In-house patch to the sample_data.sh script installed in
/usr/demo/openstack/keystone in order to support all of the standard
services and to allow customization of the individual service
endpoints. This is a Solaris-specific patch and is not suitable for
upstream
It also includes a change to use the standard Solaris tr(1) rather than
GNU sed.
--- keystone-9.1.0/tools/sample_data.sh.~1~ 2016-07-05 08:27:02.000000000 -0700
+++ keystone-9.1.0/tools/sample_data.sh 2016-08-24 02:06:51.106133355 -0700
@@ -23,8 +23,8 @@
# API. It will get the admin_token (OS_TOKEN) and admin_port from
# keystone.conf if available.
#
-# Disable creation of endpoints by setting DISABLE_ENDPOINTS environment variable.
-# Use this with the Catalog Templated backend.
+# Disable creation of endpoints by setting DISABLE_ENDPOINTS environment
+# variable. Use this with the Catalog Templated backend.
#
# A EC2-compatible credential is created for the admin user and
# placed in etc/ec2rc.
@@ -33,15 +33,19 @@
# -------------------------------------------------------
# demo admin admin
# service glance service
-# service nova service
+# service nova admin, service
# service ec2 service
# service swift service
-# service neutron service
-
-# By default, passwords used are those in the OpenStack Install and Deploy Manual.
-# One can override these (publicly known, and hence, insecure) passwords by setting the appropriate
-# environment variables. A common default password for all the services can be used by
-# setting the "SERVICE_PASSWORD" environment variable.
+# service neutron admin, service
+# service cinder service
+# service heat service
+# service ironic service
+
+# By default, passwords used are those in the OpenStack Install and Deploy
+# Manual. One can override these (publicly known, and hence, insecure)
+# passwords by setting the appropriate environment variables. A common default
+# password for all the services can be used by setting the "SERVICE_PASSWORD"
+# environment variable.
# Test to verify that the openstackclient is installed, if not exit
type openstack >/dev/null 2>&1 || {
@@ -49,17 +53,57 @@ type openstack >/dev/null 2>&1 || {
exit 1
}
+PATH=/usr/bin
+
ADMIN_PASSWORD=${ADMIN_PASSWORD:-secrete}
NOVA_PASSWORD=${NOVA_PASSWORD:-${SERVICE_PASSWORD:-nova}}
GLANCE_PASSWORD=${GLANCE_PASSWORD:-${SERVICE_PASSWORD:-glance}}
EC2_PASSWORD=${EC2_PASSWORD:-${SERVICE_PASSWORD:-ec2}}
-SWIFT_PASSWORD=${SWIFT_PASSWORD:-${SERVICE_PASSWORD:-swiftpass}}
+SWIFT_PASSWORD=${SWIFT_PASSWORD:-${SERVICE_PASSWORD:-swift}}
NEUTRON_PASSWORD=${NEUTRON_PASSWORD:-${SERVICE_PASSWORD:-neutron}}
+CINDER_PASSWORD=${CINDER_PASSWORD:-${SERVICE_PASSWORD:-cinder}}
+HEAT_PASSWORD=${HEAT_PASSWORD:-${SERVICE_PASSWORD:-heat}}
+IRONIC_PASSWORD=${IRONIC_PASSWORD:-${SERVICE_PASSWORD:-ironic}}
CONTROLLER_PUBLIC_ADDRESS=${CONTROLLER_PUBLIC_ADDRESS:-localhost}
CONTROLLER_ADMIN_ADDRESS=${CONTROLLER_ADMIN_ADDRESS:-localhost}
CONTROLLER_INTERNAL_ADDRESS=${CONTROLLER_INTERNAL_ADDRESS:-localhost}
+NOVA_PUBLIC_ADDRESS=${NOVA_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS}
+NOVA_ADMIN_ADDRESS=${NOVA_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS}
+NOVA_INTERNAL_ADDRESS=${NOVA_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS}
+
+GLANCE_PUBLIC_ADDRESS=${GLANCE_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS}
+GLANCE_ADMIN_ADDRESS=${GLANCE_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS}
+GLANCE_INTERNAL_ADDRESS=${GLANCE_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS}
+
+EC2_PUBLIC_ADDRESS=${EC2_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS}
+EC2_ADMIN_ADDRESS=${EC2_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS}
+EC2_INTERNAL_ADDRESS=${EC2_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS}
+
+SWIFT_PUBLIC_ADDRESS=${SWIFT_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS}
+SWIFT_ADMIN_ADDRESS=${SWIFT_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS}
+SWIFT_INTERNAL_ADDRESS=${SWIFT_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS}
+
+NEUTRON_PUBLIC_ADDRESS=${NEUTRON_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS}
+NEUTRON_ADMIN_ADDRESS=${NEUTRON_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS}
+NEUTRON_INTERNAL_ADDRESS=${NEUTRON_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS}
+
+CINDER_PUBLIC_ADDRESS=${CINDER_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS}
+CINDER_ADMIN_ADDRESS=${CINDER_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS}
+CINDER_INTERNAL_ADDRESS=${CINDER_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS}
+
+HEAT_CFN_PUBLIC_ADDRESS=${HEAT_CFN_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS}
+HEAT_CFN_ADMIN_ADDRESS=${HEAT_CFN_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS}
+HEAT_CFN_INTERNAL_ADDRESS=${HEAT_CFN_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS}
+HEAT_PUBLIC_ADDRESS=${HEAT_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS}
+HEAT_ADMIN_ADDRESS=${HEAT_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS}
+HEAT_INTERNAL_ADDRESS=${HEAT_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS}
+
+IRONIC_PUBLIC_ADDRESS=${IRONIC_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS}
+IRONIC_ADMIN_ADDRESS=${IRONIC_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS}
+IRONIC_INTERNAL_ADDRESS=${IRONIC_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS}
+
TOOLS_DIR=$(cd $(dirname "$0") && pwd)
KEYSTONE_CONF=${KEYSTONE_CONF:-/etc/keystone/keystone.conf}
if [[ -r "$KEYSTONE_CONF" ]]; then
@@ -75,15 +119,19 @@ fi
# Extract some info from Keystone's configuration file
if [[ -r "$KEYSTONE_CONF" ]]; then
- CONFIG_SERVICE_TOKEN=$(sed 's/[[:space:]]//g' $KEYSTONE_CONF | grep ^admin_token= | cut -d'=' -f2)
+ CONFIG_SERVICE_TOKEN=$(tr -d '[\t ]' < $KEYSTONE_CONF | \
+ grep ^admin_token= | cut -d'=' -f2)
if [[ -z "${CONFIG_SERVICE_TOKEN}" ]]; then
# default config options are commented out, so lets try those
- CONFIG_SERVICE_TOKEN=$(sed 's/[[:space:]]//g' $KEYSTONE_CONF | grep ^\#admin_token= | cut -d'=' -f2)
+ CONFIG_SERVICE_TOKEN=$(tr -d '[\t ]' < $KEYSTONE_CONF | \
+ grep ^\#admin_token= | cut -d'=' -f2)
fi
- CONFIG_ADMIN_PORT=$(sed 's/[[:space:]]//g' $KEYSTONE_CONF | grep ^admin_port= | cut -d'=' -f2)
+ CONFIG_ADMIN_PORT=$(tr -d '[\t ]' < $KEYSTONE_CONF | \
+ grep ^admin_port= | cut -d'=' -f2)
if [[ -z "${CONFIG_ADMIN_PORT}" ]]; then
# default config options are commented out, so lets try those
- CONFIG_ADMIN_PORT=$(sed 's/[[:space:]]//g' $KEYSTONE_CONF | grep ^\#admin_port= | cut -d'=' -f2)
+ CONFIG_ADMIN_PORT=$(tr -d '[\t ]' < $KEYSTONE_CONF | \
+ grep ^\#admin_port= | cut -d'=' -f2)
fi
fi
@@ -139,6 +187,10 @@ openstack user create nova --project ser
openstack role add --user nova \
--project service \
+ admin
+
+openstack role add --user nova \
+ --project service \
service
openstack user create ec2 --project service \
@@ -160,8 +212,35 @@ openstack user create neutron --project
openstack role add --user neutron \
--project service \
+ admin
+
+openstack role add --user neutron \
+ --project service \
service
+openstack user create cinder --project service \
+ --password "${CINDER_PASSWORD}"
+
+openstack role add --user cinder \
+ --project service \
+ admin
+
+openstack user create heat --project service \
+ --password "${HEAT_PASSWORD}"
+
+openstack role add --user heat \
+ --project service \
+ admin
+
+openstack role create heat_stack_user
+
+openstack user create ironic --project service \
+ --password "${IRONIC_PASSWORD}"
+
+openstack role add --user ironic \
+ --project service \
+ admin
+
#
# Keystone service
#
@@ -184,24 +263,32 @@ openstack service create --name=nova \
compute
if [[ -z "$DISABLE_ENDPOINTS" ]]; then
openstack endpoint create --region RegionOne \
- --publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:8774/v2/\$(tenant_id)s" \
- --adminurl "http://$CONTROLLER_ADMIN_ADDRESS:8774/v2/\$(tenant_id)s" \
- --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:8774/v2/\$(tenant_id)s" \
+ --publicurl "http://$NOVA_PUBLIC_ADDRESS:8774/v2/\$(tenant_id)s" \
+ --adminurl "http://$NOVA_ADMIN_ADDRESS:8774/v2/\$(tenant_id)s" \
+ --internalurl "http://$NOVA_INTERNAL_ADDRESS:8774/v2/\$(tenant_id)s" \
nova
fi
#
# Volume service
#
-openstack service create --name=volume \
+openstack service create --name=cinder \
--description="Cinder Volume Service" \
volume
+openstack service create --name=cinderv2 \
+ --description="Cinder Volume Service (Version 2)" \
+ volumev2
if [[ -z "$DISABLE_ENDPOINTS" ]]; then
openstack endpoint create --region RegionOne \
- --publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:8776/v1/\$(tenant_id)s" \
- --adminurl "http://$CONTROLLER_ADMIN_ADDRESS:8776/v1/\$(tenant_id)s" \
- --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:8776/v1/\$(tenant_id)s" \
- volume
+ --publicurl "http://$CINDER_PUBLIC_ADDRESS:8776/v1/\$(tenant_id)s" \
+ --adminurl "http://$CINDER_ADMIN_ADDRESS:8776/v1/\$(tenant_id)s" \
+ --internalurl "http://$CINDER_INTERNAL_ADDRESS:8776/v1/\$(tenant_id)s" \
+ cinder
+ openstack endpoint create --region RegionOne \
+ --publicurl "http://$CINDER_PUBLIC_ADDRESS:8776/v2/\$(tenant_id)s" \
+ --adminurl "http://$CINDER_ADMIN_ADDRESS:8776/v2/\$(tenant_id)s" \
+ --internalurl "http://$CINDER_INTERNAL_ADDRESS:8776/v2/\$(tenant_id)s" \
+ cinderv2
fi
#
@@ -212,9 +299,9 @@ openstack service create --name=glance \
image
if [[ -z "$DISABLE_ENDPOINTS" ]]; then
openstack endpoint create --region RegionOne \
- --publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:9292" \
- --adminurl "http://$CONTROLLER_ADMIN_ADDRESS:9292" \
- --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:9292" \
+ --publicurl "http://$GLANCE_PUBLIC_ADDRESS:9292" \
+ --adminurl "http://$GLANCE_ADMIN_ADDRESS:9292" \
+ --internalurl "http://$GLANCE_INTERNAL_ADDRESS:9292" \
glance
fi
@@ -226,9 +313,9 @@ openstack service create --name=ec2 \
ec2
if [[ -z "$DISABLE_ENDPOINTS" ]]; then
openstack endpoint create --region RegionOne \
- --publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:8773/services/Cloud" \
- --adminurl "http://$CONTROLLER_ADMIN_ADDRESS:8773/services/Admin" \
- --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:8773/services/Cloud" \
+ --publicurl "http://$EC2_PUBLIC_ADDRESS:8773/services/Cloud" \
+ --adminurl "http://$EC2_ADMIN_ADDRESS:8773/services/Admin" \
+ --internalurl "http://$EC2_INTERNAL_ADDRESS:8773/services/Cloud" \
ec2
fi
@@ -240,9 +327,11 @@ openstack service create --name=swift \
object-store
if [[ -z "$DISABLE_ENDPOINTS" ]]; then
openstack endpoint create --region RegionOne \
- --publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:8080/v1/AUTH_\$(tenant_id)s" \
- --adminurl "http://$CONTROLLER_ADMIN_ADDRESS:8080/v1" \
- --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:8080/v1/AUTH_\$(tenant_id)s" \
+ --publicurl \
+ "http://$SWIFT_PUBLIC_ADDRESS:8080/v1/AUTH_\$(tenant_id)s" \
+ --adminurl "http://$SWIFT_ADMIN_ADDRESS:8080/v1" \
+ --internalurl \
+ "http://$SWIFT_INTERNAL_ADDRESS:8080/v1/AUTH_\$(tenant_id)s" \
swift
fi
@@ -254,12 +343,48 @@ openstack service create --name=neutron
network
if [[ -z "$DISABLE_ENDPOINTS" ]]; then
openstack endpoint create --region RegionOne \
- --publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:9696" \
- --adminurl "http://$CONTROLLER_ADMIN_ADDRESS:9696" \
- --internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:9696" \
+ --publicurl "http://$NEUTRON_PUBLIC_ADDRESS:9696" \
+ --adminurl "http://$NEUTRON_ADMIN_ADDRESS:9696" \
+ --internalurl "http://$NEUTRON_INTERNAL_ADDRESS:9696" \
neutron
fi
+#
+# Heat service
+#
+openstack service create --name=heat-cfn \
+ --description="Heat CloudFormation API" \
+ cloudformation
+openstack service create --name=heat \
+ --description="Heat API" \
+ orchestration
+if [[ -z "$DISABLE_ENDPOINTS" ]]; then
+ openstack endpoint create --region RegionOne \
+ --publicurl "http://$HEAT_CFN_PUBLIC_ADDRESS:8000/v1" \
+ --adminurl "http://$HEAT_CFN_ADMIN_ADDRESS:8000/v1" \
+ --internalurl "http://$HEAT_CFN_INTERNAL_ADDRESS:8000/v1" \
+ heat-cfn
+ openstack endpoint create --region RegionOne \
+ --publicurl "http://$HEAT_PUBLIC_ADDRESS:8004/v1/\$(tenant_id)s" \
+ --adminurl "http://$HEAT_ADMIN_ADDRESS:8004/v1/\$(tenant_id)s" \
+ --internalurl "http://$HEAT_INTERNAL_ADDRESS:8004/v1/\$(tenant_id)s" \
+ heat
+fi
+
+#
+# Ironic service
+#
+openstack service create --name=ironic \
+ --description="Ironic Bare Metal Provisioning Service" \
+ baremetal
+if [[ -z "$DISABLE_ENDPOINTS" ]]; then
+ openstack endpoint create --region RegionOne \
+ --publicurl "http://$IRONIC_PUBLIC_ADDRESS:6385" \
+ --adminurl "http://$IRONIC_ADMIN_ADDRESS:6385" \
+ --internalurl "http://$IRONIC_INTERNAL_ADDRESS:6385" \
+ ironic
+fi
+
# create ec2 creds and parse the secret and access key returned
ADMIN_USER=$(get_id openstack user show admin)
RESULT=$(openstack ec2 credentials create --project service --user $ADMIN_USER)