OpenStack:FolsomUserOnboarding

From DocWiki

Revision as of 01:36, 4 March 2014 by Dawelsch (Talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

There are multiple ways to onboard users, and though the preferred method might be to tie into the corporate or organization's LDAP or AD service, often it is necessary or desired to set up users against Keystone local authentication methods.  This process can be done manually via API calls or with the keystone CLI tools, but I find a simple script makes this much more efficient, and reduces the chance of grabbing the wrong id when the number of users and projects starts to grow.


#!/bin/bash
source ~/openrc
 
echo Argv: $#
 
if [[ $# -lt 3 ]]
  then
	echo -e "Usage:\n${0} user password e-mail@address [tenant=openstack]"
else
	user_id=`keystone user-list | grep ${1} | awk -F' ' '{print $2}'`
	if [ ! -z ${user_id} ]
	then
		echo "error! username already exists"
		exit 1
	fi
	if [[ $# -eq 3 ]] 
	then
		tenant_id=`keystone tenant-list | grep openstack | awk -F' ' '{print $2}'`
		keystone user-create --name=${1} --pass=${2} --email=${3} --tenant-id=${tenant_id}
	else
		tenant_id=`keystone tenant-list | grep ${4} | awk -F' ' '{print $2}'`
		if [ -z ${tenant_id} ]; then
			keystone tenant-create --name=${4}
			tenant_id=`keystone tenant-list | grep ${4} | awk -F' ' '{print $2}'`
		fi
		keystone user-create --name=${1} --pass=${2} --email=${3} --tenant-id=${tenant_id}
	fi
fi

That's the simplest way to get a user onboarded.

Rating: 0.0/5 (0 votes cast)

Personal tools