diff --git a/playbooks/roles/bifrost-configdrives-dynamic/README.md b/playbooks/roles/bifrost-configdrives-dynamic/README.md index 4b554c0d3..98fc11820 100644 --- a/playbooks/roles/bifrost-configdrives-dynamic/README.md +++ b/playbooks/roles/bifrost-configdrives-dynamic/README.md @@ -58,6 +58,9 @@ node_network_info: Optional: If defined, the contents are written out to the override the network configuration contents based on the inventory data. +cloud_name: Optional: String value defining a clouds.yaml entry for + the ansible module to leverage. + Customizing ----------- diff --git a/playbooks/roles/bifrost-configdrives-dynamic/meta/main.yml b/playbooks/roles/bifrost-configdrives-dynamic/meta/main.yml index 7dc244714..9f7b4792a 100644 --- a/playbooks/roles/bifrost-configdrives-dynamic/meta/main.yml +++ b/playbooks/roles/bifrost-configdrives-dynamic/meta/main.yml @@ -4,7 +4,7 @@ galaxy_info: description: Creates a basic configdrive for Bifrost company: OpenStack license: Apache - min_ansible_version: 1.9 + min_ansible_version: 2.0 platforms: - name: EL versions: diff --git a/playbooks/roles/bifrost-configdrives-dynamic/tasks/update_facts_from_ironic.yaml b/playbooks/roles/bifrost-configdrives-dynamic/tasks/update_facts_from_ironic.yaml index c0be685a4..01e0ccd0e 100644 --- a/playbooks/roles/bifrost-configdrives-dynamic/tasks/update_facts_from_ironic.yaml +++ b/playbooks/roles/bifrost-configdrives-dynamic/tasks/update_facts_from_ironic.yaml @@ -12,14 +12,35 @@ # See the License for the specific language governing permissions and # limitations under the License. --- +- name: "If in noauth mode, set auth parameters accordingly." + set_fact: + auth_type: None + auth: {} + when: noauth_mode is defined and noauth_mode | bool == true + +- name: "Execute os_client_config to collect facts" + os_client_config: + no_log: yes + +# NOTE(TheJulia): The first record returned by os_client_config +# is utilized as the default. A user can still define the parameters +# if so desired. +- name: "Set os_client_config's auth parameters if not already set." + set_fact: + auth: "{{ openstack.clouds[0].auth }}" + auth_type: "{{ openstack.clouds[0].auth_type }}" + when: auth is undefined + no_log: yes + # Note(TheJulia): This step allows us to collect things that # ironic knows, that we do not know potentially, such as an UUID # should a node have been created without one. - name: "Collecting node facts" os_ironic_facts: - auth_type: None - auth: {} - ironic_url: "{{ ironic_url }}" + cloud: "{{ cloud_name | default(omit) }}" + auth_type: "{{ auth_type }}" + auth: "{{ auth }}" + ironic_url: "{{ ironic_url | default(omit) }}" uuid: "{{ uuid | default() }}" name: "{{ name | default() }}" skip_items: diff --git a/playbooks/roles/bifrost-deploy-nodes-dynamic/README.md b/playbooks/roles/bifrost-deploy-nodes-dynamic/README.md index 93c96c1d9..b776e2a9a 100644 --- a/playbooks/roles/bifrost-deploy-nodes-dynamic/README.md +++ b/playbooks/roles/bifrost-deploy-nodes-dynamic/README.md @@ -85,6 +85,9 @@ noauth_mode: Controls if the module is called in noauth mode. this file format can be found at: http://docs.openstack.org/developer/os-client-config/ +cloud_name: Optional: String value defining a clouds.yaml entry for + the ansible module to leverage. + inventory_dns: A boolean value, defaulted to false, which causes the role to update a template file and reload dnsmasq upon each update in order to perform static dns addressing utilizing the diff --git a/playbooks/roles/bifrost-deploy-nodes-dynamic/meta/main.yml b/playbooks/roles/bifrost-deploy-nodes-dynamic/meta/main.yml index a67c0b17b..d365c7a16 100644 --- a/playbooks/roles/bifrost-deploy-nodes-dynamic/meta/main.yml +++ b/playbooks/roles/bifrost-deploy-nodes-dynamic/meta/main.yml @@ -4,7 +4,7 @@ galaxy_info: description: Deploys the image on to nodes in Ironic company: OpenStack license: Apache - min_ansible_version: 1.9 + min_ansible_version: 2.0 platforms: - name: EL versions: diff --git a/playbooks/roles/bifrost-deploy-nodes-dynamic/tasks/main.yml b/playbooks/roles/bifrost-deploy-nodes-dynamic/tasks/main.yml index 14e3df7dc..14b135c24 100644 --- a/playbooks/roles/bifrost-deploy-nodes-dynamic/tasks/main.yml +++ b/playbooks/roles/bifrost-deploy-nodes-dynamic/tasks/main.yml @@ -21,7 +21,22 @@ set_fact: auth_type: None auth: {} - when: noauth_mode | bool == true + when: noauth_mode is defined and noauth_mode | bool == true + +- name: "Execute os_client_config to collect facts" + os_client_config: + no_log: yes + +# NOTE(TheJulia): The first record returned by os_client_config +# is utilized as the default. A user can still define the parameters +# if so desired. +- name: "Set os_client_config's auth parameters if not already set." + set_fact: + auth: "{{ openstack.clouds[0].auth }}" + auth_type: "{{ openstack.clouds[0].auth_type }}" + when: auth is undefined + no_log: yes + - name: "Setup DHCP for nodes." template: src: dhcp-host.j2 @@ -68,9 +83,10 @@ when: instance_info is not defined and test_deploy_image.stat.exists | bool == false - name: "Deploy to hardware - bifrost default" os_ironic_node: + cloud: "{{ cloud_name | default(omit) }}" auth_type: "{{ auth_type | default(omit) }}" auth: "{{ auth | default(omit) }}" - ironic_url: "{{ ironic_url }}" + ironic_url: "{{ ironic_url | default(omit) }}" uuid: "{{ uuid }}" state: present config_drive: "{{ deploy_url_protocol }}://{{ hostvars[inventory_hostname]['ansible_' + ans_network_interface]['ipv4']['address'] }}:{{ file_url_port }}/configdrive-{{ uuid }}.iso.gz" diff --git a/playbooks/roles/bifrost-unprovision-node-dynamic/README.md b/playbooks/roles/bifrost-unprovision-node-dynamic/README.md index 9ad1999d6..bd3624efa 100644 --- a/playbooks/roles/bifrost-unprovision-node-dynamic/README.md +++ b/playbooks/roles/bifrost-unprovision-node-dynamic/README.md @@ -26,6 +26,9 @@ noauth_mode: Controls if the module is called in noauth mode. this file format can be found at: http://docs.openstack.org/developer/os-client-config/ +cloud_name: Optional: String value defining a clouds.yaml entry for + the ansible module to leverage. + Dependencies ------------ diff --git a/playbooks/roles/bifrost-unprovision-node-dynamic/meta/main.yml b/playbooks/roles/bifrost-unprovision-node-dynamic/meta/main.yml index 630e95c56..4d700e6e4 100644 --- a/playbooks/roles/bifrost-unprovision-node-dynamic/meta/main.yml +++ b/playbooks/roles/bifrost-unprovision-node-dynamic/meta/main.yml @@ -4,7 +4,7 @@ galaxy_info: description: Unprovisions nodes in Ironic company: OpenStack license: Apache - min_ansible_version: 1.9 + min_ansible_version: 2.0 platforms: - name: EL versions: diff --git a/playbooks/roles/bifrost-unprovision-node-dynamic/tasks/main.yml b/playbooks/roles/bifrost-unprovision-node-dynamic/tasks/main.yml index 1ab9d8193..f9c19ce39 100644 --- a/playbooks/roles/bifrost-unprovision-node-dynamic/tasks/main.yml +++ b/playbooks/roles/bifrost-unprovision-node-dynamic/tasks/main.yml @@ -16,12 +16,28 @@ set_fact: auth_type: None auth: {} - when: noauth_mode | bool == true + when: noauth_mode is defined and noauth_mode | bool == true + +- name: "Execute os_client_config to collect facts" + os_client_config: + no_log: yes + +# NOTE(TheJulia): The first record returned by os_client_config +# is utilized as the default. A user can still define the parameters +# if so desired. +- name: "Set os_client_config's auth parameters if not already set." + set_fact: + auth: "{{ openstack.clouds[0].auth }}" + auth_type: "{{ openstack.clouds[0].auth_type }}" + when: auth is undefined + no_log: yes + - name: "Unprovision node" os_ironic_node: + cloud: "{{ cloud_name | default(omit) }}" auth_type: "{{ auth_type | default(omit) }}" auth: "{{ auth | default(omit) }}" - ironic_url: "{{ ironic_url }}" + ironic_url: "{{ ironic_url | default(omit) }}" uuid: "{{ uuid | default() }}" name: "{{ name | default() }}" state: absent diff --git a/playbooks/roles/ironic-delete-dynamic/README.md b/playbooks/roles/ironic-delete-dynamic/README.md index e5e8ecd4b..9834764e8 100644 --- a/playbooks/roles/ironic-delete-dynamic/README.md +++ b/playbooks/roles/ironic-delete-dynamic/README.md @@ -31,6 +31,9 @@ noauth_mode: Controls if the module is called in noauth mode. this file format can be found at: http://docs.openstack.org/developer/os-client-config/ +cloud_name: Optional: String value defining a clouds.yaml entry for + the ansible module to leverage. + Dependencies ------------ diff --git a/playbooks/roles/ironic-delete-dynamic/meta/main.yml b/playbooks/roles/ironic-delete-dynamic/meta/main.yml index 7ed36db73..ec3fd5ba8 100644 --- a/playbooks/roles/ironic-delete-dynamic/meta/main.yml +++ b/playbooks/roles/ironic-delete-dynamic/meta/main.yml @@ -4,7 +4,7 @@ galaxy_info: description: Removes enrolled nodes from Ironic company: OpenStack license: Apache - min_ansible_version: 1.9 + min_ansible_version: 2.0 platforms: - name: EL versions: diff --git a/playbooks/roles/ironic-delete-dynamic/tasks/main.yml b/playbooks/roles/ironic-delete-dynamic/tasks/main.yml index 0caa2ee13..b7f08ec77 100644 --- a/playbooks/roles/ironic-delete-dynamic/tasks/main.yml +++ b/playbooks/roles/ironic-delete-dynamic/tasks/main.yml @@ -16,12 +16,28 @@ set_fact: auth_type: None auth: {} - when: noauth_mode | bool == true + when: noauth_mode is defined and noauth_mode | bool == true + +- name: "Execute os_client_config to collect facts" + os_client_config: + no_log: yes + +# NOTE(TheJulia): The first record returned by os_client_config +# is utilized as the default. A user can still define the parameters +# if so desired. +- name: "Set os_client_config's auth parameters if not already set." + set_fact: + auth: "{{ openstack.clouds[0].auth }}" + auth_type: "{{ openstack.clouds[0].auth_type }}" + when: auth is undefined + no_log: yes + - name: "Delete hardware" os_ironic: + cloud: "{{ cloud_name | default(omit) }}" auth_type: "{{ auth_type | default(omit) }}" auth: "{{ auth | default(omit) }}" - ironic_url: "{{ ironic_url }}" + ironic_url: "{{ ironic_url | default(omit) }}" driver: "" uuid: "{{ uuid | default() }}" name: "{{ name | default() }}" diff --git a/playbooks/roles/ironic-enroll-dynamic/README.md b/playbooks/roles/ironic-enroll-dynamic/README.md index 2f928d04d..a9b3f32a8 100644 --- a/playbooks/roles/ironic-enroll-dynamic/README.md +++ b/playbooks/roles/ironic-enroll-dynamic/README.md @@ -40,6 +40,9 @@ noauth_mode: Controls if the module is called in noauth mode. this file format can be found at: http://docs.openstack.org/developer/os-client-config/ +cloud_name: Optional: String value defining a clouds.yaml entry for + the ansible module to leverage. + This role expects a data structure similar to the one below, however it should be understood that the individual entries under power can vary based on power driver required. diff --git a/playbooks/roles/ironic-enroll-dynamic/meta/main.yml b/playbooks/roles/ironic-enroll-dynamic/meta/main.yml index 0c8769f78..618de1f01 100644 --- a/playbooks/roles/ironic-enroll-dynamic/meta/main.yml +++ b/playbooks/roles/ironic-enroll-dynamic/meta/main.yml @@ -4,7 +4,7 @@ galaxy_info: description: Enrolls nodes into Ironic company: OpenStack license: Apache - min_ansible_version: 1.9 + min_ansible_version: 2.0 platforms: - name: EL versions: diff --git a/playbooks/roles/ironic-enroll-dynamic/tasks/main.yml b/playbooks/roles/ironic-enroll-dynamic/tasks/main.yml index 7a889874f..7377ea293 100644 --- a/playbooks/roles/ironic-enroll-dynamic/tasks/main.yml +++ b/playbooks/roles/ironic-enroll-dynamic/tasks/main.yml @@ -16,12 +16,28 @@ set_fact: auth_type: None auth: {} - when: noauth_mode | bool == true + when: noauth_mode is defined and noauth_mode | bool == true + +- name: "Execute os_client_config to collect facts" + os_client_config: + no_log: yes + +# NOTE(TheJulia): The first record returned by os_client_config +# is utilized as the default. A user can still define the parameters +# if so desired. +- name: "Set os_client_config's auth parameters if not already set." + set_fact: + auth: "{{ openstack.clouds[0].auth }}" + auth_type: "{{ openstack.clouds[0].auth_type }}" + when: auth is undefined + no_log: yes + - name: "Dynamic enrollment" os_ironic: + cloud: "{{ cloud_name | default(omit) }}" auth_type: "{{ auth_type | default(omit) }}" auth: "{{ auth | default(omit) }}" - ironic_url: "{{ ironic_url }}" + ironic_url: "{{ ironic_url | default(omit) }}" driver: "{{ driver }}" uuid: "{{ uuid | default() }}" name: "{{ name | default() }}" diff --git a/playbooks/roles/ironic-inspect-node/README.md b/playbooks/roles/ironic-inspect-node/README.md index ae240b307..a1bfa5a84 100644 --- a/playbooks/roles/ironic-inspect-node/README.md +++ b/playbooks/roles/ironic-inspect-node/README.md @@ -25,6 +25,9 @@ noauth_mode: Controls if the module is called in noauth mode. this file format can be found at: http://docs.openstack.org/developer/os-client-config/ +cloud_name: Optional: String value defining a clouds.yaml entry for + the ansible module to leverage. + Dependencies ------------ diff --git a/playbooks/roles/ironic-inspect-node/meta/main.yml b/playbooks/roles/ironic-inspect-node/meta/main.yml index 2ba6c89c3..b58c352a5 100644 --- a/playbooks/roles/ironic-inspect-node/meta/main.yml +++ b/playbooks/roles/ironic-inspect-node/meta/main.yml @@ -4,7 +4,7 @@ galaxy_info: description: Invoke ironic node hardware introspection. company: OpenStack license: Apache - min_ansible_version: 1.9 + min_ansible_version: 2.0 platforms: - name: EL versions: diff --git a/playbooks/roles/ironic-inspect-node/tasks/main.yml b/playbooks/roles/ironic-inspect-node/tasks/main.yml index b478dc7ce..b0a2f572c 100644 --- a/playbooks/roles/ironic-inspect-node/tasks/main.yml +++ b/playbooks/roles/ironic-inspect-node/tasks/main.yml @@ -16,11 +16,27 @@ set_fact: auth_type: None auth: {} - when: noauth_mode | bool == true + when: noauth_mode is defined and noauth_mode | bool == true + +- name: "Execute os_client_config to collect facts" + os_client_config: + no_log: yes + +# NOTE(TheJulia): The first record returned by os_client_config +# is utilized as the default. A user can still define the parameters +# if so desired. +- name: "Set os_client_config's auth parameters if not already set." + set_fact: + auth: "{{ openstack.clouds[0].auth }}" + auth_type: "{{ openstack.clouds[0].auth_type }}" + when: auth is undefined + no_log: yes + - name: "Execute node introspection - NoAuth Mode" os_ironic_inspect: + cloud: "{{ cloud_name | default(omit) }}" auth_type: "{{ auth_type | default(omit) }}" auth: "{{ auth | default(omit) }}" - ironic_url: "{{ ironic_url }}" + ironic_url: "{{ ironic_url | default(omit) }}" uuid: "{{ uuid }}" delegate_to: localhost diff --git a/releasenotes/notes/os_client_config-support-b1073062d842febb.yaml b/releasenotes/notes/os_client_config-support-b1073062d842febb.yaml new file mode 100644 index 000000000..0604d185e --- /dev/null +++ b/releasenotes/notes/os_client_config-support-b1073062d842febb.yaml @@ -0,0 +1,24 @@ +--- +features: + - The capability for Bifrost to read directly from + the os-client-config data has been added. While shade + can do this for us to a degree, bifrost also allows + a user to directly choose the server which they are + connecting to via the ``ironic_url`` parameter. + Instead of duplicate code and retool, if no global + ``auth`` parameter is detected, the authentication + parameters from the ``os_client_config`` module is + utilized to set the parameters. + - An optional parameter has been added to the roles + that interact with ironic that defines a ``cloud_name``. + This cloud name is utilized by the roles to determine + the entry from os-client-config to utilize. +issues: + - The addition of support for os-client-config does + not allow a user to choose their ``cloud`` + directly. Only the first entry returned is utilized. + - Log entries where authentication data is read and + stored have been masked with the ``no_log`` parameter. + Troubleshooting non-standard authentication configurations + may require modifying the playbooks so users can debug their + input OR pass data directly in a different way.