Merge "Refactor service, endpoint and user registration"

This commit is contained in:
Zuul 2019-09-18 17:34:14 +00:00 committed by Gerrit Code Review
commit a21b9b5430
82 changed files with 1156 additions and 1452 deletions
ansible/roles
aodh
barbican
blazar
ceilometer
ceph
cinder
cloudkitty
congress
cyborg
designate
freezer
glance
gnocchi
heat
ironic
karbor
keystone
kuryr
magnum
manila
masakari
mistral
monasca
murano
neutron
nova
octavia
panko
placement
qinling
sahara
searchlight
senlin
service-ks-register
defaults
tasks
solum
swift
tacker
trove
vitrage
watcher
zun

@ -147,3 +147,21 @@ aodh_git_repository: "{{ kolla_dev_repos_git }}/{{ project_name }}"
aodh_dev_repos_pull: "{{ kolla_dev_repos_pull }}"
aodh_dev_mode: "{{ kolla_dev_mode }}"
aodh_source_version: "{{ kolla_source_version }}"
####################
# Keystone
####################
aodh_ks_services:
- name: "aodh"
type: "alarming"
description: "OpenStack Alarming Service"
endpoints:
- {'interface': 'admin', 'url': '{{ aodh_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ aodh_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ aodh_public_endpoint }}'}
aodh_ks_users:
- project: "service"
user: "{{ aodh_keystone_user }}"
password: "{{ aodh_keystone_password }}"
role: "admin"

@ -1,36 +1,8 @@
---
- name: Creating the aodh service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "aodh"
service_type: "alarming"
description: "OpenStack Alarming Service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_aodh_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ aodh_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ aodh_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ aodh_public_endpoint }}'}
- name: Creating the aodh project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ aodh_keystone_user }}"
password: "{{ aodh_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_aodh_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_aodh_auth }}"
service_ks_register_services: "{{ aodh_ks_services }}"
service_ks_register_users: "{{ aodh_ks_users }}"
tags: always

@ -115,3 +115,21 @@ barbican_git_repository: "{{ kolla_dev_repos_git }}/{{ project_name }}"
barbican_dev_repos_pull: "{{ kolla_dev_repos_pull }}"
barbican_dev_mode: "{{ kolla_dev_mode }}"
barbican_source_version: "{{ kolla_source_version }}"
####################
# Keystone
####################
barbican_ks_services:
- name: "barbican"
type: "key-manager"
description: "Barbican Key Management Service"
endpoints:
- {'interface': 'admin', 'url': '{{ barbican_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ barbican_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ barbican_public_endpoint }}'}
barbican_ks_users:
- project: "service"
user: "{{ barbican_keystone_user }}"
password: "{{ barbican_keystone_password }}"
role: "admin"

@ -1,39 +1,11 @@
---
- name: Creating the barbican service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "barbican"
service_type: "key-manager"
description: "Barbican Key Management Service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_barbican_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ barbican_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ barbican_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ barbican_public_endpoint }}'}
- name: Creating the barbican project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ barbican_keystone_user }}"
password: "{{ barbican_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_barbican_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_barbican_auth }}"
service_ks_register_services: "{{ barbican_ks_services }}"
service_ks_register_users: "{{ barbican_ks_users }}"
tags: always
- name: Creating default barbican roles
become: true

@ -105,3 +105,21 @@ blazar_notification_topics:
enabled: "{{ enable_ceilometer | bool }}"
blazar_enabled_notification_topics: "{{ blazar_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
####################
# Keystone
####################
blazar_ks_services:
- name: "blazar"
type: "reservation"
description: "OpenStack Reservation Service"
endpoints:
- {'interface': 'admin', 'url': '{{ blazar_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ blazar_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ blazar_public_endpoint }}'}
blazar_ks_users:
- project: "service"
user: "{{ blazar_keystone_user }}"
password: "{{ blazar_keystone_password }}"
role: "admin"

@ -1,36 +1,8 @@
---
- name: Creating the blazar service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "blazar"
service_type: "reservation"
description: "OpenStack Reservation Service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_blazar_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ blazar_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ blazar_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ blazar_public_endpoint }}'}
- name: Creating the blazar project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ blazar_keystone_user }}"
password: "{{ blazar_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_blazar_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_blazar_auth }}"
service_ks_register_services: "{{ blazar_ks_services }}"
service_ks_register_users: "{{ blazar_ks_users }}"
tags: always

@ -111,3 +111,13 @@ ceilometer_dev_mode: "{{ kolla_dev_mode }}"
ceilometer_source_version: "{{ kolla_source_version }}"
ceilometer_custom_meters_local_folder: "meters.d"
####################
# Keystone
####################
ceilometer_ks_users:
- project: "service"
user: "{{ ceilometer_keystone_user }}"
password: "{{ ceilometer_keystone_password }}"
role: "admin"

@ -1,18 +1,10 @@
---
- name: Creating the Ceilometer project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ ceilometer_keystone_user }}"
password: "{{ ceilometer_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_ceilometer_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_ceilometer_auth }}"
service_ks_register_users: "{{ ceilometer_ks_users }}"
tags: always
- name: Associate the ResellerAdmin role and ceilometer user
become: true

@ -128,3 +128,22 @@ cephfs_metadata_pool_pgp_num: "{{ ceph_pool_pgp_num }}"
# Kolla
####################
kolla_ceph_use_udev: True
####################
# Keystone
####################
ceph_rgw_ks_services:
- name: "swift"
type: "object-store"
description: "Openstack Object Storage"
endpoints:
- {'interface': 'admin', 'url': '{{ swift_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ swift_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ swift_public_endpoint }}'}
ceph_rgw_ks_users:
- project: "service"
user: "{{ ceph_rgw_keystone_user }}"
password: "{{ ceph_rgw_keystone_password }}"
role: "admin"

@ -1,39 +1,11 @@
---
- name: Creating the Swift service and endpoint
become: true
kolla_toolbox:
module_name: kolla_keystone_service
module_args:
service_name: "swift"
service_type: "object-store"
description: "Openstack Object Storage"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_ceph_rgw_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ swift_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ swift_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ swift_public_endpoint }}'}
- name: Registering keystone ceph_rgw user
become: true
kolla_toolbox:
module_name: kolla_keystone_user
module_args:
project: "service"
user: "{{ ceph_rgw_keystone_user }}"
password: "{{ ceph_rgw_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_ceph_rgw_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_ceph_rgw_auth }}"
service_ks_register_services: "{{ ceph_rgw_ks_services }}"
service_ks_register_users: "{{ ceph_rgw_ks_users }}"
tags: always
- name: Creating the ResellerAdmin role
become: true

@ -250,3 +250,28 @@ cinder_git_repository: "{{ kolla_dev_repos_git }}/{{ project_name }}"
cinder_dev_repos_pull: "{{ kolla_dev_repos_pull }}"
cinder_dev_mode: "{{ kolla_dev_mode }}"
cinder_source_version: "{{ kolla_source_version }}"
####################
# Keystone
####################
cinder_ks_services:
- name: "cinderv2"
type: "volumev2"
description: "Openstack Block Storage"
endpoints:
- {'interface': 'admin', 'url': '{{ cinder_v2_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ cinder_v2_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ cinder_v2_public_endpoint }}'}
- name: "cinderv3"
type: "volumev3"
description: "Openstack Block Storage"
endpoints:
- {'interface': 'admin', 'url': '{{ cinder_v3_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ cinder_v3_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ cinder_v3_public_endpoint }}'}
cinder_ks_users:
- project: "service"
user: "{{ cinder_keystone_user }}"
password: "{{ cinder_keystone_password }}"
role: "admin"

@ -1,39 +1,8 @@
---
- name: Creating the Cinder service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "{{ item.service_name }}"
service_type: "{{ item.service_type }}"
description: "Openstack Block Storage"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_cinder_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ cinder_v2_admin_endpoint }}', 'service_name': 'cinderv2', 'service_type': 'volumev2'}
- {'interface': 'internal', 'url': '{{ cinder_v2_internal_endpoint }}', 'service_name': 'cinderv2', 'service_type': 'volumev2'}
- {'interface': 'public', 'url': '{{ cinder_v2_public_endpoint }}', 'service_name': 'cinderv2', 'service_type': 'volumev2'}
- {'interface': 'admin', 'url': '{{ cinder_v3_admin_endpoint }}', 'service_name': 'cinderv3', 'service_type': 'volumev3'}
- {'interface': 'internal', 'url': '{{ cinder_v3_internal_endpoint }}', 'service_name': 'cinderv3', 'service_type': 'volumev3'}
- {'interface': 'public', 'url': '{{ cinder_v3_public_endpoint }}', 'service_name': 'cinderv3', 'service_type': 'volumev3'}
- name: Creating the Cinder project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ cinder_keystone_user }}"
password: "{{ cinder_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_cinder_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_cinder_auth }}"
service_ks_register_services: "{{ cinder_ks_services }}"
service_ks_register_users: "{{ cinder_ks_users }}"
tags: always

@ -122,3 +122,21 @@ cloudkitty_storage_backend: "sqlalchemy"
# cloudkitty_influxdb_insecure_connections: false
cloudkitty_influxdb_name: "cloudkitty"
####################
# Keystone
####################
cloudkitty_ks_services:
- name: "cloudkitty"
type: "rating"
description: "OpenStack Rating"
endpoints:
- {'interface': 'admin', 'url': '{{ cloudkitty_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ cloudkitty_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ cloudkitty_public_endpoint }}'}
cloudkitty_ks_users:
- project: "service"
user: "{{ cloudkitty_keystone_user }}"
password: "{{ cloudkitty_keystone_password }}"
role: "admin"

@ -1,39 +1,11 @@
---
- name: Creating the Cloudkitty service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "cloudkitty"
service_type: "rating"
description: "OpenStack Rating"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_cloudkitty_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ cloudkitty_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ cloudkitty_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ cloudkitty_public_endpoint }}'}
- name: Creating the Cloudkitty project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ cloudkitty_keystone_user }}"
password: "{{ cloudkitty_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_cloudkitty_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_cloudkitty_auth }}"
service_ks_register_services: "{{ cloudkitty_ks_services }}"
service_ks_register_users: "{{ cloudkitty_ks_users }}"
tags: always
- name: Creating the rating role
become: true

@ -108,3 +108,21 @@ congress_git_repository: "{{ kolla_dev_repos_git }}/{{ project_name }}"
congress_dev_repos_pull: "{{ kolla_dev_repos_pull }}"
congress_dev_mode: "{{ kolla_dev_mode }}"
congress_source_version: "{{ kolla_source_version }}"
####################
# Keystone
####################
congress_ks_services:
- name: "congress"
type: "policy"
description: "Congress Service"
endpoints:
- {'interface': 'admin', 'url': '{{ congress_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ congress_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ congress_public_endpoint }}'}
congress_ks_users:
- project: "service"
user: "{{ congress_keystone_user }}"
password: "{{ congress_keystone_password }}"
role: "admin"

@ -1,36 +1,8 @@
---
- name: Creating the congress service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "congress"
service_type: "policy"
description: "Congress Service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_congress_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ congress_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ congress_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ congress_public_endpoint }}'}
- name: Creating the congress project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "congress"
password: "{{ congress_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_congress_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_congress_auth }}"
service_ks_register_services: "{{ congress_ks_services }}"
service_ks_register_users: "{{ congress_ks_users }}"
tags: always

@ -96,3 +96,21 @@ cyborg_notification_topics:
enabled: "{{ enable_ceilometer | bool }}"
cyborg_enabled_notification_topics: "{{ cyborg_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
####################
# Keystone
####################
cyborg_ks_services:
- name: "cyborg"
type: "cyborg"
description: "OpenStack Cyborg Service"
endpoints:
- {'interface': 'admin', 'url': '{{ cyborg_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ cyborg_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ cyborg_public_endpoint }}'}
cyborg_ks_users:
- project: "service"
user: "{{ cyborg_keystone_user }}"
password: "{{ cyborg_keystone_password }}"
role: "admin"

@ -1,36 +1,8 @@
---
- name: Creating the cyborg service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "cyborg"
service_type: "cyborg"
description: "OpenStack Cyborg Service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_cyborg_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ cyborg_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ cyborg_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ cyborg_public_endpoint }}'}
- name: Creating the cyborg project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ cyborg_keystone_user }}"
password: "{{ cyborg_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_cyborg_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_cyborg_auth }}"
service_ks_register_services: "{{ cyborg_ks_services }}"
service_ks_register_users: "{{ cyborg_ks_users }}"
tags: always

@ -214,3 +214,21 @@ designate_notification_topics:
enabled: True
designate_enabled_notification_topics: "{{ designate_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
####################
# Keystone
####################
designate_ks_services:
- name: "designate"
type: "dns"
description: "Designate DNS Service"
endpoints:
- {'interface': 'admin', 'url': '{{ designate_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ designate_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ designate_public_endpoint }}'}
designate_ks_users:
- project: "service"
user: "{{ designate_keystone_user }}"
password: "{{ designate_keystone_password }}"
role: "admin"

@ -1,36 +1,8 @@
---
- name: Creating the Designate service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "designate"
service_type: "dns"
description: "Designate DNS Service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_designate_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ designate_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ designate_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ designate_public_endpoint }}'}
- name: Creating the Designate project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ designate_keystone_user }}"
password: "{{ designate_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_designate_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_designate_auth }}"
service_ks_register_services: "{{ designate_ks_services }}"
service_ks_register_users: "{{ designate_ks_users }}"
tags: always

@ -96,3 +96,21 @@ freezer_api_git_repository: "{{ kolla_dev_repos_git }}/freezer-api"
freezer_dev_repos_pull: "{{ kolla_dev_repos_pull }}"
freezer_dev_mode: "{{ kolla_dev_mode }}"
freezer_source_version: "{{ kolla_source_version }}"
####################
# Keystone
####################
freezer_ks_services:
- name: "freezer"
type: "backup"
description: "Openstack Freezer Backup Service"
endpoints:
- {'interface': 'admin', 'url': '{{ freezer_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ freezer_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ freezer_public_endpoint }}'}
freezer_ks_users:
- project: "service"
user: "{{ freezer_keystone_user }}"
password: "{{ freezer_keystone_password }}"
role: "admin"

@ -1,36 +1,8 @@
---
- name: Creating the freezer service and endpoint
become: true
kolla_toolbox:
module_name: kolla_keystone_service
module_args:
service_name: freezer
service_type: backup
description: 'Openstack Freezer Backup Service'
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_freezer_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ freezer_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ freezer_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ freezer_public_endpoint }}'}
- name: Creating the freezer project, user, and role
become: true
kolla_toolbox:
module_name: kolla_keystone_user
module_args:
project: service
user: "{{ freezer_keystone_user }}"
password: "{{ freezer_keystone_password }}"
role: admin
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_freezer_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_freezer_auth }}"
service_ks_register_services: "{{ freezer_ks_services }}"
service_ks_register_users: "{{ freezer_ks_users }}"
tags: always

@ -39,6 +39,24 @@ glance_services:
####################
haproxy_members: "{% for host in glance_api_hosts %}server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ glance_api_listen_port }} check inter 2000 rise 2 fall 5;{% endfor %}"
####################
# Keystone
####################
glance_ks_services:
- name: "glance"
type: "image"
description: "Openstack Image"
endpoints:
- {'interface': 'admin', 'url': '{{ glance_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ glance_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ glance_public_endpoint }}'}
glance_ks_users:
- project: "service"
user: "{{ glance_keystone_user }}"
password: "{{ glance_keystone_password }}"
role: "admin"
####################
# Notification
####################

@ -1,36 +1,8 @@
---
- name: Creating the Glance service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "glance"
service_type: "image"
description: "Openstack Image"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_glance_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ glance_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ glance_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ glance_public_endpoint }}'}
- name: Creating the Glance project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ glance_keystone_user }}"
password: "{{ glance_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_glance_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_glance_auth }}"
service_ks_register_services: "{{ glance_ks_services }}"
service_ks_register_users: "{{ glance_ks_users }}"
tags: always

@ -132,3 +132,21 @@ gnocchi_metricd_workers: "{{ openstack_service_workers }}"
gnocchi_keystone_user: "gnocchi"
openstack_gnocchi_auth: "{{ openstack_auth }}"
####################
# Keystone
####################
gnocchi_ks_services:
- name: "gnocchi"
type: "metric"
description: "OpenStack Metric Service"
endpoints:
- {'interface': 'admin', 'url': '{{ gnocchi_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ gnocchi_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ gnocchi_public_endpoint }}'}
gnocchi_ks_users:
- project: "service"
user: "{{ gnocchi_keystone_user }}"
password: "{{ gnocchi_keystone_password }}"
role: "admin"

@ -1,36 +1,8 @@
---
- name: Creating the gnocchi service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "gnocchi"
service_type: "metric"
description: "OpenStack Metric Service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_gnocchi_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ gnocchi_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ gnocchi_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ gnocchi_public_endpoint }}'}
- name: Creating the gnocchi project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ gnocchi_keystone_user }}"
password: "{{ gnocchi_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_gnocchi_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_gnocchi_auth }}"
service_ks_register_services: "{{ gnocchi_ks_services }}"
service_ks_register_users: "{{ gnocchi_ks_users }}"
tags: always

@ -136,3 +136,28 @@ heat_notification_topics:
enabled: "{{ enable_ceilometer | bool }}"
heat_enabled_notification_topics: "{{ heat_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
####################
# Keystone
####################
heat_ks_services:
- name: "heat"
type: "orchestration"
description: "Orchestration"
endpoints:
- {'interface': 'admin', 'url': '{{ heat_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ heat_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ heat_public_endpoint }}'}
- name: "heat-cfn"
type: "cloudformation"
description: "Orchestration"
endpoints:
- {'interface': 'admin', 'url': '{{ heat_cfn_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ heat_cfn_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ heat_cfn_public_endpoint }}'}
heat_ks_users:
- project: "service"
user: "{{ heat_keystone_user }}"
password: "{{ heat_keystone_password }}"
role: "admin"

@ -1,42 +1,11 @@
---
- name: Creating the Heat service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "{{ item.service_name }}"
service_type: "{{ item.service_type }}"
description: "{{ item.description }}"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_heat_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ heat_admin_endpoint }}', 'service_name': 'heat', 'service_type': 'orchestration', 'description': 'Orchestration'}
- {'interface': 'internal', 'url': '{{ heat_internal_endpoint }}', 'service_name': 'heat', 'service_type': 'orchestration', 'description': 'Orchestration'}
- {'interface': 'public', 'url': '{{ heat_public_endpoint }}', 'service_name': 'heat', 'service_type': 'orchestration', 'description': 'Orchestration'}
- {'interface': 'admin', 'url': '{{ heat_cfn_admin_endpoint }}', 'service_name': 'heat-cfn', 'service_type': 'cloudformation', 'description': 'Orchestration'}
- {'interface': 'internal', 'url': '{{ heat_cfn_internal_endpoint }}', 'service_name': 'heat-cfn', 'service_type': 'cloudformation', 'description': 'Orchestration'}
- {'interface': 'public', 'url': '{{ heat_cfn_public_endpoint }}', 'service_name': 'heat-cfn', 'service_type': 'cloudformation', 'description': 'Orchestration'}
- name: Creating the Heat project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ heat_keystone_user }}"
password: "{{ heat_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_heat_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_heat_auth }}"
service_ks_register_services: "{{ heat_ks_services }}"
service_ks_register_users: "{{ heat_ks_users }}"
tags: always
- name: Creating the heat_stack_user role
become: true

@ -221,3 +221,32 @@ ironic_notification_topics:
enabled: "{{ enable_ceilometer | bool }}"
ironic_enabled_notification_topics: "{{ ironic_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
####################
# Keystone
####################
ironic_ks_services:
- name: "ironic"
type: "baremetal"
description: "Ironic baremetal provisioning service"
endpoints:
- {'interface': 'admin', 'url': '{{ ironic_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ ironic_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ ironic_public_endpoint }}'}
- name: "ironic-inspector"
type: "baremetal-introspection"
description: "Ironic Inspector baremetal introspection service"
endpoints:
- {'interface': 'admin', 'url': '{{ ironic_inspector_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ ironic_inspector_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ ironic_inspector_public_endpoint }}'}
ironic_ks_users:
- project: "service"
user: "{{ ironic_keystone_user }}"
password: "{{ ironic_keystone_password }}"
role: "admin"
- project: "service"
user: "{{ ironic_inspector_keystone_user }}"
password: "{{ ironic_inspector_keystone_password }}"
role: "admin"

@ -1,76 +1,8 @@
---
- name: Creating the Ironic service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "ironic"
service_type: "baremetal"
description: "Ironic baremetal provisioning service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_ironic_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
when: inventory_hostname in groups['ironic-api']
with_items:
- {'interface': 'admin', 'url': '{{ ironic_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ ironic_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ ironic_public_endpoint }}'}
- name: Creating the Ironic project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ ironic_keystone_user }}"
password: "{{ ironic_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_ironic_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
when: inventory_hostname in groups['ironic-api']
- name: Creating the Ironic Inspector service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "ironic-inspector"
service_type: "baremetal-introspection"
description: "Ironic Inspector baremetal introspection service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_ironic_inspector_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
when: inventory_hostname in groups['ironic-inspector']
with_items:
- {'interface': 'admin', 'url': '{{ ironic_inspector_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ ironic_inspector_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ ironic_inspector_public_endpoint }}'}
- name: Creating the Ironic Inspector project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ ironic_inspector_keystone_user }}"
password: "{{ ironic_inspector_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_ironic_inspector_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
when: inventory_hostname in groups['ironic-inspector']
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_ironic_auth }}"
service_ks_register_services: "{{ ironic_ks_services }}"
service_ks_register_users: "{{ ironic_ks_users }}"
tags: always

@ -106,3 +106,21 @@ karbor_notification_topics:
enabled: "{{ enable_ceilometer | bool }}"
karbor_enabled_notification_topics: "{{ karbor_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
####################
# Keystone
####################
karbor_ks_services:
- name: "karbor"
type: "data-protect"
description: "Application Data Protection Service"
endpoints:
- {'interface': 'admin', 'url': '{{ karbor_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ karbor_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ karbor_public_endpoint }}'}
karbor_ks_users:
- project: "service"
user: "{{ karbor_keystone_user }}"
password: "{{ karbor_keystone_password }}"
role: "admin"

@ -1,36 +1,8 @@
---
- name: Creating the Karbor service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "karbor"
service_type: "data-protect"
description: "Application Data Protection Service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_karbor_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ karbor_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ karbor_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ karbor_public_endpoint }}'}
- name: Creating the Karbor project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ karbor_keystone_user }}"
password: "{{ karbor_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_karbor_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_karbor_auth }}"
service_ks_register_services: "{{ karbor_ks_services }}"
service_ks_register_users: "{{ karbor_ks_users }}"
tags: always

@ -128,3 +128,16 @@ keystone_notification_topics:
enabled: "{{ enable_barbican | bool }}"
keystone_enabled_notification_topics: "{{ keystone_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
####################
# Keystone
####################
keystone_ks_services:
- name: "keystone"
type: "identity"
description: "Openstack Identity Service"
endpoints:
- {'interface': 'admin', 'url': '{{ keystone_admin_url }}'}
- {'interface': 'internal', 'url': '{{ keystone_internal_url }}'}
- {'interface': 'public', 'url': '{{ keystone_public_url }}'}

@ -8,28 +8,13 @@
run_once: True
with_items: "{{ multiple_regions_names }}"
# NOTE(jeffrey4l): Since keystone-manage bootstrap cloud not update the endpoint,
# run kolla_keystone_service module again.
- name: Creating the Keystone service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "keystone"
service_type: "identity"
description: "Openstack Identity Service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_keystone_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_keystone_auth }}"
service_ks_register_services: "{{ keystone_ks_services }}"
tags: always
run_once: True
with_items:
- { interface: admin, url: "{{ keystone_admin_url }}" }
- { interface: internal, url: "{{ keystone_internal_url }}" }
- { interface: public, url: "{{ keystone_public_url }}" }
- name: Creating default user role
become: true

@ -59,3 +59,12 @@ kuryr_dev_repos_pull: "{{ kolla_dev_repos_pull }}"
kuryr_dev_mode: "{{ kolla_dev_mode }}"
kuryr_dimensions: "{{ default_container_dimensions }}"
kuryr_source_version: "{{ kolla_source_version }}"
####################
# Keystone
####################
kuryr_ks_users:
- project: "service"
user: "{{ kuryr_keystone_user }}"
password: "{{ kuryr_keystone_password }}"
role: "admin"

@ -1,15 +1,7 @@
---
- name: Creating the Kuryr project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ kuryr_keystone_user }}"
password: "{{ kuryr_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_kuryr_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_kuryr_auth }}"
service_ks_register_users: "{{ kuryr_ks_users }}"
tags: always

@ -115,3 +115,22 @@ magnum_notification_topics:
enabled: "{{ enable_ceilometer | bool }}"
magnum_enabled_notification_topics: "{{ magnum_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
####################
# Keystone
####################
magnum_ks_services:
- name: "magnum"
type: "container-infra"
description: "Container Infrastructure Management Service"
endpoints:
- {'interface': 'admin', 'url': '{{ magnum_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ magnum_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ magnum_public_endpoint }}'}
magnum_ks_users:
- project: "service"
user: "{{ magnum_keystone_user }}"
password: "{{ magnum_keystone_password }}"
role: "admin"

@ -1,39 +1,11 @@
---
- name: Creating the Magnum service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "magnum"
service_type: "container-infra"
description: "Container Infrastructure Management Service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_magnum_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ magnum_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ magnum_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ magnum_public_endpoint }}'}
- name: Creating the Magnum project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ magnum_keystone_user }}"
password: "{{ magnum_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_magnum_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_magnum_auth }}"
service_ks_register_services: "{{ magnum_ks_services }}"
service_ks_register_users: "{{ magnum_ks_users }}"
tags: always
- name: Creating Magnum trustee domain
become: true

@ -193,3 +193,29 @@ manila_notification_topics:
enabled: "{{ enable_ceilometer | bool }}"
manila_enabled_notification_topics: "{{ manila_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
####################
# Keystone
####################
manila_ks_services:
- name: "manila"
type: "share"
description: "Openstack Shared Filesystems"
endpoints:
- {'interface': 'admin', 'url': '{{ manila_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ manila_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ manila_public_endpoint }}'}
- name: "manilav2"
type: "sharev2"
description: "Openstack Shared Filesystems"
endpoints:
- {'interface': 'admin', 'url': '{{ manila_v2_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ manila_v2_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ manila_v2_public_endpoint }}'}
manila_ks_users:
- project: "service"
user: "{{ manila_keystone_user }}"
password: "{{ manila_keystone_password }}"
role: "admin"

@ -1,39 +1,8 @@
---
- name: Creating the Manila service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "{{ item.service_name }}"
service_type: "{{ item.service_type }}"
description: "Openstack Shared Filesystems"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_manila_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ manila_admin_endpoint }}', 'service_name': 'manila', 'service_type': 'share'}
- {'interface': 'internal', 'url': '{{ manila_internal_endpoint }}', 'service_name': 'manila', 'service_type': 'share'}
- {'interface': 'public', 'url': '{{ manila_public_endpoint }}', 'service_name': 'manila', 'service_type': 'share'}
- {'interface': 'admin', 'url': '{{ manila_v2_admin_endpoint }}', 'service_name': 'manilav2', 'service_type': 'sharev2'}
- {'interface': 'internal', 'url': '{{ manila_v2_internal_endpoint }}', 'service_name': 'manilav2', 'service_type': 'sharev2'}
- {'interface': 'public', 'url': '{{ manila_v2_public_endpoint }}', 'service_name': 'manilav2', 'service_type': 'sharev2'}
- name: Creating the Manila project, user and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ manila_keystone_user }}"
password: "{{ manila_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_manila_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_manila_auth }}"
service_ks_register_services: "{{ manila_ks_services }}"
service_ks_register_users: "{{ manila_ks_users }}"
tags: always

@ -115,3 +115,21 @@ masakari_monitors_git_repository: "{{ kolla_dev_repos_git }}/masakarimonitors"
masakari_monitors_dev_repos_pull: "{{ kolla_dev_repos_pull }}"
masakari_monitors_dev_mode: "{{ kolla_dev_mode }}"
masakari_monitors_source_version: "{{ kolla_source_version }}"
####################
# Keystone
####################
masakari_ks_services:
- name: "masakari"
type: "instance-ha"
description: "OpenStack High Availability"
endpoints:
- {'interface': 'admin', 'url': '{{ masakari_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ masakari_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ masakari_public_endpoint }}'}
masakari_ks_users:
- project: "service"
user: "{{ masakari_keystone_user }}"
password: "{{ masakari_keystone_password }}"
role: "admin"

@ -1,36 +1,8 @@
---
- name: Creating the Masakari service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "masakari"
service_type: "instance-ha"
description: "OpenStack High Availability"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_masakari_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ masakari_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ masakari_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ masakari_public_endpoint }}'}
- name: Creating the Masakari project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ masakari_keystone_user }}"
password: "{{ masakari_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_masakari_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_masakari_auth }}"
service_ks_register_services: "{{ masakari_ks_services }}"
service_ks_register_users: "{{ masakari_ks_users }}"
tags: always

@ -135,3 +135,21 @@ mistral_notification_topics:
enabled: "{{ enable_ceilometer | bool }}"
mistral_enabled_notification_topics: "{{ mistral_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
####################
# Keystone
####################
mistral_ks_services:
- name: "mistral"
type: "workflowv2"
description: "Openstack Workflow"
endpoints:
- {'interface': 'admin', 'url': '{{ mistral_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ mistral_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ mistral_public_endpoint }}'}
mistral_ks_users:
- project: "service"
user: "{{ mistral_keystone_user }}"
password: "{{ mistral_keystone_password }}"
role: "admin"

@ -1,36 +1,8 @@
---
- name: Creating the Mistral service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "mistral"
service_type: "workflowv2"
description: "Openstack Workflow"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_mistral_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ mistral_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ mistral_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ mistral_public_endpoint }}'}
- name: Creating the Mistral project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ mistral_keystone_user }}"
password: "{{ mistral_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_mistral_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_mistral_auth }}"
service_ks_register_services: "{{ mistral_ks_services }}"
service_ks_register_users: "{{ mistral_ks_users }}"
tags: always

@ -338,3 +338,32 @@ monasca_log_api_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_
monasca_log_api_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ monasca_log_api_port }}"
monasca_logging_debug: "{{ openstack_logging_debug }}"
####################
# Keystone
####################
monasca_ks_services:
- name: "monasca-api"
type: "monitoring"
description: "Monasca monitoring as a service"
endpoints:
- {'interface': 'admin', 'url': '{{ monasca_api_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ monasca_api_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ monasca_api_public_endpoint }}'}
- name: "monasca-log-api"
type: "logging"
description: "Monasca logging as a service"
endpoints:
- {'interface': 'admin', 'url': '{{ monasca_log_api_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ monasca_log_api_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ monasca_log_api_public_endpoint }}'}
monasca_ks_users:
- project: "service"
user: "{{ monasca_keystone_user }}"
password: "{{ monasca_keystone_password }}"
role: "admin"
- project: "{{ monasca_control_plane_project }}"
user: "{{ monasca_agent_user }}"
password: "{{ monasca_agent_password }}"
role: "{{ monasca_agent_authorized_roles | first }}"

@ -1,60 +1,12 @@
---
- name: Creating monasca-api service and endpoints
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "monasca-api"
service_type: "monitoring"
description: "Monasca monitoring as a service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ monasca_openstack_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ monasca_api_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ monasca_api_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ monasca_api_public_endpoint }}'}
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ monasca_openstack_auth }}"
service_ks_register_services: "{{ monasca_ks_services }}"
service_ks_register_users: "{{ monasca_ks_users }}"
tags: always
- name: Creating monasca-log-api service and endpoints
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "monasca-log-api"
service_type: "logging"
description: "Monasca logging as a service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ monasca_openstack_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ monasca_log_api_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ monasca_log_api_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ monasca_log_api_public_endpoint }}'}
- name: Creating the monasca keystone user
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ monasca_keystone_user }}"
password: "{{ monasca_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ monasca_openstack_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- name: Creating monasca roles
become: true
@ -72,18 +24,3 @@
- "{{ monasca_agent_authorized_roles }}"
- "{{ monasca_read_only_authorized_roles }}"
- "{{ monasca_delegate_authorized_roles }}"
- name: Creating the monasca agent user
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "{{ monasca_control_plane_project }}"
user: "{{ monasca_agent_user }}"
password: "{{ monasca_agent_password }}"
role: "{{ monasca_agent_authorized_roles | first }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ monasca_openstack_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True

@ -98,3 +98,21 @@ murano_notification_topics:
enabled: "{{ enable_ceilometer | bool }}"
murano_enabled_notification_topics: "{{ murano_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
####################
# Keystone
####################
murano_ks_services:
- name: "murano"
type: "application-catalog"
description: "Openstack Application Catalogue"
endpoints:
- {'interface': 'admin', 'url': '{{ murano_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ murano_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ murano_public_endpoint }}'}
murano_ks_users:
- project: "service"
user: "{{ murano_keystone_user }}"
password: "{{ murano_keystone_password }}"
role: "admin"

@ -1,36 +1,8 @@
---
- name: Creating the Murano service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "murano"
service_type: "application-catalog"
description: "Openstack Application Catalogue"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_murano_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ murano_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ murano_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ murano_public_endpoint }}'}
- name: Creating the Murano project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ murano_keystone_user }}"
password: "{{ murano_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_murano_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_murano_auth }}"
service_ks_register_services: "{{ murano_ks_services }}"
service_ks_register_users: "{{ murano_ks_users }}"
tags: always

@ -488,3 +488,21 @@ neutron_git_repository: "{{ kolla_dev_repos_git }}/{{ project_name }}"
neutron_dev_repos_pull: "{{ kolla_dev_repos_pull }}"
neutron_dev_mode: "{{ kolla_dev_mode }}"
neutron_source_version: "{{ kolla_source_version }}"
####################
# Keystone
####################
neutron_ks_services:
- name: "neutron"
type: "network"
description: "Openstack Networking"
endpoints:
- {'interface': 'admin', 'url': '{{ neutron_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ neutron_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ neutron_public_endpoint }}'}
neutron_ks_users:
- project: "service"
user: "{{ neutron_keystone_user }}"
password: "{{ neutron_keystone_password }}"
role: "admin"

@ -1,36 +1,8 @@
---
- name: Creating the Neutron service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "neutron"
service_type: "network"
description: "Openstack Networking"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_neutron_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ neutron_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ neutron_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ neutron_public_endpoint }}'}
- name: Creating the Neutron project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ neutron_keystone_user }}"
password: "{{ neutron_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_neutron_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_neutron_auth }}"
service_ks_register_services: "{{ neutron_ks_services }}"
service_ks_register_users: "{{ neutron_ks_users }}"
tags: always

@ -384,6 +384,31 @@ nova_services_require_nova_conf:
# around 10 seconds, but the default is 30 to allow room for slowness.
nova_compute_startup_delay: 30
####################
# Keystone
####################
nova_ks_services:
- name: "nova_legacy"
type: "compute_legacy"
description: "OpenStack Compute Service (Legacy 2.0)"
endpoints:
- {'interface': 'admin', 'url': '{{ nova_legacy_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ nova_legacy_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ nova_legacy_public_endpoint }}'}
- name: "nova"
type: "compute"
description: "OpenStack Compute Service"
endpoints:
- {'interface': 'admin', 'url': '{{ nova_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ nova_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ nova_public_endpoint }}'}
nova_ks_users:
- project: "service"
user: "{{ nova_keystone_user }}"
password: "{{ nova_keystone_password }}"
role: "admin"
####################
# Notification
####################

@ -1,39 +1,8 @@
---
- name: Creating the Nova service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "{{ item.name }}"
service_type: "{{ item.service_type }}"
description: "{{ item.description }}"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_nova_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'name': 'nova_legacy', 'service_type': 'compute_legacy', 'interface': 'admin', 'url': '{{ nova_legacy_admin_endpoint }}', 'description': 'OpenStack Compute Service (Legacy 2.0)'}
- {'name': 'nova_legacy', 'service_type': 'compute_legacy', 'interface': 'internal', 'url': '{{ nova_legacy_internal_endpoint }}', 'description': 'OpenStack Compute Service (Legacy 2.0)'}
- {'name': 'nova_legacy', 'service_type': 'compute_legacy', 'interface': 'public', 'url': '{{ nova_legacy_public_endpoint }}', 'description': 'OpenStack Compute Service (Legacy 2.0)'}
- {'name': 'nova', 'service_type': 'compute', 'interface': 'admin', 'url': '{{ nova_admin_endpoint }}', 'description': 'OpenStack Compute Service'}
- {'name': 'nova', 'service_type': 'compute', 'interface': 'internal', 'url': '{{ nova_internal_endpoint }}', 'description': 'OpenStack Compute Service'}
- {'name': 'nova', 'service_type': 'compute', 'interface': 'public', 'url': '{{ nova_public_endpoint }}', 'description': 'OpenStack Compute Service'}
- name: Creating the Nova project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ nova_keystone_user }}"
password: "{{ nova_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_nova_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_nova_auth }}"
service_ks_register_services: "{{ nova_ks_services }}"
service_ks_register_users: "{{ nova_ks_users }}"
tags: always

@ -120,3 +120,21 @@ octavia_logging_debug: "{{ openstack_logging_debug }}"
octavia_keystone_user: "octavia"
openstack_octavia_auth: "{{ openstack_auth }}"
####################
# Keystone
####################
octavia_ks_services:
- name: "octavia"
type: "load-balancer"
description: "Octavia Load Balancing Service"
endpoints:
- {'interface': 'admin', 'url': '{{ octavia_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ octavia_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ octavia_public_endpoint }}'}
octavia_ks_users:
- project: "service"
user: "{{ octavia_keystone_user }}"
password: "{{ octavia_keystone_password }}"
role: "admin"

@ -1,39 +1,11 @@
---
- name: Creating the Octavia service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "octavia"
service_type: "load-balancer"
description: "Octavia Load Balancing Service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_octavia_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ octavia_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ octavia_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ octavia_public_endpoint }}'}
- name: Creating the Octavia project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ octavia_keystone_user }}"
password: "{{ octavia_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_octavia_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_octavia_auth }}"
service_ks_register_services: "{{ octavia_ks_services }}"
service_ks_register_users: "{{ octavia_ks_users }}"
tags: always
- name: Adding octavia user into admin project
become: true

@ -58,3 +58,21 @@ panko_logging_debug: "{{ openstack_logging_debug }}"
panko_keystone_user: "panko"
openstack_panko_auth: "{{ openstack_auth }}"
####################
# Keystone
####################
panko_ks_services:
- name: "panko"
type: "event"
description: "Panko Service"
endpoints:
- {'interface': 'admin', 'url': '{{ panko_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ panko_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ panko_public_endpoint }}'}
panko_ks_users:
- project: "service"
user: "{{ panko_keystone_user }}"
password: "{{ panko_keystone_password }}"
role: "admin"

@ -1,36 +1,8 @@
---
- name: Creating the panko service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "panko"
service_type: "event"
description: "Panko Service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_panko_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ panko_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ panko_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ panko_public_endpoint }}'}
- name: Creating the panko project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ panko_keystone_user }}"
password: "{{ panko_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_panko_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_panko_auth }}"
service_ks_register_services: "{{ panko_ks_services }}"
service_ks_register_users: "{{ panko_ks_users }}"
tags: always

@ -89,3 +89,21 @@ nova_api_database_name: "nova_api"
nova_api_database_user: "{% if use_preconfigured_databases | bool and use_common_mariadb_user | bool %}{{ database_user }}{% else %}nova_api{% endif %}"
nova_api_database_host: "{{ database_address }}"
placement_database_host: "{{ database_address }}"
####################
# Keystone
####################
placement_ks_services:
- name: "placement"
type: "placement"
description: "Placement Service"
endpoints:
- {'interface': 'admin', 'url': '{{ placement_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ placement_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ placement_public_endpoint }}'}
placement_ks_users:
- project: "service"
user: "{{ placement_keystone_user }}"
password: "{{ placement_keystone_password }}"
role: "admin"

@ -1,36 +1,8 @@
---
- name: Creating the placement service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "{{ item.name }}"
service_type: "{{ item.service_type }}"
description: "{{ item.description }}"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_placement_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'name': 'placement', 'service_type': 'placement', 'interface': 'admin', 'url': '{{ placement_admin_endpoint }}', 'description': 'Placement Service'}
- {'name': 'placement', 'service_type': 'placement', 'interface': 'internal', 'url': '{{ placement_internal_endpoint }}', 'description': 'Placement Service'}
- {'name': 'placement', 'service_type': 'placement', 'interface': 'public', 'url': '{{ placement_public_endpoint }}', 'description': 'Placement Service'}
- name: Creating the placement project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ placement_keystone_user }}"
password: "{{ placement_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_placement_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_placement_auth }}"
service_ks_register_services: "{{ placement_ks_services }}"
service_ks_register_users: "{{ placement_ks_users }}"
tags: always

@ -91,3 +91,21 @@ qinling_git_repository: "{{ kolla_dev_repos_git }}/{{ project_name }}"
qinling_dev_repos_pull: "{{ kolla_dev_repos_pull }}"
qinling_dev_mode: "{{ kolla_dev_mode }}"
qinling_source_version: "{{ kolla_source_version }}"
####################
# Keystone
####################
qinling_ks_services:
- name: "qinling"
type: "function-engine"
description: "Function Service"
endpoints:
- {'interface': 'admin', 'url': '{{ qinling_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ qinling_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ qinling_public_endpoint }}'}
qinling_ks_users:
- project: "service"
user: "{{ qinling_keystone_user }}"
password: "{{ qinling_keystone_password }}"
role: "admin"

@ -1,36 +1,8 @@
---
- name: Creating the Qinling service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "qinling"
service_type: "function-engine"
description: "Function Service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_qinling_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ qinling_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ qinling_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ qinling_public_endpoint }}'}
- name: Creating the Qinling project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ qinling_keystone_user }}"
password: "{{ qinling_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_qinling_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_qinling_auth }}"
service_ks_register_services: "{{ qinling_ks_services }}"
service_ks_register_users: "{{ qinling_ks_users }}"
tags: always

@ -103,3 +103,21 @@ sahara_notification_topics:
enabled: "{{ enable_ceilometer | bool }}"
sahara_enabled_notification_topics: "{{ sahara_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
####################
# Keystone
####################
sahara_ks_services:
- name: "sahara"
type: "data-processing"
description: "Sahara Data Processing"
endpoints:
- {'interface': 'admin', 'url': '{{ sahara_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ sahara_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ sahara_public_endpoint }}'}
sahara_ks_users:
- project: "service"
user: "{{ sahara_keystone_user }}"
password: "{{ sahara_keystone_password }}"
role: "admin"

@ -1,36 +1,8 @@
---
- name: Creating the Sahara service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "sahara"
service_type: "data-processing"
description: "Sahara Data Processing"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_sahara_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ sahara_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ sahara_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ sahara_public_endpoint }}'}
- name: Creating the Sahara project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ sahara_keystone_user }}"
password: "{{ sahara_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_sahara_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_sahara_auth }}"
service_ks_register_services: "{{ sahara_ks_services }}"
service_ks_register_users: "{{ sahara_ks_users }}"
tags: always

@ -85,3 +85,21 @@ searchlight_notification_topics:
enabled: "{{ enable_ceilometer | bool }}"
searchlight_enabled_notification_topics: "{{ searchlight_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
####################
# Keystone
####################
searchlight_ks_services:
- name: "searchlight"
type: "search"
description: "Openstack Index Service"
endpoints:
- {'interface': 'admin', 'url': '{{ searchlight_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ searchlight_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ searchlight_public_endpoint }}'}
searchlight_ks_users:
- project: "service"
user: "{{ searchlight_keystone_user }}"
password: "{{ searchlight_keystone_password }}"
role: "admin"

@ -1,36 +1,8 @@
---
- name: Creating the Searchlight service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "searchlight"
service_type: "search"
description: "Openstack Index Service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_searchlight_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ searchlight_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ searchlight_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ searchlight_public_endpoint }}'}
- name: Creating the Searchlight project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ searchlight_keystone_user }}"
password: "{{ searchlight_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_searchlight_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_searchlight_auth }}"
service_ks_register_services: "{{ searchlight_ks_services }}"
service_ks_register_users: "{{ searchlight_ks_users }}"
tags: always

@ -101,3 +101,21 @@ senlin_notification_topics:
enabled: "{{ enable_ceilometer | bool }}"
senlin_enabled_notification_topics: "{{ senlin_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
####################
# Keystone
####################
senlin_ks_services:
- name: "senlin"
type: "clustering"
description: "Senlin Clustering Service"
endpoints:
- {'interface': 'admin', 'url': '{{ senlin_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ senlin_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ senlin_public_endpoint }}'}
senlin_ks_users:
- project: "service"
user: "{{ senlin_keystone_user }}"
password: "{{ senlin_keystone_password }}"
role: "admin"

@ -1,36 +1,8 @@
---
- name: Creating the Senlin service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "senlin"
service_type: "clustering"
description: "Senlin Clustering Service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_senlin_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ senlin_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ senlin_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ senlin_public_endpoint }}'}
- name: Creating the Senlin project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ senlin_keystone_user }}"
password: "{{ senlin_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_senlin_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_senlin_auth }}"
service_ks_register_services: "{{ senlin_ks_services }}"
service_ks_register_users: "{{ senlin_ks_users }}"
tags: always

@ -0,0 +1,14 @@
---
service_ks_register_region_name: "{{ openstack_region_name }}"
service_ks_register_auth: {}
service_ks_cacert: "{{ openstack_cacert }}"
service_ks_register_interface: "{{ openstack_interface }}"
service_ks_register_endpoint_region: "{{ openstack_region_name }}"
service_ks_register_domain: "default"
service_ks_register_delegate_host: "{{ groups['control'][0] }}"
# A list of services to register with Keystone. Each service definition should
# provide a description, service type, and a list of associated endpoints to be
# registered.
service_ks_register_services: []
# A list of users and associated roles for this service to register with Keystone
service_ks_register_users: []

@ -0,0 +1,107 @@
---
- name: Creating the {{ project_name }} service
become: true
kolla_toolbox:
module_name: "os_keystone_service"
module_args:
name: "{{ item.name }}"
service_type: "{{ item.type }}"
description: "{{ item.description }}"
region_name: "{{ service_ks_register_region_name }}"
auth: "{{ service_ks_register_auth }}"
interface: "{{ service_ks_register_interface }}"
cacert: "{{ service_ks_cacert }}"
run_once: True
loop: "{{ service_ks_register_services }}"
delegate_to: "{{ service_ks_register_delegate_host }}"
- name: Creating the {{ project_name }} endpoints
become: true
kolla_toolbox:
module_name: "os_keystone_endpoint"
module_args:
service: "{{ item.0.name }}"
url: "{{ item.1.url }}"
endpoint_interface: "{{ item.1.interface }}"
region: "{{ service_ks_register_endpoint_region }}"
region_name: "{{ service_ks_register_region_name }}"
auth: "{{ service_ks_register_auth }}"
interface: "{{ service_ks_register_interface }}"
cacert: "{{ service_ks_cacert }}"
run_once: True
with_subelements:
- "{{ service_ks_register_services }}"
- endpoints
delegate_to: "{{ service_ks_register_delegate_host }}"
- name: Creating the {{ project_name }} service project
become: true
kolla_toolbox:
module_name: "os_project"
module_args:
name: "{{ item }}"
domain: "{{ service_ks_register_domain }}"
region_name: "{{ service_ks_register_region_name }}"
auth: "{{ service_ks_register_auth }}"
interface: "{{ service_ks_register_interface }}"
cacert: "{{ service_ks_cacert }}"
run_once: True
with_items: "{{ service_ks_register_users | map(attribute='project') | unique | list }}"
delegate_to: "{{ service_ks_register_delegate_host }}"
- name: Creating the {{ project_name }} service users
become: true
kolla_toolbox:
module_name: "os_user"
module_args:
default_project: "{{ item.project }}"
name: "{{ item.user }}"
password: "{{ item.password }}"
domain: "{{ service_ks_register_domain }}"
region_name: "{{ service_ks_register_region_name }}"
auth: "{{ service_ks_register_auth }}"
interface: "{{ service_ks_register_interface }}"
cacert: "{{ service_ks_cacert }}"
run_once: True
with_items: "{{ service_ks_register_users }}"
delegate_to: "{{ service_ks_register_delegate_host }}"
loop_control:
label:
user: "{{ item.user }}"
project: "{{ item.project }}"
- name: Creating the {{ project_name }} service roles
become: true
kolla_toolbox:
module_name: "os_keystone_role"
module_args:
name: "{{ item }}"
region_name: "{{ service_ks_register_region_name }}"
auth: "{{ service_ks_register_auth }}"
interface: "{{ service_ks_register_interface }}"
cacert: "{{ service_ks_cacert }}"
run_once: True
with_items: "{{ service_ks_register_users | map(attribute='role') | unique | list }}"
delegate_to: "{{ service_ks_register_delegate_host }}"
- name: Granting the {{ project_name }} service user roles
become: true
kolla_toolbox:
module_name: "os_user_role"
module_args:
user: "{{ item.user }}"
role: "{{ item.role }}"
project: "{{ item.project }}"
domain: "{{ service_ks_register_domain }}"
region_name: "{{ service_ks_register_region_name }}"
auth: "{{ service_ks_register_auth }}"
interface: "{{ service_ks_register_interface }}"
cacert: "{{ service_ks_cacert }}"
run_once: True
with_items: "{{ service_ks_register_users }}"
delegate_to: "{{ service_ks_register_delegate_host }}"
loop_control:
label:
user: "{{ item.user }}"
role: "{{ item.role }}"
project: "{{ item.project }}"

@ -143,3 +143,28 @@ solum_git_repository: "{{ kolla_dev_repos_git }}/{{ project_name }}"
solum_dev_repos_pull: "{{ kolla_dev_repos_pull }}"
solum_dev_mode: "{{ kolla_dev_mode }}"
solum_source_version: "{{ kolla_source_version }}"
####################
# Keystone
####################
solum_ks_services:
- name: "solum_image_builder"
type: "image_builder"
description: "Openstack Solum Image Builder"
endpoints:
- {'interface': 'admin', 'url': '{{ solum_image_builder_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ solum_image_builder_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ solum_image_builder_public_endpoint }}'}
- name: "solum_application_deployment"
type: "application_deployment"
description: "Openstack Solum Application Deployment"
endpoints:
- {'interface': 'admin', 'url': '{{ solum_application_deployment_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ solum_application_deployment_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ solum_application_deployment_public_endpoint }}'}
solum_ks_users:
- project: "service"
user: "{{ solum_keystone_user }}"
password: "{{ solum_keystone_password }}"
role: "admin"

@ -1,57 +1,8 @@
---
- name: Creating the Solum image builder service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "solum_image_builder"
service_type: "image_builder"
description: "Openstack Solum Image Builder"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_solum_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ solum_image_builder_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ solum_image_builder_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ solum_image_builder_public_endpoint }}'}
- name: Creating the Solum application deployment service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "solum_application_deployment"
service_type: "application_deployment"
description: "Openstack Solum Application Deployment"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_solum_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ solum_application_deployment_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ solum_application_deployment_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ solum_application_deployment_public_endpoint }}'}
- name: Creating the Solum project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ solum_keystone_user }}"
password: "{{ solum_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_solum_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_solum_auth }}"
service_ks_register_services: "{{ solum_ks_services }}"
service_ks_register_users: "{{ solum_ks_users }}"
tags: always

@ -77,3 +77,21 @@ syslog_server: "{{ api_interface_address }}"
syslog_swift_facility: "local0"
swift_enable_rolling_upgrade: "yes"
####################
# Keystone
####################
swift_ks_services:
- name: "swift"
type: "object-store"
description: "Openstack Object Storage"
endpoints:
- {'interface': 'admin', 'url': '{{ swift_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ swift_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ swift_public_endpoint }}'}
swift_ks_users:
- project: "service"
user: "{{ swift_keystone_user }}"
password: "{{ swift_keystone_password }}"
role: "admin"

@ -1,39 +1,11 @@
---
- name: Creating the Swift service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "swift"
service_type: "object-store"
description: "Openstack Object Storage"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_swift_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ swift_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ swift_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ swift_public_endpoint }}'}
- name: Creating the Swift project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ swift_keystone_user }}"
password: "{{ swift_keystone_password }}"
role: "{{ swift_admin_tenant_name }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_swift_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_swift_auth }}"
service_ks_register_services: "{{ swift_ks_services }}"
service_ks_register_users: "{{ swift_ks_users }}"
tags: always
- name: Creating the ResellerAdmin role
become: true

@ -96,3 +96,21 @@ tacker_notification_topics:
enabled: "{{ enable_ceilometer | bool }}"
tacker_enabled_notification_topics: "{{ tacker_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
####################
# Keystone
####################
tacker_ks_services:
- name: "tacker"
type: "nfv-orchestration"
description: "Tacker Service"
endpoints:
- {'interface': 'admin', 'url': '{{ tacker_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ tacker_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ tacker_public_endpoint }}'}
tacker_ks_users:
- project: "service"
user: "{{ tacker_keystone_user }}"
password: "{{ tacker_keystone_password }}"
role: "admin"

@ -1,36 +1,8 @@
---
- name: Creating the Tacker service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "tacker"
service_type: "nfv-orchestration"
description: "Tacker Service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_tacker_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ tacker_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ tacker_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ tacker_public_endpoint }}'}
- name: Creating the Tacker project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ tacker_keystone_user }}"
password: "{{ tacker_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_tacker_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_tacker_auth }}"
service_ks_register_services: "{{ tacker_ks_services }}"
service_ks_register_users: "{{ tacker_ks_users }}"
tags: always

@ -120,3 +120,21 @@ trove_notification_topics:
enabled: "{{ enable_ceilometer | bool }}"
trove_enabled_notification_topics: "{{ trove_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
####################
# Keystone
####################
trove_ks_services:
- name: "trove"
type: "database"
description: "Trove Database Service"
endpoints:
- {'interface': 'admin', 'url': '{{ trove_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ trove_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ trove_public_endpoint }}'}
trove_ks_users:
- project: "service"
user: "{{ trove_keystone_user }}"
password: "{{ trove_keystone_password }}"
role: "admin"

@ -1,36 +1,8 @@
---
- name: Creating the Trove service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "trove"
service_type: "database"
description: "Trove Database Service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_trove_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ trove_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ trove_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ trove_public_endpoint }}'}
- name: Creating the Trove project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ trove_keystone_user }}"
password: "{{ trove_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_trove_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_trove_auth }}"
service_ks_register_services: "{{ trove_ks_services }}"
service_ks_register_users: "{{ trove_ks_users }}"
tags: always

@ -171,3 +171,21 @@ vitrage_notification_topics:
enabled: True
vitrage_enabled_notification_topics: "{{ vitrage_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
####################
# Keystone
####################
vitrage_ks_services:
- name: "vitrage"
type: "rca"
description: "Root Cause Analysis Service"
endpoints:
- {'interface': 'admin', 'url': '{{ vitrage_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ vitrage_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ vitrage_public_endpoint }}'}
vitrage_ks_users:
- project: "service"
user: "{{ vitrage_keystone_user }}"
password: "{{ vitrage_keystone_password }}"
role: "admin"

@ -1,39 +1,11 @@
---
- name: Creating the Vitrage service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "vitrage"
service_type: "rca"
description: "Root Cause Analysis Service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_vitrage_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ vitrage_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ vitrage_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ vitrage_public_endpoint }}'}
- name: Creating the Vitrage project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ vitrage_keystone_user }}"
password: "{{ vitrage_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_vitrage_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_vitrage_auth }}"
service_ks_register_services: "{{ vitrage_ks_services }}"
service_ks_register_users: "{{ vitrage_ks_users }}"
tags: always
- name: Adding vitrage user into admin project
become: true

@ -118,3 +118,21 @@ watcher_notification_topics:
enabled: "{{ enable_ceilometer | bool }}"
watcher_enabled_notification_topics: "{{ watcher_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
####################
# Keystone
####################
watcher_ks_services:
- name: "watcher"
type: "infra-optim"
description: "Infrastructure Optimization service"
endpoints:
- {'interface': 'admin', 'url': '{{ watcher_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ watcher_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ watcher_public_endpoint }}'}
watcher_ks_users:
- project: "service"
user: "{{ watcher_keystone_user }}"
password: "{{ watcher_keystone_password }}"
role: "admin"

@ -1,36 +1,8 @@
---
- name: Creating the Watcher service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "watcher"
service_type: "infra-optim"
description: "Infrastructure Optimization service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_watcher_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ watcher_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ watcher_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ watcher_public_endpoint }}'}
- name: Creating the Watcher project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ watcher_keystone_user }}"
password: "{{ watcher_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_watcher_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_watcher_auth }}"
service_ks_register_services: "{{ watcher_ks_services }}"
service_ks_register_users: "{{ watcher_ks_users }}"
tags: always

@ -122,3 +122,21 @@ zun_git_repository: "{{ kolla_dev_repos_git }}/{{ project_name }}"
zun_dev_repos_pull: "{{ kolla_dev_repos_pull }}"
zun_dev_mode: "{{ kolla_dev_mode }}"
zun_source_version: "{{ kolla_source_version }}"
####################
# Keystone
####################
zun_ks_services:
- name: "zun"
type: "container"
description: "Container Service"
endpoints:
- {'interface': 'admin', 'url': '{{ zun_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ zun_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ zun_public_endpoint }}'}
zun_ks_users:
- project: "service"
user: "{{ zun_keystone_user }}"
password: "{{ zun_keystone_password }}"
role: "admin"

@ -1,36 +1,8 @@
---
- name: Creating the Zun service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "zun"
service_type: "container"
description: "Container Service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_zun_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ zun_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ zun_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ zun_public_endpoint }}'}
- name: Creating the Zun project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ zun_keystone_user }}"
password: "{{ zun_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_zun_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_zun_auth }}"
service_ks_register_services: "{{ zun_ks_services }}"
service_ks_register_users: "{{ zun_ks_users }}"
tags: always