
The Ironic templates and roles assume Keystone is enabled and they don't make use of the `enable_keystone var. This patch changes the behavior so that `noauth` is used as auth method for Ironic if keystone is not enabled, the Ironic endpoint is not registered if keystone is not enabled and the keystone section is not created in the config file. Change-Id: I813de42d10ac264eec81076cb107b58af09ff686
94 lines
3.4 KiB
Django/Jinja
94 lines
3.4 KiB
Django/Jinja
# NOTE(mgoddard): Ironic is changing the default value of [deploy]
|
|
# default_boot_option from 'netboot' to 'local'. If the option is not set,
|
|
# ironic will log a warning during the transition period. Even so,
|
|
# kolla-ansible should not set a value for this option as the warning is
|
|
# intended to inform operators of the impending change. The warning may be
|
|
# suppressed by the deployer by setting a value for the option.
|
|
|
|
[DEFAULT]
|
|
{% if not enable_keystone | bool %}
|
|
auth_strategy = noauth
|
|
admin_user = {{ openstack_auth.username }}
|
|
admin_password = {{ keystone_admin_password }}
|
|
{% endif %}
|
|
debug = {{ ironic_logging_debug }}
|
|
|
|
log_dir = /var/log/kolla/ironic
|
|
|
|
enabled_drivers = pxe_ipmitool,pxe_ssh
|
|
|
|
transport_url = rabbit://{% for host in groups['rabbitmq'] %}{{ rabbitmq_user }}:{{ rabbitmq_password }}@{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ rabbitmq_port }}{% if not loop.last %},{% endif %}{% endfor %}
|
|
|
|
{% if service_name == 'ironic-api' %}
|
|
[api]
|
|
host_ip = {{ api_interface_address }}
|
|
api_workers = {{ openstack_service_workers }}
|
|
{% endif %}
|
|
|
|
{% if service_name == 'ironic-conductor' %}
|
|
[conductor]
|
|
api_url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ ironic_api_port }}
|
|
{% endif %}
|
|
automated_clean=false
|
|
{% endif %}
|
|
|
|
[database]
|
|
connection = mysql+pymysql://{{ ironic_database_user }}:{{ ironic_database_password }}@{{ ironic_database_address }}/{{ ironic_database_name }}
|
|
max_retries = -1
|
|
|
|
{% if enable_keystone | bool %}
|
|
[keystone_authtoken]
|
|
auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }}
|
|
auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}
|
|
auth_type = password
|
|
project_domain_id = {{ default_project_domain_id }}
|
|
user_domain_id = {{ default_user_domain_id }}
|
|
project_name = service
|
|
username = {{ ironic_keystone_user }}
|
|
password = {{ ironic_keystone_password }}
|
|
|
|
memcache_security_strategy = ENCRYPT
|
|
memcache_secret_key = {{ memcache_secret_key }}
|
|
memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
|
|
{% endif %}
|
|
|
|
|
|
[glance]
|
|
glance_api_servers = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ glance_api_port }}
|
|
auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}
|
|
auth_type = password
|
|
project_domain_id = default
|
|
user_domain_id = default
|
|
project_name = service
|
|
username = {{ ironic_keystone_user }}
|
|
password = {{ ironic_keystone_password }}
|
|
|
|
[neutron]
|
|
url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ neutron_server_port }}
|
|
auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}
|
|
auth_type = password
|
|
project_domain_id = default
|
|
user_domain_id = default
|
|
project_name = service
|
|
username = {{ ironic_keystone_user }}
|
|
password = {{ ironic_keystone_password }}
|
|
cleaning_network = {{ ironic_cleaning_network }}
|
|
|
|
[inspector]
|
|
enabled = true
|
|
auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}
|
|
auth_type = password
|
|
project_domain_id = default
|
|
user_domain_id = default
|
|
project_name = service
|
|
username = {{ ironic_keystone_user }}
|
|
password = {{ ironic_keystone_password }}
|
|
|
|
[agent]
|
|
deploy_logs_local_path = /var/log/kolla/ironic
|
|
deploy_logs_storage_backend = local
|
|
deploy_logs_collect = always
|
|
|
|
[pxe]
|
|
pxe_append_params = nofb nomodeset vga=normal console=tty0 console=ttyS0,{{ ironic_console_serial_speed }}
|