From 7288af240f30676d0565efa10d54d63591290b5c Mon Sep 17 00:00:00 2001 From: Andrey Shestakov Date: Wed, 28 Dec 2016 13:04:00 +0200 Subject: [PATCH] Add checks for keystone endpoints Currently, endpoints for ironic and ironic-inspector creating each time when install task is runned and causes duplication of endpoints. This fix adds checks for endpoints existence. Change-Id: I5bf1e7f1a1712cc324d219c5dbc0bbb22dee493f --- .../tasks/keystone_setup.yml | 46 ++++++++++++++++++- .../tasks/keystone_setup_inspector.yml | 44 ++++++++++++++++++ 2 files changed, 89 insertions(+), 1 deletion(-) diff --git a/playbooks/roles/bifrost-ironic-install/tasks/keystone_setup.yml b/playbooks/roles/bifrost-ironic-install/tasks/keystone_setup.yml index a4a9edacc..c4db50316 100644 --- a/playbooks/roles/bifrost-ironic-install/tasks/keystone_setup.yml +++ b/playbooks/roles/bifrost-ironic-install/tasks/keystone_setup.yml @@ -106,6 +106,45 @@ OS_IDENTITY_API_VERSION: "3" no_log: true +- name: "Check ironic admin endpoint exists" + command: | + openstack + --os-identity-api-version 3 + --os-username "{{ keystone.bootstrap.username }}" + --os-password "{{ keystone.bootstrap.password }}" + --os-auth-url "{{ ironic.service_catalog.auth_url | default('http://127.0.0.1:5000/') }}" + --os-project-name admin + endpoint list -f json --noindent --service baremetal --interface admin + --region "{{ keystone.bootstrap.region_name | default('RegionOne') }}" + no_log: true + register: test_ironic_admin_endpoint + +- name: "Check ironic public endpoint exists" + command: | + openstack + --os-identity-api-version 3 + --os-username "{{ keystone.bootstrap.username }}" + --os-password "{{ keystone.bootstrap.password }}" + --os-auth-url "{{ ironic.service_catalog.auth_url | default('http://127.0.0.1:5000/') }}" + --os-project-name admin + endpoint list -f json --noindent --service baremetal --interface public + --region "{{ keystone.bootstrap.region_name | default('RegionOne') }}" + no_log: true + register: test_ironic_public_endpoint + +- name: "Check ironic internal endpoint exists" + command: | + openstack + --os-identity-api-version 3 + --os-username "{{ keystone.bootstrap.username }}" + --os-password "{{ keystone.bootstrap.password }}" + --os-auth-url "{{ ironic.service_catalog.auth_url | default('http://127.0.0.1:5000/') }}" + --os-project-name admin + endpoint list -f json --noindent --service baremetal --interface internal + --region "{{ keystone.bootstrap.region_name | default('RegionOne') }}" + no_log: true + register: test_ironic_internal_endpoint + - name: "Create ironic admin endpoint" command: | openstack @@ -116,6 +155,8 @@ --os-project-name admin endpoint create --region "{{ keystone.bootstrap.region_name | default('RegionOne') }}" baremetal admin "{{ ironic.keystone.admin_url | default('http://127.0.0.1:6385/') }}" + no_log: true + when: test_ironic_admin_endpoint.rc != 0 or test_ironic_admin_endpoint.stdout == '[]' - name: "Create ironic public endpoint" command: | @@ -127,6 +168,8 @@ --os-project-name admin endpoint create --region "{{ keystone.bootstrap.region_name | default('RegionOne') }}" baremetal public "{{ ironic.keystone.public_url | default('http://127.0.0.1:6385/') }}" + no_log: true + when: test_ironic_public_endpoint.rc != 0 or test_ironic_public_endpoint.stdout == '[]' - name: "Create ironic internal endpoint" command: | @@ -139,6 +182,7 @@ endpoint create --region "{{ keystone.bootstrap.region_name | default('RegionOne') }}" baremetal internal "{{ ironic.keystone.internal_url | default('http://127.0.0.1:6385/') }}" no_log: true + when: test_ironic_internal_endpoint.rc != 0 or test_ironic_internal_endpoint.stdout == '[]' - name: "Create baremetal_admin role" os_keystone_role: @@ -221,4 +265,4 @@ wait: yes environment: OS_IDENTITY_API_VERSION: "3" - no_log: true \ No newline at end of file + no_log: true diff --git a/playbooks/roles/bifrost-ironic-install/tasks/keystone_setup_inspector.yml b/playbooks/roles/bifrost-ironic-install/tasks/keystone_setup_inspector.yml index 9048bb47a..e967c6b9c 100644 --- a/playbooks/roles/bifrost-ironic-install/tasks/keystone_setup_inspector.yml +++ b/playbooks/roles/bifrost-ironic-install/tasks/keystone_setup_inspector.yml @@ -87,6 +87,45 @@ OS_IDENTITY_API_VERSION: "3" no_log: true +- name: "Check ironic-inspector admin endpoint exists" + command: | + openstack + --os-identity-api-version 3 + --os-username "{{ keystone.bootstrap.username }}" + --os-password "{{ keystone.bootstrap.password }}" + --os-auth-url "{{ ironic.service_catalog.auth_url | default('http://127.0.0.1:5000/') }}" + --os-project-name admin + endpoint list -f json --noindent --service baremetal-introspection --interface admin + --region "{{ keystone.bootstrap.region_name | default('RegionOne') }}" + no_log: true + register: test_ironic_inspector_admin_endpoint + +- name: "Check ironic-inspector public endpoint exists" + command: | + openstack + --os-identity-api-version 3 + --os-username "{{ keystone.bootstrap.username }}" + --os-password "{{ keystone.bootstrap.password }}" + --os-auth-url "{{ ironic.service_catalog.auth_url | default('http://127.0.0.1:5000/') }}" + --os-project-name admin + endpoint list -f json --noindent --service baremetal-introspection --interface public + --region "{{ keystone.bootstrap.region_name | default('RegionOne') }}" + no_log: true + register: test_ironic_inspector_public_endpoint + +- name: "Check ironic-inspector internal endpoint exists" + command: | + openstack + --os-identity-api-version 3 + --os-username "{{ keystone.bootstrap.username }}" + --os-password "{{ keystone.bootstrap.password }}" + --os-auth-url "{{ ironic.service_catalog.auth_url | default('http://127.0.0.1:5000/') }}" + --os-project-name admin + endpoint list -f json --noindent --service baremetal-introspection --interface internal + --region "{{ keystone.bootstrap.region_name | default('RegionOne') }}" + no_log: true + register: test_ironic_inspector_internal_endpoint + - name: "Create ironic-inspector admin endpoint" command: | openstack @@ -97,6 +136,8 @@ --os-project-name admin endpoint create --region "{{ keystone.bootstrap.region_name | default('RegionOne') }}" baremetal admin "{{ ironic_inspector.keystone.admin_url | default('http://127.0.0.1:5050/') }}" + no_log: true + when: test_ironic_inspector_admin_endpoint.rc != 0 or test_ironic_inspector_admin_endpoint.stdout == '[]' # NOTE(TheJulia): This seems like something that should be # to admin or internal interfaces. Perhaps we should attempt @@ -111,6 +152,8 @@ --os-project-name admin endpoint create --region "{{ keystone.bootstrap.region_name | default('RegionOne') }}" baremetal public "{{ ironic_inspector.keystone.public_url | default('http://127.0.0.1:5050/') }}" + no_log: true + when: test_ironic_inspector_public_endpoint.rc != 0 or test_ironic_inspector_public_endpoint.stdout == '[]' - name: "Create ironic-inspector internal endpoint" command: | @@ -123,6 +166,7 @@ endpoint create --region "{{ keystone.bootstrap.region_name | default('RegionOne') }}" baremetal internal "{{ ironic_inspector.keystone.internal_url | default('http://127.0.0.1:5050/') }}" no_log: true + when: test_ironic_inspector_internal_endpoint.rc != 0 or test_ironic_inspector_internal_endpoint.stdout == '[]' - name: "Create inspector_user user" os_user: