c1fdbab4de
In order to enable and deploy federated Keystone, we need to use version 3 of the Keystone API and the v3 Keystone Client. This work begins that transition by having a set of backwards compatible library commands. Specifically, this commit updates the keystone library to use v3 Keystone Client and the usage of ensure_tenant in the os_keystone tasks to use the v3 admin url. In version 3 of Keystone's Endpoints (Catalog) API each endpoint only has one URL and has separate interface types (public, internal, admin). This change updates all uses of ensure_endpoint to structure the endpoint data in a better way for the ensure_endpoint command in the keystone module. As a result, some incidents where internalurl and adminurl were swapped have been fixed. Note: In new deployments the endpoints will be created using the v3 API and will therefore not be available via the v2 API. This will be a breaking change to legacy CLI clients. The openstack CLI should be used instead. DocImpact Related-Bug: #1470635 Partially-implements: blueprint keystone-federation Change-Id: I2cd4f505e850b4b113452abc25ee00d486b1637d
OpenStack openrc file
- tags
-
openstack, openrc, cloud, ansible
- category
-
*nix
Role for the creation of an openrc file for the intended purpose to set credentials up for use within OpenStack.
- name: Install memcached
hosts: memcached
user: root
roles:
- { role: "memcached_server", tags: [ "memcached-server" ] }
vars:
openrc_cinder_endpoint_type: internalURL
openrc_nova_endpoint_type: internalURL
openrc_os_endpoint_type: internalURL
openrc_os_username: admin
openrc_os_tenant_name: admin
openrc_os_auth_url: "http://10.0.0.1:5000"
openrc_os_password: "secrete"
openrc_file_dest: /root/openrc