From d1d1837c25a064d35dc31c7f161cb778ab30675a Mon Sep 17 00:00:00 2001
From: Jim Rollenhagen <jim@jimrollenhagen.com>
Date: Thu, 27 Dec 2018 15:31:04 -0500
Subject: [PATCH] Allow ironic services to use independent hostnames

This allows ironic service endpoints to use custom hostnames, and adds the
following variables:

* ironic_internal_fqdn
* ironic_external_fqdn
* ironic_inspector_internal_fqdn
* ironic_inspector_external_fqdn

These default to the old values of kolla_internal_fqdn or
kolla_external_fqdn.

This also adds ironic_api_listen_port and ironic_inspector_listen_port
options, which default to ironic_api_port and ironic_inspector_port for
backward compatibility.

These options allow the user to differentiate between the port the
service listens on, and the port the service is reachable on. This is
useful for external load balancers which live on the same host as the
service itself.

Change-Id: I45b175e85866b4cfecad8451b202a5a27f888a84
Implements: blueprint service-hostnames
---
 ansible/group_vars/all.yml                       |  6 ++++++
 ansible/roles/ironic/defaults/main.yml           | 16 ++++++++++------
 ansible/roles/ironic/tasks/precheck.yml          |  4 ++--
 ansible/roles/ironic/templates/inspector.ipxe.j2 |  2 +-
 .../ironic/templates/ironic-inspector.conf.j2    |  2 +-
 ansible/roles/ironic/templates/ironic.conf.j2    |  3 ++-
 .../roles/ironic/templates/pxelinux.default.j2   |  2 +-
 ansible/roles/nova/templates/nova.conf.j2        |  2 +-
 8 files changed, 24 insertions(+), 13 deletions(-)

diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml
index 42a22f6226..f2a59e3ee9 100644
--- a/ansible/group_vars/all.yml
+++ b/ansible/group_vars/all.yml
@@ -241,8 +241,14 @@ horizon_port: "80"
 influxdb_admin_port: "8083"
 influxdb_http_port: "8086"
 
+ironic_internal_fqdn: "{{ kolla_internal_fqdn }}"
+ironic_external_fqdn: "{{ kolla_external_fqdn }}"
 ironic_api_port: "6385"
+ironic_api_listen_port: "{{ ironic_api_port }}"
+ironic_inspector_internal_fqdn: "{{ kolla_internal_fqdn }}"
+ironic_inspector_external_fqdn: "{{ kolla_external_fqdn }}"
 ironic_inspector_port: "5050"
+ironic_inspector_listen_port: "{{ ironic_inspector_port }}"
 ironic_ipxe_port: "8089"
 
 iscsi_port: "3260"
diff --git a/ansible/roles/ironic/defaults/main.yml b/ansible/roles/ironic/defaults/main.yml
index 5f9415594a..e8ae8590e0 100644
--- a/ansible/roles/ironic/defaults/main.yml
+++ b/ansible/roles/ironic/defaults/main.yml
@@ -19,11 +19,13 @@ ironic_services:
         mode: "http"
         external: false
         port: "{{ ironic_api_port }}"
+        listen_port: "{{ ironic_api_listen_port }}"
       ironic_api_external:
         enabled: "{{ enable_ironic }}"
         mode: "http"
         external: true
         port: "{{ ironic_api_port }}"
+        listen_port: "{{ ironic_api_listen_port }}"
   ironic-conductor:
     container_name: ironic_conductor
     group: ironic-conductor
@@ -62,11 +64,13 @@ ironic_services:
         mode: "http"
         external: false
         port: "{{ ironic_inspector_port }}"
+        listen_port: "{{ ironic_inspector_listen_port }}"
       ironic_inspector_external:
         enabled: "{{ enable_ironic }}"
         mode: "http"
         external: true
         port: "{{ ironic_inspector_port }}"
+        listen_port: "{{ ironic_inspector_listen_port }}"
   ironic-pxe:
     container_name: ironic_pxe
     group: ironic-pxe
@@ -154,13 +158,13 @@ ironic_dnsmasq_dimensions: "{{ default_container_dimensions }}"
 ####################
 ironic_inspector_keystone_user: "ironic-inspector"
 
-ironic_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ ironic_api_port }}"
-ironic_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ ironic_api_port }}"
-ironic_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ ironic_api_port }}"
+ironic_admin_endpoint: "{{ admin_protocol }}://{{ ironic_internal_fqdn }}:{{ ironic_api_port }}"
+ironic_internal_endpoint: "{{ internal_protocol }}://{{ ironic_internal_fqdn }}:{{ ironic_api_port }}"
+ironic_public_endpoint: "{{ public_protocol }}://{{ ironic_external_fqdn }}:{{ ironic_api_port }}"
 
-ironic_inspector_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ ironic_inspector_port }}"
-ironic_inspector_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ ironic_inspector_port }}"
-ironic_inspector_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ ironic_inspector_port }}"
+ironic_inspector_admin_endpoint: "{{ admin_protocol }}://{{ ironic_inspector_internal_fqdn }}:{{ ironic_inspector_port }}"
+ironic_inspector_internal_endpoint: "{{ internal_protocol }}://{{ ironic_inspector_internal_fqdn }}:{{ ironic_inspector_port }}"
+ironic_inspector_public_endpoint: "{{ public_protocol }}://{{ ironic_inspector_external_fqdn }}:{{ ironic_inspector_port }}"
 
 ironic_logging_debug: "{{ openstack_logging_debug }}"
 
diff --git a/ansible/roles/ironic/tasks/precheck.yml b/ansible/roles/ironic/tasks/precheck.yml
index a3d03bbb65..93d270b71f 100644
--- a/ansible/roles/ironic/tasks/precheck.yml
+++ b/ansible/roles/ironic/tasks/precheck.yml
@@ -10,7 +10,7 @@
 - name: Checking free port for Ironic API
   wait_for:
     host: "{{ api_interface_address }}"
-    port: "{{ ironic_api_port }}"
+    port: "{{ ironic_api_listen_port }}"
     connect_timeout: 1
     timeout: 1
     state: stopped
@@ -21,7 +21,7 @@
 - name: Checking free port for Ironic Inspector
   wait_for:
     host: "{{ api_interface_address }}"
-    port: "{{ ironic_inspector_port }}"
+    port: "{{ ironic_inspector_listen_port }}"
     connect_timeout: 1
     timeout: 1
     state: stopped
diff --git a/ansible/roles/ironic/templates/inspector.ipxe.j2 b/ansible/roles/ironic/templates/inspector.ipxe.j2
index 4675a0588d..589382d854 100644
--- a/ansible/roles/ironic/templates/inspector.ipxe.j2
+++ b/ansible/roles/ironic/templates/inspector.ipxe.j2
@@ -13,6 +13,6 @@ chain pxelinux.cfg/${mac:hexhyp} || goto inspector_ipa
 :inspector_ipa
 :retry_boot
 imgfree
-kernel --timeout 30000 {{ ironic_ipxe_url }}/ironic-agent.kernel ipa-inspection-callback-url=http://{{ kolla_internal_vip_address }}:{{ ironic_inspector_port }}/v1/continue systemd.journald.forward_to_console=yes BOOTIF=${mac} initrd=agent.ramdisk {{ ironic_inspector_kernel_cmdline_extras | join(' ') }} || goto retry_boot
+kernel --timeout 30000 {{ ironic_ipxe_url }}/ironic-agent.kernel ipa-inspection-callback-url=http://{{ ironic_inspector_internal_fqdn }}:{{ ironic_inspector_port }}/v1/continue systemd.journald.forward_to_console=yes BOOTIF=${mac} initrd=agent.ramdisk {{ ironic_inspector_kernel_cmdline_extras | join(' ') }} || goto retry_boot
 initrd --timeout 30000 {{ ironic_ipxe_url }}/ironic-agent.initramfs || goto retry_boot
 boot
diff --git a/ansible/roles/ironic/templates/ironic-inspector.conf.j2 b/ansible/roles/ironic/templates/ironic-inspector.conf.j2
index 144b566b80..1cbd379633 100644
--- a/ansible/roles/ironic/templates/ironic-inspector.conf.j2
+++ b/ansible/roles/ironic/templates/ironic-inspector.conf.j2
@@ -6,7 +6,7 @@ log_dir = /var/log/kolla/ironic-inspector
 auth_strategy = noauth
 {% endif %}
 listen_address = {{ api_interface_address }}
-listen_port = {{ ironic_inspector_port }}
+listen_port = {{ ironic_inspector_listen_port }}
 transport_url = {{ rpc_transport_url }}
 
 [oslo_messaging_notifications]
diff --git a/ansible/roles/ironic/templates/ironic.conf.j2 b/ansible/roles/ironic/templates/ironic.conf.j2
index 3b28b59c5d..674412d6de 100644
--- a/ansible/roles/ironic/templates/ironic.conf.j2
+++ b/ansible/roles/ironic/templates/ironic.conf.j2
@@ -30,12 +30,13 @@ policy_file = {{ ironic_policy_file }}
 {% if service_name == 'ironic-api' %}
 [api]
 host_ip = {{ api_interface_address }}
+port = {{ ironic_api_listen_port }}
 api_workers = {{ openstack_service_workers }}
 {% endif %}
 
 {% if service_name == 'ironic-conductor' %}
 [conductor]
-api_url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ ironic_api_port }}
+api_url = {{ internal_protocol }}://{{ ironic_internal_fqdn }}:{{ ironic_api_port }}
 automated_clean=false
 {% endif %}
 
diff --git a/ansible/roles/ironic/templates/pxelinux.default.j2 b/ansible/roles/ironic/templates/pxelinux.default.j2
index 0bbadc4c0d..7f0880970d 100644
--- a/ansible/roles/ironic/templates/pxelinux.default.j2
+++ b/ansible/roles/ironic/templates/pxelinux.default.j2
@@ -2,6 +2,6 @@ default introspect
 
 label introspect
 kernel ironic-agent.kernel
-append initrd=ironic-agent.initramfs ipa-inspection-callback-url=http://{{ kolla_internal_vip_address }}:{{ ironic_inspector_port }}/v1/continue systemd.journald.forward_to_console=yes {{ ironic_inspector_kernel_cmdline_extras | join(' ') }}
+append initrd=ironic-agent.initramfs ipa-inspection-callback-url=http://{{ ironic_inspector_internal_fqdn }}:{{ ironic_inspector_port }}/v1/continue systemd.journald.forward_to_console=yes {{ ironic_inspector_kernel_cmdline_extras | join(' ') }}
 
 ipappend 3
diff --git a/ansible/roles/nova/templates/nova.conf.j2 b/ansible/roles/nova/templates/nova.conf.j2
index 2f66613694..c9e7c16ae3 100644
--- a/ansible/roles/nova/templates/nova.conf.j2
+++ b/ansible/roles/nova/templates/nova.conf.j2
@@ -118,7 +118,7 @@ auth_type = password
 project_name = service
 user_domain_name = {{ default_user_domain_name }}
 project_domain_name = {{ default_project_domain_name }}
-api_endpoint = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ ironic_api_port }}/v1
+api_endpoint = {{ internal_protocol }}://{{ ironic_internal_fqdn }}:{{ ironic_api_port }}/v1
 {% endif %}
 
 [oslo_middleware]