hpc-cloud/roles/keystone/tasks/main.yml

85 lines
2.9 KiB
YAML
Raw Normal View History

# Build and install a docker image for keystone.
---
- name: include secrets
include_vars:
file: ../../secrets.yml
name: secrets
- name: Make persistent directories
file:
path: "{{ item }}"
state: directory
mode: 0777
with_items:
- /srv
- /srv/keystone
- /srv/keystone/fernet-keys
- /srv/keystone/root
2017-08-01 10:19:54 +02:00
- set_fact:
2017-09-19 11:57:20 +02:00
docker_image: registry.webhosting.rug.nl/hpc/openstack-keystone:latest
2017-08-01 10:19:54 +02:00
- name: pull docker image
2017-07-31 13:21:03 +02:00
docker_image:
2017-08-01 10:19:54 +02:00
name: "{{ docker_image }}"
force: True
2017-07-31 13:21:03 +02:00
tags: pull
- name: install service file.
template:
src: templates/keystone.service
dest: /etc/systemd/system/keystone.service
mode: 644
owner: root
group: root
- name: install service file
command: systemctl daemon-reload
- name: Initialize db
script: scripts/initialize_db.sh
environment:
MYSQL_ROOT_PASSWORD: "{{ secrets['MYSQL_ROOT_PASSWORD'] }}"
DB_HOST: "{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}"
2017-08-02 15:22:10 +02:00
register: result
until: result|succeeded
# sometimes the initial connect fails.
# Retry until it succeeds.
retries: 7
delay: 3
ignore_errors: yes
- name: keystone manage commands to setup db
command: >
/usr/bin/docker run --rm
--add-host=mariadb:{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}
-v /srv/keystone/fernet-keys:/etc/keystone/fernet-keys
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}"
2017-08-01 10:19:54 +02:00
{{ docker_image }} keystone-manage {{ item }}
with_items:
- db_sync
- fernet_setup --keystone-user keystone --keystone-group keystone
- credential_setup --keystone-user keystone --keystone-group keystone
- >
bootstrap --bootstrap-password {{ secrets['OS_PASSWORD'] }}
2017-06-16 16:33:45 +02:00
--bootstrap-admin-url http://{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}:35357/v3/
--bootstrap-internal-url http://{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}:35357/v3/
--bootstrap-public-url http://{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}:5000/v3/
--bootstrap-region-id RegionOne
2017-06-16 16:33:45 +02:00
2017-08-01 10:19:54 +02:00
- name: make sure service is started
systemd:
name: keystone.service
state: restarted
- name: Create a domain, projects users and roles
command: >
/usr/bin/docker run --rm
--add-host=mariadb:{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}
-v /srv/keystone/fernet-keys:/etc/keystone/fernet-keys
-v /srv/keystone/root:/root
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}"
-e "OS_AUTH_URL=http://${KEYSTONE_HOST}:35357/v3"
-e "OS_PASSWORD={{ secrets['OS_PASSWORD'] }}"
2017-08-01 10:19:54 +02:00
{{ docker_image }} bash /etc/bootstrap.sh