Adds Keystone Scripts

Add keystone scripts to the docs basic-install-guide folder, till the labs
section is properly implemented.

Also modify links pointing towards the keystone scripts.

Change-Id: Ic1eea2bd814209eeef0e31ce7149711035c8d85e
Implements: blueprint openstack-training-guides
Fixes-bug: #1282056

doc/training-guides/basic-install-guide/keystone-scripts/Credentials.sh

@@ -0,0 +1,4 @@
+export OS_TENANT_NAME=admin
+export OS_USERNAME=admin
+export OS_PASSWORD=admin_pass
+export OS_AUTH_URL="http://192.168.100.51:5000/v2.0/"

doc/training-guides/basic-install-guide/keystone-scripts/keystone_basic.sh

@@ -0,0 +1,56 @@
+#!/bin/bash
+#
+# License: Apache Software License (ASL) 2.0
+# Inspired by
+# https://github.com/openstack/keystone/blob/master/tools/sample_data.sh
+###############################################################################
+#                                                                             #
+# This script adds users and grants them roles                                #
+#                                                                             #
+###############################################################################
+
+HOST_IP=10.10.10.51
+ADMIN_PASSWORD=${ADMIN_PASSWORD:-admin_pass}
+SERVICE_PASSWORD=${SERVICE_PASSWORD:-service_pass}
+export SERVICE_TOKEN="ADMIN"
+export SERVICE_ENDPOINT="http://${HOST_IP}:35357/v2.0"
+SERVICE_TENANT_NAME=${SERVICE_TENANT_NAME:-service}
+
+get_id () {
+    echo `$@ | awk '/ id / { print $4 }'`
+}
+
+# Tenants
+ADMIN_TENANT=$(get_id keystone tenant-create --name=admin)
+SERVICE_TENANT=$(get_id keystone tenant-create --name=$SERVICE_TENANT_NAME)
+
+
+# Users
+ADMIN_USER=$(get_id keystone user-create --name=admin --pass="$ADMIN_PASSWORD" --email=admin@domain.com)
+
+
+# Roles
+ADMIN_ROLE=$(get_id keystone role-create --name=admin)
+KEYSTONEADMIN_ROLE=$(get_id keystone role-create --name=KeystoneAdmin)
+KEYSTONESERVICE_ROLE=$(get_id keystone role-create --name=KeystoneServiceAdmin)
+
+# Add Roles to Users in Tenants
+keystone user-role-add --user-id $ADMIN_USER --role-id $ADMIN_ROLE --tenant-id $ADMIN_TENANT
+keystone user-role-add --user-id $ADMIN_USER --role-id $KEYSTONEADMIN_ROLE --tenant-id $ADMIN_TENANT
+keystone user-role-add --user-id $ADMIN_USER --role-id $KEYSTONESERVICE_ROLE --tenant-id $ADMIN_TENANT
+
+# The Member role is used by Horizon and Swift
+MEMBER_ROLE=$(get_id keystone role-create --name=Member)
+
+# Configure service users/roles
+NOVA_USER=$(get_id keystone user-create --name=nova --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=nova@domain.com)
+keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $NOVA_USER --role-id $ADMIN_ROLE
+
+GLANCE_USER=$(get_id keystone user-create --name=glance --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=glance@domain.com)
+keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $GLANCE_USER --role-id $ADMIN_ROLE
+
+neutron_USER=$(get_id keystone user-create --name=neutron --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=neutron@domain.com)
+keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $neutron_USER --role-id $ADMIN_ROLE
+
+CINDER_USER=$(get_id keystone user-create --name=cinder --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=cinder@domain.com)
+keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $CINDER_USER --role-id $ADMIN_ROLE

doc/training-guides/basic-install-guide/keystone-scripts/keystone_endpoints_basic.sh

@@ -0,0 +1,133 @@
+#!/bin/bash
+#
+# License: Apache Software License (ASL) 2.0
+# Inspired by
+# https://github.com/openstack/keystone/blob/master/tools/sample_data.sh
+###############################################################################
+#                                                                             #
+# This script creates keystone services and endpoints                         #
+#                                                                             #
+###############################################################################
+
+# Host address
+HOST_IP=10.10.10.51
+EXT_HOST_IP=192.168.100.51
+
+# MySQL definitions
+MYSQL_USER=keystoneUser
+MYSQL_DATABASE=keystone
+MYSQL_HOST=$HOST_IP
+MYSQL_PASSWORD=keystonePass
+
+# Keystone definitions
+KEYSTONE_REGION=RegionOne
+export SERVICE_TOKEN=ADMIN
+export SERVICE_ENDPOINT="http://${HOST_IP}:35357/v2.0"
+
+while getopts "u:D:p:m:K:R:E:T:vh" opt; do
+  case $opt in
+    u)
+      MYSQL_USER=$OPTARG
+      ;;
+    D)
+      MYSQL_DATABASE=$OPTARG
+      ;;
+    p)
+      MYSQL_PASSWORD=$OPTARG
+      ;;
+    m)
+      MYSQL_HOST=$OPTARG
+      ;;
+    K)
+      MASTER=$OPTARG
+      ;;
+    R)
+      KEYSTONE_REGION=$OPTARG
+      ;;
+    E)
+      export SERVICE_ENDPOINT=$OPTARG
+      ;;
+    T)
+      export SERVICE_TOKEN=$OPTARG
+      ;;
+    v)
+      set -x
+      ;;
+    h)
+      cat <<EOF
+Usage: $0 [-m mysql_hostname] [-u mysql_username] [-D mysql_database] [-p mysql_password]
+[-K keystone_master ] [ -R keystone_region ] [ -E keystone_endpoint_url ]
+[ -T keystone_token ]
+Add -v for verbose mode, -h to display this message.
+EOF
+      exit 0
+      ;;
+    \?)
+      echo "Unknown option -$OPTARG" >&2
+      exit 1
+      ;;
+    :)
+      echo "Option -$OPTARG requires an argument" >&2
+      exit 1
+      ;;
+  esac
+done
+
+if [ -z "$KEYSTONE_REGION" ]; then
+  echo "Keystone region not set. Please set with -R option or set KEYSTONE_REGION variable." >&2
+  missing_args="true"
+fi
+
+if [ -z "$SERVICE_TOKEN" ]; then
+  echo "Keystone service token not set. Please set with -T option or set SERVICE_TOKEN variable." >&2
+  missing_args="true"
+fi
+
+if [ -z "$SERVICE_ENDPOINT" ]; then
+  echo "Keystone service endpoint not set. Please set with -E option or set SERVICE_ENDPOINT variable." >&2
+  missing_args="true"
+fi
+
+if [ -z "$MYSQL_PASSWORD" ]; then
+  echo "MySQL password not set. Please set with -p option or set MYSQL_PASSWORD variable." >&2
+  missing_args="true"
+fi
+
+if [ -n "$missing_args" ]; then
+  exit 1
+fi
+
+keystone service-create --name nova --type compute --description 'OpenStack Compute Service'
+keystone service-create --name cinder --type volume --description 'OpenStack Volume Service'
+keystone service-create --name glance --type image --description 'OpenStack Image Service'
+keystone service-create --name keystone --type identity --description 'OpenStack Identity'
+keystone service-create --name ec2 --type ec2 --description 'OpenStack EC2 service'
+keystone service-create --name neutron --type network --description 'OpenStack Networking service'
+
+create_endpoint () {
+  case $1 in
+    compute)
+    keystone endpoint-create --region $KEYSTONE_REGION --service-id $2 --publicurl 'http://'"$EXT_HOST_IP"':8774/v2/$(tenant_id)s' --adminurl 'http://'"$HOST_IP"':8774/v2/$(tenant_id)s' --internalurl 'http://'"$HOST_IP"':8774/v2/$(tenant_id)s'
+    ;;
+    volume)
+    keystone endpoint-create --region $KEYSTONE_REGION --service-id $2 --publicurl 'http://'"$EXT_HOST_IP"':8776/v1/$(tenant_id)s' --adminurl 'http://'"$HOST_IP"':8776/v1/$(tenant_id)s' --internalurl 'http://'"$HOST_IP"':8776/v1/$(tenant_id)s'
+    ;;
+    image)
+    keystone endpoint-create --region $KEYSTONE_REGION --service-id $2 --publicurl 'http://'"$EXT_HOST_IP"':9292/' --adminurl 'http://'"$HOST_IP"':9292/' --internalurl 'http://'"$HOST_IP"':9292/'
+    ;;
+    identity)
+    keystone endpoint-create --region $KEYSTONE_REGION --service-id $2 --publicurl 'http://'"$EXT_HOST_IP"':5000/v2.0' --adminurl 'http://'"$HOST_IP"':35357/v2.0' --internalurl 'http://'"$HOST_IP"':5000/v2.0'
+    ;;
+    ec2)
+    keystone endpoint-create --region $KEYSTONE_REGION --service-id $2 --publicurl 'http://'"$EXT_HOST_IP"':8773/services/Cloud' --adminurl 'http://'"$HOST_IP"':8773/services/Admin' --internalurl 'http://'"$HOST_IP"':8773/services/Cloud'
+    ;;
+    network)
+    keystone endpoint-create --region $KEYSTONE_REGION --service-id $2 --publicurl 'http://'"$EXT_HOST_IP"':9696/' --adminurl 'http://'"$HOST_IP"':9696/' --internalurl 'http://'"$HOST_IP"':9696/'
+    ;;
+  esac
+}
+
+for i in compute volume image object-store identity ec2 network; do
+  id=`mysql -h "$MYSQL_HOST" -u "$MYSQL_USER" -p"$MYSQL_PASSWORD" "$MYSQL_DATABASE" -ss -e "SELECT id FROM service WHERE type='"$i"';"` || exit 1
+  create_endpoint $i $id
+done

doc/training-guides/basic-install-guide/lab001-control-node.xml

@@ -220,12 +220,12 @@ iface eth2 inet dhcp</programlisting>
         scripts:</para>
       <para>
         <link
-          xlink:href="http://git.openstack.org/cgit/openstack/training-guides/plain/labs/openstack_scripts/Keystone/Scripts/keystone_basic.sh">
+            xlink:href="http://git.openstack.org/cgit/openstack/training-guides/plain/doc/training-guides/basic-install-guide/keystone-scripts/keystone_basic.sh">
           <filename>keystone_basic.sh</filename>
         </link></para>
       <para>
         <link
-          xlink:href="http://git.openstack.org/cgit/openstack/training-guides/plain/labs/openstack_scripts/Keystone/Scripts/keystone_endpoints_basic.sh">
+            xlink:href="http://git.openstack.org/cgit/openstack/training-guides/plain/doc/training-guides/basic-install-guide/keystone-scripts/keystone_endpoints_basic.sh">
           <filename>keystone_endpoints_basic.sh</filename>
         </link></para>
     </listitem>