From f2d575b9c68bc78f03d4fad299f3bcff2ac5f3e3 Mon Sep 17 00:00:00 2001 From: Sam Yaple Date: Thu, 6 Aug 2015 14:03:08 +0000 Subject: [PATCH] Remove Ansible abstraction for Keystone Change-Id: I0daf8b78f39b919d2b88336322203f1d643fc54b Partial-Bug: #1482214 Partially-Implements: blueprint remove-abstraction-ansible --- ansible/roles/keystone/defaults/main.yml | 17 +----- ansible/roles/keystone/tasks/bootstrap.yml | 70 ++++++++++++++++++---- ansible/roles/keystone/tasks/start.yml | 23 ++++--- 3 files changed, 77 insertions(+), 33 deletions(-) diff --git a/ansible/roles/keystone/defaults/main.yml b/ansible/roles/keystone/defaults/main.yml index d4bc0d02ae..5f33e2f28e 100644 --- a/ansible/roles/keystone/defaults/main.yml +++ b/ansible/roles/keystone/defaults/main.yml @@ -8,24 +8,13 @@ keystone_database_name: "keystone" keystone_database_user: "keystone" keystone_database_address: "{{ kolla_internal_address }}" -# Do not override "service_*" variables -service_database_name: "{{ keystone_database_name }}" -service_database_user: "{{ keystone_database_user }}" -service_database_password: "{{ keystone_database_password }}" - #################### # Docker #################### -docker_keystone_registry: "{{ docker_registry ~ '/' if docker_registry else '' }}" -docker_keystone_namespace: "{{ docker_namespace }}" -kolla_keystone_base_distro: "{{ kolla_base_distro }}" -kolla_keystone_install_type: "{{ kolla_install_type }}" -kolla_keystone_container_name: "keystone" - -docker_keystone_image: "{{ docker_keystone_registry }}{{ docker_keystone_namespace }}/{{ kolla_keystone_base_distro }}-{{ kolla_keystone_install_type }}-{{ kolla_keystone_container_name }}" -docker_keystone_tag: "{{ openstack_release }}" -docker_keystone_image_full: "{{ docker_keystone_image }}:{{ docker_keystone_tag }}" +keystone_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-keystone" +keystone_tag: "{{ openstack_release }}" +keystone_image_full: "{{ keystone_image }}:{{ keystone_tag }}" #################### diff --git a/ansible/roles/keystone/tasks/bootstrap.yml b/ansible/roles/keystone/tasks/bootstrap.yml index a753ce01cf..e6b179f48c 100644 --- a/ansible/roles/keystone/tasks/bootstrap.yml +++ b/ansible/roles/keystone/tasks/bootstrap.yml @@ -1,11 +1,48 @@ --- -# "detach: False" ensures we will be able to wait until the database bootstrap -# is finished. We can also check the exit code and catch errors if the database -# initialization does not successfully finish -- include: ../../bootstrap.yml - vars: - container_detach: "False" - container_environment: +- name: Creating Keystone database + command: docker exec -t kolla_ansible /usr/bin/ansible localhost + -m mysql_db + -a "login_host='{{ database_address }}' + login_user='{{ database_user }}' + login_password='{{ database_password }}' + name='{{ keystone_database_name }}'" + register: database + changed_when: "{{ database.stdout.find('localhost | SUCCESS => ') != -1 and (database.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}" + failed_when: database.stdout.split()[2] != 'SUCCESS' + run_once: True + +- name: Creating Keystone database user and setting permissions + command: docker exec -t kolla_ansible /usr/bin/ansible localhost + -m mysql_user + -a "login_host='{{ database_address }}' + login_user='{{ database_user }}' + login_password='{{ database_password }}' + name='{{ keystone_database_name }}' + password='{{ keystone_database_password }}' + host='%' + priv='{{ keystone_database_name }}.*:ALL' + append_privs='yes'" + register: database_user + changed_when: "{{ database.stdout.find('localhost | SUCCESS => ') != -1 and (database_user.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}" + failed_when: database_user.stdout.split()[2] != 'SUCCESS' + run_once: True + +- name: Starting Keystone bootstrap container + docker: + detach: False + docker_api_version: "{{ docker_api_version }}" + net: host + pull: "{{ docker_pull_policy }}" + restart_policy: "no" + state: reloaded + registry: "{{ docker_registry }}" + username: "{{ docker_registry_username }}" + password: "{{ docker_registry_password }}" + insecure_registry: "{{ docker_insecure_registry }}" + name: bootstrap_keystone + image: "{{ keystone_image_full }}" + volumes: "{{ node_config_directory }}/keystone/:/opt/kolla/keystone/:ro" + env: KOLLA_BOOTSTRAP: KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" KEYSTONE_ADMIN_PASSWORD: "{{ keystone_admin_password }}" @@ -15,8 +52,17 @@ ADMIN_URL: "http://{{ kolla_internal_address }}:{{ keystone_admin_port }}/v2.0" OS_SERVICE_TOKEN: "{{ keystone_admin_token }}" OS_SERVICE_ENDPOINT: "http://{{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}:{{ keystone_admin_port }}/v2.0" - container_image: "{{ docker_keystone_image_full }}" - container_name: "bootstrap_keystone" - container_restart_policy: "no" - container_volumes: - - "{{ node_config_directory }}/keystone/:/opt/kolla/keystone/:ro" + run_once: True + when: database.stdout.find('localhost | SUCCESS => ') != -1 and (database.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed + +# https://github.com/ansible/ansible-modules-core/pull/1031 +- name: Waiting for Keystone bootstrap container to exit + command: docker wait bootstrap_keystone + when: database.stdout.find('localhost | SUCCESS => ') != -1 and (database.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed + +- name: Cleaning up Keystone boostrap container + docker: + name: bootstrap_keystone + image: "{{ keystone_image_full }}" + state: absent + when: database.stdout.find('localhost | SUCCESS => ') != -1 and (database.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed diff --git a/ansible/roles/keystone/tasks/start.yml b/ansible/roles/keystone/tasks/start.yml index 692ffc25e9..064e987830 100644 --- a/ansible/roles/keystone/tasks/start.yml +++ b/ansible/roles/keystone/tasks/start.yml @@ -1,9 +1,18 @@ --- -- include: ../../start.yml - vars: - container_environment: +- name: Starting Keystone container + docker: + docker_api_version: "{{ docker_api_version }}" + net: host + pull: "{{ docker_pull_policy }}" + restart_policy: "{{ docker_restart_policy }}" + restart_policy_retry: "{{ docker_restart_policy_retry }}" + state: reloaded + registry: "{{ docker_registry }}" + username: "{{ docker_registry_username }}" + password: "{{ docker_registry_password }}" + insecure_registry: "{{ docker_insecure_registry }}" + name: keystone + image: "{{ keystone_image_full }}" + volumes: "{{ node_config_directory }}/keystone/:/opt/kolla/keystone/:ro" + env: KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" - container_image: "{{ docker_keystone_image_full }}" - container_name: "keystone" - container_volumes: - - "{{ node_config_directory }}/keystone/:/opt/kolla/keystone/:ro"