openstack
/
tripleo-heat-templates
Code Issues Proposed changes

Make sure IdMServer is optional 

When IPA_HOST is an empty string, the ansible module doesn't
fallback on DNS. The environment variable must be not defined,
if the value is an empty string. This might be fixed in a future:
https://github.com/ansible-collections/community.general/pull/241
This change also adds a note to the description, because in case
the server is provided, the domain is required:
https://pagure.io/freeipa/issue/3912

Change-Id: Idf38c234e50442aed082d9a0ebbd488344d50a90
This commit is contained in:
Grzegorz Grasza 2020-05-04 14:57:30 +02:00
parent 29a7fb84ce
commit 593d3c8ce1
1 changed files with 14 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
deployment/ipa/ipaservices-baremetal-ansible.yaml
View File

@ -43,7 +43,8 @@ parameters:
type: string type: string
IdMServer: IdMServer:
default: '' default: ''
description: FQDN for the FreeIPA server. Typically, this is discovered description: FQDN for the FreeIPA server. If you set this value, IdMDomain
also has to be provided. Typically, this is discovered
through DNS and does not have to set explicitly. through DNS and does not have to set explicitly.
type: string type: string
IdMNovaKeytab: IdMNovaKeytab:
@ -72,6 +73,11 @@ parameters:
description: The level by which the PTR DNS record is split when creating zones. description: The level by which the PTR DNS record is split when creating zones.
type: string type: string
conditions:
idm_server_provided:
not:
equals: [{get_param: IdMServer}, ""]
outputs: outputs:
role_data: role_data:
description: Role data for the ipaservice service description: Role data for the ipaservice service
@ -97,9 +103,13 @@ outputs:
tripleo_ipa_ptr_zone_split_ipv4: {get_param: IdMZoneSplitIPv4} tripleo_ipa_ptr_zone_split_ipv4: {get_param: IdMZoneSplitIPv4}
tripleo_ipa_ptr_zone_split_ipv6: {get_param: IdMZoneSplitIPv6} tripleo_ipa_ptr_zone_split_ipv6: {get_param: IdMZoneSplitIPv6}
environment: environment:
IPA_HOST: {get_param: IdMServer} if:
IPA_USER: "nova/{{ ansible_fqdn }}" - idm_server_provided
KRB5_CLIENT_KTNAME: {get_param: IdMNovaKeytab} - IPA_HOST: {get_param: IdMServer}
IPA_USER: "nova/{{ ansible_fqdn }}"
KRB5_CLIENT_KTNAME: {get_param: IdMNovaKeytab}
- IPA_USER: "nova/{{ ansible_fqdn }}"
KRB5_CLIENT_KTNAME: {get_param: IdMNovaKeytab}
deploy_steps_tasks: deploy_steps_tasks:
- name: enroll the node as an ipa client - name: enroll the node as an ipa client
when: step|int == 1 when: step|int == 1