--- /dev/null
+##############################################################################
+# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
+#
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+---
+- include_vars: "{{ ansible_os_family }}.yml"
+
+- name: install heat related packages
+ action: "{{ ansible_pkg_mgr }} name={{ item }} state=present"
+ with_items: packages | union(packages_noarch)
+
+- name: generate heat service list
+ lineinfile: dest=/opt/service create=yes line='{{ item }}'
+ with_items: services | union(services_noarch)
+
+# '
+
+- name: create heat user domain
+ shell: >
+ . /opt/admin-openrc-v3.sh;
+ openstack domain create --description "Stack projects and users" heat;
+ openstack user create --domain heat --password {{ HEAT_PASS }} heat_domain_admin;
+ openstack role add --domain heat --user-domain heat --user heat_domain_admin admin;
+ openstack role create heat_stack_owner;
+ openstack role add --project demo --user demo heat_stack_owner;
+ when: inventory_hostname == groups['controller'][0]
+
+- name: update heat conf
+ template: src=heat.j2
+ dest=/etc/heat/heat.conf
+ backup=yes
+ notify:
+ - restart heat service
+ - remove heat-sqlite-db
+
--- /dev/null
+[DEFAULT]
+heat_metadata_server_url = http://{{ internal_vip.ip }}:8000
+heat_waitcondition_server_url = http://{{ internal_vip.ip }}:8000/v1/waitcondition
+rpc_backend = rabbit
+rabbit_host = {{ rabbit_host }}
+rabbit_userid = {{ RABBIT_USER }}
+rabbit_password = {{ RABBIT_PASS }}
+log_dir = /var/log/heat
+stack_domain_admin = heat_domain_admin
+stack_domain_admin_password = {{ HEAT_PASS }}
+stack_user_domain_name = heat
+
+[database]
+connection = mysql://heat:{{ HEAT_DBPASS }}@{{ db_host }}/heat
+idle_timeout = 30
+use_db_reconnect = True
+pool_timeout = 10
+
+[ec2authtoken]
+auth_uri = http://{{ internal_vip.ip }}:5000/v2.0
+
+[keystone_authtoken]
+auth_uri = http://{{ internal_vip.ip }}:5000/v2.0
+identity_uri = http://{{ internal_vip.ip }}:35357
+admin_tenant_name = service
+admin_user = heat
+admin_password = {{ HEAT_PASS }}
+
--- /dev/null
+##############################################################################
+# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
+#
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+---
+- include_vars: "{{ ansible_os_family }}.yml"
+
+- name: disable auto start
+ copy:
+ content: "#!/bin/sh\nexit 101"
+ dest: "/usr/sbin/policy-rc.d"
+ mode: 0755
+ when: ansible_os_family == "Debian"
+
+- name: install keystone packages
+ action: "{{ ansible_pkg_mgr }} name={{ item }} state=present"
+ with_items: packages | union(packages_noarch)
+
+- name: enable auto start
+ file:
+ path=/usr/sbin/policy-rc.d
+ state=absent
+ when: ansible_os_family == "Debian"
+
+- name: generate keystone service list
+ lineinfile: dest=/opt/service create=yes line='{{ item }}'
+ with_items: services | union(services_noarch)
+
+- name: delete sqlite database
+ file:
+ path: /var/lib/keystone/keystone.db
+ state: absent
+
+- name: update keystone conf
+ template: src=keystone.conf dest=/etc/keystone/keystone.conf backup=yes
+ notify:
+ - restart keystone services
+
+- name: assure listen port exist
+ lineinfile:
+ dest: '{{ apache_config_dir }}/ports.conf'
+ regexp: '{{ item.regexp }}'
+ line: '{{ item.line}}'
+ with_items:
+ - regexp: "^Listen {{ internal_ip }}:5000"
+ line: "Listen {{ internal_ip }}:5000"
+ - regexp: "^Listen {{ internal_ip }}:35357"
+ line: "Listen {{ internal_ip }}:35357"
+ notify:
+ - restart keystone services
+
+- name: update apache2 configs
+ template:
+ src: wsgi-keystone.conf.j2
+ dest: '{{ apache_config_dir }}/sites-available/wsgi-keystone.conf'
+ when: ansible_os_family == 'Debian'
+ notify:
+ - restart keystone services
+
+- name: update apache2 configs
+ template:
+ src: wsgi-keystone.conf.j2
+ dest: '{{ apache_config_dir }}/wsgi-keystone.conf'
+ when: ansible_os_family == 'RedHat'
+ notify:
+ - restart keystone services
+
+- name: enable keystone server
+ file:
+ src: "{{ apache_config_dir }}/sites-available/wsgi-keystone.conf"
+ dest: "{{ apache_config_dir }}/sites-enabled/wsgi-keystone.conf"
+ state: "link"
+ when: ansible_os_family == 'Debian'
+ notify:
+ - restart keystone services
+
+- name: keystone source files
+ template: src={{ item }} dest=/opt/{{ item }}
+ with_items:
+ - admin-openrc.sh
+ - demo-openrc.sh
+ - admin-openrc-v3.sh
+
+- meta: flush_handlers
--- /dev/null
+##############################################################################
+# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
+#
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+# Verify the Identity Service installation
+export OS_PASSWORD={{ ADMIN_PASS }}
+export OS_TENANT_NAME=admin
+export OS_AUTH_URL=http://{{ internal_vip.ip }}:35357/v3
+export OS_IDENTITY_API_VERSION=3
+export OS_USERNAME=admin
+export OS_VOLUME_API_VERSION=2
+export OS_USER_DOMAIN_NAME=Default
+export OS_PROJECT_DOMAIN_NAME=Default
+
+
--- /dev/null
+##############################################################################
+# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
+#
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+---
+
+cron_path: "/var/spool/cron/crontabs"
+
+packages:
+ - keystone
+ - python-openstackclient
+
+services:
+ - apache2
+
+apache_config_dir: /etc/apache2
+http_service_name: apache2
--- /dev/null
+##############################################################################
+# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
+#
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+---
+cron_path: "/var/spool/cron"
+
+packages:
+ - openstack-keystone
+ - python-openstackclient
+
+services:
+ - httpd
+
+apache_config_dir: /etc/httpd/conf.d
+http_service_name: httpd
Code Review / compass4nfv.git / commitdiff