From 036d11fd7449791dff5a29431f85a176b6fbdf43 Mon Sep 17 00:00:00 2001
From: Julia Kreger <juliaashleykreger@gmail.com>
Date: Wed, 25 Feb 2015 09:54:13 -0500
Subject: [PATCH] Numerous fixes and dedicated RabbitMQ user

Added a dedicated user in RabbitMQ while removing the standard guest
account.  Additionally cleaned up ironic.conf, and setup_env such
that a user can now query ironic.
---
 step1/env-setup.sh             |  2 ++
 step1/install.yaml             | 33 +++++++++++++++++++++++++++++++++
 step1/templates/ironic.conf.j2 | 10 +++++-----
 3 files changed, 40 insertions(+), 5 deletions(-)

diff --git a/step1/env-setup.sh b/step1/env-setup.sh
index d39cfe713..d8b4a1125 100644
--- a/step1/env-setup.sh
+++ b/step1/env-setup.sh
@@ -11,3 +11,5 @@ else
 fi
 echo
 echo "source /opt/stack/ansible/hacking/env-setup to proceed"
+export IRONIC_URL=http://localhost:6385/
+export OS_AUTH_TOJEN=' '
diff --git a/step1/install.yaml b/step1/install.yaml
index 75e3b1aae..96494d385 100644
--- a/step1/install.yaml
+++ b/step1/install.yaml
@@ -29,8 +29,10 @@
         - syslinux
         - xinetd
         - parted
+        - ipmitool
         - psmisc
         - nginx
+        - wget
     - name: "Ensuring /opt/stack is present"
       local_action: file name=/opt/stack state=directory owner=root group=root
     - name: "Downloading ironic"
@@ -41,6 +43,18 @@
       local_action: service name=mysql state=started
     - name: "Starting rabbitmq-server"
       local_action: service name=rabbitmq-server state=started
+    - name: "RabbitMQ - Testing if hostname is defined firsts in /etc/hosts"
+      local_action: command grep -i "127.0.0.1*.{{ ansible_hostname }}\ localhost" /etc/hosts
+      ignore_errors: yes
+      register: test_grep_fix_hostname
+    - name: "RabbitMQ - Fixing /etc/hosts"
+      local_action: command sed -i 's/localhost/{{ ansible_hostname }} localhost/' /etc/hosts
+      when: test_grep_fix_hostname.rc != 0
+    - name: "Ensuring guest user is removed from rabbitmq"
+      local_action: rabbitmq_user user=guest state=absent force=yes
+    - name: "Creating Ironic user in RabbitMQ"
+      local_action: rabbitmq_user user=ironic password={{ ironic_db_password }} force=yes state=present configure_priv=.* write_priv=.* read_priv=.*
+      no_log: true
     - name: "MySQL - Creating DB"
       local_action: mysql_db login_user=root login_password={{ mysql_password }} name=ironic state=present encoding=utf8
       register: test_created_db
@@ -54,6 +68,8 @@
       local_action: file name=/etc/ironic state=directory
     - name: "Place Ironic Config file"
       local_action: template src=templates/ironic.conf.j2 dest=/etc/ironic/ironic.conf
+    - name: "Copy policy.json to /etc/ironic"
+      local_action: copy src=/opt/stack/ironic/etc/ironic/policy.json dest=/etc/ironic/
     - name: "Creating Ironic DB Schema"
       local_action: command ironic-dbsync --config-file /etc/ironic/ironic.conf create_schema
       when: test_created_db.changed == true
@@ -73,6 +89,10 @@
       local_action: service name=ironic-conductor state=started
     - name: "Start ironic-api"
       local_action: service name=ironic-api state=started
+    - name: "Start ironic-conductor"
+      local_action: service name=ironic-conductor state=restarted
+    - name: "Start ironic-api"
+      local_action: service name=ironic-api state=reloaded
     - name: "Setting up PXE and iPXE folders"
       local_action: file name={{item}} owner=ironic group=ironic state=directory
       with_items:
@@ -102,3 +122,16 @@
         - nginx
     - name: "Sending services a force-reload signal"
       local_action: command /etc/init.d/dnsmasq force-reload
+- hosts: localhost
+  connection: local
+  name: "Retrieve Images"
+  sudo: yes
+  gather_facts: yes
+  tasks:
+    # Similar logic to below can be utilized to retrieve files
+    - name: "Determine if folder exists, else create and populate folder."
+      local_action: stat path=/tftpboot/master_images
+      register: test_master_images
+    - name: "Create master_images folder"
+      local_action: file name=/tftpboot/master_images state=directory
+      when: test_master_images.stat.exists == false
diff --git a/step1/templates/ironic.conf.j2 b/step1/templates/ironic.conf.j2
index 59ee54ae4..e61d455c3 100644
--- a/step1/templates/ironic.conf.j2
+++ b/step1/templates/ironic.conf.j2
@@ -89,16 +89,16 @@ rabbit_port=5672
 #rabbit_use_ssl=false
 
 # The RabbitMQ userid. (string value)
-#rabbit_userid=guest
+rabbit_userid=ironic
 
 # The RabbitMQ password. (string value)
-#rabbit_password=guest
+rabbit_password={{ ironic_db_password }}
 
 # The RabbitMQ login method. (string value)
 #rabbit_login_method=AMQPLAIN
 
 # The RabbitMQ virtual host. (string value)
-#rabbit_virtual_host=/
+rabbit_virtual_host=/
 
 # How frequently to retry connecting with RabbitMQ. (integer
 # value)
@@ -115,7 +115,7 @@ rabbit_port=5672
 # Use HA queues in RabbitMQ (x-ha-policy: all). If you change
 # this option, you must wipe the RabbitMQ database. (boolean
 # value)
-#rabbit_ha_queues=false
+rabbit_ha_queues=false
 
 # Deprecated, use rpc_backend=kombu+memory or rpc_backend=fake
 # (boolean value)
@@ -533,7 +533,7 @@ enabled_drivers=pxe_ilo
 # URL of Ironic API service. If not set ironic can get the
 # current value from the keystone service catalog. (string
 # value)
-#api_url=<None>
+api_url=http://{{ hostvars[inventory_hostname]['ansible_' + network_interface]['ipv4']['address'] }}:6385/
 
 # Seconds between conductor heart beats. (integer value)
 #heartbeat_interval=10