From 4010b3d6b906c8a808cf5dd93c5d7796f25e3243 Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Mon, 6 Mar 2017 14:57:45 +0000 Subject: [PATCH] Bifrost & inspector: add rules, configure IPA ramdisk & kernel --- ansible/group_vars/all/bifrost | 29 +++++- ansible/group_vars/all/inspector | 88 +++++++++++++++++++ .../library/os_ironic_inspector_rule.py | 3 +- ansible/roles/kolla-bifrost/defaults/main.yml | 6 ++ .../kolla-bifrost/templates/bifrost.yml.j2 | 10 +++ ansible/seed-introspection-rules.yml | 5 ++ etc/kayobe/bifrost.yml | 12 +++ 7 files changed, 151 insertions(+), 2 deletions(-) create mode 100644 ansible/group_vars/all/inspector diff --git a/ansible/group_vars/all/bifrost b/ansible/group_vars/all/bifrost index 5b4e53aea..dcd1e4de6 100644 --- a/ansible/group_vars/all/bifrost +++ b/ansible/group_vars/all/bifrost @@ -37,6 +37,7 @@ kolla_bifrost_enable_ipmitool_drivers: true # List of of inspector processing plugins. kolla_bifrost_inspector_processing_hooks: + - root_disk_selection - scheduler - validate_interfaces - ramdisk_error @@ -55,7 +56,33 @@ kolla_bifrost_inspector_extra_kernel_options: - "ipa-collect-lldp=1" # List of introspection rules for Bifrost's Ironic Inspector service. -kolla_bifrost_inspector_rules: [] +kolla_bifrost_inspector_rules: + - "{{ inspector_rule_ipmi_credentials }}" + - "{{ inspector_rule_deploy_kernel }}" + - "{{ inspector_rule_deploy_ramdisk }}" + - "{{ inspector_rule_root_hint_serial }}" + - "{{ inspector_rule_save_data }}" + +# Ironic inspector IPMI username to set. +kolla_bifrost_inspector_ipmi_username: + +# Ironic inspector IPMI password to set. +kolla_bifrost_inspector_ipmi_password: + +# Ironic inspector deployment kernel location. +kolla_bifrost_inspector_deploy_kernel: "http://{{ provision_oc_net_name | net_ip }}:8080/ipa.vmlinuz" + +# Ironic inspector deployment ramdisk location. +kolla_bifrost_inspector_deploy_ramdisk: "http://{{ provision_oc_net_name | net_ip }}:8080/ipa.initramfs" + +############################################################################### +# Ironic Python Agent (IPA) configuration. + +# URL of Ironic Python Agent (IPA) kernel image. +kolla_bifrost_ipa_kernel_upstream_url: "https://tarballs.openstack.org/ironic-python-agent/coreos/files/coreos_production_pxe-stable-ocata.vmlinuz" + +# URL of Ironic Python Agent (IPA) ramdisk image. +kolla_bifrost_ipa_ramdisk_upstream_url: "https://tarballs.openstack.org/ironic-python-agent/coreos/files/coreos_production_pxe_image-oem-stable-ocata.cpio.gz" ############################################################################### # Inventory configuration. diff --git a/ansible/group_vars/all/inspector b/ansible/group_vars/all/inspector new file mode 100644 index 000000000..ed543299b --- /dev/null +++ b/ansible/group_vars/all/inspector @@ -0,0 +1,88 @@ +--- +############################################################################### +# Ironic inspector configuration. + +# Ironic inspector IPMI username to set. +inspector_ipmi_username: + +# Ironic inspector IPMI password to set. +inspector_ipmi_password: + +# Ironic inspector deployment kernel location. +inspector_deploy_kernel: + +# Ironic inspector deployment ramdisk location. +inspector_deploy_ramdisk: + +############################################################################### +# Ironic inspector introspection rules configuration. + +# Inspector rules use python string formatting. To escape a curly bracket we +# repeat it, but this also happens to be the Jinja2 variable start sequence. +# These variables make escaping rules slightly less hairy. +inspector_rule_escaped_left_curly: "{{ '{{' | replace('{{', '{{ \"{{\" }}') }}" +inspector_rule_escaped_right_curly: "{{ '}}' | replace('}}', '{{ \"}}\" }}') }}" + +# Ironic inspector rule to set IPMI credentials. +inspector_rule_ipmi_credentials: + description: "Set IPMI driver_info if no credentials" + conditions: + - field: "node://driver_info.ipmi_username" + op: "is-empty" + - field: "node://driver_info.ipmi_password" + op: "is-empty" + actions: + - action: "set-attribute" + path: "driver_info/ipmi_username" + value: "{{ inspector_ipmi_username }}" + - action: "set-attribute" + path: "driver_info/ipmi_password" + value: "{{ inspector_ipmi_password }}" + +# Ironic inspector rule to set deployment kernel. +inspector_rule_deploy_kernel: + description: "Set deploy kernel" + conditions: + - field: "node://driver_info.deploy_kernel" + op: "is-empty" + actions: + - action: "set-attribute" + path: "driver_info/deploy_kernel" + value: "{{ inspector_deploy_kernel }}" + +# Ironic inspector rule to set deployment ramdisk. +inspector_rule_deploy_ramdisk: + description: "Set deploy ramdisk" + conditions: + - field: "node://driver_info.deploy_ramdisk" + op: "is-empty" + actions: + - action: "set-attribute" + path: "driver_info/deploy_ramdisk" + value: "{{ inspector_deploy_ramdisk }}" + +# Ironic inspector rule to set serial root device hint. +inspector_rule_root_hint_serial: + description: "Set serial root device hint" + conditions: + - field: "node://properties.root_device" + op: "is-empty" + - field: "data://root_disk.serial" + op: "is-empty" + invert: True + actions: + - action: "set-attribute" + path: "properties/root_device" + #value: "{{ '{{' | replace('{{', '{{ \"{{\" }}') }}\"serial\": \"{data[root_disk][serial]}\"{{ '}}' | replace('}}', '{{ \"}}\" }}') }}" + # We need to suppoly a JSON encoded object of root device hints, escaping + # the curly brackets. + value: "{{ inspector_rule_escaped_left_curly }}\"serial\": \"{data[root_disk][serial]}\"{{ inspector_rule_escaped_right_curly }}" + +# Ironic inspector rule to save introspection data to the node. +inspector_rule_save_data: + description: "Save introspection data to Ironic node" + conditions: [] + actions: + - action: "set-attribute" + path: "extra/introspection_data" + value: "{data}" diff --git a/ansible/roles/ironic-inspector-rules/library/os_ironic_inspector_rule.py b/ansible/roles/ironic-inspector-rules/library/os_ironic_inspector_rule.py index f5070410c..3d5f05188 100644 --- a/ansible/roles/ironic-inspector-rules/library/os_ironic_inspector_rule.py +++ b/ansible/roles/ironic-inspector-rules/library/os_ironic_inspector_rule.py @@ -68,7 +68,8 @@ def _build_client(module): session = cloud.cloud_config.get_session() client = ironic_inspector_client.v1.ClientV1( inspector_url=module.params['inspector_url'], - session=session, region_name=module.params['region_name']) + session=session, region_name=module.params['region_name'], + api_version=ironic_inspector_client.v1.MAX_API_VERSION) return client diff --git a/ansible/roles/kolla-bifrost/defaults/main.yml b/ansible/roles/kolla-bifrost/defaults/main.yml index ece132334..2ac0cc855 100644 --- a/ansible/roles/kolla-bifrost/defaults/main.yml +++ b/ansible/roles/kolla-bifrost/defaults/main.yml @@ -52,6 +52,12 @@ kolla_bifrost_inspector_port_addition: # List of extra kernel parameters for the inspector default PXE configuration. kolla_bifrost_inspector_extra_kernel_options: +# URL of Ironic Python Agent (IPA) kernel image. +kolla_bifrost_ipa_kernel_upstream_url: + +# URL of Ironic Python Agent (IPA) ramdisk image. +kolla_bifrost_ipa_ramdisk_upstream_url: + # Server inventory to be configured in {{ kolla_node_custom_config_path }}/bifrost/servers.yml. kolla_bifrost_servers: {} diff --git a/ansible/roles/kolla-bifrost/templates/bifrost.yml.j2 b/ansible/roles/kolla-bifrost/templates/bifrost.yml.j2 index 7ff95c61c..b870eab52 100644 --- a/ansible/roles/kolla-bifrost/templates/bifrost.yml.j2 +++ b/ansible/roles/kolla-bifrost/templates/bifrost.yml.j2 @@ -43,6 +43,16 @@ inspector_port_addition: "{{ kolla_bifrost_inspector_port_addition }}" inspector_extra_kernel_options: "{{ kolla_bifrost_inspector_extra_kernel_options | join(' ') }}" {% endif %} +{% if kolla_bifrost_ipa_kernel_upstream_url %} +# URL of Ironic Python Agent (IPA) kernel image. +ipa_kernel_upstream_url: "{{ kolla_bifrost_ipa_kernel_upstream_url }}" +{% endif %} + +{% if kolla_bifrost_ipa_ramdisk_upstream_url %} +# URL of Ironic Python Agent (IPA) ramdisk image. +ipa_ramdisk_upstream_url: "{{ kolla_bifrost_ipa_ramdisk_upstream_url }}" +{% endif %} + {% if kolla_bifrost_extra_globals %} ############################################################################### # Extra configuration diff --git a/ansible/seed-introspection-rules.yml b/ansible/seed-introspection-rules.yml index b577b3927..4d46b074d 100644 --- a/ansible/seed-introspection-rules.yml +++ b/ansible/seed-introspection-rules.yml @@ -9,3 +9,8 @@ ironic_inspector_auth: {} ironic_inspector_url: "http://localhost:5050" ironic_inspector_rules: "{{ kolla_bifrost_inspector_rules }}" + # These variables may be referenced in the introspection rules. + inspector_ipmi_username: "{{ kolla_bifrost_inspector_ipmi_username }}" + inspector_ipmi_password: "{{ kolla_bifrost_inspector_ipmi_password }}" + inspector_deploy_kernel: "{{ kolla_bifrost_inspector_deploy_kernel }}" + inspector_deploy_ramdisk: "{{ kolla_bifrost_inspector_deploy_ramdisk }}" diff --git a/etc/kayobe/bifrost.yml b/etc/kayobe/bifrost.yml index d028e55c2..9e2dd34b6 100644 --- a/etc/kayobe/bifrost.yml +++ b/etc/kayobe/bifrost.yml @@ -44,6 +44,18 @@ # List of introspection rules for Bifrost's Ironic Inspector service. #kolla_bifrost_inspector_rules: +# Ironic inspector IPMI username to set. +#kolla_bifrost_inspector_ipmi_username: + +# Ironic inspector IPMI password to set. +#kolla_bifrost_inspector_ipmi_password: + +# Ironic inspector deployment kernel location. +#kolla_bifrost_inspector_deploy_kernel: + +# Ironic inspector deployment ramdisk location. +#kolla_bifrost_inspector_deploy_ramdisk: + ############################################################################### # Inventory configuration.