With addition of pip_install on every node, we don't need to have pip_install as a meta dependency. Depends-On: If3412bb888ebb854874bbc43eb76bfcb3e4a7868 Depends-On: I79ff70c438b44753be2a93f004ebbc46de0a963d Change-Id: Ie72283fc39355bb798a90ce3347a197d1b8e5e37
2.4 KiB
Keystone role for OpenStack-Ansible
configure-keystone.rst configure-federation.rst configure-federation-wrapper.rst configure-federation-sp.rst configure-federation-idp.rst configure-federation-mapping.rst
To clone or view the source code for this repository, visit the role repository for os_keystone.
Default variables
../../defaults/main.yml
Dependencies
This role needs pip >= 7.1 installed on the target host.
To use this role, define the following variables:
# hostname or IP of load balancer providing external network
# access to Keystone
external_lb_vip_address: 10.100.100.102
# hostname or IP of load balancer providing internal network
# access to Keystone
internal_lb_vip_address: 10.100.100.102
# password used by the keystone service to interact with Galera
keystone_container_mysql_password: "YourPassword"
keystone_auth_admin_password: "SuperSecretePassword"
keystone_service_password: "secrete"
keystone_rabbitmq_password: "secrete"
keystone_container_mysql_password: "SuperSecrete"
This list is not exhaustive at present. See role internals for further details.
Example playbook
../../examples/playbook.yml
External Restart Hooks
When the role performs a restart of the service, it will notify an
Ansible handler named Manage LB
, which is a noop within
this role. In the playbook, other roles may be loaded before and after
this role which will implement Ansible handler listeners for
Manage LB
, allowing external roles to manage the load
balancer endpoints responsible for sending traffic to the servers being
restarted by marking them in maintenance or active mode, draining
sessions, etc. For an example implementation, please reference the ansible-haproxy-endpoints
role used by the openstack-ansible project.
Tags
This role supports two tags: keystone-install
and
keystone-config
The keystone-install
tag can be used to install and
upgrade.
The keystone-config
tag can be used to maintain
configuration of the service.