134 lines
4.5 KiB
Django/Jinja
134 lines
4.5 KiB
Django/Jinja
apiVersion: batch/v1
|
|
kind: Job
|
|
metadata:
|
|
name: keystone-bootstrap
|
|
spec:
|
|
template:
|
|
metadata:
|
|
name: keystone-bootstrap
|
|
spec:
|
|
restartPolicy: OnFailure
|
|
containers:
|
|
- image: "{{ kolla_toolbox_image_full }}"
|
|
name: creating-keystone-database
|
|
command: ["sh", "-c"]
|
|
args:
|
|
- ansible localhost -m mysql_db -a
|
|
"login_host='{{ keystone_database_address }}'
|
|
login_port='{{ mariadb_port }}'
|
|
login_user='{{ database_user }}'
|
|
login_password='$DATABASE_PASSWORD'
|
|
name='{{ keystone_database_name }}'"
|
|
volumeMounts:
|
|
- mountPath: /dev
|
|
name: dev
|
|
- mountPath: /run
|
|
name: run
|
|
env:
|
|
- name: ANSIBLE_NOCOLOR
|
|
value: "1"
|
|
- name: ANSIBLE_LIBRARY
|
|
value: "/usr/share/ansible"
|
|
- name: DATABASE_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: database-password
|
|
key: password
|
|
- image: "{{ kolla_toolbox_image_full }}"
|
|
name: creating-keystone-user-and-permissions
|
|
command: ["sh", "-c"]
|
|
args:
|
|
- ansible localhost -m mysql_user -a
|
|
"login_host='{{ keystone_database_address }}'
|
|
login_port='{{ mariadb_port }}'
|
|
login_user='{{ database_user }}'
|
|
login_password='$DATABASE_PASSWORD'
|
|
name='{{ keystone_database_name }}'
|
|
password='$KEYSTONE_DATABASE_PASSWORD'
|
|
host='%'
|
|
priv='{{ keystone_database_name }}.*:ALL'
|
|
append_privs='yes'"
|
|
volumeMounts:
|
|
- mountPath: /dev
|
|
name: dev
|
|
- mountPath: /run
|
|
name: run
|
|
env:
|
|
- name: ANSIBLE_NOCOLOR
|
|
value: "1"
|
|
- name: ANSIBLE_LIBRARY
|
|
value: "/usr/share/ansible"
|
|
- name: DATABASE_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: database-password
|
|
key: password
|
|
- name: KEYSTONE_DATABASE_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: keystone-database-password
|
|
key: password
|
|
- image: "{{ keystone_image_full }}"
|
|
name: keystone-bootstrap
|
|
volumeMounts:
|
|
- mountPath: {{ container_config_directory }}
|
|
name: keystone-config
|
|
readOnly: true
|
|
- mountPath: /var/log/kolla/keystone
|
|
name: kolla-logs-bootstrap
|
|
env:
|
|
- name: KOLLA_KUBERNETES
|
|
value: ""
|
|
- name: KOLLA_BOOTSTRAP
|
|
value: ""
|
|
- name: KOLLA_CONFIG_STRATEGY
|
|
value: "{{ config_strategy }}"
|
|
- image: "{{ keystone_image_full }}"
|
|
name: keystone-endpoints
|
|
# TODO: figure out why openstack_auth.* is not readered properly
|
|
#{{ openstack_auth.username }}
|
|
#{{ openstack_auth.password }}
|
|
#{{ openstack_auth.project_name }}
|
|
command: ["sh", "-c", "sudo -E kolla_set_configs;
|
|
kolla_keystone_bootstrap admin
|
|
$KEYSTONE_ADMIN_PASSWORD
|
|
admin
|
|
admin
|
|
{{ keystone_admin_url }}
|
|
{{ keystone_internal_url }}
|
|
{{ keystone_public_url }}
|
|
{{ openstack_region_name }}"]
|
|
volumeMounts:
|
|
- mountPath: {{ container_config_directory }}
|
|
name: keystone-config
|
|
readOnly: true
|
|
- mountPath: /var/log/kolla/keystone
|
|
name: kolla-logs
|
|
env:
|
|
- name: KOLLA_KUBERNETES
|
|
value: ""
|
|
- name: KOLLA_CONFIG_STRATEGY
|
|
value: "{{ config_strategy }}"
|
|
- name: KEYSTONE_ADMIN_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: keystone-admin-password
|
|
key: password
|
|
volumes:
|
|
- name: keystone-config
|
|
configMap:
|
|
name: keystone-configmap
|
|
- name: dev
|
|
hostPath:
|
|
path: /dev
|
|
- name: run
|
|
hostPath:
|
|
path: /run
|
|
- name: etc-localtime
|
|
hostPath:
|
|
path: /etc/localtime
|
|
- name: kolla-logs
|
|
emptyDir: {}
|
|
- name: kolla-logs-bootstrap
|
|
emptyDir: {}
|