[英]How to deploy an openstack instance with ansible in a specific project
I've been trying to deploy an instance in openstack to a different project then my users default project.我一直在尝试将 openstack 中的实例部署到另一个项目,然后是我的用户默认项目。 The only way to do this appears to be by passing the project_name within the
auth:
setting.执行此操作的唯一方法似乎是在
auth:
设置中传递 project_name。 This works fine, but is not really compatible with using a clouds.yaml config with the clouds:
setting or even with using the admin-openrc.sh file that openstack provides.这工作正常,但与使用 cloud.yaml 配置并不真正兼容
clouds:
设置甚至使用 openstack 提供的 admin-openrc.sh 文件。 (The admin-openrc.sh appears to take precedence over any settings in auth:
). ( admin-openrc.sh 似乎优先于
auth:
中的任何设置。)
I'm using the current openstack.cloud collection 1.3.0 ( https://docs.ansible.com/ansible/latest/collections/openstack/cloud/index.html ).我正在使用当前的 openstack.cloud 集合 1.3.0 ( https://docs.ansible.com/ansible/latest/collections/openstack/cloud/index.ZFC35FDC70D5FC69D269883A822 ).C Some of the modules have the option to specify a
project:
like the network module, but the one server module does not.一些模块可以选择指定一个
project:
如网络模块,但一个服务器模块没有。
So this deploys in a named project:所以这部署在一个命名项目中:
- name: Create instances
server:
state: present
auth:
auth_url: "{{ auth_url}}"
username: "{{ username }}"
password: "{{ password }}"
project_name: "{{ project }}"
project_domain_name: "{{ domain_name }}"
user_domain_name: "{{ domain_name }}"
name: "test-instance-1"
image: "{{ image_name }}"
key_name: "{{ key_name }}"
timeout: 200
flavor: "{{ flavor }}"
network: "{{ network }}"
When having sourced the admin-openrc.sh, this deploys only to your default project (OS_PROJECT_NAME=<project_name>获取 admin-openrc.sh 后,它仅部署到您的默认项目 (OS_PROJECT_NAME=<project_name>
- name: Create instances
server:
state: present
name: "test-instance-1"
image: "{{ image_name }}"
key_name: "{{ key_name }}"
timeout: 200
flavor: "{{ flavor }}"
network: "{{ network }}
image: "{{ image_name }}"
key_name: "{{ key_name }}"
timeout: 200
flavor: "{{ flavor }}"
network: "{{ network }}"
When I unset the OS_PROJECT_NAME, but set all other values from admin-openrc.sh, I can do this, but this requires to work with a non-default setting (unsetting the one enviromental variable:当我取消设置 OS_PROJECT_NAME,但从 admin-openrc.sh 设置所有其他值时,我可以这样做,但这需要使用非默认设置(取消设置一个环境变量:
- name: Create instances
server:
state: present
auth:
project_name: "{{ project }}"
name: "test-instance-1"
image: "{{ image_name }}"
key_name: "{{ key_name }}"
timeout: 200
flavor: "{{ flavor }}"
network: "{{ network }}"
I'm looking for the most usefull way to use a specific authorization model (be it clouds.yaml or environmental variables) for all my openstack modules, while still being able to deploy to a specific project.我正在寻找最有用的方法来为我的所有 openstack 模块使用特定授权 model(无论是 cloud.yaml 还是环境变量),同时仍然能够部署到特定项目。
(You should upgrade to the last collection (1.5.3), or perhaps it is compatible with 1.3.0) (你应该升级到最后一个集合(1.5.3),或者它可能与1.3.0兼容)
You can use the cloud
property from the "server" task (openstack.cloud.server).您可以使用“服务器”任务 (openstack.cloud.server) 中的
cloud
属性。 Here is how you can proceed:以下是您可以进行的操作:
clouds.yml
(here is a part of its content)clouds.yml
(这里是它的一部分内容)clouds:
tarantula:
auth:
auth_url: https://auth.cloud.myprovider.net/v3/
project_name: tarantula
project_id: the-id-of-my-project
user_domain_name: Default
project_domain_name: Default
username: my-username
password: my-password
regions :
- US
- EU1
- name: Create instances
server:
state: present
cloud: tarantula
region_name: EU1
name: "test-instance-1"
We now refrain from using any environment variables and make sure the project id is set in the configuration of in the group_vars.我们现在避免使用任何环境变量,并确保在 group_vars 的配置中设置项目 ID。 This works because it does not depend on a local clouds.yml file.
这是有效的,因为它不依赖于本地的 cloud.yml 文件。 We basically build and auth object in Ansible that can be use thoughout the deployment
我们基本上在 Ansible 中构建和验证 object 可以在整个部署过程中使用
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.