From ca82b2985836ec9025c4034cd7950dd75d40a2c1 Mon Sep 17 00:00:00 2001
From: Eduardo Gonzalez <dabarren@gmail.com>
Date: Mon, 17 Jul 2017 12:48:55 +0200
Subject: [PATCH] Wait keystone_fernet running before init tokens

Init fernet task fails if keystone_fernet container
is not running and ssh port bind.
This change add a check to ensure all keystone_fernet containers
are running before init fernet tokens.

Change-Id: Ib95bb5a47a9174f1a00b82cc8b697c0dc19c848e
Closes-Bug: #1704758
---
 ansible/roles/keystone/tasks/init_fernet.yml | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/ansible/roles/keystone/tasks/init_fernet.yml b/ansible/roles/keystone/tasks/init_fernet.yml
index a6596da3f0..8e9ecbb472 100644
--- a/ansible/roles/keystone/tasks/init_fernet.yml
+++ b/ansible/roles/keystone/tasks/init_fernet.yml
@@ -1,4 +1,14 @@
 ---
+- name: Waiting for Keystone SSH port to be UP
+  wait_for:
+    host: "{{ api_interface_address }}"
+    port: "{{ keystone_ssh_port }}"
+    connect_timeout: 1
+  register: check_keystone_ssh_port
+  until: check_keystone_ssh_port | success
+  retries: 10
+  delay: 5
+
 - name: Initialise fernet key authentication
   command: "docker exec -t keystone_fernet kolla_keystone_bootstrap {{ keystone_username }} {{ keystone_groupname }}"
   register: fernet_create