diff --git a/os_cloud_config/keystone.py b/os_cloud_config/keystone.py index 0c16ea4..fca2dc8 100644 --- a/os_cloud_config/keystone.py +++ b/os_cloud_config/keystone.py @@ -19,13 +19,16 @@ import keystoneclient.v2_0.client as ksclient LOG = logging.getLogger(__name__) -def initialize(host, admin_token, admin_email, admin_password): +def initialize(host, admin_token, admin_email, admin_password, + region='regionOne', ssl=None): """Perform post-heat initialization of Keystone. :param host: ip/hostname of node where Keystone is running :param admin_token: admin token to use with Keystone's admin endpoint :param admin_email: admin user's e-mail address to be set :param admin_password: admin user's password to be set + :param region: region to create the endpoint in + :param ssl: ip/hostname to use as the ssl endpoint, if required """ keystone = _create_admin_client(host, admin_token) @@ -33,6 +36,7 @@ def initialize(host, admin_token, admin_email, admin_password): _create_roles(keystone) _create_tenants(keystone) _create_admin_user(keystone, admin_email, admin_password) + _create_endpoint(keystone, host, region, ssl) def initialize_for_swift(host, admin_token): @@ -107,6 +111,25 @@ def _create_tenants(keystone): keystone.tenants.create('service', None) +def _create_endpoint(keystone, host, region, ssl): + """Create keystone endpoint in Keystone. + + :param keystone: keystone v2 client + :param host: ip/hostname of node where Keystone is running + :param region: region to create the endpoint in + :param ssl: ip/hostname to use as the ssl endpoint, if required + """ + LOG.debug('Create keystone public endpoint') + service = keystone.services.create('keystone', 'identity', + description='Keystone Identity Service') + public_url = 'http://%s:5000/v2.0' % host + if ssl: + public_url = 'https://%s:13000/v2.0' % ssl + keystone.endpoints.create(region, service.id, public_url, + 'http://%s:35357/v2.0' % host, + 'http://%s:5000/v2.0' % host) + + def _create_admin_user(keystone, admin_email, admin_password): """Create admin user in Keystone. diff --git a/os_cloud_config/tests/test_keystone.py b/os_cloud_config/tests/test_keystone.py index 3d321c1..beffb79 100644 --- a/os_cloud_config/tests/test_keystone.py +++ b/os_cloud_config/tests/test_keystone.py @@ -20,6 +20,16 @@ from os_cloud_config.tests import base class KeystoneTest(base.TestCase): + def assert_endpoint(self, host, region='regionOne', public_endpoint=None): + self.client.services.create.assert_called_once_with( + 'keystone', 'identity', description='Keystone Identity Service') + if public_endpoint is None: + public_endpoint = 'http://%s:5000/v2.0' % host + self.client.endpoints.create.assert_called_once_with( + region, self.client.services.create.return_value.id, + public_endpoint, 'http://%s:35357/v2.0' % host, + 'http://192.0.0.3:5000/v2.0') + def test_initialize(self): self._patch_client() @@ -44,6 +54,8 @@ class KeystoneTest(base.TestCase): self.client.roles.find.return_value, self.client.tenants.find.return_value) + self.assert_endpoint('192.0.0.3') + def test_initialize_for_swift(self): self._patch_client() @@ -70,6 +82,20 @@ class KeystoneTest(base.TestCase): user=self.client.users.create.return_value, domain=self.client.domains.create.return_value) + def test_create_endpoint_ssl(self): + self._patch_client() + + keystone._create_endpoint(self.client, '192.0.0.3', 'regionOne', + 'keystone.example.com') + public_endpoint = 'https://keystone.example.com:13000/v2.0' + self.assert_endpoint('192.0.0.3', public_endpoint=public_endpoint) + + def test_create_endpoint_region(self): + self._patch_client() + + keystone._create_endpoint(self.client, '192.0.0.3', 'regionTwo', None) + self.assert_endpoint('192.0.0.3', region='regionTwo') + @mock.patch('os_cloud_config.keystone.ksclient.Client') def test_create_admin_client(self, client): self.assertEqual(