kayobe/ansible/group_vars/all/inspector
Mark Goddard f17f82a0fc Improve configuration of IPA collectors and benchmarks
Rather than specifying kernel command line arguments directly, configuration of
IPA introspection data collectors and benchmarks is now possible by extending
lists of collector (ipa_collect_extra) and benchmark (ipa_benchmark_extra)
names.  LLDP collection is now controlled via a flag, ipa_collect_lldp.
Additional kernel arguments may be passed via ipa_kernel_options_extra.
2017-08-22 15:12:05 +00:00

319 lines
12 KiB
Plaintext

---
###############################################################################
# Ironic inspector PXE configuration.
# List of extra kernel parameters for the inspector default PXE configuration.
inspector_extra_kernel_options: "{{ ipa_kernel_options }}"
# URL of Ironic Python Agent (IPA) kernel image.
inspector_ipa_kernel_upstream_url: "{{ ipa_kernel_upstream_url }}"
# URL of Ironic Python Agent (IPA) ramdisk image.
inspector_ipa_ramdisk_upstream_url: "{{ ipa_ramdisk_upstream_url }}"
###############################################################################
# Ironic inspector processing configuration.
# Whether inspector should manage the firewall.
inspector_manage_firewall: False
# List of of default inspector processing plugins.
inspector_processing_hooks_default:
- ramdisk_error
- scheduler
- validate_interfaces
- capabilities
- pci_devices
- local_link_connection
- lldp_basic
# List of of additional inspector processing plugins.
inspector_processing_hooks_extra: []
# List of of additional inspector processing plugins.
inspector_processing_hooks: >
{{ inspector_processing_hooks_default + inspector_processing_hooks_extra }}
# Which MAC addresses to add as ports during introspection. One of 'all',
# 'active' or 'pxe'.
inspector_add_ports: "pxe"
# Which ports to keep after introspection. One of 'all', 'present', or 'added'.
inspector_keep_ports: "added"
# Whether to enable discovery of nodes not managed by Ironic.
inspector_enable_discovery: True
# The Ironic driver with which to register newly discovered nodes.
inspector_discovery_enroll_node_driver: "ipmi"
###############################################################################
# Ironic inspector configuration.
# Ironic inspector IPMI username to set.
inspector_ipmi_username: "{{ ipmi_username }}"
# Ironic inspector IPMI password to set.
inspector_ipmi_password: "{{ ipmi_password }}"
# Ironic inspector default network interface name on which to check for an LLDP
# switch port description to use as the node's name.
inspector_lldp_switch_port_interface_default:
# Ironic inspector map from hostname to network interface name on which to
# check for an LLDP switch port description to use as the node's name.
inspector_lldp_switch_port_interface_map: {}
###############################################################################
# Ironic inspector introspection rules configuration.
# IPMI username referenced by inspector rule.
inspector_rule_var_ipmi_username:
# IPMI password referenced by inspector rule.
inspector_rule_var_ipmi_password:
# Ironic inspector rule to set IPMI credentials.
inspector_rule_ipmi_credentials:
description: "Set IPMI driver_info if no credentials"
conditions:
- field: "node://driver_info.ipmi_username"
op: "is-empty"
- field: "node://driver_info.ipmi_password"
op: "is-empty"
actions:
- action: "set-attribute"
path: "driver_info/ipmi_username"
value: "{{ inspector_rule_var_ipmi_username }}"
- action: "set-attribute"
path: "driver_info/ipmi_password"
value: "{{ inspector_rule_var_ipmi_password }}"
# Deployment kernel referenced by inspector rule.
inspector_rule_var_deploy_kernel:
# Ironic inspector rule to set deployment kernel.
inspector_rule_deploy_kernel:
description: "Set deploy kernel"
conditions:
- field: "node://driver_info.deploy_kernel"
op: "is-empty"
actions:
- action: "set-attribute"
path: "driver_info/deploy_kernel"
value: "{{ inspector_rule_var_deploy_kernel }}"
# Deployment ramdisk referenced by inspector rule.
inspector_rule_var_deploy_ramdisk:
# Ironic inspector rule to set deployment ramdisk.
inspector_rule_deploy_ramdisk:
description: "Set deploy ramdisk"
conditions:
- field: "node://driver_info.deploy_ramdisk"
op: "is-empty"
actions:
- action: "set-attribute"
path: "driver_info/deploy_ramdisk"
value: "{{ inspector_rule_var_deploy_ramdisk }}"
# Ironic inspector rule to set local boot capability
inspector_rule_local_boot:
description: "Set local boot capability"
conditions: []
actions:
- action: "set-capability"
name: "boot_option"
value: "local"
# Ironic inspector rule to initialise root device hints.
inspector_rule_root_hint_init:
description: "Initialise root device hint"
conditions:
- field: "node://properties.root_device"
op: "is-empty"
actions:
# Inspector can't combine references to introspection data with non-string
# types, see https://bugs.launchpad.net/ironic-inspector/+bug/1670768. We
# must therefore first set the root_device property to an empty dict, then
# update the fields within it.
- action: "set-attribute"
path: "properties/root_device"
value: {}
# Ironic inspector rule to set serial root device hint.
inspector_rule_root_hint_serial:
description: "Set serial root device hint"
conditions:
- field: "data://root_disk.serial"
op: "is-empty"
invert: True
actions:
- action: "set-attribute"
path: "properties/root_device/serial"
value: "{data[root_disk][serial]}"
# Ironic inspector rule to set the interface on which the node PXE booted.
inspector_rule_set_pxe_interface_mac:
description: "Set node PXE interface MAC address"
conditions:
- field: "data://boot_interface"
op: "is-empty"
invert: True
actions:
- action: "set-attribute"
path: "extra/pxe_interface_mac"
value: "{data[boot_interface]}"
# Name of network interface to use for LLDP referenced by switch port
# description rule.
inspector_rule_var_lldp_switch_port_interface:
# Ironic inspector rule to set the node's name from an interface's LLDP switch
# port description.
inspector_rule_lldp_switch_port_desc_to_name:
description: "Set node name from {{ inspector_rule_var_lldp_switch_port_interface }} LLDP switch port description"
conditions:
# Check for the existence of the switch_port_description field.
- field: "data://all_interfaces.{{ inspector_rule_var_lldp_switch_port_interface }}"
op: "is-empty"
invert: True
- field: "data://all_interfaces.{{ inspector_rule_var_lldp_switch_port_interface }}.lldp_processed"
op: "is-empty"
invert: True
- field: "data://all_interfaces.{{ inspector_rule_var_lldp_switch_port_interface }}.lldp_processed.switch_port_description"
op: "is-empty"
invert: True
# Filter out switch port descriptions using the switch's interface names.
# On some switches (including Dell Network OS 9.10(0.1)), the port
# description TLV is sent but contains the interface name rather than the
# interface's description.
- field: "data://all_interfaces.{{inspector_rule_var_lldp_switch_port_interface}}.lldp_processed.switch_port_description"
op: "matches"
value: "^GigabitEthernet ([0-9/]*)$"
invert: True
- field: "data://all_interfaces.{{inspector_rule_var_lldp_switch_port_interface}}.lldp_processed.switch_port_description"
op: "matches"
value: "^TenGigabitEthernet ([0-9/]*)$"
invert: True
- field: "data://all_interfaces.{{inspector_rule_var_lldp_switch_port_interface}}.lldp_processed.switch_port_description"
op: "matches"
value: "^fortyGigE ([0-9/]*)$"
invert: True
- field: "data://all_interfaces.{{inspector_rule_var_lldp_switch_port_interface}}.lldp_processed.switch_port_description"
op: "matches"
value: "^Port-channel ([0-9/]*)$"
invert: True
actions:
- action: "set-attribute"
path: "name"
value: "{data[all_interfaces][{{ inspector_rule_var_lldp_switch_port_interface }}][lldp_processed][switch_port_description]}"
# Ironic inspector rule to initialise system vendor data in the node's metadata.
inspector_rule_save_system_vendor_init:
description: "Intiialise system vendor data in Ironic node metadata"
conditions:
- field: "data://inventory.system_vendor"
op: "is-empty"
invert: True
- field: "node://extra.system_vendor"
op: "is-empty"
actions:
- action: "set-attribute"
path: "extra/system_vendor"
value: {}
# Ironic inspector rule to save system vendor manufacturer data in the node's
# metadata.
inspector_rule_save_system_vendor_manufacturer:
description: "Save system vendor manufacturer data in Ironic node metadata"
conditions:
- field: "data://inventory.system_vendor"
op: "is-empty"
invert: True
- field: "data://inventory.system_vendor.manufacturer"
op: "is-empty"
invert: True
actions:
- action: "set-attribute"
path: "extra/system_vendor/manufacturer"
value: "{data[inventory][system_vendor][manufacturer]}"
# Ironic inspector rule to save system vendor serial number in the node's
# metadata.
inspector_rule_save_system_vendor_serial_number:
description: "Save system vendor serial number in Ironic node metadata"
conditions:
- field: "data://inventory.system_vendor"
op: "is-empty"
invert: True
- field: "data://inventory.system_vendor.serial_number"
op: "is-empty"
invert: True
actions:
- action: "set-attribute"
path: "extra/system_vendor/serial_number"
value: "{data[inventory][system_vendor][serial_number]}"
# Ironic inspector rule to save system vendor product name in the node's
# metadata.
inspector_rule_save_system_vendor_product_name:
description: "Save system vendor product name in Ironic node metadata"
conditions:
- field: "data://inventory.system_vendor"
op: "is-empty"
invert: True
- field: "data://inventory.system_vendor.product_name"
op: "is-empty"
invert: True
actions:
- action: "set-attribute"
path: "extra/system_vendor/product_name"
value: "{data[inventory][system_vendor][product_name]}"
# Ironic inspector rule to save introspection data to the node.
inspector_rule_save_data:
description: "Save introspection data to Ironic node"
conditions: []
actions:
- action: "set-attribute"
path: "extra/introspection_data"
value: "{data}"
# List of default ironic inspector rules.
inspector_rules_default:
- "{{ inspector_rule_ipmi_credentials }}"
- "{{ inspector_rule_deploy_kernel }}"
- "{{ inspector_rule_deploy_ramdisk }}"
- "{{ inspector_rule_local_boot }}"
- "{{ inspector_rule_root_hint_init }}"
- "{{ inspector_rule_root_hint_serial }}"
- "{{ inspector_rule_set_pxe_interface_mac }}"
- "{{ inspector_rule_lldp_switch_port_desc_to_name }}"
- "{{ inspector_rule_save_system_vendor_init }}"
- "{{ inspector_rule_save_system_vendor_manufacturer }}"
- "{{ inspector_rule_save_system_vendor_serial_number }}"
- "{{ inspector_rule_save_system_vendor_product_name }}"
# List of additional ironic inspector rules.
inspector_rules_extra: []
# List of all ironic inspector rules.
inspector_rules: "{{ inspector_rules_default + inspector_rules_extra }}"
###############################################################################
# Dell switch LLDP workaround configuration.
# Some Dell switch OSs (including Dell Network OS 9.10(0.1)) do not support
# sending interface port description TLVs correctly. Instead of sending the
# interface description, they send the interface name (e.g. TenGigabitEthernet
# 1/1/1). This breaks the discovery process which relies on Ironic node
# introspection data containing the node's name in the interface port
# description. We work around this here by creating an introspection rule for
# each ironic node that matches against the switch system and the relevant
# interface name, then sets the node's name appropriately.
# Ansible group containing switch hosts to which the workaround should be
# applied.
inspector_dell_switch_lldp_workaround_group: