Change most keystoneclient commands to openstacklient in libs
migrated most keystoneclient commands from the following libs:
ceilometer
cinder
ironic
keystone
marconi
neutron
nova
savanna
swift
trove
Also need to set and unset openstackclient specific environment
variables from stack.sh
Change-Id: I725f30bc08e1df5a4c5770576c19ad1ddaeb843a
diff --git a/lib/ceilometer b/lib/ceilometer
index 4ca77bb..6c87d03 100644
--- a/lib/ceilometer
+++ b/lib/ceilometer
@@ -71,33 +71,33 @@
create_ceilometer_accounts() {
- SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
- ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
+ SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
+ ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
# Ceilometer
if [[ "$ENABLED_SERVICES" =~ "ceilometer-api" ]]; then
- CEILOMETER_USER=$(keystone user-create \
- --name=ceilometer \
- --pass="$SERVICE_PASSWORD" \
- --tenant_id $SERVICE_TENANT \
- --email=ceilometer@example.com \
+ CEILOMETER_USER=$(openstack user create \
+ ceilometer \
+ --password "$SERVICE_PASSWORD" \
+ --project $SERVICE_TENANT \
+ --email ceilometer@example.com \
| grep " id " | get_field 2)
- keystone user-role-add \
- --tenant-id $SERVICE_TENANT \
- --user-id $CEILOMETER_USER \
- --role-id $ADMIN_ROLE
+ openstack role add \
+ $ADMIN_ROLE \
+ --project $SERVICE_TENANT \
+ --user $CEILOMETER_USER
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
- CEILOMETER_SERVICE=$(keystone service-create \
- --name=ceilometer \
+ CEILOMETER_SERVICE=$(openstack service create \
+ ceilometer \
--type=metering \
--description="OpenStack Telemetry Service" \
| grep " id " | get_field 2)
- keystone endpoint-create \
+ openstack endpoint create \
+ $CEILOMETER_SERVICE \
--region RegionOne \
- --service_id $CEILOMETER_SERVICE \
- --publicurl "$CEILOMETER_SERVICE_PROTOCOL://$CEILOMETER_SERVICE_HOST:$CEILOMETER_SERVICE_PORT" \
- --adminurl "$CEILOMETER_SERVICE_PROTOCOL://$CEILOMETER_SERVICE_HOST:$CEILOMETER_SERVICE_PORT" \
- --internalurl "$CEILOMETER_SERVICE_PROTOCOL://$CEILOMETER_SERVICE_HOST:$CEILOMETER_SERVICE_PORT"
+ --publicurl "$CEILOMETER_SERVICE_PROTOCOL://$CEILOMETER_SERVICE_HOST:$CEILOMETER_SERVICE_PORT/" \
+ --adminurl "$CEILOMETER_SERVICE_PROTOCOL://$CEILOMETER_SERVICE_HOST:$CEILOMETER_SERVICE_PORT/" \
+ --internalurl "$CEILOMETER_SERVICE_PROTOCOL://$CEILOMETER_SERVICE_HOST:$CEILOMETER_SERVICE_PORT/"
fi
fi
}
diff --git a/lib/cinder b/lib/cinder
index d5e78bb..c8c90c0 100644
--- a/lib/cinder
+++ b/lib/cinder
@@ -330,45 +330,44 @@
# Migrated from keystone_data.sh
create_cinder_accounts() {
- SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
- ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
+ SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
+ ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
# Cinder
if [[ "$ENABLED_SERVICES" =~ "c-api" ]]; then
- CINDER_USER=$(keystone user-create \
- --name=cinder \
- --pass="$SERVICE_PASSWORD" \
- --tenant-id $SERVICE_TENANT \
- --email=cinder@example.com \
+ CINDER_USER=$(openstack user create \
+ cinder \
+ --password "$SERVICE_PASSWORD" \
+ --project $SERVICE_TENANT \
+ --email cinder@example.com \
| grep " id " | get_field 2)
- keystone user-role-add \
- --tenant-id $SERVICE_TENANT \
- --user-id $CINDER_USER \
- --role-id $ADMIN_ROLE
+ openstack role add \
+ $ADMIN_ROLE \
+ --project $SERVICE_TENANT \
+ --user $CINDER_USER
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
- CINDER_SERVICE=$(keystone service-create \
- --name=cinder \
+ CINDER_SERVICE=$(openstack service create \
+ cinder \
--type=volume \
--description="Cinder Volume Service" \
| grep " id " | get_field 2)
- keystone endpoint-create \
+ openstack endpoint create \
+ $CINDER_SERVICE \
--region RegionOne \
- --service_id $CINDER_SERVICE \
--publicurl "$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v1/\$(tenant_id)s" \
--adminurl "$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v1/\$(tenant_id)s" \
--internalurl "$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v1/\$(tenant_id)s"
- CINDER_V2_SERVICE=$(keystone service-create \
- --name=cinderv2 \
+ CINDER_V2_SERVICE=$(openstack service create \
+ cinderv2 \
--type=volumev2 \
--description="Cinder Volume Service V2" \
| grep " id " | get_field 2)
- keystone endpoint-create \
+ openstack endpoint create \
+ $CINDER_V2_SERVICE \
--region RegionOne \
- --service_id $CINDER_V2_SERVICE \
--publicurl "$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v2/\$(tenant_id)s" \
--adminurl "$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v2/\$(tenant_id)s" \
--internalurl "$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v2/\$(tenant_id)s"
-
fi
fi
}
diff --git a/lib/ironic b/lib/ironic
index 3c0e3cb..607b131 100644
--- a/lib/ironic
+++ b/lib/ironic
@@ -145,30 +145,30 @@
# service ironic admin # if enabled
create_ironic_accounts() {
- SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
- ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
+ SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
+ ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
# Ironic
if [[ "$ENABLED_SERVICES" =~ "ir-api" ]]; then
- IRONIC_USER=$(keystone user-create \
- --name=ironic \
- --pass="$SERVICE_PASSWORD" \
- --tenant-id $SERVICE_TENANT \
- --email=ironic@example.com \
+ IRONIC_USER=$(openstack user create \
+ ironic \
+ --password "$SERVICE_PASSWORD" \
+ --project $SERVICE_TENANT \
+ --email ironic@example.com \
| grep " id " | get_field 2)
- keystone user-role-add \
- --tenant-id $SERVICE_TENANT \
- --user_id $IRONIC_USER \
- --role_id $ADMIN_ROLE
+ openstack role add \
+ $ADMIN_ROLE \
+ --project $SERVICE_TENANT \
+ --user $IRONIC_USER
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
- IRONIC_SERVICE=$(keystone service-create \
- --name=ironic \
+ IRONIC_SERVICE=$(openstack service create \
+ ironic \
--type=baremetal \
--description="Ironic baremetal provisioning service" \
| grep " id " | get_field 2)
- keystone endpoint-create \
+ openstack endpoint create \
+ $IRONIC_SERVICE \
--region RegionOne \
- --service_id $IRONIC_SERVICE \
--publicurl "$IRONIC_SERVICE_PROTOCOL://$IRONIC_HOSTPORT" \
--adminurl "$IRONIC_SERVICE_PROTOCOL://$IRONIC_HOSTPORT" \
--internalurl "$IRONIC_SERVICE_PROTOCOL://$IRONIC_HOSTPORT"
diff --git a/lib/keystone b/lib/keystone
index 4f7f68b..bf0dcbb 100644
--- a/lib/keystone
+++ b/lib/keystone
@@ -275,60 +275,69 @@
create_keystone_accounts() {
# admin
- ADMIN_TENANT=$(keystone tenant-create \
- --name admin \
+ ADMIN_TENANT=$(openstack project create \
+ admin \
| grep " id " | get_field 2)
- ADMIN_USER=$(keystone user-create \
- --name admin \
- --pass "$ADMIN_PASSWORD" \
+ ADMIN_USER=$(openstack user create \
+ admin \
+ --project "$ADMIN_TENANT" \
--email admin@example.com \
+ --password "$ADMIN_PASSWORD" \
| grep " id " | get_field 2)
- ADMIN_ROLE=$(keystone role-create \
- --name admin \
+ ADMIN_ROLE=$(openstack role create \
+ admin \
| grep " id " | get_field 2)
- keystone user-role-add \
- --user-id $ADMIN_USER \
- --role-id $ADMIN_ROLE \
- --tenant-id $ADMIN_TENANT
+ openstack role add \
+ $ADMIN_ROLE \
+ --project $ADMIN_TENANT \
+ --user $ADMIN_USER
# service
- SERVICE_TENANT=$(keystone tenant-create \
- --name $SERVICE_TENANT_NAME \
+ SERVICE_TENANT=$(openstack project create \
+ $SERVICE_TENANT_NAME \
| grep " id " | get_field 2)
# The Member role is used by Horizon and Swift so we need to keep it:
- MEMBER_ROLE=$(keystone role-create --name=Member | grep " id " | get_field 2)
+ MEMBER_ROLE=$(openstack role create \
+ Member \
+ | grep " id " | get_field 2)
# ANOTHER_ROLE demonstrates that an arbitrary role may be created and used
# TODO(sleepsonthefloor): show how this can be used for rbac in the future!
- ANOTHER_ROLE=$(keystone role-create --name=anotherrole | grep " id " | get_field 2)
+ ANOTHER_ROLE=$(openstack role create \
+ anotherrole \
+ | grep " id " | get_field 2)
# invisible tenant - admin can't see this one
- INVIS_TENANT=$(keystone tenant-create --name=invisible_to_admin | grep " id " | get_field 2)
+ INVIS_TENANT=$(openstack project create \
+ invisible_to_admin \
+ | grep " id " | get_field 2)
# demo
- DEMO_TENANT=$(keystone tenant-create \
- --name=demo \
+ DEMO_TENANT=$(openstack project create \
+ demo \
| grep " id " | get_field 2)
- DEMO_USER=$(keystone user-create \
- --name demo \
- --pass "$ADMIN_PASSWORD" \
+ DEMO_USER=$(openstack user create \
+ demo \
+ --project $DEMO_TENANT \
--email demo@example.com \
+ --password "$ADMIN_PASSWORD" \
| grep " id " | get_field 2)
- keystone user-role-add --user-id $DEMO_USER --role-id $MEMBER_ROLE --tenant-id $DEMO_TENANT
- keystone user-role-add --user-id $ADMIN_USER --role-id $ADMIN_ROLE --tenant-id $DEMO_TENANT
- keystone user-role-add --user-id $DEMO_USER --role-id $ANOTHER_ROLE --tenant-id $DEMO_TENANT
- keystone user-role-add --user-id $DEMO_USER --role-id $MEMBER_ROLE --tenant-id $INVIS_TENANT
+
+ openstack role add --project $DEMO_TENANT --user $DEMO_USER $MEMBER_ROLE
+ openstack role add --project $DEMO_TENANT --user $ADMIN_USER $ADMIN_ROLE
+ openstack role add --project $DEMO_TENANT --user $DEMO_USER $ANOTHER_ROLE
+ openstack role add --project $INVIS_TENANT --user $DEMO_USER $MEMBER_ROLE
# Keystone
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
- KEYSTONE_SERVICE=$(keystone service-create \
- --name keystone \
+ KEYSTONE_SERVICE=$(openstack service create \
+ keystone \
--type identity \
--description "Keystone Identity Service" \
| grep " id " | get_field 2)
- keystone endpoint-create \
+ openstack endpoint create \
+ $KEYSTONE_SERVICE \
--region RegionOne \
- --service_id $KEYSTONE_SERVICE \
--publicurl "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v$IDENTITY_API_VERSION" \
--adminurl "$KEYSTONE_AUTH_PROTOCOL://$KEYSTONE_AUTH_HOST:$KEYSTONE_AUTH_PORT/v$IDENTITY_API_VERSION" \
--internalurl "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v$IDENTITY_API_VERSION"
diff --git a/lib/marconi b/lib/marconi
index 7c8fd14..88312cb 100644
--- a/lib/marconi
+++ b/lib/marconi
@@ -151,27 +151,29 @@
}
function create_marconi_accounts() {
- SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
- ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
+ SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
+ ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
- MARCONI_USER=$(get_id keystone user-create --name=marconi \
- --pass="$SERVICE_PASSWORD" \
- --tenant-id $SERVICE_TENANT \
- --email=marconi@example.com \
- | grep " id " | get_field 2)
- keystone user-role-add --tenant-id $SERVICE_TENANT \
- --user-id $MARCONI_USER \
- --role-id $ADMIN_ROLE
+ MARCONI_USER=$(openstack user create \
+ marconi \
+ --password "$SERVICE_PASSWORD" \
+ --project $SERVICE_TENANT \
+ --email marconi@example.com \
+ | grep " id " | get_field 2)
+ openstack role add \
+ $ADMIN_ROLE \
+ --project $SERVICE_TENANT \
+ --user $MARCONI_USER
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
- MARCONI_SERVICE=$(keystone service-create \
- --name=marconi \
+ MARCONI_SERVICE=$(openstack service create \
+ marconi \
--type=queuing \
--description="Marconi Service" \
| grep " id " | get_field 2)
- keystone endpoint-create \
+ openstack endpoint create \
+ $MARCONI_SERVICE \
--region RegionOne \
- --service_id $MARCONI_SERVICE \
--publicurl "http://$SERVICE_HOST:8888" \
--adminurl "http://$SERVICE_HOST:8888" \
--internalurl "http://$SERVICE_HOST:8888"
diff --git a/lib/neutron b/lib/neutron
index 5bd38bc..df276c7 100644
--- a/lib/neutron
+++ b/lib/neutron
@@ -332,29 +332,29 @@
# Migrated from keystone_data.sh
function create_neutron_accounts() {
- SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
- ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
+ SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
+ ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
if [[ "$ENABLED_SERVICES" =~ "q-svc" ]]; then
- NEUTRON_USER=$(keystone user-create \
- --name=neutron \
- --pass="$SERVICE_PASSWORD" \
- --tenant-id $SERVICE_TENANT \
- --email=neutron@example.com \
+ NEUTRON_USER=$(openstack user create \
+ neutron \
+ --password "$SERVICE_PASSWORD" \
+ --project $SERVICE_TENANT \
+ --email neutron@example.com \
| grep " id " | get_field 2)
- keystone user-role-add \
- --tenant-id $SERVICE_TENANT \
- --user-id $NEUTRON_USER \
- --role-id $ADMIN_ROLE
+ openstack role add \
+ $ADMIN_ROLE \
+ --project $SERVICE_TENANT \
+ --user $NEUTRON_USER
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
- NEUTRON_SERVICE=$(keystone service-create \
- --name=neutron \
+ NEUTRON_SERVICE=$(openstack service create \
+ neutron \
--type=network \
--description="Neutron Service" \
| grep " id " | get_field 2)
- keystone endpoint-create \
+ openstack endpoint create \
+ $NEUTRON_SERVICE \
--region RegionOne \
- --service_id $NEUTRON_SERVICE \
--publicurl "http://$SERVICE_HOST:9696/" \
--adminurl "http://$SERVICE_HOST:9696/" \
--internalurl "http://$SERVICE_HOST:9696/"
@@ -363,7 +363,7 @@
}
function create_neutron_initial_network() {
- TENANT_ID=$(keystone tenant-list | grep " demo " | get_field 1)
+ TENANT_ID=$(openstack project list | grep " demo " | get_field 1)
die_if_not_set $LINENO TENANT_ID "Failure retrieving TENANT_ID for demo"
# Create a small network
diff --git a/lib/nova b/lib/nova
index d90aea7..fefeda1 100644
--- a/lib/nova
+++ b/lib/nova
@@ -324,41 +324,41 @@
# Migrated from keystone_data.sh
create_nova_accounts() {
- SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
- ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
+ SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
+ ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
# Nova
if [[ "$ENABLED_SERVICES" =~ "n-api" ]]; then
- NOVA_USER=$(keystone user-create \
- --name=nova \
- --pass="$SERVICE_PASSWORD" \
- --tenant-id $SERVICE_TENANT \
- --email=nova@example.com \
+ NOVA_USER=$(openstack user create \
+ nova \
+ --password "$SERVICE_PASSWORD" \
+ --project $SERVICE_TENANT \
+ --email nova@example.com \
| grep " id " | get_field 2)
- keystone user-role-add \
- --tenant-id $SERVICE_TENANT \
- --user-id $NOVA_USER \
- --role-id $ADMIN_ROLE
+ openstack role add \
+ $ADMIN_ROLE \
+ --project $SERVICE_TENANT \
+ --user $NOVA_USER
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
- NOVA_SERVICE=$(keystone service-create \
- --name=nova \
+ NOVA_SERVICE=$(openstack service create \
+ nova \
--type=compute \
--description="Nova Compute Service" \
| grep " id " | get_field 2)
- keystone endpoint-create \
+ openstack endpoint create \
+ $NOVA_SERVICE \
--region RegionOne \
- --service_id $NOVA_SERVICE \
--publicurl "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v2/\$(tenant_id)s" \
--adminurl "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v2/\$(tenant_id)s" \
--internalurl "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v2/\$(tenant_id)s"
- NOVA_V3_SERVICE=$(keystone service-create \
- --name=novav3 \
+ NOVA_V3_SERVICE=$(openstack service create \
+ novav3 \
--type=computev3 \
--description="Nova Compute Service V3" \
| grep " id " | get_field 2)
- keystone endpoint-create \
+ openstack endpoint create \
+ $NOVA_V3_SERVICE \
--region RegionOne \
- --service_id $NOVA_V3_SERVICE \
--publicurl "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v3" \
--adminurl "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v3" \
--internalurl "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v3"
diff --git a/lib/savanna b/lib/savanna
index 6f42311..43c5e38 100644
--- a/lib/savanna
+++ b/lib/savanna
@@ -54,29 +54,29 @@
# service savanna admin
function create_savanna_accounts() {
- SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
- ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
+ SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
+ ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
- SAVANNA_USER=$(keystone user-create \
- --name=savanna \
- --pass="$SERVICE_PASSWORD" \
- --tenant-id $SERVICE_TENANT \
- --email=savanna@example.com \
+ SAVANNA_USER=$(openstack user create \
+ savanna \
+ --password "$SERVICE_PASSWORD" \
+ --project $SERVICE_TENANT \
+ --email savanna@example.com \
| grep " id " | get_field 2)
- keystone user-role-add \
- --tenant-id $SERVICE_TENANT \
- --user-id $SAVANNA_USER \
- --role-id $ADMIN_ROLE
+ openstack role add \
+ $ADMIN_ROLE \
+ --project $SERVICE_TENANT \
+ --user $SAVANNA_USER
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
- SAVANNA_SERVICE=$(keystone service-create \
- --name=savanna \
+ SAVANNA_SERVICE=$(openstack service create \
+ savanna \
--type=data_processing \
--description="Savanna Data Processing" \
| grep " id " | get_field 2)
- keystone endpoint-create \
+ openstack endpoint create \
+ $SAVANNA_SERVICE \
--region RegionOne \
- --service_id $SAVANNA_SERVICE \
--publicurl "$SAVANNA_SERVICE_PROTOCOL://$SAVANNA_SERVICE_HOST:$SAVANNA_SERVICE_PORT/v1.1/\$(tenant_id)s" \
--adminurl "$SAVANNA_SERVICE_PROTOCOL://$SAVANNA_SERVICE_HOST:$SAVANNA_SERVICE_PORT/v1.1/\$(tenant_id)s" \
--internalurl "$SAVANNA_SERVICE_PROTOCOL://$SAVANNA_SERVICE_HOST:$SAVANNA_SERVICE_PORT/v1.1/\$(tenant_id)s"
diff --git a/lib/swift b/lib/swift
index be25c81..df586ab 100644
--- a/lib/swift
+++ b/lib/swift
@@ -527,39 +527,53 @@
KEYSTONE_CATALOG_BACKEND=${KEYSTONE_CATALOG_BACKEND:-sql}
- SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
- ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
+ SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
+ ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
- SWIFT_USER=$(keystone user-create --name=swift --pass="$SERVICE_PASSWORD" \
- --tenant-id $SERVICE_TENANT --email=swift@example.com | grep " id " | get_field 2)
- keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $SWIFT_USER --role-id $ADMIN_ROLE
+ SWIFT_USER=$(openstack user create \
+ swift \
+ --password "$SERVICE_PASSWORD" \
+ --project $SERVICE_TENANT \
+ --email=swift@example.com \
+ | grep " id " | get_field 2)
+ openstack role add \
+ $ADMIN_ROLE \
+ --project $SERVICE_TENANT \
+ --user $SWIFT_USER
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
- SWIFT_SERVICE=$(keystone service-create --name=swift --type="object-store" \
- --description="Swift Service" | grep " id " | get_field 2)
- keystone endpoint-create \
+ SWIFT_SERVICE=$(openstack service create \
+ swift \
+ --type="object-store" \
+ --description="Swift Service" \
+ | grep " id " | get_field 2)
+ openstack endpoint create \
+ $SWIFT_SERVICE \
--region RegionOne \
- --service_id $SWIFT_SERVICE \
--publicurl "http://$SERVICE_HOST:8080/v1/AUTH_\$(tenant_id)s" \
--adminurl "http://$SERVICE_HOST:8080" \
--internalurl "http://$SERVICE_HOST:8080/v1/AUTH_\$(tenant_id)s"
fi
- SWIFT_TENANT_TEST1=$(keystone tenant-create --name=swifttenanttest1 | grep " id " | get_field 2)
+ SWIFT_TENANT_TEST1=$(openstack project create swifttenanttest1 | grep " id " | get_field 2)
die_if_not_set $LINENO SWIFT_TENANT_TEST1 "Failure creating SWIFT_TENANT_TEST1"
- SWIFT_USER_TEST1=$(keystone user-create --name=swiftusertest1 --pass=$SWIFTUSERTEST1_PASSWORD --email=test@example.com | grep " id " | get_field 2)
+ SWIFT_USER_TEST1=$(openstack user create swiftusertest1 --password=$SWIFTUSERTEST1_PASSWORD \
+ --project "$SWIFT_TENANT_TEST1" --email=test@example.com | grep " id " | get_field 2)
die_if_not_set $LINENO SWIFT_USER_TEST1 "Failure creating SWIFT_USER_TEST1"
- keystone user-role-add --user-id $SWIFT_USER_TEST1 --role-id $ADMIN_ROLE --tenant-id $SWIFT_TENANT_TEST1
+ openstack role add --user $SWIFT_USER_TEST1 --project $SWIFT_TENANT_TEST1 $ADMIN_ROLE
- SWIFT_USER_TEST3=$(keystone user-create --name=swiftusertest3 --pass=$SWIFTUSERTEST3_PASSWORD --email=test3@example.com | grep " id " | get_field 2)
+ SWIFT_USER_TEST3=$(openstack user create swiftusertest3 --password=$SWIFTUSERTEST3_PASSWORD \
+ --project "$SWIFT_TENANT_TEST1" --email=test3@example.com | grep " id " | get_field 2)
die_if_not_set $LINENO SWIFT_USER_TEST3 "Failure creating SWIFT_USER_TEST3"
- keystone user-role-add --user-id $SWIFT_USER_TEST3 --role-id $ANOTHER_ROLE --tenant-id $SWIFT_TENANT_TEST1
+ openstack role add --user $SWIFT_USER_TEST3 --project $SWIFT_TENANT_TEST1 $ANOTHER_ROLE
- SWIFT_TENANT_TEST2=$(keystone tenant-create --name=swifttenanttest2 | grep " id " | get_field 2)
+ SWIFT_TENANT_TEST2=$(openstack project create swifttenanttest2 | grep " id " | get_field 2)
die_if_not_set $LINENO SWIFT_TENANT_TEST2 "Failure creating SWIFT_TENANT_TEST2"
- SWIFT_USER_TEST2=$(keystone user-create --name=swiftusertest2 --pass=$SWIFTUSERTEST2_PASSWORD --email=test2@example.com | grep " id " | get_field 2)
+
+ SWIFT_USER_TEST2=$(openstack user create swiftusertest2 --password=$SWIFTUSERTEST2_PASSWORD \
+ --project "$SWIFT_TENANT_TEST2" --email=test2@example.com | grep " id " | get_field 2)
die_if_not_set $LINENO SWIFT_USER_TEST2 "Failure creating SWIFT_USER_TEST2"
- keystone user-role-add --user-id $SWIFT_USER_TEST2 --role-id $ADMIN_ROLE --tenant-id $SWIFT_TENANT_TEST2
+ openstack role add --user $SWIFT_USER_TEST2 --project $SWIFT_TENANT_TEST2 $ADMIN_ROLE
}
# init_swift() - Initialize rings
diff --git a/lib/trove b/lib/trove
index bb45491..5e1bbd5 100644
--- a/lib/trove
+++ b/lib/trove
@@ -71,28 +71,29 @@
create_trove_accounts() {
# Trove
- SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
- SERVICE_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
+ SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
+ SERVICE_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
if [[ "$ENABLED_SERVICES" =~ "trove" ]]; then
- TROVE_USER=$(keystone user-create \
- --name=trove \
- --pass="$SERVICE_PASSWORD" \
- --tenant-id $SERVICE_TENANT \
- --email=trove@example.com \
+ TROVE_USER=$(openstack user create \
+ trove \
+ --password "$SERVICE_PASSWORD" \
+ --project $SERVICE_TENANT \
+ --email trove@example.com \
| grep " id " | get_field 2)
- keystone user-role-add --tenant-id $SERVICE_TENANT \
- --user-id $TROVE_USER \
- --role-id $SERVICE_ROLE
+ openstack role add \
+ $SERVICE_ROLE \
+ --project $SERVICE_TENANT \
+ --user $TROVE_USER
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
- TROVE_SERVICE=$(keystone service-create \
- --name=trove \
+ TROVE_SERVICE=$(openstack service create
+ trove \
--type=database \
--description="Trove Service" \
| grep " id " | get_field 2)
- keystone endpoint-create \
+ openstack endpoint create \
+ $TROVE_SERVICE \
--region RegionOne \
- --service_id $TROVE_SERVICE \
--publicurl "http://$SERVICE_HOST:8779/v1.0/\$(tenant_id)s" \
--adminurl "http://$SERVICE_HOST:8779/v1.0/\$(tenant_id)s" \
--internalurl "http://$SERVICE_HOST:8779/v1.0/\$(tenant_id)s"
diff --git a/stack.sh b/stack.sh
index c153132..e5d87cc 100755
--- a/stack.sh
+++ b/stack.sh
@@ -925,6 +925,9 @@
# Do the keystone-specific bits from keystone_data.sh
export OS_SERVICE_TOKEN=$SERVICE_TOKEN
export OS_SERVICE_ENDPOINT=$SERVICE_ENDPOINT
+ # Add temporarily to make openstackclient work
+ export OS_TOKEN=$SERVICE_TOKEN
+ export OS_URL=$SERVICE_ENDPOINT
create_keystone_accounts
create_nova_accounts
create_cinder_accounts
@@ -947,6 +950,7 @@
bash -x $FILES/keystone_data.sh
# Set up auth creds now that keystone is bootstrapped
+ unset OS_TOKEN OS_URL
export OS_AUTH_URL=$SERVICE_ENDPOINT
export OS_TENANT_NAME=admin
export OS_USERNAME=admin