commit 337b7de808f9441fa8df0260293c39e6b43e2600
author root <root@cfg01.jenkins-deploy-heat-virtual-mcp11-aio-15546.bud-mk.local> Fri Dec 14 01:55:27 2018 +0000
committer Vasyl Saienko <vsaienko@mirantis.com> Fri Dec 14 02:01:00 2018 +0000
tree 94d03396aa97d3013525b16cd832c73c8372f3e0
parent b4f4c97e3cde617e51c361690ac0ade7da647644

Make sure domains are created at the end

To avoid complicated if logic move domain creation to the end
to make sure it is created when service is started.

Change-Id: I15959241054a9f142e7bbe21264fb9c7052ddef2

keystone/server.sls

diff --git a/keystone/server.sls b/keystone/server.sls
index 2c2bd9b..02579cf 100644
--- a/keystone/server.sls
+++ b/keystone/server.sls
@@ -253,30 +253,6 @@
     {%- endif %}
 
 {%- endif %}
-
-{#- can't use RC file here as identity endpoint may not be present in keystone #}
-{#- as we will add it later in keystone.client state. Use endpoint override here. #}
-{#- will be fixed when switched to keystone bootstrap. #}
-{#- TODO: move domain creation to keystone.client state. #}
-keystone_domain_{{ domain_name }}:
-  cmd.run:
-    - name: openstack --os-identity-api-version 3
-            --os-endpoint {{ server.bind.get('private_protocol', 'http') }}://{{ server.bind.private_address }}:{{ server.bind.private_port }}/v3
-            --os-token {{ server.service_token }}
-            --os-auth-type admin_token
-            domain create --description "{{ domain.description }}" {{ domain_name }}
-    - unless: {% if grains.get('noservices') %}/bin/true{% else %}
-            openstack --os-identity-api-version 3
-            --os-endpoint {{ server.bind.get('private_protocol', 'http') }}://{{ server.bind.private_address }}:{{ server.bind.private_port }}/v3
-            --os-token {{ server.service_token }}
-            --os-auth-type admin_token
-            domain show "{{ domain_name }}"{% endif %}
-    - shell: /bin/bash
-    - require:
-      - file: /root/keystonercv3
-      - service: {{ keystone_service }}
-      - sls: keystone.db.offline_sync
-
 {%- endfor %}
 
 {%- endif %}
@@ -583,4 +559,30 @@
 {%- endif %}
 {%- endif %}
 
+{%- if server.domain is defined %}
+  {%- for domain_name, domain in server.domain.items() %}
+{#- can't use RC file here as identity endpoint may not be present in keystone #}
+{#- as we will add it later in keystone.client state. Use endpoint override here. #}
+{#- will be fixed when switched to keystone bootstrap. #}
+{#- TODO: move domain creation to keystone.client state. #}
+keystone_domain_{{ domain_name }}:
+  cmd.run:
+    - name: openstack --os-identity-api-version 3
+            --os-endpoint {{ server.bind.get('private_protocol', 'http') }}://{{ server.bind.private_address }}:{{ server.bind.private_port }}/v3
+            --os-token {{ server.service_token }}
+            --os-auth-type admin_token
+            domain create --description "{{ domain.description }}" {{ domain_name }}
+    - unless: {% if grains.get('noservices') %}/bin/true{% else %}
+            openstack --os-identity-api-version 3
+            --os-endpoint {{ server.bind.get('private_protocol', 'http') }}://{{ server.bind.private_address }}:{{ server.bind.private_port }}/v3
+            --os-token {{ server.service_token }}
+            --os-auth-type admin_token
+            domain show "{{ domain_name }}"{% endif %}
+    - shell: /bin/bash
+    - require:
+      - file: /root/keystonercv3
+      - sls: keystone.db.offline_sync
+  {%- endfor %}
+{%- endif %}
+
 {%- endif %}