... | ... |
@@ -6,8 +6,8 @@ $BIN_DIR/keystone-manage $* tenant add demo |
6 | 6 |
$BIN_DIR/keystone-manage $* tenant add invisible_to_admin |
7 | 7 |
|
8 | 8 |
# Users |
9 |
-$BIN_DIR/keystone-manage $* user add admin secrete |
|
10 |
-$BIN_DIR/keystone-manage $* user add demo secrete |
|
9 |
+$BIN_DIR/keystone-manage $* user add admin %ADMIN_PASSWORD% |
|
10 |
+$BIN_DIR/keystone-manage $* user add demo %ADMIN_PASSWORD% |
|
11 | 11 |
|
12 | 12 |
# Roles |
13 | 13 |
$BIN_DIR/keystone-manage $* role add Admin |
... | ... |
@@ -36,6 +36,8 @@ $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne keystone http://%HOS |
36 | 36 |
# Tokens |
37 | 37 |
$BIN_DIR/keystone-manage $* token add %SERVICE_TOKEN% admin admin 2015-02-05T00:00 |
38 | 38 |
|
39 |
-# EC2 related creds |
|
40 |
-$BIN_DIR/keystone-manage $* credentials add admin EC2 'admin:admin' admin admin || echo "no support for adding credentials" |
|
41 |
-$BIN_DIR/keystone-manage $* credentials add demo EC2 'demo:demo' demo demo || echo "no support for adding credentials" |
|
39 |
+# EC2 related creds - note we are setting the token to user_password |
|
40 |
+# but keystone doesn't parse them - it is just a blob from keystone's |
|
41 |
+# point of view |
|
42 |
+$BIN_DIR/keystone-manage $* credentials add admin EC2 'admin_%ADMIN_PASSWORD%' admin admin || echo "no support for adding credentials" |
|
43 |
+$BIN_DIR/keystone-manage $* credentials add demo EC2 'demo_%ADMIN_PASSWORD%' demo demo || echo "no support for adding credentials" |
... | ... |
@@ -147,6 +147,7 @@ GLANCE_HOSTPORT=${GLANCE_HOSTPORT:-$HOST_IP:9292} |
147 | 147 |
# Service Token - Openstack components need to have an admin token |
148 | 148 |
# to validate user tokens. |
149 | 149 |
SERVICE_TOKEN=${SERVICE_TOKEN:-`uuidgen`} |
150 |
+ADMIN_PASSWORD=${ADMIN_PASSWORD:-`openssl rand -hex 12`} |
|
150 | 151 |
|
151 | 152 |
# Install Packages |
152 | 153 |
# ================ |
... | ... |
@@ -415,6 +416,7 @@ if [[ "$ENABLED_SERVICES" =~ "key" ]]; then |
415 | 415 |
cp $FILES/keystone_data.sh $KEYSTONE_DATA |
416 | 416 |
sudo sed -e "s,%HOST_IP%,$HOST_IP,g" -i $KEYSTONE_DATA |
417 | 417 |
sudo sed -e "s,%SERVICE_TOKEN%,$SERVICE_TOKEN,g" -i $KEYSTONE_DATA |
418 |
+ sudo sed -e "s,%ADMIN_PASSWORD%,$ADMIN_PASSWORD,g" -i $KEYSTONE_DATA |
|
418 | 419 |
# initialize keystone with default users/endpoints |
419 | 420 |
BIN_DIR=$KEYSTONE_DIR/bin bash $KEYSTONE_DATA |
420 | 421 |
fi |
... | ... |
@@ -513,6 +515,8 @@ fi |
513 | 513 |
if [[ "$ENABLED_SERVICES" =~ "key" ]]; then |
514 | 514 |
echo "keystone is serving at http://$HOST_IP:5000/v2.0/" |
515 | 515 |
echo "examples on using novaclient command line is in exercise.sh" |
516 |
+ echo "the default users are: admin and demo" |
|
517 |
+ echo "the password: $ADMIN_PASSWORD" |
|
516 | 518 |
fi |
517 | 519 |
|
518 | 520 |
# Summary |