From 22459dcfa62aa907c329192075f389b2f6ef9a9d Mon Sep 17 00:00:00 2001 From: Dmitry Tantsur Date: Wed, 21 Mar 2018 16:03:11 +0100 Subject: [PATCH] Add support to ironic "direct" deploy interface This change adds a configuration script that sets up Swift temporary URL key, if it is not set up otherwise. This key is required for both ironic "direct" and "ansible" deploy interfaces. The "direct" deploy interface is then enabled for the undercloud. Implements: blueprint ironic-direct-deploy Change-Id: I3cbc51831fc3e185f907b44da654f71aa0f4c420 --- docker/services/ironic-conductor.yaml | 90 ++++++++++++++++++++------- environments/undercloud.yaml | 3 +- 2 files changed, 69 insertions(+), 24 deletions(-) diff --git a/docker/services/ironic-conductor.yaml b/docker/services/ironic-conductor.yaml index 414267c737..0979bd14ef 100644 --- a/docker/services/ironic-conductor.yaml +++ b/docker/services/ironic-conductor.yaml @@ -36,11 +36,19 @@ parameters: default: {} description: Parameters specific to the role type: json + IronicConfigureSwiftTempUrlKey: + default: true + description: Whether to configure Swift temporary URLs for use with + the "direct" and "ansible" deploy interfaces. + type: boolean UndercloudUpgrade: type: boolean description: Flag to indicate undercloud upgrade process is being run. default: false +conditions: + configure_swift_temp_url: {equals: [{get_param: IronicConfigureSwiftTempUrlKey}, true]} + resources: ContainersCommon: @@ -103,30 +111,68 @@ outputs: - path: /var/log/ironic owner: ironic:ironic recurse: true + docker_config_scripts: + create_swift_temp_url_key.sh: + mode: "0700" + content: | + #!/bin/bash + export OS_PROJECT_DOMAIN_NAME=$(crudini --get /etc/ironic/ironic.conf swift project_domain_name) + export OS_USER_DOMAIN_NAME=$(crudini --get /etc/ironic/ironic.conf swift user_domain_name) + export OS_PROJECT_NAME=$(crudini --get /etc/ironic/ironic.conf swift project_name) + export OS_USERNAME=$(crudini --get /etc/ironic/ironic.conf swift username) + export OS_PASSWORD=$(crudini --get /etc/ironic/ironic.conf swift password) + export OS_AUTH_URL=$(crudini --get /etc/ironic/ironic.conf swift auth_url) + export OS_AUTH_TYPE=password + export OS_IDENTITY_API_VERSION=3 + + echo "Check if a temporary URL key already exists" + KEY_SET=$(openstack object store account show -c properties -f value 2>/dev/null | tr ',' '\n' | grep Temp-Url-Key || true) + if [ -z $KEY_SET ]; then + echo "Creating a new temporary URL for project $OS_PROJECT_NAME" + SWIFT_TEMP_URL_KEY=$(uuidgen | sha1sum | awk '{print $1}') + openstack object store account set --property "Temp-URL-Key=$SWIFT_TEMP_URL_KEY" || exit 1 + fi docker_config: step_4: - ironic_conductor: - start_order: 80 - image: {get_param: DockerIronicConductorImage} - net: host - privileged: true - restart: always - healthcheck: - test: /openstack/healthcheck - volumes: - list_concat: - - {get_attr: [ContainersCommon, volumes]} - - - - /var/lib/kolla/config_files/ironic_conductor.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/puppet-generated/ironic/:/var/lib/kolla/config_files/src:ro - - /lib/modules:/lib/modules:ro - - /sys:/sys - - /dev:/dev - - /run:/run #shared? - - /var/lib/ironic:/var/lib/ironic - - /var/log/containers/ironic:/var/log/ironic - environment: - - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS + map_merge: + - if: + - configure_swift_temp_url + - create_swift_temp_url_key: + start_order: 70 + image: &ironic_conductor_image {get_param: DockerIronicConductorImage} + net: host + detach: false + volumes: + list_concat: + - {get_attr: [ContainersCommon, volumes]} + - + - /var/lib/config-data/puppet-generated/ironic/etc/ironic:/etc/ironic:ro + - /var/lib/docker-config-scripts/create_swift_temp_url_key.sh:/create_swift_temp_url_key.sh:ro + user: root + command: "/usr/bin/bootstrap_host_exec ironic_conductor /create_swift_temp_url_key.sh" + - {} + - ironic_conductor: + start_order: 80 + image: *ironic_conductor_image + net: host + privileged: true + restart: always + healthcheck: + test: /openstack/healthcheck + volumes: + list_concat: + - {get_attr: [ContainersCommon, volumes]} + - + - /var/lib/kolla/config_files/ironic_conductor.json:/var/lib/kolla/config_files/config.json:ro + - /var/lib/config-data/puppet-generated/ironic/:/var/lib/kolla/config_files/src:ro + - /lib/modules:/lib/modules:ro + - /sys:/sys + - /dev:/dev + - /run:/run #shared? + - /var/lib/ironic:/var/lib/ironic + - /var/log/containers/ironic:/var/log/ironic + environment: + - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS host_prep_tasks: - name: create persistent directories file: diff --git a/environments/undercloud.yaml b/environments/undercloud.yaml index de1f729744..4597e81f5b 100644 --- a/environments/undercloud.yaml +++ b/environments/undercloud.yaml @@ -45,8 +45,7 @@ parameter_defaults: IronicEnabledHardwareTypes: ['ipmi', 'redfish', 'idrac', 'ilo'] IronicEnabledBootInterfaces: ['pxe', 'ilo-pxe'] IronicEnabledConsoleInterfaces: ['ipmitool-socat', 'ilo', 'no-console'] - # TODO(dtantsur): one day we may want to support the direct deploy too - IronicEnabledDeployInterfaces: ['iscsi', 'ansible'] + IronicEnabledDeployInterfaces: ['iscsi', 'direct', 'ansible'] IronicEnabledInspectInterfaces: ['inspector', 'no-inspect'] IronicEnabledManagementInterfaces: ['ipmitool', 'redfish', 'idrac', 'ilo'] # NOTE(dtantsur): disabling advanced networking as it's not used (or