@@ -13,7 +13,7 @@ EC2\_URL

     ::

-        EC2_URL=$(keystone catalog --service ec2 | awk '/ publicURL / { print $4 }')

+        EC2_URL=$(openstack catalog show ec2 | awk '/ publicURL: / { print $4 }')

 S3\_URL

     Set the S3 endpoint for euca2ools. The endpoint is extracted from

@@ -21,14 +21,14 @@ S3\_URL

     ::

-        export S3_URL=$(keystone catalog --service s3 | awk '/ publicURL / { print $4 }')

+        export S3_URL=$(openstack catalog show s3 | awk '/ publicURL: / { print $4 }')

 EC2\_ACCESS\_KEY, EC2\_SECRET\_KEY

     Create EC2 credentials for the current tenant:user in Keystone.

     ::

-        CREDS=$(keystone ec2-credentials-create)

+        CREDS=$(openstack ec2 credentials create)

         export EC2_ACCESS_KEY=$(echo "$CREDS" | awk '/ access / { print $4 }')

         export EC2_SECRET_KEY=$(echo "$CREDS" | awk '/ secret / { print $4 }')

@@ -229,10 +229,10 @@ Additional Users

 ----------------

 DevStack creates two OpenStack users (``admin`` and ``demo``) and two

-tenants (also ``admin`` and ``demo``). ``admin`` is exactly what it

+projects (also ``admin`` and ``demo``). ``admin`` is exactly what it

 sounds like, a privileged administrative account that is a member of

-both the ``admin`` and ``demo`` tenants. ``demo`` is a normal user

-account that is only a member of the ``demo`` tenant. Creating

+both the ``admin`` and ``demo`` projects. ``demo`` is a normal user

+account that is only a member of the ``demo`` project. Creating

 additional OpenStack users can be done through the dashboard, sometimes

 it is easier to do them in bulk from a script, especially since they get

 blown away every time ``stack.sh`` runs. The following steps are ripe

@@ -243,21 +243,21 @@ for scripting:

     # Get admin creds

     . openrc admin admin

-    # List existing tenants

-    keystone tenant-list

+    # List existing projects

+    openstack project list

     # List existing users

-    keystone user-list

+    openstack user list

-    # Add a user and tenant

+    # Add a user and project

     NAME=bob

     PASSWORD=BigSecrete

-    TENANT=$NAME

-    keystone tenant-create --name=$NAME

-    keystone user-create --name=$NAME --pass=$PASSWORD

-    keystone user-role-add --user-id=<bob-user-id> --tenant-id=<bob-tenant-id> --role-id=<member-role-id>

-    # member-role-id comes from the existing member role created by stack.sh

-    # keystone role-list

+    PROJECT=$NAME

+    openstack project create $PROJECT

+    openstack user create $NAME --password=$PASSWORD --project $PROJECT

+    openstack role add Member --user $NAME --project $PROJECT

+    # The Member role is created by stack.sh

+    # openstack role list

 Swift

 -----

@@ -19,7 +19,7 @@ RC_DIR=$(cd $(dirname "${BASH_SOURCE:-$0}") && pwd)

 source $RC_DIR/openrc

 # Set the ec2 url so euca2ools works

-export EC2_URL=$(keystone catalog --service ec2 | awk '/ publicURL / { print $4 }')

+export EC2_URL=$(openstack catalog show ec2 | awk '/ publicURL: / { print $4 }')

 # Create EC2 credentials for the current user

 CREDS=$(openstack ec2 credentials create)

@@ -29,7 +29,7 @@ export EC2_SECRET_KEY=$(echo "$CREDS" | awk '/ secret / { print $4 }')

 # Euca2ools Certificate stuff for uploading bundles

 # See exercises/bundle.sh to see how to get certs using nova cli

 NOVA_KEY_DIR=${NOVA_KEY_DIR:-$RC_DIR}

-export S3_URL=$(keystone catalog --service s3 | awk '/ publicURL / { print $4 }')

+export S3_URL=$(openstack catalog show s3 | awk '/ publicURL: / { print $4 }')

 export EC2_USER_ID=42 # nova does not use user id, but bundling requires it

 export EC2_PRIVATE_KEY=${NOVA_KEY_DIR}/pk.pem

 export EC2_CERT=${NOVA_KEY_DIR}/cert.pem

@@ -69,7 +69,7 @@ if [[ "$ENABLED_SERVICES" =~ "key" ]]; then

         STATUS_KEYSTONE="Skipped"

     else

         echo -e "\nTest Keystone"

-        if keystone $TENANT_ARG $ARGS catalog --service identity; then

+        if openstack $TENANT_ARG $ARGS catalog show identity; then

             STATUS_KEYSTONE="Succeeded"

         else

             STATUS_KEYSTONE="Failed"

@@ -765,7 +765,7 @@ function upload_baremetal_ironic_deploy {

         fi

     fi

-    local token=$(keystone token-get | grep ' id ' | get_field 2)

+    local token=$(openstack token issue -c id -f value)

     die_if_not_set $LINENO token "Keystone fail to get token"

     # load them into glance

@@ -1173,7 +1173,7 @@ fi

 # See https://help.ubuntu.com/community/CloudInit for more on ``cloud-init``

 if is_service_enabled g-reg; then

-    TOKEN=$(keystone token-get | grep ' id ' | get_field 2)

+    TOKEN=$(openstack token issue -c id -f value)

     die_if_not_set $LINENO TOKEN "Keystone fail to get token"

     echo_summary "Uploading images"

@@ -32,7 +32,7 @@ if [[ -z "$1" ]]; then

 fi

 # Get a token to authenticate to glance

-TOKEN=$(keystone token-get | grep ' id ' | get_field 2)

+TOKEN=$(openstack token issue -c id -f value)

 die_if_not_set $LINENO TOKEN "Keystone fail to get token"

 # Glance connection info.  Note the port must be specified.