Use secrets for the login info
This commit is contained in:
parent
5074693a34
commit
03fedd169d
|
@ -7,11 +7,7 @@ namespace: openstack
|
|||
hiera_data: {}
|
||||
hiera_data_file: ''
|
||||
|
||||
keystone_config:
|
||||
admin_username: 'admin'
|
||||
admin_project_name: 'admin'
|
||||
admin_domain_name: 'default'
|
||||
admin_password: 'weakpassword'
|
||||
clouds_config: 'clouds-secret'
|
||||
|
||||
glance_config:
|
||||
DEFAULT:
|
||||
|
|
|
@ -1,18 +1,10 @@
|
|||
#- name: Read keystone_config
|
||||
# include_role:
|
||||
# name: ansible-role-k8s-keystone
|
||||
# tasks_from: hiera
|
||||
|
||||
- name: Register Glance in Keystone
|
||||
include_role:
|
||||
name: ansible-role-k8s-tripleo
|
||||
tasks_from: bootstrap-service-endpoints
|
||||
vars:
|
||||
auth_url: '{{glance_config.keystone_authtoken.auth_url}}'
|
||||
username: '{{keystone_config.admin_username}}'
|
||||
password: '{{keystone_config.admin_password}}'
|
||||
project_name: '{{keystone_config.admin_project_name}}'
|
||||
domain_name: '{{keystone_config.admin_domain_name}}'
|
||||
namespace: '{{namespace}}'
|
||||
clouds_config: '{{clouds_config}}'
|
||||
service_name: 'glance'
|
||||
service_type: 'image'
|
||||
service_region: 'RegionOne'
|
||||
|
@ -22,18 +14,3 @@
|
|||
service_internal_url: '{{glance_config.keystone_internal_url}}'
|
||||
service_public_url: '{{glance_config.keystone_public_url}}'
|
||||
service_admin_url: '{{glance_config.keystone_admin_url}}'
|
||||
|
||||
#- name: Create keystone user
|
||||
# os_user:
|
||||
# auth:
|
||||
# auth_url: '{{glance_config.keystone_authtoken.auth_url}}'
|
||||
# username: '{{keystone_config.admin_username}}'
|
||||
# password: '{{keystone_config.admin_password}}'
|
||||
# project_name: '{{keystone_config.admin_project_name}}'
|
||||
# state: present
|
||||
# name: '{{glance_config.keystone_username}}'
|
||||
# password: '{{glance_config.keystone_user_password}}'
|
||||
# update_password: on_create
|
||||
# domain: '{{glance_config.keystone_default_domain}}'
|
||||
# default_project: '{{glance_config.keystone_project}}'
|
||||
#
|
||||
|
|
|
@ -167,4 +167,6 @@
|
|||
name: glance
|
||||
state: present
|
||||
|
||||
# NOTE(flaper87): we should do this iff the keystone-secret exists and keystone
|
||||
# is enabled. Add checks for each.
|
||||
- include: keystone.yml
|
||||
|
|
Loading…
Reference in New Issue