[Openstack-devel] Where is keystone's ADMIN_PASS set?
Hugh Esco
hesco at campaignfoundations.com
Sat Feb 1 22:13:13 UTC 2014
Sorting through this question with folks on irc,
I was advised to take a look at the ubuntu specific:
http://docs.openstack.org/havana/install-guide/install/apt/content/keystone-users.html
and treated to comments about the incomplete nature
of the debian docs.
I'm guessing from my read of the debian docs
that the intention here is to have debconf handle these details.
For the moment I'm handling this in a puppet manifest like so:
exec { 'keystone-define-users-tenants-roles':
environment => [ "OS_SERVICE_TOKEN=$hesco_openstack::params::keystone_admin_token",
'OS_SERVICE_ENDPOINT=http://localhost:35357/v2.0' ],
command => "/usr/bin/keystone tenant-create --name=admin --description=\"Admin Tenant\"
/usr/bin/keystone tenant-create --name=service --description=\"Service Tenant\"
/usr/bin/keystone user-create --name=admin --pass=$hesco_openstack::params::keystone_admin_password --email=hesco at yourmessagedelivered.com
/usr/bin/keystone role-create --name=admin
/usr/bin/keystone user-role-add --user=admin --tenant=admin --role=admin ",
}
# unless => 0,
notify { 'hesco_openstack::params::keystone_admin_password has been set':
message => $hesco_openstack::params::keystone_admin_password,
require => Exec['keystone-define-users-tenants-roles'],
}
I'd like to take a look at how I might contribute to resolving
any confusion (at least I have had) around this step in the
debian docs, but would appreciate hearing more from those
advocating for the use of debconf about the scope of these
installation initialization steps imagined here.
So far my puppet manifest has a file at:
hesco_openstack/files/etc/dbconfig-common/keystone.conf
but nothing else is yet utilizing dbconfig_common,
and my reading of the docs I have found so far on this
have not given me a lot of confidence on how to adapt
this tool to handle the rest of the installation configuration steps.
I'm working on this process now and would love to contribute to the
docs already under way if folks might offer some guidance, please.
Thanks,
-- Hugh Esco
On Sat, 1 Feb 2014 14:49:05 -0500
Hugh Esco <hesco at campaignfoundations.com> wrote:
> On
> http://docs.openstack.org/trunk/install-guide/install/apt-debian/content/keystone-verify.html,
> an authentication token called ADMIN_PASS is referred to, but I'm not
> seeing where in the preceeding pages of this installation recipe, that
> ADMIN_PASS is set, so it can then be used to test keystone. Can anyone
> here please help me with that?
>
> I tried setting it with:
>
> dpkg-reconfigure keystone
>
> but that did not seem to take.
>
> hesco at host:~$ keystone --os-username=admin --os-auth-url=http://127.0.0.1:35357/v2.0 token-get
> OS Password:
> The request you have made requires authentication. (HTTP 401)
>
> Thanks,
> -- Hugh Esco
>
> --
> Hugh Esco
> skype: hresco3_ ; 678-921-8186 x21
> http://www.CampaignFoundations.com/
> Providing Application Hosting, Telephony,
> Custom Development and Consulting Services
> to Green Candidates, Green Parties and
> the non profits working for a just and sustainable future.
>
>
>
> _______________________________________________
> Openstack-devel mailing list
> Openstack-devel at lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/openstack-devel
--
Hugh Esco
skype: hresco3_ ; 678-921-8186 x21
http://www.CampaignFoundations.com/
Providing Application Hosting, Telephony,
Custom Development and Consulting Services
to Green Candidates, Green Parties and
the non profits working for a just and sustainable future.
More information about the Openstack-devel
mailing list