1 files changed, 60 insertions, 0 deletions
diff --git a/meta-openstack/recipes-devtools/python/python-keystone/keystone-init b/meta-openstack/recipes-devtools/python/python-keystone/keystone-init
new file mode 100644
index 0000000..db4b4fa
--- /dev/null
+++ b/meta-openstack/recipes-devtools/python/python-keystone/keystone-init
@@ -0,0 +1,60 @@
+#!/bin/bash
+#
+# Basic keystone setup as described on:
+# https://docs.openstack.org/mitaka/install-guide-ubuntu/keystone-install.html
+# https://docs.openstack.org/keystone/pike/install/keystone-install-ubuntu.html
+#
+# Prerequisites: /etc/postgresql/postgresql-init must be run first to create the DB
+#
+# After complete you should be able to query keystone with something like the 
+# following (https://docs.openstack.org/keystone/latest/api_curl_examples.html)
+#
+#curl -i \
+#  -H "Content-Type: application/json" \
+#  -d '
+#{ "auth": {
+#    "identity": {
+#      "methods": ["password"],
+#      "password": {
+#        "user": {
+#          "name": "%ADMIN_USER%",
+#          "domain": { "id": "default" },
+#          "password": "%ADMIN_PASSWORD%"
+#        }
+#      }
+#    }
+#  }
+#}' \
+#  "http://localhost:5000/v3/auth/tokens" ; echo
+# Substitutions setup at do_intall()
+DB_USER=%DB_USER%
+KEYSTONE_USER=%KEYSTONE_USER%
+KEYSTONE_GROUP=%KEYSTONE_GROUP%
+CONTROLLER_IP=%CONTROLLER_IP%
+ADMIN_USER=%ADMIN_USER%
+ADMIN_PASSWORD=%ADMIN_PASSWORD%
+ADMIN_ROLE=%ADMIN_ROLE%
+# Create the keystone DB and grant the necessary permissions
+sudo -u postgres psql -c "CREATE DATABASE keystone" 2> /dev/null
+sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE keystone TO ${DB_USER}" 2> /dev/null
+keystone-manage db_sync
+keystone-manage fernet_setup --keystone-user ${KEYSTONE_USER} --keystone-group ${KEYSTONE_GROUP}
+keystone-manage credential_setup --keystone-user ${KEYSTONE_USER} --keystone-group ${KEYSTONE_GROUP}
+keystone-manage bootstrap \
+  --bootstrap-password ${ADMIN_PASSWORD} \
+  --bootstrap-username ${ADMIN_USER} \
+  --bootstrap-project-name admin \
+  --bootstrap-role-name ${ADMIN_ROLE} \
+  --bootstrap-service-name keystone \
+  --bootstrap-region-id RegionOne \
+  --bootstrap-admin-url http://${CONTROLLER_IP}:35357 \
+  --bootstrap-internal-url http://${CONTROLLER_IP}:5000 \
+  --bootstrap-public-url http://${CONTROLLER_IP}:5000
+#keystone-manage pki_setup --keystone-user=root --keystone-group=daemon

diff --git a/meta-openstack/recipes-devtools/python/python-keystone/keystone-init b/meta-openstack/recipes-devtools/python/python-keystone/keystone-init new file mode 100644 index 0000000..db4b4fa --- /dev/null +++ b/meta-openstack/recipes-devtools/python/python-keystone/keystone-init
@@ -0,0 +1,60 @@
	1	#!/bin/bash
	2	#
	3	# Basic keystone setup as described on:
	4	# https://docs.openstack.org/mitaka/install-guide-ubuntu/keystone-install.html
	5	# https://docs.openstack.org/keystone/pike/install/keystone-install-ubuntu.html
	6	#
	7	# Prerequisites: /etc/postgresql/postgresql-init must be run first to create the DB
	8	#
	9	# After complete you should be able to query keystone with something like the
	10	# following (https://docs.openstack.org/keystone/latest/api_curl_examples.html)
	11	#
	12	#curl -i \
	13	# -H "Content-Type: application/json" \
	14	# -d '
	15	#{ "auth": {
	16	# "identity": {
	17	# "methods": ["password"],
	18	# "password": {
	19	# "user": {
	20	# "name": "%ADMIN_USER%",
	21	# "domain": { "id": "default" },
	22	# "password": "%ADMIN_PASSWORD%"
	23	# }
	24	# }
	25	# }
	26	# }
	27	#}' \
	28	# "http://localhost:5000/v3/auth/tokens" ; echo
	29
	30
	31	# Substitutions setup at do_intall()
	32	DB_USER=%DB_USER%
	33	KEYSTONE_USER=%KEYSTONE_USER%
	34	KEYSTONE_GROUP=%KEYSTONE_GROUP%
	35	CONTROLLER_IP=%CONTROLLER_IP%
	36	ADMIN_USER=%ADMIN_USER%
	37	ADMIN_PASSWORD=%ADMIN_PASSWORD%
	38	ADMIN_ROLE=%ADMIN_ROLE%
	39
	40	# Create the keystone DB and grant the necessary permissions
	41	sudo -u postgres psql -c "CREATE DATABASE keystone" 2> /dev/null
	42	sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE keystone TO ${DB_USER}" 2> /dev/null
	43
	44	keystone-manage db_sync
	45
	46	keystone-manage fernet_setup --keystone-user ${KEYSTONE_USER} --keystone-group ${KEYSTONE_GROUP}
	47	keystone-manage credential_setup --keystone-user ${KEYSTONE_USER} --keystone-group ${KEYSTONE_GROUP}
	48
	49	keystone-manage bootstrap \
	50	--bootstrap-password ${ADMIN_PASSWORD} \
	51	--bootstrap-username ${ADMIN_USER} \
	52	--bootstrap-project-name admin \
	53	--bootstrap-role-name ${ADMIN_ROLE} \
	54	--bootstrap-service-name keystone \
	55	--bootstrap-region-id RegionOne \
	56	--bootstrap-admin-url http://${CONTROLLER_IP}:35357 \
	57	--bootstrap-internal-url http://${CONTROLLER_IP}:5000 \
	58	--bootstrap-public-url http://${CONTROLLER_IP}:5000
	59
	60	#keystone-manage pki_setup --keystone-user=root --keystone-group=daemon