Merge "Move cinder account creation out of keystone_data.sh"

2012-12-18 13:08:03 +00:00 · 2012-12-18 13:08:03 +00:00 · 8dc995c701
commit 8dc995c701
parent 7c8b738043 671c16e63a
3 changed files with 46 additions and 25 deletions
--- a/files/keystone_data.sh
+++ b/files/keystone_data.sh
@ -7,7 +7,6 @@
 # service              glance     admin
 # service              quantum    admin        # if enabled
 # service              swift      admin        # if enabled
-# service              cinder     admin        # if enabled
 # service              heat       admin        # if enabled
 # service              ceilometer admin        # if enabled
 # Tempest Only:
@ -38,6 +37,7 @@ function get_id () {
 # Lookups
 SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
 ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
+MEMBER_ROLE=$(keystone role-list | awk "/ Member / { print \$2 }")


 # Roles
@ -49,6 +49,7 @@ ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
 # role is also configurable in swift-proxy.conf
 RESELLER_ROLE=$(get_id keystone role-create --name=ResellerAdmin)

+
 # Services
 # --------

@ -243,25 +244,3 @@ if [[ "$ENABLED_SERVICES" =~ "tempest" ]]; then
        --user_id $ALT_DEMO_USER \
        --role_id $MEMBER_ROLE
 fi
-
-if [[ "$ENABLED_SERVICES" =~ "c-api" ]]; then
-    CINDER_USER=$(get_id keystone user-create --name=cinder \
-                                              --pass="$SERVICE_PASSWORD" \
-                                              --tenant_id $SERVICE_TENANT \
-                                              --email=cinder@example.com)
-    keystone user-role-add --tenant_id $SERVICE_TENANT \
-                           --user_id $CINDER_USER \
-                           --role_id $ADMIN_ROLE
-    if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
-        CINDER_SERVICE=$(get_id keystone service-create \
-            --name=cinder \
-            --type=volume \
-            --description="Cinder Service")
-        keystone endpoint-create \
-            --region RegionOne \
-            --service_id $CINDER_SERVICE \
-            --publicurl "http://$SERVICE_HOST:8776/v1/\$(tenant_id)s" \
-            --adminurl "http://$SERVICE_HOST:8776/v1/\$(tenant_id)s" \
-            --internalurl "http://$SERVICE_HOST:8776/v1/\$(tenant_id)s"
-    fi
-fi
--- a/lib/cinder
+++ b/lib/cinder
@ -31,9 +31,11 @@ CINDER_DRIVER=${CINDER_DRIVER:-default}
 CINDER_DIR=$DEST/cinder
 CINDERCLIENT_DIR=$DEST/python-cinderclient
 CINDER_STATE_PATH=${CINDER_STATE_PATH:=$DATA_DIR/cinder}
+CINDER_AUTH_CACHE_DIR=${CINDER_AUTH_CACHE_DIR:-/var/cache/cinder}
+
 CINDER_CONF_DIR=/etc/cinder
 CINDER_CONF=$CINDER_CONF_DIR/cinder.conf
-CINDER_AUTH_CACHE_DIR=${CINDER_AUTH_CACHE_DIR:-/var/cache/cinder}
+CINDER_API_PASTE_INI=$CINDER_CONF_DIR/api-paste.ini

 # Support entry points installation of console scripts
 if [[ -d $CINDER_DIR/bin ]]; then
@ -97,7 +99,6 @@ function configure_cinder() {
    sudo chown root:root $TEMPFILE
    sudo mv $TEMPFILE /etc/sudoers.d/cinder-rootwrap

-    CINDER_API_PASTE_INI=$CINDER_CONF_DIR/api-paste.ini
    cp $CINDER_DIR/etc/cinder/api-paste.ini $CINDER_API_PASTE_INI
    iniset $CINDER_API_PASTE_INI filter:authtoken auth_host $KEYSTONE_AUTH_HOST
    iniset $CINDER_API_PASTE_INI filter:authtoken auth_port $KEYSTONE_AUTH_PORT
@ -159,6 +160,46 @@ function configure_cinder() {
    fi
 }

+# create_cinder_accounts() - Set up common required cinder accounts
+
+# Tenant               User       Roles
+# ------------------------------------------------------------------
+# service              cinder     admin        # if enabled
+
+# Migrated from keystone_data.sh
+create_cinder_accounts() {
+
+    SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
+    ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
+
+    # Cinder
+    if [[ "$ENABLED_SERVICES" =~ "c-api" ]]; then
+        CINDER_USER=$(keystone user-create \
+            --name=cinder \
+            --pass="$SERVICE_PASSWORD" \
+            --tenant_id $SERVICE_TENANT \
+            --email=cinder@example.com \
+            | grep " id " | get_field 2)
+        keystone user-role-add \
+            --tenant_id $SERVICE_TENANT \
+            --user_id $CINDER_USER \
+            --role_id $ADMIN_ROLE
+        if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
+            CINDER_SERVICE=$(keystone service-create \
+                --name=cinder \
+                --type=volume \
+                --description="Cinder Volume Service" \
+                | grep " id " | get_field 2)
+            keystone endpoint-create \
+                --region RegionOne \
+                --service_id $CINDER_SERVICE \
+                --publicurl "http://$SERVICE_HOST:8776/v1/\$(tenant_id)s" \
+                --adminurl "http://$SERVICE_HOST:8776/v1/\$(tenant_id)s" \
+                --internalurl "http://$SERVICE_HOST:8776/v1/\$(tenant_id)s"
+        fi
+    fi
+}
+
 # init_cinder() - Initialize database and volume group
 function init_cinder() {
    # Force nova volumes off
--- a/stack.sh
+++ b/stack.sh
@ -956,6 +956,7 @@ if is_service_enabled key; then
    export OS_SERVICE_ENDPOINT=$SERVICE_ENDPOINT
    create_keystone_accounts
    create_nova_accounts
+    create_cinder_accounts

    # ``keystone_data.sh`` creates services, admin and demo users, and roles.
    ADMIN_PASSWORD=$ADMIN_PASSWORD SERVICE_TENANT_NAME=$SERVICE_TENANT_NAME SERVICE_PASSWORD=$SERVICE_PASSWORD \