Role os_keystone for OpenStack-Ansible
2cb8866061
The default filename for documenting binary dependencies has been changed from "other-requirements.txt" to "bindep.txt" with the release of bindep 2.1.0. While the previous name is still supported, it will be deprecated. Move the file around to follow this change. Note that this change is self-testing, the OpenStack CI infrastructure will use a "bindep.txt" file to setup nodes for testing. For more information about bindep, see also: http://docs.openstack.org/infra/manual/drivers.html#package-requirements http://docs.openstack.org/infra/bindep/ As well as this announcement: http://lists.openstack.org/pipermail/openstack-dev/2016-August/101590.html Change-Id: Ie0197020fa66f11ba55d76f2099c6630c286bff2 |
||
|---|---|---|
| defaults | ||
| doc | ||
| files | ||
| handlers | ||
| library | ||
| meta | ||
| releasenotes | ||
| tasks | ||
| templates | ||
| tests | ||
| vars | ||
| .gitignore | ||
| .gitreview | ||
| bindep.txt | ||
| CONTRIBUTING.rst | ||
| LICENSE | ||
| README.rst | ||
| run_tests.sh | ||
| setup.cfg | ||
| setup.py | ||
| test-requirements.txt | ||
| tox.ini | ||
OpenStack-Ansible Keystone
Ansible role that installs and configures OpenStack Keystone. Keystone is installed behind the Apache webserver listening on port 5000 and port 35357 by default.
Default Variables
../../defaults/main.yml
Required Variables
This list is not exhaustive at present. See role internals for further details.
# hostname or IP of load balancer providing external network
# access to Keystone
external_lb_vip_address: 10.100.100.102
# hostname or IP of load balancer providing internal network
# access to Keystone
internal_lb_vip_address: 10.100.100.102
# password used by the keystone service to interact with Galera
keystone_container_mysql_password: "YourPassword"
keystone_auth_admin_password: "SuperSecretePassword"
keystone_service_password: "secrete"
keystone_rabbitmq_password: "secrete"
keystone_container_mysql_password: "SuperSecrete"Example Playbook
- name: Installation and setup of Keystone
hosts: keystone_all
user: root
pre_tasks:
- name: Create DB for service
mysql_db:
login_user: "root"
login_password: "secrete"
login_host: "localhost"
name: "{{ keystone_galera_database }}"
state: "present"
delegate_to: "{{ keystone_galera_address }}"
when: inventory_hostname == groups['keystone_all'][0]
- name: Grant access to the DB for the service
mysql_user:
login_user: "root"
login_password: "secrete"
login_host: "localhost"
name: "{{ keystone_galera_database }}"
password: "{{ keystone_container_mysql_password }}"
host: "{{ item }}"
state: "present"
priv: "{{ keystone_galera_database }}.*:ALL"
with_items:
- "localhost"
- "%"
delegate_to: "{{ keystone_galera_address }}"
when: inventory_hostname == groups['keystone_all'][0]
roles:
- { role: "os_keystone", tags: [ "os-keystone" ] }
vars:
external_lb_vip_address: 10.100.100.102
internal_lb_vip_address: 10.100.100.102
keystone_galera_address: 10.100.100.101
keystone_galera_database: keystone
keystone_venv_tag: "testing"
keystone_developer_mode: true
keystone_git_install_branch: master
keystone_auth_admin_password: "SuperSecretePassword"
keystone_service_password: "secrete"
keystone_rabbitmq_password: "secrete"
keystone_container_mysql_password: "SuperSecrete"
keystone_rabbitmq_port: 5671
keystone_rabbitmq_userid: keystone
keystone_rabbitmq_vhost: /keystone
keystone_rabbitmq_servers: 10.100.100.101
keystone_rabbitmq_use_ssl: true
galera_client_drop_config_file: falseTags
This role supports two tags: keystone-install and
keystone-config
The keystone-install tag can be used to install and
upgrade.
The keystone-config tag can be used to maintain
configuration of the service.