Merge "Keystone domain for Heat"

2 files changed, 27 insertions, 0 deletions

diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp
index 4a03fefa..9e5c556a 100644
--- a/puppet/manifests/overcloud_controller.pp
+++ b/puppet/manifests/overcloud_controller.pp
@@ -663,6 +663,23 @@ if hiera('step') >= 4 {
   if $heat_enable_db_purge {
     include ::heat::cron::purge_deleted
   }
+
+  if downcase(hiera('bootstrap_nodeid')) == $::hostname {
+    include ::keystone::roles::admin
+    # Class ::heat::keystone::domain has to run on bootstrap node
+    # because it creates DB entities via API calls.
+    include ::heat::keystone::domain
+
+    Class['::keystone::roles::admin'] -> Class['::heat::keystone::domain']
+  } else {
+    # On non-bootstrap node we don't need to create Keystone resources again
+    class { '::heat::keystone::domain':
+      manage_domain => false,
+      manage_user   => false,
+      manage_role   => false,
+    }
+  }
+
 } #END STEP 4
 
 $package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_controller', hiera('step')])
diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp
index 7637029c..402a3bc8 100644
--- a/puppet/manifests/overcloud_controller_pacemaker.pp
+++ b/puppet/manifests/overcloud_controller_pacemaker.pp
@@ -1851,6 +1851,16 @@ if hiera('step') >= 5 {
     class {'::keystone::endpoint' :
       require => Pacemaker::Resource::Service[$::apache::params::service_name],
     }
+    include ::heat::keystone::domain
+    Class['::keystone::roles::admin'] -> Class['::heat::keystone::domain']
+
+  } else {
+    # On non-master controller we don't need to create Keystone resources again
+    class { '::heat::keystone::domain':
+      manage_domain => false,
+      manage_user   => false,
+      manage_role   => false,
+    }
   }
 
 } #END STEP 5