From 8e21cb6530e6e55d8a080887dfbf93f0d07edeb1 Mon Sep 17 00:00:00 2001
From: QiLiang <liangqi1@huawei.com>
Date: Mon, 29 Aug 2016 14:01:23 +0800
Subject: Add heat user domain configuration

FIX Rally heat create_update_delete_stack test case failure
for Liberty Ubuntu

JIRA: COMPASS-454

Change-Id: Id4538f9caa5b619d66ab8fe97c63b10688ffe104
Signed-off-by: QiLiang <liangqi1@huawei.com>
---
 .../roles/keystone/templates/admin-openrc-v3.sh    | 19 ---------------
 .../roles/keystone/vars/Debian.yml                 | 21 ----------------
 .../roles/keystone/templates/admin-openrc-v3.sh    | 19 ---------------
 .../ansible/roles/heat/tasks/heat_install.yml      | 21 ++++++++++++++++
 .../ansible/roles/heat/templates/heat_debian.j2    | 28 ++++++++++++++++++++++
 .../roles/keystone/tasks/keystone_install.yml      |  1 +
 .../roles/keystone/templates/admin-openrc-v3.sh    | 19 +++++++++++++++
 .../ansible/roles/keystone/vars/Debian.yml         |  1 +
 8 files changed, 70 insertions(+), 59 deletions(-)
 delete mode 100644 deploy/adapters/ansible/openstack_mitaka/roles/keystone/templates/admin-openrc-v3.sh
 delete mode 100644 deploy/adapters/ansible/openstack_mitaka/roles/keystone/vars/Debian.yml
 delete mode 100644 deploy/adapters/ansible/openstack_mitaka_xenial/roles/keystone/templates/admin-openrc-v3.sh
 create mode 100644 deploy/adapters/ansible/roles/heat/templates/heat_debian.j2
 create mode 100644 deploy/adapters/ansible/roles/keystone/templates/admin-openrc-v3.sh

(limited to 'deploy')

diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/keystone/templates/admin-openrc-v3.sh b/deploy/adapters/ansible/openstack_mitaka/roles/keystone/templates/admin-openrc-v3.sh
deleted file mode 100644
index c3d863e8..00000000
--- a/deploy/adapters/ansible/openstack_mitaka/roles/keystone/templates/admin-openrc-v3.sh
+++ /dev/null
@@ -1,19 +0,0 @@
-##############################################################################
-# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
-#
-# All rights reserved. This program and the accompanying materials
-# are made available under the terms of the Apache License, Version 2.0
-# which accompanies this distribution, and is available at
-# http://www.apache.org/licenses/LICENSE-2.0
-##############################################################################
-# Verify the Identity Service installation
-export OS_PASSWORD={{ ADMIN_PASS }}
-export OS_TENANT_NAME=admin
-export OS_AUTH_URL=http://{{ internal_vip.ip }}:35357/v3
-export OS_IDENTITY_API_VERSION=3
-export OS_USERNAME=admin
-export OS_VOLUME_API_VERSION=2
-export OS_USER_DOMAIN_NAME=Default
-export OS_PROJECT_DOMAIN_NAME=Default
-
-
diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/keystone/vars/Debian.yml b/deploy/adapters/ansible/openstack_mitaka/roles/keystone/vars/Debian.yml
deleted file mode 100644
index b8d8e7c2..00000000
--- a/deploy/adapters/ansible/openstack_mitaka/roles/keystone/vars/Debian.yml
+++ /dev/null
@@ -1,21 +0,0 @@
-##############################################################################
-# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
-#
-# All rights reserved. This program and the accompanying materials
-# are made available under the terms of the Apache License, Version 2.0
-# which accompanies this distribution, and is available at
-# http://www.apache.org/licenses/LICENSE-2.0
-##############################################################################
----
-
-cron_path: "/var/spool/cron/crontabs"
-
-packages:
-  - keystone
-  - python-openstackclient
-
-services:
-  - apache2
-
-apache_config_dir: /etc/apache2
-http_service_name: apache2
diff --git a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/keystone/templates/admin-openrc-v3.sh b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/keystone/templates/admin-openrc-v3.sh
deleted file mode 100644
index c3d863e8..00000000
--- a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/keystone/templates/admin-openrc-v3.sh
+++ /dev/null
@@ -1,19 +0,0 @@
-##############################################################################
-# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
-#
-# All rights reserved. This program and the accompanying materials
-# are made available under the terms of the Apache License, Version 2.0
-# which accompanies this distribution, and is available at
-# http://www.apache.org/licenses/LICENSE-2.0
-##############################################################################
-# Verify the Identity Service installation
-export OS_PASSWORD={{ ADMIN_PASS }}
-export OS_TENANT_NAME=admin
-export OS_AUTH_URL=http://{{ internal_vip.ip }}:35357/v3
-export OS_IDENTITY_API_VERSION=3
-export OS_USERNAME=admin
-export OS_VOLUME_API_VERSION=2
-export OS_USER_DOMAIN_NAME=Default
-export OS_PROJECT_DOMAIN_NAME=Default
-
-
diff --git a/deploy/adapters/ansible/roles/heat/tasks/heat_install.yml b/deploy/adapters/ansible/roles/heat/tasks/heat_install.yml
index 1fbada8c..a6e76c74 100644
--- a/deploy/adapters/ansible/roles/heat/tasks/heat_install.yml
+++ b/deploy/adapters/ansible/roles/heat/tasks/heat_install.yml
@@ -17,6 +17,18 @@
   lineinfile: dest=/opt/service create=yes line='{{ item }}'
   with_items: services | union(services_noarch)
 
+# '
+
+- name: create heat user domain
+  shell: >
+    . /opt/admin-openrc-v3.sh;
+    openstack domain create --description "Stack projects and users" heat;
+    openstack user create --domain heat --password {{ HEAT_PASS }} heat_domain_admin;
+    openstack role add --domain heat --user-domain heat --user heat_domain_admin admin;
+    openstack role create heat_stack_owner;
+    openstack role add --project demo --user demo heat_stack_owner;
+  when: inventory_hostname == groups['controller'][0] and ansible_os_family == "Debian"
+
 - name: update heat conf
   template: src=heat.j2
             dest=/etc/heat/heat.conf
@@ -24,4 +36,13 @@
   notify:
     - restart heat service
     - remove heat-sqlite-db
+  when: ansible_os_family == "RedHat"
 
+- name: update heat conf
+  template: src=heat_debian.j2
+            dest=/etc/heat/heat.conf
+            backup=yes
+  notify:
+    - restart heat service
+    - remove heat-sqlite-db
+  when: ansible_os_family == "Debian"
diff --git a/deploy/adapters/ansible/roles/heat/templates/heat_debian.j2 b/deploy/adapters/ansible/roles/heat/templates/heat_debian.j2
new file mode 100644
index 00000000..62df9fd9
--- /dev/null
+++ b/deploy/adapters/ansible/roles/heat/templates/heat_debian.j2
@@ -0,0 +1,28 @@
+[DEFAULT]
+heat_metadata_server_url = http://{{ internal_vip.ip }}:8000
+heat_waitcondition_server_url = http://{{ internal_vip.ip }}:8000/v1/waitcondition
+rpc_backend = rabbit
+rabbit_host = {{ rabbit_host }}
+rabbit_userid = {{ RABBIT_USER }}
+rabbit_password = {{ RABBIT_PASS }}
+log_dir = /var/log/heat
+stack_domain_admin = heat_domain_admin
+stack_domain_admin_password = {{ HEAT_PASS }}
+stack_user_domain_name = heat
+
+[database]
+connection = mysql://heat:{{ HEAT_DBPASS }}@{{ db_host }}/heat
+idle_timeout = 30
+use_db_reconnect = True
+pool_timeout = 10
+
+[ec2authtoken]
+auth_uri = http://{{ internal_vip.ip }}:5000/v2.0
+
+[keystone_authtoken]
+auth_uri = http://{{ internal_vip.ip }}:5000/v2.0
+identity_uri = http://{{ internal_vip.ip }}:35357
+admin_tenant_name = service
+admin_user = heat
+admin_password = {{ HEAT_PASS }}
+
diff --git a/deploy/adapters/ansible/roles/keystone/tasks/keystone_install.yml b/deploy/adapters/ansible/roles/keystone/tasks/keystone_install.yml
index ffae8ff0..ea6926f4 100644
--- a/deploy/adapters/ansible/roles/keystone/tasks/keystone_install.yml
+++ b/deploy/adapters/ansible/roles/keystone/tasks/keystone_install.yml
@@ -83,5 +83,6 @@
   with_items:
     - admin-openrc.sh
     - demo-openrc.sh
+    - admin-openrc-v3.sh
 
 - meta: flush_handlers
diff --git a/deploy/adapters/ansible/roles/keystone/templates/admin-openrc-v3.sh b/deploy/adapters/ansible/roles/keystone/templates/admin-openrc-v3.sh
new file mode 100644
index 00000000..c3d863e8
--- /dev/null
+++ b/deploy/adapters/ansible/roles/keystone/templates/admin-openrc-v3.sh
@@ -0,0 +1,19 @@
+##############################################################################
+# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
+#
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+# Verify the Identity Service installation
+export OS_PASSWORD={{ ADMIN_PASS }}
+export OS_TENANT_NAME=admin
+export OS_AUTH_URL=http://{{ internal_vip.ip }}:35357/v3
+export OS_IDENTITY_API_VERSION=3
+export OS_USERNAME=admin
+export OS_VOLUME_API_VERSION=2
+export OS_USER_DOMAIN_NAME=Default
+export OS_PROJECT_DOMAIN_NAME=Default
+
+
diff --git a/deploy/adapters/ansible/roles/keystone/vars/Debian.yml b/deploy/adapters/ansible/roles/keystone/vars/Debian.yml
index 67547277..b8d8e7c2 100644
--- a/deploy/adapters/ansible/roles/keystone/vars/Debian.yml
+++ b/deploy/adapters/ansible/roles/keystone/vars/Debian.yml
@@ -12,6 +12,7 @@ cron_path: "/var/spool/cron/crontabs"
 
 packages:
   - keystone
+  - python-openstackclient
 
 services:
   - apache2
-- 
cgit