diff options
author | Pawel Wieczorek <p.wieczorek2@samsung.com> | 2020-12-30 08:58:46 +0100 |
---|---|---|
committer | Bartek Grzybowski <b.grzybowski@partner.samsung.com> | 2021-01-07 10:34:50 +0000 |
commit | 4ff5ba0cbb05e2fe427da6aa16e4c38db4e8de56 (patch) | |
tree | 22a0498b7fc73ed10e3ed95c419936b67dd36826 /deployment | |
parent | 5aaa9b4c5474879f316f2007e460bfb60c11948c (diff) |
Divide OpenStack management access to admin and user
This patch adds OpenStack admin management access to the local "root"
user. Admin access is necessary to make changes to the default DevStack
configuration after its creation.
Package "python-openstackclient" is now installed globally (as root).
This is the reason why it requires additional flag
("--ignore-installed") for overriding packages already available on the
system - specifically PyYAML (3.11 available, 3.12 required).
Issue-ID: INT-1601
Change-Id: Ia5a1000f2f2066073c4e4a92fcb823eed17c36fd
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Diffstat (limited to 'deployment')
-rw-r--r-- | deployment/noheat/infra-openstack/vagrant/Vagrantfile | 45 | ||||
-rw-r--r-- | deployment/noheat/infra-openstack/vagrant/config/clouds.yaml | 2 |
2 files changed, 32 insertions, 15 deletions
diff --git a/deployment/noheat/infra-openstack/vagrant/Vagrantfile b/deployment/noheat/infra-openstack/vagrant/Vagrantfile index 618a71b49..3bb009338 100644 --- a/deployment/noheat/infra-openstack/vagrant/Vagrantfile +++ b/deployment/noheat/infra-openstack/vagrant/Vagrantfile @@ -6,8 +6,11 @@ synced_folder_ansible = "/ansible" synced_folder_main = "/vagrant" synced_folder_config = "#{synced_folder_main}/config" os_config = "#{synced_folder_config}/local.conf" -os_clouds = "#{synced_folder_config}/clouds.yaml" +os_clouds_template = "#{synced_folder_config}/clouds.yaml" os_clouds_dir = "${HOME}/.config/openstack" +os_clouds_config = "#{os_clouds_dir}/clouds.yaml" +os_admin = "admin" +os_user = "demo" vm_cpu = 1 vm_cpus = 4 @@ -54,20 +57,28 @@ SCRIPT $setup_py = <<-SCRIPT export DEBIAN_FRONTEND=noninteractive - sudo -E apt-get update - sudo -E apt-get install -yq python3-distutils + apt-get update + apt-get install -yq python3-distutils curl -fsSL https://bootstrap.pypa.io/get-pip.py -o get-pip.py - sudo -H python3 get-pip.py - pip install ansible python-openstackclient + python3 get-pip.py +SCRIPT + +$setup_openstackclient = <<-SCRIPT + pip install --ignore-installed python-openstackclient + mkdir -p #{os_clouds_dir} +SCRIPT + +$setup_openstacksdk = <<-SCRIPT + pip install ansible openstacksdk mkdir -p #{os_clouds_dir} SCRIPT -$link_file = <<-SCRIPT - src="$1" - dst="$2" - echo "Symlinking ${src} to ${dst}" - ln -sf "$src" "$dst" +$create_os_clouds = <<-SCRIPT + user="$1" + template="$2" + config="$3" + OS_USERNAME="$user" envsubst < "$template" > "$config" SCRIPT $run_playbook = <<-SCRIPT @@ -111,11 +122,17 @@ Vagrant.configure("2") do |config| config.vm.synced_folder ".", synced_folder_main, type: "rsync", rsync__exclude: "Vagrantfile" config.vm.synced_folder host_folder_ansible, synced_folder_ansible, type: "rsync" - config.vm.provision "setup_openstacksdk", type: :shell, privileged: false, inline: $setup_py - config.vm.provision "link_os_clouds", type: :shell, run: "always" do |s| + config.vm.provision "setup_py", type: :shell, inline: $setup_py + config.vm.provision "setup_openstackclient", type: :shell, inline: $setup_openstackclient + config.vm.provision "create_os_clouds_admin", type: :shell, run: "always" do |s| + s.inline = $create_os_clouds + s.args = [os_admin, os_clouds_template, os_clouds_config] + end + config.vm.provision "setup_openstacksdk", type: :shell, privileged: false, inline: $setup_openstacksdk + config.vm.provision "create_os_clouds", type: :shell, run: "always" do |s| s.privileged = false - s.inline = $link_file - s.args = [os_clouds, os_clouds_dir] + s.inline = $create_os_clouds + s.args = [os_user, os_clouds_template, os_clouds_config] end config.vm.post_up_message = operation_post_msg diff --git a/deployment/noheat/infra-openstack/vagrant/config/clouds.yaml b/deployment/noheat/infra-openstack/vagrant/config/clouds.yaml index 2763c896e..f4a009302 100644 --- a/deployment/noheat/infra-openstack/vagrant/config/clouds.yaml +++ b/deployment/noheat/infra-openstack/vagrant/config/clouds.yaml @@ -2,7 +2,7 @@ clouds: openstack: auth: auth_url: http://172.17.5.200/identity - username: "demo" + username: "${OS_USERNAME}" password: "default123456!" project_name: "demo" project_domain_name: "Default" |