From f56e395d8216c7e94486ad3df3eb6377ebb5a7b1 Mon Sep 17 00:00:00 2001 From: Vishvananda Ishaya Date: Mon, 24 Oct 2011 16:05:57 -0700 Subject: [PATCH] Make ec2 credentials work properly --- exercise.sh | 6 ++++++ files/apts/general | 1 + files/keystone_data.sh | 6 +++--- openrc | 12 +++++++++++- 4 files changed, 21 insertions(+), 4 deletions(-) diff --git a/exercise.sh b/exercise.sh index 85f404a..36a6d6f 100755 --- a/exercise.sh +++ b/exercise.sh @@ -147,3 +147,9 @@ nova secgroup-delete $SECGROUP # FIXME: validate shutdown within 5 seconds # (nova show $NAME returns 1 or status != ACTIVE)? + +# Testing Euca2ools +# ================== + +# make sure that we can describe instances +euca-describe-instances diff --git a/files/apts/general b/files/apts/general index b47a60d..31fa752 100644 --- a/files/apts/general +++ b/files/apts/general @@ -16,3 +16,4 @@ iputils-ping wget curl tcpdump +euca2ools # only for testing client diff --git a/files/keystone_data.sh b/files/keystone_data.sh index 2cca345..5349311 100755 --- a/files/keystone_data.sh +++ b/files/keystone_data.sh @@ -36,8 +36,8 @@ $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne keystone http://%HOS # Tokens $BIN_DIR/keystone-manage $* token add %SERVICE_TOKEN% admin admin 2015-02-05T00:00 -# EC2 related creds - note we are setting the token to user_password +# EC2 related creds - note we are setting the secret key to ADMIN_PASSWORD # but keystone doesn't parse them - it is just a blob from keystone's # point of view -$BIN_DIR/keystone-manage $* credentials add admin EC2 'admin_%ADMIN_PASSWORD%' admin admin || echo "no support for adding credentials" -$BIN_DIR/keystone-manage $* credentials add demo EC2 'demo_%ADMIN_PASSWORD%' demo demo || echo "no support for adding credentials" +$BIN_DIR/keystone-manage $* credentials add admin EC2 'admin' '%ADMIN_PASSWORD%' admin || echo "no support for adding credentials" +$BIN_DIR/keystone-manage $* credentials add demo EC2 'demo' '%ADMIN_PASSWORD%' demo || echo "no support for adding credentials" diff --git a/openrc b/openrc index cc31531..324780b 100644 --- a/openrc +++ b/openrc @@ -26,7 +26,7 @@ export NOVA_API_KEY=${ADMIN_PASSWORD:-secrete} # has access to - including nova, glance, keystone, swift, ... We currently # recommend using the 2.0 *auth api*. # -# *NOTE*: Using the 2.0 *auth api* does not mean that compute api is 2.0. We +# *NOTE*: Using the 2.0 *auth api* does not mean that compute api is 2.0. We # will use the 1.1 *compute api* export NOVA_URL=${NOVA_URL:-http://$HOST_IP:5000/v2.0/} @@ -37,5 +37,15 @@ export NOVA_VERSION=${NOVA_VERSION:-1.1} # FIXME - why does this need to be specified? export NOVA_REGION_NAME=${NOVA_REGION_NAME:-RegionOne} +# Set the ec2 url so euca2ools works +export EC2_URL=${EC2_URL:-http://$HOST_IP:8773/services/Cloud} + +# Access key is set in the initial keystone data to be the same as username +export EC2_ACCESS_KEY=${USERNAME:-demo} + +# Secret key is set in the initial keystone data to the admin password +export EC2_SECRET_KEY=${ADMIN_PASSWORD:-secrete} + # set log level to DEBUG (helps debug issues) # export NOVACLIENT_DEBUG=1 +