openSUSE fixes for Identity and Image setup

Based on testing on openSUSE

Also adds a \ to some commands so that you can copy & paste them

Use GLANCE_DBPASS consistently

Use for Identity service setup the same markup as for Image service.

Change-Id: I58c2365225d0c3cea4fa5c0f053340fd7efb56c4

doc/install-guide/section_glance-install.xml

@@ -22,7 +22,7 @@
     <step><para>Install the Image Service on the controller node.</para>
       <screen os="ubuntu;debian"><prompt>#</prompt> <userinput>apt-get install glance</userinput></screen>
       <screen os="rhel;centos;fedora"><prompt>#</prompt> <userinput>yum install openstack-glance</userinput></screen>
-      <screen os="opensuse"><prompt>#</prompt> <userinput>zypper install openstack-glance</userinput></screen></step>
+      <screen os="opensuse"><prompt>#</prompt> <userinput>zypper install openstack-glance python-glanceclient</userinput></screen></step>
 
     <step os="rhel;centos;fedora;opensuse"><para>The Image Service stores information about images in a database.
       This guide uses the MySQL database used by other OpenStack services.</para>
@@ -53,9 +53,9 @@ IDENTIFIED BY 'GLANCE_DBPASS';</userinput></screen>
         have separate configuration files, so you must configure both files throughout this
         section.</para>
       <screen os="rhel;centos;fedora;opensuse"><prompt>#</prompt> <userinput>openstack-config --set /etc/glance/glance-api.conf \
-  DEFAULT sql_connection mysql://glance:<replaceable>GLANCE_PASS</replaceable>@<replaceable>controller</replaceable>/glance</userinput>
+  DEFAULT sql_connection mysql://glance:<replaceable>GLANCE_DBPASS</replaceable>@<replaceable>controller</replaceable>/glance</userinput>
 <prompt>#</prompt> <userinput>openstack-config --set /etc/glance/glance-registry.conf \
-  DEFAULT sql_connection mysql://glance:<replaceable>GLANCE_PASS</replaceable>@<replaceable>controller</replaceable>/glance</userinput></screen>
+  DEFAULT sql_connection mysql://glance:<replaceable>GLANCE_DBPASS</replaceable>@<replaceable>controller</replaceable>/glance</userinput></screen>
       <para os="ubuntu;debian">Edit <filename>/etc/glance/glance-api.conf</filename> and  <filename>/etc/glance/glance-registry.conf</filename>
        and change the <literal>[DEFAULT]</literal> section.</para>
       <programlisting os="ubuntu;debian" language="ini">
@@ -81,18 +81,18 @@ sql_connection = mysql://glance:GLANCE_DBPASS@localhost/glance
       Service can use to authenticate with the Identity Service. Use the
       <literal>service</literal> tenant and give the user the
       <literal>admin</literal> role.</para>
-      <screen><prompt>#</prompt> <userinput>keystone user-create --name=glance --pass=<replaceable>GLANCE_PASS</replaceable> --email=<replaceable>glance@example.com</replaceable></userinput>
+      <screen><prompt>#</prompt> <userinput>keystone user-create --name=glance --pass=<replaceable>GLANCE_DBPASS</replaceable> --email=<replaceable>glance@example.com</replaceable></userinput>
 <prompt>#</prompt> <userinput>keystone user-role-add --user=glance --tenant=service --role=admin</userinput></screen></step>
     <step><para>Add the credentials to the Image Service's configuration files.</para>
 
       <screen os="centos;rhel;fedora;opensuse"><prompt>#</prompt> <userinput>openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_host <replaceable>controller</replaceable></userinput>
 <prompt>#</prompt> <userinput>openstack-config --set /etc/glance/glance-api.conf keystone_authtoken admin_user glance</userinput>
 <prompt>#</prompt> <userinput>openstack-config --set /etc/glance/glance-api.conf keystone_authtoken admin_tenant_name service</userinput>
-<prompt>#</prompt> <userinput>openstack-config --set /etc/glance/glance-api.conf keystone_authtoken admin_password <replaceable>GLANCE_PASS</replaceable></userinput>
+<prompt>#</prompt> <userinput>openstack-config --set /etc/glance/glance-api.conf keystone_authtoken admin_password <replaceable>GLANCE_DBPASS</replaceable></userinput>
 <prompt>#</prompt> <userinput>openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_host <replaceable>controller</replaceable></userinput>
 <prompt>#</prompt> <userinput>openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken admin_user glance</userinput>
 <prompt>#</prompt> <userinput>openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken admin_tenant_name service</userinput>
-<prompt>#</prompt> <userinput>openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken admin_password <replaceable>GLANCE_PASS</replaceable></userinput></screen>
+<prompt>#</prompt> <userinput>openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken admin_password <replaceable>GLANCE_DBPASS</replaceable></userinput></screen>
       <para os="ubuntu;debian">Edit <filename>/etc/glance/glance-api.conf</filename> and <filename>/etc/glance/glance-registry.conf</filename>
  and change the <literal>[keystone_authtoken]</literal> section.</para>
       <programlisting os="ubuntu;debian" language="ini">
@@ -103,7 +103,7 @@ auth_port = 35357
 auth_protocol = http
 admin_tenant_name = service
 admin_user = glance
-admin_password = GLANCE_PASS
+admin_password = GLANCE_DBPASS
 ...
       </programlisting>
 
@@ -117,7 +117,7 @@ paste.filter_factory=keystoneclient.middleware.auth_token:filter_factory
 auth_host=controller
 admin_user=glance
 admin_tenant_name=service
-admin_password=<replaceable>GLANCE_PASS</replaceable></programlisting> -->
+admin_password=<replaceable>GLANCE_DBPASS</replaceable></programlisting> -->
       <para>
         <note><para>If you have troubles connecting to the database, try using the IP address instead of the
           host name in the credentials.</para></note>

doc/install-guide/section_keystone-install.xml

@@ -78,16 +78,24 @@ admin_token = ADMIN_TOKEN
     <step os="rhel;centos;fedora;opensuse">
       <para>By default Keystone will use PKI tokens. Create the signing
       keys and certificates.</para>
-      <screen><prompt>#</prompt> <userinput>keystone-manage pki_setup --keystone-user keystone --keystone-group keystone</userinput>
+      <screen os="rhel;centos;fedora"><prompt>#</prompt> <userinput>keystone-manage pki_setup --keystone-user keystone --keystone-group keystone</userinput>
 <prompt>#</prompt> <userinput>chown -R keystone:keystone /etc/keystone/* /var/log/keystone/keystone.log</userinput></screen>
+      <screen os="opensuse"><prompt>#</prompt> <userinput>keystone-manage pki_setup --keystone-user openstack-keystone --keystone-group openstack-keystone</userinput>
+<prompt>#</prompt> <userinput>chown -R openstack-keystone:openstack-keystone /etc/keystone/* /var/log/keystone/keystone.log</userinput></screen>
     </step>
 
+    <step os="opensuse">
+      <para>Setup the <filename>/etc/keystone/default_catalog.templates</filename> file:
+      </para>
+      <screen><prompt>#</prompt> <userinput>KEYSTONE_CATALOG=/etc/keystone/default_catalog.templates</userinput>
+<prompt>#</prompt> <userinput>sed -e "s,%SERVICE_HOST%,192.168.0.10,g" -e "s/%S3_SERVICE_PORT%/8080/" \
+   $KEYSTONE_CATALOG.sample > $KEYSTONE_CATALOG</userinput></screen>
+    </step>
     <step os="ubuntu">
       <para>Restart the Identity service.</para>
       <screen><prompt>#</prompt> <userinput>service keystone restart</userinput></screen>
     </step>
 
-
     <step os="rhel;fedora;centos;opensuse">
       <para>Start the Identity Service and enable it so it start when
       the system boots.</para>

doc/install-guide/section_keystone-services.xml

@@ -38,10 +38,10 @@
   API.</para>
 
   <screen><prompt>#</prompt> <userinput>keystone endpoint-create \
-  --service-id=15c11a23667e427e91bc31335b45f4bd \
+  --service-id=<replaceable>the_service_id_above</replaceable> \
-  --publicurl=http://controller:5000/v2.0 \
+  --publicurl=http://<replaceable>controller</replaceable>:5000/v2.0 \
-  --internalurl=http://controller:5000/v2.0 \
+  --internalurl=http://<replaceable>controller</replaceable>:5000/v2.0 \
-  --adminurl=http://controller:35357/v2.0</userinput>
+  --adminurl=http://<replaceable>controller</replaceable>:35357/v2.0</userinput>
 <computeroutput>+-------------+-----------------------------------+
 |   Property  |             Value                 |
 +-------------+-----------------------------------+

doc/install-guide/section_keystone-verify.xml

@@ -18,7 +18,7 @@
   Request a authentication token using the <literal>admin</literal>
   user and the password you chose for that user.</para>
 
-  <screen><prompt>#</prompt> <userinput>keystone --os-username=admin --os-password=<replaceable>ADMIN_PASS</replaceable>
+  <screen><prompt>#</prompt> <userinput>keystone --os-username=admin --os-password=<replaceable>ADMIN_PASS</replaceable> \
   --os-auth-url=http://controller:35357/v2.0 token-get</userinput></screen>
 
   <para>You should receive a token in response, paired with your user ID.
@@ -28,7 +28,7 @@
   <para>Next, verify that authorization is behaving as expected by requesting
   authorization on a tenant.</para>
 
-  <screen><prompt>#</prompt> <userinput>keystone --os-username=admin --os-password=<replaceable>ADMIN_PASS</replaceable>
+  <screen><prompt>#</prompt> <userinput>keystone --os-username=admin --os-password=<replaceable>ADMIN_PASS</replaceable> \
   --os-tenant-name=admin --os-auth-url=http://controller:35357/v2.0 token-get</userinput></screen>
 
   <para>You should receive a new token in response, this time including the