From b7bfe84a515452d0f912a2f62392d22af17cd1d5 Mon Sep 17 00:00:00 2001
From: Jeffrey Zhang <zhang.lei.fly@gmail.com>
Date: Tue, 26 Sep 2017 11:10:55 +0800
Subject: [PATCH] Use octavia account instead of admin in octavia

Closes-Bug: #1719503
Change-Id: I705de11614f2d086bd123ea5b3841f59b5a24666
---
 ansible/roles/octavia/tasks/register.yml        | 12 ++++++++++++
 ansible/roles/octavia/templates/octavia.conf.j2 |  4 ++--
 2 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/ansible/roles/octavia/tasks/register.yml b/ansible/roles/octavia/tasks/register.yml
index acc43e3074..41fcc30a02 100644
--- a/ansible/roles/octavia/tasks/register.yml
+++ b/ansible/roles/octavia/tasks/register.yml
@@ -32,3 +32,15 @@
     module_extra_vars:
       openstack_octavia_auth: "{{ openstack_octavia_auth }}"
   run_once: True
+
+- name: Adding octavia user into admin project
+  kolla_toolbox:
+    module_name: "os_user_role"
+    module_args:
+      user: "{{ octavia_keystone_user }}"
+      role: admin
+      project: admin
+      auth: "{{ '{{ openstack_octavia_auth }}' }}"
+    module_extra_vars:
+      openstack_octavia_auth: "{{ openstack_octavia_auth }}"
+  run_once: True
diff --git a/ansible/roles/octavia/templates/octavia.conf.j2 b/ansible/roles/octavia/templates/octavia.conf.j2
index e18fccd1b6..6a8eef618c 100644
--- a/ansible/roles/octavia/templates/octavia.conf.j2
+++ b/ansible/roles/octavia/templates/octavia.conf.j2
@@ -26,8 +26,8 @@ max_retries = -1
 [service_auth]
 auth_url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}
 auth_type = password
-username = {{ openstack_auth.username }}
-password = {{ keystone_admin_password }}
+username = {{ octavia_keystone_user }}
+password = {{ octavia_keystone_password }}
 user_domain_name = {{ default_user_domain_name }}
 project_name = {{ openstack_auth.project_name }}
 project_domain_name = {{ default_project_domain_name }}
-- 
GitLab