Gitiles
Code Review Sign In
spfactory.storpool.com / devstack / eacc5953d26a8d1c4b0db4fb4a9cd9b6e201e10b / . / files / keystone_data.sh
blob: 4738e8d6a3735f64a44dc90b7df9646cbec06a24 [file] [log] [blame]
Jesse Andrews73e27b82011-09-12 17:55:00 -0700[diff] [blame]1#!/bin/bash
2BIN_DIR=${BIN_DIR:-.}
3# Tenants
termieeacc5952012-01-11 01:59:00 +0000[diff] [blame^]4ADMIN_TENANT=`$BIN_DIR/keystone-manage tenant --ks-id-only create \
termiea96a4182012-01-09 22:13:29 -0800[diff] [blame]5 tenant_name=admin`
6DEMO_TENANT=`$BIN_DIR/keystone-manage tenant --ks-id-only create \
7 tenant_name=demo`
8INVIS_TENANT=`$BIN_DIR/keystone-manage tenant --ks-id-only create \
9 tenant_name=invisible_to_admin`
10
Jesse Andrews73e27b82011-09-12 17:55:00 -0700[diff] [blame]11
12# Users
termiea96a4182012-01-09 22:13:29 -0800[diff] [blame]13ADMIN_USER=`$BIN_DIR/keystone-manage user --ks-id-only create \
14 name=admin \
15 "password=%ADMIN_PASSWORD%" \
16 email=admin@example.com`
17DEMO_USER=`$BIN_DIR/keystone-manage user --ks-id-only create \
18 name=demo \
19 "password=%ADMIN_PASSWORD%" \
20 email=demo@example.com`
Jesse Andrews73e27b82011-09-12 17:55:00 -0700[diff] [blame]21
22# Roles
termiea96a4182012-01-09 22:13:29 -0800[diff] [blame]23ADMIN_ROLE=`$BIN_DIR/keystone-manage role --ks-id-only create \
24 name=Admin`
25MEMBER_ROLE=`$BIN_DIR/keystone-manage role --ks-id-only create \
26 name=Member`
27KEYSTONEADMIN_ROLE=`$BIN_DIR/keystone-manage role --ks-id-only create \
28 name=KeystoneAdmin`
29KEYSTONESERVICE_ROLE=`$BIN_DIR/keystone-manage role --ks-id-only create \
30 name=KeystoneServiceAdmin`
31SYSADMIN_ROLE=`$BIN_DIR/keystone-manage role --ks-id-only create \
32 name=sysadmin`
33NETADMIN_ROLE=`$BIN_DIR/keystone-manage role --ks-id-only create \
34 name=netadmin`
35
36
37# Add Roles to Users in Tenants
38
39$BIN_DIR/keystone-manage role add_user_to_tenant \
40 role_id=$ADMIN_ROLE \
41 user_id=$ADMIN_USER \
42 tenant_id=$ADMIN_TENANT
43$BIN_DIR/keystone-manage role add_user_to_tenant \
44 role_id=$MEMBER_ROLE \
45 user_id=$DEMO_USER \
46 tenant_id=$DEMO_TENANT
47$BIN_DIR/keystone-manage role add_user_to_tenant \
48 role_id=$SYSADMIN_ROLE \
49 user_id=$DEMO_USER \
50 tenant_id=$DEMO_TENANT
51$BIN_DIR/keystone-manage role add_user_to_tenant \
52 role_id=$NETADMIN_ROLE \
53 user_id=$DEMO_USER \
54 tenant_id=$DEMO_TENANT
55$BIN_DIR/keystone-manage role add_user_to_tenant \
56 role_id=$MEMBER_ROLE \
57 user_id=$DEMO_USER \
58 tenant_id=$INVIS_TENANT
59$BIN_DIR/keystone-manage role add_user_to_tenant \
60 role_id=$ADMIN_ROLE \
61 user_id=$ADMIN_USER \
62 tenant_id=$DEMO_TENANT
63
64# TODO(termie): these two might be dubious
65$BIN_DIR/keystone-manage role add_user_to_tenant \
66 role_id=$KEYSTONEADMIN_ROLE \
67 user_id=$ADMIN_USER \
68 tenant_id=$ADMIN_TENANT
69$BIN_DIR/keystone-manage role add_user_to_tenant \
70 role_id=$KEYSTONESERVICE_ROLE \
71 user_id=$ADMIN_USER \
72 tenant_id=$ADMIN_TENANT
Jesse Andrews73e27b82011-09-12 17:55:00 -0700[diff] [blame]73
Anthony Young8bdc2632011-09-22 08:00:44 +0000[diff] [blame]74# Services
termiea96a4182012-01-09 22:13:29 -0800[diff] [blame]75$BIN_DIR/keystone-manage service create \
76 name=nova \
77 service_type=compute \
78 "description=Nova Compute Service"
79
80$BIN_DIR/keystone-manage service create \
81 name=ec2 \
82 service_type=ec2 \
83 "description=EC2 Compatibility Layer"
84
85$BIN_DIR/keystone-manage service create \
86 name=glance \
87 service_type=image \
88 "description=Glance Image Service"
89
90$BIN_DIR/keystone-manage service create \
91 name=keystone \
92 service_type=identity \
93 "description=Keystone Identity Service"
Jesse Andrews9c7c9082011-11-23 10:10:53 -0800[diff] [blame]94if [[ "$ENABLED_SERVICES" =~ "swift" ]]; then
termiea96a4182012-01-09 22:13:29 -0800[diff] [blame]95 $BIN_DIR/keystone-manage service create \
96 name=swift \
97 service_type=object-store \
98 "description=Swift Service"
Jesse Andrews9c7c9082011-11-23 10:10:53 -0800[diff] [blame]99fi
Anthony Young8bdc2632011-09-22 08:00:44 +0000[diff] [blame]100
Jesse Andrews73e27b82011-09-12 17:55:00 -0700[diff] [blame]101#endpointTemplates
termie82aa41a2012-01-09 22:15:40 -0800[diff] [blame]102#$BIN_DIR/keystone-manage $* endpointTemplates add \
103# RegionOne nova
104# http://%SERVICE_HOST%:8774/v1.1/%tenant_id%
105# http://%SERVICE_HOST%:8774/v1.1/%tenant_id%
106# http://%SERVICE_HOST%:8774/v1.1/%tenant_id% 1 1
107#$BIN_DIR/keystone-manage $* endpointTemplates add
108# RegionOne ec2
109# http://%SERVICE_HOST%:8773/services/Cloud
110# http://%SERVICE_HOST%:8773/services/Admin
111# http://%SERVICE_HOST%:8773/services/Cloud 1 1
112#$BIN_DIR/keystone-manage $* endpointTemplates add
113# RegionOne glance
114# http://%SERVICE_HOST%:9292/v1
115# http://%SERVICE_HOST%:9292/v1
116# http://%SERVICE_HOST%:9292/v1 1 1
117#$BIN_DIR/keystone-manage $* endpointTemplates add
118# RegionOne keystone
119# http://%SERVICE_HOST%:5000/v2.0
120# http://%SERVICE_HOST%:35357/v2.0
121# http://%SERVICE_HOST%:5000/v2.0 1 1
122#if [[ "$ENABLED_SERVICES" =~ "swift" ]]; then
123# $BIN_DIR/keystone-manage $* endpointTemplates add
124# RegionOne swift
125# http://%SERVICE_HOST%:8080/v1/AUTH_%tenant_id%
126# http://%SERVICE_HOST%:8080/
127# http://%SERVICE_HOST%:8080/v1/AUTH_%tenant_id% 1 1
128#fi
Anthony Young8bdc2632011-09-22 08:00:44 +0000[diff] [blame]129
Jesse Andrews73e27b82011-09-12 17:55:00 -0700[diff] [blame]130# Tokens
termiea96a4182012-01-09 22:13:29 -0800[diff] [blame]131#$BIN_DIR/keystone-manage token add %SERVICE_TOKEN% admin admin 2015-02-05T00:00
Jesse Andrews73e27b82011-09-12 17:55:00 -0700[diff] [blame]132
Vishvananda Ishayaf56e3952011-10-24 16:05:57 -0700[diff] [blame]133# EC2 related creds - note we are setting the secret key to ADMIN_PASSWORD
Vishvananda Ishaya9b353672011-10-20 10:07:10 -0700[diff] [blame]134# but keystone doesn't parse them - it is just a blob from keystone's
Jesse Andrews89358af2011-10-02 14:11:17 -0400[diff] [blame]135# point of view
termiea96a4182012-01-09 22:13:29 -0800[diff] [blame]136#$BIN_DIR/keystone-manage credentials add admin EC2 'admin' '%ADMIN_PASSWORD%' admin || echo "no support for adding credentials"
137#$BIN_DIR/keystone-manage credentials add demo EC2 'demo' '%ADMIN_PASSWORD%' demo || echo "no support for adding credentials"