Fix permissions on log directory for keystone
Additionally fixed bootstrap issue caused by an ansible bug in some versions of the docker module. Closes-Bug: #1472270 Change-Id: Ia5a370db5ab7690854afcd63492ba7dbbea29835
This commit is contained in:
Sam Yaple
@@ -25,6 +25,11 @@
|
|||||||
run_once: True
|
run_once: True
|
||||||
when: database|changed
|
when: database|changed
|
||||||
|
|
||||||
|
# https://github.com/ansible/ansible-modules-core/pull/1031
|
||||||
|
- name: Waiting for bootstrap container to exit
|
||||||
|
command: docker wait "{{ container_name }}"
|
||||||
|
when: database|changed
|
||||||
|
|
||||||
- name: Cleaning up boostrap container
|
- name: Cleaning up boostrap container
|
||||||
docker:
|
docker:
|
||||||
name: "{{ container_name }}"
|
name: "{{ container_name }}"
|
||||||
|
|||||||
@@ -4,7 +4,7 @@
|
|||||||
# initialization does not successfully finish
|
# initialization does not successfully finish
|
||||||
- include: ../../bootstrap.yml
|
- include: ../../bootstrap.yml
|
||||||
vars:
|
vars:
|
||||||
container_detach: False
|
container_detach: "False"
|
||||||
container_environment:
|
container_environment:
|
||||||
KOLLA_BOOTSTRAP:
|
KOLLA_BOOTSTRAP:
|
||||||
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
|
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
|
||||||
@@ -13,8 +13,8 @@
|
|||||||
PUBLIC_URL: "http://{{ kolla_external_address }}:{{ keystone_public_port }}/v2.0"
|
PUBLIC_URL: "http://{{ kolla_external_address }}:{{ keystone_public_port }}/v2.0"
|
||||||
INTERNAL_URL: "http://{{ kolla_internal_address }}:{{ keystone_public_port }}/v2.0"
|
INTERNAL_URL: "http://{{ kolla_internal_address }}:{{ keystone_public_port }}/v2.0"
|
||||||
ADMIN_URL: "http://{{ kolla_internal_address }}:{{ keystone_admin_port }}/v2.0"
|
ADMIN_URL: "http://{{ kolla_internal_address }}:{{ keystone_admin_port }}/v2.0"
|
||||||
OS_TOKEN: "{{ keystone_admin_token }}"
|
OS_SERVICE_TOKEN: "{{ keystone_admin_token }}"
|
||||||
OS_URL: "http://{{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}:{{ keystone_admin_port }}/v2.0"
|
OS_SERVICE_ENDPOINT: "http://{{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}:{{ keystone_admin_port }}/v2.0"
|
||||||
container_image: "{{ docker_keystone_image_full }}"
|
container_image: "{{ docker_keystone_image_full }}"
|
||||||
container_name: "bootstrap_keystone"
|
container_name: "bootstrap_keystone"
|
||||||
container_restart_policy: "no"
|
container_restart_policy: "no"
|
||||||
|
|||||||
@@ -10,8 +10,8 @@ Listen {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['addr
|
|||||||
<IfVersion >= 2.4>
|
<IfVersion >= 2.4>
|
||||||
ErrorLogFormat "%{cu}t %M"
|
ErrorLogFormat "%{cu}t %M"
|
||||||
</IfVersion>
|
</IfVersion>
|
||||||
ErrorLog /var/log/keystone/keystone.log
|
ErrorLog /var/log/httpd/keystone.log
|
||||||
CustomLog /var/log/keystone/keystone_access.log combined
|
CustomLog /var/log/httpd/keystone_access.log combined
|
||||||
</VirtualHost>
|
</VirtualHost>
|
||||||
|
|
||||||
<VirtualHost *:{{ keystone_admin_port }}>
|
<VirtualHost *:{{ keystone_admin_port }}>
|
||||||
@@ -23,6 +23,6 @@ Listen {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['addr
|
|||||||
<IfVersion >= 2.4>
|
<IfVersion >= 2.4>
|
||||||
ErrorLogFormat "%{cu}t %M"
|
ErrorLogFormat "%{cu}t %M"
|
||||||
</IfVersion>
|
</IfVersion>
|
||||||
ErrorLog /var/log/keystone/keystone.log
|
ErrorLog /var/log/httpd/keystone.log
|
||||||
CustomLog /var/log/keystone/keystone_access.log combined
|
CustomLog /var/log/httpd/keystone_access.log combined
|
||||||
</VirtualHost>
|
</VirtualHost>
|
||||||
|
|||||||
@@ -14,7 +14,7 @@ RUN sed -i 's,/var/log/apache2,/var/log/httpd,' /etc/httpd/conf.d/wsgi-keystone.
|
|||||||
RUN sed -i -r 's,^(Listen 80),#\1,' /etc/httpd/conf/httpd.conf
|
RUN sed -i -r 's,^(Listen 80),#\1,' /etc/httpd/conf/httpd.conf
|
||||||
RUN cp -a /usr/share/keystone/keystone.wsgi /var/www/cgi-bin/keystone/main
|
RUN cp -a /usr/share/keystone/keystone.wsgi /var/www/cgi-bin/keystone/main
|
||||||
RUN cp -a /usr/share/keystone/keystone.wsgi /var/www/cgi-bin/keystone/admin
|
RUN cp -a /usr/share/keystone/keystone.wsgi /var/www/cgi-bin/keystone/admin
|
||||||
RUN chown -R keystone: /var/www/cgi-bin/keystone /var/log/keystone
|
RUN chown -R keystone: /var/www/cgi-bin/keystone
|
||||||
RUN chmod 755 /var/www/cgi-bin/keystone/*
|
RUN chmod 755 /var/www/cgi-bin/keystone/*
|
||||||
|
|
||||||
# Add start-up and check scripts
|
# Add start-up and check scripts
|
||||||
|
|||||||
@@ -20,17 +20,18 @@ if [[ "${!KOLLA_BOOTSTRAP[@]}" ]]; then
|
|||||||
$CMD
|
$CMD
|
||||||
sleep 5
|
sleep 5
|
||||||
|
|
||||||
openstack service create --name keystone \
|
keystone service-create --name keystone --type identity \
|
||||||
--description "OpenStack Identity" identity
|
--description "OpenStack Identity"
|
||||||
openstack endpoint create --region "${REGION_NAME}" \
|
keystone endpoint-create --region "${REGION_NAME}" \
|
||||||
--publicurl "${PUBLIC_URL}" \
|
--publicurl "${PUBLIC_URL}" \
|
||||||
--internalurl "${INTERNAL_URL}" \
|
--internalurl "${INTERNAL_URL}" \
|
||||||
--adminurl "${ADMIN_URL}" identity
|
--adminurl "${ADMIN_URL}" \
|
||||||
|
--service-id $(keystone service-list | awk '/ identity / {print $2}')
|
||||||
|
|
||||||
openstack project create --description "Admin Project" admin
|
keystone tenant-create --description "Admin Project" --name admin
|
||||||
openstack user create --password "${KEYSTONE_ADMIN_PASSWORD}" admin
|
keystone user-create --pass "${KEYSTONE_ADMIN_PASSWORD}" --name admin
|
||||||
openstack role create admin
|
keystone role-create --name admin
|
||||||
openstack role add --project admin --user admin admin
|
keystone user-role-add --user admin --tenant admin --role admin
|
||||||
|
|
||||||
exit 0
|
exit 0
|
||||||
fi
|
fi
|
||||||
|
|||||||
Reference in New Issue
Block a user