make keystone use mysql

files/keystone.conf

@@ -0,0 +1,86 @@
+[DEFAULT]
+# Show more verbose log output (sets INFO log level output)
+verbose = False
+
+# Show debugging output in logs (sets DEBUG log level output)
+debug = False
+
+# Which backend store should Keystone use by default.
+# Default: 'sqlite'
+# Available choices are 'sqlite' [future will include LDAP, PAM, etc]
+default_store = sqlite
+
+# Log to this file. Make sure you do not set the same log
+# file for both the API and registry servers!
+log_file = /opt/keystone/keystone.log
+
+# List of backends to be configured
+backends = keystone.backends.sqlalchemy
+#For LDAP support, add: ,keystone.backends.ldap
+
+# Dictionary Maps every service to a header.Missing services would get header
+# X_(SERVICE_NAME) Key => Service Name, Value => Header Name
+service-header-mappings = {
+	'nova' : 'X-Server-Management-Url',
+	'swift' : 'X-Storage-Url',
+	'cdn' : 'X-CDN-Management-Url'}
+
+# Address to bind the API server
+# TODO Properties defined within app not available via pipeline.
+service_host = 0.0.0.0
+
+# Port the bind the API server to
+service_port = 5000
+
+# Address to bind the Admin API server
+admin_host = 0.0.0.0
+
+# Port the bind the Admin API server to
+admin_port = 5001
+
+#Role that allows to perform admin operations.
+keystone-admin-role = Admin
+
+#Role that allows to perform service admin operations.
+keystone-service-admin-role = KeystoneServiceAdmin
+
+[keystone.backends.sqlalchemy]
+# SQLAlchemy connection string for the reference implementation registry
+# server. Any valid SQLAlchemy connection string is fine.
+# See: http://bit.ly/ideIpI
+#sql_connection = sqlite:///keystone.db
+sql_connection = mysql://root:nova@localhost/keystone
+backend_entities = ['UserRoleAssociation', 'Endpoints', 'Role', 'Tenant',
+                    'User', 'Credentials', 'EndpointTemplates', 'Token',
+                    'Service']
+
+# Period in seconds after which SQLAlchemy should reestablish its connection
+# to the database.
+sql_idle_timeout = 30
+
+[pipeline:admin]
+pipeline =
+	urlrewritefilter
+	admin_api
+
+[pipeline:keystone-legacy-auth]
+pipeline =
+	urlrewritefilter
+    legacy_auth
+    RAX-KEY-extension
+    service_api
+
+[app:service_api]
+paste.app_factory = keystone.server:service_app_factory
+
+[app:admin_api]
+paste.app_factory = keystone.server:admin_app_factory
+
+[filter:urlrewritefilter]
+paste.filter_factory = keystone.middleware.url:filter_factory
+
+[filter:legacy_auth]
+paste.filter_factory = keystone.frontends.legacy_token_auth:filter_factory
+
+[filter:RAX-KEY-extension]
+paste.filter_factory = keystone.contrib.extensions.service.raxkey.frontend:filter_factory

stack.sh

@@ -222,12 +222,15 @@ mkdir -p $NOVA_DIR/networks
 # (re)create nova database
 mysql -uroot -p$MYSQL_PASS -e 'DROP DATABASE nova;' || true
 mysql -uroot -p$MYSQL_PASS -e 'CREATE DATABASE nova;'
+mysql -uroot -p$MYSQL_PASS -e 'DROP DATABASE keystone;' || true
+mysql -uroot -p$MYSQL_PASS -e 'CREATE DATABASE keystone;'
 $NOVA_DIR/bin/nova-manage db sync
 
+# FIXME (anthony) keystone should use keystone.conf.example
+KEYSTONE_CONF=$KEYSTONE_DIR/etc/keystone.conf
+cp $DIR/files/keystone.conf $KEYSTONE_CONF
+
 # initialize keystone with default users/endpoints
-rm -f /opt/keystone/keystone.db
-# FIXME keystone creates a keystone.log wherever you run it from (bugify)
-cd /tmp
 BIN_DIR=$KEYSTONE_DIR/bin bash $DIR/files/keystone_data.sh
 
 # create a small network
@@ -261,7 +264,7 @@ screen_it g-api "cd $GLANCE_DIR; bin/glance-api --config-file=etc/glance-api.con
 screen_it g-reg "cd $GLANCE_DIR; bin/glance-registry --config-file=etc/glance-registry.conf"
 # keystone drops a keystone.log where if it is run, so change the path to
 # where it can write
-screen_it key "cd /tmp; $KEYSTONE_DIR/bin/keystone --config-file $KEYSTONE_DIR/etc/keystone.conf"
+screen_it key "cd /tmp; $KEYSTONE_DIR/bin/keystone --config-file $KEYSTONE_CONF"
 screen_it n-api "$NOVA_DIR/bin/nova-api"
 screen_it n-cpu "$NOVA_DIR/bin/nova-compute"
 screen_it n-net "$NOVA_DIR/bin/nova-network"