summaryrefslogtreecommitdiffstats
path: root/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone
diff options
context:
space:
mode:
authorliyuenan <liyuenan@huawei.com>2016-12-19 11:06:36 +0800
committerliyuenan <liyuenan@huawei.com>2016-12-20 15:05:03 +0800
commit819912d0379f6cd2b2693c2968576f7514a117c5 (patch)
treee24d274484fa1ec8976c9f1bd44f5ee6e445724b /deploy/adapters/ansible/openstack_newton_xenial/roles/keystone
parenteb5dbdac42b1b7b775fbc1dc513376425a6898ff (diff)
master only support newton
JIRA: COMPASS-513 Remove other roles and ppa, master only support newton. Change-Id: I47ddb16baa25902c3e05cc7f9d0d6430f5dc7e00 Signed-off-by: liyuenan <liyuenan@huawei.com>
Diffstat (limited to 'deploy/adapters/ansible/openstack_newton_xenial/roles/keystone')
-rw-r--r--deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/tasks/keystone_config.yml96
-rw-r--r--deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/tasks/keystone_create.yml93
-rw-r--r--deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/tasks/keystone_install.yml98
-rw-r--r--deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/tasks/main.yml30
-rw-r--r--deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/templates/admin-openrc-v2.sh15
-rw-r--r--deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/templates/admin-openrc.sh18
-rw-r--r--deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/templates/demo-openrc.sh17
-rw-r--r--deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/templates/keystone.conf60
-rw-r--r--deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/templates/wsgi-keystone.conf.j250
-rw-r--r--deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/vars/Debian.yml24
-rw-r--r--deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/vars/main.yml194
11 files changed, 0 insertions, 695 deletions
diff --git a/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/tasks/keystone_config.yml b/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/tasks/keystone_config.yml
deleted file mode 100644
index ea211470..00000000
--- a/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/tasks/keystone_config.yml
+++ /dev/null
@@ -1,96 +0,0 @@
-##############################################################################
-# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
-#
-# All rights reserved. This program and the accompanying materials
-# are made available under the terms of the Apache License, Version 2.0
-# which accompanies this distribution, and is available at
-# http://www.apache.org/licenses/LICENSE-2.0
-##############################################################################
----
-- include_vars: "{{ ansible_os_family }}.yml"
-
-- name: keystone-manage db-sync
- shell: su -s /bin/sh -c 'keystone-manage db_sync' keystone
-
-- name: Check if fernet keys already exist
- stat:
- path: "/etc/keystone/fernet-keys/0"
- register: fernet_keys_0
-
-- name: Create fernet keys for Keystone
- command:
- keystone-manage fernet_setup
- --keystone-user keystone
- --keystone-group keystone
- when: not fernet_keys_0.stat.exists
- notify:
- - restart keystone services
-
-- name: Rotate fernet keys for Keystone
- command:
- keystone-manage fernet_rotate
- --keystone-user keystone
- --keystone-group keystone
- when: fernet_keys_0.stat.exists
- notify:
- - restart keystone services
-
-- name: Distribute the fernet key repository
- shell: rsync -e 'ssh -o StrictHostKeyChecking=no' \
- -avz \
- --delete \
- /etc/keystone/fernet-keys \
- root@{{ hostvars[ item ].ansible_eth0.ipv4.address }}:/etc/keystone/
- with_items: groups['controller'][1:]
- notify:
- - restart keystone services
-
-- name: Check if credential keys already exist
- stat:
- path: "/etc/keystone/credential-keys/0"
- register: credential_keys_0
-
-- name: Create credential keys for Keystone
- command:
- keystone-manage credential_setup
- --keystone-user keystone
- --keystone-group keystone
- when: not credential_keys_0.stat.exists
- notify:
- - restart keystone services
-
-- name: Rotate credential keys for Keystone
- command:
- keystone-manage credential_rotate
- --keystone-user keystone
- --keystone-group keystone
- when: credential_keys_0.stat.exists
- notify:
- - restart keystone services
-
-- name: Distribute the credential key repository
- shell: rsync -e 'ssh -o StrictHostKeyChecking=no' \
- -avz \
- --delete \
- /etc/keystone/credential-keys \
- root@{{ hostvars[ item ].ansible_eth0.ipv4.address }}:/etc/keystone/
- with_items: groups['controller'][1:]
- notify:
- - restart keystone services
-
-- name: Bootstrap the Identity service
- shell:
- keystone-manage bootstrap \
- --bootstrap-password {{ ADMIN_PASS }} \
- --bootstrap-admin-url http://{{ internal_ip }}:35357/v3/ \
- --bootstrap-internal-url http://{{ internal_ip }}:35357/v3/ \
- --bootstrap-public-url http://{{ internal_ip }}:5000/v3/
- --bootstrap-region-id RegionOne \
- notify:
- - restart keystone services
-
-- meta: flush_handlers
-
-- name: wait for keystone ready
- wait_for: port=35357 delay=15 timeout=60 host={{ internal_ip }}
-
diff --git a/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/tasks/keystone_create.yml b/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/tasks/keystone_create.yml
deleted file mode 100644
index 53077776..00000000
--- a/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/tasks/keystone_create.yml
+++ /dev/null
@@ -1,93 +0,0 @@
-##############################################################################
-# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
-#
-# All rights reserved. This program and the accompanying materials
-# are made available under the terms of the Apache License, Version 2.0
-# which accompanies this distribution, and is available at
-# http://www.apache.org/licenses/LICENSE-2.0
-##############################################################################
----
-- name: set keystone endpoint
- shell:
- . /opt/admin-openrc.sh;
- openstack endpoint set \
- --interface public \
- --url {{ item.publicurl }} \
- $(openstack endpoint list | grep keystone | grep public | awk '{print $2}');
- openstack endpoint set \
- --interface internal \
- --url {{ item.internalurl }} \
- $(openstack endpoint list | grep keystone | grep internal | awk '{print $2}');
- openstack endpoint set \
- --interface admin \
- --url {{ item.adminurl }} \
- $(openstack endpoint list | grep keystone | grep admin | awk '{print $2}');
- with_items: "{{ os_services[0:1] }}"
-
-- name: add service
- shell:
- . /opt/admin-openrc.sh;
- openstack service create \
- --name "{{ item.name }}"
- --description "{{ item.description }}" \
- {{ item.type }}
- with_items: "{{ os_services[1:] }}"
-
-- name: add project
- shell:
- . /opt/admin-openrc.sh;
- openstack project create --description "Service Project" service;
- openstack project create --domain default --description "Demo Project" demo;
-
-- name: set admin user
- shell:
- . /opt/admin-openrc.sh;
- openstack user set \
- --email "{{ item.email }}" \
- --project "{{ item.tenant }}" \
- --description "{{ item.tenant_description }}" \
- --password "{{ item.password }}" \
- {{ item.user }}
- with_items: "{{ os_users }}"
- when: item["user"] == "admin"
-
-- name: add user
- shell:
- . /opt/admin-openrc.sh;
- openstack user create \
- --email "{{ item.email }}" \
- --project "{{ item.tenant }}" \
- --description "{{ item.tenant_description }}" \
- --password "{{ item.password }}" \
- {{ item.user }}
- with_items: "{{ os_users[1:] }}"
-
-- name: add roles
- shell:
- . /opt/admin-openrc.sh;
- openstack role create {{ item.role }}
- with_items: "{{ os_users }}"
- when: item["user"] == "demo"
-
-- name: grant roles
- shell:
- . /opt/admin-openrc.sh;
- openstack role add \
- --project "{{ item.tenant }}" \
- --user "{{ item.user }}" \
- {{ item.role }}
- with_items: "{{ os_users }}"
-
-- name: add endpoints
- shell:
- . /opt/admin-openrc.sh;
- openstack endpoint create \
- --region {{ item.region }} \
- {{ item.name }} public {{ item.publicurl }};
- openstack endpoint create \
- --region {{ item.region }} \
- {{ item.name }} internal {{ item.internalurl }};
- openstack endpoint create \
- --region {{ item.region }} \
- {{ item.name }} admin {{ item.adminurl }};
- with_items: "{{ os_services[1:] }}"
diff --git a/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/tasks/keystone_install.yml b/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/tasks/keystone_install.yml
deleted file mode 100644
index 757349c5..00000000
--- a/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/tasks/keystone_install.yml
+++ /dev/null
@@ -1,98 +0,0 @@
-##############################################################################
-# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
-#
-# All rights reserved. This program and the accompanying materials
-# are made available under the terms of the Apache License, Version 2.0
-# which accompanies this distribution, and is available at
-# http://www.apache.org/licenses/LICENSE-2.0
-##############################################################################
----
-- include_vars: "{{ ansible_os_family }}.yml"
-
-- name: disable auto start
- copy:
- content: "#!/bin/sh\nexit 101"
- dest: "/usr/sbin/policy-rc.d"
- mode: 0755
- when: ansible_os_family == "Debian"
-
-- name: install keystone packages
- action: "{{ ansible_pkg_mgr }} name={{ item }} state=present"
- with_items: packages | union(packages_noarch)
-
-- name: enable auto start
- file:
- path=/usr/sbin/policy-rc.d
- state=absent
- when: ansible_os_family == "Debian"
-
-- name: disable boot auto start
- file:
- path={{ item }}
- state=absent
- with_items:
- - /etc/init.d/keystone
- - /etc/init/keystone.conf
- - /lib/systemd/system/keystone.service
- when: ansible_os_family == "Debian"
-
-- name: generate keystone service list
- lineinfile: dest=/opt/service create=yes line='{{ item }}'
- with_items: services | union(services_noarch)
-
-- name: delete sqlite database
- file:
- path: /var/lib/keystone/keystone.db
- state: absent
-
-- name: update keystone conf
- template: src=keystone.conf dest=/etc/keystone/keystone.conf backup=yes
- notify:
- - restart keystone services
-
-- name: assure listen port exist
- lineinfile:
- dest: '{{ apache_config_dir }}/ports.conf'
- regexp: '{{ item.regexp }}'
- line: '{{ item.line}}'
- with_items:
- - regexp: "^Listen {{ internal_ip }}:5000"
- line: "Listen {{ internal_ip }}:5000"
- - regexp: "^Listen {{ internal_ip }}:35357"
- line: "Listen {{ internal_ip }}:35357"
- notify:
- - restart keystone services
-
-- name: update apache2 configs
- template:
- src: wsgi-keystone.conf.j2
- dest: '{{ apache_config_dir }}/sites-available/keystone.conf'
- when: ansible_os_family == 'Debian'
- notify:
- - restart keystone services
-
-- name: update apache2 configs
- template:
- src: wsgi-keystone.conf.j2
- dest: '{{ apache_config_dir }}/keystone.conf'
- when: ansible_os_family == 'RedHat'
- notify:
- - restart keystone services
-
-- name: enable keystone server
- file:
- src: "{{ apache_config_dir }}/sites-available/keystone.conf"
- dest: "{{ apache_config_dir }}/sites-enabled/keystone.conf"
- state: "link"
- when: ansible_os_family == 'Debian'
- notify:
- - restart keystone services
-
-- name: keystone source files
- template: src={{ item }} dest=/opt/{{ item }}
- with_items:
- - admin-openrc.sh
- - admin-openrc-v2.sh
- - demo-openrc.sh
-
-- meta: flush_handlers
diff --git a/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/tasks/main.yml b/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/tasks/main.yml
deleted file mode 100644
index ad619d40..00000000
--- a/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/tasks/main.yml
+++ /dev/null
@@ -1,30 +0,0 @@
-##############################################################################
-# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
-#
-# All rights reserved. This program and the accompanying materials
-# are made available under the terms of the Apache License, Version 2.0
-# which accompanies this distribution, and is available at
-# http://www.apache.org/licenses/LICENSE-2.0
-##############################################################################
----
-- include: keystone_install.yml
- tags:
- - install
- - keystone_install
- - keystone
-
-- include: keystone_config.yml
- when: inventory_hostname == groups['controller'][0]
- tags:
- - config
- - keystone_config
- - keystone
-
-- include: keystone_create.yml
- when: inventory_hostname == groups['controller'][0]
- tags:
- - config
- - keystone_create
- - keystone
-
-- meta: flush_handlers
diff --git a/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/templates/admin-openrc-v2.sh b/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/templates/admin-openrc-v2.sh
deleted file mode 100644
index 6ba620ff..00000000
--- a/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/templates/admin-openrc-v2.sh
+++ /dev/null
@@ -1,15 +0,0 @@
-##############################################################################
-# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
-#
-# All rights reserved. This program and the accompanying materials
-# are made available under the terms of the Apache License, Version 2.0
-# which accompanies this distribution, and is available at
-# http://www.apache.org/licenses/LICENSE-2.0
-##############################################################################
-# Verify the Identity Service installation
-export OS_PASSWORD={{ ADMIN_PASS }}
-export OS_TENANT_NAME=admin
-export OS_AUTH_URL=http://{{ internal_vip.ip }}:35357/v2.0
-export OS_USERNAME=admin
-export OS_VOLUME_API_VERSION=2
-
diff --git a/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/templates/admin-openrc.sh b/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/templates/admin-openrc.sh
deleted file mode 100644
index 94d5850f..00000000
--- a/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/templates/admin-openrc.sh
+++ /dev/null
@@ -1,18 +0,0 @@
-##############################################################################
-# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
-#
-# All rights reserved. This program and the accompanying materials
-# are made available under the terms of the Apache License, Version 2.0
-# which accompanies this distribution, and is available at
-# http://www.apache.org/licenses/LICENSE-2.0
-##############################################################################
-# Verify the Identity Service installation
-export OS_PROJECT_DOMAIN_NAME=default
-export OS_USER_DOMAIN_NAME=default
-export OS_TENANT_NAME=admin
-export OS_PROJECT_NAME=admin
-export OS_USERNAME=admin
-export OS_PASSWORD={{ ADMIN_PASS }}
-export OS_AUTH_URL=http://{{ internal_vip.ip }}:35357/v3
-export OS_IDENTITY_API_VERSION=3
-export OS_IMAGE_API_VERSION=2
diff --git a/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/templates/demo-openrc.sh b/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/templates/demo-openrc.sh
deleted file mode 100644
index 920f42ed..00000000
--- a/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/templates/demo-openrc.sh
+++ /dev/null
@@ -1,17 +0,0 @@
-##############################################################################
-# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
-#
-# All rights reserved. This program and the accompanying materials
-# are made available under the terms of the Apache License, Version 2.0
-# which accompanies this distribution, and is available at
-# http://www.apache.org/licenses/LICENSE-2.0
-##############################################################################
-export OS_PROJECT_DOMAIN_NAME=default
-export OS_USER_DOMAIN_NAME=default
-export OS_TENANT_NAME=demo
-export OS_PROJECT_NAME=demo
-export OS_USERNAME=demo
-export OS_PASSWORD={{ DEMO_PASS }}
-export OS_AUTH_URL=http://{{ internal_vip.ip }}:5000/v3
-export OS_IDENTITY_API_VERSION=3
-export OS_IMAGE_API_VERSION=2
diff --git a/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/templates/keystone.conf b/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/templates/keystone.conf
deleted file mode 100644
index 919be344..00000000
--- a/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/templates/keystone.conf
+++ /dev/null
@@ -1,60 +0,0 @@
-{% set memcached_servers = [] %}
-{% set rabbitmq_servers = [] %}
-{% for host in haproxy_hosts.values() %}
-{% set _ = memcached_servers.append('%s:11211'% host) %}
-{% set _ = rabbitmq_servers.append('%s:5672'% host) %}
-{% endfor %}
-{% set memcached_servers = memcached_servers|join(',') %}
-{% set rabbitmq_servers = rabbitmq_servers|join(',') %}
-[DEFAULT]
-debug={{ DEBUG }}
-log_dir = /var/log/keystone
-
-[cache]
-backend = keystone.cache.memcache_pool
-memcache_servers = {{ memcached_servers}}
-enabled=true
-
-[revoke]
-driver = sql
-expiration_buffer = 3600
-caching = true
-
-[database]
-connection = mysql://keystone:{{ KEYSTONE_DBPASS }}@{{ db_host }}/keystone?charset=utf8
-idle_timeout = 30
-min_pool_size = 5
-max_pool_size = 120
-pool_timeout = 30
-
-[fernet_tokens]
-key_repository = /etc/keystone/fernet-keys/
-
-[identity]
-default_domain_id = default
-driver = sql
-
-[assignment]
-driver = sql
-
-[resource]
-driver = sql
-caching = true
-cache_time = 3600
-
-[token]
-enforce_token_bind = permissive
-expiration = 43200
-provider = fernet
-driver = sql
-caching = true
-cache_time = 3600
-
-[eventlet_server]
-public_bind_host = {{ identity_host }}
-admin_bind_host = {{ identity_host }}
-
-[oslo_messaging_rabbit]
-rabbit_userid = {{ RABBIT_USER }}
-rabbit_password = {{ RABBIT_PASS }}
-rabbit_hosts = {{ rabbitmq_servers }}
diff --git a/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/templates/wsgi-keystone.conf.j2 b/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/templates/wsgi-keystone.conf.j2
deleted file mode 100644
index 55c89839..00000000
--- a/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/templates/wsgi-keystone.conf.j2
+++ /dev/null
@@ -1,50 +0,0 @@
-{% set work_threads = (ansible_processor_vcpus + 1) // 2 %}
-{% if work_threads > 10 %}
-{% set work_threads = 10 %}
-{% endif %}
-
-<VirtualHost {{ internal_ip }}:5000>
- WSGIDaemonProcess keystone-public processes=4 threads={{ work_threads }} user=keystone group=keystone display-name=%{GROUP}
- WSGIProcessGroup keystone-public
- WSGIScriptAlias / /usr/bin/keystone-wsgi-public
- WSGIApplicationGroup %{GLOBAL}
- WSGIPassAuthorization On
- <IfVersion >= 2.4>
- ErrorLogFormat "%{cu}t %M"
- </IfVersion>
- ErrorLog /var/log/{{ http_service_name }}/keystone.log
- CustomLog /var/log/{{ http_service_name }}/keystone_access.log combined
-
- <Directory /usr/bin>
- <IfVersion >= 2.4>
- Require all granted
- </IfVersion>
- <IfVersion < 2.4>
- Order allow,deny
- Allow from all
- </IfVersion>
- </Directory>
-</VirtualHost>
-
-<VirtualHost {{ internal_ip }}:35357>
- WSGIDaemonProcess keystone-admin processes=4 threads={{ work_threads }} user=keystone group=keystone display-name=%{GROUP}
- WSGIProcessGroup keystone-admin
- WSGIScriptAlias / /usr/bin/keystone-wsgi-admin
- WSGIApplicationGroup %{GLOBAL}
- WSGIPassAuthorization On
- <IfVersion >= 2.4>
- ErrorLogFormat "%{cu}t %M"
- </IfVersion>
- ErrorLog /var/log/{{ http_service_name }}/keystone.log
- CustomLog /var/log/{{ http_service_name }}/keystone_access.log combined
-
- <Directory /usr/bin>
- <IfVersion >= 2.4>
- Require all granted
- </IfVersion>
- <IfVersion < 2.4>
- Order allow,deny
- Allow from all
- </IfVersion>
- </Directory>
-</VirtualHost>
diff --git a/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/vars/Debian.yml b/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/vars/Debian.yml
deleted file mode 100644
index 89bfbe0a..00000000
--- a/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/vars/Debian.yml
+++ /dev/null
@@ -1,24 +0,0 @@
-##############################################################################
-# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
-#
-# All rights reserved. This program and the accompanying materials
-# are made available under the terms of the Apache License, Version 2.0
-# which accompanies this distribution, and is available at
-# http://www.apache.org/licenses/LICENSE-2.0
-##############################################################################
----
-
-cron_path: "/var/spool/cron/crontabs"
-
-packages:
- - apache2
- - libapache2-mod-wsgi
- - python-keystone
- - python-openstackclient
- - keystone
-
-services:
- - apache2
-
-apache_config_dir: /etc/apache2
-http_service_name: apache2
diff --git a/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/vars/main.yml b/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/vars/main.yml
deleted file mode 100644
index baaf89e1..00000000
--- a/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/vars/main.yml
+++ /dev/null
@@ -1,194 +0,0 @@
-##############################################################################
-# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
-#
-# All rights reserved. This program and the accompanying materials
-# are made available under the terms of the Apache License, Version 2.0
-# which accompanies this distribution, and is available at
-# http://www.apache.org/licenses/LICENSE-2.0
-##############################################################################
----
-packages_noarch:
- - python-keystoneclient
-
-services_noarch: []
-os_services:
- - name: keystone
- type: identity
- region: RegionOne
- description: "OpenStack Identity"
- publicurl: "http://{{ public_vip.ip }}:5000/v2.0"
- internalurl: "http://{{ internal_vip.ip }}:5000/v2.0"
- adminurl: "http://{{ internal_vip.ip }}:35357/v2.0"
-
- - name: glance
- type: image
- region: RegionOne
- description: "OpenStack Image Service"
- publicurl: "http://{{ public_vip.ip }}:9292"
- internalurl: "http://{{ internal_vip.ip }}:9292"
- adminurl: "http://{{ internal_vip.ip }}:9292"
-
- - name: nova
- type: compute
- region: RegionOne
- description: "OpenStack Compute"
- publicurl: "http://{{ public_vip.ip }}:8774/v2/%(tenant_id)s"
- internalurl: "http://{{ internal_vip.ip }}:8774/v2/%(tenant_id)s"
- adminurl: "http://{{ internal_vip.ip }}:8774/v2/%(tenant_id)s"
-
- - name: neutron
- type: network
- region: RegionOne
- description: "OpenStack Networking"
- publicurl: "http://{{ public_vip.ip }}:9696"
- internalurl: "http://{{ internal_vip.ip }}:9696"
- adminurl: "http://{{ internal_vip.ip }}:9696"
-
- - name: ceilometer
- type: metering
- region: RegionOne
- description: "OpenStack Telemetry"
- publicurl: "http://{{ public_vip.ip }}:8777"
- internalurl: "http://{{ internal_vip.ip }}:8777"
- adminurl: "http://{{ internal_vip.ip }}:8777"
-
- - name: aodh
- type: alarming
- region: RegionOne
- description: "OpenStack Telemetry"
- publicurl: "http://{{ public_vip.ip }}:8042"
- internalurl: "http://{{ internal_vip.ip }}:8042"
- adminurl: "http://{{ internal_vip.ip }}:8042"
-
- - name: cinder
- type: volume
- region: RegionOne
- description: "OpenStack Block Storage"
- publicurl: "http://{{ public_vip.ip }}:8776/v1/%(tenant_id)s"
- internalurl: "http://{{ internal_vip.ip }}:8776/v1/%(tenant_id)s"
- adminurl: "http://{{ internal_vip.ip }}:8776/v1/%(tenant_id)s"
-
- - name: cinderv2
- type: volumev2
- region: RegionOne
- description: "OpenStack Block Storage v2"
- publicurl: "http://{{ public_vip.ip }}:8776/v2/%(tenant_id)s"
- internalurl: "http://{{ internal_vip.ip }}:8776/v2/%(tenant_id)s"
- adminurl: "http://{{ internal_vip.ip }}:8776/v2/%(tenant_id)s"
-
- - name: heat
- type: orchestration
- region: RegionOne
- description: "OpenStack Orchestration"
- publicurl: "http://{{ public_vip.ip }}:8004/v1/%(tenant_id)s"
- internalurl: "http://{{ internal_vip.ip }}:8004/v1/%(tenant_id)s"
- adminurl: "http://{{ internal_vip.ip }}:8004/v1/%(tenant_id)s"
-
- - name: heat-cfn
- type: cloudformation
- region: RegionOne
- description: "OpenStack CloudFormation Orchestration"
- publicurl: "http://{{ public_vip.ip }}:8000/v1"
- internalurl: "http://{{ internal_vip.ip }}:8000/v1"
- adminurl: "http://{{ internal_vip.ip }}:8000/v1"
-
- - name: congress
- type: policy
- region: RegionOne
- description: "OpenStack Policy Service"
- publicurl: "http://{{ public_vip.ip }}:1789"
- internalurl: "http://{{ internal_vip.ip }}:1789"
- adminurl: "http://{{ internal_vip.ip }}:1789"
-
-# - name: swift
-# type: object-store
-# region: RegionOne
-# description: "OpenStack Object Storage"
-# publicurl: "http://{{ public_vip.ip }}:8080/v1/AUTH_%(tenant_id)s"
-# internalurl: "http://{{ internal_vip.ip }}:8080/v1/AUTH_%(tenant_id)s"
-# adminurl: "http://{{ internal_vip.ip }}:8080/v1/AUTH_%(tenant_id)s"
-
-os_users:
- - user: admin
- password: "{{ ADMIN_PASS }}"
- email: admin@admin.com
- role: admin
- tenant: admin
- tenant_description: "Admin Tenant"
-
- - user: glance
- password: "{{ GLANCE_PASS }}"
- email: glance@admin.com
- role: admin
- tenant: service
- tenant_description: "Service Tenant"
-
- - user: nova
- password: "{{ NOVA_PASS }}"
- email: nova@admin.com
- role: admin
- tenant: service
- tenant_description: "Service Tenant"
-
- - user: keystone
- password: "{{ KEYSTONE_PASS }}"
- email: keystone@admin.com
- role: admin
- tenant: service
- tenant_description: "Service Tenant"
-
- - user: neutron
- password: "{{ NEUTRON_PASS }}"
- email: neutron@admin.com
- role: admin
- tenant: service
- tenant_description: "Service Tenant"
-
- - user: ceilometer
- password: "{{ CEILOMETER_PASS }}"
- email: ceilometer@admin.com
- role: admin
- tenant: service
- tenant_description: "Service Tenant"
-
- - user: cinder
- password: "{{ CINDER_PASS }}"
- email: cinder@admin.com
- role: admin
- tenant: service
- tenant_description: "Service Tenant"
-
- - user: aodh
- password: "{{ AODH_PASS }}"
- email: aodh@admin.com
- role: admin
- tenant: service
- tenant_description: "Service Tenant"
-
- - user: heat
- password: "{{ HEAT_PASS }}"
- email: heat@admin.com
- role: admin
- tenant: service
- tenant_description: "Service Tenant"
-
- - user: congress
- password: "{{ CONGRESS_PASS }}"
- email: congress@admin.com
- role: admin
- tenant: service
- tenant_description: "Service Tenant"
-
- - user: demo
- password: ""
- email: heat@demo.com
- role: heat_stack_user
- tenant: demo
- tenant_description: "Demo Tenant"
-
-# - user: swift
-# password: "{{ CINDER_PASS }}"
-# email: swift@admin.com
-# role: admin
-# tenant: service
-# tenant_description: "Service Tenant"