openstack
/
ansible-role-k8s-keystone
Code Issues Proposed changes
ansible-role-k8s-keystone/tasks/provision.yml

304 lines
8.6 KiB
YAML
Raw Blame History

- name: Upload config files
template:
src: "{{item}}"
dest: /tmp/{{item}}
backup: yes
mode: 0644
with_items:
- httpd.conf
- httpd-keystone-main.conf
- httpd-keystone-admin.conf
- keystone-schema.yaml
- include: hiera.yml
- name: Generate config files
config_template:
src: base.conf.j2
dest: /tmp/keystone.conf
config_overrides: '{{keystone_config}}'
config_type: ini
- name: Read configs into memory
slurp:
src: "/tmp/httpd-keystone-main.conf"
register: "httpd_keystone_main_conf"
- name: Read configs into memory
slurp:
src: "/tmp/httpd-keystone-admin.conf"
register: "httpd_keystone_admin_conf"
- name: Read configs into memory
slurp:
src: "/tmp/httpd.conf"
register: "httpd_conf"
- name: Read configs into memory
slurp:
src: "/tmp/keystone.conf"
register: "keystone_conf"
- name: Create keystone configmaps
ignore_errors: yes
k8s_v1_config_map:
host: "{{coe_host}}"
context: "{{coe_config_context}}"
kubeconfig: "{{coe_config_file}}"
name: keystone
namespace: "{{namespace}}"
state: present
debug: yes
labels:
service: keystone
data:
config.json: |
{
"command": "/usr/sbin/httpd -DFOREGROUND",
"config_files": [
{
"dest": "/etc/httpd/conf/httpd.conf",
"owner": "root",
"perm": "0644",
"source": "/var/lib/kolla/config_files/httpd.conf"
},
{
"dest": "/etc/keystone/keystone.conf",
"owner": "keystone",
"perm": "0644",
"source": "/var/lib/kolla/config_files/keystone.conf"
},
{
"dest": "/etc/httpd/conf.d/10-keystone-main.conf",
"owner": "root",
"perm": "0644",
"source": "/var/lib/kolla/config_files/httpd-keystone-main.conf"
},
{
"dest": "/etc/httpd/conf.d/10-keystone-admin.conf",
"owner": "root",
"perm": "0644",
"source": "/var/lib/kolla/config_files/httpd-keystone-admin.conf"
}
]
}
keystone.conf: |
{{keystone_conf['content'] | b64decode}}
httpd.conf: |
{{httpd_conf['content'] | b64decode}}
httpd-keystone-main.conf: |
{{httpd_keystone_main_conf['content'] | b64decode}}
httpd-keystone-admin.conf: |
{{httpd_keystone_admin_conf['content'] | b64decode}}
- name: Create keystone database
include_role:
name: ansible-role-k8s-tripleo
tasks_from: create-database
vars:
service_name: 'keystone'
database_name: 'keystone'
- name: Create keystone job
k8s_v1_job:
host: "{{coe_host}}"
context: "{{coe_config_context}}"
kubeconfig: "{{coe_config_file}}"
name: keystone-db-sync
namespace: "{{namespace}}"
state: present
restart_policy: OnFailure
containers:
- image: tripleoupstream/centos-binary-keystone
name: keystone-db-sync
env:
- name: KOLLA_CONFIG_STRATEGY
value: COPY_ALWAYS
- name: KOLLA_BOOTSTRAP
value: ''
volume_mounts:
- name: kolla-config
mountPath: /var/lib/kolla/config_files/
- name: keystone-fernet
mountPath: /etc/keystone/fernet-keys
volumes:
- name: kolla-config
config_map:
name: keystone
- name: keystone-fernet
hostPath:
# directory location on host
path: /tmp/keystone-fernet
state: present
- name: Keystone fernet bootstrap
k8s_v1_job:
host: "{{coe_host}}"
context: "{{coe_config_context}}"
kubeconfig: "{{coe_config_file}}"
name: keystone-fernet
namespace: "{{namespace}}"
state: present
restart_policy: OnFailure
containers:
- image: tripleoupstream/centos-binary-keystone-fernet
name: keystone-fernet-bootstrap
command: ["kolla_keystone_bootstrap", "keystone", "keystone"]
env:
- name: KOLLA_CONFIG_STRATEGY
value: COPY_ALWAYS
volume_mounts:
- name: kolla-config
mountPath: /var/lib/kolla/config_files/
- name: keystone-fernet
mountPath: /etc/keystone/fernet-keys
volumes:
- name: kolla-config
config_map:
name: keystone
- name: keystone-fernet
hostPath:
# directory location on host
path: /tmp/keystone-fernet
state: present
- name: Keystone bootstrap
k8s_v1_job:
host: "{{coe_host}}"
context: "{{coe_config_context}}"
kubeconfig: "{{coe_config_file}}"
name: keystone-bootstrap
namespace: "{{namespace}}"
state: present
restart_policy: OnFailure
containers:
- image: tripleoupstream/centos-binary-keystone
name: keystone-bootstrap
# NOTE(flaper87): We might want to set bootstrap URLs, project name, etc
command:
- keystone-manage
- --config-file
- /var/lib/kolla/config_files/keystone.conf
- bootstrap
- --bootstrap-username
- '{{keystone_config.admin_username}}'
- --bootstrap-password
- '{{keystone_config.admin_password}}'
- --bootstrap-role-name
- '{{keystone_config.admin_role_name}}'
- --bootstrap-project-name
- '{{keystone_config.admin_project_name}}'
- --bootstrap-service-name
- '{{keystone_config.admin_service_name}}'
- --bootstrap-admin-url
- http://keystone:35357/v3
- --bootstrap-internal-url
- http://keystone:5000/v3
- --bootstrap-public-url
- http://keystone:5000/v3
- --bootstrap-region-id
- RegionOne
env:
- name: KOLLA_CONFIG_STRATEGY
value: COPY_ALWAYS
- name: KOLLA_BOOTSTRAP
value: ''
volume_mounts:
- name: kolla-config
mountPath: /var/lib/kolla/config_files/
- name: keystone-fernet
mountPath: /etc/keystone/fernet-keys
volumes:
- name: kolla-config
config_map:
name: keystone
- name: keystone-fernet
hostPath:
# directory location on host
path: /tmp/keystone-fernet
state: present
- name: Create keystone service
k8s_v1_service:
host: "{{coe_host}}"
context: "{{coe_config_context}}"
kubeconfig: "{{coe_config_file}}"
name: keystone
namespace: "{{namespace}}"
state: present
ports:
- port: 5000
name: keystone-api-public
- port: 35357
name: keystone-api-admin
selector:
app: keystone-api
register: create_service
- name: Create keystone deployment
k8s_apps_v1beta1_deployment:
host: "{{coe_host}}"
context: "{{coe_config_context}}"
kubeconfig: "{{coe_config_file}}"
name: keystone-api
namespace: "{{namespace}}"
replicas: 1
spec_revision_history_limit: 3
spec_template_metadata_labels:
app: keystone-api
containers:
- name: keystone-api
image: tripleoupstream/centos-binary-keystone
imagePullPolicy: IfNotPresent
env:
- name: KOLLA_CONFIG_STRATEGY
value: COPY_ALWAYS
- name: KOLLA_KUBERNETES
value: ""
ports:
- name: api-public
containerPort: 5000
- name: api-admin
containerPort: 35357
volume_mounts:
- name: kolla-config
mountPath: /var/lib/kolla/config_files/
- name: keystone-fernet
mountPath: /etc/keystone/fernet-keys
volumes:
- name: kolla-config
config_map:
name: keystone
- name: keystone-fernet
hostPath:
# directory location on host
path: /tmp/keystone-fernet
state: present
register: create_service
- set_fact:
clouds_yaml: |
clouds:
{{namespace}}:
region_name: RegionOne
identity_api_version: 3
auth:
username: '{{keystone_config.admin_username}}'
password: '{{keystone_config.admin_password}}'
project_name: '{{keystone_config.admin_project_name}}'
user_domain_name: '{{keystone_config.admin_domain_name}}'
project_domain_name: '{{keystone_config.admin_domain_name}}'
auth_url: 'http://keystone:5000/v3'
- name: Create keystone secrets
k8s_v1_secret:
host: "{{coe_host}}"
context: "{{coe_config_context}}"
kubeconfig: "{{coe_config_file}}"
name: '{{clouds_config}}'
namespace: "{{namespace}}"
state: present
data:
clouds.yaml: "{{clouds_yaml | b64encode}}"
View Git Blame Copy Permalink