Run dbsync on primary node only Move dbsync to separate file. Run only on primary node. Change-Id: Iff51d7b3d3949d959aee2d24ddb338df685a582e Related-Prod: PROD-21267

commit: 778efddd4f9394f4a6cf4c4aee2231c5a6f3dd44 [log] [tgz]
author: Vasyl Saienko <vsaienko@mirantis.com> Mon Aug 06 08:55:21 2018 +0000
committer: Vasyl Saienko <vsaienko@mirantis.com> Tue Aug 07 07:26:54 2018 +0000
tree: f17e0dbb7319ce1c41dd1aa692ce97b5dacf7e8a
parent: 2460d6fa86080a5d89cba7d9c0d1d045a17e30ae [diff]
diff --git a/.kitchen.yml b/.kitchen.yml
index 1eb01ce..0e21280 100644
--- a/.kitchen.yml
+++ b/.kitchen.yml

@@ -13,7 +13,7 @@
   log_level: error
   formula: keystone
   grains:
-    noservices: False
+    noservices: True
   dependencies:
     - name: linux
       repo: git
@@ -76,8 +76,6 @@
 
   - name: single_domain
     provisioner:
-      grains:
-        noservices: True
       pillars-from-files:
         keystone.sls: tests/pillar/single_domain.sls
 
@@ -88,8 +86,6 @@
 
   - name: under-apache
     provisioner:
-      grains:
-        noservices: True
       pillars-from-files:
         keystone.sls: tests/pillar/apache_wsgi.sls
       state_top:

diff --git a/keystone/db/offline_sync.sls b/keystone/db/offline_sync.sls
new file mode 100644
index 0000000..3b0147d
--- /dev/null
+++ b/keystone/db/offline_sync.sls

@@ -0,0 +1,9 @@
+{%- from "keystone/map.jinja" import server with context %}
+
+keystone_syncdb:
+  cmd.run:
+  - name: keystone-manage db_sync && sleep 1
+  - timeout: 120
+  {%- if grains.get('noservices') or server.get('role', 'primary') == 'secondary' %}
+  - onlyif: /bin/false
+  {%- endif %}

diff --git a/keystone/map.jinja b/keystone/map.jinja
index aef6028..5e89f10 100644
--- a/keystone/map.jinja
+++ b/keystone/map.jinja

@@ -5,7 +5,11 @@
     }),
     'bind': {
       'private_protocol': 'http',
-      'public_protocol': 'http', }}
+      'public_protocol': 'http', },
+    'credential': {
+      'location': '/var/lib/keystone/credential-keys'
+      }
+    }
 
 %}
 

diff --git a/keystone/server.sls b/keystone/server.sls
index cab1980..9b43303 100644
--- a/keystone/server.sls
+++ b/keystone/server.sls

@@ -1,9 +1,17 @@
 {%- from "keystone/map.jinja" import server with context %}
 {%- if server.enabled %}
 
+include:
+{%- if server.service_name in ['apache2', 'httpd'] %}
+- apache
+{%- endif %}
+- keystone.db.offline_sync
+
 keystone_packages:
   pkg.installed:
   - names: {{ server.pkgs }}
+  - require_in:
+    - sls: keystone.db.offline_sync
   {%- if server.service_name in ['apache2', 'httpd'] %}
   - require_in:
     - pkg: apache_packages
@@ -41,9 +49,6 @@
     - watch_in:
       - service: {{ keystone_service }}
 
-include:
-- apache
-
 {%- if grains.os_family == "Debian" %}
 keystone:
 {%- endif %}
@@ -246,9 +251,7 @@
     - require:
       - file: /root/keystonercv3
       - service: {{ keystone_service }}
-      {%- if not grains.get('noservices', False) %}
-      - cmd: keystone_syncdb
-      {%- endif %}
+      - sls: keystone.db.offline_sync
 
 {%- endfor %}
 
@@ -305,15 +308,6 @@
   - require:
     - pkg: keystone_packages
 
-{%- if not grains.get('noservices', False) %}
-keystone_syncdb:
-  cmd.run:
-  - name: keystone-manage db_sync && sleep 1
-  - timeout: 120
-  - require:
-    - service: {{ keystone_service }}
-{%- endif %}
-
 {% if server.tokens.engine == 'fernet' %}
 
 keystone_fernet_keys:
@@ -327,14 +321,15 @@
   - require_in:
     - service: keystone_fernet_setup
 
-{%- if not grains.get('noservices', False) %}
 keystone_fernet_setup:
   cmd.run:
   - name: keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
   - require:
     - service: {{ keystone_service }}
     - file: keystone_fernet_keys
-{%- endif %}
+    {%- if grains.get('noservices', False) %}
+  - onlyif: /bin/false
+    {%- endif %}
 
 {% endif %}
 
@@ -348,18 +343,19 @@
   - require:
     - pkg: keystone_packages
 
-{%- if not grains.get('noservices', False) %}
 keystone_credential_setup:
   cmd.run:
   - name: keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
   - require:
     - service: {{ keystone_service }}
     - file: keystone_credential_keys
-{%- endif %}
+    {%- if grains.get('noservices', False) %}
+  - onlyif: /bin/false
+    {%- endif %}
+
 {%- endif %}
 
 {%- if server.version not in ['mitaka', 'newton', 'ocata', 'pike'] %}
-{%- if not grains.get('noservices', False) %}
 keystone_identity_bootstrap_setup:
   cmd.run:
   - name: keystone-manage bootstrap
@@ -372,7 +368,9 @@
           --bootstrap-internal-url {{ server.bind.get('protocol', 'http') }}://{{ server.bind.address }}:{{ server.bind.get('port', 5000) }}
   - unless:
       . /root/keystonercv3; openstack endpoint list --service identity --interface internal -f value -c URL  |grep {{ server.bind.get('port', 5000) }}
-{%- endif %}
+    {%- if grains.get('noservices', False) %}
+  - onlyif: /bin/false
+    {%- endif %}
 {%- endif %}
 
 {%- if not grains.get('noservices', False) %}
@@ -385,7 +383,7 @@
   - connection_token: {{ server.service_token }}
   - connection_endpoint: 'http://{{ server.bind.address }}:{{ server.bind.private_port }}/v2.0'
   - require:
-    - cmd: keystone_syncdb
+    - sls: keystone.db.offline_sync
 
 keystone_admin_tenant:
   keystoneng.tenant_present:
commit	778efddd4f9394f4a6cf4c4aee2231c5a6f3dd44	[log] [tgz]
author	Vasyl Saienko <vsaienko@mirantis.com>	Mon Aug 06 08:55:21 2018 +0000
committer	Vasyl Saienko <vsaienko@mirantis.com>	Tue Aug 07 07:26:54 2018 +0000
tree	f17e0dbb7319ce1c41dd1aa692ce97b5dacf7e8a
parent	2460d6fa86080a5d89cba7d9c0d1d045a17e30ae [diff]