|
1 In-house patch to the sample_data.sh script installed in |
|
2 /usr/demo/openstack/keystone in order to support all of the standard |
|
3 services and to allow customization of the individual service |
|
4 endpoints. Solaris-specific patch and is not suitable for upstream |
|
5 |
|
6 It also includes a change to use the standard Solaris tr(1) rather than |
|
7 GNU sed. |
|
8 |
|
9 --- keystone-2014.2.rc1/tools/sample_data.sh.~1~ 2014-09-30 00:14:14.000000000 -0700 |
|
10 +++ keystone-2014.2.rc1/tools/sample_data.sh 2014-10-13 00:53:30.614564163 -0700 |
|
11 @@ -2,6 +2,8 @@ |
|
12 |
|
13 # Copyright 2013 OpenStack Foundation |
|
14 # |
|
15 +# Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved. |
|
16 +# |
|
17 # Licensed under the Apache License, Version 2.0 (the "License"); you may |
|
18 # not use this file except in compliance with the License. You may obtain |
|
19 # a copy of the License at |
|
20 @@ -36,22 +38,47 @@ |
|
21 # service nova admin |
|
22 # service ec2 admin |
|
23 # service swift admin |
|
24 +# service cinder admin |
|
25 +# service neutron admin |
|
26 |
|
27 # By default, passwords used are those in the OpenStack Install and Deploy Manual. |
|
28 # One can override these (publicly known, and hence, insecure) passwords by setting the appropriate |
|
29 # environment variables. A common default password for all the services can be used by |
|
30 # setting the "SERVICE_PASSWORD" environment variable. |
|
31 |
|
32 +PATH=/usr/bin |
|
33 + |
|
34 ADMIN_PASSWORD=${ADMIN_PASSWORD:-secrete} |
|
35 NOVA_PASSWORD=${NOVA_PASSWORD:-${SERVICE_PASSWORD:-nova}} |
|
36 GLANCE_PASSWORD=${GLANCE_PASSWORD:-${SERVICE_PASSWORD:-glance}} |
|
37 EC2_PASSWORD=${EC2_PASSWORD:-${SERVICE_PASSWORD:-ec2}} |
|
38 -SWIFT_PASSWORD=${SWIFT_PASSWORD:-${SERVICE_PASSWORD:-swiftpass}} |
|
39 +SWIFT_PASSWORD=${SWIFT_PASSWORD:-${SERVICE_PASSWORD:-swift}} |
|
40 +CINDER_PASSWORD=${CINDER_PASSWORD:-${SERVICE_PASSWORD:-cinder}} |
|
41 +NEUTRON_PASSWORD=${NEUTRON_PASSWORD:-${SERVICE_PASSWORD:-neutron}} |
|
42 |
|
43 CONTROLLER_PUBLIC_ADDRESS=${CONTROLLER_PUBLIC_ADDRESS:-localhost} |
|
44 CONTROLLER_ADMIN_ADDRESS=${CONTROLLER_ADMIN_ADDRESS:-localhost} |
|
45 CONTROLLER_INTERNAL_ADDRESS=${CONTROLLER_INTERNAL_ADDRESS:-localhost} |
|
46 |
|
47 +NOVA_PUBLIC_ADDRESS=${NOVA_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS} |
|
48 +NOVA_ADMIN_ADDRESS=${NOVA_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS} |
|
49 +NOVA_INTERNAL_ADDRESS=${NOVA_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS} |
|
50 +GLANCE_PUBLIC_ADDRESS=${GLANCE_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS} |
|
51 +GLANCE_ADMIN_ADDRESS=${GLANCE_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS} |
|
52 +GLANCE_INTERNAL_ADDRESS=${GLANCE_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS} |
|
53 +EC2_PUBLIC_ADDRESS=${EC2_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS} |
|
54 +EC2_ADMIN_ADDRESS=${EC2_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS} |
|
55 +EC2_INTERNAL_ADDRESS=${EC2_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS} |
|
56 +SWIFT_PUBLIC_ADDRESS=${SWIFT_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS} |
|
57 +SWIFT_ADMIN_ADDRESS=${SWIFT_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS} |
|
58 +SWIFT_INTERNAL_ADDRESS=${SWIFT_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS} |
|
59 +CINDER_PUBLIC_ADDRESS=${CINDER_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS} |
|
60 +CINDER_ADMIN_ADDRESS=${CINDER_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS} |
|
61 +CINDER_INTERNAL_ADDRESS=${CINDER_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS} |
|
62 +NEUTRON_PUBLIC_ADDRESS=${NEUTRON_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS} |
|
63 +NEUTRON_ADMIN_ADDRESS=${NEUTRON_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS} |
|
64 +NEUTRON_INTERNAL_ADDRESS=${NEUTRON_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS} |
|
65 + |
|
66 TOOLS_DIR=$(cd $(dirname "$0") && pwd) |
|
67 KEYSTONE_CONF=${KEYSTONE_CONF:-/etc/keystone/keystone.conf} |
|
68 if [[ -r "$KEYSTONE_CONF" ]]; then |
|
69 @@ -67,8 +94,8 @@ fi |
|
70 |
|
71 # Extract some info from Keystone's configuration file |
|
72 if [[ -r "$KEYSTONE_CONF" ]]; then |
|
73 - CONFIG_SERVICE_TOKEN=$(sed 's/[[:space:]]//g' $KEYSTONE_CONF | grep ^admin_token= | cut -d'=' -f2) |
|
74 - CONFIG_ADMIN_PORT=$(sed 's/[[:space:]]//g' $KEYSTONE_CONF | grep ^admin_port= | cut -d'=' -f2) |
|
75 + CONFIG_SERVICE_TOKEN=$(tr -d '[\t ]' < $KEYSTONE_CONF | grep ^admin_token= | cut -d'=' -f2) |
|
76 + CONFIG_ADMIN_PORT=$(tr -d '[\t ]' < $KEYSTONE_CONF | grep ^admin_port= | cut -d'=' -f2) |
|
77 fi |
|
78 |
|
79 export OS_SERVICE_TOKEN=${OS_SERVICE_TOKEN:-$CONFIG_SERVICE_TOKEN} |
|
80 @@ -136,6 +163,22 @@ keystone user-role-add --user-id $SWIFT_ |
|
81 --role-id $ADMIN_ROLE \ |
|
82 --tenant-id $SERVICE_TENANT |
|
83 |
|
84 +CINDER_USER=$(get_id keystone user-create --name=cinder \ |
|
85 + --pass="${CINDER_PASSWORD}" \ |
|
86 + --tenant-id $SERVICE_TENANT) |
|
87 + |
|
88 +keystone user-role-add --user-id $CINDER_USER \ |
|
89 + --role-id $ADMIN_ROLE \ |
|
90 + --tenant-id $SERVICE_TENANT |
|
91 + |
|
92 +NEUTRON_USER=$(get_id keystone user-create --name=neutron \ |
|
93 + --pass="${NEUTRON_PASSWORD}" \ |
|
94 + --tenant-id $SERVICE_TENANT) |
|
95 + |
|
96 +keystone user-role-add --user-id $NEUTRON_USER \ |
|
97 + --role-id $ADMIN_ROLE \ |
|
98 + --tenant-id $SERVICE_TENANT |
|
99 + |
|
100 # |
|
101 # Keystone service |
|
102 # |
|
103 @@ -159,23 +202,23 @@ keystone service-create --name=nova \ |
|
104 --description="Nova Compute Service") |
|
105 if [[ -z "$DISABLE_ENDPOINTS" ]]; then |
|
106 keystone endpoint-create --region RegionOne --service-id $NOVA_SERVICE \ |
|
107 - --publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:8774/v2/\$(tenant_id)s" \ |
|
108 - --adminurl "http://$CONTROLLER_ADMIN_ADDRESS:8774/v2/\$(tenant_id)s" \ |
|
109 - --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:8774/v2/\$(tenant_id)s" |
|
110 + --publicurl "http://$NOVA_PUBLIC_ADDRESS:8774/v2/\$(tenant_id)s" \ |
|
111 + --adminurl "http://$NOVA_ADMIN_ADDRESS:8774/v2/\$(tenant_id)s" \ |
|
112 + --internalurl "http://$NOVA_INTERNAL_ADDRESS:8774/v2/\$(tenant_id)s" |
|
113 fi |
|
114 |
|
115 # |
|
116 # Volume service |
|
117 # |
|
118 VOLUME_SERVICE=$(get_id \ |
|
119 -keystone service-create --name=volume \ |
|
120 +keystone service-create --name=cinder \ |
|
121 --type=volume \ |
|
122 - --description="Nova Volume Service") |
|
123 + --description="Cinder Volume Service") |
|
124 if [[ -z "$DISABLE_ENDPOINTS" ]]; then |
|
125 keystone endpoint-create --region RegionOne --service-id $VOLUME_SERVICE \ |
|
126 - --publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:8776/v1/\$(tenant_id)s" \ |
|
127 - --adminurl "http://$CONTROLLER_ADMIN_ADDRESS:8776/v1/\$(tenant_id)s" \ |
|
128 - --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:8776/v1/\$(tenant_id)s" |
|
129 + --publicurl "http://$CINDER_PUBLIC_ADDRESS:8776/v1/\$(tenant_id)s" \ |
|
130 + --adminurl "http://$CINDER_ADMIN_ADDRESS:8776/v1/\$(tenant_id)s" \ |
|
131 + --internalurl "http://$CINDER_INTERNAL_ADDRESS:8776/v1/\$(tenant_id)s" |
|
132 fi |
|
133 |
|
134 # |
|
135 @@ -187,9 +230,9 @@ keystone service-create --name=glance \ |
|
136 --description="Glance Image Service") |
|
137 if [[ -z "$DISABLE_ENDPOINTS" ]]; then |
|
138 keystone endpoint-create --region RegionOne --service-id $GLANCE_SERVICE \ |
|
139 - --publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:9292" \ |
|
140 - --adminurl "http://$CONTROLLER_ADMIN_ADDRESS:9292" \ |
|
141 - --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:9292" |
|
142 + --publicurl "http://$GLANCE_PUBLIC_ADDRESS:9292" \ |
|
143 + --adminurl "http://$GLANCE_ADMIN_ADDRESS:9292" \ |
|
144 + --internalurl "http://$GLANCE_INTERNAL_ADDRESS:9292" |
|
145 fi |
|
146 |
|
147 # |
|
148 @@ -201,9 +244,9 @@ keystone service-create --name=ec2 \ |
|
149 --description="EC2 Compatibility Layer") |
|
150 if [[ -z "$DISABLE_ENDPOINTS" ]]; then |
|
151 keystone endpoint-create --region RegionOne --service-id $EC2_SERVICE \ |
|
152 - --publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:8773/services/Cloud" \ |
|
153 - --adminurl "http://$CONTROLLER_ADMIN_ADDRESS:8773/services/Admin" \ |
|
154 - --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:8773/services/Cloud" |
|
155 + --publicurl "http://$EC2_PUBLIC_ADDRESS:8773/services/Cloud" \ |
|
156 + --adminurl "http://$EC2_ADMIN_ADDRESS:8773/services/Admin" \ |
|
157 + --internalurl "http://$EC2_INTERNAL_ADDRESS:8773/services/Cloud" |
|
158 fi |
|
159 |
|
160 # |
|
161 @@ -212,15 +255,34 @@ fi |
|
162 SWIFT_SERVICE=$(get_id \ |
|
163 keystone service-create --name=swift \ |
|
164 --type="object-store" \ |
|
165 - --description="Swift Service") |
|
166 + --description="Swift Object Store Service") |
|
167 if [[ -z "$DISABLE_ENDPOINTS" ]]; then |
|
168 keystone endpoint-create --region RegionOne --service-id $SWIFT_SERVICE \ |
|
169 - --publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:8080/v1/AUTH_\$(tenant_id)s" \ |
|
170 - --adminurl "http://$CONTROLLER_ADMIN_ADDRESS:8080/v1" \ |
|
171 - --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:8080/v1/AUTH_\$(tenant_id)s" |
|
172 + --publicurl "http://$SWIFT_PUBLIC_ADDRESS:8080/v1/AUTH_\$(tenant_id)s" \ |
|
173 + --adminurl "http://$SWIFT_ADMIN_ADDRESS:8080/v1" \ |
|
174 + --internalurl "http://$SWIFT_INTERNAL_ADDRESS:8080/v1/AUTH_\$(tenant_id)s" |
|
175 +fi |
|
176 + |
|
177 +# |
|
178 +# Neutron service |
|
179 +# |
|
180 +NEUTRON_SERVICE=$(get_id \ |
|
181 +keystone service-create --name=neutron \ |
|
182 + --type=network \ |
|
183 + --description="Neutron Network Service") |
|
184 +if [[ -z "$DISABLE_ENDPOINTS" ]]; then |
|
185 + keystone endpoint-create --region RegionOne --service-id $NEUTRON_SERVICE \ |
|
186 + --publicurl "http://$NEUTRON_PUBLIC_ADDRESS:9696/" \ |
|
187 + --adminurl "http://$NEUTRON_ADMIN_ADDRESS:9696/" \ |
|
188 + --internalurl "http://$NEUTRON_INTERNAL_ADDRESS:9696/" |
|
189 fi |
|
190 |
|
191 # create ec2 creds and parse the secret and access key returned |
|
192 +unset SERVICE_ENDPOINT SERVICE_TOKEN |
|
193 +export OS_AUTH_URL=http://localhost:5000/v2.0 |
|
194 +export OS_PASSWORD="${ADMIN_PASSWORD}" |
|
195 +export OS_TENANT_NAME=demo |
|
196 +export OS_USERNAME=admin |
|
197 RESULT=$(keystone ec2-credentials-create --tenant-id=$SERVICE_TENANT --user-id=$ADMIN_USER) |
|
198 ADMIN_ACCESS=`echo "$RESULT" | grep access | awk '{print $4}'` |
|
199 ADMIN_SECRET=`echo "$RESULT" | grep secret | awk '{print $4}'` |