1 In-house patch to the sample_data.sh script installed in |
|
2 /usr/demo/openstack/keystone in order to support all of the standard |
|
3 services and to allow customization of the individual service |
|
4 endpoints. Solaris-specific patch and is not suitable for upstream |
|
5 |
|
6 It also includes a change to use the standard Solaris tr(1) rather than |
|
7 GNU sed. |
|
8 |
|
9 --- keystone-2013.1.4/tools/sample_data.sh.~1~ 2013-10-17 11:23:46.000000000 -0700 |
|
10 +++ keystone-2013.1.4/tools/sample_data.sh 2014-03-07 23:39:03.065369827 -0800 |
|
11 @@ -23,8 +23,8 @@ |
|
12 # and the administrative API. It will get the admin_token (SERVICE_TOKEN) |
|
13 # and admin_port from keystone.conf if available. |
|
14 # |
|
15 -# Disable creation of endpoints by setting DISABLE_ENDPOINTS environment variable. |
|
16 -# Use this with the Catalog Templated backend. |
|
17 +# Disable creation of endpoints by setting DISABLE_ENDPOINTS environment |
|
18 +# variable. Use this with the Catalog Templated backend. |
|
19 # |
|
20 # A EC2-compatible credential is created for the admin user and |
|
21 # placed in etc/ec2rc. |
|
22 @@ -36,22 +36,48 @@ |
|
23 # service nova admin |
|
24 # service ec2 admin |
|
25 # service swift admin |
|
26 +# service cinder admin |
|
27 +# service neutron admin |
|
28 |
|
29 -# By default, passwords used are those in the OpenStack Install and Deploy Manual. |
|
30 -# One can override these (publicly known, and hence, insecure) passwords by setting the appropriate |
|
31 -# environment variables. A common default password for all the services can be used by |
|
32 -# setting the "SERVICE_PASSWORD" environment variable. |
|
33 +# By default, passwords used are those in the OpenStack Install and Deploy |
|
34 +# Manual. One can override these (publicly known, and hence, insecure) |
|
35 +# passwords by setting the appropriate environment variables. A common default |
|
36 +# password for all the services can be used by setting the "SERVICE_PASSWORD" |
|
37 +# environment variable. |
|
38 + |
|
39 +PATH=/usr/bin |
|
40 |
|
41 ADMIN_PASSWORD=${ADMIN_PASSWORD:-secrete} |
|
42 NOVA_PASSWORD=${NOVA_PASSWORD:-${SERVICE_PASSWORD:-nova}} |
|
43 GLANCE_PASSWORD=${GLANCE_PASSWORD:-${SERVICE_PASSWORD:-glance}} |
|
44 EC2_PASSWORD=${EC2_PASSWORD:-${SERVICE_PASSWORD:-ec2}} |
|
45 SWIFT_PASSWORD=${SWIFT_PASSWORD:-${SERVICE_PASSWORD:-swiftpass}} |
|
46 +CINDER_PASSWORD=${CINDER_PASSWORD:-${SERVICE_PASSWORD:-cinder}} |
|
47 +NEUTRON_PASSWORD=${NEUTRON_PASSWORD:-${SERVICE_PASSWORD:-neutron}} |
|
48 |
|
49 CONTROLLER_PUBLIC_ADDRESS=${CONTROLLER_PUBLIC_ADDRESS:-localhost} |
|
50 CONTROLLER_ADMIN_ADDRESS=${CONTROLLER_ADMIN_ADDRESS:-localhost} |
|
51 CONTROLLER_INTERNAL_ADDRESS=${CONTROLLER_INTERNAL_ADDRESS:-localhost} |
|
52 |
|
53 +NOVA_PUBLIC_ADDRESS=${NOVA_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS} |
|
54 +NOVA_ADMIN_ADDRESS=${NOVA_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS} |
|
55 +NOVA_INTERNAL_ADDRESS=${NOVA_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS} |
|
56 +GLANCE_PUBLIC_ADDRESS=${GLANCE_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS} |
|
57 +GLANCE_ADMIN_ADDRESS=${GLANCE_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS} |
|
58 +GLANCE_INTERNAL_ADDRESS=${GLANCE_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS} |
|
59 +EC2_PUBLIC_ADDRESS=${EC2_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS} |
|
60 +EC2_ADMIN_ADDRESS=${EC2_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS} |
|
61 +EC2_INTERNAL_ADDRESS=${EC2_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS} |
|
62 +SWIFT_PUBLIC_ADDRESS=${SWIFT_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS} |
|
63 +SWIFT_ADMIN_ADDRESS=${SWIFT_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS} |
|
64 +SWIFT_INTERNAL_ADDRESS=${SWIFT_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS} |
|
65 +CINDER_PUBLIC_ADDRESS=${CINDER_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS} |
|
66 +CINDER_ADMIN_ADDRESS=${CINDER_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS} |
|
67 +CINDER_INTERNAL_ADDRESS=${CINDER_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS} |
|
68 +NEUTRON_PUBLIC_ADDRESS=${NEUTRON_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS} |
|
69 +NEUTRON_ADMIN_ADDRESS=${NEUTRON_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS} |
|
70 +NEUTRON_INTERNAL_ADDRESS=${NEUTRON_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS} |
|
71 + |
|
72 TOOLS_DIR=$(cd $(dirname "$0") && pwd) |
|
73 KEYSTONE_CONF=${KEYSTONE_CONF:-/etc/keystone/keystone.conf} |
|
74 if [[ -r "$KEYSTONE_CONF" ]]; then |
|
75 @@ -67,8 +93,8 @@ |
|
76 |
|
77 # Extract some info from Keystone's configuration file |
|
78 if [[ -r "$KEYSTONE_CONF" ]]; then |
|
79 - CONFIG_SERVICE_TOKEN=$(sed 's/[[:space:]]//g' $KEYSTONE_CONF | grep ^admin_token= | cut -d'=' -f2) |
|
80 - CONFIG_ADMIN_PORT=$(sed 's/[[:space:]]//g' $KEYSTONE_CONF | grep ^admin_port= | cut -d'=' -f2) |
|
81 + CONFIG_SERVICE_TOKEN=$(tr -d '[\t ]' < $KEYSTONE_CONF | grep ^admin_token= | cut -d'=' -f2) |
|
82 + CONFIG_ADMIN_PORT=$(tr -d '[\t ]' < $KEYSTONE_CONF | grep ^admin_port= | cut -d'=' -f2) |
|
83 fi |
|
84 |
|
85 export SERVICE_TOKEN=${SERVICE_TOKEN:-$CONFIG_SERVICE_TOKEN} |
|
86 @@ -136,6 +162,22 @@ |
|
87 --role-id $ADMIN_ROLE \ |
|
88 --tenant-id $SERVICE_TENANT |
|
89 |
|
90 +CINDER_USER=$(get_id keystone user-create --name=cinder \ |
|
91 + --pass="${CINDER_PASSWORD}" \ |
|
92 + --tenant-id $SERVICE_TENANT) |
|
93 + |
|
94 +keystone user-role-add --user-id $CINDER_USER \ |
|
95 + --role-id $ADMIN_ROLE \ |
|
96 + --tenant-id $SERVICE_TENANT |
|
97 + |
|
98 +NEUTRON_USER=$(get_id keystone user-create --name=neutron \ |
|
99 + --pass="${NEUTRON_PASSWORD}" \ |
|
100 + --tenant-id $SERVICE_TENANT) |
|
101 + |
|
102 +keystone user-role-add --user-id $NEUTRON_USER \ |
|
103 + --role-id $ADMIN_ROLE \ |
|
104 + --tenant-id $SERVICE_TENANT |
|
105 + |
|
106 # |
|
107 # Keystone service |
|
108 # |
|
109 @@ -159,23 +201,23 @@ |
|
110 --description="Nova Compute Service") |
|
111 if [[ -z "$DISABLE_ENDPOINTS" ]]; then |
|
112 keystone endpoint-create --region RegionOne --service-id $NOVA_SERVICE \ |
|
113 - --publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:\$(compute_port)s/v1.1/\$(tenant_id)s" \ |
|
114 - --adminurl "http://$CONTROLLER_ADMIN_ADDRESS:\$(compute_port)s/v1.1/\$(tenant_id)s" \ |
|
115 - --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:\$(compute_port)s/v1.1/\$(tenant_id)s" |
|
116 + --publicurl "http://$NOVA_PUBLIC_ADDRESS:\$(compute_port)s/v1.1/\$(tenant_id)s" \ |
|
117 + --adminurl "http://$NOVA_ADMIN_ADDRESS:\$(compute_port)s/v1.1/\$(tenant_id)s" \ |
|
118 + --internalurl "http://$NOVA_INTERNAL_ADDRESS:\$(compute_port)s/v1.1/\$(tenant_id)s" |
|
119 fi |
|
120 |
|
121 # |
|
122 # Volume service |
|
123 # |
|
124 VOLUME_SERVICE=$(get_id \ |
|
125 -keystone service-create --name=volume \ |
|
126 +keystone service-create --name=cinder \ |
|
127 --type=volume \ |
|
128 - --description="Nova Volume Service") |
|
129 + --description="Cinder Volume Service") |
|
130 if [[ -z "$DISABLE_ENDPOINTS" ]]; then |
|
131 keystone endpoint-create --region RegionOne --service-id $VOLUME_SERVICE \ |
|
132 - --publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:8776/v1/\$(tenant_id)s" \ |
|
133 - --adminurl "http://$CONTROLLER_ADMIN_ADDRESS:8776/v1/\$(tenant_id)s" \ |
|
134 - --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:8776/v1/\$(tenant_id)s" |
|
135 + --publicurl "http://$CINDER_PUBLIC_ADDRESS:8776/v1/\$(tenant_id)s" \ |
|
136 + --adminurl "http://$CINDER_ADMIN_ADDRESS:8776/v1/\$(tenant_id)s" \ |
|
137 + --internalurl "http://$CINDER_INTERNAL_ADDRESS:8776/v1/\$(tenant_id)s" |
|
138 fi |
|
139 |
|
140 # |
|
141 @@ -187,9 +229,9 @@ |
|
142 --description="Glance Image Service") |
|
143 if [[ -z "$DISABLE_ENDPOINTS" ]]; then |
|
144 keystone endpoint-create --region RegionOne --service-id $GLANCE_SERVICE \ |
|
145 - --publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:9292" \ |
|
146 - --adminurl "http://$CONTROLLER_ADMIN_ADDRESS:9292" \ |
|
147 - --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:9292" |
|
148 + --publicurl "http://$GLANCE_PUBLIC_ADDRESS:9292" \ |
|
149 + --adminurl "http://$GLANCE_ADMIN_ADDRESS:9292" \ |
|
150 + --internalurl "http://$GLANCE_INTERNAL_ADDRESS:9292" |
|
151 fi |
|
152 |
|
153 # |
|
154 @@ -201,9 +243,9 @@ |
|
155 --description="EC2 Compatibility Layer") |
|
156 if [[ -z "$DISABLE_ENDPOINTS" ]]; then |
|
157 keystone endpoint-create --region RegionOne --service-id $EC2_SERVICE \ |
|
158 - --publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:8773/services/Cloud" \ |
|
159 - --adminurl "http://$CONTROLLER_ADMIN_ADDRESS:8773/services/Admin" \ |
|
160 - --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:8773/services/Cloud" |
|
161 + --publicurl "http://$EC2_PUBLIC_ADDRESS:8773/services/Cloud" \ |
|
162 + --adminurl "http://$EC2_ADMIN_ADDRESS:8773/services/Admin" \ |
|
163 + --internalurl "http://$EC2_INTERNAL_ADDRESS:8773/services/Cloud" |
|
164 fi |
|
165 |
|
166 # |
|
167 @@ -212,15 +254,30 @@ |
|
168 SWIFT_SERVICE=$(get_id \ |
|
169 keystone service-create --name=swift \ |
|
170 --type="object-store" \ |
|
171 - --description="Swift Service") |
|
172 + --description="Swift Object Store Service") |
|
173 if [[ -z "$DISABLE_ENDPOINTS" ]]; then |
|
174 keystone endpoint-create --region RegionOne --service-id $SWIFT_SERVICE \ |
|
175 - --publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:8888/v1/AUTH_\$(tenant_id)s" \ |
|
176 - --adminurl "http://$CONTROLLER_ADMIN_ADDRESS:8888/v1" \ |
|
177 - --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:8888/v1/AUTH_\$(tenant_id)s" |
|
178 + --publicurl "http://$SWIFT_PUBLIC_ADDRESS:8080/v1/AUTH_\$(tenant_id)s" \ |
|
179 + --adminurl "http://$SWIFT_ADMIN_ADDRESS:8080/v1" \ |
|
180 + --internalurl "http://$SWIFT_INTERNAL_ADDRESS:8080/v1/AUTH_\$(tenant_id)s" |
|
181 +fi |
|
182 + |
|
183 +# |
|
184 +# Neutron service |
|
185 +# |
|
186 +NEUTRON_SERVICE=$(get_id \ |
|
187 +keystone service-create --name=neutron \ |
|
188 + --type=network \ |
|
189 + --description="Neutron Network Service") |
|
190 +if [[ -z "$DISABLE_ENDPOINTS" ]]; then |
|
191 + keystone endpoint-create --region RegionOne --service-id $NEUTRON_SERVICE \ |
|
192 + --publicurl "http://$NEUTRON_PUBLIC_ADDRESS:9696/" \ |
|
193 + --adminurl "http://$NEUTRON_ADMIN_ADDRESS:9696/" \ |
|
194 + --internalurl "http://$NEUTRON_INTERNAL_ADDRESS:9696/" |
|
195 fi |
|
196 |
|
197 # create ec2 creds and parse the secret and access key returned |
|
198 +unset SERVICE_ENDPOINT SERVICE_TOKEN |
|
199 RESULT=$(keystone ec2-credentials-create --tenant-id=$SERVICE_TENANT --user-id=$ADMIN_USER) |
|
200 ADMIN_ACCESS=`echo "$RESULT" | grep access | awk '{print $4}'` |
|
201 ADMIN_SECRET=`echo "$RESULT" | grep secret | awk '{print $4}'` |
|