Added initialization steps for keystone

roles/keystone/files/Dockerfile

@@ -10,14 +10,13 @@ RUN apt-get update
 
 RUN apt-get install --yes keystone
 
-# configure keystone to connect to mariadb host. 
-RUN sed -i "s|database]|database]\nconnection = mysql://keystone:keystone@mariadb/keystone|g" /etc/keystone/keystone.conf
-
 # set admin token TODO: make this a secret
-RUN sed -i 's/#admin_token = ADMIN/admin_token = SuperSecreteKeystoneToken/g' /etc/keystone/keystone.conf
+ADD keystone.conf /etc/keystone/keystone.conf
 
 RUN mkdir /etc/keystone/fernet-keys
 
+RUN chown keystone: /etc/keystone/fernet-keys
+
 #RUN keystone-manage db_sync
 CMD apachectl -DFOREGROUND
 

roles/keystone/files/keystone.service

@@ -8,7 +8,9 @@ TimeoutStartSec=0
 Restart=always
 ExecStartPre=-/usr/bin/docker stop %n
 ExecStartPre=-/usr/bin/docker rm %n
-ExecStart=/usr/bin/docker run --name %n --add-host="mariadb:172.29.236.13" -p 5001:5000 -p 35357:35357  hpc/keystone
+ExecStart=/usr/bin/docker run --name %n --add-host="mariadb:172.23.38.125" \
+  -p 5001:5000 -p 35357:35357  hpc/keystone \
+  -v /srv/keystone/fernet-keys:/etc/keystone/fernet-keys
  
 [Install]
 WantedBy=multi-user.target

roles/keystone/scripts/initialize_db.sh

@@ -0,0 +1,6 @@
+#!/bin/bash
+mysql -uroot -pgeheim --host 127.0.0.1 << EOF
+CREATE DATABASE IF NOT EXISTS keystone;
+GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'keystone';
+GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'keystone';
+EOF

roles/keystone/tasks/main.yml

@@ -2,15 +2,18 @@
 ---
 - include: ../common/tasks/docker.yml
 
-- name: Make docker build dir
+- name: Make build and persistent directories
   file:
-    path: /srv/keystone
+    path: "{{ item }}"
     state: directory
-    mode: 0755
+    mode: 0777
+  with_items:
+      - /srv/keystone
+      - /srv/keystone/fernet-keys
 
 - name: install Dockerfile
   copy:
-    src: files/Dockerfile
+    src: files/
     dest: /srv/keystone
 
 - name: build keystone image
@@ -33,3 +36,22 @@
   systemd:
     name: keystone.service
     state: started
+
+- name: Initialize db
+  script: scripts/initialize_db.sh
+
+- name: keystone manage commands to setup db
+  command: >
+             /usr/bin/docker run --rm --add-host="mariadb:172.23.38.125"
+             -v /srv/keystone/fernet-keys:/etc/keystone/fernet-keys
+             hpc/keystone keystone-manage {{ item }}
+  with_items:
+      - db_sync
+      - fernet_setup --keystone-user keystone --keystone-group keystone
+      - credential_setup --keystone-user keystone --keystone-group keystone
+      - >
+          bootstrap --bootstrap-password geheim
+                    --bootstrap-admin-url http://localhost:35357/v3/
+                    --bootstrap-internal-url http://localhost:35357/v3/
+                    --bootstrap-public-url http://localhost:5000/v3/
+                    --bootstrap-region-id RegionOne

roles/mariadb/scripts/initialize_db.sh

@@ -1,6 +0,0 @@
-#!/bin/bash
-mysql -uroot -pgeheim --host 127.0.0.1 << EOF
-CREATE DATABASE IF NOT EXISTS KEYSTONE;
-GRANT ALL PRIVILEGES ON KEYSTONE.* TO 'keystone'@'localhost' IDENTIFIED BY 'keystone';
-GRANT ALL PRIVILEGES ON KEYSTONE.* TO 'keystone'@'%' IDENTIFIED BY 'keystone';
-EOF

roles/mariadb/tasks/main.yml

@@ -14,5 +14,3 @@
   systemd:
     name: mysql.service
     state: started
-- name: Initialize db
-  script: scripts/initialize_db.sh