HPC/hpc-cloud
7
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Make keystone more generic

Browse Source
This commit is contained in:
Egon Rijpkema 2017-06-16 16:33:45 +02:00
parent cb6b389bc6
commit 1f88030c87
3 changed files with 12 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
roles/keystone/files/Dockerfile
View File

@ -5,23 +5,11 @@
# $ docker run hpc/keystone --add-host=mariadb:<ip mariadb> "keystone-manage db_sync" # $ docker run hpc/keystone --add-host=mariadb:<ip mariadb> "keystone-manage db_sync"
# wellicht ubuntu 16.04 of anders 18.04 # wellicht ubuntu 16.04 of anders 18.04
FROM ubuntu:16.04 FROM ubuntu:zesty
RUN apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 5EDB1B62EC4926EA
RUN apt-get update RUN apt-get update
RUN set -x \ RUN apt-get install --yes keystone python-openstackclient
&& echo "deb http://ubuntu-cloud.archive.canonical.com/ubuntu xenial-updates/ocata main" > /etc/apt/sources.list.d/ocata.list \
&& apt-get -y update \
&& apt-get -y install ubuntu-cloud-keyring \
&& apt-get -y update \
&& apt-get -y install \
mysql-client \
python-mysqldb \
python-openstackclient \
keystone \
&& apt-get -y clean
# set admin token TODO: make this a secret # set admin token TODO: make this a secret
# in volume of met env # in volume of met env
@ -31,9 +19,6 @@ RUN mkdir /etc/keystone/fernet-keys
RUN chown keystone: /etc/keystone/fernet-keys RUN chown keystone: /etc/keystone/fernet-keys
# TODO: move this somewhere else
ADD admin-openrc.sh /root/admin-openrc.sh
#RUN keystone-manage db_sync #RUN keystone-manage db_sync
CMD apachectl -DFOREGROUND CMD apachectl -DFOREGROUND

6
roles/keystone/files/keystone.conf
View File

@ -1,8 +1,12 @@
[DEFAULT] [DEFAULT]
[database] verbose = true
[database]
connection = mysql+pymysql://keystone:keystone@mariadb/keystone connection = mysql+pymysql://keystone:keystone@mariadb/keystone
[token] [token]
provider = fernet provider = fernet
[identity]
default_domain_id = default

9
roles/keystone/tasks/main.yml
View File

@ -35,7 +35,7 @@
- name: make sure service is started - name: make sure service is started
systemd: systemd:
name: keystone.service name: keystone.service
state: started state: restarted
- name: Initialize db - name: Initialize db
script: scripts/initialize_db.sh {{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }} script: scripts/initialize_db.sh {{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}
@ -52,7 +52,8 @@
- credential_setup --keystone-user keystone --keystone-group keystone - credential_setup --keystone-user keystone --keystone-group keystone
- > - >
bootstrap --bootstrap-password geheim bootstrap --bootstrap-password geheim
--bootstrap-admin-url http://localhost:35357/v3/ --bootstrap-admin-url http://{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}:35357/v3/
--bootstrap-internal-url http://localhost:35357/v3/ --bootstrap-internal-url http://{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}:35357/v3/
--bootstrap-public-url http://localhost:5000/v3/ --bootstrap-public-url http://{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}:5000/v3/
--bootstrap-region-id RegionOne --bootstrap-region-id RegionOne