Skip to content
Snippets Groups Projects
Select Git revision
  • deployment default
1 result
Blame Permalink
  • Eduardo Gonzalez's avatar
    56374206
    Fix deployment with public TLS enabled · 56374206
    Eduardo Gonzalez authored 
    When deploying with tls enabled in public
endpoints, ansible modules fails due SSL certificates
are self-signed.

This change adds a new variable to allow customization
on which endpoints ansible should connect.
Defaults to admin because admin auth parameters defaults
to admin endpoint.

Change-Id: Ic3ed58cf9c9579cae08a11bbfe6fce983b5a9cbc
Closes-Bug: #1720995
    56374206
    History
    Fix deployment with public TLS enabled
    Eduardo Gonzalez authored 
    When deploying with tls enabled in public
endpoints, ansible modules fails due SSL certificates
are self-signed.

This change adds a new variable to allow customization
on which endpoints ansible should connect.
Defaults to admin because admin auth parameters defaults
to admin endpoint.

Change-Id: Ic3ed58cf9c9579cae08a11bbfe6fce983b5a9cbc
Closes-Bug: #1720995
register.yml 1.71 KiB 
---
- name: Creating the Octavia service and endpoint
  kolla_toolbox:
    module_name: "kolla_keystone_service"
    module_args:
      service_name: "octavia"
      service_type: "load-balancer"
      description: "Octavia Load Balancing Service"
      endpoint_region: "{{ openstack_region_name }}"
      url: "{{ item.url }}"
      interface: "{{ item.interface }}"
      region_name: "{{ openstack_region_name }}"
      auth: "{{ '{{ openstack_octavia_auth }}' }}"
      endpoint_type: "{{ openstack_interface }}"
    module_extra_vars:
      openstack_octavia_auth: "{{ openstack_octavia_auth }}"
  run_once: True
  with_items:
    - {'interface': 'admin', 'url': '{{ octavia_admin_endpoint }}'}
    - {'interface': 'internal', 'url': '{{ octavia_internal_endpoint }}'}
    - {'interface': 'public', 'url': '{{ octavia_public_endpoint }}'}

- name: Creating the Octavia project, user, and role
  kolla_toolbox:
    module_name: "kolla_keystone_user"
    module_args:
      project: "service"
      user: "{{ octavia_keystone_user }}"
      password: "{{ octavia_keystone_password }}"
      role: "admin"
      region_name: "{{ openstack_region_name }}"
      auth: "{{ '{{ openstack_octavia_auth }}' }}"
      endpoint_type: "{{ openstack_interface }}"
    module_extra_vars:
      openstack_octavia_auth: "{{ openstack_octavia_auth }}"
  run_once: True

- name: Adding octavia user into admin project
  kolla_toolbox:
    module_name: "os_user_role"
    module_args:
      user: "{{ octavia_keystone_user }}"
      role: admin
      project: admin
      auth: "{{ '{{ openstack_octavia_auth }}' }}"
      endpoint_type: "{{ openstack_interface }}"
    module_extra_vars:
      openstack_octavia_auth: "{{ openstack_octavia_auth }}"
  run_once: True