79 lines
2.4 KiB
Bash
Executable File
79 lines
2.4 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
#------------------------------------
|
|
# the devstack way
|
|
# cd <devstack-home>
|
|
# source openrc nova service
|
|
# This sets up an admin user and the service tenant and passport in environment
|
|
#------------------------------------
|
|
# alternately export values for
|
|
export OS_AUTH_URL="http://localhost:5000/v2.0"
|
|
# your secret password
|
|
export OS_PASSWORD="orange"
|
|
export OS_TENANT_NAME="service"
|
|
export OS_USERNAME="nova"
|
|
|
|
# --------------------------------
|
|
# alternately service_token and endpoint
|
|
|
|
#export OS_SERVICE_TOKEN=orange
|
|
#export OS_SERVICE_ENDPOINT=http://localhost:35357/v2.0
|
|
# ========================================
|
|
|
|
echo " OS_SERVICE_ENDPOINT="$OS_SEVICE_ENDPOINT
|
|
echo " SERVICE_TOKEN="$SERVICE_TOKEN
|
|
echo " OS_TENANT_NAME="$OS_TENANT_NAME
|
|
echo " OS_USERNAME="$OS_USERNAME
|
|
echo " OS_PASSWORD="$OS_PASSWORD
|
|
echo " OS_AUTH_URL="$OS_AUTH_URL
|
|
|
|
#test with
|
|
keystone tenant-list
|
|
|
|
function get_id () {
|
|
echo `"$@" | awk '/ id / { print $4 }'`
|
|
}
|
|
|
|
#------------------------------------------------------------
|
|
# Adding the Key Manager Service: barbican
|
|
#------------------------------------------------------------
|
|
|
|
ENABLED_SERVICES="barbican"
|
|
SERVICE_PASSWORD="orange"
|
|
SERVICE_HOST="localhost"
|
|
SERVICE_TENANT_NAME="service"
|
|
|
|
#============================
|
|
# Lookups
|
|
SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
|
|
ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
|
|
MEMBER_ROLE=$(keystone role-list | awk "/ Member / { print \$2 }")
|
|
|
|
# Ports to avoid: 3333, 5000, 8773, 8774, 8776, 9292, 9696, 35357
|
|
# Barbican
|
|
if [[ "$ENABLED_SERVICES" =~ "barbican" ]]; then
|
|
BARBICAN_USER=$(get_id keystone user-create \
|
|
--name=barbican \
|
|
--pass="$SERVICE_PASSWORD" \
|
|
--tenant_id $SERVICE_TENANT \
|
|
--email=barbican@example.com)
|
|
keystone user-role-add \
|
|
--tenant_id $SERVICE_TENANT \
|
|
--user_id $BARBICAN_USER \
|
|
--role_id $ADMIN_ROLE
|
|
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
|
|
BARBICAN_SERVICE=$(get_id keystone service-create \
|
|
--name=barbican \
|
|
--type="key store" \
|
|
--description="Barbican Key Management Service")
|
|
keystone endpoint-create \
|
|
--region RegionOne \
|
|
--service_id $BARBICAN_SERVICE \
|
|
--publicurl "http://$SERVICE_HOST:9311" \
|
|
--adminurl "http://$SERVICE_HOST:9312" \
|
|
--internalurl "http://$SERVICE_HOST:9313"
|
|
fi
|
|
fi
|
|
|
|
|