openstack/kayobe
Code Issues Proposed changes
Files
9eb02542758c7ee6051456a59294375d6a16ffbb
kayobe/etc/kayobe/inspector.yml
Mark Goddard c2a35ce211 Remove inspector_manage_firewall variable 
This is supported in kolla-ansible via the ironic_inspector_pxe_filter
variable, which can be added to globals.yml. The default value for that
variable changed in the Stein release from 'iptables' to 'dnsmasq',
since the iptables filter does not work with Docker CE [1].

This change removes the inspector_manage_firewall variable.

This change also adds an iptables rule in CI tests to allow DHCP packets
to be forwarded, to ensure bare metal servers can be deployed.

[1] https://bugs.launchpad.net/kolla-ansible/+bug/1823044

Depends-On: https://review.openstack.org/649673
Change-Id: Idac6777b4d97fbd17698fc2086ceb068d7b2e326
Related-Bug: #1823044
2019-04-09 13:53:59 +01:00

138 lines
4.8 KiB
YAML
Raw Blame History

---
###############################################################################
# Ironic inspector PXE configuration.
# List of extra kernel parameters for the inspector default PXE configuration.
#inspector_extra_kernel_options:
# URL of Ironic Python Agent (IPA) kernel image.
#inspector_ipa_kernel_upstream_url:
# URL of checksum of Ironic Python Agent (IPA) kernel image.
#inspector_ipa_kernel_checksum_url:
# Algorithm of checksum of Ironic Python Agent (IPA) kernel image.
#inspector_ipa_kernel_checksum_algorithm:
# URL of Ironic Python Agent (IPA) ramdisk image.
#inspector_ipa_ramdisk_upstream_url:
# URL of checksum of Ironic Python Agent (IPA) ramdisk image.
#inspector_ipa_ramdisk_checksum_url:
# Algorithm of checksum of Ironic Python Agent (IPA) ramdisk image.
#inspector_ipa_ramdisk_checksum_algorithm:
###############################################################################
# Ironic inspector processing configuration.
# List of of default inspector processing plugins.
#inspector_processing_hooks_default:
# List of of additional inspector processing plugins.
#inspector_processing_hooks_extra:
# List of of additional inspector processing plugins.
#inspector_processing_hooks:
# Which MAC addresses to add as ports during introspection. One of 'all',
# 'active' or 'pxe'.
#inspector_add_ports:
# Which ports to keep after introspection. One of 'all', 'present', or 'added'.
#inspector_keep_ports:
# Whether to enable discovery of nodes not managed by Ironic.
#inspector_enable_discovery:
# The Ironic driver with which to register newly discovered nodes.
#inspector_discovery_enroll_node_driver:
###############################################################################
# Ironic inspector configuration.
# Ironic inspector IPMI username to set.
#inspector_ipmi_username:
# Ironic inspector IPMI password to set.
#inspector_ipmi_password:
# Ironic inspector default network interface name on which to check for an LLDP
# switch port description to use as the node's name.
#inspector_lldp_switch_port_interface_default:
# Ironic inspector map from hostname to network interface name on which to
# check for an LLDP switch port description to use as the node's name.
#inspector_lldp_switch_port_interface_map:
###############################################################################
# Ironic inspector introspection rules configuration.
# Ironic inspector rule to set IPMI credentials.
#inspector_rule_ipmi_credentials:
# Ironic inspector rule to set deployment kernel.
#inspector_rule_deploy_kernel:
# Ironic inspector rule to set deployment ramdisk.
#inspector_rule_deploy_ramdisk:
# Ironic inspector rule to set local boot capability
#inspector_rule_local_boot:
# Ironic inspector rule to initialise root device hints.
#inspector_rule_root_hint_init:
# Ironic inspector rule to set serial root device hint.
#inspector_rule_root_hint_serial:
# Ironic inspector rule to set the interface on which the node PXE booted.
#inspector_rule_set_pxe_interface_mac:
# Ironic inspector rule to set the node's name from an interface's LLDP switch
# port description.
#inspector_rule_lldp_switch_port_desc_to_name:
# Ironic inspector rule to save introspection data to the node.
#inspector_rule_save_data:
# List of default ironic insepctor rules.
#inspector_rules_default:
# List of additional ironic inspector rules.
#inspector_rules_extra:
# List of all ironic inspector rules.
#inspector_rules:
###############################################################################
# Dell switch LLDP workaround configuration.
# Some Dell switch OSs (including Dell Network OS 9.10(0.1)) do not support
# sending interface port description TLVs correctly. Instead of sending the
# interface description, they send the interface name (e.g. TenGigabitEthernet
# 1/1/1). This breaks the discovery process which relies on Ironic node
# introspection data containing the node's name in the interface port
# description. We work around this here by creating an introspection rule for
# each ironic node that matches against the switch system and the relevant
# interface name, then sets the node's name appropriately.
# Ansible group containing switch hosts to which the workaround should be
# applied.
#inspector_dell_switch_lldp_workaround_group:
###############################################################################
# Inspection store configuration.
# The inspection store provides a Swift-like service for storing inspection
# data which may be useful in environments without Swift.
# Whether the inspection data store is enabled.
#inspector_store_enabled:
# Port on which the inspection data store should listen.
#inspector_store_port:
###############################################################################
# Dummy variable to allow Ansible to accept this file.
workaround_ansible_issue_8743: yes
View Git Blame Copy Permalink