aboutsummaryrefslogtreecommitdiffstats
path: root/puppet/manifests
diff options
context:
space:
mode:
authorJenkins <jenkins@review.openstack.org>2016-03-14 12:30:37 +0000
committerGerrit Code Review <review@openstack.org>2016-03-14 12:30:38 +0000
commit31cb956bd4dc6bd08e7a3612798b4a939b326e93 (patch)
treeadbd5d555df4e1231bcd2abd7119059885935799 /puppet/manifests
parent312c0fac92698a01236c7170b6a9471fce8ba2b5 (diff)
parent48146252c9130c1cc9eadbf09d0a80b841cbef72 (diff)
Merge "Keystone domain for Heat"
Diffstat (limited to 'puppet/manifests')
-rw-r--r--puppet/manifests/overcloud_controller.pp17
-rw-r--r--puppet/manifests/overcloud_controller_pacemaker.pp10
2 files changed, 27 insertions, 0 deletions
diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp
index 4a03fefa..9e5c556a 100644
--- a/puppet/manifests/overcloud_controller.pp
+++ b/puppet/manifests/overcloud_controller.pp
@@ -663,6 +663,23 @@ if hiera('step') >= 4 {
if $heat_enable_db_purge {
include ::heat::cron::purge_deleted
}
+
+ if downcase(hiera('bootstrap_nodeid')) == $::hostname {
+ include ::keystone::roles::admin
+ # Class ::heat::keystone::domain has to run on bootstrap node
+ # because it creates DB entities via API calls.
+ include ::heat::keystone::domain
+
+ Class['::keystone::roles::admin'] -> Class['::heat::keystone::domain']
+ } else {
+ # On non-bootstrap node we don't need to create Keystone resources again
+ class { '::heat::keystone::domain':
+ manage_domain => false,
+ manage_user => false,
+ manage_role => false,
+ }
+ }
+
} #END STEP 4
$package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_controller', hiera('step')])
diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp
index 7637029c..402a3bc8 100644
--- a/puppet/manifests/overcloud_controller_pacemaker.pp
+++ b/puppet/manifests/overcloud_controller_pacemaker.pp
@@ -1851,6 +1851,16 @@ if hiera('step') >= 5 {
class {'::keystone::endpoint' :
require => Pacemaker::Resource::Service[$::apache::params::service_name],
}
+ include ::heat::keystone::domain
+ Class['::keystone::roles::admin'] -> Class['::heat::keystone::domain']
+
+ } else {
+ # On non-master controller we don't need to create Keystone resources again
+ class { '::heat::keystone::domain':
+ manage_domain => false,
+ manage_user => false,
+ manage_role => false,
+ }
}
} #END STEP 5