Basic support for deploying Ironic in overcloud

Note that this change is not enough yet to deploy bare metal instances,
it only deploys Ironic services themselves and makes sure they work.

Also it does not support HA for now.

Co-Authored-By: Dmitry Tantsur <dtansur@redhat.com>
Partially-implements: blueprint ironic-integration
Change-Id: I541be905022264e2d4828e7c46338f2e300df540

diff --git a/environments/enable-tls.yaml b/environments/enable-tls.yaml
index b4c3f08..71b2c71 100644 (file)
--- a/environments/enable-tls.yaml
+++ b/environments/enable-tls.yaml
@@ -28,6 +28,9 @@ parameter_defaults:
     HeatCfnInternal: {protocol: 'http', port: '8000', host: 'IP_ADDRESS'}
     HeatCfnPublic: {protocol: 'https', port: '13005', host: 'CLOUDNAME'}
     HorizonPublic: {protocol: 'https', port: '443', host: 'CLOUDNAME'}
+    IronicAdmin: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'}
+    IronicInternal: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'}
+    IronicPublic: {protocol: 'https', port: '13385', host: 'CLOUDNAME'}
     KeystoneAdmin: {protocol: 'http', port: '35357', host: 'IP_ADDRESS'}
     KeystoneInternal: {protocol: 'http', port: '5000', host: 'IP_ADDRESS'}
     KeystonePublic: {protocol: 'https', port: '13000', host: 'CLOUDNAME'}

diff --git a/network/endpoints/endpoint_data.yaml b/network/endpoints/endpoint_data.yaml
index c76e136..53b474d 100644 (file)
--- a/network/endpoints/endpoint_data.yaml
+++ b/network/endpoints/endpoint_data.yaml
@@ -192,3 +192,18 @@ Sahara:
         uri_suffixes:
             '': /v1.1/%(tenant_id)s
     port: 8386
+
+Ironic:
+    Internal:
+        vip_param: IronicApi
+        uri_suffixes:
+            '': /v1
+    Public:
+        vip_param: Public
+        uri_suffixes:
+            '': /v1
+    Admin:
+        vip_param: IronicApi
+        uri_suffixes:
+            '': /v1
+    port: 6385

diff --git a/network/endpoints/endpoint_map.yaml b/network/endpoints/endpoint_map.yaml
index fbfa0a1..51ff375 100644 (file)
--- a/network/endpoints/endpoint_map.yaml
+++ b/network/endpoints/endpoint_map.yaml
@@ -15,6 +15,7 @@ parameters:
   GlanceRegistryVirtualIP: {type: string, default: ''}
   GnocchiApiVirtualIP: {type: string, default: ''}
   HeatApiVirtualIP: {type: string, default: ''}
+  IronicApiVirtualIP: {type: string, default: ''}
   KeystoneAdminApiVirtualIP: {type: string, default: ''}
   KeystonePublicApiVirtualIP: {type: string, default: ''}
   MysqlVirtualIP: {type: string, default: ''}
@@ -49,6 +50,9 @@ parameters:
       HeatCfnInternal: {protocol: http, port: '8000', host: IP_ADDRESS}
       HeatCfnPublic: {protocol: http, port: '8000', host: IP_ADDRESS}
       HorizonPublic: {protocol: http, port: '80', host: IP_ADDRESS}
+      IronicAdmin: {protocol: http, port: '6385', host: IP_ADDRESS}
+      IronicInternal: {protocol: http, port: '6385', host: IP_ADDRESS}
+      IronicPublic: {protocol: http, port: '6385', host: IP_ADDRESS}
       KeystoneAdmin: {protocol: http, port: '35357', host: IP_ADDRESS}
       KeystoneInternal: {protocol: http, port: '5000', host: IP_ADDRESS}
       KeystonePublic: {protocol: http, port: '5000', host: IP_ADDRESS}
@@ -1076,6 +1080,123 @@ outputs:
                   IP_ADDRESS: {get_param: PublicVirtualIP}
             - ':'
             - get_param: [EndpointMap, HorizonPublic, port]
+      IronicAdmin:
+        host:
+          str_replace:
+            template:
+              get_param: [EndpointMap, IronicAdmin, host]
+            params:
+              CLOUDNAME: {get_param: CloudName}
+              IP_ADDRESS: {get_param: IronicApiVirtualIP}
+        port:
+          get_param: [EndpointMap, IronicAdmin, port]
+        protocol:
+          get_param: [EndpointMap, IronicAdmin, protocol]
+        uri:
+          list_join:
+          - ''
+          - - get_param: [EndpointMap, IronicAdmin, protocol]
+            - ://
+            - str_replace:
+                template:
+                  get_param: [EndpointMap, IronicAdmin, host]
+                params:
+                  CLOUDNAME: {get_param: CloudName}
+                  IP_ADDRESS: {get_param: IronicApiVirtualIP}
+            - ':'
+            - get_param: [EndpointMap, IronicAdmin, port]
+            - /v1
+        uri_no_suffix:
+          list_join:
+          - ''
+          - - get_param: [EndpointMap, IronicAdmin, protocol]
+            - ://
+            - str_replace:
+                template:
+                  get_param: [EndpointMap, IronicAdmin, host]
+                params:
+                  CLOUDNAME: {get_param: CloudName}
+                  IP_ADDRESS: {get_param: IronicApiVirtualIP}
+            - ':'
+            - get_param: [EndpointMap, IronicAdmin, port]
+      IronicInternal:
+        host:
+          str_replace:
+            template:
+              get_param: [EndpointMap, IronicInternal, host]
+            params:
+              CLOUDNAME: {get_param: CloudName}
+              IP_ADDRESS: {get_param: IronicApiVirtualIP}
+        port:
+          get_param: [EndpointMap, IronicInternal, port]
+        protocol:
+          get_param: [EndpointMap, IronicInternal, protocol]
+        uri:
+          list_join:
+          - ''
+          - - get_param: [EndpointMap, IronicInternal, protocol]
+            - ://
+            - str_replace:
+                template:
+                  get_param: [EndpointMap, IronicInternal, host]
+                params:
+                  CLOUDNAME: {get_param: CloudName}
+                  IP_ADDRESS: {get_param: IronicApiVirtualIP}
+            - ':'
+            - get_param: [EndpointMap, IronicInternal, port]
+            - /v1
+        uri_no_suffix:
+          list_join:
+          - ''
+          - - get_param: [EndpointMap, IronicInternal, protocol]
+            - ://
+            - str_replace:
+                template:
+                  get_param: [EndpointMap, IronicInternal, host]
+                params:
+                  CLOUDNAME: {get_param: CloudName}
+                  IP_ADDRESS: {get_param: IronicApiVirtualIP}
+            - ':'
+            - get_param: [EndpointMap, IronicInternal, port]
+      IronicPublic:
+        host:
+          str_replace:
+            template:
+              get_param: [EndpointMap, IronicPublic, host]
+            params:
+              CLOUDNAME: {get_param: CloudName}
+              IP_ADDRESS: {get_param: PublicVirtualIP}
+        port:
+          get_param: [EndpointMap, IronicPublic, port]
+        protocol:
+          get_param: [EndpointMap, IronicPublic, protocol]
+        uri:
+          list_join:
+          - ''
+          - - get_param: [EndpointMap, IronicPublic, protocol]
+            - ://
+            - str_replace:
+                template:
+                  get_param: [EndpointMap, IronicPublic, host]
+                params:
+                  CLOUDNAME: {get_param: CloudName}
+                  IP_ADDRESS: {get_param: PublicVirtualIP}
+            - ':'
+            - get_param: [EndpointMap, IronicPublic, port]
+            - /v1
+        uri_no_suffix:
+          list_join:
+          - ''
+          - - get_param: [EndpointMap, IronicPublic, protocol]
+            - ://
+            - str_replace:
+                template:
+                  get_param: [EndpointMap, IronicPublic, host]
+                params:
+                  CLOUDNAME: {get_param: CloudName}
+                  IP_ADDRESS: {get_param: PublicVirtualIP}
+            - ':'
+            - get_param: [EndpointMap, IronicPublic, port]
       KeystoneAdmin:
         host:
           str_replace:

diff --git a/overcloud-resource-registry-puppet.yaml b/overcloud-resource-registry-puppet.yaml
index 3abd1c6..5e57729 100644 (file)
--- a/overcloud-resource-registry-puppet.yaml
+++ b/overcloud-resource-registry-puppet.yaml
@@ -132,6 +132,8 @@ resource_registry:
   OS::TripleO::Services::HeatApiCfn: puppet/services/heat-api-cfn.yaml
   OS::TripleO::Services::HeatApiCloudwatch: puppet/services/heat-api-cloudwatch.yaml
   OS::TripleO::Services::HeatEngine: puppet/services/heat-engine.yaml
+  OS::TripleO::Services::IronicApi: puppet/services/ironic-api.yaml
+  OS::TripleO::Services::IronicConductor: puppet/services/ironic-conductor.yaml
   OS::TripleO::Services::NeutronDhcpAgent: puppet/services/neutron-dhcp.yaml
   OS::TripleO::Services::NeutronL3Agent: puppet/services/neutron-l3.yaml
   OS::TripleO::Services::NeutronMetadataAgent: puppet/services/neutron-metadata.yaml

diff --git a/overcloud.yaml b/overcloud.yaml
index 5f0ad7d..6235626 100644 (file)
--- a/overcloud.yaml
+++ b/overcloud.yaml
@@ -538,6 +538,7 @@ parameters:
       CinderIscsiNetwork: storage
       GlanceApiNetwork: storage
       GlanceRegistryNetwork: internal_api
+      IronicApiNetwork: internal_api
       KeystoneAdminApiNetwork: ctlplane # allows undercloud to config endpoints
       KeystonePublicApiNetwork: internal_api
       NeutronApiNetwork: internal_api
@@ -795,6 +796,7 @@ resources:
       GlanceRegistryVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
       GnocchiApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, GnocchiApiNetwork]}]}
       HeatApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
+      IronicApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]}
       KeystoneAdminApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
       KeystonePublicApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
       MysqlVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
@@ -1151,6 +1153,7 @@ resources:
       keystone_public_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
       keystone_admin_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
       sahara_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
+      ironic_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]}
       DeployIdentifier: {get_param: DeployIdentifier}
       UpdateIdentifier: {get_param: UpdateIdentifier}
 
@@ -1274,6 +1277,7 @@ resources:
         public_virtual_ip: {get_attr: [VipMap, net_ip_map, external]}
         internal_api_virtual_ip: {get_attr: [VipMap, net_ip_map, internal_api]}
         sahara_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
+        ironic_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]}
         storage_virtual_ip: {get_attr: [VipMap, net_ip_map, storage]}
         storage_mgmt_virtual_ip: {get_attr: [VipMap, net_ip_map, storage_mgmt]}
 
@@ -1545,6 +1549,9 @@ outputs:
   HeatInternalVip:
     description: VIP for Heat API internal endpoint
     value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
+  IronicInternalVip:
+    description: VIP for Ironic API internal endpoint
+    value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]}
   KeystoneInternalVip:
     description: VIP for Keystone API internal endpoint
     value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}

diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml
index b065ddd..a53d898 100644 (file)
--- a/puppet/all-nodes-config.yaml
+++ b/puppet/all-nodes-config.yaml
@@ -56,6 +56,8 @@ parameters:
     type: comma_delimited_list
   sahara_api_node_ips:
     type: comma_delimited_list
+  ironic_api_node_ips:
+    type: comma_delimited_list
 
   DeployIdentifier:
     type: string
@@ -294,6 +296,14 @@ resources:
                         list_join:
                         - "','"
                         - {get_param: sahara_api_node_ips}
+                ironic_api_node_ips:
+                  str_replace:
+                    template: "['SERVERS_LIST']"
+                    params:
+                      SERVERS_LIST:
+                        list_join:
+                        - "','"
+                        - {get_param: ironic_api_node_ips}
 
                 # NOTE(gfidente): interpolation with %{} in the
                 # hieradata file can't be used as it returns string
@@ -306,6 +316,7 @@ resources:
                 nova::rabbit_hosts: *rabbit_nodes_array
                 keystone::rabbit_hosts: *rabbit_nodes_array
                 sahara::rabbit_hosts: *rabbit_nodes_array
+                ironic::rabbit_hosts: *rabbit_nodes_array
 
                 deploy_identifier: {get_param: DeployIdentifier}
                 update_identifier: {get_param: UpdateIdentifier}

diff --git a/puppet/controller.yaml b/puppet/controller.yaml
index 7ccd7e7..6e8df93 100644 (file)
--- a/puppet/controller.yaml
+++ b/puppet/controller.yaml
@@ -793,6 +793,7 @@ resources:
         ceph_cluster_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
         ceph_public_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
         ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
+        ironic_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]}
 
   # Map heat metadata into hiera datafiles
   ControllerConfig:

diff --git a/puppet/hieradata/database.yaml b/puppet/hieradata/database.yaml
index 4eb199c..19f1bff 100644 (file)
--- a/puppet/hieradata/database.yaml
+++ b/puppet/hieradata/database.yaml
@@ -53,6 +53,14 @@ heat::db::mysql::allowed_hosts:
   - '%'
   - "%{hiera('mysql_bind_host')}"
 
+# Ironic
+ironic::db::mysql::user: ironic
+ironic::db::mysql::host: "%{hiera('mysql_virtual_ip')}"
+ironic::db::mysql::dbname: ironic
+ironic::db::mysql::allowed_hosts:
+  - '%'
+  - "%{hiera('mysql_bind_host')}"
+
 # Ceilometer
 ceilometer::db::mysql::user: ceilometer
 ceilometer::db::mysql::host: "%{hiera('mysql_virtual_ip')}"

diff --git a/puppet/services/ironic-api.yaml b/puppet/services/ironic-api.yaml
new file mode 100644 (file)
index 0000000..e1626d5
--- /dev/null
+++ b/puppet/services/ironic-api.yaml
@@ -0,0 +1,43 @@
+heat_template_version: 2016-04-08
+
+description: >
+  OpenStack Ironic API configured with Puppet
+
+parameters:
+  EndpointMap:
+    default: {}
+    description: Mapping of service endpoint -> protocol. Typically set
+                 via parameter_defaults in the resource registry.
+    type: json
+  IronicPassword:
+    description: The password for the Ironic service and db account, used by the Ironic services
+    type: string
+    hidden: true
+
+resources:
+  IronicBase:
+    type: ./ironic-base.yaml
+    properties:
+      EndpointMap: {get_param: EndpointMap}
+
+outputs:
+  role_data:
+    description: Role data for the Ironic API role.
+    value:
+      config_settings:
+        map_merge:
+          - get_attr: [IronicBase, role_data, config_settings]
+          # NOTE(dtantsur): the my_ip parameter is heavily overloaded in
+          # ironic. It's used as a default value for e.g. TFTP server IP,
+          # glance and neutron endpoints, virtual console IP. We override
+          # the TFTP server IP in ironic-conductor.yaml as it should not be
+          # the VIP, but rather a real IP of the controller.
+          - ironic::my_ip: {get_param: [EndpointMap, MysqlInternal, host]}
+            ironic::api::admin_password: {get_param: IronicPassword}
+            ironic::keystone::auth::public_url: {get_param: [EndpointMap, IronicPublic, uri]}
+            ironic::keystone::auth::internal_url: {get_param: [EndpointMap, IronicInternal, uri]}
+            ironic::keystone::auth::admin_url: {get_param: [EndpointMap, IronicAdmin, uri]}
+            ironic::keystone::auth::password: {get_param: IronicPassword }
+
+      step_config: |
+        include ::tripleo::profile::base::ironic::api

diff --git a/puppet/services/ironic-base.yaml b/puppet/services/ironic-base.yaml
new file mode 100644 (file)
index 0000000..0eaa53c
--- /dev/null
+++ b/puppet/services/ironic-base.yaml
@@ -0,0 +1,64 @@
+heat_template_version: 2016-04-08
+
+description: >
+  OpenStack Ironic services configured with Puppet
+
+parameters:
+  EndpointMap:
+    default: {}
+    description: Mapping of service endpoint -> protocol. Typically set
+                 via parameter_defaults in the resource registry.
+    type: json
+  Debug:
+    default: ''
+    description: Set to True to enable debugging on all services.
+    type: string
+  IronicPassword:
+    description: The password for the Ironic service and db account, used by the Ironic services
+    type: string
+    hidden: true
+  RabbitUserName:
+    default: guest
+    description: The username for RabbitMQ
+    type: string
+  RabbitPassword:
+    description: The password for RabbitMQ
+    type: string
+    hidden: true
+  RabbitClientPort:
+    default: 5672
+    description: Set rabbit subscriber port, change this if using SSL
+    type: number
+  RabbitClientUseSSL:
+    default: false
+    description: >
+        Rabbit client subscriber parameter to specify
+        an SSL connection to the RabbitMQ host.
+    type: string
+
+outputs:
+  role_data:
+    description: Role data for the Ironic role.
+    value:
+      config_settings:
+        ironic_dsn: &ironic_dsn
+          list_join:
+            - ''
+            - - {get_param: [EndpointMap, MysqlInternal, protocol]}
+              - '://ironic:'
+              - {get_param: IronicPassword}
+              - '@'
+              - {get_param: [EndpointMap, MysqlInternal, host]}
+              - '/ironic'
+        ironic::admin_tenant_name: 'service'
+        ironic::database_connection: *ironic_dsn
+        ironic::debug: {get_param: Debug}
+        ironic::rabbit_userid: {get_param: RabbitUserName}
+        ironic::rabbit_password: {get_param: RabbitPassword}
+        ironic::rabbit_port: {get_param: RabbitClientPort}
+        ironic::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
+        ironic::db::mysql::password: {get_param: IronicPassword}
+        ironic::keystone::auth::tenant: 'service'
+
+      step_config: |
+        include ::tripleo::profile::base::ironic

diff --git a/puppet/services/ironic-conductor.yaml b/puppet/services/ironic-conductor.yaml
new file mode 100644 (file)
index 0000000..3fb3d9f
--- /dev/null
+++ b/puppet/services/ironic-conductor.yaml
@@ -0,0 +1,36 @@
+heat_template_version: 2016-04-08
+
+description: >
+  OpenStack Ironic conductor configured with Puppet
+
+parameters:
+  EndpointMap:
+    default: {}
+    description: Mapping of service endpoint -> protocol. Typically set
+                 via parameter_defaults in the resource registry.
+    type: json
+  IronicEnabledDrivers:
+    default: ['pxe_ipmitool', 'agent_ipmitool']
+    description: Enabled Ironic drivers
+    type: comma_delimited_list
+
+resources:
+  IronicBase:
+    type: ./ironic-base.yaml
+    properties:
+      EndpointMap: {get_param: EndpointMap}
+
+outputs:
+  role_data:
+    description: Role data for the Ironic conductor role.
+    value:
+      config_settings:
+        map_merge:
+          - get_attr: [IronicBase, role_data, config_settings]
+          - ironic::enabled_drivers: {get_param: IronicEnabledDrivers}
+            # Prevent tftp_server from defaulting to my_ip setting, which is
+            # controller VIP, not a real IP.
+            ironic::drivers::pxe::tftp_server: {get_input: ironic_api_network}
+
+      step_config: |
+        include ::tripleo::profile::base::ironic::conductor

diff --git a/puppet/vip-config.yaml b/puppet/vip-config.yaml
index 92234b6..5112905 100644 (file)
--- a/puppet/vip-config.yaml
+++ b/puppet/vip-config.yaml
@@ -37,6 +37,7 @@ resources:
                 internal_api_virtual_ip: {get_input: internal_api_virtual_ip}
                 storage_virtual_ip: {get_input: storage_virtual_ip}
                 storage_mgmt_virtual_ip: {get_input: storage_mgmt_virtual_ip}
+                ironic_api_vip: {get_input: ironic_api_vip}
                 # public_virtual_ip and controller_virtual_ip are needed in
                 # both HAproxy & keepalived.
                 tripleo::haproxy::public_virtual_ip: {get_input: public_virtual_ip}