From 41b23acac3b3292693514365d6fd88af0fb33f4f Mon Sep 17 00:00:00 2001 From: kevin Date: Mon, 29 Jun 2015 10:18:55 -0500 Subject: [PATCH] Added in keystone reserved port This change adds a reserved port for keystone based on the defined admin port in the variable `keystone_admin_port`. Please note this task is expected to fail as the current trusty kernel does not support this action (https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1279041) Change-Id: I18ef63747369c6722194b6412fea24fbb248ab1d Partial-Bug: #1426371 Signed-off-by: Kevin Carter --- playbooks/os-keystone-install.yml | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/playbooks/os-keystone-install.yml b/playbooks/os-keystone-install.yml index 0bf1a286b7..46fa2ce1c2 100644 --- a/playbooks/os-keystone-install.yml +++ b/playbooks/os-keystone-install.yml @@ -71,6 +71,23 @@ when: is_metal | bool tags: - keystone-logs + # todo(cloudnull): this task is being run only if/when keystone is installed on a physical host. + # This is not being run within a container because it is an unsupported action due to this + # issue: (https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1279041) + # This issue was resolved however we'll need to eval it in the next LTS release. + # Related OSA Bug: https://launchpad.net/bugs/1426371 + - name: Add keystone reserved port to physical host + sysctl: + name: "{{ item.key }}" + value: "{{ item.value }}" + sysctl_set: "{{ item.set|default('yes') }}" + state: "{{ item.state|default('present') }}" + reload: "{{ item.reload|default('yes') }}" + with_items: + - { key: "net.ipv4.ip_local_reserved_ports", value: "{{ keystone_admin_port }}"} + when: is_metal | bool + tags: + - keystone-reserved-port roles: - role: "os_keystone" keystone_venv_tag: "{{ openstack_release }}" @@ -91,5 +108,7 @@ - "system-crontab-coordination" vars: galera_address: "{{ internal_lb_vip_address }}" + keystone_admin_port: 35357 ansible_hostname: "{{ container_name }}" is_metal: "{{ properties.is_metal|default(false) }}" +