Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- The shell script of initialize keystone:
- #! /bin/sh
- ADMIN_PASSWORD=${ADMIN_PASSWORD:-admin}
- SERVICE_PASSWORD=${SERVICE_PASSWORD:-admin}
- export SERVICE_TOKEN=ADMIN
- export SERVICE_ENDPOINT=http://localhost:35357/v2.0
- SERVICE_TENANT_NAME=${SERVICE_TENANT_NAME:-tenant}
- function get_id () {
- echo `$@ | awk '/ id / { print $4 }'`
- }
- # Tenants
- ADMIN_TENANT=$(get_id keystone tenant-create --name=admin)
- SERVICE_TENANT=$(get_id keystone tenant-create --name=$SERVICE_TENANT_NAME)
- DEMO_TENANT=$(get_id keystone tenant-create --name=demo)
- NEWUSER_TENANT=$(get_id keystone tenant-create --name=newuser)
- INVIS_TENANT=$(get_id keystone tenant-create --name=invisible_to_admin)
- # Users
- ADMIN_USER=$(get_id keystone user-create --name=admin --pass="$ADMIN_PASSWORD" --email=admin@example.com)
- DEMO_USER=$(get_id keystone user-create --name=demo --pass="$ADMIN_PASSWORD" --email=demo@example.com)
- NEWUSER_USER=$(get_id keystone user-create --name=newuser--pass="$ADMIN_PASSWORD" --email=newuser@example.com)
- # Roles
- ADMIN_ROLE=$(get_id keystone role-create --name=admin)
- KEYSTONEADMIN_ROLE=$(get_id keystone role-create --name=KeystoneAdmin)
- KEYSTONESERVICE_ROLE=$(get_id keystone role-create --name=KeystoneServiceAdmin)
- ANOTHER_ROLE=$(get_id keystone role-create --name=anotherrole)
- # Add Roles to Users in Tenants
- keystone user-role-add --user $ADMIN_USER --role $ADMIN_ROLE --tenant_id $ADMIN_TENANT
- keystone user-role-add --user $ADMIN_USER --role $ADMIN_ROLE --tenant_id $DEMO_TENANT
- keystone user-role-add --user $DEMO_USER --role $ANOTHER_ROLE --tenant_id $DEMO_TENANT
- keystone user-role-add --user $NEWUSER_USER --role $ANOTHER_ROLE --tenant_id $NEWUSER_TENANT
- # TODO(termie): these two might be dubious
- keystone user-role-add --user $ADMIN_USER --role $KEYSTONEADMIN_ROLE --tenant_id $ADMIN_TENANT
- keystone user-role-add --user $ADMIN_USER --role $KEYSTONESERVICE_ROLE --tenant_id $ADMIN_TENANT
- # The Member role is used by Horizon and Swift so we need to keep it:
- MEMBER_ROLE=$(get_id keystone role-create --name=Member)
- keystone user-role-add --user $DEMO_USER --role $MEMBER_ROLE --tenant_id $DEMO_TENANT
- keystone user-role-add --user $DEMO_USER --role $MEMBER_ROLE --tenant_id $INVIS_TENANT
- keystone user-role-add --user $NEWUSER_USER --role $MEMBER_ROLE --tenant_id $NEWUSER_TENANT
- NOVA_USER=$(get_id keystone user-create --name=nova --pass="$SERVICE_PASSWORD" --tenant_id $SERVICE_TENAN
- T --email=nova@example.com)
- keystone user-role-add --tenant_id $SERVICE_TENANT --user $NOVA_USER --role $ADMIN_ROLE
- GLANCE_USER=$(get_id keystone user-create --name=glance --pass="$SERVICE_PASSWORD" --tenant_id $SERVICE_TENANT --email=glance@example.com)
- keystone user-role-add --tenant_id $SERVICE_TENANT --user $GLANCE_USER --role $ADMIN_ROLE
- SWIFT_USER=$(get_id keystone user-create --name=swift --pass="$SERVICE_PASSWORD" --tenant_id $SERVICE_TEN
- ANT --email=swift@example.com)
- keystone user-role-add --tenant_id $SERVICE_TENANT --user $SWIFT_USER --role $ADMIN_ROLE
- RESELLER_ROLE=$(get_id keystone role-create --name=ResellerAdmin)
- keystone user-role-add --tenant_id $SERVICE_TENANT --user $NOVA_USER --role $RESELLER_ROLE
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement