keystone-proxy implementation
- title: "keystone-proxy implementation"
- state: needed in every version
CAUTION! THIS DIFF WAS MODIFIED MANUALLY!
diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml
index 0d4757f3..a5d46e6e 100644
--- a/ansible/group_vars/all.yml
+++ b/ansible/group_vars/all.yml
@@ -265,3 +267,24 @@ ceph_cache_rule: "cache host firstn"
#######################################
manila_enable_dhss: "yes"
manila_dhss: "{{ 'True' if manila_enable_dhss | bool else 'False' }}"
+
+
+###############################
+# Task mod - keystone proxy
+###############################
+keystone_proxy_port: "5100"
+enable_keystone_proxy: "yes"
+
+#####################
+# Task mod - redis
+#####################
+redis_port: "6379"
+
diff --git a/ansible/keystone-proxy.yml b/ansible/keystone-proxy.yml
new file mode 100644
index 00000000..7224f56c
--- /dev/null
+++ b/ansible/keystone-proxy.yml
@@ -0,0 +1,6 @@
+---
+- hosts:
+ - keystone
+ roles:
+ - role: task-mods/redis
+ - role: task-mods/keystone-proxy
diff --git a/ansible/roles/haproxy/templates/haproxy.cfg.j2 b/ansible/roles/haproxy/templates/haproxy.cfg.j2
index 72c52cab..634e48f3 100644
--- a/ansible/roles/haproxy/templates/haproxy.cfg.j2
+++ b/ansible/roles/haproxy/templates/haproxy.cfg.j2
@@ -76,7 +76,11 @@ listen keystone_external
http-request del-header X-Forwarded-Proto
http-request set-header X-Forwarded-Proto https if { ssl_fc }
{% for host in groups['keystone'] %}
+{% if enable_keystone_proxy | bool %}
+ server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ keystone_proxy_port }} check inter 2000 rise 2 fall 5
+{% else %}
server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ keystone_public_port }} check inter 2000 rise 2 fall 5
+{% endif %}
{% endfor %}
{% endif %}
diff --git a/ansible/roles/task-mods/keystone-proxy/defaults/main.yml b/ansible/roles/task-mods/keystone-proxy/defaults/main.yml
new file mode 100644
index 00000000..69d4e9e1
--- /dev/null
+++ b/ansible/roles/task-mods/keystone-proxy/defaults/main.yml
@@ -0,0 +1,16 @@
+---
+project_name: "keystone-proxy"
+####################
+# Docker
+####################
+keystone_proxy_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-keystone-proxy"
+keystone_proxy_tag: "{{ openstack_release }}"
+keystone_proxy_image_full: "{{ keystone_proxy_image }}:{{ keystone_proxy_tag }}"
+
+################
+# Proxy config
+################
+keystone_proxy_expire: 60
+keystone_proxy_limit: 60
+keystone_proxy_build_dir: /tmp/keystone-proxy
+keystone_proxy_repo_tag: master
diff --git a/ansible/roles/task-mods/keystone-proxy/tasks/build.yml b/ansible/roles/task-mods/keystone-proxy/tasks/build.yml
new file mode 100644
index 00000000..b5698b43
--- /dev/null
+++ b/ansible/roles/task-mods/keystone-proxy/tasks/build.yml
@@ -0,0 +1,31 @@
+---
+- name: create directory for image
+ delegate_to: 127.0.0.1
+ run_once: yes
+ file:
+ state: directory
+ path: "{{ keystone_proxy_build_dir }}"
+
+- name: checkout keystone_proxy project
+ delegate_to: 127.0.0.1
+ run_once: yes
+ git:
+ dest: "{{ keystone_proxy_build_dir }}"
+ repo: https://gitlab.niwa.gda.pl/task-cloud/keystone-proxy.git
+ version: "{{ keystone_proxy_repo_tag }}"
+ force: yes
+
+- name: build docker image
+ delegate_to: 127.0.0.1
+ run_once: yes
+ docker_image:
+ path: "{{ keystone_proxy_build_dir }}"
+ name: "{{ keystone_proxy_image }}"
+ tag: "{{ keystone_proxy_tag }}"
+ state: build
+ nocache: yes
+
+- name: push docker image
+ delegate_to: 127.0.0.1
+ run_once: yes
+ shell: "docker push {{ keystone_proxy_image_full }}"
diff --git a/ansible/roles/task-mods/keystone-proxy/tasks/deploy.yml b/ansible/roles/task-mods/keystone-proxy/tasks/deploy.yml
new file mode 100644
index 00000000..50662fbc
--- /dev/null
+++ b/ansible/roles/task-mods/keystone-proxy/tasks/deploy.yml
@@ -0,0 +1,2 @@
+---
+- include: start.yml
diff --git a/ansible/roles/task-mods/keystone-proxy/tasks/main.yml b/ansible/roles/task-mods/keystone-proxy/tasks/main.yml
new file mode 100644
index 00000000..8384de57
--- /dev/null
+++ b/ansible/roles/task-mods/keystone-proxy/tasks/main.yml
@@ -0,0 +1,4 @@
+---
+- include: "{{ action }}.yml"
+ when: inventory_hostname in groups['keystone']
+
diff --git a/ansible/roles/task-mods/keystone-proxy/tasks/pull.yml b/ansible/roles/task-mods/keystone-proxy/tasks/pull.yml
new file mode 100644
index 00000000..4bc8b9aa
--- /dev/null
+++ b/ansible/roles/task-mods/keystone-proxy/tasks/pull.yml
@@ -0,0 +1,7 @@
+---
+- name: Pulling keystone_proxy image
+ kolla_docker:
+ action: "pull_image"
+ common_options: "{{ docker_common_options }}"
+ image: "{{ keystone_proxy_image_full }}"
+ when: inventory_hostname in groups['keystone']
diff --git a/ansible/roles/task-mods/keystone-proxy/tasks/reconfigure.yml b/ansible/roles/task-mods/keystone-proxy/tasks/reconfigure.yml
new file mode 100644
index 00000000..50662fbc
--- /dev/null
+++ b/ansible/roles/task-mods/keystone-proxy/tasks/reconfigure.yml
@@ -0,0 +1,2 @@
+---
+- include: start.yml
diff --git a/ansible/roles/task-mods/keystone-proxy/tasks/start.yml b/ansible/roles/task-mods/keystone-proxy/tasks/start.yml
new file mode 100644
index 00000000..9673b500
--- /dev/null
+++ b/ansible/roles/task-mods/keystone-proxy/tasks/start.yml
@@ -0,0 +1,19 @@
+---
+- name: Start keystone-proxy container
+ docker:
+ name: "keystone_proxy"
+ image: "{{ keystone_proxy_image_full }}"
+ state: reloaded
+ restart_policy: "{{ docker_restart_policy }}"
+ restart_policy_retry: "{{ docker_restart_policy_retry }}"
+ volumes:
+ - "/etc/localtime:/etc/localtime:ro"
+ ports:
+ - "{{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}:{{ keystone_proxy_port }}:5000"
+ links:
+ - "redis"
+ env:
+ proxy:expire: "{{ keystone_proxy_expire }}"
+ proxy:limit: "{{ keystone_proxy_limit }}"
+ proxy:target: "http://{{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}:{{ keystone_public_port }}"
+ redis:host: "redis"
diff --git a/ansible/roles/task-mods/keystone-proxy/tasks/upgrade.yml b/ansible/roles/task-mods/keystone-proxy/tasks/upgrade.yml
new file mode 100644
index 00000000..50662fbc
--- /dev/null
+++ b/ansible/roles/task-mods/keystone-proxy/tasks/upgrade.yml
@@ -0,0 +1,2 @@
+---
+- include: start.yml
diff --git a/ansible/roles/task-mods/redis/defaults/main.yml b/ansible/roles/task-mods/redis/defaults/main.yml
new file mode 100644
index 00000000..76b29642
--- /dev/null
+++ b/ansible/roles/task-mods/redis/defaults/main.yml
@@ -0,0 +1,13 @@
+---
+project_name: "redis"
+
+####################
+# Docker
+####################
+redis_image: "redis"
+redis_tag: "3.2.4"
+redis_image_full: "{{ redis_image }}:{{ redis_tag }}"
+#########
+# Redis
+#########
+redis_config_options: "--appendonly yes"
diff --git a/ansible/roles/task-mods/redis/tasks/bootstrap.yml b/ansible/roles/task-mods/redis/tasks/bootstrap.yml
new file mode 100644
index 00000000..e84d84bc
--- /dev/null
+++ b/ansible/roles/task-mods/redis/tasks/bootstrap.yml
@@ -0,0 +1,6 @@
+---
+- name: Creating rabbitmq volume
+ kolla_docker:
+ action: "create_volume"
+ common_options: "{{ docker_common_options }}"
+ name: "redis"
diff --git a/ansible/roles/task-mods/redis/tasks/build.yml b/ansible/roles/task-mods/redis/tasks/build.yml
new file mode 100644
index 00000000..ed97d539
--- /dev/null
+++ b/ansible/roles/task-mods/redis/tasks/build.yml
@@ -0,0 +1 @@
+---
diff --git a/ansible/roles/task-mods/redis/tasks/deploy.yml b/ansible/roles/task-mods/redis/tasks/deploy.yml
new file mode 100644
index 00000000..e24b5377
--- /dev/null
+++ b/ansible/roles/task-mods/redis/tasks/deploy.yml
@@ -0,0 +1,4 @@
+---
+- include: bootstrap.yml
+
+- include: start.yml
diff --git a/ansible/roles/task-mods/redis/tasks/main.yml b/ansible/roles/task-mods/redis/tasks/main.yml
new file mode 100644
index 00000000..5a8597e3
--- /dev/null
+++ b/ansible/roles/task-mods/redis/tasks/main.yml
@@ -0,0 +1,3 @@
+---
+- include: "{{ action }}.yml"
+ when: inventory_hostname in groups['keystone']
diff --git a/ansible/roles/task-mods/redis/tasks/pull.yml b/ansible/roles/task-mods/redis/tasks/pull.yml
new file mode 100644
index 00000000..ed97d539
--- /dev/null
+++ b/ansible/roles/task-mods/redis/tasks/pull.yml
@@ -0,0 +1 @@
+---
diff --git a/ansible/roles/task-mods/redis/tasks/reconfigure.yml b/ansible/roles/task-mods/redis/tasks/reconfigure.yml
new file mode 100644
index 00000000..50662fbc
--- /dev/null
+++ b/ansible/roles/task-mods/redis/tasks/reconfigure.yml
@@ -0,0 +1,2 @@
+---
+- include: start.yml
diff --git a/ansible/roles/task-mods/redis/tasks/start.yml b/ansible/roles/task-mods/redis/tasks/start.yml
new file mode 100644
index 00000000..d9e4af95
--- /dev/null
+++ b/ansible/roles/task-mods/redis/tasks/start.yml
@@ -0,0 +1,14 @@
+---
+- name: Start redis container
+ docker:
+ name: "redis"
+ image: "{{ redis_image_full }}"
+ state: restarted
+ restart_policy: "{{ docker_restart_policy }}"
+ restart_policy_retry: "{{ docker_restart_policy_retry }}"
+ volumes:
+ - "/etc/localtime:/etc/localtime:ro"
+ - "redis:/data"
+ ports:
+ - "{{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}:{{ redis_port }}:6379"
+ command: redis-server {{ redis_config_options }}
diff --git a/ansible/roles/task-mods/redis/tasks/upgrade.yml b/ansible/roles/task-mods/redis/tasks/upgrade.yml
new file mode 100644
index 00000000..50662fbc
--- /dev/null
+++ b/ansible/roles/task-mods/redis/tasks/upgrade.yml
@@ -0,0 +1,2 @@
+---
+- include: start.yml
diff --git a/ansible/roles/task-mods/redis/templates/redis.conf.j2 b/ansible/roles/task-mods/redis/templates/redis.conf.j2
new file mode 100644
index 00000000..8b137891
--- /dev/null
+++ b/ansible/roles/task-mods/redis/templates/redis.conf.j2
@@ -0,0 +1 @@
+