@@ -7,7 +7,6 @@

 # service              glance     admin

 # service              quantum    admin        # if enabled

 # service              swift      admin        # if enabled

-# service              cinder     admin        # if enabled

 # service              heat       admin        # if enabled

 # service              ceilometer admin        # if enabled

 # Tempest Only:

@@ -38,6 +37,7 @@ function get_id () {

 # Lookups

 SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")

 ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")

+MEMBER_ROLE=$(keystone role-list | awk "/ Member / { print \$2 }")

 # Roles

@@ -49,6 +49,7 @@ ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")

 # role is also configurable in swift-proxy.conf

 RESELLER_ROLE=$(get_id keystone role-create --name=ResellerAdmin)

+

 # Services

 # --------

@@ -243,25 +244,3 @@ if [[ "$ENABLED_SERVICES" =~ "tempest" ]]; then

         --user_id $ALT_DEMO_USER \

         --role_id $MEMBER_ROLE

 fi

-

-if [[ "$ENABLED_SERVICES" =~ "c-api" ]]; then

-    CINDER_USER=$(get_id keystone user-create --name=cinder \

-                                              --pass="$SERVICE_PASSWORD" \

-                                              --tenant_id $SERVICE_TENANT \

-                                              --email=cinder@example.com)

-    keystone user-role-add --tenant_id $SERVICE_TENANT \

-                           --user_id $CINDER_USER \

-                           --role_id $ADMIN_ROLE

-    if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then

-        CINDER_SERVICE=$(get_id keystone service-create \

-            --name=cinder \

-            --type=volume \

-            --description="Cinder Service")

-        keystone endpoint-create \

-            --region RegionOne \

-            --service_id $CINDER_SERVICE \

-            --publicurl "http://$SERVICE_HOST:8776/v1/\$(tenant_id)s" \

-            --adminurl "http://$SERVICE_HOST:8776/v1/\$(tenant_id)s" \

-            --internalurl "http://$SERVICE_HOST:8776/v1/\$(tenant_id)s"

-    fi

-fi

@@ -31,9 +31,11 @@ CINDER_DRIVER=${CINDER_DRIVER:-default}

 CINDER_DIR=$DEST/cinder

 CINDERCLIENT_DIR=$DEST/python-cinderclient

 CINDER_STATE_PATH=${CINDER_STATE_PATH:=$DATA_DIR/cinder}

+CINDER_AUTH_CACHE_DIR=${CINDER_AUTH_CACHE_DIR:-/var/cache/cinder}

+

 CINDER_CONF_DIR=/etc/cinder

 CINDER_CONF=$CINDER_CONF_DIR/cinder.conf

-CINDER_AUTH_CACHE_DIR=${CINDER_AUTH_CACHE_DIR:-/var/cache/cinder}

+CINDER_API_PASTE_INI=$CINDER_CONF_DIR/api-paste.ini

 # Support entry points installation of console scripts

 if [[ -d $CINDER_DIR/bin ]]; then

@@ -97,7 +99,6 @@ function configure_cinder() {

     sudo chown root:root $TEMPFILE

     sudo mv $TEMPFILE /etc/sudoers.d/cinder-rootwrap

-    CINDER_API_PASTE_INI=$CINDER_CONF_DIR/api-paste.ini

     cp $CINDER_DIR/etc/cinder/api-paste.ini $CINDER_API_PASTE_INI

     iniset $CINDER_API_PASTE_INI filter:authtoken auth_host $KEYSTONE_AUTH_HOST

     iniset $CINDER_API_PASTE_INI filter:authtoken auth_port $KEYSTONE_AUTH_PORT

@@ -159,6 +160,46 @@ function configure_cinder() {

     fi

 }

+# create_cinder_accounts() - Set up common required cinder accounts

+

+# Tenant               User       Roles

+# ------------------------------------------------------------------

+# service              cinder     admin        # if enabled

+

+# Migrated from keystone_data.sh

+create_cinder_accounts() {

+

+    SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")

+    ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")

+

+    # Cinder

+    if [[ "$ENABLED_SERVICES" =~ "c-api" ]]; then

+        CINDER_USER=$(keystone user-create \

+            --name=cinder \

+            --pass="$SERVICE_PASSWORD" \

+            --tenant_id $SERVICE_TENANT \

+            --email=cinder@example.com \

+            | grep " id " | get_field 2)

+        keystone user-role-add \

+            --tenant_id $SERVICE_TENANT \

+            --user_id $CINDER_USER \

+            --role_id $ADMIN_ROLE

+        if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then

+            CINDER_SERVICE=$(keystone service-create \

+                --name=cinder \

+                --type=volume \

+                --description="Cinder Volume Service" \

+                | grep " id " | get_field 2)

+            keystone endpoint-create \

+                --region RegionOne \

+                --service_id $CINDER_SERVICE \

+                --publicurl "http://$SERVICE_HOST:8776/v1/\$(tenant_id)s" \

+                --adminurl "http://$SERVICE_HOST:8776/v1/\$(tenant_id)s" \

+                --internalurl "http://$SERVICE_HOST:8776/v1/\$(tenant_id)s"

+        fi

+    fi

+}

+

 # init_cinder() - Initialize database and volume group

 function init_cinder() {

     # Force nova volumes off

@@ -956,6 +956,7 @@ if is_service_enabled key; then

     export OS_SERVICE_ENDPOINT=$SERVICE_ENDPOINT

     create_keystone_accounts

     create_nova_accounts

+    create_cinder_accounts

     # ``keystone_data.sh`` creates services, admin and demo users, and roles.

     ADMIN_PASSWORD=$ADMIN_PASSWORD SERVICE_TENANT_NAME=$SERVICE_TENANT_NAME SERVICE_PASSWORD=$SERVICE_PASSWORD \