diff options
| author |   WuKong <rebirthmonkey@gmail.com> | 2017-07-18 17:55:10 +0200 |
|---|---|---|
| committer | WuKong <rebirthmonkey@gmail.com> | 2017-07-18 17:55:10 +0200 |
| commit | 0d497bd3ac571c55d578faf21a5370e6cbf3edc9 (patch) | |
| tree | d7ef8d7152b984c90754175a5f4089bad44b76cc /moonv4/templates/moon_keystone | |
| parent | 5cc39c4b3a2de6d670f357ed3329a4d6587c7fc7 (diff) | |
review moonv4
Change-Id: Iaadd2d24871ebca3e8ba741ae21d2c0dc2d6879a
Signed-off-by: WuKong <rebirthmonkey@gmail.com>
Diffstat (limited to 'moonv4/templates/moon_keystone')
| -rw-r--r-- | moonv4/templates/moon_keystone/Dockerfile | 25 | ||||
| -rw-r--r-- | moonv4/templates/moon_keystone/README.md | 65 | ||||
| -rw-r--r-- | moonv4/templates/moon_keystone/run.sh | 136 |
3 files changed, 226 insertions, 0 deletions
diff --git a/moonv4/templates/moon_keystone/Dockerfile b/moonv4/templates/moon_keystone/Dockerfile new file mode 100644 index 00000000..1ab24de9 --- /dev/null +++ b/moonv4/templates/moon_keystone/Dockerfile @@ -0,0 +1,25 @@ +FROM ubuntu:latest + +ENV ADMIN_TOKEN=p4ssw0rd +ENV ADMIN_PASSWORD=p4ssw0rd +ENV DB_CONNECTION="mysql+pymysql" +ENV DB_DRIVER=sql +ENV DB_HOST=localhost +ENV DB_DATABASE=keystonedb +ENV DB_USER=keystone +ENV DB_PASSWORD=p4ssw0rd +ENV DB_USER_ROOT=root +ENV DB_PASSWORD_ROOT=p4sswOrd1 +ENV RABBIT_NODE=server +ENV INTERFACE_HOST="http://localhost:3001" + +RUN apt-get update && apt-get install apache2 rabbitmq-server keystone python-openstackclient libapache2-mod-wsgi mysql-client -y + +RUN apt-get update && apt-get install iputils-ping net-tools -y + +ADD run.sh /root + +EXPOSE 35357 +EXPOSE 5000 + +CMD ["/bin/bash", "/root/run.sh"]
\ No newline at end of file diff --git a/moonv4/templates/moon_keystone/README.md b/moonv4/templates/moon_keystone/README.md new file mode 100644 index 00000000..77c90e98 --- /dev/null +++ b/moonv4/templates/moon_keystone/README.md @@ -0,0 +1,65 @@ +# Keystone container + +## build keystone image + +without proxy: +```bash +docker build -t keystone:mitaka . +``` + +with a proxy: +```bash +docker build --build-arg https_proxy=http://proxy:3128 --build-arg http_proxy=http://proxy:3128 -t keystone:mitaka . +``` + + +## set up an execution environment + +### clean up if necessary +```bash +docker container rm -f $(docker ps -a | grep moon | cut -d " " -f 1) 2>/dev/null +docker container rm -f messenger db keystone 2>/dev/null +``` + +### create a network +```bash +docker network create -d bridge --subnet=172.18.0.0/16 --gateway=172.18.0.1 moon +``` + +### Start RabbitMQ +TODO: use our own container +```bash +docker container run -dti --net=moon --hostname messenger --name messenger -e RABBITMQ_DEFAULT_USER=moon -e RABBITMQ_DEFAULT_PASS=p4sswOrd1 -e RABBITMQ_NODENAME=rabbit@messenger -e RABBITMQ_DEFAULT_VHOST=moon -e RABBITMQ_HIPE_COMPILE=1 -p 5671:5671 -p 5672:5672 -p 8080:15672 rabbitmq:3-management +``` + + +### Start MySQL server +TODO: user our own containter +```bash +docker container run -dti --net=moon --hostname db --name db -e MYSQL_ROOT_PASSWORD=p4sswOrd1 -e MYSQL_DATABASE=moon -e MYSQL_USER=moon -e MYSQL_PASSWORD=p4sswOrd1 -p 3306:3306 mysql:latest +``` + +## launch a Keystone container +TODO: user our own containter +```bash +docker container run -dti --net moon --hostname keystone --name keystone -e DB_HOST=db -e DB_PASSWORD_ROOT=p4sswOrd1 -p 35357:35357 -p 5000:5000 keystone:mitaka +``` + +## check +### log +```bash +docker logs keystone -f +``` + + +### access to the container +```bash +docker container exec -ti keystone /bin/bash +export OS_USERNAME=admin +export OS_PASSWORD=p4ssw0rd +export OS_REGION_NAME=Orange +export OS_TENANT_NAME=admin +export OS_AUTH_URL=http://localhost:5000/v3 +export OS_DOMAIN_NAME=Default +openstack project list +```
\ No newline at end of file diff --git a/moonv4/templates/moon_keystone/run.sh b/moonv4/templates/moon_keystone/run.sh new file mode 100644 index 00000000..b80dd3f1 --- /dev/null +++ b/moonv4/templates/moon_keystone/run.sh @@ -0,0 +1,136 @@ +#!/usr/bin/env bash + +MY_HOSTNAME=localhost + +echo DB_HOST=$DB_HOST +echo DB_DATABASE=$DB_DATABASE +echo RABBIT_NODE=$RABBIT_NODE +echo RABBIT_NODE=$[RABBIT_NODE] +echo INTERFACE_HOST=$INTERFACE_HOST + +sed "s/#admin_token = <None>/admin_token=$ADMIN_TOKEN/g" -i /etc/keystone/keystone.conf +sed "s/connection = sqlite:\/\/\/\/var\/lib\/keystone\/keystone.db/connection = $DB_CONNECTION:\/\/$DB_USER:$DB_PASSWORD@$DB_HOST\/$DB_DATABASE/g" -i /etc/keystone/keystone.conf +sed "s/#driver = sql/driver = $DB_DRIVER/g" -i /etc/keystone/keystone.conf + +cat << EOF | tee -a /etc/keystone/keystone.conf +[cors] +allowed_origin = $INTERFACE_HOST +max_age = 3600 +allow_methods = POST,DELETE +EOF + +mysql -h $DB_HOST -u$DB_USER_ROOT -p$DB_PASSWORD_ROOT <<EOF +CREATE DATABASE $DB_DATABASE DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci; +GRANT ALL ON $DB_DATABASE.* TO '$DB_USER'@'%' IDENTIFIED BY '$DB_PASSWORD'; +GRANT ALL ON $DB_DATABASE.* TO '$DB_USER'@'localhost' IDENTIFIED BY '$DB_PASSWORD'; +EOF + +#rabbitmqctl -n rabbit@$RABBIT_NODE add_user openstack password +#rabbitmqctl -n rabbit@$RABBIT_NODE set_permissions openstack ".*" ".*" ".*" + +cat << EOF | tee /etc/apache2/sites-available/wsgi-keystone.conf +Listen 5000 +Listen 35357 + +<VirtualHost *:5000> + WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP} + WSGIProcessGroup keystone-public + WSGIScriptAlias / /usr/bin/keystone-wsgi-public + WSGIApplicationGroup %{GLOBAL} + WSGIPassAuthorization On + <IfVersion >= 2.4> + ErrorLogFormat "%{cu}t %M" + </IfVersion> + ErrorLog /var/log/apache2/keystone.log + CustomLog /var/log/apache2/keystone_access.log combined + + <Directory /usr/bin> + <IfVersion >= 2.4> + Require all granted + </IfVersion> + <IfVersion < 2.4> + Order allow,deny + Allow from all + </IfVersion> + </Directory> +</VirtualHost> + +<VirtualHost *:35357> + WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP} + WSGIProcessGroup keystone-admin + WSGIScriptAlias / /usr/bin/keystone-wsgi-admin + WSGIApplicationGroup %{GLOBAL} + WSGIPassAuthorization On + <IfVersion >= 2.4> + ErrorLogFormat "%{cu}t %M" + </IfVersion> + ErrorLog /var/log/apache2/keystone.log + CustomLog /var/log/apache2/keystone_access.log combined + + <Directory /usr/bin> + <IfVersion >= 2.4> + Require all granted + </IfVersion> + <IfVersion < 2.4> + Order allow,deny + Allow from all + </IfVersion> + </Directory> +</VirtualHost> + +EOF + +a2ensite wsgi-keystone + +service keystone stop +echo "manual" | tee /etc/init/keystone.override + +service apache2 restart + +netstat -tanpeo + +export http_proxy= +export https_proxy= + +keystone-manage db_sync + +keystone-manage bootstrap \ + --bootstrap-password ${ADMIN_PASSWORD} \ + --bootstrap-username admin \ + --bootstrap-project-name admin \ + --bootstrap-role-name admin \ + --bootstrap-service-name keystone \ + --bootstrap-region-id Orange \ + --bootstrap-admin-url http://localhost:35357 \ + --bootstrap-public-url http://localhost:5000 \ + --bootstrap-internal-url http://localhost:5000 + + +export OS_USERNAME=admin +export OS_PASSWORD=${ADMIN_PASSWORD} +export OS_REGION_NAME=Orange +export OS_TENANT_NAME=admin +export OS_AUTH_URL=http://localhost:5000/v3 +export OS_DOMAIN_NAME=Default + +openstack project create --description "Service Project" demo +openstack role create user +openstack role add --project demo --user demo user + +echo -e "\n Project list:" +openstack project list + +echo -e "\n Users list:" +openstack user list + +echo -e "\n Roles list:" +openstack role list + +echo -e "\n Service list:" +openstack service list + +echo -e "\n Endpoint list:" +openstack endpoint list --long + + +tail -f /var/log/apache2/keystone.log
\ No newline at end of file |