diff --git a/doc/source/eucarc.rst b/doc/source/eucarc.rst index 1284b8883b..c2ecbc6732 100644 --- a/doc/source/eucarc.rst +++ b/doc/source/eucarc.rst @@ -13,7 +13,7 @@ EC2\_URL :: - EC2_URL=$(keystone catalog --service ec2 | awk '/ publicURL / { print $4 }') + EC2_URL=$(openstack catalog show ec2 | awk '/ publicURL: / { print $4 }') S3\_URL Set the S3 endpoint for euca2ools. The endpoint is extracted from @@ -21,14 +21,14 @@ S3\_URL :: - export S3_URL=$(keystone catalog --service s3 | awk '/ publicURL / { print $4 }') + export S3_URL=$(openstack catalog show s3 | awk '/ publicURL: / { print $4 }') EC2\_ACCESS\_KEY, EC2\_SECRET\_KEY Create EC2 credentials for the current tenant:user in Keystone. :: - CREDS=$(keystone ec2-credentials-create) + CREDS=$(openstack ec2 credentials create) export EC2_ACCESS_KEY=$(echo "$CREDS" | awk '/ access / { print $4 }') export EC2_SECRET_KEY=$(echo "$CREDS" | awk '/ secret / { print $4 }') diff --git a/doc/source/guides/multinode-lab.rst b/doc/source/guides/multinode-lab.rst index ff81c93975..d963243fa8 100644 --- a/doc/source/guides/multinode-lab.rst +++ b/doc/source/guides/multinode-lab.rst @@ -229,10 +229,10 @@ Additional Users ---------------- DevStack creates two OpenStack users (``admin`` and ``demo``) and two -tenants (also ``admin`` and ``demo``). ``admin`` is exactly what it +projects (also ``admin`` and ``demo``). ``admin`` is exactly what it sounds like, a privileged administrative account that is a member of -both the ``admin`` and ``demo`` tenants. ``demo`` is a normal user -account that is only a member of the ``demo`` tenant. Creating +both the ``admin`` and ``demo`` projects. ``demo`` is a normal user +account that is only a member of the ``demo`` project. Creating additional OpenStack users can be done through the dashboard, sometimes it is easier to do them in bulk from a script, especially since they get blown away every time ``stack.sh`` runs. The following steps are ripe @@ -243,21 +243,21 @@ for scripting: # Get admin creds . openrc admin admin - # List existing tenants - keystone tenant-list + # List existing projects + openstack project list # List existing users - keystone user-list + openstack user list - # Add a user and tenant + # Add a user and project NAME=bob PASSWORD=BigSecrete - TENANT=$NAME - keystone tenant-create --name=$NAME - keystone user-create --name=$NAME --pass=$PASSWORD - keystone user-role-add --user-id= --tenant-id= --role-id= - # member-role-id comes from the existing member role created by stack.sh - # keystone role-list + PROJECT=$NAME + openstack project create $PROJECT + openstack user create $NAME --password=$PASSWORD --project $PROJECT + openstack role add Member --user $NAME --project $PROJECT + # The Member role is created by stack.sh + # openstack role list Swift ----- diff --git a/eucarc b/eucarc index 343f4ccde2..1e672bd932 100644 --- a/eucarc +++ b/eucarc @@ -19,7 +19,7 @@ RC_DIR=$(cd $(dirname "${BASH_SOURCE:-$0}") && pwd) source $RC_DIR/openrc # Set the ec2 url so euca2ools works -export EC2_URL=$(keystone catalog --service ec2 | awk '/ publicURL / { print $4 }') +export EC2_URL=$(openstack catalog show ec2 | awk '/ publicURL: / { print $4 }') # Create EC2 credentials for the current user CREDS=$(openstack ec2 credentials create) @@ -29,7 +29,7 @@ export EC2_SECRET_KEY=$(echo "$CREDS" | awk '/ secret / { print $4 }') # Euca2ools Certificate stuff for uploading bundles # See exercises/bundle.sh to see how to get certs using nova cli NOVA_KEY_DIR=${NOVA_KEY_DIR:-$RC_DIR} -export S3_URL=$(keystone catalog --service s3 | awk '/ publicURL / { print $4 }') +export S3_URL=$(openstack catalog show s3 | awk '/ publicURL: / { print $4 }') export EC2_USER_ID=42 # nova does not use user id, but bundling requires it export EC2_PRIVATE_KEY=${NOVA_KEY_DIR}/pk.pem export EC2_CERT=${NOVA_KEY_DIR}/cert.pem diff --git a/exercises/client-args.sh b/exercises/client-args.sh index 2f85d98d8f..c33ef44e9a 100755 --- a/exercises/client-args.sh +++ b/exercises/client-args.sh @@ -69,7 +69,7 @@ if [[ "$ENABLED_SERVICES" =~ "key" ]]; then STATUS_KEYSTONE="Skipped" else echo -e "\nTest Keystone" - if keystone $TENANT_ARG $ARGS catalog --service identity; then + if openstack $TENANT_ARG $ARGS catalog show identity; then STATUS_KEYSTONE="Succeeded" else STATUS_KEYSTONE="Failed" diff --git a/lib/ironic b/lib/ironic index 7afed052e9..4ac0100410 100644 --- a/lib/ironic +++ b/lib/ironic @@ -765,7 +765,7 @@ function upload_baremetal_ironic_deploy { fi fi - local token=$(keystone token-get | grep ' id ' | get_field 2) + local token=$(openstack token issue -c id -f value) die_if_not_set $LINENO token "Keystone fail to get token" # load them into glance diff --git a/stack.sh b/stack.sh index 5cdcbdf9d8..3f4ae6c49d 100755 --- a/stack.sh +++ b/stack.sh @@ -1173,7 +1173,7 @@ fi # See https://help.ubuntu.com/community/CloudInit for more on ``cloud-init`` if is_service_enabled g-reg; then - TOKEN=$(keystone token-get | grep ' id ' | get_field 2) + TOKEN=$(openstack token issue -c id -f value) die_if_not_set $LINENO TOKEN "Keystone fail to get token" echo_summary "Uploading images" diff --git a/tools/upload_image.sh b/tools/upload_image.sh index 5d23f31b9c..19c6b71976 100755 --- a/tools/upload_image.sh +++ b/tools/upload_image.sh @@ -32,7 +32,7 @@ if [[ -z "$1" ]]; then fi # Get a token to authenticate to glance -TOKEN=$(keystone token-get | grep ' id ' | get_field 2) +TOKEN=$(openstack token issue -c id -f value) die_if_not_set $LINENO TOKEN "Keystone fail to get token" # Glance connection info. Note the port must be specified.