IRONIC_INSPECTOR_DEBUG=${IRONIC_INSPECTOR_DEBUG:-True} IRONIC_INSPECTOR_DIR=$DEST/ironic-inspector IRONIC_INSPECTOR_DATA_DIR=$DATA_DIR/ironic-inspector IRONIC_INSPECTOR_BIN_DIR=$(get_python_exec_prefix) IRONIC_INSPECTOR_BIN_FILE=$IRONIC_INSPECTOR_BIN_DIR/ironic-inspector IRONIC_INSPECTOR_DBSYNC_BIN_FILE=$IRONIC_INSPECTOR_BIN_DIR/ironic-inspector-dbsync IRONIC_INSPECTOR_CONF_DIR=${IRONIC_INSPECTOR_CONF_DIR:-/etc/ironic-inspector} IRONIC_INSPECTOR_CONF_FILE=$IRONIC_INSPECTOR_CONF_DIR/inspector.conf IRONIC_INSPECTOR_CMD="$IRONIC_INSPECTOR_BIN_FILE --config-file $IRONIC_INSPECTOR_CONF_FILE" IRONIC_INSPECTOR_DHCP_CONF_FILE=$IRONIC_INSPECTOR_CONF_DIR/dnsmasq.conf IRONIC_INSPECTOR_ROOTWRAP_CONF_FILE=$IRONIC_INSPECTOR_CONF_DIR/rootwrap.conf IRONIC_INSPECTOR_ADMIN_USER=${IRONIC_INSPECTOR_ADMIN_USER:-ironic-inspector} IRONIC_INSPECTOR_AUTH_CACHE_DIR=${IRONIC_INSPECTOR_AUTH_CACHE_DIR:-/var/cache/ironic-inspector} IRONIC_INSPECTOR_MANAGE_FIREWALL=$(trueorfalse True IRONIC_INSPECTOR_MANAGE_FIREWALL) IRONIC_INSPECTOR_HOST=$HOST_IP IRONIC_INSPECTOR_PORT=5050 IRONIC_INSPECTOR_URI="http://$IRONIC_INSPECTOR_HOST:$IRONIC_INSPECTOR_PORT" IRONIC_INSPECTOR_BUILD_RAMDISK=$(trueorfalse False IRONIC_INSPECTOR_BUILD_RAMDISK) IRONIC_AGENT_KERNEL_URL=${IRONIC_AGENT_KERNEL_URL:-http://tarballs.openstack.org/ironic-python-agent/coreos/files/coreos_production_pxe.vmlinuz} IRONIC_AGENT_RAMDISK_URL=${IRONIC_AGENT_RAMDISK_URL:-http://tarballs.openstack.org/ironic-python-agent/coreos/files/coreos_production_pxe_image-oem.cpio.gz} IRONIC_INSPECTOR_RAMDISK_ELEMENT=${IRONIC_INSPECTOR_RAMDISK_ELEMENT:-ironic-discoverd-ramdisk} IRONIC_INSPECTOR_RAMDISK_FLAVOR=${IRONIC_INSPECTOR_RAMDISK_FLAVOR:-fedora $IRONIC_INSPECTOR_RAMDISK_ELEMENT} IRONIC_INSPECTOR_COLLECTORS=${IRONIC_INSPECTOR_COLLECTORS:-default,logs} IRONIC_INSPECTOR_RAMDISK_LOGDIR=${IRONIC_INSPECTOR_RAMDISK_LOGDIR:-$IRONIC_INSPECTOR_DATA_DIR/ramdisk-logs} IRONIC_INSPECTOR_ALWAYS_STORE_RAMDISK_LOGS=${IRONIC_INSPECTOR_ALWAYS_STORE_RAMDISK_LOGS:-True} IRONIC_INSPECTOR_TIMEOUT=${IRONIC_INSPECTOR_TIMEOUT:-600} # These should not overlap with other ranges/networks IRONIC_INSPECTOR_INTERNAL_IP=${IRONIC_INSPECTOR_INTERNAL_IP:-172.24.42.254} IRONIC_INSPECTOR_INTERNAL_SUBNET_SIZE=${IRONIC_INSPECTOR_INTERNAL_SUBNET_SIZE:-24} IRONIC_INSPECTOR_DHCP_RANGE=${IRONIC_INSPECTOR_DHCP_RANGE:-172.24.42.100,172.24.42.253} IRONIC_INSPECTOR_INTERFACE=${IRONIC_INSPECTOR_INTERFACE:-br-inspector} IRONIC_INSPECTOR_INTERNAL_URI="http://$IRONIC_INSPECTOR_INTERNAL_IP:$IRONIC_INSPECTOR_PORT" IRONIC_INSPECTOR_INTERNAL_IP_WITH_NET=$IRONIC_INSPECTOR_INTERNAL_IP/$IRONIC_INSPECTOR_INTERNAL_SUBNET_SIZE GITDIR["python-ironic-inspector-client"]=$DEST/python-ironic-inspector-client GITREPO["python-ironic-inspector-client"]=${IRONIC_INSPECTOR_CLIENT_REPO:-${GIT_BASE}/openstack/python-ironic-inspector-client.git} GITBRANCH["python-ironic-inspector-client"]=${IRONIC_INSPECTOR_CLIENT_BRANCH:-master} ### Utilities function mkdir_chown_stack { if [[ ! -d "$1" ]]; then sudo mkdir -p "$1" fi sudo chown $STACK_USER "$1" } function inspector_iniset { iniset "$IRONIC_INSPECTOR_CONF_FILE" $1 $2 $3 } ### Install-start-stop function install_inspector { setup_develop $IRONIC_INSPECTOR_DIR # NOTE(dtantsur): required for tests install_package jq } function install_inspector_dhcp { install_package dnsmasq } function install_inspector_client { if use_library_from_git python-ironic-inspector-client; then git_clone_by_name python-ironic-inspector-client setup_dev_lib python-ironic-inspector-client else # TODO(dtantsur): switch to pip_install_gr pip_install python-ironic-inspector-client fi } function start_inspector { screen_it ironic-inspector \ "cd $IRONIC_INSPECTOR_DIR && $IRONIC_INSPECTOR_CMD" } function start_inspector_dhcp { screen_it ironic-inspector-dhcp \ "sudo dnsmasq --conf-file=$IRONIC_INSPECTOR_DHCP_CONF_FILE" } function stop_inspector { screen -S $SCREEN_NAME -p ironic-inspector -X kill } function stop_inspector_dhcp { screen -S $SCREEN_NAME -p ironic-inspector-dhcp -X kill } function inspector_uses_ipa { [[ $IRONIC_INSPECTOR_RAMDISK_ELEMENT = "ironic-agent" ]] || [[ $IRONIC_INSPECTOR_RAMDISK_FLAVOR =~ (ironic-agent$|^ironic-agent) ]] && return 0 return 1 } ### Configuration function prepare_tftp { IRONIC_INSPECTOR_IMAGE_PATH="$TOP_DIR/files/ironic-inspector" IRONIC_INSPECTOR_KERNEL_PATH="$IRONIC_INSPECTOR_IMAGE_PATH.kernel" IRONIC_INSPECTOR_INITRAMFS_PATH="$IRONIC_INSPECTOR_IMAGE_PATH.initramfs" IRONIC_INSPECTOR_CALLBACK_URI="$IRONIC_INSPECTOR_INTERNAL_URI/v1/continue" if inspector_uses_ipa; then IRONIC_INSPECTOR_KERNEL_CMDLINE="ipa-inspection-callback-url=$IRONIC_INSPECTOR_CALLBACK_URI systemd.journald.forward_to_console=yes" IRONIC_INSPECTOR_KERNEL_CMDLINE="$IRONIC_INSPECTOR_KERNEL_CMDLINE ipa-inspection-collectors=$IRONIC_INSPECTOR_COLLECTORS" if [[ "$IRONIC_INSPECTOR_BUILD_RAMDISK" == "True" ]]; then if [ ! -e "$IRONIC_INSPECTOR_KERNEL_PATH" -o ! -e "$IRONIC_INSPECTOR_INITRAMFS_PATH" ]; then build_ipa_coreos_ramdisk "$IRONIC_INSPECTOR_KERNEL_PATH" "$IRONIC_INSPECTOR_INITRAMFS_PATH" fi else # download the agent image tarball if [ ! -e "$IRONIC_INSPECTOR_KERNEL_PATH" -o ! -e "$IRONIC_INSPECTOR_INITRAMFS_PATH" ]; then if [ -e "$IRONIC_DEPLOY_KERNEL_PATH" -a -e "$IRONIC_DEPLOY_RAMDISK_PATH" ]; then cp $IRONIC_DEPLOY_KERNEL_PATH $IRONIC_INSPECTOR_KERNEL_PATH cp $IRONIC_DEPLOY_RAMDISK_PATH $IRONIC_INSPECTOR_INITRAMFS_PATH else wget "$IRONIC_AGENT_KERNEL_URL" -O $IRONIC_INSPECTOR_KERNEL_PATH wget "$IRONIC_AGENT_RAMDISK_URL" -O $IRONIC_INSPECTOR_INITRAMFS_PATH fi fi fi else IRONIC_INSPECTOR_KERNEL_CMDLINE="discoverd_callback_url=$IRONIC_INSPECTOR_CALLBACK_URI inspector_callback_url=$IRONIC_INSPECTOR_CALLBACK_URI" if [ ! -e "$IRONIC_INSPECTOR_KERNEL_PATH" -o ! -e "$IRONIC_INSPECTOR_INITRAMFS_PATH" ]; then if [[ $(type -P ramdisk-image-create) == "" ]]; then pip_install diskimage_builder fi ramdisk-image-create $IRONIC_INSPECTOR_RAMDISK_FLAVOR \ -o $IRONIC_INSPECTOR_IMAGE_PATH fi fi mkdir_chown_stack "$IRONIC_TFTPBOOT_DIR/pxelinux.cfg" cp $IRONIC_INSPECTOR_KERNEL_PATH $IRONIC_TFTPBOOT_DIR/ironic-inspector.kernel cp $IRONIC_INSPECTOR_INITRAMFS_PATH $IRONIC_TFTPBOOT_DIR cat > "$IRONIC_TFTPBOOT_DIR/pxelinux.cfg/default" <$tempfile chmod 0640 $tempfile sudo chown root:root $tempfile sudo mv $tempfile /etc/sudoers.d/ironic-inspector-rootwrap inspector_iniset DEFAULT rootwrap_config $IRONIC_INSPECTOR_ROOTWRAP_CONF_FILE mkdir_chown_stack "$IRONIC_INSPECTOR_RAMDISK_LOGDIR" inspector_iniset processing ramdisk_logs_dir "$IRONIC_INSPECTOR_RAMDISK_LOGDIR" inspector_iniset processing always_store_ramdisk_logs "$IRONIC_INSPECTOR_ALWAYS_STORE_RAMDISK_LOGS" inspector_iniset processing log_bmc_address False inspector_iniset DEFAULT timeout $IRONIC_INSPECTOR_TIMEOUT get_or_create_service "ironic-inspector" "baremetal-introspection" "Ironic Inspector baremetal introspection service" get_or_create_endpoint "baremetal-introspection" "$REGION_NAME" \ "$IRONIC_INSPECTOR_URI" "$IRONIC_INSPECTOR_URI" "$IRONIC_INSPECTOR_URI" } function configure_inspector_swift { inspector_iniset swift os_auth_url "$KEYSTONE_SERVICE_URI/v2.0" inspector_iniset swift username $IRONIC_INSPECTOR_ADMIN_USER inspector_iniset swift password $SERVICE_PASSWORD inspector_iniset swift tenant_name $SERVICE_PROJECT_NAME inspector_iniset processing store_data swift } function configure_inspector_dhcp { mkdir_chown_stack "$IRONIC_INSPECTOR_CONF_DIR" cat > "$IRONIC_INSPECTOR_DHCP_CONF_FILE" <