87514a5705
Add ssl keystone endpoints Add ssl keystone endpoints use fqdn for keystone everywhere. Iadded certs for horizon. Also increased yield of nuke.yml
67 lines
2.5 KiB
YAML
67 lines
2.5 KiB
YAML
# Build and install a docker image for neutron-controller.
|
|
---
|
|
- name: include secrets
|
|
include_vars:
|
|
file: ../../secrets.yml
|
|
name: secrets
|
|
|
|
- set_fact:
|
|
docker_image: "registry.webhosting.rug.nl/hpc/openstack-neutron-controller-merlin:latest"
|
|
|
|
- name: pull docker image
|
|
docker_image:
|
|
name: "{{ docker_image }}"
|
|
force: True
|
|
tags: pull
|
|
|
|
- set_fact:
|
|
env_vars: >
|
|
-e "KEYSTONE_HOST={{ keystone_external_fqdn | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}"
|
|
-e "MEMCACHED_HOST={{ listen_ip | default(hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address']) }}"
|
|
-e "METADATA_SECRET={{ secrets['METADATA_SECRET'] }}"
|
|
-e "MY_IP={{ listen_ip | default(hostvars[groups['neutron-controller'][0]]['ansible_default_ipv4']['address']) }}"
|
|
-e "MYSQL_HOST={{ listen_ip | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}"
|
|
-e "MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }}"
|
|
-e "NEUTRON_PASSWORD={{ secrets['NEUTRON_PASSWORD'] }}"
|
|
-e "NEUTRON_USER=neutron"
|
|
-e "NOVA_USER=nova"
|
|
-e "NOVA_PASSWORD={{ secrets['NOVA_PASSWORD'] }}"
|
|
-e "NOVA_CONTROLLER_HOST={{ listen_ip | default(hostvars[groups['nova-controller'][0]]['ansible_default_ipv4']['address']) }}"
|
|
-e "NOVA_PLACEMENT_PASSWORD={{ secrets['NOVA_PLACEMENT_PASSWORD'] }}"
|
|
-e "NOVA_PLACEMENT_USER=placement"
|
|
-e "OVERLAY_IP={{ overlay_ip }}"
|
|
-e "OS_PASSWORD={{ secrets['OS_PASSWORD'] }}"
|
|
-e "PHYSICAL_INTERFACE_MAPPINGS={{ physical_interface_mappings }}"
|
|
-e "RABBIT_PASSWORD={{ secrets['RABBIT_PASSWORD'] }}"
|
|
-e "RABBIT_USER=openstack"
|
|
tags: env
|
|
|
|
- name: install service file.
|
|
template:
|
|
src: templates/neutron-controller.service
|
|
dest: /etc/systemd/system/neutron-controller.service
|
|
mode: 644
|
|
owner: root
|
|
group: root
|
|
|
|
- command: systemctl daemon-reload
|
|
|
|
- name: start service at boot.
|
|
command: systemctl reenable neutron-controller.service
|
|
|
|
- name: Initialize neutron
|
|
command: >
|
|
/usr/bin/docker run --rm
|
|
{{ env_vars }}
|
|
--add-host=mariadb:{{ listen_ip | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}
|
|
--add-host=keystone:{{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}
|
|
--network host
|
|
{{ docker_image }}
|
|
/etc/bootstrap.sh
|
|
tags: bootstrap
|
|
|
|
- name: make sure service is started
|
|
systemd:
|
|
name: neutron-controller.service
|
|
state: restarted
|