keystone/patches/sample-data.sh.patch

	sample-data.sh.patch revision 4070
In-house patch to the sample_data.sh script installed in
/usr/demo/openstack/keystone in order to support all of the standard
services and to allow customization of the individual service
endpoints.  Solaris-specific patch and is not suitable for upstream

It also includes a change to use the standard Solaris tr(1) rather than
GNU sed.

--- keystone-2014.2.rc1/tools/sample_data.sh.~1~    2014-09-30 00:14:14.000000000 -0700
+++ keystone-2014.2.rc1/tools/sample_data.sh    2014-10-13 00:53:30.614564163 -0700
@@ -2,6 +2,8 @@

 # Copyright 2013 OpenStack Foundation
 #
+# Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+#
 # Licensed under the Apache License, Version 2.0 (the "License"); you may
 # not use this file except in compliance with the License. You may obtain
 # a copy of the License at
@@ -36,22 +38,47 @@
 # service              nova      admin
 # service              ec2       admin
 # service              swift     admin
+# service              cinder    admin
+# service              neutron   admin

 # By default, passwords used are those in the OpenStack Install and Deploy Manual.
 # One can override these (publicly known, and hence, insecure) passwords by setting the appropriate
 # environment variables. A common default password for all the services can be used by
 # setting the "SERVICE_PASSWORD" environment variable.

+PATH=/usr/bin
+
 ADMIN_PASSWORD=${ADMIN_PASSWORD:-secrete}
 NOVA_PASSWORD=${NOVA_PASSWORD:-${SERVICE_PASSWORD:-nova}}
 GLANCE_PASSWORD=${GLANCE_PASSWORD:-${SERVICE_PASSWORD:-glance}}
 EC2_PASSWORD=${EC2_PASSWORD:-${SERVICE_PASSWORD:-ec2}}
-SWIFT_PASSWORD=${SWIFT_PASSWORD:-${SERVICE_PASSWORD:-swiftpass}}
+SWIFT_PASSWORD=${SWIFT_PASSWORD:-${SERVICE_PASSWORD:-swift}}
+CINDER_PASSWORD=${CINDER_PASSWORD:-${SERVICE_PASSWORD:-cinder}}
+NEUTRON_PASSWORD=${NEUTRON_PASSWORD:-${SERVICE_PASSWORD:-neutron}}

 CONTROLLER_PUBLIC_ADDRESS=${CONTROLLER_PUBLIC_ADDRESS:-localhost}
 CONTROLLER_ADMIN_ADDRESS=${CONTROLLER_ADMIN_ADDRESS:-localhost}
 CONTROLLER_INTERNAL_ADDRESS=${CONTROLLER_INTERNAL_ADDRESS:-localhost}

+NOVA_PUBLIC_ADDRESS=${NOVA_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS}
+NOVA_ADMIN_ADDRESS=${NOVA_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS}
+NOVA_INTERNAL_ADDRESS=${NOVA_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS}
+GLANCE_PUBLIC_ADDRESS=${GLANCE_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS}
+GLANCE_ADMIN_ADDRESS=${GLANCE_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS}
+GLANCE_INTERNAL_ADDRESS=${GLANCE_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS}
+EC2_PUBLIC_ADDRESS=${EC2_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS}
+EC2_ADMIN_ADDRESS=${EC2_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS}
+EC2_INTERNAL_ADDRESS=${EC2_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS}
+SWIFT_PUBLIC_ADDRESS=${SWIFT_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS}
+SWIFT_ADMIN_ADDRESS=${SWIFT_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS}
+SWIFT_INTERNAL_ADDRESS=${SWIFT_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS}
+CINDER_PUBLIC_ADDRESS=${CINDER_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS}
+CINDER_ADMIN_ADDRESS=${CINDER_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS}
+CINDER_INTERNAL_ADDRESS=${CINDER_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS}
+NEUTRON_PUBLIC_ADDRESS=${NEUTRON_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS}
+NEUTRON_ADMIN_ADDRESS=${NEUTRON_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS}
+NEUTRON_INTERNAL_ADDRESS=${NEUTRON_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS}
+
 TOOLS_DIR=$(cd $(dirname "$0") && pwd)
 KEYSTONE_CONF=${KEYSTONE_CONF:-/etc/keystone/keystone.conf}
 if [[ -r "$KEYSTONE_CONF" ]]; then
@@ -67,8 +94,8 @@ fi

 # Extract some info from Keystone's configuration file
 if [[ -r "$KEYSTONE_CONF" ]]; then
-    CONFIG_SERVICE_TOKEN=$(sed 's/[[:space:]]//g' $KEYSTONE_CONF | grep ^admin_token= | cut -d'=' -f2)
-    CONFIG_ADMIN_PORT=$(sed 's/[[:space:]]//g' $KEYSTONE_CONF | grep ^admin_port= | cut -d'=' -f2)
+    CONFIG_SERVICE_TOKEN=$(tr -d '[\t ]' < $KEYSTONE_CONF | grep ^admin_token= | cut -d'=' -f2)
+    CONFIG_ADMIN_PORT=$(tr -d '[\t ]' < $KEYSTONE_CONF | grep ^admin_port= | cut -d'=' -f2)
 fi

 export OS_SERVICE_TOKEN=${OS_SERVICE_TOKEN:-$CONFIG_SERVICE_TOKEN}
@@ -136,6 +163,22 @@ keystone user-role-add --user-id $SWIFT_
                        --role-id $ADMIN_ROLE \
                        --tenant-id $SERVICE_TENANT

+CINDER_USER=$(get_id keystone user-create --name=cinder \
+                                          --pass="${CINDER_PASSWORD}" \
+                                          --tenant-id $SERVICE_TENANT)
+
+keystone user-role-add --user-id $CINDER_USER \
+                       --role-id $ADMIN_ROLE \
+                       --tenant-id $SERVICE_TENANT
+
+NEUTRON_USER=$(get_id keystone user-create --name=neutron \
+                                           --pass="${NEUTRON_PASSWORD}" \
+                                           --tenant-id $SERVICE_TENANT)
+
+keystone user-role-add --user-id $NEUTRON_USER \
+                       --role-id $ADMIN_ROLE \
+                       --tenant-id $SERVICE_TENANT
+
 #
 # Keystone service
 #
@@ -159,23 +202,23 @@ keystone service-create --name=nova \
                         --description="Nova Compute Service")
 if [[ -z "$DISABLE_ENDPOINTS" ]]; then
     keystone endpoint-create --region RegionOne --service-id $NOVA_SERVICE \
-        --publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:8774/v2/\$(tenant_id)s" \
-        --adminurl "http://$CONTROLLER_ADMIN_ADDRESS:8774/v2/\$(tenant_id)s" \
-        --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:8774/v2/\$(tenant_id)s"
+        --publicurl "http://$NOVA_PUBLIC_ADDRESS:8774/v2/\$(tenant_id)s" \
+        --adminurl "http://$NOVA_ADMIN_ADDRESS:8774/v2/\$(tenant_id)s" \
+        --internalurl "http://$NOVA_INTERNAL_ADDRESS:8774/v2/\$(tenant_id)s"
 fi

 #
 # Volume service
 #
 VOLUME_SERVICE=$(get_id \
-keystone service-create --name=volume \
+keystone service-create --name=cinder \
                         --type=volume \
-                        --description="Nova Volume Service")
+                        --description="Cinder Volume Service")
 if [[ -z "$DISABLE_ENDPOINTS" ]]; then
     keystone endpoint-create --region RegionOne --service-id $VOLUME_SERVICE \
-        --publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:8776/v1/\$(tenant_id)s" \
-        --adminurl "http://$CONTROLLER_ADMIN_ADDRESS:8776/v1/\$(tenant_id)s" \
-        --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:8776/v1/\$(tenant_id)s"
+        --publicurl "http://$CINDER_PUBLIC_ADDRESS:8776/v1/\$(tenant_id)s" \
+        --adminurl "http://$CINDER_ADMIN_ADDRESS:8776/v1/\$(tenant_id)s" \
+        --internalurl "http://$CINDER_INTERNAL_ADDRESS:8776/v1/\$(tenant_id)s"
 fi

 #
@@ -187,9 +230,9 @@ keystone service-create --name=glance \
                         --description="Glance Image Service")
 if [[ -z "$DISABLE_ENDPOINTS" ]]; then
     keystone endpoint-create --region RegionOne --service-id $GLANCE_SERVICE \
-        --publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:9292" \
-        --adminurl "http://$CONTROLLER_ADMIN_ADDRESS:9292" \
-        --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:9292"
+        --publicurl "http://$GLANCE_PUBLIC_ADDRESS:9292" \
+        --adminurl "http://$GLANCE_ADMIN_ADDRESS:9292" \
+        --internalurl "http://$GLANCE_INTERNAL_ADDRESS:9292"
 fi

 #
@@ -201,9 +244,9 @@ keystone service-create --name=ec2 \
                         --description="EC2 Compatibility Layer")
 if [[ -z "$DISABLE_ENDPOINTS" ]]; then
     keystone endpoint-create --region RegionOne --service-id $EC2_SERVICE \
-        --publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:8773/services/Cloud" \
-        --adminurl "http://$CONTROLLER_ADMIN_ADDRESS:8773/services/Admin" \
-        --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:8773/services/Cloud"
+        --publicurl "http://$EC2_PUBLIC_ADDRESS:8773/services/Cloud" \
+        --adminurl "http://$EC2_ADMIN_ADDRESS:8773/services/Admin" \
+        --internalurl "http://$EC2_INTERNAL_ADDRESS:8773/services/Cloud"
 fi

 #
@@ -212,15 +255,34 @@ fi
 SWIFT_SERVICE=$(get_id \
 keystone service-create --name=swift \
                         --type="object-store" \
-                        --description="Swift Service")
+                        --description="Swift Object Store Service")
 if [[ -z "$DISABLE_ENDPOINTS" ]]; then
     keystone endpoint-create --region RegionOne --service-id $SWIFT_SERVICE \
-        --publicurl   "http://$CONTROLLER_PUBLIC_ADDRESS:8080/v1/AUTH_\$(tenant_id)s" \
-        --adminurl    "http://$CONTROLLER_ADMIN_ADDRESS:8080/v1" \
-        --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:8080/v1/AUTH_\$(tenant_id)s"
+        --publicurl "http://$SWIFT_PUBLIC_ADDRESS:8080/v1/AUTH_\$(tenant_id)s" \
+        --adminurl "http://$SWIFT_ADMIN_ADDRESS:8080/v1" \
+        --internalurl "http://$SWIFT_INTERNAL_ADDRESS:8080/v1/AUTH_\$(tenant_id)s"
+fi
+
+#
+# Neutron service
+#
+NEUTRON_SERVICE=$(get_id \
+keystone service-create --name=neutron \
+                        --type=network \
+                        --description="Neutron Network Service")
+if [[ -z "$DISABLE_ENDPOINTS" ]]; then
+    keystone endpoint-create --region RegionOne --service-id $NEUTRON_SERVICE \
+        --publicurl "http://$NEUTRON_PUBLIC_ADDRESS:9696/" \
+        --adminurl "http://$NEUTRON_ADMIN_ADDRESS:9696/" \
+        --internalurl "http://$NEUTRON_INTERNAL_ADDRESS:9696/"
 fi

 # create ec2 creds and parse the secret and access key returned
+unset SERVICE_ENDPOINT SERVICE_TOKEN
+export OS_AUTH_URL=http://localhost:5000/v2.0
+export OS_PASSWORD="${ADMIN_PASSWORD}"
+export OS_TENANT_NAME=demo
+export OS_USERNAME=admin
 RESULT=$(keystone ec2-credentials-create --tenant-id=$SERVICE_TENANT --user-id=$ADMIN_USER)
 ADMIN_ACCESS=`echo "$RESULT" | grep access | awk '{print $4}'`
 ADMIN_SECRET=`echo "$RESULT" | grep secret | awk '{print $4}'`