1
|
#!/bin/bash
|
2
|
|
3
|
# Solo hay que modificar estos parámetros
|
4
|
PASSWORD=calex2010!!
|
5
|
EMAIL=alex@iescierva.net
|
6
|
PUBLIC_IP=172.20.254.190
|
7
|
PRIVATE_IP=172.20.253.190
|
8
|
ADMIN_IP=172.20.253.190
|
9
|
|
10
|
# Creación de tenants, usuarios y roles
|
11
|
|
12
|
keystone tenant-create --name admin
|
13
|
keystone tenant-create --name service
|
14
|
|
15
|
keystone user-create --name admin --pass $PASSWORD --email $EMAIL
|
16
|
keystone user-create --name nova --pass $PASSWORD --email $EMAIL
|
17
|
keystone user-create --name glance --pass $PASSWORD --email $EMAIL
|
18
|
keystone user-create --name swift --pass $PASSWORD --email $EMAIL
|
19
|
|
20
|
keystone role-create --name admin
|
21
|
keystone role-create --name Member
|
22
|
|
23
|
ADMIN_TENANT=`keystone tenant-list | grep admin | tr -d " " | awk -F \| ' { print $2 }'`
|
24
|
SERVICE_TENANT=`keystone tenant-list | grep service | tr -d " " | awk -F \| ' { print $2 }'`
|
25
|
|
26
|
ADMIN_ROLE=`keystone role-list | grep admin | tr -d " " | awk -F \| ' { print $2 }'`
|
27
|
MEMBER_ROLE=`keystone role-list | grep Member | tr -d " " | awk -F \| ' { print $2 }'`
|
28
|
|
29
|
ADMIN_USER=`keystone user-list | grep admin | tr -d " " | awk -F \| ' { print $2 }'`
|
30
|
|
31
|
# Añadimos el rol admin al usuario admin en el tenant admin
|
32
|
keystone user-role-add --user $ADMIN_USER --role $ADMIN_ROLE --tenant_id $ADMIN_TENANT
|
33
|
|
34
|
# Añadimos los roles de admin a los usuarios nova, glance y swift en el tenant service.
|
35
|
USERS=`keystone user-list | grep True | grep -v admin | tr -d " " | awk -F \| ' { print $2 } '`
|
36
|
|
37
|
for USER_ID in $USERS
|
38
|
do
|
39
|
keystone user-role-add --user $USER_ID --role $ADMIN_ROLE --tenant_id $SERVICE_TENANT
|
40
|
done
|
41
|
|
42
|
# Añadimos también el rol Member al usuario admin en el tenant admin
|
43
|
keystone user-role-add --user $ADMIN_USER --role $MEMBER_ROLE --tenant_id $ADMIN_TENANT
|
44
|
|
45
|
# Creamos los servicios
|
46
|
keystone service-create --name nova --type compute --description "OpenStack Compute Service"
|
47
|
keystone service-create --name volume --type volume --description "OpenStack Volume Service"
|
48
|
keystone service-create --name glance --type image --description "OpenStack Image Service"
|
49
|
keystone service-create --name swift --type object-store --description "OpenStack Storage Service"
|
50
|
keystone service-create --name keystone --type identity --description "OpenStack Identity Service"
|
51
|
keystone service-create --name ec2 --type ec2 --description "OpenStack EC2 Service"
|
52
|
|
53
|
# Creamos los endpoints
|
54
|
for service in nova volume glance swift keystone ec2
|
55
|
do
|
56
|
ID=`keystone service-list | grep $service | tr -d " " | awk -F \| ' { print $2 } '`
|
57
|
case $service in
|
58
|
"nova" ) keystone endpoint-create --region myregion --service_id $ID \
|
59
|
--publicurl "http://$PUBLIC_IP"':8774/v2/$(tenant_id)s' \
|
60
|
--adminurl "http://$ADMIN_IP"':8774/v2/$(tenant_id)s' \
|
61
|
--internalurl "http://$PRIVATE_IP"':8774/v2/$(tenant_id)s'
|
62
|
;;
|
63
|
"volume" ) keystone endpoint-create --region myregion --service_id $ID \
|
64
|
--publicurl "http://$PUBLIC_IP"':8776/v1/$(tenant_id)s' \
|
65
|
--adminurl "http://$ADMIN_IP"':8776/v1/$(tenant_id)s' \
|
66
|
--internalurl "http://$PRIVATE_IP"':8776/v1/$(tenant_id)s'
|
67
|
;;
|
68
|
"glance" ) keystone endpoint-create --region myregion --service_id $ID \
|
69
|
--publicurl "http://$PUBLIC_IP"':9292/v1' \
|
70
|
--adminurl "http://$ADMIN_IP"':9292/v1' \
|
71
|
--internalurl "http://$PRIVATE_IP"':9292/v1'
|
72
|
;;
|
73
|
"swift" ) keystone endpoint-create --region myregion --service_id $ID \
|
74
|
--publicurl "http://$PUBLIC_IP"':8080/v1/AUTH_$(tenant_id)s' \
|
75
|
--adminurl "http://$ADMIN_IP"':8080/v1' \
|
76
|
--internalurl "http://$PRIVATE_IP"':8080/v1/AUTH_$(tenant_id)s'
|
77
|
;;
|
78
|
"keystone" ) keystone endpoint-create --region myregion --service_id $ID \
|
79
|
--publicurl "http://$PUBLIC_IP"':5000/v2.0' \
|
80
|
--adminurl "http://$ADMIN_IP"':35357/v2.0' \
|
81
|
--internalurl "http://$PRIVATE_IP"':5000/v2.0'
|
82
|
;;
|
83
|
"ec2" ) keystone endpoint-create --region myregion --service_id $ID \
|
84
|
--publicurl "http://$PUBLIC_IP"':8773/services/Cloud' \
|
85
|
--adminurl "http://$ADMIN_IP"':8773/services/Admin' \
|
86
|
--internalurl "http://$PRIVATE_IP"':8773/services/Cloud'
|
87
|
;;
|
88
|
esac
|
89
|
done
|
90
|
|
91
|
|
92
|
|
93
|
|
94
|
|
95
|
|
96
|
|