Merge "Remove deprecated Keystone middleware: RAX-KSKEY"
diff --git a/files/keystone_data.sh b/files/keystone_data.sh
index 6d298d2..e7e67da 100755
--- a/files/keystone_data.sh
+++ b/files/keystone_data.sh
@@ -36,12 +36,12 @@
fi
#endpointTemplates
-$BIN_DIR/keystone-manage endpointTemplates add RegionOne nova http://%HOST_IP%:8774/v1.1/%tenant_id% http://%HOST_IP%:8774/v1.1/%tenant_id% http://%HOST_IP%:8774/v1.1/%tenant_id% 1 1
-$BIN_DIR/keystone-manage endpointTemplates add RegionOne ec2 http://%HOST_IP%:8773/services/Cloud http://%HOST_IP%:8773/services/Admin http://%HOST_IP%:8773/services/Cloud 1 1
-$BIN_DIR/keystone-manage endpointTemplates add RegionOne glance http://%HOST_IP%:9292/v1.1/%tenant_id% http://%HOST_IP%:9292/v1.1/%tenant_id% http://%HOST_IP%:9292/v1.1/%tenant_id% 1 1
-$BIN_DIR/keystone-manage endpointTemplates add RegionOne keystone http://%HOST_IP%:5000/v2.0 http://%HOST_IP%:35357/v2.0 http://%HOST_IP%:5000/v2.0 1 1
+$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne nova http://%SERVICE_HOST%:8774/v1.1/%tenant_id% http://%SERVICE_HOST%:8774/v1.1/%tenant_id% http://%SERVICE_HOST%:8774/v1.1/%tenant_id% 1 1
+$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne ec2 http://%SERVICE_HOST%:8773/services/Cloud http://%SERVICE_HOST%:8773/services/Admin http://%SERVICE_HOST%:8773/services/Cloud 1 1
+$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne glance http://%SERVICE_HOST%:9292/v1.1/%tenant_id% http://%SERVICE_HOST%:9292/v1.1/%tenant_id% http://%SERVICE_HOST%:9292/v1.1/%tenant_id% 1 1
+$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne keystone http://%SERVICE_HOST%:5000/v2.0 http://%SERVICE_HOST%:35357/v2.0 http://%SERVICE_HOST%:5000/v2.0 1 1
if [[ "$ENABLED_SERVICES" =~ "swift" ]]; then
- $BIN_DIR/keystone-manage endpointTemplates add RegionOne swift http://%HOST_IP%:8080/v1/AUTH_%tenant_id% http://%HOST_IP%:8080/ http://%HOST_IP%:8080/v1/AUTH_%tenant_id% 1 1
+ $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne swift http://%SERVICE_HOST%:8080/v1/AUTH_%tenant_id% http://%SERVICE_HOST%:8080/ http://%SERVICE_HOST%:8080/v1/AUTH_%tenant_id% 1 1
fi
# Tokens
diff --git a/files/pips/horizon b/files/pips/horizon
index 62575b8..893efb7 100644
--- a/files/pips/horizon
+++ b/files/pips/horizon
@@ -1,6 +1,4 @@
django-nose-selenium
pycrypto==2.3
--e git+https://github.com/cloudbuilders/openstackx.git#egg=openstackx
-e git+https://github.com/jacobian/openstack.compute.git#egg=openstack
--e git+https://review.openstack.org/p/openstack/python-keystoneclient#egg=python-keystoneclient
diff --git a/files/swift/proxy-server.conf b/files/swift/proxy-server.conf
index d7ed485..5752d74 100644
--- a/files/swift/proxy-server.conf
+++ b/files/swift/proxy-server.conf
@@ -16,7 +16,7 @@
use = egg:swiftkeystone2#keystone2
keystone_admin_token = %SERVICE_TOKEN%
keystone_url = http://localhost:35357/v2.0
-keystone_swift_operator_roles = Member
+keystone_swift_operator_roles = Member,Admin
[filter:tempauth]
use = egg:swift#tempauth
diff --git a/openrc b/openrc
index 7c1e129..4395975 100644
--- a/openrc
+++ b/openrc
@@ -3,8 +3,10 @@
# Load local configuration
source ./stackrc
-# Set api host endpoint
+# Set api HOST_IP endpoint. SERVICE_HOST may also be used to specify the endpoint,
+# which is convenient for some localrc configurations.
HOST_IP=${HOST_IP:-127.0.0.1}
+SERVICE_HOST=${SERVICE_HOST:-$HOST_IP}
# Nova original used project_id as the *account* that owned resources (servers,
# ip address, ...) With the addition of Keystone we have standardized on the
@@ -29,7 +31,7 @@
#
# *NOTE*: Using the 2.0 *auth api* does not mean that compute api is 2.0. We
# will use the 1.1 *compute api*
-export NOVA_URL=${NOVA_URL:-http://$HOST_IP:5000/v2.0/}
+export NOVA_URL=${NOVA_URL:-http://$SERVICE_HOST:5000/v2.0/}
# Currently novaclient needs you to specify the *compute api* version. This
# needs to match the config of your catalog returned by Keystone.
@@ -39,7 +41,7 @@
export NOVA_REGION_NAME=${NOVA_REGION_NAME:-RegionOne}
# Set the ec2 url so euca2ools works
-export EC2_URL=${EC2_URL:-http://$HOST_IP:8773/services/Cloud}
+export EC2_URL=${EC2_URL:-http://$SERVICE_HOST:8773/services/Cloud}
# Access key is set in the initial keystone data to be the same as username
export EC2_ACCESS_KEY=${USERNAME:-demo}
diff --git a/stack.sh b/stack.sh
index 5c97814..9f9bed9 100755
--- a/stack.sh
+++ b/stack.sh
@@ -171,6 +171,7 @@
GLANCE_DIR=$DEST/glance
KEYSTONE_DIR=$DEST/keystone
NOVACLIENT_DIR=$DEST/python-novaclient
+KEYSTONECLIENT_DIR=$DEST/python-keystoneclient
OPENSTACKX_DIR=$DEST/openstackx
NOVNC_DIR=$DEST/noVNC
SWIFT_DIR=$DEST/swift
@@ -214,6 +215,9 @@
fi
fi
+# Allow the use of an alternate hostname (such as localhost/127.0.0.1) for service endpoints.
+SERVICE_HOST=${SERVICE_HOST:-$HOST_IP}
+
# Configure services to syslog instead of writing to individual log files
SYSLOG=`trueorfalse False $SYSLOG`
SYSLOG_HOST=${SYSLOG_HOST:-$HOST_IP}
@@ -243,12 +247,17 @@
echo '################################################################################'
echo $msg
echo '################################################################################'
- echo "This value will be written to your localrc file so you don't have to enter it again."
- echo "It is probably best to avoid spaces and weird characters."
+ echo "This value will be written to your localrc file so you don't have to enter it "
+ echo "again. Use only alphanumeric characters."
echo "If you leave this blank, a random default value will be used."
- echo "Enter a password now:"
- read -e $var
- pw=${!var}
+ pw=" "
+ while true; do
+ echo "Enter a password now:"
+ read -e $var
+ pw=${!var}
+ [[ "$pw" = "`echo $pw | tr -cd [:alnum:]`" ]] && break
+ echo "Invalid chars in password. Try again:"
+ done
if [ ! $pw ]; then
pw=`openssl rand -hex 10`
fi
@@ -270,7 +279,7 @@
FIXED_NETWORK_SIZE=${FIXED_NETWORK_SIZE:-256}
FLOATING_RANGE=${FLOATING_RANGE:-172.24.4.224/28}
NET_MAN=${NET_MAN:-FlatDHCPManager}
-EC2_DMZ_HOST=${EC2_DMZ_HOST:-$HOST_IP}
+EC2_DMZ_HOST=${EC2_DMZ_HOST:-$SERVICE_HOST}
FLAT_NETWORK_BRIDGE=${FLAT_NETWORK_BRIDGE:-br100}
VLAN_INTERFACE=${VLAN_INTERFACE:-$PUBLIC_INTERFACE}
@@ -333,7 +342,7 @@
read_password RABBIT_PASSWORD "ENTER A PASSWORD TO USE FOR RABBIT."
# Glance connection info. Note the port must be specified.
-GLANCE_HOSTPORT=${GLANCE_HOSTPORT:-$HOST_IP:9292}
+GLANCE_HOSTPORT=${GLANCE_HOSTPORT:-$SERVICE_HOST:9292}
# SWIFT
# -----
@@ -551,6 +560,7 @@
if [[ "$ENABLED_SERVICES" =~ "horizon" ]]; then
# django powered web control panel for openstack
git_clone $HORIZON_REPO $HORIZON_DIR $HORIZON_BRANCH $HORIZON_TAG
+ git_clone $KEYSTONECLIENT_REPO $KEYSTONECLIENT_DIR $KEYSTONECLIENT_BRANCH
fi
if [[ "$ENABLED_SERVICES" =~ "openstackx" ]]; then
# openstackx is a collection of extensions to openstack.compute & nova
@@ -588,6 +598,7 @@
cd $OPENSTACKX_DIR; sudo python setup.py develop
fi
if [[ "$ENABLED_SERVICES" =~ "horizon" ]]; then
+ cd $KEYSTONECLIENT_DIR; sudo python setup.py develop
cd $HORIZON_DIR/horizon; sudo python setup.py develop
cd $HORIZON_DIR/openstack-dashboard; sudo python setup.py develop
fi
@@ -1061,7 +1072,7 @@
add_nova_flag "--osapi_extension=extensions.admin.Admin"
fi
if [[ "$ENABLED_SERVICES" =~ "n-vnc" ]]; then
- VNCPROXY_URL=${VNCPROXY_URL:-"http://$HOST_IP:6080"}
+ VNCPROXY_URL=${VNCPROXY_URL:-"http://$SERVICE_HOST:6080"}
add_nova_flag "--vncproxy_url=$VNCPROXY_URL"
add_nova_flag "--vncproxy_wwwroot=$NOVNC_DIR/"
fi
@@ -1142,7 +1153,7 @@
# keystone_data.sh creates our admin user and our ``SERVICE_TOKEN``.
KEYSTONE_DATA=$KEYSTONE_DIR/bin/keystone_data.sh
cp $FILES/keystone_data.sh $KEYSTONE_DATA
- sudo sed -e "s,%HOST_IP%,$HOST_IP,g" -i $KEYSTONE_DATA
+ sudo sed -e "s,%SERVICE_HOST%,$SERVICE_HOST,g" -i $KEYSTONE_DATA
sudo sed -e "s,%SERVICE_TOKEN%,$SERVICE_TOKEN,g" -i $KEYSTONE_DATA
sudo sed -e "s,%ADMIN_PASSWORD%,$ADMIN_PASSWORD,g" -i $KEYSTONE_DATA
# initialize keystone with default users/endpoints
@@ -1399,18 +1410,21 @@
# If you installed the horizon on this server, then you should be able
# to access the site using your browser.
if [[ "$ENABLED_SERVICES" =~ "horizon" ]]; then
- echo "horizon is now available at http://$HOST_IP/"
+ echo "horizon is now available at http://$SERVICE_HOST/"
fi
# If keystone is present, you can point nova cli to this server
if [[ "$ENABLED_SERVICES" =~ "key" ]]; then
- echo "keystone is serving at http://$HOST_IP:5000/v2.0/"
+ echo "keystone is serving at http://$SERVICE_HOST:5000/v2.0/"
echo "examples on using novaclient command line is in exercise.sh"
echo "the default users are: admin and demo"
echo "the password: $ADMIN_PASSWORD"
fi
-# indicate how long this took to run (bash maintained variable 'SECONDS')
+# Echo HOST_IP - useful for build_uec.sh, which uses dhcp to give the instance an address
+echo "This is your host ip: $HOST_IP"
+
+# Indicate how long this took to run (bash maintained variable 'SECONDS')
echo "stack.sh completed in $SECONDS seconds."
) | tee -a "$LOGFILE"
diff --git a/stackrc b/stackrc
index 0e700d5..9bc3be6 100644
--- a/stackrc
+++ b/stackrc
@@ -30,6 +30,10 @@
NOVACLIENT_REPO=https://github.com/openstack/python-novaclient.git
NOVACLIENT_BRANCH=master
+# python keystone client library to nova that horizon uses
+KEYSTONECLIENT_REPO=https://github.com/openstack/python-keystoneclient
+KEYSTONECLIENT_BRANCH=master
+
# openstackx is a collection of extensions to openstack.compute & nova
# that is *deprecated*. The code is being moved into python-novaclient & nova.
OPENSTACKX_REPO=https://github.com/cloudbuilders/openstackx.git
@@ -58,7 +62,12 @@
# http://launchpad.net/cirros/trunk/0.3.0/+download/cirros-0.3.0-x86_64-rootfs.img.gz
#IMAGE_URLS="http://smoser.brickies.net/ubuntu/ttylinux-uec/ttylinux-uec-amd64-11.2_2.6.35-15_1.tar.gz" # old ttylinux-uec image
#IMAGE_URLS="http://launchpad.net/cirros/trunk/0.3.0/+download/cirros-0.3.0-x86_64-disk.img" # cirros full disk image
-IMAGE_URLS="http://launchpad.net/cirros/trunk/0.3.0/+download/cirros-0.3.0-x86_64-uec.tar.gz" # uec style cirros image
+case "$LIBVIRT_TYPE" in
+ lxc) # the cirros root disk in the uec tarball is empty, so it will not work for lxc
+ IMAGE_URLS="http://launchpad.net/cirros/trunk/0.3.0/+download/cirros-0.3.0-x86_64-rootfs.img.gz";;
+ *) # otherwise, use the uec style image (with kernel, ramdisk, disk)
+ IMAGE_URLS="http://launchpad.net/cirros/trunk/0.3.0/+download/cirros-0.3.0-x86_64-uec.tar.gz";;
+esac
# allow local overrides of env variables
if [ -f ./localrc ]; then
diff --git a/tools/build_uec.sh b/tools/build_uec.sh
index 8167105..04e1a45 100755
--- a/tools/build_uec.sh
+++ b/tools/build_uec.sh
@@ -185,17 +185,6 @@
sed -i "s/127.0.0.1/127.0.0.1 \`hostname\`/" /etc/hosts
apt-get update
apt-get install git sudo -y
-if [ ! -d devstack ]; then
- git clone https://github.com/cloudbuilders/devstack.git
- cd devstack
- git remote set-url origin `cd $TOP_DIR; git remote show origin | grep Fetch | awk '{print $3}'`
- git fetch
- git checkout `git rev-parse HEAD`
- cat > localrc <<LOCAL_EOF
-ROOTSLEEP=0
-`cat $TOP_DIR/localrc`
-LOCAL_EOF
-fi
# Disable byobu
sudo apt-get remove -y byobu
EOF
@@ -205,6 +194,14 @@
PUB_KEY=`cat ~/.ssh/id_rsa.pub`
cat >> $vm_dir/uec/user-data<<EOF
mkdir -p /opt/stack
+if [ ! -d /opt/stack/devstack ]; then
+ git clone https://github.com/cloudbuilders/devstack.git /opt/stack/devstack
+ cd /opt/stack/devstack
+ cat > localrc <<LOCAL_EOF
+ROOTSLEEP=0
+`cat $TOP_DIR/localrc`
+LOCAL_EOF
+fi
useradd -U -G sudo -s /bin/bash -d /opt/stack -m stack
echo stack:pass | chpasswd
mkdir -p /opt/stack/.ssh
@@ -222,7 +219,7 @@
# Run stack.sh
cat >> $vm_dir/uec/user-data<<EOF
-./stack.sh
+su -c "cd /opt/stack/devstack && ./stack.sh" stack
EOF
# (re)start a metadata service