Use secrets for the login info

This commit is contained in:
Flavio Percoco 2017-08-30 15:18:42 +02:00
parent 5074693a34
commit 03fedd169d
3 changed files with 5 additions and 30 deletions

View File

@ -7,11 +7,7 @@ namespace: openstack
hiera_data: {}
hiera_data_file: ''
keystone_config:
admin_username: 'admin'
admin_project_name: 'admin'
admin_domain_name: 'default'
admin_password: 'weakpassword'
clouds_config: 'clouds-secret'
glance_config:
DEFAULT:

View File

@ -1,18 +1,10 @@
#- name: Read keystone_config
# include_role:
# name: ansible-role-k8s-keystone
# tasks_from: hiera
- name: Register Glance in Keystone
include_role:
name: ansible-role-k8s-tripleo
tasks_from: bootstrap-service-endpoints
vars:
auth_url: '{{glance_config.keystone_authtoken.auth_url}}'
username: '{{keystone_config.admin_username}}'
password: '{{keystone_config.admin_password}}'
project_name: '{{keystone_config.admin_project_name}}'
domain_name: '{{keystone_config.admin_domain_name}}'
namespace: '{{namespace}}'
clouds_config: '{{clouds_config}}'
service_name: 'glance'
service_type: 'image'
service_region: 'RegionOne'
@ -22,18 +14,3 @@
service_internal_url: '{{glance_config.keystone_internal_url}}'
service_public_url: '{{glance_config.keystone_public_url}}'
service_admin_url: '{{glance_config.keystone_admin_url}}'
#- name: Create keystone user
# os_user:
# auth:
# auth_url: '{{glance_config.keystone_authtoken.auth_url}}'
# username: '{{keystone_config.admin_username}}'
# password: '{{keystone_config.admin_password}}'
# project_name: '{{keystone_config.admin_project_name}}'
# state: present
# name: '{{glance_config.keystone_username}}'
# password: '{{glance_config.keystone_user_password}}'
# update_password: on_create
# domain: '{{glance_config.keystone_default_domain}}'
# default_project: '{{glance_config.keystone_project}}'
#

View File

@ -167,4 +167,6 @@
name: glance
state: present
# NOTE(flaper87): we should do this iff the keystone-secret exists and keystone
# is enabled. Add checks for each.
- include: keystone.yml