1 heat_template_version: ocata
4 OpenStack Ironic conductor configured with Puppet
9 description: Mapping of service_name -> network name. Typically set
10 via parameter_defaults in the resource registry. This
11 mapping overrides those in ServiceNetMapDefaults.
18 description: Role name on which the service is applied
22 description: Parameters specific to the role
26 description: Mapping of service endpoint -> protocol. Typically set
27 via parameter_defaults in the resource registry.
29 IronicCleaningDiskErase:
31 description: Type of disk cleaning before and between deployments,
32 "full" for full cleaning, "metadata" to clean only disk
33 metadata (partition table).
35 IronicCleaningNetwork:
36 default: 'provisioning'
37 description: Name or UUID of the *overcloud* network used for cleaning
38 bare metal nodes. The default value of "provisioning" can be
39 left during the initial deployment (when no networks are
40 created yet) and should be changed to an actual UUID in
41 a post-deployment stack update.
43 IronicDefaultBootOption:
45 description: How to boot the bare metal instances. Set to 'local' (the
46 default) to use local bootloader (requires grub2 for partition
47 images). Set to 'netboot' to make the instances boot from
48 controllers using PXE/iPXE.
50 IronicDefaultNetworkInterface:
52 description: Network interface implementation to use by default.
53 Set to "flat" (the default) to use one flat provider network.
54 Set to "neutron" to make Ironic interact with the Neutron
55 ML2 driver to enable other network types and certain
56 advances networking features. Requires
57 IronicProvisioningNetwork to be correctly set.
60 default: ['pxe_ipmitool', 'pxe_drac', 'pxe_ilo']
61 description: Enabled Ironic drivers
62 type: comma_delimited_list
63 IronicEnabledHardwareTypes:
65 description: Enabled Ironic hardware types
66 type: comma_delimited_list
69 description: Whether to use iPXE instead of PXE for deployment.
73 description: Port to use for serving images when iPXE is used.
76 description: The password for the Ironic service and db account, used by the Ironic services
79 IronicProvisioningNetwork:
80 default: 'provisioning'
81 description: Name or UUID of the *overcloud* network used for provisioning
82 of bare metal nodes, if IronicDefaultNetworkInterface is
83 set to "neutron". The default value of "provisioning" can be
84 left during the initial deployment (when no networks are
85 created yet) and should be changed to an actual UUID in
86 a post-deployment stack update.
88 MonitoringSubscriptionIronicConductor:
89 default: 'overcloud-ironic-conductor'
94 type: ./ironic-base.yaml
96 ServiceNetMap: {get_param: ServiceNetMap}
97 DefaultPasswords: {get_param: DefaultPasswords}
98 EndpointMap: {get_param: EndpointMap}
99 RoleName: {get_param: RoleName}
100 RoleParameters: {get_param: RoleParameters}
104 description: Role data for the Ironic conductor role.
106 service_name: ironic_conductor
107 monitoring_subscription: {get_param: MonitoringSubscriptionIronicConductor}
110 - get_attr: [IronicBase, role_data, config_settings]
111 - ironic::conductor::api_url: {get_param: [EndpointMap, IronicInternal, uri_no_suffix]}
112 ironic::conductor::cleaning_disk_erase: {get_param: IronicCleaningDiskErase}
113 ironic::conductor::cleaning_network: {get_param: IronicCleaningNetwork}
114 ironic::conductor::provisioning_network: {get_param: IronicProvisioningNetwork}
115 ironic::conductor::default_boot_option: {get_param: IronicDefaultBootOption}
116 ironic::conductor::enabled_drivers: {get_param: IronicEnabledDrivers}
117 ironic::conductor::enabled_hardware_types: {get_param: IronicEnabledHardwareTypes}
118 # We need an endpoint containing a real IP, not a VIP here
119 ironic_conductor_http_host: {get_param: [ServiceNetMap, IronicNetwork]}
120 ironic::conductor::http_url:
124 - "%{hiera('ironic_conductor_http_host')}:"
125 - {get_param: IronicIPXEPort}
126 ironic::drivers::pxe::ipxe_enabled: {get_param: IronicIPXEEnabled}
127 ironic::glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]}
128 # NOTE: bind IP is found in Heat replacing the network name with the
129 # local node IP for the given network; replacement examples
130 # (eg. for internal_api):
132 # internal_api_uri -> [IP]
133 # internal_api_subnet - > IP/CIDR
134 ironic::drivers::pxe::tftp_server: {get_param: [ServiceNetMap, IronicNetwork]}
135 # NOTE(dtantsur): UEFI only works with iPXE currently for us
136 ironic::drivers::pxe::uefi_pxe_config_template: '$pybasedir/drivers/modules/ipxe_config.template'
137 ironic::drivers::pxe::uefi_pxe_bootfile_name: 'ipxe.efi'
138 ironic::drivers::interfaces::enabled_console_interfaces: ['ipmitool-socat', 'no-console']
139 ironic::drivers::interfaces::enabled_network_interfaces: ['flat', 'neutron']
140 ironic::drivers::interfaces::default_network_interface: {get_param: IronicDefaultNetworkInterface}
141 tripleo.ironic_conductor.firewall_rules:
142 '134 ironic conductor TFTP':
145 '135 ironic conductor HTTP':
146 dport: {get_param: IronicIPXEPort}
147 # NOTE(dtantsur): the my_ip parameter is heavily overloaded in
148 # ironic. It's used as a default value for e.g. TFTP server IP,
149 # glance and neutron endpoints, virtual console IP. We override
150 # the TFTP server IP in ironic-conductor.yaml as it should not be
151 # the VIP, but rather a real IP of the host.
152 ironic::my_ip: {get_param: [ServiceNetMap, IronicNetwork]}
153 ironic::pxe::common::http_port: {get_param: IronicIPXEPort}
154 # Credentials to access other services
155 ironic::glance::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
156 ironic::glance::username: 'ironic'
157 ironic::glance::password: {get_param: IronicPassword}
158 ironic::glance::project_name: 'service'
159 ironic::glance::user_domain_name: 'Default'
160 ironic::glance::project_domain_name: 'Default'
161 ironic::neutron::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
162 ironic::neutron::username: 'ironic'
163 ironic::neutron::password: {get_param: IronicPassword}
164 ironic::neutron::project_name: 'service'
165 ironic::neutron::user_domain_name: 'Default'
166 ironic::neutron::project_domain_name: 'Default'
167 ironic::service_catalog::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
168 ironic::service_catalog::username: 'ironic'
169 ironic::service_catalog::password: {get_param: IronicPassword}
170 ironic::service_catalog::project_name: 'service'
171 ironic::service_catalog::user_domain_name: 'Default'
172 ironic::service_catalog::project_domain_name: 'Default'
173 ironic::swift::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
174 ironic::swift::username: 'ironic'
175 ironic::swift::password: {get_param: IronicPassword}
176 ironic::swift::project_name: 'service'
177 ironic::swift::user_domain_name: 'Default'
178 ironic::swift::project_domain_name: 'Default'
179 # ironic-inspector support is not implemented, but let's configure
180 # the credentials for consistency.
181 ironic::drivers::inspector::enabled: false
182 ironic::drivers::inspector::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
183 ironic::drivers::inspector::username: 'ironic'
184 ironic::drivers::inspector::password: {get_param: IronicPassword}
185 ironic::drivers::inspector::project_name: 'service'
186 ironic::drivers::inspector::user_domain_name: 'Default'
187 ironic::drivers::inspector::project_domain_name: 'Default'
189 include ::tripleo::profile::base::ironic::conductor
191 - name: Stop ironic_conductor service
193 service: name=openstack-ironic-conductor state=stopped
Code Review / apex-tripleo-heat-templates.git / blob