Adding Keystone environment variables to NBI
Adding the necessary environment variables to the
NBI MDG Dockerfile in order for the Keystone authentication
to work.
Completing the docker-compose yaml, fixing renaming typo
in keystone dockerfile and updating environment file
creation.
Change-Id: I4eb15119f4dba304494ef16fc90eea8d8c230927
Signed-off-by: Eduardo Sousa <esousa@whitestack.com>
diff --git a/docker/Keystone/Dockerfile b/docker/Keystone/Dockerfile
index 571e887..9163562 100644
--- a/docker/Keystone/Dockerfile
+++ b/docker/Keystone/Dockerfile
@@ -42,4 +42,4 @@
# NBI password
ENV NBI_PASSWORD nbi
-ENTRYPOINT ./install.sh
\ No newline at end of file
+ENTRYPOINT ./start.sh
\ No newline at end of file
diff --git a/docker/Keystone/scripts/start.sh b/docker/Keystone/scripts/start.sh
index 1530387..4d95c60 100755
--- a/docker/Keystone/scripts/start.sh
+++ b/docker/Keystone/scripts/start.sh
@@ -37,8 +37,6 @@
fi
}
-KEYSTONE_IP=`ifconfig eth0 | grep -Eo 'inet (addr:)?([0-9]*\.){3}[0-9]*' | grep -Eo '([0-9]*\.){3}[0-9]*'`
-
wait_db "$DB_HOST" "$DB_PORT" || exit 1
is_db_created "$DB_HOST" "$DB_PORT" "$ROOT_DB_USER" "$ROOT_DB_PASSWORD" "keystone" && DB_EXISTS="Y"
@@ -67,19 +65,32 @@
# Bootstrap Keystone service
if [ -z $DB_EXISTS ]; then
keystone-manage bootstrap --bootstrap-password "$ADMIN_PASSWORD" \
- --bootstrap-admin-url http://"$KEYSTONE_IP":5000/v3/ \
- --bootstrap-internal-url http://"$KEYSTONE_IP":5000/v3/ \
- --bootstrap-public-url http://"$KEYSTONE_IP":5000/v3/ \
+ --bootstrap-admin-url http://keystone:5000/v3/ \
+ --bootstrap-internal-url http://keystone:5000/v3/ \
+ --bootstrap-public-url http://keystone:5000/v3/ \
--bootstrap-region-id RegionOne
fi
# Restart Apache Service
service apache2 restart
+cat << EOF >> setup_env
+export OS_PROJECT_DOMAIN_NAME=default
+export OS_USER_DOMAIN_NAME=default
+export OS_PROJECT_NAME=admin
+export OS_USERNAME=admin
+export OS_PASSWORD=$ADMIN_PASSWORD
+export OS_AUTH_URL=http://keystone:5000/v3
+export OS_IDENTITY_API_VERSION=3
+export OS_IMAGE_API_VERSION=2
+EOF
+
+source setup_env
+
# Create NBI User
if [ -z $DB_EXISTS ]; then
openstack user create --domain default --password "$NBI_PASSWORD" nbi
- openstack project create --domain defaul --description "Service Project" service
+ openstack project create --domain default --description "Service Project" service
openstack role add --project service --user nbi admin
fi
diff --git a/docker/NBI/Dockerfile b/docker/NBI/Dockerfile
index 0531f3a..d2d0c36 100644
--- a/docker/NBI/Dockerfile
+++ b/docker/NBI/Dockerfile
@@ -5,9 +5,9 @@
RUN apt-get update && apt-get -y install curl software-properties-common
RUN apt-get update && apt-get install -y git python3 python3-jsonschema \
- python3-pymongo python3-yaml python3-pip \
+ python3-pymongo python3-yaml python3-pip python3-keystoneclient \
&& pip3 install pip==9.0.3 \
- && pip3 install aiokafka cherrypy pyangbind \
+ && pip3 install aiokafka cherrypy==18.0.0 pyangbind keystoneauth1 \
&& mkdir -p /app/storage/kafka && mkdir -p /app/log
ARG REPOSITORY_BASE=http://osm-download.etsi.org/repository/osm/debian
@@ -65,6 +65,16 @@
# logs
ENV OSMNBI_LOG_FILE /app/log/nbi.log
ENV OSMNBI_LOG_LEVEL DEBUG
+# authentication
+ENV OSMNBI_AUTHENTICATION_BACKEND internal
+#ENV OSMNBI_AUTHENTICATION_BACKEND keystone
+#ENV OSMNBI_AUTHENTICATION_AUTH_URL keystone
+#ENV OSMNBI_AUTHENTICATION_AUTH_PORT 5000
+#ENV OSMNBI_AUTHENTICATION_USER_DOMAIN_NAME default
+#ENV OSMNBI_AUTHENTICATION_PROJECT_DOMAIN_NAME default
+#ENV OSMNBI_AUTHENTICATION_SERVICE_USERNAME nbi
+#ENV OSMNBI_AUTHENTICATION_SERVICE_PASSWORD nbi
+#ENV OSMNBI_AUTHENTICATION_SERVICE_PROJECT service
HEALTHCHECK --interval=5s --timeout=2s --retries=12 \
CMD curl -k https://localhost:9999/osm/ | grep Welcome || exit 1
diff --git a/docker/mk/Makefile.include b/docker/mk/Makefile.include
index 81529f3..54ef41a 100644
--- a/docker/mk/Makefile.include
+++ b/docker/mk/Makefile.include
@@ -17,7 +17,7 @@
CMD_DOCKER_ARGS ?= -q
DOCKER_ARGS = $(CMD_DOCKER_ARGS)
-DEPS := MON IM LCM RO common osmclient devops NBI POL
+DEPS := MON IM LCM RO common osmclient devops NBI POL Keystone
DEPS_TARGETS = $(addprefix $(MKBUILD)/.dep_, $(DEPS))
diff --git a/installers/docker/__nbi__.env b/installers/docker/__nbi__.env
new file mode 100644
index 0000000..34671e1
--- /dev/null
+++ b/installers/docker/__nbi__.env
@@ -0,0 +1 @@
+OSMNBI_AUTHENTICATION_SERVICE_PASSWORD=__NBI_PASSWORD__
\ No newline at end of file
diff --git a/installers/docker/docker-compose.yaml b/installers/docker/docker-compose.yaml
index 3917c9e..38d322d 100644
--- a/installers/docker/docker-compose.yaml
+++ b/installers/docker/docker-compose.yaml
@@ -75,6 +75,8 @@
environment:
OSMNBI_DATABASE_HOST: mongo
OSMNBI_MESSAGE_HOST: kafka
+ env_file:
+ - ./nbi.env
ports:
- "${OSM_NBI_PORTS:-9999:9999}"
#depends_on:
diff --git a/installers/full_install_osm.sh b/installers/full_install_osm.sh
index 02ed427..66cb848 100755
--- a/installers/full_install_osm.sh
+++ b/installers/full_install_osm.sh
@@ -726,9 +726,13 @@
fi
if [ ! -f $OSM_DOCKER_WORK_DIR/keystone.env ]; then
echo "ROOT_DB_PASSWORD=${MYSQL_ROOT_PASSWORD}" |$WORKDIR_SUDO tee $OSM_DOCKER_WORK_DIR/keystone.env
- echo "KEYSTONE_DB_PASSWORD=${KEYSTONE_DB_PASSWORD}" |$WORKDIR_SUDO tee $OSM_DOCKER_WORK_DIR/keystone.env
- #echo "ADMIN_PASSWORD=${ADMIN_PASSWORD}" |$WORKDIR_SUDO tee $OSM_DOCKER_WORK_DIR/keystone.env
- echo "NBI_PASSWORD=${NBI_PASSWORD}" |$WORKDIR_SUDO tee $OSM_DOCKER_WORK_DIR/keystone.env
+ echo "KEYSTONE_DB_PASSWORD=${KEYSTONE_DB_PASSWORD}" |$WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/keystone.env
+ #echo "ADMIN_PASSWORD=${ADMIN_PASSWORD}" |$WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/keystone.env
+ echo "NBI_PASSWORD=${NBI_PASSWORD}" |$WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/keystone.env
+ fi
+
+ if [ ! -f $OSM_DOCKER_WORK_DIR/nbi.env ]; then
+ echo "OSMNBI_AUTHENTICATION_SERVICE_PASSWORD=${NBI_PASSWORD}" |$WORKDIR_SUDO tee $OSM_DOCKER_WORK_DIR/nbi.env
fi
echo "OS_NOTIFIER_URI=http://${DEFAULT_IP}:8662" |$WORKDIR_SUDO tee $OSM_DOCKER_WORK_DIR/mon.env