Keystone variables in the commands
Walter Bentley, last year at AnsibleFest demonstrated a way to execute openstack commands.
- name: Create user environments command: keystone --os-username= --os-password= --os-tenant-name= --os-auth-url= tenant-create --name= --description="" with_items: tenantid
With this method you need to provide the OS_USERNAME, OS_AUTH_URL, OS_PASSWORD into the task. The recommendation is, of cause, to use Ansible Vault to encrypt this information in the git repository.
Use the raw Ansible keyword
Another way that I discovered was to use the
raw keyword that Ansible provides. It executes the
keystonerc file on the host itself
then executes the OpenStack command.
name: | add the neutron-lbaas migration if lbaasv2 agent is installed. Seems to produce an error when it executes. Just ignore the error. Only run on a single controller in the clustered env. raw: "source /root/openrc && neutron-db-manage --service lbaas upgrade head" args: executable: "/bin/bash" register: lbaas_install.changed == True delegate_to: "" ignore_errors: yes
Write a module.
Ansible has some OpenStack configuration features using modules. A lot are deprecated. I have not used any OpenStack modules yet. I have yet to write any module for managing OpenStack. It would be interesting though to convert results from OpenStack Tempest into Ansible facts.