jcooklin/manage_tenant.py

## manage_tenant.py
#!/usr/bin/env python
import argparse
from novaclient.v1_1 import client as novaclient
from keystoneclient.v2_0 import client as keystoneclient

def create_tenant(args):
    assert len(args.tenant) < 3, "Tenant may be no longer than 2 characters"
    keystone = keystoneclient.Client(username=args.username
        ,password=args.password,auth_url=args.auth_url)
    assert keystone.authenticate(), "You did NOT successfully authenticate with keystone"
    admin_role = keystone.users.api.roles.find(name="admin")
    member_role = keystone.tenants.api.roles.find(name="Member")
    admin_user = keystone.users.find(name="adminUser")
    oc_automation_user = keystone.users.find(name="oc_automation")
    #create tenant
    new_tenant = keystone.tenants.create(args.tenant,description=args.description)
    #create default tenant user
    new_tenant_user = keystone.users.create("{0}_member".format(args.tenant)
        ,"{0}_password".format(args.tenant)
        ,"{0}_member@localhost".format(args.tenant)
        ,tenant_id=new_tenant.id
        ,enabled=True)
    #add the adminUser to the admin role for the new tenant
    keystone.users.api.roles.add_user_role(admin_user.id
        ,admin_role.id
        ,new_tenant.id)
    #add the oc_automation user to the admin role for the new tenant
    keystone.users.api.roles.add_user_role(oc_automation_user.id
        ,admin_role.id
        ,new_tenant.id)
    #add the new tenant user to the member role for the new tenant
    keystone.users.api.roles.add_user_role(new_tenant_user.id
        ,member_role.id
        ,new_tenant.id)

    nova = novaclient.Client(args.username
        ,args.password
        ,args.tenant
        ,args.auth_url)

    new_tenant_default_sec_group = nova.security_groups.find(name="default")
    #add security rules to default group
    nova.security_group_rules.create(new_tenant_default_sec_group.id
        ,ip_protocol="tcp"
        ,from_port=1
        ,to_port=65535
        ,cidr="0.0.0.0/0")
    nova.security_group_rules.create(new_tenant_default_sec_group.id
        ,ip_protocol="udp"
        ,from_port=1
        ,to_port=65535
        ,cidr="0.0.0.0/0")


parser = argparse.ArgumentParser(description='Manage Tenants')
subparsers = parser.add_subparsers()
subparser = subparsers.add_parser('create', help="Create tenant")
subparser.add_argument('tenant', help='Name of tenant')
subparser.add_argument('--description', help='Description of the tenant')
subparser.add_argument("--username",help="Keystone username", required=True)
subparser.add_argument("--password",help="Keystone password", required=True)
subparser.add_argument("--auth-url",help="API endpoint", required=True)
subparser.set_defaults(func=create_tenant)
args = parser.parse_args()

if __name__ == "__main__":
    options = parser.parse_args()
    try:
        options.func(options)
    except Exception as e:
        print e
	#!/usr/bin/env python
	import argparse
	from novaclient.v1_1 import client as novaclient
	from keystoneclient.v2_0 import client as keystoneclient

	def create_tenant(args):
	assert len(args.tenant) < 3, "Tenant may be no longer than 2 characters"
	keystone = keystoneclient.Client(username=args.username
	,password=args.password,auth_url=args.auth_url)
	assert keystone.authenticate(), "You did NOT successfully authenticate with keystone"
	admin_role = keystone.users.api.roles.find(name="admin")
	member_role = keystone.tenants.api.roles.find(name="Member")
	admin_user = keystone.users.find(name="adminUser")
	oc_automation_user = keystone.users.find(name="oc_automation")
	#create tenant
	new_tenant = keystone.tenants.create(args.tenant,description=args.description)
	#create default tenant user
	new_tenant_user = keystone.users.create("{0}_member".format(args.tenant)
	,"{0}_password".format(args.tenant)
	,"{0}_member@localhost".format(args.tenant)
	,tenant_id=new_tenant.id
	,enabled=True)
	#add the adminUser to the admin role for the new tenant
	keystone.users.api.roles.add_user_role(admin_user.id
	,admin_role.id
	,new_tenant.id)
	#add the oc_automation user to the admin role for the new tenant
	keystone.users.api.roles.add_user_role(oc_automation_user.id
	,admin_role.id
	,new_tenant.id)
	#add the new tenant user to the member role for the new tenant
	keystone.users.api.roles.add_user_role(new_tenant_user.id
	,member_role.id
	,new_tenant.id)

	nova = novaclient.Client(args.username
	,args.password
	,args.tenant
	,args.auth_url)

	new_tenant_default_sec_group = nova.security_groups.find(name="default")
	#add security rules to default group
	nova.security_group_rules.create(new_tenant_default_sec_group.id
	,ip_protocol="tcp"
	,from_port=1
	,to_port=65535
	,cidr="0.0.0.0/0")
	nova.security_group_rules.create(new_tenant_default_sec_group.id
	,ip_protocol="udp"
	,from_port=1
	,to_port=65535
	,cidr="0.0.0.0/0")


	parser = argparse.ArgumentParser(description='Manage Tenants')
	subparsers = parser.add_subparsers()
	subparser = subparsers.add_parser('create', help="Create tenant")
	subparser.add_argument('tenant', help='Name of tenant')
	subparser.add_argument('--description', help='Description of the tenant')
	subparser.add_argument("--username",help="Keystone username", required=True)
	subparser.add_argument("--password",help="Keystone password", required=True)
	subparser.add_argument("--auth-url",help="API endpoint", required=True)
	subparser.set_defaults(func=create_tenant)
	args = parser.parse_args()

	if __name__ == "__main__":
	options = parser.parse_args()
	try:
	options.func(options)
	except Exception as e:
	print e