File: keystone.base-deployment.sh

package info (click to toggle)
keystone 2%3A28.0.0-5
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 13,428 kB
  • sloc: python: 125,079; pascal: 2,239; sh: 877; xml: 335; makefile: 216
file content (68 lines) | stat: -rw-r--r-- 2,841 bytes parent folder | download | duplicates (9) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
 

#!/bin/sh
# Script to create base roles on keystone database
set -e

# ToDo: Check service is running and token properly set

TOKEN=`gawk 'match ($0, /^admin_token\s?=\s?(.*)/, ary){ print ary[1]}' /etc/keystone/keystone.conf`
export SERVICE_TOKEN=${TOKEN:-"ADMIN"}
export SERVICE_ENDPOINT="http://localhost:35357/v2.0/"

if ! timeout 20 sh -c "while ! http_proxy= wget -q -O- ${SERVICE_ENDPOINT}; do sleep 1; done"
then
        echo "keystone not running"
        exit 1
fi


create_role() {
    id=`keystone role-list | grep " $1 " | awk '{ print $2 }'`
    if [ -z $id ]; then
        id=`keystone role-create --name=$1 | grep " id " | awk '{ print $4 }'`
        echo "Created role $1 with id $id"
    fi
}

get_id() {
    keystone $1-list | grep " $2 " | awk '{ print $2 }'
}

create_role admin
create_role Member
create_role KeystoneAdmin
create_role KeystoneServiceAdmin
create_role sysadmin
create_role netadmin

ADMIN_TENANT=`keystone tenant-create --name=admin | awk '/ id / { print $4 }'`
DEMO_TENANT=`keystone tenant-create --name=demo | awk '/ id / { print $4 }'`
SERVICE_TENANT=`keystone tenant-create --name=service | awk '/ id / { print $4 }'`

keystone user-create --name=admin --pass="admin" --email=admin@example.com
keystone user-create --name=demo --pass="demo" --email=admin@example.com

ADMIN_ROLE=`get_id role admin`
MEMBER_ROLE=`get_id role Member`
SYSADMIN_ROLE=`get_id role sysadmin`
NETADMIN_ROLE=`get_id role netadmin`
ADMIN_USER=`get_id user admin`
DEMO_USER=`get_id user demo`

keystone user-role-add --user $ADMIN_USER --role $ADMIN_ROLE --tenant_id $ADMIN_TENANT
keystone user-role-add --user $ADMIN_USER --role $ADMIN_ROLE --tenant_id $DEMO_TENANT
keystone user-role-add --user $DEMO_USER --role $MEMBER_ROLE --tenant_id $DEMO_TENANT
keystone user-role-add --user $DEMO_USER --role $SYSADMIN_ROLE --tenant_id $DEMO_TENANT
keystone user-role-add --user $DEMO_USER --role $NETADMIN_ROLE --tenant_id $DEMO_TENANT

keystone service-create --name=nova --type=compute --description="Nova Compute Service"
NOVA_USER=`keystone user-create --name=nova --pass="nova" --email=nova@example.com |  awk '/ id / { print $4 }'`
keystone user-role-add --user $NOVA_USER --role $ADMIN_ROLE --tenant_id $SERVICE_TENANT
keystone service-create --name=ec2 --type=ec2 --description="EC2 Compatibility Layer"
keystone service-create --name=glance --type=image --description="Glance Image Service"
GLANCE_USER=`keystone user-create --name=glance --pass="glance" --email=glance@example.com |  awk '/ id / { print $4 }'`
keystone user-role-add --user $GLANCE_USER --role $ADMIN_ROLE --tenant_id $SERVICE_TENANT
keystone service-create --name=keystone --type=identity --description="Keystone Identity Service"

# Use only whit quantum networking
#keystone service-create --name=quantum --type=network --description="Quantum Service"