Generate overcloud keystone keys/certs
Same keys/certs are required on all overcloud control nodes in HA mode. This script generates keys/certs and passes them as params to heat-template. Currently keys/certs are created directly on control node by command "keystone-manage pki_setup". This command is not needed now because keys/certs are provided in heat metadata for seed, undercloud and overcloud. "keystone-manage pki_setup" will be removed an upcoming patch. Relies on: Iad9c670dba0f57219f47792f44d60341ab58cdb3 Related to blueprint tripleo-icehouse-ha-production-configuration Change-Id: I6d4efa753b97bb8cdbd07b1bf7b1cd123f7a32ed
This commit is contained in:
parent
16ea0a67d6
commit
1fea3c06a3
|
@ -300,6 +300,10 @@ ENV_JSON=$(jq '.parameters = {
|
|||
jq . > "${HEAT_ENV}" <<< $ENV_JSON
|
||||
chmod 0600 "${HEAT_ENV}"
|
||||
|
||||
## #. Add Keystone certs/key into the environment file.::
|
||||
|
||||
generate-keystone-pki --heatenv $HEAT_ENV
|
||||
|
||||
## #. Deploy an overcloud::
|
||||
|
||||
make -C $TRIPLEO_ROOT/tripleo-heat-templates overcloud.yaml \
|
||||
|
|
|
@ -80,6 +80,9 @@ else
|
|||
jq -s '.[1] as $config |(.[0].ironic |= (.virtual_power_ssh_key=$config["ssh-key"]))|.[0].nova.compute_driver="ironic.nova.virt.ironic.driver.IronicDriver"|.[0].nova.compute_manager="ironic.nova.compute.manager.ClusteredComputeManager"|.[0].nova.baremetal={}| .[0]' config.json $TE_DATAFILE > tmp_local.json
|
||||
fi
|
||||
|
||||
# Add Keystone certs/key into the environment file
|
||||
generate-keystone-pki --heatenv tmp_local.json -s
|
||||
|
||||
# Apply custom BM network settings to the seeds local.json config
|
||||
BM_NETWORK_CIDR=$(OS_CONFIG_FILES=$TE_DATAFILE os-apply-config --key baremetal-network.cidr --type raw --key-default '192.0.2.0/24')
|
||||
# FIXME: Once we support jq 1.3 we can use --arg here instead of writing
|
||||
|
@ -100,7 +103,6 @@ jq -s '
|
|||
rm tmp_local.json
|
||||
rm cidr.json
|
||||
|
||||
|
||||
### --end
|
||||
# If running in a CI environment then the user and ip address should be read
|
||||
# from the json describing the environment
|
||||
|
|
|
@ -232,6 +232,10 @@ ENV_JSON=$(jq '.parameters = {
|
|||
jq . > "${HEAT_ENV}" <<< $ENV_JSON
|
||||
chmod 0600 "${HEAT_ENV}"
|
||||
|
||||
## #. Add Keystone certs/key into the environment file.::
|
||||
|
||||
generate-keystone-pki --heatenv $HEAT_ENV
|
||||
|
||||
## #. Deploy an undercloud.
|
||||
## ::
|
||||
|
||||
|
|
|
@ -24,7 +24,7 @@ pip install -U 'pbr>=0.5.21,<1.0'
|
|||
|
||||
pip install -U python-cinderclient python-novaclient python-glanceclient python-heatclient python-keystoneclient python-neutronclient python-swiftclient python-ironicclient python-openstackclient os-apply-config os-cloud-config
|
||||
|
||||
for tool in os-apply-config cinder nova glance heat keystone neutron swift ironic openstack init-keystone; do
|
||||
for tool in os-apply-config cinder nova glance heat keystone neutron swift ironic openstack init-keystone generate-keystone-pki; do
|
||||
ln -sf $VENV_HOME/bin/$tool $BASE/scripts/$tool ;
|
||||
done
|
||||
echo "Installed openstack client tool symlinks in $BASE/scripts"
|
||||
|
|
Loading…
Reference in New Issue