blob: db4b4faacd0ec805d0bde49ca3b0330100c3cbe8 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
|
#!/bin/bash
#
# Basic keystone setup as described on:
# https://docs.openstack.org/mitaka/install-guide-ubuntu/keystone-install.html
# https://docs.openstack.org/keystone/pike/install/keystone-install-ubuntu.html
#
# Prerequisites: /etc/postgresql/postgresql-init must be run first to create the DB
#
# After complete you should be able to query keystone with something like the
# following (https://docs.openstack.org/keystone/latest/api_curl_examples.html)
#
#curl -i \
# -H "Content-Type: application/json" \
# -d '
#{ "auth": {
# "identity": {
# "methods": ["password"],
# "password": {
# "user": {
# "name": "%ADMIN_USER%",
# "domain": { "id": "default" },
# "password": "%ADMIN_PASSWORD%"
# }
# }
# }
# }
#}' \
# "http://localhost:5000/v3/auth/tokens" ; echo
# Substitutions setup at do_intall()
DB_USER=%DB_USER%
KEYSTONE_USER=%KEYSTONE_USER%
KEYSTONE_GROUP=%KEYSTONE_GROUP%
CONTROLLER_IP=%CONTROLLER_IP%
ADMIN_USER=%ADMIN_USER%
ADMIN_PASSWORD=%ADMIN_PASSWORD%
ADMIN_ROLE=%ADMIN_ROLE%
# Create the keystone DB and grant the necessary permissions
sudo -u postgres psql -c "CREATE DATABASE keystone" 2> /dev/null
sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE keystone TO ${DB_USER}" 2> /dev/null
keystone-manage db_sync
keystone-manage fernet_setup --keystone-user ${KEYSTONE_USER} --keystone-group ${KEYSTONE_GROUP}
keystone-manage credential_setup --keystone-user ${KEYSTONE_USER} --keystone-group ${KEYSTONE_GROUP}
keystone-manage bootstrap \
--bootstrap-password ${ADMIN_PASSWORD} \
--bootstrap-username ${ADMIN_USER} \
--bootstrap-project-name admin \
--bootstrap-role-name ${ADMIN_ROLE} \
--bootstrap-service-name keystone \
--bootstrap-region-id RegionOne \
--bootstrap-admin-url http://${CONTROLLER_IP}:35357 \
--bootstrap-internal-url http://${CONTROLLER_IP}:5000 \
--bootstrap-public-url http://${CONTROLLER_IP}:5000
#keystone-manage pki_setup --keystone-user=root --keystone-group=daemon
|
