heat_template_version: ocata description: > OpenStack Ironic conductor configured with Puppet parameters: ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. This mapping overrides those in ServiceNetMapDefaults. type: json DefaultPasswords: default: {} type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json IronicCleaningDiskErase: default: 'full' description: Type of disk cleaning before and between deployments, "full" for full cleaning, "metadata" to clean only disk metadata (partition table). type: string IronicEnabledDrivers: default: ['pxe_ipmitool', 'pxe_drac', 'pxe_ilo'] description: Enabled Ironic drivers type: comma_delimited_list IronicIPXEEnabled: default: true description: Whether to use iPXE instead of PXE for deployment. type: boolean IronicIPXEPort: default: 8088 description: Port to use for serving images when iPXE is used. type: string MonitoringSubscriptionIronicConductor: default: 'overcloud-ironic-conductor' type: string resources: IronicBase: type: ./ironic-base.yaml properties: ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: role_data: description: Role data for the Ironic conductor role. value: service_name: ironic_conductor monitoring_subscription: {get_param: MonitoringSubscriptionIronicConductor} config_settings: map_merge: - get_attr: [IronicBase, role_data, config_settings] # FIXME: I have no idea why neutron_url is in "api" manifest - ironic::api::neutron_url: {get_param: [EndpointMap, NeutronInternal, uri]} ironic::conductor::api_url: {get_param: [EndpointMap, IronicInternal, uri_no_suffix]} ironic::conductor::cleaning_disk_erase: {get_param: IronicCleaningDiskErase} ironic::conductor::enabled_drivers: {get_param: IronicEnabledDrivers} # We need an endpoint containing a real IP, not a VIP here ironic_conductor_http_host: {get_param: [ServiceNetMap, IronicNetwork]} ironic::conductor::http_url: list_join: - '' - - 'http://' - "%{hiera('ironic_conductor_http_host')}:" - {get_param: IronicIPXEPort} ironic::drivers::pxe::ipxe_enabled: {get_param: IronicIPXEEnabled} ironic::glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]} # NOTE: bind IP is found in Heat replacing the network name with the # local node IP for the given network; replacement examples # (eg. for internal_api): # internal_api -> IP # internal_api_uri -> [IP] # internal_api_subnet - > IP/CIDR ironic::drivers::pxe::tftp_server: {get_param: [ServiceNetMap, IronicNetwork]} # NOTE(dtantsur): UEFI only works with iPXE currently for us ironic::drivers::pxe::uefi_pxe_config_template: '$pybasedir/drivers/modules/ipxe_config.template' ironic::drivers::pxe::uefi_pxe_bootfile_name: 'ipxe.efi' tripleo.ironic_conductor.firewall_rules: '134 ironic conductor TFTP': dport: 69 proto: udp '135 ironic conductor HTTP': dport: {get_param: IronicIPXEPort} # NOTE(dtantsur): the my_ip parameter is heavily overloaded in # ironic. It's used as a default value for e.g. TFTP server IP, # glance and neutron endpoints, virtual console IP. We override # the TFTP server IP in ironic-conductor.yaml as it should not be # the VIP, but rather a real IP of the host. ironic::my_ip: {get_param: [ServiceNetMap, IronicNetwork]} ironic::pxe::common::http_port: {get_param: IronicIPXEPort} step_config: | include ::tripleo::profile::base::ironic::conductor