Merge "Move the admin account creation to register.yml"

ansible/roles/keystone/defaults/main.yml

@@ -28,3 +28,4 @@ keystone_logging_verbose: "{{ openstack_logging_verbose }}"
 keystone_logging_debug: "{{ openstack_logging_debug }}"
 
 openstack_keystone_auth: "{'auth_url':'{{ openstack_auth_v2.auth_url }}','username':'{{ openstack_auth_v2.username }}','password':'{{ openstack_auth_v2.password }}','project_name':'{{ openstack_auth_v2.project_name }}'}"
+openstack_keystone_token_auth: "{'endpoint':'{{ openstack_auth_v2.auth_url }}','token':'{{ keystone_admin_token }}'}"

ansible/roles/keystone/tasks/main.yml

@@ -8,4 +8,7 @@
 - include: start.yml
   when: inventory_hostname in groups['keystone']
 
+- include: register.yml
+  when: inventory_hostname in groups['keystone']
+
 - include: check.yml

ansible/roles/keystone/tasks/register.yml

@@ -0,0 +1,39 @@
+---
+- name: Creating the admin project, user and role
+  command: docker exec -t kolla_ansible /usr/bin/ansible localhost
+    -m kolla_keystone_user
+    -a "project=admin
+        user=admin
+        password={{ keystone_admin_password }}
+        role=admin
+        region_name={{ openstack_region_name }}
+        auth_type=admin_token
+        auth={{ '{{ openstack_keystone_token_auth }}' }}"
+    -e "{'openstack_keystone_token_auth':{{ openstack_keystone_token_auth }}}"
+  register: keystone_admin_user
+  changed_when: "{{ keystone_admin_user.stdout.find('localhost | SUCCESS => ') != -1 and (keystone_admin_user.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
+  until: keystone_admin_user.stdout.split()[2] == 'SUCCESS'
+  retries: 10
+  delay: 5
+  run_once: True
+
+- name: Creating the Keystone service and endpoint
+  command: docker exec -t kolla_ansible /usr/bin/ansible localhost
+    -m kolla_keystone_service
+    -a "service_name=keystone
+        service_type=identity
+        description='Openstack Identity'
+        endpoint_region={{ openstack_region_name }}
+        admin_url='http://{{ kolla_internal_address }}:{{ keystone_admin_port }}'
+        internal_url='http://{{ kolla_internal_address }}:{{ keystone_admin_port }}'
+        public_url='http://{{ kolla_external_address }}:{{ keystone_public_port }}'
+        region_name={{ openstack_region_name }}
+        auth_type=admin_token
+        auth={{ '{{ openstack_keystone_token_auth }}' }}"
+    -e "{'openstack_keystone_token_auth':{{ openstack_keystone_token_auth }}}"
+  register: keystone_endpoint
+  changed_when: "{{ keystone_endpoint.stdout.find('localhost | SUCCESS => ') != -1 and (keystone_endpoint.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
+  until: keystone_endpoint.stdout.split()[2] == 'SUCCESS'
+  retries: 10
+  delay: 5
+  run_once: True

ansible/roles/keystone/tasks/start.yml

@@ -18,3 +18,6 @@
       - "/var/lib/kolla/dev/log:/dev/log"
     env:
       KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
+
+- name: Wait for keystone startup
+  wait_for: host={{ keystone_admin_address }} port={{ keystone_admin_port }}

docker/keystone/extend_start.sh

@@ -17,20 +17,6 @@ fi
 # of the KOLLA_BOOTSTRAP variable being set, including empty.
 if [[ "${!KOLLA_BOOTSTRAP[@]}" ]]; then
     sudo -H -u keystone keystone-manage db_sync
-    # Start the api to set initial endpoint and users with the admin_token
-    $CMD
-    sleep 5
-
-    openstack service create --name keystone --description "OpenStack Identity" identity
-    openstack endpoint create --region "${REGION_NAME}" \
-                                --publicurl "${PUBLIC_URL}" \
-                                --internalurl "${INTERNAL_URL}" \
-                                --adminurl "${ADMIN_URL}" \
-                                identity
-    openstack project create --description "Admin Project" admin
-    openstack user create --password "${KEYSTONE_ADMIN_PASSWORD}" admin
-    openstack role create admin
-    openstack role add --project admin --user admin admin
     exit 0
 fi