openstack/bifrost
Code Issues Proposed changes

Support configuring credential-less deploy

Browse Source 
Also deprecate the awkward way of passing the inspector discovery
parameters in favour of the standard (and documented) one.

Change-Id: I5966a20e4e7599eaea3eeac4f07ea3c0aa91c6c8
Story: #2007771
Task: #40379
Depends-On: https://review.opendev.org/#/c/735591/
This commit is contained in:
Dmitry Tantsur 2020-07-20 10:58:14 +02:00
parent f29bbf2d1d
commit 3657bf7f9d
5 changed files with 35 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
playbooks/roles/bifrost-ironic-install/README.md
View File

@ -179,6 +179,13 @@ power_off_after_inspection: Boolean setting governing the behavior
Deployment without the need to reboot Deployment without the need to reboot
the physical machine. the physical machine.
enable_credential_less_deploy: Boolean setting that enables the experimental
feature of deploying nodes without BMC
credentials. Discovery (if enabled) will be
configured to use the default hardware type
"manual-management" and the "agent" power
interface will be enabled.
### Hardware Inspection Support ### Hardware Inspection Support
Bifrost also supports the installation of ironic-inspector in standalone Bifrost also supports the installation of ironic-inspector in standalone

14
playbooks/roles/bifrost-ironic-install/defaults/main.yml
View File

@ -141,6 +141,8 @@ enabled_power_interfaces: ""
default_resource_class: baremetal default_resource_class: baremetal
enable_credential_less_deploy: false
# Extra pip packages to install with ironic # Extra pip packages to install with ironic
# This should be a list of pip-installable references. # This should be a list of pip-installable references.
# default: empty list # default: empty list
@ -227,16 +229,20 @@ inspector_store_data_in_nginx: false
# 'Swift' API endpoint. # 'Swift' API endpoint.
inspector_store_data_url: "http://localhost:{{ file_url_port }}" inspector_store_data_url: "http://localhost:{{ file_url_port }}"
# Inspector defaults enable_inspector_discovery: true
inspector_default_node_driver: "{{ 'manual-management' if enable_credential_less_deploy|bool else 'ipmi' }}"
# Inspector defaults (deprecated in Victoria)
inspector: inspector:
discovery: discovery:
enabled: "{{ enable_inspector_discovery | default(true) }}" enabled: "{{ enable_inspector_discovery }}"
default_node_driver: "{{ inspector_default_node_driver | default('ipmi')}}" default_node_driver: "{{ inspector_default_node_driver }}"
# If baremetal nodes should be turned off after inspection. # If baremetal nodes should be turned off after inspection.
# The inspector default is to turn off the baremetal node # The inspector default is to turn off the baremetal node
# power, this setting to false enables use of fast track mode. # power, this setting to false enables use of fast track mode.
power_off_after_inspection: false power_off_after_inspection: "{{ not fast_track|bool }}"
# We may not have packaged iPXE files on some distros, or may want to # We may not have packaged iPXE files on some distros, or may want to
# download them on their own. # download them on their own.

8
playbooks/roles/bifrost-ironic-install/tasks/hw_types.yml
View File

@ -11,6 +11,13 @@
# See the License for the specific language governing permissions and # See the License for the specific language governing permissions and
# limitations under the License. # limitations under the License.
--- ---
- name: "Fail if credential-less deploy is misconfigured"
fail:
msg: enable_credential_less_deploy requires fast_track and the "manual-management" hardware type
when:
- enable_credential_less_deploy | bool
- (not fast_track | bool or 'manual-management' not in enabled_hardware_types)
- name: "Configure BIOS interfaces if required" - name: "Configure BIOS interfaces if required"
set_fact: set_fact:
enabled_bios_interfaces: >- enabled_bios_interfaces: >-
@ -42,4 +49,5 @@
{%- if "ilo" in enabled_hardware_types -%},ilo{%- endif -%} {%- if "ilo" in enabled_hardware_types -%},ilo{%- endif -%}
{%- if "ipmi" in enabled_hardware_types -%},ipmitool{%- endif -%} {%- if "ipmi" in enabled_hardware_types -%},ipmitool{%- endif -%}
{%- if "redfish" in enabled_hardware_types -%},redfish{%- endif -%} {%- if "redfish" in enabled_hardware_types -%},redfish{%- endif -%}
{%- if enable_credential_less_deploy|bool -%},agent{%- endif -%}
when: enabled_power_interfaces == "" when: enabled_power_interfaces == ""

1
playbooks/roles/bifrost-ironic-install/templates/ironic.conf.j2
View File

@ -59,6 +59,7 @@ tftp_master_path = {{ ironic_tftp_master_path }}
uefi_pxe_bootfile_name = {{ ipxe_efi_binary }} uefi_pxe_bootfile_name = {{ ipxe_efi_binary }}
uefi_pxe_config_template = $pybasedir/drivers/modules/ipxe_config.template uefi_pxe_config_template = $pybasedir/drivers/modules/ipxe_config.template
{% endif %} {% endif %}
enable_netboot_fallback = true
[deploy] [deploy]
http_url = http://{{ internal_ip }}:{{ file_url_port }}/ http_url = http://{{ internal_ip }}:{{ file_url_port }}/

9
releasenotes/notes/agent-power-0773acb338ae4169.yaml Normal file
View File

@ -0,0 +1,9 @@
---
features:
- |
Adds support for configuring credential-less deploy via the new ``agent``
power interface and the ``manual-management`` hardware type.
deprecations:
- |
Deprecates providing inspector discovery parameters via
``inspector[discovery]``, use explicit variables instead.