Merge "Add missing IPA services for queens to train upgrades" into stable/train

2021-01-16 06:31:07 +00:00 · 2021-01-16 06:31:07 +00:00 · e226e0053e
parent 902a41a63d b2ac1d3788
commit e226e0053e
1 changed files with 25 additions and 0 deletions
--- a/deployment/ipa/ipaclient-baremetal-ansible.yaml
+++ b/deployment/ipa/ipaclient-baremetal-ansible.yaml
@ -192,3 +192,28 @@ outputs:
                daemon_reload: true
                name: certmonger.service
            when: ipa_default_conf.stat.exists == False
+      external_deploy_tasks:
+        - name: get IPA conf file
+          when: step|int == 1
+          fetch:
+            src: /etc/ipa/default.conf
+            dest: /tmp/ansible
+        - name: read IPA server name
+          when: step|int == 1
+          set_fact:
+            ipa_server_name: "{{ lookup('ini', 'server section=global file=/tmp/ansible/{{ inventory_hostname }}/etc/ipa/default.conf') }}"
+        - name: add services
+          when: step|int == 1
+          block:
+            - include_role:
+                name: tripleo_ipa_registration
+              vars:
+                tripleo_ipa_enroll_base_server: False
+                tripleo_ipa_delegate_server: "{{ item }}"
+                tripleo_ipa_base_server_fqdn:  "{{ hostvars[item]['fqdn_canonical'] }}"
+                tripleo_ipa_server_metadata: "{{ hostvars[item]['service_metadata_settings'] | to_json }}"
+              loop: "{{ groups.certmonger_user }}"
+          environment:
+            IPA_USER: "nova/{{ ansible_fqdn }}"
+            KRB5_CLIENT_KTNAME: "/etc/novajoin/krb5.keytab"
+            IPA_HOST: "{{ ipa_server_name }}"