Browse Source

Merge "Improve standalone ironic support"

tags/8.0.0.0rc1
Zuul 2 months ago
parent
commit
a2975ef592

+ 11
- 7
ansible/group_vars/all.yml View File

@@ -431,16 +431,20 @@ nova_console: "novnc"
431 431
 # Valid options are [ public, internal, admin ]
432 432
 openstack_interface: "admin"
433 433
 
434
+# Enable core OpenStack services. This includes:
435
+# glance, keystone, neutron, nova, heat, and horizon.
436
+enable_openstack_core: "yes"
437
+
434 438
 # These roles are required for Kolla to be operation, however a savvy deployer
435 439
 # could disable some of these required roles and run their own services.
436
-enable_glance: "yes"
440
+enable_glance: "{{ enable_openstack_core | bool }}"
437 441
 enable_haproxy: "yes"
438 442
 enable_keepalived: "{{ enable_haproxy | bool }}"
439
-enable_keystone: "yes"
443
+enable_keystone: "{{ enable_openstack_core | bool }}"
440 444
 enable_mariadb: "yes"
441 445
 enable_memcached: "yes"
442
-enable_neutron: "yes"
443
-enable_nova: "yes"
446
+enable_neutron: "{{ enable_openstack_core | bool }}"
447
+enable_nova: "{{ enable_openstack_core | bool }}"
444 448
 enable_rabbitmq: "{{ 'yes' if om_rpc_transport == 'rabbit' or om_notify_transport == 'rabbit' else 'no' }}"
445 449
 enable_outward_rabbitmq: "{{ enable_murano | bool }}"
446 450
 
@@ -480,8 +484,8 @@ enable_fluentd: "yes"
480 484
 enable_freezer: "no"
481 485
 enable_gnocchi: "no"
482 486
 enable_grafana: "no"
483
-enable_heat: "yes"
484
-enable_horizon: "yes"
487
+enable_heat: "{{ enable_openstack_core | bool }}"
488
+enable_horizon: "{{ enable_openstack_core | bool }}"
485 489
 enable_horizon_blazar: "{{ enable_blazar | bool }}"
486 490
 enable_horizon_cloudkitty: "{{ enable_cloudkitty | bool }}"
487 491
 enable_horizon_congress: "{{ enable_congress | bool }}"
@@ -546,7 +550,7 @@ enable_nova_ssh: "yes"
546 550
 enable_octavia: "no"
547 551
 enable_onos: "no"
548 552
 enable_opendaylight: "no"
549
-enable_openvswitch: "{{ neutron_plugin_agent != 'linuxbridge' }}"
553
+enable_openvswitch: "{{ enable_neutron | bool and neutron_plugin_agent != 'linuxbridge' }}"
550 554
 enable_ovs_dpdk: "no"
551 555
 enable_osprofiler: "no"
552 556
 enable_panko: "no"

+ 1
- 1
ansible/roles/ironic/defaults/main.yml View File

@@ -182,7 +182,7 @@ ironic_console_serial_speed: "115200n8"
182 182
 ironic_ipxe_url: http://{{ api_interface_address }}:{{ ironic_ipxe_port }}
183 183
 ironic_enable_rolling_upgrade: "yes"
184 184
 ironic_inspector_kernel_cmdline_extras: []
185
-ironic_inspector_pxe_filter: iptables
185
+ironic_inspector_pxe_filter: "{% if enable_neutron | bool %}iptables{% else %}none{% endif %}"
186 186
 
187 187
 ####################
188 188
 ## Kolla

+ 8
- 0
ansible/roles/ironic/templates/inspector.ipxe.j2 View File

@@ -3,6 +3,14 @@
3 3
 :retry_dhcp
4 4
 dhcp || goto retry_dhcp
5 5
 
6
+{# Standalone ironic: use ironic-configured PXE configs #}
7
+{% if not enable_neutron | bool %}
8
+# load the MAC-specific file or fail if it's not found
9
+:boot_system
10
+chain pxelinux.cfg/${mac:hexhyp} || goto inspector_ipa
11
+{% endif %}
12
+
13
+:inspector_ipa
6 14
 :retry_boot
7 15
 imgfree
8 16
 kernel --timeout 30000 {{ ironic_ipxe_url }}/ironic-agent.kernel ipa-inspection-callback-url=http://{{ kolla_internal_vip_address }}:{{ ironic_inspector_port }}/v1/continue systemd.journald.forward_to_console=yes BOOTIF=${mac} initrd=agent.ramdisk {{ ironic_inspector_kernel_cmdline_extras | join(' ') }} || goto retry_boot

+ 10
- 0
ansible/roles/ironic/templates/ironic-inspector.conf.j2 View File

@@ -2,6 +2,9 @@
2 2
 debug = {{ ironic_logging_debug }}
3 3
 log_dir = /var/log/kolla/ironic-inspector
4 4
 
5
+{% if not enable_keystone | bool %}
6
+auth_strategy = noauth
7
+{% endif %}
5 8
 listen_address = {{ api_interface_address }}
6 9
 listen_port = {{ ironic_inspector_port }}
7 10
 transport_url = {{ rpc_transport_url }}
@@ -10,6 +13,7 @@ transport_url = {{ rpc_transport_url }}
10 13
 transport_url = {{ notify_transport_url }}
11 14
 
12 15
 [ironic]
16
+{% if enable_keystone | bool %}
13 17
 auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}
14 18
 auth_type = password
15 19
 project_domain_id = {{ default_project_domain_id }}
@@ -18,7 +22,12 @@ project_name = service
18 22
 username = {{ ironic_inspector_keystone_user }}
19 23
 password = {{ ironic_inspector_keystone_password }}
20 24
 os_endpoint_type = internalURL
25
+{% else %}
26
+auth_type = none
27
+endpoint_override = {{ ironic_internal_endpoint }}
28
+{% endif %}
21 29
 
30
+{% if enable_keystone | bool %}
22 31
 [keystone_authtoken]
23 32
 www_authenticate_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }}
24 33
 auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}
@@ -32,6 +41,7 @@ password = {{ ironic_inspector_keystone_password }}
32 41
 memcache_security_strategy = ENCRYPT
33 42
 memcache_secret_key = {{ memcache_secret_key }}
34 43
 memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
44
+{% endif %}
35 45
 
36 46
 {% if ironic_policy_file is defined %}
37 47
 [oslo_policy]

+ 15
- 3
ansible/roles/ironic/templates/ironic.conf.j2 View File

@@ -59,7 +59,6 @@ memcache_secret_key = {{ memcache_secret_key }}
59 59
 memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
60 60
 {% endif %}
61 61
 
62
-
63 62
 {% if enable_cinder | bool %}
64 63
 [cinder]
65 64
 auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}
@@ -69,8 +68,9 @@ user_domain_id = default
69 68
 project_name = service
70 69
 username = {{ ironic_keystone_user }}
71 70
 password = {{ ironic_keystone_password }}
72
-
73 71
 {% endif %}
72
+
73
+{% if enable_glance | bool %}
74 74
 [glance]
75 75
 glance_api_servers = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ glance_api_port }}
76 76
 auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}
@@ -80,7 +80,9 @@ user_domain_id = default
80 80
 project_name = service
81 81
 username = {{ ironic_keystone_user }}
82 82
 password = {{ ironic_keystone_password }}
83
+{% endif %}
83 84
 
85
+{% if enable_neutron | bool %}
84 86
 [neutron]
85 87
 url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ neutron_server_port }}
86 88
 auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}
@@ -91,9 +93,11 @@ project_name = service
91 93
 username = {{ ironic_keystone_user }}
92 94
 password = {{ ironic_keystone_password }}
93 95
 cleaning_network = {{ ironic_cleaning_network }}
96
+{% endif %}
94 97
 
95 98
 [inspector]
96 99
 enabled = true
100
+{% if enable_keystone | bool %}
97 101
 auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}
98 102
 auth_type = password
99 103
 project_domain_id = default
@@ -101,7 +105,10 @@ user_domain_id = default
101 105
 project_name = service
102 106
 username = {{ ironic_keystone_user }}
103 107
 password = {{ ironic_keystone_password }}
104
-service_url = {{ ironic_inspector_internal_endpoint }}
108
+{% else %}
109
+auth_type=none
110
+{% endif %}
111
+endpoint_override = {{ ironic_inspector_internal_endpoint }}
105 112
 
106 113
 [agent]
107 114
 deploy_logs_local_path = /var/log/kolla/ironic
@@ -128,3 +135,8 @@ http_url = {{ ironic_ipxe_url }}
128 135
 
129 136
 [oslo_middleware]
130 137
 enable_proxy_headers_parsing = True
138
+
139
+{% if not enable_neutron | bool %}
140
+[dhcp]
141
+dhcp_provider = none
142
+{% endif %}

+ 17
- 4
etc/kolla/globals.yml View File

@@ -171,6 +171,19 @@ kolla_internal_vip_address: "10.10.10.254"
171 171
 # Valid options are [ none, novnc, spice, rdp ]
172 172
 #nova_console: "novnc"
173 173
 
174
+# These roles are required for Kolla to be operation, however a savvy deployer
175
+# could disable some of these required roles and run their own services.
176
+#enable_glance: "{{ enable_openstack_core | bool }}"
177
+#enable_haproxy: "yes"
178
+#enable_keepalived: "{{ enable_haproxy | bool }}"
179
+#enable_keystone: "{{ enable_openstack_core | bool }}"
180
+#enable_mariadb: "yes"
181
+#enable_memcached: "yes"
182
+#enable_neutron: "{{ enable_openstack_core | bool }}"
183
+#enable_nova: "{{ enable_openstack_core | bool }}"
184
+#enable_rabbitmq: "{{ 'yes' if om_rpc_transport == 'rabbit' or om_notify_transport == 'rabbit' else 'no' }}"
185
+#enable_outward_rabbitmq: "{{ enable_murano | bool }}"
186
+
174 187
 # OpenStack services can be enabled or disabled with these options
175 188
 #enable_aodh: "no"
176 189
 #enable_barbican: "no"
@@ -202,9 +215,8 @@ kolla_internal_vip_address: "10.10.10.254"
202 215
 #enable_freezer: "no"
203 216
 #enable_gnocchi: "no"
204 217
 #enable_grafana: "no"
205
-#enable_haproxy: "yes"
206
-#enable_heat: "yes"
207
-#enable_horizon: "yes"
218
+#enable_heat: "{{ enable_openstack_core | bool }}"
219
+#enable_horizon: "{{ enable_openstack_core | bool }}"
208 220
 #enable_horizon_blazar: "{{ enable_blazar | bool }}"
209 221
 #enable_horizon_cloudkitty: "{{ enable_cloudkitty | bool }}"
210 222
 #enable_horizon_congress: "{{ enable_congress | bool }}"
@@ -264,7 +276,8 @@ kolla_internal_vip_address: "10.10.10.254"
264 276
 #enable_octavia: "no"
265 277
 #enable_onos: "no"
266 278
 #enable_opendaylight: "no"
267
-#enable_openvswitch: "{{ neutron_plugin_agent != 'linuxbridge' }}"
279
+#enable_openstack_core: "yes"
280
+#enable_openvswitch: "{{ enable_neutron | bool and neutron_plugin_agent != 'linuxbridge' }}"
268 281
 #enable_ovs_dpdk: "no"
269 282
 #enable_osprofiler: "no"
270 283
 #enable_panko: "no"

+ 9
- 0
releasenotes/notes/ironic-standalone-66dbb02a190c8b5d.yaml View File

@@ -0,0 +1,9 @@
1
+---
2
+features:
3
+  - |
4
+    Adds a new flag, ``enable_openstack_core``, which defaults to ``yes``.
5
+    Setting this flag to ``no`` will disable the core OpenStack services,
6
+    including Glance, Heat, Horizon, Keystone, Neutron, and Nova.
7
+  - |
8
+    Improves the default configuration of OpenStack Ironic when used in
9
+    standalone mode.

Loading…
Cancel
Save