diff options
| author |   Dan Prince <dprince@redhat.com> | 2016-08-26 16:39:53 -0400 |
|---|---|---|
| committer | Dan Prince <dprince@redhat.com> | 2016-08-29 12:40:01 -0400 |
| commit | cb2570c237907da2b91d402fec19665c9e422adf (patch) | |
| tree | 7f8665d8bdd9815b39387d2bfc17a00445be01fe /puppet | |
| parent | 4c6a101511da96c8d1170c774e52ea8fd2046458 (diff) | |
Fix Ironic service bind IPs
This patch removes the get_input's in the service templates
and instead uses our new bind IP string replacement mechanism
to correctly set the local bind IPs for the Ironic API.
It also avoids using MysqlNetwork to set Ironic my_ip.
This patch adds a new IronicNetwork setting which is used
to control which network Ironic will use for its PXE network
traffic.
Change-Id: Ic848ec77b0106279c5d963504798c05110aa1440
Diffstat (limited to 'puppet')
| -rw-r--r-- | puppet/services/ironic-api.yaml | 16 | ||||
| -rw-r--r-- | puppet/services/ironic-conductor.yaml | 17 |
2 files changed, 22 insertions, 11 deletions
diff --git a/puppet/services/ironic-api.yaml b/puppet/services/ironic-api.yaml index d0516e1b..96ba7aa1 100644 --- a/puppet/services/ironic-api.yaml +++ b/puppet/services/ironic-api.yaml @@ -39,18 +39,18 @@ outputs: config_settings: map_merge: - get_attr: [IronicBase, role_data, config_settings] - # NOTE(dtantsur): the my_ip parameter is heavily overloaded in - # ironic. It's used as a default value for e.g. TFTP server IP, - # glance and neutron endpoints, virtual console IP. We override - # the TFTP server IP in ironic-conductor.yaml as it should not be - # the VIP, but rather a real IP of the controller. - - ironic::my_ip: {get_param: [EndpointMap, MysqlInternal, host]} - ironic::api::authtoken::password: {get_param: IronicPassword} + - ironic::api::authtoken::password: {get_param: IronicPassword} ironic::api::authtoken::project_name: 'service' ironic::api::authtoken::username: 'ironic' ironic::api::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } ironic::api::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} - ironic::api::host_ip: {get_input: ironic_api_network} + # NOTE: bind IP is found in Heat replacing the network name with the + # local node IP for the given network; replacement examples + # (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + ironic::api::host_ip: {get_param: [ServiceNetMap, IronicApiNetwork]} ironic::api::port: {get_param: [EndpointMap, IronicInternal, port]} # This is used to build links in responses ironic::api::public_endpoint: {get_param: [EndpointMap, IronicPublic, uri_no_suffix]} diff --git a/puppet/services/ironic-conductor.yaml b/puppet/services/ironic-conductor.yaml index 27479f79..4008f977 100644 --- a/puppet/services/ironic-conductor.yaml +++ b/puppet/services/ironic-conductor.yaml @@ -44,12 +44,23 @@ outputs: ironic::conductor::api_url: {get_param: [EndpointMap, IronicInternal, uri_no_suffix]} ironic::glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]} ironic::enabled_drivers: {get_param: IronicEnabledDrivers} - # Prevent tftp_server from defaulting to my_ip setting, which is - # controller VIP, not a real IP. - ironic::drivers::pxe::tftp_server: {get_input: ironic_api_network} + # NOTE: bind IP is found in Heat replacing the network name with the + # local node IP for the given network; replacement examples + # (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + ironic::drivers::pxe::tftp_server: {get_param: [ServiceNetMap, IronicNetwork]} tripleo.ironic_conductor.firewall_rules: '134 ironic conductor TFTP': dport: 69 proto: udp + # NOTE(dtantsur): the my_ip parameter is heavily overloaded in + # ironic. It's used as a default value for e.g. TFTP server IP, + # glance and neutron endpoints, virtual console IP. We override + # the TFTP server IP in ironic-conductor.yaml as it should not be + # the VIP, but rather a real IP of the host. + ironic::my_ip: {get_param: [ServiceNetMap, IronicNetwork]} + step_config: | include ::tripleo::profile::base::ironic::conductor |