- id: openrc-delete type: puppet version: 2.2.0 tags: [primary-controller, controller, primary-keystone, keystone, primary-neutron, neutron] requires: [deploy_start, openstack-haproxy] required_for: [primary-keystone, keystone] cross-depends: - name: deploy_start role: self - name: openstack-haproxy cross-depended-by: - name: /^(primary-)?keystone$/ role: self condition: yaql_exp: &keystone_changed > changedAny($.configuration, $.network_scheme, $.network_metadata, $.keystone, $.debug, $.quantum, $.get('use_syslog'), $.get('use_stderr'), $.access, $.get('database_vip'), $.glance, $.nova, $.cinder, $.ceilometer, $.get('syslog_log_facility_keystone'), $.rabbit, $.quantum_settings.keystone, $.get('default_log_levels'), ('primary-controller' in $.roles), $.get('kombu_compression'), $.get('region'), $.public_ssl, $.get('use_ssl'), $.get('memcached_servers'), $.network_metadata.nodes.values().where( ('controller' in $.node_roles) or ('primary-controller' in $.node_roles)), $.get('token_provider'), $.get('max_pool_size'), $.get('max_overflow'), $.murano_settings, $.murano, $.get('external_lb'), $.operator_user, $.service_user, $.get('apache_ports'), $.get('user_admin_role'), $.get('user_admin_domain')) refresh_on: [keystone_config] parameters: puppet_manifest: /etc/puppet/modules/openstack_tasks/examples/keystone/openrc_delete.pp puppet_modules: /etc/puppet/modules timeout: 90 - id: keystone-openrc-generate type: puppet version: 2.2.0 tags: [primary-controller, controller, primary-neutron, neutron, ironic] requires: [openrc-delete, primary-keystone, keystone] cross-depends: - name: openrc-delete role: self - name: /^(primary-)?keystone$/ condition: yaql_exp: *keystone_changed refresh_on: [keystone_config] parameters: puppet_manifest: /etc/puppet/modules/openstack_tasks/examples/keystone/openrc_generate.pp puppet_modules: /etc/puppet/modules timeout: 3600 - id: primary-keystone type: puppet version: 2.2.0 tags: [primary-keystone] required_for: [primary-openstack-controller, openstack-controller] requires: [openstack-haproxy, database, primary-database] condition: yaql_exp: *keystone_changed refresh_on: [keystone_config] cross-depends: - name: /^(primary-)?rabbitmq$/ - name: /^(primary-)?database$/ - name: keystone-db - name: openstack-haproxy - name: memcached cross-depended-by: - name: /^(primary-)?openstack-controller$/ parameters: puppet_manifest: /etc/puppet/modules/openstack_tasks/examples/keystone/keystone.pp puppet_modules: /etc/puppet/modules timeout: 3600 test_pre: cmd: ruby /etc/puppet/modules/openstack_tasks/examples/keystone/keystone_pre.rb test_post: cmd: ruby /etc/puppet/modules/openstack_tasks/examples/keystone/keystone_post.rb - id: keystone type: puppet tags: [keystone] version: 2.2.0 required_for: [primary-openstack-controller, openstack-controller] requires: [openstack-haproxy, database, primary-database] condition: yaql_exp: *keystone_changed refresh_on: [keystone_config] cross-depends: - name: /^(primary-)?rabbitmq$/ - name: /^(primary-)?database$/ - name: keystone-db - name: openstack-haproxy - name: primary-keystone cross-depended-by: - name: /^(primary-)?openstack-controller$/ parameters: puppet_manifest: /etc/puppet/modules/openstack_tasks/examples/keystone/keystone.pp puppet_modules: /etc/puppet/modules timeout: 3600 test_pre: cmd: ruby /etc/puppet/modules/openstack_tasks/examples/keystone/keystone_pre.rb test_post: cmd: ruby /etc/puppet/modules/openstack_tasks/examples/keystone/keystone_post.rb - id: keystone-db type: puppet version: 2.2.0 tags: [primary-database] required_for: [keystone, primary-keystone] requires: [primary-database, database] cross-depends: - name: /^(primary-)?database$/ cross-depended-by: - name: /^(primary-)?keystone$/ condition: yaql_exp: > changedAny($.network_metadata, $.keystone, $.mysql, $.get('database_vip')) parameters: puppet_manifest: /etc/puppet/modules/openstack_tasks/examples/keystone/db.pp puppet_modules: /etc/puppet/modules timeout: 1800 - id: workloads_collector_add type: puppet version: 2.2.0 tags: [primary-keystone] required_for: [deploy_end] requires: [keystone, primary-keystone] cross-depends: - name: /^(primary-)?keystone$/ role: self cross-depended-by: - name: deploy_end role: self condition: yaql_exp: > changedAny($.workloads_collector, $.get('external_lb'), $.get('use_ssl'), $.network_metadata.get('vips',{}).get('management')) parameters: puppet_manifest: /etc/puppet/modules/openstack_tasks/examples/keystone/workloads_collector_add.pp puppet_modules: /etc/puppet/modules timeout: 1800 - id: generate_changed_admin_user version: 2.1.0 type: upload_file role: master condition: yaql_exp: &changed_username > changed($.access.user) requires: [copy_cluster_configuration] required_for: [pre_deployment_end] parameters: path: /etc/fuel/cluster/{CLUSTER_ID}/old_admin_user.yaml permissions: '0640' dir_permissions: '0750' data: yaql_exp: '{"old_access" => old($).get("access", {})}.toYaml()' - id: copy_changed_admin_user type: copy_files version: 2.1.0 role: ['/.*/'] condition: yaql_exp: *changed_username required_for: [pre_deployment_end] requires: [generate_changed_admin_user] cross-depends: - name: generate_changed_admin_user role: master cross-depended-by: - name: pre_deployment_end role: self parameters: files: - src: /etc/fuel/cluster/{CLUSTER_ID}/old_admin_user.yaml dst: /etc/hiera/old_admin_user.yaml permissions: '0640' dir_permissions: '0750' - id: delete_old_admin_user version: 2.2.0 type: puppet tags: [primary-keystone] condition: yaql_exp: *changed_username requires: [post_deployment_start, primary-keystone] required_for: [post_deployment_end] cross-depends: - name: post_deployment_start role: self - name: primary-keystone role: self cross-depended-by: - name: post_deployment_end role: self parameters: puppet_manifest: /etc/puppet/modules/openstack_tasks/examples/keystone/purge_old_admin.pp puppet_modules: /etc/puppet/modules timeout: 180 cwd: /