Merge "Remove Ansible abstraction for Keystone"

ansible/roles/keystone/defaults/main.yml

@@ -8,24 +8,13 @@ keystone_database_name: "keystone"
 keystone_database_user: "keystone"
 keystone_database_address: "{{ kolla_internal_address }}"
 
-# Do not override "service_*" variables
-service_database_name: "{{ keystone_database_name }}"
-service_database_user: "{{ keystone_database_user }}"
-service_database_password: "{{ keystone_database_password }}"
-
 
 ####################
 # Docker
 ####################
-docker_keystone_registry: "{{ docker_registry ~ '/' if docker_registry else '' }}"
-docker_keystone_namespace: "{{ docker_namespace }}"
-kolla_keystone_base_distro: "{{ kolla_base_distro }}"
-kolla_keystone_install_type: "{{ kolla_install_type }}"
-kolla_keystone_container_name: "keystone"
-
-docker_keystone_image: "{{ docker_keystone_registry }}{{ docker_keystone_namespace }}/{{ kolla_keystone_base_distro }}-{{ kolla_keystone_install_type }}-{{ kolla_keystone_container_name }}"
-docker_keystone_tag: "{{ openstack_release }}"
-docker_keystone_image_full: "{{ docker_keystone_image }}:{{ docker_keystone_tag }}"
+keystone_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-keystone"
+keystone_tag: "{{ openstack_release }}"
+keystone_image_full: "{{ keystone_image }}:{{ keystone_tag }}"
 
 
 ####################

ansible/roles/keystone/tasks/bootstrap.yml

@@ -1,11 +1,48 @@
 ---
-# "detach: False" ensures we will be able to wait until the database bootstrap
-# is finished. We can also check the exit code and catch errors if the database
-# initialization does not successfully finish
-- include: ../../bootstrap.yml
-  vars:
-    container_detach: "False"
-    container_environment:
+- name: Creating Keystone database
+  command: docker exec -t kolla_ansible /usr/bin/ansible localhost
+    -m mysql_db
+    -a "login_host='{{ database_address }}'
+        login_user='{{ database_user }}'
+        login_password='{{ database_password }}'
+        name='{{ keystone_database_name }}'"
+  register: database
+  changed_when: "{{ database.stdout.find('localhost | SUCCESS => ') != -1 and (database.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
+  failed_when: database.stdout.split()[2] != 'SUCCESS'
+  run_once: True
+
+- name: Creating Keystone database user and setting permissions
+  command: docker exec -t kolla_ansible /usr/bin/ansible localhost
+    -m mysql_user
+    -a "login_host='{{ database_address }}'
+        login_user='{{ database_user }}'
+        login_password='{{ database_password }}'
+        name='{{ keystone_database_name }}'
+        password='{{ keystone_database_password }}'
+        host='%'
+        priv='{{ keystone_database_name }}.*:ALL'
+        append_privs='yes'"
+  register: database_user
+  changed_when: "{{ database.stdout.find('localhost | SUCCESS => ') != -1 and (database_user.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
+  failed_when: database_user.stdout.split()[2] != 'SUCCESS'
+  run_once: True
+
+- name: Starting Keystone bootstrap container
+  docker:
+    detach: False
+    docker_api_version: "{{ docker_api_version }}"
+    net: host
+    pull: "{{ docker_pull_policy }}"
+    restart_policy: "no"
+    state: reloaded
+    registry: "{{ docker_registry }}"
+    username: "{{ docker_registry_username }}"
+    password: "{{ docker_registry_password }}"
+    insecure_registry: "{{ docker_insecure_registry }}"
+    name: bootstrap_keystone
+    image: "{{ keystone_image_full }}"
+    volumes: "{{ node_config_directory }}/keystone/:/opt/kolla/keystone/:ro"
+    env:
       KOLLA_BOOTSTRAP:
       KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
       KEYSTONE_ADMIN_PASSWORD: "{{ keystone_admin_password }}"
@@ -15,8 +52,17 @@
       ADMIN_URL: "http://{{ kolla_internal_address }}:{{ keystone_admin_port }}/v2.0"
       OS_SERVICE_TOKEN: "{{ keystone_admin_token }}"
       OS_SERVICE_ENDPOINT: "http://{{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}:{{ keystone_admin_port }}/v2.0"
-    container_image: "{{ docker_keystone_image_full }}"
-    container_name: "bootstrap_keystone"
-    container_restart_policy: "no"
-    container_volumes:
-      - "{{ node_config_directory }}/keystone/:/opt/kolla/keystone/:ro"
+  run_once: True
+  when: database.stdout.find('localhost | SUCCESS => ') != -1 and (database.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed
+
+# https://github.com/ansible/ansible-modules-core/pull/1031
+- name: Waiting for Keystone bootstrap container to exit
+  command: docker wait bootstrap_keystone
+  when: database.stdout.find('localhost | SUCCESS => ') != -1 and (database.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed
+
+- name: Cleaning up Keystone boostrap container
+  docker:
+    name: bootstrap_keystone
+    image: "{{ keystone_image_full }}"
+    state: absent
+  when: database.stdout.find('localhost | SUCCESS => ') != -1 and (database.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed

ansible/roles/keystone/tasks/start.yml

@@ -1,9 +1,18 @@
 ---
-- include: ../../start.yml
-  vars:
-    container_environment:
+- name: Starting Keystone container
+  docker:
+    docker_api_version: "{{ docker_api_version }}"
+    net: host
+    pull: "{{ docker_pull_policy }}"
+    restart_policy: "{{ docker_restart_policy }}"
+    restart_policy_retry: "{{ docker_restart_policy_retry }}"
+    state: reloaded
+    registry: "{{ docker_registry }}"
+    username: "{{ docker_registry_username }}"
+    password: "{{ docker_registry_password }}"
+    insecure_registry: "{{ docker_insecure_registry }}"
+    name: keystone
+    image: "{{ keystone_image_full }}"
+    volumes: "{{ node_config_directory }}/keystone/:/opt/kolla/keystone/:ro"
+    env:
       KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
-    container_image: "{{ docker_keystone_image_full }}"
-    container_name: "keystone"
-    container_volumes:
-      - "{{ node_config_directory }}/keystone/:/opt/kolla/keystone/:ro"