apiVersion: batch/v1 kind: Job metadata: name: keystone-bootstrap spec: template: metadata: name: keystone-bootstrap spec: restartPolicy: OnFailure containers: - image: "{{ kolla_toolbox_image_full }}" name: creating-keystone-database command: ["sh", "-c"] args: - ansible localhost -m mysql_db -a "login_host='{{ keystone_database_address }}' login_port='{{ mariadb_port }}' login_user='{{ database_user }}' login_password='$DATABASE_PASSWORD' name='{{ keystone_database_name }}'" volumeMounts: - mountPath: /dev name: dev - mountPath: /run name: run env: - name: ANSIBLE_NOCOLOR value: "1" - name: ANSIBLE_LIBRARY value: "/usr/share/ansible" - name: DATABASE_PASSWORD valueFrom: secretKeyRef: name: database-password key: password - image: "{{ kolla_toolbox_image_full }}" name: creating-keystone-user-and-permissions command: ["sh", "-c"] args: - ansible localhost -m mysql_user -a "login_host='{{ keystone_database_address }}' login_port='{{ mariadb_port }}' login_user='{{ database_user }}' login_password='$DATABASE_PASSWORD' name='{{ keystone_database_name }}' password='$KEYSTONE_DATABASE_PASSWORD' host='%' priv='{{ keystone_database_name }}.*:ALL' append_privs='yes'" volumeMounts: - mountPath: /dev name: dev - mountPath: /run name: run env: - name: ANSIBLE_NOCOLOR value: "1" - name: ANSIBLE_LIBRARY value: "/usr/share/ansible" - name: DATABASE_PASSWORD valueFrom: secretKeyRef: name: database-password key: password - name: KEYSTONE_DATABASE_PASSWORD valueFrom: secretKeyRef: name: keystone-database-password key: password - image: "{{ keystone_image_full }}" name: keystone-bootstrap volumeMounts: - mountPath: {{ container_config_directory }} name: keystone-config readOnly: true - mountPath: /var/log/kolla/keystone name: kolla-logs-bootstrap env: - name: KOLLA_KUBERNETES value: "" - name: KOLLA_BOOTSTRAP value: "" - name: KOLLA_CONFIG_STRATEGY value: "{{ config_strategy }}" - image: "{{ keystone_image_full }}" name: keystone-endpoints # TODO: figure out why openstack_auth.* is not readered properly #{{ openstack_auth.username }} #{{ openstack_auth.password }} #{{ openstack_auth.project_name }} command: ["sh", "-c", "sudo -E kolla_set_configs; kolla_keystone_bootstrap admin $KEYSTONE_ADMIN_PASSWORD admin admin {{ keystone_admin_url }} {{ keystone_internal_url }} {{ keystone_public_url }} {{ openstack_region_name }}"] volumeMounts: - mountPath: {{ container_config_directory }} name: keystone-config readOnly: true - mountPath: /var/log/kolla/keystone name: kolla-logs env: - name: KOLLA_KUBERNETES value: "" - name: KOLLA_CONFIG_STRATEGY value: "{{ config_strategy }}" - name: KEYSTONE_ADMIN_PASSWORD valueFrom: secretKeyRef: name: keystone-admin-password key: password volumes: - name: keystone-config configMap: name: keystone-configmap - name: dev hostPath: path: /dev - name: run hostPath: path: /run - name: etc-localtime hostPath: path: /etc/localtime - name: kolla-logs emptyDir: {} - name: kolla-logs-bootstrap emptyDir: {}