Update container to Keystone Ocata

Change-Id: I44416d7a0ca0785cbf9a60234ea3af6d079e3edd

diff --git a/moonv4/templates/moon_keystone/Dockerfile b/moonv4/templates/moon_keystone/Dockerfile
index 1ab24de..2a43bd9 100644 (file)
--- a/moonv4/templates/moon_keystone/Dockerfile
+++ b/moonv4/templates/moon_keystone/Dockerfile
@@ -1,4 +1,4 @@
-FROM ubuntu:latest
+FROM ubuntu:zesty
 
 ENV ADMIN_TOKEN=p4ssw0rd
 ENV ADMIN_PASSWORD=p4ssw0rd
@@ -13,9 +13,9 @@ ENV DB_PASSWORD_ROOT=p4sswOrd1
 ENV RABBIT_NODE=server
 ENV INTERFACE_HOST="http://localhost:3001"
 
-RUN apt-get update && apt-get install apache2 rabbitmq-server keystone python-openstackclient libapache2-mod-wsgi mysql-client -y
+RUN apt update && apt install apache2 rabbitmq-server keystone python-openstackclient libapache2-mod-wsgi mysql-client -y
 
-RUN apt-get update && apt-get install iputils-ping net-tools -y
+# RUN apt update && apt install iputils-ping net-tools -y
 
 ADD run.sh /root
 

diff --git a/moonv4/templates/moon_keystone/run.sh b/moonv4/templates/moon_keystone/run.sh
index b80dd3f..ea9b798 100644 (file)
--- a/moonv4/templates/moon_keystone/run.sh
+++ b/moonv4/templates/moon_keystone/run.sh
@@ -9,14 +9,13 @@ echo RABBIT_NODE=$[RABBIT_NODE]
 echo INTERFACE_HOST=$INTERFACE_HOST
 
 sed "s/#admin_token = <None>/admin_token=$ADMIN_TOKEN/g" -i /etc/keystone/keystone.conf
-sed "s/connection = sqlite:\/\/\/\/var\/lib\/keystone\/keystone.db/connection = $DB_CONNECTION:\/\/$DB_USER:$DB_PASSWORD@$DB_HOST\/$DB_DATABASE/g" -i /etc/keystone/keystone.conf
-sed "s/#driver = sql/driver = $DB_DRIVER/g" -i /etc/keystone/keystone.conf
+sed "s/#connection = <None>/connection = $DB_CONNECTION:\/\/$DB_USER:$DB_PASSWORD@$DB_HOST\/$DB_DATABASE/g" -i /etc/keystone/keystone.conf
 
 cat << EOF | tee -a /etc/keystone/keystone.conf
 [cors]
 allowed_origin = $INTERFACE_HOST
 max_age = 3600
-allow_methods = POST,DELETE
+allow_methods = POST,GET,DELETE
 EOF
 
 mysql -h $DB_HOST -u$DB_USER_ROOT -p$DB_PASSWORD_ROOT <<EOF
@@ -25,74 +24,10 @@ GRANT ALL ON $DB_DATABASE.* TO '$DB_USER'@'%' IDENTIFIED BY '$DB_PASSWORD';
 GRANT ALL ON $DB_DATABASE.* TO '$DB_USER'@'localhost' IDENTIFIED BY '$DB_PASSWORD';
 EOF
 
-#rabbitmqctl -n rabbit@$RABBIT_NODE add_user openstack password
-#rabbitmqctl -n rabbit@$RABBIT_NODE set_permissions openstack ".*" ".*" ".*"
-
-cat << EOF | tee /etc/apache2/sites-available/wsgi-keystone.conf
-Listen 5000
-Listen 35357
-
-<VirtualHost *:5000>
-    WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
-    WSGIProcessGroup keystone-public
-    WSGIScriptAlias / /usr/bin/keystone-wsgi-public
-    WSGIApplicationGroup %{GLOBAL}
-    WSGIPassAuthorization On
-    <IfVersion >= 2.4>
-      ErrorLogFormat "%{cu}t %M"
-    </IfVersion>
-    ErrorLog /var/log/apache2/keystone.log
-    CustomLog /var/log/apache2/keystone_access.log combined
-
-    <Directory /usr/bin>
-        <IfVersion >= 2.4>
-            Require all granted
-        </IfVersion>
-        <IfVersion < 2.4>
-            Order allow,deny
-            Allow from all
-        </IfVersion>
-    </Directory>
-</VirtualHost>
-
-<VirtualHost *:35357>
-    WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
-    WSGIProcessGroup keystone-admin
-    WSGIScriptAlias / /usr/bin/keystone-wsgi-admin
-    WSGIApplicationGroup %{GLOBAL}
-    WSGIPassAuthorization On
-    <IfVersion >= 2.4>
-      ErrorLogFormat "%{cu}t %M"
-    </IfVersion>
-    ErrorLog /var/log/apache2/keystone.log
-    CustomLog /var/log/apache2/keystone_access.log combined
-
-    <Directory /usr/bin>
-        <IfVersion >= 2.4>
-            Require all granted
-        </IfVersion>
-        <IfVersion < 2.4>
-            Order allow,deny
-            Allow from all
-        </IfVersion>
-    </Directory>
-</VirtualHost>
+keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
+keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
 
-EOF
-
-a2ensite wsgi-keystone
-
-service keystone stop
-echo "manual" | tee /etc/init/keystone.override
-
-service apache2 restart
-
-netstat -tanpeo
-
-export http_proxy=
-export https_proxy=
-
-keystone-manage db_sync
+su -s /bin/sh -c "keystone-manage db_sync" keystone
 
 keystone-manage bootstrap \
     --bootstrap-password ${ADMIN_PASSWORD} \
@@ -106,12 +41,15 @@ keystone-manage bootstrap \
     --bootstrap-internal-url http://localhost:5000
 
 
+service apache2 start
+
 export OS_USERNAME=admin
 export OS_PASSWORD=${ADMIN_PASSWORD}
 export OS_REGION_NAME=Orange
 export OS_TENANT_NAME=admin
 export OS_AUTH_URL=http://localhost:5000/v3
 export OS_DOMAIN_NAME=Default
+export OS_IDENTITY_API_VERSION=3
 
 openstack project create --description "Service Project" demo
 openstack role create user
@@ -130,7 +68,7 @@ echo -e "\n Service list:"
 openstack service list
 
 echo -e "\n Endpoint list:"
-openstack endpoint list --long
+openstack endpoint list
 
 
 tail -f /var/log/apache2/keystone.log
\ No newline at end of file