diff options
| author |   Narinder Gupta <narinder.gupta@canonical.com> | 2018-04-11 16:34:01 -0500 |
|---|---|---|
| committer | Narinder Gupta <narinder.gupta@canonical.com> | 2018-04-19 15:11:26 -0500 |
| commit | 149e7053b83b2236eac66701837c0d183bb25b81 (patch) | |
| tree | 062b3bb1a428e5c19ce133f70aec1288b978f30e /ci/openstack.sh | |
| parent | c0bc95b384aa0e5a398aa35a300081919898d1da (diff) | |
added ssl support based on default.
Change-Id: I0198520e43c81d7734bc3b2f4396e55c42d33e5c
Signed-off-by: Narinder Gupta <narinder.gupta@canonical.com>
Diffstat (limited to 'ci/openstack.sh')
| -rwxr-xr-x | ci/openstack.sh | 48 |
1 files changed, 41 insertions, 7 deletions
diff --git a/ci/openstack.sh b/ci/openstack.sh index 3c8f9757..139a0dfc 100755 --- a/ci/openstack.sh +++ b/ci/openstack.sh @@ -62,7 +62,7 @@ keystoneIp() { if [ $(juju status keystone --format=short | grep " keystone"|wc -l) == 1 ];then unitAddress keystone 0 else - juju config keystone | python -c "import yaml; import sys; print yaml.load(sys.stdin)['settings']['vip']['value']" | cut -d " " -f 1 + juju config keystone vip | cut -d " " -f 1 fi } @@ -71,13 +71,26 @@ create_openrc() { echo_info "Creating the openrc (OpenStack client environment scripts)" mkdir -m 0700 -p cloud - keystoneIp=$(keystoneIp) - adminPasswd=$(juju config keystone | python -c "import yaml; import sys; print yaml.load(sys.stdin)['settings']['admin-password']['value']" | cut -d " " -f 1) + usessl=$(juju config keystone ssl_ca) + if [[ "$usessl" == "" ]]; then + usessl=no + else + usessl=yes + fi + keystoneIp=$(juju config keystone os-public-hostname | cut -d " " -f 1) + if [[ "$keystoneIp" == "" ]]; then + keystoneIp=$(keystoneIp) + fi + adminPasswd=$(juju config keystone admin-password | cut -d " " -f 1) - v3api=`juju config keystone preferred-api-version` + v3api=$(juju config keystone preferred-api-version) if [[ "$v3api" == "3" ]]; then - configOpenrc admin $adminPasswd admin http://$keystoneIp:5000/v3 RegionOne publicURL > ~/joid_config/admin-openrc + if [ "$usessl" == "yes" ]; then + configOpenrc admin $adminPasswd admin https://$keystoneIp:5000/v3 RegionOne publicURL > ~/joid_config/admin-openrc + else + configOpenrc admin $adminPasswd admin http://$keystoneIp:5000/v3 RegionOne publicURL > ~/joid_config/admin-openrc + fi chmod 0600 ~/joid_config/admin-openrc source ~/joid_config/admin-openrc projectid=`openstack project show admin -c id -f value` @@ -105,6 +118,7 @@ EOF } configOpenrc() { +if [ "$usessl" == "yes" ]; then cat <<-EOF #export OS_NO_CACHE='true' export OS_AUTH_URL=$4 @@ -117,11 +131,31 @@ export OS_PASSWORD=$2 export OS_IDENTITY_API_VERSION=3 export OS_REGION_NAME=$5 export OS_INTERFACE=public -#export OS_INSECURE=true -#export OS_CASSL=~/joid_config/ca.pem +export OS_CACERT=~/joid_config/keystone_juju_ca_cert.crt EOF +else +cat <<-EOF +#export OS_NO_CACHE='true' +export OS_AUTH_URL=$4 +export OS_USER_DOMAIN_NAME=admin_domain +export OS_PROJECT_DOMAIN_NAME=admin_domain +export OS_USERNAME=$1 +export OS_TENANT_NAME=$3 +export OS_PROJECT_NAME=$3 +export OS_PASSWORD=$2 +export OS_IDENTITY_API_VERSION=3 +export OS_REGION_NAME=$5 +export OS_INTERFACE=public +#export OS_CACERT=~/joid_config/bradm.etsi-ubuntu-jh.maas.pem +EOF +fi } + +if [ "$usessl" == "yes" ]; then + juju scp keystone/0:/usr/local/share/ca-certificates/keystone_juju_ca_cert.crt ~/joid_config/ +fi + # Create an load openrc create_openrc |