Created
January 21, 2014 05:29
-
-
Save ishikawa84g/8534874 to your computer and use it in GitHub Desktop.
・認証を回避して keystone コマンドを実行するための環境変数 SERVICE_TOKEN ・ SERVICE_ENDPOINT はチェックの前に設定してしまうと、無条件で通ってしまうのでチェックした後から設定する。
・SERVICE_TOKEN は grep admin_token /etc/keystone/keystone.conf のものと一致させる
・CEILOMETER と SWIFT は除外している
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # -------- | |
| # Defaults | |
| # -------- | |
| SERVICE_TENANT_NAME=service | |
| ADMIN_ROLE_NAME=admin | |
| ADMIN_TENANT_NAME=admin | |
| DEMO_TENANT_NAME=demo | |
| # SERVIVCE PASSWORD | |
| ADMIN_PASS=YOUR_PASSWORD | |
| DEMO_PASS=YOUR_PASSWORD | |
| NOVA_PASS=YOUR_PASSWORD | |
| GLANCE_PASS=YOUR_PASSWORD | |
| CINDER_PASS=YOUR_PASSWORD | |
| NEUTRON_PASS=YOUR_PASSWORD | |
| # SERVICE USER | |
| ADMIN_USERNAME=admin | |
| DEMO_USERNAME=demo | |
| NOVA_USERNAME=nova | |
| GLANCE_USERNAME=glance | |
| CINDER_USERNAME=cinder | |
| NEUTRON_USERNAME=neutron | |
| # E-MAIL ADDRESS | |
| [email protected] | |
| [email protected] | |
| [email protected] | |
| [email protected] | |
| [email protected] | |
| [email protected] | |
| # SERVICE PROTOCOL | |
| NOVA_PUBLIC_SERVICE_PROTOCOL=http | |
| NOVA_ADMIN_SERVICE_PROTOCOL=http | |
| NOVA_INTERNAL_SERVICE_PROTOCOL=http | |
| EC2_PUBLIC_SERVICE_PROTOCOL=http | |
| EC2_ADMIN_SERVICE_PROTOCOL=http | |
| EC2_INTERNAL_SERVICE_PROTOCOL=http | |
| GLANCE_PUBLIC_SERVICE_PROTOCOL=http | |
| GLANCE_ADMIN_SERVICE_PROTOCOL=http | |
| GLANCE_INTERNAL_SERVICE_PROTOCOL=http | |
| KEYSTONE_PUBLIC_SERVICE_PROTOCOL=http | |
| KEYSTONE_ADMIN_SERVICE_PROTOCOL=http | |
| KEYSTONE_INTERNAL_SERVICE_PROTOCOL=http | |
| CINDER_PUBLIC_SERVICE_PROTOCOL=http | |
| CINDER_ADMIN_SERVICE_PROTOCOL=http | |
| CINDER_INTERNAL_SERVICE_PROTOCOL=http | |
| NEUTRON_PUBLIC_SERVICE_PROTOCOL=http | |
| NEUTRON_ADMIN_SERVICE_PROTOCOL=http | |
| NEUTRON_INTERNAL_SERVICE_PROTOCOL=http | |
| # SERVICE PORT | |
| NOVA_COMPUTE_PORT=8774 | |
| EC2_PORT=8773 | |
| GLANCE_API_PORT=9292 | |
| KEYSTONE_PUBLIC_PORT=5000 | |
| KEYSTONE_ADMIN_PORT=35357 | |
| NEUTRON_PORT=9696 | |
| CINDER_PORT=8776 | |
| # IDENTITY | |
| IDENTITY_API_VERSION=v2.0 | |
| REGION=RegionOne | |
| # SERVICE HOST ADDRESS | |
| NOVA_PUBLIC_SERVICE_HOST=public.2done.org | |
| NOVA_ADMIN_SERVICE_HOST=private.2done.org | |
| NOVA_INTERNAL_SERVICE_HOST=private.2done.org | |
| EC2_PUBLIC_SERVICE_HOST=public.2done.org | |
| EC2_ADMIN_SERVICE_HOST=private.2done.org | |
| EC2_INTERNAL_SERVICE_HOST=private.2done.org | |
| GLANCE_PUBLIC_SERVICE_HOST=public.2done.org | |
| GLANCE_ADMIN_SERVICE_HOST=private.2done.org | |
| GLANCE_INTERNAL_SERVICE_HOST=private.2done.org | |
| KEYSTONE_PUBLIC_SERVICE_HOST=public.2done.org | |
| KEYSTONE_ADMIN_SERVICE_HOST=private.2done.org | |
| KEYSTONE_INTERNAL_SERVICE_HOST=private.2done.org | |
| CINDER_PUBLIC_SERVICE_HOST=public.2done.org | |
| CINDER_ADMIN_SERVICE_HOST=private.2done.org | |
| CINDER_INTERNAL_SERVICE_HOST=private.2done.org | |
| NEUTRON_PUBLIC_SERVICE_HOST=public.2done.org | |
| NEUTRON_ADMIN_SERVICE_HOST=private.2done.org | |
| NEUTRON_INTERNAL_SERVICE_HOST=private.2done.org | |
| #------------ | |
| # Check @ 既にユーザがあり認証が通る場合はここで処理を終了する | |
| #------------ | |
| /usr/bin/keystone --os-username=${ADMIN_USERNAME} --os-tenant-name=${ADMIN_TENANT_NAME} --os-password=${ADMIN_PASS} --os-auth-url=http://localhost:5000/v2.0 tenant-list | |
| RET=`echo $?` | |
| if [ ${RET} -eq 0 ] | |
| then | |
| exit 0 | |
| fi | |
| export SERVICE_TOKEN=ad5f1232-ef23-4e7e-bd01-f1e0e9b00d72 | |
| export SERVICE_ENDPOINT=http://localhost:35357/v2.0 | |
| # ------------ | |
| # Function | |
| # ------------ | |
| function get_id () { | |
| echo `"$@" | awk '/ id / { print \$4 }'` | |
| } | |
| # -------------------------------------- | |
| # Admin | |
| # -------------------------------------- | |
| ADMIN_TENANT=$(get_id keystone tenant-create --name ${ADMIN_TENANT_NAME}) | |
| ADMIN_ROLE=$(get_id keystone role-create --name ${ADMIN_ROLE_NAME}) | |
| ADMIN_USER=$(get_id keystone user-create --name ${ADMIN_USERNAME} --pass "${ADMIN_PASS}" --email ${ADMIN_EMAIL}) | |
| keystone user-role-add --user-id ${ADMIN_USER} --role-id ${ADMIN_ROLE} --tenant-id ${ADMIN_TENANT} | |
| # -------------------------------------- | |
| # demo | |
| # -------------------------------------- | |
| MEMBER_ROLE=$(keystone role-list | awk "/ _member_ / { print \$2 }") | |
| DEMO_TENANT=$(get_id keystone tenant-create --name ${DEMO_TENANT_NAME}) | |
| DEMO_USER=$(get_id keystone user-create --name ${DEMO_USERNAME} --pass "${DEMO_PASS}" --email ${DEMO_EMAIL}) | |
| keystone user-role-add --user-id ${DEMO_USER} --role-id ${MEMBER_ROLE} --tenant-id ${DEMO_TENANT} | |
| keystone user-role-add --user-id ${ADMIN_USER} --role-id ${ADMIN_ROLE} --tenant-id ${DEMO_TENANT} | |
| # -------------------------------------- | |
| # Service | |
| # -------------------------------------- | |
| SERVICE_TENANT=$(get_id keystone tenant-create --name ${SERVICE_TENANT_NAME}) | |
| # -------------------------------------- | |
| # Services | |
| # -------------------------------------- | |
| NOVA_SERVICE=$(get_id keystone service-create --name=nova --type=compute --description="Nova Compute Service") | |
| NOVA_V3_SERVICE=$(get_id keystone service-create --name=nova --type=computev3 --description="Nova Compute Service V3") | |
| EC2_SERVICE=$(get_id keystone service-create --name=ec2 --type=ec2 --description="EC2 Compatibility Layer") | |
| GLANCE_SERVICE=$(get_id keystone service-create --name=glance --type=image --description="Glance Image Service") | |
| KEYSTONE_SERVICE=$(get_id keystone service-create --name keystone --type identity --description "Keystone Identity Service") | |
| CINDER_SERVICE=$(get_id keystone service-create --name=cinder --type=volume --description="Cinder Volume Service") | |
| CINDER_V2_SERVICE=$(get_id keystone service-create --name=cinder --type=volumev2 --description="Cinder Volume Service V2") | |
| NEUTRON_SERVICE=$(get_id keystone service-create --name=neutron --type=network --description="Neutron Service") | |
| # -------------------------------------- | |
| # Service Users | |
| # -------------------------------------- | |
| NOVA_USER=$(get_id keystone user-create --name ${NOVA_USERNAME} --pass "${NOVA_PASS}" --tenant_id ${SERVICE_TENANT} --email ${NOVA_EMAIL}) | |
| GLANCE_USER=$(get_id keystone user-create --name ${GLANCE_USERNAME} --pass "${GLANCE_PASS}" --tenant_id ${SERVICE_TENANT} --email ${GLANCE_EMAIL}) | |
| CINDER_USER=$(get_id keystone user-create --name ${CINDER_USERNAME} --pass "${CINDER_PASS}" --tenant_id ${SERVICE_TENANT} --email ${CINDER_EMAIL}) | |
| NEUTRON_USER=$(get_id keystone user-create --name ${NEUTRON_USERNAME} --pass "${NEUTRON_PASS}" --tenant_id ${SERVICE_TENANT} --email ${NEUTRON_EMAIL}) | |
| # -------------------------------------- | |
| # User role add | |
| # -------------------------------------- | |
| keystone user-role-add --tenant-id ${SERVICE_TENANT} --role-id ${ADMIN_ROLE} --user-id ${NOVA_USER} | |
| keystone user-role-add --tenant-id ${SERVICE_TENANT} --role-id ${ADMIN_ROLE} --user-id ${GLANCE_USER} | |
| keystone user-role-add --tenant-id ${SERVICE_TENANT} --role-id ${ADMIN_ROLE} --user-id ${CINDER_USER} | |
| keystone user-role-add --tenant-id ${SERVICE_TENANT} --role-id ${ADMIN_ROLE} --user-id ${NEUTRON_USER} | |
| # -------------------------------------- | |
| # Endpoints | |
| # -------------------------------------- | |
| keystone endpoint-create \ | |
| --region ${REGION} \ | |
| --service_id ${NOVA_SERVICE} \ | |
| --publicurl "${NOVA_PUBLIC_SERVICE_PROTOCOL}://${NOVA_PUBLIC_SERVICE_HOST}:${NOVA_COMPUTE_PORT}/v2/\$(tenant_id)s" \ | |
| --adminurl "${NOVA_ADMIN_SERVICE_PROTOCOL}://${NOVA_ADMIN_SERVICE_HOST}:${NOVA_COMPUTE_PORT}/v2/\$(tenant_id)s" \ | |
| --internalurl "${NOVA_INTERNAL_SERVICE_PROTOCOL}://${NOVA_INTERNAL_SERVICE_HOST}:${NOVA_COMPUTE_PORT}/v2/\$(tenant_id)s" | |
| keystone endpoint-create \ | |
| --region ${REGION} \ | |
| --service_id ${NOVA_V3_SERVICE} \ | |
| --publicurl "${NOVA_PUBLIC_SERVICE_PROTOCOL}://${NOVA_PUBLIC_SERVICE_HOST}:${NOVA_COMPUTE_PORT}/v3" \ | |
| --adminurl "${NOVA_ADMIN_SERVICE_PROTOCOL}://${NOVA_ADMIN_SERVICE_HOST}:${NOVA_COMPUTE_PORT}/v3" \ | |
| --internalurl "${NOVA_INTERNAL_SERVICE_PROTOCOL}://${NOVA_INTERNAL_SERVICE_HOST}:${NOVA_COMPUTE_PORT}/v3" | |
| keystone endpoint-create \ | |
| --region ${REGION} \ | |
| --service_id ${EC2_SERVICE} \ | |
| --publicurl "${EC2_PUBLIC_SERVICE_PROTOCOL}://${EC2_PUBLIC_SERVICE_HOST}:${EC2_PORT}/services/Cloud" \ | |
| --adminurl "${EC2_INTERNAL_SERVICE_PROTOCOL}://${EC2_ADMIN_SERVICE_HOST}:${EC2_PORT}/services/Admin" \ | |
| --internalurl "${EC2_ADMIN_SERVICE_PROTOCOL}://${EC2_INTERNAL_SERVICE_HOST}:${EC2_PORT}/services/Cloud" | |
| keystone endpoint-create \ | |
| --region ${REGION} \ | |
| --service_id ${GLANCE_SERVICE} \ | |
| --publicurl "${GLANCE_PUBLIC_SERVICE_PROTOCOL}://${GLANCE_PUBLIC_SERVICE_HOST}:${GLANCE_API_PORT}" \ | |
| --adminurl "${GLANCE_ADMIN_SERVICE_PROTOCOL}://${GLANCE_INTERNAL_SERVICE_HOST}:${GLANCE_API_PORT}" \ | |
| --internalurl "${GLANCE_INTERNAL_SERVICE_PROTOCOL}://${GLANCE_ADMIN_SERVICE_HOST}:${GLANCE_API_PORT}" | |
| keystone endpoint-create \ | |
| --region ${REGION} \ | |
| --service_id ${KEYSTONE_SERVICE} \ | |
| --publicurl "${KEYSTONE_PUBLIC_SERVICE_PROTOCOL}://${KEYSTONE_PUBLIC_SERVICE_HOST}:${KEYSTONE_PUBLIC_PORT}/${IDENTITY_API_VERSION}" \ | |
| --adminurl "${KEYSTONE_ADMIN_SERVICE_PROTOCOL}://${KEYSTONE_INTERNAL_SERVICE_HOST}:${KEYSTONE_ADMIN_PORT}/${IDENTITY_API_VERSION}" \ | |
| --internalurl "${KEYSTONE_INTERNAL_SERVICE_PROTOCOL}://${KEYSTONE_ADMIN_SERVICE_HOST}:${KEYSTONE_PUBLIC_PORT}/${IDENTITY_API_VERSION}" | |
| keystone endpoint-create \ | |
| --region ${REGION} \ | |
| --service_id ${CINDER_SERVICE} \ | |
| --publicurl "${CINDER_PUBLIC_SERVICE_PROTOCOL}://${CINDER_PUBLIC_SERVICE_HOST}:${CINDER_PORT}/v1/\$(tenant_id)s" \ | |
| --adminurl "${CINDER_ADMIN_SERVICE_PROTOCOL}://${CINDER_ADMIN_SERVICE_HOST}:${CINDER_PORT}/v1/\$(tenant_id)s" \ | |
| --internalurl "${CINDER_INTERNAL_SERVICE_PROTOCOL}://${CINDER_INTERNAL_SERVICE_HOST}:${CINDER_PORT}/v1/\$(tenant_id)s" | |
| keystone endpoint-create \ | |
| --region ${REGION} \ | |
| --service_id ${CINDER_V2_SERVICE} \ | |
| --publicurl "${CINDER_PUBLIC_SERVICE_PROTOCOL}://${CINDER_PUBLIC_SERVICE_HOST}:${CINDER_PORT}/v2/\$(tenant_id)s" \ | |
| --adminurl "${CINDER_ADMIN_SERVICE_PROTOCOL}://${CINDER_ADMIN_SERVICE_HOST}:${CINDER_PORT}/v2/\$(tenant_id)s" \ | |
| --internalurl "${CINDER_INTERNAL_SERVICE_PROTOCOL}://${CINDER_INTERNAL_SERVICE_HOST}:${CINDER_PORT}/v2/\$(tenant_id)s" \ | |
| keystone endpoint-create \ | |
| --region ${REGION} \ | |
| --service_id ${NEUTRON_SERVICE} \ | |
| --publicurl "${NEUTRON_PUBLIC_SERVICE_PROTOCOL}://${NEUTRON_PUBLIC_SERVICE_HOST}:${NEUTRON_PORT}" \ | |
| --adminurl "${NEUTRON_ADMIN_SERVICE_PROTOCOL}://${NEUTRON_INTERNAL_SERVICE_HOST}:${NEUTRON_PORT}" \ | |
| --internalurl "${NEUTRON_INTERNAL_SERVICE_PROTOCOL}://${NEUTRON_ADMIN_SERVICE_HOST}:${NEUTRON_PORT}" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment