This replaces the use of TENANT variables with PROJECT ones during the
initial setup. The openrc will still export a OS_TENANT_NAME because
many tools (cinderclient, glanceclient amoung them) will not function
without it. We warn when we do that.
Change-Id: I824b1121842eb5821034071874bf1bb2d7c3631e
... | ... |
@@ -43,19 +43,19 @@ unset NOVA_URL |
43 | 43 |
unset NOVA_USERNAME |
44 | 44 |
|
45 | 45 |
# Save the known variables for later |
46 |
-export x_TENANT_NAME=$OS_TENANT_NAME |
|
46 |
+export x_PROJECT_NAME=$OS_PROJECT_NAME |
|
47 | 47 |
export x_USERNAME=$OS_USERNAME |
48 | 48 |
export x_PASSWORD=$OS_PASSWORD |
49 | 49 |
export x_AUTH_URL=$OS_AUTH_URL |
50 | 50 |
|
51 | 51 |
# Unset the usual variables to force argument processing |
52 |
-unset OS_TENANT_NAME |
|
52 |
+unset OS_PROJECT_NAME |
|
53 | 53 |
unset OS_USERNAME |
54 | 54 |
unset OS_PASSWORD |
55 | 55 |
unset OS_AUTH_URL |
56 | 56 |
|
57 | 57 |
# Common authentication args |
58 |
-TENANT_ARG="--os-tenant-name=$x_TENANT_NAME" |
|
58 |
+PROJECT_ARG="--os-project-name=$x_PROJECT_NAME" |
|
59 | 59 |
ARGS="--os-username=$x_USERNAME --os-password=$x_PASSWORD --os-auth-url=$x_AUTH_URL" |
60 | 60 |
|
61 | 61 |
# Set global return |
... | ... |
@@ -68,7 +68,7 @@ if [[ "$ENABLED_SERVICES" =~ "key" ]]; then |
68 | 68 |
STATUS_KEYSTONE="Skipped" |
69 | 69 |
else |
70 | 70 |
echo -e "\nTest Keystone" |
71 |
- if openstack $TENANT_ARG $ARGS catalog show identity; then |
|
71 |
+ if openstack $PROJECT_ARG $ARGS catalog show identity; then |
|
72 | 72 |
STATUS_KEYSTONE="Succeeded" |
73 | 73 |
else |
74 | 74 |
STATUS_KEYSTONE="Failed" |
... | ... |
@@ -87,7 +87,7 @@ if [[ "$ENABLED_SERVICES" =~ "n-api" ]]; then |
87 | 87 |
else |
88 | 88 |
# Test OSAPI |
89 | 89 |
echo -e "\nTest Nova" |
90 |
- if nova $TENANT_ARG $ARGS flavor-list; then |
|
90 |
+ if nova $PROJECT_ARG $ARGS flavor-list; then |
|
91 | 91 |
STATUS_NOVA="Succeeded" |
92 | 92 |
else |
93 | 93 |
STATUS_NOVA="Failed" |
... | ... |
@@ -104,7 +104,7 @@ if [[ "$ENABLED_SERVICES" =~ "c-api" ]]; then |
104 | 104 |
STATUS_CINDER="Skipped" |
105 | 105 |
else |
106 | 106 |
echo -e "\nTest Cinder" |
107 |
- if cinder $TENANT_ARG $ARGS list; then |
|
107 |
+ if cinder $PROJECT_ARG $ARGS list; then |
|
108 | 108 |
STATUS_CINDER="Succeeded" |
109 | 109 |
else |
110 | 110 |
STATUS_CINDER="Failed" |
... | ... |
@@ -121,7 +121,7 @@ if [[ "$ENABLED_SERVICES" =~ "g-api" ]]; then |
121 | 121 |
STATUS_GLANCE="Skipped" |
122 | 122 |
else |
123 | 123 |
echo -e "\nTest Glance" |
124 |
- if openstack $TENANT_ARG $ARGS image list; then |
|
124 |
+ if openstack $PROJECT_ARG $ARGS image list; then |
|
125 | 125 |
STATUS_GLANCE="Succeeded" |
126 | 126 |
else |
127 | 127 |
STATUS_GLANCE="Failed" |
... | ... |
@@ -138,7 +138,7 @@ if [[ "$ENABLED_SERVICES" =~ "swift" || "$ENABLED_SERVICES" =~ "s-proxy" ]]; the |
138 | 138 |
STATUS_SWIFT="Skipped" |
139 | 139 |
else |
140 | 140 |
echo -e "\nTest Swift" |
141 |
- if swift $TENANT_ARG $ARGS stat; then |
|
141 |
+ if swift $PROJECT_ARG $ARGS stat; then |
|
142 | 142 |
STATUS_SWIFT="Succeeded" |
143 | 143 |
else |
144 | 144 |
STATUS_SWIFT="Failed" |
... | ... |
@@ -48,9 +48,9 @@ source $TOP_DIR/exerciserc |
48 | 48 |
# Neutron Settings |
49 | 49 |
# ---------------- |
50 | 50 |
|
51 |
-TENANTS="DEMO1" |
|
51 |
+PROJECTS="DEMO1" |
|
52 | 52 |
# TODO (nati)_Test public network |
53 |
-#TENANTS="DEMO1,DEMO2" |
|
53 |
+#PROJECTS="DEMO1,DEMO2" |
|
54 | 54 |
|
55 | 55 |
PUBLIC_NAME="admin" |
56 | 56 |
DEMO1_NAME="demo1" |
... | ... |
@@ -91,34 +91,34 @@ DEMO2_ROUTER1_NET="demo2-net1" |
91 | 91 |
# Various functions |
92 | 92 |
# ----------------- |
93 | 93 |
|
94 |
-function foreach_tenant { |
|
94 |
+function foreach_project { |
|
95 | 95 |
COMMAND=$1 |
96 |
- for TENANT in ${TENANTS//,/ };do |
|
97 |
- eval ${COMMAND//%TENANT%/$TENANT} |
|
96 |
+ for PROJECT in ${PROJECTS//,/ };do |
|
97 |
+ eval ${COMMAND//%PROJECT%/$PROJECT} |
|
98 | 98 |
done |
99 | 99 |
} |
100 | 100 |
|
101 |
-function foreach_tenant_resource { |
|
101 |
+function foreach_project_resource { |
|
102 | 102 |
COMMAND=$1 |
103 | 103 |
RESOURCE=$2 |
104 |
- for TENANT in ${TENANTS//,/ };do |
|
105 |
- eval 'NUM=$'"${TENANT}_NUM_$RESOURCE" |
|
104 |
+ for PROJECT in ${PROJECTS//,/ };do |
|
105 |
+ eval 'NUM=$'"${PROJECT}_NUM_$RESOURCE" |
|
106 | 106 |
for i in `seq $NUM`;do |
107 |
- local COMMAND_LOCAL=${COMMAND//%TENANT%/$TENANT} |
|
107 |
+ local COMMAND_LOCAL=${COMMAND//%PROJECT%/$PROJECT} |
|
108 | 108 |
COMMAND_LOCAL=${COMMAND_LOCAL//%NUM%/$i} |
109 | 109 |
eval $COMMAND_LOCAL |
110 | 110 |
done |
111 | 111 |
done |
112 | 112 |
} |
113 | 113 |
|
114 |
-function foreach_tenant_vm { |
|
114 |
+function foreach_project_vm { |
|
115 | 115 |
COMMAND=$1 |
116 |
- foreach_tenant_resource "$COMMAND" 'VM' |
|
116 |
+ foreach_project_resource "$COMMAND" 'VM' |
|
117 | 117 |
} |
118 | 118 |
|
119 |
-function foreach_tenant_net { |
|
119 |
+function foreach_project_net { |
|
120 | 120 |
COMMAND=$1 |
121 |
- foreach_tenant_resource "$COMMAND" 'NET' |
|
121 |
+ foreach_project_resource "$COMMAND" 'NET' |
|
122 | 122 |
} |
123 | 123 |
|
124 | 124 |
function get_image_id { |
... | ... |
@@ -128,12 +128,12 @@ function get_image_id { |
128 | 128 |
echo "$IMAGE_ID" |
129 | 129 |
} |
130 | 130 |
|
131 |
-function get_tenant_id { |
|
132 |
- local TENANT_NAME=$1 |
|
133 |
- local TENANT_ID |
|
134 |
- TENANT_ID=`openstack project list | grep " $TENANT_NAME " | head -n 1 | get_field 1` |
|
135 |
- die_if_not_set $LINENO TENANT_ID "Failure retrieving TENANT_ID for $TENANT_NAME" |
|
136 |
- echo "$TENANT_ID" |
|
131 |
+function get_project_id { |
|
132 |
+ local PROJECT_NAME=$1 |
|
133 |
+ local PROJECT_ID |
|
134 |
+ PROJECT_ID=`openstack project list | grep " $PROJECT_NAME " | head -n 1 | get_field 1` |
|
135 |
+ die_if_not_set $LINENO PROJECT_ID "Failure retrieving PROJECT_ID for $PROJECT_NAME" |
|
136 |
+ echo "$PROJECT_ID" |
|
137 | 137 |
} |
138 | 138 |
|
139 | 139 |
function get_user_id { |
... | ... |
@@ -177,23 +177,23 @@ function confirm_server_active { |
177 | 177 |
|
178 | 178 |
function neutron_debug_admin { |
179 | 179 |
local os_username=$OS_USERNAME |
180 |
- local os_tenant_id=$OS_TENANT_ID |
|
180 |
+ local os_project_id=$OS_PROJECT_ID |
|
181 | 181 |
source $TOP_DIR/openrc admin admin |
182 | 182 |
neutron-debug $@ |
183 |
- source $TOP_DIR/openrc $os_username $os_tenant_id |
|
183 |
+ source $TOP_DIR/openrc $os_username $os_project_id |
|
184 | 184 |
} |
185 | 185 |
|
186 |
-function add_tenant { |
|
186 |
+function add_project { |
|
187 | 187 |
openstack project create $1 |
188 | 188 |
openstack user create $2 --password ${ADMIN_PASSWORD} --project $1 |
189 | 189 |
openstack role add Member --project $1 --user $2 |
190 | 190 |
} |
191 | 191 |
|
192 |
-function remove_tenant { |
|
193 |
- local TENANT=$1 |
|
194 |
- local TENANT_ID |
|
195 |
- TENANT_ID=$(get_tenant_id $TENANT) |
|
196 |
- openstack project delete $TENANT_ID |
|
192 |
+function remove_project { |
|
193 |
+ local PROJECT=$1 |
|
194 |
+ local PROJECT_ID |
|
195 |
+ PROJECT_ID=$(get_project_id $PROJECT) |
|
196 |
+ openstack project delete $PROJECT_ID |
|
197 | 197 |
} |
198 | 198 |
|
199 | 199 |
function remove_user { |
... | ... |
@@ -203,47 +203,47 @@ function remove_user { |
203 | 203 |
openstack user delete $USER_ID |
204 | 204 |
} |
205 | 205 |
|
206 |
-function create_tenants { |
|
206 |
+function create_projects { |
|
207 | 207 |
source $TOP_DIR/openrc admin admin |
208 |
- add_tenant demo1 demo1 demo1 |
|
209 |
- add_tenant demo2 demo2 demo2 |
|
208 |
+ add_project demo1 demo1 demo1 |
|
209 |
+ add_project demo2 demo2 demo2 |
|
210 | 210 |
source $TOP_DIR/openrc demo demo |
211 | 211 |
} |
212 | 212 |
|
213 |
-function delete_tenants_and_users { |
|
213 |
+function delete_projects_and_users { |
|
214 | 214 |
source $TOP_DIR/openrc admin admin |
215 | 215 |
remove_user demo1 |
216 |
- remove_tenant demo1 |
|
216 |
+ remove_project demo1 |
|
217 | 217 |
remove_user demo2 |
218 |
- remove_tenant demo2 |
|
219 |
- echo "removed all tenants" |
|
218 |
+ remove_project demo2 |
|
219 |
+ echo "removed all projects" |
|
220 | 220 |
source $TOP_DIR/openrc demo demo |
221 | 221 |
} |
222 | 222 |
|
223 | 223 |
function create_network { |
224 |
- local TENANT=$1 |
|
224 |
+ local PROJECT=$1 |
|
225 | 225 |
local GATEWAY=$2 |
226 | 226 |
local CIDR=$3 |
227 | 227 |
local NUM=$4 |
228 | 228 |
local EXTRA=$5 |
229 |
- local NET_NAME="${TENANT}-net$NUM" |
|
230 |
- local ROUTER_NAME="${TENANT}-router${NUM}" |
|
229 |
+ local NET_NAME="${PROJECT}-net$NUM" |
|
230 |
+ local ROUTER_NAME="${PROJECT}-router${NUM}" |
|
231 | 231 |
source $TOP_DIR/openrc admin admin |
232 |
- local TENANT_ID |
|
233 |
- TENANT_ID=$(get_tenant_id $TENANT) |
|
234 |
- source $TOP_DIR/openrc $TENANT $TENANT |
|
232 |
+ local PROJECT_ID |
|
233 |
+ PROJECT_ID=$(get_project_id $PROJECT) |
|
234 |
+ source $TOP_DIR/openrc $PROJECT $PROJECT |
|
235 | 235 |
local NET_ID |
236 |
- NET_ID=$(neutron net-create --tenant-id $TENANT_ID $NET_NAME $EXTRA| grep ' id ' | awk '{print $4}' ) |
|
237 |
- die_if_not_set $LINENO NET_ID "Failure creating NET_ID for $TENANT_ID $NET_NAME $EXTRA" |
|
238 |
- neutron subnet-create --ip-version 4 --tenant-id $TENANT_ID --gateway $GATEWAY $NET_ID $CIDR |
|
236 |
+ NET_ID=$(neutron net-create --project-id $PROJECT_ID $NET_NAME $EXTRA| grep ' id ' | awk '{print $4}' ) |
|
237 |
+ die_if_not_set $LINENO NET_ID "Failure creating NET_ID for $PROJECT_ID $NET_NAME $EXTRA" |
|
238 |
+ neutron subnet-create --ip-version 4 --project-id $PROJECT_ID --gateway $GATEWAY --subnetpool None $NET_ID $CIDR |
|
239 | 239 |
neutron_debug_admin probe-create --device-owner compute $NET_ID |
240 | 240 |
source $TOP_DIR/openrc demo demo |
241 | 241 |
} |
242 | 242 |
|
243 | 243 |
function create_networks { |
244 |
- foreach_tenant_net 'create_network ${%TENANT%_NAME} ${%TENANT%_NET%NUM%_GATEWAY} ${%TENANT%_NET%NUM%_CIDR} %NUM% ${%TENANT%_NET%NUM%_EXTRA}' |
|
244 |
+ foreach_project_net 'create_network ${%PROJECT%_NAME} ${%PROJECT%_NET%NUM%_GATEWAY} ${%PROJECT%_NET%NUM%_CIDR} %NUM% ${%PROJECT%_NET%NUM%_EXTRA}' |
|
245 | 245 |
#TODO(nati) test security group function |
246 |
- # allow ICMP for both tenant's security groups |
|
246 |
+ # allow ICMP for both project's security groups |
|
247 | 247 |
#source $TOP_DIR/openrc demo1 demo1 |
248 | 248 |
#$NOVA secgroup-add-rule default icmp -1 -1 0.0.0.0/0 |
249 | 249 |
#source $TOP_DIR/openrc demo2 demo2 |
... | ... |
@@ -251,10 +251,10 @@ function create_networks { |
251 | 251 |
} |
252 | 252 |
|
253 | 253 |
function create_vm { |
254 |
- local TENANT=$1 |
|
254 |
+ local PROJECT=$1 |
|
255 | 255 |
local NUM=$2 |
256 | 256 |
local NET_NAMES=$3 |
257 |
- source $TOP_DIR/openrc $TENANT $TENANT |
|
257 |
+ source $TOP_DIR/openrc $PROJECT $PROJECT |
|
258 | 258 |
local NIC="" |
259 | 259 |
for NET_NAME in ${NET_NAMES//,/ };do |
260 | 260 |
NIC="$NIC --nic net-id="`get_network_id $NET_NAME` |
... | ... |
@@ -265,13 +265,13 @@ function create_vm { |
265 | 265 |
VM_UUID=`nova boot --flavor $(get_flavor_id m1.tiny) \ |
266 | 266 |
--image $(get_image_id) \ |
267 | 267 |
$NIC \ |
268 |
- $TENANT-server$NUM | grep ' id ' | cut -d"|" -f3 | sed 's/ //g'` |
|
269 |
- die_if_not_set $LINENO VM_UUID "Failure launching $TENANT-server$NUM" |
|
268 |
+ $PROJECT-server$NUM | grep ' id ' | cut -d"|" -f3 | sed 's/ //g'` |
|
269 |
+ die_if_not_set $LINENO VM_UUID "Failure launching $PROJECT-server$NUM" |
|
270 | 270 |
confirm_server_active $VM_UUID |
271 | 271 |
} |
272 | 272 |
|
273 | 273 |
function create_vms { |
274 |
- foreach_tenant_vm 'create_vm ${%TENANT%_NAME} %NUM% ${%TENANT%_VM%NUM%_NET}' |
|
274 |
+ foreach_project_vm 'create_vm ${%PROJECT%_NAME} %NUM% ${%PROJECT%_VM%NUM%_NET}' |
|
275 | 275 |
} |
276 | 276 |
|
277 | 277 |
function ping_ip { |
... | ... |
@@ -284,11 +284,11 @@ function ping_ip { |
284 | 284 |
} |
285 | 285 |
|
286 | 286 |
function check_vm { |
287 |
- local TENANT=$1 |
|
287 |
+ local PROJECT=$1 |
|
288 | 288 |
local NUM=$2 |
289 |
- local VM_NAME="$TENANT-server$NUM" |
|
289 |
+ local VM_NAME="$PROJECT-server$NUM" |
|
290 | 290 |
local NET_NAME=$3 |
291 |
- source $TOP_DIR/openrc $TENANT $TENANT |
|
291 |
+ source $TOP_DIR/openrc $PROJECT $PROJECT |
|
292 | 292 |
ping_ip $VM_NAME $NET_NAME |
293 | 293 |
# TODO (nati) test ssh connection |
294 | 294 |
# TODO (nati) test inter connection between vm |
... | ... |
@@ -297,31 +297,31 @@ function check_vm { |
297 | 297 |
} |
298 | 298 |
|
299 | 299 |
function check_vms { |
300 |
- foreach_tenant_vm 'check_vm ${%TENANT%_NAME} %NUM% ${%TENANT%_VM%NUM%_NET}' |
|
300 |
+ foreach_project_vm 'check_vm ${%PROJECT%_NAME} %NUM% ${%PROJECT%_VM%NUM%_NET}' |
|
301 | 301 |
} |
302 | 302 |
|
303 | 303 |
function shutdown_vm { |
304 |
- local TENANT=$1 |
|
304 |
+ local PROJECT=$1 |
|
305 | 305 |
local NUM=$2 |
306 |
- source $TOP_DIR/openrc $TENANT $TENANT |
|
307 |
- VM_NAME=${TENANT}-server$NUM |
|
306 |
+ source $TOP_DIR/openrc $PROJECT $PROJECT |
|
307 |
+ VM_NAME=${PROJECT}-server$NUM |
|
308 | 308 |
nova delete $VM_NAME |
309 | 309 |
} |
310 | 310 |
|
311 | 311 |
function shutdown_vms { |
312 |
- foreach_tenant_vm 'shutdown_vm ${%TENANT%_NAME} %NUM%' |
|
312 |
+ foreach_project_vm 'shutdown_vm ${%PROJECT%_NAME} %NUM%' |
|
313 | 313 |
if ! timeout $TERMINATE_TIMEOUT sh -c "while nova list | grep -q ACTIVE; do sleep 1; done"; then |
314 | 314 |
die $LINENO "Some VMs failed to shutdown" |
315 | 315 |
fi |
316 | 316 |
} |
317 | 317 |
|
318 | 318 |
function delete_network { |
319 |
- local TENANT=$1 |
|
319 |
+ local PROJECT=$1 |
|
320 | 320 |
local NUM=$2 |
321 |
- local NET_NAME="${TENANT}-net$NUM" |
|
321 |
+ local NET_NAME="${PROJECT}-net$NUM" |
|
322 | 322 |
source $TOP_DIR/openrc admin admin |
323 |
- local TENANT_ID |
|
324 |
- TENANT_ID=$(get_tenant_id $TENANT) |
|
323 |
+ local PROJECT_ID |
|
324 |
+ PROJECT_ID=$(get_project_id $PROJECT) |
|
325 | 325 |
#TODO(nati) comment out until l3-agent merged |
326 | 326 |
#for res in port subnet net router;do |
327 | 327 |
for net_id in `neutron net-list -c id -c name | grep $NET_NAME | awk '{print $2}'`;do |
... | ... |
@@ -333,7 +333,7 @@ function delete_network { |
333 | 333 |
} |
334 | 334 |
|
335 | 335 |
function delete_networks { |
336 |
- foreach_tenant_net 'delete_network ${%TENANT%_NAME} %NUM%' |
|
336 |
+ foreach_project_net 'delete_network ${%PROJECT%_NAME} %NUM%' |
|
337 | 337 |
# TODO(nati) add secuirty group check after it is implemented |
338 | 338 |
# source $TOP_DIR/openrc demo1 demo1 |
339 | 339 |
# nova secgroup-delete-rule default icmp -1 -1 0.0.0.0/0 |
... | ... |
@@ -342,7 +342,7 @@ function delete_networks { |
342 | 342 |
} |
343 | 343 |
|
344 | 344 |
function create_all { |
345 |
- create_tenants |
|
345 |
+ create_projects |
|
346 | 346 |
create_networks |
347 | 347 |
create_vms |
348 | 348 |
} |
... | ... |
@@ -350,7 +350,7 @@ function create_all { |
350 | 350 |
function delete_all { |
351 | 351 |
shutdown_vms |
352 | 352 |
delete_networks |
353 |
- delete_tenants_and_users |
|
353 |
+ delete_projects_and_users |
|
354 | 354 |
} |
355 | 355 |
|
356 | 356 |
function all { |
... | ... |
@@ -366,8 +366,8 @@ function test_functions { |
366 | 366 |
IMAGE=$(get_image_id) |
367 | 367 |
echo $IMAGE |
368 | 368 |
|
369 |
- TENANT_ID=$(get_tenant_id demo) |
|
370 |
- echo $TENANT_ID |
|
369 |
+ PROJECT_ID=$(get_project_id demo) |
|
370 |
+ echo $PROJECT_ID |
|
371 | 371 |
|
372 | 372 |
FLAVOR_ID=$(get_flavor_id m1.tiny) |
373 | 373 |
echo $FLAVOR_ID |
... | ... |
@@ -382,11 +382,11 @@ function test_functions { |
382 | 382 |
function usage { |
383 | 383 |
echo "$0: [-h]" |
384 | 384 |
echo " -h, --help Display help message" |
385 |
- echo " -t, --tenant Create tenants" |
|
385 |
+ echo " -t, --project Create projects" |
|
386 | 386 |
echo " -n, --net Create networks" |
387 | 387 |
echo " -v, --vm Create vms" |
388 | 388 |
echo " -c, --check Check connection" |
389 |
- echo " -x, --delete-tenants Delete tenants" |
|
389 |
+ echo " -x, --delete-projects Delete projects" |
|
390 | 390 |
echo " -y, --delete-nets Delete networks" |
391 | 391 |
echo " -z, --delete-vms Delete vms" |
392 | 392 |
echo " -T, --test Test functions" |
... | ... |
@@ -412,7 +412,7 @@ function main { |
412 | 412 |
-v | --vm ) create_vms |
413 | 413 |
exit |
414 | 414 |
;; |
415 |
- -t | --tenant ) create_tenants |
|
415 |
+ -t | --project ) create_projects |
|
416 | 416 |
exit |
417 | 417 |
;; |
418 | 418 |
-c | --check ) check_vms |
... | ... |
@@ -421,7 +421,7 @@ function main { |
421 | 421 |
-T | --test ) test_functions |
422 | 422 |
exit |
423 | 423 |
;; |
424 |
- -x | --delete-tenants ) delete_tenants_and_users |
|
424 |
+ -x | --delete-projects ) delete_projects_and_users |
|
425 | 425 |
exit |
426 | 426 |
;; |
427 | 427 |
-y | --delete-nets ) delete_networks |
... | ... |
@@ -351,7 +351,7 @@ function configure_cinder { |
351 | 351 |
# Set os_privileged_user credentials (used for os-assisted-snapshots) |
352 | 352 |
iniset $CINDER_CONF DEFAULT os_privileged_user_name nova |
353 | 353 |
iniset $CINDER_CONF DEFAULT os_privileged_user_password "$SERVICE_PASSWORD" |
354 |
- iniset $CINDER_CONF DEFAULT os_privileged_user_tenant "$SERVICE_TENANT_NAME" |
|
354 |
+ iniset $CINDER_CONF DEFAULT os_privileged_user_tenant "$SERVICE_PROJECT_NAME" |
|
355 | 355 |
iniset $CINDER_CONF DEFAULT graceful_shutdown_timeout "$SERVICE_GRACEFUL_SHUTDOWN_TIMEOUT" |
356 | 356 |
} |
357 | 357 |
|
... | ... |
@@ -143,7 +143,7 @@ function configure_glance { |
143 | 143 |
iniset $GLANCE_API_CONF glance_store stores "file, http, swift" |
144 | 144 |
iniset $GLANCE_API_CONF DEFAULT graceful_shutdown_timeout "$SERVICE_GRACEFUL_SHUTDOWN_TIMEOUT" |
145 | 145 |
|
146 |
- iniset $GLANCE_SWIFT_STORE_CONF ref1 user $SERVICE_TENANT_NAME:glance-swift |
|
146 |
+ iniset $GLANCE_SWIFT_STORE_CONF ref1 user $SERVICE_PROJECT_NAME:glance-swift |
|
147 | 147 |
iniset $GLANCE_SWIFT_STORE_CONF ref1 key $SERVICE_PASSWORD |
148 | 148 |
iniset $GLANCE_SWIFT_STORE_CONF ref1 auth_address $KEYSTONE_SERVICE_URI/v3 |
149 | 149 |
iniset $GLANCE_SWIFT_STORE_CONF ref1 user_domain_id default |
... | ... |
@@ -198,7 +198,7 @@ function configure_glance { |
198 | 198 |
iniuncomment $GLANCE_CACHE_CONF DEFAULT auth_url |
199 | 199 |
iniset $GLANCE_CACHE_CONF DEFAULT auth_url $KEYSTONE_AUTH_URI/v2.0 |
200 | 200 |
iniuncomment $GLANCE_CACHE_CONF DEFAULT auth_tenant_name |
201 |
- iniset $GLANCE_CACHE_CONF DEFAULT admin_tenant_name $SERVICE_TENANT_NAME |
|
201 |
+ iniset $GLANCE_CACHE_CONF DEFAULT admin_tenant_name $SERVICE_PROJECT_NAME |
|
202 | 202 |
iniuncomment $GLANCE_CACHE_CONF DEFAULT auth_user |
203 | 203 |
iniset $GLANCE_CACHE_CONF DEFAULT admin_user glance |
204 | 204 |
iniuncomment $GLANCE_CACHE_CONF DEFAULT auth_password |
... | ... |
@@ -226,9 +226,9 @@ function configure_glance { |
226 | 226 |
|
227 | 227 |
# Project User Roles |
228 | 228 |
# --------------------------------------------------------------------- |
229 |
-# SERVICE_TENANT_NAME glance service |
|
230 |
-# SERVICE_TENANT_NAME glance-swift ResellerAdmin (if Swift is enabled) |
|
231 |
-# SERVICE_TENANT_NAME glance-search search (if Search is enabled) |
|
229 |
+# SERVICE_PROJECT_NAME glance service |
|
230 |
+# SERVICE_PROJECT_NAME glance-swift ResellerAdmin (if Swift is enabled) |
|
231 |
+# SERVICE_PROJECT_NAME glance-search search (if Search is enabled) |
|
232 | 232 |
|
233 | 233 |
function create_glance_accounts { |
234 | 234 |
if is_service_enabled g-api; then |
... | ... |
@@ -241,7 +241,7 @@ function create_glance_accounts { |
241 | 241 |
local glance_swift_user |
242 | 242 |
glance_swift_user=$(get_or_create_user "glance-swift" \ |
243 | 243 |
"$SERVICE_PASSWORD" "default" "glance-swift@example.com") |
244 |
- get_or_add_user_project_role "ResellerAdmin" $glance_swift_user $SERVICE_TENANT_NAME |
|
244 |
+ get_or_add_user_project_role "ResellerAdmin" $glance_swift_user $SERVICE_PROJECT_NAME |
|
245 | 245 |
fi |
246 | 246 |
|
247 | 247 |
get_or_create_service "glance" "image" "Glance Image Service" |
... | ... |
@@ -108,7 +108,7 @@ KEYSTONE_SERVICE_PROTOCOL=${KEYSTONE_SERVICE_PROTOCOL:-$SERVICE_PROTOCOL} |
108 | 108 |
# Bind hosts |
109 | 109 |
KEYSTONE_ADMIN_BIND_HOST=${KEYSTONE_ADMIN_BIND_HOST:-$KEYSTONE_SERVICE_HOST} |
110 | 110 |
# Set the tenant for service accounts in Keystone |
111 |
-SERVICE_TENANT_NAME=${SERVICE_TENANT_NAME:-service} |
|
111 |
+SERVICE_PROJECT_NAME=${SERVICE_TENANT_NAME:-service} |
|
112 | 112 |
|
113 | 113 |
# if we are running with SSL use https protocols |
114 | 114 |
if is_ssl_enabled_service "key" || is_service_enabled tls-proxy; then |
... | ... |
@@ -384,7 +384,7 @@ function create_keystone_accounts { |
384 | 384 |
get_or_add_user_domain_role $admin_role $admin_user default |
385 | 385 |
|
386 | 386 |
# Create service project/role |
387 |
- get_or_create_project "$SERVICE_TENANT_NAME" default |
|
387 |
+ get_or_create_project "$SERVICE_PROJECT_NAME" default |
|
388 | 388 |
|
389 | 389 |
# Service role, so service users do not have to be admins |
390 | 390 |
get_or_create_role service |
... | ... |
@@ -458,7 +458,7 @@ function create_service_user { |
458 | 458 |
|
459 | 459 |
local user |
460 | 460 |
user=$(get_or_create_user "$1" "$SERVICE_PASSWORD" default) |
461 |
- get_or_add_user_project_role "$role" "$user" "$SERVICE_TENANT_NAME" |
|
461 |
+ get_or_add_user_project_role "$role" "$user" "$SERVICE_PROJECT_NAME" |
|
462 | 462 |
} |
463 | 463 |
|
464 | 464 |
# Configure the service to use the auth token middleware. |
... | ... |
@@ -479,7 +479,7 @@ function configure_auth_token_middleware { |
479 | 479 |
iniset $conf_file $section username $admin_user |
480 | 480 |
iniset $conf_file $section password $SERVICE_PASSWORD |
481 | 481 |
iniset $conf_file $section user_domain_id default |
482 |
- iniset $conf_file $section project_name $SERVICE_TENANT_NAME |
|
482 |
+ iniset $conf_file $section project_name $SERVICE_PROJECT_NAME |
|
483 | 483 |
iniset $conf_file $section project_domain_id default |
484 | 484 |
|
485 | 485 |
iniset $conf_file $section auth_uri $KEYSTONE_SERVICE_URI |
... | ... |
@@ -483,7 +483,7 @@ function create_nova_conf_neutron { |
483 | 483 |
iniset $NOVA_CONF neutron username "$Q_ADMIN_USERNAME" |
484 | 484 |
iniset $NOVA_CONF neutron password "$SERVICE_PASSWORD" |
485 | 485 |
iniset $NOVA_CONF neutron user_domain_name "Default" |
486 |
- iniset $NOVA_CONF neutron project_name "$SERVICE_TENANT_NAME" |
|
486 |
+ iniset $NOVA_CONF neutron project_name "$SERVICE_PROJECT_NAME" |
|
487 | 487 |
iniset $NOVA_CONF neutron project_domain_name "Default" |
488 | 488 |
iniset $NOVA_CONF neutron auth_strategy "$Q_AUTH_STRATEGY" |
489 | 489 |
iniset $NOVA_CONF neutron region_name "$REGION_NAME" |
... | ... |
@@ -1169,7 +1169,7 @@ function _configure_neutron_service { |
1169 | 1169 |
iniset $NEUTRON_CONF nova username nova |
1170 | 1170 |
iniset $NEUTRON_CONF nova password $SERVICE_PASSWORD |
1171 | 1171 |
iniset $NEUTRON_CONF nova user_domain_id default |
1172 |
- iniset $NEUTRON_CONF nova project_name $SERVICE_TENANT_NAME |
|
1172 |
+ iniset $NEUTRON_CONF nova project_name $SERVICE_PROJECT_NAME |
|
1173 | 1173 |
iniset $NEUTRON_CONF nova project_domain_id default |
1174 | 1174 |
iniset $NEUTRON_CONF nova region_name $REGION_NAME |
1175 | 1175 |
|
... | ... |
@@ -404,8 +404,8 @@ function configure_nova { |
404 | 404 |
# |
405 | 405 |
# Project User Roles |
406 | 406 |
# ------------------------------------------------------------------ |
407 |
-# SERVICE_TENANT_NAME nova admin |
|
408 |
-# SERVICE_TENANT_NAME nova ResellerAdmin (if Swift is enabled) |
|
407 |
+# SERVICE_PROJECT_NAME nova admin |
|
408 |
+# SERVICE_PROJECT_NAME nova ResellerAdmin (if Swift is enabled) |
|
409 | 409 |
function create_nova_accounts { |
410 | 410 |
|
411 | 411 |
# Nova |
... | ... |
@@ -444,7 +444,7 @@ function create_nova_accounts { |
444 | 444 |
if is_service_enabled swift; then |
445 | 445 |
# Nova needs ResellerAdmin role to download images when accessing |
446 | 446 |
# swift through the s3 api. |
447 |
- get_or_add_user_project_role ResellerAdmin nova $SERVICE_TENANT_NAME |
|
447 |
+ get_or_add_user_project_role ResellerAdmin nova $SERVICE_PROJECT_NAME |
|
448 | 448 |
fi |
449 | 449 |
fi |
450 | 450 |
|
... | ... |
@@ -450,7 +450,7 @@ auth_host = ${KEYSTONE_AUTH_HOST} |
450 | 450 |
auth_protocol = ${KEYSTONE_AUTH_PROTOCOL} |
451 | 451 |
cafile = ${SSL_BUNDLE_FILE} |
452 | 452 |
admin_user = swift |
453 |
-admin_tenant_name = ${SERVICE_TENANT_NAME} |
|
453 |
+admin_tenant_name = ${SERVICE_PROJECT_NAME} |
|
454 | 454 |
admin_password = ${SERVICE_PASSWORD} |
455 | 455 |
|
456 | 456 |
[filter:swift3] |
... | ... |
@@ -812,7 +812,7 @@ function swift_configure_tempurls { |
812 | 812 |
# note we are using swift credentials! |
813 | 813 |
OS_USERNAME=swift \ |
814 | 814 |
OS_PASSWORD=$SERVICE_PASSWORD \ |
815 |
- OS_PROJECT_NAME=$SERVICE_TENANT_NAME \ |
|
815 |
+ OS_PROJECT_NAME=$SERVICE_PROJECT_NAME \ |
|
816 | 816 |
openstack object store account \ |
817 | 817 |
set --property "Temp-URL-Key=$SWIFT_TEMPURL_KEY" |
818 | 818 |
} |
... | ... |
@@ -1,9 +1,9 @@ |
1 | 1 |
#!/usr/bin/env bash |
2 | 2 |
# |
3 |
-# source openrc [username] [tenantname] |
|
3 |
+# source openrc [username] [projectname] |
|
4 | 4 |
# |
5 |
-# Configure a set of credentials for $TENANT/$USERNAME: |
|
6 |
-# Set OS_TENANT_NAME to override the default tenant 'demo' |
|
5 |
+# Configure a set of credentials for $PROJECT/$USERNAME: |
|
6 |
+# Set OS_PROJECT_NAME to override the default project 'demo' |
|
7 | 7 |
# Set OS_USERNAME to override the default user name 'demo' |
8 | 8 |
# Set ADMIN_PASSWORD to set the password for 'admin' and 'demo' |
9 | 9 |
|
... | ... |
@@ -14,7 +14,7 @@ if [[ -n "$1" ]]; then |
14 | 14 |
OS_USERNAME=$1 |
15 | 15 |
fi |
16 | 16 |
if [[ -n "$2" ]]; then |
17 |
- OS_TENANT_NAME=$2 |
|
17 |
+ OS_PROJECT_NAME=$2 |
|
18 | 18 |
fi |
19 | 19 |
|
20 | 20 |
# Find the other rc files |
... | ... |
@@ -34,13 +34,17 @@ fi |
34 | 34 |
# Get some necessary configuration |
35 | 35 |
source $RC_DIR/lib/tls |
36 | 36 |
|
37 |
-# The introduction of Keystone to the OpenStack ecosystem has standardized the |
|
38 |
-# term **tenant** as the entity that owns resources. In some places references |
|
39 |
-# still exist to the original Nova term **project** for this use. Also, |
|
40 |
-# **tenant_name** is preferred to **tenant_id**. |
|
41 |
-export OS_TENANT_NAME=${OS_TENANT_NAME:-demo} |
|
37 |
+# The OpenStack ecosystem has standardized the term **project** as the |
|
38 |
+# entity that owns resources. In some places **tenant** remains |
|
39 |
+# referenced, but in all cases this just means **project**. We will |
|
40 |
+# warn if we need to turn on legacy **tenant** support to have a |
|
41 |
+# working environment. |
|
42 |
+export OS_PROJECT_NAME=${OS_PROJECT_NAME:-demo} |
|
42 | 43 |
|
43 |
-# In addition to the owning entity (tenant), nova stores the entity performing |
|
44 |
+echo "WARNING: setting legacy OS_TENANT_NAME to support cli tools." |
|
45 |
+export OS_TENANT_NAME=$OS_PROJECT_NAME |
|
46 |
+ |
|
47 |
+# In addition to the owning entity (project), nova stores the entity performing |
|
44 | 48 |
# the action as the **user**. |
45 | 49 |
export OS_USERNAME=${OS_USERNAME:-demo} |
46 | 50 |
|
... | ... |
@@ -81,7 +85,7 @@ export OS_IDENTITY_API_VERSION=${IDENTITY_API_VERSION:-2.0} |
81 | 81 |
|
82 | 82 |
# Authenticating against an OpenStack cloud using Keystone returns a **Token** |
83 | 83 |
# and **Service Catalog**. The catalog contains the endpoints for all services |
84 |
-# the user/tenant has access to - including nova, glance, keystone, swift, ... |
|
84 |
+# the user/project has access to - including nova, glance, keystone, swift, ... |
|
85 | 85 |
# We currently recommend using the 2.0 *identity api*. |
86 | 86 |
# |
87 | 87 |
export OS_AUTH_URL=$KEYSTONE_AUTH_PROTOCOL://$KEYSTONE_AUTH_HOST:5000/v${OS_IDENTITY_API_VERSION} |
... | ... |
@@ -1210,7 +1210,7 @@ fi |
1210 | 1210 |
|
1211 | 1211 |
# Create an access key and secret key for Nova EC2 register image |
1212 | 1212 |
if is_service_enabled keystone && is_service_enabled swift3 && is_service_enabled nova; then |
1213 |
- eval $(openstack ec2 credentials create --user nova --project $SERVICE_TENANT_NAME -f shell -c access -c secret) |
|
1213 |
+ eval $(openstack ec2 credentials create --user nova --project $SERVICE_PROJECT_NAME -f shell -c access -c secret) |
|
1214 | 1214 |
iniset $NOVA_CONF DEFAULT s3_access_key "$access" |
1215 | 1215 |
iniset $NOVA_CONF DEFAULT s3_secret_key "$secret" |
1216 | 1216 |
iniset $NOVA_CONF DEFAULT s3_affix_tenant "True" |