Make Ironic inspector honour inventory

Ironic inspector should honour the Ansible inventory group
ironic-inspector. Ironic inspector may not be required at all. If
Ironic inspector is required then it should only run on a single
node, and this should be reflected by the inventory.

This change makes a number of Ironic inspector-related tasks dependent
upon the host's membership of the ironic-inspector group. Also, we
couple the ironic-dnsmasq container with the ironic-inspector group
rather than ironic-conductor, as the service is for inspector rather
than Ironic.

Change-Id: Ifd90753b0fe1a55c11b7723c28e1d14ab3d32737
Closes-Bug: #1665257
This commit is contained in:
Mark Goddard 2017-02-21 19:22:28 +00:00
parent eab8efe166
commit 922eb494e6
6 changed files with 29 additions and 7 deletions

View File

@ -10,12 +10,13 @@
name: "{{ item.database_name }}" name: "{{ item.database_name }}"
register: database register: database
run_once: True run_once: True
delegate_to: "{{ item.delegate_to }}" delegate_to: "{{ groups[item.group][0] }}"
with_items: with_items:
- database_name: "{{ ironic_database_name }}" - database_name: "{{ ironic_database_name }}"
delegate_to: "{{ groups['ironic-api'][0] }}" group: "ironic-api"
- database_name: "{{ ironic_inspector_database_name }}" - database_name: "{{ ironic_inspector_database_name }}"
delegate_to: "{{ groups['ironic-inspector'][0] }}" group: "ironic-inspector"
when: inventory_hostname in groups[item.group]
- name: Creating Ironic database user and setting permissions - name: Creating Ironic database user and setting permissions
kolla_toolbox: kolla_toolbox:
@ -31,16 +32,17 @@
priv: "{{ item.database_name }}.*:ALL" priv: "{{ item.database_name }}.*:ALL"
append_privs: "yes" append_privs: "yes"
run_once: True run_once: True
delegate_to: "{{ item.delegate_to }}" delegate_to: "{{ groups[item.group][0] }}"
with_items: with_items:
- database_name: "{{ ironic_database_name }}" - database_name: "{{ ironic_database_name }}"
database_user: "{{ ironic_database_user }}" database_user: "{{ ironic_database_user }}"
database_password: "{{ ironic_database_password }}" database_password: "{{ ironic_database_password }}"
delegate_to: "{{ groups['ironic-api'][0] }}" group: "ironic-api"
- database_name: "{{ ironic_inspector_database_name }}" - database_name: "{{ ironic_inspector_database_name }}"
database_user: "{{ ironic_inspector_database_user }}" database_user: "{{ ironic_inspector_database_user }}"
database_password: "{{ ironic_inspector_database_password }}" database_password: "{{ ironic_inspector_database_password }}"
delegate_to: "{{ groups['ironic-inspector'][0] }}" group: "ironic-inspector"
when: inventory_hostname in groups[item.group]
- include: bootstrap_service.yml - include: bootstrap_service.yml
when: database.changed when: database.changed
@ -62,4 +64,4 @@
- "{{ node_config_directory }}/ironic-pxe/:{{ container_config_directory }}/:ro" - "{{ node_config_directory }}/ironic-pxe/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro" - "/etc/localtime:/etc/localtime:ro"
- "ironic_pxe:/tftpboot/" - "ironic_pxe:/tftpboot/"
when: "{{ inventory_hostname in groups['ironic-pxe'] }}" when: inventory_hostname in groups['ironic-pxe']

View File

@ -17,6 +17,7 @@
- "/etc/localtime:/etc/localtime:ro" - "/etc/localtime:/etc/localtime:ro"
run_once: True run_once: True
delegate_to: "{{ groups['ironic-api'][0] }}" delegate_to: "{{ groups['ironic-api'][0] }}"
when: inventory_hostname in groups['ironic-api']
- name: Running Ironic Inspector bootstrap container - name: Running Ironic Inspector bootstrap container
kolla_docker: kolla_docker:
@ -36,3 +37,4 @@
- "/etc/localtime:/etc/localtime:ro" - "/etc/localtime:/etc/localtime:ro"
run_once: True run_once: True
delegate_to: "{{ groups['ironic-inspector'][0] }}" delegate_to: "{{ groups['ironic-inspector'][0] }}"
when: inventory_hostname in groups['ironic-inspector']

View File

@ -52,6 +52,7 @@
- "{{ node_custom_config }}/ironic-inspector/inspector.conf" - "{{ node_custom_config }}/ironic-inspector/inspector.conf"
- "{{ node_custom_config }}/ironic-inspector/{{ inventory_hostname }}/inspector.conf" - "{{ node_custom_config }}/ironic-inspector/{{ inventory_hostname }}/inspector.conf"
dest: "{{ node_config_directory }}/ironic-inspector/inspector.conf" dest: "{{ node_config_directory }}/ironic-inspector/inspector.conf"
when: inventory_hostname in groups['ironic-inspector']
- name: Copying over dnsmasq.conf - name: Copying over dnsmasq.conf
template: template:
@ -71,6 +72,10 @@
- "{{ node_custom_config }}/ironic/pxelinux.default" - "{{ node_custom_config }}/ironic/pxelinux.default"
- "{{ node_custom_config }}/ironic/{{ inventory_hostname }}/pxelinux.default" - "{{ node_custom_config }}/ironic/{{ inventory_hostname }}/pxelinux.default"
- "pxelinux.default.j2" - "pxelinux.default.j2"
when:
# Only required when Ironic inspector is in use.
- groups['ironic-inspector'] | length > 0
- inventory_hostname in groups['ironic-pxe']
- name: Copying ironic-agent kernel and initramfs - name: Copying ironic-agent kernel and initramfs
copy: copy:
@ -79,6 +84,10 @@
with_items: with_items:
- "ironic-agent.kernel" - "ironic-agent.kernel"
- "ironic-agent.initramfs" - "ironic-agent.initramfs"
when:
# Only required when Ironic inspector is in use.
- groups['ironic-inspector'] | length > 0
- inventory_hostname in groups['ironic-pxe']
- name: Check if policies shall be overwritten - name: Check if policies shall be overwritten
local_action: stat path="{{ node_custom_config }}/ironic/policy.json" local_action: stat path="{{ node_custom_config }}/ironic/policy.json"

View File

@ -34,6 +34,8 @@
register: result register: result
failed_when: not result.stat.exists failed_when: not result.stat.exists
when: when:
# Only required when Ironic inspector is in use.
- groups['ironic-inspector'] | length > 0
- inventory_hostname in groups['ironic-pxe'] - inventory_hostname in groups['ironic-pxe']
with_items: with_items:
- "ironic-agent.kernel" - "ironic-agent.kernel"

View File

@ -1,6 +1,7 @@
{ {
"command": "/usr/sbin/in.tftpd --verbose --foreground --user root --address 0.0.0.0:69 --map-file /map-file /tftpboot", "command": "/usr/sbin/in.tftpd --verbose --foreground --user root --address 0.0.0.0:69 --map-file /map-file /tftpboot",
"config_files": [ "config_files": [
{% if groups['ironic-inspector'] | length > 0 %}
{ {
"source": "{{ container_config_directory }}/ironic-agent.kernel", "source": "{{ container_config_directory }}/ironic-agent.kernel",
"dest": "/tftpboot/ironic-agent.kernel", "dest": "/tftpboot/ironic-agent.kernel",
@ -19,6 +20,7 @@
"owner": "root", "owner": "root",
"perm": "0644" "perm": "0644"
} }
{% endif %}
], ],
"permissions": [ "permissions": [
{ {

View File

@ -74,6 +74,10 @@ def check_json_j2():
def hostvars(): def hostvars():
return collections.defaultdict(hostvars) return collections.defaultdict(hostvars)
# Mock Ansible groups variable, which is a dict of lists.
def groups():
return collections.defaultdict(list)
def validate_json_j2(root, filename): def validate_json_j2(root, filename):
env = jinja2.Environment( # nosec: not used to render HTML env = jinja2.Environment( # nosec: not used to render HTML
loader=jinja2.FileSystemLoader(root)) loader=jinja2.FileSystemLoader(root))
@ -82,6 +86,7 @@ def check_json_j2():
# Mock ansible variables. # Mock ansible variables.
context = { context = {
'hostvars': hostvars(), 'hostvars': hostvars(),
'groups': groups(),
'cluster_interface': 'cluster_interface', 'cluster_interface': 'cluster_interface',
'storage_interface': 'storage_interface', 'storage_interface': 'storage_interface',
'inventory_hostname': 'hostname' 'inventory_hostname': 'hostname'