Made Roles use repo wide secrets file.

Made keystone use repo wide secrets file. Made glance-controller use repo wide secrets file. kill and then remove image Made neutron-controller use repo wide secrets file. Made nova-controller use repo wide secrets file Made nova-compute use repo wide secrets file. Made rabbitmq use repo wide secrets file. Allow creation of admin-openrc.sh in docker. added provider_interfaces. added persistent root folder. make each dir explicitely added missing env vars. mapped kvm machine-id from host
2017-08-14 16:40:06 +02:00
parent f06a943916
commit 7a6c9ac360
21 changed files with 138 additions and 121 deletions
--- a/roles/keystone/tasks/main.yml
+++ b/roles/keystone/tasks/main.yml
@ -1,10 +1,20 @@
 # Build and install a docker image for keystone.
 ---
+- name: include secrets
+  include_vars:
+    file: ../../secrets.yml
+    name: secrets
+
 - name: Make persistent directories
  file:
-    path: /srv/keystone/fernet-keys
+    path: "{{ item }}"
    state: directory
    mode: 0777
+  with_items:
+    - /srv
+    - /srv/keystone
+    - /srv/keystone/fernet-keys
+    - /srv/keystone/root

 - set_fact:
    docker_image: webhost12.service.rug.nl/hpc/openstack-keystone:latest
@ -26,7 +36,10 @@
  command: systemctl daemon-reload

 - name: Initialize db
-  script: scripts/initialize_db.sh {{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}
+  script: scripts/initialize_db.sh
+  environment:
+    MYSQL_ROOT_PASSWORD: "{{ secrets['MYSQL_ROOT_PASSWORD'] }}"
+    DB_HOST: "{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}"
  register: result
  until: result|succeeded
  # sometimes the initial connect fails.
@ -47,7 +60,7 @@
      - fernet_setup --keystone-user keystone --keystone-group keystone
      - credential_setup --keystone-user keystone --keystone-group keystone
      - >
-          bootstrap --bootstrap-password geheim
+          bootstrap --bootstrap-password {{ secrets['OS_PASSWORD'] }}
                    --bootstrap-admin-url http://{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}:35357/v3/
                    --bootstrap-internal-url http://{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}:35357/v3/
                    --bootstrap-public-url http://{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}:5000/v3/
@ -63,5 +76,8 @@
             /usr/bin/docker run --rm
             --add-host=mariadb:{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}
             -v /srv/keystone/fernet-keys:/etc/keystone/fernet-keys
+             -v /srv/keystone/root:/root
             -e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}"
+             -e "OS_AUTH_URL=http://${KEYSTONE_HOST}:35357/v3"
+             -e "OS_PASSWORD={{ secrets['OS_PASSWORD'] }}"
             {{ docker_image }} bash /etc/bootstrap.sh