d688ab722a
To run TLS-E without novajoin, set undercloud_enable_novajoin to false. To avoid confusion, this changes the previous behavior of undercloud_enable_novajoin flag and it's default value. The original flag wasn't used, because novajoin is only used for TLS-E, so it doesn't make sense to deploy it otherwise. Depends-On: https://review.opendev.org/731383 Depends-On: https://review.opendev.org/740951 Change-Id: Id97074ff7b1341942e8c85fc709a83b33e0af414
26 lines
1.0 KiB
Django/Jinja
26 lines
1.0 KiB
Django/Jinja
#!/usr/bin/env bash
|
|
set -eux
|
|
|
|
### --start_docs
|
|
|
|
## Set up the necessary permissions/privileges in novajoin
|
|
## =======================================================
|
|
|
|
|
|
## * Ensure that the undercloud is using the FreeIPA server
|
|
## as its DNS server
|
|
## * Make sure that the undercloud_undercloud_hostname resolves
|
|
## (undercloud.openstacklocal is originally set in prepare-slave.yml)
|
|
## * Set the hostname to undercloud_undercloud_hostname
|
|
## * Make sure the /etc/novajoin directory is created, so that the keytab can
|
|
## be saved there (ipa-getkeytab doesn't create that directory)
|
|
|
|
## .. Note:: You may not use sudo and use output redirection '>'::
|
|
|
|
sudo /bin/su -c "echo -e 'search {{ overcloud_cloud_domain }}\nnameserver {{ undercloud_undercloud_nameservers[-1] }}' > /etc/resolv.conf"
|
|
sudo sed -i "s/undercloud.openstacklocal/{{ undercloud_undercloud_hostname }} undercloud.openstacklocal/" /etc/hosts
|
|
sudo hostnamectl set-hostname {{ undercloud_undercloud_hostname }}
|
|
|
|
sudo install -d -m 755 --context=system_u:object_r:etc_t:s0 /etc/novajoin
|
|
### --stop_docs
|