Updated with echoing back to keystone who calls this for ec2 rc fn content.

This commit is contained in:
Joshua Harlow 2012-02-16 21:10:23 -08:00
parent abb64455ff
commit 1f3c6717ed
2 changed files with 24 additions and 24 deletions
conf/templates/keystone
devstack/components

@ -49,62 +49,59 @@ KEYSTONESERVICE_ROLE=`get_id keystone role-create --name=$KEYSTONE_SERVICE_ADMIN
SYSADMIN_ROLE=`get_id keystone role-create --name=$SYSADMIN_ROLE_NAME`
NETADMIN_ROLE=`get_id keystone role-create --name=$NETADMIN_ROLE_NAME`
# Added 2>&1 >/dev/null to all (NOT IN ORIGINAL)
# Add Roles to Users in Tenants
keystone add-user-role $ADMIN_USER $ADMIN_ROLE $ADMIN_TENANT
keystone add-user-role $DEMO_USER $MEMBER_ROLE $DEMO_TENANT
keystone add-user-role $DEMO_USER $SYSADMIN_ROLE $DEMO_TENANT
keystone add-user-role $DEMO_USER $NETADMIN_ROLE $DEMO_TENANT
keystone add-user-role $DEMO_USER $MEMBER_ROLE $INVIS_TENANT
keystone add-user-role $ADMIN_USER $ADMIN_ROLE $DEMO_TENANT
keystone add-user-role $ADMIN_USER $ADMIN_ROLE $ADMIN_TENANT 2>&1 >/dev/null
keystone add-user-role $DEMO_USER $MEMBER_ROLE $DEMO_TENANT 2>&1 >/dev/null
keystone add-user-role $DEMO_USER $SYSADMIN_ROLE $DEMO_TENANT 2>&1 >/dev/null
keystone add-user-role $DEMO_USER $NETADMIN_ROLE $DEMO_TENANT 2>&1 >/dev/null
keystone add-user-role $DEMO_USER $MEMBER_ROLE $INVIS_TENANT 2>&1 >/dev/null
keystone add-user-role $ADMIN_USER $ADMIN_ROLE $DEMO_TENANT 2>&1 >/dev/null
# TODO(termie): these two might be dubious
keystone add-user-role $ADMIN_USER $KEYSTONEADMIN_ROLE $ADMIN_TENANT
keystone add-user-role $ADMIN_USER $KEYSTONESERVICE_ROLE $ADMIN_TENANT
keystone add-user-role $ADMIN_USER $KEYSTONEADMIN_ROLE $ADMIN_TENANT 2>&1 >/dev/null
keystone add-user-role $ADMIN_USER $KEYSTONESERVICE_ROLE $ADMIN_TENANT 2>&1 >/dev/null
# Services
keystone service-create \
--name=nova \
--type=compute \
--description="Nova Compute Service"
--description="Nova Compute Service" 2>&1 >/dev/null
keystone service-create \
--name=ec2 \
--type=ec2 \
--description="EC2 Compatibility Layer"
--description="EC2 Compatibility Layer" 2>&1 >/dev/null
keystone service-create \
--name=glance \
--type=image \
--description="Glance Image Service"
--description="Glance Image Service" 2>&1 >/dev/null
keystone service-create \
--name=keystone \
--type=identity \
--description="Keystone Identity Service"
--description="Keystone Identity Service" 2>&1 >/dev/null
if [[ "$ENABLED_SERVICES" =~ "swift" ]]; then
keystone service-create \
--name=swift \
--type="object-store" \
--description="Swift Service"
--description="Swift Service" 2>&1 >/dev/null
fi
# create ec2 creds and parse the secret and access key returned
# Create ec2 creds and parse the secret and access key returned
RESULT=`keystone ec2-create-credentials --tenant_id=$ADMIN_TENANT --user_id=$ADMIN_USER`
echo `$@ | grep id | awk '{print $4}'`
ADMIN_ACCESS=`echo "$RESULT" | grep access | awk '{print $4}'`
ADMIN_SECRET=`echo "$RESULT" | grep secret | awk '{print $4}'`
RESULT=`keystone ec2-create-credentials --tenant_id=$DEMO_TENANT --user_id=$DEMO_USER`
DEMO_ACCESS=`echo "$RESULT" | grep access | awk '{print $4}'`
DEMO_SECRET=`echo "$RESULT" | grep secret | awk '{print $4}'`
# Added! (NOT IN ORIGINAL)
EC2RC_FILE=`pwd`/ec2rc
if [ -n "$EC2RC_FILE" ]; then
cat > $EC2RC_FILE <<EOF
cat <<EOF
# EC2 access variables (ie for euca tools...)
export EC2_ACCESS_KEY=$DEMO_ACCESS
export EC2_SECRET_KEY=$DEMO_SECRET
@ -114,8 +111,5 @@ export ADMIN_SECRET=$ADMIN_SECRET
export ADMIN_ACCESS=$ADMIN_ACCESS
export DEMO_ACCESS=$DEMO_ACCESS
export DEMO_SECRET=$DEMO_SECRET
EOF
fi

@ -76,6 +76,9 @@ WAIT_ONLINE_TO = settings.WAIT_ALIVE_SECS
#config keys we warm up so u won't be prompted later
WARMUP_PWS = ['horizon_keystone_admin', 'service_token']
#ec2 rc filename
EC2RC_FN = 'ec2rc'
class KeystoneUninstaller(comp.PythonUninstallComponent):
def __init__(self, *args, **kargs):
@ -208,7 +211,10 @@ class KeystoneRuntime(comp.PythonRuntime):
env['BIN_DIR'] = self.bindir
setup_cmd = MANAGE_CMD_ROOT + [tgt_fn]
LOG.info("Running (%s) command to initialize keystone." % (" ".join(setup_cmd)))
sh.execute(*setup_cmd, env_overrides=env)
(sysout, stderr) = sh.execute(*setup_cmd, env_overrides=env, run_as_root=False)
if sysout:
ec2rcfn = self.cfg.getdefaulted("keystone", "ec2_rc_fn", EC2RC_FN)
sh.write_file(ec2rcfn, sysout)
LOG.debug("Removing (%s) file since we successfully initialized keystone." % (tgt_fn))
sh.unlink(tgt_fn)