summaryrefslogtreecommitdiffstats
path: root/deploy/adapters/ansible/roles/keystone
diff options
context:
space:
mode:
Diffstat (limited to 'deploy/adapters/ansible/roles/keystone')
-rw-r--r--deploy/adapters/ansible/roles/keystone/tasks/keystone_create.yml198
-rw-r--r--deploy/adapters/ansible/roles/keystone/tasks/keystone_install.yml16
-rw-r--r--deploy/adapters/ansible/roles/keystone/tasks/main.yml4
-rw-r--r--deploy/adapters/ansible/roles/keystone/templates/clouds.yml.j212
-rw-r--r--deploy/adapters/ansible/roles/keystone/vars/main.yml30
5 files changed, 138 insertions, 122 deletions
diff --git a/deploy/adapters/ansible/roles/keystone/tasks/keystone_create.yml b/deploy/adapters/ansible/roles/keystone/tasks/keystone_create.yml
index 2f5aefeb..10228952 100644
--- a/deploy/adapters/ansible/roles/keystone/tasks/keystone_create.yml
+++ b/deploy/adapters/ansible/roles/keystone/tasks/keystone_create.yml
@@ -7,122 +7,114 @@
# http://www.apache.org/licenses/LICENSE-2.0
##############################################################################
---
-- name: set keystone endpoint
- shell:
- . /opt/admin-openrc.sh;
- openstack endpoint set \
- --interface public \
- --url {{ item.publicurl }} \
- $(openstack endpoint list | grep keystone | grep public \
- | awk '{print $2}');
- openstack endpoint set \
- --interface internal \
- --url {{ item.internalurl }} \
- $(openstack endpoint list | grep keystone | grep internal \
- | awk '{print $2}');
- openstack endpoint set \
- --interface admin \
- --url {{ item.adminurl }} \
- $(openstack endpoint list | grep keystone | grep admin \
- | awk '{print $2}');
+- name: set admin url for keystone endpoint
+ keystone_endpoint:
+ cloud: opnfv
+ endpoint_type: admin
+ name: "{{ item.name }}"
+ service_type: "{{ item.type }}"
+ state: present
+ interface: admin
+ region: "{{ item.region}}"
+ url: "{{ item.adminurl }}"
+ with_items: "{{ os_services[0:1] }}"
+
+- name: set internal url for keystone endpointl
+ keystone_endpoint:
+ cloud: opnfv
+ endpoint_type: admin
+ name: "{{ item.name }}"
+ service_type: "{{ item.type }}"
+ state: present
+ interface: internal
+ region: "{{ item.region}}"
+ url: "{{ item.internalurl }}"
+ with_items: "{{ os_services[0:1] }}"
+
+- name: set public url for keystone endpoint
+ keystone_endpoint:
+ cloud: opnfv
+ endpoint_type: admin
+ name: "{{ item.name }}"
+ service_type: "{{ item.type }}"
+ state: present
+ interface: public
+ region: "{{ item.region}}"
+ url: "{{ item.publicurl }}"
with_items: "{{ os_services[0:1] }}"
- register: result
- until: result.rc == 0
- retries: 10
- delay: 5
- name: add service
- shell:
- . /opt/admin-openrc.sh;
- openstack service create \
- --name "{{ item.name }}"
- --description "{{ item.description }}" \
- {{ item.type }}
- with_items: "{{ os_services[1:] }}"
- register: result
- until: result.rc == 0
- retries: 10
- delay: 5
+ os_keystone_service:
+ cloud: opnfv
+ name: "{{ item.name }}"
+ description: "{{ item.description }}"
+ service_type: "{{ item.type }}"
+ with_items: "{{ os_services }}"
- name: add project
- shell:
- . /opt/admin-openrc.sh;
- openstack project create --description "Service Project" service;
- openstack project create --domain default --description "Demo Project" demo;
- register: result
- until: result.rc == 0
- retries: 10
- delay: 5
-
-- name: set admin user
- shell:
- . /opt/admin-openrc.sh;
- openstack user set \
- --email "{{ item.email }}" \
- --project "{{ item.tenant }}" \
- --description "{{ item.tenant_description }}" \
- --password "{{ item.password }}" \
- {{ item.user }}
+ os_project:
+ cloud: opnfv
+ domain_id: default
+ name: "{{ item.tenant }}"
+ description: "{{ item.tenant_description }}"
with_items: "{{ os_users }}"
- when: item["user"] == "admin"
- register: result
- until: result.rc == 0
- retries: 10
- delay: 5
- name: add user
- shell:
- . /opt/admin-openrc.sh;
- openstack user create \
- --email "{{ item.email }}" \
- --project "{{ item.tenant }}" \
- --description "{{ item.tenant_description }}" \
- --password "{{ item.password }}" \
- {{ item.user }}
- with_items: "{{ os_users[1:] }}"
- register: result
- until: result.rc == 0
- retries: 10
- delay: 5
+ os_user:
+ cloud: opnfv
+ domain: default
+ name: "{{ item.user }}"
+ password: "{{ item.password }}"
+ default_project: "{{ item.tenant }}"
+ email: "{{ item.email }}"
+ with_items: "{{ os_users }}"
- name: add roles
- shell:
- . /opt/admin-openrc.sh;
- openstack role create {{ item.role }}
+ os_keystone_role:
+ cloud: opnfv
+ name: "{{ item.role }}"
with_items: "{{ os_users }}"
- when: item["user"] == "demo"
- register: result
- until: result.rc == 0
- retries: 10
- delay: 5
- name: grant roles
- shell:
- . /opt/admin-openrc.sh;
- openstack role add \
- --project "{{ item.tenant }}" \
- --user "{{ item.user }}" \
- {{ item.role }}
+ os_user_role:
+ cloud: opnfv
+ user: "{{ item.user }}"
+ role: "{{ item.role }}"
+ project: "{{ item.tenant }}"
with_items: "{{ os_users }}"
- register: result
- until: result.rc == 0
- retries: 10
- delay: 5
-- name: add endpoints
- shell:
- . /opt/admin-openrc.sh;
- openstack endpoint create \
- --region {{ item.region }} \
- {{ item.name }} public {{ item.publicurl }};
- openstack endpoint create \
- --region {{ item.region }} \
- {{ item.name }} internal {{ item.internalurl }};
- openstack endpoint create \
- --region {{ item.region }} \
- {{ item.name }} admin {{ item.adminurl }};
+- name: create admin url for service's endpoint
+ keystone_endpoint:
+ cloud: opnfv
+ endpoint_type: admin
+ name: "{{ item.name }}"
+ service_type: "{{ item.type }}"
+ state: present
+ interface: admin
+ region: "{{ item.region}}"
+ url: "{{ item.adminurl }}"
+ with_items: "{{ os_services[1:] }}"
+
+- name: create internal url for service's endpoint
+ keystone_endpoint:
+ cloud: opnfv
+ endpoint_type: admin
+ name: "{{ item.name }}"
+ service_type: "{{ item.type }}"
+ state: present
+ interface: internal
+ region: "{{ item.region}}"
+ url: "{{ item.internalurl }}"
+ with_items: "{{ os_services[1:] }}"
+
+- name: create public url for service'e endpoint
+ keystone_endpoint:
+ cloud: opnfv
+ endpoint_type: admin
+ name: "{{ item.name }}"
+ service_type: "{{ item.type }}"
+ state: present
+ interface: public
+ region: "{{ item.region}}"
+ url: "{{ item.publicurl }}"
with_items: "{{ os_services[1:] }}"
- register: result
- until: result.rc == 0
- retries: 10
- delay: 5
diff --git a/deploy/adapters/ansible/roles/keystone/tasks/keystone_install.yml b/deploy/adapters/ansible/roles/keystone/tasks/keystone_install.yml
index 0d3161ed..a390ffca 100644
--- a/deploy/adapters/ansible/roles/keystone/tasks/keystone_install.yml
+++ b/deploy/adapters/ansible/roles/keystone/tasks/keystone_install.yml
@@ -88,11 +88,23 @@
notify:
- restart keystone services
+- name: install shade
+ pip: name=shade state=present
+
+- name: create path for os-client-config
+ file:
+ path: /etc/openstack
+ state: directory
+ mode: 0755
+
+- name: copy os-client-config
+ template:
+ src: clouds.yml.j2
+ dest: /etc/openstack/clouds.yml
+
- name: keystone source files
template: src={{ item }} dest=/opt/{{ item }}
with_items:
- admin-openrc.sh
- admin-openrc-v2.sh
- demo-openrc.sh
-
-- meta: flush_handlers
diff --git a/deploy/adapters/ansible/roles/keystone/tasks/main.yml b/deploy/adapters/ansible/roles/keystone/tasks/main.yml
index ad619d40..29b6cd61 100644
--- a/deploy/adapters/ansible/roles/keystone/tasks/main.yml
+++ b/deploy/adapters/ansible/roles/keystone/tasks/main.yml
@@ -20,11 +20,11 @@
- keystone_config
- keystone
+- meta: flush_handlers
+
- include: keystone_create.yml
when: inventory_hostname == groups['controller'][0]
tags:
- config
- keystone_create
- keystone
-
-- meta: flush_handlers
diff --git a/deploy/adapters/ansible/roles/keystone/templates/clouds.yml.j2 b/deploy/adapters/ansible/roles/keystone/templates/clouds.yml.j2
new file mode 100644
index 00000000..b387f7b8
--- /dev/null
+++ b/deploy/adapters/ansible/roles/keystone/templates/clouds.yml.j2
@@ -0,0 +1,12 @@
+---
+clouds:
+ opnfv:
+ auth:
+ username: 'admin'
+ password: {{ ADMIN_PASS }}
+ project_name: 'admin'
+ auth_url: 'http://{{ internal_vip.ip }}:35357/v3'
+ project_domain_name: default
+ user_domain_name: default
+ identity_api_version: 3
+ region_name: RegionOne
diff --git a/deploy/adapters/ansible/roles/keystone/vars/main.yml b/deploy/adapters/ansible/roles/keystone/vars/main.yml
index 65ae4090..2e5f57ca 100644
--- a/deploy/adapters/ansible/roles/keystone/vars/main.yml
+++ b/deploy/adapters/ansible/roles/keystone/vars/main.yml
@@ -32,9 +32,9 @@ os_services:
type: compute
region: RegionOne
description: "OpenStack Compute"
- publicurl: "http://{{ public_vip.ip }}:8774/v2.1/%\\(tenant_id\\)s"
- internalurl: "http://{{ internal_vip.ip }}:8774/v2.1/%\\(tenant_id\\)s"
- adminurl: "http://{{ internal_vip.ip }}:8774/v2.1/%\\(tenant_id\\)s"
+ publicurl: "http://{{ public_vip.ip }}:8774/v2.1/%(tenant_id)s"
+ internalurl: "http://{{ internal_vip.ip }}:8774/v2.1/%(tenant_id)s"
+ adminurl: "http://{{ internal_vip.ip }}:8774/v2.1/%(tenant_id)s"
- name: neutron
type: network
@@ -64,25 +64,25 @@ os_services:
type: volume
region: RegionOne
description: "OpenStack Block Storage"
- publicurl: "http://{{ public_vip.ip }}:8776/v1/%\\(tenant_id\\)s"
- internalurl: "http://{{ internal_vip.ip }}:8776/v1/%\\(tenant_id\\)s"
- adminurl: "http://{{ internal_vip.ip }}:8776/v1/%\\(tenant_id\\)s"
+ publicurl: "http://{{ public_vip.ip }}:8776/v1/%(tenant_id)s"
+ internalurl: "http://{{ internal_vip.ip }}:8776/v1/%(tenant_id)s"
+ adminurl: "http://{{ internal_vip.ip }}:8776/v1/%(tenant_id)s"
- name: cinderv2
type: volumev2
region: RegionOne
description: "OpenStack Block Storage v2"
- publicurl: "http://{{ public_vip.ip }}:8776/v2/%\\(tenant_id\\)s"
- internalurl: "http://{{ internal_vip.ip }}:8776/v2/%\\(tenant_id\\)s"
- adminurl: "http://{{ internal_vip.ip }}:8776/v2/%\\(tenant_id\\)s"
+ publicurl: "http://{{ public_vip.ip }}:8776/v2/%(tenant_id)s"
+ internalurl: "http://{{ internal_vip.ip }}:8776/v2/%(tenant_id)s"
+ adminurl: "http://{{ internal_vip.ip }}:8776/v2/%(tenant_id)s"
- name: heat
type: orchestration
region: RegionOne
description: "OpenStack Orchestration"
- publicurl: "http://{{ public_vip.ip }}:8004/v1/%\\(tenant_id\\)s"
- internalurl: "http://{{ internal_vip.ip }}:8004/v1/%\\(tenant_id\\)s"
- adminurl: "http://{{ internal_vip.ip }}:8004/v1/%\\(tenant_id\\)s"
+ publicurl: "http://{{ public_vip.ip }}:8004/v1/%(tenant_id)s"
+ internalurl: "http://{{ internal_vip.ip }}:8004/v1/%(tenant_id)s"
+ adminurl: "http://{{ internal_vip.ip }}:8004/v1/%(tenant_id)s"
- name: heat-cfn
type: cloudformation
@@ -104,9 +104,9 @@ os_services:
# type: object-store
# region: RegionOne
# description: "OpenStack Object Storage"
-# publicurl: "http://{{ public_vip.ip }}:8080/v1/AUTH_%\\(tenant_id\\)s"
-# internalurl: "http://{{ internal_vip.ip }}:8080/v1/AUTH_%\\(tenant_id\\)s"
-# adminurl: "http://{{ internal_vip.ip }}:8080/v1/AUTH_%\\(tenant_id\\)s"
+# publicurl: "http://{{ public_vip.ip }}:8080/v1/AUTH_%(tenant_id)s"
+# internalurl: "http://{{ internal_vip.ip }}:8080/v1/AUTH_%(tenant_id)s"
+# adminurl: "http://{{ internal_vip.ip }}:8080/v1/AUTH_%(tenant_id)s"
os_users:
- user: admin