Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Move keystone to seperate machine.

  • Loading branch information...
commit 4294ed3ee4ae39a88195682a839058fed0a8040e 1 parent 82026d1
@guanxiaohua2k6 guanxiaohua2k6 authored
Showing with 79 additions and 125 deletions.
  1. +4 −0 softwares/glance_e/data.yml
  2. +2 −2 softwares/glance_e/puppet/manifests/glance/test.pp
  3. +4 −4 softwares/glance_e/puppet/{files/test.sh → templates/test.sh.erb}
  4. +3 −3 softwares/glance_e/templates/glance-api-paste.ini.erb
  5. +5 −5 softwares/glance_e/templates/glance-api.conf.erb
  6. +3 −3 softwares/glance_e/templates/glance-registry-paste.ini.erb
  7. +10 −49 softwares/keystone_e/data.yml
  8. +2 −2 softwares/keystone_e/puppet/manifests/keystone/install.pp
  9. +2 −2 softwares/keystone_e/puppet/manifests/keystone/test.pp
  10. +12 −10 softwares/keystone_e/puppet/{files/keystone-init.sh → templates/keystone-init.sh.erb}
  11. +1 −1  softwares/keystone_e/puppet/{files/test.sh → templates/test.sh.erb}
  12. +15 −15 softwares/keystone_e/templates/default_catalog.templates.erb
  13. +3 −1 softwares/nova_e/data.yml
  14. +2 −2 softwares/nova_e/puppet/manifests/nova_api/test.pp
  15. +0 −14 softwares/nova_e/puppet/templates/openstack-dashboard.conf.erb
  16. +5 −6 softwares/nova_e/puppet/{files/test.sh → templates/test.sh.erb}
  17. +3 −3 softwares/nova_e/templates/api-paste.ini.erb
  18. +1 −1  softwares/nova_e/templates/local_settings.py.erb
  19. +2 −2 softwares/nova_e/templates/nova.conf.erb
View
4 softwares/glance_e/data.yml
@@ -12,6 +12,10 @@ config_item_defaults:
value: admin
- name: admin_password
value: admin
+ - name: keystone
+ value: localhost
+ - name: swift_proxy
+ value: localhost
component_config_defaults:
View
4 softwares/glance_e/puppet/manifests/glance/test.pp
@@ -2,11 +2,11 @@
file {
"/var/lib/glance/test.sh":
alias => "test.sh",
- source => "puppet:///modules/glance_e/test.sh"
+ content => template("glance_e/test.sh.erb")
}
exec {
- "/var/lib/glance/test.sh $admin_tenant_name $admin_user $admin_password 2>&1":
+ "/var/lib/glance/test.sh 2>&1":
alias => "test.sh",
require => File["test.sh"]
}
View
8 softwares/glance_e/puppet/files/test.sh → ...res/glance_e/puppet/templates/test.sh.erb
@@ -33,10 +33,10 @@ if [ $pid1 != $pid2 ]; then
exit 1
fi
-export OS_TENANT_NAME=$1
-export OS_USERNAME=$2
-export OS_PASSWORD=$3
-export OS_AUTH_URL="http://localhost:5000/v2.0/"
+export OS_TENANT_NAME="<%= admin_tenant_name %>"
+export OS_USERNAME="<%= admin_user %>"
+export OS_PASSWORD="<%= admin_password %>"
+export OS_AUTH_URL="http://<%= keystone %>:5000/v2.0/"
glance index
if [ $? != 0 ]; then
View
6 softwares/glance_e/templates/glance-api-paste.ini.erb
@@ -65,12 +65,12 @@ glance.filter_factory = glance.common.context:ContextMiddleware
[filter:authtoken]
paste.filter_factory = keystone.middleware.auth_token:filter_factory
service_protocol = http
-service_host = 127.0.0.1
+service_host = <%= keystone %>
service_port = 5000
-auth_host = 127.0.0.1
+auth_host = <%= keystone %>
auth_port = 35357
auth_protocol = http
-auth_uri = http://127.0.0.1:5000/
+auth_uri = http://<%= keystone %>:5000/
admin_tenant_name = <%= admin_tenant_name %>
admin_user = <%= admin_user %>
admin_password = <%= admin_password %>
View
10 softwares/glance_e/templates/glance-api.conf.erb
@@ -132,30 +132,30 @@ filesystem_store_datadir = /var/lib/glance/images/
# Version of the authentication service to use
# Valid versions are '2' for keystone and '1' for swauth and rackspace
-swift_store_auth_version = 2
+swift_store_auth_version = 1
# Address where the Swift authentication service lives
# Valid schemes are 'http://' and 'https://'
# If no scheme specified, default to 'https://'
# For swauth, use something like '127.0.0.1:8080/v1.0/'
-swift_store_auth_address = 127.0.0.1:35357/v2.0/
+swift_store_auth_address = <%= swift_proxy %>:8080/auth/v1.0/
# User to authenticate against the Swift authentication service
# If you use Swift authentication service, set it to 'account':'user'
# where 'account' is a Swift storage account and 'user'
# is a user in that account
-swift_store_user = jdoe:jdoe
+swift_store_user = system:root
# Auth key for the user authenticating against the
# Swift authentication service
-swift_store_key = a86850deb2742ec3cb41518e26aa2d89
+swift_store_key = testpass
# Container within the account that the account should use
# for storing images in Swift
swift_store_container = glance
# Do we create the container if it does not exist?
-swift_store_create_container_on_put = False
+swift_store_create_container_on_put = True
# What size, in MB, should Glance start chunking image files
# and do a large object manifest in Swift? By default, this is
View
6 softwares/glance_e/templates/glance-registry-paste.ini.erb
@@ -22,12 +22,12 @@ glance.filter_factory = glance.common.context:ContextMiddleware
[filter:authtoken]
paste.filter_factory = keystone.middleware.auth_token:filter_factory
service_protocol = http
-service_host = 127.0.0.1
+service_host = <%= keystone %>
service_port = 5000
-auth_host = 127.0.0.1
+auth_host = <%= keystone %>
auth_port = 35357
auth_protocol = http
-auth_uri = http://127.0.0.1:5000/
+auth_uri = http://<%= keystone %>:5000/
admin_tenant_name = <%= admin_tenant_name %>
admin_user = <%= admin_user %>
admin_password = <%= admin_password %>
View
59 softwares/keystone_e/data.yml
@@ -1,70 +1,31 @@
-# Description of the software, such as the following example.
-#
-#description: openstack nova diablo
description: openstack essex keystone
-# Components of the software, such as the following example.
-#
-#components:
-# - name: nova_compute
-# - name: nova_api
components:
- name: keystone
-# Dependencies of components, such as the following example.
-#
-#component_dependencies:
-# # nova_compute will depend on nova_api when installing.
-# # operation's default value is install.
-# - source_component: nova_compute
-# dest_component: nova_api
-# # nova_compute will depend on nova_api when uninstalling.
-# - source_component: nova_compute
-# dest_component: nova_api
-# operation: uninstall
component_dependencies:
-# Default values of config items, such as the following example.
-#
-#config_item_defaults:
-# # The default value of config item libvirt_type is qemu.
-# - name: libvirt_type
-# value: qemu
-# # The default value of config item user is admin.
-# - name: user
-# value: admin
config_item_defaults:
- name: admin_token
value: ADMIN
+ - name: admin_tenant_name
+ value: admin
+ - name: admin_user
+ value: admin
- name: admin_password
value: admin
- - name: service_password
- value: service
+ - name: admin_email
+ value: admin@nii.ac.jp
+ - name: nova_api
+ value: localhost
+ - name: glance
+ value: localhost
-# Default contents of component config files, such as the following example.
-#
-#component_config_defaults:
-# # The default content of config file /etc/nova/nova-compute.conf
-# # for component nova_compute will be defined at
-# # $home/softwares/$software/templates/nova-compute.conf.erb
-# - path: /etc/nova/nova-compute.conf
-# component: nova_compute
component_config_defaults:
-# Default contents of software config files, such as the following example.
-#
-#software_config_defaults:
-# # The default content of config file /etc/nova/nova.conf for the software
-# # will be defined at $home/softwares/$software/templates/nova.conf.erb.
-# - path: /etc/nova/nova.conf
software_config_defaults:
- path: /etc/keystone/keystone.conf
- path: /etc/keystone/default_catalog.templates
-# The component which is installed on a node where a test script will be executed.
-#
-#test_components:
-# # The test will be done on the node where nova_api is installed.
-# - component: nova_api
test_components:
- component: keystone
View
4 softwares/keystone_e/puppet/manifests/keystone/install.pp
@@ -17,7 +17,7 @@
require => Package[keystone, python-keystone];
"/var/lib/keystone/keystone-init.sh":
- source => "puppet:///modules/keystone_e/keystone-init.sh",
+ content => template("keystone_e/keystone-init.sh.erb"),
require => Exec[restart_keystone];
}
@@ -26,7 +26,7 @@
alias => "restart_keystone",
require => File["keystone", "default_catalog"];
- "/var/lib/keystone/keystone-init.sh $admin_password $admin_token $service_password":
+ "/var/lib/keystone/keystone-init.sh":
require => File["/var/lib/keystone/keystone-init.sh"];
}
}
View
4 softwares/keystone_e/puppet/manifests/keystone/test.pp
@@ -2,11 +2,11 @@
file {
"/var/lib/keystone/test.sh":
alias => "test.sh",
- source => "puppet:///modules/keystone_e/test.sh"
+ content => template("keystone_e/test.sh.erb")
}
exec {
- "/var/lib/keystone/test.sh $admin_password 2>&1":
+ "/var/lib/keystone/test.sh 2>&1":
require => File["test.sh"],
}
}
View
22 .../keystone_e/puppet/files/keystone-init.sh → ...e_e/puppet/templates/keystone-init.sh.erb
@@ -20,34 +20,37 @@
# ENABLED_SERVICES - stack.sh's list of services to start
# DEVSTACK_DIR - Top-level DevStack directory
-ADMIN_PASSWORD=$1
-SERVICE_PASSWORD=$3
-export SERVICE_TOKEN=$2
-export SERVICE_ENDPOINT="http://localhost:35357/v2.0"
-SERVICE_TENANT_NAME=${SERVICE_TENANT_NAME:-service}
+ADMIN_TENANT_NAME=<%= admin_tenant_name %>
+ADMIN_USER_NAME=<%= admin_user %>
+ADMIN_PASSWORD=<%= admin_password %>
+ADMIN_EMAIL=<%= admin_email %>
+export SERVICE_TOKEN=<%= admin_token %>
+export SERVICE_ENDPOINT="http://127.0.0.1:35357/v2.0"
+SERVICE_TENANT_NAME="service"
+SERVICE_PASSWORD="service"
function get_id () {
echo `$@ | awk '/ id / { print $4 }'`
}
# Tenants
-ADMIN_TENANT=$(get_id keystone tenant-create --name=admin)
+ADMIN_TENANT=$(get_id keystone tenant-create --name=$ADMIN_TENANT_NAME)
SERVICE_TENANT=$(get_id keystone tenant-create --name=$SERVICE_TENANT_NAME)
DEMO_TENANT=$(get_id keystone tenant-create --name=demo)
INVIS_TENANT=$(get_id keystone tenant-create --name=invisible_to_admin)
# Users
-ADMIN_USER=$(get_id keystone user-create --name=admin \
+ADMIN_USER=$(get_id keystone user-create --name=$ADMIN_USER_NAME \
--pass="$ADMIN_PASSWORD" \
- --email=admin@nii.ac.jp)
+ --email=$ADMIN_EMAIL)
DEMO_USER=$(get_id keystone user-create --name=demo \
--pass="$ADMIN_PASSWORD" \
--email=demo@nii.ac.jp)
# Roles
-ADMIN_ROLE=$(get_id keystone role-create --name=admin)
+ADMIN_ROLE=$(get_id keystone role-create --name=$ADMIN_USER_NAME)
KEYSTONEADMIN_ROLE=$(get_id keystone role-create --name=KeystoneAdmin)
KEYSTONESERVICE_ROLE=$(get_id keystone role-create --name=KeystoneServiceAdmin)
# ANOTHER_ROLE demonstrates that an arbitrary role may be created and used
@@ -60,7 +63,6 @@ keystone user-role-add --user $ADMIN_USER --role $ADMIN_ROLE --tenant_id $ADMIN_
keystone user-role-add --user $ADMIN_USER --role $ADMIN_ROLE --tenant_id $DEMO_TENANT
keystone user-role-add --user $DEMO_USER --role $ANOTHER_ROLE --tenant_id $DEMO_TENANT
-# TODO(termie): these two might be dubious
keystone user-role-add --user $ADMIN_USER --role $KEYSTONEADMIN_ROLE --tenant_id $ADMIN_TENANT
keystone user-role-add --user $ADMIN_USER --role $KEYSTONESERVICE_ROLE --tenant_id $ADMIN_TENANT
View
2  softwares/keystone_e/puppet/files/test.sh → ...s/keystone_e/puppet/templates/test.sh.erb
@@ -17,7 +17,7 @@ if [ $pid1 != $pid2 ]; then
exit 1
fi
-output=`keystone --tenant=admin --username=admin --password=$1 --auth_url=http://127.0.0.1:5000/v2.0 user-list`
+output=`keystone --tenant=<%= admin_tenant_name %> --username=<%= admin_user %> --password=<%= admin_password %> --auth_url=http://127.0.0.1:5000/v2.0 user-list`
for user in admin glance nova demo
do
View
30 softwares/keystone_e/templates/default_catalog.templates.erb
@@ -1,27 +1,27 @@
# config for TemplatedCatalog, using camelCase because I don't want to do
# translations for keystone compat
-catalog.RegionOne.identity.publicURL = http://localhost:$(public_port)s/v2.0
-catalog.RegionOne.identity.adminURL = http://localhost:$(admin_port)s/v2.0
-catalog.RegionOne.identity.internalURL = http://localhost:$(public_port)s/v2.0
+catalog.RegionOne.identity.publicURL = http://<%= keystone %>:$(public_port)s/v2.0
+catalog.RegionOne.identity.adminURL = http://<%= keystone %>:$(admin_port)s/v2.0
+catalog.RegionOne.identity.internalURL = http://<%= keystone %>:$(public_port)s/v2.0
catalog.RegionOne.identity.name = Identity Service
# fake compute service for now to help novaclient tests work
-catalog.RegionOne.compute.publicURL = http://localhost:$(compute_port)s/v1.1/$(tenant_id)s
-catalog.RegionOne.compute.adminURL = http://localhost:$(compute_port)s/v1.1/$(tenant_id)s
-catalog.RegionOne.compute.internalURL = http://localhost:$(compute_port)s/v1.1/$(tenant_id)s
+catalog.RegionOne.compute.publicURL = http://<%= nova_api %>:$(compute_port)s/v1.1/$(tenant_id)s
+catalog.RegionOne.compute.adminURL = http://<%= nova_api %>:$(compute_port)s/v1.1/$(tenant_id)s
+catalog.RegionOne.compute.internalURL = http://<%= nova_api %>:$(compute_port)s/v1.1/$(tenant_id)s
catalog.RegionOne.compute.name = Compute Service
-catalog.RegionOne.volume.publicURL = http://localhost:8776/v1/$(tenant_id)s
-catalog.RegionOne.volume.adminURL = http://localhost:8776/v1/$(tenant_id)s
-catalog.RegionOne.volume.internalURL = http://localhost:8776/v1/$(tenant_id)s
+catalog.RegionOne.volume.publicURL = http://<%= nova_api %>:8776/v1/$(tenant_id)s
+catalog.RegionOne.volume.adminURL = http://<%= nova_api %>:8776/v1/$(tenant_id)s
+catalog.RegionOne.volume.internalURL = http://<%= nova_api %>:8776/v1/$(tenant_id)s
catalog.RegionOne.volume.name = Volume Service
-catalog.RegionOne.ec2.publicURL = http://localhost:8773/services/Cloud
-catalog.RegionOne.ec2.adminURL = http://localhost:8773/services/Admin
-catalog.RegionOne.ec2.internalURL = http://localhost:8773/services/Cloud
+catalog.RegionOne.ec2.publicURL = http://<%= nova_api %>:8773/services/Cloud
+catalog.RegionOne.ec2.adminURL = http://<%= nova_api %>:8773/services/Admin
+catalog.RegionOne.ec2.internalURL = http://<%= nova_api %>:8773/services/Cloud
catalog.RegionOne.ec2.name = EC2 Service
-catalog.RegionOne.image.publicURL = http://localhost:9292/v1
-catalog.RegionOne.image.adminURL = http://localhost:9292/v1
-catalog.RegionOne.image.internalURL = http://localhost:9292/v1
+catalog.RegionOne.image.publicURL = http://<%= glance %>:9292/v1
+catalog.RegionOne.image.adminURL = http://<%= glance %>:9292/v1
+catalog.RegionOne.image.internalURL = http://<%= glance %>:9292/v1
catalog.RegionOne.image.name = Image Service
View
4 softwares/nova_e/data.yml
@@ -46,7 +46,9 @@ config_item_defaults:
value: admin
- name: admin_password
value: admin
- - name: glance_host
+ - name: glance
+ value: localhost
+ - name: keystone
value: localhost
component_config_defaults:
View
4 softwares/nova_e/puppet/manifests/nova_api/test.pp
@@ -4,7 +4,7 @@
file {
"/var/lib/nova/test.sh":
alias => "test.sh",
- source => "puppet:///modules/nova_e/test.sh";
+ content => template("nova_e/test.sh.erb");
"/var/lib/nova/$image_file_name":
alias => "$image_file_name",
@@ -12,7 +12,7 @@
}
exec {
- "/var/lib/nova/test.sh $image_file_name $nova_objectstore $admin_tenant_name $admin_user $admin_password 2>&1":
+ "/var/lib/nova/test.sh $image_file_name 2>&1":
alias => "test.sh",
require => File["test.sh", "$image_file_name"];
}
View
14 softwares/nova_e/puppet/templates/openstack-dashboard.conf.erb
@@ -1,14 +0,0 @@
-description "Openstack Dashboard Server"
-author "Xiaohua Guan <guanxiaohua2k6@gmail.com>"
-
-start on (local-filesystems and net-device-up IFACE!=lo)
-stop on runlevel [016]
-
-respawn
-
-script
-
-cd <%= dashboard_home %>
-tools/with_venv.sh dashboard/manage.py runserver --noreload 0.0.0.0:<%= dashboard_port %> >> dashboard.log 2>&1
-
-end script
View
11 softwares/nova_e/puppet/files/test.sh → ...wares/nova_e/puppet/templates/test.sh.erb
@@ -26,12 +26,11 @@ if [ "`which nova-manage`" = "" ]; then
fi
image_file="$1"
-nova_objectstore="$2"
-export OS_TENANT_NAME=$3
-export OS_USERNAME=$4
-export OS_PASSWORD=$5
-export OS_AUTH_URL="http://localhost:5000/v2.0/"
+export OS_TENANT_NAME="<%= admin_tenant_name %>"
+export OS_USERNAME="<%= admin_user %>"
+export OS_PASSWORD="<%= admin_password %>"
+export OS_AUTH_URL="http://<%= keystone %>:5000/v2.0/"
nova x509-create-cert
nova x509-get-root-cert
@@ -44,7 +43,7 @@ export EC2_USER_ID=$(echo "$CREDS" | awk '/ user_id / { print $4 }')
export EC2_CERT="$HOME/cert.pem"
export EC2_PRIVATE_KEY="$HOME/pk.pem"
export EUCALYPTUS_CERT="$HOME/cacert.pem"
-export S3_URL="http://$nova_objectstore:3333"
+export S3_URL="http://<%= nova_objectstore %>:3333"
rm novarc
View
6 softwares/nova_e/templates/api-paste.ini.erb
@@ -144,12 +144,12 @@ paste.filter_factory = nova.api.auth:NovaKeystoneContext.factory
[filter:authtoken]
paste.filter_factory = keystone.middleware.auth_token:filter_factory
service_protocol = http
-service_host = 127.0.0.1
+service_host = <%= keystone %>
service_port = 5000
-auth_host = 127.0.0.1
+auth_host = <%= keystone %>
auth_port = 35357
auth_protocol = http
-auth_uri = http://127.0.0.1:5000/
+auth_uri = http://<%= keystone %>:5000/
admin_tenant_name = <%= admin_tenant_name %>
admin_user = <%= admin_user %>
admin_password = <%= admin_password %>
View
2  softwares/nova_e/templates/local_settings.py.erb
@@ -42,7 +42,7 @@ EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
# ('http://cluster2.example.com:5000/v2.0', 'cluster2'),
# ]
-OPENSTACK_HOST = "127.0.0.1"
+OPENSTACK_HOST = "<%= keystone %>"
OPENSTACK_KEYSTONE_URL = "http://%s:5000/v2.0" % OPENSTACK_HOST
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "Member"
View
4 softwares/nova_e/templates/nova.conf.erb
@@ -13,12 +13,12 @@
--cc_host=<%= nova_api %>
--nova_url=http://<%= nova_api %>:8774/v1.1/
--routing_source_ip=<%= nova_api %>
---glance_api_servers=<%= glance_host %>:9292
+--glance_api_servers=<%= glance %>:9292
--image_service=nova.image.glance.GlanceImageService
--iscsi_ip_prefix=192.168.22
--sql_connection=mysql://root:nova@<%= mysql %>/nova
--ec2_url=http://<%= nova_api %>:8773/services/Cloud
---keystone_ec2_url=http://127.0.0.1:5000/v2.0/ec2tokens
+--keystone_ec2_url=http://<%= keystone %>:5000/v2.0/ec2tokens
--api_paste_config=/etc/nova/api-paste.ini
--libvirt_type=<%= libvirt_type %>
--libvirt_use_virtio_for_bridges=true
Please sign in to comment.
Something went wrong with that request. Please try again.