summaryrefslogtreecommitdiff
path: root/openstack/usr/share/openstack/keystone.yml
diff options
context:
space:
mode:
Diffstat (limited to 'openstack/usr/share/openstack/keystone.yml')
-rw-r--r--openstack/usr/share/openstack/keystone.yml175
1 files changed, 120 insertions, 55 deletions
diff --git a/openstack/usr/share/openstack/keystone.yml b/openstack/usr/share/openstack/keystone.yml
index b139b39f..20753a9c 100644
--- a/openstack/usr/share/openstack/keystone.yml
+++ b/openstack/usr/share/openstack/keystone.yml
@@ -6,118 +6,183 @@
# RabbitMQ configuration, this may end up in a different playbook
- name: Create rabbitmq user
- user: name=rabbitmq comment="Rabbitmq server daemon" shell=/sbin/nologin home=/var/lib/rabbitmq
+ user:
+ name: rabbitmq
+ comment: Rabbitmq server daemon
+ shell: /sbin/nologin
+ home: /var/lib/rabbitmq
- name: Create the rabbitmq directories
- file: path={{ item }} state=directory owner=rabbitmq group=rabbitmq
+ file:
+ path: "{{ item }}"
+ state: directory
+ owner: rabbitmq
+ group: rabbitmq
with_items:
- /var/run/rabbitmq
- /var/log/rabbitmq
- /etc/rabbitmq
- name: Add the configuration needed for rabbitmq in /etc/rabbitmq using templates
- template: src=/usr/share/openstack/rabbitmq/{{ item }} dest=/etc/rabbitmq/{{ item }} owner=rabbitmq group=rabbitmq mode=0644
+ template:
+ src: /usr/share/openstack/rabbitmq/{{ item }}
+ dest: /etc/rabbitmq/{{ item }}
+ owner: rabbitmq
+ group: rabbitmq
+ mode: 0644
with_items:
- rabbitmq.config
- rabbitmq-env.conf
- name: Enable and start rabbitmq services
- service: name={{ item }} enabled=yes state=started
+ service:
+ name: "{{ item }}"
+ enabled: yes
+ state: started
with_items:
- rabbitmq-server
# Postgres configuration, this may end up in a different playbook
- name: Create postgres user
- user: name=postgres comment="PostgreSQL Server" shell=/sbin/nologin home=/var/lib/pgsql
+ user:
+ name: postgres
+ comment: PostgreSQL Server
+ shell: /sbin/nologin
+ home: /var/lib/pgsql
- name: Create the postgres directories
- file: path={{ item }} state=directory owner=postgres group=postgres
+ file:
+ path: "{{ item }}"
+ state: directory
+ owner: postgres
+ group: postgres
with_items:
- /var/run/postgresql
- /var/lib/pgsql/data
- name: Initialise postgres database
- shell: pg_ctl -D /var/lib/pgsql/data initdb creates=/var/lib/pgsql/data/base
+ command: pg_ctl -D /var/lib/pgsql/data initdb
+ args:
+ creates: /var/lib/pgsql/data/base
sudo: yes
sudo_user: postgres
- name: Add the configuration needed for postgres for Openstack
- template: src=/usr/share/openstack/postgres/{{ item }} dest=/var/lib/pgsql/data/{{ item }} owner=postgres group=postgres mode=0600
+ template:
+ src: /usr/share/openstack/postgres/{{ item }}
+ dest: /var/lib/pgsql/data/{{ item }}
+ owner: postgres
+ group: postgres
+ mode: 0600
with_items:
- postgresql.conf
- pg_hba.conf
- name: Enable and start postgres services
- service: name={{ item }} enabled=yes state=started
+ service:
+ name: "{{ item }}"
+ enabled: yes
+ state: started
with_items:
- postgres-server
# Keystone configuration
- name: Create the keystone user.
- user: name=keystone comment="Openstack Keystone Daemons" shell=/sbin/nologin home=/var/lib/keystone
+ user:
+ name: keystone
+ comment: Openstack Keystone Daemons
+ shell: /sbin/nologin
+ home: /var/lib/keystone
- name: Create the /var folders for keystone
- file: path={{ item }} state=directory owner=keystone group=keystone
+ file:
+ path: "{{ item }}"
+ state: directory
+ owner: keystone
+ group: keystone
with_items:
- /var/run/keystone
- /var/lock/keystone
- /var/log/keystone
- /var/lib/keystone
- - file: path=/etc/keystone state=directory
+ - name: Create /etc/keystone directory
+ file:
+ path: /etc/keystone
+ state: directory
+
- name: Add the configuration needed for lorry in /etc using templates
- template: src=/usr/share/openstack/keystone/{{ item }} dest=/etc/keystone/{{ item }}
+ template:
+ src: /usr/share/openstack/keystone/{{ item }}
+ dest: /etc/keystone/{{ item }}
with_lines:
- - (cd /usr/share/openstack/keystone && find -type f)
+ - cd /usr/share/openstack/keystone && find -type f
- - postgresql_user: name={{ KEYSTONE_DB_USER }} password={{ KEYSTONE_DB_PASSWORD }}
+ - name: Create postgresql user for keystone
+ postgresql_user:
+ name: "{{ KEYSTONE_DB_USER }}"
+ password: "{{ KEYSTONE_DB_PASSWORD }}"
sudo: yes
sudo_user: keystone
- - postgresql_db: name=keystone owner={{ KEYSTONE_DB_USER }}
+
+ - name: Create database for keystone services
+ postgresql_db:
+ name: keystone
+ owner: "{{ KEYSTONE_DB_USER }}"
sudo: yes
sudo_user: keystone
- - keystone_manage: action=dbsync
+ - name: Initiatie keystone database
+ keystone_manage:
+ action: dbsync
sudo: yes
sudo_user: keystone
- name: Enable and start openstack-keystone service
- service: name=openstack-keystone.service enabled=yes state=started
-
- - keystone_user: >
- tenant=admin
- tenant_description="Admin Tenant"
- token={{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}
- endpoint=http://{{ CONTROLLER_HOST_ADDRESS }}:35357/v2.0
-
- - keystone_user: >
- user=admin
- tenant=admin
- password={{ KEYSTONE_ADMIN_PASSWORD }}
- token={{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}
- endpoint=http://{{ CONTROLLER_HOST_ADDRESS }}:35357/v2.0
-
- - keystone_user: >
- role=admin
- user=admin
- tenant=admin
- token={{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}
- endpoint=http://{{ CONTROLLER_HOST_ADDRESS }}:35357/v2.0
-
- - keystone_user: >
- tenant=service
- tenant_description="Service Tenant"
- token={{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}
- endpoint=http://{{ CONTROLLER_HOST_ADDRESS }}:35357/v2.0
-
- - keystone_service: >
- name=keystone
- type=identity
- description="Keystone Identity Service"
- publicurl=http://{{ CONTROLLER_HOST_ADDRESS }}:5000/v2.0
- internalurl=http://{{ CONTROLLER_HOST_ADDRESS }}:5000/v2.0
- adminurl=http://{{ CONTROLLER_HOST_ADDRESS }}:35357/v2.0
- region='regionOne'
- token={{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}
- endpoint=http://{{ CONTROLLER_HOST_ADDRESS }}:35357/v2.0
+ service:
+ name: openstack-keystone.service
+ enabled: yes
+ state: started
+
+ - name: Create admin tenant
+ keystone_user:
+ tenant: admin
+ tenant_description: Admin Tenant
+ token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}"
+ endpoint: http://{{ CONTROLLER_HOST_ADDRESS }}:35357/v2.0
+
+ - name: Create admin user for the admin tenant
+ keystone_user:
+ user: admin
+ tenant: admin
+ password: "{{ KEYSTONE_ADMIN_PASSWORD }}"
+ token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}"
+ endpoint: http://{{ CONTROLLER_HOST_ADDRESS }}:35357/v2.0
+
+ - name: Create admin role for admin user in the admin tenant
+ keystone_user:
+ role: admin
+ user: admin
+ tenant: admin
+ token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}"
+ endpoint: http://{{ CONTROLLER_HOST_ADDRESS }}:35357/v2.0
+
+ - name: Create service tenant
+ keystone_user:
+ tenant: service
+ tenant_description: Service Tenant
+ token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}"
+ endpoint: http://{{ CONTROLLER_HOST_ADDRESS }}:35357/v2.0
+
+ - name: Add kestone endpoint
+ keystone_service:
+ name: keystone
+ type: identity
+ description: Keystone Identity Service
+ publicurl: http://{{ CONTROLLER_HOST_ADDRESS }}:5000/v2.0
+ internalurl: http://{{ CONTROLLER_HOST_ADDRESS }}:5000/v2.0
+ adminurl: http://{{ CONTROLLER_HOST_ADDRESS }}:35357/v2.0
+ region: regionOne
+ token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}"
+ endpoint: http://{{ CONTROLLER_HOST_ADDRESS }}:35357/v2.0
View Lorry Controller Status