openstack/kolla-ansible
Code Issues Proposed changes

Merge "Refactor service, endpoint and user registration"

Browse Source
This commit is contained in:
Zuul 2019-09-18 17:34:14 +00:00 committed by Gerrit Code Review
commit a21b9b5430
82 changed files with 1156 additions and 1452 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
ansible/roles/aodh/defaults/main.yml
View File

@ -147,3 +147,21 @@ aodh_git_repository: "{{ kolla_dev_repos_git }}/{{ project_name }}"
aodh_dev_repos_pull: "{{ kolla_dev_repos_pull }}"
aodh_dev_mode: "{{ kolla_dev_mode }}"
aodh_source_version: "{{ kolla_source_version }}"
####################
# Keystone
####################
aodh_ks_services:
- name: "aodh"
type: "alarming"
description: "OpenStack Alarming Service"
endpoints:
- {'interface': 'admin', 'url': '{{ aodh_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ aodh_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ aodh_public_endpoint }}'}
aodh_ks_users:
- project: "service"
user: "{{ aodh_keystone_user }}"
password: "{{ aodh_keystone_password }}"
role: "admin"

42
ansible/roles/aodh/tasks/register.yml
View File

@ -1,36 +1,8 @@
---
- name: Creating the aodh service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "aodh"
service_type: "alarming"
description: "OpenStack Alarming Service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_aodh_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ aodh_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ aodh_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ aodh_public_endpoint }}'}
- name: Creating the aodh project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ aodh_keystone_user }}"
password: "{{ aodh_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_aodh_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_aodh_auth }}"
service_ks_register_services: "{{ aodh_ks_services }}"
service_ks_register_users: "{{ aodh_ks_users }}"
tags: always

18
ansible/roles/barbican/defaults/main.yml
View File

@ -115,3 +115,21 @@ barbican_git_repository: "{{ kolla_dev_repos_git }}/{{ project_name }}"
barbican_dev_repos_pull: "{{ kolla_dev_repos_pull }}"
barbican_dev_mode: "{{ kolla_dev_mode }}"
barbican_source_version: "{{ kolla_source_version }}"
####################
# Keystone
####################
barbican_ks_services:
- name: "barbican"
type: "key-manager"
description: "Barbican Key Management Service"
endpoints:
- {'interface': 'admin', 'url': '{{ barbican_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ barbican_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ barbican_public_endpoint }}'}
barbican_ks_users:
- project: "service"
user: "{{ barbican_keystone_user }}"
password: "{{ barbican_keystone_password }}"
role: "admin"

42
ansible/roles/barbican/tasks/register.yml
View File

@ -1,39 +1,11 @@
---
- name: Creating the barbican service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "barbican"
service_type: "key-manager"
description: "Barbican Key Management Service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_barbican_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ barbican_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ barbican_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ barbican_public_endpoint }}'}
- name: Creating the barbican project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ barbican_keystone_user }}"
password: "{{ barbican_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_barbican_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_barbican_auth }}"
service_ks_register_services: "{{ barbican_ks_services }}"
service_ks_register_users: "{{ barbican_ks_users }}"
tags: always
- name: Creating default barbican roles
become: true

18
ansible/roles/blazar/defaults/main.yml
View File

@ -105,3 +105,21 @@ blazar_notification_topics:
enabled: "{{ enable_ceilometer | bool }}"
blazar_enabled_notification_topics: "{{ blazar_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
####################
# Keystone
####################
blazar_ks_services:
- name: "blazar"
type: "reservation"
description: "OpenStack Reservation Service"
endpoints:
- {'interface': 'admin', 'url': '{{ blazar_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ blazar_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ blazar_public_endpoint }}'}
blazar_ks_users:
- project: "service"
user: "{{ blazar_keystone_user }}"
password: "{{ blazar_keystone_password }}"
role: "admin"

42
ansible/roles/blazar/tasks/register.yml
View File

@ -1,36 +1,8 @@
---
- name: Creating the blazar service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "blazar"
service_type: "reservation"
description: "OpenStack Reservation Service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_blazar_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ blazar_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ blazar_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ blazar_public_endpoint }}'}
- name: Creating the blazar project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ blazar_keystone_user }}"
password: "{{ blazar_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_blazar_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_blazar_auth }}"
service_ks_register_services: "{{ blazar_ks_services }}"
service_ks_register_users: "{{ blazar_ks_users }}"
tags: always

10
ansible/roles/ceilometer/defaults/main.yml
View File

@ -111,3 +111,13 @@ ceilometer_dev_mode: "{{ kolla_dev_mode }}"
ceilometer_source_version: "{{ kolla_source_version }}"
ceilometer_custom_meters_local_folder: "meters.d"
####################
# Keystone
####################
ceilometer_ks_users:
- project: "service"
user: "{{ ceilometer_keystone_user }}"
password: "{{ ceilometer_keystone_password }}"
role: "admin"

20
ansible/roles/ceilometer/tasks/register.yml
View File

@ -1,18 +1,10 @@
---
- name: Creating the Ceilometer project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ ceilometer_keystone_user }}"
password: "{{ ceilometer_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_ceilometer_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_ceilometer_auth }}"
service_ks_register_users: "{{ ceilometer_ks_users }}"
tags: always
- name: Associate the ResellerAdmin role and ceilometer user
become: true

19
ansible/roles/ceph/defaults/main.yml
View File

@ -128,3 +128,22 @@ cephfs_metadata_pool_pgp_num: "{{ ceph_pool_pgp_num }}"
# Kolla
####################
kolla_ceph_use_udev: True
####################
# Keystone
####################
ceph_rgw_ks_services:
- name: "swift"
type: "object-store"
description: "Openstack Object Storage"
endpoints:
- {'interface': 'admin', 'url': '{{ swift_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ swift_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ swift_public_endpoint }}'}
ceph_rgw_ks_users:
- project: "service"
user: "{{ ceph_rgw_keystone_user }}"
password: "{{ ceph_rgw_keystone_password }}"
role: "admin"

42
ansible/roles/ceph/tasks/start_rgw_keystone.yml
View File

@ -1,39 +1,11 @@
---
- name: Creating the Swift service and endpoint
become: true
kolla_toolbox:
module_name: kolla_keystone_service
module_args:
service_name: "swift"
service_type: "object-store"
description: "Openstack Object Storage"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_ceph_rgw_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ swift_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ swift_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ swift_public_endpoint }}'}
- name: Registering keystone ceph_rgw user
become: true
kolla_toolbox:
module_name: kolla_keystone_user
module_args:
project: "service"
user: "{{ ceph_rgw_keystone_user }}"
password: "{{ ceph_rgw_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_ceph_rgw_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_ceph_rgw_auth }}"
service_ks_register_services: "{{ ceph_rgw_ks_services }}"
service_ks_register_users: "{{ ceph_rgw_ks_users }}"
tags: always
- name: Creating the ResellerAdmin role
become: true

25
ansible/roles/cinder/defaults/main.yml
View File

@ -250,3 +250,28 @@ cinder_git_repository: "{{ kolla_dev_repos_git }}/{{ project_name }}"
cinder_dev_repos_pull: "{{ kolla_dev_repos_pull }}"
cinder_dev_mode: "{{ kolla_dev_mode }}"
cinder_source_version: "{{ kolla_source_version }}"
####################
# Keystone
####################
cinder_ks_services:
- name: "cinderv2"
type: "volumev2"
description: "Openstack Block Storage"
endpoints:
- {'interface': 'admin', 'url': '{{ cinder_v2_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ cinder_v2_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ cinder_v2_public_endpoint }}'}
- name: "cinderv3"
type: "volumev3"
description: "Openstack Block Storage"
endpoints:
- {'interface': 'admin', 'url': '{{ cinder_v3_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ cinder_v3_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ cinder_v3_public_endpoint }}'}
cinder_ks_users:
- project: "service"
user: "{{ cinder_keystone_user }}"
password: "{{ cinder_keystone_password }}"
role: "admin"

45
ansible/roles/cinder/tasks/register.yml
View File

@ -1,39 +1,8 @@
---
- name: Creating the Cinder service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "{{ item.service_name }}"
service_type: "{{ item.service_type }}"
description: "Openstack Block Storage"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_cinder_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ cinder_v2_admin_endpoint }}', 'service_name': 'cinderv2', 'service_type': 'volumev2'}
- {'interface': 'internal', 'url': '{{ cinder_v2_internal_endpoint }}', 'service_name': 'cinderv2', 'service_type': 'volumev2'}
- {'interface': 'public', 'url': '{{ cinder_v2_public_endpoint }}', 'service_name': 'cinderv2', 'service_type': 'volumev2'}
- {'interface': 'admin', 'url': '{{ cinder_v3_admin_endpoint }}', 'service_name': 'cinderv3', 'service_type': 'volumev3'}
- {'interface': 'internal', 'url': '{{ cinder_v3_internal_endpoint }}', 'service_name': 'cinderv3', 'service_type': 'volumev3'}
- {'interface': 'public', 'url': '{{ cinder_v3_public_endpoint }}', 'service_name': 'cinderv3', 'service_type': 'volumev3'}
- name: Creating the Cinder project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ cinder_keystone_user }}"
password: "{{ cinder_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_cinder_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_cinder_auth }}"
service_ks_register_services: "{{ cinder_ks_services }}"
service_ks_register_users: "{{ cinder_ks_users }}"
tags: always

18
ansible/roles/cloudkitty/defaults/main.yml
View File

@ -122,3 +122,21 @@ cloudkitty_storage_backend: "sqlalchemy"
# cloudkitty_influxdb_insecure_connections: false
cloudkitty_influxdb_name: "cloudkitty"
####################
# Keystone
####################
cloudkitty_ks_services:
- name: "cloudkitty"
type: "rating"
description: "OpenStack Rating"
endpoints:
- {'interface': 'admin', 'url': '{{ cloudkitty_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ cloudkitty_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ cloudkitty_public_endpoint }}'}
cloudkitty_ks_users:
- project: "service"
user: "{{ cloudkitty_keystone_user }}"
password: "{{ cloudkitty_keystone_password }}"
role: "admin"

42
ansible/roles/cloudkitty/tasks/register.yml
View File

@ -1,39 +1,11 @@
---
- name: Creating the Cloudkitty service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "cloudkitty"
service_type: "rating"
description: "OpenStack Rating"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_cloudkitty_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ cloudkitty_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ cloudkitty_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ cloudkitty_public_endpoint }}'}
- name: Creating the Cloudkitty project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ cloudkitty_keystone_user }}"
password: "{{ cloudkitty_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_cloudkitty_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_cloudkitty_auth }}"
service_ks_register_services: "{{ cloudkitty_ks_services }}"
service_ks_register_users: "{{ cloudkitty_ks_users }}"
tags: always
- name: Creating the rating role
become: true

18
ansible/roles/congress/defaults/main.yml
View File

@ -108,3 +108,21 @@ congress_git_repository: "{{ kolla_dev_repos_git }}/{{ project_name }}"
congress_dev_repos_pull: "{{ kolla_dev_repos_pull }}"
congress_dev_mode: "{{ kolla_dev_mode }}"
congress_source_version: "{{ kolla_source_version }}"
####################
# Keystone
####################
congress_ks_services:
- name: "congress"
type: "policy"
description: "Congress Service"
endpoints:
- {'interface': 'admin', 'url': '{{ congress_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ congress_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ congress_public_endpoint }}'}
congress_ks_users:
- project: "service"
user: "{{ congress_keystone_user }}"
password: "{{ congress_keystone_password }}"
role: "admin"

42
ansible/roles/congress/tasks/register.yml
View File

@ -1,36 +1,8 @@
---
- name: Creating the congress service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "congress"
service_type: "policy"
description: "Congress Service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_congress_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ congress_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ congress_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ congress_public_endpoint }}'}
- name: Creating the congress project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "congress"
password: "{{ congress_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_congress_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_congress_auth }}"
service_ks_register_services: "{{ congress_ks_services }}"
service_ks_register_users: "{{ congress_ks_users }}"
tags: always

18
ansible/roles/cyborg/defaults/main.yml
View File

@ -96,3 +96,21 @@ cyborg_notification_topics:
enabled: "{{ enable_ceilometer | bool }}"
cyborg_enabled_notification_topics: "{{ cyborg_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
####################
# Keystone
####################
cyborg_ks_services:
- name: "cyborg"
type: "cyborg"
description: "OpenStack Cyborg Service"
endpoints:
- {'interface': 'admin', 'url': '{{ cyborg_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ cyborg_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ cyborg_public_endpoint }}'}
cyborg_ks_users:
- project: "service"
user: "{{ cyborg_keystone_user }}"
password: "{{ cyborg_keystone_password }}"
role: "admin"

42
ansible/roles/cyborg/tasks/register.yml
View File

@ -1,36 +1,8 @@
---
- name: Creating the cyborg service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "cyborg"
service_type: "cyborg"
description: "OpenStack Cyborg Service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_cyborg_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ cyborg_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ cyborg_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ cyborg_public_endpoint }}'}
- name: Creating the cyborg project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ cyborg_keystone_user }}"
password: "{{ cyborg_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_cyborg_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_cyborg_auth }}"
service_ks_register_services: "{{ cyborg_ks_services }}"
service_ks_register_users: "{{ cyborg_ks_users }}"
tags: always

18
ansible/roles/designate/defaults/main.yml
View File

@ -214,3 +214,21 @@ designate_notification_topics:
enabled: True
designate_enabled_notification_topics: "{{ designate_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
####################
# Keystone
####################
designate_ks_services:
- name: "designate"
type: "dns"
description: "Designate DNS Service"
endpoints:
- {'interface': 'admin', 'url': '{{ designate_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ designate_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ designate_public_endpoint }}'}
designate_ks_users:
- project: "service"
user: "{{ designate_keystone_user }}"
password: "{{ designate_keystone_password }}"
role: "admin"

42
ansible/roles/designate/tasks/register.yml
View File

@ -1,36 +1,8 @@
---
- name: Creating the Designate service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "designate"
service_type: "dns"
description: "Designate DNS Service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_designate_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ designate_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ designate_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ designate_public_endpoint }}'}
- name: Creating the Designate project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ designate_keystone_user }}"
password: "{{ designate_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_designate_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_designate_auth }}"
service_ks_register_services: "{{ designate_ks_services }}"
service_ks_register_users: "{{ designate_ks_users }}"
tags: always

18
ansible/roles/freezer/defaults/main.yml
View File

@ -96,3 +96,21 @@ freezer_api_git_repository: "{{ kolla_dev_repos_git }}/freezer-api"
freezer_dev_repos_pull: "{{ kolla_dev_repos_pull }}"
freezer_dev_mode: "{{ kolla_dev_mode }}"
freezer_source_version: "{{ kolla_source_version }}"
####################
# Keystone
####################
freezer_ks_services:
- name: "freezer"
type: "backup"
description: "Openstack Freezer Backup Service"
endpoints:
- {'interface': 'admin', 'url': '{{ freezer_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ freezer_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ freezer_public_endpoint }}'}
freezer_ks_users:
- project: "service"
user: "{{ freezer_keystone_user }}"
password: "{{ freezer_keystone_password }}"
role: "admin"

42
ansible/roles/freezer/tasks/register.yml
View File

@ -1,36 +1,8 @@
---
- name: Creating the freezer service and endpoint
become: true
kolla_toolbox:
module_name: kolla_keystone_service
module_args:
service_name: freezer
service_type: backup
description: 'Openstack Freezer Backup Service'
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_freezer_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ freezer_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ freezer_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ freezer_public_endpoint }}'}
- name: Creating the freezer project, user, and role
become: true
kolla_toolbox:
module_name: kolla_keystone_user
module_args:
project: service
user: "{{ freezer_keystone_user }}"
password: "{{ freezer_keystone_password }}"
role: admin
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_freezer_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_freezer_auth }}"
service_ks_register_services: "{{ freezer_ks_services }}"
service_ks_register_users: "{{ freezer_ks_users }}"
tags: always

18
ansible/roles/glance/defaults/main.yml
View File

@ -39,6 +39,24 @@ glance_services:
####################
haproxy_members: "{% for host in glance_api_hosts %}server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ glance_api_listen_port }} check inter 2000 rise 2 fall 5;{% endfor %}"
####################
# Keystone
####################
glance_ks_services:
- name: "glance"
type: "image"
description: "Openstack Image"
endpoints:
- {'interface': 'admin', 'url': '{{ glance_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ glance_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ glance_public_endpoint }}'}
glance_ks_users:
- project: "service"
user: "{{ glance_keystone_user }}"
password: "{{ glance_keystone_password }}"
role: "admin"
####################
# Notification
####################

42
ansible/roles/glance/tasks/register.yml
View File

@ -1,36 +1,8 @@
---
- name: Creating the Glance service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "glance"
service_type: "image"
description: "Openstack Image"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_glance_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ glance_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ glance_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ glance_public_endpoint }}'}
- name: Creating the Glance project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ glance_keystone_user }}"
password: "{{ glance_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_glance_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_glance_auth }}"
service_ks_register_services: "{{ glance_ks_services }}"
service_ks_register_users: "{{ glance_ks_users }}"
tags: always

18
ansible/roles/gnocchi/defaults/main.yml
View File

@ -132,3 +132,21 @@ gnocchi_metricd_workers: "{{ openstack_service_workers }}"
gnocchi_keystone_user: "gnocchi"
openstack_gnocchi_auth: "{{ openstack_auth }}"
####################
# Keystone
####################
gnocchi_ks_services:
- name: "gnocchi"
type: "metric"
description: "OpenStack Metric Service"
endpoints:
- {'interface': 'admin', 'url': '{{ gnocchi_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ gnocchi_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ gnocchi_public_endpoint }}'}
gnocchi_ks_users:
- project: "service"
user: "{{ gnocchi_keystone_user }}"
password: "{{ gnocchi_keystone_password }}"
role: "admin"

42
ansible/roles/gnocchi/tasks/register.yml
View File

@ -1,36 +1,8 @@
---
- name: Creating the gnocchi service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "gnocchi"
service_type: "metric"
description: "OpenStack Metric Service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_gnocchi_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ gnocchi_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ gnocchi_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ gnocchi_public_endpoint }}'}
- name: Creating the gnocchi project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ gnocchi_keystone_user }}"
password: "{{ gnocchi_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_gnocchi_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_gnocchi_auth }}"
service_ks_register_services: "{{ gnocchi_ks_services }}"
service_ks_register_users: "{{ gnocchi_ks_users }}"
tags: always

25
ansible/roles/heat/defaults/main.yml
View File

@ -136,3 +136,28 @@ heat_notification_topics:
enabled: "{{ enable_ceilometer | bool }}"
heat_enabled_notification_topics: "{{ heat_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
####################
# Keystone
####################
heat_ks_services:
- name: "heat"
type: "orchestration"
description: "Orchestration"
endpoints:
- {'interface': 'admin', 'url': '{{ heat_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ heat_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ heat_public_endpoint }}'}
- name: "heat-cfn"
type: "cloudformation"
description: "Orchestration"
endpoints:
- {'interface': 'admin', 'url': '{{ heat_cfn_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ heat_cfn_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ heat_cfn_public_endpoint }}'}
heat_ks_users:
- project: "service"
user: "{{ heat_keystone_user }}"
password: "{{ heat_keystone_password }}"
role: "admin"

45
ansible/roles/heat/tasks/register.yml
View File

@ -1,42 +1,11 @@
---
- name: Creating the Heat service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "{{ item.service_name }}"
service_type: "{{ item.service_type }}"
description: "{{ item.description }}"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_heat_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ heat_admin_endpoint }}', 'service_name': 'heat', 'service_type': 'orchestration', 'description': 'Orchestration'}
- {'interface': 'internal', 'url': '{{ heat_internal_endpoint }}', 'service_name': 'heat', 'service_type': 'orchestration', 'description': 'Orchestration'}
- {'interface': 'public', 'url': '{{ heat_public_endpoint }}', 'service_name': 'heat', 'service_type': 'orchestration', 'description': 'Orchestration'}
- {'interface': 'admin', 'url': '{{ heat_cfn_admin_endpoint }}', 'service_name': 'heat-cfn', 'service_type': 'cloudformation', 'description': 'Orchestration'}
- {'interface': 'internal', 'url': '{{ heat_cfn_internal_endpoint }}', 'service_name': 'heat-cfn', 'service_type': 'cloudformation', 'description': 'Orchestration'}
- {'interface': 'public', 'url': '{{ heat_cfn_public_endpoint }}', 'service_name': 'heat-cfn', 'service_type': 'cloudformation', 'description': 'Orchestration'}
- name: Creating the Heat project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ heat_keystone_user }}"
password: "{{ heat_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_heat_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_heat_auth }}"
service_ks_register_services: "{{ heat_ks_services }}"
service_ks_register_users: "{{ heat_ks_users }}"
tags: always
- name: Creating the heat_stack_user role
become: true

29
ansible/roles/ironic/defaults/main.yml
View File

@ -221,3 +221,32 @@ ironic_notification_topics:
enabled: "{{ enable_ceilometer | bool }}"
ironic_enabled_notification_topics: "{{ ironic_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
####################
# Keystone
####################
ironic_ks_services:
- name: "ironic"
type: "baremetal"
description: "Ironic baremetal provisioning service"
endpoints:
- {'interface': 'admin', 'url': '{{ ironic_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ ironic_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ ironic_public_endpoint }}'}
- name: "ironic-inspector"
type: "baremetal-introspection"
description: "Ironic Inspector baremetal introspection service"
endpoints:
- {'interface': 'admin', 'url': '{{ ironic_inspector_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ ironic_inspector_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ ironic_inspector_public_endpoint }}'}
ironic_ks_users:
- project: "service"
user: "{{ ironic_keystone_user }}"
password: "{{ ironic_keystone_password }}"
role: "admin"
- project: "service"
user: "{{ ironic_inspector_keystone_user }}"
password: "{{ ironic_inspector_keystone_password }}"
role: "admin"

82
ansible/roles/ironic/tasks/register.yml
View File

@ -1,76 +1,8 @@
---
- name: Creating the Ironic service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "ironic"
service_type: "baremetal"
description: "Ironic baremetal provisioning service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_ironic_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
when: inventory_hostname in groups['ironic-api']
with_items:
- {'interface': 'admin', 'url': '{{ ironic_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ ironic_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ ironic_public_endpoint }}'}
- name: Creating the Ironic project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ ironic_keystone_user }}"
password: "{{ ironic_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_ironic_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
when: inventory_hostname in groups['ironic-api']
- name: Creating the Ironic Inspector service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "ironic-inspector"
service_type: "baremetal-introspection"
description: "Ironic Inspector baremetal introspection service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_ironic_inspector_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
when: inventory_hostname in groups['ironic-inspector']
with_items:
- {'interface': 'admin', 'url': '{{ ironic_inspector_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ ironic_inspector_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ ironic_inspector_public_endpoint }}'}
- name: Creating the Ironic Inspector project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ ironic_inspector_keystone_user }}"
password: "{{ ironic_inspector_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_ironic_inspector_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
when: inventory_hostname in groups['ironic-inspector']
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_ironic_auth }}"
service_ks_register_services: "{{ ironic_ks_services }}"
service_ks_register_users: "{{ ironic_ks_users }}"
tags: always

18
ansible/roles/karbor/defaults/main.yml
View File

@ -106,3 +106,21 @@ karbor_notification_topics:
enabled: "{{ enable_ceilometer | bool }}"
karbor_enabled_notification_topics: "{{ karbor_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
####################
# Keystone
####################
karbor_ks_services:
- name: "karbor"
type: "data-protect"
description: "Application Data Protection Service"
endpoints:
- {'interface': 'admin', 'url': '{{ karbor_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ karbor_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ karbor_public_endpoint }}'}
karbor_ks_users:
- project: "service"
user: "{{ karbor_keystone_user }}"
password: "{{ karbor_keystone_password }}"
role: "admin"

42
ansible/roles/karbor/tasks/register.yml
View File

@ -1,36 +1,8 @@
---
- name: Creating the Karbor service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "karbor"
service_type: "data-protect"
description: "Application Data Protection Service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_karbor_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ karbor_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ karbor_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ karbor_public_endpoint }}'}
- name: Creating the Karbor project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ karbor_keystone_user }}"
password: "{{ karbor_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_karbor_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_karbor_auth }}"
service_ks_register_services: "{{ karbor_ks_services }}"
service_ks_register_users: "{{ karbor_ks_users }}"
tags: always

13
ansible/roles/keystone/defaults/main.yml
View File

@ -128,3 +128,16 @@ keystone_notification_topics:
enabled: "{{ enable_barbican | bool }}"
keystone_enabled_notification_topics: "{{ keystone_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
####################
# Keystone
####################
keystone_ks_services:
- name: "keystone"
type: "identity"
description: "Openstack Identity Service"
endpoints:
- {'interface': 'admin', 'url': '{{ keystone_admin_url }}'}
- {'interface': 'internal', 'url': '{{ keystone_internal_url }}'}
- {'interface': 'public', 'url': '{{ keystone_public_url }}'}

27
ansible/roles/keystone/tasks/register.yml
View File

@ -8,28 +8,13 @@
run_once: True
with_items: "{{ multiple_regions_names }}"
# NOTE(jeffrey4l): Since keystone-manage bootstrap cloud not update the endpoint,
# run kolla_keystone_service module again.
- name: Creating the Keystone service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "keystone"
service_type: "identity"
description: "Openstack Identity Service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_keystone_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_keystone_auth }}"
service_ks_register_services: "{{ keystone_ks_services }}"
tags: always
run_once: True
with_items:
- { interface: admin, url: "{{ keystone_admin_url }}" }
- { interface: internal, url: "{{ keystone_internal_url }}" }
- { interface: public, url: "{{ keystone_public_url }}" }
- name: Creating default user role
become: true

9
ansible/roles/kuryr/defaults/main.yml
View File

@ -59,3 +59,12 @@ kuryr_dev_repos_pull: "{{ kolla_dev_repos_pull }}"
kuryr_dev_mode: "{{ kolla_dev_mode }}"
kuryr_dimensions: "{{ default_container_dimensions }}"
kuryr_source_version: "{{ kolla_source_version }}"
####################
# Keystone
####################
kuryr_ks_users:
- project: "service"
user: "{{ kuryr_keystone_user }}"
password: "{{ kuryr_keystone_password }}"
role: "admin"

20
ansible/roles/kuryr/tasks/register.yml
View File

@ -1,15 +1,7 @@
---
- name: Creating the Kuryr project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ kuryr_keystone_user }}"
password: "{{ kuryr_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_kuryr_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_kuryr_auth }}"
service_ks_register_users: "{{ kuryr_ks_users }}"
tags: always

19
ansible/roles/magnum/defaults/main.yml
View File

@ -115,3 +115,22 @@ magnum_notification_topics:
enabled: "{{ enable_ceilometer | bool }}"
magnum_enabled_notification_topics: "{{ magnum_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
####################
# Keystone
####################
magnum_ks_services:
- name: "magnum"
type: "container-infra"
description: "Container Infrastructure Management Service"
endpoints:
- {'interface': 'admin', 'url': '{{ magnum_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ magnum_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ magnum_public_endpoint }}'}
magnum_ks_users:
- project: "service"
user: "{{ magnum_keystone_user }}"
password: "{{ magnum_keystone_password }}"
role: "admin"

42
ansible/roles/magnum/tasks/register.yml
View File

@ -1,39 +1,11 @@
---
- name: Creating the Magnum service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "magnum"
service_type: "container-infra"
description: "Container Infrastructure Management Service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_magnum_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ magnum_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ magnum_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ magnum_public_endpoint }}'}
- name: Creating the Magnum project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ magnum_keystone_user }}"
password: "{{ magnum_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_magnum_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_magnum_auth }}"
service_ks_register_services: "{{ magnum_ks_services }}"
service_ks_register_users: "{{ magnum_ks_users }}"
tags: always
- name: Creating Magnum trustee domain
become: true

26
ansible/roles/manila/defaults/main.yml
View File

@ -193,3 +193,29 @@ manila_notification_topics:
enabled: "{{ enable_ceilometer | bool }}"
manila_enabled_notification_topics: "{{ manila_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
####################
# Keystone
####################
manila_ks_services:
- name: "manila"
type: "share"
description: "Openstack Shared Filesystems"
endpoints:
- {'interface': 'admin', 'url': '{{ manila_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ manila_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ manila_public_endpoint }}'}
- name: "manilav2"
type: "sharev2"
description: "Openstack Shared Filesystems"
endpoints:
- {'interface': 'admin', 'url': '{{ manila_v2_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ manila_v2_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ manila_v2_public_endpoint }}'}
manila_ks_users:
- project: "service"
user: "{{ manila_keystone_user }}"
password: "{{ manila_keystone_password }}"
role: "admin"

45
ansible/roles/manila/tasks/register.yml
View File

@ -1,39 +1,8 @@
---
- name: Creating the Manila service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "{{ item.service_name }}"
service_type: "{{ item.service_type }}"
description: "Openstack Shared Filesystems"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_manila_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ manila_admin_endpoint }}', 'service_name': 'manila', 'service_type': 'share'}
- {'interface': 'internal', 'url': '{{ manila_internal_endpoint }}', 'service_name': 'manila', 'service_type': 'share'}
- {'interface': 'public', 'url': '{{ manila_public_endpoint }}', 'service_name': 'manila', 'service_type': 'share'}
- {'interface': 'admin', 'url': '{{ manila_v2_admin_endpoint }}', 'service_name': 'manilav2', 'service_type': 'sharev2'}
- {'interface': 'internal', 'url': '{{ manila_v2_internal_endpoint }}', 'service_name': 'manilav2', 'service_type': 'sharev2'}
- {'interface': 'public', 'url': '{{ manila_v2_public_endpoint }}', 'service_name': 'manilav2', 'service_type': 'sharev2'}
- name: Creating the Manila project, user and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ manila_keystone_user }}"
password: "{{ manila_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_manila_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_manila_auth }}"
service_ks_register_services: "{{ manila_ks_services }}"
service_ks_register_users: "{{ manila_ks_users }}"
tags: always

18
ansible/roles/masakari/defaults/main.yml
View File

@ -115,3 +115,21 @@ masakari_monitors_git_repository: "{{ kolla_dev_repos_git }}/masakarimonitors"
masakari_monitors_dev_repos_pull: "{{ kolla_dev_repos_pull }}"
masakari_monitors_dev_mode: "{{ kolla_dev_mode }}"
masakari_monitors_source_version: "{{ kolla_source_version }}"
####################
# Keystone
####################
masakari_ks_services:
- name: "masakari"
type: "instance-ha"
description: "OpenStack High Availability"
endpoints:
- {'interface': 'admin', 'url': '{{ masakari_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ masakari_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ masakari_public_endpoint }}'}
masakari_ks_users:
- project: "service"
user: "{{ masakari_keystone_user }}"
password: "{{ masakari_keystone_password }}"
role: "admin"

42
ansible/roles/masakari/tasks/register.yml
View File

@ -1,36 +1,8 @@
---
- name: Creating the Masakari service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "masakari"
service_type: "instance-ha"
description: "OpenStack High Availability"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_masakari_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ masakari_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ masakari_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ masakari_public_endpoint }}'}
- name: Creating the Masakari project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ masakari_keystone_user }}"
password: "{{ masakari_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_masakari_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_masakari_auth }}"
service_ks_register_services: "{{ masakari_ks_services }}"
service_ks_register_users: "{{ masakari_ks_users }}"
tags: always

18
ansible/roles/mistral/defaults/main.yml
View File

@ -135,3 +135,21 @@ mistral_notification_topics:
enabled: "{{ enable_ceilometer | bool }}"
mistral_enabled_notification_topics: "{{ mistral_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
####################
# Keystone
####################
mistral_ks_services:
- name: "mistral"
type: "workflowv2"
description: "Openstack Workflow"
endpoints:
- {'interface': 'admin', 'url': '{{ mistral_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ mistral_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ mistral_public_endpoint }}'}
mistral_ks_users:
- project: "service"
user: "{{ mistral_keystone_user }}"
password: "{{ mistral_keystone_password }}"
role: "admin"

42
ansible/roles/mistral/tasks/register.yml
View File

@ -1,36 +1,8 @@
---
- name: Creating the Mistral service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "mistral"
service_type: "workflowv2"
description: "Openstack Workflow"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_mistral_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ mistral_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ mistral_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ mistral_public_endpoint }}'}
- name: Creating the Mistral project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ mistral_keystone_user }}"
password: "{{ mistral_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_mistral_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_mistral_auth }}"
service_ks_register_services: "{{ mistral_ks_services }}"
service_ks_register_users: "{{ mistral_ks_users }}"
tags: always

29
ansible/roles/monasca/defaults/main.yml
View File

@ -338,3 +338,32 @@ monasca_log_api_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_
monasca_log_api_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ monasca_log_api_port }}"
monasca_logging_debug: "{{ openstack_logging_debug }}"
####################
# Keystone
####################
monasca_ks_services:
- name: "monasca-api"
type: "monitoring"
description: "Monasca monitoring as a service"
endpoints:
- {'interface': 'admin', 'url': '{{ monasca_api_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ monasca_api_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ monasca_api_public_endpoint }}'}
- name: "monasca-log-api"
type: "logging"
description: "Monasca logging as a service"
endpoints:
- {'interface': 'admin', 'url': '{{ monasca_log_api_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ monasca_log_api_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ monasca_log_api_public_endpoint }}'}
monasca_ks_users:
- project: "service"
user: "{{ monasca_keystone_user }}"
password: "{{ monasca_keystone_password }}"
role: "admin"
- project: "{{ monasca_control_plane_project }}"
user: "{{ monasca_agent_user }}"
password: "{{ monasca_agent_password }}"
role: "{{ monasca_agent_authorized_roles | first }}"

77
ansible/roles/monasca/tasks/register.yml
View File

@ -1,60 +1,12 @@
---
- name: Creating monasca-api service and endpoints
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "monasca-api"
service_type: "monitoring"
description: "Monasca monitoring as a service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ monasca_openstack_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ monasca_api_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ monasca_api_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ monasca_api_public_endpoint }}'}
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ monasca_openstack_auth }}"
service_ks_register_services: "{{ monasca_ks_services }}"
service_ks_register_users: "{{ monasca_ks_users }}"
tags: always
- name: Creating monasca-log-api service and endpoints
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "monasca-log-api"
service_type: "logging"
description: "Monasca logging as a service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ monasca_openstack_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ monasca_log_api_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ monasca_log_api_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ monasca_log_api_public_endpoint }}'}
- name: Creating the monasca keystone user
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ monasca_keystone_user }}"
password: "{{ monasca_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ monasca_openstack_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- name: Creating monasca roles
become: true
@ -72,18 +24,3 @@
- "{{ monasca_agent_authorized_roles }}"
- "{{ monasca_read_only_authorized_roles }}"
- "{{ monasca_delegate_authorized_roles }}"
- name: Creating the monasca agent user
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "{{ monasca_control_plane_project }}"
user: "{{ monasca_agent_user }}"
password: "{{ monasca_agent_password }}"
role: "{{ monasca_agent_authorized_roles | first }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ monasca_openstack_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True

18
ansible/roles/murano/defaults/main.yml
View File

@ -98,3 +98,21 @@ murano_notification_topics:
enabled: "{{ enable_ceilometer | bool }}"
murano_enabled_notification_topics: "{{ murano_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
####################
# Keystone
####################
murano_ks_services:
- name: "murano"
type: "application-catalog"
description: "Openstack Application Catalogue"
endpoints:
- {'interface': 'admin', 'url': '{{ murano_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ murano_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ murano_public_endpoint }}'}
murano_ks_users:
- project: "service"
user: "{{ murano_keystone_user }}"
password: "{{ murano_keystone_password }}"
role: "admin"

42
ansible/roles/murano/tasks/register.yml
View File

@ -1,36 +1,8 @@
---
- name: Creating the Murano service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "murano"
service_type: "application-catalog"
description: "Openstack Application Catalogue"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_murano_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ murano_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ murano_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ murano_public_endpoint }}'}
- name: Creating the Murano project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ murano_keystone_user }}"
password: "{{ murano_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_murano_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_murano_auth }}"
service_ks_register_services: "{{ murano_ks_services }}"
service_ks_register_users: "{{ murano_ks_users }}"
tags: always

18
ansible/roles/neutron/defaults/main.yml
View File

@ -488,3 +488,21 @@ neutron_git_repository: "{{ kolla_dev_repos_git }}/{{ project_name }}"
neutron_dev_repos_pull: "{{ kolla_dev_repos_pull }}"
neutron_dev_mode: "{{ kolla_dev_mode }}"
neutron_source_version: "{{ kolla_source_version }}"
####################
# Keystone
####################
neutron_ks_services:
- name: "neutron"
type: "network"
description: "Openstack Networking"
endpoints:
- {'interface': 'admin', 'url': '{{ neutron_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ neutron_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ neutron_public_endpoint }}'}
neutron_ks_users:
- project: "service"
user: "{{ neutron_keystone_user }}"
password: "{{ neutron_keystone_password }}"
role: "admin"

42
ansible/roles/neutron/tasks/register.yml
View File

@ -1,36 +1,8 @@
---
- name: Creating the Neutron service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "neutron"
service_type: "network"
description: "Openstack Networking"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_neutron_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ neutron_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ neutron_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ neutron_public_endpoint }}'}
- name: Creating the Neutron project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ neutron_keystone_user }}"
password: "{{ neutron_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_neutron_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_neutron_auth }}"
service_ks_register_services: "{{ neutron_ks_services }}"
service_ks_register_users: "{{ neutron_ks_users }}"
tags: always

25
ansible/roles/nova/defaults/main.yml
View File

@ -384,6 +384,31 @@ nova_services_require_nova_conf:
# around 10 seconds, but the default is 30 to allow room for slowness.
nova_compute_startup_delay: 30
####################
# Keystone
####################
nova_ks_services:
- name: "nova_legacy"
type: "compute_legacy"
description: "OpenStack Compute Service (Legacy 2.0)"
endpoints:
- {'interface': 'admin', 'url': '{{ nova_legacy_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ nova_legacy_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ nova_legacy_public_endpoint }}'}
- name: "nova"
type: "compute"
description: "OpenStack Compute Service"
endpoints:
- {'interface': 'admin', 'url': '{{ nova_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ nova_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ nova_public_endpoint }}'}
nova_ks_users:
- project: "service"
user: "{{ nova_keystone_user }}"
password: "{{ nova_keystone_password }}"
role: "admin"
####################
# Notification
####################

45
ansible/roles/nova/tasks/register.yml
View File

@ -1,39 +1,8 @@
---
- name: Creating the Nova service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "{{ item.name }}"
service_type: "{{ item.service_type }}"
description: "{{ item.description }}"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_nova_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'name': 'nova_legacy', 'service_type': 'compute_legacy', 'interface': 'admin', 'url': '{{ nova_legacy_admin_endpoint }}', 'description': 'OpenStack Compute Service (Legacy 2.0)'}
- {'name': 'nova_legacy', 'service_type': 'compute_legacy', 'interface': 'internal', 'url': '{{ nova_legacy_internal_endpoint }}', 'description': 'OpenStack Compute Service (Legacy 2.0)'}
- {'name': 'nova_legacy', 'service_type': 'compute_legacy', 'interface': 'public', 'url': '{{ nova_legacy_public_endpoint }}', 'description': 'OpenStack Compute Service (Legacy 2.0)'}
- {'name': 'nova', 'service_type': 'compute', 'interface': 'admin', 'url': '{{ nova_admin_endpoint }}', 'description': 'OpenStack Compute Service'}
- {'name': 'nova', 'service_type': 'compute', 'interface': 'internal', 'url': '{{ nova_internal_endpoint }}', 'description': 'OpenStack Compute Service'}
- {'name': 'nova', 'service_type': 'compute', 'interface': 'public', 'url': '{{ nova_public_endpoint }}', 'description': 'OpenStack Compute Service'}
- name: Creating the Nova project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ nova_keystone_user }}"
password: "{{ nova_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_nova_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_nova_auth }}"
service_ks_register_services: "{{ nova_ks_services }}"
service_ks_register_users: "{{ nova_ks_users }}"
tags: always

18
ansible/roles/octavia/defaults/main.yml
View File

@ -120,3 +120,21 @@ octavia_logging_debug: "{{ openstack_logging_debug }}"
octavia_keystone_user: "octavia"
openstack_octavia_auth: "{{ openstack_auth }}"
####################
# Keystone
####################
octavia_ks_services:
- name: "octavia"
type: "load-balancer"
description: "Octavia Load Balancing Service"
endpoints:
- {'interface': 'admin', 'url': '{{ octavia_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ octavia_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ octavia_public_endpoint }}'}
octavia_ks_users:
- project: "service"
user: "{{ octavia_keystone_user }}"
password: "{{ octavia_keystone_password }}"
role: "admin"

42
ansible/roles/octavia/tasks/register.yml
View File

@ -1,39 +1,11 @@
---
- name: Creating the Octavia service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "octavia"
service_type: "load-balancer"
description: "Octavia Load Balancing Service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_octavia_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ octavia_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ octavia_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ octavia_public_endpoint }}'}
- name: Creating the Octavia project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ octavia_keystone_user }}"
password: "{{ octavia_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_octavia_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_octavia_auth }}"
service_ks_register_services: "{{ octavia_ks_services }}"
service_ks_register_users: "{{ octavia_ks_users }}"
tags: always
- name: Adding octavia user into admin project
become: true

18
ansible/roles/panko/defaults/main.yml
View File

@ -58,3 +58,21 @@ panko_logging_debug: "{{ openstack_logging_debug }}"
panko_keystone_user: "panko"
openstack_panko_auth: "{{ openstack_auth }}"
####################
# Keystone
####################
panko_ks_services:
- name: "panko"
type: "event"
description: "Panko Service"
endpoints:
- {'interface': 'admin', 'url': '{{ panko_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ panko_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ panko_public_endpoint }}'}
panko_ks_users:
- project: "service"
user: "{{ panko_keystone_user }}"
password: "{{ panko_keystone_password }}"
role: "admin"

42
ansible/roles/panko/tasks/register.yml
View File

@ -1,36 +1,8 @@
---
- name: Creating the panko service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "panko"
service_type: "event"
description: "Panko Service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_panko_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ panko_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ panko_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ panko_public_endpoint }}'}
- name: Creating the panko project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ panko_keystone_user }}"
password: "{{ panko_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_panko_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_panko_auth }}"
service_ks_register_services: "{{ panko_ks_services }}"
service_ks_register_users: "{{ panko_ks_users }}"
tags: always

18
ansible/roles/placement/defaults/main.yml
View File

@ -89,3 +89,21 @@ nova_api_database_name: "nova_api"
nova_api_database_user: "{% if use_preconfigured_databases | bool and use_common_mariadb_user | bool %}{{ database_user }}{% else %}nova_api{% endif %}"
nova_api_database_host: "{{ database_address }}"
placement_database_host: "{{ database_address }}"
####################
# Keystone
####################
placement_ks_services:
- name: "placement"
type: "placement"
description: "Placement Service"
endpoints:
- {'interface': 'admin', 'url': '{{ placement_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ placement_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ placement_public_endpoint }}'}
placement_ks_users:
- project: "service"
user: "{{ placement_keystone_user }}"
password: "{{ placement_keystone_password }}"
role: "admin"

42
ansible/roles/placement/tasks/register.yml
View File

@ -1,36 +1,8 @@
---
- name: Creating the placement service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "{{ item.name }}"
service_type: "{{ item.service_type }}"
description: "{{ item.description }}"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_placement_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'name': 'placement', 'service_type': 'placement', 'interface': 'admin', 'url': '{{ placement_admin_endpoint }}', 'description': 'Placement Service'}
- {'name': 'placement', 'service_type': 'placement', 'interface': 'internal', 'url': '{{ placement_internal_endpoint }}', 'description': 'Placement Service'}
- {'name': 'placement', 'service_type': 'placement', 'interface': 'public', 'url': '{{ placement_public_endpoint }}', 'description': 'Placement Service'}
- name: Creating the placement project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ placement_keystone_user }}"
password: "{{ placement_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_placement_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_placement_auth }}"
service_ks_register_services: "{{ placement_ks_services }}"
service_ks_register_users: "{{ placement_ks_users }}"
tags: always

18
ansible/roles/qinling/defaults/main.yml
View File

@ -91,3 +91,21 @@ qinling_git_repository: "{{ kolla_dev_repos_git }}/{{ project_name }}"
qinling_dev_repos_pull: "{{ kolla_dev_repos_pull }}"
qinling_dev_mode: "{{ kolla_dev_mode }}"
qinling_source_version: "{{ kolla_source_version }}"
####################
# Keystone
####################
qinling_ks_services:
- name: "qinling"
type: "function-engine"
description: "Function Service"
endpoints:
- {'interface': 'admin', 'url': '{{ qinling_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ qinling_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ qinling_public_endpoint }}'}
qinling_ks_users:
- project: "service"
user: "{{ qinling_keystone_user }}"
password: "{{ qinling_keystone_password }}"
role: "admin"

42
ansible/roles/qinling/tasks/register.yml
View File

@ -1,36 +1,8 @@
---
- name: Creating the Qinling service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "qinling"
service_type: "function-engine"
description: "Function Service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_qinling_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ qinling_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ qinling_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ qinling_public_endpoint }}'}
- name: Creating the Qinling project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ qinling_keystone_user }}"
password: "{{ qinling_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_qinling_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_qinling_auth }}"
service_ks_register_services: "{{ qinling_ks_services }}"
service_ks_register_users: "{{ qinling_ks_users }}"
tags: always

18
ansible/roles/sahara/defaults/main.yml
View File

@ -103,3 +103,21 @@ sahara_notification_topics:
enabled: "{{ enable_ceilometer | bool }}"
sahara_enabled_notification_topics: "{{ sahara_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
####################
# Keystone
####################
sahara_ks_services:
- name: "sahara"
type: "data-processing"
description: "Sahara Data Processing"
endpoints:
- {'interface': 'admin', 'url': '{{ sahara_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ sahara_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ sahara_public_endpoint }}'}
sahara_ks_users:
- project: "service"
user: "{{ sahara_keystone_user }}"
password: "{{ sahara_keystone_password }}"
role: "admin"

42
ansible/roles/sahara/tasks/register.yml
View File

@ -1,36 +1,8 @@
---
- name: Creating the Sahara service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "sahara"
service_type: "data-processing"
description: "Sahara Data Processing"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_sahara_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ sahara_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ sahara_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ sahara_public_endpoint }}'}
- name: Creating the Sahara project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ sahara_keystone_user }}"
password: "{{ sahara_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_sahara_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_sahara_auth }}"
service_ks_register_services: "{{ sahara_ks_services }}"
service_ks_register_users: "{{ sahara_ks_users }}"
tags: always

18
ansible/roles/searchlight/defaults/main.yml
View File

@ -85,3 +85,21 @@ searchlight_notification_topics:
enabled: "{{ enable_ceilometer | bool }}"
searchlight_enabled_notification_topics: "{{ searchlight_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
####################
# Keystone
####################
searchlight_ks_services:
- name: "searchlight"
type: "search"
description: "Openstack Index Service"
endpoints:
- {'interface': 'admin', 'url': '{{ searchlight_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ searchlight_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ searchlight_public_endpoint }}'}
searchlight_ks_users:
- project: "service"
user: "{{ searchlight_keystone_user }}"
password: "{{ searchlight_keystone_password }}"
role: "admin"

42
ansible/roles/searchlight/tasks/register.yml
View File

@ -1,36 +1,8 @@
---
- name: Creating the Searchlight service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "searchlight"
service_type: "search"
description: "Openstack Index Service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_searchlight_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ searchlight_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ searchlight_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ searchlight_public_endpoint }}'}
- name: Creating the Searchlight project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ searchlight_keystone_user }}"
password: "{{ searchlight_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_searchlight_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_searchlight_auth }}"
service_ks_register_services: "{{ searchlight_ks_services }}"
service_ks_register_users: "{{ searchlight_ks_users }}"
tags: always

18
ansible/roles/senlin/defaults/main.yml
View File

@ -101,3 +101,21 @@ senlin_notification_topics:
enabled: "{{ enable_ceilometer | bool }}"
senlin_enabled_notification_topics: "{{ senlin_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
####################
# Keystone
####################
senlin_ks_services:
- name: "senlin"
type: "clustering"
description: "Senlin Clustering Service"
endpoints:
- {'interface': 'admin', 'url': '{{ senlin_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ senlin_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ senlin_public_endpoint }}'}
senlin_ks_users:
- project: "service"
user: "{{ senlin_keystone_user }}"
password: "{{ senlin_keystone_password }}"
role: "admin"

42
ansible/roles/senlin/tasks/register.yml
View File

@ -1,36 +1,8 @@
---
- name: Creating the Senlin service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "senlin"
service_type: "clustering"
description: "Senlin Clustering Service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_senlin_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ senlin_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ senlin_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ senlin_public_endpoint }}'}
- name: Creating the Senlin project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ senlin_keystone_user }}"
password: "{{ senlin_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_senlin_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_senlin_auth }}"
service_ks_register_services: "{{ senlin_ks_services }}"
service_ks_register_users: "{{ senlin_ks_users }}"
tags: always

14
ansible/roles/service-ks-register/defaults/main.yml Normal file
View File

@ -0,0 +1,14 @@
---
service_ks_register_region_name: "{{ openstack_region_name }}"
service_ks_register_auth: {}
service_ks_cacert: "{{ openstack_cacert }}"
service_ks_register_interface: "{{ openstack_interface }}"
service_ks_register_endpoint_region: "{{ openstack_region_name }}"
service_ks_register_domain: "default"
service_ks_register_delegate_host: "{{ groups['control'][0] }}"
# A list of services to register with Keystone. Each service definition should
# provide a description, service type, and a list of associated endpoints to be
# registered.
service_ks_register_services: []
# A list of users and associated roles for this service to register with Keystone
service_ks_register_users: []

107
ansible/roles/service-ks-register/tasks/main.yml Normal file
View File

@ -0,0 +1,107 @@
---
- name: Creating the {{ project_name }} service
become: true
kolla_toolbox:
module_name: "os_keystone_service"
module_args:
name: "{{ item.name }}"
service_type: "{{ item.type }}"
description: "{{ item.description }}"
region_name: "{{ service_ks_register_region_name }}"
auth: "{{ service_ks_register_auth }}"
interface: "{{ service_ks_register_interface }}"
cacert: "{{ service_ks_cacert }}"
run_once: True
loop: "{{ service_ks_register_services }}"
delegate_to: "{{ service_ks_register_delegate_host }}"
- name: Creating the {{ project_name }} endpoints
become: true
kolla_toolbox:
module_name: "os_keystone_endpoint"
module_args:
service: "{{ item.0.name }}"
url: "{{ item.1.url }}"
endpoint_interface: "{{ item.1.interface }}"
region: "{{ service_ks_register_endpoint_region }}"
region_name: "{{ service_ks_register_region_name }}"
auth: "{{ service_ks_register_auth }}"
interface: "{{ service_ks_register_interface }}"
cacert: "{{ service_ks_cacert }}"
run_once: True
with_subelements:
- "{{ service_ks_register_services }}"
- endpoints
delegate_to: "{{ service_ks_register_delegate_host }}"
- name: Creating the {{ project_name }} service project
become: true
kolla_toolbox:
module_name: "os_project"
module_args:
name: "{{ item }}"
domain: "{{ service_ks_register_domain }}"
region_name: "{{ service_ks_register_region_name }}"
auth: "{{ service_ks_register_auth }}"
interface: "{{ service_ks_register_interface }}"
cacert: "{{ service_ks_cacert }}"
run_once: True
with_items: "{{ service_ks_register_users | map(attribute='project') | unique | list }}"
delegate_to: "{{ service_ks_register_delegate_host }}"
- name: Creating the {{ project_name }} service users
become: true
kolla_toolbox:
module_name: "os_user"
module_args:
default_project: "{{ item.project }}"
name: "{{ item.user }}"
password: "{{ item.password }}"
domain: "{{ service_ks_register_domain }}"
region_name: "{{ service_ks_register_region_name }}"
auth: "{{ service_ks_register_auth }}"
interface: "{{ service_ks_register_interface }}"
cacert: "{{ service_ks_cacert }}"
run_once: True
with_items: "{{ service_ks_register_users }}"
delegate_to: "{{ service_ks_register_delegate_host }}"
loop_control:
label:
user: "{{ item.user }}"
project: "{{ item.project }}"
- name: Creating the {{ project_name }} service roles
become: true
kolla_toolbox:
module_name: "os_keystone_role"
module_args:
name: "{{ item }}"
region_name: "{{ service_ks_register_region_name }}"
auth: "{{ service_ks_register_auth }}"
interface: "{{ service_ks_register_interface }}"
cacert: "{{ service_ks_cacert }}"
run_once: True
with_items: "{{ service_ks_register_users | map(attribute='role') | unique | list }}"
delegate_to: "{{ service_ks_register_delegate_host }}"
- name: Granting the {{ project_name }} service user roles
become: true
kolla_toolbox:
module_name: "os_user_role"
module_args:
user: "{{ item.user }}"
role: "{{ item.role }}"
project: "{{ item.project }}"
domain: "{{ service_ks_register_domain }}"
region_name: "{{ service_ks_register_region_name }}"
auth: "{{ service_ks_register_auth }}"
interface: "{{ service_ks_register_interface }}"
cacert: "{{ service_ks_cacert }}"
run_once: True
with_items: "{{ service_ks_register_users }}"
delegate_to: "{{ service_ks_register_delegate_host }}"
loop_control:
label:
user: "{{ item.user }}"
role: "{{ item.role }}"
project: "{{ item.project }}"

25
ansible/roles/solum/defaults/main.yml
View File

@ -143,3 +143,28 @@ solum_git_repository: "{{ kolla_dev_repos_git }}/{{ project_name }}"
solum_dev_repos_pull: "{{ kolla_dev_repos_pull }}"
solum_dev_mode: "{{ kolla_dev_mode }}"
solum_source_version: "{{ kolla_source_version }}"
####################
# Keystone
####################
solum_ks_services:
- name: "solum_image_builder"
type: "image_builder"
description: "Openstack Solum Image Builder"
endpoints:
- {'interface': 'admin', 'url': '{{ solum_image_builder_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ solum_image_builder_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ solum_image_builder_public_endpoint }}'}
- name: "solum_application_deployment"
type: "application_deployment"
description: "Openstack Solum Application Deployment"
endpoints:
- {'interface': 'admin', 'url': '{{ solum_application_deployment_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ solum_application_deployment_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ solum_application_deployment_public_endpoint }}'}
solum_ks_users:
- project: "service"
user: "{{ solum_keystone_user }}"
password: "{{ solum_keystone_password }}"
role: "admin"

63
ansible/roles/solum/tasks/register.yml
View File

@ -1,57 +1,8 @@
---
- name: Creating the Solum image builder service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "solum_image_builder"
service_type: "image_builder"
description: "Openstack Solum Image Builder"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_solum_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ solum_image_builder_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ solum_image_builder_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ solum_image_builder_public_endpoint }}'}
- name: Creating the Solum application deployment service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "solum_application_deployment"
service_type: "application_deployment"
description: "Openstack Solum Application Deployment"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_solum_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ solum_application_deployment_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ solum_application_deployment_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ solum_application_deployment_public_endpoint }}'}
- name: Creating the Solum project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ solum_keystone_user }}"
password: "{{ solum_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_solum_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_solum_auth }}"
service_ks_register_services: "{{ solum_ks_services }}"
service_ks_register_users: "{{ solum_ks_users }}"
tags: always

18
ansible/roles/swift/defaults/main.yml
View File

@ -77,3 +77,21 @@ syslog_server: "{{ api_interface_address }}"
syslog_swift_facility: "local0"
swift_enable_rolling_upgrade: "yes"
####################
# Keystone
####################
swift_ks_services:
- name: "swift"
type: "object-store"
description: "Openstack Object Storage"
endpoints:
- {'interface': 'admin', 'url': '{{ swift_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ swift_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ swift_public_endpoint }}'}
swift_ks_users:
- project: "service"
user: "{{ swift_keystone_user }}"
password: "{{ swift_keystone_password }}"
role: "admin"

42
ansible/roles/swift/tasks/register.yml
View File

@ -1,39 +1,11 @@
---
- name: Creating the Swift service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "swift"
service_type: "object-store"
description: "Openstack Object Storage"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_swift_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ swift_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ swift_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ swift_public_endpoint }}'}
- name: Creating the Swift project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ swift_keystone_user }}"
password: "{{ swift_keystone_password }}"
role: "{{ swift_admin_tenant_name }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_swift_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_swift_auth }}"
service_ks_register_services: "{{ swift_ks_services }}"
service_ks_register_users: "{{ swift_ks_users }}"
tags: always
- name: Creating the ResellerAdmin role
become: true

18
ansible/roles/tacker/defaults/main.yml
View File

@ -96,3 +96,21 @@ tacker_notification_topics:
enabled: "{{ enable_ceilometer | bool }}"
tacker_enabled_notification_topics: "{{ tacker_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
####################
# Keystone
####################
tacker_ks_services:
- name: "tacker"
type: "nfv-orchestration"
description: "Tacker Service"
endpoints:
- {'interface': 'admin', 'url': '{{ tacker_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ tacker_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ tacker_public_endpoint }}'}
tacker_ks_users:
- project: "service"
user: "{{ tacker_keystone_user }}"
password: "{{ tacker_keystone_password }}"
role: "admin"

42
ansible/roles/tacker/tasks/register.yml
View File

@ -1,36 +1,8 @@
---
- name: Creating the Tacker service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "tacker"
service_type: "nfv-orchestration"
description: "Tacker Service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_tacker_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ tacker_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ tacker_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ tacker_public_endpoint }}'}
- name: Creating the Tacker project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ tacker_keystone_user }}"
password: "{{ tacker_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_tacker_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_tacker_auth }}"
service_ks_register_services: "{{ tacker_ks_services }}"
service_ks_register_users: "{{ tacker_ks_users }}"
tags: always

18
ansible/roles/trove/defaults/main.yml
View File

@ -120,3 +120,21 @@ trove_notification_topics:
enabled: "{{ enable_ceilometer | bool }}"
trove_enabled_notification_topics: "{{ trove_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
####################
# Keystone
####################
trove_ks_services:
- name: "trove"
type: "database"
description: "Trove Database Service"
endpoints:
- {'interface': 'admin', 'url': '{{ trove_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ trove_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ trove_public_endpoint }}'}
trove_ks_users:
- project: "service"
user: "{{ trove_keystone_user }}"
password: "{{ trove_keystone_password }}"
role: "admin"

42
ansible/roles/trove/tasks/register.yml
View File

@ -1,36 +1,8 @@
---
- name: Creating the Trove service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "trove"
service_type: "database"
description: "Trove Database Service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_trove_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ trove_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ trove_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ trove_public_endpoint }}'}
- name: Creating the Trove project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ trove_keystone_user }}"
password: "{{ trove_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_trove_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_trove_auth }}"
service_ks_register_services: "{{ trove_ks_services }}"
service_ks_register_users: "{{ trove_ks_users }}"
tags: always

18
ansible/roles/vitrage/defaults/main.yml
View File

@ -171,3 +171,21 @@ vitrage_notification_topics:
enabled: True
vitrage_enabled_notification_topics: "{{ vitrage_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
####################
# Keystone
####################
vitrage_ks_services:
- name: "vitrage"
type: "rca"
description: "Root Cause Analysis Service"
endpoints:
- {'interface': 'admin', 'url': '{{ vitrage_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ vitrage_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ vitrage_public_endpoint }}'}
vitrage_ks_users:
- project: "service"
user: "{{ vitrage_keystone_user }}"
password: "{{ vitrage_keystone_password }}"
role: "admin"

42
ansible/roles/vitrage/tasks/register.yml
View File

@ -1,39 +1,11 @@
---
- name: Creating the Vitrage service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "vitrage"
service_type: "rca"
description: "Root Cause Analysis Service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_vitrage_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ vitrage_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ vitrage_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ vitrage_public_endpoint }}'}
- name: Creating the Vitrage project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ vitrage_keystone_user }}"
password: "{{ vitrage_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_vitrage_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_vitrage_auth }}"
service_ks_register_services: "{{ vitrage_ks_services }}"
service_ks_register_users: "{{ vitrage_ks_users }}"
tags: always
- name: Adding vitrage user into admin project
become: true

18
ansible/roles/watcher/defaults/main.yml
View File

@ -118,3 +118,21 @@ watcher_notification_topics:
enabled: "{{ enable_ceilometer | bool }}"
watcher_enabled_notification_topics: "{{ watcher_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
####################
# Keystone
####################
watcher_ks_services:
- name: "watcher"
type: "infra-optim"
description: "Infrastructure Optimization service"
endpoints:
- {'interface': 'admin', 'url': '{{ watcher_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ watcher_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ watcher_public_endpoint }}'}
watcher_ks_users:
- project: "service"
user: "{{ watcher_keystone_user }}"
password: "{{ watcher_keystone_password }}"
role: "admin"

42
ansible/roles/watcher/tasks/register.yml
View File

@ -1,36 +1,8 @@
---
- name: Creating the Watcher service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "watcher"
service_type: "infra-optim"
description: "Infrastructure Optimization service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_watcher_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ watcher_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ watcher_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ watcher_public_endpoint }}'}
- name: Creating the Watcher project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ watcher_keystone_user }}"
password: "{{ watcher_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_watcher_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_watcher_auth }}"
service_ks_register_services: "{{ watcher_ks_services }}"
service_ks_register_users: "{{ watcher_ks_users }}"
tags: always

18
ansible/roles/zun/defaults/main.yml
View File

@ -122,3 +122,21 @@ zun_git_repository: "{{ kolla_dev_repos_git }}/{{ project_name }}"
zun_dev_repos_pull: "{{ kolla_dev_repos_pull }}"
zun_dev_mode: "{{ kolla_dev_mode }}"
zun_source_version: "{{ kolla_source_version }}"
####################
# Keystone
####################
zun_ks_services:
- name: "zun"
type: "container"
description: "Container Service"
endpoints:
- {'interface': 'admin', 'url': '{{ zun_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ zun_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ zun_public_endpoint }}'}
zun_ks_users:
- project: "service"
user: "{{ zun_keystone_user }}"
password: "{{ zun_keystone_password }}"
role: "admin"

42
ansible/roles/zun/tasks/register.yml
View File

@ -1,36 +1,8 @@
---
- name: Creating the Zun service and endpoint
become: true
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "zun"
service_type: "container"
description: "Container Service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_zun_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ zun_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ zun_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ zun_public_endpoint }}'}
- name: Creating the Zun project, user, and role
become: true
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ zun_keystone_user }}"
password: "{{ zun_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ openstack_zun_auth }}"
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
run_once: True
- import_role:
name: service-ks-register
vars:
service_ks_register_auth: "{{ openstack_zun_auth }}"
service_ks_register_services: "{{ zun_ks_services }}"
service_ks_register_users: "{{ zun_ks_users }}"
tags: always