diff options
author | Thomas Wiest <twiest@gmail.com> | 2014-10-31 17:41:10 -0400 |
---|---|---|
committer | Thomas Wiest <twiest@gmail.com> | 2014-10-31 17:41:10 -0400 |
commit | 40e7b9bb3eba2c20d77859ec7adbac57385b6056 (patch) | |
tree | 90129960a7c44653bdc06170664320341a553602 | |
parent | 72a3a263733cc41534f6b3d6fd671680dcaebbcb (diff) | |
parent | 24b4a06be6ddb7d62e01aa0c1f4159036fb9497b (diff) | |
download | openshift-40e7b9bb3eba2c20d77859ec7adbac57385b6056.tar.gz openshift-40e7b9bb3eba2c20d77859ec7adbac57385b6056.tar.bz2 openshift-40e7b9bb3eba2c20d77859ec7adbac57385b6056.tar.xz openshift-40e7b9bb3eba2c20d77859ec7adbac57385b6056.zip |
Merge pull request #25 from tdawson/2014-10/fix-docs
2014 10/fix docs
-rw-r--r-- | README_GCE.md | 19 |
1 files changed, 12 insertions, 7 deletions
diff --git a/README_GCE.md b/README_GCE.md index 88f9f3a7c..e315dade9 100644 --- a/README_GCE.md +++ b/README_GCE.md @@ -6,29 +6,30 @@ Get a gce service key --------------------- 1. ask your GCE project administrator for a GCE service key -Note: If your GCE project does not show a Service Account under <Project>/APIs & auth/Credentials, you will need to use "Create new Client ID" to create a Service Account. +Note: If your GCE project does not show a Service Account under <Project>/APIs & auth/Credentials, you will need to use "Create new Client ID" to create a Service Account before your administrator can create the service key for you. Convert a GCE service key into a pem (for ansible) -------------------------------------------------- 1. mkdir -p ~/.gce 1. The gce service key looks something like this: projectname-ef83bd90f261.p12 -.. the ef83bd90f261 part is the public hash +.. The ef83bd90f261 part is the public hash (GCE_KEY_HASH), The projectname part, is the project name (PROJECT_NAME). 1. Be in the same directory as the p12 key file. 1. The commands below should be copy / paste-able 1. Run these commands: ``` - # Temporarily set hash variable + # Temporarily set hash variable and project name export GCE_KEY_HASH=ef83bd90f261 + export PROJECT_NAME=projectname # Convert the service key (note: 'notasecret' is literally what we want here) - openssl pkcs12 -in projectname-${GCE_KEY_HASH}.p12 -passin pass:notasecret -nodes -nocerts | openssl rsa -out projectname-${GCE_KEY_HASH}.pem + openssl pkcs12 -in ${PROJECT_NAME}-${GCE_KEY_HASH}.p12 -passin pass:notasecret -nodes -nocerts | openssl rsa -out ${PROJECT_NAME}-${GCE_KEY_HASH}.pem # Move the converted service key to the .gce dir - mv projectname-${GCE_KEY_HASH}.pem ~/.gce + mv ${PROJECT_NAME}-${GCE_KEY_HASH}.pem ~/.gce # Set a sym link so it is easy to reference - ln -s ~/.gce/projectname-${GCE_KEY_HASH}.pem ~/.gce/projectname_priv_key.pem + ln -s ~/.gce/${PROJECT_NAME}-${GCE_KEY_HASH}.pem ~/.gce/${PROJECT_NAME}_priv_key.pem ``` 1. Once this is done, put the original service key file (projectname-ef83bd90f261.p12) somewhere safe, or delete it (your call, I don not know what else we will use it for, and we can always regen it if needed). @@ -36,6 +37,10 @@ Convert a GCE service key into a pem (for ansible) Create a gce.ini file for GCE -------------------------------- +* gce_service_account_email_address - Found in "APIs & auth" -> Credentials -> "Service Account" -> "Email Address" +* gce_service_account_pem_file_path - Full path from previous steps +* gce_project_id - Found in "Projects", it list all the gce projects you are associated with. The page lists their "Project Name" and "Project ID". You want the "Project ID" + 1. vi ~/.gce/gce.ini 1. make the contents look like this: ``` @@ -61,7 +66,7 @@ Install Dependencies Test The Setup -------------- -1. cd li-ops/cloud +1. cd openshift-online-ansible/ 2. Try to list all instances: ``` ./cloud.rb gce list |