# Copyright (c) 2015 Hewlett-Packard Development Company, L.P. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or # implied. # See the License for the specific language governing permissions and # limitations under the License. --- - name: "Update driver list if PXE drivers are enabled" set_fact: enabled_drivers: "{{ enabled_drivers }},{{ pxe_drivers }}" when: enable_pxe_drivers | bool == true - name: "Determine if ironic.conf needs to be put in place." stat: path=/etc/ironic/ironic.conf register: test_place_ironic_config - name: "Copy ironic sample config" copy: src="{{ ironic_git_folder }}/etc/ironic/ironic.conf.sample" dest=/etc/ironic/ironic.conf owner=ironic group=ironic mode=0644 when: test_place_ironic_config.stat.exists == false - name: "If testing, set agent_ssh as the enabled driver" lineinfile: dest=/etc/ironic/ironic.conf insertafter="[DEFAULT]" regexp='^\#?\s?enabled_drivers\s?=\s?(.*)$' line="enabled_drivers = agent_ssh,pxe_ssh" when: testing | bool == true - name: "If not testing, set driver list" lineinfile: dest=/etc/ironic/ironic.conf insertafter="[DEFAULT]" regexp='^\#?\s?enabled_drivers\s?=\s?(.*)$' line="enabled_drivers = {{ enabled_drivers }}" when: testing | bool == false - name: "Set rabbit user" lineinfile: dest=/etc/ironic/ironic.conf insertafter="[DEFAULT]" regexp='^\#?\s?rabbit_userid\s?=\s?(.*)$' line="rabbit_userid = ironic" - name: "Set rabbit password" lineinfile: dest=/etc/ironic/ironic.conf insertafter="[DEFAULT]" regexp='^\#?\s?rabbit_password\s?=\s?(.*)$' line="rabbit_password = {{ ironic_db_password }}" - name: "Set auth_strategy to noauth" replace: dest=/etc/ironic/ironic.conf regexp='^\#\s?auth_strategy\s?=\s?keystone' replace='auth_strategy = noauth' - name: "If testing, enable debug logging" lineinfile: dest=/etc/ironic/ironic.conf insertafter="[DEFAULT]" regexp='^\#?\s?debug\s?=\s?(.*)$' line="debug = true" when: testing | bool == true - name: "If not testing, disable debug logging" lineinfile: dest=/etc/ironic/ironic.conf insertafter="[DEFAULT]" regexp='^\#?\s?debug\s?=\s?$' line="debug = false" when: testing | bool == false - name: "For agent, send extra params" lineinfile: dest=/etc/ironic/ironic.conf insertafter="[pxe]" regexp='^\#?\s?pxe_append_params\s?=\s?(.*)$' line="pxe_append_params = systemd.journald.forward_to_console=yes {{extra_kernel_options | default('')}}" - name: "Configure conductor API url" lineinfile: dest=/etc/ironic/ironic.conf insertafter="[conductor]" regexp='^\#?\s?api_url\s?=\s?(.*)$' line="api_url = http://{{ hostvars[inventory_hostname]['ansible_' + ans_network_interface]['ipv4']['address'] }}:6385/" # Note(TheJulia): clean_nodes config option is deprecated and to be removed in Newton. - name: "Configure conductor cleaning - Pre-Mitaka" lineinfile: dest=/etc/ironic/ironic.conf insertbefore="[console]" regexp='^\#?\s?clean_nodes\s?=\s?(.*)$' line="clean_nodes = {{ cleaning | lower }}" - name: "Configure conductor cleaning - Mitaka" lineinfile: dest=/etc/ironic/ironic.conf insertbefore="[console]" regexp='^\#?\s?automated_clean\s?=\s?(.*)$' line="automated_clean = {{ cleaning | lower }}" - name: "Configure database connection" lineinfile: dest=/etc/ironic/ironic.conf insertafter="[database]" regexp='^\#?\s?connection\s?=\s?(.*)$' line="connection = mysql+pymysql://ironic:{{ ironic_db_password }}@localhost/ironic?charset=utf8" - name: "Configure DHCP provider" lineinfile: dest=/etc/ironic/ironic.conf insertafter="[dhcp]" regexp='^\#?\s?dhcp_provider\s?=\s?(.*)$' line="dhcp_provider = none" - name: "Set PXE pxe_config_template" lineinfile: dest=/etc/ironic/ironic.conf insertafter="[pxe]" regexp='^\#?\s?pxe_config_template\s?=\s?(.*)$' line="pxe_config_template = $pybasedir/drivers/modules/ipxe_config.template" - name: "Set PXE tftp_server" lineinfile: dest=/etc/ironic/ironic.conf insertafter="[pxe]" regexp='^\#?\s?tftp_server\s?=\s?(.*)$' line="tftp_server = {{ hostvars[inventory_hostname]['ansible_' + ans_network_interface]['ipv4']['address'] }}" - name: "Set PXE tftp_root" lineinfile: dest=/etc/ironic/ironic.conf insertafter="[pxe]" regexp='^\#?\s?tftp_root\s?=\s?(.*)$' line="tftp_root = /tftpboot" - name: "Set iPXE pxe_bootfile_name" lineinfile: dest=/etc/ironic/ironic.conf insertafter="[pxe]" regexp='^\#?\s?pxe_bootfile_name\s?=\s?\#?\s?$' line="pxe_bootfile_name = undionly.kpxe" - name: "Set iPXE http_url" lineinfile: dest=/etc/ironic/ironic.conf insertafter="[pxe]" regexp='^\#?\s?http_url\s?=\s?(.*)$' line="http_url = http://{{ hostvars[inventory_hostname]['ansible_' + ans_network_interface]['ipv4']['address'] }}:{{ file_url_port }}/" - name: "Set iPXE http_root" lineinfile: dest=/etc/ironic/ironic.conf insertafter="[pxe]" regexp='^\#?\s?http_root\s?=\s?(.*)$' line="http_root = {{ http_boot_folder }}" - name: "Set iPXE to be enabled" lineinfile: dest=/etc/ironic/ironic.conf insertafter="[pxe]" regexp='^\#?\s?ipxe_enabled\s?=\s?(.*)$' line="ipxe_enabled = true" - name: "Set path to ipxe template file" lineinfile: dest=/etc/ironic/ironic.conf insertafter="[pxe]" regexp='^\#?\s?ipxe_boot_script\s?=\s?(.*)$' line="ipxe_boot_script = /etc/ironic/boot.ipxe" - name: "Configure SSH libvirt URL if testing" lineinfile: dest=/etc/ironic/ironic.conf insertafter="[ssh]" regexp='^\#?\s?libvirt_uri\s?=\s?(.*)$' line="libvirt_uri = qemu:///system" when: testing | bool == true - name: "Set CORS allowed_origin if enable_cors is set" lineinfile: dest=/etc/ironic/ironic.conf insertbefore='^\#?\s?cors.subdomain(.*)$' regexp='^\#?\s?allowed_origin\s?=\s?(.*)$' line="allowed_origin = {{ cors_allowed_origin | default('allowed_origin=http://localhost:8000')}}" when: enable_cors | bool == true - name: "Set CORS allow_credentials if enable_cors is set" lineinfile: dest=/etc/ironic/ironic.conf insertbefore='^\#?\s?cors.subdomain(.*)$' regexp='^\#?\s?allow_credentials\s?=\s?(.*)$' line="allow_credentials = {{ enable_cors_credential_support | default('true')}}" when: enable_cors | bool == true - name: "Set ilo driver to utilize web server" lineinfile: dest=/etc/ironic/ironic.conf insertafter="[ilo]" regexp='^\#?\s?use_web_server_for_images\s?=\s?(.*)$' line="use_web_server_for_images = true" - name: "Enable Inspector" lineinfile: dest=/etc/ironic/ironic.conf insertafter="[inspector]" regexp='^\#?\s?enabled( |)\s?=\s?(.*)$' line="enabled = True" when: enable_inspector | bool == true - name: "Set sudoers for PXE driver support if enabled" lineinfile: dest: /etc/sudoers regexp: '^ironic(.*)/etc/ironic/rootwrap.conf(.*)' line: "ironic ALL = (root) NOPASSWD: /usr/local/bin/ironic-rootwrap /etc/ironic/rootwrap.conf *" when: enable_pxe_drivers | bool == true - name: "Disable the flat network driver if present" lineinfile: dest: /etc/ironic/ironic.conf regexp: '^(#|)enabled_network_interfaces( |)\s?=( |)\s?(.*)$' line: "enabled_network_interfaces = noop"