openstack/ironic-python-agent-builder
Code Issues Proposed changes
ironic-python-agent-builder/dib/ironic-python-agent-ramdisk
History
Jay Faulkner 79715dd750 Add element to configure IPA with TLS, use configdir 
First, this change preconfigures IPA to use a configdir. This will
permit deployers to add or modify IPA configuration in elements.
This change was a prerequisite to adding additional DIB elements
which require configuration.

Additionally, this adds a DIB element to configure TLS support for
IPA's API. If added to a ramdisk build with no configuration, it
will create a self-signed certificate and configure IPA to use it.
It also exposes various environment variables to allow deployers
to use preexisting certificates or CA files.

Change-Id: Ibf88937766fa32f72b90ca81f9e8fba3515b6e33
2020-09-08 20:40:19 +00:00
..
cleanup.d
Strip some excess from the centos dib image
2020-07-21 19:58:51 +00:00
environment.d
Disable EPEL on CentOS 8 by default
2020-06-29 16:32:10 +02:00
extra-data.d
Copies the "ironic-agent" element from DIB
2019-08-01 23:23:37 +05:30
install.d
Add element to configure IPA with TLS, use configdir
2020-09-08 20:40:19 +00:00
post-install.d
Strip some excess from the centos dib image
2020-07-21 19:58:51 +00:00
static
Add element to configure IPA with TLS, use configdir
2020-09-08 20:40:19 +00:00
test-elements/build-succeeds-fedora
Copies the "ironic-agent" element from DIB
2019-08-01 23:23:37 +05:30
element-deps
Copies the "ironic-agent" element from DIB
2019-08-01 23:23:37 +05:30
element-provides
Copies the "ironic-agent" element from DIB
2019-08-01 23:23:37 +05:30
package-installs.yaml
Install missing ffi development library
2020-06-05 14:40:24 +02:00
pkg-map
Merge "Fix python-dev package mapping"
2020-06-08 17:37:56 +00:00
README.rst
DIB: allow disabling rescue mode
2019-10-09 09:32:04 +00:00
source-repository-ironic-python-agent
Import ansible version of the image building job
2019-08-29 14:22:49 +02:00
source-repository-requirements
Update upper-constraints handling
2019-10-18 12:49:28 +02:00
svc-map
Copies the "ironic-agent" element from DIB
2019-08-01 23:23:37 +05:30

README.rst

ironic-python-agent-ramdisk

Builds a ramdisk with ironic-python-agent.

More information can be found at: https://docs.openstack.org/ironic-python-agent/latest/

Beyond installing the ironic-python-agent, this element does the following:

  • Installs the dhcp-all-interfaces so the node, upon booting, attempts to obtain an IP address on all available network interfaces.
  • Disables the iptables service on SysV and systemd based systems.
  • Disables the ufw service on Upstart based systems.
  • Installs packages required for the operation of the ironic-python-agent::

    qemu-utils parted hdparm util-linux genisoimage

  • When installing from source, python-dev and gcc are also installed in order to support source based installation of ironic-python-agent and its dependencies.
  • Install the certificate if any, which is set to the environment variable DIB_IPA_CERT for validating the authenticity by ironic-python-agent. The certificate can be self-signed certificate or CA certificate.
  • Compresses initramfs with command specified in environment variable DIB_IPA_COMPRESS_CMD, which is 'gzip' by default. This command should listen for raw data from stdin and write compressed data to stdout. Command can be with arguments.
  • Configures rescue mode if DIB_IPA_ENABLE_RESCUE is not set to false.

This element outputs three files:

  • $IMAGE-NAME.initramfs: The deploy ramdisk file containing the ironic-python-agent (IPA) service.
  • $IMAGE-NAME.kernel: The kernel binary file.

Note

The package based install currently only enables the service when using the systemd init system. This can easily be changed if there is an agent package which includes upstart or sysv packaging.

Note

Using the ramdisk will require at least 1.5GB of ram