Generate overcloud keystone keys/certs

Same keys/certs are required on all overcloud control
nodes in HA mode. This script generates keys/certs and
passes them as params to heat-template.

Currently keys/certs are created directly on control node
by command "keystone-manage pki_setup". This command is not needed
now because keys/certs are provided in heat metadata for seed,
undercloud and overcloud. "keystone-manage pki_setup" will be removed
an upcoming patch.

Relies on: Iad9c670dba0f57219f47792f44d60341ab58cdb3

Related to blueprint tripleo-icehouse-ha-production-configuration

Change-Id: I6d4efa753b97bb8cdbd07b1bf7b1cd123f7a32ed

scripts/devtest_overcloud.sh

@@ -300,6 +300,10 @@ ENV_JSON=$(jq '.parameters = {
 jq . > "${HEAT_ENV}" <<< $ENV_JSON
 chmod 0600 "${HEAT_ENV}"
 
+## #. Add Keystone certs/key into the environment file.::
+
+generate-keystone-pki --heatenv $HEAT_ENV
+
 ## #. Deploy an overcloud::
 
 make -C $TRIPLEO_ROOT/tripleo-heat-templates overcloud.yaml \

scripts/devtest_seed.sh

@@ -80,6 +80,9 @@ else
     jq -s '.[1] as $config |(.[0].ironic |= (.virtual_power_ssh_key=$config["ssh-key"]))|.[0].nova.compute_driver="ironic.nova.virt.ironic.driver.IronicDriver"|.[0].nova.compute_manager="ironic.nova.compute.manager.ClusteredComputeManager"|.[0].nova.baremetal={}| .[0]' config.json $TE_DATAFILE > tmp_local.json
 fi
 
+# Add Keystone certs/key into the environment file
+generate-keystone-pki --heatenv tmp_local.json -s
+
 # Apply custom BM network settings to the seeds local.json config
 BM_NETWORK_CIDR=$(OS_CONFIG_FILES=$TE_DATAFILE os-apply-config --key baremetal-network.cidr --type raw --key-default '192.0.2.0/24')
 # FIXME: Once we support jq 1.3 we can use --arg here instead of writing
@@ -100,7 +103,6 @@ jq -s '
 rm tmp_local.json
 rm cidr.json
 
-
 ### --end
 # If running in a CI environment then the user and ip address should be read
 # from the json describing the environment

scripts/devtest_undercloud.sh

@@ -232,6 +232,10 @@ ENV_JSON=$(jq '.parameters = {
 jq . > "${HEAT_ENV}" <<< $ENV_JSON
 chmod 0600 "${HEAT_ENV}"
 
+## #. Add Keystone certs/key into the environment file.::
+
+generate-keystone-pki --heatenv $HEAT_ENV
+
 ## #. Deploy an undercloud.
 ##    ::
 

scripts/setup-clienttools

@@ -24,7 +24,7 @@ pip install -U 'pbr>=0.5.21,<1.0'
 
 pip install -U python-cinderclient python-novaclient python-glanceclient python-heatclient python-keystoneclient python-neutronclient python-swiftclient python-ironicclient python-openstackclient os-apply-config os-cloud-config
 
-for tool in os-apply-config cinder nova glance heat keystone neutron swift ironic openstack init-keystone; do
+for tool in os-apply-config cinder nova glance heat keystone neutron swift ironic openstack init-keystone generate-keystone-pki; do
   ln -sf $VENV_HOME/bin/$tool $BASE/scripts/$tool ;
 done
 echo "Installed openstack client tool symlinks in $BASE/scripts"