1 In-house patch to the sample_data.sh script installed in |
|
2 /usr/demo/openstack/keystone in order to support all of the standard |
|
3 services and to allow customization of the individual service |
|
4 endpoints. Solaris-specific patch and is not suitable for upstream |
|
5 |
|
6 It also includes a change to use the standard Solaris tr(1) rather than |
|
7 GNU sed. |
|
8 |
|
9 --- keystone-2013.2.3/tools/sample_data.sh.orig 2014-05-27 09:17:02.379736817 -0700 |
|
10 +++ keystone-2013.2.3/tools/sample_data.sh 2014-05-27 11:09:25.741756254 -0700 |
|
11 @@ -2,6 +2,8 @@ |
|
12 |
|
13 # Copyright 2013 OpenStack Foundation |
|
14 # |
|
15 +# Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved. |
|
16 +# |
|
17 # Licensed under the Apache License, Version 2.0 (the "License"); you may |
|
18 # not use this file except in compliance with the License. You may obtain |
|
19 # a copy of the License at |
|
20 @@ -23,8 +25,8 @@ |
|
21 # and the administrative API. It will get the admin_token (SERVICE_TOKEN) |
|
22 # and admin_port from keystone.conf if available. |
|
23 # |
|
24 -# Disable creation of endpoints by setting DISABLE_ENDPOINTS environment variable. |
|
25 -# Use this with the Catalog Templated backend. |
|
26 +# Disable creation of endpoints by setting DISABLE_ENDPOINTS environment |
|
27 +# variable. Use this with the Catalog Templated backend. |
|
28 # |
|
29 # A EC2-compatible credential is created for the admin user and |
|
30 # placed in etc/ec2rc. |
|
31 @@ -36,22 +38,48 @@ |
|
32 # service nova admin |
|
33 # service ec2 admin |
|
34 # service swift admin |
|
35 +# service cinder admin |
|
36 +# service neutron admin |
|
37 + |
|
38 +# By default, passwords used are those in the OpenStack Install and Deploy |
|
39 +# Manual. One can override these (publicly known, and hence, insecure) |
|
40 +# passwords by setting the appropriate environment variables. A common default |
|
41 +# password for all the services can be used by setting the "SERVICE_PASSWORD" |
|
42 +# environment variable. |
|
43 |
|
44 -# By default, passwords used are those in the OpenStack Install and Deploy Manual. |
|
45 -# One can override these (publicly known, and hence, insecure) passwords by setting the appropriate |
|
46 -# environment variables. A common default password for all the services can be used by |
|
47 -# setting the "SERVICE_PASSWORD" environment variable. |
|
48 +PATH=/usr/bin |
|
49 |
|
50 ADMIN_PASSWORD=${ADMIN_PASSWORD:-secrete} |
|
51 NOVA_PASSWORD=${NOVA_PASSWORD:-${SERVICE_PASSWORD:-nova}} |
|
52 GLANCE_PASSWORD=${GLANCE_PASSWORD:-${SERVICE_PASSWORD:-glance}} |
|
53 EC2_PASSWORD=${EC2_PASSWORD:-${SERVICE_PASSWORD:-ec2}} |
|
54 SWIFT_PASSWORD=${SWIFT_PASSWORD:-${SERVICE_PASSWORD:-swiftpass}} |
|
55 +CINDER_PASSWORD=${CINDER_PASSWORD:-${SERVICE_PASSWORD:-cinder}} |
|
56 +NEUTRON_PASSWORD=${NEUTRON_PASSWORD:-${SERVICE_PASSWORD:-neutron}} |
|
57 |
|
58 CONTROLLER_PUBLIC_ADDRESS=${CONTROLLER_PUBLIC_ADDRESS:-localhost} |
|
59 CONTROLLER_ADMIN_ADDRESS=${CONTROLLER_ADMIN_ADDRESS:-localhost} |
|
60 CONTROLLER_INTERNAL_ADDRESS=${CONTROLLER_INTERNAL_ADDRESS:-localhost} |
|
61 |
|
62 +NOVA_PUBLIC_ADDRESS=${NOVA_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS} |
|
63 +NOVA_ADMIN_ADDRESS=${NOVA_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS} |
|
64 +NOVA_INTERNAL_ADDRESS=${NOVA_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS} |
|
65 +GLANCE_PUBLIC_ADDRESS=${GLANCE_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS} |
|
66 +GLANCE_ADMIN_ADDRESS=${GLANCE_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS} |
|
67 +GLANCE_INTERNAL_ADDRESS=${GLANCE_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS} |
|
68 +EC2_PUBLIC_ADDRESS=${EC2_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS} |
|
69 +EC2_ADMIN_ADDRESS=${EC2_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS} |
|
70 +EC2_INTERNAL_ADDRESS=${EC2_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS} |
|
71 +SWIFT_PUBLIC_ADDRESS=${SWIFT_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS} |
|
72 +SWIFT_ADMIN_ADDRESS=${SWIFT_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS} |
|
73 +SWIFT_INTERNAL_ADDRESS=${SWIFT_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS} |
|
74 +CINDER_PUBLIC_ADDRESS=${CINDER_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS} |
|
75 +CINDER_ADMIN_ADDRESS=${CINDER_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS} |
|
76 +CINDER_INTERNAL_ADDRESS=${CINDER_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS} |
|
77 +NEUTRON_PUBLIC_ADDRESS=${NEUTRON_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS} |
|
78 +NEUTRON_ADMIN_ADDRESS=${NEUTRON_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS} |
|
79 +NEUTRON_INTERNAL_ADDRESS=${NEUTRON_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS} |
|
80 + |
|
81 TOOLS_DIR=$(cd $(dirname "$0") && pwd) |
|
82 KEYSTONE_CONF=${KEYSTONE_CONF:-/etc/keystone/keystone.conf} |
|
83 if [[ -r "$KEYSTONE_CONF" ]]; then |
|
84 @@ -67,8 +95,8 @@ |
|
85 |
|
86 # Extract some info from Keystone's configuration file |
|
87 if [[ -r "$KEYSTONE_CONF" ]]; then |
|
88 - CONFIG_SERVICE_TOKEN=$(sed 's/[[:space:]]//g' $KEYSTONE_CONF | grep ^admin_token= | cut -d'=' -f2) |
|
89 - CONFIG_ADMIN_PORT=$(sed 's/[[:space:]]//g' $KEYSTONE_CONF | grep ^admin_port= | cut -d'=' -f2) |
|
90 + CONFIG_SERVICE_TOKEN=$(tr -d '[\t ]' < $KEYSTONE_CONF | grep ^admin_token= | cut -d'=' -f2) |
|
91 + CONFIG_ADMIN_PORT=$(tr -d '[\t ]' < $KEYSTONE_CONF | grep ^admin_port= | cut -d'=' -f2) |
|
92 fi |
|
93 |
|
94 export SERVICE_TOKEN=${SERVICE_TOKEN:-$CONFIG_SERVICE_TOKEN} |
|
95 @@ -136,6 +164,22 @@ |
|
96 --role-id $ADMIN_ROLE \ |
|
97 --tenant-id $SERVICE_TENANT |
|
98 |
|
99 +CINDER_USER=$(get_id keystone user-create --name=cinder \ |
|
100 + --pass="${CINDER_PASSWORD}" \ |
|
101 + --tenant-id $SERVICE_TENANT) |
|
102 + |
|
103 +keystone user-role-add --user-id $CINDER_USER \ |
|
104 + --role-id $ADMIN_ROLE \ |
|
105 + --tenant-id $SERVICE_TENANT |
|
106 + |
|
107 +NEUTRON_USER=$(get_id keystone user-create --name=neutron \ |
|
108 + --pass="${NEUTRON_PASSWORD}" \ |
|
109 + --tenant-id $SERVICE_TENANT) |
|
110 + |
|
111 +keystone user-role-add --user-id $NEUTRON_USER \ |
|
112 + --role-id $ADMIN_ROLE \ |
|
113 + --tenant-id $SERVICE_TENANT |
|
114 + |
|
115 # |
|
116 # Keystone service |
|
117 # |
|
118 @@ -159,23 +203,23 @@ |
|
119 --description="Nova Compute Service") |
|
120 if [[ -z "$DISABLE_ENDPOINTS" ]]; then |
|
121 keystone endpoint-create --region RegionOne --service-id $NOVA_SERVICE \ |
|
122 - --publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:\$(compute_port)s/v1.1/\$(tenant_id)s" \ |
|
123 - --adminurl "http://$CONTROLLER_ADMIN_ADDRESS:\$(compute_port)s/v1.1/\$(tenant_id)s" \ |
|
124 - --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:\$(compute_port)s/v1.1/\$(tenant_id)s" |
|
125 + --publicurl "http://$NOVA_PUBLIC_ADDRESS:\$(compute_port)s/v1.1/\$(tenant_id)s" \ |
|
126 + --adminurl "http://$NOVA_ADMIN_ADDRESS:\$(compute_port)s/v1.1/\$(tenant_id)s" \ |
|
127 + --internalurl "http://$NOVA_INTERNAL_ADDRESS:\$(compute_port)s/v1.1/\$(tenant_id)s" |
|
128 fi |
|
129 |
|
130 # |
|
131 # Volume service |
|
132 # |
|
133 VOLUME_SERVICE=$(get_id \ |
|
134 -keystone service-create --name=volume \ |
|
135 +keystone service-create --name=cinder \ |
|
136 --type=volume \ |
|
137 - --description="Nova Volume Service") |
|
138 + --description="Cinder Volume Service") |
|
139 if [[ -z "$DISABLE_ENDPOINTS" ]]; then |
|
140 keystone endpoint-create --region RegionOne --service-id $VOLUME_SERVICE \ |
|
141 - --publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:8776/v1/\$(tenant_id)s" \ |
|
142 - --adminurl "http://$CONTROLLER_ADMIN_ADDRESS:8776/v1/\$(tenant_id)s" \ |
|
143 - --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:8776/v1/\$(tenant_id)s" |
|
144 + --publicurl "http://$CINDER_PUBLIC_ADDRESS:8776/v1/\$(tenant_id)s" \ |
|
145 + --adminurl "http://$CINDER_ADMIN_ADDRESS:8776/v1/\$(tenant_id)s" \ |
|
146 + --internalurl "http://$CINDER_INTERNAL_ADDRESS:8776/v1/\$(tenant_id)s" |
|
147 fi |
|
148 |
|
149 # |
|
150 @@ -187,9 +231,9 @@ |
|
151 --description="Glance Image Service") |
|
152 if [[ -z "$DISABLE_ENDPOINTS" ]]; then |
|
153 keystone endpoint-create --region RegionOne --service-id $GLANCE_SERVICE \ |
|
154 - --publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:9292" \ |
|
155 - --adminurl "http://$CONTROLLER_ADMIN_ADDRESS:9292" \ |
|
156 - --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:9292" |
|
157 + --publicurl "http://$GLANCE_PUBLIC_ADDRESS:9292" \ |
|
158 + --adminurl "http://$GLANCE_ADMIN_ADDRESS:9292" \ |
|
159 + --internalurl "http://$GLANCE_INTERNAL_ADDRESS:9292" |
|
160 fi |
|
161 |
|
162 # |
|
163 @@ -201,9 +245,9 @@ |
|
164 --description="EC2 Compatibility Layer") |
|
165 if [[ -z "$DISABLE_ENDPOINTS" ]]; then |
|
166 keystone endpoint-create --region RegionOne --service-id $EC2_SERVICE \ |
|
167 - --publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:8773/services/Cloud" \ |
|
168 - --adminurl "http://$CONTROLLER_ADMIN_ADDRESS:8773/services/Admin" \ |
|
169 - --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:8773/services/Cloud" |
|
170 + --publicurl "http://$EC2_PUBLIC_ADDRESS:8773/services/Cloud" \ |
|
171 + --adminurl "http://$EC2_ADMIN_ADDRESS:8773/services/Admin" \ |
|
172 + --internalurl "http://$EC2_INTERNAL_ADDRESS:8773/services/Cloud" |
|
173 fi |
|
174 |
|
175 # |
|
176 @@ -212,15 +256,34 @@ |
|
177 SWIFT_SERVICE=$(get_id \ |
|
178 keystone service-create --name=swift \ |
|
179 --type="object-store" \ |
|
180 - --description="Swift Service") |
|
181 + --description="Swift Object Store Service") |
|
182 if [[ -z "$DISABLE_ENDPOINTS" ]]; then |
|
183 keystone endpoint-create --region RegionOne --service-id $SWIFT_SERVICE \ |
|
184 - --publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:8080/v1/AUTH_\$(tenant_id)s" \ |
|
185 - --adminurl "http://$CONTROLLER_ADMIN_ADDRESS:8080/v1" \ |
|
186 - --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:8080/v1/AUTH_\$(tenant_id)s" |
|
187 + --publicurl "http://$SWIFT_PUBLIC_ADDRESS:8080/v1/AUTH_\$(tenant_id)s" \ |
|
188 + --adminurl "http://$SWIFT_ADMIN_ADDRESS:8080/v1" \ |
|
189 + --internalurl "http://$SWIFT_INTERNAL_ADDRESS:8080/v1/AUTH_\$(tenant_id)s" |
|
190 +fi |
|
191 + |
|
192 +# |
|
193 +# Neutron service |
|
194 +# |
|
195 +NEUTRON_SERVICE=$(get_id \ |
|
196 +keystone service-create --name=neutron \ |
|
197 + --type=network \ |
|
198 + --description="Neutron Network Service") |
|
199 +if [[ -z "$DISABLE_ENDPOINTS" ]]; then |
|
200 + keystone endpoint-create --region RegionOne --service-id $NEUTRON_SERVICE \ |
|
201 + --publicurl "http://$NEUTRON_PUBLIC_ADDRESS:9696/" \ |
|
202 + --adminurl "http://$NEUTRON_ADMIN_ADDRESS:9696/" \ |
|
203 + --internalurl "http://$NEUTRON_INTERNAL_ADDRESS:9696/" |
|
204 fi |
|
205 |
|
206 # create ec2 creds and parse the secret and access key returned |
|
207 +unset SERVICE_ENDPOINT SERVICE_TOKEN |
|
208 +export OS_AUTH_URL=http://localhost:5000/v2.0 |
|
209 +export OS_PASSWORD="${ADMIN_PASSWORD}" |
|
210 +export OS_TENANT_NAME=demo |
|
211 +export OS_USERNAME=admin |
|
212 RESULT=$(keystone ec2-credentials-create --tenant-id=$SERVICE_TENANT --user-id=$ADMIN_USER) |
|
213 ADMIN_ACCESS=`echo "$RESULT" | grep access | awk '{print $4}'` |
|
214 ADMIN_SECRET=`echo "$RESULT" | grep secret | awk '{print $4}'` |
|