OpenStack:FolsomUserOnboarding

From DocWiki

(Difference between revisions)
Jump to: navigation, search
(Created page with "There are multiple ways to onboard users, and though the preferred method might be to tie into the corporate or organization's LDAP or AD service, often it is necessary or desire...")
Line 1: Line 1:
-
There are multiple ways to onboard users, and though the preferred method might be to tie into the corporate or organization's LDAP or AD service, often it is necessary or desired to set up users against Keystone local authentication methods.  This process can be done manually via API calls or with the keystone CLI tools, but I find a simple script makes this much more efficient, and reduces the chance of grabbing the wrong id when the number of users and projects starts to grow.
+
There are multiple ways to onboard users, and though the preferred method might be to tie into the corporate or organization's LDAP or AD service, often it is necessary or desired to set up users against Keystone local authentication methods.  This process can be done manually via API calls or with the keystone CLI tools, but I find a simple script makes this much more efficient, and reduces the chance of grabbing the wrong id when the number of users and projects starts to grow.  
-
 
+
<br>
-
<blockquote>
+
<code>
-
#!/bin/bash<br>source ~/openrc<br> <br>echo Argv: $#<br> <br>if [[ $# -lt 3 ]]<br> then<br> echo -e "Usage:\n${0} user password e-mail@address [tenant=openstack]"<br>else<br> user_id=`keystone user-list | grep ${1} | awk -F' ' '{print $2}'`<br> if [ ! -z ${user_id} ]<br> then<br> echo "error! username already exists"<br> exit 1<br> fi<br> if [[ $# -eq 3 ]] <br> then<br> tenant_id=`keystone tenant-list | grep openstack | awk -F' ' '{print $2}'`<br> keystone user-create --name=${1} --pass=${2} --email=${3} --tenant-id=${tenant_id}<br> else<br> tenant_id=`keystone tenant-list | grep ${4} | awk -F' ' '{print $2}'`<br> if [ -z ${tenant_id} ]; then<br> keystone tenant-create --name=${4}<br> tenant_id=`keystone tenant-list | grep ${4} | awk -F' ' '{print $2}'`<br> fi<br> keystone user-create --name=${1} --pass=${2} --email=${3} --tenant-id=${tenant_id}<br> fi<br>fi
+
<pre>
-
 
+
#!/bin/bash
-
 
+
source ~/openrc
-
</blockquote>
+
 +
echo Argv: $#
 +
 +
if [[ $# -lt 3 ]]
 +
  then
 +
echo -e "Usage:\n${0} user password e-mail@address [tenant=openstack]"
 +
else
 +
user_id=`keystone user-list | grep ${1} | awk -F' ' '{print $2}'`
 +
if [ ! -z ${user_id} ]
 +
then
 +
echo "error! username already exists"
 +
exit 1
 +
fi
 +
if [[ $# -eq 3 ]]  
 +
then
 +
tenant_id=`keystone tenant-list | grep openstack | awk -F' ' '{print $2}'`
 +
keystone user-create --name=${1} --pass=${2} --email=${3} --tenant-id=${tenant_id}
 +
else
 +
tenant_id=`keystone tenant-list | grep ${4} | awk -F' ' '{print $2}'`
 +
if [ -z ${tenant_id} ]; then
 +
keystone tenant-create --name=${4}
 +
tenant_id=`keystone tenant-list | grep ${4} | awk -F' ' '{print $2}'`
 +
fi
 +
keystone user-create --name=${1} --pass=${2} --email=${3} --tenant-id=${tenant_id}
 +
fi
 +
fi
 +
</pre>
 +
</code>  
That's the simplest way to get a user onboarded.
That's the simplest way to get a user onboarded.

Revision as of 08:40, 21 February 2013

There are multiple ways to onboard users, and though the preferred method might be to tie into the corporate or organization's LDAP or AD service, often it is necessary or desired to set up users against Keystone local authentication methods.  This process can be done manually via API calls or with the keystone CLI tools, but I find a simple script makes this much more efficient, and reduces the chance of grabbing the wrong id when the number of users and projects starts to grow.


#!/bin/bash
source ~/openrc
 
echo Argv: $#
 
if [[ $# -lt 3 ]]
  then
	echo -e "Usage:\n${0} user password e-mail@address [tenant=openstack]"
else
	user_id=`keystone user-list | grep ${1} | awk -F' ' '{print $2}'`
	if [ ! -z ${user_id} ]
	then
		echo "error! username already exists"
		exit 1
	fi
	if [[ $# -eq 3 ]] 
	then
		tenant_id=`keystone tenant-list | grep openstack | awk -F' ' '{print $2}'`
		keystone user-create --name=${1} --pass=${2} --email=${3} --tenant-id=${tenant_id}
	else
		tenant_id=`keystone tenant-list | grep ${4} | awk -F' ' '{print $2}'`
		if [ -z ${tenant_id} ]; then
			keystone tenant-create --name=${4}
			tenant_id=`keystone tenant-list | grep ${4} | awk -F' ' '{print $2}'`
		fi
		keystone user-create --name=${1} --pass=${2} --email=${3} --tenant-id=${tenant_id}
	fi
fi

That's the simplest way to get a user onboarded.

Rating: 0.0/5 (0 votes cast)

Personal tools