From 90fd7aa03d55c2cc66bf1ca8b2c75f85c4f2ef7c Mon Sep 17 00:00:00 2001
From: Kien Nguyen <kiennt65@viettel.com.vn>
Date: Thu, 13 Dec 2018 15:59:30 +0700
Subject: [PATCH] Fix Vitrage wrong configuration

* In service_credentials section, project_name should be
admin and auth_url should use keystone public port (5000)
according [1].
* User vitrage should have role admin in project admin [2].

[1] https://github.com/openstack/vitrage/blob/master/devstack/plugin.sh#L164
[2] https://docs.openstack.org/vitrage/latest/install/install-rdo.html#initialize-vitrage

Change-Id: I8bf028c702df5659e4c58df0e17600ab5be14eea
---
 ansible/roles/vitrage/tasks/register.yml        | 11 +++++++++++
 ansible/roles/vitrage/templates/vitrage.conf.j2 |  4 ++--
 2 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/ansible/roles/vitrage/tasks/register.yml b/ansible/roles/vitrage/tasks/register.yml
index a2fdaa5bb..c2f9e95b8 100644
--- a/ansible/roles/vitrage/tasks/register.yml
+++ b/ansible/roles/vitrage/tasks/register.yml
@@ -30,3 +30,14 @@
       auth: "{{ openstack_vitrage_auth }}"
       endpoint_type: "{{ openstack_interface }}"
   run_once: True
+
+- name: Adding vitrage user into admin project
+  kolla_toolbox:
+    module_name: "os_user_role"
+    module_args:
+      user: "{{ vitrage_keystone_user }}"
+      role: "admin"
+      project: "admin"
+      auth: "{{ openstack_vitrage_auth }}"
+      endpoint_type: "{{ openstack_interface }}"
+  run_once: True
diff --git a/ansible/roles/vitrage/templates/vitrage.conf.j2 b/ansible/roles/vitrage/templates/vitrage.conf.j2
index f829fc8af..4b7c77521 100644
--- a/ansible/roles/vitrage/templates/vitrage.conf.j2
+++ b/ansible/roles/vitrage/templates/vitrage.conf.j2
@@ -45,12 +45,12 @@ memcache_secret_key = {{ memcache_secret_key }}
 memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
 
 [service_credentials]
-auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}
+auth_url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }}/v3
 region_name = {{ openstack_region_name }}
 auth_type = password
 project_domain_id = default
 user_domain_id = default
-project_name = service
+project_name = admin
 password = {{ vitrage_keystone_password }}
 username = {{ vitrage_keystone_user }}
 interface = internal
-- 
GitLab