@@ -175,4 +175,4 @@ auth_host = 127.0.0.1

 auth_port = 35357

 auth_protocol = http

 auth_uri = http://127.0.0.1:5000/

-admin_token = 999888777666

+admin_token = %SERVICE_TOKEN%

@@ -64,7 +64,7 @@ auth_host = 127.0.0.1

 auth_port = 35357

 auth_protocol = http

 auth_uri = http://127.0.0.1:5000/

-admin_token = 999888777666

+admin_token = %SERVICE_TOKEN%

 [filter:keystone_shim]

 paste.filter_factory = keystone.middleware.glance_auth_token:filter_factory

@@ -34,7 +34,7 @@ $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne keystone http://%HOS

 # $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne swift http://%HOST_IP%:8080/v1/AUTH_%tenant_id% http://%HOST_IP%:8080/ http://%HOST_IP%:8080/v1/AUTH_%tenant_id% 1 1

 # Tokens

-$BIN_DIR/keystone-manage $* token add 999888777666 admin admin 2015-02-05T00:00

+$BIN_DIR/keystone-manage $* token add %SERVICE_TOKEN% admin admin 2015-02-05T00:00

 # EC2 related creds

 $BIN_DIR/keystone-manage $* credentials add admin EC2 'admin:admin' admin admin || echo "no support for adding credentials"

@@ -146,6 +146,10 @@ RABBIT_HOST=${RABBIT_HOST:-localhost}

 # Glance connection info.  Note the port must be specified.

 GLANCE_HOSTPORT=${GLANCE_HOSTPORT:-$HOST_IP:9292}

+# Service Token - Openstack components need to have an admin token

+# to validate user tokens.

+SERVICE_TOKEN=${SERVICE_TOKEN:-`uuidgen`}

+

 # Install Packages

 # ================

 #

@@ -318,11 +322,13 @@ if [[ "$ENABLED_SERVICES" =~ "g-reg" ]]; then

     GLANCE_CONF=$GLANCE_DIR/etc/glance-registry.conf

     cp $FILES/glance-registry.conf $GLANCE_CONF

     sudo sed -e "s,%SQL_CONN%,$BASE_SQL_CONN/glance,g" -i $GLANCE_CONF

+    sudo sed -e "s,%SERVICE_TOKEN%,$SERVICE_TOKEN,g" -i $GLANCE_CONF

     sudo sed -e "s,%DEST%,$DEST,g" -i $GLANCE_CONF

     GLANCE_API_CONF=$GLANCE_DIR/etc/glance-api.conf

     cp $FILES/glance-api.conf $GLANCE_API_CONF

     sudo sed -e "s,%DEST%,$DEST,g" -i $GLANCE_API_CONF

+    sudo sed -e "s,%SERVICE_TOKEN%,$SERVICE_TOKEN,g" -i $GLANCE_API_CONF

 fi

 # Nova

@@ -428,6 +434,7 @@ if [[ "$ENABLED_SERVICES" =~ "key" ]]; then

     KEYSTONE_DATA=$KEYSTONE_DIR/bin/keystone_data.sh

     cp $FILES/keystone_data.sh $KEYSTONE_DATA

     sudo sed -e "s,%HOST_IP%,$HOST_IP,g" -i $KEYSTONE_DATA

+    sudo sed -e "s,%SERVICE_TOKEN%,$SERVICE_TOKEN,g" -i $KEYSTONE_DATA

     # initialize keystone with default users/endpoints

     BIN_DIR=$KEYSTONE_DIR/bin bash $KEYSTONE_DATA

 fi

@@ -508,9 +515,9 @@ if [[ "$ENABLED_SERVICES" =~ "g-reg" ]]; then

     # add images to glance

     # FIXME: kernel/ramdisk is hardcoded - use return result from add

-    glance add -A 999888777666 name="tty-kernel" is_public=true container_format=aki disk_format=aki < $FILES/images/aki-tty/image

-    glance add -A 999888777666 name="tty-ramdisk" is_public=true container_format=ari disk_format=ari < $FILES/images/ari-tty/image

-    glance add -A 999888777666 name="tty" is_public=true container_format=ami disk_format=ami kernel_id=1 ramdisk_id=2 < $FILES/images/ami-tty/image

+    glance add -A $SERVICE_TOKEN name="tty-kernel" is_public=true container_format=aki disk_format=aki < $FILES/images/aki-tty/image

+    glance add -A $SERVICE_TOKEN name="tty-ramdisk" is_public=true container_format=ari disk_format=ari < $FILES/images/ari-tty/image

+    glance add -A $SERVICE_TOKEN name="tty" is_public=true container_format=ami disk_format=ami kernel_id=1 ramdisk_id=2 < $FILES/images/ami-tty/image

 fi

 # Using the cloud