summaryrefslogtreecommitdiffstats
path: root/deploy/adapters/ansible/roles/keystone/tasks
diff options
context:
space:
mode:
Diffstat (limited to 'deploy/adapters/ansible/roles/keystone/tasks')
-rw-r--r--deploy/adapters/ansible/roles/keystone/tasks/keystone_config.yml97
-rw-r--r--deploy/adapters/ansible/roles/keystone/tasks/keystone_create.yml120
-rw-r--r--deploy/adapters/ansible/roles/keystone/tasks/keystone_install.yml110
-rw-r--r--deploy/adapters/ansible/roles/keystone/tasks/main.yml30
4 files changed, 0 insertions, 357 deletions
diff --git a/deploy/adapters/ansible/roles/keystone/tasks/keystone_config.yml b/deploy/adapters/ansible/roles/keystone/tasks/keystone_config.yml
deleted file mode 100644
index ac3ff8fe..00000000
--- a/deploy/adapters/ansible/roles/keystone/tasks/keystone_config.yml
+++ /dev/null
@@ -1,97 +0,0 @@
-##############################################################################
-# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
-#
-# All rights reserved. This program and the accompanying materials
-# are made available under the terms of the Apache License, Version 2.0
-# which accompanies this distribution, and is available at
-# http://www.apache.org/licenses/LICENSE-2.0
-##############################################################################
----
-- include_vars: "{{ ansible_os_family }}.yml"
-
-- name: keystone-manage db-sync
- shell: su -s /bin/sh -c 'keystone-manage db_sync' keystone
-
-- name: Check if fernet keys already exist
- stat:
- path: "/etc/keystone/fernet-keys/0"
- register: fernet_keys_0
-
-- name: Create fernet keys for Keystone
- command:
- keystone-manage fernet_setup
- --keystone-user keystone
- --keystone-group keystone
- when: not fernet_keys_0.stat.exists
- notify:
- - restart keystone services
-
-- name: Rotate fernet keys for Keystone
- command:
- keystone-manage fernet_rotate
- --keystone-user keystone
- --keystone-group keystone
- when: fernet_keys_0.stat.exists
- notify:
- - restart keystone services
-
-- name: Distribute the fernet key repository
- shell: |
- rsync -e 'ssh -o StrictHostKeyChecking=no' \
- -avz \
- --delete \
- /etc/keystone/fernet-keys \
- root@{{ hostvars[ item ].ansible_eth0.ipv4.address }}:/etc/keystone/
- with_items: "{{ groups['controller'][1:] }}"
- notify:
- - restart keystone services
-
-- name: Check if credential keys already exist
- stat:
- path: "/etc/keystone/credential-keys/0"
- register: credential_keys_0
-
-- name: Create credential keys for Keystone
- command:
- keystone-manage credential_setup
- --keystone-user keystone
- --keystone-group keystone
- when: not credential_keys_0.stat.exists
- notify:
- - restart keystone services
-
-- name: Rotate credential keys for Keystone
- command:
- keystone-manage credential_rotate
- --keystone-user keystone
- --keystone-group keystone
- when: credential_keys_0.stat.exists
- notify:
- - restart keystone services
-
-- name: Distribute the credential key repository
- shell: |
- rsync -e 'ssh -o StrictHostKeyChecking=no' \
- -avz \
- --delete \
- /etc/keystone/credential-keys \
- root@{{ hostvars[ item ].ansible_eth0.ipv4.address }}:/etc/keystone/
- with_items: "{{ groups['controller'][1:] }}"
- notify:
- - restart keystone services
-
-- name: Bootstrap the Identity service
- shell:
- keystone-manage bootstrap \
- --bootstrap-password {{ ADMIN_PASS }} \
- --bootstrap-admin-url http://{{ internal_ip }}:35357/v3/ \
- --bootstrap-internal-url http://{{ internal_ip }}:35357/v3/ \
- --bootstrap-public-url http://{{ internal_ip }}:5000/v3/
- --bootstrap-region-id RegionOne \
- notify:
- - restart keystone services
-
-- meta: flush_handlers
-
-- name: wait for keystone ready
- wait_for: port=35357 delay=15 timeout=60 host={{ internal_ip }}
diff --git a/deploy/adapters/ansible/roles/keystone/tasks/keystone_create.yml b/deploy/adapters/ansible/roles/keystone/tasks/keystone_create.yml
deleted file mode 100644
index 10228952..00000000
--- a/deploy/adapters/ansible/roles/keystone/tasks/keystone_create.yml
+++ /dev/null
@@ -1,120 +0,0 @@
-##############################################################################
-# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
-#
-# All rights reserved. This program and the accompanying materials
-# are made available under the terms of the Apache License, Version 2.0
-# which accompanies this distribution, and is available at
-# http://www.apache.org/licenses/LICENSE-2.0
-##############################################################################
----
-- name: set admin url for keystone endpoint
- keystone_endpoint:
- cloud: opnfv
- endpoint_type: admin
- name: "{{ item.name }}"
- service_type: "{{ item.type }}"
- state: present
- interface: admin
- region: "{{ item.region}}"
- url: "{{ item.adminurl }}"
- with_items: "{{ os_services[0:1] }}"
-
-- name: set internal url for keystone endpointl
- keystone_endpoint:
- cloud: opnfv
- endpoint_type: admin
- name: "{{ item.name }}"
- service_type: "{{ item.type }}"
- state: present
- interface: internal
- region: "{{ item.region}}"
- url: "{{ item.internalurl }}"
- with_items: "{{ os_services[0:1] }}"
-
-- name: set public url for keystone endpoint
- keystone_endpoint:
- cloud: opnfv
- endpoint_type: admin
- name: "{{ item.name }}"
- service_type: "{{ item.type }}"
- state: present
- interface: public
- region: "{{ item.region}}"
- url: "{{ item.publicurl }}"
- with_items: "{{ os_services[0:1] }}"
-
-- name: add service
- os_keystone_service:
- cloud: opnfv
- name: "{{ item.name }}"
- description: "{{ item.description }}"
- service_type: "{{ item.type }}"
- with_items: "{{ os_services }}"
-
-- name: add project
- os_project:
- cloud: opnfv
- domain_id: default
- name: "{{ item.tenant }}"
- description: "{{ item.tenant_description }}"
- with_items: "{{ os_users }}"
-
-- name: add user
- os_user:
- cloud: opnfv
- domain: default
- name: "{{ item.user }}"
- password: "{{ item.password }}"
- default_project: "{{ item.tenant }}"
- email: "{{ item.email }}"
- with_items: "{{ os_users }}"
-
-- name: add roles
- os_keystone_role:
- cloud: opnfv
- name: "{{ item.role }}"
- with_items: "{{ os_users }}"
-
-- name: grant roles
- os_user_role:
- cloud: opnfv
- user: "{{ item.user }}"
- role: "{{ item.role }}"
- project: "{{ item.tenant }}"
- with_items: "{{ os_users }}"
-
-- name: create admin url for service's endpoint
- keystone_endpoint:
- cloud: opnfv
- endpoint_type: admin
- name: "{{ item.name }}"
- service_type: "{{ item.type }}"
- state: present
- interface: admin
- region: "{{ item.region}}"
- url: "{{ item.adminurl }}"
- with_items: "{{ os_services[1:] }}"
-
-- name: create internal url for service's endpoint
- keystone_endpoint:
- cloud: opnfv
- endpoint_type: admin
- name: "{{ item.name }}"
- service_type: "{{ item.type }}"
- state: present
- interface: internal
- region: "{{ item.region}}"
- url: "{{ item.internalurl }}"
- with_items: "{{ os_services[1:] }}"
-
-- name: create public url for service'e endpoint
- keystone_endpoint:
- cloud: opnfv
- endpoint_type: admin
- name: "{{ item.name }}"
- service_type: "{{ item.type }}"
- state: present
- interface: public
- region: "{{ item.region}}"
- url: "{{ item.publicurl }}"
- with_items: "{{ os_services[1:] }}"
diff --git a/deploy/adapters/ansible/roles/keystone/tasks/keystone_install.yml b/deploy/adapters/ansible/roles/keystone/tasks/keystone_install.yml
deleted file mode 100644
index a390ffca..00000000
--- a/deploy/adapters/ansible/roles/keystone/tasks/keystone_install.yml
+++ /dev/null
@@ -1,110 +0,0 @@
-##############################################################################
-# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
-#
-# All rights reserved. This program and the accompanying materials
-# are made available under the terms of the Apache License, Version 2.0
-# which accompanies this distribution, and is available at
-# http://www.apache.org/licenses/LICENSE-2.0
-##############################################################################
----
-- include_vars: "{{ ansible_os_family }}.yml"
-
-- name: disable auto start
- copy:
- content: "#!/bin/sh\nexit 101"
- dest: "/usr/sbin/policy-rc.d"
- mode: 0755
- when: ansible_os_family == "Debian"
-
-- name: install keystone packages
- action: "{{ ansible_pkg_mgr }} name={{ item }} state=present"
- with_items: "{{ packages | union(packages_noarch) }}"
-
-- name: enable auto start
- file:
- path=/usr/sbin/policy-rc.d
- state=absent
- when: ansible_os_family == "Debian"
-
-- name: disable boot auto start
- file:
- path={{ item }}
- state=absent
- with_items:
- - /etc/init.d/keystone
- - /etc/init/keystone.conf
- - /lib/systemd/system/keystone.service
- when: ansible_os_family == "Debian"
-
-- name: generate keystone service list
- lineinfile: dest=/opt/service create=yes line='{{ item }}'
- with_items: "{{ services | union(services_noarch) }}"
-
-- name: delete sqlite database
- file:
- path: /var/lib/keystone/keystone.db
- state: absent
-
-- name: update keystone conf
- template: src=keystone.conf dest=/etc/keystone/keystone.conf backup=yes
- notify:
- - restart keystone services
-
-- name: assure listen port exist
- lineinfile:
- dest: '{{ apache_config_dir }}/ports.conf'
- regexp: '{{ item.regexp }}'
- line: '{{ item.line}}'
- with_items:
- - regexp: "^Listen {{ internal_ip }}:5000"
- line: "Listen {{ internal_ip }}:5000"
- - regexp: "^Listen {{ internal_ip }}:35357"
- line: "Listen {{ internal_ip }}:35357"
- notify:
- - restart keystone services
-
-- name: update apache2 configs
- template:
- src: wsgi-keystone.conf.j2
- dest: '{{ apache_config_dir }}/sites-available/keystone.conf'
- when: ansible_os_family == 'Debian'
- notify:
- - restart keystone services
-
-- name: update apache2 configs
- template:
- src: wsgi-keystone.conf.j2
- dest: '{{ apache_config_dir }}/keystone.conf'
- when: ansible_os_family == 'RedHat'
- notify:
- - restart keystone services
-
-- name: enable keystone server
- file:
- src: "{{ apache_config_dir }}/sites-available/keystone.conf"
- dest: "{{ apache_config_dir }}/sites-enabled/keystone.conf"
- state: "link"
- when: ansible_os_family == 'Debian'
- notify:
- - restart keystone services
-
-- name: install shade
- pip: name=shade state=present
-
-- name: create path for os-client-config
- file:
- path: /etc/openstack
- state: directory
- mode: 0755
-
-- name: copy os-client-config
- template:
- src: clouds.yml.j2
- dest: /etc/openstack/clouds.yml
-
-- name: keystone source files
- template: src={{ item }} dest=/opt/{{ item }}
- with_items:
- - admin-openrc.sh
- - admin-openrc-v2.sh
- - demo-openrc.sh
diff --git a/deploy/adapters/ansible/roles/keystone/tasks/main.yml b/deploy/adapters/ansible/roles/keystone/tasks/main.yml
deleted file mode 100644
index 29b6cd61..00000000
--- a/deploy/adapters/ansible/roles/keystone/tasks/main.yml
+++ /dev/null
@@ -1,30 +0,0 @@
-##############################################################################
-# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
-#
-# All rights reserved. This program and the accompanying materials
-# are made available under the terms of the Apache License, Version 2.0
-# which accompanies this distribution, and is available at
-# http://www.apache.org/licenses/LICENSE-2.0
-##############################################################################
----
-- include: keystone_install.yml
- tags:
- - install
- - keystone_install
- - keystone
-
-- include: keystone_config.yml
- when: inventory_hostname == groups['controller'][0]
- tags:
- - config
- - keystone_config
- - keystone
-
-- meta: flush_handlers
-
-- include: keystone_create.yml
- when: inventory_hostname == groups['controller'][0]
- tags:
- - config
- - keystone_create
- - keystone