Gitiles
Code Review Sign In
spfactory.storpool.com / devstack / 82aa41a2bd92d693309a325492df2e4ae3ef88a2 / . / files / keystone_data.sh
blob: edc89258372449cb63d3008eee45bb4285918d71 [file] [log] [blame]
Jesse Andrews73e27b82011-09-12 17:55:00 -0700[diff] [blame]1#!/bin/bash
2BIN_DIR=${BIN_DIR:-.}
3# Tenants
termiea96a4182012-01-09 22:13:29 -0800[diff] [blame]4ADMIN_TENANT=`$BIN_DIR/keystone-manage tenant --ks-id-only
5 create \
6 tenant_name=admin`
7DEMO_TENANT=`$BIN_DIR/keystone-manage tenant --ks-id-only create \
8 tenant_name=demo`
9INVIS_TENANT=`$BIN_DIR/keystone-manage tenant --ks-id-only create \
10 tenant_name=invisible_to_admin`
11
Jesse Andrews73e27b82011-09-12 17:55:00 -0700[diff] [blame]12
13# Users
termiea96a4182012-01-09 22:13:29 -0800[diff] [blame]14ADMIN_USER=`$BIN_DIR/keystone-manage user --ks-id-only create \
15 name=admin \
16 "password=%ADMIN_PASSWORD%" \
17 email=admin@example.com`
18DEMO_USER=`$BIN_DIR/keystone-manage user --ks-id-only create \
19 name=demo \
20 "password=%ADMIN_PASSWORD%" \
21 email=demo@example.com`
Jesse Andrews73e27b82011-09-12 17:55:00 -0700[diff] [blame]22
23# Roles
termiea96a4182012-01-09 22:13:29 -0800[diff] [blame]24ADMIN_ROLE=`$BIN_DIR/keystone-manage role --ks-id-only create \
25 name=Admin`
26MEMBER_ROLE=`$BIN_DIR/keystone-manage role --ks-id-only create \
27 name=Member`
28KEYSTONEADMIN_ROLE=`$BIN_DIR/keystone-manage role --ks-id-only create \
29 name=KeystoneAdmin`
30KEYSTONESERVICE_ROLE=`$BIN_DIR/keystone-manage role --ks-id-only create \
31 name=KeystoneServiceAdmin`
32SYSADMIN_ROLE=`$BIN_DIR/keystone-manage role --ks-id-only create \
33 name=sysadmin`
34NETADMIN_ROLE=`$BIN_DIR/keystone-manage role --ks-id-only create \
35 name=netadmin`
36
37
38# Add Roles to Users in Tenants
39
40$BIN_DIR/keystone-manage role add_user_to_tenant \
41 role_id=$ADMIN_ROLE \
42 user_id=$ADMIN_USER \
43 tenant_id=$ADMIN_TENANT
44$BIN_DIR/keystone-manage role add_user_to_tenant \
45 role_id=$MEMBER_ROLE \
46 user_id=$DEMO_USER \
47 tenant_id=$DEMO_TENANT
48$BIN_DIR/keystone-manage role add_user_to_tenant \
49 role_id=$SYSADMIN_ROLE \
50 user_id=$DEMO_USER \
51 tenant_id=$DEMO_TENANT
52$BIN_DIR/keystone-manage role add_user_to_tenant \
53 role_id=$NETADMIN_ROLE \
54 user_id=$DEMO_USER \
55 tenant_id=$DEMO_TENANT
56$BIN_DIR/keystone-manage role add_user_to_tenant \
57 role_id=$MEMBER_ROLE \
58 user_id=$DEMO_USER \
59 tenant_id=$INVIS_TENANT
60$BIN_DIR/keystone-manage role add_user_to_tenant \
61 role_id=$ADMIN_ROLE \
62 user_id=$ADMIN_USER \
63 tenant_id=$DEMO_TENANT
64
65# TODO(termie): these two might be dubious
66$BIN_DIR/keystone-manage role add_user_to_tenant \
67 role_id=$KEYSTONEADMIN_ROLE \
68 user_id=$ADMIN_USER \
69 tenant_id=$ADMIN_TENANT
70$BIN_DIR/keystone-manage role add_user_to_tenant \
71 role_id=$KEYSTONESERVICE_ROLE \
72 user_id=$ADMIN_USER \
73 tenant_id=$ADMIN_TENANT
Jesse Andrews73e27b82011-09-12 17:55:00 -0700[diff] [blame]74
Anthony Young8bdc2632011-09-22 08:00:44 +0000[diff] [blame]75# Services
termiea96a4182012-01-09 22:13:29 -0800[diff] [blame]76$BIN_DIR/keystone-manage service create \
77 name=nova \
78 service_type=compute \
79 "description=Nova Compute Service"
80
81$BIN_DIR/keystone-manage service create \
82 name=ec2 \
83 service_type=ec2 \
84 "description=EC2 Compatibility Layer"
85
86$BIN_DIR/keystone-manage service create \
87 name=glance \
88 service_type=image \
89 "description=Glance Image Service"
90
91$BIN_DIR/keystone-manage service create \
92 name=keystone \
93 service_type=identity \
94 "description=Keystone Identity Service"
Jesse Andrews9c7c9082011-11-23 10:10:53 -0800[diff] [blame]95if [[ "$ENABLED_SERVICES" =~ "swift" ]]; then
termiea96a4182012-01-09 22:13:29 -0800[diff] [blame]96 $BIN_DIR/keystone-manage service create \
97 name=swift \
98 service_type=object-store \
99 "description=Swift Service"
Jesse Andrews9c7c9082011-11-23 10:10:53 -0800[diff] [blame]100fi
Anthony Young8bdc2632011-09-22 08:00:44 +0000[diff] [blame]101
Jesse Andrews73e27b82011-09-12 17:55:00 -0700[diff] [blame]102#endpointTemplates
termie82aa41a2012-01-09 22:15:40 -0800[diff] [blame^]103#$BIN_DIR/keystone-manage $* endpointTemplates add \
104# RegionOne nova
105# http://%SERVICE_HOST%:8774/v1.1/%tenant_id%
106# http://%SERVICE_HOST%:8774/v1.1/%tenant_id%
107# http://%SERVICE_HOST%:8774/v1.1/%tenant_id% 1 1
108#$BIN_DIR/keystone-manage $* endpointTemplates add
109# RegionOne ec2
110# http://%SERVICE_HOST%:8773/services/Cloud
111# http://%SERVICE_HOST%:8773/services/Admin
112# http://%SERVICE_HOST%:8773/services/Cloud 1 1
113#$BIN_DIR/keystone-manage $* endpointTemplates add
114# RegionOne glance
115# http://%SERVICE_HOST%:9292/v1
116# http://%SERVICE_HOST%:9292/v1
117# http://%SERVICE_HOST%:9292/v1 1 1
118#$BIN_DIR/keystone-manage $* endpointTemplates add
119# RegionOne keystone
120# http://%SERVICE_HOST%:5000/v2.0
121# http://%SERVICE_HOST%:35357/v2.0
122# http://%SERVICE_HOST%:5000/v2.0 1 1
123#if [[ "$ENABLED_SERVICES" =~ "swift" ]]; then
124# $BIN_DIR/keystone-manage $* endpointTemplates add
125# RegionOne swift
126# http://%SERVICE_HOST%:8080/v1/AUTH_%tenant_id%
127# http://%SERVICE_HOST%:8080/
128# http://%SERVICE_HOST%:8080/v1/AUTH_%tenant_id% 1 1
129#fi
Anthony Young8bdc2632011-09-22 08:00:44 +0000[diff] [blame]130
Jesse Andrews73e27b82011-09-12 17:55:00 -0700[diff] [blame]131# Tokens
termiea96a4182012-01-09 22:13:29 -0800[diff] [blame]132#$BIN_DIR/keystone-manage token add %SERVICE_TOKEN% admin admin 2015-02-05T00:00
Jesse Andrews73e27b82011-09-12 17:55:00 -0700[diff] [blame]133
Vishvananda Ishayaf56e3952011-10-24 16:05:57 -0700[diff] [blame]134# EC2 related creds - note we are setting the secret key to ADMIN_PASSWORD
Vishvananda Ishaya9b353672011-10-20 10:07:10 -0700[diff] [blame]135# but keystone doesn't parse them - it is just a blob from keystone's
Jesse Andrews89358af2011-10-02 14:11:17 -0400[diff] [blame]136# point of view
termiea96a4182012-01-09 22:13:29 -0800[diff] [blame]137#$BIN_DIR/keystone-manage credentials add admin EC2 'admin' '%ADMIN_PASSWORD%' admin || echo "no support for adding credentials"
138#$BIN_DIR/keystone-manage credentials add demo EC2 'demo' '%ADMIN_PASSWORD%' demo || echo "no support for adding credentials"