Browse code
Use identity V3 API for endpoint creation
Always use the keystone V3 API when creating services and endpoints. The syntax
here is slightly different but we maintain the function interface.
Change-Id: Ib3a375918a45fd6e37d873a1a5c0c4b26bdbb5d8
Implements: bp keystonev3
Jamie Lennox authored on 2015/05/29 15:04:47Showing 12 changed files
- functions-common
- lib/ceilometer
- lib/cinder
- lib/glance
- lib/heat
- lib/ironic
- lib/keystone
- lib/neutron-legacy
- lib/nova
- lib/swift
- lib/tempest
- lib/zaqar
| ... | ... |
@@ -809,6 +809,8 @@ function get_or_create_service {
|
| 809 | 809 |
openstack service show $2 -f value -c id 2>/dev/null || |
| 810 | 810 |
# Creates new service if not exists |
| 811 | 811 |
openstack service create \ |
| 812 |
+ --os-url $KEYSTONE_SERVICE_URI_V3 \ |
|
| 813 |
+ --os-identity-api-version=3 \ |
|
| 812 | 814 |
$2 \ |
| 813 | 815 |
--name $1 \ |
| 814 | 816 |
--description="$3" \ |
| ... | ... |
@@ -817,29 +819,56 @@ function get_or_create_service {
|
| 817 | 817 |
echo $service_id |
| 818 | 818 |
} |
| 819 | 819 |
|
| 820 |
-# Gets or creates endpoint |
|
| 821 |
-# Usage: get_or_create_endpoint <service> <region> <publicurl> <adminurl> <internalurl> |
|
| 822 |
-function get_or_create_endpoint {
|
|
| 823 |
- # Gets endpoint id |
|
| 820 |
+# Create an endpoint with a specific interface |
|
| 821 |
+# Usage: _get_or_create_endpoint_with_interface <service> <interface> <url> <region> |
|
| 822 |
+function _get_or_create_endpoint_with_interface {
|
|
| 824 | 823 |
local endpoint_id=$(openstack endpoint list \ |
| 825 |
- --column "ID" \ |
|
| 826 |
- --column "Region" \ |
|
| 827 |
- --column "Service Name" \ |
|
| 828 |
- | grep " $2 " \ |
|
| 829 |
- | grep " $1 " | get_field 1) |
|
| 824 |
+ --os-url $KEYSTONE_SERVICE_URI_V3 \ |
|
| 825 |
+ --os-identity-api-version=3 \ |
|
| 826 |
+ --service $1 \ |
|
| 827 |
+ --interface $2 \ |
|
| 828 |
+ --region $4 \ |
|
| 829 |
+ -c ID -f value) |
|
| 830 | 830 |
if [[ -z "$endpoint_id" ]]; then |
| 831 | 831 |
# Creates new endpoint |
| 832 | 832 |
endpoint_id=$(openstack endpoint create \ |
| 833 |
- $1 \ |
|
| 834 |
- --region $2 \ |
|
| 835 |
- --publicurl $3 \ |
|
| 836 |
- --adminurl $4 \ |
|
| 837 |
- --internalurl $5 \ |
|
| 838 |
- | grep " id " | get_field 2) |
|
| 833 |
+ --os-url $KEYSTONE_SERVICE_URI_V3 \ |
|
| 834 |
+ --os-identity-api-version=3 \ |
|
| 835 |
+ $1 $2 $3 --region $4 -f value -c id) |
|
| 839 | 836 |
fi |
| 837 |
+ |
|
| 840 | 838 |
echo $endpoint_id |
| 841 | 839 |
} |
| 842 | 840 |
|
| 841 |
+# Gets or creates endpoint |
|
| 842 |
+# Usage: get_or_create_endpoint <service> <region> <publicurl> <adminurl> <internalurl> |
|
| 843 |
+function get_or_create_endpoint {
|
|
| 844 |
+ # NOTE(jamielennnox): when converting to v3 endpoint creation we go from |
|
| 845 |
+ # creating one endpoint with multiple urls to multiple endpoints each with |
|
| 846 |
+ # a different interface. To maintain the existing function interface we |
|
| 847 |
+ # create 3 endpoints and return the id of the public one. In reality |
|
| 848 |
+ # returning the public id will not make a lot of difference as there are no |
|
| 849 |
+ # scenarios currently that use the returned id. Ideally this behaviour |
|
| 850 |
+ # should be pushed out to the service setups and let them create the |
|
| 851 |
+ # endpoints they need. |
|
| 852 |
+ local public_id=$(_get_or_create_endpoint_with_interface $1 public $3 $2) |
|
| 853 |
+ _get_or_create_endpoint_with_interface $1 admin $4 $2 |
|
| 854 |
+ _get_or_create_endpoint_with_interface $1 internal $5 $2 |
|
| 855 |
+ |
|
| 856 |
+ # return the public id to indicate success, and this is the endpoint most likely wanted |
|
| 857 |
+ echo $public_id |
|
| 858 |
+} |
|
| 859 |
+ |
|
| 860 |
+# Get a URL from the identity service |
|
| 861 |
+# Usage: get_endpoint_url <service> <interface> |
|
| 862 |
+function get_endpoint_url {
|
|
| 863 |
+ echo $(openstack endpoint list \ |
|
| 864 |
+ --service $1 --interface $2 \ |
|
| 865 |
+ --os-url $KEYSTONE_SERVICE_URI_V3 \ |
|
| 866 |
+ --os-identity-api-version=3 \ |
|
| 867 |
+ -c URL -f value) |
|
| 868 |
+} |
|
| 869 |
+ |
|
| 843 | 870 |
|
| 844 | 871 |
# Package Functions |
| 845 | 872 |
# ================= |
| ... | ... |
@@ -130,9 +130,8 @@ function create_ceilometer_accounts {
|
| 130 | 130 |
create_service_user "ceilometer" "admin" |
| 131 | 131 |
|
| 132 | 132 |
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then |
| 133 |
- local ceilometer_service=$(get_or_create_service "ceilometer" \ |
|
| 134 |
- "metering" "OpenStack Telemetry Service") |
|
| 135 |
- get_or_create_endpoint $ceilometer_service \ |
|
| 133 |
+ get_or_create_service "ceilometer" "metering" "OpenStack Telemetry Service" |
|
| 134 |
+ get_or_create_endpoint "metering" \ |
|
| 136 | 135 |
"$REGION_NAME" \ |
| 137 | 136 |
"$CEILOMETER_SERVICE_PROTOCOL://$CEILOMETER_SERVICE_HOST:$CEILOMETER_SERVICE_PORT/" \ |
| 138 | 137 |
"$CEILOMETER_SERVICE_PROTOCOL://$CEILOMETER_SERVICE_HOST:$CEILOMETER_SERVICE_PORT/" \ |
| ... | ... |
@@ -327,16 +327,14 @@ function create_cinder_accounts {
|
| 327 | 327 |
|
| 328 | 328 |
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then |
| 329 | 329 |
|
| 330 |
- local cinder_service=$(get_or_create_service "cinder" \ |
|
| 331 |
- "volume" "Cinder Volume Service") |
|
| 332 |
- get_or_create_endpoint $cinder_service "$REGION_NAME" \ |
|
| 330 |
+ get_or_create_service "cinder" "volume" "Cinder Volume Service" |
|
| 331 |
+ get_or_create_endpoint "volume" "$REGION_NAME" \ |
|
| 333 | 332 |
"$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v1/\$(tenant_id)s" \ |
| 334 | 333 |
"$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v1/\$(tenant_id)s" \ |
| 335 | 334 |
"$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v1/\$(tenant_id)s" |
| 336 | 335 |
|
| 337 |
- local cinder_v2_service=$(get_or_create_service "cinderv2" \ |
|
| 338 |
- "volumev2" "Cinder Volume Service V2") |
|
| 339 |
- get_or_create_endpoint $cinder_v2_service "$REGION_NAME" \ |
|
| 336 |
+ get_or_create_service "cinderv2" "volumev2" "Cinder Volume Service V2" |
|
| 337 |
+ get_or_create_endpoint "volumev2" "$REGION_NAME" \ |
|
| 340 | 338 |
"$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v2/\$(tenant_id)s" \ |
| 341 | 339 |
"$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v2/\$(tenant_id)s" \ |
| 342 | 340 |
"$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v2/\$(tenant_id)s" |
| ... | ... |
@@ -266,9 +266,8 @@ function create_glance_accounts {
|
| 266 | 266 |
|
| 267 | 267 |
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then |
| 268 | 268 |
|
| 269 |
- local glance_service=$(get_or_create_service "glance" \ |
|
| 270 |
- "image" "Glance Image Service") |
|
| 271 |
- get_or_create_endpoint $glance_service \ |
|
| 269 |
+ get_or_create_service "glance" "image" "Glance Image Service" |
|
| 270 |
+ get_or_create_endpoint "image" \ |
|
| 272 | 271 |
"$REGION_NAME" \ |
| 273 | 272 |
"$GLANCE_SERVICE_PROTOCOL://$GLANCE_HOSTPORT" \ |
| 274 | 273 |
"$GLANCE_SERVICE_PROTOCOL://$GLANCE_HOSTPORT" \ |
| ... | ... |
@@ -279,10 +278,9 @@ function create_glance_accounts {
|
| 279 | 279 |
# Add glance-search service and endpoints |
| 280 | 280 |
if is_service_enabled g-search; then |
| 281 | 281 |
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then |
| 282 |
- local glance_search_service=$(get_or_create_service "glance-search" \ |
|
| 283 |
- "search" "EXPERIMENTAL - Glance Graffiti Search Service") |
|
| 282 |
+ get_or_create_service "glance-search" "search" "EXPERIMENTAL - Glance Graffiti Search Service" |
|
| 284 | 283 |
|
| 285 |
- get_or_create_endpoint $glance_search_service \ |
|
| 284 |
+ get_or_create_endpoint "search" \ |
|
| 286 | 285 |
"$REGION_NAME" \ |
| 287 | 286 |
"$GLANCE_SERVICE_PROTOCOL://$GLANCE_SEARCH_HOSTPORT" \ |
| 288 | 287 |
"$GLANCE_SERVICE_PROTOCOL://$GLANCE_SEARCH_HOSTPORT" \ |
| ... | ... |
@@ -250,17 +250,15 @@ function create_heat_accounts {
|
| 250 | 250 |
|
| 251 | 251 |
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then |
| 252 | 252 |
|
| 253 |
- local heat_service=$(get_or_create_service "heat" \ |
|
| 254 |
- "orchestration" "Heat Orchestration Service") |
|
| 255 |
- get_or_create_endpoint $heat_service \ |
|
| 253 |
+ get_or_create_service "heat" "orchestration" "Heat Orchestration Service" |
|
| 254 |
+ get_or_create_endpoint "orchestration" \ |
|
| 256 | 255 |
"$REGION_NAME" \ |
| 257 | 256 |
"$SERVICE_PROTOCOL://$HEAT_API_HOST:$HEAT_API_PORT/v1/\$(tenant_id)s" \ |
| 258 | 257 |
"$SERVICE_PROTOCOL://$HEAT_API_HOST:$HEAT_API_PORT/v1/\$(tenant_id)s" \ |
| 259 | 258 |
"$SERVICE_PROTOCOL://$HEAT_API_HOST:$HEAT_API_PORT/v1/\$(tenant_id)s" |
| 260 | 259 |
|
| 261 |
- local heat_cfn_service=$(get_or_create_service "heat-cfn" \ |
|
| 262 |
- "cloudformation" "Heat CloudFormation Service") |
|
| 263 |
- get_or_create_endpoint $heat_cfn_service \ |
|
| 260 |
+ get_or_create_service "heat-cfn" "cloudformation" "Heat CloudFormation Service" |
|
| 261 |
+ get_or_create_endpoint "cloudformation" \ |
|
| 264 | 262 |
"$REGION_NAME" \ |
| 265 | 263 |
"$SERVICE_PROTOCOL://$HEAT_API_CFN_HOST:$HEAT_API_CFN_PORT/v1" \ |
| 266 | 264 |
"$SERVICE_PROTOCOL://$HEAT_API_CFN_HOST:$HEAT_API_CFN_PORT/v1" \ |
| ... | ... |
@@ -411,9 +411,8 @@ function create_ironic_accounts {
|
| 411 | 411 |
|
| 412 | 412 |
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then |
| 413 | 413 |
|
| 414 |
- local ironic_service=$(get_or_create_service "ironic" \ |
|
| 415 |
- "baremetal" "Ironic baremetal provisioning service") |
|
| 416 |
- get_or_create_endpoint $ironic_service \ |
|
| 414 |
+ get_or_create_service "ironic" "baremetal" "Ironic baremetal provisioning service" |
|
| 415 |
+ get_or_create_endpoint "baremetal" \ |
|
| 417 | 416 |
"$REGION_NAME" \ |
| 418 | 417 |
"$IRONIC_SERVICE_PROTOCOL://$IRONIC_HOSTPORT" \ |
| 419 | 418 |
"$IRONIC_SERVICE_PROTOCOL://$IRONIC_HOSTPORT" \ |
| ... | ... |
@@ -406,9 +406,8 @@ function create_keystone_accounts {
|
| 406 | 406 |
# Keystone |
| 407 | 407 |
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then |
| 408 | 408 |
|
| 409 |
- KEYSTONE_SERVICE=$(get_or_create_service "keystone" \ |
|
| 410 |
- "identity" "Keystone Identity Service") |
|
| 411 |
- get_or_create_endpoint $KEYSTONE_SERVICE \ |
|
| 409 |
+ get_or_create_service "keystone" "identity" "Keystone Identity Service" |
|
| 410 |
+ get_or_create_endpoint "identity" \ |
|
| 412 | 411 |
"$REGION_NAME" \ |
| 413 | 412 |
"$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v$IDENTITY_API_VERSION" \ |
| 414 | 413 |
"$KEYSTONE_AUTH_PROTOCOL://$KEYSTONE_AUTH_HOST:$KEYSTONE_AUTH_PORT/v$IDENTITY_API_VERSION" \ |
| ... | ... |
@@ -517,9 +517,8 @@ function create_neutron_accounts {
|
| 517 | 517 |
|
| 518 | 518 |
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then |
| 519 | 519 |
|
| 520 |
- local neutron_service=$(get_or_create_service "neutron" \ |
|
| 521 |
- "network" "Neutron Service") |
|
| 522 |
- get_or_create_endpoint $neutron_service \ |
|
| 520 |
+ get_or_create_service "neutron" "network" "Neutron Service" |
|
| 521 |
+ get_or_create_endpoint "network" \ |
|
| 523 | 522 |
"$REGION_NAME" \ |
| 524 | 523 |
"$Q_PROTOCOL://$SERVICE_HOST:$Q_PORT/" \ |
| 525 | 524 |
"$Q_PROTOCOL://$SERVICE_HOST:$Q_PORT/" \ |
| ... | ... |
@@ -402,24 +402,22 @@ function create_nova_accounts {
|
| 402 | 402 |
create_service_user "nova" "admin" |
| 403 | 403 |
|
| 404 | 404 |
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then |
| 405 |
- |
|
| 406 |
- local nova_service=$(get_or_create_service "nova" \ |
|
| 407 |
- "compute" "Nova Compute Service") |
|
| 408 | 405 |
local nova_api_url |
| 409 | 406 |
if [[ "$NOVA_USE_MOD_WSGI" == "False" ]]; then |
| 410 | 407 |
nova_api_url="$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT" |
| 411 | 408 |
else |
| 412 | 409 |
nova_api_url="$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST/compute" |
| 413 | 410 |
fi |
| 414 |
- get_or_create_endpoint $nova_service \ |
|
| 411 |
+ |
|
| 412 |
+ get_or_create_service "nova" "compute" "Nova Compute Service" |
|
| 413 |
+ get_or_create_endpoint "compute" \ |
|
| 415 | 414 |
"$REGION_NAME" \ |
| 416 | 415 |
"$nova_api_url/v2/\$(tenant_id)s" \ |
| 417 | 416 |
"$nova_api_url/v2/\$(tenant_id)s" \ |
| 418 | 417 |
"$nova_api_url/v2/\$(tenant_id)s" |
| 419 | 418 |
|
| 420 |
- local nova_v21_service=$(get_or_create_service "novav21" \ |
|
| 421 |
- "computev21" "Nova Compute Service V2.1") |
|
| 422 |
- get_or_create_endpoint $nova_v21_service \ |
|
| 419 |
+ get_or_create_service "novav21" "computev21" "Nova Compute Service V2.1" |
|
| 420 |
+ get_or_create_endpoint "computev21" \ |
|
| 423 | 421 |
"$REGION_NAME" \ |
| 424 | 422 |
"$nova_api_url/v2.1/\$(tenant_id)s" \ |
| 425 | 423 |
"$nova_api_url/v2.1/\$(tenant_id)s" \ |
| ... | ... |
@@ -438,9 +436,8 @@ function create_nova_accounts {
|
| 438 | 438 |
# EC2 |
| 439 | 439 |
if [[ "$KEYSTONE_CATALOG_BACKEND" = "sql" ]]; then |
| 440 | 440 |
|
| 441 |
- local ec2_service=$(get_or_create_service "ec2" \ |
|
| 442 |
- "ec2" "EC2 Compatibility Layer") |
|
| 443 |
- get_or_create_endpoint $ec2_service \ |
|
| 441 |
+ get_or_create_service "ec2" "ec2" "EC2 Compatibility Layer" |
|
| 442 |
+ get_or_create_endpoint "ec2" \ |
|
| 444 | 443 |
"$REGION_NAME" \ |
| 445 | 444 |
"$EC2_SERVICE_PROTOCOL://$SERVICE_HOST:8773/" \ |
| 446 | 445 |
"$EC2_SERVICE_PROTOCOL://$SERVICE_HOST:8773/" \ |
| ... | ... |
@@ -452,8 +449,8 @@ function create_nova_accounts {
|
| 452 | 452 |
if is_service_enabled n-obj swift3; then |
| 453 | 453 |
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then |
| 454 | 454 |
|
| 455 |
- local s3_service=$(get_or_create_service "s3" "s3" "S3") |
|
| 456 |
- get_or_create_endpoint $s3_service \ |
|
| 455 |
+ get_or_create_service "s3" "s3" "S3" |
|
| 456 |
+ get_or_create_endpoint "s3" \ |
|
| 457 | 457 |
"$REGION_NAME" \ |
| 458 | 458 |
"http://$SERVICE_HOST:$S3_SERVICE_PORT" \ |
| 459 | 459 |
"http://$SERVICE_HOST:$S3_SERVICE_PORT" \ |
| ... | ... |
@@ -607,9 +607,8 @@ function create_swift_accounts {
|
| 607 | 607 |
|
| 608 | 608 |
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then |
| 609 | 609 |
|
| 610 |
- local swift_service=$(get_or_create_service "swift" \ |
|
| 611 |
- "object-store" "Swift Service") |
|
| 612 |
- get_or_create_endpoint $swift_service \ |
|
| 610 |
+ get_or_create_service "swift" "object-store" "Swift Service" |
|
| 611 |
+ get_or_create_endpoint "object-store" \ |
|
| 613 | 612 |
"$REGION_NAME" \ |
| 614 | 613 |
"$SWIFT_SERVICE_PROTOCOL://$SERVICE_HOST:8080/v1/AUTH_\$(tenant_id)s" \ |
| 615 | 614 |
"$SWIFT_SERVICE_PROTOCOL://$SERVICE_HOST:8080" \ |
| ... | ... |
@@ -270,11 +270,11 @@ function configure_tempest {
|
| 270 | 270 |
fi |
| 271 | 271 |
fi |
| 272 | 272 |
|
| 273 |
- EC2_URL=$(openstack endpoint show -f value -c publicurl ec2 || true) |
|
| 273 |
+ EC2_URL=$(get_endpoint_url ec2 public || true) |
|
| 274 | 274 |
if [[ -z $EC2_URL ]]; then |
| 275 | 275 |
EC2_URL="$EC2_SERVICE_PROTOCOL://$SERVICE_HOST:8773/" |
| 276 | 276 |
fi |
| 277 |
- S3_URL=$(openstack endpoint show -f value -c publicurl s3 || true) |
|
| 277 |
+ S3_URL=$(get_endpoint_url s3 public || true) |
|
| 278 | 278 |
if [[ -z $S3_URL ]]; then |
| 279 | 279 |
S3_URL="http://$SERVICE_HOST:${S3_SERVICE_PORT:-3333}"
|
| 280 | 280 |
fi |
| ... | ... |
@@ -210,9 +210,8 @@ function create_zaqar_accounts {
|
| 210 | 210 |
|
| 211 | 211 |
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then |
| 212 | 212 |
|
| 213 |
- local zaqar_service=$(get_or_create_service "zaqar" \ |
|
| 214 |
- "messaging" "Zaqar Service") |
|
| 215 |
- get_or_create_endpoint $zaqar_service \ |
|
| 213 |
+ get_or_create_service "zaqar" "messaging" "Zaqar Service" |
|
| 214 |
+ get_or_create_endpoint "messaging" \ |
|
| 216 | 215 |
"$REGION_NAME" \ |
| 217 | 216 |
"$ZAQAR_SERVICE_PROTOCOL://$ZAQAR_SERVICE_HOST:$ZAQAR_SERVICE_PORT" \ |
| 218 | 217 |
"$ZAQAR_SERVICE_PROTOCOL://$ZAQAR_SERVICE_HOST:$ZAQAR_SERVICE_PORT" \ |