Gitiles
Code Review Sign In
spfactory.storpool.com / devstack / bc071bcef0bcb726e49f9ccaa2063f58b7eaf96d / . / lib / keystone
blob: 36a0e664fa7b0a9552d9c947e4304e4d43b9655f [file] [log] [blame]
Dean Troyerd81a0272012-08-31 18:04:55 -0500[diff] [blame]1# lib/keystone
2# Functions to control the configuration and operation of **Keystone**
3
4# Dependencies:
5# ``functions`` file
6# ``BASE_SQL_CONN``
7# ``SERVICE_HOST``
8# ``SERVICE_TOKEN``
9# ``S3_SERVICE_PORT`` (template backend only)
10
11
12# ``stack.sh`` calls the entry points in this order:
13#
14# install_keystone
15# configure_keystone
16# init_keystone
17# start_keystone
18# stop_keystone
19# cleanup_keystone
20
Dean Troyer7903b792012-09-13 17:16:12 -0500[diff] [blame]21# Save trace setting
22XTRACE=$(set +o | grep xtrace)
23set +o xtrace
Dean Troyerd81a0272012-08-31 18:04:55 -0500[diff] [blame]24
25
26# Defaults
27# --------
28
29# <define global variables here that belong to this project>
30
31# Set up default directories
32KEYSTONE_DIR=$DEST/keystone
33KEYSTONE_CONF_DIR=${KEYSTONE_CONF_DIR:-/etc/keystone}
34KEYSTONE_CONF=$KEYSTONE_CONF_DIR/keystone.conf
Dean Troyerbc071bc2012-10-01 14:06:44 -0500[diff] [blame^]35KEYSTONE_AUTH_CACHE_DIR=${KEYSTONE_AUTH_CACHE_DIR:-/var/cache/keystone}
Dean Troyerd81a0272012-08-31 18:04:55 -0500[diff] [blame]36
37KEYSTONECLIENT_DIR=$DEST/python-keystoneclient
38
Dean Troyerbc071bc2012-10-01 14:06:44 -0500[diff] [blame^]39# Select the backend for Keystone's service catalog
Dean Troyerb80379c2012-09-10 18:30:37 -0500[diff] [blame]40KEYSTONE_CATALOG_BACKEND=${KEYSTONE_CATALOG_BACKEND:-sql}
Dean Troyerd81a0272012-08-31 18:04:55 -0500[diff] [blame]41KEYSTONE_CATALOG=$KEYSTONE_CONF_DIR/default_catalog.templates
42
Dean Troyerbc071bc2012-10-01 14:06:44 -0500[diff] [blame^]43# Select Keystone's token format
44# Choose from 'UUID' and 'PKI'
45KEYSTONE_TOKEN_FORMAT=${KEYSTONE_TOKEN_FORMAT:-PKI}
46
Dean Troyerd81a0272012-08-31 18:04:55 -0500[diff] [blame]47# Set Keystone interface configuration
48KEYSTONE_API_PORT=${KEYSTONE_API_PORT:-5000}
49KEYSTONE_AUTH_HOST=${KEYSTONE_AUTH_HOST:-$SERVICE_HOST}
50KEYSTONE_AUTH_PORT=${KEYSTONE_AUTH_PORT:-35357}
51KEYSTONE_AUTH_PROTOCOL=${KEYSTONE_AUTH_PROTOCOL:-http}
52KEYSTONE_SERVICE_HOST=${KEYSTONE_SERVICE_HOST:-$SERVICE_HOST}
53KEYSTONE_SERVICE_PORT=${KEYSTONE_SERVICE_PORT:-5000}
54KEYSTONE_SERVICE_PROTOCOL=${KEYSTONE_SERVICE_PROTOCOL:-http}
55
56
57# Entry Points
58# ------------
59
60# cleanup_keystone() - Remove residual data files, anything left over from previous
61# runs that a clean run would need to clean up
62function cleanup_keystone() {
63 # kill instances (nova)
64 # delete image files (glance)
65 # This function intentionally left blank
66 :
67}
68
69# configure_keystoneclient() - Set config files, create data dirs, etc
70function configure_keystoneclient() {
71 setup_develop $KEYSTONECLIENT_DIR
72}
73
74# configure_keystone() - Set config files, create data dirs, etc
75function configure_keystone() {
76 setup_develop $KEYSTONE_DIR
77
78 if [[ ! -d $KEYSTONE_CONF_DIR ]]; then
79 sudo mkdir -p $KEYSTONE_CONF_DIR
80 sudo chown `whoami` $KEYSTONE_CONF_DIR
81 fi
82
83 if [[ "$KEYSTONE_CONF_DIR" != "$KEYSTONE_DIR/etc" ]]; then
84 cp -p $KEYSTONE_DIR/etc/keystone.conf.sample $KEYSTONE_CONF
85 cp -p $KEYSTONE_DIR/etc/policy.json $KEYSTONE_CONF_DIR
86 fi
87
88 # Rewrite stock ``keystone.conf``
89 iniset $KEYSTONE_CONF DEFAULT admin_token "$SERVICE_TOKEN"
Doug Hellmann4de55e92012-10-26 12:24:28 -0400[diff] [blame]90 iniset $KEYSTONE_CONF signing token_format "$KEYSTONE_TOKEN_FORMAT"
Dean Troyerd81a0272012-08-31 18:04:55 -0500[diff] [blame]91 iniset $KEYSTONE_CONF sql connection "$BASE_SQL_CONN/keystone?charset=utf8"
92 iniset $KEYSTONE_CONF ec2 driver "keystone.contrib.ec2.backends.sql.Ec2"
93 sed -e "
94 /^pipeline.*ec2_extension crud_/s|ec2_extension crud_extension|ec2_extension s3_extension crud_extension|;
95 " -i $KEYSTONE_CONF
96
97 # Append the S3 bits
98 iniset $KEYSTONE_CONF filter:s3_extension paste.filter_factory "keystone.contrib.s3:S3Extension.factory"
99
100 if [[ "$KEYSTONE_CATALOG_BACKEND" = "sql" ]]; then
101 # Configure ``keystone.conf`` to use sql
102 iniset $KEYSTONE_CONF catalog driver keystone.catalog.backends.sql.Catalog
103 inicomment $KEYSTONE_CONF catalog template_file
104 else
105 cp -p $FILES/default_catalog.templates $KEYSTONE_CATALOG
106
107 # Add swift endpoints to service catalog if swift is enabled
108 if is_service_enabled swift; then
109 echo "catalog.RegionOne.object_store.publicURL = http://%SERVICE_HOST%:8080/v1/AUTH_\$(tenant_id)s" >> $KEYSTONE_CATALOG
110 echo "catalog.RegionOne.object_store.adminURL = http://%SERVICE_HOST%:8080/" >> $KEYSTONE_CATALOG
111 echo "catalog.RegionOne.object_store.internalURL = http://%SERVICE_HOST%:8080/v1/AUTH_\$(tenant_id)s" >> $KEYSTONE_CATALOG
112 echo "catalog.RegionOne.object_store.name = Swift Service" >> $KEYSTONE_CATALOG
113 fi
114
115 # Add quantum endpoints to service catalog if quantum is enabled
116 if is_service_enabled quantum; then
117 echo "catalog.RegionOne.network.publicURL = http://%SERVICE_HOST%:$Q_PORT/" >> $KEYSTONE_CATALOG
118 echo "catalog.RegionOne.network.adminURL = http://%SERVICE_HOST%:$Q_PORT/" >> $KEYSTONE_CATALOG
119 echo "catalog.RegionOne.network.internalURL = http://%SERVICE_HOST%:$Q_PORT/" >> $KEYSTONE_CATALOG
120 echo "catalog.RegionOne.network.name = Quantum Service" >> $KEYSTONE_CATALOG
121 fi
122
123 sudo sed -e "
124 s,%SERVICE_HOST%,$SERVICE_HOST,g;
125 s,%S3_SERVICE_PORT%,$S3_SERVICE_PORT,g;
126 " -i $KEYSTONE_CATALOG
127
128 # Configure ``keystone.conf`` to use templates
129 iniset $KEYSTONE_CONF catalog driver "keystone.catalog.backends.templated.TemplatedCatalog"
130 iniset $KEYSTONE_CONF catalog template_file "$KEYSTONE_CATALOG"
131 fi
132
133 # Set up logging
134 LOGGING_ROOT="devel"
135 if [ "$SYSLOG" != "False" ]; then
136 LOGGING_ROOT="$LOGGING_ROOT,production"
137 fi
138 KEYSTONE_LOG_CONFIG="--log-config $KEYSTONE_CONF_DIR/logging.conf"
139 cp $KEYSTONE_DIR/etc/logging.conf.sample $KEYSTONE_CONF_DIR/logging.conf
140 iniset $KEYSTONE_CONF_DIR/logging.conf logger_root level "DEBUG"
141 iniset $KEYSTONE_CONF_DIR/logging.conf logger_root handlers "devel,production"
142
143}
144
145# init_keystone() - Initialize databases, etc.
146function init_keystone() {
147 # (Re)create keystone database
148 mysql -u$MYSQL_USER -p$MYSQL_PASSWORD -e 'DROP DATABASE IF EXISTS keystone;'
149 mysql -u$MYSQL_USER -p$MYSQL_PASSWORD -e 'CREATE DATABASE keystone CHARACTER SET utf8;'
150
151 # Initialize keystone database
152 $KEYSTONE_DIR/bin/keystone-manage db_sync
153
Dean Troyerbc071bc2012-10-01 14:06:44 -0500[diff] [blame^]154 if [[ "$KEYSTONE_TOKEN_FORMAT" == "PKI" ]]; then
155 # Set up certificates
156 $KEYSTONE_DIR/bin/keystone-manage pki_setup
157
158 # Create cache dir
159 sudo mkdir -p $KEYSTONE_AUTH_CACHE_DIR
160 sudo chown `whoami` $KEYSTONE_AUTH_CACHE_DIR
161 fi
Dean Troyerd81a0272012-08-31 18:04:55 -0500[diff] [blame]162}
163
164# install_keystoneclient() - Collect source and prepare
165function install_keystoneclient() {
166 git_clone $KEYSTONECLIENT_REPO $KEYSTONECLIENT_DIR $KEYSTONECLIENT_BRANCH
167}
168
169# install_keystone() - Collect source and prepare
170function install_keystone() {
171 git_clone $KEYSTONE_REPO $KEYSTONE_DIR $KEYSTONE_BRANCH
172}
173
174# start_keystone() - Start running processes, including screen
175function start_keystone() {
176 # Start Keystone in a screen window
177 screen_it key "cd $KEYSTONE_DIR && $KEYSTONE_DIR/bin/keystone-all --config-file $KEYSTONE_CONF $KEYSTONE_LOG_CONFIG -d --debug"
178}
179
180# stop_keystone() - Stop running processes
181function stop_keystone() {
182 # Kill the Keystone screen window
183 screen -S $SCREEN_NAME -p key -X kill
184}
Dean Troyer7903b792012-09-13 17:16:12 -0500[diff] [blame]185
186# Restore xtrace
187$XTRACE