Merge "Fix Keystone v3 and Horizon"
This commit is contained in:
commit
a94d537aab
@ -162,14 +162,6 @@ openstack_auth:
|
||||
password: "{{ keystone_admin_password }}"
|
||||
project_name: "admin"
|
||||
|
||||
# This shouldn't be needed for long. It is only temporary until we get the
|
||||
# ansible modules sorted out
|
||||
openstack_auth_v2:
|
||||
auth_url: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}/v2.0"
|
||||
username: "admin"
|
||||
password: "{{ keystone_admin_password }}"
|
||||
project_name: "admin"
|
||||
|
||||
# These roles are required for Kolla to be operation, however a savvy deployer
|
||||
# could disable some of these required roles and run their own services.
|
||||
enable_glance: "yes"
|
||||
|
@ -50,12 +50,12 @@ cinder_api_image_full: "{{ cinder_api_image }}:{{ cinder_api_tag }}"
|
||||
####################
|
||||
# OpenStack
|
||||
####################
|
||||
cinder_public_address: "{{ kolla_external_fqdn }}"
|
||||
cinder_admin_address: "{{ kolla_internal_fqdn }}"
|
||||
cinder_internal_address: "{{ kolla_internal_fqdn }}"
|
||||
cinder_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ cinder_api_port }}/v2/%(tenant_id)s"
|
||||
cinder_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ cinder_api_port }}/v2/%(tenant_id)s"
|
||||
cinder_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ cinder_api_port }}/v2/%(tenant_id)s"
|
||||
|
||||
cinder_logging_debug: "{{ openstack_logging_debug }}"
|
||||
|
||||
cinder_keystone_user: "cinder"
|
||||
|
||||
openstack_cinder_auth: "{'auth_url':'{{ openstack_auth_v2.auth_url }}','username':'{{ openstack_auth_v2.username }}','password':'{{ openstack_auth_v2.password }}','project_name':'{{ openstack_auth_v2.project_name }}'}"
|
||||
openstack_cinder_auth: "{'auth_url':'{{ openstack_auth.auth_url }}','username':'{{ openstack_auth.username }}','password':'{{ openstack_auth.password }}','project_name':'{{ openstack_auth.project_name }}'}"
|
||||
|
@ -2,33 +2,12 @@
|
||||
- name: Creating the Cinder service and endpoint
|
||||
command: docker exec -t kolla_toolbox /usr/bin/ansible localhost
|
||||
-m kolla_keystone_service
|
||||
-a "service_name=cinder
|
||||
service_type=volume
|
||||
-a "service_name={{ item.service_name }}
|
||||
service_type={{ item.service_type }}
|
||||
description='Openstack Block Storage'
|
||||
endpoint_region={{ openstack_region_name }}
|
||||
admin_url='{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ cinder_api_port }}/v2/%(tenant_id)s'
|
||||
internal_url='{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ cinder_api_port }}/v2/%(tenant_id)s'
|
||||
public_url='{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ cinder_api_port }}/v2/%(tenant_id)s'
|
||||
region_name={{ openstack_region_name }}
|
||||
auth={{ '{{ openstack_cinder_auth }}' }}"
|
||||
-e "{'openstack_cinder_auth':{{ openstack_cinder_auth }}}"
|
||||
register: cinder_endpoint
|
||||
changed_when: "{{ cinder_endpoint.stdout.find('localhost | SUCCESS => ') != -1 and (cinder_endpoint.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
|
||||
until: cinder_endpoint.stdout.split()[2] == 'SUCCESS'
|
||||
retries: 10
|
||||
delay: 5
|
||||
run_once: True
|
||||
|
||||
- name: Creating the Cinder v2 service and endpoint
|
||||
command: docker exec -t kolla_toolbox /usr/bin/ansible localhost
|
||||
-m kolla_keystone_service
|
||||
-a "service_name=cinderv2
|
||||
service_type=volumev2
|
||||
description='Openstack Block Storage'
|
||||
endpoint_region={{ openstack_region_name }}
|
||||
admin_url='{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ cinder_api_port }}/v2/%(tenant_id)s'
|
||||
internal_url='{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ cinder_api_port }}/v2/%(tenant_id)s'
|
||||
public_url='{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ cinder_api_port }}/v2/%(tenant_id)s'
|
||||
url='{{ item.url }}'
|
||||
interface='{{ item.interface }}'
|
||||
region_name={{ openstack_region_name }}
|
||||
auth={{ '{{ openstack_cinder_auth }}' }}"
|
||||
-e "{'openstack_cinder_auth':{{ openstack_cinder_auth }}}"
|
||||
@ -38,6 +17,13 @@
|
||||
retries: 10
|
||||
delay: 5
|
||||
run_once: True
|
||||
with_items:
|
||||
- {'interface': 'admin', 'url': '{{ cinder_admin_endpoint }}', 'service_name': 'cinder', 'service_type': 'volume'}
|
||||
- {'interface': 'internal', 'url': '{{ cinder_internal_endpoint }}', 'service_name': 'cinder', 'service_type': 'volume'}
|
||||
- {'interface': 'public', 'url': '{{ cinder_public_endpoint }}', 'service_name': 'cinder', 'service_type': 'volume'}
|
||||
- {'interface': 'admin', 'url': '{{ cinder_admin_endpoint }}', 'service_name': 'cinderv2', 'service_type': 'volumev2'}
|
||||
- {'interface': 'internal', 'url': '{{ cinder_internal_endpoint }}', 'service_name': 'cinderv2', 'service_type': 'volumev2'}
|
||||
- {'interface': 'public', 'url': '{{ cinder_public_endpoint }}', 'service_name': 'cinderv2', 'service_type': 'volumev2'}
|
||||
|
||||
- name: Creating the Cinder project, user, and role
|
||||
command: docker exec -t kolla_toolbox /usr/bin/ansible localhost
|
||||
|
@ -37,12 +37,12 @@ glance_api_image_full: "{{ glance_api_image }}:{{ glance_api_tag }}"
|
||||
####################
|
||||
# OpenStack
|
||||
####################
|
||||
glance_public_address: "{{ kolla_external_fqdn }}"
|
||||
glance_admin_address: "{{ kolla_internal_fqdn }}"
|
||||
glance_internal_address: "{{ kolla_internal_fqdn }}"
|
||||
glance_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ glance_api_port }}"
|
||||
glance_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ glance_api_port }}"
|
||||
glance_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ glance_api_port }}"
|
||||
|
||||
glance_logging_debug: "{{ openstack_logging_debug }}"
|
||||
|
||||
glance_keystone_user: "glance"
|
||||
|
||||
openstack_glance_auth: "{'auth_url':'{{ openstack_auth_v2.auth_url }}','username':'{{ openstack_auth_v2.username }}','password':'{{ openstack_auth_v2.password }}','project_name':'{{ openstack_auth_v2.project_name }}'}"
|
||||
openstack_glance_auth: "{'auth_url':'{{ openstack_auth.auth_url }}','username':'{{ openstack_auth.username }}','password':'{{ openstack_auth.password }}','project_name':'{{ openstack_auth.project_name }}','domain_name':'default'}"
|
||||
|
@ -6,9 +6,8 @@
|
||||
service_type=image
|
||||
description='Openstack Image'
|
||||
endpoint_region={{ openstack_region_name }}
|
||||
admin_url='{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ glance_api_port }}'
|
||||
internal_url='{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ glance_api_port }}'
|
||||
public_url='{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ glance_api_port }}'
|
||||
url='{{ item.url }}'
|
||||
interface='{{ item.interface }}'
|
||||
region_name={{ openstack_region_name }}
|
||||
auth={{ '{{ openstack_glance_auth }}' }}"
|
||||
-e "{'openstack_glance_auth':{{ openstack_glance_auth }}}"
|
||||
@ -18,6 +17,10 @@
|
||||
retries: 10
|
||||
delay: 5
|
||||
run_once: True
|
||||
with_items:
|
||||
- {'interface': 'admin', 'url': '{{ glance_admin_endpoint }}'}
|
||||
- {'interface': 'internal', 'url': '{{ glance_internal_endpoint }}'}
|
||||
- {'interface': 'public', 'url': '{{ glance_public_endpoint }}'}
|
||||
|
||||
- name: Creating the Glance project, user, and role
|
||||
command: docker exec -t kolla_toolbox /usr/bin/ansible localhost
|
||||
|
@ -27,12 +27,15 @@ heat_engine_image_full: "{{ heat_engine_image }}:{{ heat_engine_tag }}"
|
||||
####################
|
||||
# OpenStack
|
||||
####################
|
||||
heat_public_address: "{{ kolla_external_fqdn }}"
|
||||
heat_admin_address: "{{ kolla_internal_fqdn }}"
|
||||
heat_internal_address: "{{ kolla_internal_fqdn }}"
|
||||
heat_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ heat_api_port }}/v1/%(tenant_id)s"
|
||||
heat_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ heat_api_port }}/v1/%(tenant_id)s"
|
||||
heat_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ heat_api_port }}/v1/%(tenant_id)s"
|
||||
heat_cfn_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ heat_api_cfn_port }}/v1"
|
||||
heat_cfn_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ heat_api_cfn_port }}/v1"
|
||||
heat_cfn_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ heat_api_cfn_port }}/v1"
|
||||
|
||||
heat_logging_debug: "{{ openstack_logging_debug }}"
|
||||
|
||||
heat_keystone_user: "heat"
|
||||
|
||||
openstack_heat_auth: "{'auth_url':'{{ openstack_auth_v2.auth_url }}','username':'{{ openstack_auth_v2.username }}','password':'{{ openstack_auth_v2.password }}','project_name':'{{ openstack_auth_v2.project_name }}'}"
|
||||
openstack_heat_auth: "{'auth_url':'{{ openstack_auth.auth_url }}','username':'{{ openstack_auth.username }}','password':'{{ openstack_auth.password }}','project_name':'{{ openstack_auth.project_name }}'}"
|
||||
|
@ -6,29 +6,8 @@
|
||||
service_type=orchestration
|
||||
description='Openstack Orchestration'
|
||||
endpoint_region={{ openstack_region_name }}
|
||||
admin_url='{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ heat_api_port }}/v1/%(tenant_id)s'
|
||||
internal_url='{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ heat_api_port }}/v1/%(tenant_id)s'
|
||||
public_url='{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ heat_api_port }}/v1/%(tenant_id)s'
|
||||
region_name={{ openstack_region_name }}
|
||||
auth={{ '{{ openstack_heat_auth }}' }}"
|
||||
-e "{'openstack_heat_auth':{{ openstack_heat_auth }}}"
|
||||
register: heat_endpoint
|
||||
changed_when: "{{ heat_endpoint.stdout.find('localhost | SUCCESS => ') != -1 and (heat_endpoint.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
|
||||
until: heat_endpoint.stdout.split()[2] == 'SUCCESS'
|
||||
retries: 10
|
||||
delay: 5
|
||||
run_once: True
|
||||
|
||||
- name: Creating the Heat-cfn service and endpoint
|
||||
command: docker exec -t kolla_toolbox /usr/bin/ansible localhost
|
||||
-m kolla_keystone_service
|
||||
-a "service_name=heat-cfn
|
||||
service_type=orchestration
|
||||
description='Openstack Orchestration'
|
||||
endpoint_region={{ openstack_region_name }}
|
||||
admin_url='{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ heat_api_port }}/v1'
|
||||
internal_url='{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ heat_api_cfn_port }}/v1'
|
||||
public_url='{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ heat_api_cfn_port }}/v1'
|
||||
url='{{ item.url }}'
|
||||
interface='{{ item.interface }}'
|
||||
region_name={{ openstack_region_name }}
|
||||
auth={{ '{{ openstack_heat_auth }}' }}"
|
||||
-e "{'openstack_heat_auth':{{ openstack_heat_auth }}}"
|
||||
@ -38,6 +17,13 @@
|
||||
retries: 10
|
||||
delay: 5
|
||||
run_once: True
|
||||
with_items:
|
||||
- {'interface': 'admin', 'url': '{{ heat_admin_endpoint }}'}
|
||||
- {'interface': 'internal', 'url': '{{ heat_internal_endpoint }}'}
|
||||
- {'interface': 'public', 'url': '{{ heat_public_endpoint }}'}
|
||||
- {'interface': 'admin', 'url': '{{ heat_cfn_admin_endpoint }}'}
|
||||
- {'interface': 'internal', 'url': '{{ heat_cfn_internal_endpoint }}'}
|
||||
- {'interface': 'public', 'url': '{{ heat_cfn_public_endpoint }}'}
|
||||
|
||||
- name: Creating the Heat project, user, and role
|
||||
command: docker exec -t kolla_toolbox /usr/bin/ansible localhost
|
||||
|
@ -32,10 +32,10 @@ ironic_pxe_image_full: "{{ ironic_pxe_image }}:{{ ironic_pxe_tag }}"
|
||||
####################
|
||||
# OpenStack
|
||||
####################
|
||||
ironic_public_address: "{{ kolla_external_fqdn }}"
|
||||
ironic_admin_address: "{{ kolla_internal_fqdn }}"
|
||||
ironic_internal_address: "{{ kolla_internal_fqdn }}"
|
||||
ironic_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ ironic_api_port }}"
|
||||
ironic_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ ironic_api_port }}"
|
||||
ironic_admin_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ ironic_api_port }}"
|
||||
|
||||
ironic_logging_debug: "{{ openstack_logging_debug }}"
|
||||
|
||||
openstack_ironic_auth: "{'auth_url':'{{ openstack_auth_v2.auth_url }}','username':'{{ openstack_auth_v2.username }}','password':'{{ openstack_auth_v2.password }}','project_name':'{{ openstack_auth_v2.project_name }}'}"
|
||||
openstack_ironic_auth: "{'auth_url':'{{ openstack_auth.auth_url }}','username':'{{ openstack_auth.username }}','password':'{{ openstack_auth.password }}','project_name':'{{ openstack_auth.project_name }}'}"
|
||||
|
@ -6,9 +6,8 @@
|
||||
service_type=baremetal
|
||||
description='Ironic bare metal provisioning service'
|
||||
endpoint_region={{ openstack_region_name }}
|
||||
admin_url='{{ admin_protocol }}://{{ ironic_admin_address }}:{{ ironic_api_port }}'
|
||||
internal_url='{{ internal_protocol }}://{{ ironic_internal_address }}:{{ ironic_api_port }}'
|
||||
public_url='{{ public_protocol }}://{{ ironic_public_address }}:{{ ironic_api_port }}'
|
||||
url='{{ item.url }}'
|
||||
interface='{{ item.interface }}'
|
||||
region_name={{ openstack_region_name }}
|
||||
auth={{ '{{ openstack_ironic_auth }}' }}"
|
||||
-e "{'openstack_ironic_auth':{{ openstack_ironic_auth }}}"
|
||||
@ -18,6 +17,10 @@
|
||||
retries: 10
|
||||
delay: 5
|
||||
run_once: True
|
||||
with_items:
|
||||
- {'interface': 'admin', 'url': '{{ ironic_admin_endpoint }}'}
|
||||
- {'interface': 'internal', 'url': '{{ ironic_internal_endpoint }}'}
|
||||
- {'interface': 'public', 'url': '{{ ironic_public_endpoint }}'}
|
||||
|
||||
- name: Creating the Ironic project, user, and role
|
||||
command: docker exec -t kolla_toolbox /usr/bin/ansible localhost
|
||||
|
@ -20,14 +20,8 @@ keystone_image_full: "{{ keystone_image }}:{{ keystone_tag }}"
|
||||
####################
|
||||
# OpenStack
|
||||
####################
|
||||
keystone_public_address: "{{ kolla_external_fqdn }}"
|
||||
keystone_admin_address: "{{ kolla_internal_fqdn }}"
|
||||
keystone_internal_address: "{{ kolla_internal_fqdn }}"
|
||||
|
||||
keystone_admin_url: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}"
|
||||
keystone_internal_url: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}"
|
||||
keystone_public_url: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ keystone_public_port }}"
|
||||
keystone_admin_url: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}/v3"
|
||||
keystone_internal_url: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }}/v3"
|
||||
keystone_public_url: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ keystone_public_port }}/v3"
|
||||
|
||||
keystone_logging_debug: "{{ openstack_logging_debug }}"
|
||||
|
||||
openstack_keystone_auth: "{'auth_url':'{{ openstack_auth_v2.auth_url }}','username':'{{ openstack_auth_v2.username }}','password':'{{ openstack_auth_v2.password }}','project_name':'{{ openstack_auth_v2.project_name }}'}"
|
||||
|
@ -10,4 +10,4 @@
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
|
||||
- name: Wait for keystone startup
|
||||
wait_for: host={{ keystone_admin_address }} port={{ keystone_admin_port }}
|
||||
wait_for: host={{ kolla_internal_fqdn }} port={{ keystone_admin_port }}
|
||||
|
@ -23,12 +23,12 @@ magnum_conductor_image_full: "{{ magnum_conductor_image }}:{{ magnum_conductor_t
|
||||
####################
|
||||
# OpenStack
|
||||
####################
|
||||
magnum_public_address: "{{ kolla_external_fqdn }}"
|
||||
magnum_admin_address: "{{ kolla_internal_fqdn }}"
|
||||
magnum_internal_address: "{{ kolla_internal_fqdn }}"
|
||||
magnum_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ magnum_api_port }}/v1"
|
||||
magnum_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ magnum_api_port }}/v1"
|
||||
magnum_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ magnum_api_port }}/v1"
|
||||
|
||||
magnum_logging_debug: "{{ openstack_logging_debug }}"
|
||||
|
||||
magnum_keystone_user: "magnum"
|
||||
|
||||
openstack_magnum_auth: "{'auth_url':'{{ openstack_auth_v2.auth_url }}','username':'{{ openstack_auth_v2.username }}','password':'{{ openstack_auth_v2.password }}','project_name':'{{ openstack_auth_v2.project_name }}'}"
|
||||
openstack_magnum_auth: "{'auth_url':'{{ openstack_auth.auth_url }}','username':'{{ openstack_auth.username }}','password':'{{ openstack_auth.password }}','project_name':'{{ openstack_auth.project_name }}'}"
|
||||
|
@ -6,9 +6,8 @@
|
||||
service_type=container
|
||||
description='Openstack Container Service'
|
||||
endpoint_region={{ openstack_region_name }}
|
||||
admin_url='{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ magnum_api_port }}/v1'
|
||||
internal_url='{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ magnum_api_port }}/v1'
|
||||
public_url='{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ magnum_api_port }}/v1'
|
||||
url='{{ item.url }}'
|
||||
interface='{{ item.interface }}'
|
||||
region_name={{ openstack_region_name }}
|
||||
auth={{ '{{ openstack_magnum_auth }}' }}"
|
||||
-e "{'openstack_magnum_auth':{{ openstack_magnum_auth }}}"
|
||||
@ -18,6 +17,10 @@
|
||||
retries: 10
|
||||
delay: 5
|
||||
run_once: True
|
||||
with_items:
|
||||
- {'interface': 'admin', 'url': '{{ magnum_admin_endpoint }}'}
|
||||
- {'interface': 'internal', 'url': '{{ magnum_internal_endpoint }}'}
|
||||
- {'interface': 'public', 'url': '{{ magnum_public_endpoint }}'}
|
||||
|
||||
- name: Creating the Magnum project, user, and role
|
||||
command: docker exec -t kolla_toolbox /usr/bin/ansible localhost
|
||||
|
@ -28,9 +28,12 @@ manila_api_image_full: "{{ manila_api_image }}:{{ manila_api_tag }}"
|
||||
#####################
|
||||
## OpenStack
|
||||
#####################
|
||||
manila_public_address: "{{ kolla_external_fqdn }}"
|
||||
manila_admin_address: "{{ kolla_internal_fqdn }}"
|
||||
manila_internal_address: "{{ kolla_internal_fqdn }}"
|
||||
manila_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ manila_api_port }}/v1/%(tenant_id)s"
|
||||
manila_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ manila_api_port }}/v1/%(tenant_id)s"
|
||||
manila_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ manila_api_port }}/v1/%(tenant_id)s"
|
||||
manila_v2_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ manila_api_port }}/v2/%(tenant_id)s"
|
||||
manila_v2_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ manila_api_port }}/v2/%(tenant_id)s"
|
||||
manila_v2_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ manila_api_port }}/v2/%(tenant_id)s"
|
||||
|
||||
manila_logging_debug: "{{ openstack_logging_debug }}"
|
||||
|
||||
@ -38,5 +41,4 @@ manila_keystone_user: "manila"
|
||||
|
||||
manila_tenant_name: "manila_tenant"
|
||||
|
||||
openstack_manila_auth: "{'auth_url':'{{ openstack_auth_v2.auth_url }}','username':'{{ openstack_auth_v2.username }}','password':'{{ openstack_auth_v2.password }}','project_name':'{{ openstack_auth_v2.project_name }}'}"
|
||||
|
||||
openstack_manila_auth: "{'auth_url':'{{ openstack_auth.auth_url }}','username':'{{ openstack_auth.username }}','password':'{{ openstack_auth.password }}','project_name':'{{ openstack_auth.project_name }}'}"
|
||||
|
@ -6,29 +6,8 @@
|
||||
service_type=share
|
||||
description='Openstack Shared Filesystems'
|
||||
endpoint_region={{ openstack_region_name }}
|
||||
admin_url='{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ manila_api_port }}/v1/%(tenant_id)s'
|
||||
internal_url='{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ manila_api_port }}/v1/%(tenant_id)s'
|
||||
public_url='{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ manila_api_port }}/v1/%(tenant_id)s'
|
||||
region_name={{ openstack_region_name }}
|
||||
auth={{ '{{ openstack_manila_auth }}' }}"
|
||||
-e "{'openstack_manila_auth':{{ openstack_manila_auth }}}"
|
||||
register: manila_endpoint
|
||||
changed_when: "{{ manila_endpoint.stdout.find('localhost | SUCCESS => ') != -1 and (manila_endpoint.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
|
||||
until: manila_endpoint.stdout.split()[2] == 'SUCCESS'
|
||||
retries: 10
|
||||
delay: 5
|
||||
run_once: True
|
||||
|
||||
- name: Creating the Manila v2 service and endpoint
|
||||
command: docker exec -t kolla_toolbox /usr/bin/ansible localhost
|
||||
-m kolla_keystone_service
|
||||
-a "service_name=manilav2
|
||||
service_type=sharev2
|
||||
description='Openstack Shared Filesystems'
|
||||
endpoint_region={{ openstack_region_name }}
|
||||
admin_url='{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ manila_api_port }}/v2/%(tenant_id)s'
|
||||
internal_url='{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ manila_api_port }}/v2/%(tenant_id)s'
|
||||
public_url='{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ manila_api_port }}/v2/%(tenant_id)s'
|
||||
url='{{ item.url }}'
|
||||
interface='{{ item.interface }}'
|
||||
region_name={{ openstack_region_name }}
|
||||
auth={{ '{{ openstack_manila_auth }}' }}"
|
||||
-e "{'openstack_manila_auth':{{ openstack_manila_auth }}}"
|
||||
@ -38,6 +17,13 @@
|
||||
retries: 10
|
||||
delay: 5
|
||||
run_once: True
|
||||
with_items:
|
||||
- {'interface': 'admin', 'url': '{{ mistral_admin_endpoint }}'}
|
||||
- {'interface': 'internal', 'url': '{{ mistral_internal_endpoint }}'}
|
||||
- {'interface': 'public', 'url': '{{ mistral_public_endpoint }}'}
|
||||
- {'interface': 'admin', 'url': '{{ mistral_v2_admin_endpoint }}'}
|
||||
- {'interface': 'internal', 'url': '{{ mistral_v2_internal_endpoint }}'}
|
||||
- {'interface': 'public', 'url': '{{ mistral_v2_public_endpoint }}'}
|
||||
|
||||
- name: Creating the Manila project, user and role
|
||||
command: docker exec -t kolla_toolbox /usr/bin/ansible localhost
|
||||
|
@ -28,12 +28,12 @@ mistral_api_image_full: "{{ mistral_api_image }}:{{ mistral_api_tag }}"
|
||||
####################
|
||||
# OpenStack
|
||||
####################
|
||||
mistral_public_address: "{{ kolla_external_fqdn }}"
|
||||
mistral_admin_address: "{{ kolla_internal_fqdn }}"
|
||||
mistral_internal_address: "{{ kolla_internal_fqdn }}"
|
||||
mistral_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ mistral_api_port }}"
|
||||
mistral_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ mistral_api_port }}"
|
||||
mistral_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ mistral_api_port }}"
|
||||
|
||||
mistral_logging_debug: "{{ openstack_logging_debug }}"
|
||||
|
||||
mistral_keystone_user: "mistral"
|
||||
|
||||
openstack_mistral_auth: "{'auth_url':'{{ openstack_auth_v2.auth_url }}','username':'{{ openstack_auth_v2.username }}','password':'{{ openstack_auth_v2.password }}','project_name':'{{ openstack_auth_v2.project_name }}'}"
|
||||
openstack_mistral_auth: "{'auth_url':'{{ openstack_auth.auth_url }}','username':'{{ openstack_auth.username }}','password':'{{ openstack_auth.password }}','project_name':'{{ openstack_auth.project_name }}'}"
|
||||
|
@ -6,9 +6,8 @@
|
||||
service_type=application_catalog
|
||||
description='Openstack Application Catalog'
|
||||
endpoint_region={{ openstack_region_name }}
|
||||
admin_url='{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ mistral_api_port }}'
|
||||
internal_url='{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ mistral_api_port }}'
|
||||
public_url='{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ mistral_api_port }}'
|
||||
url='{{ item.url }}'
|
||||
interface='{{ item.interface }}'
|
||||
region_name={{ openstack_region_name }}
|
||||
auth={{ '{{ openstack_mistral_auth }}' }}"
|
||||
-e "{'openstack_mistral_auth':{{ openstack_mistral_auth }}}"
|
||||
@ -18,6 +17,10 @@
|
||||
retries: 10
|
||||
delay: 5
|
||||
run_once: True
|
||||
with_items:
|
||||
- {'interface': 'admin', 'url': '{{ mistral_admin_endpoint }}'}
|
||||
- {'interface': 'internal', 'url': '{{ mistral_internal_endpoint }}'}
|
||||
- {'interface': 'public', 'url': '{{ mistral_public_endpoint }}'}
|
||||
|
||||
- name: Creating the Mistral project, user, and role
|
||||
command: docker exec -t kolla_toolbox /usr/bin/ansible localhost
|
||||
|
@ -24,12 +24,12 @@ murano_api_image_full: "{{ murano_api_image }}:{{ murano_api_tag }}"
|
||||
####################
|
||||
# OpenStack
|
||||
####################
|
||||
murano_public_address: "{{ kolla_external_fqdn }}"
|
||||
murano_admin_address: "{{ kolla_internal_fqdn }}"
|
||||
murano_internal_address: "{{ kolla_internal_fqdn }}"
|
||||
murano_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ murano_api_port }}"
|
||||
murano_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ murano_api_port }}"
|
||||
murano_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ murano_api_port }}"
|
||||
|
||||
murano_logging_debug: "{{ openstack_logging_debug }}"
|
||||
|
||||
murano_keystone_user: "murano"
|
||||
|
||||
openstack_murano_auth: "{'auth_url':'{{ openstack_auth_v2.auth_url }}','username':'{{ openstack_auth_v2.username }}','password':'{{ openstack_auth_v2.password }}','project_name':'{{ openstack_auth_v2.project_name }}'}"
|
||||
openstack_murano_auth: "{'auth_url':'{{ openstack_auth.auth_url }}','username':'{{ openstack_auth.username }}','password':'{{ openstack_auth.password }}','project_name':'{{ openstack_auth.project_name }}'}"
|
||||
|
@ -6,9 +6,8 @@
|
||||
service_type=application_catalog
|
||||
description='Openstack Application Catalogue'
|
||||
endpoint_region={{ openstack_region_name }}
|
||||
admin_url='{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ murano_api_port }}'
|
||||
internal_url='{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ murano_api_port }}'
|
||||
public_url='{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ murano_api_port }}'
|
||||
url='{{ item.url }}'
|
||||
interface='{{ item.interface }}'
|
||||
region_name={{ openstack_region_name }}
|
||||
auth={{ '{{ openstack_murano_auth }}' }}"
|
||||
-e "{'openstack_murano_auth':{{ openstack_murano_auth }}}"
|
||||
@ -18,6 +17,10 @@
|
||||
retries: 10
|
||||
delay: 5
|
||||
run_once: True
|
||||
with_items:
|
||||
- {'interface': 'admin', 'url': '{{ murano_admin_endpoint }}'}
|
||||
- {'interface': 'internal', 'url': '{{ murano_internal_endpoint }}'}
|
||||
- {'interface': 'public', 'url': '{{ murano_public_endpoint }}'}
|
||||
|
||||
- name: Creating the Murano project, user, and role
|
||||
command: docker exec -t kolla_toolbox /usr/bin/ansible localhost
|
||||
|
@ -48,12 +48,12 @@ openvswitch_vswitchd_image_full: "{{ openvswitch_vswitchd_image }}:{{ openvswitc
|
||||
####################
|
||||
# OpenStack
|
||||
####################
|
||||
neutron_public_address: "{{ kolla_external_fqdn }}"
|
||||
neutron_admin_address: "{{ kolla_internal_fqdn }}"
|
||||
neutron_internal_address: "{{ kolla_internal_fqdn }}"
|
||||
neutron_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ neutron_server_port }}"
|
||||
neutron_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ neutron_server_port }}"
|
||||
neutron_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ neutron_server_port }}"
|
||||
|
||||
neutron_logging_debug: "{{ openstack_logging_debug }}"
|
||||
|
||||
neutron_bridge_name: "br-ex"
|
||||
|
||||
openstack_neutron_auth: "{'auth_url':'{{ openstack_auth_v2.auth_url }}','username':'{{ openstack_auth_v2.username }}','password':'{{ openstack_auth_v2.password }}','project_name':'{{ openstack_auth_v2.project_name }}'}"
|
||||
openstack_neutron_auth: "{'auth_url':'{{ openstack_auth.auth_url }}','username':'{{ openstack_auth.username }}','password':'{{ openstack_auth.password }}','project_name':'{{ openstack_auth.project_name }}'}"
|
||||
|
@ -6,9 +6,8 @@
|
||||
service_type=network
|
||||
description='Openstack Networking'
|
||||
endpoint_region={{ openstack_region_name }}
|
||||
admin_url='{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ neutron_server_port }}'
|
||||
internal_url='{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ neutron_server_port }}'
|
||||
public_url='{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ neutron_server_port }}'
|
||||
url='{{ item.url }}'
|
||||
interface='{{ item.interface }}'
|
||||
region_name={{ openstack_region_name }}
|
||||
auth={{ '{{ openstack_neutron_auth }}' }}"
|
||||
-e "{'openstack_neutron_auth':{{ openstack_neutron_auth }}}"
|
||||
@ -18,6 +17,10 @@
|
||||
retries: 10
|
||||
delay: 5
|
||||
run_once: True
|
||||
with_items:
|
||||
- {'interface': 'admin', 'url': '{{ neutron_admin_endpoint }}'}
|
||||
- {'interface': 'internal', 'url': '{{ neutron_internal_endpoint }}'}
|
||||
- {'interface': 'public', 'url': '{{ neutron_public_endpoint }}'}
|
||||
|
||||
- name: Creating the Neutron project, user, and role
|
||||
command: docker exec -t kolla_toolbox /usr/bin/ansible localhost
|
||||
|
@ -67,10 +67,10 @@ nova_compute_ironic_image_full: "{{ nova_compute_ironic_image }}:{{ nova_compute
|
||||
####################
|
||||
# OpenStack
|
||||
####################
|
||||
nova_public_address: "{{ kolla_external_fqdn }}"
|
||||
nova_admin_address: "{{ kolla_internal_fqdn }}"
|
||||
nova_internal_address: "{{ kolla_internal_fqdn }}"
|
||||
nova_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ nova_api_port }}/v2/%(tenant_id)s"
|
||||
nova_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ nova_api_port }}/v2/%(tenant_id)s"
|
||||
nova_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ nova_api_port }}/v2/%(tenant_id)s"
|
||||
|
||||
nova_logging_debug: "{{ openstack_logging_debug }}"
|
||||
|
||||
openstack_nova_auth: "{'auth_url':'{{ openstack_auth_v2.auth_url }}','username':'{{ openstack_auth_v2.username }}','password':'{{ openstack_auth_v2.password }}','project_name':'{{ openstack_auth_v2.project_name }}'}"
|
||||
openstack_nova_auth: "{'auth_url':'{{ openstack_auth.auth_url }}','username':'{{ openstack_auth.username }}','password':'{{ openstack_auth.password }}','project_name':'{{ openstack_auth.project_name }}'}"
|
||||
|
@ -6,9 +6,8 @@
|
||||
service_type=compute
|
||||
description='Openstack Compute'
|
||||
endpoint_region={{ openstack_region_name }}
|
||||
admin_url='{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ nova_api_port }}/v2/%(tenant_id)s'
|
||||
internal_url='{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ nova_api_port }}/v2/%(tenant_id)s'
|
||||
public_url='{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ nova_api_port }}/v2/%(tenant_id)s'
|
||||
url='{{ item.url }}'
|
||||
interface='{{ item.interface }}'
|
||||
region_name={{ openstack_region_name }}
|
||||
auth={{ '{{ openstack_nova_auth }}' }}"
|
||||
-e "{'openstack_nova_auth':{{ openstack_nova_auth }}}"
|
||||
@ -18,7 +17,10 @@
|
||||
retries: 10
|
||||
delay: 5
|
||||
run_once: True
|
||||
|
||||
with_items:
|
||||
- {'interface': 'admin', 'url': '{{ nova_admin_endpoint }}'}
|
||||
- {'interface': 'internal', 'url': '{{ nova_internal_endpoint }}'}
|
||||
- {'interface': 'public', 'url': '{{ nova_public_endpoint }}'}
|
||||
|
||||
- name: Creating the Nova project, user, and role
|
||||
command: docker exec -t kolla_toolbox /usr/bin/ansible localhost
|
||||
|
@ -80,7 +80,7 @@ html5proxy_port = {{ nova_spicehtml5proxy_port }}
|
||||
[ironic]
|
||||
admin_username = {{ ironic_keystone_user }}
|
||||
admin_password = {{ ironic_keystone_password }}
|
||||
admin_url = {{ openstack_auth_v2.auth_url }}
|
||||
admin_url = {{ openstack_auth.auth_url }}
|
||||
admin_tenant_name = service
|
||||
api_endpoint = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ ironic_api_port }}/v1
|
||||
{% endif %}
|
||||
|
@ -27,9 +27,9 @@ swift_rsyncd_image_full: "{{ swift_rsyncd_image }}:{{ swift_rsyncd_tag }}"
|
||||
####################
|
||||
# OpenStack
|
||||
####################
|
||||
swift_public_address: "{{ kolla_external_fqdn }}"
|
||||
swift_admin_address: "{{ kolla_internal_fqdn }}"
|
||||
swift_internal_address: "{{ kolla_internal_fqdn }}"
|
||||
swift_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ swift_proxy_server_port }}"
|
||||
swift_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ swift_proxy_server_port }}"
|
||||
swift_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ swift_proxy_server_port }}"
|
||||
|
||||
swift_logging_debug: "{{ openstack_logging_debug }}"
|
||||
|
||||
@ -40,4 +40,4 @@ swift_devices_mount_point: "/srv/node"
|
||||
swift_devices_match_mode: "strict"
|
||||
swift_devices_name: "KOLLA_SWIFT_DATA"
|
||||
|
||||
openstack_swift_auth: "{'auth_url':'{{ openstack_auth_v2.auth_url }}','username':'{{ openstack_auth_v2.username }}','password':'{{ openstack_auth_v2.password }}','project_name':'{{ openstack_auth_v2.project_name }}'}"
|
||||
openstack_swift_auth: "{'auth_url':'{{ openstack_auth.auth_url }}','username':'{{ openstack_auth.username }}','password':'{{ openstack_auth.password }}','project_name':'{{ openstack_auth.project_name }}'}"
|
||||
|
@ -6,9 +6,8 @@
|
||||
service_type=object-store
|
||||
description='Openstack Object Storage'
|
||||
endpoint_region={{ openstack_region_name }}
|
||||
admin_url='{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ swift_proxy_server_port }}'
|
||||
internal_url='{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ swift_proxy_server_port }}/v1/AUTH_%(tenant_id)s'
|
||||
public_url='{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ swift_proxy_server_port }}/v1/AUTH_%(tenant_id)s'
|
||||
url='{{ item.url }}'
|
||||
interface='{{ item.interface }}'
|
||||
region_name={{ openstack_region_name }}
|
||||
auth={{ '{{ openstack_swift_auth }}' }}"
|
||||
-e "{'openstack_swift_auth':{{ openstack_swift_auth }}}"
|
||||
@ -18,6 +17,10 @@
|
||||
retries: 10
|
||||
delay: 5
|
||||
run_once: True
|
||||
with_items:
|
||||
- {'interface': 'admin', 'url': '{{ swift_admin_endpoint }}'}
|
||||
- {'interface': 'internal', 'url': '{{ swift_internal_endpoint }}'}
|
||||
- {'interface': 'public', 'url': '{{ swift_public_endpoint }}'}
|
||||
|
||||
- name: Creating the Swift project, user, and role
|
||||
command: docker exec -t kolla_toolbox /usr/bin/ansible localhost
|
||||
|
@ -17,7 +17,7 @@ REGION=$8
|
||||
function get_token {
|
||||
unset OS_TOKEN OS_URL
|
||||
OS_TOKEN=$(openstack --os-identity-api-version 3 --os-username "${USERNAME}" --os-password "${PASSWORD}" --os-project-name "${PROJECT}" --os-auth-url "${ADMIN_URL}" token issue 2>&1 | awk '/ id / {print $4}')
|
||||
OS_URL="${ADMIN_URL}/v3"
|
||||
OS_URL="${ADMIN_URL}"
|
||||
}
|
||||
|
||||
function fail_json {
|
||||
|
@ -48,7 +48,8 @@ RUN git clone https://github.com/ansible/ansible.git \
|
||||
|
||||
RUN mkdir -p /etc/ansible /usr/share/ansible /home/ansible \
|
||||
&& echo 'localhost ansible_connection=local' > /etc/ansible/hosts \
|
||||
&& useradd --user-group ansible --groups kolla
|
||||
&& useradd --user-group ansible --groups kolla \
|
||||
&& sed -i 's| "identity_api_version": "2.0",| "identity_api_version": "3",|' /usr/lib/python2.7/site-packages/os_client_config/defaults.json
|
||||
|
||||
COPY find_disks.py kolla_keystone_service.py kolla_keystone_user.py kolla_sanity.py kolla_zookeeper.py /usr/share/ansible/
|
||||
COPY ansible.cfg /home/ansible/.ansible.cfg
|
||||
|
@ -30,9 +30,8 @@ def main():
|
||||
description=dict(required=True, type='str'),
|
||||
service_name=dict(required=True, type='str'),
|
||||
service_type=dict(required=True, type='str'),
|
||||
admin_url=dict(required=True, type='str'),
|
||||
internal_url=dict(required=True, type='str'),
|
||||
public_url=dict(required=True, type='str'),
|
||||
url=dict(required=True, type='str'),
|
||||
interface=dict(required=True, type='str'),
|
||||
endpoint_region=dict(required=True, type='str')
|
||||
)
|
||||
module = AnsibleModule(argument_spec)
|
||||
@ -41,9 +40,8 @@ def main():
|
||||
description = module.params.pop('description')
|
||||
service_name = module.params.pop('service_name')
|
||||
service_type = module.params.pop('service_type')
|
||||
admin_url = module.params.pop('admin_url')
|
||||
internal_url = module.params.pop('internal_url')
|
||||
public_url = module.params.pop('public_url')
|
||||
url = module.params.pop('url')
|
||||
interface = module.params.pop('interface')
|
||||
endpoint_region = module.params.pop('endpoint_region')
|
||||
|
||||
changed = False
|
||||
@ -61,7 +59,8 @@ def main():
|
||||
|
||||
if service is not None:
|
||||
for _endpoint in cloud.keystone_client.endpoints.list():
|
||||
if _endpoint.service_id == service.id:
|
||||
if _endpoint.service_id == service.id and \
|
||||
_endpoint.interface == interface:
|
||||
endpoint = _endpoint
|
||||
else:
|
||||
service = cloud.keystone_client.services.create(
|
||||
@ -72,10 +71,9 @@ def main():
|
||||
if endpoint is None:
|
||||
changed = True
|
||||
cloud.keystone_client.endpoints.create(
|
||||
service_id=service.id,
|
||||
adminurl=admin_url,
|
||||
internalurl=internal_url,
|
||||
publicurl=public_url,
|
||||
service=service.id,
|
||||
url=url,
|
||||
interface=interface,
|
||||
region=endpoint_region)
|
||||
|
||||
module.exit_json(changed=changed)
|
||||
|
@ -50,7 +50,7 @@ def main():
|
||||
module.params['auth'].replace("'", '"'))
|
||||
cloud = shade.operator_cloud(**module.params)
|
||||
|
||||
for _project in cloud.keystone_client.tenants.list():
|
||||
for _project in cloud.keystone_client.projects.list():
|
||||
if _project.name == project_name:
|
||||
project = _project
|
||||
|
||||
@ -64,8 +64,8 @@ def main():
|
||||
|
||||
if not project:
|
||||
changed = True
|
||||
project = cloud.keystone_client.tenants.create(
|
||||
tenant_name=project_name)
|
||||
project = cloud.keystone_client.projects.create(
|
||||
name=project_name, domain='default')
|
||||
|
||||
if not role:
|
||||
changed = True
|
||||
@ -75,10 +75,10 @@ def main():
|
||||
changed = True
|
||||
user = cloud.keystone_client.users.create(name=user_name,
|
||||
password=password,
|
||||
tenant_id=project.id)
|
||||
cloud.keystone_client.roles.add_user_role(role=role.id,
|
||||
user=user.id,
|
||||
tenant=project.id)
|
||||
project=project)
|
||||
cloud.keystone_client.roles.grant(role=role,
|
||||
user=user,
|
||||
project=project)
|
||||
|
||||
module.exit_json(changed=changed)
|
||||
except Exception as e:
|
||||
|
Loading…
Reference in New Issue
Block a user