Merge "Add CINDER_SECURE_DELETE flag."
diff --git a/files/keystone_data.sh b/files/keystone_data.sh
index 9520b17..3da11bf 100755
--- a/files/keystone_data.sh
+++ b/files/keystone_data.sh
@@ -2,18 +2,19 @@
#
# Initial data for Keystone using python-keystoneclient
#
-# Tenant User Roles
+# Tenant User Roles
# ------------------------------------------------------------------
-# admin admin admin
-# service glance admin
-# service nova admin, [ResellerAdmin (swift only)]
-# service quantum admin # if enabled
-# service swift admin # if enabled
-# service cinder admin # if enabled
-# service heat admin # if enabled
-# demo admin admin
-# demo demo Member, anotherrole
-# invisible_to_admin demo Member
+# admin admin admin
+# service glance admin
+# service nova admin, [ResellerAdmin (swift only)]
+# service quantum admin # if enabled
+# service swift admin # if enabled
+# service cinder admin # if enabled
+# service heat admin # if enabled
+# service ceilometer admin # if enabled
+# demo admin admin
+# demo demo Member, anotherrole
+# invisible_to_admin demo Member
# Tempest Only:
# alt_demo alt_demo Member
#
@@ -262,7 +263,14 @@
fi
fi
-if [[ "$ENABLED_SERVICES" =~ "ceilometer-api" ]]; then
+if [[ "$ENABLED_SERVICES" =~ "ceilometer" ]]; then
+ CEILOMETER_USER=$(get_id keystone user-create --name=ceilometer \
+ --pass="$SERVICE_PASSWORD" \
+ --tenant_id $SERVICE_TENANT \
+ --email=ceilometer@example.com)
+ keystone user-role-add --tenant_id $SERVICE_TENANT \
+ --user_id $CEILOMETER_USER \
+ --role_id $ADMIN_ROLE
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
CEILOMETER_SERVICE=$(get_id keystone service-create \
--name=ceilometer \
@@ -345,4 +353,3 @@
--internalurl "http://$SERVICE_HOST:8776/v1/\$(tenant_id)s"
fi
fi
-
diff --git a/lib/ceilometer b/lib/ceilometer
index b0f0377..2b014b0 100644
--- a/lib/ceilometer
+++ b/lib/ceilometer
@@ -6,8 +6,9 @@
# Dependencies:
# - functions
-# - OS_USERNAME, OS_PASSWORD, OS_TENANT_NAME, OS_AUTH_URL set for admin credentials
+# - OS_AUTH_URL for auth in api
# - DEST set to the destination directory
+# - SERVICE_PASSWORD, SERVICE_TENANT_NAME for auth in api
# stack.sh
# ---------
@@ -61,7 +62,15 @@
iniset $CEILOMETER_CONF DEFAULT rabbit_password $RABBIT_PASSWORD
iniset $CEILOMETER_CONF DEFAULT sql_connection $BASE_SQL_CONN/nova?charset=utf8
+ # Install the policy file for the API server
+ cp $CEILOMETER_DIR/etc/ceilometer/policy.json $CEILOMETER_CONF_DIR
+ iniset $CEILOMETER_CONF DEFAULT policy_file $CEILOMETER_CONF_DIR/policy.json
+
iniset $CEILOMETER_CONF keystone_authtoken auth_protocol http
+ iniset $CEILOMETER_CONF keystone_authtoken admin_user ceilometer
+ iniset $CEILOMETER_CONF keystone_authtoken admin_password $SERVICE_PASSWORD
+ iniset $CEILOMETER_CONF keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME
+
cleanup_ceilometer
}
@@ -73,7 +82,7 @@
# start_ceilometer() - Start running processes, including screen
function start_ceilometer() {
screen_it ceilometer-acompute "cd $CEILOMETER_DIR && sg libvirtd \"$CEILOMETER_BIN_DIR/ceilometer-agent-compute --config-file $CEILOMETER_CONF\""
- screen_it ceilometer-acentral "export OS_USERNAME=$OS_USERNAME OS_PASSWORD=$OS_PASSWORD OS_TENANT_NAME=$OS_TENANT_NAME OS_AUTH_URL=$OS_AUTH_URL && cd $CEILOMETER_DIR && $CEILOMETER_BIN_DIR/ceilometer-agent-central --config-file $CEILOMETER_CONF"
+ screen_it ceilometer-acentral "export OS_USERNAME=ceilometer OS_PASSWORD=$SERVICE_PASSWORD OS_TENANT_NAME=$SERVICE_TENANT_NAME OS_AUTH_URL=$OS_AUTH_URL && cd $CEILOMETER_DIR && $CEILOMETER_BIN_DIR/ceilometer-agent-central --config-file $CEILOMETER_CONF"
screen_it ceilometer-collector "cd $CEILOMETER_DIR && $CEILOMETER_BIN_DIR/ceilometer-collector --config-file $CEILOMETER_CONF"
screen_it ceilometer-api "cd $CEILOMETER_DIR && $CEILOMETER_BIN_DIR/ceilometer-api -d -v --log-dir=$CEILOMETER_API_LOG_DIR --config-file $CEILOMETER_CONF"
}