Browse code
Use extended keystone-manage bootstrap parameters
Use the additional keystone-manage parameters to setup the identity
endpoint in the service catalog rather than manually fetching a token
for this.
Change-Id: I6f5be1df205dee8f3251b4eb413e00ae64f00f07
Jamie Lennox authored on 2016/03/08 10:24:52Showing 1 changed files
| ... | ... |
@@ -629,40 +629,16 @@ function stop_keystone {
|
| 629 | 629 |
# - ``KEYSTONE_SERVICE_HOST`` |
| 630 | 630 |
# - ``KEYSTONE_SERVICE_PORT`` |
| 631 | 631 |
function bootstrap_keystone {
|
| 632 |
- |
|
| 633 |
- # Initialize keystone, this will create an 'admin' user, 'admin' project, |
|
| 634 |
- # 'admin' role, and assign the user the role on the project. These resources |
|
| 635 |
- # are created only if they do not already exist. |
|
| 636 |
- $KEYSTONE_BIN_DIR/keystone-manage bootstrap --bootstrap-password $ADMIN_PASSWORD |
|
| 637 |
- |
|
| 638 |
- # Create the keystone service and endpoints. To do this with the new |
|
| 639 |
- # bootstrapping process, we need to get a token and use that token to |
|
| 640 |
- # interact with the new APIs. The token will only be used to create services |
|
| 641 |
- # and endpoints, thus creating a minimal service catalog. |
|
| 642 |
- # They are unset immediately after. |
|
| 643 |
- # TODO(stevemar): OpenStackClient and KeystoneClient do not have support to |
|
| 644 |
- # handle interactions that not return service catalogs. Eventually remove |
|
| 645 |
- # this section when the support is in place. Use token based auth for now. |
|
| 646 |
- local token_id |
|
| 647 |
- token_id=$(openstack token issue -c id -f value \ |
|
| 648 |
- --os-username admin --os-project-name admin \ |
|
| 649 |
- --os-user-domain-id default --os-project-domain-id default \ |
|
| 650 |
- --os-identity-api-version 3 --os-auth-url $KEYSTONE_AUTH_URI \ |
|
| 651 |
- --os-password $ADMIN_PASSWORD) |
|
| 652 |
- |
|
| 653 |
- export OS_TOKEN=$token_id |
|
| 654 |
- export OS_URL=$KEYSTONE_AUTH_URI/v3 |
|
| 655 |
- export OS_IDENTITY_API_VERSION=3 |
|
| 656 |
- |
|
| 657 |
- get_or_create_service "keystone" "identity" "Keystone Identity Service" |
|
| 658 |
- get_or_create_endpoint \ |
|
| 659 |
- "identity" \ |
|
| 660 |
- "$REGION_NAME" \ |
|
| 661 |
- "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v$IDENTITY_API_VERSION" \ |
|
| 662 |
- "$KEYSTONE_AUTH_URI/v$IDENTITY_API_VERSION" \ |
|
| 663 |
- "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v$IDENTITY_API_VERSION" |
|
| 664 |
- |
|
| 665 |
- unset OS_TOKEN OS_URL OS_IDENTITY_API_VERSION |
|
| 632 |
+ $KEYSTONE_BIN_DIR/keystone-manage bootstrap \ |
|
| 633 |
+ --bootstrap-username admin \ |
|
| 634 |
+ --bootstrap-password "$ADMIN_PASSWORD" \ |
|
| 635 |
+ --bootstrap-project-name admin \ |
|
| 636 |
+ --bootstrap-role-name admin \ |
|
| 637 |
+ --bootstrap-service-name keystone \ |
|
| 638 |
+ --bootstrap-region-id "$REGION_NAME" \ |
|
| 639 |
+ --bootstrap-admin-url "$KEYSTONE_AUTH_URI/v$IDENTITY_API_VERSION" \ |
|
| 640 |
+ --bootstrap-public-url "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v$IDENTITY_API_VERSION" \ |
|
| 641 |
+ --bootstrap-internal-url "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v$IDENTITY_API_VERSION" |
|
| 666 | 642 |
} |
| 667 | 643 |
|
| 668 | 644 |
# Restore xtrace |