From 67a9afe181474230f7309554e13c830c9a64c508 Mon Sep 17 00:00:00 2001 From: Kevin Carter Date: Mon, 23 Nov 2015 14:35:16 -0600 Subject: [PATCH] Fixes playbook runtime issues with ldap When using an LDAP backend the plabooks fail when "ensuring.*" which is a keystone client action. The reason for the failure is related to how ldap backend, and is triggered when the service users are within the ldap and not SQL. To resolve the issue a boolean conditional was created on the various OS_.* roles to skip specific tasks when the service users have already been added into LDAP. Change-Id: I64a8d1e926c54b821f8bfb561a8b6f755bc1ed93 Closes-Bug: #1518351 Closes-Bug: #1519174 Signed-off-by: Kevin Carter --- defaults/main.yml | 2 ++ tasks/neutron_service_add.yml | 2 ++ 2 files changed, 4 insertions(+) diff --git a/defaults/main.yml b/defaults/main.yml index 1f6f8a60..e0dc1498 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -288,6 +288,8 @@ neutron_rpc_conn_pool_size: 30 neutron_rpc_response_timeout: 60 neutron_rpc_workers: 1 +neutron_service_in_ldap: false + ## Policy vars # Provide a list of access controls to update the default policy.json with. These changes will be merged # with the access controls in the default policy.json. E.g. diff --git a/tasks/neutron_service_add.yml b/tasks/neutron_service_add.yml index 7430c2fd..11737744 100644 --- a/tasks/neutron_service_add.yml +++ b/tasks/neutron_service_add.yml @@ -43,6 +43,7 @@ password: "{{ service_password }}" insecure: "{{ keystone_service_adminuri_insecure }}" register: add_service + when: not neutron_service_in_ldap | bool until: add_service|success retries: 5 delay: 10 @@ -62,6 +63,7 @@ role_name: "{{ role_name }}" insecure: "{{ keystone_service_adminuri_insecure }}" register: add_service + when: not neutron_service_in_ldap | bool until: add_service|success retries: 5 delay: 10