188 lines
7.3 KiB
Puppet
188 lines
7.3 KiB
Puppet
class openstack_tasks::roles::ironic_conductor {
|
|
|
|
notice('MODULAR: roles/ironic_conductor.pp')
|
|
|
|
$network_scheme = hiera_hash('network_scheme', {})
|
|
prepare_network_config($network_scheme)
|
|
|
|
$baremetal_address = get_network_role_property('ironic/baremetal', 'ipaddr')
|
|
$ironic_hash = hiera_hash('ironic', {})
|
|
$management_vip = hiera('management_vip')
|
|
|
|
$network_metadata = hiera_hash('network_metadata', {})
|
|
$baremetal_vip = $network_metadata['vips']['baremetal']['ipaddr']
|
|
|
|
$database_vip = hiera('database_vip')
|
|
$service_endpoint = hiera('service_endpoint')
|
|
$glance_api_servers = hiera('glance_api_servers', "${management_vip}:9292")
|
|
$amqp_hosts = hiera('amqp_hosts')
|
|
$rabbit_hosts = split($amqp_hosts, ',')
|
|
$debug = hiera('debug', false)
|
|
$verbose = hiera('verbose', undef)
|
|
$use_syslog = hiera('use_syslog', true)
|
|
$syslog_log_facility_ironic = hiera('syslog_log_facility_ironic', 'LOG_USER')
|
|
$rabbit_hash = hiera_hash('rabbit')
|
|
$amqp_durable_queues = pick($ironic_hash['amqp_durable_queues'], false)
|
|
$storage_hash = hiera('storage')
|
|
$kombu_compression = hiera('kombu_compression', $::os_service_default)
|
|
|
|
$ironic_tenant = pick($ironic_hash['tenant'],'services')
|
|
$ironic_user = pick($ironic_hash['auth_name'],'ironic')
|
|
$ironic_user_password = pick($ironic_hash['user_password'],'ironic')
|
|
$ironic_swift_tempurl_key = pick($ironic_hash['swift_tempurl_key'],'ironic')
|
|
$memcached_servers = hiera('memcached_servers')
|
|
$local_memcached_server = hiera('local_memcached_server')
|
|
|
|
$ssl_hash = hiera('use_ssl', {})
|
|
$neutron_endpoint_default = hiera('neutron_endpoint', $management_vip)
|
|
$neutron_protocol = get_ssl_property($ssl_hash, {}, 'neutron', 'internal', 'protocol', 'http')
|
|
$neutron_endpoint = get_ssl_property($ssl_hash, {}, 'neutron', 'internal', 'hostname', $neutron_endpoint_default)
|
|
$neutron_uri = "${neutron_protocol}://${neutron_endpoint}:9696"
|
|
$internal_auth_protocol = get_ssl_property($ssl_hash, {}, 'keystone', 'internal', 'protocol', 'http')
|
|
$internal_auth_address = get_ssl_property($ssl_hash, {}, 'keystone', 'internal', 'hostname', [$service_endpoint, $management_vip])
|
|
$internal_auth_uri = "${internal_auth_protocol}://${internal_auth_address}:5000"
|
|
$admin_identity_protocol = get_ssl_property($ssl_hash, {}, 'keystone', 'admin', 'protocol', 'http')
|
|
$admin_identity_address = get_ssl_property($ssl_hash, {}, 'keystone', 'admin', 'hostname', [$service_endpoint, $management_vip])
|
|
$admin_identity_uri = "${admin_identity_protocol}://${admin_identity_address}:35357"
|
|
|
|
$db_type = pick($ironic_hash['db_type'], 'mysql+pymysql')
|
|
$db_host = pick($ironic_hash['db_host'], $database_vip)
|
|
$db_user = pick($ironic_hash['db_user'], 'ironic')
|
|
$db_name = pick($ironic_hash['db_name'], 'ironic')
|
|
$db_password = pick($ironic_hash['db_password'], 'ironic')
|
|
# LP#1526938 - python-mysqldb supports this, python-pymysql does not
|
|
if $::os_package_type == 'debian' {
|
|
$extra_params = { 'charset' => 'utf8', 'read_timeout' => 60 }
|
|
} else {
|
|
$extra_params = { 'charset' => 'utf8' }
|
|
}
|
|
$db_connection = os_database_connection({
|
|
'dialect' => $db_type,
|
|
'host' => $db_host,
|
|
'database' => $db_name,
|
|
'username' => $db_user,
|
|
'password' => $db_password,
|
|
'extra' => $extra_params
|
|
})
|
|
|
|
$transport_url = hiera('transport_url','rabbit://guest:password@127.0.0.1:5672/')
|
|
|
|
$tftp_root = '/var/lib/ironic/tftpboot'
|
|
|
|
$temp_url_endpoint_type = $storage_hash['images_ceph'] ? {
|
|
true => 'radosgw',
|
|
default => 'swift'
|
|
}
|
|
|
|
package { 'ironic-fa-deploy':
|
|
ensure => 'present',
|
|
}
|
|
|
|
if $verbose {
|
|
warning('The $verbose is deprecated and will be removed in a future release')
|
|
}
|
|
|
|
class { '::ironic::neutron':
|
|
api_endpoint => $neutron_uri,
|
|
auth_url => $admin_identity_uri,
|
|
project_name => $ironic_tenant,
|
|
username => $ironic_user,
|
|
password => $ironic_user_password,
|
|
}
|
|
|
|
class { '::ironic':
|
|
debug => $debug,
|
|
default_transport_url => $transport_url,
|
|
amqp_durable_queues => $amqp_durable_queues,
|
|
control_exchange => 'ironic',
|
|
use_syslog => $use_syslog,
|
|
log_facility => $syslog_log_facility_ironic,
|
|
database_connection => $db_connection,
|
|
database_max_retries => '-1',
|
|
sync_db => false,
|
|
glance_api_servers => $glance_api_servers,
|
|
kombu_compression => $kombu_compression,
|
|
}
|
|
|
|
class { '::ironic::client': }
|
|
|
|
class { '::ironic::conductor':
|
|
api_url => "http://${baremetal_vip}:6385",
|
|
enabled_drivers => ['fuel_ssh', 'fuel_ipmitool', 'fake', 'fuel_libvirt'],
|
|
swift_temp_url_key => $ironic_swift_tempurl_key,
|
|
cleaning_network_name => 'baremetal',
|
|
provisioning_network_name => 'baremetal',
|
|
|
|
}
|
|
|
|
class { '::ironic::drivers::interfaces':
|
|
enabled_network_interfaces => ['noop', 'flat', 'neutron']
|
|
}
|
|
|
|
class { '::ironic::drivers::pxe':
|
|
tftp_server => $baremetal_address,
|
|
tftp_root => $tftp_root,
|
|
tftp_master_path => "${tftp_root}/master_images",
|
|
}
|
|
|
|
ironic_config {
|
|
'keystone_authtoken/auth_uri': value => $internal_auth_uri;
|
|
'keystone_authtoken/identity_uri': value => $admin_identity_uri;
|
|
'keystone_authtoken/admin_tenant_name': value => $ironic_tenant;
|
|
'keystone_authtoken/admin_user': value => $ironic_user;
|
|
'keystone_authtoken/admin_password': value => $ironic_user_password, secret => true;
|
|
'keystone_authtoken/memcached_servers': value => $local_memcached_server;
|
|
'glance/swift_endpoint_url': value => "http://${baremetal_vip}:8080";
|
|
'glance/temp_url_endpoint_type': value => $temp_url_endpoint_type;
|
|
}
|
|
|
|
file { $tftp_root:
|
|
ensure => directory,
|
|
owner => 'ironic',
|
|
group => 'ironic',
|
|
mode => '0755',
|
|
source => "/usr/lib/syslinux/modules/bios/",
|
|
recurse => true,
|
|
require => [Class['::ironic'], Package['syslinux-common']],
|
|
}
|
|
|
|
# TODO(vsaienko) remove provider hack when puppetlabs-tftp fixed issue with
|
|
# default provider.
|
|
Service <| title == 'tftpd-hpa' |> { provider => 'systemd'}
|
|
|
|
ensure_packages(['syslinux', 'pxelinux', syslinux-common], {
|
|
ensure => 'present',
|
|
before => File["${tftp_root}/pxelinux.0"]
|
|
})
|
|
|
|
file { "${tftp_root}/pxelinux.0":
|
|
ensure => present,
|
|
source => '/usr/lib/PXELINUX/pxelinux.0',
|
|
}
|
|
|
|
file { "${tftp_root}/map-file":
|
|
content => "r ^([^/]) ${tftp_root}/\\1",
|
|
}
|
|
|
|
class { '::tftp':
|
|
username => 'ironic',
|
|
directory => $tftp_root,
|
|
options => "--map-file ${tftp_root}/map-file",
|
|
inetd => false,
|
|
require => File["${tftp_root}/map-file"],
|
|
}
|
|
|
|
# TODO(mpolenchuk): remove it once this package have installed by dependency
|
|
ensure_packages('open-iscsi')
|
|
|
|
file { '/etc/ironic/fuel_key':
|
|
ensure => present,
|
|
source => '/var/lib/astute/ironic/ironic',
|
|
owner => 'ironic',
|
|
group => 'ironic',
|
|
mode => '0600',
|
|
require => Class['::ironic'],
|
|
}
|
|
|
|
}
|