diff -r a477397bba8b -r c9748fcc32de components/openstack/keystone/patches/sample-data.sh.patch --- a/components/openstack/keystone/patches/sample-data.sh.patch Mon May 16 14:46:20 2016 +0200 +++ b/components/openstack/keystone/patches/sample-data.sh.patch Fri May 20 17:42:29 2016 -0400 @@ -1,33 +1,49 @@ In-house patch to the sample_data.sh script installed in /usr/demo/openstack/keystone in order to support all of the standard services and to allow customization of the individual service -endpoints. Solaris-specific patch and is not suitable for upstream +endpoints. This is a Solaris-specific patch and is not suitable for +upstream It also includes a change to use the standard Solaris tr(1) rather than GNU sed. ---- keystone-2014.2.rc1/tools/sample_data.sh.~1~ 2014-09-30 00:14:14.000000000 -0700 -+++ keystone-2014.2.rc1/tools/sample_data.sh 2014-10-13 00:53:30.614564163 -0700 -@@ -2,6 +2,8 @@ - - # Copyright 2013 OpenStack Foundation +--- keystone-2015.1.2/tools/sample_data.sh.~2~ 2016-02-07 01:41:04.218073379 -0800 ++++ keystone-2015.1.2/tools/sample_data.sh 2016-02-07 01:44:19.119595020 -0800 +@@ -23,8 +23,8 @@ + # API. It will get the admin_token (OS_TOKEN) and admin_port from + # keystone.conf if available. # -+# Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved. -+# - # Licensed under the Apache License, Version 2.0 (the "License"); you may - # not use this file except in compliance with the License. You may obtain - # a copy of the License at -@@ -36,22 +38,47 @@ - # service nova admin +-# Disable creation of endpoints by setting DISABLE_ENDPOINTS environment variable. +-# Use this with the Catalog Templated backend. ++# Disable creation of endpoints by setting DISABLE_ENDPOINTS environment ++# variable. Use this with the Catalog Templated backend. + # + # A EC2-compatible credential is created for the admin user and + # placed in etc/ec2rc. +@@ -37,11 +37,15 @@ # service ec2 admin # service swift admin + # service neutron admin +- +-# By default, passwords used are those in the OpenStack Install and Deploy Manual. +-# One can override these (publicly known, and hence, insecure) passwords by setting the appropriate +-# environment variables. A common default password for all the services can be used by +-# setting the "SERVICE_PASSWORD" environment variable. +# service cinder admin -+# service neutron admin ++# service heat admin ++# service ironic admin ++ ++# By default, passwords used are those in the OpenStack Install and Deploy ++# Manual. One can override these (publicly known, and hence, insecure) ++# passwords by setting the appropriate environment variables. A common default ++# password for all the services can be used by setting the "SERVICE_PASSWORD" ++# environment variable. - # By default, passwords used are those in the OpenStack Install and Deploy Manual. - # One can override these (publicly known, and hence, insecure) passwords by setting the appropriate - # environment variables. A common default password for all the services can be used by - # setting the "SERVICE_PASSWORD" environment variable. + # Test to verify that the openstackclient is installed, if not exit + type openstack >/dev/null 2>&1 || { +@@ -49,17 +53,57 @@ type openstack >/dev/null 2>&1 || { + exit 1 + } +PATH=/usr/bin + @@ -37,8 +53,10 @@ EC2_PASSWORD=${EC2_PASSWORD:-${SERVICE_PASSWORD:-ec2}} -SWIFT_PASSWORD=${SWIFT_PASSWORD:-${SERVICE_PASSWORD:-swiftpass}} +SWIFT_PASSWORD=${SWIFT_PASSWORD:-${SERVICE_PASSWORD:-swift}} + NEUTRON_PASSWORD=${NEUTRON_PASSWORD:-${SERVICE_PASSWORD:-neutron}} +CINDER_PASSWORD=${CINDER_PASSWORD:-${SERVICE_PASSWORD:-cinder}} -+NEUTRON_PASSWORD=${NEUTRON_PASSWORD:-${SERVICE_PASSWORD:-neutron}} ++HEAT_PASSWORD=${HEAT_PASSWORD:-${SERVICE_PASSWORD:-heat}} ++IRONIC_PASSWORD=${IRONIC_PASSWORD:-${SERVICE_PASSWORD:-ironic}} CONTROLLER_PUBLIC_ADDRESS=${CONTROLLER_PUBLIC_ADDRESS:-localhost} CONTROLLER_ADMIN_ADDRESS=${CONTROLLER_ADMIN_ADDRESS:-localhost} @@ -47,153 +65,226 @@ +NOVA_PUBLIC_ADDRESS=${NOVA_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS} +NOVA_ADMIN_ADDRESS=${NOVA_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS} +NOVA_INTERNAL_ADDRESS=${NOVA_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS} ++ +GLANCE_PUBLIC_ADDRESS=${GLANCE_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS} +GLANCE_ADMIN_ADDRESS=${GLANCE_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS} +GLANCE_INTERNAL_ADDRESS=${GLANCE_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS} ++ +EC2_PUBLIC_ADDRESS=${EC2_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS} +EC2_ADMIN_ADDRESS=${EC2_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS} +EC2_INTERNAL_ADDRESS=${EC2_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS} ++ +SWIFT_PUBLIC_ADDRESS=${SWIFT_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS} +SWIFT_ADMIN_ADDRESS=${SWIFT_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS} +SWIFT_INTERNAL_ADDRESS=${SWIFT_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS} -+CINDER_PUBLIC_ADDRESS=${CINDER_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS} -+CINDER_ADMIN_ADDRESS=${CINDER_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS} -+CINDER_INTERNAL_ADDRESS=${CINDER_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS} ++ +NEUTRON_PUBLIC_ADDRESS=${NEUTRON_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS} +NEUTRON_ADMIN_ADDRESS=${NEUTRON_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS} +NEUTRON_INTERNAL_ADDRESS=${NEUTRON_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS} + ++CINDER_PUBLIC_ADDRESS=${CINDER_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS} ++CINDER_ADMIN_ADDRESS=${CINDER_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS} ++CINDER_INTERNAL_ADDRESS=${CINDER_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS} ++ ++HEAT_CFN_PUBLIC_ADDRESS=${HEAT_CFN_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS} ++HEAT_CFN_ADMIN_ADDRESS=${HEAT_CFN_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS} ++HEAT_CFN_INTERNAL_ADDRESS=${HEAT_CFN_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS} ++HEAT_PUBLIC_ADDRESS=${HEAT_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS} ++HEAT_ADMIN_ADDRESS=${HEAT_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS} ++HEAT_INTERNAL_ADDRESS=${HEAT_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS} ++ ++IRONIC_PUBLIC_ADDRESS=${IRONIC_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS} ++IRONIC_ADMIN_ADDRESS=${IRONIC_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS} ++IRONIC_INTERNAL_ADDRESS=${IRONIC_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS} ++ TOOLS_DIR=$(cd $(dirname "$0") && pwd) KEYSTONE_CONF=${KEYSTONE_CONF:-/etc/keystone/keystone.conf} if [[ -r "$KEYSTONE_CONF" ]]; then -@@ -67,8 +94,8 @@ fi +@@ -75,15 +119,19 @@ fi # Extract some info from Keystone's configuration file if [[ -r "$KEYSTONE_CONF" ]]; then - CONFIG_SERVICE_TOKEN=$(sed 's/[[:space:]]//g' $KEYSTONE_CONF | grep ^admin_token= | cut -d'=' -f2) ++ CONFIG_SERVICE_TOKEN=$(tr -d '[\t ]' < $KEYSTONE_CONF | \ ++ grep ^admin_token= | cut -d'=' -f2) + if [[ -z "${CONFIG_SERVICE_TOKEN}" ]]; then + # default config options are commented out, so lets try those +- CONFIG_SERVICE_TOKEN=$(sed 's/[[:space:]]//g' $KEYSTONE_CONF | grep ^\#admin_token= | cut -d'=' -f2) ++ CONFIG_SERVICE_TOKEN=$(tr -d '[\t ]' < $KEYSTONE_CONF | \ ++ grep ^\#admin_token= | cut -d'=' -f2) + fi - CONFIG_ADMIN_PORT=$(sed 's/[[:space:]]//g' $KEYSTONE_CONF | grep ^admin_port= | cut -d'=' -f2) -+ CONFIG_SERVICE_TOKEN=$(tr -d '[\t ]' < $KEYSTONE_CONF | grep ^admin_token= | cut -d'=' -f2) -+ CONFIG_ADMIN_PORT=$(tr -d '[\t ]' < $KEYSTONE_CONF | grep ^admin_port= | cut -d'=' -f2) ++ CONFIG_ADMIN_PORT=$(tr -d '[\t ]' < $KEYSTONE_CONF | \ ++ grep ^admin_port= | cut -d'=' -f2) + if [[ -z "${CONFIG_ADMIN_PORT}" ]]; then + # default config options are commented out, so lets try those +- CONFIG_ADMIN_PORT=$(sed 's/[[:space:]]//g' $KEYSTONE_CONF | grep ^\#admin_port= | cut -d'=' -f2) ++ CONFIG_ADMIN_PORT=$(tr -d '[\t ]' < $KEYSTONE_CONF | \ ++ grep ^\#admin_port= | cut -d'=' -f2) + fi fi - export OS_SERVICE_TOKEN=${OS_SERVICE_TOKEN:-$CONFIG_SERVICE_TOKEN} -@@ -136,6 +163,22 @@ keystone user-role-add --user-id $SWIFT_ - --role-id $ADMIN_ROLE \ - --tenant-id $SERVICE_TENANT +@@ -156,6 +204,29 @@ openstack role add --user neutron \ + --project service \ + admin -+CINDER_USER=$(get_id keystone user-create --name=cinder \ -+ --pass="${CINDER_PASSWORD}" \ -+ --tenant-id $SERVICE_TENANT) ++openstack user create cinder --project service \ ++ --password "${CINDER_PASSWORD}" ++ ++openstack role add --user cinder \ ++ --project service \ ++ admin + -+keystone user-role-add --user-id $CINDER_USER \ -+ --role-id $ADMIN_ROLE \ -+ --tenant-id $SERVICE_TENANT ++openstack user create heat --project service \ ++ --password "${HEAT_PASSWORD}" ++ ++openstack role add --user heat \ ++ --project service \ ++ admin + -+NEUTRON_USER=$(get_id keystone user-create --name=neutron \ -+ --pass="${NEUTRON_PASSWORD}" \ -+ --tenant-id $SERVICE_TENANT) ++openstack role create heat_stack_user + -+keystone user-role-add --user-id $NEUTRON_USER \ -+ --role-id $ADMIN_ROLE \ -+ --tenant-id $SERVICE_TENANT ++openstack user create ironic --project service \ ++ --password "${IRONIC_PASSWORD}" ++ ++openstack role add --user ironic \ ++ --project service \ ++ admin + # # Keystone service # -@@ -159,23 +202,23 @@ keystone service-create --name=nova \ - --description="Nova Compute Service") +@@ -178,24 +249,32 @@ openstack service create --name=nova \ + compute if [[ -z "$DISABLE_ENDPOINTS" ]]; then - keystone endpoint-create --region RegionOne --service-id $NOVA_SERVICE \ + openstack endpoint create --region RegionOne \ - --publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:8774/v2/\$(tenant_id)s" \ - --adminurl "http://$CONTROLLER_ADMIN_ADDRESS:8774/v2/\$(tenant_id)s" \ -- --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:8774/v2/\$(tenant_id)s" +- --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:8774/v2/\$(tenant_id)s" \ + --publicurl "http://$NOVA_PUBLIC_ADDRESS:8774/v2/\$(tenant_id)s" \ + --adminurl "http://$NOVA_ADMIN_ADDRESS:8774/v2/\$(tenant_id)s" \ -+ --internalurl "http://$NOVA_INTERNAL_ADDRESS:8774/v2/\$(tenant_id)s" ++ --internalurl "http://$NOVA_INTERNAL_ADDRESS:8774/v2/\$(tenant_id)s" \ + nova fi # # Volume service # - VOLUME_SERVICE=$(get_id \ --keystone service-create --name=volume \ -+keystone service-create --name=cinder \ - --type=volume \ -- --description="Nova Volume Service") -+ --description="Cinder Volume Service") +-openstack service create --name=volume \ ++openstack service create --name=cinder \ + --description="Cinder Volume Service" \ + volume ++openstack service create --name=cinderv2 \ ++ --description="Cinder Volume Service (Version 2)" \ ++ volumev2 if [[ -z "$DISABLE_ENDPOINTS" ]]; then - keystone endpoint-create --region RegionOne --service-id $VOLUME_SERVICE \ + openstack endpoint create --region RegionOne \ - --publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:8776/v1/\$(tenant_id)s" \ - --adminurl "http://$CONTROLLER_ADMIN_ADDRESS:8776/v1/\$(tenant_id)s" \ -- --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:8776/v1/\$(tenant_id)s" +- --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:8776/v1/\$(tenant_id)s" \ +- volume + --publicurl "http://$CINDER_PUBLIC_ADDRESS:8776/v1/\$(tenant_id)s" \ + --adminurl "http://$CINDER_ADMIN_ADDRESS:8776/v1/\$(tenant_id)s" \ -+ --internalurl "http://$CINDER_INTERNAL_ADDRESS:8776/v1/\$(tenant_id)s" - fi - - # -@@ -187,9 +230,9 @@ keystone service-create --name=glance \ - --description="Glance Image Service") - if [[ -z "$DISABLE_ENDPOINTS" ]]; then - keystone endpoint-create --region RegionOne --service-id $GLANCE_SERVICE \ -- --publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:9292" \ -- --adminurl "http://$CONTROLLER_ADMIN_ADDRESS:9292" \ -- --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:9292" -+ --publicurl "http://$GLANCE_PUBLIC_ADDRESS:9292" \ -+ --adminurl "http://$GLANCE_ADMIN_ADDRESS:9292" \ -+ --internalurl "http://$GLANCE_INTERNAL_ADDRESS:9292" ++ --internalurl "http://$CINDER_INTERNAL_ADDRESS:8776/v1/\$(tenant_id)s" \ ++ cinder ++ openstack endpoint create --region RegionOne \ ++ --publicurl "http://$CINDER_PUBLIC_ADDRESS:8776/v2/\$(tenant_id)s" \ ++ --adminurl "http://$CINDER_ADMIN_ADDRESS:8776/v2/\$(tenant_id)s" \ ++ --internalurl "http://$CINDER_INTERNAL_ADDRESS:8776/v2/\$(tenant_id)s" \ ++ cinderv2 fi # -@@ -201,9 +244,9 @@ keystone service-create --name=ec2 \ - --description="EC2 Compatibility Layer") +@@ -206,9 +285,9 @@ openstack service create --name=glance \ + image if [[ -z "$DISABLE_ENDPOINTS" ]]; then - keystone endpoint-create --region RegionOne --service-id $EC2_SERVICE \ + openstack endpoint create --region RegionOne \ +- --publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:9292" \ +- --adminurl "http://$CONTROLLER_ADMIN_ADDRESS:9292" \ +- --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:9292" \ ++ --publicurl "http://$GLANCE_PUBLIC_ADDRESS:9292" \ ++ --adminurl "http://$GLANCE_ADMIN_ADDRESS:9292" \ ++ --internalurl "http://$GLANCE_INTERNAL_ADDRESS:9292" \ + glance + fi + +@@ -220,9 +299,9 @@ openstack service create --name=ec2 \ + ec2 + if [[ -z "$DISABLE_ENDPOINTS" ]]; then + openstack endpoint create --region RegionOne \ - --publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:8773/services/Cloud" \ - --adminurl "http://$CONTROLLER_ADMIN_ADDRESS:8773/services/Admin" \ -- --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:8773/services/Cloud" +- --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:8773/services/Cloud" \ + --publicurl "http://$EC2_PUBLIC_ADDRESS:8773/services/Cloud" \ + --adminurl "http://$EC2_ADMIN_ADDRESS:8773/services/Admin" \ -+ --internalurl "http://$EC2_INTERNAL_ADDRESS:8773/services/Cloud" ++ --internalurl "http://$EC2_INTERNAL_ADDRESS:8773/services/Cloud" \ + ec2 fi - # -@@ -212,15 +255,34 @@ fi - SWIFT_SERVICE=$(get_id \ - keystone service-create --name=swift \ - --type="object-store" \ -- --description="Swift Service") -+ --description="Swift Object Store Service") +@@ -234,9 +313,11 @@ openstack service create --name=swift \ + object-store if [[ -z "$DISABLE_ENDPOINTS" ]]; then - keystone endpoint-create --region RegionOne --service-id $SWIFT_SERVICE \ + openstack endpoint create --region RegionOne \ - --publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:8080/v1/AUTH_\$(tenant_id)s" \ - --adminurl "http://$CONTROLLER_ADMIN_ADDRESS:8080/v1" \ -- --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:8080/v1/AUTH_\$(tenant_id)s" -+ --publicurl "http://$SWIFT_PUBLIC_ADDRESS:8080/v1/AUTH_\$(tenant_id)s" \ -+ --adminurl "http://$SWIFT_ADMIN_ADDRESS:8080/v1" \ -+ --internalurl "http://$SWIFT_INTERNAL_ADDRESS:8080/v1/AUTH_\$(tenant_id)s" +- --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:8080/v1/AUTH_\$(tenant_id)s" \ ++ --publicurl \ ++ "http://$SWIFT_PUBLIC_ADDRESS:8080/v1/AUTH_\$(tenant_id)s" \ ++ --adminurl "http://$SWIFT_ADMIN_ADDRESS:8080/v1" \ ++ --internalurl \ ++ "http://$SWIFT_INTERNAL_ADDRESS:8080/v1/AUTH_\$(tenant_id)s" \ + swift + fi + +@@ -248,12 +329,48 @@ openstack service create --name=neutron + network + if [[ -z "$DISABLE_ENDPOINTS" ]]; then + openstack endpoint create --region RegionOne \ +- --publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:9696" \ +- --adminurl "http://$CONTROLLER_ADMIN_ADDRESS:9696" \ +- --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:9696" \ ++ --publicurl "http://$NEUTRON_PUBLIC_ADDRESS:9696" \ ++ --adminurl "http://$NEUTRON_ADMIN_ADDRESS:9696" \ ++ --internalurl "http://$NEUTRON_INTERNAL_ADDRESS:9696" \ + neutron + fi + ++# ++# Heat service ++# ++openstack service create --name=heat-cfn \ ++ --description="Heat CloudFormation API" \ ++ cloudformation ++openstack service create --name=heat \ ++ --description="Heat API" \ ++ orchestration ++if [[ -z "$DISABLE_ENDPOINTS" ]]; then ++ openstack endpoint create --region RegionOne \ ++ --publicurl "http://$HEAT_CFN_PUBLIC_ADDRESS:8000/v1" \ ++ --adminurl "http://$HEAT_CFN_ADMIN_ADDRESS:8000/v1" \ ++ --internalurl "http://$HEAT_CFN_INTERNAL_ADDRESS:8000/v1" \ ++ heat-cfn ++ openstack endpoint create --region RegionOne \ ++ --publicurl "http://$HEAT_PUBLIC_ADDRESS:8004/v1/\$(tenant_id)s" \ ++ --adminurl "http://$HEAT_ADMIN_ADDRESS:8004/v1/\$(tenant_id)s" \ ++ --internalurl "http://$HEAT_INTERNAL_ADDRESS:8004/v1/\$(tenant_id)s" \ ++ heat +fi + +# -+# Neutron service ++# Ironic service +# -+NEUTRON_SERVICE=$(get_id \ -+keystone service-create --name=neutron \ -+ --type=network \ -+ --description="Neutron Network Service") ++openstack service create --name=ironic \ ++ --description="Ironic Bare Metal Provisioning Service" \ ++ baremetal +if [[ -z "$DISABLE_ENDPOINTS" ]]; then -+ keystone endpoint-create --region RegionOne --service-id $NEUTRON_SERVICE \ -+ --publicurl "http://$NEUTRON_PUBLIC_ADDRESS:9696/" \ -+ --adminurl "http://$NEUTRON_ADMIN_ADDRESS:9696/" \ -+ --internalurl "http://$NEUTRON_INTERNAL_ADDRESS:9696/" - fi - ++ openstack endpoint create --region RegionOne \ ++ --publicurl "http://$IRONIC_PUBLIC_ADDRESS:6385" \ ++ --adminurl "http://$IRONIC_ADMIN_ADDRESS:6385" \ ++ --internalurl "http://$IRONIC_INTERNAL_ADDRESS:6385" \ ++ ironic ++fi ++ # create ec2 creds and parse the secret and access key returned -+unset SERVICE_ENDPOINT SERVICE_TOKEN -+export OS_AUTH_URL=http://localhost:5000/v2.0 -+export OS_PASSWORD="${ADMIN_PASSWORD}" -+export OS_TENANT_NAME=demo -+export OS_USERNAME=admin - RESULT=$(keystone ec2-credentials-create --tenant-id=$SERVICE_TENANT --user-id=$ADMIN_USER) - ADMIN_ACCESS=`echo "$RESULT" | grep access | awk '{print $4}'` - ADMIN_SECRET=`echo "$RESULT" | grep secret | awk '{print $4}'` + ADMIN_USER=$(get_id openstack user show admin) + RESULT=$(openstack ec2 credentials create --project service --user $ADMIN_USER)