Docker in name is no longer needed

2018-04-23 15:33:12 +02:00
parent b6c6533824
commit 830e940fa2
64 changed files with 0 additions and 0 deletions
--- a/keystone/.gitignore
+++ b/keystone/.gitignore
@ -0,0 +1,8 @@
+# ---> Vim
+[._]*.s[a-w][a-z]
+[._]s[a-w][a-z]
+*.un~
+Session.vim
+.netrwhist
+*~
+
--- a/keystone/Dockerfile
+++ b/keystone/Dockerfile
@ -0,0 +1,28 @@
+# Build keystone. It needs to be run with
+# --add-host=mariadb:<ip mariadb listens tp>
+# Wen starting with an initialized db,
+# run keystone-manage db_sync from this docker first:
+# $ docker run hpc/keystone --add-host=mariadb:<ip mariadb> "keystone-manage db_sync"
+
+FROM ubuntu:16.04
+
+RUN apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 5EDB1B62EC4926EA
+
+RUN set -x \
+    && echo "deb http://ubuntu-cloud.archive.canonical.com/ubuntu xenial-updates/ocata main" > /etc/apt/sources.list.d/ocata.list \
+    && apt-get -y update \
+    && apt-get -y install \
+    && apt-get -y install keystone python-openstackclient \
+    && apt-get -y clean
+
+# set admin token TODO: make this a secret
+# in volume of met env
+COPY keystone.conf /etc/keystone/keystone.conf
+
+RUN mkdir /etc/keystone/fernet-keys
+
+RUN chown keystone: /etc/keystone/fernet-keys
+
+COPY bootstrap.sh /etc/bootstrap.sh
+
+CMD apachectl -DFOREGROUND
--- a/keystone/README.md
+++ b/keystone/README.md
@ -0,0 +1,9 @@
+# ubuntu 16.04 openstack ocata keystone
+
+## How to build the docker image.
+```
+docker  build . -t hpc/openstack-keystone
+```
+
+## Notes
+This image is designed to be deployed from the [hpc-cloud repo](https://git.webhosting.rug.nl/HPC/hpc-cloud)
--- a/keystone/bootstrap.sh
+++ b/keystone/bootstrap.sh
@ -0,0 +1,46 @@
+#!/bin/bash
+
+# Create admin-openrc.sh from secrets that are in the environment during bootstrap.
+cat << EOF > /root/admin-openrc.sh
+#!/bin/bash
+export OS_TENANT_NAME=admin
+export OS_USERNAME=admin
+export OS_PASSWORD=${OS_PASSWORD}
+export OS_AUTH_URL=http://${KEYSTONE_HOST}:35357/v3
+export OS_IDENTITY_API_VERSION=3
+EOF
+
+# Create demo-openrc.sh
+cat << EOF > /root/demo-openrc.sh
+#!/bin/bash
+export OS_TENANT_NAME=demo
+export OS_USERNAME=demo
+export OS_PASSWORD=${OS_DEMO_PASSWORD}
+export OS_AUTH_URL=http://${KEYSTONE_HOST}:35357/v3
+export OS_IDENTITY_API_VERSION=3
+EOF
+
+source /root/admin-openrc.sh
+
+sleep 3
+
+openstack project create --domain default \
+      --description "Service Project" service
+
+sleep 3
+
+openstack project create --domain default \
+  --description "Demo Project" demo
+
+sleep 3
+
+openstack user create --domain default \
+  --password "$OS_DEMO_PASSWORD" demo
+
+sleep 3
+
+openstack role create user
+
+sleep 3
+
+openstack role add --project demo --user demo user
--- a/keystone/keystone.conf
+++ b/keystone/keystone.conf
@ -0,0 +1,12 @@
+[DEFAULT]
+
+verbose = true
+
+[database]
+connection = mysql+pymysql://keystone:keystone@mariadb/keystone
+
+[token]
+provider = fernet
+
+[identity]
+default_domain_id = default
--- a/keystone/keystone.service
+++ b/keystone/keystone.service
@ -0,0 +1,17 @@
+[Unit]
+Description=Openstack Keystone Container
+After=docker.service
+Requires=docker.service
+
+[Service]
+TimeoutStartSec=0
+Restart=always
+ExecStartPre=-/usr/bin/docker rm -f %n
+ExecStart=/usr/bin/docker run --name %n \
+  --add-host=mariadb:{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }} \
+  -p 5000:5000 -p 35357:35357 \
+  -v /srv/keystone/fernet-keys:/etc/keystone/fernet-keys \
+  hpc/keystone
+
+[Install]
+WantedBy=multi-user.target