eefe3d66c1
In the case of trove, we follow service configuration as per the official manual installation documentation [1]. It uses trove_for_trove_usage as a service tenant unlike other openstack services which uses default service tenant. For any project service to work, the configuration [keystone_authtoken] section should be updated with the correct user, project, tenant and password. Proposed change fixes this issue so Trove service configurations are aligned with the trove admin user settings for tenant and password. [1]: http://docs.openstack.org/developer/trove/dev/manual_install.html Closes-bug: #1644079 Change-Id: I92a426132e20669731bc65526b20f60a3f34b348
143 lines
5.0 KiB
YAML
143 lines
5.0 KiB
YAML
---
|
|
# Copyright 2016 Internet Solutions (Pty) Ltd
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
#
|
|
# (c) 2016 Donovan Francesco <donovan.francesco@is.co.za>
|
|
# (c) 2016 Paul Stevens <paul.stevens@is.co.za>
|
|
# Reference: http://docs.openstack.org/developer/trove/dev/manual_install.html
|
|
- name: Ensure the trove tenant exists
|
|
keystone:
|
|
command: "ensure_tenant"
|
|
endpoint: "{{ keystone_service_adminurl }}"
|
|
login_user: "{{ keystone_admin_user_name }}"
|
|
login_password: "{{ keystone_auth_admin_password }}"
|
|
login_project_name: "{{ keystone_admin_tenant_name }}"
|
|
insecure: "{{ keystone_service_adminuri_insecure }}"
|
|
tenant_name: "{{ trove_service_tenant_name }}"
|
|
project_name: "{{ trove_service_project_name }}"
|
|
description: "{{ trove_service_description }}"
|
|
register: add_trove_tenant
|
|
until: add_trove_tenant |success
|
|
retries: 5
|
|
delay: 2
|
|
tags:
|
|
- trove-api-setup
|
|
- trove-service-add
|
|
- trove-setup
|
|
|
|
- name: Ensure the service for trove exists
|
|
keystone:
|
|
command: "ensure_service"
|
|
endpoint: "{{ keystone_service_adminurl }}"
|
|
login_user: "{{ keystone_admin_user_name }}"
|
|
login_password: "{{ keystone_auth_admin_password }}"
|
|
login_project_name: "{{ keystone_admin_tenant_name }}"
|
|
insecure: "{{ keystone_service_adminuri_insecure }}"
|
|
service_name: "{{ trove_service_name }}"
|
|
service_type: "{{ trove_service_type }}"
|
|
description: "{{ trove_service_description }}"
|
|
register: add_trove_service
|
|
until: add_trove_service |success
|
|
retries: 5
|
|
delay: 2
|
|
tags:
|
|
- trove-api-setup
|
|
- trove-service-add
|
|
- trove-setup
|
|
|
|
- name: Ensure the trove regular user exists
|
|
keystone:
|
|
command: "ensure_user"
|
|
endpoint: "{{ keystone_service_adminurl }}"
|
|
login_user: "{{ keystone_admin_user_name }}"
|
|
login_password: "{{ keystone_auth_admin_password }}"
|
|
login_project_name: "{{ keystone_admin_tenant_name }}"
|
|
insecure: "{{ keystone_service_adminuri_insecure }}"
|
|
user_name: "{{ trove_regular_user_name }}"
|
|
tenant_name: "{{ trove_service_tenant_name }}"
|
|
password: "{{ trove_regular_user_password }}"
|
|
project_name: "{{ trove_service_project_name }}"
|
|
register: add_trove_regular_user
|
|
until: add_trove_regular_user |success
|
|
retries: 5
|
|
delay: 2
|
|
tags:
|
|
- trove-api-setup
|
|
- trove-service-add
|
|
- trove-user-add
|
|
- trove-setup
|
|
|
|
- name: Ensure the trove admin user exists
|
|
keystone:
|
|
command: "ensure_user"
|
|
endpoint: "{{ keystone_service_adminurl }}"
|
|
login_user: "{{ keystone_admin_user_name }}"
|
|
login_password: "{{ keystone_auth_admin_password }}"
|
|
login_project_name: "{{ keystone_admin_tenant_name }}"
|
|
insecure: "{{ keystone_service_adminuri_insecure }}"
|
|
user_name: "{{ trove_admin_user_name }}"
|
|
tenant_name: "{{ trove_service_tenant_name }}"
|
|
password: "{{ trove_service_password }}"
|
|
project_name: "{{ trove_service_project_name }}"
|
|
register: add_trove_admin_user
|
|
until: add_trove_admin_user |success
|
|
retries: 5
|
|
delay: 2
|
|
tags:
|
|
- trove-api-setup
|
|
- trove-service-add
|
|
- trove-user-add
|
|
- trove-setup
|
|
|
|
- name: Ensure the trove admin user has the admin role
|
|
keystone:
|
|
command: "ensure_user_role"
|
|
endpoint: "{{ keystone_service_adminurl }}"
|
|
login_user: "{{ keystone_admin_user_name }}"
|
|
login_password: "{{ keystone_auth_admin_password }}"
|
|
login_project_name: "{{ keystone_admin_tenant_name }}"
|
|
user_name: "{{ trove_admin_user_name }}"
|
|
tenant_name: "{{ trove_service_tenant_name }}"
|
|
role_name: "{{ item }}"
|
|
insecure: "{{ keystone_service_adminuri_insecure }}"
|
|
project_name: "{{ trove_service_project_name }}"
|
|
register: ensure_trove_admin_roles
|
|
until: ensure_trove_admin_roles |success
|
|
retries: 5
|
|
delay: 2
|
|
with_items: "{{ trove_service_admin_role_names }}"
|
|
|
|
- name: Ensure the trove endpoint is registered
|
|
keystone:
|
|
command: "ensure_endpoint"
|
|
endpoint: "{{ keystone_service_adminurl }}"
|
|
login_user: "{{ keystone_admin_user_name }}"
|
|
login_password: "{{ keystone_auth_admin_password }}"
|
|
login_project_name: "{{ keystone_admin_tenant_name }}"
|
|
insecure: "{{ keystone_service_adminuri_insecure }}"
|
|
region_name: "{{ trove_service_region }}"
|
|
service_name: "{{ trove_service_name }}"
|
|
service_type: "{{ trove_service_type }}"
|
|
endpoint_list:
|
|
- url: "{{ trove_service_publicurl }}"
|
|
interface: "public"
|
|
- url: "{{ trove_service_internalurl }}"
|
|
interface: "internal"
|
|
- url: "{{ trove_service_adminurl }}"
|
|
interface: "admin"
|
|
register: add_trove_endpoints
|
|
until: add_trove_endpoints |success
|
|
retries: 5
|
|
delay: 2
|