Gitiles
Code Review Sign In
spfactory.storpool.com / devstack / 33d1f86a4931de76fba555a9a3f5e5fa3fd7c171^! / . / lib / heat
commit33d1f86a4931de76fba555a9a3f5e5fa3fd7c171[log] [tgz]
authorSteven Hardy <shardy@redhat.com>Thu Feb 13 15:00:33 2014 +0000
committerSteven Hardy <shardy@redhat.com>Sat Feb 15 07:45:55 2014 +0000
tree87074babd899060c0d01bc09172506f0364c235c
parent824fac2cc740fa83086ac65ff8a5657eafbc1166 [diff] [blame]
Add support for creating heat stack domain

The Heat instance-users blueprint requires an additional domain
where heat creates projects and users related to stack resources
so add support for creating this domain when configured to install
Heat.  Note a workaround is currently required to make the
openstack command work with the v3 keystone API.

Change-Id: I36157372d85b577952b55481ca5cc42146011a54

diff --git a/lib/heat b/lib/heat
index 9f5dd8b..efb01ef 100644
--- a/lib/heat
+++ b/lib/heat

@@ -110,6 +110,15 @@
     iniset $HEAT_CONF ec2authtoken auth_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v2.0
     iniset $HEAT_CONF ec2authtoken keystone_ec2_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v2.0/ec2tokens
 
+    # stack user domain
+    # Note we have to pass token/endpoint here because the current endpoint and
+    # version negotiation in OSC means just --os-identity-api-version=3 won't work
+    KS_ENDPOINT_V3="$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v3"
+    D_ID=$(openstack --os-token $OS_SERVICE_TOKEN --os-url=$KS_ENDPOINT_V3 \
+        --os-identity-api-version=3 domain show heat \
+        | grep ' id ' | get_field 2)
+    iniset $HEAT_CONF stack_user_domain ${D_ID}
+
     # paste_deploy
     [[ "$HEAT_STANDALONE" = "True" ]] && iniset $HEAT_CONF paste_deploy flavor standalone
 
@@ -196,6 +205,17 @@
     upload_image "http://localhost/$output.qcow2" $TOKEN
 }
 
+# create_heat_accounts() - Set up common required heat accounts
+# Note this is in addition to what is in files/keystone_data.sh
+function create_heat_accounts() {
+    # Note we have to pass token/endpoint here because the current endpoint and
+    # version negotiation in OSC means just --os-identity-api-version=3 won't work
+    KS_ENDPOINT_V3="$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v3"
+    openstack --os-token $OS_SERVICE_TOKEN --os-url=$KS_ENDPOINT_V3 \
+        --os-identity-api-version=3 domain create heat \
+        --description "Owns users and projects created by heat"
+}
+
 # Restore xtrace
 $XTRACE