Browse code
Change most keystoneclient commands to openstacklient in libs
migrated most keystoneclient commands from the following libs:
ceilometer
cinder
ironic
keystone
marconi
neutron
nova
savanna
swift
trove
Also need to set and unset openstackclient specific environment
variables from stack.sh
Change-Id: I725f30bc08e1df5a4c5770576c19ad1ddaeb843a
Steve Martinelli authored on 2014/01/25 04:02:26Showing 11 changed files
- lib/ceilometer
- lib/cinder
- lib/ironic
- lib/keystone
- lib/marconi
- lib/neutron
- lib/nova
- lib/savanna
- lib/swift
- lib/trove
- stack.sh
| ... | ... |
@@ -71,33 +71,33 @@ function is_ceilometer_enabled {
|
| 71 | 71 |
|
| 72 | 72 |
create_ceilometer_accounts() {
|
| 73 | 73 |
|
| 74 |
- SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
|
|
| 75 |
- ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
|
|
| 74 |
+ SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
|
|
| 75 |
+ ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
|
|
| 76 | 76 |
|
| 77 | 77 |
# Ceilometer |
| 78 | 78 |
if [[ "$ENABLED_SERVICES" =~ "ceilometer-api" ]]; then |
| 79 |
- CEILOMETER_USER=$(keystone user-create \ |
|
| 80 |
- --name=ceilometer \ |
|
| 81 |
- --pass="$SERVICE_PASSWORD" \ |
|
| 82 |
- --tenant_id $SERVICE_TENANT \ |
|
| 83 |
- --email=ceilometer@example.com \ |
|
| 79 |
+ CEILOMETER_USER=$(openstack user create \ |
|
| 80 |
+ ceilometer \ |
|
| 81 |
+ --password "$SERVICE_PASSWORD" \ |
|
| 82 |
+ --project $SERVICE_TENANT \ |
|
| 83 |
+ --email ceilometer@example.com \ |
|
| 84 | 84 |
| grep " id " | get_field 2) |
| 85 |
- keystone user-role-add \ |
|
| 86 |
- --tenant-id $SERVICE_TENANT \ |
|
| 87 |
- --user-id $CEILOMETER_USER \ |
|
| 88 |
- --role-id $ADMIN_ROLE |
|
| 85 |
+ openstack role add \ |
|
| 86 |
+ $ADMIN_ROLE \ |
|
| 87 |
+ --project $SERVICE_TENANT \ |
|
| 88 |
+ --user $CEILOMETER_USER |
|
| 89 | 89 |
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then |
| 90 |
- CEILOMETER_SERVICE=$(keystone service-create \ |
|
| 91 |
- --name=ceilometer \ |
|
| 90 |
+ CEILOMETER_SERVICE=$(openstack service create \ |
|
| 91 |
+ ceilometer \ |
|
| 92 | 92 |
--type=metering \ |
| 93 | 93 |
--description="OpenStack Telemetry Service" \ |
| 94 | 94 |
| grep " id " | get_field 2) |
| 95 |
- keystone endpoint-create \ |
|
| 95 |
+ openstack endpoint create \ |
|
| 96 |
+ $CEILOMETER_SERVICE \ |
|
| 96 | 97 |
--region RegionOne \ |
| 97 |
- --service_id $CEILOMETER_SERVICE \ |
|
| 98 |
- --publicurl "$CEILOMETER_SERVICE_PROTOCOL://$CEILOMETER_SERVICE_HOST:$CEILOMETER_SERVICE_PORT" \ |
|
| 99 |
- --adminurl "$CEILOMETER_SERVICE_PROTOCOL://$CEILOMETER_SERVICE_HOST:$CEILOMETER_SERVICE_PORT" \ |
|
| 100 |
- --internalurl "$CEILOMETER_SERVICE_PROTOCOL://$CEILOMETER_SERVICE_HOST:$CEILOMETER_SERVICE_PORT" |
|
| 98 |
+ --publicurl "$CEILOMETER_SERVICE_PROTOCOL://$CEILOMETER_SERVICE_HOST:$CEILOMETER_SERVICE_PORT/" \ |
|
| 99 |
+ --adminurl "$CEILOMETER_SERVICE_PROTOCOL://$CEILOMETER_SERVICE_HOST:$CEILOMETER_SERVICE_PORT/" \ |
|
| 100 |
+ --internalurl "$CEILOMETER_SERVICE_PROTOCOL://$CEILOMETER_SERVICE_HOST:$CEILOMETER_SERVICE_PORT/" |
|
| 101 | 101 |
fi |
| 102 | 102 |
fi |
| 103 | 103 |
} |
| ... | ... |
@@ -330,45 +330,44 @@ function configure_cinder() {
|
| 330 | 330 |
# Migrated from keystone_data.sh |
| 331 | 331 |
create_cinder_accounts() {
|
| 332 | 332 |
|
| 333 |
- SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
|
|
| 334 |
- ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
|
|
| 333 |
+ SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
|
|
| 334 |
+ ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
|
|
| 335 | 335 |
|
| 336 | 336 |
# Cinder |
| 337 | 337 |
if [[ "$ENABLED_SERVICES" =~ "c-api" ]]; then |
| 338 |
- CINDER_USER=$(keystone user-create \ |
|
| 339 |
- --name=cinder \ |
|
| 340 |
- --pass="$SERVICE_PASSWORD" \ |
|
| 341 |
- --tenant-id $SERVICE_TENANT \ |
|
| 342 |
- --email=cinder@example.com \ |
|
| 338 |
+ CINDER_USER=$(openstack user create \ |
|
| 339 |
+ cinder \ |
|
| 340 |
+ --password "$SERVICE_PASSWORD" \ |
|
| 341 |
+ --project $SERVICE_TENANT \ |
|
| 342 |
+ --email cinder@example.com \ |
|
| 343 | 343 |
| grep " id " | get_field 2) |
| 344 |
- keystone user-role-add \ |
|
| 345 |
- --tenant-id $SERVICE_TENANT \ |
|
| 346 |
- --user-id $CINDER_USER \ |
|
| 347 |
- --role-id $ADMIN_ROLE |
|
| 344 |
+ openstack role add \ |
|
| 345 |
+ $ADMIN_ROLE \ |
|
| 346 |
+ --project $SERVICE_TENANT \ |
|
| 347 |
+ --user $CINDER_USER |
|
| 348 | 348 |
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then |
| 349 |
- CINDER_SERVICE=$(keystone service-create \ |
|
| 350 |
- --name=cinder \ |
|
| 349 |
+ CINDER_SERVICE=$(openstack service create \ |
|
| 350 |
+ cinder \ |
|
| 351 | 351 |
--type=volume \ |
| 352 | 352 |
--description="Cinder Volume Service" \ |
| 353 | 353 |
| grep " id " | get_field 2) |
| 354 |
- keystone endpoint-create \ |
|
| 354 |
+ openstack endpoint create \ |
|
| 355 |
+ $CINDER_SERVICE \ |
|
| 355 | 356 |
--region RegionOne \ |
| 356 |
- --service_id $CINDER_SERVICE \ |
|
| 357 | 357 |
--publicurl "$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v1/\$(tenant_id)s" \ |
| 358 | 358 |
--adminurl "$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v1/\$(tenant_id)s" \ |
| 359 | 359 |
--internalurl "$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v1/\$(tenant_id)s" |
| 360 |
- CINDER_V2_SERVICE=$(keystone service-create \ |
|
| 361 |
- --name=cinderv2 \ |
|
| 360 |
+ CINDER_V2_SERVICE=$(openstack service create \ |
|
| 361 |
+ cinderv2 \ |
|
| 362 | 362 |
--type=volumev2 \ |
| 363 | 363 |
--description="Cinder Volume Service V2" \ |
| 364 | 364 |
| grep " id " | get_field 2) |
| 365 |
- keystone endpoint-create \ |
|
| 365 |
+ openstack endpoint create \ |
|
| 366 |
+ $CINDER_V2_SERVICE \ |
|
| 366 | 367 |
--region RegionOne \ |
| 367 |
- --service_id $CINDER_V2_SERVICE \ |
|
| 368 | 368 |
--publicurl "$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v2/\$(tenant_id)s" \ |
| 369 | 369 |
--adminurl "$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v2/\$(tenant_id)s" \ |
| 370 | 370 |
--internalurl "$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v2/\$(tenant_id)s" |
| 371 |
- |
|
| 372 | 371 |
fi |
| 373 | 372 |
fi |
| 374 | 373 |
} |
| ... | ... |
@@ -145,30 +145,30 @@ function create_ironic_cache_dir() {
|
| 145 | 145 |
# service ironic admin # if enabled |
| 146 | 146 |
create_ironic_accounts() {
|
| 147 | 147 |
|
| 148 |
- SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
|
|
| 149 |
- ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
|
|
| 148 |
+ SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
|
|
| 149 |
+ ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
|
|
| 150 | 150 |
|
| 151 | 151 |
# Ironic |
| 152 | 152 |
if [[ "$ENABLED_SERVICES" =~ "ir-api" ]]; then |
| 153 |
- IRONIC_USER=$(keystone user-create \ |
|
| 154 |
- --name=ironic \ |
|
| 155 |
- --pass="$SERVICE_PASSWORD" \ |
|
| 156 |
- --tenant-id $SERVICE_TENANT \ |
|
| 157 |
- --email=ironic@example.com \ |
|
| 153 |
+ IRONIC_USER=$(openstack user create \ |
|
| 154 |
+ ironic \ |
|
| 155 |
+ --password "$SERVICE_PASSWORD" \ |
|
| 156 |
+ --project $SERVICE_TENANT \ |
|
| 157 |
+ --email ironic@example.com \ |
|
| 158 | 158 |
| grep " id " | get_field 2) |
| 159 |
- keystone user-role-add \ |
|
| 160 |
- --tenant-id $SERVICE_TENANT \ |
|
| 161 |
- --user_id $IRONIC_USER \ |
|
| 162 |
- --role_id $ADMIN_ROLE |
|
| 159 |
+ openstack role add \ |
|
| 160 |
+ $ADMIN_ROLE \ |
|
| 161 |
+ --project $SERVICE_TENANT \ |
|
| 162 |
+ --user $IRONIC_USER |
|
| 163 | 163 |
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then |
| 164 |
- IRONIC_SERVICE=$(keystone service-create \ |
|
| 165 |
- --name=ironic \ |
|
| 164 |
+ IRONIC_SERVICE=$(openstack service create \ |
|
| 165 |
+ ironic \ |
|
| 166 | 166 |
--type=baremetal \ |
| 167 | 167 |
--description="Ironic baremetal provisioning service" \ |
| 168 | 168 |
| grep " id " | get_field 2) |
| 169 |
- keystone endpoint-create \ |
|
| 169 |
+ openstack endpoint create \ |
|
| 170 |
+ $IRONIC_SERVICE \ |
|
| 170 | 171 |
--region RegionOne \ |
| 171 |
- --service_id $IRONIC_SERVICE \ |
|
| 172 | 172 |
--publicurl "$IRONIC_SERVICE_PROTOCOL://$IRONIC_HOSTPORT" \ |
| 173 | 173 |
--adminurl "$IRONIC_SERVICE_PROTOCOL://$IRONIC_HOSTPORT" \ |
| 174 | 174 |
--internalurl "$IRONIC_SERVICE_PROTOCOL://$IRONIC_HOSTPORT" |
| ... | ... |
@@ -275,60 +275,69 @@ function configure_keystone() {
|
| 275 | 275 |
create_keystone_accounts() {
|
| 276 | 276 |
|
| 277 | 277 |
# admin |
| 278 |
- ADMIN_TENANT=$(keystone tenant-create \ |
|
| 279 |
- --name admin \ |
|
| 278 |
+ ADMIN_TENANT=$(openstack project create \ |
|
| 279 |
+ admin \ |
|
| 280 | 280 |
| grep " id " | get_field 2) |
| 281 |
- ADMIN_USER=$(keystone user-create \ |
|
| 282 |
- --name admin \ |
|
| 283 |
- --pass "$ADMIN_PASSWORD" \ |
|
| 281 |
+ ADMIN_USER=$(openstack user create \ |
|
| 282 |
+ admin \ |
|
| 283 |
+ --project "$ADMIN_TENANT" \ |
|
| 284 | 284 |
--email admin@example.com \ |
| 285 |
+ --password "$ADMIN_PASSWORD" \ |
|
| 285 | 286 |
| grep " id " | get_field 2) |
| 286 |
- ADMIN_ROLE=$(keystone role-create \ |
|
| 287 |
- --name admin \ |
|
| 287 |
+ ADMIN_ROLE=$(openstack role create \ |
|
| 288 |
+ admin \ |
|
| 288 | 289 |
| grep " id " | get_field 2) |
| 289 |
- keystone user-role-add \ |
|
| 290 |
- --user-id $ADMIN_USER \ |
|
| 291 |
- --role-id $ADMIN_ROLE \ |
|
| 292 |
- --tenant-id $ADMIN_TENANT |
|
| 290 |
+ openstack role add \ |
|
| 291 |
+ $ADMIN_ROLE \ |
|
| 292 |
+ --project $ADMIN_TENANT \ |
|
| 293 |
+ --user $ADMIN_USER |
|
| 293 | 294 |
|
| 294 | 295 |
# service |
| 295 |
- SERVICE_TENANT=$(keystone tenant-create \ |
|
| 296 |
- --name $SERVICE_TENANT_NAME \ |
|
| 296 |
+ SERVICE_TENANT=$(openstack project create \ |
|
| 297 |
+ $SERVICE_TENANT_NAME \ |
|
| 297 | 298 |
| grep " id " | get_field 2) |
| 298 | 299 |
|
| 299 | 300 |
# The Member role is used by Horizon and Swift so we need to keep it: |
| 300 |
- MEMBER_ROLE=$(keystone role-create --name=Member | grep " id " | get_field 2) |
|
| 301 |
+ MEMBER_ROLE=$(openstack role create \ |
|
| 302 |
+ Member \ |
|
| 303 |
+ | grep " id " | get_field 2) |
|
| 301 | 304 |
# ANOTHER_ROLE demonstrates that an arbitrary role may be created and used |
| 302 | 305 |
# TODO(sleepsonthefloor): show how this can be used for rbac in the future! |
| 303 |
- ANOTHER_ROLE=$(keystone role-create --name=anotherrole | grep " id " | get_field 2) |
|
| 306 |
+ ANOTHER_ROLE=$(openstack role create \ |
|
| 307 |
+ anotherrole \ |
|
| 308 |
+ | grep " id " | get_field 2) |
|
| 304 | 309 |
|
| 305 | 310 |
# invisible tenant - admin can't see this one |
| 306 |
- INVIS_TENANT=$(keystone tenant-create --name=invisible_to_admin | grep " id " | get_field 2) |
|
| 311 |
+ INVIS_TENANT=$(openstack project create \ |
|
| 312 |
+ invisible_to_admin \ |
|
| 313 |
+ | grep " id " | get_field 2) |
|
| 307 | 314 |
|
| 308 | 315 |
# demo |
| 309 |
- DEMO_TENANT=$(keystone tenant-create \ |
|
| 310 |
- --name=demo \ |
|
| 316 |
+ DEMO_TENANT=$(openstack project create \ |
|
| 317 |
+ demo \ |
|
| 311 | 318 |
| grep " id " | get_field 2) |
| 312 |
- DEMO_USER=$(keystone user-create \ |
|
| 313 |
- --name demo \ |
|
| 314 |
- --pass "$ADMIN_PASSWORD" \ |
|
| 319 |
+ DEMO_USER=$(openstack user create \ |
|
| 320 |
+ demo \ |
|
| 321 |
+ --project $DEMO_TENANT \ |
|
| 315 | 322 |
--email demo@example.com \ |
| 323 |
+ --password "$ADMIN_PASSWORD" \ |
|
| 316 | 324 |
| grep " id " | get_field 2) |
| 317 |
- keystone user-role-add --user-id $DEMO_USER --role-id $MEMBER_ROLE --tenant-id $DEMO_TENANT |
|
| 318 |
- keystone user-role-add --user-id $ADMIN_USER --role-id $ADMIN_ROLE --tenant-id $DEMO_TENANT |
|
| 319 |
- keystone user-role-add --user-id $DEMO_USER --role-id $ANOTHER_ROLE --tenant-id $DEMO_TENANT |
|
| 320 |
- keystone user-role-add --user-id $DEMO_USER --role-id $MEMBER_ROLE --tenant-id $INVIS_TENANT |
|
| 325 |
+ |
|
| 326 |
+ openstack role add --project $DEMO_TENANT --user $DEMO_USER $MEMBER_ROLE |
|
| 327 |
+ openstack role add --project $DEMO_TENANT --user $ADMIN_USER $ADMIN_ROLE |
|
| 328 |
+ openstack role add --project $DEMO_TENANT --user $DEMO_USER $ANOTHER_ROLE |
|
| 329 |
+ openstack role add --project $INVIS_TENANT --user $DEMO_USER $MEMBER_ROLE |
|
| 321 | 330 |
|
| 322 | 331 |
# Keystone |
| 323 | 332 |
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then |
| 324 |
- KEYSTONE_SERVICE=$(keystone service-create \ |
|
| 325 |
- --name keystone \ |
|
| 333 |
+ KEYSTONE_SERVICE=$(openstack service create \ |
|
| 334 |
+ keystone \ |
|
| 326 | 335 |
--type identity \ |
| 327 | 336 |
--description "Keystone Identity Service" \ |
| 328 | 337 |
| grep " id " | get_field 2) |
| 329 |
- keystone endpoint-create \ |
|
| 338 |
+ openstack endpoint create \ |
|
| 339 |
+ $KEYSTONE_SERVICE \ |
|
| 330 | 340 |
--region RegionOne \ |
| 331 |
- --service_id $KEYSTONE_SERVICE \ |
|
| 332 | 341 |
--publicurl "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v$IDENTITY_API_VERSION" \ |
| 333 | 342 |
--adminurl "$KEYSTONE_AUTH_PROTOCOL://$KEYSTONE_AUTH_HOST:$KEYSTONE_AUTH_PORT/v$IDENTITY_API_VERSION" \ |
| 334 | 343 |
--internalurl "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v$IDENTITY_API_VERSION" |
| ... | ... |
@@ -151,27 +151,29 @@ function stop_marconi() {
|
| 151 | 151 |
} |
| 152 | 152 |
|
| 153 | 153 |
function create_marconi_accounts() {
|
| 154 |
- SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
|
|
| 155 |
- ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
|
|
| 156 |
- |
|
| 157 |
- MARCONI_USER=$(get_id keystone user-create --name=marconi \ |
|
| 158 |
- --pass="$SERVICE_PASSWORD" \ |
|
| 159 |
- --tenant-id $SERVICE_TENANT \ |
|
| 160 |
- --email=marconi@example.com \ |
|
| 161 |
- | grep " id " | get_field 2) |
|
| 162 |
- keystone user-role-add --tenant-id $SERVICE_TENANT \ |
|
| 163 |
- --user-id $MARCONI_USER \ |
|
| 164 |
- --role-id $ADMIN_ROLE |
|
| 154 |
+ SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
|
|
| 155 |
+ ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
|
|
| 156 |
+ |
|
| 157 |
+ MARCONI_USER=$(openstack user create \ |
|
| 158 |
+ marconi \ |
|
| 159 |
+ --password "$SERVICE_PASSWORD" \ |
|
| 160 |
+ --project $SERVICE_TENANT \ |
|
| 161 |
+ --email marconi@example.com \ |
|
| 162 |
+ | grep " id " | get_field 2) |
|
| 163 |
+ openstack role add \ |
|
| 164 |
+ $ADMIN_ROLE \ |
|
| 165 |
+ --project $SERVICE_TENANT \ |
|
| 166 |
+ --user $MARCONI_USER |
|
| 165 | 167 |
|
| 166 | 168 |
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then |
| 167 |
- MARCONI_SERVICE=$(keystone service-create \ |
|
| 168 |
- --name=marconi \ |
|
| 169 |
+ MARCONI_SERVICE=$(openstack service create \ |
|
| 170 |
+ marconi \ |
|
| 169 | 171 |
--type=queuing \ |
| 170 | 172 |
--description="Marconi Service" \ |
| 171 | 173 |
| grep " id " | get_field 2) |
| 172 |
- keystone endpoint-create \ |
|
| 174 |
+ openstack endpoint create \ |
|
| 175 |
+ $MARCONI_SERVICE \ |
|
| 173 | 176 |
--region RegionOne \ |
| 174 |
- --service_id $MARCONI_SERVICE \ |
|
| 175 | 177 |
--publicurl "http://$SERVICE_HOST:8888" \ |
| 176 | 178 |
--adminurl "http://$SERVICE_HOST:8888" \ |
| 177 | 179 |
--internalurl "http://$SERVICE_HOST:8888" |
| ... | ... |
@@ -332,29 +332,29 @@ function create_neutron_cache_dir() {
|
| 332 | 332 |
# Migrated from keystone_data.sh |
| 333 | 333 |
function create_neutron_accounts() {
|
| 334 | 334 |
|
| 335 |
- SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
|
|
| 336 |
- ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
|
|
| 335 |
+ SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
|
|
| 336 |
+ ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
|
|
| 337 | 337 |
|
| 338 | 338 |
if [[ "$ENABLED_SERVICES" =~ "q-svc" ]]; then |
| 339 |
- NEUTRON_USER=$(keystone user-create \ |
|
| 340 |
- --name=neutron \ |
|
| 341 |
- --pass="$SERVICE_PASSWORD" \ |
|
| 342 |
- --tenant-id $SERVICE_TENANT \ |
|
| 343 |
- --email=neutron@example.com \ |
|
| 339 |
+ NEUTRON_USER=$(openstack user create \ |
|
| 340 |
+ neutron \ |
|
| 341 |
+ --password "$SERVICE_PASSWORD" \ |
|
| 342 |
+ --project $SERVICE_TENANT \ |
|
| 343 |
+ --email neutron@example.com \ |
|
| 344 | 344 |
| grep " id " | get_field 2) |
| 345 |
- keystone user-role-add \ |
|
| 346 |
- --tenant-id $SERVICE_TENANT \ |
|
| 347 |
- --user-id $NEUTRON_USER \ |
|
| 348 |
- --role-id $ADMIN_ROLE |
|
| 345 |
+ openstack role add \ |
|
| 346 |
+ $ADMIN_ROLE \ |
|
| 347 |
+ --project $SERVICE_TENANT \ |
|
| 348 |
+ --user $NEUTRON_USER |
|
| 349 | 349 |
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then |
| 350 |
- NEUTRON_SERVICE=$(keystone service-create \ |
|
| 351 |
- --name=neutron \ |
|
| 350 |
+ NEUTRON_SERVICE=$(openstack service create \ |
|
| 351 |
+ neutron \ |
|
| 352 | 352 |
--type=network \ |
| 353 | 353 |
--description="Neutron Service" \ |
| 354 | 354 |
| grep " id " | get_field 2) |
| 355 |
- keystone endpoint-create \ |
|
| 355 |
+ openstack endpoint create \ |
|
| 356 |
+ $NEUTRON_SERVICE \ |
|
| 356 | 357 |
--region RegionOne \ |
| 357 |
- --service_id $NEUTRON_SERVICE \ |
|
| 358 | 358 |
--publicurl "http://$SERVICE_HOST:9696/" \ |
| 359 | 359 |
--adminurl "http://$SERVICE_HOST:9696/" \ |
| 360 | 360 |
--internalurl "http://$SERVICE_HOST:9696/" |
| ... | ... |
@@ -363,7 +363,7 @@ function create_neutron_accounts() {
|
| 363 | 363 |
} |
| 364 | 364 |
|
| 365 | 365 |
function create_neutron_initial_network() {
|
| 366 |
- TENANT_ID=$(keystone tenant-list | grep " demo " | get_field 1) |
|
| 366 |
+ TENANT_ID=$(openstack project list | grep " demo " | get_field 1) |
|
| 367 | 367 |
die_if_not_set $LINENO TENANT_ID "Failure retrieving TENANT_ID for demo" |
| 368 | 368 |
|
| 369 | 369 |
# Create a small network |
| ... | ... |
@@ -324,41 +324,41 @@ function configure_nova() {
|
| 324 | 324 |
# Migrated from keystone_data.sh |
| 325 | 325 |
create_nova_accounts() {
|
| 326 | 326 |
|
| 327 |
- SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
|
|
| 328 |
- ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
|
|
| 327 |
+ SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
|
|
| 328 |
+ ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
|
|
| 329 | 329 |
|
| 330 | 330 |
# Nova |
| 331 | 331 |
if [[ "$ENABLED_SERVICES" =~ "n-api" ]]; then |
| 332 |
- NOVA_USER=$(keystone user-create \ |
|
| 333 |
- --name=nova \ |
|
| 334 |
- --pass="$SERVICE_PASSWORD" \ |
|
| 335 |
- --tenant-id $SERVICE_TENANT \ |
|
| 336 |
- --email=nova@example.com \ |
|
| 332 |
+ NOVA_USER=$(openstack user create \ |
|
| 333 |
+ nova \ |
|
| 334 |
+ --password "$SERVICE_PASSWORD" \ |
|
| 335 |
+ --project $SERVICE_TENANT \ |
|
| 336 |
+ --email nova@example.com \ |
|
| 337 | 337 |
| grep " id " | get_field 2) |
| 338 |
- keystone user-role-add \ |
|
| 339 |
- --tenant-id $SERVICE_TENANT \ |
|
| 340 |
- --user-id $NOVA_USER \ |
|
| 341 |
- --role-id $ADMIN_ROLE |
|
| 338 |
+ openstack role add \ |
|
| 339 |
+ $ADMIN_ROLE \ |
|
| 340 |
+ --project $SERVICE_TENANT \ |
|
| 341 |
+ --user $NOVA_USER |
|
| 342 | 342 |
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then |
| 343 |
- NOVA_SERVICE=$(keystone service-create \ |
|
| 344 |
- --name=nova \ |
|
| 343 |
+ NOVA_SERVICE=$(openstack service create \ |
|
| 344 |
+ nova \ |
|
| 345 | 345 |
--type=compute \ |
| 346 | 346 |
--description="Nova Compute Service" \ |
| 347 | 347 |
| grep " id " | get_field 2) |
| 348 |
- keystone endpoint-create \ |
|
| 348 |
+ openstack endpoint create \ |
|
| 349 |
+ $NOVA_SERVICE \ |
|
| 349 | 350 |
--region RegionOne \ |
| 350 |
- --service_id $NOVA_SERVICE \ |
|
| 351 | 351 |
--publicurl "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v2/\$(tenant_id)s" \ |
| 352 | 352 |
--adminurl "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v2/\$(tenant_id)s" \ |
| 353 | 353 |
--internalurl "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v2/\$(tenant_id)s" |
| 354 |
- NOVA_V3_SERVICE=$(keystone service-create \ |
|
| 355 |
- --name=novav3 \ |
|
| 354 |
+ NOVA_V3_SERVICE=$(openstack service create \ |
|
| 355 |
+ novav3 \ |
|
| 356 | 356 |
--type=computev3 \ |
| 357 | 357 |
--description="Nova Compute Service V3" \ |
| 358 | 358 |
| grep " id " | get_field 2) |
| 359 |
- keystone endpoint-create \ |
|
| 359 |
+ openstack endpoint create \ |
|
| 360 |
+ $NOVA_V3_SERVICE \ |
|
| 360 | 361 |
--region RegionOne \ |
| 361 |
- --service_id $NOVA_V3_SERVICE \ |
|
| 362 | 362 |
--publicurl "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v3" \ |
| 363 | 363 |
--adminurl "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v3" \ |
| 364 | 364 |
--internalurl "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v3" |
| ... | ... |
@@ -54,29 +54,29 @@ TEMPEST_SERVICES+=,savanna |
| 54 | 54 |
# service savanna admin |
| 55 | 55 |
function create_savanna_accounts() {
|
| 56 | 56 |
|
| 57 |
- SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
|
|
| 58 |
- ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
|
|
| 59 |
- |
|
| 60 |
- SAVANNA_USER=$(keystone user-create \ |
|
| 61 |
- --name=savanna \ |
|
| 62 |
- --pass="$SERVICE_PASSWORD" \ |
|
| 63 |
- --tenant-id $SERVICE_TENANT \ |
|
| 64 |
- --email=savanna@example.com \ |
|
| 57 |
+ SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
|
|
| 58 |
+ ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
|
|
| 59 |
+ |
|
| 60 |
+ SAVANNA_USER=$(openstack user create \ |
|
| 61 |
+ savanna \ |
|
| 62 |
+ --password "$SERVICE_PASSWORD" \ |
|
| 63 |
+ --project $SERVICE_TENANT \ |
|
| 64 |
+ --email savanna@example.com \ |
|
| 65 | 65 |
| grep " id " | get_field 2) |
| 66 |
- keystone user-role-add \ |
|
| 67 |
- --tenant-id $SERVICE_TENANT \ |
|
| 68 |
- --user-id $SAVANNA_USER \ |
|
| 69 |
- --role-id $ADMIN_ROLE |
|
| 66 |
+ openstack role add \ |
|
| 67 |
+ $ADMIN_ROLE \ |
|
| 68 |
+ --project $SERVICE_TENANT \ |
|
| 69 |
+ --user $SAVANNA_USER |
|
| 70 | 70 |
|
| 71 | 71 |
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then |
| 72 |
- SAVANNA_SERVICE=$(keystone service-create \ |
|
| 73 |
- --name=savanna \ |
|
| 72 |
+ SAVANNA_SERVICE=$(openstack service create \ |
|
| 73 |
+ savanna \ |
|
| 74 | 74 |
--type=data_processing \ |
| 75 | 75 |
--description="Savanna Data Processing" \ |
| 76 | 76 |
| grep " id " | get_field 2) |
| 77 |
- keystone endpoint-create \ |
|
| 77 |
+ openstack endpoint create \ |
|
| 78 |
+ $SAVANNA_SERVICE \ |
|
| 78 | 79 |
--region RegionOne \ |
| 79 |
- --service_id $SAVANNA_SERVICE \ |
|
| 80 | 80 |
--publicurl "$SAVANNA_SERVICE_PROTOCOL://$SAVANNA_SERVICE_HOST:$SAVANNA_SERVICE_PORT/v1.1/\$(tenant_id)s" \ |
| 81 | 81 |
--adminurl "$SAVANNA_SERVICE_PROTOCOL://$SAVANNA_SERVICE_HOST:$SAVANNA_SERVICE_PORT/v1.1/\$(tenant_id)s" \ |
| 82 | 82 |
--internalurl "$SAVANNA_SERVICE_PROTOCOL://$SAVANNA_SERVICE_HOST:$SAVANNA_SERVICE_PORT/v1.1/\$(tenant_id)s" |
| ... | ... |
@@ -527,39 +527,53 @@ function create_swift_accounts() {
|
| 527 | 527 |
|
| 528 | 528 |
KEYSTONE_CATALOG_BACKEND=${KEYSTONE_CATALOG_BACKEND:-sql}
|
| 529 | 529 |
|
| 530 |
- SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
|
|
| 531 |
- ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
|
|
| 532 |
- |
|
| 533 |
- SWIFT_USER=$(keystone user-create --name=swift --pass="$SERVICE_PASSWORD" \ |
|
| 534 |
- --tenant-id $SERVICE_TENANT --email=swift@example.com | grep " id " | get_field 2) |
|
| 535 |
- keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $SWIFT_USER --role-id $ADMIN_ROLE |
|
| 530 |
+ SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
|
|
| 531 |
+ ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
|
|
| 532 |
+ |
|
| 533 |
+ SWIFT_USER=$(openstack user create \ |
|
| 534 |
+ swift \ |
|
| 535 |
+ --password "$SERVICE_PASSWORD" \ |
|
| 536 |
+ --project $SERVICE_TENANT \ |
|
| 537 |
+ --email=swift@example.com \ |
|
| 538 |
+ | grep " id " | get_field 2) |
|
| 539 |
+ openstack role add \ |
|
| 540 |
+ $ADMIN_ROLE \ |
|
| 541 |
+ --project $SERVICE_TENANT \ |
|
| 542 |
+ --user $SWIFT_USER |
|
| 536 | 543 |
|
| 537 | 544 |
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then |
| 538 |
- SWIFT_SERVICE=$(keystone service-create --name=swift --type="object-store" \ |
|
| 539 |
- --description="Swift Service" | grep " id " | get_field 2) |
|
| 540 |
- keystone endpoint-create \ |
|
| 545 |
+ SWIFT_SERVICE=$(openstack service create \ |
|
| 546 |
+ swift \ |
|
| 547 |
+ --type="object-store" \ |
|
| 548 |
+ --description="Swift Service" \ |
|
| 549 |
+ | grep " id " | get_field 2) |
|
| 550 |
+ openstack endpoint create \ |
|
| 551 |
+ $SWIFT_SERVICE \ |
|
| 541 | 552 |
--region RegionOne \ |
| 542 |
- --service_id $SWIFT_SERVICE \ |
|
| 543 | 553 |
--publicurl "http://$SERVICE_HOST:8080/v1/AUTH_\$(tenant_id)s" \ |
| 544 | 554 |
--adminurl "http://$SERVICE_HOST:8080" \ |
| 545 | 555 |
--internalurl "http://$SERVICE_HOST:8080/v1/AUTH_\$(tenant_id)s" |
| 546 | 556 |
fi |
| 547 | 557 |
|
| 548 |
- SWIFT_TENANT_TEST1=$(keystone tenant-create --name=swifttenanttest1 | grep " id " | get_field 2) |
|
| 558 |
+ SWIFT_TENANT_TEST1=$(openstack project create swifttenanttest1 | grep " id " | get_field 2) |
|
| 549 | 559 |
die_if_not_set $LINENO SWIFT_TENANT_TEST1 "Failure creating SWIFT_TENANT_TEST1" |
| 550 |
- SWIFT_USER_TEST1=$(keystone user-create --name=swiftusertest1 --pass=$SWIFTUSERTEST1_PASSWORD --email=test@example.com | grep " id " | get_field 2) |
|
| 560 |
+ SWIFT_USER_TEST1=$(openstack user create swiftusertest1 --password=$SWIFTUSERTEST1_PASSWORD \ |
|
| 561 |
+ --project "$SWIFT_TENANT_TEST1" --email=test@example.com | grep " id " | get_field 2) |
|
| 551 | 562 |
die_if_not_set $LINENO SWIFT_USER_TEST1 "Failure creating SWIFT_USER_TEST1" |
| 552 |
- keystone user-role-add --user-id $SWIFT_USER_TEST1 --role-id $ADMIN_ROLE --tenant-id $SWIFT_TENANT_TEST1 |
|
| 563 |
+ openstack role add --user $SWIFT_USER_TEST1 --project $SWIFT_TENANT_TEST1 $ADMIN_ROLE |
|
| 553 | 564 |
|
| 554 |
- SWIFT_USER_TEST3=$(keystone user-create --name=swiftusertest3 --pass=$SWIFTUSERTEST3_PASSWORD --email=test3@example.com | grep " id " | get_field 2) |
|
| 565 |
+ SWIFT_USER_TEST3=$(openstack user create swiftusertest3 --password=$SWIFTUSERTEST3_PASSWORD \ |
|
| 566 |
+ --project "$SWIFT_TENANT_TEST1" --email=test3@example.com | grep " id " | get_field 2) |
|
| 555 | 567 |
die_if_not_set $LINENO SWIFT_USER_TEST3 "Failure creating SWIFT_USER_TEST3" |
| 556 |
- keystone user-role-add --user-id $SWIFT_USER_TEST3 --role-id $ANOTHER_ROLE --tenant-id $SWIFT_TENANT_TEST1 |
|
| 568 |
+ openstack role add --user $SWIFT_USER_TEST3 --project $SWIFT_TENANT_TEST1 $ANOTHER_ROLE |
|
| 557 | 569 |
|
| 558 |
- SWIFT_TENANT_TEST2=$(keystone tenant-create --name=swifttenanttest2 | grep " id " | get_field 2) |
|
| 570 |
+ SWIFT_TENANT_TEST2=$(openstack project create swifttenanttest2 | grep " id " | get_field 2) |
|
| 559 | 571 |
die_if_not_set $LINENO SWIFT_TENANT_TEST2 "Failure creating SWIFT_TENANT_TEST2" |
| 560 |
- SWIFT_USER_TEST2=$(keystone user-create --name=swiftusertest2 --pass=$SWIFTUSERTEST2_PASSWORD --email=test2@example.com | grep " id " | get_field 2) |
|
| 572 |
+ |
|
| 573 |
+ SWIFT_USER_TEST2=$(openstack user create swiftusertest2 --password=$SWIFTUSERTEST2_PASSWORD \ |
|
| 574 |
+ --project "$SWIFT_TENANT_TEST2" --email=test2@example.com | grep " id " | get_field 2) |
|
| 561 | 575 |
die_if_not_set $LINENO SWIFT_USER_TEST2 "Failure creating SWIFT_USER_TEST2" |
| 562 |
- keystone user-role-add --user-id $SWIFT_USER_TEST2 --role-id $ADMIN_ROLE --tenant-id $SWIFT_TENANT_TEST2 |
|
| 576 |
+ openstack role add --user $SWIFT_USER_TEST2 --project $SWIFT_TENANT_TEST2 $ADMIN_ROLE |
|
| 563 | 577 |
} |
| 564 | 578 |
|
| 565 | 579 |
# init_swift() - Initialize rings |
| ... | ... |
@@ -71,28 +71,29 @@ function setup_trove_logging() {
|
| 71 | 71 |
|
| 72 | 72 |
create_trove_accounts() {
|
| 73 | 73 |
# Trove |
| 74 |
- SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
|
|
| 75 |
- SERVICE_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
|
|
| 74 |
+ SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
|
|
| 75 |
+ SERVICE_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
|
|
| 76 | 76 |
|
| 77 | 77 |
if [[ "$ENABLED_SERVICES" =~ "trove" ]]; then |
| 78 |
- TROVE_USER=$(keystone user-create \ |
|
| 79 |
- --name=trove \ |
|
| 80 |
- --pass="$SERVICE_PASSWORD" \ |
|
| 81 |
- --tenant-id $SERVICE_TENANT \ |
|
| 82 |
- --email=trove@example.com \ |
|
| 78 |
+ TROVE_USER=$(openstack user create \ |
|
| 79 |
+ trove \ |
|
| 80 |
+ --password "$SERVICE_PASSWORD" \ |
|
| 81 |
+ --project $SERVICE_TENANT \ |
|
| 82 |
+ --email trove@example.com \ |
|
| 83 | 83 |
| grep " id " | get_field 2) |
| 84 |
- keystone user-role-add --tenant-id $SERVICE_TENANT \ |
|
| 85 |
- --user-id $TROVE_USER \ |
|
| 86 |
- --role-id $SERVICE_ROLE |
|
| 84 |
+ openstack role add \ |
|
| 85 |
+ $SERVICE_ROLE \ |
|
| 86 |
+ --project $SERVICE_TENANT \ |
|
| 87 |
+ --user $TROVE_USER |
|
| 87 | 88 |
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then |
| 88 |
- TROVE_SERVICE=$(keystone service-create \ |
|
| 89 |
- --name=trove \ |
|
| 89 |
+ TROVE_SERVICE=$(openstack service create |
|
| 90 |
+ trove \ |
|
| 90 | 91 |
--type=database \ |
| 91 | 92 |
--description="Trove Service" \ |
| 92 | 93 |
| grep " id " | get_field 2) |
| 93 |
- keystone endpoint-create \ |
|
| 94 |
+ openstack endpoint create \ |
|
| 95 |
+ $TROVE_SERVICE \ |
|
| 94 | 96 |
--region RegionOne \ |
| 95 |
- --service_id $TROVE_SERVICE \ |
|
| 96 | 97 |
--publicurl "http://$SERVICE_HOST:8779/v1.0/\$(tenant_id)s" \ |
| 97 | 98 |
--adminurl "http://$SERVICE_HOST:8779/v1.0/\$(tenant_id)s" \ |
| 98 | 99 |
--internalurl "http://$SERVICE_HOST:8779/v1.0/\$(tenant_id)s" |
| ... | ... |
@@ -925,6 +925,9 @@ if is_service_enabled key; then |
| 925 | 925 |
# Do the keystone-specific bits from keystone_data.sh |
| 926 | 926 |
export OS_SERVICE_TOKEN=$SERVICE_TOKEN |
| 927 | 927 |
export OS_SERVICE_ENDPOINT=$SERVICE_ENDPOINT |
| 928 |
+ # Add temporarily to make openstackclient work |
|
| 929 |
+ export OS_TOKEN=$SERVICE_TOKEN |
|
| 930 |
+ export OS_URL=$SERVICE_ENDPOINT |
|
| 928 | 931 |
create_keystone_accounts |
| 929 | 932 |
create_nova_accounts |
| 930 | 933 |
create_cinder_accounts |
| ... | ... |
@@ -947,6 +950,7 @@ if is_service_enabled key; then |
| 947 | 947 |
bash -x $FILES/keystone_data.sh |
| 948 | 948 |
|
| 949 | 949 |
# Set up auth creds now that keystone is bootstrapped |
| 950 |
+ unset OS_TOKEN OS_URL |
|
| 950 | 951 |
export OS_AUTH_URL=$SERVICE_ENDPOINT |
| 951 | 952 |
export OS_TENANT_NAME=admin |
| 952 | 953 |
export OS_USERNAME=admin |