From 0376a5f55d8741139eaba9407e3863c7aabca4fc Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Thu, 11 Aug 2016 16:44:07 +0200 Subject: [PATCH] Introduce ironic::pxe class We should provide option to setup PXE in order to remove PXE setup from tripleo elements. Class ironic::pxe will setup tftpboot and httpboot and class ironic::pxe::common will take care of common dependancies between ironic, ironic inspector and pxe driver. Change-Id: I8b83eff694316755e4dd2dbcde7b569472893bc5 --- manifests/drivers/pxe.pp | 8 +- manifests/inspector.pp | 56 +++--- manifests/params.pp | 10 ++ manifests/pxe.pp | 164 ++++++++++++++++++ manifests/pxe/common.pp | 46 +++++ manifests/pxe/tftpboot_file.pp | 45 +++++ metadata.json | 4 +- ...uce_ironic_pxe_class-45bfc04e6e6d4d3b.yaml | 14 ++ spec/classes/ironic_inspector_spec.rb | 55 +++--- spec/classes/ironic_pxe_spec.rb | 144 +++++++++++++++ templates/inspector_dnsmasq_http.erb | 4 +- templates/inspector_dnsmasq_tftp.erb | 2 - templates/inspector_ipxe.erb | 4 +- 13 files changed, 481 insertions(+), 75 deletions(-) create mode 100644 manifests/pxe.pp create mode 100644 manifests/pxe/common.pp create mode 100644 manifests/pxe/tftpboot_file.pp create mode 100644 releasenotes/notes/introduce_ironic_pxe_class-45bfc04e6e6d4d3b.yaml create mode 100644 spec/classes/ironic_pxe_spec.rb diff --git a/manifests/drivers/pxe.pp b/manifests/drivers/pxe.pp index eab9d003..65f4a3f3 100644 --- a/manifests/drivers/pxe.pp +++ b/manifests/drivers/pxe.pp @@ -113,6 +113,10 @@ class ironic::drivers::pxe ( $pxe_deploy_timeout = undef, ) { + include ::ironic::pxe::common + $tftp_root_real = pick($::ironic::pxe::common::tftp_root, $tftp_root) + $ipxe_timeout_real = pick($::ironic::pxe::common::ipxe_timeout, $ipxe_timeout) + if $ipxe_enabled { $pxe_bootfile_name_real = pick($pxe_bootfile_name, 'undionly.kpxe') $pxe_config_template_real = pick($pxe_config_template, '$pybasedir/drivers/modules/ipxe_config.template') @@ -128,13 +132,13 @@ class ironic::drivers::pxe ( 'pxe/pxe_bootfile_name': value => $pxe_bootfile_name_real; 'pxe/pxe_config_template': value => $pxe_config_template_real; 'pxe/tftp_server': value => $tftp_server; - 'pxe/tftp_root': value => $tftp_root; + 'pxe/tftp_root': value => $tftp_root_real; 'pxe/images_path': value => $images_path; 'pxe/tftp_master_path': value => $tftp_master_path; 'pxe/instance_master_path': value => $instance_master_path; 'pxe/uefi_pxe_bootfile_name': value => $uefi_pxe_bootfile_name; 'pxe/uefi_pxe_config_template': value => $uefi_pxe_config_template; - 'pxe/ipxe_timeout': value => $ipxe_timeout; + 'pxe/ipxe_timeout': value => $ipxe_timeout_real; } if $deploy_kernel { diff --git a/manifests/inspector.pp b/manifests/inspector.pp index b5628851..2327a54a 100644 --- a/manifests/inspector.pp +++ b/manifests/inspector.pp @@ -145,12 +145,20 @@ # # [*ipxe_timeout*] # (optional) ipxe timeout in second. Should be an integer. -# Defaults to '0' for unlimited. +# Defaults to $::os_service_default # # [*http_port*] # (optional) port used by the HTTP service serving introspection images. # Defaults to 8088. # +# [*tftp_root*] +# (optional) Folder location to deploy PXE boot files +# Defaults to '/tftpboot' +# +# [*http_root*] +# (optional) Folder location to deploy HTTP PXE boot +# Defaults to '/httpboot' +# # DEPRECATED PARAMETERS # # [*identity_uri*] @@ -205,8 +213,10 @@ class ironic::inspector ( $ramdisk_collectors = 'default', $additional_processing_hooks = undef, $ramdisk_kernel_args = undef, - $ipxe_timeout = 0, - $http_port = 8088, + $ipxe_timeout = $::os_service_default, + $http_port = '8088', + $tftp_root = '/tftpboot', + $http_root = '/httpboot', # DEPRECATED PARAMETERS $identity_uri = undef, $admin_tenant_name = undef, @@ -216,6 +226,7 @@ class ironic::inspector ( ) { include ::ironic::params + include ::ironic::pxe::common include ::ironic::inspector::logging if $admin_tenant_name { @@ -242,16 +253,20 @@ class ironic::inspector ( include ::ironic::inspector::authtoken } + warning("After Newton cycle ::ironic::inspector won't provide tftpboot and httpboot setup, please include ::ironic::pxe") + include ::ironic::pxe + + $tftp_root_real = pick($::ironic::pxe::common::tftp_root, $tftp_root) + $http_root_real = pick($::ironic::pxe::common::http_root, $http_root) + $http_port_real = pick($::ironic::pxe::common::http_port, $http_port) + $ipxe_timeout_real = pick($::ironic::pxe::common::ipxe_timeout, $ipxe_timeout) + Ironic_inspector_config<||> ~> Service['ironic-inspector'] file { '/etc/ironic-inspector/inspector.conf': ensure => 'present', require => Package['ironic-inspector'], } - file { '/tftpboot': - ensure => 'directory', - seltype => 'tftpdir_t', - } if $pxe_transfer_protocol == 'tftp' { file { '/etc/ironic-inspector/dnsmasq.conf': @@ -259,10 +274,10 @@ class ironic::inspector ( content => template('ironic/inspector_dnsmasq_tftp.erb'), require => Package['ironic-inspector'], } - file { '/tftpboot/pxelinux.cfg': + file { "${tftp_root_real}/pxelinux.cfg": ensure => 'directory', } - file { '/tftpboot/pxelinux.cfg/default': + file { "${tftp_root_real}/pxelinux.cfg/default": ensure => 'present', content => template('ironic/inspector_pxelinux_cfg.erb'), require => Package['ironic-inspector'], @@ -275,32 +290,11 @@ class ironic::inspector ( content => template('ironic/inspector_dnsmasq_http.erb'), require => Package['ironic-inspector'], } - file { '/httpboot': - ensure => 'directory', - } - file { '/httpboot/inspector.ipxe': + file { "${http_root_real}/inspector.ipxe": ensure => 'present', content => template('ironic/inspector_ipxe.erb'), require => Package['ironic-inspector'], } - if $::ironic::params::ipxe_rom_dir { - file { '/tftpboot/undionly.kpxe': - ensure => 'present', - source => "${::ironic::params::ipxe_rom_dir}/undionly.kpxe", - backup => false, - seltype => 'tftpdir_t', - } - if $enable_uefi { - file { '/tftpboot/ipxe.efi': - ensure => 'present', - source => "${::ironic::params::ipxe_rom_dir}/ipxe.efi", - backup => false, - seltype => 'tftpdir_t', - } - } - } else { - warning('iPXE ROM source location not set, ensure ROMs are copied into /tftpboot') - } } # Configure inspector.conf diff --git a/manifests/params.pp b/manifests/params.pp index 35a98c0e..4173d261 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -42,6 +42,11 @@ class ironic::params { $ipxe_rom_dir = '/usr/share/ipxe' $ironic_wsgi_script_path = '/var/www/cgi-bin/ironic' $ironic_wsgi_script_source = '/usr/lib/python2.7/site-packages/ironic/api/app.wsgi' + $tftpd_package = 'tftp-server' + $ipxe_package = 'ipxe-bootimgs' + $syslinux_package = 'syslinux-extlinux' + $syslinux_path = '/usr/share/syslinux' + $syslinux_files = ['pxelinux.0', 'chain.c32'] } 'Debian': { $common_package_name = 'ironic-common' @@ -60,6 +65,11 @@ class ironic::params { $ipxe_rom_dir = '/usr/lib/ipxe' $ironic_wsgi_script_path = '/usr/lib/cgi-bin/ironic' $ironic_wsgi_script_source = '/usr/lib/python2.7/dist-packages/ironic/api/app.wsgi' + $tftpd_package = 'tftpd' + $ipxe_package = 'ipxe' + $syslinux_package = 'syslinux-common' + $syslinux_path = '/usr/lib/syslinux' + $syslinux_files = ['pxelinux.0', 'chain.c32', 'libcom32.c32', 'libutil.c32'] } default: { fail("Unsupported osfamily ${::osfamily}") diff --git a/manifests/pxe.pp b/manifests/pxe.pp new file mode 100644 index 00000000..458e1eca --- /dev/null +++ b/manifests/pxe.pp @@ -0,0 +1,164 @@ +# +# Copyright (C) 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +# Set up PXE boot for Ironic +# +# === Parameters +# +# [*package_ensure*] +# (optional) Control the ensure parameter for the package resource +# Defaults to 'present' +# +# [*tftp_root*] +# (optional) Folder location to deploy PXE boot files +# Defaults to '/tftpboot' +# +# [*http_root*] +# (optional) Folder location to deploy HTTP PXE boot +# Defaults to '/httpboot' +# +# [*http_port*] +# (optional) port used by the HTTP service serving introspection and +# deployment images. +# Defaults to '8088' +# +# [*syslinux_path*] +# (optional) Path to directory containing syslinux files. +# Defaults to '$::ironic::params::syslinux_path' +# +# [*syslinux_files*] +# (optional) Array of PXE boot files to copy from $syslinux_path to $tftp_root. +# Defaults to '$::ironic::params::syslinux_files' +# +class ironic::pxe ( + $package_ensure = 'present', + $tftp_root = '/tftpboot', + $http_root = '/httpboot', + $http_port = '8088', + $syslinux_path = $::ironic::params::syslinux_path, + $syslinux_files = $::ironic::params::syslinux_files, +) inherits ::ironic::params { + + include ::ironic::pxe::common + + $tftp_root_real = pick($::ironic::pxe::common::tftp_root, $tftp_root) + $http_root_real = pick($::ironic::pxe::common::http_root, $http_root) + $http_port_real = pick($::ironic::pxe::common::http_port, $http_port) + + file { $tftp_root_real: + ensure => 'directory', + seltype => 'tftpdir_t', + owner => 'ironic', + group => 'ironic', + require => Package['ironic-common'], + } + + file { $http_root_real: + ensure => 'directory', + seltype => 'httpd_sys_content_t', + owner => 'ironic', + group => 'ironic', + require => Package['ironic-common'], + } + + ensure_resource( 'package', 'tftp-server', { + 'ensure' => $package_ensure, + 'name' => $::ironic::params::tftpd_package, + 'tag' => ['openstack', 'ironic-ipxe'], + }) + + $options = "--map-file ${tftp_root_real}/map-file" + include ::xinetd + + xinetd::service { 'tftp': + port => '69', + protocol => 'udp', + server_args => "${options} ${tftp_root_real}", + server => '/usr/sbin/in.tftpd', + socket_type => 'dgram', + cps => '100 2', + flags => 'IPv4', + per_source => '11', + wait => 'yes', + require => Package['tftp-server'], + } + + service { 'tftpd-hpa': + ensure => 'stopped', + enable => false, + } + + file { "${tftp_root_real}/map-file": + ensure => 'present', + content => "r ^([^/]) ${tftp_root_real}/\\1", + } + + ensure_resource( 'package', 'syslinux', { + ensure => $package_ensure, + name => $::ironic::params::syslinux_package, + tag => ['openstack', 'ironic-ipxe'], + }) + + ironic::pxe::tftpboot_file { $syslinux_files: + source_directory => $syslinux_path, + destination_directory => $tftp_root_real, + require => Package['syslinux'], + } + + ensure_resource( 'package', 'ipxe', { + ensure => $package_ensure, + name => $::ironic::params::ipxe_package, + tag => ['openstack', 'ironic-ipxe'], + }) + + file { "${tftp_root_real}/undionly.kpxe": + ensure => 'present', + seltype => 'tftpdir_t', + owner => 'ironic', + group => 'ironic', + mode => '0744', + source => "${::ironic::params::ipxe_rom_dir}/undionly.kpxe", + backup => false, + require => Package['ipxe'], + } + + file { "${tftp_root_real}/ipxe.efi": + ensure => 'present', + seltype => 'tftpdir_t', + owner => 'ironic', + group => 'ironic', + mode => '0744', + source => "${::ironic::params::ipxe_rom_dir}/ipxe.efi", + backup => false, + require => Package['ipxe'], + } + + include ::apache + + apache::vhost { 'ipxe_vhost': + priority => '10', + options => ['Indexes','FollowSymLinks'], + docroot => $http_root_real, + port => $http_port_real, + # FIXME: for backwards compatibility we have to add listen to the ipxe vhost + add_listen => false, + } + # FIXME: this can be removed after ipxe element is removed from instack-undercloud + concat::fragment { 'ipxe_vhost-listen': + target => '10-ipxe_vhost.conf', + order => 1337, + content => "Listen ${http_port_real}", + } +} diff --git a/manifests/pxe/common.pp b/manifests/pxe/common.pp new file mode 100644 index 00000000..6cb64968 --- /dev/null +++ b/manifests/pxe/common.pp @@ -0,0 +1,46 @@ +# +# Copyright (C) 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +# Common setup for Ironic PXE boot +# +# This class allows to globally override configuration for PXE +# configuration of Ironic. +# +# === Parameters +# +# [*http_port*] +# (optional) port used by the HTTP service serving introspection images. +# Defaults to undef. +# +# [*tftp_root*] +# (optional) Folder location to deploy PXE boot files +# Defaults to undef. +# +# [*http_root*] +# (optional) Folder location to deploy HTTP PXE boot +# Defaults to undef. +# +# [*ipxe_timeout*] +# (optional) ipxe timeout in second. Should be an integer. +# Defaults to undef. +# +class ironic::pxe::common ( + $tftp_root = undef, + $http_root = undef, + $http_port = undef, + $ipxe_timeout = undef, +) { +} diff --git a/manifests/pxe/tftpboot_file.pp b/manifests/pxe/tftpboot_file.pp new file mode 100644 index 00000000..5d10d386 --- /dev/null +++ b/manifests/pxe/tftpboot_file.pp @@ -0,0 +1,45 @@ +# +# Copyright (C) 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +# Internal define for coyping tftpboot files +# +# === Parameters +# +# [*source_directory*] +# Directory to copy file from. +# +# [*destination_directory*] +# Directory to copy files to. +# +# [*file*] +# File to copy. +# Defaults to namevar. +# +define ironic::pxe::tftpboot_file ( + $source_directory, + $destination_directory, + $file = $title, +) { + file {"${destination_directory}/${file}": + ensure => 'present', + seltype => 'tftpdir_t', + owner => 'ironic', + group => 'ironic', + mode => '0744', + source => "${source_directory}/${file}", + backup => false, + } +} + diff --git a/metadata.json b/metadata.json index 3de4dbba..1647b9ad 100644 --- a/metadata.json +++ b/metadata.json @@ -36,6 +36,8 @@ { "name": "puppetlabs/stdlib", "version_requirement": ">=4.0.0 <5.0.0" }, { "name": "openstack/openstacklib", "version_requirement": ">=9.2.0 <10.0.0" }, { "name": "puppetlabs/vcsrepo", "version_requirement": ">=1.3.0 <2.0.0"}, - { "name": "openstack/oslo", "version_requirement": ">=9.2.0 <10.0.0" } + { "name": "openstack/oslo", "version_requirement": ">=9.2.0 <10.0.0" }, + { "name": "puppetlabs/apache", "version_requirement": ">=1.8.0 <2.0.0" }, + { "name": "puppetlabs/xinetd", "version_requirement": ">=1.5.0 <2.0.0" } ] } diff --git a/releasenotes/notes/introduce_ironic_pxe_class-45bfc04e6e6d4d3b.yaml b/releasenotes/notes/introduce_ironic_pxe_class-45bfc04e6e6d4d3b.yaml new file mode 100644 index 00000000..87f0d588 --- /dev/null +++ b/releasenotes/notes/introduce_ironic_pxe_class-45bfc04e6e6d4d3b.yaml @@ -0,0 +1,14 @@ +--- +features: + - Introduced ironic::pxe class to fully setup tftpboot + and httpboot for Ironic and ironic::pxe::common to + allow global overrides of options shared among + standalone classes ironic::inspector, ironic::pxe + and ironic::drivers::pxe. +upgrade: + - The ironic::inspector class will no longer provide + tftp_root and http_root paths. These are provided + by ironic::pxe class and the inclusion of this + class will be removed after Newton cycle. Either + create tftp_root and http_root or include ironic::pxe + for full PXE setup. diff --git a/spec/classes/ironic_inspector_spec.rb b/spec/classes/ironic_inspector_spec.rb index 0291fb69..d53451eb 100644 --- a/spec/classes/ironic_inspector_spec.rb +++ b/spec/classes/ironic_inspector_spec.rb @@ -50,11 +50,14 @@ describe 'ironic::inspector' do :dnsmasq_ip_range => '192.168.0.100,192.168.0.120', :dnsmasq_local_ip => '192.168.0.1', :ipxe_timeout => 0, - :http_port => 8088, } + :http_port => 8088, + :tftp_root => '/tftpboot', + :http_root => '/httpboot', } end shared_examples_for 'ironic inspector' do + let :p do params end @@ -132,20 +135,6 @@ describe 'ironic::inspector' do /initrd=agent.ramdisk ipa-inspection-callback-url=http:\/\/192.168.0.1:5050\/v1\/continue ipa-inspection-collectors=default/ ) end - it 'should contain directory /tftpboot with selinux type tftpdir_t' do - is_expected.to contain_file('/tftpboot').with( - 'ensure' => 'directory', - 'seltype' => 'tftpdir_t' - ) - end - - it 'should not contain BIOS iPXE image by default' do - is_expected.to_not contain_file('/tftpboot/undionly.kpxe') - end - - it 'should not contain UEFI iPXE image by default' do - is_expected.to_not contain_file('/tftpboot/ipxe.efi') - end context 'when overriding parameters' do before :each do @@ -164,6 +153,8 @@ describe 'ironic::inspector' do :ramdisk_kernel_args => 'foo=bar', :enable_uefi => true, :http_port => 3816, + :tftp_root => '/var/lib/tftpboot', + :http_root => '/var/www/httpboot', ) end it 'should replace default parameter with new value' do @@ -189,28 +180,16 @@ describe 'ironic::inspector' do /dhcp-boot=tag:ipxe,http:\/\/192.168.0.1:3816\/inspector.ipxe/ ) end - it 'should contain file /httpboot/inspector.ipxe' do - is_expected.to contain_file('/httpboot/inspector.ipxe').with( + it 'should contain file /var/www/httpboot/inspector.ipxe' do + is_expected.to contain_file('/var/www/httpboot/inspector.ipxe').with( 'ensure' => 'present', 'require' => 'Package[ironic-inspector]', 'content' => /ipxe/, ) - is_expected.to contain_file('/httpboot/inspector.ipxe').with_content( + is_expected.to contain_file('/var/www/httpboot/inspector.ipxe').with_content( /kernel http:\/\/192.168.0.1:3816\/agent.kernel ipa-inspection-callback-url=http:\/\/192.168.0.1:5050\/v1\/continue ipa-inspection-collectors=default.* foo=bar || goto retry_boot/ ) end - it 'should contain iPXE chainload images' do - is_expected.to contain_file('/tftpboot/undionly.kpxe').with( - 'ensure' => 'present', - 'backup' => false, - ) - end - it 'should contain iPXE UEFI chainload image' do - is_expected.to contain_file('/tftpboot/ipxe.efi').with( - 'ensure' => 'present', - 'backup' => false, - ) - end context 'when ipxe_timeout is set' do before :each do @@ -219,8 +198,8 @@ describe 'ironic::inspector' do ) end - it 'should contain file /httpboot/inspector.ipxe' do - is_expected.to contain_file('/httpboot/inspector.ipxe').with_content( + it 'should contain file /var/www/httpboot/inspector.ipxe' do + is_expected.to contain_file('/var/www/httpboot/inspector.ipxe').with_content( /kernel --timeout 30000/) end end @@ -229,7 +208,11 @@ describe 'ironic::inspector' do context 'on Debian platforms' do let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) + @default_facts.merge({ + :osfamily => 'Debian', + :operatingsystem => 'Debian', + :operatingsystemrelease => '7.0' + }) end let :platform_params do @@ -242,7 +225,11 @@ describe 'ironic::inspector' do context 'on RedHat platforms' do let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) + @default_facts.merge({ + :osfamily => 'RedHat', + :operatingsystem => 'CentOS', + :operatingsystemrelease => '7.2.1511' + }) end let :platform_params do diff --git a/spec/classes/ironic_pxe_spec.rb b/spec/classes/ironic_pxe_spec.rb new file mode 100644 index 00000000..47bb4e7a --- /dev/null +++ b/spec/classes/ironic_pxe_spec.rb @@ -0,0 +1,144 @@ +require 'spec_helper' + +describe 'ironic::pxe' do + + let :default_params do + { :package_ensure => 'present', + :tftp_root => '/tftpboot', + :http_root => '/httpboot', + :ipxe_timeout => 0, + :http_port => 8088, } + end + + let :params do + {} + end + + shared_examples_for 'ironic pxe' do + let :p do + default_params.merge(params) + end + + it 'should contain directory /tftpboot with selinux type tftpdir_t' do + is_expected.to contain_file('/tftpboot').with( + 'owner' => 'ironic', + 'group' => 'ironic', + 'require' => 'Package[ironic-common]', + 'ensure' => 'directory', + 'seltype' => 'tftpdir_t', + ) + end + + it 'should contain directory /httpboot with selinux type httpd_sys_content_t' do + is_expected.to contain_file('/httpboot').with( + 'owner' => 'ironic', + 'group' => 'ironic', + 'require' => 'Package[ironic-common]', + 'ensure' => 'directory', + 'seltype' => 'httpd_sys_content_t', + ) + end + + it 'should install tftp-server package' do + is_expected.to contain_package('tftp-server').with( + 'ensure' => 'present', + ) + end + + it 'should setup tftp xinetd service' do + is_expected.to contain_class('xinetd') + is_expected.to contain_xinetd__service('tftp').with( + 'port' => '69', + 'protocol' => 'udp', + 'server_args' => '--map-file /tftpboot/map-file /tftpboot', + 'server' => '/usr/sbin/in.tftpd', + 'socket_type' => 'dgram', + 'cps' => '100 2', + 'flags' => 'IPv4', + 'per_source' => '11', + 'wait' => 'yes', + 'require' => 'Package[tftp-server]', + ) + is_expected.to contain_service('tftpd-hpa').with( + 'ensure' => 'stopped', + 'enable' => false, + ) + end + + context 'when overriding parameters' do + before :each do + params.merge!( + :tftp_root => '/var/lib/tftpboot', + :http_root => '/var/www/httpboot', + :http_port => 3816, + ) + end + + it 'should contain directory /var/www/httpboot with selinux type httpd_sys_content_t' do + is_expected.to contain_file('/var/www/httpboot').with( + 'owner' => 'ironic', + 'group' => 'ironic', + 'require' => 'Package[ironic-common]', + 'ensure' => 'directory', + 'seltype' => 'httpd_sys_content_t', + ) + end + + it 'should contain directory /var/lib/tftpboot with selinux type tftpdir_t' do + is_expected.to contain_file('/var/lib/tftpboot').with( + 'owner' => 'ironic', + 'group' => 'ironic', + 'require' => 'Package[ironic-common]', + 'ensure' => 'directory', + 'seltype' => 'tftpdir_t', + ) + end + + it 'should contain iPXE chainload images' do + is_expected.to contain_file('/var/lib/tftpboot/undionly.kpxe').with( + 'owner' => 'ironic', + 'group' => 'ironic', + 'require' => 'Package[ipxe]', + 'seltype' => 'tftpdir_t', + 'ensure' => 'present', + 'backup' => false, + ) + end + it 'should contain iPXE UEFI chainload image' do + is_expected.to contain_file('/var/lib/tftpboot/ipxe.efi').with( + 'owner' => 'ironic', + 'group' => 'ironic', + 'require' => 'Package[ipxe]', + 'seltype' => 'tftpdir_t', + 'ensure' => 'present', + 'backup' => false, + ) + end + end + end + + context 'on Debian platforms' do + let :facts do + @default_facts.merge({ + :osfamily => 'Debian', + :operatingsystem => 'Debian', + :operatingsystemrelease => '7.0' + }) + end + + it_configures 'ironic pxe' + end + + context 'on RedHat platforms' do + let :facts do + @default_facts.merge({ + :osfamily => 'RedHat', + :operatingsystem => 'CentOS', + :operatingsystemrelease => '7.2.1511' + }) + end + + it_configures 'ironic pxe' + end + +end diff --git a/templates/inspector_dnsmasq_http.erb b/templates/inspector_dnsmasq_http.erb index 9c797582..e26101b5 100644 --- a/templates/inspector_dnsmasq_http.erb +++ b/templates/inspector_dnsmasq_http.erb @@ -2,15 +2,13 @@ port=0 interface=<%= @dnsmasq_interface %> bind-interfaces dhcp-range=<%= @dnsmasq_ip_range %>,29 -enable-tftp -tftp-root=/tftpboot dhcp-sequential-ip dhcp-match=ipxe,175 <% if @enable_uefi -%> dhcp-match=set:efi,option:client-arch,7 <% end -%> # Client is running iPXE; move to next stage of chainloading -dhcp-boot=tag:ipxe,http://<%= @dnsmasq_local_ip %>:<%= @http_port %>/inspector.ipxe +dhcp-boot=tag:ipxe,http://<%= @dnsmasq_local_ip %>:<%= @http_port_real %>/inspector.ipxe <% if @enable_uefi -%> # Client is running PXE over EFI; send EFI version of iPXE chainloader dhcp-boot=tag:efi,ipxe.efi diff --git a/templates/inspector_dnsmasq_tftp.erb b/templates/inspector_dnsmasq_tftp.erb index 6583f48c..0b1f24af 100644 --- a/templates/inspector_dnsmasq_tftp.erb +++ b/templates/inspector_dnsmasq_tftp.erb @@ -2,7 +2,5 @@ port=0 interface=<%= @dnsmasq_interface %> bind-interfaces dhcp-range=<%= @dnsmasq_ip_range %>,29 -enable-tftp -tftp-root=/tftpboot dhcp-boot=pxelinux.0,localhost.localdomain,<%= @dnsmasq_local_ip %> dhcp-sequential-ip diff --git a/templates/inspector_ipxe.erb b/templates/inspector_ipxe.erb index 5336b238..5f9f4e86 100644 --- a/templates/inspector_ipxe.erb +++ b/templates/inspector_ipxe.erb @@ -5,6 +5,6 @@ dhcp || goto retry_dhcp :retry_boot imgfree -kernel <% if @ipxe_timeout != "0" %>--timeout <%= Integer(@ipxe_timeout) * 1000 %> <% end %>http://<%= @dnsmasq_local_ip %>:<%= @http_port %>/agent.kernel ipa-inspection-callback-url=http://<%= @dnsmasq_local_ip %>:5050/v1/continue ipa-inspection-collectors=<%= @ramdisk_collectors %> systemd.journald.forward_to_console=yes BOOTIF=${mac} <%= @ramdisk_kernel_args %> initrd=agent.ramdisk || goto retry_boot -initrd <% if @ipxe_timeout != "0" %>--timeout <%= Integer(@ipxe_timeout) * 1000 %> <% end %>http://<%= @dnsmasq_local_ip %>:<%= @http_port %>/agent.ramdisk || goto retry_boot +kernel <% if @ipxe_timeout_real != "0" %>--timeout <%= Integer(@ipxe_timeout_real) * 1000 %> <% end %>http://<%= @dnsmasq_local_ip %>:<%= @http_port_real %>/agent.kernel ipa-inspection-callback-url=http://<%= @dnsmasq_local_ip %>:5050/v1/continue ipa-inspection-collectors=<%= @ramdisk_collectors %> systemd.journald.forward_to_console=yes BOOTIF=${mac} <%= @ramdisk_kernel_args %> initrd=agent.ramdisk || goto retry_boot +initrd <% if @ipxe_timeout_real != "0" %>--timeout <%= Integer(@ipxe_timeout_real) * 1000 %> <% end %>http://<%= @dnsmasq_local_ip %>:<%= @http_port_real %>/agent.ramdisk || goto retry_boot boot