Adding application definition for keystone
Change-Id: I78501d26ee633fba32f5d9919bfb49faedd8d8f9
This commit is contained in:
parent
73cae2c9e1
commit
26e2873f58
|
@ -27,12 +27,5 @@ RUN mv keystone*/ keystone-{{ branch }}/ \
|
|||
RUN chown -R keystone: /var/www/cgi-bin/keystone \
|
||||
&& chmod 755 /var/www/cgi-bin/keystone/*
|
||||
|
||||
|
||||
COPY keystone.conf /etc/keystone/keystone.conf
|
||||
|
||||
COPY wsgi-keystone.conf /etc/apache2/conf-enabled/wsgi-keystone.conf
|
||||
|
||||
COPY bootstrap.sh /usr/local/bin/bootstrap.sh
|
||||
RUN chmod 755 /usr/local/bin/bootstrap.sh
|
||||
|
||||
CMD ["bootstrap.sh"]
|
||||
COPY daemon.sh /usr/local/bin/daemon.sh
|
||||
RUN chmod 755 /usr/local/bin/daemon.sh
|
||||
|
|
|
@ -1,56 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
source /etc/apache2/envvars
|
||||
|
||||
sed -i "s/keystone_user/${KEYSTONE_USER}/g" /etc/keystone/keystone.conf
|
||||
sed -i "s/keystone_pass/${KEYSTONE_PASS}/g" /etc/keystone/keystone.conf
|
||||
sed -i "s/keystone_addr/${DB_HOST}/g" /etc/keystone/keystone.conf
|
||||
sed -i "s/keystone_db/${KEYSTONE_DB}/g" /etc/keystone/keystone.conf
|
||||
|
||||
nc -z -v -w5 ${DB_HOST} 3306
|
||||
if [ $? -ne 0 ]
|
||||
then
|
||||
exit 1
|
||||
fi
|
||||
|
||||
controller=`hostname -i`
|
||||
|
||||
# bootstrap db
|
||||
echo "Creating database for keystone"
|
||||
mysql -u root -p${ROOT_DB_PASS} -h ${DB_HOST} -e "create database ${KEYSTONE_DB}"
|
||||
mysql -u root -p${ROOT_DB_PASS} -h ${DB_HOST} -e "grant all privileges on ${KEYSTONE_DB}.* to '${KEYSTONE_USER}'@'%' identified by '${KEYSTONE_PASS}';"
|
||||
|
||||
echo "Keystone db_sync"
|
||||
keystone-manage db_sync
|
||||
|
||||
echo "Keystone bootstrap"
|
||||
keystone-manage bootstrap --bootstrap-password ${KEYSTONE_PASS}
|
||||
|
||||
/usr/sbin/apachectl start
|
||||
|
||||
export OS_URL=http://127.0.0.1:35357/v3
|
||||
export OS_TOKEN=adm_tok
|
||||
export OS_IDENTITY_API_VERSION=3
|
||||
|
||||
id=`openstack service list | awk '/ identity / {print $2}' | wc -l`
|
||||
|
||||
if [ "$id" -eq "0" ]
|
||||
then
|
||||
echo 'Keystone users\endoint creation'
|
||||
openstack service create --name keystone --description "OpenStack Identity" identity
|
||||
|
||||
openstack endpoint create --region RegionOne \
|
||||
identity public http://$controller:5000/v3
|
||||
|
||||
openstack endpoint create --region RegionOne \
|
||||
identity internal http://$controller:5000/v3
|
||||
|
||||
openstack endpoint create --region RegionOne \
|
||||
identity admin http://$controller:35357/v3
|
||||
fi
|
||||
/usr/sbin/apachectl stop
|
||||
|
||||
sleep 5
|
||||
|
||||
echo "Keystone apache process start"
|
||||
/usr/sbin/apache2ctl -D FOREGROUND
|
|
@ -0,0 +1,4 @@
|
|||
#!/bin/bash
|
||||
|
||||
source /etc/apache2/envvars
|
||||
/usr/sbin/apache2ctl -D FOREGROUND
|
|
@ -1,10 +0,0 @@
|
|||
[DEFAULT]
|
||||
debug = False
|
||||
use_syslog = False
|
||||
#syslog_log_facility=LOG_LOCAL0
|
||||
use_stderr = True
|
||||
|
||||
admin_token = adm_tok
|
||||
|
||||
[database]
|
||||
connection = mysql+pymysql://keystone_user:keystone_pass@keystone_addr/keystone_db
|
|
@ -0,0 +1,11 @@
|
|||
#!/bin/bash
|
||||
|
||||
export OS_PROJECT_DOMAIN_NAME=default
|
||||
export OS_USER_DOMAIN_NAME=default
|
||||
export OS_PROJECT_NAME=admin
|
||||
export OS_USERNAME={{ openstack_user_name }}
|
||||
export OS_PASSWORD={{ openstack_user_password }}
|
||||
export OS_AUTH_URL=http://keystone:{{ keystone_public_port }}/v3
|
||||
export OS_IDENTITY_API_VERSION=3
|
||||
|
||||
openstack project create service
|
|
@ -0,0 +1,12 @@
|
|||
configs:
|
||||
keystone_public_port: 5000
|
||||
keystone_admin_port: 35357
|
||||
|
||||
keystone_db_password: password
|
||||
keystone_db_name: keystone
|
||||
keystone_db_username: keystone
|
||||
|
||||
openstack_user_name: admin
|
||||
openstack_user_password: password
|
||||
openstack_project_name: admin
|
||||
openstack_role_name: admin
|
|
@ -0,0 +1,8 @@
|
|||
[DEFAULT]
|
||||
debug = False
|
||||
use_syslog = False
|
||||
#syslog_log_facility=LOG_LOCAL0
|
||||
use_stderr = True
|
||||
|
||||
[database]
|
||||
connection = mysql+pymysql://{{ keystone_db_username }}:{{ keystone_db_password }}@mariadb/{{ keystone_db_name }}
|
|
@ -1,7 +1,7 @@
|
|||
Listen 5000
|
||||
Listen 35357
|
||||
Listen {{ keystone_public_port }}
|
||||
Listen {{ keystone_admin_port }}
|
||||
|
||||
<VirtualHost *:5000>
|
||||
<VirtualHost *:{{ keystone_public_port }}>
|
||||
WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP} python-path=/var/lib/microservices/venv/lib/python2.7/site-packages
|
||||
WSGIProcessGroup keystone-public
|
||||
WSGIScriptAlias / /var/www/cgi-bin/keystone/main
|
||||
|
@ -17,7 +17,7 @@ Listen 35357
|
|||
CustomLog "/var/log/apache2/keystone-access.log" combined
|
||||
</VirtualHost>
|
||||
|
||||
<VirtualHost *:35357>
|
||||
<VirtualHost *:{{ keystone_admin_port }}>
|
||||
WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP} python-path=/var/lib/microservices/venv/lib/python2.7/site-packages
|
||||
WSGIProcessGroup keystone-admin
|
||||
WSGIScriptAlias / /var/www/cgi-bin/keystone/admin
|
||||
|
@ -29,4 +29,4 @@ Listen 35357
|
|||
# Check the comment above.
|
||||
ErrorLog /proc/1/fd/2
|
||||
CustomLog "/var/log/apache2/keystone-access.log" combined
|
||||
</VirtualHost>
|
||||
</VirtualHost>
|
|
@ -0,0 +1,62 @@
|
|||
service:
|
||||
name: keystone
|
||||
ports:
|
||||
- keystone_public_port
|
||||
- keystone_admin_port
|
||||
probes:
|
||||
readiness: "true"
|
||||
liveness: "true"
|
||||
pre:
|
||||
- name: keystone-db-create
|
||||
dependencies:
|
||||
- mariadb
|
||||
type: single
|
||||
command:
|
||||
mysql -u root -p{{ db_root_password }} -h mariadb -e "create database {{ keystone_db_name }};
|
||||
grant all privileges on {{ keystone_db_name }}.* to '{{ keystone_db_username }}'@'%' identified by '{{ keystone_db_password }}'"
|
||||
|
||||
- name: keystone-db-sync
|
||||
files:
|
||||
- keystone-conf
|
||||
dependencies:
|
||||
- keystone-db-create
|
||||
type: single
|
||||
command: keystone-manage db_sync
|
||||
|
||||
- name: keystone-db-bootstrap
|
||||
files:
|
||||
- keystone-conf
|
||||
dependencies:
|
||||
- keystone-db-sync
|
||||
type: single
|
||||
command: keystone-manage bootstrap
|
||||
--bootstrap-password {{ openstack_user_password }}
|
||||
--bootstrap-username {{ openstack_user_name }}
|
||||
--bootstrap-project-name {{ openstack_project_name }}
|
||||
--bootstrap-role-name {{ openstack_role_name }}
|
||||
--bootstrap-service-name keystone --bootstrap-region-id RegionOne
|
||||
--bootstrap-admin-url http://keystone:{{ keystone_admin_port }}
|
||||
--bootstrap-public-url http://keystone:{{ keystone_public_port }}
|
||||
--bootstrap-internal-url http://keystone:{{ keystone_public_port }}
|
||||
daemon:
|
||||
files:
|
||||
- keystone-conf
|
||||
- wsgi-keystone-conf
|
||||
command: daemon.sh
|
||||
post:
|
||||
- name: keystone-create-project
|
||||
files:
|
||||
- create-project.sh
|
||||
type: single
|
||||
command: /tmp/create-project.sh
|
||||
files:
|
||||
keystone-conf:
|
||||
path: /etc/keystone/keystone.conf
|
||||
content: keystone.conf.j2
|
||||
wsgi-keystone-conf:
|
||||
path: /etc/apache2/conf-enabled/wsgi-keystone.conf
|
||||
content: wsgi-keystone.conf.j2
|
||||
create-project.sh:
|
||||
path: /tmp/create-project.sh
|
||||
content: create-project.sh.j2
|
||||
perm: "0755"
|
|
@ -1,27 +0,0 @@
|
|||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: keystone
|
||||
labels:
|
||||
app: keystone
|
||||
spec:
|
||||
containers:
|
||||
- name: keystone
|
||||
image: {{ namespace }}/keystone:{{ tag }}
|
||||
env:
|
||||
- name: DB_HOST
|
||||
value: openstack-mysql.default.svc.cluster.local
|
||||
- name: ROOT_DB_PASS
|
||||
value: password
|
||||
- name: KEYSTONE_USER
|
||||
value: keystone
|
||||
- name: KEYSTONE_PASS
|
||||
value: password
|
||||
- name: KEYSTONE_DB
|
||||
value: keystone
|
||||
imagePullPolicy: Always
|
||||
ports:
|
||||
- containerPort: 5000
|
||||
hostPort: 5000
|
||||
- containerPort: 35357
|
||||
hostPort: 35357
|
|
@ -1,21 +0,0 @@
|
|||
kind: "Service"
|
||||
apiVersion: "v1"
|
||||
metadata:
|
||||
name: "keystone-service"
|
||||
spec:
|
||||
selector:
|
||||
app: "keystone"
|
||||
ports:
|
||||
-
|
||||
name: "admin"
|
||||
protocol: "TCP"
|
||||
port: 5000
|
||||
targetPort: 5000
|
||||
nodePort: 30500
|
||||
-
|
||||
name: "public"
|
||||
protocol: "TCP"
|
||||
port: 35357
|
||||
targetPort: 35357
|
||||
nodePort: 30357
|
||||
type: "NodePort"
|
Loading…
Reference in New Issue