don't use secrete as admin password - fixes #34
This commit is contained in:
parent
c315ebfde6
commit
89358afe35
2 changed files with 11 additions and 5 deletions
|
@ -6,8 +6,8 @@ $BIN_DIR/keystone-manage $* tenant add demo
|
||||||
$BIN_DIR/keystone-manage $* tenant add invisible_to_admin
|
$BIN_DIR/keystone-manage $* tenant add invisible_to_admin
|
||||||
|
|
||||||
# Users
|
# Users
|
||||||
$BIN_DIR/keystone-manage $* user add admin secrete
|
$BIN_DIR/keystone-manage $* user add admin %ADMIN_PASSWORD%
|
||||||
$BIN_DIR/keystone-manage $* user add demo secrete
|
$BIN_DIR/keystone-manage $* user add demo %ADMIN_PASSWORD%
|
||||||
|
|
||||||
# Roles
|
# Roles
|
||||||
$BIN_DIR/keystone-manage $* role add Admin
|
$BIN_DIR/keystone-manage $* role add Admin
|
||||||
|
@ -36,6 +36,8 @@ $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne keystone http://%HOS
|
||||||
# Tokens
|
# Tokens
|
||||||
$BIN_DIR/keystone-manage $* token add %SERVICE_TOKEN% admin admin 2015-02-05T00:00
|
$BIN_DIR/keystone-manage $* token add %SERVICE_TOKEN% admin admin 2015-02-05T00:00
|
||||||
|
|
||||||
# EC2 related creds
|
# EC2 related creds - note we are setting the token to user_password
|
||||||
$BIN_DIR/keystone-manage $* credentials add admin EC2 'admin:admin' admin admin || echo "no support for adding credentials"
|
# but keystone doesn't parse them - it is just a blob from keystone's
|
||||||
$BIN_DIR/keystone-manage $* credentials add demo EC2 'demo:demo' demo demo || echo "no support for adding credentials"
|
# point of view
|
||||||
|
$BIN_DIR/keystone-manage $* credentials add admin EC2 'admin_%ADMIN_PASSWORD%' admin admin || echo "no support for adding credentials"
|
||||||
|
$BIN_DIR/keystone-manage $* credentials add demo EC2 'demo_%ADMIN_PASSWORD%' demo demo || echo "no support for adding credentials"
|
||||||
|
|
4
stack.sh
4
stack.sh
|
@ -147,6 +147,7 @@ GLANCE_HOSTPORT=${GLANCE_HOSTPORT:-$HOST_IP:9292}
|
||||||
# Service Token - Openstack components need to have an admin token
|
# Service Token - Openstack components need to have an admin token
|
||||||
# to validate user tokens.
|
# to validate user tokens.
|
||||||
SERVICE_TOKEN=${SERVICE_TOKEN:-`uuidgen`}
|
SERVICE_TOKEN=${SERVICE_TOKEN:-`uuidgen`}
|
||||||
|
ADMIN_PASSWORD=${ADMIN_PASSWORD:-`openssl rand -hex 12`}
|
||||||
|
|
||||||
# Install Packages
|
# Install Packages
|
||||||
# ================
|
# ================
|
||||||
|
@ -415,6 +416,7 @@ if [[ "$ENABLED_SERVICES" =~ "key" ]]; then
|
||||||
cp $FILES/keystone_data.sh $KEYSTONE_DATA
|
cp $FILES/keystone_data.sh $KEYSTONE_DATA
|
||||||
sudo sed -e "s,%HOST_IP%,$HOST_IP,g" -i $KEYSTONE_DATA
|
sudo sed -e "s,%HOST_IP%,$HOST_IP,g" -i $KEYSTONE_DATA
|
||||||
sudo sed -e "s,%SERVICE_TOKEN%,$SERVICE_TOKEN,g" -i $KEYSTONE_DATA
|
sudo sed -e "s,%SERVICE_TOKEN%,$SERVICE_TOKEN,g" -i $KEYSTONE_DATA
|
||||||
|
sudo sed -e "s,%ADMIN_PASSWORD%,$ADMIN_PASSWORD,g" -i $KEYSTONE_DATA
|
||||||
# initialize keystone with default users/endpoints
|
# initialize keystone with default users/endpoints
|
||||||
BIN_DIR=$KEYSTONE_DIR/bin bash $KEYSTONE_DATA
|
BIN_DIR=$KEYSTONE_DIR/bin bash $KEYSTONE_DATA
|
||||||
fi
|
fi
|
||||||
|
@ -513,6 +515,8 @@ fi
|
||||||
if [[ "$ENABLED_SERVICES" =~ "key" ]]; then
|
if [[ "$ENABLED_SERVICES" =~ "key" ]]; then
|
||||||
echo "keystone is serving at http://$HOST_IP:5000/v2.0/"
|
echo "keystone is serving at http://$HOST_IP:5000/v2.0/"
|
||||||
echo "examples on using novaclient command line is in exercise.sh"
|
echo "examples on using novaclient command line is in exercise.sh"
|
||||||
|
echo "the default users are: admin and demo"
|
||||||
|
echo "the password: $ADMIN_PASSWORD"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Summary
|
# Summary
|
||||||
|
|
Loading…
Reference in a new issue