_VERSION" \ --adminurl "$KEYSTONE_AUTH_PROTOCOL://$KEYSTONE_AUTH_HOST:$KEYSTONE_AUTH_PORT/v$IDENTITY_API_VERSION" \
--internalurl "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v$IDENTITY_API_VERSION" --internalurl "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v$IDENTITY_API_VERSION"

View File

@ -151,27 +151,29 @@ function stop_marconi() {
} }
function create_marconi_accounts() { function create_marconi_accounts() {
SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }") SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }") ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
MARCONI_USER=$(get_id keystone user-create --name=marconi \ MARCONI_USER=$(openstack user create \
--pass="$SERVICE_PASSWORD" \ marconi \
--tenant-id $SERVICE_TENANT \ --password "$SERVICE_PASSWORD" \
--email=marconi@example.com \ --project $SERVICE_TENANT \
--email marconi@example.com \
| grep " id " | get_field 2) | grep " id " | get_field 2)
keystone user-role-add --tenant-id $SERVICE_TENANT \ openstack role add \
--user-id $MARCONI_USER \ $ADMIN_ROLE \
--role-id $ADMIN_ROLE --project $SERVICE_TENANT \
--user $MARCONI_USER
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
MARCONI_SERVICE=$(keystone service-create \ MARCONI_SERVICE=$(openstack service create \
--name=marconi \ marconi \
--type=queuing \ --type=queuing \
--description="Marconi Service" \ --description="Marconi Service" \
| grep " id " | get_field 2) | grep " id " | get_field 2)
keystone endpoint-create \ openstack endpoint create \
$MARCONI_SERVICE \
--region RegionOne \ --region RegionOne \
--service_id $MARCONI_SERVICE \
--publicurl "http://$SERVICE_HOST:8888" \ --publicurl "http://$SERVICE_HOST:8888" \
--adminurl "http://$SERVICE_HOST:8888" \ --adminurl "http://$SERVICE_HOST:8888" \
--internalurl "http://$SERVICE_HOST:8888" --internalurl "http://$SERVICE_HOST:8888"

View File

@ -332,29 +332,29 @@ function create_neutron_cache_dir() {
# Migrated from keystone_data.sh # Migrated from keystone_data.sh
function create_neutron_accounts() { function create_neutron_accounts() {
SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }") SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }") ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
if [[ "$ENABLED_SERVICES" =~ "q-svc" ]]; then if [[ "$ENABLED_SERVICES" =~ "q-svc" ]]; then
NEUTRON_USER=$(keystone user-create \ NEUTRON_USER=$(openstack user create \
--name=neutron \ neutron \
--pass="$SERVICE_PASSWORD" \ --password "$SERVICE_PASSWORD" \
--tenant-id $SERVICE_TENANT \ --project $SERVICE_TENANT \
--email=neutron@example.com \ --email neutron@example.com \
| grep " id " | get_field 2) | grep " id " | get_field 2)
keystone user-role-add \ openstack role add \
--tenant-id $SERVICE_TENANT \ $ADMIN_ROLE \
--user-id $NEUTRON_USER \ --project $SERVICE_TENANT \
--role-id $ADMIN_ROLE --user $NEUTRON_USER
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
NEUTRON_SERVICE=$(keystone service-create \ NEUTRON_SERVICE=$(openstack service create \
--name=neutron \ neutron \
--type=network \ --type=network \
--description="Neutron Service" \ --description="Neutron Service" \
| grep " id " | get_field 2) | grep " id " | get_field 2)
keystone endpoint-create \ openstack endpoint create \
$NEUTRON_SERVICE \
--region RegionOne \ --region RegionOne \
--service_id $NEUTRON_SERVICE \
--publicurl "http://$SERVICE_HOST:9696/" \ --publicurl "http://$SERVICE_HOST:9696/" \
--adminurl "http://$SERVICE_HOST:9696/" \ --adminurl "http://$SERVICE_HOST:9696/" \
--internalurl "http://$SERVICE_HOST:9696/" --internalurl "http://$SERVICE_HOST:9696/"
@ -363,7 +363,7 @@ function create_neutron_accounts() {
} }
function create_neutron_initial_network() { function create_neutron_initial_network() {
TENANT_ID=$(keystone tenant-list | grep " demo " | get_field 1) TENANT_ID=$(openstack project list | grep " demo " | get_field 1)
die_if_not_set $LINENO TENANT_ID "Failure retrieving TENANT_ID for demo" die_if_not_set $LINENO TENANT_ID "Failure retrieving TENANT_ID for demo"
# Create a small network # Create a small network

View File

@ -324,41 +324,41 @@ function configure_nova() {
# Migrated from keystone_data.sh # Migrated from keystone_data.sh
create_nova_accounts() { create_nova_accounts() {
SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }") SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }") ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
# Nova # Nova
if [[ "$ENABLED_SERVICES" =~ "n-api" ]]; then if [[ "$ENABLED_SERVICES" =~ "n-api" ]]; then
NOVA_USER=$(keystone user-create \ NOVA_USER=$(openstack user create \
--name=nova \ nova \
--pass="$SERVICE_PASSWORD" \ --password "$SERVICE_PASSWORD" \
--tenant-id $SERVICE_TENANT \ --project $SERVICE_TENANT \
--email=nova@example.com \ --email nova@example.com \
| grep " id " | get_field 2) | grep " id " | get_field 2)
keystone user-role-add \ openstack role add \
--tenant-id $SERVICE_TENANT \ $ADMIN_ROLE \
--user-id $NOVA_USER \ --project $SERVICE_TENANT \
--role-id $ADMIN_ROLE --user $NOVA_USER
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
NOVA_SERVICE=$(keystone service-create \ NOVA_SERVICE=$(openstack service create \
--name=nova \ nova \
--type=compute \ --type=compute \
--description="Nova Compute Service" \ --description="Nova Compute Service" \
| grep " id " | get_field 2) | grep " id " | get_field 2)
keystone endpoint-create \ openstack endpoint create \
$NOVA_SERVICE \
--region RegionOne \ --region RegionOne \
--service_id $NOVA_SERVICE \
--publicurl "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v2/\$(tenant_id)s" \ --publicurl "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v2/\$(tenant_id)s" \
--adminurl "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v2/\$(tenant_id)s" \ --adminurl "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v2/\$(tenant_id)s" \
--internalurl "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v2/\$(tenant_id)s" --internalurl "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v2/\$(tenant_id)s"
NOVA_V3_SERVICE=$(keystone service-create \ NOVA_V3_SERVICE=$(openstack service create \
--name=novav3 \ novav3 \
--type=computev3 \ --type=computev3 \
--description="Nova Compute Service V3" \ --description="Nova Compute Service V3" \
| grep " id " | get_field 2) | grep " id " | get_field 2)
keystone endpoint-create \ openstack endpoint create \
$NOVA_V3_SERVICE \
--region RegionOne \ --region RegionOne \
--service_id $NOVA_V3_SERVICE \
--publicurl "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v3" \ --publicurl "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v3" \
--adminurl "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v3" \ --adminurl "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v3" \
--internalurl "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v3" --internalurl "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v3"

View File

@ -54,29 +54,29 @@ TEMPEST_SERVICES+=,savanna
# service savanna admin # service savanna admin
function create_savanna_accounts() { function create_savanna_accounts() {
SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }") SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }") ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
SAVANNA_USER=$(keystone user-create \ SAVANNA_USER=$(openstack user create \
--name=savanna \ savanna \
--pass="$SERVICE_PASSWORD" \ --password "$SERVICE_PASSWORD" \
--tenant-id $SERVICE_TENANT \ --project $SERVICE_TENANT \
--email=savanna@example.com \ --email savanna@example.com \
| grep " id " | get_field 2) | grep " id " | get_field 2)
keystone user-role-add \ openstack role add \
--tenant-id $SERVICE_TENANT \ $ADMIN_ROLE \
--user-id $SAVANNA_USER \ --project $SERVICE_TENANT \
--role-id $ADMIN_ROLE --user $SAVANNA_USER
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
SAVANNA_SERVICE=$(keystone service-create \ SAVANNA_SERVICE=$(openstack service create \
--name=savanna \ savanna \
--type=data_processing \ --type=data_processing \
--description="Savanna Data Processing" \ --description="Savanna Data Processing" \
| grep " id " | get_field 2) | grep " id " | get_field 2)
keystone endpoint-create \ openstack endpoint create \
$SAVANNA_SERVICE \
--region RegionOne \ --region RegionOne \
--service_id $SAVANNA_SERVICE \
--publicurl "$SAVANNA_SERVICE_PROTOCOL://$SAVANNA_SERVICE_HOST:$SAVANNA_SERVICE_PORT/v1.1/\$(tenant_id)s" \ --publicurl "$SAVANNA_SERVICE_PROTOCOL://$SAVANNA_SERVICE_HOST:$SAVANNA_SERVICE_PORT/v1.1/\$(tenant_id)s" \
--adminurl "$SAVANNA_SERVICE_PROTOCOL://$SAVANNA_SERVICE_HOST:$SAVANNA_SERVICE_PORT/v1.1/\$(tenant_id)s" \ --adminurl "$SAVANNA_SERVICE_PROTOCOL://$SAVANNA_SERVICE_HOST:$SAVANNA_SERVICE_PORT/v1.1/\$(tenant_id)s" \
--internalurl "$SAVANNA_SERVICE_PROTOCOL://$SAVANNA_SERVICE_HOST:$SAVANNA_SERVICE_PORT/v1.1/\$(tenant_id)s" --internalurl "$SAVANNA_SERVICE_PROTOCOL://$SAVANNA_SERVICE_HOST:$SAVANNA_SERVICE_PORT/v1.1/\$(tenant_id)s"

View File

@ -527,39 +527,53 @@ function create_swift_accounts() {
KEYSTONE_CATALOG_BACKEND=${KEYSTONE_CATALOG_BACKEND:-sql} KEYSTONE_CATALOG_BACKEND=${KEYSTONE_CATALOG_BACKEND:-sql}
SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }") SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }") ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
SWIFT_USER=$(keystone user-create --name=swift --pass="$SERVICE_PASSWORD" \ SWIFT_USER=$(openstack user create \
--tenant-id $SERVICE_TENANT --email=swift@example.com | grep " id " | get_field 2) swift \
keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $SWIFT_USER --role-id $ADMIN_ROLE --password "$SERVICE_PASSWORD" \
--project $SERVICE_TENANT \
--email=swift@example.com \
| grep " id " | get_field 2)
openstack role add \
$ADMIN_ROLE \
--project $SERVICE_TENANT \
--user $SWIFT_USER
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
SWIFT_SERVICE=$(keystone service-create --name=swift --type="object-store" \ SWIFT_SERVICE=$(openstack service create \
--description="Swift Service" | grep " id " | get_field 2) swift \
keystone endpoint-create \ --type="object-store" \
--description="Swift Service" \
| grep " id " | get_field 2)
openstack endpoint create \
$SWIFT_SERVICE \
--region RegionOne \ --region RegionOne \
--service_id $SWIFT_SERVICE \
--publicurl "http://$SERVICE_HOST:8080/v1/AUTH_\$(tenant_id)s" \ --publicurl "http://$SERVICE_HOST:8080/v1/AUTH_\$(tenant_id)s" \
--adminurl "http://$SERVICE_HOST:8080" \ --adminurl "http://$SERVICE_HOST:8080" \
--internalurl "http://$SERVICE_HOST:8080/v1/AUTH_\$(tenant_id)s" --internalurl "http://$SERVICE_HOST:8080/v1/AUTH_\$(tenant_id)s"
fi fi
SWIFT_TENANT_TEST1=$(keystone tenant-create --name=swifttenanttest1 | grep " id " | get_field 2) SWIFT_TENANT_TEST1=$(openstack project create swifttenanttest1 | grep " id " | get_field 2)
die_if_not_set $LINENO SWIFT_TENANT_TEST1 "Failure creating SWIFT_TENANT_TEST1" die_if_not_set $LINENO SWIFT_TENANT_TEST1 "Failure creating SWIFT_TENANT_TEST1"
SWIFT_USER_TEST1=$(keystone user-create --name=swiftusertest1 --pass=$SWIFTUSERTEST1_PASSWORD --email=test@example.com | grep " id " | get_field 2) SWIFT_USER_TEST1=$(openstack user create swiftusertest1 --password=$SWIFTUSERTEST1_PASSWORD \
--project "$SWIFT_TENANT_TEST1" --email=test@example.com | grep " id " | get_field 2)
die_if_not_set $LINENO SWIFT_USER_TEST1 "Failure creating SWIFT_USER_TEST1" die_if_not_set $LINENO SWIFT_USER_TEST1 "Failure creating SWIFT_USER_TEST1"
keystone user-role-add --user-id $SWIFT_USER_TEST1 --role-id $ADMIN_ROLE --tenant-id $SWIFT_TENANT_TEST1 openstack role add --user $SWIFT_USER_TEST1 --project $SWIFT_TENANT_TEST1 $ADMIN_ROLE
SWIFT_USER_TEST3=$(keystone user-create --name=swiftusertest3 --pass=$SWIFTUSERTEST3_PASSWORD --email=test3@example.com | grep " id " | get_field 2) SWIFT_USER_TEST3=$(openstack user create swiftusertest3 --password=$SWIFTUSERTEST3_PASSWORD \
--project "$SWIFT_TENANT_TEST1" --email=test3@example.com | grep " id " | get_field 2)
die_if_not_set $LINENO SWIFT_USER_TEST3 "Failure creating SWIFT_USER_TEST3" die_if_not_set $LINENO SWIFT_USER_TEST3 "Failure creating SWIFT_USER_TEST3"
keystone user-role-add --user-id $SWIFT_USER_TEST3 --role-id $ANOTHER_ROLE --tenant-id $SWIFT_TENANT_TEST1 openstack role add --user $SWIFT_USER_TEST3 --project $SWIFT_TENANT_TEST1 $ANOTHER_ROLE
SWIFT_TENANT_TEST2=$(keystone tenant-create --name=swifttenanttest2 | grep " id " | get_field 2) SWIFT_TENANT_TEST2=$(openstack project create swifttenanttest2 | grep " id " | get_field 2)
die_if_not_set $LINENO SWIFT_TENANT_TEST2 "Failure creating SWIFT_TENANT_TEST2" die_if_not_set $LINENO SWIFT_TENANT_TEST2 "Failure creating SWIFT_TENANT_TEST2"
SWIFT_USER_TEST2=$(keystone user-create --name=swiftusertest2 --pass=$SWIFTUSERTEST2_PASSWORD --email=test2@example.com | grep " id " | get_field 2)
SWIFT_USER_TEST2=$(openstack user create swiftusertest2 --password=$SWIFTUSERTEST2_PASSWORD \
--project "$SWIFT_TENANT_TEST2" --email=test2@example.com | grep " id " | get_field 2)
die_if_not_set $LINENO SWIFT_USER_TEST2 "Failure creating SWIFT_USER_TEST2" die_if_not_set $LINENO SWIFT_USER_TEST2 "Failure creating SWIFT_USER_TEST2"
keystone user-role-add --user-id $SWIFT_USER_TEST2 --role-id $ADMIN_ROLE --tenant-id $SWIFT_TENANT_TEST2 openstack role add --user $SWIFT_USER_TEST2 --project $SWIFT_TENANT_TEST2 $ADMIN_ROLE
} }
# init_swift() - Initialize rings # init_swift() - Initialize rings

View File

@ -71,28 +71,29 @@ function setup_trove_logging() {
create_trove_accounts() { create_trove_accounts() {
# Trove # Trove
SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }") SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
SERVICE_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }") SERVICE_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
if [[ "$ENABLED_SERVICES" =~ "trove" ]]; then if [[ "$ENABLED_SERVICES" =~ "trove" ]]; then
TROVE_USER=$(keystone user-create \ TROVE_USER=$(openstack user create \
--name=trove \ trove \
--pass="$SERVICE_PASSWORD" \ --password "$SERVICE_PASSWORD" \
--tenant-id $SERVICE_TENANT \ --project $SERVICE_TENANT \
--email=trove@example.com \ --email trove@example.com \
| grep " id " | get_field 2) | grep " id " | get_field 2)
keystone user-role-add --tenant-id $SERVICE_TENANT \ openstack role add \
--user-id $TROVE_USER \ $SERVICE_ROLE \
--role-id $SERVICE_ROLE --project $SERVICE_TENANT \
--user $TROVE_USER
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
TROVE_SERVICE=$(keystone service-create \ TROVE_SERVICE=$(openstack service create
--name=trove \ trove \
--type=database \ --type=database \
--description="Trove Service" \ --description="Trove Service" \
| grep " id " | get_field 2) | grep " id " | get_field 2)
keystone endpoint-create \ openstack endpoint create \
$TROVE_SERVICE \
--region RegionOne \ --region RegionOne \
--service_id $TROVE_SERVICE \
--publicurl "http://$SERVICE_HOST:8779/v1.0/\$(tenant_id)s" \ --publicurl "http://$SERVICE_HOST:8779/v1.0/\$(tenant_id)s" \
--adminurl "http://$SERVICE_HOST:8779/v1.0/\$(tenant_id)s" \ --adminurl "http://$SERVICE_HOST:8779/v1.0/\$(tenant_id)s" \
--internalurl "http://$SERVICE_HOST:8779/v1.0/\$(tenant_id)s" --internalurl "http://$SERVICE_HOST:8779/v1.0/\$(tenant_id)s"

View File

@ -925,6 +925,9 @@ if is_service_enabled key; then
# Do the keystone-specific bits from keystone_data.sh # Do the keystone-specific bits from keystone_data.sh
export OS_SERVICE_TOKEN=$SERVICE_TOKEN export OS_SERVICE_TOKEN=$SERVICE_TOKEN
export OS_SERVICE_ENDPOINT=$SERVICE_ENDPOINT export OS_SERVICE_ENDPOINT=$SERVICE_ENDPOINT
# Add temporarily to make openstackclient work
export OS_TOKEN=$SERVICE_TOKEN
export OS_URL=$SERVICE_ENDPOINT
create_keystone_accounts create_keystone_accounts
create_nova_accounts create_nova_accounts
create_cinder_accounts create_cinder_accounts
@ -947,6 +950,7 @@ if is_service_enabled key; then
bash -x $FILES/keystone_data.sh bash -x $FILES/keystone_data.sh
# Set up auth creds now that keystone is bootstrapped # Set up auth creds now that keystone is bootstrapped
unset OS_TOKEN OS_URL
export OS_AUTH_URL=$SERVICE_ENDPOINT export OS_AUTH_URL=$SERVICE_ENDPOINT
export OS_TENANT_NAME=admin export OS_TENANT_NAME=admin
export OS_USERNAME=admin export OS_USERNAME=admin