76 lines
2.6 KiB
YAML
76 lines
2.6 KiB
YAML
service:
|
|
name: keystone
|
|
ports:
|
|
- {{ keystone.public_port }}
|
|
- {{ keystone.admin_port }}
|
|
containers:
|
|
- name: keystone
|
|
image: keystone
|
|
probes:
|
|
readiness: "true"
|
|
liveness: "true"
|
|
volumes:
|
|
- name: keystone-logs
|
|
path: "/var/log/ccp/keystone"
|
|
type: host
|
|
readOnly: False
|
|
pre:
|
|
- name: chown-logs-dir
|
|
command: "sudo /bin/chown keystone:keystone /var/log/ccp/keystone"
|
|
- name: keystone-db-create
|
|
dependencies:
|
|
- mariadb
|
|
type: single
|
|
command:
|
|
mysql -u root -p{{ db.root_password }} -h {{ address('mariadb') }} -e "create database {{ keystone.db.name }};
|
|
grant all privileges on {{ keystone.db.name }}.* to '{{ keystone.db.username }}'@'%' identified by '{{ keystone.db.password }}'"
|
|
- name: keystone-db-sync
|
|
files:
|
|
- keystone-conf
|
|
dependencies:
|
|
- keystone-db-create
|
|
type: single
|
|
command: keystone-manage db_sync
|
|
- name: keystone-db-bootstrap
|
|
files:
|
|
- keystone-conf
|
|
dependencies:
|
|
- keystone-db-sync
|
|
type: single
|
|
command: keystone-manage bootstrap
|
|
--bootstrap-password {{ openstack.user_password }}
|
|
--bootstrap-username {{ openstack.user_name }}
|
|
--bootstrap-project-name {{ openstack.project_name }}
|
|
--bootstrap-role-name {{ openstack.role_name }}
|
|
--bootstrap-service-name keystone --bootstrap-region-id RegionOne
|
|
--bootstrap-admin-url http://{{ address('keystone') }}:{{ keystone.admin_port }}
|
|
--bootstrap-public-url http://{{ address('keystone') }}:{{ keystone.public_port }}
|
|
--bootstrap-internal-url http://{{ address('keystone') }}:{{ keystone.public_port }}
|
|
|
|
daemon:
|
|
dependencies:
|
|
- memcached
|
|
files:
|
|
- keystone-conf
|
|
- wsgi-keystone-conf
|
|
- fernet-key
|
|
command: daemon.sh
|
|
post:
|
|
- name: keystone-create-project
|
|
type: single
|
|
command: openstack project create service
|
|
- name: keystone-create-role-member
|
|
type: single
|
|
command: openstack role create _member_
|
|
|
|
files:
|
|
keystone-conf:
|
|
path: /etc/keystone/keystone.conf
|
|
content: keystone.conf.j2
|
|
wsgi-keystone-conf:
|
|
path: /etc/apache2/conf-enabled/wsgi-keystone.conf
|
|
content: wsgi-keystone.conf.j2
|
|
fernet-key:
|
|
path: /etc/keystone/fernet-keys/1
|
|
content: fernet-key.j2
|