Add ssl tasks to keystone role and fix ordering
Added ssl-keys-saving and ssl-add-trust-chain tasks to keystone role so that it can contact public endpoint on public VIP (after controller deployment) and validate the SSL cert. Non-primary standalone keystone role should run before all other default roles as well. Closes-Bug: #1511319 Change-Id: I3eaee62ce8399ee9e053f03a419e0cf99559c80a
This commit is contained in:
parent
0f3eb3257d
commit
2557bb01ac
|
@ -4,8 +4,9 @@
|
|||
requires: [deploy_start, primary-standalone-database]
|
||||
required_for: [primary-controller, cinder-keystone, nova-keystone, deploy_end]
|
||||
tasks: [fuel_pkgs, hiera, globals, tools, logging,
|
||||
netconfig, hosts, firewall, deploy_start, cluster, keystone-vip,
|
||||
cluster-haproxy, openstack-haproxy-stats, task-keystone-db, memcached,
|
||||
netconfig, hosts, firewall, ssl-keys-saving, ssl-add-trust-chain,
|
||||
deploy_start, cluster, keystone-vip, cluster-haproxy,
|
||||
openstack-haproxy-stats, task-keystone-db, memcached, apache,
|
||||
task-keystone]
|
||||
parameters:
|
||||
strategy:
|
||||
|
@ -15,10 +16,12 @@
|
|||
type: group
|
||||
role: [standalone-keystone]
|
||||
requires: [deploy_start, primary-standalone-keystone]
|
||||
required_for: [deploy_end]
|
||||
required_for: [primary-controller, cinder-keystone, nova-keystone, deploy_end]
|
||||
tasks: [fuel_pkgs, hiera, globals, tools, logging,
|
||||
netconfig, hosts, firewall, deploy_start, cluster, keystone-vip,
|
||||
cluster-haproxy, memcached, openstack-haproxy-stats, task-keystone]
|
||||
netconfig, hosts, firewall, ssl-keys-saving, ssl-add-trust-chain,
|
||||
deploy_start, cluster, keystone-vip, cluster-haproxy,
|
||||
openstack-haproxy-stats, task-keystone-db, memcached, apache,
|
||||
task-keystone]
|
||||
parameters:
|
||||
strategy:
|
||||
type: parallel
|
||||
|
|
Loading…
Reference in New Issue