Move cinder account creation out of keystone_data.sh
Supports the coming HA/proxy configuration for Cinder
Change-Id: If2e08e45430dce895ed6bb1070612517a38ca4bc
diff --git a/files/keystone_data.sh b/files/keystone_data.sh
index 17e8c59..71a8e5e 100755
--- a/files/keystone_data.sh
+++ b/files/keystone_data.sh
@@ -7,7 +7,6 @@
# service glance admin
# service quantum admin # if enabled
# service swift admin # if enabled
-# service cinder admin # if enabled
# service heat admin # if enabled
# service ceilometer admin # if enabled
# Tempest Only:
@@ -38,6 +37,7 @@
# Lookups
SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
+MEMBER_ROLE=$(keystone role-list | awk "/ Member / { print \$2 }")
# Roles
@@ -49,6 +49,7 @@
# role is also configurable in swift-proxy.conf
RESELLER_ROLE=$(get_id keystone role-create --name=ResellerAdmin)
+
# Services
# --------
@@ -243,25 +244,3 @@
--user_id $ALT_DEMO_USER \
--role_id $MEMBER_ROLE
fi
-
-if [[ "$ENABLED_SERVICES" =~ "c-api" ]]; then
- CINDER_USER=$(get_id keystone user-create --name=cinder \
- --pass="$SERVICE_PASSWORD" \
- --tenant_id $SERVICE_TENANT \
- --email=cinder@example.com)
- keystone user-role-add --tenant_id $SERVICE_TENANT \
- --user_id $CINDER_USER \
- --role_id $ADMIN_ROLE
- if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
- CINDER_SERVICE=$(get_id keystone service-create \
- --name=cinder \
- --type=volume \
- --description="Cinder Service")
- keystone endpoint-create \
- --region RegionOne \
- --service_id $CINDER_SERVICE \
- --publicurl "http://$SERVICE_HOST:8776/v1/\$(tenant_id)s" \
- --adminurl "http://$SERVICE_HOST:8776/v1/\$(tenant_id)s" \
- --internalurl "http://$SERVICE_HOST:8776/v1/\$(tenant_id)s"
- fi
-fi
diff --git a/lib/cinder b/lib/cinder
index 16cbaf3..17005af 100644
--- a/lib/cinder
+++ b/lib/cinder
@@ -31,9 +31,11 @@
CINDER_DIR=$DEST/cinder
CINDERCLIENT_DIR=$DEST/python-cinderclient
CINDER_STATE_PATH=${CINDER_STATE_PATH:=$DATA_DIR/cinder}
+CINDER_AUTH_CACHE_DIR=${CINDER_AUTH_CACHE_DIR:-/var/cache/cinder}
+
CINDER_CONF_DIR=/etc/cinder
CINDER_CONF=$CINDER_CONF_DIR/cinder.conf
-CINDER_AUTH_CACHE_DIR=${CINDER_AUTH_CACHE_DIR:-/var/cache/cinder}
+CINDER_API_PASTE_INI=$CINDER_CONF_DIR/api-paste.ini
# Support entry points installation of console scripts
if [[ -d $CINDER_DIR/bin ]]; then
@@ -97,7 +99,6 @@
sudo chown root:root $TEMPFILE
sudo mv $TEMPFILE /etc/sudoers.d/cinder-rootwrap
- CINDER_API_PASTE_INI=$CINDER_CONF_DIR/api-paste.ini
cp $CINDER_DIR/etc/cinder/api-paste.ini $CINDER_API_PASTE_INI
iniset $CINDER_API_PASTE_INI filter:authtoken auth_host $KEYSTONE_AUTH_HOST
iniset $CINDER_API_PASTE_INI filter:authtoken auth_port $KEYSTONE_AUTH_PORT
@@ -159,6 +160,46 @@
fi
}
+# create_cinder_accounts() - Set up common required cinder accounts
+
+# Tenant User Roles
+# ------------------------------------------------------------------
+# service cinder admin # if enabled
+
+# Migrated from keystone_data.sh
+create_cinder_accounts() {
+
+ SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
+ ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
+
+ # Cinder
+ if [[ "$ENABLED_SERVICES" =~ "c-api" ]]; then
+ CINDER_USER=$(keystone user-create \
+ --name=cinder \
+ --pass="$SERVICE_PASSWORD" \
+ --tenant_id $SERVICE_TENANT \
+ --email=cinder@example.com \
+ | grep " id " | get_field 2)
+ keystone user-role-add \
+ --tenant_id $SERVICE_TENANT \
+ --user_id $CINDER_USER \
+ --role_id $ADMIN_ROLE
+ if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
+ CINDER_SERVICE=$(keystone service-create \
+ --name=cinder \
+ --type=volume \
+ --description="Cinder Volume Service" \
+ | grep " id " | get_field 2)
+ keystone endpoint-create \
+ --region RegionOne \
+ --service_id $CINDER_SERVICE \
+ --publicurl "http://$SERVICE_HOST:8776/v1/\$(tenant_id)s" \
+ --adminurl "http://$SERVICE_HOST:8776/v1/\$(tenant_id)s" \
+ --internalurl "http://$SERVICE_HOST:8776/v1/\$(tenant_id)s"
+ fi
+ fi
+}
+
# init_cinder() - Initialize database and volume group
function init_cinder() {
# Force nova volumes off
diff --git a/stack.sh b/stack.sh
index f2fd68c..94403fc 100755
--- a/stack.sh
+++ b/stack.sh
@@ -956,6 +956,7 @@
export OS_SERVICE_ENDPOINT=$SERVICE_ENDPOINT
create_keystone_accounts
create_nova_accounts
+ create_cinder_accounts
# ``keystone_data.sh`` creates services, admin and demo users, and roles.
ADMIN_PASSWORD=$ADMIN_PASSWORD SERVICE_TENANT_NAME=$SERVICE_TENANT_NAME SERVICE_PASSWORD=$SERVICE_PASSWORD \