Merge "Add an option to disable the DNS record modification in FreeIPA"

deployment/ipa/ipaservices-baremetal-ansible.yaml

@@ -64,6 +64,10 @@ parameters:
     default: True
     description:  Set to true to enroll the base server (computes, controllers)
     type: boolean
+  IdMModifyDNS:
+    default: True
+    description: Set to false to disable DNS records manipulation in the FreeIPA server.
+    type: boolean
   IdMZoneSplitIPv4:
     default: 1
     description:  The level by which the PTR DNS record is split when creating zones.
@@ -102,6 +106,7 @@ outputs:
               vars:
                 tripleo_ipa_ptr_zone_split_ipv4: {get_param: IdMZoneSplitIPv4}
                 tripleo_ipa_ptr_zone_split_ipv6: {get_param: IdMZoneSplitIPv6}
+              when: {get_param: IdMModifyDNS}
           environment:
             if:
               - idm_server_provided
@@ -131,17 +136,17 @@ outputs:
                 path: /etc/ipa/default.conf
               register: ipa_conf_exists
             - block:
-              - name: register as an ipa client
-                import_role:
-                  name: ipaclient
-              - name: restart certmonger service
-                systemd:
-                  state: restarted
-                  daemon_reload: true
-                  name: certmonger.service
+                - name: register as an ipa client
+                  import_role:
+                    name: ipaclient
+                - name: restart certmonger service
+                  systemd:
+                    state: restarted
+                    daemon_reload: true
+                    name: certmonger.service
               when:
-              - idm_enroll_base_server|bool
-              - not ipa_conf_exists.stat.exists
+                - idm_enroll_base_server|bool
+                - not ipa_conf_exists.stat.exists
       scale_tasks:
         - when: step|int == 1
           tags: down