| Anthony Young | 6ab10d4 | 2011-10-20 10:24:50 -0700 | [diff] [blame] | 1 | #!/usr/bin/env bash |
| Dean Troyer | 4807df8 | 2012-02-24 10:44:18 -0600 | [diff] [blame^] | 2 | # |
| 3 | # source openrc [username] [tenantname] |
| 4 | # |
| 5 | # Configure a set of credentials for $TENANT/$USERNAME: |
| 6 | # Set TENANT to override the default tenant 'demo' |
| 7 | # Set USERNAME to override the default user name 'demo' |
| 8 | # Set ADMIN_PASSWORD to set the password for 'admin' and 'demo' |
| 9 | |
| 10 | # NOTE: support for the old NOVA_* novaclient environment variables has |
| 11 | # been removed. |
| 12 | |
| 13 | if [[ -n "$1" ]]; then |
| 14 | USERNAME=$1 |
| 15 | fi |
| 16 | if [[ -n "$2" ]]; then |
| 17 | TENANT=$2 |
| 18 | fi |
| Anthony Young | 6ab10d4 | 2011-10-20 10:24:50 -0700 | [diff] [blame] | 19 | |
| 20 | # Load local configuration |
| 21 | source ./stackrc |
| 22 | |
| Dean Troyer | 4807df8 | 2012-02-24 10:44:18 -0600 | [diff] [blame^] | 23 | # The introduction of Keystone to the OpenStack ecosystem has standardized the |
| 24 | # term **tenant** as the entity that owns resources. In some places references |
| 25 | # still exist to the original Nova term **project** for this use. Also, |
| 26 | # **tenant_name** is prefered to **tenant_id**. |
| 27 | export OS_TENANT_NAME=${TENANT:-demo} |
| 28 | |
| 29 | # In addition to the owning entity (tenant), nova stores the entity performing |
| 30 | # the action as the **user**. |
| 31 | export OS_USERNAME=${USERNAME:-demo} |
| 32 | |
| 33 | # With Keystone you pass the keystone password instead of an api key. |
| 34 | # Recent versions of novaclient use OS_PASSWORD instead of NOVA_API_KEYs |
| 35 | # or NOVA_PASSWORD. |
| 36 | export OS_PASSWORD=${ADMIN_PASSWORD:-secrete} |
| 37 | |
| Anthony Young | 1097c7c | 2011-12-27 23:22:14 -0800 | [diff] [blame] | 38 | # Set api HOST_IP endpoint. SERVICE_HOST may also be used to specify the endpoint, |
| 39 | # which is convenient for some localrc configurations. |
| Jesse Andrews | f75d848 | 2011-10-24 13:38:52 -0700 | [diff] [blame] | 40 | HOST_IP=${HOST_IP:-127.0.0.1} |
| Anthony Young | 1097c7c | 2011-12-27 23:22:14 -0800 | [diff] [blame] | 41 | SERVICE_HOST=${SERVICE_HOST:-$HOST_IP} |
| Anthony Young | 6ab10d4 | 2011-10-20 10:24:50 -0700 | [diff] [blame] | 42 | |
| Adam Gandelman | ce05e03 | 2012-01-30 14:43:14 -0800 | [diff] [blame] | 43 | # Some exercises call glance directly. On a single-node installation, Glance |
| 44 | # should be listening on HOST_IP. If its running elsewhere, it can be set here |
| 45 | GLANCE_HOST=${GLANCE_HOST:-$HOST_IP} |
| 46 | |
| Dean Troyer | 4807df8 | 2012-02-24 10:44:18 -0600 | [diff] [blame^] | 47 | # Authenticating against an Openstack cloud using Keystone returns a **Token** |
| 48 | # and **Service Catalog**. The catalog contains the endpoints for all services |
| 49 | # the user/tenant has access to - including nova, glance, keystone, swift, ... |
| 50 | # We currently recommend using the 2.0 *identity api*. |
| Anthony Young | 6ab10d4 | 2011-10-20 10:24:50 -0700 | [diff] [blame] | 51 | # |
| Dean Troyer | 4807df8 | 2012-02-24 10:44:18 -0600 | [diff] [blame^] | 52 | # *NOTE*: Using the 2.0 *identity api* does not mean that compute api is 2.0. We |
| Jesse Andrews | 9c85373 | 2011-10-21 19:05:40 -0700 | [diff] [blame] | 53 | # will use the 1.1 *compute api* |
| Dean Troyer | 4807df8 | 2012-02-24 10:44:18 -0600 | [diff] [blame^] | 54 | export OS_AUTH_URL=http://$SERVICE_HOST:5000/v2.0 |
| Anthony Young | 6ab10d4 | 2011-10-20 10:24:50 -0700 | [diff] [blame] | 55 | |
| 56 | # Currently novaclient needs you to specify the *compute api* version. This |
| 57 | # needs to match the config of your catalog returned by Keystone. |
| Anthony Young | d81ed03 | 2011-10-20 13:09:39 -0700 | [diff] [blame] | 58 | export NOVA_VERSION=${NOVA_VERSION:-1.1} |
| Dean Troyer | 4807df8 | 2012-02-24 10:44:18 -0600 | [diff] [blame^] | 59 | # In the future this will change names: |
| 60 | export COMPUTE_API_VERSION=${COMPUTE_API_VERSION:-$NOVA_VERSION} |
| Anthony Young | 6ab10d4 | 2011-10-20 10:24:50 -0700 | [diff] [blame] | 61 | |
| Vishvananda Ishaya | f56e395 | 2011-10-24 16:05:57 -0700 | [diff] [blame] | 62 | # Set the ec2 url so euca2ools works |
| Anthony Young | 1097c7c | 2011-12-27 23:22:14 -0800 | [diff] [blame] | 63 | export EC2_URL=${EC2_URL:-http://$SERVICE_HOST:8773/services/Cloud} |
| Vishvananda Ishaya | f56e395 | 2011-10-24 16:05:57 -0700 | [diff] [blame] | 64 | |
| 65 | # Access key is set in the initial keystone data to be the same as username |
| Vishvananda Ishaya | 658ac7a | 2012-02-06 22:56:37 +0000 | [diff] [blame] | 66 | export EC2_ACCESS_KEY=${DEMO_ACCESS} |
| Vishvananda Ishaya | f56e395 | 2011-10-24 16:05:57 -0700 | [diff] [blame] | 67 | |
| 68 | # Secret key is set in the initial keystone data to the admin password |
| Vishvananda Ishaya | 658ac7a | 2012-02-06 22:56:37 +0000 | [diff] [blame] | 69 | export EC2_SECRET_KEY=${DEMO_SECRET} |
| Vishvananda Ishaya | f56e395 | 2011-10-24 16:05:57 -0700 | [diff] [blame] | 70 | |
| Vishvananda Ishaya | 75bbd75 | 2012-01-19 23:28:46 +0000 | [diff] [blame] | 71 | # Euca2ools Certificate stuff for uploading bundles |
| Vishvananda Ishaya | 112a360 | 2012-02-26 17:14:58 -0800 | [diff] [blame] | 72 | # See exercises/bundle.sh to see how to get certs using nova cli |
| Vishvananda Ishaya | 75bbd75 | 2012-01-19 23:28:46 +0000 | [diff] [blame] | 73 | NOVARC=$(readlink -f "${BASH_SOURCE:-${0}}" 2>/dev/null) || |
| 74 | NOVARC=$(python -c 'import os,sys; print os.path.abspath(os.path.realpath(sys.argv[1]))' "${BASH_SOURCE:-${0}}") |
| 75 | NOVA_KEY_DIR=${NOVARC%/*} |
| 76 | export S3_URL=http://$SERVICE_HOST:3333 |
| 77 | export EC2_USER_ID=42 # nova does not use user id, but bundling requires it |
| 78 | export EC2_PRIVATE_KEY=${NOVA_KEY_DIR}/pk.pem |
| 79 | export EC2_CERT=${NOVA_KEY_DIR}/cert.pem |
| 80 | export NOVA_CERT=${NOVA_KEY_DIR}/cacert.pem |
| 81 | export EUCALYPTUS_CERT=${NOVA_CERT} # euca-bundle-image seems to require this set |
| 82 | alias ec2-bundle-image="ec2-bundle-image --cert ${EC2_CERT} --privatekey ${EC2_PRIVATE_KEY} --user 42 --ec2cert ${NOVA_CERT}" |
| 83 | alias ec2-upload-bundle="ec2-upload-bundle -a ${EC2_ACCESS_KEY} -s ${EC2_SECRET_KEY} --url ${S3_URL} --ec2cert ${NOVA_CERT}" |
| 84 | |
| Anthony Young | 6ab10d4 | 2011-10-20 10:24:50 -0700 | [diff] [blame] | 85 | # set log level to DEBUG (helps debug issues) |
| Jesse Andrews | f1bfba2 | 2011-10-24 10:56:10 -0700 | [diff] [blame] | 86 | # export NOVACLIENT_DEBUG=1 |
| Vishvananda Ishaya | f56e395 | 2011-10-24 16:05:57 -0700 | [diff] [blame] | 87 | |
| Todd Willey | 2599b31 | 2011-11-04 10:31:37 -0400 | [diff] [blame] | 88 | # Max time till the vm is bootable |
| Dean Troyer | 751c152 | 2012-01-10 15:34:34 -0600 | [diff] [blame] | 89 | export BOOT_TIMEOUT=${BOOT_TIMEOUT:-30} |
| Todd Willey | 2599b31 | 2011-11-04 10:31:37 -0400 | [diff] [blame] | 90 | |
| 91 | # Max time to wait while vm goes from build to active state |
| Dean Troyer | 751c152 | 2012-01-10 15:34:34 -0600 | [diff] [blame] | 92 | export ACTIVE_TIMEOUT=${ACTIVE_TIMEOUT:-30} |
| Todd Willey | 2599b31 | 2011-11-04 10:31:37 -0400 | [diff] [blame] | 93 | |
| Todd Willey | 9a3066f | 2011-11-05 11:02:34 -0400 | [diff] [blame] | 94 | # Max time from run instance command until it is running |
| 95 | export RUNNING_TIMEOUT=${RUNNING_TIMEOUT:-$(($BOOT_TIMEOUT + $ACTIVE_TIMEOUT))} |
| 96 | |
| Todd Willey | 2599b31 | 2011-11-04 10:31:37 -0400 | [diff] [blame] | 97 | # Max time to wait for proper IP association and dis-association. |
| Dean Troyer | 751c152 | 2012-01-10 15:34:34 -0600 | [diff] [blame] | 98 | export ASSOCIATE_TIMEOUT=${ASSOCIATE_TIMEOUT:-15} |
| Russell Bryant | 243b26a | 2012-02-22 11:19:32 -0500 | [diff] [blame] | 99 | |
| 100 | # Max time to wait for a vm to terminate |
| 101 | export TERMINATE_TIMEOUT=${TERMINATE_TIMEOUT:-30} |