Make sure IdMServer is optional

When IPA_HOST is an empty string, the ansible module doesn't
fallback on DNS. The environment variable must be not defined,
if the value is an empty string. This might be fixed in a future:
https://github.com/ansible-collections/community.general/pull/241
This change also adds a note to the description, because in case
the server is provided, the domain is required:
https://pagure.io/freeipa/issue/3912

Change-Id: Idf38c234e50442aed082d9a0ebbd488344d50a90
changes/62/725262/2
Grzegorz Grasza 2 years ago
parent 29a7fb84ce
commit 593d3c8ce1
  1. 18
      deployment/ipa/ipaservices-baremetal-ansible.yaml

@ -43,7 +43,8 @@ parameters:
type: string
IdMServer:
default: ''
description: FQDN for the FreeIPA server. Typically, this is discovered
description: FQDN for the FreeIPA server. If you set this value, IdMDomain
also has to be provided. Typically, this is discovered
through DNS and does not have to set explicitly.
type: string
IdMNovaKeytab:
@ -72,6 +73,11 @@ parameters:
description: The level by which the PTR DNS record is split when creating zones.
type: string
conditions:
idm_server_provided:
not:
equals: [{get_param: IdMServer}, ""]
outputs:
role_data:
description: Role data for the ipaservice service
@ -97,9 +103,13 @@ outputs:
tripleo_ipa_ptr_zone_split_ipv4: {get_param: IdMZoneSplitIPv4}
tripleo_ipa_ptr_zone_split_ipv6: {get_param: IdMZoneSplitIPv6}
environment:
IPA_HOST: {get_param: IdMServer}
IPA_USER: "nova/{{ ansible_fqdn }}"
KRB5_CLIENT_KTNAME: {get_param: IdMNovaKeytab}
if:
- idm_server_provided
- IPA_HOST: {get_param: IdMServer}
IPA_USER: "nova/{{ ansible_fqdn }}"
KRB5_CLIENT_KTNAME: {get_param: IdMNovaKeytab}
- IPA_USER: "nova/{{ ansible_fqdn }}"
KRB5_CLIENT_KTNAME: {get_param: IdMNovaKeytab}
deploy_steps_tasks:
- name: enroll the node as an ipa client
when: step|int == 1

Loading…
Cancel
Save