ae68c90b92
This new role is used to register nodes as ipa-clients and configure the services required in IPA using ansible, rather than using novajoin. This is required on the standalone environment, where there is no novajoin. It will also be the implementation used when nova is removed from the undercloud and for pre-provisioned nodes. The existing IpaClient composable service will be removed in a future release. This code replaces the server ipaclient-baremetal-ansible by using a role from freeipa-ansible to register the nodes (controllers, computes) as ipa-clients. In external_tasks, the host entry is created and an otp is stored as a host variable. In deploy_step_tasks, this otp is used to register the node. The IPA configuration tasks are delegated to http://opendev.org/x/tripleo-ipa roles. Co-Authored-By: Grzegorz Grasza <xek@redhat.com> Change-Id: I7dcd4608d3998596c2e4da19a8eca0d48e1fa841 |
||
|---|---|---|
| .. | ||
| enable-internal-tls.j2.yaml | ||
| enable-tls.yaml | ||
| inject-trust-anchor-hiera.yaml | ||
| inject-trust-anchor.yaml | ||
| no-tls-endpoints-public-ip.yaml | ||
| tls-endpoints-public-dns.yaml | ||
| tls-endpoints-public-ip.yaml | ||
| tls-everywhere-endpoints-dns.yaml | ||