openstack/openstack-ansible-os_keystone
Code Issues Proposed changes
Role os_keystone for OpenStack-Ansible
140 Commits 10 Branches 18 Tags 11 MiB
Jinja 69.4%
Python 22%
Shell 8.6%
cc29aa42b6
Go to file
Jesse Pretorius cc29aa42b6 Add dependencies for paramiko 2.0 
Paramiko version 2.0 has been released. It now uses the Python library
cryptography. Installing this requires additional system packages. This
commit adds in the appropriate packages required by cryptography based
on its documentation [1].

An alternative approach would have been to constrain the version of
Paramiko however the project describes the 1.x versions as relying on
insecure dependencies [2].

[1] https://cryptography.io/en/latest/installation/
[2] http://www.paramiko.org/installing.html

Change-Id: I9673c2068f1b102cfac02500a3ba23a04bc6c534
2016-05-03 08:56:18 +01:00
defaults Fail fast when required secrets are not present 2016-04-18 16:49:21 -04:00
doc [DOCS] Cleanup the role docs for consistency and clarity 2016-03-10 09:13:41 -05:00
files Implement keystone venv support 2015-10-14 13:59:47 -05:00
handlers Keystone Federation Service Provider Configuration 2015-08-07 08:44:51 +00:00
library Resolve pep8 violations caught by pep8 v1.7.0 2016-01-14 00:45:41 +00:00
meta Update min_ansible_version to 1.9 2016-04-11 12:20:20 +01:00
releasenotes Remove Liberty releasenote index 2016-04-20 22:20:49 +01:00
tasks Change pip install task state to 'latest' 2016-04-20 16:55:28 +01:00
templates Update paste, policy and rootwrap configurations 2016-04-22 2016-04-22 17:20:21 +01:00
tests Use ansible facts for distributing SSL certs/keys 2016-04-11 18:32:50 +00:00
vars Updated role to be an independent role 2016-02-26 14:13:43 -06:00
.gitignore Add reno scaffolding for release notes management 2016-04-09 19:20:42 +01:00
.gitreview Implement base configuration for independent repository 2016-03-02 10:09:25 -05:00
CONTRIBUTING.rst Updated role to be an independent role 2016-02-26 14:13:43 -06:00
LICENSE Updated role to be an independent role 2016-02-26 14:13:43 -06:00
other-requirements.txt Add dependencies for paramiko 2.0 2016-05-03 08:56:18 +01:00
README.rst Switch defaults/tests to use master branch 2016-04-03 12:59:25 +01:00
run_tests.sh Add dependencies for paramiko 2.0 2016-05-03 08:56:18 +01:00
setup.cfg Updated role to be an independent role 2016-02-26 14:13:43 -06:00
setup.py Updated role to be an independent role 2016-02-26 14:13:43 -06:00
test-requirements.txt blacklist Ansible 1.9.6 2016-04-16 08:42:19 -05:00
tox.ini Add reno scaffolding for release notes management 2016-04-09 19:20:42 +01:00

README.rst

OpenStack-Ansible Keystone

Ansible role that installs and configures OpenStack Keystone. Keystone is installed behind the Apache webserver listening on port 5000 and port 35357 by default.

Default Variables

../../defaults/main.yml

Required Variables

This list is not exhaustive at present. See role internals for further details.

# hostname or IP of load balancer providing external network
# access to Keystone
external_lb_vip_address: 10.100.100.102

# hostname or IP of load balancer providing internal network
# access to Keystone
internal_lb_vip_address: 10.100.100.102

# password used by the keystone service to interact with Galera
keystone_container_mysql_password: "YourPassword"

keystone_auth_admin_password: "SuperSecretePassword"
keystone_service_password: "secrete"
keystone_rabbitmq_password: "secrete"
keystone_container_mysql_password: "SuperSecrete"

Example Playbook

- name: Installation and setup of Keystone
  hosts: keystone_all
  user: root
  roles:
    - { role: "os_keystone", tags: [ "os-keystone" ] }
  vars:
    external_lb_vip_address: 10.100.100.102
    internal_lb_vip_address: 10.100.100.102
    keystone_galera_address: 10.100.100.101
    keystone_galera_database: keystone
    keystone_venv_tag: "testing"
    keystone_developer_mode: true
    keystone_git_install_branch: master
    keystone_auth_admin_password: "SuperSecretePassword"
    keystone_service_password: "secrete"
    keystone_rabbitmq_password: "secrete"
    keystone_container_mysql_password: "SuperSecrete"
    keystone_rabbitmq_port: 5671
    keystone_rabbitmq_userid: keystone
    keystone_rabbitmq_vhost: /keystone
    keystone_rabbitmq_servers: 10.100.100.101
    keystone_rabbitmq_use_ssl: true
    galera_client_drop_config_file: false