261 lines
8.4 KiB
YAML
261 lines
8.4 KiB
YAML
- name: Create project
|
|
k8s_v1_namespace:
|
|
host: "{{coe_host}}"
|
|
context: "{{kube_context}}"
|
|
kubeconfig: "{{config_file}}"
|
|
name: openstack
|
|
state: present
|
|
debug: yes
|
|
register: create_project
|
|
|
|
- name: Create keystone configmaps
|
|
k8s_v1_config_map:
|
|
host: "{{coe_host}}"
|
|
context: "{{kube_context}}"
|
|
kubeconfig: "{{config_file}}"
|
|
name: keystone
|
|
namespace: openstack
|
|
state: present
|
|
debug: yes
|
|
labels:
|
|
service: keystone
|
|
data:
|
|
config.json: |
|
|
{
|
|
"command": "/usr/sbin/httpd -DFOREGROUND",
|
|
"config_files": [
|
|
{
|
|
"dest": "/etc/httpd/conf/httpd.conf",
|
|
"owner": "root",
|
|
"perm": "0644",
|
|
"source": "/var/lib/kolla/config_files/httpd.conf"
|
|
},
|
|
{
|
|
"dest": "/etc/keystone/keystone.conf",
|
|
"owner": "keystone",
|
|
"perm": "0644",
|
|
"source": "/var/lib/kolla/config_files/keystone.conf"
|
|
},
|
|
{
|
|
"dest": "/etc/httpd/conf.d/10-keystone-main.conf",
|
|
"owner": "root",
|
|
"perm": "0644",
|
|
"source": "/var/lib/kolla/config_files/httpd-keystone-main.conf"
|
|
},
|
|
{
|
|
"dest": "/etc/httpd/conf.d/10-keystone-admin.conf",
|
|
"owner": "root",
|
|
"perm": "0644",
|
|
"source": "/var/lib/kolla/config_files/httpd-keystone-admin.conf"
|
|
}
|
|
]
|
|
}
|
|
keystone.conf: |
|
|
[DEFAULT]
|
|
bind_host = 0.0.0.0
|
|
sql_connection=mysql+pymysql://root:weakpassword@mariadb:3306/keystone
|
|
[token]
|
|
provider=fernet
|
|
httpd.conf: |
|
|
Listen *:5000
|
|
Listen *:35357
|
|
|
|
ServerRoot "/etc/httpd"
|
|
DocumentRoot "/var/www/html"
|
|
User apache
|
|
Group apache
|
|
|
|
Include conf.modules.d/*.conf
|
|
|
|
<Directory />
|
|
AllowOverride none
|
|
Require all denied
|
|
</Directory>
|
|
|
|
<Directory "/var/www">
|
|
AllowOverride None
|
|
# Allow open access:
|
|
Require all granted
|
|
</Directory>
|
|
|
|
<Directory "/var/www/cgi-bin">
|
|
AllowOverride None
|
|
Options None
|
|
Require all granted
|
|
</Directory>
|
|
|
|
<IfModule dir_module>
|
|
DirectoryIndex index.html
|
|
</IfModule>
|
|
|
|
<Files ".ht*">
|
|
Require all denied
|
|
</Files>
|
|
|
|
ErrorLog /dev/stderr
|
|
<IfModule log_config_module>
|
|
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
|
|
LogFormat "%h %l %u %t \"%r\" %>s %b" common
|
|
|
|
<IfModule logio_module>
|
|
# You need to enable mod_logio.c to use %I and %O
|
|
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
|
|
</IfModule>
|
|
|
|
CustomLog /dev/stdout combined
|
|
</IfModule>
|
|
|
|
<IfModule mime_module>
|
|
#
|
|
# TypesConfig points to the file containing the list of mappings from
|
|
# filename extension to MIME-type.
|
|
#
|
|
TypesConfig /etc/mime.types
|
|
|
|
#
|
|
# AddType allows you to add to or override the MIME configuration
|
|
# file specified in TypesConfig for specific file types.
|
|
#
|
|
#AddType application/x-gzip .tgz
|
|
#
|
|
# AddEncoding allows you to have certain browsers uncompress
|
|
# information on the fly. Note: Not all browsers support this.
|
|
#
|
|
#AddEncoding x-compress .Z
|
|
#AddEncoding x-gzip .gz .tgz
|
|
#
|
|
# If the AddEncoding directives above are commented-out, then you
|
|
# probably should define those extensions to indicate media types:
|
|
#
|
|
AddType application/x-compress .Z
|
|
AddType application/x-gzip .gz .tgz
|
|
|
|
#
|
|
# AddHandler allows you to map certain file extensions to "handlers":
|
|
# actions unrelated to filetype. These can be either built into the server
|
|
# or added with the Action directive (see below)
|
|
#
|
|
# To use CGI scripts outside of ScriptAliased directories:
|
|
# (You will also need to add "ExecCGI" to the "Options" directive.)
|
|
#
|
|
#AddHandler cgi-script .cgi
|
|
|
|
# For type maps (negotiated resources):
|
|
#AddHandler type-map var
|
|
|
|
#
|
|
# Filters allow you to process content before it is sent to the client.
|
|
#
|
|
# To parse .shtml files for server-side includes (SSI):
|
|
# (You will also need to add "Includes" to the "Options" directive.)
|
|
#
|
|
AddType text/html .shtml
|
|
AddOutputFilter INCLUDES .shtml
|
|
</IfModule>
|
|
|
|
AddDefaultCharset UTF-8
|
|
|
|
<IfModule mime_magic_module>
|
|
#
|
|
# The mod_mime_magic module allows the server to use various hints from the
|
|
# contents of the file itself to determine its type. The MIMEMagicFile
|
|
# directive tells the module where the hint definitions are located.
|
|
#
|
|
MIMEMagicFile conf/magic
|
|
</IfModule>
|
|
|
|
EnableSendfile on
|
|
|
|
# Supplemental configuration
|
|
#
|
|
# Load config files in the "/etc/httpd/conf.d" directory, if any.
|
|
IncludeOptional conf.d/*.conf
|
|
httpd-keystone-main.conf: |
|
|
<VirtualHost *:5000>
|
|
## Vhost docroot
|
|
DocumentRoot "/var/www/cgi-bin/keystone"
|
|
|
|
## Directories, there should at least be a declaration for /var/www/cgi-bin/keystone
|
|
|
|
<Directory "/var/www/cgi-bin/keystone">
|
|
Options Indexes FollowSymLinks MultiViews
|
|
AllowOverride None
|
|
Require all granted
|
|
</Directory>
|
|
|
|
## Logging
|
|
# ErrorLog "/var/log/httpd/keystone_wsgi_main_error.log"
|
|
ServerSignature Off
|
|
# CustomLog "/var/log/httpd/keystone_wsgi_main_access.log" combined
|
|
WSGIApplicationGroup %{GLOBAL}
|
|
WSGIDaemonProcess keystone_main display-name=keystone-main group=keystone processes=2 threads=1 user=keystone
|
|
WSGIProcessGroup keystone_main
|
|
WSGIScriptAlias / "/var/www/cgi-bin/keystone/main"
|
|
WSGIPassAuthorization On
|
|
</VirtualHost>
|
|
httpd-keystone-admin.conf: |
|
|
<VirtualHost *:35357>
|
|
## Vhost docroot
|
|
DocumentRoot "/var/www/cgi-bin/keystone"
|
|
|
|
## Directories, there should at least be a declaration for /var/www/cgi-bin/keystone
|
|
|
|
<Directory "/var/www/cgi-bin/keystone">
|
|
Options Indexes FollowSymLinks MultiViews
|
|
AllowOverride None
|
|
Require all granted
|
|
</Directory>
|
|
|
|
## Logging
|
|
# ErrorLog "/var/log/httpd/keystone_wsgi_admin_error.log"
|
|
ServerSignature Off
|
|
# CustomLog "/var/log/httpd/keystone_wsgi_admin_access.log" combined
|
|
WSGIApplicationGroup %{GLOBAL}
|
|
WSGIDaemonProcess keystone_admin display-name=keystone-admin group=keystone processes=2 threads=1 user=keystone
|
|
WSGIProcessGroup keystone_admin
|
|
WSGIScriptAlias / "/var/www/cgi-bin/keystone/admin"
|
|
WSGIPassAuthorization On
|
|
</VirtualHost>
|
|
|
|
- name: Create keystone service
|
|
k8s_v1_service:
|
|
host: "{{coe_host}}"
|
|
context: "{{kube_context}}"
|
|
kubeconfig: "{{config_file}}"
|
|
name: keystone
|
|
namespace: openstack
|
|
state: present
|
|
ports:
|
|
- port: 5000
|
|
name: keystone-api-public
|
|
- port: 35357
|
|
name: keystone-api-admin
|
|
selector:
|
|
app: keystone-api
|
|
register: create_service
|
|
|
|
- name: Create keystone deployment
|
|
k8s_v1beta1_deployment:
|
|
host: "{{coe_host}}"
|
|
context: "{{kube_context}}"
|
|
kubeconfig: "{{config_file}}"
|
|
name: keystone-api
|
|
namespace: openstack
|
|
replicas: 1
|
|
spec_revision_history_limit: 3
|
|
spec_template_metadata_labels:
|
|
app: keystone-api
|
|
containers:
|
|
- name: keystone-api
|
|
image: docker.io/kolla/centos-binary-keystone:3.0.3
|
|
imagePullPolicy: IfNotPresent
|
|
ports:
|
|
- name: api-public
|
|
containerPort: 5000
|
|
- name: api-admin
|
|
containerPort: 35357
|
|
state: present
|
|
register: create_service
|
|
|
|
|