From 0b1465b6f699a974e3900fff2a810aec6a6bf43c Mon Sep 17 00:00:00 2001 From: Sean Dague Date: Mon, 4 Apr 2016 10:15:47 -0400 Subject: [PATCH] change tenant to project in keystone bootstrapping Change-Id: I6f392d3c16726f6dd734184dcf3014fb4f388207 --- lib/keystone | 56 ++++++++++++++++++++++++++-------------------------- 1 file changed, 28 insertions(+), 28 deletions(-) diff --git a/lib/keystone b/lib/keystone index d83092405b..4361fe0b7f 100644 --- a/lib/keystone +++ b/lib/keystone @@ -106,9 +106,9 @@ KEYSTONE_SERVICE_PROTOCOL=${KEYSTONE_SERVICE_PROTOCOL:-$SERVICE_PROTOCOL} # Bind hosts KEYSTONE_ADMIN_BIND_HOST=${KEYSTONE_ADMIN_BIND_HOST:-$KEYSTONE_SERVICE_HOST} -# Set the tenant for service accounts in Keystone -SERVICE_TENANT_NAME=${SERVICE_TENANT_NAME:-service} -SERVICE_PROJECT_NAME=${SERVICE_TENANT_NAME:-service} +# Set the project for service accounts in Keystone +SERVICE_PROJECT_NAME=${SERVICE_PROJECT_NAME:-service} +SERVICE_TENANT_NAME=${SERVICE_PROJECT_NAME:-service} # if we are running with SSL use https protocols if is_ssl_enabled_service "key" || is_service_enabled tls-proxy; then @@ -335,7 +335,7 @@ function configure_keystone { # create_keystone_accounts() - Sets up common required keystone accounts -# Tenant User Roles +# Project User Roles # ------------------------------------------------------------------ # admin admin admin # service -- -- @@ -348,7 +348,7 @@ function configure_keystone { # alt_demo alt_demo Member, anotherrole # invisible_to_admin demo Member -# Group Users Roles Tenant +# Group Users Roles Project # ------------------------------------------------------------------ # admins admin admin admin # nonadmins demo, alt_demo Member, anotherrole demo, alt_demo @@ -360,8 +360,8 @@ function create_keystone_accounts { # The keystone bootstrapping process (performed via keystone-manage bootstrap) # creates an admin user, admin role and admin project. As a sanity check # we exercise the CLI to retrieve the IDs for these values. - local admin_tenant - admin_tenant=$(openstack project show "admin" -f value -c id) + local admin_project + admin_project=$(openstack project show "admin" -f value -c id) local admin_user admin_user=$(openstack user show "admin" -f value -c id) local admin_role @@ -376,8 +376,8 @@ function create_keystone_accounts { get_or_create_role service # The ResellerAdmin role is used by Nova and Ceilometer so we need to keep it. - # The admin role in swift allows a user to act as an admin for their tenant, - # but ResellerAdmin is needed for a user to act as any tenant. The name of this + # The admin role in swift allows a user to act as an admin for their project, + # but ResellerAdmin is needed for a user to act as any project. The name of this # role is also configurable in swift-proxy.conf get_or_create_role ResellerAdmin @@ -390,32 +390,32 @@ function create_keystone_accounts { local another_role another_role=$(get_or_create_role "anotherrole") - # invisible tenant - admin can't see this one - local invis_tenant - invis_tenant=$(get_or_create_project "invisible_to_admin" default) + # invisible project - admin can't see this one + local invis_project + invis_project=$(get_or_create_project "invisible_to_admin" default) # demo - local demo_tenant - demo_tenant=$(get_or_create_project "demo" default) + local demo_project + demo_project=$(get_or_create_project "demo" default) local demo_user demo_user=$(get_or_create_user "demo" \ "$ADMIN_PASSWORD" "default" "demo@example.com") - get_or_add_user_project_role $member_role $demo_user $demo_tenant - get_or_add_user_project_role $admin_role $admin_user $demo_tenant - get_or_add_user_project_role $another_role $demo_user $demo_tenant - get_or_add_user_project_role $member_role $demo_user $invis_tenant + get_or_add_user_project_role $member_role $demo_user $demo_project + get_or_add_user_project_role $admin_role $admin_user $demo_project + get_or_add_user_project_role $another_role $demo_user $demo_project + get_or_add_user_project_role $member_role $demo_user $invis_project # alt_demo - local alt_demo_tenant - alt_demo_tenant=$(get_or_create_project "alt_demo" default) + local alt_demo_project + alt_demo_project=$(get_or_create_project "alt_demo" default) local alt_demo_user alt_demo_user=$(get_or_create_user "alt_demo" \ "$ADMIN_PASSWORD" "default" "alt_demo@example.com") - get_or_add_user_project_role $member_role $alt_demo_user $alt_demo_tenant - get_or_add_user_project_role $admin_role $admin_user $alt_demo_tenant - get_or_add_user_project_role $another_role $alt_demo_user $alt_demo_tenant + get_or_add_user_project_role $member_role $alt_demo_user $alt_demo_project + get_or_add_user_project_role $admin_role $admin_user $alt_demo_project + get_or_add_user_project_role $another_role $alt_demo_user $alt_demo_project # groups local admin_group @@ -425,11 +425,11 @@ function create_keystone_accounts { non_admin_group=$(get_or_create_group "nonadmins" \ "default" "non-admin group") - get_or_add_group_project_role $member_role $non_admin_group $demo_tenant - get_or_add_group_project_role $another_role $non_admin_group $demo_tenant - get_or_add_group_project_role $member_role $non_admin_group $alt_demo_tenant - get_or_add_group_project_role $another_role $non_admin_group $alt_demo_tenant - get_or_add_group_project_role $admin_role $admin_group $admin_tenant + get_or_add_group_project_role $member_role $non_admin_group $demo_project + get_or_add_group_project_role $another_role $non_admin_group $demo_project + get_or_add_group_project_role $member_role $non_admin_group $alt_demo_project + get_or_add_group_project_role $another_role $non_admin_group $alt_demo_project + get_or_add_group_project_role $admin_role $admin_group $admin_project } # Create a user that is capable of verifying keystone tokens for use with auth_token middleware.