Created
February 9, 2013 20:15
-
-
Save jcooklin/4746904 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
import argparse | |
from novaclient.v1_1 import client as novaclient | |
from keystoneclient.v2_0 import client as keystoneclient | |
def create_tenant(args): | |
assert len(args.tenant) < 3, "Tenant may be no longer than 2 characters" | |
keystone = keystoneclient.Client(username=args.username | |
,password=args.password,auth_url=args.auth_url) | |
assert keystone.authenticate(), "You did NOT successfully authenticate with keystone" | |
admin_role = keystone.users.api.roles.find(name="admin") | |
member_role = keystone.tenants.api.roles.find(name="Member") | |
admin_user = keystone.users.find(name="adminUser") | |
oc_automation_user = keystone.users.find(name="oc_automation") | |
#create tenant | |
new_tenant = keystone.tenants.create(args.tenant,description=args.description) | |
#create default tenant user | |
new_tenant_user = keystone.users.create("{0}_member".format(args.tenant) | |
,"{0}_password".format(args.tenant) | |
,"{0}_member@localhost".format(args.tenant) | |
,tenant_id=new_tenant.id | |
,enabled=True) | |
#add the adminUser to the admin role for the new tenant | |
keystone.users.api.roles.add_user_role(admin_user.id | |
,admin_role.id | |
,new_tenant.id) | |
#add the oc_automation user to the admin role for the new tenant | |
keystone.users.api.roles.add_user_role(oc_automation_user.id | |
,admin_role.id | |
,new_tenant.id) | |
#add the new tenant user to the member role for the new tenant | |
keystone.users.api.roles.add_user_role(new_tenant_user.id | |
,member_role.id | |
,new_tenant.id) | |
nova = novaclient.Client(args.username | |
,args.password | |
,args.tenant | |
,args.auth_url) | |
new_tenant_default_sec_group = nova.security_groups.find(name="default") | |
#add security rules to default group | |
nova.security_group_rules.create(new_tenant_default_sec_group.id | |
,ip_protocol="tcp" | |
,from_port=1 | |
,to_port=65535 | |
,cidr="0.0.0.0/0") | |
nova.security_group_rules.create(new_tenant_default_sec_group.id | |
,ip_protocol="udp" | |
,from_port=1 | |
,to_port=65535 | |
,cidr="0.0.0.0/0") | |
parser = argparse.ArgumentParser(description='Manage Tenants') | |
subparsers = parser.add_subparsers() | |
subparser = subparsers.add_parser('create', help="Create tenant") | |
subparser.add_argument('tenant', help='Name of tenant') | |
subparser.add_argument('--description', help='Description of the tenant') | |
subparser.add_argument("--username",help="Keystone username", required=True) | |
subparser.add_argument("--password",help="Keystone password", required=True) | |
subparser.add_argument("--auth-url",help="API endpoint", required=True) | |
subparser.set_defaults(func=create_tenant) | |
args = parser.parse_args() | |
if __name__ == "__main__": | |
options = parser.parse_args() | |
try: | |
options.func(options) | |
except Exception as e: | |
print e |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment