Allow for running standalone Ironic w/o keystone

The Ironic templates and roles assume Keystone is enabled and they don't
make use of the `enable_keystone var. This patch changes the behavior so
that `noauth` is used as auth method for Ironic if keystone is not
enabled, the Ironic endpoint is not registered if keystone is not
enabled and the keystone section is not created in the config file.

Change-Id: I813de42d10ac264eec81076cb107b58af09ff686
This commit is contained in:
Flavio Percoco 2017-06-23 16:21:51 +02:00
parent 0cd868243f
commit bbe9d418ba
2 changed files with 10 additions and 5 deletions

View File

@ -1,7 +1,8 @@
--- ---
- include: register.yml - include: register.yml
when: inventory_hostname in groups['ironic-api'] or when: enable_keystone | bool and
inventory_hostname in groups['ironic-inspector'] (inventory_hostname in groups['ironic-api'] or
inventory_hostname in groups['ironic-inspector'])
- include: config.yml - include: config.yml
when: inventory_hostname in groups['ironic-api'] or when: inventory_hostname in groups['ironic-api'] or

View File

@ -6,13 +6,15 @@
# suppressed by the deployer by setting a value for the option. # suppressed by the deployer by setting a value for the option.
[DEFAULT] [DEFAULT]
{% if not enable_keystone | bool %}
auth_strategy = noauth
admin_user = {{ openstack_auth.username }}
admin_password = {{ keystone_admin_password }}
{% endif %}
debug = {{ ironic_logging_debug }} debug = {{ ironic_logging_debug }}
log_dir = /var/log/kolla/ironic log_dir = /var/log/kolla/ironic
admin_user = {{ openstack_auth.username }}
admin_password = {{ keystone_admin_password }}
enabled_drivers = pxe_ipmitool,pxe_ssh enabled_drivers = pxe_ipmitool,pxe_ssh
transport_url = rabbit://{% for host in groups['rabbitmq'] %}{{ rabbitmq_user }}:{{ rabbitmq_password }}@{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ rabbitmq_port }}{% if not loop.last %},{% endif %}{% endfor %} transport_url = rabbit://{% for host in groups['rabbitmq'] %}{{ rabbitmq_user }}:{{ rabbitmq_password }}@{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ rabbitmq_port }}{% if not loop.last %},{% endif %}{% endfor %}
@ -34,6 +36,7 @@ automated_clean=false
connection = mysql+pymysql://{{ ironic_database_user }}:{{ ironic_database_password }}@{{ ironic_database_address }}/{{ ironic_database_name }} connection = mysql+pymysql://{{ ironic_database_user }}:{{ ironic_database_password }}@{{ ironic_database_address }}/{{ ironic_database_name }}
max_retries = -1 max_retries = -1
{% if enable_keystone | bool %}
[keystone_authtoken] [keystone_authtoken]
auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }} auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }}
auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }} auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}
@ -47,6 +50,7 @@ password = {{ ironic_keystone_password }}
memcache_security_strategy = ENCRYPT memcache_security_strategy = ENCRYPT
memcache_secret_key = {{ memcache_secret_key }} memcache_secret_key = {{ memcache_secret_key }}
memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %} memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
{% endif %}
[glance] [glance]