Remove dependency on the Keystone admin auth token
Now that auth token usage is deprecated, prefer the admin user and password for all barbican setup tasks run against keystone. Change-Id: I7c839b52c04bc7e889d10f52c08d1b4453eabc5d
This commit is contained in:
parent
f26e994bf9
commit
d8583df31c
|
@ -15,9 +15,13 @@ Default Variables
|
|||
Required Variables
|
||||
==================
|
||||
|
||||
barbican_service_password
|
||||
barbican_galera_address
|
||||
barbican_galera_password
|
||||
barbican_rabbitmq_password
|
||||
barbican_service_password
|
||||
keystone_admin_user_name
|
||||
keystone_auth_admin_password
|
||||
keystone_admin_tenant_name
|
||||
|
||||
Example Playbook
|
||||
================
|
||||
|
@ -36,3 +40,6 @@ Example Playbook
|
|||
barbican_service_password: SuperSecretePassword1
|
||||
barbican_galera_password: SuperSecretePassword2
|
||||
barbican_rabbitmq_password: SuperSecretePassword3
|
||||
keystone_admin_user_name: admin
|
||||
keystone_auth_admin_password: SuperSecretePassword4
|
||||
keystone_admin_tenant_name: admin
|
||||
|
|
|
@ -16,8 +16,10 @@
|
|||
- name: Ensure the service for Barbican exists
|
||||
keystone:
|
||||
command: "ensure_service"
|
||||
token: "{{ keystone_auth_admin_token }}"
|
||||
endpoint: "{{ keystone_service_adminurl }}"
|
||||
login_user: "{{ keystone_admin_user_name }}"
|
||||
login_password: "{{ keystone_auth_admin_password }}"
|
||||
login_project_name: "{{ keystone_admin_tenant_name }}"
|
||||
insecure: "{{ keystone_service_adminuri_insecure }}"
|
||||
service_name: "{{ barbican_service_name }}"
|
||||
service_type: "{{ barbican_service_type }}"
|
||||
|
@ -34,8 +36,10 @@
|
|||
- name: Ensure the Barbican user exists
|
||||
keystone:
|
||||
command: "ensure_user"
|
||||
token: "{{ keystone_auth_admin_token }}"
|
||||
endpoint: "{{ keystone_service_adminurl }}"
|
||||
login_user: "{{ keystone_admin_user_name }}"
|
||||
login_password: "{{ keystone_auth_admin_password }}"
|
||||
login_project_name: "{{ keystone_admin_tenant_name }}"
|
||||
insecure: "{{ keystone_service_adminuri_insecure }}"
|
||||
user_name: "{{ barbican_service_user_name }}"
|
||||
tenant_name: "{{ barbican_service_project_name }}"
|
||||
|
@ -53,8 +57,10 @@
|
|||
- name: Ensure the Barbican user has the admin role
|
||||
keystone:
|
||||
command: "ensure_user_role"
|
||||
token: "{{ keystone_auth_admin_token }}"
|
||||
endpoint: "{{ keystone_service_adminurl }}"
|
||||
login_user: "{{ keystone_admin_user_name }}"
|
||||
login_password: "{{ keystone_auth_admin_password }}"
|
||||
login_project_name: "{{ keystone_admin_tenant_name }}"
|
||||
user_name: "{{ barbican_service_user_name }}"
|
||||
tenant_name: "{{ barbican_service_project_name }}"
|
||||
role_name: "{{ item }}"
|
||||
|
@ -72,8 +78,10 @@
|
|||
- name: Ensure the Barbican endpoint is registered
|
||||
keystone:
|
||||
command: "ensure_endpoint"
|
||||
token: "{{ keystone_auth_admin_token }}"
|
||||
endpoint: "{{ keystone_service_adminurl }}"
|
||||
login_user: "{{ keystone_admin_user_name }}"
|
||||
login_password: "{{ keystone_auth_admin_password }}"
|
||||
login_project_name: "{{ keystone_admin_tenant_name }}"
|
||||
insecure: "{{ keystone_service_adminuri_insecure }}"
|
||||
region_name: "{{ barbican_service_region }}"
|
||||
service_name: "{{ barbican_service_name }}"
|
||||
|
|
Loading…
Reference in New Issue