openstack/openstack-ansible-os_ironic
Code Issues Proposed changes

Merge "Update ironic.conf for swift and keystone compat"

Browse Source
This commit is contained in:
Jenkins 2016-04-13 11:12:09 +00:00 committed by Gerrit Code Review
commit 7e7962ae1f
6 changed files with 195 additions and 2103 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
defaults/main.yml
View File

@ -17,7 +17,6 @@
# Verbosity Options
debug: False
verbose: True
# These variables are used in 'developer mode' in order to allow the role
# to build an environment directly from a git source without the presence
@ -73,19 +72,35 @@ ironic_service_project_name: "service"
ironic_service_project_domain_id: default
ironic_service_user_domain_id: default
ironic_service_role_name: "admin"
ironic_service_in_ldap: False
# Ironic image store information
ironic_swift_image_container: glance_images
ironic_swift_api_version: v1
# The ironic swift auth account and swift endpoints will be generated using the
# known swift data as provided by swift stat. If you wish to set either of these
# items to something else define these variables.
# ironic_swift_auth_account: AUTH_1234567890
# ironic_swift_endpoint: https://localhost:8080
# Is this Ironic installation working standalone?
# If you're wanting Ironic to work without being integrated to other OpenStack
# services, set this to True, and update the dhcp configuration appropriately
ironic_standalone: False
# Enables or disables automated cleaning. Automated cleaning
# is a configurable set of steps, such as erasing disk drives,
# that are performed on the node to ensure it is in a baseline
# state and ready to be deployed to.
ironic_automated_clean: false
# Database
ironic_galera_user: ironic
ironic_galera_database: ironic
## Keystone authentication middleware
ironic_keystone_auth_plugin: password
# Integrated Openstack configuration
ironic_openstack_driver_list: agent_ipmitool
ironic_openstack_auth_strategy: keystone
@ -102,6 +117,11 @@ ironic_standalone_dhcp_provider: none
ironic_standalone_sync_power_state_interval: -1
ironic_standalone_db_connection_string: "mysql+pymysql://{{ ironic_galera_user }}:{{ ironic_galera_password }}@{{ ironic_galera_address }}/ironic"
# Ironic db tuning
ironic_db_max_overflow: 10
ironic_db_max_pool_size: 120
ironic_db_pool_timeout: 30
# Common configuration
ironic_node_name: ironic
@ -114,6 +134,8 @@ ironic_bin: "{{ ironic_venv_bin }}"
ironic_venv_download_url: http://127.0.0.1/venvs/untagged/ubuntu/ironic.tgz
ironic_tftp_server_address: "{{ ansible_ssh_host }}"
ironic_requires_pip_packages:
- virtualenv
- virtualenv-tools
@ -124,6 +146,7 @@ ironic_pip_packages:
- PyMySQL
- ironic
- python-ironicclient
- python-swiftclient
ironic_api_apt_packages:
- apache2
@ -164,7 +187,6 @@ ironic_wsgi_processes: "{{ (_ironic_wsgi_processes | int > 1) | ternary(_ironic_
ironic_glance_auth_strategy: "{{ ironic_openstack_auth_strategy }}"
# Neutron
# neutron_service_adminurl:
ironic_neutron_auth_strategy: "{{ ironic_openstack_auth_strategy }}"
### Config Overrides

74
tasks/ironic_post_install.yml
View File

@ -21,7 +21,9 @@
ironic_dhcp_provider: "{{ ironic_standalone_dhcp_provider }}"
ironic_sync_power_state_interval: "{{ ironic_standalone_sync_power_state_interval }}"
ironic_db_connection_string: "{{ ironic_standalone_db_connection_string }}"
when: ironic_standalone
when: ironic_standalone | bool
tags:
- always
- name: Setup ironic for integrated Openstack usage
set_fact:
@ -31,7 +33,9 @@
ironic_dhcp_provider: "{{ ironic_openstack_dhcp_provider }}"
ironic_sync_power_state_interval: "{{ ironic_openstack_sync_power_state_interval }}"
ironic_db_connection_string: "{{ ironic_openstack_db_connection_string }}"
when: not ironic_standalone
when: not ironic_standalone | bool
tags:
- always
- name: Get ironic command path
command: which ironic
@ -49,6 +53,72 @@
tags:
- ironic-command-bin
- name: Post swift tempURL secret key
shell: |
. ~/openrc
{{ ironic_bin }}/swift \
--os-username "service:{{ glance_service_user_name }}" \
--os-password {{ glance_service_password }} \
--os-auth-url {{ keystone_service_internalurl }} \
--os-identity-api-version {{ keystone_service_internalurl.split('/v')[-1] }} \
post -m temp-url-key:{{ ironic_swift_temp_url_secret_key }}
when:
- inventory_hostname == groups['ironic_all'][0]
- not ironic_standalone | bool
tags:
- ironic-swift-auth
- always
- name: Get swift account
shell: |
. ~/openrc
{{ ironic_bin }}/swift \
--os-username "service:{{ glance_service_user_name }}" \
--os-password {{ glance_service_password }} \
--os-auth-url {{ keystone_service_internalurl }} \
--os-identity-api-version {{ keystone_service_internalurl.split('/v')[-1] }} \
stat -v | awk '/StorageURL\:/ {print $2}'
register: swift_storage_url
when:
- (ironic_swift_auth_account is undefined) or (ironic_swift_endpoint is undefined)
- not ironic_standalone | bool
tags:
- ironic-swift-auth
- always
- name: Validate swift output
fail:
msg: |
No StorageURL output found using the `swift stat` command and either
the ``ironic_swift_auth_account`` or ``ironic_swift_auth_account``
variables are undefined. Ensure swift is functional and/or define
those variables.
when:
- (ironic_swift_auth_account is undefined) and (ironic_swift_endpoint is undefined)
- not ironic_standalone | bool
- not swift_storage_url.stdout
tags:
- ironic-swift-auth
- always
- name: Set the swift auth facts
set_fact:
ironic_swift_auth_account: "{{ swift_storage_url.stdout.split('/v1/')[-1] }}"
when:
- ironic_swift_auth_account is undefined
- not ironic_standalone | bool
tags:
- always
- name: Set the swift endpoint facts
set_fact:
ironic_swift_endpoint: "{{ swift_storage_url.stdout.split('/v1/')[0] }}"
when:
- ironic_swift_endpoint is undefined
- not ironic_standalone | bool
tags:
- always
- name: Generate ironic config
config_template:
src: "{{ item.src }}"

1
tasks/ironic_pre_install.yml
View File

@ -66,6 +66,7 @@
- { path: "{{ ironic_system_home_folder }}/.ssh", mode: "0700" }
- { path: "{{ ironic_system_home_folder }}/images" }
- { path: "{{ ironic_system_home_folder }}/master_images" }
- { path: "{{ ironic_system_home_folder }}/cache/api", mode: "0700" }
- { path: "/var/lock/ironic" }
- { path: "/var/run/ironic" }
- { path: "/var/www/cgi-bin", owner: root, group: root }

2150
templates/ironic.conf.j2
View File

File diff suppressed because it is too large Load Diff

28
tests/test-rest-api.yml
View File

@ -7,14 +7,26 @@
# needed by the functional test playbook below
- name: Install httplib2 so we can use the uri module
pip:
name: httplib2
name: "{{ item }}"
with_items:
- httplib2
- python-openstackclient
- name: Get auth token
shell: >
. /root/openrc && openstack token issue --format yaml | awk '/^id\:/ {print $2}'
register: get_keystone_token
- name: set token
set_fact:
keystone_token: "{{ get_keystone_token.stdout }}"
- name: Check the ironic-api
uri:
url: "{{ ironic_service_publicuri }}"
HEADER_X-Auth-Token: "{{ keystone_token }}"
status_code: 200
- name: list chassis
uri:
url: "{{ ironic_service_publicuri }}/v1/chassis"
HEADER_X-Auth-Token: "{{ keystone_token }}"
status_code: 200
return_content: yes
register: chassis_list
@ -22,6 +34,7 @@
assert: that="chassis_list.json.chassis == []"
- name: list drivers
uri:
HEADER_X-Auth-Token: "{{ keystone_token }}"
url: "{{ ironic_service_publicuri }}/v1/drivers"
status_code: 200
return_content: yes
@ -31,6 +44,7 @@
- name: list nodes
uri:
url: "{{ ironic_service_publicuri }}/v1/nodes"
HEADER_X-Auth-Token: "{{ keystone_token }}"
status_code: 200
return_content: yes
register: node_list
@ -42,6 +56,7 @@
method: POST
HEADER_Content-Type: "application/json"
HEADER_X-OpenStack-Ironic-API-Version: "1.9"
HEADER_X-Auth-Token: "{{ keystone_token }}"
body_format: json
body: "{\"name\": \"restnode\", \"driver\": \"agent_ipmitool\", \"driver_info\": {\"ipmi_address\": \"1.2.3.4\"}}"
status_code: 201
@ -58,15 +73,17 @@
method: POST
HEADER_Content-Type: "application/json"
HEADER_X-OpenStack-Ironic-API-Version: "1.9"
HEADER_X-Auth-Token: "{{ keystone_token }}"
body_format: json
body: " {\"node_uuid\": \"{{ node_response.json.uuid }}\", \"address\": \"00:00:00:00:00:01\"}"
status_code: 201
return_content: yes
- name: list ports
uri:
url: "{{ ironic_service_publicuri }}/v1/ports"
HEADER_X-Auth-Token: "{{ keystone_token }}"
HEADER_Content-Type: "application/json"
HEADER_X-OpenStack-Ironic-API-Version: "1.9"
url: "{{ ironic_service_publicuri }}/v1/ports"
body: " {\"node\": \"{{ node_response.json.uuid }}\"}"
body_format: json
return_content: yes
@ -82,15 +99,17 @@
method: POST
HEADER_Content-Type: "application/json"
HEADER_X-OpenStack-Ironic-API-Version: "1.9"
HEADER_X-Auth-Token: "{{ keystone_token }}"
body_format: json
body: " {\"node_uuid\": \"{{ node_response.json.uuid }}\", \"address\": \"00:00:00:00:00:02\"}"
status_code: 201
return_content: yes
- name: list ports again
uri:
url: "{{ ironic_service_publicuri }}/v1/ports"
HEADER_X-Auth-Token: "{{ keystone_token }}"
HEADER_Content-Type: "application/json"
HEADER_X-OpenStack-Ironic-API-Version: "1.9"
url: "{{ ironic_service_publicuri }}/v1/ports"
body: " {\"node\": \"{{ node_response.json.uuid }}\"}"
body_format: json
return_content: yes
@ -104,6 +123,7 @@
url: "{{ ironic_service_publicuri }}/v1/nodes/restnode/validate"
method: GET
HEADER_X-OpenStack-Ironic-API-Version: "1.9"
HEADER_X-Auth-Token: "{{ keystone_token }}"
status_code: 200
return_content: yes
register: validate_node
@ -123,6 +143,7 @@
- "validate_node.json.raid.result == true"
- name: update a node
uri:
HEADER_X-Auth-Token: "{{ keystone_token }}"
url: "{{ ironic_service_publicuri }}/v1/nodes/restnode"
body: " [{\"path\": \"/name\", \"value\": \"renamednode\", \"op\": \"replace\"}]"
method: PATCH
@ -139,6 +160,7 @@
method: DELETE
HEADER_Content-Type: "application/json"
HEADER_X-OpenStack-Ironic-API-Version: "1.9"
HEADER_X-Auth-Token: "{{ keystone_token }}"
status_code: 204
return_content: yes
vars_files:

17
tests/test-vars.yml
View File

@ -19,6 +19,7 @@ galera_root_user: root
galera_root_password: "secrete"
rabbitmq_servers: 10.100.100.101:5672
rabbitmq_use_ssl: False
rabbitmq_port: 5672
memcached_servers: 127.0.0.1
memcached_encryption_key: "secrete"
keystone_venv_tag: "testing"
@ -29,7 +30,7 @@ keystone_service_password: "secrete"
keystone_galera_address: 10.100.100.101
keystone_galera_database: keystone
keystone_galera_user: keystone
keystone_container_mysql_password: "SuperSecrete"
keystone_container_mysql_password: "secrete"
keystone_auth_admin_token: "SuperSecreteTestToken"
keystone_admin_user_name: admin
keystone_admin_tenant_name: admin
@ -62,8 +63,20 @@ ironic_service_password: "secrete"
ironic_galera_address: 10.100.100.101
ironic_galera_database: ironic
ironic_galera_user: ironic
ironic_galera_password: "SuperSecrete"
ironic_galera_password: "secrete"
ironic_rabbitmq_password: "secrete"
ironic_rabbitmq_userid: ironic
ironic_rabbitmq_vhost: /ironic
ironic_standalone: True
ironic_swift_endpoint: "http://localhost:8080"
ironic_swift_auth_account: "AUTH_1234567890"
ironic_swift_temp_url_secret_key: secrete
ironic_rabbitmq_userid: ironic
ironic_rabbitmq_password: secrete
ironic_rabbitmq_vhost: /ironic
glance_api_servers: http://localhost:9292
neutron_service_adminurl: http://localhost:9696
neutron_service_region: RegionOne
neutron_service_password: secrete
neutron_service_project_name: ironic
neutron_service_user_name: ironic