Keystone

class playback.keystone.Keystone(user='ubuntu', hosts=None, key_filename=None, password=None, parallel=True, *args, **kwargs)

Bases: playback.common.Common

Install keystone

Parameters:
  • user(str) – the user for remote server to login
  • hosts(list) – this is a second param
  • key_filename(str) – the ssh private key to used, default None
  • password(str) – the password for remote server
  • parallel(bool) – paralleler execute on remote server, default True
Returns:

None
Examples:
# create two instance
keystone1 = Keystone(
    user='ubuntu',
    hosts=['controller1']
)
keystone2 = Keystone(
    user='ubuntu',
    hosts=['controller2']
)

# create keystone database
keystone1.create_keystone_db(
    root_db_pass='changeme',
    keystone_db_pass='changeme'
)

# install keystone on controller1 and controller2
keystone1.install_keystone(
    admin_token='changeme',
    connection='mysql+pymysql://keystone:changeme@192.168.1.1/keystone',
    memcached_servers='controller1:11211,controller2:11211',
    populate=True
)
keystone2.install_keystone(
    admin_token='changeme',
    connection='mysql+pymysql://keystone:changeme@192.168.1.1/keystone',
    memcached_servers='controller1:11211,controller2:11211'
)

# create the service entity and api endpoints
keystone1.create_entity_and_endpoint(
    os_token='changeme',
    os_url='http://192.168.1.1:35357/v3',
    public_endpoint='http://192.168.1.1:5000/v3',
    internal_endpoint='http://192.168.1.1:5000/v3',
    admin_endpoint='http://192.168.1.1:35357/v3'
)

# create projects, users, and roles
keystone1.create_projects_users_roles(
    os_token='changeme',
    os_url='http://192.168.1.1:35357/v3',
    admin_pass='changeme',
    demo_pass='changeme'
)

# you will need to create OpenStack client environment scripts admin-openrc.sh
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=admin
export OS_TENANT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=changeme
export OS_AUTH_URL=http://192.168.1.1:35357/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
export OS_AUTH_VERSION=3

# demo-openrc.sh
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=demo
export OS_TENANT_NAME=demo
export OS_USERNAME=demo
export OS_PASSWORD=changeme
export OS_AUTH_URL=http://192.168.1.1:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
export OS_AUTH_VERSION=3
create_entity_and_endpoint(*args, **kwargs)

Create the service entity and API endpoints

Parameters:
  • os_token – the openstack admin token
  • os_url – keystone endpoint url e.g. http://CONTROLLER_VIP:35357/v3
  • public_endpoint – the public endpoint e.g. http://CONTROLLER_VIP:5000/v3
  • internal_endpoint – the internal endpoint e.g. http://CONTROLLER_VIP:5000/v3
  • admin_endpoint – the admin endpoint e.g. http://CONTROLLER_VIP:35357/v3
Returns:

None
create_keystone_db(*args, **kwargs)

Create the keystone database and the user named keystone

Parameters:
  • root_db_pass – the mysql database root passowrd
  • keystone_db_pass – the password of keystone database user
Returns:

None
create_projects_users_roles(*args, **kwargs)

Create an administrative and demo project, user, and role for administrative and testing operations in your environment

Parameters:
  • os_token – the openstack admin token
  • os_url – keystone endpoint url e.g. http://CONTROLLER_VIP:35357/v3
  • admin_pass – passowrd of openstack admin user
  • demo_pass – passowrd of openstack demo user
Returns:

None
install_keystone(*args, **kwargs)

Install keystone

Parameters:
  • admin_token – define the value of the initial administration token
  • connection – (String) The SQLAlchemy connection string to use to connect to the database. e.g. mysql+pymysql://keystone:PASS@CONTROLLER_VIP/keystone
  • memcached_servers – (List) Optionally specify a list of memcached server(s) to use for caching. If left undefined, tokens will instead be cached in-process. e.g. CONTROLLER1:11211,CONTROLLER2:11211
  • populate – populate the keystone database
Returns:

None
update_keystone_paste_ini()

Remove admin_token_auth from the [pipeline:public_api], [pipeline:admin_api], and [pipeline:api_v3] sections in /etc/keystone/keystone-paste.ini

Returns:None