Merge "Use openstack ansible collection instead of os_ modules" into stable/train
This commit is contained in:
commit
5cfb84dc23
|
@ -27,7 +27,7 @@
|
||||||
- stack_name
|
- stack_name
|
||||||
tasks:
|
tasks:
|
||||||
- name: Delete heat stack
|
- name: Delete heat stack
|
||||||
os_stack:
|
openstack.cloud.stack:
|
||||||
name: "{{ stack_name }}"
|
name: "{{ stack_name }}"
|
||||||
state: absent
|
state: absent
|
||||||
register: stack_delete
|
register: stack_delete
|
||||||
|
|
|
@ -33,6 +33,7 @@
|
||||||
- python3-openstackclient
|
- python3-openstackclient
|
||||||
- python3-keystoneclient
|
- python3-keystoneclient
|
||||||
- ansible
|
- ansible
|
||||||
|
- ansible-collections-openstack
|
||||||
|
|
||||||
- name: Build keystone container
|
- name: Build keystone container
|
||||||
shell: "podman build -t keystone-img -f {{ playbook_dir }}/Dockerfile.keystone ."
|
shell: "podman build -t keystone-img -f {{ playbook_dir }}/Dockerfile.keystone ."
|
||||||
|
|
|
@ -15,7 +15,7 @@
|
||||||
# under the License.
|
# under the License.
|
||||||
|
|
||||||
- name: Create default domain
|
- name: Create default domain
|
||||||
os_keystone_domain:
|
openstack.cloud.identity_domain:
|
||||||
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
||||||
name: default
|
name: default
|
||||||
|
|
||||||
|
@ -27,12 +27,12 @@
|
||||||
- service
|
- service
|
||||||
|
|
||||||
- name: Create admin role
|
- name: Create admin role
|
||||||
os_keystone_role:
|
openstack.cloud.identity_role:
|
||||||
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
||||||
name: admin
|
name: admin
|
||||||
|
|
||||||
- name: Create _member_ role
|
- name: Create _member_ role
|
||||||
os_keystone_role:
|
openstack.cloud.identity_role:
|
||||||
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
||||||
name: _member_
|
name: _member_
|
||||||
when:
|
when:
|
||||||
|
@ -40,7 +40,7 @@
|
||||||
|
|
||||||
- name: Create admin user
|
- name: Create admin user
|
||||||
no_log: "{{ tripleo_keystone_resources_hide_sensitive_logs | bool }}"
|
no_log: "{{ tripleo_keystone_resources_hide_sensitive_logs | bool }}"
|
||||||
os_user:
|
openstack.cloud.identity_user:
|
||||||
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
||||||
name: admin
|
name: admin
|
||||||
password: "{{ tripleo_keystone_resources_admin_password }}"
|
password: "{{ tripleo_keystone_resources_admin_password }}"
|
||||||
|
@ -49,14 +49,14 @@
|
||||||
domain: default
|
domain: default
|
||||||
|
|
||||||
- name: Assign admin role to admin project for admin user
|
- name: Assign admin role to admin project for admin user
|
||||||
os_user_role:
|
openstack.cloud.role_assignment:
|
||||||
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
||||||
user: admin
|
user: admin
|
||||||
project: admin
|
project: admin
|
||||||
role: admin
|
role: admin
|
||||||
|
|
||||||
- name: Assign _member_ role to admin project for admin user
|
- name: Assign _member_ role to admin project for admin user
|
||||||
os_user_role:
|
openstack.cloud.role_assignment:
|
||||||
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
||||||
user: admin
|
user: admin
|
||||||
project: admin
|
project: admin
|
||||||
|
@ -65,13 +65,13 @@
|
||||||
- keystone_enable_member | default(tripleo_keystone_resources_member_role_enabled)
|
- keystone_enable_member | default(tripleo_keystone_resources_member_role_enabled)
|
||||||
|
|
||||||
- name: Create identity service
|
- name: Create identity service
|
||||||
os_keystone_service:
|
openstack.cloud.catalog_service:
|
||||||
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
||||||
name: keystone
|
name: keystone
|
||||||
service_type: identity
|
service_type: identity
|
||||||
|
|
||||||
- name: Create identity public endpoint
|
- name: Create identity public endpoint
|
||||||
os_keystone_endpoint:
|
openstack.cloud.endpoint:
|
||||||
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
||||||
service: keystone
|
service: keystone
|
||||||
url: "{{ tripleo_keystone_resources_public_endpoint }}"
|
url: "{{ tripleo_keystone_resources_public_endpoint }}"
|
||||||
|
@ -79,7 +79,7 @@
|
||||||
region: "{{ tripleo_keystone_resources_region }}"
|
region: "{{ tripleo_keystone_resources_region }}"
|
||||||
|
|
||||||
- name: Create identity internal endpoint
|
- name: Create identity internal endpoint
|
||||||
os_keystone_endpoint:
|
openstack.cloud.endpoint:
|
||||||
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
||||||
service: keystone
|
service: keystone
|
||||||
url: "{{ tripleo_keystone_resources_internal_endpoint }}"
|
url: "{{ tripleo_keystone_resources_internal_endpoint }}"
|
||||||
|
@ -87,7 +87,7 @@
|
||||||
region: "{{ tripleo_keystone_resources_region }}"
|
region: "{{ tripleo_keystone_resources_region }}"
|
||||||
|
|
||||||
- name: Create identity admin endpoint
|
- name: Create identity admin endpoint
|
||||||
os_keystone_endpoint:
|
openstack.cloud.endpoint:
|
||||||
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
||||||
service: keystone
|
service: keystone
|
||||||
url: "{{ tripleo_keystone_resources_admin_endpoint }}"
|
url: "{{ tripleo_keystone_resources_admin_endpoint }}"
|
||||||
|
|
|
@ -15,7 +15,7 @@
|
||||||
# under the License.
|
# under the License.
|
||||||
|
|
||||||
- name: Async creation of Keystone domains
|
- name: Async creation of Keystone domains
|
||||||
os_keystone_domain:
|
openstack.cloud.identity_domain:
|
||||||
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
||||||
name: "{{ tripleo_keystone_resources_domain }}"
|
name: "{{ tripleo_keystone_resources_domain }}"
|
||||||
state: present
|
state: present
|
||||||
|
|
|
@ -15,7 +15,7 @@
|
||||||
# under the License.
|
# under the License.
|
||||||
|
|
||||||
- name: "Async creation of Keystone {{ keystone_endpoint_type }} endpoint"
|
- name: "Async creation of Keystone {{ keystone_endpoint_type }} endpoint"
|
||||||
os_keystone_endpoint:
|
openstack.cloud.endpoint:
|
||||||
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
||||||
service: "{{ tripleo_keystone_resources_data.key }}"
|
service: "{{ tripleo_keystone_resources_data.key }}"
|
||||||
url: "{{ tripleo_keystone_resources_data['value']['endpoints'][keystone_endpoint_type] }}"
|
url: "{{ tripleo_keystone_resources_data['value']['endpoints'][keystone_endpoint_type] }}"
|
||||||
|
|
|
@ -15,7 +15,7 @@
|
||||||
# under the License.
|
# under the License.
|
||||||
|
|
||||||
- name: Collect OpenStack Keystone domains infos
|
- name: Collect OpenStack Keystone domains infos
|
||||||
os_keystone_domain_info:
|
openstack.cloud.identity_domain_info:
|
||||||
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
||||||
register: domain_result
|
register: domain_result
|
||||||
|
|
|
@ -1,24 +0,0 @@
|
||||||
---
|
|
||||||
# Copyright 2019 Red Hat, Inc.
|
|
||||||
# All Rights Reserved.
|
|
||||||
#
|
|
||||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
||||||
# not use this file except in compliance with the License. You may obtain
|
|
||||||
# a copy of the License at
|
|
||||||
#
|
|
||||||
# http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
#
|
|
||||||
# Unless required by applicable law or agreed to in writing, software
|
|
||||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
||||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
||||||
# License for the specific language governing permissions and limitations
|
|
||||||
# under the License.
|
|
||||||
#
|
|
||||||
- name: Collect OpenStack Keystone domains facts
|
|
||||||
os_keystone_domain_facts:
|
|
||||||
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
|
||||||
register: tripleo_domains_facts
|
|
||||||
|
|
||||||
- name: Create openstack_domains fact
|
|
||||||
set_fact:
|
|
||||||
openstack_domains: "{{ tripleo_domains_facts['ansible_facts']['openstack_domains'] }}"
|
|
|
@ -47,23 +47,8 @@
|
||||||
loop_control:
|
loop_control:
|
||||||
loop_var: batched_tripleo_keystone_resources_domains
|
loop_var: batched_tripleo_keystone_resources_domains
|
||||||
|
|
||||||
# We need to gather domains so later we can convert a domain name into a domain ID.
|
|
||||||
# This is needed because os_user_role doesn't do the conversion yet in the version
|
|
||||||
# of Ansible that we use. This block will disappear once we use the new modules
|
|
||||||
# from OpenStack collections.
|
|
||||||
# In recents version of Ansible, this module was renamed to os_keystone_domain_info.
|
|
||||||
# Which is why we don't use the same module to gather domains infos.
|
|
||||||
- name: Gather all OpenStack domains for Ansible < 2.9.0
|
|
||||||
include_tasks: gather_domains_old.yml
|
|
||||||
# See https://github.com/ansible/ansible/commit/c91929b2b302b37af22d785641a7fe704003662a
|
|
||||||
when:
|
|
||||||
- ansible_version.full is version_compare('2.9.0', '<')
|
|
||||||
|
|
||||||
- name: Gather all OpenStack domains for Ansible >= 2.9.0
|
- name: Gather all OpenStack domains for Ansible >= 2.9.0
|
||||||
include_tasks: gather_domains_new.yml
|
include_tasks: gather_domains.yml
|
||||||
# See https://github.com/ansible/ansible/commit/c91929b2b302b37af22d785641a7fe704003662a
|
|
||||||
when:
|
|
||||||
- ansible_version.full is version_compare('2.9.0', '>=')
|
|
||||||
|
|
||||||
- name: Create Keystone Services
|
- name: Create Keystone Services
|
||||||
include_tasks: services.yml
|
include_tasks: services.yml
|
||||||
|
|
|
@ -15,7 +15,7 @@
|
||||||
# under the License.
|
# under the License.
|
||||||
|
|
||||||
- name: Async creation of Keystone project
|
- name: Async creation of Keystone project
|
||||||
os_project:
|
openstack.cloud.project:
|
||||||
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
||||||
name: "{{ tripleo_keystone_resources_project }}"
|
name: "{{ tripleo_keystone_resources_project }}"
|
||||||
domain_id: default
|
domain_id: default
|
||||||
|
|
|
@ -15,7 +15,7 @@
|
||||||
# under the License.
|
# under the License.
|
||||||
|
|
||||||
- name: Async creation of Keystone role
|
- name: Async creation of Keystone role
|
||||||
os_keystone_role:
|
openstack.cloud.identity_role:
|
||||||
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
||||||
name: "{{ tripleo_keystone_resources_role }}"
|
name: "{{ tripleo_keystone_resources_role }}"
|
||||||
state: present
|
state: present
|
||||||
|
|
|
@ -15,7 +15,7 @@
|
||||||
# under the License.
|
# under the License.
|
||||||
|
|
||||||
- name: Async creation of Keystone service
|
- name: Async creation of Keystone service
|
||||||
os_keystone_service:
|
openstack.cloud.catalog_service:
|
||||||
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
||||||
name: "{{ tripleo_keystone_resources_data.key }}"
|
name: "{{ tripleo_keystone_resources_data.key }}"
|
||||||
service_type: "{{ tripleo_keystone_resources_data.value.service }}"
|
service_type: "{{ tripleo_keystone_resources_data.value.service }}"
|
||||||
|
|
|
@ -15,7 +15,7 @@
|
||||||
# under the License.
|
# under the License.
|
||||||
|
|
||||||
- name: "Async assignment of Keystone user to roles"
|
- name: "Async assignment of Keystone user to roles"
|
||||||
os_user_role:
|
openstack.cloud.role_assignment:
|
||||||
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
||||||
user: "{{ lookup('dict', tripleo_keystone_resources_data_user).key }}"
|
user: "{{ lookup('dict', tripleo_keystone_resources_data_user).key }}"
|
||||||
project: "{{ lookup('dict', tripleo_keystone_resources_data_user).value.project | default(omit) }}"
|
project: "{{ lookup('dict', tripleo_keystone_resources_data_user).value.project | default(omit) }}"
|
||||||
|
|
|
@ -16,7 +16,7 @@
|
||||||
|
|
||||||
- name: "Async assignment of Keystone user per role"
|
- name: "Async assignment of Keystone user per role"
|
||||||
include_tasks: user_per_role.yml
|
include_tasks: user_per_role.yml
|
||||||
# This loop is required as a user can have multiple roles but the os_user_role doesn't handle it.
|
# This loop is required as a user can have multiple roles but the role_assignment module doesn't handle it.
|
||||||
loop: "{{ batched_tripleo_keystone_resources_roles_data.value | batch(tripleo_keystone_resources_batch) | list }}"
|
loop: "{{ batched_tripleo_keystone_resources_roles_data.value | batch(tripleo_keystone_resources_batch) | list }}"
|
||||||
loop_control:
|
loop_control:
|
||||||
loop_var: tripleo_keystone_resources_data_users
|
loop_var: tripleo_keystone_resources_data_users
|
||||||
|
|
|
@ -17,7 +17,7 @@
|
||||||
- name: "Async creation of Keystone user"
|
- name: "Async creation of Keystone user"
|
||||||
# needed because it'll throw a warning if you have update_password without it
|
# needed because it'll throw a warning if you have update_password without it
|
||||||
no_log: "{{ tripleo_keystone_resources_hide_sensitive_logs | bool }}"
|
no_log: "{{ tripleo_keystone_resources_hide_sensitive_logs | bool }}"
|
||||||
os_user:
|
openstack.cloud.identity_user:
|
||||||
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
cloud: "{{ tripleo_keystone_resources_cloud_name }}"
|
||||||
name: "{{ lookup('dict', tripleo_keystone_resources_data).key }}"
|
name: "{{ lookup('dict', tripleo_keystone_resources_data).key }}"
|
||||||
password: "{{ lookup('dict', tripleo_keystone_resources_data).value.password }}"
|
password: "{{ lookup('dict', tripleo_keystone_resources_data).value.password }}"
|
||||||
|
|
Loading…
Reference in New Issue