OpenStack:FolsomUserOnboarding

From DocWiki

Revision as of 08:38, 21 February 2013 by Starmer (Talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

There are multiple ways to onboard users, and though the preferred method might be to tie into the corporate or organization's LDAP or AD service, often it is necessary or desired to set up users against Keystone local authentication methods.  This process can be done manually via API calls or with the keystone CLI tools, but I find a simple script makes this much more efficient, and reduces the chance of grabbing the wrong id when the number of users and projects starts to grow.


  1. !/bin/bash
    source ~/openrc

    echo Argv: $#

    if $# -lt 3
    then
    echo -e "Usage:\n${0} user password e-mail@address [tenant=openstack]"
    else
    user_id=`keystone user-list | grep ${1} | awk -F' ' '{print $2}'`
    if [ ! -z ${user_id} ]
    then
    echo "error! username already exists"
    exit 1
    fi
    if $# -eq 3
    then
    tenant_id=`keystone tenant-list | grep openstack | awk -F' ' '{print $2}'`
    keystone user-create --name=${1} --pass=${2} --email=${3} --tenant-id=${tenant_id}
    else
    tenant_id=`keystone tenant-list | grep ${4} | awk -F' ' '{print $2}'`
    if [ -z ${tenant_id} ]; then
    keystone tenant-create --name=${4}
    tenant_id=`keystone tenant-list | grep ${4} | awk -F' ' '{print $2}'`
    fi
    keystone user-create --name=${1} --pass=${2} --email=${3} --tenant-id=${tenant_id}
    fi
    fi

That's the simplest way to get a user onboarded.

Rating: 0.0/5 (0 votes cast)

Personal tools