Merge "Split IPSEC deployment in two"
This commit is contained in:
Zuul
Gerrit Code Review
commit
313d42c4c7
@ -85,13 +85,20 @@ outputs:
|
|||||||
- name: generate ipsec global vars
|
- name: generate ipsec global vars
|
||||||
set_fact:
|
set_fact:
|
||||||
ipsec_psk: "{{ generated_psk.stdout }}"
|
ipsec_psk: "{{ generated_psk.stdout }}"
|
||||||
ipsec_skip_firewall_rules: true
|
|
||||||
delegate_to: "{{item}}"
|
delegate_to: "{{item}}"
|
||||||
delegate_facts: true
|
delegate_facts: true
|
||||||
no_log: true
|
no_log: true
|
||||||
with_items:
|
with_items:
|
||||||
- "{{ groups.ipsec }}"
|
- "{{ groups.ipsec }}"
|
||||||
deploy_steps_tasks:
|
deploy_steps_tasks:
|
||||||
|
- name: IPSEC configuration on step 1
|
||||||
|
when: step == '1'
|
||||||
|
block:
|
||||||
|
- include_role:
|
||||||
|
name: tripleo-ipsec
|
||||||
|
vars:
|
||||||
|
ipsec_configure_vips: false
|
||||||
|
ipsec_skip_firewall_rules: false
|
||||||
# In step 2 the pacemaker resources are created and the VIPs
|
# In step 2 the pacemaker resources are created and the VIPs
|
||||||
# are assigned to the nodes. We need those VIPs to be assigned
|
# are assigned to the nodes. We need those VIPs to be assigned
|
||||||
# already before setting up the IPSEC tunnels. Hence we do this
|
# already before setting up the IPSEC tunnels. Hence we do this
|
||||||
@ -101,3 +108,6 @@ outputs:
|
|||||||
block:
|
block:
|
||||||
- include_role:
|
- include_role:
|
||||||
name: tripleo-ipsec
|
name: tripleo-ipsec
|
||||||
|
vars:
|
||||||
|
ipsec_configure_vips: true
|
||||||
|
ipsec_skip_firewall_rules: true
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user