411668ea5a
In the Xena release, Ironic removed the iSCSI driver [1]. The recommended driver is direct, which uses HTTP to transfer the disk image. This requires an HTTP server, and the simplest option is to use the one currently deployed when enable_ironic_ipxe is set to true. For this reason, this patch always enables the HTTP server running on the conductor. iPXE is still enabled separately, since it cannot currently be used at the same time as PXE. [1] https://review.opendev.org/c/openstack/ironic/+/789382 Change-Id: I30c2ad2bf2957ac544942aefae8898cdc8a61ec6
207 lines
6.0 KiB
Django/Jinja
207 lines
6.0 KiB
Django/Jinja
# NOTE(mgoddard): Ironic is changing the default value of [deploy]
|
|
# default_boot_option from 'netboot' to 'local'. If the option is not set,
|
|
# ironic will log a warning during the transition period. Even so,
|
|
# kolla-ansible should not set a value for this option as the warning is
|
|
# intended to inform operators of the impending change. The warning may be
|
|
# suppressed by the deployer by setting a value for the option.
|
|
|
|
[DEFAULT]
|
|
{% if not enable_keystone | bool %}
|
|
auth_strategy = noauth
|
|
{% endif %}
|
|
debug = {{ ironic_logging_debug }}
|
|
|
|
log_dir = /var/log/kolla/ironic
|
|
|
|
transport_url = {{ rpc_transport_url }}
|
|
|
|
{% if pin_release_version is defined %}
|
|
pin_release_version = {{ pin_release_version }}
|
|
{% endif %}
|
|
|
|
my_ip = {{ api_interface_address }}
|
|
|
|
[oslo_messaging_notifications]
|
|
transport_url = {{ notify_transport_url }}
|
|
{% if ironic_enabled_notification_topics %}
|
|
driver = messagingv2
|
|
topics = {{ ironic_enabled_notification_topics | map(attribute='name') | join(',') }}
|
|
{% else %}
|
|
driver = noop
|
|
{% endif %}
|
|
|
|
{% if om_enable_rabbitmq_tls | bool %}
|
|
[oslo_messaging_rabbit]
|
|
ssl = true
|
|
ssl_ca_file = {{ om_rabbitmq_cacert }}
|
|
{% endif %}
|
|
|
|
{% if ironic_policy_file is defined %}
|
|
[oslo_policy]
|
|
policy_file = {{ ironic_policy_file }}
|
|
{% endif %}
|
|
|
|
{% if service_name == 'ironic-conductor' %}
|
|
[conductor]
|
|
automated_clean=false
|
|
{% endif %}
|
|
|
|
[database]
|
|
connection = mysql+pymysql://{{ ironic_database_user }}:{{ ironic_database_password }}@{{ ironic_database_address }}/{{ ironic_database_name }}
|
|
connection_recycle_time = {{ database_connection_recycle_time }}
|
|
max_pool_size = {{ database_max_pool_size }}
|
|
max_retries = -1
|
|
|
|
{% if enable_keystone | bool %}
|
|
[keystone_authtoken]
|
|
www_authenticate_uri = {{ keystone_internal_url }}
|
|
auth_url = {{ keystone_admin_url }}
|
|
auth_type = password
|
|
project_domain_id = {{ default_project_domain_id }}
|
|
user_domain_id = {{ default_user_domain_id }}
|
|
project_name = service
|
|
username = {{ ironic_keystone_user }}
|
|
password = {{ ironic_keystone_password }}
|
|
region_name = {{ openstack_region_name }}
|
|
valid_interfaces = internal
|
|
cafile = {{ openstack_cacert }}
|
|
|
|
memcache_security_strategy = ENCRYPT
|
|
memcache_secret_key = {{ memcache_secret_key }}
|
|
memcached_servers = {% for host in groups['memcached'] %}{{ 'api' | kolla_address(host) | put_address_in_context('memcache') }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
|
|
{% endif %}
|
|
|
|
{% if enable_cinder | bool %}
|
|
[cinder]
|
|
auth_url = {{ keystone_admin_url }}
|
|
auth_type = password
|
|
project_domain_id = default
|
|
user_domain_id = default
|
|
project_name = service
|
|
username = {{ ironic_keystone_user }}
|
|
password = {{ ironic_keystone_password }}
|
|
region_name = {{ openstack_region_name }}
|
|
valid_interfaces = internal
|
|
cafile = {{ openstack_cacert }}
|
|
{% endif %}
|
|
|
|
{% if enable_glance | bool %}
|
|
[glance]
|
|
auth_url = {{ keystone_admin_url }}
|
|
auth_type = password
|
|
project_domain_id = default
|
|
user_domain_id = default
|
|
project_name = service
|
|
username = {{ ironic_keystone_user }}
|
|
password = {{ ironic_keystone_password }}
|
|
region_name = {{ openstack_region_name }}
|
|
valid_interfaces = internal
|
|
cafile = {{ openstack_cacert }}
|
|
{% endif %}
|
|
|
|
{% if enable_neutron | bool %}
|
|
[neutron]
|
|
auth_url = {{ keystone_admin_url }}
|
|
auth_type = password
|
|
project_domain_id = default
|
|
user_domain_id = default
|
|
project_name = service
|
|
username = {{ ironic_keystone_user }}
|
|
password = {{ ironic_keystone_password }}
|
|
region_name = {{ openstack_region_name }}
|
|
valid_interfaces = internal
|
|
cleaning_network = {{ ironic_cleaning_network }}
|
|
cafile = {{ openstack_cacert }}
|
|
{% endif %}
|
|
|
|
{% if enable_nova | bool %}
|
|
[nova]
|
|
auth_url = {{ keystone_admin_url }}
|
|
auth_type = password
|
|
project_domain_id = default
|
|
user_domain_id = default
|
|
project_name = service
|
|
username = {{ ironic_keystone_user }}
|
|
password = {{ ironic_keystone_password }}
|
|
region_name = {{ openstack_region_name }}
|
|
valid_interfaces = internal
|
|
cafile = {{ openstack_cacert }}
|
|
{% endif %}
|
|
|
|
{% if enable_swift | bool %}
|
|
[swift]
|
|
auth_url = {{ keystone_admin_url }}
|
|
auth_type = password
|
|
project_domain_id = {{ default_project_domain_id }}
|
|
user_domain_id = {{ default_user_domain_id }}
|
|
project_name = service
|
|
username = {{ ironic_keystone_user }}
|
|
password = {{ ironic_keystone_password }}
|
|
region_name = {{ openstack_region_name }}
|
|
valid_interfaces = internal
|
|
cafile = {{ openstack_cacert }}
|
|
{% endif %}
|
|
|
|
[inspector]
|
|
{% if enable_keystone | bool %}
|
|
auth_url = {{ keystone_admin_url }}
|
|
auth_type = password
|
|
project_domain_id = default
|
|
user_domain_id = default
|
|
project_name = service
|
|
username = {{ ironic_keystone_user }}
|
|
password = {{ ironic_keystone_password }}
|
|
region_name = {{ openstack_region_name }}
|
|
valid_interfaces = internal
|
|
cafile = {{ openstack_cacert }}
|
|
{% else %}
|
|
auth_type = none
|
|
endpoint_override = {{ ironic_inspector_internal_endpoint }}
|
|
{% endif %}
|
|
|
|
[service_catalog]
|
|
{% if enable_keystone | bool %}
|
|
auth_url = {{ keystone_admin_url }}
|
|
auth_type = password
|
|
project_domain_id = default
|
|
user_domain_id = default
|
|
project_name = service
|
|
username = {{ ironic_keystone_user }}
|
|
password = {{ ironic_keystone_password }}
|
|
region_name = {{ openstack_region_name }}
|
|
valid_interfaces = internal
|
|
cafile = {{ openstack_cacert }}
|
|
{% else %}
|
|
auth_type = none
|
|
endpoint_override = {{ ironic_internal_endpoint }}
|
|
{% endif %}
|
|
|
|
[agent]
|
|
deploy_logs_local_path = /var/log/kolla/ironic
|
|
deploy_logs_storage_backend = local
|
|
deploy_logs_collect = always
|
|
|
|
[pxe]
|
|
pxe_append_params = nofb nomodeset vga=normal console=tty0 console=ttyS0,{{ ironic_console_serial_speed }}
|
|
{% if enable_ironic_ipxe | bool %}
|
|
{# NOTE(mgoddard): iPXE uses the TFTP image cache (tftp_master_path, default
|
|
/tftpboot/master_images), in which images get hard linked to the http_root
|
|
directory (/httpboot). These must be on the same device, but /httpboot and
|
|
/tftpboot live in separate Docker volumes. Override the default paths for
|
|
iPXE to place them both in /httpboot. This prevents mixing PXE and iPXE. #}
|
|
tftp_root = /httpboot
|
|
tftp_master_path = /httpboot/master_images
|
|
tftp_server = {{ api_interface_address }}
|
|
{% endif %}
|
|
|
|
[deploy]
|
|
http_url = {{ ironic_ipxe_url }}
|
|
|
|
[oslo_middleware]
|
|
enable_proxy_headers_parsing = True
|
|
|
|
{% if not enable_neutron | bool %}
|
|
[dhcp]
|
|
dhcp_provider = none
|
|
{% endif %}
|