Go to file

Jean-Philippe Evrard 4f30d3a33c Force a restart of all the apache nodes during upgrade

During the upgrades, the venv path will change and therefore the
apache configuration file will change too.

However we apply the restart of apache after the keystone_service_setup
for nodes [1:] (the first node gets restarted as first task of the
keystone_service_setup).

So during an upgrade, because apache is up, the configuration file has
changed but apache still serves the old code (because not restarted yet
on the nodes 1 and above) when the keystone_service_setup is applied.

The keystone module can then hit any node in the load balancer, which
could be a different version.

This commit fixes the issue by ensuring apache is restarted and
therefore runs the latest code.

Change-Id: Iac94a8fc337c2139d1876b9753e46815910a0ba0
Signed-off-by: Jean-Philippe Evrard <jean-philippe.evrard@rackspace.co.uk>

2016-08-18 14:26:35 +01:00

defaults

Add support to tune the keystone apache MPM settings

2016-06-21 09:15:32 -05:00

doc

[DOCS] Cleanup the role docs for consistency and clarity

2016-03-10 09:13:41 -05:00

files

Implement keystone venv support

2015-10-14 13:59:47 -05:00

handlers

Keystone Federation Service Provider Configuration

2015-08-07 08:44:51 +00:00

library

Resolve pep8 violations caught by pep8 v1.7.0

2016-01-14 00:45:41 +00:00

README.rst

OpenStack-Ansible Keystone

Ansible role that installs and configures OpenStack Keystone. Keystone is installed behind the Apache webserver listening on port 5000 and port 35357 by default.

Default Variables

../../defaults/main.yml

Required Variables

This list is not exhaustive at present. See role internals for further details.

# hostname or IP of load balancer providing external network
# access to Keystone
external_lb_vip_address: 10.100.100.102

# hostname or IP of load balancer providing internal network
# access to Keystone
internal_lb_vip_address: 10.100.100.102

# password used by the keystone service to interact with Galera
keystone_container_mysql_password: "YourPassword"

keystone_auth_admin_password: "SuperSecretePassword"
keystone_service_password: "secrete"
keystone_rabbitmq_password: "secrete"
keystone_container_mysql_password: "SuperSecrete"

Example Playbook

- name: Installation and setup of Keystone
  hosts: keystone_all
  user: root
  roles:
    - { role: "os_keystone", tags: [ "os-keystone" ] }
  vars:
    external_lb_vip_address: 10.100.100.102
    internal_lb_vip_address: 10.100.100.102
    keystone_galera_address: 10.100.100.101
    keystone_galera_database: keystone
    keystone_venv_tag: "testing"
    keystone_developer_mode: true
    keystone_git_install_branch: stable/mitaka
    keystone_auth_admin_password: "SuperSecretePassword"
    keystone_service_password: "secrete"
    keystone_rabbitmq_password: "secrete"
    keystone_container_mysql_password: "SuperSecrete"
    keystone_rabbitmq_port: 5671
    keystone_rabbitmq_userid: keystone
    keystone_rabbitmq_vhost: /keystone
    keystone_rabbitmq_servers: 10.100.100.101
    keystone_rabbitmq_use_ssl: true
    galera_client_drop_config_file: false