summaryrefslogtreecommitdiffstats
path: root/deploy/adapters/ansible/openstack_osp9/roles/keystone
diff options
context:
space:
mode:
authorQiLiang <liangqi1@huawei.com>2016-10-27 06:17:50 +0800
committerQiLiang <liangqi1@huawei.com>2016-10-27 06:18:46 +0800
commit5ac0350135d59f143b91115170b5690631e3f448 (patch)
treeb272d882be516836a45cb8b31f7da5d8372e080e /deploy/adapters/ansible/openstack_osp9/roles/keystone
parentdde596264dadaa3e530adc4e30f9205edfaff3ba (diff)
add osp9 roles
Change-Id: Ie0085f718c2c737ae32c8abf97fd8c0408360acb Signed-off-by: QiLiang <liangqi1@huawei.com>
Diffstat (limited to 'deploy/adapters/ansible/openstack_osp9/roles/keystone')
-rwxr-xr-xdeploy/adapters/ansible/openstack_osp9/roles/keystone/tasks/keystone_install.yml97
-rwxr-xr-xdeploy/adapters/ansible/openstack_osp9/roles/keystone/vars/RedHat.yml20
-rwxr-xr-xdeploy/adapters/ansible/openstack_osp9/roles/keystone/vars/main.yml164
3 files changed, 281 insertions, 0 deletions
diff --git a/deploy/adapters/ansible/openstack_osp9/roles/keystone/tasks/keystone_install.yml b/deploy/adapters/ansible/openstack_osp9/roles/keystone/tasks/keystone_install.yml
new file mode 100755
index 00000000..ba4fc28e
--- /dev/null
+++ b/deploy/adapters/ansible/openstack_osp9/roles/keystone/tasks/keystone_install.yml
@@ -0,0 +1,97 @@
+##############################################################################
+# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
+#
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+---
+- include_vars: "{{ ansible_os_family }}.yml"
+
+- name: disable auto start
+ copy:
+ content: "#!/bin/sh\nexit 101"
+ dest: "/usr/sbin/policy-rc.d"
+ mode: 0755
+ when: ansible_os_family == "Debian"
+
+- name: install keystone packages
+ action: "{{ ansible_pkg_mgr }} name={{ item }} state=present"
+ with_items: packages | union(packages_noarch)
+
+- name: enable auto start
+ file:
+ path=/usr/sbin/policy-rc.d
+ state=absent
+ when: ansible_os_family == "Debian"
+
+- name: disable boot auto start
+ file:
+ path={{ item }}
+ state=absent
+ with_items:
+ - /etc/init.d/keystone
+ - /etc/init/keystone.conf
+ when: ansible_os_family == "Debian"
+
+- name: generate keystone service list
+ lineinfile: dest=/opt/service create=yes line='{{ item }}'
+ with_items: services | union(services_noarch)
+
+- name: delete sqlite database
+ file:
+ path: /var/lib/keystone/keystone.db
+ state: absent
+
+- name: update keystone conf
+ template: src=keystone.conf dest=/etc/keystone/keystone.conf backup=yes
+ notify:
+ - restart keystone services
+
+- name: assure listen port exist
+ lineinfile:
+ dest: '{{ apache_config_dir }}/ports.conf'
+ regexp: '{{ item.regexp }}'
+ line: '{{ item.line}}'
+ with_items:
+ - regexp: "^Listen {{ internal_ip }}:5000"
+ line: "Listen {{ internal_ip }}:5000"
+ - regexp: "^Listen {{ internal_ip }}:35357"
+ line: "Listen {{ internal_ip }}:35357"
+ notify:
+ - restart keystone services
+
+- name: update apache2 configs
+ template:
+ src: wsgi-keystone.conf.j2
+ dest: '{{ apache_config_dir }}/sites-available/wsgi-keystone.conf'
+ when: ansible_os_family == 'Debian'
+ notify:
+ - restart keystone services
+
+- name: update apache2 configs
+ template:
+ src: wsgi-keystone.conf.j2
+ dest: '{{ apache_config_dir }}/wsgi-keystone.conf'
+ when: ansible_os_family == 'RedHat'
+ notify:
+ - restart keystone services
+
+- name: enable keystone server
+ file:
+ src: "{{ apache_config_dir }}/sites-available/wsgi-keystone.conf"
+ dest: "{{ apache_config_dir }}/sites-enabled/wsgi-keystone.conf"
+ state: "link"
+ when: ansible_os_family == 'Debian'
+ notify:
+ - restart keystone services
+
+- name: keystone source files
+ template: src={{ item }} dest=/opt/{{ item }}
+ with_items:
+ - admin-openrc.sh
+ - demo-openrc.sh
+ - admin-openrc-v3.sh
+
+- meta: flush_handlers
diff --git a/deploy/adapters/ansible/openstack_osp9/roles/keystone/vars/RedHat.yml b/deploy/adapters/ansible/openstack_osp9/roles/keystone/vars/RedHat.yml
new file mode 100755
index 00000000..63ddce3c
--- /dev/null
+++ b/deploy/adapters/ansible/openstack_osp9/roles/keystone/vars/RedHat.yml
@@ -0,0 +1,20 @@
+##############################################################################
+# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
+#
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+---
+cron_path: "/var/spool/cron"
+
+packages:
+ - openstack-keystone
+ - python-openstackclient
+
+services:
+ - httpd
+
+apache_config_dir: /etc/httpd/conf.d
+http_service_name: httpd
diff --git a/deploy/adapters/ansible/openstack_osp9/roles/keystone/vars/main.yml b/deploy/adapters/ansible/openstack_osp9/roles/keystone/vars/main.yml
new file mode 100755
index 00000000..9e97a29c
--- /dev/null
+++ b/deploy/adapters/ansible/openstack_osp9/roles/keystone/vars/main.yml
@@ -0,0 +1,164 @@
+##############################################################################
+# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
+#
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+---
+packages_noarch:
+ - python-keystoneclient
+
+services_noarch: []
+os_services:
+ - name: keystone
+ type: identity
+ region: RegionOne
+ description: "OpenStack Identity"
+ publicurl: "http://{{ public_vip.ip }}:5000/v2.0"
+ internalurl: "http://{{ internal_vip.ip }}:5000/v2.0"
+ adminurl: "http://{{ internal_vip.ip }}:35357/v2.0"
+
+ - name: glance
+ type: image
+ region: RegionOne
+ description: "OpenStack Image Service"
+ publicurl: "http://{{ public_vip.ip }}:9292"
+ internalurl: "http://{{ internal_vip.ip }}:9292"
+ adminurl: "http://{{ internal_vip.ip }}:9292"
+
+ - name: nova
+ type: compute
+ region: RegionOne
+ description: "OpenStack Compute"
+ publicurl: "http://{{ public_vip.ip }}:8774/v2/%(tenant_id)s"
+ internalurl: "http://{{ internal_vip.ip }}:8774/v2/%(tenant_id)s"
+ adminurl: "http://{{ internal_vip.ip }}:8774/v2/%(tenant_id)s"
+
+ - name: neutron
+ type: network
+ region: RegionOne
+ description: "OpenStack Networking"
+ publicurl: "http://{{ public_vip.ip }}:9696"
+ internalurl: "http://{{ internal_vip.ip }}:9696"
+ adminurl: "http://{{ internal_vip.ip }}:9696"
+
+ - name: ceilometer
+ type: metering
+ region: RegionOne
+ description: "OpenStack Telemetry"
+ publicurl: "http://{{ public_vip.ip }}:8777"
+ internalurl: "http://{{ internal_vip.ip }}:8777"
+ adminurl: "http://{{ internal_vip.ip }}:8777"
+
+ - name: aodh
+ type: alarming
+ region: RegionOne
+ description: "OpenStack Telemetry"
+ publicurl: "http://{{ public_vip.ip }}:8042"
+ internalurl: "http://{{ internal_vip.ip }}:8042"
+ adminurl: "http://{{ internal_vip.ip }}:8042"
+
+ - name: cinder
+ type: volume
+ region: RegionOne
+ description: "OpenStack Block Storage"
+ publicurl: "http://{{ public_vip.ip }}:8776/v1/%(tenant_id)s"
+ internalurl: "http://{{ internal_vip.ip }}:8776/v1/%(tenant_id)s"
+ adminurl: "http://{{ internal_vip.ip }}:8776/v1/%(tenant_id)s"
+
+ - name: cinderv2
+ type: volumev2
+ region: RegionOne
+ description: "OpenStack Block Storage v2"
+ publicurl: "http://{{ public_vip.ip }}:8776/v2/%(tenant_id)s"
+ internalurl: "http://{{ internal_vip.ip }}:8776/v2/%(tenant_id)s"
+ adminurl: "http://{{ internal_vip.ip }}:8776/v2/%(tenant_id)s"
+
+ - name: heat
+ type: orchestration
+ region: RegionOne
+ description: "OpenStack Orchestration"
+ publicurl: "http://{{ public_vip.ip }}:8004/v1/%(tenant_id)s"
+ internalurl: "http://{{ internal_vip.ip }}:8004/v1/%(tenant_id)s"
+ adminurl: "http://{{ internal_vip.ip }}:8004/v1/%(tenant_id)s"
+
+ - name: heat-cfn
+ type: cloudformation
+ region: RegionOne
+ description: "OpenStack CloudFormation Orchestration"
+ publicurl: "http://{{ public_vip.ip }}:8000/v1"
+ internalurl: "http://{{ internal_vip.ip }}:8000/v1"
+ adminurl: "http://{{ internal_vip.ip }}:8000/v1"
+
+os_users:
+ - user: admin
+ password: "{{ ADMIN_PASS }}"
+ email: admin@admin.com
+ role: admin
+ tenant: admin
+ tenant_description: "Admin Tenant"
+
+ - user: glance
+ password: "{{ GLANCE_PASS }}"
+ email: glance@admin.com
+ role: admin
+ tenant: service
+ tenant_description: "Service Tenant"
+
+ - user: nova
+ password: "{{ NOVA_PASS }}"
+ email: nova@admin.com
+ role: admin
+ tenant: service
+ tenant_description: "Service Tenant"
+
+ - user: keystone
+ password: "{{ KEYSTONE_PASS }}"
+ email: keystone@admin.com
+ role: admin
+ tenant: service
+ tenant_description: "Service Tenant"
+
+ - user: neutron
+ password: "{{ NEUTRON_PASS }}"
+ email: neutron@admin.com
+ role: admin
+ tenant: service
+ tenant_description: "Service Tenant"
+
+ - user: ceilometer
+ password: "{{ CEILOMETER_PASS }}"
+ email: ceilometer@admin.com
+ role: admin
+ tenant: service
+ tenant_description: "Service Tenant"
+
+ - user: cinder
+ password: "{{ CINDER_PASS }}"
+ email: cinder@admin.com
+ role: admin
+ tenant: service
+ tenant_description: "Service Tenant"
+
+ - user: aodh
+ password: "{{ AODH_PASS }}"
+ email: aodh@admin.com
+ role: admin
+ tenant: service
+ tenant_description: "Service Tenant"
+
+ - user: heat
+ password: "{{ HEAT_PASS }}"
+ email: heat@admin.com
+ role: admin
+ tenant: service
+ tenant_description: "Service Tenant"
+
+ - user: demo
+ password: ""
+ email: heat@demo.com
+ role: heat_stack_user
+ tenant: demo
+ tenant_description: "Demo Tenant"