Merge "Implement LDAP domains using last keystone host"

2018-10-09 17:08:53 +00:00 · 2018-10-09 17:08:53 +00:00 · 87b26ee54f
commit 87b26ee54f
parent 1d05548513 096ed19665
2 changed files with 18 additions and 13 deletions
--- a/tasks/keystone_ldap_setup.yml
+++ b/tasks/keystone_ldap_setup.yml
@ -13,19 +13,22 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
-
+- name: Add LDAP domains
- name: Create Keystone LDAP domains
+  os_keystone_domain:
-  keystone:
+    cloud: default
-    command: ensure_domain
+    state: present
-    domain_name: "{{ item.key }}"
+    name: "{{ item.key }}"
-    login_user: "{{ keystone_admin_user_name }}"
+    endpoint_type: admin
-    login_password: "{{ keystone_auth_admin_password }}"
+    verify: "{{ not keystone_service_adminuri_insecure }}"
-    login_project_name: "{{ keystone_admin_tenant_name }}"
+  register: add_ldap_domain
-    endpoint: "{{ keystone_service_adminurl }}"
+  until: add_ldap_domain is success
-    insecure: "{{ keystone_service_adminuri_insecure }}"
+  retries: 5
  delay: 10
  with_dict: "{{ keystone_ldap }}"
-  no_log: true
+  delegate_to: "{{ keystone_service_setup_host }}"
-  run_once: true
+  vars:
    ansible_python_interpreter: >-
      {{ (keystone_service_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_python['executable']) }}
 - name: Create Keystone LDAP domain configs
  template:
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -162,7 +162,9 @@
    - keystone-config
 - include_tasks: keystone_ldap_setup.yml
-  when: keystone_service_setup | bool
+  when:
    - "inventory_hostname == ((groups['keystone_all'] | intersect(ansible_play_hosts)) | list)[-1]"
    - "keystone_service_setup | bool"
  tags:
    - keystone-config