Upgrade the Keystone library to use v3
In order to enable and deploy federated Keystone, we need to use version 3 of the Keystone API and the v3 Keystone Client. This work begins that transition by having a set of backwards compatible library commands. Specifically, this commit updates the keystone library to use v3 Keystone Client and the usage of ensure_tenant in the os_keystone tasks to use the v3 admin url. In version 3 of Keystone's Endpoints (Catalog) API each endpoint only has one URL and has separate interface types (public, internal, admin). This change updates all uses of ensure_endpoint to structure the endpoint data in a better way for the ensure_endpoint command in the keystone module. As a result, some incidents where internalurl and adminurl were swapped have been fixed. Note: In new deployments the endpoints will be created using the v3 API and will therefore not be available via the v2 API. This will be a breaking change to legacy CLI clients. The openstack CLI should be used instead. DocImpact Related-Bug: #1470635 Partially-implements: blueprint keystone-federation Change-Id: I2cd4f505e850b4b113452abc25ee00d486b1637d
This commit is contained in:
Ian Cordasco
Miguel Grinberg
parent
5c687498c7
commit
01351a4cd9
|
|
@ -102,18 +102,20 @@ keystone_service_user_name: keystone
|
|||
keystone_service_tenant_name: service
|
||||
|
||||
keystone_service_publicuri: "{{ keystone_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ keystone_service_port }}"
|
||||
keystone_service_publicurl: "{{ keystone_service_publicuri }}/v2.0"
|
||||
keystone_service_internaluri: "{{ keystone_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ keystone_service_port }}"
|
||||
keystone_service_internalurl: "{{ keystone_service_internaluri }}/v2.0"
|
||||
keystone_service_adminuri: "{{ keystone_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ keystone_admin_port }}"
|
||||
keystone_service_adminurl: "{{ keystone_service_adminuri }}/v2.0"
|
||||
|
||||
keystone_service_publicuri_v3: "{{ keystone_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ keystone_service_port }}"
|
||||
keystone_service_publicurl_v3: "{{ keystone_service_publicuri_v3 }}/v3"
|
||||
keystone_service_internaluri_v3: "{{ keystone_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ keystone_service_port }}"
|
||||
keystone_service_internalurl_v3: "{{ keystone_service_internaluri_v3 }}/v3"
|
||||
keystone_service_adminuri_v3: "{{ keystone_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ keystone_admin_port }}"
|
||||
keystone_service_adminurl_v3: "{{ keystone_service_adminuri_v3 }}/v3"
|
||||
keystone_service_publicurl_v2: "{{ keystone_service_publicuri }}/v2.0"
|
||||
keystone_service_internalurl_v2: "{{ keystone_service_internaluri }}/v2.0"
|
||||
keystone_service_adminurl_v2: "{{ keystone_service_adminuri }}/v2.0"
|
||||
|
||||
keystone_service_publicurl_v3: "{{ keystone_service_publicuri }}/v3"
|
||||
keystone_service_internalurl_v3: "{{ keystone_service_internaluri }}/v3"
|
||||
keystone_service_adminurl_v3: "{{ keystone_service_adminuri }}/v3"
|
||||
|
||||
keystone_service_publicurl: "{{ keystone_service_publicurl_v3 }}"
|
||||
keystone_service_internalurl: "{{ keystone_service_internalurl_v3 }}"
|
||||
keystone_service_adminurl: "{{ keystone_service_adminurl_v3 }}"
|
||||
|
||||
## Set this value to override the "public_endpoint" keystone.conf variable
|
||||
#keystone_public_endpoint:
|
||||
|
|
|
|||
|
|
@ -194,10 +194,14 @@
|
|||
region_name: "{{ keystone_service_region }}"
|
||||
service_name: "{{ keystone_service_name }}"
|
||||
service_type: "{{ keystone_service_type }}"
|
||||
publicurl: "{{ keystone_service_publicurl }}"
|
||||
adminurl: "{{ keystone_service_adminurl }}"
|
||||
internalurl: "{{ keystone_service_internalurl }}"
|
||||
insecure: "{{ keystone_service_adminuri_insecure }}"
|
||||
endpoint_list:
|
||||
- url: "{{ keystone_service_publicurl }}"
|
||||
interface: "public"
|
||||
- url: "{{ keystone_service_adminurl_v3 }}"
|
||||
interface: "admin"
|
||||
- url: "{{ keystone_service_internalurl }}"
|
||||
interface: "internal"
|
||||
register: add_service
|
||||
until: add_service|success
|
||||
retries: 5
|
||||
|
|
|
|||
Loading…
Reference in New Issue