diff --git a/defaults/main.yml b/defaults/main.yml index a9153184..95a5b18e 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -92,10 +92,12 @@ keystone_resource_driver: sql keystone_bind_address: 0.0.0.0 ## Database info -keystone_database_connection_string: >- - mysql+pymysql://{{ keystone_galera_user }}:{{ keystone_container_mysql_password }}@{{ keystone_galera_address }}/{{ keystone_galera_database }}?charset=utf8{% if keystone_galera_use_ssl | bool %}&ssl_ca={{ keystone_galera_ssl_ca_cert }}{% endif %} +keystone_db_setup_host: "{{ ('galera_all' in groups) | ternary(groups['galera_all'][0], 'localhost') }}" +keystone_galera_address: "{{ galera_address | default('127.0.0.1') }}" keystone_galera_user: keystone keystone_galera_database: keystone +keystone_database_connection_string: >- + mysql+pymysql://{{ keystone_galera_user }}:{{ keystone_container_mysql_password }}@{{ keystone_galera_address }}/{{ keystone_galera_database }}?charset=utf8{% if keystone_galera_use_ssl | bool %}&ssl_ca={{ keystone_galera_ssl_ca_cert }}{% endif %} ## Database SSL keystone_galera_use_ssl: "{{ galera_use_ssl | default(False) }}" keystone_galera_ssl_ca_cert: "{{ galera_ssl_ca_cert | default('/etc/ssl/certs/galera-ca.pem') }}" diff --git a/examples/playbook.yml b/examples/playbook.yml index c3ae817c..203595d1 100644 --- a/examples/playbook.yml +++ b/examples/playbook.yml @@ -1,59 +1,36 @@ --- - - name: Installation and setup of Keystone - hosts: keystone_all - user: root - pre_tasks: - - name: Create DB for service - mysql_db: - login_user: "root" - login_password: "secrete" - login_host: "localhost" - name: "{{ keystone_galera_database }}" - state: "present" - delegate_to: "{{ keystone_galera_address }}" - when: inventory_hostname == groups['keystone_all'][0] - no_log: true - - name: Grant access to the DB for the service - mysql_user: - login_user: "root" - login_password: "secrete" - login_host: "localhost" - name: "{{ keystone_galera_database }}" - password: "{{ keystone_container_mysql_password }}" - host: "{{ item }}" - state: "present" - priv: "{{ keystone_galera_database }}.*:ALL" - with_items: - - "localhost" - - "%" - delegate_to: "{{ keystone_galera_address }}" - when: inventory_hostname == groups['keystone_all'][0] - no_log: true - roles: - - { role: "os_keystone", tags: [ "os-keystone" ] } - vars: - external_lb_vip_address: 10.100.100.102 - internal_lb_vip_address: 10.100.100.102 - keystone_galera_address: 10.100.100.101 - keystone_galera_database: keystone - keystone_venv_tag: "testing" - keystone_developer_mode: true - keystone_git_install_branch: master - keystone_auth_admin_password: "SuperSecretePassword" - keystone_service_password: "secrete" - keystone_oslomsg_rpc_password: "secrete" - keystone_oslomsg_notify_password: "secrete" - keystone_container_mysql_password: "SuperSecrete" - keystone_oslomsg_rpc_transport: rabbit - keystone_oslomsg_rpc_servers: 10.100.100.101 - keystone_oslomsg_rpc_port: 5671 - keystone_oslomsg_rpc_use_ssl: true - keystone_oslomsg_rpc_userid: keystone - keystone_oslomsg_rpc_vhost: /keystone - keystone_oslomsg_notify_transport: rabbit - keystone_oslomsg_notify_servers: 10.100.100.101 - keystone_oslomsg_notify_port: 5671 - keystone_oslomsg_notify_use_ssl: true - keystone_oslomsg_notify_userid: keystone - keystone_oslomsg_notify_vhost: /keystone - galera_client_drop_config_file: false +- name: Installation and setup of Keystone + hosts: keystone_all + user: root + roles: + - { role: "os_keystone", tags: [ "os-keystone" ] } + vars: + external_lb_vip_address: 10.100.100.102 + internal_lb_vip_address: 10.100.100.102 + keystone_galera_address: 10.100.100.101 + keystone_galera_database: keystone + keystone_venv_tag: "testing" + keystone_developer_mode: true + keystone_git_install_branch: master + keystone_auth_admin_password: "SuperSecretePassword" + keystone_service_password: "secrete" + keystone_oslomsg_rpc_password: "secrete" + keystone_oslomsg_notify_password: "secrete" + keystone_container_mysql_password: "SuperSecrete" + keystone_oslomsg_rpc_transport: rabbit + keystone_oslomsg_rpc_servers: 10.100.100.101 + keystone_oslomsg_rpc_port: 5671 + keystone_oslomsg_rpc_use_ssl: true + keystone_oslomsg_rpc_userid: keystone + keystone_oslomsg_rpc_vhost: /keystone + keystone_oslomsg_notify_transport: rabbit + keystone_oslomsg_notify_servers: 10.100.100.101 + keystone_oslomsg_notify_port: 5671 + keystone_oslomsg_notify_use_ssl: true + keystone_oslomsg_notify_userid: keystone + keystone_oslomsg_notify_vhost: /keystone + galera_client_drop_config_file: false + galera_root_user: root + vars_prompt: + - name: "galera_root_password" + prompt: "What is galera_root_password?" diff --git a/tasks/keystone_db_setup.yml b/tasks/keystone_db_setup.yml index 8d655642..80f91710 100644 --- a/tasks/keystone_db_setup.yml +++ b/tasks/keystone_db_setup.yml @@ -13,6 +13,32 @@ # See the License for the specific language governing permissions and # limitations under the License. +- name: Create DB for service + mysql_db: + login_user: "{{ galera_root_user }}" + login_password: "{{ galera_root_password }}" + login_host: "{{ keystone_galera_address }}" + name: "{{ keystone_galera_database }}" + state: "present" + delegate_to: "{{ keystone_db_setup_host }}" + no_log: True + +- name: Grant access to the DB for the service + mysql_user: + login_user: "{{ galera_root_user }}" + login_password: "{{ galera_root_password }}" + login_host: "{{ keystone_galera_address }}" + name: "{{ keystone_galera_user }}" + password: "{{ keystone_container_mysql_password }}" + host: "{{ item }}" + state: "present" + priv: "{{ keystone_galera_database }}.*:ALL" + delegate_to: "{{ keystone_db_setup_host }}" + with_items: + - "localhost" + - "%" + no_log: True + - name: Check current state of Keystone DB command: "{{ keystone_bin }}/keystone-manage db_sync --check" become: yes