Use PVCs for fernet-keys
Depends-On: Icf3d4708f63b84c132fa6c8399562277c896775d Change-Id: I78b5bbc9a6088705338e5c2946107d53bd3f4bee
This commit is contained in:
parent
01ac3256c7
commit
a85ff917a6
|
@ -98,6 +98,22 @@
|
|||
service_name: 'keystone'
|
||||
database_name: 'keystone'
|
||||
|
||||
# NOTE(flaper87): Requesting a PVC should probably not be the default, explore
|
||||
# using secrets for the fernet keys
|
||||
- name: Create keystone PVC
|
||||
k8s_v1_persistent_volume_claim:
|
||||
host: "{{coe_host}}"
|
||||
context: "{{coe_config_context}}"
|
||||
kubeconfig: "{{coe_config_file}}"
|
||||
name: keystone-fernet
|
||||
namespace: "{{namespace}}"
|
||||
state: present
|
||||
spec_access_modes:
|
||||
- ReadWriteMany
|
||||
spec_storage_class_name: slow
|
||||
spec_resources_requests:
|
||||
storage: 1Gi
|
||||
|
||||
- name: Create keystone job
|
||||
k8s_v1_job:
|
||||
host: "{{coe_host}}"
|
||||
|
@ -125,9 +141,8 @@
|
|||
config_map:
|
||||
name: keystone
|
||||
- name: keystone-fernet
|
||||
hostPath:
|
||||
# directory location on host
|
||||
path: /tmp/keystone-fernet
|
||||
persistentVolumeClaim:
|
||||
claimName: keystone-fernet
|
||||
state: present
|
||||
|
||||
- name: Keystone fernet bootstrap
|
||||
|
@ -156,9 +171,8 @@
|
|||
config_map:
|
||||
name: keystone
|
||||
- name: keystone-fernet
|
||||
hostPath:
|
||||
# directory location on host
|
||||
path: /tmp/keystone-fernet
|
||||
persistentVolumeClaim:
|
||||
claimName: keystone-fernet
|
||||
state: present
|
||||
|
||||
- name: Keystone bootstrap
|
||||
|
@ -212,9 +226,8 @@
|
|||
config_map:
|
||||
name: keystone
|
||||
- name: keystone-fernet
|
||||
hostPath:
|
||||
# directory location on host
|
||||
path: /tmp/keystone-fernet
|
||||
persistentVolumeClaim:
|
||||
claimName: keystone-fernet
|
||||
state: present
|
||||
|
||||
|
||||
|
@ -270,9 +283,8 @@
|
|||
config_map:
|
||||
name: keystone
|
||||
- name: keystone-fernet
|
||||
hostPath:
|
||||
# directory location on host
|
||||
path: /tmp/keystone-fernet
|
||||
persistentVolumeClaim:
|
||||
claimName: keystone-fernet
|
||||
state: present
|
||||
register: create_service
|
||||
|
||||
|
|
Loading…
Reference in New Issue