1eeb7bbee1
New role has the ability to deploy a FreeIPA server - Update undercloud-deploy role to check hostvars for freeipa related vars set during role execution - Update novajoin_prep.sh to set IPA server as dns server Closes-Bug: 1662923 Change-Id: I53323511aabf0d616805efab6edde4acc7bedf11
35 lines
1.0 KiB
Django/Jinja
35 lines
1.0 KiB
Django/Jinja
#!/usr/bin/env bash
|
|
set -eux
|
|
|
|
### --start_docs
|
|
|
|
## Set up the necessary permissions/privileges in novajoin
|
|
## =======================================================
|
|
|
|
|
|
## * Ensure that the undercloud is using the FreeIPA server
|
|
## as its DNS server
|
|
|
|
## .. Note:: You may not use sudo and use output redirection '>'::
|
|
|
|
sudo /bin/su -c "echo 'nameserver {{ undercloud_undercloud_nameservers[-1] }}' > /etc/resolv.conf"
|
|
|
|
## * Set up FreeIPA permissions and privileges and get the OTP.
|
|
## ::
|
|
|
|
sudo /usr/libexec/novajoin-ipa-setup \
|
|
--principal admin \
|
|
{% if deploy_supplemental_node|bool %}
|
|
--password {{ hostvars['supplemental'].freeipa_admin_password }} \
|
|
{% else %}
|
|
--password {{ freeipa_admin_password }} \
|
|
{% endif %}
|
|
--server {{ freeipa_server_hostname }} \
|
|
--realm $(echo {{ overcloud_cloud_domain }} | awk '{print toupper($0)}') \
|
|
--domain {{ overcloud_cloud_domain }} \
|
|
--hostname {{ undercloud_undercloud_hostname }} \
|
|
--otp-file {{ freeipa_otp_key }} \
|
|
--precreate
|
|
|
|
### --stop_docs
|