Merge "Use openstack CLI instead of keystone"
This commit is contained in:
commit
69cb0a1343
@ -13,7 +13,7 @@ EC2\_URL
|
||||
|
||||
::
|
||||
|
||||
EC2_URL=$(keystone catalog --service ec2 | awk '/ publicURL / { print $4 }')
|
||||
EC2_URL=$(openstack catalog show ec2 | awk '/ publicURL: / { print $4 }')
|
||||
|
||||
S3\_URL
|
||||
Set the S3 endpoint for euca2ools. The endpoint is extracted from
|
||||
@ -21,14 +21,14 @@ S3\_URL
|
||||
|
||||
::
|
||||
|
||||
export S3_URL=$(keystone catalog --service s3 | awk '/ publicURL / { print $4 }')
|
||||
export S3_URL=$(openstack catalog show s3 | awk '/ publicURL: / { print $4 }')
|
||||
|
||||
EC2\_ACCESS\_KEY, EC2\_SECRET\_KEY
|
||||
Create EC2 credentials for the current tenant:user in Keystone.
|
||||
|
||||
::
|
||||
|
||||
CREDS=$(keystone ec2-credentials-create)
|
||||
CREDS=$(openstack ec2 credentials create)
|
||||
export EC2_ACCESS_KEY=$(echo "$CREDS" | awk '/ access / { print $4 }')
|
||||
export EC2_SECRET_KEY=$(echo "$CREDS" | awk '/ secret / { print $4 }')
|
||||
|
||||
|
@ -229,10 +229,10 @@ Additional Users
|
||||
----------------
|
||||
|
||||
DevStack creates two OpenStack users (``admin`` and ``demo``) and two
|
||||
tenants (also ``admin`` and ``demo``). ``admin`` is exactly what it
|
||||
projects (also ``admin`` and ``demo``). ``admin`` is exactly what it
|
||||
sounds like, a privileged administrative account that is a member of
|
||||
both the ``admin`` and ``demo`` tenants. ``demo`` is a normal user
|
||||
account that is only a member of the ``demo`` tenant. Creating
|
||||
both the ``admin`` and ``demo`` projects. ``demo`` is a normal user
|
||||
account that is only a member of the ``demo`` project. Creating
|
||||
additional OpenStack users can be done through the dashboard, sometimes
|
||||
it is easier to do them in bulk from a script, especially since they get
|
||||
blown away every time ``stack.sh`` runs. The following steps are ripe
|
||||
@ -243,21 +243,21 @@ for scripting:
|
||||
# Get admin creds
|
||||
. openrc admin admin
|
||||
|
||||
# List existing tenants
|
||||
keystone tenant-list
|
||||
# List existing projects
|
||||
openstack project list
|
||||
|
||||
# List existing users
|
||||
keystone user-list
|
||||
openstack user list
|
||||
|
||||
# Add a user and tenant
|
||||
# Add a user and project
|
||||
NAME=bob
|
||||
PASSWORD=BigSecrete
|
||||
TENANT=$NAME
|
||||
keystone tenant-create --name=$NAME
|
||||
keystone user-create --name=$NAME --pass=$PASSWORD
|
||||
keystone user-role-add --user-id=<bob-user-id> --tenant-id=<bob-tenant-id> --role-id=<member-role-id>
|
||||
# member-role-id comes from the existing member role created by stack.sh
|
||||
# keystone role-list
|
||||
PROJECT=$NAME
|
||||
openstack project create $PROJECT
|
||||
openstack user create $NAME --password=$PASSWORD --project $PROJECT
|
||||
openstack role add Member --user $NAME --project $PROJECT
|
||||
# The Member role is created by stack.sh
|
||||
# openstack role list
|
||||
|
||||
Swift
|
||||
-----
|
||||
|
4
eucarc
4
eucarc
@ -19,7 +19,7 @@ RC_DIR=$(cd $(dirname "${BASH_SOURCE:-$0}") && pwd)
|
||||
source $RC_DIR/openrc
|
||||
|
||||
# Set the ec2 url so euca2ools works
|
||||
export EC2_URL=$(keystone catalog --service ec2 | awk '/ publicURL / { print $4 }')
|
||||
export EC2_URL=$(openstack catalog show ec2 | awk '/ publicURL: / { print $4 }')
|
||||
|
||||
# Create EC2 credentials for the current user
|
||||
CREDS=$(openstack ec2 credentials create)
|
||||
@ -29,7 +29,7 @@ export EC2_SECRET_KEY=$(echo "$CREDS" | awk '/ secret / { print $4 }')
|
||||
# Euca2ools Certificate stuff for uploading bundles
|
||||
# See exercises/bundle.sh to see how to get certs using nova cli
|
||||
NOVA_KEY_DIR=${NOVA_KEY_DIR:-$RC_DIR}
|
||||
export S3_URL=$(keystone catalog --service s3 | awk '/ publicURL / { print $4 }')
|
||||
export S3_URL=$(openstack catalog show s3 | awk '/ publicURL: / { print $4 }')
|
||||
export EC2_USER_ID=42 # nova does not use user id, but bundling requires it
|
||||
export EC2_PRIVATE_KEY=${NOVA_KEY_DIR}/pk.pem
|
||||
export EC2_CERT=${NOVA_KEY_DIR}/cert.pem
|
||||
|
@ -69,7 +69,7 @@ if [[ "$ENABLED_SERVICES" =~ "key" ]]; then
|
||||
STATUS_KEYSTONE="Skipped"
|
||||
else
|
||||
echo -e "\nTest Keystone"
|
||||
if keystone $TENANT_ARG $ARGS catalog --service identity; then
|
||||
if openstack $TENANT_ARG $ARGS catalog show identity; then
|
||||
STATUS_KEYSTONE="Succeeded"
|
||||
else
|
||||
STATUS_KEYSTONE="Failed"
|
||||
|
@ -765,7 +765,7 @@ function upload_baremetal_ironic_deploy {
|
||||
fi
|
||||
fi
|
||||
|
||||
local token=$(keystone token-get | grep ' id ' | get_field 2)
|
||||
local token=$(openstack token issue -c id -f value)
|
||||
die_if_not_set $LINENO token "Keystone fail to get token"
|
||||
|
||||
# load them into glance
|
||||
|
2
stack.sh
2
stack.sh
@ -1173,7 +1173,7 @@ fi
|
||||
# See https://help.ubuntu.com/community/CloudInit for more on ``cloud-init``
|
||||
|
||||
if is_service_enabled g-reg; then
|
||||
TOKEN=$(keystone token-get | grep ' id ' | get_field 2)
|
||||
TOKEN=$(openstack token issue -c id -f value)
|
||||
die_if_not_set $LINENO TOKEN "Keystone fail to get token"
|
||||
|
||||
echo_summary "Uploading images"
|
||||
|
@ -32,7 +32,7 @@ if [[ -z "$1" ]]; then
|
||||
fi
|
||||
|
||||
# Get a token to authenticate to glance
|
||||
TOKEN=$(keystone token-get | grep ' id ' | get_field 2)
|
||||
TOKEN=$(openstack token issue -c id -f value)
|
||||
die_if_not_set $LINENO TOKEN "Keystone fail to get token"
|
||||
|
||||
# Glance connection info. Note the port must be specified.
|
||||
|
Loading…
x
Reference in New Issue
Block a user