4 files changed, 89 insertions, 1 deletions
diff --git a/meta-openstack/recipes-devtools/python/python-keystone/identity.sh b/meta-openstack/recipes-devtools/python/python-keystone/identity.sh
new file mode 100644
index 0000000..78d5099
--- /dev/null
+++ b/meta-openstack/recipes-devtools/python/python-keystone/identity.sh
@@ -0,0 +1,70 @@
+#!/bin/bash
+# Modify these variables as needed
+ADMIN_PASSWORD=${ADMIN_PASSWORD:-password}
+SERVICE_PASSWORD=${SERVICE_PASSWORD:-$ADMIN_PASSWORD}
+DEMO_PASSWORD=${DEMO_PASSWORD:-$ADMIN_PASSWORD}
+export OS_SERVICE_TOKEN="password"
+export OS_SERVICE_ENDPOINT="http://localhost:35357/v2.0"
+SERVICE_TENANT_NAME=${SERVICE_TENANT_NAME:-service}
+#
+MYSQL_USER=keystone
+MYSQL_DATABASE=keystone
+MYSQL_HOST=localhost
+MYSQL_PASSWORD=password
+#
+KEYSTONE_REGION=RegionOne
+KEYSTONE_HOST=localhost
+# Shortcut function to get a newly generated ID
+function get_field() {
+    while read data; do
+        if [ "$1" -lt 0 ]; then
+            field="(\$(NF$1))"
+        else
+            field="\$$(($1 + 1))"
+        fi
+        echo "$data" | awk -F'[ \t]*\\|[ \t]*' "{print $field}"
+    done
+}
+# Tenants
+ADMIN_TENANT=$(keystone tenant-create --name=admin | grep " id " | get_field 2)
+DEMO_TENANT=$(keystone tenant-create --name=demo | grep " id " | get_field 2)
+SERVICE_TENANT=$(keystone tenant-create --name=$SERVICE_TENANT_NAME | grep " id " | get_field 2)
+# Users
+ADMIN_USER=$(keystone user-create --name=admin --pass="$ADMIN_PASSWORD" --email=admin@domain.com | grep " id " | get_field 2)
+DEMO_USER=$(keystone user-create --name=demo --pass="$DEMO_PASSWORD" --email=demo@domain.com --tenant-id=$DEMO_TENANT | grep " id " | get_field 2)
+NOVA_USER=$(keystone user-create --name=nova --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=nova@domain.com | grep " id " | get_field 2)
+GLANCE_USER=$(keystone user-create --name=glance --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=glance@domain.com | grep " id " | get_field 2)
+QUANTUM_USER=$(keystone user-create --name=quantum --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=quantum@domain.com | grep " id " | get_field 2)
+CINDER_USER=$(keystone user-create --name=cinder --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=cinder@domain.com | grep " id " | get_field 2)
+# Roles
+ADMIN_ROLE=$(keystone role-create --name=admin | grep " id " | get_field 2)
+MEMBER_ROLE=$(keystone role-create --name=Member | grep " id " | get_field 2)
+# Add Roles to Users in Tenants
+keystone user-role-add --user-id $ADMIN_USER --role-id $ADMIN_ROLE --tenant-id $ADMIN_TENANT
+keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $NOVA_USER --role-id $ADMIN_ROLE
+keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $GLANCE_USER --role-id $ADMIN_ROLE
+keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $QUANTUM_USER --role-id $ADMIN_ROLE
+keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $CINDER_USER --role-id $ADMIN_ROLE
+keystone user-role-add --tenant-id $DEMO_TENANT --user-id $DEMO_USER --role-id $MEMBER_ROLE
+# Create services
+COMPUTE_SERVICE=$(keystone service-create --name nova --type compute --description 'OpenStack Compute Service' | grep " id " | get_field 2)
+VOLUME_SERVICE=$(keystone service-create --name cinder --type volume --description 'OpenStack Volume Service' | grep " id " | get_field 2)
+IMAGE_SERVICE=$(keystone service-create --name glance --type image --description 'OpenStack Image Service' | grep " id " | get_field 2)
+IDENTITY_SERVICE=$(keystone service-create --name keystone --type identity --description 'OpenStack Identity' | grep " id " | get_field 2)
+EC2_SERVICE=$(keystone service-create --name ec2 --type ec2 --description 'OpenStack EC2 service' | grep " id " | get_field 2)
+NETWORK_SERVICE=$(keystone service-create --name quantum --type network --description 'OpenStack Networking service' | grep " id " | get_field 2)
+# Create endpoints
+keystone endpoint-create --region $KEYSTONE_REGION --service-id $COMPUTE_SERVICE --publicurl 'http://'"$KEYSTONE_HOST"':8774/v2/$(tenant_id)s' --adminurl 'http://'"$KEYSTONE_HOST"':8774/v2/$(tenant_id)s' --internalurl 'http://'"$KEYSTONE_HOST"':8774/v2/$(tenant_id)s'
+keystone endpoint-create --region $KEYSTONE_REGION --service-id $VOLUME_SERVICE --publicurl 'http://'"$KEYSTONE_HOST"':8776/v1/$(tenant_id)s' --adminurl 'http://'"$KEYSTONE_HOST"':8776/v1/$(tenant_id)s' --internalurl 'http://'"$KEYSTONE_HOST"':8776/v1/$(tenant_id)s'
+keystone endpoint-create --region $KEYSTONE_REGION --service-id $IMAGE_SERVICE --publicurl 'http://'"$KEYSTONE_HOST"':9292/v2' --adminurl 'http://'"$KEYSTONE_HOST"':9292/v2' --internalurl 'http://'"$KEYSTONE_HOST"':9292/v2'
+keystone endpoint-create --region $KEYSTONE_REGION --service-id $IDENTITY_SERVICE --publicurl 'http://'"$KEYSTONE_HOST"':5000/v2.0' --adminurl 'http://'"$KEYSTONE_HOST"':35357/v2.0' --internalurl 'http://'"$KEYSTONE_HOST"':5000/v2.0'
+keystone endpoint-create --region $KEYSTONE_REGION --service-id $EC2_SERVICE --publicurl 'http://'"$KEYSTONE_HOST"':8773/services/Cloud' --adminurl 'http://'"$KEYSTONE_HOST"':8773/services/Admin' --internalurl 'http://'"$KEYSTONE_HOST"':8773/services/Cloud'
+keystone endpoint-create --region $KEYSTONE_REGION --service-id $NETWORK_SERVICE --publicurl 'http://'"$KEYSTONE_HOST"':9696/' --adminurl 'http://'"$KEYSTONE_HOST"':9696/' --internalurl 'http://'"$KEYSTONE_HOST"':9696/'
diff --git a/meta-openstack/recipes-devtools/python/python-keystone/keystone.conf b/meta-openstack/recipes-devtools/python/python-keystone/keystone.conf
index c58f3d4..e25af40 100644
--- a/meta-openstack/recipes-devtools/python/python-keystone/keystone.conf
+++ b/meta-openstack/recipes-devtools/python/python-keystone/keystone.conf
@@ -1,6 +1,6 @@
 [DEFAULT]
 # A "shared secret" between keystone and other openstack services
-# admin_token = ADMIN
+admin_token=password
 # The IP address of the network interface to listen on
 # bind_host = 0.0.0.0
diff --git a/meta-openstack/recipes-devtools/python/python-keystone/openrc b/meta-openstack/recipes-devtools/python/python-keystone/openrc
new file mode 100644
index 0000000..b189d0e
--- /dev/null
+++ b/meta-openstack/recipes-devtools/python/python-keystone/openrc
@@ -0,0 +1,6 @@
+export OS_TENANT_NAME=admin
+export OS_USERNAME=admin
+export OS_PASSWORD=password
+export OS_AUTH_URL="http://localhost:5000/v2.0/"
+export SERVICE_ENDPOINT="http://localhost:35357/v2.0"
+export SERVICE_TOKEN=password
diff --git a/meta-openstack/recipes-devtools/python/python-keystone_2013.1.bb b/meta-openstack/recipes-devtools/python/python-keystone_2013.1.bb
index efe6fec..5bc772f 100644
--- a/meta-openstack/recipes-devtools/python/python-keystone_2013.1.bb
+++ b/meta-openstack/recipes-devtools/python/python-keystone_2013.1.bb
@@ -9,6 +9,8 @@ SRCNAME = "keystone"
 SRC_URI = "https://launchpad.net/keystone/grizzly/${PV}/+download/${SRCNAME}-${PV}.tar.gz \
           file://keystone.conf \
+           file://identity.sh \
+           file://openrc \
                  "
 SRC_URI[md5sum] = "f82189cd7e3f0955e32c60e41f4120da"
@@ -18,13 +20,19 @@ S = "${WORKDIR}/${SRCNAME}-${PV}"
 inherit setuptools
+SERVICE_TOKEN = "password"
 do_install_append() {
    KEYSTONE_CONF_DIR=${D}${sysconfdir}/keystone
    install -d ${KEYSTONE_CONF_DIR}
+    sed -e "s:^admin_token=.*:admin_token=${SERVICE_TOKEN}:g" -i ${WORKDIR}/keystone.conf
    install -m 600 ${WORKDIR}/keystone.conf ${KEYSTONE_CONF_DIR}/
+    install -m 600 ${WORKDIR}/identity.sh ${KEYSTONE_CONF_DIR}/
+    install -m 600 ${WORKDIR}/openrc ${KEYSTONE_CONF_DIR}/
    install -m 600 ${S}/etc/logging.conf.sample ${KEYSTONE_CONF_DIR}/logging.conf
    install -m 600 ${S}/etc/policy.json ${KEYSTONE_CONF_DIR}/policy.json
@@ -42,6 +50,10 @@ pkg_postinst_${PN} () {
    sudo -u postgres createdb keystone
    keystone-manage db_sync
    keystone-manage pki_setup
+    # quick fix
+    echo "source /etc/keystone/openrc" > /home/root/.bashrc
+    sleep 1
+    bash /etc/keystone/identity.sh
 }
 FILES_${PN} += "${sysconfdir}/${SRCNAME}/*"

diff --git a/meta-openstack/recipes-devtools/python/python-keystone/identity.sh b/meta-openstack/recipes-devtools/python/python-keystone/identity.sh new file mode 100644 index 0000000..78d5099 --- /dev/null +++ b/meta-openstack/recipes-devtools/python/python-keystone/identity.sh
@@ -0,0 +1,70 @@
		1	#!/bin/bash
		2
		3	# Modify these variables as needed
		4	ADMIN_PASSWORD=${ADMIN_PASSWORD:-password}
		5	SERVICE_PASSWORD=${SERVICE_PASSWORD:-$ADMIN_PASSWORD}
		6	DEMO_PASSWORD=${DEMO_PASSWORD:-$ADMIN_PASSWORD}
		7	export OS_SERVICE_TOKEN="password"
		8	export OS_SERVICE_ENDPOINT="http://localhost:35357/v2.0"
		9	SERVICE_TENANT_NAME=${SERVICE_TENANT_NAME:-service}
		10	#
		11	MYSQL_USER=keystone
		12	MYSQL_DATABASE=keystone
		13	MYSQL_HOST=localhost
		14	MYSQL_PASSWORD=password
		15	#
		16	KEYSTONE_REGION=RegionOne
		17	KEYSTONE_HOST=localhost
		18
		19	# Shortcut function to get a newly generated ID
		20	function get_field() {
		21	while read data; do
		22	if [ "$1" -lt 0 ]; then
		23	field="(\$(NF$1))"
		24	else
		25	field="\$$(($1 + 1))"
		26	fi
		27	echo "$data" \| awk -F'[ \t]\\\|[ \t]' "{print $field}"
		28	done
		29	}
		30
		31	# Tenants
		32	ADMIN_TENANT=$(keystone tenant-create --name=admin \| grep " id " \| get_field 2)
		33	DEMO_TENANT=$(keystone tenant-create --name=demo \| grep " id " \| get_field 2)
		34	SERVICE_TENANT=$(keystone tenant-create --name=$SERVICE_TENANT_NAME \| grep " id " \| get_field 2)
		35
		36	# Users
		37	ADMIN_USER=$(keystone user-create --name=admin --pass="$ADMIN_PASSWORD" --email=admin@domain.com \| grep " id " \| get_field 2)
		38	DEMO_USER=$(keystone user-create --name=demo --pass="$DEMO_PASSWORD" --email=demo@domain.com --tenant-id=$DEMO_TENANT \| grep " id " \| get_field 2)
		39	NOVA_USER=$(keystone user-create --name=nova --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=nova@domain.com \| grep " id " \| get_field 2)
		40	GLANCE_USER=$(keystone user-create --name=glance --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=glance@domain.com \| grep " id " \| get_field 2)
		41	QUANTUM_USER=$(keystone user-create --name=quantum --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=quantum@domain.com \| grep " id " \| get_field 2)
		42	CINDER_USER=$(keystone user-create --name=cinder --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=cinder@domain.com \| grep " id " \| get_field 2)
		43
		44	# Roles
		45	ADMIN_ROLE=$(keystone role-create --name=admin \| grep " id " \| get_field 2)
		46	MEMBER_ROLE=$(keystone role-create --name=Member \| grep " id " \| get_field 2)
		47
		48	# Add Roles to Users in Tenants
		49	keystone user-role-add --user-id $ADMIN_USER --role-id $ADMIN_ROLE --tenant-id $ADMIN_TENANT
		50	keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $NOVA_USER --role-id $ADMIN_ROLE
		51	keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $GLANCE_USER --role-id $ADMIN_ROLE
		52	keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $QUANTUM_USER --role-id $ADMIN_ROLE
		53	keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $CINDER_USER --role-id $ADMIN_ROLE
		54	keystone user-role-add --tenant-id $DEMO_TENANT --user-id $DEMO_USER --role-id $MEMBER_ROLE
		55
		56	# Create services
		57	COMPUTE_SERVICE=$(keystone service-create --name nova --type compute --description 'OpenStack Compute Service' \| grep " id " \| get_field 2)
		58	VOLUME_SERVICE=$(keystone service-create --name cinder --type volume --description 'OpenStack Volume Service' \| grep " id " \| get_field 2)
		59	IMAGE_SERVICE=$(keystone service-create --name glance --type image --description 'OpenStack Image Service' \| grep " id " \| get_field 2)
		60	IDENTITY_SERVICE=$(keystone service-create --name keystone --type identity --description 'OpenStack Identity' \| grep " id " \| get_field 2)
		61	EC2_SERVICE=$(keystone service-create --name ec2 --type ec2 --description 'OpenStack EC2 service' \| grep " id " \| get_field 2)
		62	NETWORK_SERVICE=$(keystone service-create --name quantum --type network --description 'OpenStack Networking service' \| grep " id " \| get_field 2)
		63
		64	# Create endpoints
		65	keystone endpoint-create --region $KEYSTONE_REGION --service-id $COMPUTE_SERVICE --publicurl 'http://'"$KEYSTONE_HOST"':8774/v2/$(tenant_id)s' --adminurl 'http://'"$KEYSTONE_HOST"':8774/v2/$(tenant_id)s' --internalurl 'http://'"$KEYSTONE_HOST"':8774/v2/$(tenant_id)s'
		66	keystone endpoint-create --region $KEYSTONE_REGION --service-id $VOLUME_SERVICE --publicurl 'http://'"$KEYSTONE_HOST"':8776/v1/$(tenant_id)s' --adminurl 'http://'"$KEYSTONE_HOST"':8776/v1/$(tenant_id)s' --internalurl 'http://'"$KEYSTONE_HOST"':8776/v1/$(tenant_id)s'
		67	keystone endpoint-create --region $KEYSTONE_REGION --service-id $IMAGE_SERVICE --publicurl 'http://'"$KEYSTONE_HOST"':9292/v2' --adminurl 'http://'"$KEYSTONE_HOST"':9292/v2' --internalurl 'http://'"$KEYSTONE_HOST"':9292/v2'
		68	keystone endpoint-create --region $KEYSTONE_REGION --service-id $IDENTITY_SERVICE --publicurl 'http://'"$KEYSTONE_HOST"':5000/v2.0' --adminurl 'http://'"$KEYSTONE_HOST"':35357/v2.0' --internalurl 'http://'"$KEYSTONE_HOST"':5000/v2.0'
		69	keystone endpoint-create --region $KEYSTONE_REGION --service-id $EC2_SERVICE --publicurl 'http://'"$KEYSTONE_HOST"':8773/services/Cloud' --adminurl 'http://'"$KEYSTONE_HOST"':8773/services/Admin' --internalurl 'http://'"$KEYSTONE_HOST"':8773/services/Cloud'
		70	keystone endpoint-create --region $KEYSTONE_REGION --service-id $NETWORK_SERVICE --publicurl 'http://'"$KEYSTONE_HOST"':9696/' --adminurl 'http://'"$KEYSTONE_HOST"':9696/' --internalurl 'http://'"$KEYSTONE_HOST"':9696/'


diff --git a/meta-openstack/recipes-devtools/python/python-keystone/keystone.conf b/meta-openstack/recipes-devtools/python/python-keystone/keystone.conf index c58f3d4..e25af40 100644 --- a/meta-openstack/recipes-devtools/python/python-keystone/keystone.conf +++ b/meta-openstack/recipes-devtools/python/python-keystone/keystone.conf
@@ -1,6 +1,6 @@
1	[DEFAULT]	1	[DEFAULT]
2	# A "shared secret" between keystone and other openstack services	2	# A "shared secret" between keystone and other openstack services
3	# admin_token = ADMIN	3	admin_token=password
4		4
5	# The IP address of the network interface to listen on	5	# The IP address of the network interface to listen on
6	# bind_host = 0.0.0.0	6	# bind_host = 0.0.0.0


diff --git a/meta-openstack/recipes-devtools/python/python-keystone/openrc b/meta-openstack/recipes-devtools/python/python-keystone/openrc new file mode 100644 index 0000000..b189d0e --- /dev/null +++ b/meta-openstack/recipes-devtools/python/python-keystone/openrc
@@ -0,0 +1,6 @@
		1	export OS_TENANT_NAME=admin
		2	export OS_USERNAME=admin
		3	export OS_PASSWORD=password
		4	export OS_AUTH_URL="http://localhost:5000/v2.0/"
		5	export SERVICE_ENDPOINT="http://localhost:35357/v2.0"
		6	export SERVICE_TOKEN=password


diff --git a/meta-openstack/recipes-devtools/python/python-keystone_2013.1.bb b/meta-openstack/recipes-devtools/python/python-keystone_2013.1.bb index efe6fec..5bc772f 100644 --- a/meta-openstack/recipes-devtools/python/python-keystone_2013.1.bb +++ b/meta-openstack/recipes-devtools/python/python-keystone_2013.1.bb
@@ -9,6 +9,8 @@ SRCNAME = "keystone"
9		9
10	SRC_URI = "https://launchpad.net/keystone/grizzly/${PV}/+download/${SRCNAME}-${PV}.tar.gz \	10	SRC_URI = "https://launchpad.net/keystone/grizzly/${PV}/+download/${SRCNAME}-${PV}.tar.gz \
11	file://keystone.conf \	11	file://keystone.conf \
		12	file://identity.sh \
		13	file://openrc \
12	"	14	"
13		15
14	SRC_URI[md5sum] = "f82189cd7e3f0955e32c60e41f4120da"	16	SRC_URI[md5sum] = "f82189cd7e3f0955e32c60e41f4120da"
@@ -18,13 +20,19 @@ S = "${WORKDIR}/${SRCNAME}-${PV}"
18		20
19	inherit setuptools	21	inherit setuptools
20		22
		23	SERVICE_TOKEN = "password"
		24
21	do_install_append() {	25	do_install_append() {
22		26
23	KEYSTONE_CONF_DIR=${D}${sysconfdir}/keystone	27	KEYSTONE_CONF_DIR=${D}${sysconfdir}/keystone
24		28
25	install -d ${KEYSTONE_CONF_DIR}	29	install -d ${KEYSTONE_CONF_DIR}
26		30
		31	sed -e "s:^admin_token=.*:admin_token=${SERVICE_TOKEN}:g" -i ${WORKDIR}/keystone.conf
		32
27	install -m 600 ${WORKDIR}/keystone.conf ${KEYSTONE_CONF_DIR}/	33	install -m 600 ${WORKDIR}/keystone.conf ${KEYSTONE_CONF_DIR}/
		34	install -m 600 ${WORKDIR}/identity.sh ${KEYSTONE_CONF_DIR}/
		35	install -m 600 ${WORKDIR}/openrc ${KEYSTONE_CONF_DIR}/
28	install -m 600 ${S}/etc/logging.conf.sample ${KEYSTONE_CONF_DIR}/logging.conf	36	install -m 600 ${S}/etc/logging.conf.sample ${KEYSTONE_CONF_DIR}/logging.conf
29	install -m 600 ${S}/etc/policy.json ${KEYSTONE_CONF_DIR}/policy.json	37	install -m 600 ${S}/etc/policy.json ${KEYSTONE_CONF_DIR}/policy.json
30		38
@@ -42,6 +50,10 @@ pkg_postinst_${PN} () {
42	sudo -u postgres createdb keystone	50	sudo -u postgres createdb keystone
43	keystone-manage db_sync	51	keystone-manage db_sync
44	keystone-manage pki_setup	52	keystone-manage pki_setup
		53	# quick fix
		54	echo "source /etc/keystone/openrc" > /home/root/.bashrc
		55	sleep 1
		56	bash /etc/keystone/identity.sh
45	}	57	}
46		58
47	FILES_${PN} += "${sysconfdir}/${SRCNAME}/*"	59	FILES_${PN} += "${sysconfdir}/${SRCNAME}/*"