From f139ff5be6eb7a84cd6cfd1a6a8764360e75eefc Mon Sep 17 00:00:00 2001
From: Tiago Gomes <tiago.gomes@codethink.co.uk>
Date: Wed, 1 Apr 2015 09:04:02 +0000
Subject: Openstack: Make Ironic configurable

This commit configures Ironic to integrate with Keystone, Neutron and
Glance.  Nova integration will be added in a following commit.

Change-Id: Id557e8e048b6051d764b4915192cfd55bfe68d32
---
 openstack/manifest                                 |   7 ++
 .../systemd/system/openstack-ironic-api.service    |  13 +++
 .../system/openstack-ironic-conductor.service      |  13 +++
 .../systemd/system/openstack-ironic-setup.service  |  10 ++
 openstack/usr/share/openstack/ironic.yml           | 104 +++++++++++++++++++++
 openstack/usr/share/openstack/ironic/ironic.conf   |  34 +++----
 6 files changed, 164 insertions(+), 17 deletions(-)
 create mode 100644 openstack/usr/lib/systemd/system/openstack-ironic-api.service
 create mode 100644 openstack/usr/lib/systemd/system/openstack-ironic-conductor.service
 create mode 100644 openstack/usr/lib/systemd/system/openstack-ironic-setup.service
 create mode 100644 openstack/usr/share/openstack/ironic.yml

(limited to 'openstack')

diff --git a/openstack/manifest b/openstack/manifest
index 2a973850..abdf10c8 100644
--- a/openstack/manifest
+++ b/openstack/manifest
@@ -27,6 +27,10 @@
 0100644 0 0 /usr/share/openstack/glance/glance-api-paste.ini
 0100644 0 0 /usr/share/openstack/glance/glance-registry-paste.ini
 0100644 0 0 /usr/share/openstack/horizon.yml
+0040755 0 0 /usr/share/openstack/ironic
+0100644 0 0 /usr/share/openstack/ironic.yml
+0100644 0 0 /usr/share/openstack/ironic/ironic.conf
+0100644 0 0 /usr/share/openstack/ironic/policy.json
 0100644 0 0 /usr/share/openstack/keystone.yml
 0040755 0 0 /usr/share/openstack/keystone
 0100644 0 0 /usr/share/openstack/keystone/logging.conf
@@ -126,6 +130,9 @@
 0100644 0 0 /usr/lib/systemd/system/openstack-glance-api.service
 0100644 0 0 /usr/lib/systemd/system/openstack-glance-registry.service
 0100644 0 0 /usr/lib/systemd/system/openstack-horizon-setup.service
+0100644 0 0 /usr/lib/systemd/system/openstack-ironic-setup.service
+0100644 0 0 /usr/lib/systemd/system/openstack-ironic-api.service
+0100644 0 0 /usr/lib/systemd/system/openstack-ironic-conductor.service
 0100644 0 0 /usr/lib/systemd/system/openstack-network-setup.service
 0100644 0 0 /usr/lib/systemd/system/openstack-neutron-config-setup.service
 0100644 0 0 /usr/lib/systemd/system/openstack-neutron-db-setup.service
diff --git a/openstack/usr/lib/systemd/system/openstack-ironic-api.service b/openstack/usr/lib/systemd/system/openstack-ironic-api.service
new file mode 100644
index 00000000..83d56787
--- /dev/null
+++ b/openstack/usr/lib/systemd/system/openstack-ironic-api.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=OpenStack Bare Metal Provisioning Service (code-named Ironic) API server
+After=syslog.target network-online.target
+Wants=network-online.target
+
+[Service]
+Type=simple
+User=ironic
+ExecStart=/usr/bin/ironic-api --config-file /etc/ironic/ironic.conf
+
+[Install]
+WantedBy=multi-user.target
+
diff --git a/openstack/usr/lib/systemd/system/openstack-ironic-conductor.service b/openstack/usr/lib/systemd/system/openstack-ironic-conductor.service
new file mode 100644
index 00000000..f276f6f0
--- /dev/null
+++ b/openstack/usr/lib/systemd/system/openstack-ironic-conductor.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=OpenStack Bare Metal Provisioning Service (code-named Ironic) Conductor server
+After=syslog.target network-online.target
+Wants=network-online.target
+
+[Service]
+Type=simple
+User=ironic
+ExecStart=/usr/bin/ironic-conductor --config-file /etc/ironic/ironic.conf
+
+[Install]
+WantedBy=multi-user.target
+
diff --git a/openstack/usr/lib/systemd/system/openstack-ironic-setup.service b/openstack/usr/lib/systemd/system/openstack-ironic-setup.service
new file mode 100644
index 00000000..443d2829
--- /dev/null
+++ b/openstack/usr/lib/systemd/system/openstack-ironic-setup.service
@@ -0,0 +1,10 @@
+[Unit]
+Description=Run ironic-setup Ansible scripts
+After=local-fs.target openstack-keystone-setup.service postgres-server.service
+
+[Service]
+ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/ironic.yml
+
+[Install]
+WantedBy=multi-user.target
+
diff --git a/openstack/usr/share/openstack/ironic.yml b/openstack/usr/share/openstack/ironic.yml
new file mode 100644
index 00000000..db0a8aa8
--- /dev/null
+++ b/openstack/usr/share/openstack/ironic.yml
@@ -0,0 +1,104 @@
+---
+- hosts: localhost
+  vars_files:
+  - "/etc/openstack/ironic.conf"
+  tasks:
+  - name: Create the ironic user
+    user:
+        name: ironic
+        comment: Openstack Ironic Daemons
+        shell: /sbin/nologin
+        home: /var/lib/ironic
+
+  - name: Create the /var folders for Ironic
+    file:
+        path: "{{ item }}"
+        state: directory
+        owner: ironic
+        group: ironic
+    with_items:
+    - /var/run/ironic
+    - /var/lock/ironic
+    - /var/log/ironic
+    - /var/lib/ironic
+
+  - file: path=/etc/ironic state=directory
+  - name: Add the configuration needed for ironic in /etc/ironic using templates
+    template:
+        src: /usr/share/openstack/ironic/{{ item }}
+        dest: /etc/ironic/{{ item }}
+    with_lines:
+    - cd /usr/share/openstack/ironic && find -type f
+
+  - name: Create Ironic service user in service tenant
+    keystone_user:
+        user: "{{ IRONIC_SERVICE_USER }}"
+        password: "{{ IRONIC_SERVICE_PASSWORD }}"
+        tenant: service
+        token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}"
+
+  - name: Assign admin role to Ironic service user in the service tenant
+    keystone_user:
+        role: admin
+        user: "{{ IRONIC_SERVICE_USER }}"
+        tenant: service
+        token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}"
+
+  - name: Add Ironic endpoint
+    keystone_service:
+        name: ironic
+        type: baremetal
+        description: Openstack Ironic Service
+        publicurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:6385'
+        internalurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:6385'
+        adminurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:6385'
+        region: 'regionOne'
+        token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}"
+
+  - name: Create postgresql user for Ironic
+    postgresql_user:
+        name: "{{ IRONIC_DB_USER }}"
+        login_host: "{{ CONTROLLER_HOST_ADDRESS }}"
+        password: "{{ IRONIC_DB_PASSWORD }}"
+    sudo: yes
+    sudo_user: ironic
+
+  - name: Create database for Ironic services
+    postgresql_db:
+        name: ironic
+        owner: "{{ IRONIC_DB_USER }}"
+        login_host: "{{ CONTROLLER_HOST_ADDRESS }}"
+    sudo: yes
+    sudo_user: ironic
+
+  - name: Initiate Ironic database
+    # Use 'upgrade' instead of 'create_schema' to make the operation
+    # idempotent
+    shell: |
+           ironic-dbsync \
+               --config-file /etc/ironic/ironic.conf upgrade
+    sudo: yes
+    sudo_user: ironic
+
+  - name: Enable and start openstack-ironic services
+    service:
+        name: "{{ item }}"
+        enabled: yes
+        state: started
+    with_items:
+    - openstack-ironic-conductor.service
+    - openstack-ironic-api.service
+
+  - name: Set owner and group for the tftp root directory
+    file:
+        path: "/srv/tftp_root/"
+        state: directory
+        owner: ironic
+        group: ironic
+        recurse: yes
+
+  - name: Enable and start tftp-hpa
+    service:
+        name: tftp-hpa.socket
+        enabled: yes
+        state: started
diff --git a/openstack/usr/share/openstack/ironic/ironic.conf b/openstack/usr/share/openstack/ironic/ironic.conf
index 9aaae0e6..6888ede6 100644
--- a/openstack/usr/share/openstack/ironic/ironic.conf
+++ b/openstack/usr/share/openstack/ironic/ironic.conf
@@ -76,11 +76,11 @@
 
 # The RabbitMQ broker address where a single node is used.
 # (string value)
-#rabbit_host=localhost
+rabbit_host={{ RABBITMQ_HOST }}
 
 # The RabbitMQ broker port where a single node is used.
 # (integer value)
-#rabbit_port=5672
+rabbit_port={{ RABBITMQ_PORT }}
 
 # RabbitMQ HA cluster host:port pairs. (list value)
 #rabbit_hosts=$rabbit_host:$rabbit_port
@@ -89,10 +89,10 @@
 #rabbit_use_ssl=false
 
 # The RabbitMQ userid. (string value)
-#rabbit_userid=guest
+rabbit_userid={{ RABBITMQ_USER }}
 
 # The RabbitMQ password. (string value)
-#rabbit_password=guest
+rabbit_password={{ RABBITMQ_PASSWORD }}
 
 # the RabbitMQ login method (string value)
 #rabbit_login_method=AMQPLAIN
@@ -190,7 +190,7 @@
 #
 
 # IP address of this host. (string value)
-#my_ip=10.0.0.1
+my_ip={{ MANAGEMENT_INTERFACE_IP_ADDRESS }}
 
 # Use IPv6. (boolean value)
 #use_ipv6=false
@@ -217,7 +217,7 @@
 # present on your system may be found by enumerating the
 # "ironic.drivers" entrypoint. An example may be found in the
 # developer documentation online. (list value)
-#enabled_drivers=pxe_ipmitool
+enabled_drivers=pxe_ipmitool,pxe_ssh
 
 
 #
@@ -520,7 +520,7 @@
 # URL of Ironic API service. If not set ironic can get the
 # current value from the keystone service catalog. (string
 # value)
-#api_url=<None>
+api_url=http://{{ MANAGEMENT_INTERFACE_IP_ADDRESS }}:6385
 
 # Seconds between conductor heart beats. (integer value)
 #heartbeat_interval=10
@@ -635,7 +635,7 @@
 # Deprecated group/name - [DEFAULT]/sql_connection
 # Deprecated group/name - [DATABASE]/sql_connection
 # Deprecated group/name - [sql]/connection
-#connection=<None>
+connection=postgresql://{{ IRONIC_DB_USER}}:{{ IRONIC_DB_PASSWORD }}@{{ CONTROLLER_HOST_ADDRESS }}/ironic
 
 # The SQLAlchemy connection string to use to connect to the
 # slave database. (string value)
@@ -817,7 +817,7 @@
 #
 
 # Default glance hostname or IP address. (string value)
-#glance_host=$my_ip
+glance_host={{ CONTROLLER_HOST_ADDRESS }}
 
 # Default glance port. (integer value)
 #glance_port=9292
@@ -917,12 +917,12 @@
 #auth_protocol=https
 
 # Complete public Identity API endpoint (string value)
-#auth_uri=<None>
+auth_uri=http://{{ CONTROLLER_HOST_ADDRESS }}:5000/v2.0
 
 # Complete admin Identity API endpoint. This should specify
 # the unversioned root endpoint e.g. https://localhost:35357/
 # (string value)
-#identity_uri=<None>
+identity_uri = http://{{ CONTROLLER_HOST_ADDRESS }}:35357
 
 # API version of the admin Identity API endpoint (string
 # value)
@@ -950,14 +950,14 @@
 #admin_token=<None>
 
 # Keystone account username (string value)
-#admin_user=<None>
+admin_user={{ IRONIC_SERVICE_USER }}
 
 # Keystone account password (string value)
-#admin_password=<None>
+admin_password={{ IRONIC_SERVICE_PASSWORD }}
 
 # Keystone service account tenant name to validate user tokens
 # (string value)
-#admin_tenant_name=admin
+admin_tenant_name=service
 
 # Env key for the swift cache (string value)
 #cache=<None>
@@ -1109,7 +1109,7 @@
 #
 
 # URL for connecting to neutron. (string value)
-#url=http://$my_ip:9696
+url=http://{{ CONTROLLER_HOST_ADDRESS }}:9696
 
 # Timeout value for connecting to neutron in seconds. (integer
 # value)
@@ -1173,11 +1173,11 @@
 #tftp_server=$my_ip
 
 # Ironic compute node's tftp root path. (string value)
-#tftp_root=/tftpboot
+tftp_root=/srv/tftp_root/
 
 # Directory where master tftp images are stored on disk.
 # (string value)
-#tftp_master_path=/tftpboot/master_images
+tftp_master_path=/srv/tftp_root/master_images
 
 # Bootfile DHCP parameter. (string value)
 #pxe_bootfile_name=pxelinux.0
-- 
cgit v1.2.1