5e23c765b3
Based on conversation on an ansible issue[1], I implemented a LB orchestration role[2] similar to the POC here[3]. This will allow external loadbalancer management roles to hook into a universal notify listener "Manage LB" to perform before/ after endpoint management actions when the service is being restarted. [1]: https://github.com/ansible/ansible/issues/27813 [2]: https://github.com/Logan2211/ansible-haproxy-endpoints [3]: https://github.com/Logan2211/tmp-ansible-27813 Change-Id: Ide9efbc79e4fd2c761a3ee4f463f501181da1df2
85 lines
2.8 KiB
YAML
85 lines
2.8 KiB
YAML
---
|
|
# Copyright 2014, Rackspace US, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
- name: Generate the keystone system user ssh key
|
|
user:
|
|
name: "{{ keystone_system_user_name }}"
|
|
generate_ssh_key: "yes"
|
|
delegate_to: "{{ item }}"
|
|
with_items: "{{ ansible_play_hosts }}"
|
|
when: "inventory_hostname == ansible_play_hosts[0]"
|
|
|
|
- name: Retrieve default configuration files
|
|
uri:
|
|
url: "{{ item }}"
|
|
return_content: yes
|
|
with_items:
|
|
- "{{ keystone_git_config_lookup_location }}/{{ keystone_paste_git_file_path }}"
|
|
- "{{ keystone_git_config_lookup_location }}/{{ keystone_sso_callback_git_file_path }}"
|
|
register: _git_file_fetch
|
|
|
|
- name: Copy keystone configuration files
|
|
config_template:
|
|
content: "{{ item.content | default(omit) }}"
|
|
src: "{{ item.src | default(omit) }}"
|
|
dest: "{{ item.dest }}"
|
|
owner: "root"
|
|
group: "{{ keystone_system_group_name }}"
|
|
mode: "0640"
|
|
config_overrides: "{{ item.config_overrides }}"
|
|
config_type: "{{ item.config_type }}"
|
|
with_items:
|
|
- src: "keystone.conf.j2"
|
|
dest: "/etc/keystone/keystone.conf"
|
|
config_overrides: "{{ keystone_keystone_conf_overrides }}"
|
|
config_type: "ini"
|
|
- dest: "/etc/keystone/keystone-paste.ini"
|
|
config_overrides: "{{ keystone_keystone_paste_ini_overrides }}"
|
|
config_type: "ini"
|
|
content: "{{ keystone_paste_user_content | default(keystone_paste_default_content, true) }}"
|
|
- dest: "/etc/keystone/policy.json-{{ keystone_venv_tag }}"
|
|
config_overrides: "{{ keystone_policy_overrides }}"
|
|
config_type: "json"
|
|
content: "{{ keystone_policy_user_content | default('{}', true) }}"
|
|
notify:
|
|
- Manage LB
|
|
- Restart uWSGI
|
|
- Restart web server
|
|
|
|
- name: Copy Keystone Federation SP SSO callback template
|
|
copy:
|
|
content: "{{ keystone_sso_callback_user_content | default(keystone_sso_callback_default_content, true) }}"
|
|
dest: "/etc/keystone/sso_callback_template.html"
|
|
owner: "{{ keystone_system_user_name }}"
|
|
group: "{{ keystone_system_group_name }}"
|
|
mode: "0644"
|
|
when:
|
|
- keystone_idp != {}
|
|
notify:
|
|
- Manage LB
|
|
- Restart uWSGI
|
|
- Restart web server
|
|
|
|
- name: Clean up Keystone Federation SP SSO callback template
|
|
file:
|
|
path: "/etc/keystone/sso_callback_template.html"
|
|
state: absent
|
|
when:
|
|
- keystone_idp == {}
|
|
notify:
|
|
- Manage LB
|
|
- Restart uWSGI
|
|
- Restart web server
|