reflecting devstack v1 keystone init changes and nova changes
This commit is contained in:
Joshua Harlow
@@ -75,17 +75,6 @@ keystone_service_host = ${KEYSTONE_SERVICE_HOST:-$(host:ip)}
|
||||
keystone_service_port = ${KEYSTONE_SERVICE_PORT:-5000}
|
||||
keystone_service_protocol = ${KEYSTONE_SERVICE_PROTOCOL:-http}
|
||||
|
||||
# User names (used in init script)
|
||||
invisible_user = invisible_to_admin
|
||||
demo_user = ${KEYSTONE_DEMO_USER:-demo}
|
||||
admin_user = ${KEYSTONE_ADMIN_USER:-admin}
|
||||
|
||||
# The above user names are also the tenant names.
|
||||
#
|
||||
# Nova original used project_id as the *account* that owned resources (servers,
|
||||
# ip address, ...) With the addition of Keystone we have standardized on the
|
||||
# term **tenant** as the entity that owns the resources.
|
||||
|
||||
[nova]
|
||||
|
||||
# Should nova be in verbose mode?
|
||||
@@ -99,8 +88,7 @@ allow_admin_api = 1
|
||||
nova_version = ${NOVA_VERSION:-1.1}
|
||||
|
||||
# Which scheduler will nova be running with?
|
||||
# SimpleScheduler should work in most cases unless you are working on multi-zone mode.
|
||||
scheduler = ${NOVA_SCHEDULER:-nova.scheduler.simple.SimpleScheduler}
|
||||
scheduler = ${NOVA_SCHEDULER:-nova.scheduler.filter_scheduler.FilterScheduler}
|
||||
|
||||
# Network settings
|
||||
# Very useful to read over:
|
||||
|
||||
@@ -1,156 +1,161 @@
|
||||
#!/bin/bash
|
||||
|
||||
# From devstack commit 5f9473e8b9bdc15f42db597d5d1e766b760f764e with some modifications
|
||||
# From devstack commit c4849e7f8f40f522541d8e1e03771edf942d851e with modifications
|
||||
|
||||
#
|
||||
# Initial data for Keystone using python-keystoneclient
|
||||
#
|
||||
# A set of EC2-compatible credentials is created for both admin and demo
|
||||
# users and placed in $DEVSTACK_DIR/ec2rc.
|
||||
#
|
||||
# Tenant User Roles
|
||||
# -------------------------------------------------------
|
||||
# admin admin admin
|
||||
# service glance admin
|
||||
# service nova admin
|
||||
# service quantum admin # if enabled
|
||||
# service swift admin # if enabled
|
||||
# demo admin admin
|
||||
# demo demo Member,sysadmin,netadmin
|
||||
# invisible_to_admin demo Member
|
||||
#
|
||||
# Variables set before calling this script:
|
||||
#
|
||||
# SERVICE_TOKEN - aka admin_token in keystone.conf
|
||||
# SERVICE_ENDPOINT - local Keystone admin endpoint
|
||||
# SERVICE_TENANT_NAME - name of tenant containing service accounts
|
||||
# ENABLED_SERVICES - devstackPY's list of services being activated
|
||||
|
||||
set -o errexit
|
||||
|
||||
# These are used by keystone commands below
|
||||
export SERVICE_TOKEN=%SERVICE_TOKEN%
|
||||
|
||||
# This is really the auth endpoint, not the service endpoint
|
||||
export SERVICE_ENDPOINT=%AUTH_ENDPOINT%
|
||||
ADMIN_PASSWORD=%ADMIN_PASSWORD%
|
||||
SERVICE_PASSWORD=%SERVICE_PASSWORD%
|
||||
SERVICE_TOKEN=%SERVICE_TOKEN%
|
||||
export SERVICE_TOKEN
|
||||
SERVICE_ENDPOINT=%SERVICE_ENDPOINT%
|
||||
export SERVICE_ENDPOINT
|
||||
SERVICE_TENANT_NAME=%SERVICE_TENANT_NAME%
|
||||
|
||||
function get_id () {
|
||||
echo `$@ | grep ' id ' | awk '{print $4}'`
|
||||
echo `$@ | awk '/ id / { print $4 }'`
|
||||
}
|
||||
|
||||
# Added! (NOT IN ORIGINAL)
|
||||
ADMIN_USERNAME=%ADMIN_USER_NAME%
|
||||
ADMIN_PASSWORD=%ADMIN_PASSWORD%
|
||||
DEMO_USER_NAME=%DEMO_USER_NAME%
|
||||
INVIS_USER_NAME=%INVIS_USER_NAME%
|
||||
MEMBER_ROLE_NAME=Member
|
||||
KEYSTONE_ADMIN_ROLE_NAME=KeystoneAdmin
|
||||
KEYSTONE_SERVICE_ADMIN_ROLE_NAME=KeystoneServiceAdmin
|
||||
SYSADMIN_ROLE_NAME=sysadmin
|
||||
NETADMIN_ROLE_NAME=netadmin
|
||||
DUMMY_EMAIL=admin@example.com
|
||||
function qq () {
|
||||
`$@ 2>&1 >/dev/null`
|
||||
}
|
||||
|
||||
# Tenants (names are same as user names)
|
||||
ADMIN_TENANT=`get_id keystone tenant-create --name=$ADMIN_USERNAME`
|
||||
DEMO_TENANT=`get_id keystone tenant-create --name=$DEMO_USER_NAME`
|
||||
INVIS_TENANT=`get_id keystone tenant-create --name=$INVIS_USER_NAME`
|
||||
# Tenants
|
||||
ADMIN_TENANT=$(get_id keystone tenant-create --name=admin)
|
||||
SERVICE_TENANT=$(get_id keystone tenant-create --name=$SERVICE_TENANT_NAME)
|
||||
DEMO_TENANT=$(get_id keystone tenant-create --name=demo)
|
||||
INVIS_TENANT=$(get_id keystone tenant-create --name=invisible_to_admin)
|
||||
|
||||
# Users
|
||||
ADMIN_USER=`get_id keystone user-create \
|
||||
--name=$ADMIN_USERNAME \
|
||||
ADMIN_USER=$(get_id keystone user-create --name=admin \
|
||||
--pass="$ADMIN_PASSWORD" \
|
||||
--email=$DUMMY_EMAIL`
|
||||
|
||||
DEMO_USER=`get_id keystone user-create \
|
||||
--name=$DEMO_USER_NAME \
|
||||
--email=admin@example.com)
|
||||
DEMO_USER=$(get_id keystone user-create --name=demo \
|
||||
--pass="$ADMIN_PASSWORD" \
|
||||
--email=$DUMMY_EMAIL`
|
||||
|
||||
# Detect if the keystone cli binary has the command names changed
|
||||
# in https://review.openstack.org/4375
|
||||
# FIXME(dtroyer): Remove the keystone client command checking
|
||||
# after a suitable transition period. add-user-role
|
||||
# and ec2-create-credentials were renamed
|
||||
if keystone help | grep -q user-role-add; then
|
||||
KEYSTONE_COMMAND_4375=1
|
||||
fi
|
||||
--email=demo@example.com)
|
||||
|
||||
# Roles
|
||||
ADMIN_ROLE=`get_id keystone role-create --name=$ADMIN_USERNAME`
|
||||
MEMBER_ROLE=`get_id keystone role-create --name=$MEMBER_ROLE_NAME`
|
||||
KEYSTONEADMIN_ROLE=`get_id keystone role-create --name=$KEYSTONE_ADMIN_ROLE_NAME`
|
||||
KEYSTONESERVICE_ROLE=`get_id keystone role-create --name=$KEYSTONE_SERVICE_ADMIN_ROLE_NAME`
|
||||
SYSADMIN_ROLE=`get_id keystone role-create --name=$SYSADMIN_ROLE_NAME`
|
||||
NETADMIN_ROLE=`get_id keystone role-create --name=$NETADMIN_ROLE_NAME`
|
||||
ADMIN_ROLE=$(get_id keystone role-create --name=admin)
|
||||
KEYSTONEADMIN_ROLE=$(get_id keystone role-create --name=KeystoneAdmin)
|
||||
KEYSTONESERVICE_ROLE=$(get_id keystone role-create --name=KeystoneServiceAdmin)
|
||||
SYSADMIN_ROLE=$(get_id keystone role-create --name=sysadmin)
|
||||
NETADMIN_ROLE=$(get_id keystone role-create --name=netadmin)
|
||||
|
||||
# Added 2>&1 >/dev/null to all (NOT IN ORIGINAL)
|
||||
# Add Roles to Users in Tenants
|
||||
qq keystone user-role-add --user $ADMIN_USER --role $ADMIN_ROLE --tenant_id $ADMIN_TENANT
|
||||
qq keystone user-role-add --user $ADMIN_USER --role $ADMIN_ROLE --tenant_id $DEMO_TENANT
|
||||
qq keystone user-role-add --user $DEMO_USER --role $SYSADMIN_ROLE --tenant_id $DEMO_TENANT
|
||||
qq keystone user-role-add --user $DEMO_USER --role $NETADMIN_ROLE --tenant_id $DEMO_TENANT
|
||||
|
||||
if [[ -n "$KEYSTONE_COMMAND_4375" ]]; then
|
||||
# Add Roles to Users in Tenants
|
||||
keystone user-role-add --user $ADMIN_USER --role $ADMIN_ROLE --tenant_id $ADMIN_TENANT 2>&1 >/dev/null
|
||||
keystone user-role-add --user $DEMO_USER --role $MEMBER_ROLE --tenant_id $DEMO_TENANT 2>&1 >/dev/null
|
||||
keystone user-role-add --user $DEMO_USER --role $SYSADMIN_ROLE --tenant_id $DEMO_TENANT 2>&1 >/dev/null
|
||||
keystone user-role-add --user $DEMO_USER --role $NETADMIN_ROLE --tenant_id $DEMO_TENANT 2>&1 >/dev/null
|
||||
keystone user-role-add --user $DEMO_USER --role $MEMBER_ROLE --tenant_id $INVIS_TENANT 2>&1 >/dev/null
|
||||
keystone user-role-add --user $ADMIN_USER --role $ADMIN_ROLE --tenant_id $DEMO_TENANT 2>&1 >/dev/null
|
||||
# TODO(termie): these two might be dubious
|
||||
qq keystone user-role-add --user $ADMIN_USER --role $KEYSTONEADMIN_ROLE --tenant_id $ADMIN_TENANT
|
||||
qq keystone user-role-add --user $ADMIN_USER --role $KEYSTONESERVICE_ROLE --tenant_id $ADMIN_TENANT
|
||||
|
||||
# TODO(termie): these two might be dubious
|
||||
keystone user-role-add --user $ADMIN_USER --role $KEYSTONEADMIN_ROLE --tenant_id $ADMIN_TENANT 2>&1 >/dev/null
|
||||
keystone user-role-add --user $ADMIN_USER --role $KEYSTONESERVICE_ROLE --tenant_id $ADMIN_TENANT 2>&1 >/dev/null
|
||||
else
|
||||
### compat
|
||||
# Add Roles to Users in Tenants
|
||||
keystone add-user-role $ADMIN_USER $ADMIN_ROLE $ADMIN_TENANT 2>&1 >/dev/null
|
||||
keystone add-user-role $DEMO_USER $MEMBER_ROLE $DEMO_TENANT 2>&1 >/dev/null
|
||||
keystone add-user-role $DEMO_USER $SYSADMIN_ROLE $DEMO_TENANT 2>&1 >/dev/null
|
||||
keystone add-user-role $DEMO_USER $NETADMIN_ROLE $DEMO_TENANT 2>&1 >/dev/null
|
||||
keystone add-user-role $DEMO_USER $MEMBER_ROLE $INVIS_TENANT 2>&1 >/dev/null
|
||||
keystone add-user-role $ADMIN_USER $ADMIN_ROLE $DEMO_TENANT 2>&1 >/dev/null
|
||||
|
||||
# TODO(termie): these two might be dubious
|
||||
keystone add-user-role $ADMIN_USER $KEYSTONEADMIN_ROLE $ADMIN_TENANT 2>&1 >/dev/null
|
||||
keystone add-user-role $ADMIN_USER $KEYSTONESERVICE_ROLE $ADMIN_TENANT 2>&1 >/dev/null
|
||||
###
|
||||
fi
|
||||
# The Member role is used by Horizon and Swift so we need to keep it:
|
||||
MEMBER_ROLE=$(get_id keystone role-create --name=Member)
|
||||
qq keystone user-role-add --user $DEMO_USER --role $MEMBER_ROLE --tenant_id $DEMO_TENANT
|
||||
qq keystone user-role-add --user $DEMO_USER --role $MEMBER_ROLE --tenant_id $INVIS_TENANT
|
||||
|
||||
# Services
|
||||
keystone service-create \
|
||||
--name=nova \
|
||||
--type=compute \
|
||||
--description="Nova Compute Service" 2>&1 >/dev/null
|
||||
|
||||
keystone service-create \
|
||||
--name=ec2 \
|
||||
--type=ec2 \
|
||||
--description="EC2 Compatibility Layer" 2>&1 >/dev/null
|
||||
|
||||
keystone service-create \
|
||||
--name=glance \
|
||||
--type=image \
|
||||
--description="Glance Image Service" 2>&1 >/dev/null
|
||||
|
||||
keystone service-create \
|
||||
--name=keystone \
|
||||
qq keystone service-create --name=keystone \
|
||||
--type=identity \
|
||||
--description="Keystone Identity Service" 2>&1 >/dev/null
|
||||
--description="Keystone Identity Service"
|
||||
|
||||
qq keystone service-create --name=nova \
|
||||
--type=compute \
|
||||
--description="Nova Compute Service"
|
||||
|
||||
NOVA_USER=$(get_id keystone user-create --name=nova \
|
||||
--pass="$SERVICE_PASSWORD" \
|
||||
--tenant_id $SERVICE_TENANT \
|
||||
--email=nova@example.com)
|
||||
|
||||
qq keystone user-role-add --tenant_id $SERVICE_TENANT \
|
||||
--user $NOVA_USER \
|
||||
--role $ADMIN_ROLE
|
||||
|
||||
qq keystone service-create --name=ec2 \
|
||||
--type=ec2 \
|
||||
--description="EC2 Compatibility Layer"
|
||||
|
||||
qq keystone service-create --name=glance \
|
||||
--type=image \
|
||||
--description="Glance Image Service"
|
||||
|
||||
GLANCE_USER=$(get_id keystone user-create --name=glance \
|
||||
--pass="$SERVICE_PASSWORD" \
|
||||
--tenant_id $SERVICE_TENANT \
|
||||
--email=glance@example.com)
|
||||
|
||||
qq keystone user-role-add --tenant_id $SERVICE_TENANT \
|
||||
--user $GLANCE_USER \
|
||||
--role $ADMIN_ROLE
|
||||
|
||||
if [[ "$ENABLED_SERVICES" =~ "n-vol" ]]; then
|
||||
keystone service-create \
|
||||
--name="nova-volume" \
|
||||
qq keystone service-create --name="nova-volume" \
|
||||
--type=volume \
|
||||
--description="Nova Volume Service" 2>&1 >/dev/null
|
||||
--description="Nova Volume Service"
|
||||
fi
|
||||
|
||||
if [[ "$ENABLED_SERVICES" =~ "swift" ]]; then
|
||||
keystone service-create \
|
||||
--name=swift \
|
||||
qq keystone service-create --name=swift \
|
||||
--type="object-store" \
|
||||
--description="Swift Service" 2>&1 >/dev/null
|
||||
fi
|
||||
if [[ "$ENABLED_SERVICES" =~ "quantum-server" ]]; then
|
||||
keystone service-create \
|
||||
--name=quantum \
|
||||
--type=network \
|
||||
--description="Quantum Service" 2>&1 >/dev/null
|
||||
--description="Swift Service"
|
||||
SWIFT_USER=$(get_id keystone user-create --name=swift \
|
||||
--pass="$SERVICE_PASSWORD" \
|
||||
--tenant_id $SERVICE_TENANT \
|
||||
--email=swift@example.com)
|
||||
qq keystone user-role-add --tenant_id $SERVICE_TENANT \
|
||||
--user $SWIFT_USER \
|
||||
--role $ADMIN_ROLE
|
||||
fi
|
||||
|
||||
if [[ "$ENABLED_SERVICES" =~ "quantum-server" ]]; then
|
||||
qq keystone service-create --name=quantum \
|
||||
--type=network \
|
||||
--description="Quantum Service"
|
||||
QUANTUM_USER=$(get_id keystone user-create --name=quantum \
|
||||
--pass="$SERVICE_PASSWORD" \
|
||||
--tenant_id $SERVICE_TENANT \
|
||||
--email=quantum@example.com)
|
||||
qq keystone user-role-add --tenant_id $SERVICE_TENANT \
|
||||
--user $QUANTUM_USER \
|
||||
--role $ADMIN_ROLE
|
||||
fi
|
||||
|
||||
# create ec2 creds and parse the secret and access key returned
|
||||
if [[ -n "$KEYSTONE_COMMAND_4375" ]]; then
|
||||
RESULT=`keystone ec2-credentials-create --tenant_id=$ADMIN_TENANT --user=$ADMIN_USER`
|
||||
else
|
||||
RESULT=`keystone ec2-create-credentials --tenant_id=$ADMIN_TENANT --user_id=$ADMIN_USER`
|
||||
fi
|
||||
echo `$@ | grep id | awk '{print $4}'`
|
||||
ADMIN_ACCESS=`echo "$RESULT" | grep access | awk '{print $4}'`
|
||||
ADMIN_SECRET=`echo "$RESULT" | grep secret | awk '{print $4}'`
|
||||
RESULT=$(keystone ec2-credentials-create --tenant_id=$ADMIN_TENANT --user=$ADMIN_USER)
|
||||
ADMIN_ACCESS=$(echo "$RESULT" | awk '/ access / { print $4 }')
|
||||
ADMIN_SECRET=$(echo "$RESULT" | awk '/ secret / { print $4 }')
|
||||
|
||||
RESULT=$(keystone ec2-credentials-create --tenant_id=$DEMO_TENANT --user=$DEMO_USER)
|
||||
DEMO_ACCESS=$(echo "$RESULT" | awk '/ access / { print $4 }')
|
||||
DEMO_SECRET=$(echo "$RESULT" | awk '/ secret / { print $4 }')
|
||||
|
||||
if [[ -n "$KEYSTONE_COMMAND_4375" ]]; then
|
||||
RESULT=`keystone ec2-credentials-create --tenant_id=$DEMO_TENANT --user=$DEMO_USER`
|
||||
else
|
||||
RESULT=`keystone ec2-create-credentials --tenant_id=$DEMO_TENANT --user_id=$DEMO_USER`
|
||||
fi
|
||||
DEMO_ACCESS=`echo "$RESULT" | grep access | awk '{print $4}'`
|
||||
DEMO_SECRET=`echo "$RESULT" | grep secret | awk '{print $4}'`
|
||||
|
||||
# Added! (NOT IN ORIGINAL)
|
||||
cat <<EOF
|
||||
# EC2 access variables (ie for euca tools...)
|
||||
export EC2_ACCESS_KEY=$DEMO_ACCESS
|
||||
@@ -162,4 +167,3 @@ export ADMIN_ACCESS=$ADMIN_ACCESS
|
||||
export DEMO_ACCESS=$DEMO_ACCESS
|
||||
export DEMO_SECRET=$DEMO_SECRET
|
||||
EOF
|
||||
|
||||
|
||||
@@ -212,8 +212,6 @@ class KeystoneInstaller(comp.PythonInstallComponent):
|
||||
mp['KEYSTONE_DIR'] = self.appdir
|
||||
mp.update(get_shared_params(self.cfg))
|
||||
elif config_fn == MANAGE_DATA_CONF:
|
||||
mp['ADMIN_PASSWORD'] = self.cfg.get('passwords', 'horizon_keystone_admin')
|
||||
mp.update(get_shared_users(self.cfg))
|
||||
mp.update(get_shared_params(self.cfg))
|
||||
return mp
|
||||
|
||||
@@ -256,21 +254,20 @@ class KeystoneRuntime(comp.PythonRuntime):
|
||||
return APP_OPTIONS.get(app)
|
||||
|
||||
|
||||
def get_shared_users(config):
|
||||
mp = dict()
|
||||
mp['ADMIN_USER_NAME'] = config.getdefaulted("keystone", "admin_user", MANAGE_ADMIN_USER)
|
||||
mp['ADMIN_TENANT_NAME'] = mp['ADMIN_USER_NAME']
|
||||
mp['DEMO_USER_NAME'] = config.getdefaulted("keystone", "demo_user", MANAGE_DEMO_USER)
|
||||
mp['DEMO_TENANT_NAME'] = mp['DEMO_USER_NAME']
|
||||
mp['INVIS_USER_NAME'] = config.getdefaulted("keystone", "invisible_user", MANAGE_INVIS_USER)
|
||||
mp['INVIS_TENANT_NAME'] = mp['INVIS_USER_NAME']
|
||||
return mp
|
||||
|
||||
|
||||
def get_shared_params(config):
|
||||
mp = dict()
|
||||
host_ip = config.get('host', 'ip')
|
||||
|
||||
#these match what is in keystone_init.sh
|
||||
mp['SERVICE_TENANT_NAME'] = 'service'
|
||||
mp['ADMIN_USER_NAME'] = 'admin'
|
||||
mp['ADMIN_TENANT_NAME'] = mp['ADMIN_USER_NAME']
|
||||
mp['DEMO_USER_NAME'] = 'demo'
|
||||
mp['DEMO_TENANT_NAME'] = mp['DEMO_USER_NAME']
|
||||
|
||||
mp['ADMIN_PASSWORD'] = config.get('passwords', 'horizon_keystone_admin')
|
||||
mp['SERVICE_PASSWORD'] = mp['ADMIN_PASSWORD']
|
||||
|
||||
keystone_auth_host = config.getdefaulted('keystone', 'keystone_auth_host', host_ip)
|
||||
mp['KEYSTONE_AUTH_HOST'] = keystone_auth_host
|
||||
keystone_auth_port = config.get('keystone', 'keystone_auth_port')
|
||||
|
||||
@@ -664,7 +664,7 @@ class NovaConfConfigurator(object):
|
||||
nova_conf.add('allow_resize_to_same_host', True)
|
||||
|
||||
#which scheduler do u want?
|
||||
nova_conf.add('scheduler_driver', self._getstr('scheduler', DEF_SCHEDULER))
|
||||
nova_conf.add('compute_scheduler_driver', self._getstr('scheduler', DEF_SCHEDULER))
|
||||
|
||||
#setup network settings
|
||||
self._configure_network_settings(nova_conf)
|
||||
@@ -694,6 +694,9 @@ class NovaConfConfigurator(object):
|
||||
#enable the standard extensions
|
||||
nova_conf.add('osapi_compute_extension', STD_COMPUTE_EXTS)
|
||||
|
||||
#auth will be using keystone
|
||||
nova_conf.add('auth_strategy', 'keystone')
|
||||
|
||||
#vnc settings setup
|
||||
self._configure_vnc(nova_conf)
|
||||
|
||||
|
||||
@@ -115,11 +115,10 @@ class RcGenerator(object):
|
||||
lines.append('# Openstack stuff')
|
||||
lines.extend(self._make_export_cfg('OS_PASSWORD',
|
||||
('passwords', 'horizon_keystone_admin')))
|
||||
key_users = keystone.get_shared_users(self.cfg)
|
||||
key_ends = keystone.get_shared_params(self.cfg)
|
||||
lines.extend(self._make_export('OS_TENANT_NAME', key_users['DEMO_TENANT_NAME']))
|
||||
lines.extend(self._make_export('OS_USERNAME', key_users['DEMO_USER_NAME']))
|
||||
lines.extend(self._make_export('OS_AUTH_URL', key_ends['SERVICE_ENDPOINT']))
|
||||
key_params = keystone.get_shared_params(self.cfg)
|
||||
lines.extend(self._make_export('OS_TENANT_NAME', key_params['DEMO_TENANT_NAME']))
|
||||
lines.extend(self._make_export('OS_USERNAME', key_params['DEMO_USER_NAME']))
|
||||
lines.extend(self._make_export('OS_AUTH_URL', key_params['SERVICE_ENDPOINT']))
|
||||
lines.append("")
|
||||
return lines
|
||||
|
||||
@@ -147,11 +146,10 @@ alias ec2-upload-bundle="ec2-upload-bundle -a ${EC2_ACCESS_KEY} -s ${EC2_SECRET_
|
||||
lines.append('# Nova stuff')
|
||||
lines.extend(self._make_export_cfg('NOVA_PASSWORD',
|
||||
('passwords', 'horizon_keystone_admin')))
|
||||
key_users = keystone.get_shared_users(self.cfg)
|
||||
key_ends = keystone.get_shared_params(self.cfg)
|
||||
lines.extend(self._make_export('NOVA_URL', key_ends['SERVICE_ENDPOINT']))
|
||||
lines.extend(self._make_export('NOVA_PROJECT_ID', key_users['DEMO_TENANT_NAME']))
|
||||
lines.extend(self._make_export('NOVA_USERNAME', key_users['DEMO_USER_NAME']))
|
||||
key_params = keystone.get_shared_params(self.cfg)
|
||||
lines.extend(self._make_export('NOVA_URL', key_params['SERVICE_ENDPOINT']))
|
||||
lines.extend(self._make_export('NOVA_PROJECT_ID', key_params['DEMO_TENANT_NAME']))
|
||||
lines.extend(self._make_export('NOVA_USERNAME', key_params['DEMO_USER_NAME']))
|
||||
lines.extend(self._make_export_cfg('NOVA_VERSION',
|
||||
('nova', 'nova_version')))
|
||||
lines.extend(self._make_export_cfg('NOVA_CERT',
|
||||
|
||||
@@ -217,8 +217,6 @@ class ImageCreationService:
|
||||
def _get_token(self):
|
||||
LOG.info("Fetching your keystone admin token so that we can perform image uploads.")
|
||||
|
||||
pwd = self.cfg.get("passwords", "horizon_keystone_admin")
|
||||
key_users = keystone.get_shared_users(self.cfg)
|
||||
key_params = keystone.get_shared_params(self.cfg)
|
||||
keystone_service_url = key_params['SERVICE_ENDPOINT']
|
||||
keystone_token_url = "%s/tokens" % (keystone_service_url)
|
||||
@@ -230,10 +228,10 @@ class ImageCreationService:
|
||||
{
|
||||
"passwordCredentials":
|
||||
{
|
||||
"username": key_users['ADMIN_USER_NAME'],
|
||||
"password": pwd,
|
||||
"username": key_params['ADMIN_USER_NAME'],
|
||||
"password": key_params['ADMIN_PASSWORD'],
|
||||
},
|
||||
"tenantName": key_users['ADMIN_TENANT_NAME'],
|
||||
"tenantName": key_params['ADMIN_TENANT_NAME'],
|
||||
}
|
||||
})
|
||||
|
||||
|
||||
Reference in New Issue
Block a user