From a45467abeee0646720e8b04ce5613cf4a855e318 Mon Sep 17 00:00:00 2001
From: Jesse Pretorius <jesse.pretorius@rackspace.co.uk>
Date: Wed, 26 Sep 2018 18:30:44 +0100
Subject: [PATCH] Remove keystone_admin-back load balancer manipulation

For multi-node builds, we previously shut down the keystone_admin-back
for the node being worked on when making changes to the keystone node.

This back-end no longer exists, and the second loop does not use loop
control to ensure that the common tasks 'item' and the playbook 'item'
do not clash, causing the task to enable the back-end to have no effect
and keystone remains in maintenance mode.

This patch removes the back-end from the list, and also removes the
port reservation which is no longer applicable.

Change-Id: I0d7e4804bdc92ffe7a679060a686e684c01fcd1b
---
 playbooks/os-keystone-install.yml | 28 ++--------------------------
 1 file changed, 2 insertions(+), 26 deletions(-)

diff --git a/playbooks/os-keystone-install.yml b/playbooks/os-keystone-install.yml
index 6cb5777790..55e092b877 100644
--- a/playbooks/os-keystone-install.yml
+++ b/playbooks/os-keystone-install.yml
@@ -48,14 +48,9 @@
     # the load balancer back end for this container.
     - include: common-tasks/haproxy-endpoint-manage.yml
       vars:
-        haproxy_backend: "{{ backend_name }}"
+        haproxy_backend: "keystone_service-back"
         haproxy_state: disabled
       when: "groups['keystone_all'] | length > 1"
-      loop_control:
-        loop_var: backend_name
-      with_items:
-        - "keystone_service-back"
-        - "keystone_admin-back"
 
     - name: Configure container
       include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml"
@@ -77,22 +72,6 @@
       when:
         - hostvars['localhost']['resolvconf_enabled'] | bool
 
-    # todo(cloudnull): this task is being run only if/when keystone is installed on a physical host.
-    #  This is not being run within a container because it is an unsupported action due to this
-    #  issue: (https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1279041)
-    #  This issue was resolved however we'll need to eval it in the next LTS release.
-    #  Related OSA Bug: https://launchpad.net/bugs/1426371
-    - name: Add keystone reserved port to physical host
-      sysctl:
-        name: "{{ item.key }}"
-        value: "{{ item.value }}"
-        sysctl_set: "{{ item.set|default('yes') }}"
-        state: "{{ item.state|default('present') }}"
-        reload: "{{ item.reload|default('yes') }}"
-      with_items:
-        - { key: "net.ipv4.ip_local_reserved_ports", value: "{{ keystone_admin_port }}"}
-      when: is_metal | bool
-
   roles:
     - role: "os_keystone"
     - role: "system_crontab_coordination"
@@ -111,12 +90,9 @@
     # to available again.
     - include: common-tasks/haproxy-endpoint-manage.yml
       vars:
-        haproxy_backend: "{{ item }}"
+        haproxy_backend: "keystone_service-back"
         haproxy_state: enabled
       when: "groups['keystone_all'] | length > 1"
-      with_items:
-        - "keystone_service-back"
-        - "keystone_admin-back"
 
 # These facts are set against the deployment host to ensure that
 # they are fast to access. This is done in preference to setting