Add kerberos-client group

We duplicate the KDC settings over all our kerberos clients.  Add
clients to a "kerberos-client" group and set the variables in a group
file.

Change-Id: I25ed5f8c68065060205dfbb634c6558488003a38

inventory/service/group_vars/kerberos-client.yaml

@@ -0,0 +1,5 @@
+kerberos_realm: 'OPENSTACK.ORG'
+kerberos_admin_server: 'kdc.openstack.org'
+kerberos_kdcs:
+  - kdc03.openstack.org
+  - kdc04.openstack.org

inventory/service/groups.yaml

@@ -72,6 +72,14 @@ groups:
     - health[0-9]*.openstack.org
   jvb:
     - jvb[0-9]*.opendev.org
+  kerberos-client:
+    - afs[0-9]*.open*.org
+    - afsdb*.open*.org
+    - kdc[0-9]*.openstack.org
+    - mirror[0-9]*.opendev.org
+    - mirror-update[0-9]*.opendev.org
+    - static[0-9]*.opendev.org
+    - ze[0-9]*.open*.org
   kerberos-kdc:
     - kdc03.openstack.org
     - kdc04.openstack.org

playbooks/roles/install-ansible/files/inventory_plugins/test-fixtures/results.yaml

@@ -11,6 +11,7 @@ results:
     - afs-server-common
     - afs-file-server
     - afs-client
+    - kerberos-client
 
   firehose01.openstack.org:
     - firehose
@@ -34,6 +35,7 @@ results:
 
   mirror02.regionone.linaro-us.opendev.org:
     - afs-client
+    - kerberos-client
     - letsencrypt
     - mirror
 
@@ -48,6 +50,7 @@ results:
 
   ze01.opendev.org:
     - afs-client
+    - kerberos-client
     - zuul
     - zuul-executor
 

playbooks/service-mirror-update.yaml

@@ -3,11 +3,6 @@
   roles:
     - role: iptables
     - role: kerberos-client
-      kerberos_realm: 'OPENSTACK.ORG'
-      kerberos_admin_server: 'kdc.openstack.org'
-      kerberos_kdcs:
-        - kdc03.openstack.org
-        - kdc04.openstack.org
     - role: openafs-client
       openafs_client_cache_size: "{{ afs_client_cache_size | default(10000000) }}" # 10GiB
     - role: mirror-update

playbooks/service-mirror.yaml

@@ -3,11 +3,6 @@
   roles:
     - role: iptables
     - role: kerberos-client
-      kerberos_realm: 'OPENSTACK.ORG'
-      kerberos_admin_server: 'kdc.openstack.org'
-      kerberos_kdcs:
-        - kdc03.openstack.org
-        - kdc04.openstack.org
     - role: openafs-client
       openafs_client_cache_size: "{{ afs_client_cache_size | default(50000000) }}" # 50GiB
     - role: mirror

playbooks/service-static.yaml

@@ -3,11 +3,6 @@
   roles:
     - role: iptables
     - role: kerberos-client
-      kerberos_realm: 'OPENSTACK.ORG'
-      kerberos_admin_server: 'kdc.openstack.org'
-      kerberos_kdcs:
-        - kdc03.openstack.org
-        - kdc04.openstack.org
     - role: openafs-client
       openafs_client_cache_size: "{{ afs_client_cache_size | default(50000000) }}" # 50GiB
       openafs_client_cache_directory: '/opt/cache/openafs'

playbooks/service-zuul.yaml

@@ -24,11 +24,6 @@
   name: "Configure zuul executor"
   roles:
     - role: kerberos-client
-      kerberos_realm: 'OPENSTACK.ORG'
-      kerberos_admin_server: 'kdc.openstack.org'
-      kerberos_kdcs:
-        - kdc03.openstack.org
-        - kdc04.openstack.org
     - role: openafs-client
       openafs_client_cache_size: "{{ afs_client_cache_size | default(10000000) }}" # 10GiB
     - role: zuul-executor