From a25852b39ed2e4522ea116d0c90c9faba28f24bd Mon Sep 17 00:00:00 2001
From: Egon Rijpkema <git@egonrijpkema.nl>
Date: Wed, 12 Jul 2017 10:19:45 +0200
Subject: [PATCH] Removed hardcoded ips for glance

Also added domain, projects, users creation for keystone.
This guide was followed:
https://docs.openstack.org/ocata/install-guide-ubuntu/keystone-us
---
 hosts                                     |  2 +-
 nova-management.yml                       |  4 ++++
 roles/glance/tasks/main.yml               |  1 +
 roles/glance/templates/glance.service     | 10 +++++++++-
 roles/keystone/files/Dockerfile           |  4 +++-
 roles/keystone/files/bootstrap.sh         | 16 ++++++++++++++++
 roles/keystone/tasks/main.yml             | 16 +++++++++++-----
 roles/keystone/templates/keystone.service |  3 +--
 roles/nova-management/tasks/main.yml      | 21 ---------------------
 9 files changed, 46 insertions(+), 31 deletions(-)
 create mode 100755 roles/keystone/files/bootstrap.sh

diff --git a/hosts b/hosts
index a36bc63..62d6448 100644
--- a/hosts
+++ b/hosts
@@ -38,4 +38,4 @@ run_options=""
 run_options="-e CASSANDRA_SEEDS=172.23.41.1"
 
 [nova-management]
-kolla2
+openstack01-node01
diff --git a/nova-management.yml b/nova-management.yml
index d8e8112..12a5bbd 100644
--- a/nova-management.yml
+++ b/nova-management.yml
@@ -1,4 +1,8 @@
 ---
+- hosts: all
+  name: Dummy to gather facts
+  tasks: []
+
 - hosts: nova-management
   become: True
   roles:
diff --git a/roles/glance/tasks/main.yml b/roles/glance/tasks/main.yml
index 4b5700c..d851b4e 100644
--- a/roles/glance/tasks/main.yml
+++ b/roles/glance/tasks/main.yml
@@ -27,6 +27,7 @@
              -e "MYSQL_ROOT_PASSWORD=geheim"
              -e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}"
              -e "GLANCE_HOST={{ hostvars[groups['glance'][0]]['ansible_default_ipv4']['address'] }}"
+             -e "GLANCE_USER=glance"
              -e "GLANCE_PASSWORD=geheim"
              hpc/openstack-glance /etc/bootstrap.sh
   tags: bootstrap
diff --git a/roles/glance/templates/glance.service b/roles/glance/templates/glance.service
index 1f2c0a4..f35bd70 100644
--- a/roles/glance/templates/glance.service
+++ b/roles/glance/templates/glance.service
@@ -9,7 +9,15 @@ Restart=always
 ExecStartPre=-/usr/bin/docker stop %n
 ExecStartPre=-/usr/bin/docker rm %n
 ExecStart=/usr/bin/docker run --name %n \
-  --add-host=mariadb:{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }} \
+  -e "RABBIT_HOST={{ hostvars[groups['rabbitmq'][0]]['ansible_default_ipv4']['address'] }}" \
+  -e "MEMCACHED_HOST={{ hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address'] }}" \
+  -e "MYSQL_HOST={{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}" \
+  -e "MYSQL_ROOT_PASSWORD=geheim" \
+  -e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}" \
+  -e "GLANCE_HOST={{ hostvars[groups['glance'][0]]['ansible_default_ipv4']['address'] }}" \
+  -e "GLANCE_USER=glance" \
+  -e "GLANCE_PASSWORD=geheim" \
+  --add-host="controller:{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}"  \
   -p 9292:9292 \
   hpc/openstack-glance
 
diff --git a/roles/keystone/files/Dockerfile b/roles/keystone/files/Dockerfile
index c233e82..5ca0acc 100644
--- a/roles/keystone/files/Dockerfile
+++ b/roles/keystone/files/Dockerfile
@@ -17,7 +17,7 @@ RUN set -x \
 
 # set admin token TODO: make this a secret
 # in volume of met env
-ADD keystone.conf /etc/keystone/keystone.conf
+COPY keystone.conf /etc/keystone/keystone.conf
 
 RUN mkdir /etc/keystone/fernet-keys
 
@@ -25,5 +25,7 @@ RUN chown keystone: /etc/keystone/fernet-keys
 
 COPY admin-openrc.sh root/admin-openrc.sh
 
+COPY bootstrap.sh /etc/bootstrap.sh
+
 #RUN keystone-manage db_sync
 CMD apachectl -DFOREGROUND
diff --git a/roles/keystone/files/bootstrap.sh b/roles/keystone/files/bootstrap.sh
new file mode 100755
index 0000000..bd8480d
--- /dev/null
+++ b/roles/keystone/files/bootstrap.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+
+source /root/admin-openrc.sh
+
+openstack project create --domain default \
+      --description "Service Project" service
+
+openstack project create --domain default \
+  --description "Demo Project" demo
+
+openstack user create --domain default \
+  --password geheim demo
+
+openstack role create user
+
+openstack role add --project demo --user demo user
diff --git a/roles/keystone/tasks/main.yml b/roles/keystone/tasks/main.yml
index 8c370af..fda6054 100644
--- a/roles/keystone/tasks/main.yml
+++ b/roles/keystone/tasks/main.yml
@@ -35,11 +35,6 @@
 - name: install service file
   command: systemctl daemon-reload
 
-- name: make sure service is started
-  systemd:
-    name: keystone.service
-    state: restarted
-
 - name: Initialize db
   script: scripts/initialize_db.sh {{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}
 
@@ -60,3 +55,14 @@
                     --bootstrap-public-url http://{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}:5000/v3/
                     --bootstrap-region-id RegionOne
 
+- name: Create a domain, projects users and roles
+  command: >
+             /usr/bin/docker run --rm
+             --add-host=mariadb:{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}
+             -v /srv/keystone/fernet-keys:/etc/keystone/fernet-keys
+             hpc/keystone bash /etc/bootstrap.sh
+
+- name: make sure service is started
+  systemd:
+    name: keystone.service
+    state: restarted
diff --git a/roles/keystone/templates/keystone.service b/roles/keystone/templates/keystone.service
index 6569000..e711a87 100644
--- a/roles/keystone/templates/keystone.service
+++ b/roles/keystone/templates/keystone.service
@@ -6,8 +6,7 @@ Requires=docker.service
 [Service]
 TimeoutStartSec=0
 Restart=always
-ExecStartPre=-/usr/bin/docker stop %n
-ExecStartPre=-/usr/bin/docker rm %n
+ExecStartPre=-/usr/bin/docker rm -f %n
 ExecStart=/usr/bin/docker run --name %n \
   --add-host=mariadb:172.23.41.2 \
   -p 5000:5000 -p 35357:35357 \
diff --git a/roles/nova-management/tasks/main.yml b/roles/nova-management/tasks/main.yml
index 5eac8c4..b526239 100644
--- a/roles/nova-management/tasks/main.yml
+++ b/roles/nova-management/tasks/main.yml
@@ -1,26 +1,5 @@
 # Build and install a docker image for nova-controller.
 ---
-- name: Make build and persistent directories
-  file:
-    path: "{{ item }}"
-    state: directory
-    mode: 0777
-  with_items:
-      - /srv/nova-controller
-
-# Todo: remove this when we have a docker repo
-# Disabled because of https://github.com/ansible/ansible/issues/20653
-#- name: clone docker-glance repo
-#  git:
-#    accept_hostkey: True
-#    repo: ssh://git@git.webhosting.rug.nl:222/HPC/docker-nova-service
-#    dest: /srv/docker-nova-service
-
-- name: build nova-controller image
-  docker_image:
-    path: /srv/docker-nova-service
-    name: hpc/novacontroller
-
 - name: install service file.
   template:
     src: templates/nova-controller.service