83 lines
2.9 KiB
YAML
83 lines
2.9 KiB
YAML
service:
|
|
name: keystone
|
|
ports:
|
|
- {{ keystone.public_port }}
|
|
- {{ keystone.admin_port }}
|
|
containers:
|
|
- name: keystone
|
|
image: keystone
|
|
probes:
|
|
readiness:
|
|
type: "httpGet"
|
|
port: {{ keystone.admin_port.cont }}
|
|
path: "/"
|
|
volumes:
|
|
- name: keystone-logs
|
|
path: "/var/log/ccp/keystone"
|
|
type: host
|
|
readOnly: False
|
|
pre:
|
|
- name: chown-logs-dir
|
|
command: "sudo /bin/chown keystone:keystone /var/log/ccp/keystone"
|
|
- name: keystone-db-create
|
|
dependencies:
|
|
- {{ service.database }}
|
|
type: single
|
|
command:
|
|
mysql -u root -p{{ db.root_password }} -h {{ address(service.database) }} -e "create database {{ keystone.db.name }};
|
|
grant all privileges on {{ keystone.db.name }}.* to '{{ keystone.db.username }}'@'%' identified by '{{ keystone.db.password }}';
|
|
grant super on *.* to '{{ keystone.db.username }}'@'%' identified by '{{ keystone.db.password }}';"
|
|
- name: keystone-db-sync
|
|
files:
|
|
- keystone-conf
|
|
dependencies:
|
|
- keystone-db-create
|
|
type: single
|
|
command: keystone-manage db_sync
|
|
- name: keystone-db-bootstrap
|
|
files:
|
|
- keystone-conf
|
|
dependencies:
|
|
- keystone-db-sync
|
|
type: single
|
|
command: keystone-manage bootstrap
|
|
--bootstrap-password {{ openstack.user_password }}
|
|
--bootstrap-username {{ openstack.user_name }}
|
|
--bootstrap-project-name {{ openstack.project_name }}
|
|
--bootstrap-role-name {{ openstack.role_name }}
|
|
--bootstrap-service-name keystone --bootstrap-region-id RegionOne
|
|
--bootstrap-admin-url http://{{ address('keystone') }}:{{ keystone.admin_port.cont }}
|
|
--bootstrap-public-url {{ address('keystone', keystone.public_port, external=True, with_scheme=True) }}
|
|
--bootstrap-internal-url http://{{ address('keystone') }}:{{ keystone.public_port.cont }}
|
|
daemon:
|
|
dependencies:
|
|
- memcached
|
|
files:
|
|
- keystone-conf
|
|
- wsgi-keystone-conf
|
|
- fernet-key
|
|
- credential-key
|
|
command: daemon.sh
|
|
post:
|
|
- name: keystone-create-project
|
|
type: single
|
|
command: openstack project create service
|
|
|
|
files:
|
|
keystone-conf:
|
|
path: /etc/keystone/keystone.conf
|
|
content: keystone.conf.j2
|
|
wsgi-keystone-conf:
|
|
path: /etc/apache2/conf-enabled/wsgi-keystone.conf
|
|
content: wsgi-keystone.conf.j2
|
|
fernet-key:
|
|
path: /etc/keystone/fernet-keys/1
|
|
content: fernet-key.j2
|
|
perm: "0600"
|
|
user: keystone
|
|
credential-key:
|
|
path: /etc/keystone/credential-keys/1
|
|
content: credential-key.j2
|
|
perm: "0600"
|
|
user: keystone
|