x/tripleo-ipa
Code Issues Proposed changes
tripleo-ipa/tripleo_ipa/playbooks/ipa-server-register-undercloud.yaml
Dave Wilde (d34dh0r53) c22fc8d07d Playbooks to configure IPA server for tripleo use 
These playbooks are intended to be run against a pre-existing IPA
server and will create the correct roles, permissions and users for
use with tripleo.  The final playbook will provide an OTP to be used
during the configuration of the undercloud.

Change-Id: I2f1c39bc023491f19b917c1a6030937fee3eb101
2020-06-09 10:36:42 -05:00

68 lines
2.9 KiB
YAML
Raw Blame History

---
# Copyright 2020 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# This playbook registers the undercloud host as an IPA client and provices a
# one time password to be used in the undercloud configuration file. This needs
# to be executed by a user that has permissions to add services and to add them
# to roles. This needs to be run once per openstack deployment.
- name: Playbook to register the undercloud node and generate OTP
connection: "{{ (tripleo_ipa_host is defined) | ternary('ssh', 'local') }}"
hosts: "{{ tripleo_ipa_host | default('localhost') }}"
remote_user: root
tasks:
- name: ensure definitions
fail:
msg: >-
{{ item }} is undefined
when: not item.ansible_var and not item.env_var
with_items:
- name: ipa_principal
ansible_var: "{{ ipa_principal | default('') }}"
env_var: "{{ lookup('env', 'IPA_PRINCIPAL') }}"
- name: ipa_password
ansible_var: "{{ ipa_password | default('') }}"
env_var: "{{ lookup('env', 'IPA_PASSWORD') }}"
- name: undercloud_fqdn
ansible_var: "{{ tripleo_undercloud_fqdn | default('') }}"
env_var: "{{ lookup('env', 'UNDERCLOUD_FQDN') }}"
- name: undercloud_description
ansible_var: "{{ tripleo_undercloud_description | default('Undercloud') }}"
env_var: "{{ lookup('env', 'UNDERCLOUD_DESCRIPTION') }}"
- name: set IPA server facts
set_fact:
ipa_principal: "{{ tripleo_ipa_principal | default(lookup('env', 'IPA_PRINCIPAL')) }}"
ipa_password: "{{ tripleo_ipa_password | default(lookup('env', 'IPA_PASSWORD')) }}"
undercloud_fqdn: "{{ tripleo_undercloud_fqdn | default(lookup('env', 'UNDERCLOUD_FQDN')) }}"
undercloud_description: "{{ tripleo_undercloud_description | default(lookup('env', 'UNDERCLOUD_DESCRIPTION')) }}"
- name: register undercloud as IPA client
ipa_host:
ipa_user: "{{ ipa_principal }}"
ipa_pass: "{{ ipa_password }}"
fqdn: "{{ undercloud_fqdn }}"
random_password: true
force: true
register: host_otp
- name: provide OTP generated by IPA server
debug:
msg:
- "The OTP provided by the IPA server is {{ host_otp.host.randompassword }}"
- "Please add the following to your undercloud.conf:"
- "ipa_otp = {{ host_otp.host.randompassword }}"
View Git Blame Copy Permalink