#!/bin/sh
#
# Keystone basic configuration
# Mainly inspired by https://github.com/openstack/keystone/blob/master/tools/sample_data.sh
# Modified by Bilel Msekni / Institut Telecom
#
# Support: openstack@lists.launchpad.net
# License: Apache Software License (ASL) 2.0
#
#LOCAL_IP=10.10.100.51
#ADMIN_PASSWORD=${ADMIN_PASSWORD:-admin_pass}
ADMIN_PASSWORD
=
${
ADMIN_PASSWORD
:-
$OS_PASSWORD
}
#SERVICE_PASSWORD=${SERVICE_PASSWORD:-service_pass}
#export SERVICE_TOKEN="ADMIN"
export
SERVICE_ENDPOINT
=
"http://${LOCAL_IP}:35357/v2.0"
SERVICE_TENANT_NAME
=
${
SERVICE_TENANT_NAME
:-
service
}
get_id
()
{
echo
`
$@ | awk
'/ id / { print $4 }'
`
}
# Tenants
ADMIN_TENANT
=
$(get_id keystone tenant-create --name
=admin
)
SERVICE_TENANT
=
$(get_id keystone tenant-create --name
=
$SERVICE_TENANT_NAME
)
# Users
ADMIN_USER
=
$(get_id keystone user-create --name
=admin --pass
=
"$ADMIN_PASSWORD" --email
=admin@domain.com
)
# Roles
ADMIN_ROLE
=
$(get_id keystone role-create --name
=admin
)
KEYSTONEADMIN_ROLE
=
$(get_id keystone role-create --name
=KeystoneAdmin
)
KEYSTONESERVICE_ROLE
=
$(get_id keystone role-create --name
=KeystoneServiceAdmin
)
# Add Roles to Users in Tenants
keystone user-role-add --user-id
$ADMIN_USER --role-id
$ADMIN_ROLE --tenant-id
$ADMIN_TENANT
keystone user-role-add --user-id
$ADMIN_USER --role-id
$KEYSTONEADMIN_ROLE --tenant-id
$ADMIN_TENANT
keystone user-role-add --user-id
$ADMIN_USER --role-id
$KEYSTONESERVICE_ROLE --tenant-id
$ADMIN_TENANT
# The Member role is used by Horizon and Swift
MEMBER_ROLE
=
$(get_id keystone role-create --name
=Member
)
# Configure service users/roles
NOVA_USER
=
$(get_id keystone user-create --name
=nova --pass
=
"$SERVICE_PASSWORD" --tenant-id
$SERVICE_TENANT --email
=nova@domain.com
)
keystone user-role-add --tenant-id
$SERVICE_TENANT --user-id
$NOVA_USER --role-id
$ADMIN_ROLE
GLANCE_USER
=
$(get_id keystone user-create --name
=glance --pass
=
"$SERVICE_PASSWORD" --tenant-id
$SERVICE_TENANT --email
=glance@domain.com
)
keystone user-role-add --tenant-id
$SERVICE_TENANT --user-id
$GLANCE_USER --role-id
$ADMIN_ROLE
neutron_USER
=
$(get_id keystone user-create --name
=neutron --pass
=
"$SERVICE_PASSWORD" --tenant-id
$SERVICE_TENANT --email
=neutron@domain.com
)
keystone user-role-add --tenant-id
$SERVICE_TENANT --user-id
$neutron_USER --role-id
$ADMIN_ROLE
CINDER_USER
=
$(get_id keystone user-create --name
=cinder --pass
=
"$SERVICE_PASSWORD" --tenant-id
$SERVICE_TENANT --email
=cinder@domain.com
)
keystone user-role-add --tenant-id
$SERVICE_TENANT --user-id
$CINDER_USER --role-id
$ADMIN_ROLE
CEILOMETER_USER
=
$(get_id keystone user-create --name
=ceilometer --pass
=
"$SERVICE_PASSWORD" --tenant-id
$SERVICE_TENANT --email
=ceilometer@domain.com
)
keystone user-role-add --tenant-id
$SERVICE_TENANT --user-id
$CEILOMETER_USER --role-id
$ADMIN_ROLE