ddafc94e30
Change-Id: I084da313eda17435c095ade7cb1b92981f5341dc
201 lines
6.4 KiB
Django/Jinja
201 lines
6.4 KiB
Django/Jinja
# {{ ansible_managed }}
|
|
|
|
[DEFAULT]
|
|
debug = {{ testing | bool }}
|
|
# NOTE(TheJulia): Until Bifrost supports neutron or some other network
|
|
# configuration besides a flat network where bifrost orchustrates the
|
|
# control instead of ironic, noop is the only available network driver.
|
|
enabled_network_interfaces = noop
|
|
default_deploy_interface = {{ default_deploy_interface }}
|
|
{% if enable_inspector | bool == true %}
|
|
enabled_inspect_interfaces = no-inspect,inspector
|
|
default_inspect_interface = inspector
|
|
{% endif %}
|
|
enabled_bios_interfaces = {{ enabled_bios_interfaces }}
|
|
enabled_boot_interfaces = {{ enabled_boot_interfaces }}
|
|
enabled_management_interfaces = {{ enabled_management_interfaces }}
|
|
enabled_power_interfaces = {{ enabled_power_interfaces }}
|
|
enabled_deploy_interfaces = {{ enabled_deploy_interfaces }}
|
|
|
|
enabled_hardware_types = {{ enabled_hardware_types }}
|
|
|
|
default_resource_class = {{ default_resource_class }}
|
|
|
|
{% if use_rabbitmq is defined and use_rabbitmq | bool == true %}
|
|
transport_url = rabbit://ironic:{{ironic_db_password }}@{{ message_queue_host | default('127.0.0.1') }}:{{ message_queue_port | default('5672') }}/{{ rabbit_virtual_host | default('') }}
|
|
{% else %}
|
|
rpc_transport = json-rpc
|
|
{% endif %}
|
|
|
|
{% if enable_keystone | bool %}
|
|
auth_strategy = keystone
|
|
{% elif noauth_mode | bool %}
|
|
auth_strategy = noauth
|
|
{% else %}
|
|
auth_strategy = http_basic
|
|
http_basic_auth_user_file = /etc/ironic/htpasswd
|
|
{% endif %}
|
|
|
|
{% if ironic_log_dir | default("") != "" %}
|
|
log_dir = {{ ironic_log_dir }}
|
|
{% endif %}
|
|
|
|
{% if enable_tls | bool %}
|
|
[api]
|
|
enable_ssl_api = True
|
|
|
|
[ssl]
|
|
cert_file = {{ tls_certificate_path }}
|
|
key_file = {{ ironic_private_key_path }}
|
|
{% endif %}
|
|
|
|
[agent]
|
|
{% if ironic_store_ramdisk_logs | bool %}
|
|
deploy_logs_collect = always
|
|
{% endif %}
|
|
{% if ironic_agent_deploy_logs_local_path | default("") != "" %}
|
|
deploy_logs_local_path = {{ ironic_agent_deploy_logs_local_path }}
|
|
{% endif %}
|
|
|
|
[pxe]
|
|
{% if testing | bool %}
|
|
pxe_append_params = console=ttyS0 ipa-insecure=1
|
|
{% else %}
|
|
pxe_append_params = systemd.journald.forward_to_console=yes ipa-insecure=1 {{ extra_kernel_options | default('') }}
|
|
{% endif %}
|
|
pxe_config_template = $pybasedir/drivers/modules/ipxe_config.template
|
|
tftp_server = {{ internal_ip }}
|
|
tftp_root = /tftpboot
|
|
pxe_bootfile_name = undionly.kpxe
|
|
ipxe_enabled = true
|
|
ipxe_boot_script = /etc/ironic/boot.ipxe
|
|
tftp_master_path = {{ ironic_tftp_master_path }}
|
|
{% if enable_uefi_ipxe | bool %}
|
|
uefi_pxe_bootfile_name = {{ ipxe_efi_binary }}
|
|
uefi_pxe_config_template = $pybasedir/drivers/modules/ipxe_config.template
|
|
{% endif %}
|
|
enable_netboot_fallback = true
|
|
|
|
[deploy]
|
|
http_url = http://{{ internal_ip }}:{{ file_url_port }}/
|
|
http_root = {{ http_boot_folder }}
|
|
default_boot_option = local
|
|
{% if default_boot_mode | default('') != '' %}
|
|
default_boot_mode = {{ default_boot_mode }}
|
|
{% endif %}
|
|
fast_track = {{ fast_track }}
|
|
{% if cleaning_disk_erase | bool %}
|
|
erase_devices_priority = 10
|
|
erase_devices_metadata_priority = 0
|
|
{% else %}
|
|
erase_devices_priority = 0
|
|
erase_devices_metadata_priority = 10
|
|
{% endif %}
|
|
|
|
[conductor]
|
|
automated_clean = {{ cleaning | lower }}
|
|
deploy_kernel = {{ ipa_kernel_url }}
|
|
deploy_ramdisk = {{ ipa_ramdisk_url }}
|
|
rescue_kernel = {{ ipa_kernel_url }}
|
|
rescue_ramdisk = {{ ipa_ramdisk_url }}
|
|
|
|
[database]
|
|
connection = mysql+pymysql://{{ ironic.database.username }}:{{ ironic.database.password }}@{{ ironic.database.host }}/{{ ironic.database.name }}?charset=utf8
|
|
|
|
[dhcp]
|
|
dhcp_provider = none
|
|
|
|
{% if enable_cors | bool == true %}
|
|
[cors]
|
|
allowed_origin = {{ cors_allowed_origin | default('allowed_origin=http://localhost:8000') }}
|
|
allow_credentials = {{ enable_cors_credential_support | default('true') }}
|
|
{% endif %}
|
|
|
|
[ilo]
|
|
use_web_server_for_images = true
|
|
|
|
{% if enable_inspector | bool == true %}
|
|
[inspector]
|
|
power_off = {{ power_off_after_inspection }}
|
|
extra_kernel_params = ipa-insecure=1 {{ inspector_extra_kernel_options | default('') }}
|
|
{% if enable_keystone | bool %}
|
|
auth_type = password
|
|
auth_url = {{ ironic.service_catalog.auth_url }}
|
|
username = {{ ironic.service_catalog.username }}
|
|
password = {{ ironic.service_catalog.password }}
|
|
user_domain_id = default
|
|
project_name = {{ ironic.service_catalog.project_name }}
|
|
project_domain_id = default
|
|
region_name = {{ keystone.bootstrap.region_name | default('RegionOne')}}
|
|
# NOTE(dtantsur): this has to be on internal IP even if public IPs are used
|
|
callback_endpoint_override = {{ api_protocol }}://{{ internal_ip }}:5050
|
|
{% elif noauth_mode | bool %}
|
|
auth_type=none
|
|
endpoint_override = {{ ironic_inspector_api_url }}
|
|
{% else %}
|
|
auth_type = http_basic
|
|
endpoint_override = {{ ironic_inspector_api_url }}
|
|
username = {{ admin_username }}
|
|
password = {{ admin_password }}
|
|
{% endif %}
|
|
{% if enable_tls | bool %}
|
|
cafile = {{ tls_certificate_path }}
|
|
{% endif %}
|
|
{% endif %}
|
|
|
|
{% if enable_keystone is defined and enable_keystone | bool == true %}
|
|
[keystone_authtoken]
|
|
auth_plugin = password
|
|
auth_url = {{ ironic.service_catalog.auth_url }}
|
|
username = {{ ironic.service_catalog.username }}
|
|
password = {{ ironic.service_catalog.password }}
|
|
user_domain_id = default
|
|
project_name = {{ ironic.service_catalog.project_name }}
|
|
project_domain_id = default
|
|
{% if enable_tls | bool %}
|
|
cafile = {{ tls_certificate_path }}
|
|
{% endif %}
|
|
{% endif %}
|
|
|
|
[service_catalog]
|
|
{% if enable_keystone | bool %}
|
|
auth_url = {{ ironic.service_catalog.auth_url }}
|
|
auth_type = password
|
|
project_name = {{ ironic.service_catalog.project_name }}
|
|
username = {{ ironic.service_catalog.username }}
|
|
password = {{ ironic.service_catalog.password }}
|
|
user_domain_id = default
|
|
project_domain_id = default
|
|
region_name = {{ keystone.bootstrap.region_name | default('RegionOne')}}
|
|
{% elif noauth_mode | bool %}
|
|
auth_type = none
|
|
{% else %}
|
|
auth_type = http_basic
|
|
username = {{ admin_username }}
|
|
password = {{ admin_password }}
|
|
{% endif %}
|
|
# NOTE(dtantsur): this has to be on internal IP even if public IPs are used
|
|
endpoint_override = {{ api_protocol }}://{{ internal_ip }}:6385
|
|
|
|
[json_rpc]
|
|
{% if enable_tls | bool %}
|
|
use_ssl = True
|
|
cafile = {{ tls_certificate_path }}
|
|
{% endif %}
|
|
{% if enable_keystone | bool %}
|
|
auth_strategy = keystone
|
|
auth_url = {{ ironic.service_catalog.auth_url }}
|
|
auth_type = password
|
|
project_name = {{ ironic.service_catalog.project_name }}
|
|
username = {{ ironic.service_catalog.username }}
|
|
password = {{ ironic.service_catalog.password }}
|
|
user_domain_id = default
|
|
project_domain_id = default
|
|
{% else %}
|
|
auth_strategy = http_basic
|
|
auth_type = http_basic
|
|
http_basic_auth_user_file = /etc/ironic/htpasswd
|
|
username = {{ admin_username }}
|
|
password = {{ admin_password }}
|
|
{% endif %}
|