3ea3550d8c
By namespacing the variable with the project name, we clarify what exactly we're providing if people want to invoke the ipa-server-register-undercloud.yaml tasks from another ansible playbook and fish the OTP out using a variable name. Change-Id: If053250937ce76705cdd5084d76869edca8404ce
68 lines
2.9 KiB
YAML
68 lines
2.9 KiB
YAML
---
|
|
# Copyright 2020 Red Hat, Inc.
|
|
# All Rights Reserved.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
#
|
|
# This playbook registers the undercloud host as an IPA client and provices a
|
|
# one time password to be used in the undercloud configuration file. This needs
|
|
# to be executed by a user that has permissions to add services and to add them
|
|
# to roles. This needs to be run once per openstack deployment.
|
|
|
|
- name: Playbook to register the undercloud node and generate OTP
|
|
connection: "{{ (tripleo_ipa_host is defined) | ternary('ssh', 'local') }}"
|
|
hosts: "{{ tripleo_ipa_host | default('localhost') }}"
|
|
remote_user: root
|
|
tasks:
|
|
- name: ensure definitions
|
|
fail:
|
|
msg: >-
|
|
{{ item }} is undefined
|
|
when: not item.ansible_var and not item.env_var
|
|
with_items:
|
|
- name: ipa_principal
|
|
ansible_var: "{{ ipa_principal | default('') }}"
|
|
env_var: "{{ lookup('env', 'IPA_PRINCIPAL') }}"
|
|
- name: ipa_password
|
|
ansible_var: "{{ ipa_password | default('') }}"
|
|
env_var: "{{ lookup('env', 'IPA_PASSWORD') }}"
|
|
- name: undercloud_fqdn
|
|
ansible_var: "{{ tripleo_undercloud_fqdn | default('') }}"
|
|
env_var: "{{ lookup('env', 'UNDERCLOUD_FQDN') }}"
|
|
- name: undercloud_description
|
|
ansible_var: "{{ tripleo_undercloud_description | default('Undercloud') }}"
|
|
env_var: "{{ lookup('env', 'UNDERCLOUD_DESCRIPTION') }}"
|
|
|
|
- name: set IPA server facts
|
|
set_fact:
|
|
ipa_principal: "{{ tripleo_ipa_principal | default(lookup('env', 'IPA_PRINCIPAL')) }}"
|
|
ipa_password: "{{ tripleo_ipa_password | default(lookup('env', 'IPA_PASSWORD')) }}"
|
|
undercloud_fqdn: "{{ tripleo_undercloud_fqdn | default(lookup('env', 'UNDERCLOUD_FQDN')) }}"
|
|
undercloud_description: "{{ tripleo_undercloud_description | default(lookup('env', 'UNDERCLOUD_DESCRIPTION')) }}"
|
|
|
|
- name: register undercloud as IPA client
|
|
ipa_host:
|
|
ipa_user: "{{ ipa_principal }}"
|
|
ipa_pass: "{{ ipa_password }}"
|
|
fqdn: "{{ undercloud_fqdn }}"
|
|
random_password: true
|
|
force: true
|
|
register: tripleo_ipa_host_otp
|
|
|
|
- name: provide OTP generated by IPA server
|
|
debug:
|
|
msg:
|
|
- "The OTP provided by the IPA server is {{ tripleo_ipa_host_otp.host.randompassword }}"
|
|
- "Please add the following to your undercloud.conf:"
|
|
- "ipa_otp = {{ tripleo_ipa_host_otp.host.randompassword }}"
|