aboutsummaryrefslogtreecommitdiffstats
path: root/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/tasks/keystone_config.yml
diff options
context:
space:
mode:
Diffstat (limited to 'deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/tasks/keystone_config.yml')
-rw-r--r--deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/tasks/keystone_config.yml96
1 files changed, 0 insertions, 96 deletions
diff --git a/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/tasks/keystone_config.yml b/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/tasks/keystone_config.yml
deleted file mode 100644
index ea211470..00000000
--- a/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/tasks/keystone_config.yml
+++ /dev/null
@@ -1,96 +0,0 @@
-##############################################################################
-# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
-#
-# All rights reserved. This program and the accompanying materials
-# are made available under the terms of the Apache License, Version 2.0
-# which accompanies this distribution, and is available at
-# http://www.apache.org/licenses/LICENSE-2.0
-##############################################################################
----
-- include_vars: "{{ ansible_os_family }}.yml"
-
-- name: keystone-manage db-sync
- shell: su -s /bin/sh -c 'keystone-manage db_sync' keystone
-
-- name: Check if fernet keys already exist
- stat:
- path: "/etc/keystone/fernet-keys/0"
- register: fernet_keys_0
-
-- name: Create fernet keys for Keystone
- command:
- keystone-manage fernet_setup
- --keystone-user keystone
- --keystone-group keystone
- when: not fernet_keys_0.stat.exists
- notify:
- - restart keystone services
-
-- name: Rotate fernet keys for Keystone
- command:
- keystone-manage fernet_rotate
- --keystone-user keystone
- --keystone-group keystone
- when: fernet_keys_0.stat.exists
- notify:
- - restart keystone services
-
-- name: Distribute the fernet key repository
- shell: rsync -e 'ssh -o StrictHostKeyChecking=no' \
- -avz \
- --delete \
- /etc/keystone/fernet-keys \
- root@{{ hostvars[ item ].ansible_eth0.ipv4.address }}:/etc/keystone/
- with_items: groups['controller'][1:]
- notify:
- - restart keystone services
-
-- name: Check if credential keys already exist
- stat:
- path: "/etc/keystone/credential-keys/0"
- register: credential_keys_0
-
-- name: Create credential keys for Keystone
- command:
- keystone-manage credential_setup
- --keystone-user keystone
- --keystone-group keystone
- when: not credential_keys_0.stat.exists
- notify:
- - restart keystone services
-
-- name: Rotate credential keys for Keystone
- command:
- keystone-manage credential_rotate
- --keystone-user keystone
- --keystone-group keystone
- when: credential_keys_0.stat.exists
- notify:
- - restart keystone services
-
-- name: Distribute the credential key repository
- shell: rsync -e 'ssh -o StrictHostKeyChecking=no' \
- -avz \
- --delete \
- /etc/keystone/credential-keys \
- root@{{ hostvars[ item ].ansible_eth0.ipv4.address }}:/etc/keystone/
- with_items: groups['controller'][1:]
- notify:
- - restart keystone services
-
-- name: Bootstrap the Identity service
- shell:
- keystone-manage bootstrap \
- --bootstrap-password {{ ADMIN_PASS }} \
- --bootstrap-admin-url http://{{ internal_ip }}:35357/v3/ \
- --bootstrap-internal-url http://{{ internal_ip }}:35357/v3/ \
- --bootstrap-public-url http://{{ internal_ip }}:5000/v3/
- --bootstrap-region-id RegionOne \
- notify:
- - restart keystone services
-
-- meta: flush_handlers
-
-- name: wait for keystone ready
- wait_for: port=35357 delay=15 timeout=60 host={{ internal_ip }}
-