Gitiles
Code Review Sign In
spfactory.storpool.com / devstack / 84c0599a3a4b5de4f3b23b894e44a65db7d81cd1 / . / files / keystone_data.sh
blob: 39952b16c617e931398fba6f823c5239c5701d24 [file] [log] [blame]
Jesse Andrews73e27b82011-09-12 17:55:00 -0700[diff] [blame]1#!/bin/bash
2BIN_DIR=${BIN_DIR:-.}
3# Tenants
Joe Heck950bb452012-01-29 12:54:57 -0800[diff] [blame]4ADMIN_TENANT=`$BIN_DIR/keystone-manage tenant --id-only create \
termiea96a4182012-01-09 22:13:29 -0800[diff] [blame]5 tenant_name=admin`
Joe Heck950bb452012-01-29 12:54:57 -0800[diff] [blame]6DEMO_TENANT=`$BIN_DIR/keystone-manage tenant --id-only create \
termiea96a4182012-01-09 22:13:29 -0800[diff] [blame]7 tenant_name=demo`
Joe Heck950bb452012-01-29 12:54:57 -0800[diff] [blame]8INVIS_TENANT=`$BIN_DIR/keystone-manage tenant --id-only create \
termiea96a4182012-01-09 22:13:29 -0800[diff] [blame]9 tenant_name=invisible_to_admin`
10
Jesse Andrews73e27b82011-09-12 17:55:00 -0700[diff] [blame]11
12# Users
Joe Heck950bb452012-01-29 12:54:57 -0800[diff] [blame]13ADMIN_USER=`$BIN_DIR/keystone-manage user --id-only create \
termiea96a4182012-01-09 22:13:29 -0800[diff] [blame]14 name=admin \
15 "password=%ADMIN_PASSWORD%" \
16 email=admin@example.com`
Joe Heck950bb452012-01-29 12:54:57 -0800[diff] [blame]17DEMO_USER=`$BIN_DIR/keystone-manage user --id-only create \
termiea96a4182012-01-09 22:13:29 -0800[diff] [blame]18 name=demo \
19 "password=%ADMIN_PASSWORD%" \
20 email=demo@example.com`
Jesse Andrews73e27b82011-09-12 17:55:00 -0700[diff] [blame]21
22# Roles
Joe Heck950bb452012-01-29 12:54:57 -0800[diff] [blame]23ADMIN_ROLE=`$BIN_DIR/keystone-manage role --id-only create \
Anthony Youngb0b6d312012-02-03 21:40:32 -0800[diff] [blame]24 name=admin`
Joe Heck950bb452012-01-29 12:54:57 -0800[diff] [blame]25MEMBER_ROLE=`$BIN_DIR/keystone-manage role --id-only create \
termiea96a4182012-01-09 22:13:29 -0800[diff] [blame]26 name=Member`
Joe Heck950bb452012-01-29 12:54:57 -0800[diff] [blame]27KEYSTONEADMIN_ROLE=`$BIN_DIR/keystone-manage role --id-only create \
termiea96a4182012-01-09 22:13:29 -0800[diff] [blame]28 name=KeystoneAdmin`
Joe Heck950bb452012-01-29 12:54:57 -0800[diff] [blame]29KEYSTONESERVICE_ROLE=`$BIN_DIR/keystone-manage role --id-only create \
termiea96a4182012-01-09 22:13:29 -0800[diff] [blame]30 name=KeystoneServiceAdmin`
Joe Heck950bb452012-01-29 12:54:57 -0800[diff] [blame]31SYSADMIN_ROLE=`$BIN_DIR/keystone-manage role --id-only create \
termiea96a4182012-01-09 22:13:29 -0800[diff] [blame]32 name=sysadmin`
Joe Heck950bb452012-01-29 12:54:57 -0800[diff] [blame]33NETADMIN_ROLE=`$BIN_DIR/keystone-manage role --id-only create \
termiea96a4182012-01-09 22:13:29 -0800[diff] [blame]34 name=netadmin`
35
36
37# Add Roles to Users in Tenants
38
termie8a41c9d2012-02-02 17:31:19 -0800[diff] [blame]39$BIN_DIR/keystone-manage role add_user_role \
40 role=$ADMIN_ROLE \
41 user=$ADMIN_USER \
42 tenant=$ADMIN_TENANT
43$BIN_DIR/keystone-manage role add_user_role \
44 role=$MEMBER_ROLE \
45 user=$DEMO_USER \
46 tenant=$DEMO_TENANT
47$BIN_DIR/keystone-manage role add_user_role \
48 role=$SYSADMIN_ROLE \
49 user=$DEMO_USER \
50 tenant=$DEMO_TENANT
51$BIN_DIR/keystone-manage role add_user_role \
52 role=$NETADMIN_ROLE \
53 user=$DEMO_USER \
54 tenant=$DEMO_TENANT
55$BIN_DIR/keystone-manage role add_user_role \
56 role=$MEMBER_ROLE \
57 user=$DEMO_USER \
58 tenant=$INVIS_TENANT
59$BIN_DIR/keystone-manage role add_user_role \
60 role=$ADMIN_ROLE \
61 user=$ADMIN_USER \
62 tenant=$DEMO_TENANT
termiea96a4182012-01-09 22:13:29 -0800[diff] [blame]63
64# TODO(termie): these two might be dubious
termie8a41c9d2012-02-02 17:31:19 -0800[diff] [blame]65$BIN_DIR/keystone-manage role add_user_role \
66 role=$KEYSTONEADMIN_ROLE \
67 user=$ADMIN_USER \
68 tenant=$ADMIN_TENANT
69$BIN_DIR/keystone-manage role add_user_role \
70 role=$KEYSTONESERVICE_ROLE \
71 user=$ADMIN_USER \
72 tenant=$ADMIN_TENANT
Jesse Andrews73e27b82011-09-12 17:55:00 -0700[diff] [blame]73
Anthony Young8bdc2632011-09-22 08:00:44 +0000[diff] [blame]74# Services
termiea96a4182012-01-09 22:13:29 -0800[diff] [blame]75$BIN_DIR/keystone-manage service create \
76 name=nova \
77 service_type=compute \
78 "description=Nova Compute Service"
79
80$BIN_DIR/keystone-manage service create \
81 name=ec2 \
82 service_type=ec2 \
83 "description=EC2 Compatibility Layer"
84
85$BIN_DIR/keystone-manage service create \
86 name=glance \
87 service_type=image \
88 "description=Glance Image Service"
89
90$BIN_DIR/keystone-manage service create \
91 name=keystone \
92 service_type=identity \
93 "description=Keystone Identity Service"
Jesse Andrews9c7c9082011-11-23 10:10:53 -0800[diff] [blame]94if [[ "$ENABLED_SERVICES" =~ "swift" ]]; then
termiea96a4182012-01-09 22:13:29 -0800[diff] [blame]95 $BIN_DIR/keystone-manage service create \
96 name=swift \
97 service_type=object-store \
98 "description=Swift Service"
Jesse Andrews9c7c9082011-11-23 10:10:53 -0800[diff] [blame]99fi
Anthony Young8bdc2632011-09-22 08:00:44 +0000[diff] [blame]100
Vishvananda Ishaya658ac7a2012-02-06 22:56:37 +0000[diff] [blame]101# create ec2 creds and parse the secret and access key returned
102RESULT=`$BIN_DIR/keystone-manage ec2 create user_id=$ADMIN_USER tenant_id=$ADMIN_TENANT`
103ADMIN_ACCESS=`echo $RESULT | python -c "import sys; import json; result = json.loads(sys.stdin.read()); print result['access'];"`
104ADMIN_SECRET=`echo $RESULT | python -c "import sys; import json; result = json.loads(sys.stdin.read()); print result['secret'];"`
105
106
107RESULT=`$BIN_DIR/keystone-manage ec2 create user_id=$DEMO_USER tenant_id=$DEMO_TENANT`
108DEMO_ACCESS=`echo $RESULT | python -c "import sys; import json; result = json.loads(sys.stdin.read()); print result['access'];"`
109DEMO_SECRET=`echo $RESULT | python -c "import sys; import json; result = json.loads(sys.stdin.read()); print result['secret'];"`
110
111# write the secret and access to ec2rc
112cat > $DEVSTACK_DIR/ec2rc <<EOF
113ADMIN_ACCESS=$ADMIN_ACCESS
114ADMIN_SECRET=$ADMIN_SECRET
115DEMO_ACCESS=$DEMO_ACCESS
116DEMO_SECRET=$DEMO_SECRET
117EOF
118
119
Jesse Andrews73e27b82011-09-12 17:55:00 -0700[diff] [blame]120#endpointTemplates
termie82aa41a2012-01-09 22:15:40 -0800[diff] [blame]121#$BIN_DIR/keystone-manage $* endpointTemplates add \
122# RegionOne nova
123# http://%SERVICE_HOST%:8774/v1.1/%tenant_id%
124# http://%SERVICE_HOST%:8774/v1.1/%tenant_id%
125# http://%SERVICE_HOST%:8774/v1.1/%tenant_id% 1 1
126#$BIN_DIR/keystone-manage $* endpointTemplates add
127# RegionOne ec2
128# http://%SERVICE_HOST%:8773/services/Cloud
129# http://%SERVICE_HOST%:8773/services/Admin
130# http://%SERVICE_HOST%:8773/services/Cloud 1 1
131#$BIN_DIR/keystone-manage $* endpointTemplates add
132# RegionOne glance
133# http://%SERVICE_HOST%:9292/v1
134# http://%SERVICE_HOST%:9292/v1
135# http://%SERVICE_HOST%:9292/v1 1 1
136#$BIN_DIR/keystone-manage $* endpointTemplates add
137# RegionOne keystone
138# http://%SERVICE_HOST%:5000/v2.0
139# http://%SERVICE_HOST%:35357/v2.0
140# http://%SERVICE_HOST%:5000/v2.0 1 1
141#if [[ "$ENABLED_SERVICES" =~ "swift" ]]; then
142# $BIN_DIR/keystone-manage $* endpointTemplates add
143# RegionOne swift
144# http://%SERVICE_HOST%:8080/v1/AUTH_%tenant_id%
145# http://%SERVICE_HOST%:8080/
146# http://%SERVICE_HOST%:8080/v1/AUTH_%tenant_id% 1 1
147#fi
Anthony Young8bdc2632011-09-22 08:00:44 +0000[diff] [blame]148
Jesse Andrews73e27b82011-09-12 17:55:00 -0700[diff] [blame]149# Tokens
termiea96a4182012-01-09 22:13:29 -0800[diff] [blame]150#$BIN_DIR/keystone-manage token add %SERVICE_TOKEN% admin admin 2015-02-05T00:00
Jesse Andrews73e27b82011-09-12 17:55:00 -0700[diff] [blame]151