diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml index 036f588be6..51b63ec09c 100644 --- a/ansible/group_vars/all.yml +++ b/ansible/group_vars/all.yml @@ -128,6 +128,10 @@ mistral_api_port: "8989" kibana_port: "5601" elasticsearch_port: "9200" +public_protocol: "http" +internal_protocol: "http" +admin_protocol: "http" + #################### # OpenStack options #################### @@ -145,7 +149,7 @@ nova_console: "novnc" # OpenStack authentication string. You should only need to override these if you # are changing the admin tenant/project or user. openstack_auth: - auth_url: "http://{{ kolla_internal_address }}:{{ keystone_admin_port }}" + auth_url: "{{ admin_protocol }}://{{ kolla_internal_address }}:{{ keystone_admin_port }}" username: "admin" password: "{{ keystone_admin_password }}" project_name: "admin" @@ -153,7 +157,7 @@ openstack_auth: # This shouldn't be needed for long. It is only temporary until we get the # ansible modules sorted out openstack_auth_v2: - auth_url: "http://{{ kolla_internal_address }}:{{ keystone_admin_port }}/v2.0" + auth_url: "{{ admin_protocol }}://{{ kolla_internal_address }}:{{ keystone_admin_port }}/v2.0" username: "admin" password: "{{ keystone_admin_password }}" project_name: "admin" diff --git a/ansible/roles/cinder/tasks/register.yml b/ansible/roles/cinder/tasks/register.yml index 31f887cca1..3ce4fc8586 100644 --- a/ansible/roles/cinder/tasks/register.yml +++ b/ansible/roles/cinder/tasks/register.yml @@ -6,9 +6,9 @@ service_type=volume description='Openstack Block Storage' endpoint_region={{ openstack_region_name }} - admin_url='http://{{ kolla_internal_address }}:{{ cinder_api_port }}/v2/%(tenant_id)s' - internal_url='http://{{ kolla_internal_address }}:{{ cinder_api_port }}/v2/%(tenant_id)s' - public_url='http://{{ kolla_external_address }}:{{ cinder_api_port }}/v2/%(tenant_id)s' + admin_url='{{ admin_protocol }}://{{ kolla_internal_address }}:{{ cinder_api_port }}/v2/%(tenant_id)s' + internal_url='{{ internal_protocol }}://{{ kolla_internal_address }}:{{ cinder_api_port }}/v2/%(tenant_id)s' + public_url='{{ public_protocol }}://{{ kolla_external_address }}:{{ cinder_api_port }}/v2/%(tenant_id)s' region_name={{ openstack_region_name }} auth={{ '{{ openstack_cinder_auth }}' }}" -e "{'openstack_cinder_auth':{{ openstack_cinder_auth }}}" @@ -26,9 +26,9 @@ service_type=volumev2 description='Openstack Block Storage' endpoint_region={{ openstack_region_name }} - admin_url='http://{{ kolla_internal_address }}:{{ cinder_api_port }}/v2/%(tenant_id)s' - internal_url='http://{{ kolla_internal_address }}:{{ cinder_api_port }}/v2/%(tenant_id)s' - public_url='http://{{ kolla_external_address }}:{{ cinder_api_port }}/v2/%(tenant_id)s' + admin_url='{{ admin_protocol }}://{{ kolla_internal_address }}:{{ cinder_api_port }}/v2/%(tenant_id)s' + internal_url='{{ internal_protocol }}://{{ kolla_internal_address }}:{{ cinder_api_port }}/v2/%(tenant_id)s' + public_url='{{ public_protocol }}://{{ kolla_external_address }}:{{ cinder_api_port }}/v2/%(tenant_id)s' region_name={{ openstack_region_name }} auth={{ '{{ openstack_cinder_auth }}' }}" -e "{'openstack_cinder_auth':{{ openstack_cinder_auth }}}" diff --git a/ansible/roles/cinder/templates/cinder.conf.j2 b/ansible/roles/cinder/templates/cinder.conf.j2 index 107e190100..f7d4463c7b 100644 --- a/ansible/roles/cinder/templates/cinder.conf.j2 +++ b/ansible/roles/cinder/templates/cinder.conf.j2 @@ -7,7 +7,7 @@ syslog_log_facility = LOG_LOCAL0 enable_v1_api=false volume_name_template = %s -glance_api_servers = http://{{ kolla_internal_address }}:{{ glance_api_port }} +glance_api_servers = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ glance_api_port }} glance_api_version = 2 os_region_name = {{ openstack_region_name }} @@ -43,8 +43,8 @@ auth_strategy = keystone connection = mysql+pymysql://{{ cinder_database_user }}:{{ cinder_database_password }}@{{ cinder_database_address }}/{{ cinder_database_name }} [keystone_authtoken] -auth_uri = http://{{ kolla_internal_address }}:{{ keystone_public_port }} -auth_url = http://{{ kolla_internal_address }}:{{ keystone_admin_port }} +auth_uri = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ keystone_public_port }} +auth_url = {{ admin_protocol }}://{{ kolla_internal_address }}:{{ keystone_admin_port }} auth_type = password project_domain_id = default user_domain_id = default diff --git a/ansible/roles/common/templates/admin-openrc.sh.j2 b/ansible/roles/common/templates/admin-openrc.sh.j2 index 9ab250f6ac..0626818cd4 100644 --- a/ansible/roles/common/templates/admin-openrc.sh.j2 +++ b/ansible/roles/common/templates/admin-openrc.sh.j2 @@ -4,5 +4,5 @@ export OS_PROJECT_NAME=admin export OS_TENANT_NAME=admin export OS_USERNAME=admin export OS_PASSWORD={{ keystone_admin_password }} -export OS_AUTH_URL=http://{{ kolla_internal_address }}:{{ keystone_admin_port }}/v3 +export OS_AUTH_URL={{ admin_protocol }}://{{ kolla_internal_address }}:{{ keystone_admin_port }}/v3 export OS_IDENTITY_API_VERSION=3 diff --git a/ansible/roles/glance/tasks/register.yml b/ansible/roles/glance/tasks/register.yml index 905eba8a0d..9e2a11a677 100644 --- a/ansible/roles/glance/tasks/register.yml +++ b/ansible/roles/glance/tasks/register.yml @@ -6,9 +6,9 @@ service_type=image description='Openstack Image' endpoint_region={{ openstack_region_name }} - admin_url='http://{{ kolla_internal_address }}:{{ glance_api_port }}' - internal_url='http://{{ kolla_internal_address }}:{{ glance_api_port }}' - public_url='http://{{ kolla_external_address }}:{{ glance_api_port }}' + admin_url='{{ admin_protocol }}://{{ kolla_internal_address }}:{{ glance_api_port }}' + internal_url='{{ internal_protocol }}://{{ kolla_internal_address }}:{{ glance_api_port }}' + public_url='{{ public_protocol }}://{{ kolla_external_address }}:{{ glance_api_port }}' region_name={{ openstack_region_name }} auth={{ '{{ openstack_glance_auth }}' }}" -e "{'openstack_glance_auth':{{ openstack_glance_auth }}}" diff --git a/ansible/roles/glance/templates/glance-api.conf.j2 b/ansible/roles/glance/templates/glance-api.conf.j2 index afec01b1a3..685b2049ec 100644 --- a/ansible/roles/glance/templates/glance-api.conf.j2 +++ b/ansible/roles/glance/templates/glance-api.conf.j2 @@ -18,8 +18,8 @@ show_image_direct_url= True connection = mysql+pymysql://{{ glance_database_user }}:{{ glance_database_password }}@{{ glance_database_address }}/{{ glance_database_name }} [keystone_authtoken] -auth_uri = http://{{ kolla_internal_address }}:{{ keystone_public_port }} -auth_url = http://{{ kolla_internal_address }}:{{ keystone_admin_port }} +auth_uri = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ keystone_public_port }} +auth_url = {{ admin_protocol }}://{{ kolla_internal_address }}:{{ keystone_admin_port }} auth_type = password project_domain_id = default user_domain_id = default diff --git a/ansible/roles/glance/templates/glance-registry.conf.j2 b/ansible/roles/glance/templates/glance-registry.conf.j2 index e3e0d05aa6..db3e58c803 100644 --- a/ansible/roles/glance/templates/glance-registry.conf.j2 +++ b/ansible/roles/glance/templates/glance-registry.conf.j2 @@ -12,8 +12,8 @@ syslog_log_facility = LOG_LOCAL0 connection = mysql+pymysql://{{ glance_database_user }}:{{ glance_database_password }}@{{ glance_database_address }}/{{ glance_database_name }} [keystone_authtoken] -auth_uri = http://{{ kolla_internal_address }}:{{ keystone_public_port }} -auth_url = http://{{ kolla_internal_address }}:{{ keystone_admin_port }} +auth_uri = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ keystone_public_port }} +auth_url = {{ admin_protocol }}://{{ kolla_internal_address }}:{{ keystone_admin_port }} auth_type = password project_domain_id = default user_domain_id = default diff --git a/ansible/roles/heat/tasks/register.yml b/ansible/roles/heat/tasks/register.yml index d6fd4d71dc..e9b8127d40 100644 --- a/ansible/roles/heat/tasks/register.yml +++ b/ansible/roles/heat/tasks/register.yml @@ -6,9 +6,9 @@ service_type=orchestration description='Openstack Orchestration' endpoint_region={{ openstack_region_name }} - admin_url='http://{{ kolla_internal_address }}:{{ heat_api_port }}/v1/%(tenant_id)s' - internal_url='http://{{ kolla_internal_address }}:{{ heat_api_port }}/v1/%(tenant_id)s' - public_url='http://{{ kolla_external_address }}:{{ heat_api_port }}/v1/%(tenant_id)s' + admin_url='{{ admin_protocol }}://{{ kolla_internal_address }}:{{ heat_api_port }}/v1/%(tenant_id)s' + internal_url='{{ internal_protocol }}://{{ kolla_internal_address }}:{{ heat_api_port }}/v1/%(tenant_id)s' + public_url='{{ public_protocol }}://{{ kolla_external_address }}:{{ heat_api_port }}/v1/%(tenant_id)s' region_name={{ openstack_region_name }} auth={{ '{{ openstack_heat_auth }}' }}" -e "{'openstack_heat_auth':{{ openstack_heat_auth }}}" @@ -26,9 +26,9 @@ service_type=orchestration description='Openstack Orchestration' endpoint_region={{ openstack_region_name }} - admin_url='http://{{ kolla_internal_address }}:{{ heat_api_port }}/v1' - internal_url='http://{{ kolla_internal_address }}:{{ heat_api_cfn_port }}/v1' - public_url='http://{{ kolla_external_address }}:{{ heat_api_cfn_port }}/v1' + admin_url='{{ admin_protocol }}://{{ kolla_internal_address }}:{{ heat_api_port }}/v1' + internal_url='{{ internal_protocol }}://{{ kolla_internal_address }}:{{ heat_api_cfn_port }}/v1' + public_url='{{ public_protocol }}://{{ kolla_external_address }}:{{ heat_api_cfn_port }}/v1' region_name={{ openstack_region_name }} auth={{ '{{ openstack_heat_auth }}' }}" -e "{'openstack_heat_auth':{{ openstack_heat_auth }}}" diff --git a/ansible/roles/heat/templates/heat.conf.j2 b/ansible/roles/heat/templates/heat.conf.j2 index bd88341927..5d8afa05ed 100644 --- a/ansible/roles/heat/templates/heat.conf.j2 +++ b/ansible/roles/heat/templates/heat.conf.j2 @@ -1,9 +1,9 @@ [DEFAULT] debug = {{ heat_logging_debug }} -heat_watch_server_url = http://{{ kolla_external_address }}:{{ heat_api_cfn_port }} -heat_metadata_server_url = http://{{ kolla_external_address }}:{{ heat_api_cfn_port }} -heat_waitcondition_server_url = http://{{ kolla_external_address }}:{{ heat_api_cfn_port }}/v1/waitcondition +heat_watch_server_url = {{ public_protocol }}://{{ kolla_external_address }}:{{ heat_api_cfn_port }} +heat_metadata_server_url = {{ public_protocol }}://{{ kolla_external_address }}:{{ heat_api_cfn_port }} +heat_waitcondition_server_url = {{ public_protocol }}://{{ kolla_external_address }}:{{ heat_api_cfn_port }}/v1/waitcondition stack_domain_admin = heat_domain_admin stack_domain_admin_password = {{ heat_domain_admin_password }} @@ -39,8 +39,8 @@ bind_port = {{ heat_api_cfn_port }} connection = mysql+pymysql://{{ heat_database_user }}:{{ heat_database_password }}@{{ heat_database_address }}/{{ heat_database_name }} [keystone_authtoken] -auth_uri = http://{{ kolla_internal_address }}:{{ keystone_public_port }} -auth_url = http://{{ kolla_internal_address }}:{{ keystone_admin_port }} +auth_uri = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ keystone_public_port }} +auth_url = {{ admin_protocol }}://{{ kolla_internal_address }}:{{ keystone_admin_port }} auth_type = password project_domain_id = default user_domain_id = default @@ -59,10 +59,10 @@ username = heat password = {{ heat_keystone_password }} [ec2authtoken] -auth_uri = http://{{ kolla_internal_address }}:{{ keystone_public_port }} +auth_uri = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ keystone_public_port }} [clients_keystone] -auth_uri = http://{{ kolla_internal_address }}:{{ keystone_public_port }} +auth_uri = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ keystone_public_port }} [oslo_messaging_notifications] driver = noop diff --git a/ansible/roles/horizon/templates/local_settings.j2 b/ansible/roles/horizon/templates/local_settings.j2 index 9b7279b671..65d9586bd8 100644 --- a/ansible/roles/horizon/templates/local_settings.j2 +++ b/ansible/roles/horizon/templates/local_settings.j2 @@ -148,7 +148,7 @@ EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' #] OPENSTACK_HOST = "{{ kolla_external_address }}" -OPENSTACK_KEYSTONE_URL = "http://%s:{{ keystone_public_port }}/v3" % OPENSTACK_HOST +OPENSTACK_KEYSTONE_URL = "{{ public_protocol }}://%s:{{ keystone_public_port }}/v3" % OPENSTACK_HOST OPENSTACK_KEYSTONE_DEFAULT_ROLE = "_member_" # Enables keystone web single-sign-on if set to True. diff --git a/ansible/roles/ironic/tasks/register.yml b/ansible/roles/ironic/tasks/register.yml index c1862b1d7e..fc44611b3a 100644 --- a/ansible/roles/ironic/tasks/register.yml +++ b/ansible/roles/ironic/tasks/register.yml @@ -6,9 +6,9 @@ service_type=baremetal description='Ironic bare metal provisioning service' endpoint_region={{ openstack_region_name }} - admin_url='http://{{ ironic_admin_address }}:{{ ironic_api_port }}' - internal_url='http://{{ ironic_internal_address }}:{{ ironic_api_port }}' - public_url='http://{{ ironic_public_address }}:{{ ironic_api_port }}' + admin_url='{{ admin_protocol }}://{{ ironic_admin_address }}:{{ ironic_api_port }}' + internal_url='{{ internal_protocol }}://{{ ironic_internal_address }}:{{ ironic_api_port }}' + public_url='{{ public_protocol }}://{{ ironic_public_address }}:{{ ironic_api_port }}' region_name={{ openstack_region_name }} auth={{ '{{ openstack_ironic_auth }}' }}" -e "{'openstack_ironic_auth':{{ openstack_ironic_auth }}}" diff --git a/ansible/roles/ironic/templates/discoverd.conf.j2 b/ansible/roles/ironic/templates/discoverd.conf.j2 index 1f64d564ac..151fcfa9d2 100644 --- a/ansible/roles/ironic/templates/discoverd.conf.j2 +++ b/ansible/roles/ironic/templates/discoverd.conf.j2 @@ -1,6 +1,6 @@ [discoverd] database = inspector.sqlite3 -os_auth_url = http://{{ kolla_internal_address }}:{{ keystone_public_port }}/v2.0 +os_auth_url = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ keystone_public_port }}/v2.0 os_username = {{ openstack_auth.username }} os_password = {{ openstack_auth.password }} os_tenant_name = {{ openstack_auth.project_name }} diff --git a/ansible/roles/ironic/templates/ironic.conf.j2 b/ansible/roles/ironic/templates/ironic.conf.j2 index 0a06349918..f100b681ff 100644 --- a/ansible/roles/ironic/templates/ironic.conf.j2 +++ b/ansible/roles/ironic/templates/ironic.conf.j2 @@ -10,7 +10,7 @@ host_ip = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['a {% if service_name == 'ironic-conductor' %} [conductor] -api_url = http://{{ kolla_internal_address }}:{{ ironic_api_port }} +api_url = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ ironic_api_port }} clean_nodes = false {% endif %} @@ -18,8 +18,8 @@ clean_nodes = false connection = mysql+pymysql://{{ ironic_database_user }}:{{ ironic_database_password }}@{{ ironic_database_address }}/{{ ironic_database_name }} [keystone_authtoken] -auth_uri = http://{{ kolla_internal_address }}:{{ keystone_public_port }} -auth_url = http://{{ kolla_internal_address }}:{{ keystone_admin_port }} +auth_uri = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ keystone_public_port }} +auth_url = {{ admin_protocol }}://{{ kolla_internal_address }}:{{ keystone_admin_port }} auth_type = password project_domain_id = default user_domain_id = default @@ -31,7 +31,7 @@ password = {{ ironic_keystone_password }} glance_host = {{ kolla_internal_address }} [neutron] -url = http://{{ kolla_internal_address }}:{{ neutron_server_port }} +url = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ neutron_server_port }} [oslo_messaging_rabbit] rabbit_userid = {{ rabbitmq_user }} diff --git a/ansible/roles/keystone/tasks/register.yml b/ansible/roles/keystone/tasks/register.yml index a20d6c422e..2b9af5a600 100644 --- a/ansible/roles/keystone/tasks/register.yml +++ b/ansible/roles/keystone/tasks/register.yml @@ -24,9 +24,9 @@ service_type=identity description='Openstack Identity' endpoint_region={{ openstack_region_name }} - admin_url='http://{{ kolla_internal_address }}:{{ keystone_admin_port }}' - internal_url='http://{{ kolla_internal_address }}:{{ keystone_admin_port }}' - public_url='http://{{ kolla_external_address }}:{{ keystone_public_port }}' + admin_url='{{ admin_protocol }}://{{ kolla_internal_address }}:{{ keystone_admin_port }}' + internal_url='{{ internal_protocol }}://{{ kolla_internal_address }}:{{ keystone_admin_port }}' + public_url='{{ public_protocol }}://{{ kolla_external_address }}:{{ keystone_public_port }}' region_name={{ openstack_region_name }} auth_type=admin_token auth={{ '{{ openstack_keystone_token_auth }}' }}" diff --git a/ansible/roles/kibana/templates/kibana.yml.j2 b/ansible/roles/kibana/templates/kibana.yml.j2 index e144a1b5be..00186c4f4c 100644 --- a/ansible/roles/kibana/templates/kibana.yml.j2 +++ b/ansible/roles/kibana/templates/kibana.yml.j2 @@ -1,6 +1,6 @@ port: {{ kibana_port }} host: {{ kibana_host }} -elasticsearch_url: "http://{{ kolla_internal_address }}:{{ elasticsearch_port }}" +elasticsearch_url: "{{ internal_protocol }}://{{ kolla_internal_address }}:{{ elasticsearch_port }}" elasticsearch_preserve_host: {{ elasticsearch_preserve_host }} default_app_id: {{ kibana_app_id }} request_timeout: {{ kibana_request_timeout }} diff --git a/ansible/roles/magnum/tasks/register.yml b/ansible/roles/magnum/tasks/register.yml index a89a124fbc..6e17ccd7ab 100644 --- a/ansible/roles/magnum/tasks/register.yml +++ b/ansible/roles/magnum/tasks/register.yml @@ -6,9 +6,9 @@ service_type=container description='Openstack Container Service' endpoint_region={{ openstack_region_name }} - admin_url='http://{{ kolla_internal_address }}:{{ magnum_api_port }}/v1' - internal_url='http://{{ kolla_internal_address }}:{{ magnum_api_port }}/v1' - public_url='http://{{ kolla_external_address }}:{{ magnum_api_port }}/v1' + admin_url='{{ admin_protocol }}://{{ kolla_internal_address }}:{{ magnum_api_port }}/v1' + internal_url='{{ internal_protocol }}://{{ kolla_internal_address }}:{{ magnum_api_port }}/v1' + public_url='{{ public_protocol }}://{{ kolla_external_address }}:{{ magnum_api_port }}/v1' region_name={{ openstack_region_name }} auth={{ '{{ openstack_magnum_auth }}' }}" -e "{'openstack_magnum_auth':{{ openstack_magnum_auth }}}" diff --git a/ansible/roles/magnum/templates/magnum.conf.j2 b/ansible/roles/magnum/templates/magnum.conf.j2 index 44f9c07ad7..6a25720649 100644 --- a/ansible/roles/magnum/templates/magnum.conf.j2 +++ b/ansible/roles/magnum/templates/magnum.conf.j2 @@ -17,8 +17,8 @@ connection = mysql+pymysql://{{ magnum_database_user }}:{{ magnum_database_passw region_name = {{ openstack_region_name }} [keystone_authtoken] -auth_uri = http://{{ kolla_internal_address }}:{{ keystone_public_port }} -auth_url = http://{{ kolla_internal_address }}:{{ keystone_admin_port }} +auth_uri = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ keystone_public_port }} +auth_url = {{ admin_protocol }}://{{ kolla_internal_address }}:{{ keystone_admin_port }} auth_type = password project_domain_id = default user_domain_id = default @@ -27,8 +27,8 @@ username = {{ magnum_keystone_user }} password = {{ magnum_keystone_password }} [trustee] -auth_uri = http://{{ kolla_internal_address }}:{{ keystone_public_port }} -auth_url = http://{{ kolla_internal_address }}:{{ keystone_admin_port }} +auth_uri = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ keystone_public_port }} +auth_url = {{ admin_protocol }}://{{ kolla_internal_address }}:{{ keystone_admin_port }} auth_type = password project_domain_id = default user_domain_id = default diff --git a/ansible/roles/mistral/tasks/register.yml b/ansible/roles/mistral/tasks/register.yml index 5ffbaf1b5c..5994ccb856 100644 --- a/ansible/roles/mistral/tasks/register.yml +++ b/ansible/roles/mistral/tasks/register.yml @@ -6,9 +6,9 @@ service_type=application_catalog description='Openstack Application Catalog' endpoint_region={{ openstack_region_name }} - admin_url='http://{{ kolla_internal_address }}:{{ mistral_api_port }}' - internal_url='http://{{ kolla_internal_address }}:{{ mistral_api_port }}' - public_url='http://{{ kolla_external_address }}:{{ mistral_api_port }}' + admin_url='{{ admin_protocol }}://{{ kolla_internal_address }}:{{ mistral_api_port }}' + internal_url='{{ internal_protocol }}://{{ kolla_internal_address }}:{{ mistral_api_port }}' + public_url='{{ public_protocol }}://{{ kolla_external_address }}:{{ mistral_api_port }}' region_name={{ openstack_region_name }} auth={{ '{{ openstack_mistral_auth }}' }}" -e "{'openstack_mistral_auth':{{ openstack_mistral_auth }}}" diff --git a/ansible/roles/mistral/templates/mistral.conf.j2 b/ansible/roles/mistral/templates/mistral.conf.j2 index 24781f7ff0..1c2f24c0a6 100644 --- a/ansible/roles/mistral/templates/mistral.conf.j2 +++ b/ansible/roles/mistral/templates/mistral.conf.j2 @@ -14,8 +14,8 @@ bind_port = {{ mistral_api_port }} connection = mysql+pymysql://{{ mistral_database_user }}:{{ mistral_database_password }}@{{ mistral_database_address }}/{{ mistral_database_name }} [keystone_authtoken] -auth_uri = http://{{ kolla_internal_address }}:{{ keystone_public_port }} -auth_url = http://{{ kolla_internal_address }}:{{ keystone_admin_port }} +auth_uri = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ keystone_public_port }} +auth_url = {{ admin_protocol }}://{{ kolla_internal_address }}:{{ keystone_admin_port }} auth_type = password project_domain_id = default user_domain_id = default @@ -24,7 +24,7 @@ username = {{ mistral_keystone_user }} password = {{ mistral_keystone_password }} [mistral] -url = http://{{ kolla_internal_address }}:{{ mistral_api_port }} +url = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ mistral_api_port }} [oslo_messaging_rabbit] rabbit_userid = {{ rabbitmq_user }} diff --git a/ansible/roles/murano/tasks/register.yml b/ansible/roles/murano/tasks/register.yml index 2d99fa0831..2872cc76e7 100644 --- a/ansible/roles/murano/tasks/register.yml +++ b/ansible/roles/murano/tasks/register.yml @@ -6,9 +6,9 @@ service_type=application_catalog description='Openstack Application Catalogue' endpoint_region={{ openstack_region_name }} - admin_url='http://{{ kolla_internal_address }}:{{ murano_api_port }}' - internal_url='http://{{ kolla_internal_address }}:{{ murano_api_port }}' - public_url='http://{{ kolla_external_address }}:{{ murano_api_port }}' + admin_url='{{ admin_protocol }}://{{ kolla_internal_address }}:{{ murano_api_port }}' + internal_url='{{ internal_protocol }}://{{ kolla_internal_address }}:{{ murano_api_port }}' + public_url='{{ public_protocol }}://{{ kolla_external_address }}:{{ murano_api_port }}' region_name={{ openstack_region_name }} auth={{ '{{ openstack_murano_auth }}' }}" -e "{'openstack_murano_auth':{{ openstack_murano_auth }}}" diff --git a/ansible/roles/murano/templates/murano.conf.j2 b/ansible/roles/murano/templates/murano.conf.j2 index 6af9b47518..e0bdda1372 100644 --- a/ansible/roles/murano/templates/murano.conf.j2 +++ b/ansible/roles/murano/templates/murano.conf.j2 @@ -14,8 +14,8 @@ bind_port = {{ murano_api_port }} connection = mysql+pymysql://{{ murano_database_user }}:{{ murano_database_password }}@{{ murano_database_address }}/{{ murano_database_name }} [keystone_authtoken] -auth_uri = http://{{ kolla_internal_address }}:{{ keystone_public_port }} -auth_url = http://{{ kolla_internal_address }}:{{ keystone_admin_port }} +auth_uri = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ keystone_public_port }} +auth_url = {{ admin_protocol }}://{{ kolla_internal_address }}:{{ keystone_admin_port }} auth_type = password project_domain_id = default user_domain_id = default @@ -24,7 +24,7 @@ username = {{ murano_keystone_user }} password = {{ murano_keystone_password }} [murano] -url = http://{{ kolla_internal_address }}:{{ murano_api_port }} +url = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ murano_api_port }} [oslo_messaging_rabbit] rabbit_userid = {{ rabbitmq_user }} diff --git a/ansible/roles/neutron/tasks/register.yml b/ansible/roles/neutron/tasks/register.yml index 2c2c56be8d..d400d6ca7f 100644 --- a/ansible/roles/neutron/tasks/register.yml +++ b/ansible/roles/neutron/tasks/register.yml @@ -6,9 +6,9 @@ service_type=network description='Openstack Networking' endpoint_region={{ openstack_region_name }} - admin_url='http://{{ kolla_internal_address }}:{{ neutron_server_port }}' - internal_url='http://{{ kolla_internal_address }}:{{ neutron_server_port }}' - public_url='http://{{ kolla_external_address }}:{{ neutron_server_port }}' + admin_url='{{ admin_protocol }}://{{ kolla_internal_address }}:{{ neutron_server_port }}' + internal_url='{{ internal_protocol }}://{{ kolla_internal_address }}:{{ neutron_server_port }}' + public_url='{{ public_protocol }}://{{ kolla_external_address }}:{{ neutron_server_port }}' region_name={{ openstack_region_name }} auth={{ '{{ openstack_neutron_auth }}' }}" -e "{'openstack_neutron_auth':{{ openstack_neutron_auth }}}" diff --git a/ansible/roles/neutron/templates/neutron.conf.j2 b/ansible/roles/neutron/templates/neutron.conf.j2 index 5779ebc3bb..8db961e8e8 100644 --- a/ansible/roles/neutron/templates/neutron.conf.j2 +++ b/ansible/roles/neutron/templates/neutron.conf.j2 @@ -31,7 +31,7 @@ core_plugin = ml2 service_plugins = router [nova] -auth_url = http://{{ kolla_internal_address }}:{{ keystone_admin_port }} +auth_url = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ keystone_admin_port }} auth_type = password project_domain_id = default user_domain_id = default @@ -56,8 +56,8 @@ root_helper = sudo neutron-rootwrap /etc/neutron/rootwrap.conf connection = mysql+pymysql://{{ neutron_database_user }}:{{ neutron_database_password }}@{{ neutron_database_address }}/{{ neutron_database_name }} [keystone_authtoken] -auth_uri = http://{{ kolla_internal_address }}:{{ keystone_public_port }} -auth_url = http://{{ kolla_internal_address }}:{{ keystone_admin_port }} +auth_uri = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ keystone_public_port }} +auth_url = {{ admin_protocol }}://{{ kolla_internal_address }}:{{ keystone_admin_port }} auth_type = password project_domain_id = default user_domain_id = default diff --git a/ansible/roles/nova/tasks/register.yml b/ansible/roles/nova/tasks/register.yml index 43f475d63d..95f0f968dd 100644 --- a/ansible/roles/nova/tasks/register.yml +++ b/ansible/roles/nova/tasks/register.yml @@ -6,9 +6,9 @@ service_type=compute description='Openstack Compute' endpoint_region={{ openstack_region_name }} - admin_url='http://{{ kolla_internal_address }}:{{ nova_api_port }}/v2/%(tenant_id)s' - internal_url='http://{{ kolla_internal_address }}:{{ nova_api_port }}/v2/%(tenant_id)s' - public_url='http://{{ kolla_external_address }}:{{ nova_api_port }}/v2/%(tenant_id)s' + admin_url='{{ admin_protocol }}://{{ kolla_internal_address }}:{{ nova_api_port }}/v2/%(tenant_id)s' + internal_url='{{ internal_protocol }}://{{ kolla_internal_address }}:{{ nova_api_port }}/v2/%(tenant_id)s' + public_url='{{ public_protocol }}://{{ kolla_external_address }}:{{ nova_api_port }}/v2/%(tenant_id)s' region_name={{ openstack_region_name }} auth={{ '{{ openstack_nova_auth }}' }}" -e "{'openstack_nova_auth':{{ openstack_nova_auth }}}" diff --git a/ansible/roles/nova/templates/nova.conf.j2 b/ansible/roles/nova/templates/nova.conf.j2 index f5021fdd7a..e99c80209b 100644 --- a/ansible/roles/nova/templates/nova.conf.j2 +++ b/ansible/roles/nova/templates/nova.conf.j2 @@ -60,7 +60,7 @@ novncproxy_port = {{ nova_novncproxy_port }} vncserver_listen = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }} vncserver_proxyclient_address = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }} {% if inventory_hostname in groups['compute'] %} -novncproxy_base_url = http://{{ kolla_internal_address }}:{{ nova_novncproxy_port }}/vnc_auto.html +novncproxy_base_url = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ nova_novncproxy_port }}/vnc_auto.html {% endif %} {% elif nova_console == 'spice' %} [vnc] @@ -70,7 +70,7 @@ enabled = false server_listen = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }} server_proxyclient_address = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }} {% if inventory_hostname in groups['compute'] %} -html5proxy_base_url = http://{{ kolla_internal_address }}:{{ nova_spicehtml5proxy_port }}/spice_auto.html +html5proxy_base_url = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ nova_spicehtml5proxy_port }}/spice_auto.html {% endif %} html5proxy_host = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }} html5proxy_port = {{ nova_spicehtml5proxy_port }} @@ -83,7 +83,7 @@ admin_username = {{ ironic_keystone_user }} admin_password = {{ ironic_keystone_password }} admin_url = {{ openstack_auth_v2.auth_url }} admin_tenant_name = service -api_endpoint = http://{{ kolla_internal_address }}:{{ ironic_api_port }}/v1 +api_endpoint = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ ironic_api_port }}/v1 {% endif %} [oslo_messaging_rabbit] @@ -109,12 +109,12 @@ num_retries = {{ groups['glance-api'] | length }} catalog_info = volume:cinder:internalURL [neutron] -url = http://{{ kolla_internal_address }}:{{ neutron_server_port }} +url = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ neutron_server_port }} auth_strategy = keystone metadata_proxy_shared_secret = {{ metadata_secret }} service_metadata_proxy = true -auth_url = http://{{ kolla_internal_address }}:{{ keystone_admin_port }} +auth_url = {{ admin_protocol }}://{{ kolla_internal_address }}:{{ keystone_admin_port }} auth_plugin = password project_domain_name = default user_domain_id = default @@ -129,8 +129,8 @@ connection = mysql+pymysql://{{ nova_database_user }}:{{ nova_database_password connection = mysql+pymysql://{{ nova_api_database_user }}:{{ nova_api_database_password }}@{{ nova_api_database_address }}/{{ nova_api_database_name }} [keystone_authtoken] -auth_uri = http://{{ kolla_internal_address }}:{{ keystone_public_port }} -auth_url = http://{{ kolla_internal_address }}:{{ keystone_admin_port }} +auth_uri = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ keystone_public_port }} +auth_url = {{ admin_protocol }}://{{ kolla_internal_address }}:{{ keystone_admin_port }} auth_type = password project_domain_id = default user_domain_id = default diff --git a/ansible/roles/swift/tasks/register.yml b/ansible/roles/swift/tasks/register.yml index f26156893f..27e558a857 100644 --- a/ansible/roles/swift/tasks/register.yml +++ b/ansible/roles/swift/tasks/register.yml @@ -6,9 +6,9 @@ service_type=object-store description='Openstack Object Storage' endpoint_region={{ openstack_region_name }} - admin_url='http://{{ kolla_internal_address }}:{{ swift_proxy_server_port }}' - internal_url='http://{{ kolla_internal_address }}:{{ swift_proxy_server_port }}/v1/AUTH_%(tenant_id)s' - public_url='http://{{ kolla_external_address }}:{{ swift_proxy_server_port }}/v1/AUTH_%(tenant_id)s' + admin_url='{{ admin_protocol }}://{{ kolla_internal_address }}:{{ swift_proxy_server_port }}' + internal_url='{{ internal_protocol }}://{{ kolla_internal_address }}:{{ swift_proxy_server_port }}/v1/AUTH_%(tenant_id)s' + public_url='{{ public_protocol }}://{{ kolla_external_address }}:{{ swift_proxy_server_port }}/v1/AUTH_%(tenant_id)s' region_name={{ openstack_region_name }} auth={{ '{{ openstack_swift_auth }}' }}" -e "{'openstack_swift_auth':{{ openstack_swift_auth }}}" diff --git a/ansible/roles/swift/templates/proxy-server.conf.j2 b/ansible/roles/swift/templates/proxy-server.conf.j2 index cea708a953..71a15c8a7f 100644 --- a/ansible/roles/swift/templates/proxy-server.conf.j2 +++ b/ansible/roles/swift/templates/proxy-server.conf.j2 @@ -29,8 +29,8 @@ use = egg:swift#proxy_logging [filter:authtoken] paste.filter_factory = keystonemiddleware.auth_token:filter_factory -auth_uri = http://{{ kolla_internal_address }}:{{ keystone_public_port }} -auth_url = http://{{ kolla_internal_address }}:{{ keystone_admin_port }} +auth_uri = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ keystone_public_port }} +auth_url = {{ admin_protocol }}://{{ kolla_internal_address }}:{{ keystone_admin_port }} auth_type = password project_domain_id = default user_domain_id = default diff --git a/dev/vagrant/centos-bootstrap.sh b/dev/vagrant/centos-bootstrap.sh index bac332768c..83d10c0740 100644 --- a/dev/vagrant/centos-bootstrap.sh +++ b/dev/vagrant/centos-bootstrap.sh @@ -19,6 +19,7 @@ else SUPPORT_NODE=support01 fi REGISTRY=operator.local:${REGISTRY_PORT} +ADMIN_PROTOCOL="http" # Install common packages and do some prepwork. function prep_work { @@ -118,7 +119,7 @@ EOF # The openrc file. cat > ~vagrant/openrc <