From 671c16e63aad003e12151bc94ee2a82365141507 Mon Sep 17 00:00:00 2001
From: Dean Troyer <dtroyer@gmail.com>
Date: Thu, 13 Dec 2012 16:22:38 -0600
Subject: [PATCH] Move cinder account creation out of keystone_data.sh

Supports the coming HA/proxy configuration for Cinder

Change-Id: If2e08e45430dce895ed6bb1070612517a38ca4bc
---
 files/keystone_data.sh | 25 ++---------------------
 lib/cinder             | 45 ++++++++++++++++++++++++++++++++++++++++--
 stack.sh               |  1 +
 3 files changed, 46 insertions(+), 25 deletions(-)

diff --git a/files/keystone_data.sh b/files/keystone_data.sh
index 17e8c59eb6..71a8e5efa8 100755
--- a/files/keystone_data.sh
+++ b/files/keystone_data.sh
@@ -7,7 +7,6 @@
 # service              glance     admin
 # service              quantum    admin        # if enabled
 # service              swift      admin        # if enabled
-# service              cinder     admin        # if enabled
 # service              heat       admin        # if enabled
 # service              ceilometer admin        # if enabled
 # Tempest Only:
@@ -38,6 +37,7 @@ function get_id () {
 # Lookups
 SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
 ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
+MEMBER_ROLE=$(keystone role-list | awk "/ Member / { print \$2 }")
 
 
 # Roles
@@ -49,6 +49,7 @@ ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
 # role is also configurable in swift-proxy.conf
 RESELLER_ROLE=$(get_id keystone role-create --name=ResellerAdmin)
 
+
 # Services
 # --------
 
@@ -243,25 +244,3 @@ if [[ "$ENABLED_SERVICES" =~ "tempest" ]]; then
         --user_id $ALT_DEMO_USER \
         --role_id $MEMBER_ROLE
 fi
-
-if [[ "$ENABLED_SERVICES" =~ "c-api" ]]; then
-    CINDER_USER=$(get_id keystone user-create --name=cinder \
-                                              --pass="$SERVICE_PASSWORD" \
-                                              --tenant_id $SERVICE_TENANT \
-                                              --email=cinder@example.com)
-    keystone user-role-add --tenant_id $SERVICE_TENANT \
-                           --user_id $CINDER_USER \
-                           --role_id $ADMIN_ROLE
-    if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
-        CINDER_SERVICE=$(get_id keystone service-create \
-            --name=cinder \
-            --type=volume \
-            --description="Cinder Service")
-        keystone endpoint-create \
-            --region RegionOne \
-            --service_id $CINDER_SERVICE \
-            --publicurl "http://$SERVICE_HOST:8776/v1/\$(tenant_id)s" \
-            --adminurl "http://$SERVICE_HOST:8776/v1/\$(tenant_id)s" \
-            --internalurl "http://$SERVICE_HOST:8776/v1/\$(tenant_id)s"
-    fi
-fi
diff --git a/lib/cinder b/lib/cinder
index 16cbaf361a..17005af431 100644
--- a/lib/cinder
+++ b/lib/cinder
@@ -31,9 +31,11 @@ CINDER_DRIVER=${CINDER_DRIVER:-default}
 CINDER_DIR=$DEST/cinder
 CINDERCLIENT_DIR=$DEST/python-cinderclient
 CINDER_STATE_PATH=${CINDER_STATE_PATH:=$DATA_DIR/cinder}
+CINDER_AUTH_CACHE_DIR=${CINDER_AUTH_CACHE_DIR:-/var/cache/cinder}
+
 CINDER_CONF_DIR=/etc/cinder
 CINDER_CONF=$CINDER_CONF_DIR/cinder.conf
-CINDER_AUTH_CACHE_DIR=${CINDER_AUTH_CACHE_DIR:-/var/cache/cinder}
+CINDER_API_PASTE_INI=$CINDER_CONF_DIR/api-paste.ini
 
 # Support entry points installation of console scripts
 if [[ -d $CINDER_DIR/bin ]]; then
@@ -97,7 +99,6 @@ function configure_cinder() {
     sudo chown root:root $TEMPFILE
     sudo mv $TEMPFILE /etc/sudoers.d/cinder-rootwrap
 
-    CINDER_API_PASTE_INI=$CINDER_CONF_DIR/api-paste.ini
     cp $CINDER_DIR/etc/cinder/api-paste.ini $CINDER_API_PASTE_INI
     iniset $CINDER_API_PASTE_INI filter:authtoken auth_host $KEYSTONE_AUTH_HOST
     iniset $CINDER_API_PASTE_INI filter:authtoken auth_port $KEYSTONE_AUTH_PORT
@@ -159,6 +160,46 @@ function configure_cinder() {
     fi
 }
 
+# create_cinder_accounts() - Set up common required cinder accounts
+
+# Tenant               User       Roles
+# ------------------------------------------------------------------
+# service              cinder     admin        # if enabled
+
+# Migrated from keystone_data.sh
+create_cinder_accounts() {
+
+    SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
+    ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
+
+    # Cinder
+    if [[ "$ENABLED_SERVICES" =~ "c-api" ]]; then
+        CINDER_USER=$(keystone user-create \
+            --name=cinder \
+            --pass="$SERVICE_PASSWORD" \
+            --tenant_id $SERVICE_TENANT \
+            --email=cinder@example.com \
+            | grep " id " | get_field 2)
+        keystone user-role-add \
+            --tenant_id $SERVICE_TENANT \
+            --user_id $CINDER_USER \
+            --role_id $ADMIN_ROLE
+        if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
+            CINDER_SERVICE=$(keystone service-create \
+                --name=cinder \
+                --type=volume \
+                --description="Cinder Volume Service" \
+                | grep " id " | get_field 2)
+            keystone endpoint-create \
+                --region RegionOne \
+                --service_id $CINDER_SERVICE \
+                --publicurl "http://$SERVICE_HOST:8776/v1/\$(tenant_id)s" \
+                --adminurl "http://$SERVICE_HOST:8776/v1/\$(tenant_id)s" \
+                --internalurl "http://$SERVICE_HOST:8776/v1/\$(tenant_id)s"
+        fi
+    fi
+}
+
 # init_cinder() - Initialize database and volume group
 function init_cinder() {
     # Force nova volumes off
diff --git a/stack.sh b/stack.sh
index f2fd68cc67..94403fcc3f 100755
--- a/stack.sh
+++ b/stack.sh
@@ -956,6 +956,7 @@ if is_service_enabled key; then
     export OS_SERVICE_ENDPOINT=$SERVICE_ENDPOINT
     create_keystone_accounts
     create_nova_accounts
+    create_cinder_accounts
 
     # ``keystone_data.sh`` creates services, admin and demo users, and roles.
     ADMIN_PASSWORD=$ADMIN_PASSWORD SERVICE_TENANT_NAME=$SERVICE_TENANT_NAME SERVICE_PASSWORD=$SERVICE_PASSWORD \