--- # Copyright 2015, Rackspace US, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - name: Prepare MQ/DB services hosts: keystone_all[0] gather_facts: true any_errors_fatal: true user: root become: true tasks: - name: Set keystone_messaging fact set_fact: keystone_messaging_enabled: "{{ groups['rabbitmq_all'] is defined }}" - include: ensure-rabbitmq.yml vhost_name: "{{ keystone_rabbitmq_vhost }}" user_name: "{{ keystone_rabbitmq_userid }}" user_password: "{{ keystone_rabbitmq_password }}" when: - "'rabbitmq_all' in groups" - "groups['rabbitmq_all'] | length > 0" - "'oslomsg_rpc_all' not in groups" - include: ensure-oslomsg.yml rpc_vhost: "{{ keystone_oslomsg_rpc_vhost }}" rpc_user: "{{ keystone_oslomsg_rpc_userid }}" rpc_password: "{{ keystone_oslomsg_rpc_password }}" notify_vhost: "{{ keystone_oslomsg_notify_vhost }}" notify_user: "{{ keystone_oslomsg_notify_userid }}" notify_password: "{{ keystone_oslomsg_notify_password }}" when: - "'oslomsg_rpc_all' in groups" - "groups['oslomsg_rpc_all'] | length > 0" - include: create-grant-db.yml db_name: "{{ keystone_galera_database }}" db_password: "{{ keystone_container_mysql_password }}" vars_files: - test-vars.yml - name: Playbook for deploying keystone hosts: keystone_all serial: 1 user: root become: true gather_facts: true any_errors_fatal: true pre_tasks: # In order to ensure that any container, software or # config file changes which causes a container/service # restart do not cause an unexpected outage, we drain # the load balancer back end for this container. - include: common-tasks/haproxy-endpoint-manage.yml vars: haproxy_state: disabled when: - "groups['keystone_all'] | length > 1" roles: - role: "os_keystone" post_tasks: # Now that container changes are done, we can set # the load balancer back end for this container # to available again. - include: common-tasks/haproxy-endpoint-manage.yml vars: haproxy_state: enabled when: - "groups['keystone_all'] | length > 1" vars_files: - test-vars.yml - name: Playbook for finalising the keystone db migrations hosts: keystone_all[0] user: root become: true gather_facts: false any_errors_fatal: true tasks: - name: Perform a Keystone DB sync contract command: keystone-manage db_sync --contract become: yes become_user: keystone environment: PATH: "/openstack/venvs/keystone-{{ keystone_venv_tag }}/bin:{{ ansible_env.PATH }}" tags: - skip_ansible_lint vars_files: - test-vars.yml