--- # Copyright 2016, Rackspace US, Inc. # # (C) 2016 Michael Rice # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - name: Ensure cloudkitty rating role keystone: command: "ensure_role" role_name: "rating" login_user: "{{ keystone_admin_user_name }}" login_password: "{{ keystone_auth_admin_password }}" login_project_name: "{{ keystone_admin_tenant_name }}" endpoint: "{{ keystone_service_adminurl }}" insecure: "{{ keystone_service_adminuri_insecure }}" tags: - cloudkitty-domain - cloudkitty-domain-role - cloudkitty-domain-setup - cloudkitty-config #- name: Ensure cloudkitty user # keystone: # command: "ensure_user" # user_name: "{{ cloudkitty_username }}" # password: "{{ cloudkitty_user_password }}" # login_user: "{{ keystone_admin_user_name }}" # login_password: "{{ keystone_auth_admin_password }}" # login_project_name: "{{ keystone_admin_tenant_name }}" # endpoint: "{{ keystone_service_adminurl }}" # insecure: "{{ keystone_service_adminuri_insecure }}" # tags: # - cloudkitty-domain # - cloudkitty-domain-setup # - cloudkitty-config # - cloudkitty-command-bin # TODO Change the keystone library to support adding # a user to a domain without specifying a project - name: Ensure cloudkitty user shell: | . {{ ansible_env.HOME }}/openrc {{ cloudkitty_bin }}/openstack {{ keystone_service_adminuri_insecure | bool | ternary('--insecure','') }}\ --os-identity-api-version=3 \ --os-auth-url={{ keystone_service_adminurl }} \ --os-project-name={{ cloudkitty_project_name }} \ --os-project-domain-name={{ cloudkitty_project_domain_name }} \ --os-user-domain-name={{ cloudkitty_user_domain_name }} \ user \ create \ --or-show \ --domain {{ cloudkitty_user_domain_name }} \ --password {{ cloudkitty_user_password }} \ "{{ cloudkitty_username }}" tags: - cloudkitty-domain - cloudkitty-domain-setup - cloudkitty-config - cloudkitty-command-bin - name: Add cloudkitty user to service admin role keystone: command: "ensure_user_role" user_name: "{{ cloudkitty_username }}" project_name: "service" role_name: "admin" login_user: "{{ keystone_admin_user_name }}" login_password: "{{ keystone_auth_admin_password }}" login_project_name: "{{ keystone_admin_tenant_name }}" endpoint: "{{ keystone_service_adminurl }}" insecure: "{{ keystone_service_adminuri_insecure }}" tags: - cloudkitty-domain - cloudkitty-domain-setup - cloudkitty-config - cloudkitty-command-bin - name: Ensure cloudkitty service keystone: command: "ensure_service" service_name: "CloudKitty" service_type: "rating" login_user: "{{ keystone_admin_user_name }}" login_password: "{{ keystone_auth_admin_password }}" login_project_name: "{{ keystone_admin_tenant_name }}" endpoint: "{{ keystone_service_adminurl }}" insecure: "{{ keystone_service_adminuri_insecure }}" tags: - cloudkitty-domain - cloudkitty-domain-setup - cloudkitty-config - cloudkitty-command-bin - name: Ensure cloudkitty endpoints keystone: command: "ensure_endpoint" service_name: "CloudKitty" service_type: "rating" region_name: "{{ service_region }}" endpoint_list: - url: "{{ cloudkitty_service_publicurl }}" interface: "public" - url: "{{ cloudkitty_service_internalurl }}" interface: "internal" - url: "{{ cloudkitty_service_adminurl }}" interface: "admin" login_user: "{{ keystone_admin_user_name }}" login_password: "{{ keystone_auth_admin_password }}" login_project_name: "{{ keystone_admin_tenant_name }}" endpoint: "{{ keystone_service_adminurl }}" insecure: "{{ keystone_service_adminuri_insecure }}" tags: - cloudkitty-domain - cloudkitty-domain-setup - cloudkitty-config - cloudkitty-command-bin