Use better default bind address for ironic-tftp

ironic tftp service binds on 0.0.0.0. This may be
an issue in some setup. This patch propose a better
default, such as using the same listen address as
the dnsmasq service

Closes-Bug: #2024664

Change-Id: I0401bfc03cd31d72c5a2ae0a111889d5c29a8aa2
This commit is contained in:
yann.degat 2023-06-22 12:44:47 +00:00
parent 3497cb6fb8
commit 81948f5b16
3 changed files with 5 additions and 1 deletions

View File

@ -252,6 +252,7 @@ bifrost_network_interface: "{{ network_interface }}"
dns_interface: "{{ network_interface }}" dns_interface: "{{ network_interface }}"
dpdk_tunnel_interface: "{{ neutron_external_interface }}" dpdk_tunnel_interface: "{{ neutron_external_interface }}"
ironic_http_interface: "{{ api_interface }}" ironic_http_interface: "{{ api_interface }}"
ironic_tftp_interface: "{{ api_interface }}"
# Configure the address family (AF) per network. # Configure the address family (AF) per network.
# Valid options are [ ipv4, ipv6 ] # Valid options are [ ipv4, ipv6 ]
@ -267,12 +268,14 @@ bifrost_network_address_family: "{{ network_address_family }}"
dns_address_family: "{{ network_address_family }}" dns_address_family: "{{ network_address_family }}"
dpdk_tunnel_address_family: "{{ network_address_family }}" dpdk_tunnel_address_family: "{{ network_address_family }}"
ironic_http_address_family: "{{ api_address_family }}" ironic_http_address_family: "{{ api_address_family }}"
ironic_tftp_address_family: "{{ api_address_family }}"
migration_interface_address: "{{ 'migration' | kolla_address }}" migration_interface_address: "{{ 'migration' | kolla_address }}"
tunnel_interface_address: "{{ 'tunnel' | kolla_address }}" tunnel_interface_address: "{{ 'tunnel' | kolla_address }}"
octavia_network_interface_address: "{{ 'octavia_network' | kolla_address }}" octavia_network_interface_address: "{{ 'octavia_network' | kolla_address }}"
dpdk_tunnel_interface_address: "{{ 'dpdk_tunnel' | kolla_address }}" dpdk_tunnel_interface_address: "{{ 'dpdk_tunnel' | kolla_address }}"
ironic_http_interface_address: "{{ 'ironic_http' | kolla_address }}" ironic_http_interface_address: "{{ 'ironic_http' | kolla_address }}"
ironic_tftp_interface_address: "{{ 'ironic_tftp' | kolla_address }}"
# Valid options are [ openvswitch, ovn, linuxbridge, vmware_nsxv, vmware_nsxv3, vmware_nsxp, vmware_dvs ] # Valid options are [ openvswitch, ovn, linuxbridge, vmware_nsxv, vmware_nsxv3, vmware_nsxp, vmware_dvs ]
# Do note linuxbridge is *EXPERIMENTAL* in Neutron since Zed and it requires extra tweaks to config to be usable. # Do note linuxbridge is *EXPERIMENTAL* in Neutron since Zed and it requires extra tweaks to config to be usable.

View File

@ -282,6 +282,7 @@ ironic_dnsmasq_uefi_ipxe_boot_file: "snponly.efi"
ironic_cleaning_network: ironic_cleaning_network:
ironic_console_serial_speed: "115200n8" ironic_console_serial_speed: "115200n8"
ironic_http_url: "http://{{ ironic_http_interface_address | put_address_in_context('url') }}:{{ ironic_http_port }}" ironic_http_url: "http://{{ ironic_http_interface_address | put_address_in_context('url') }}:{{ ironic_http_port }}"
ironic_tftp_listen_address: "{{ ironic_tftp_interface_address }}"
ironic_enable_rolling_upgrade: "yes" ironic_enable_rolling_upgrade: "yes"
ironic_upgrade_skip_wait_check: false ironic_upgrade_skip_wait_check: false
ironic_inspector_kernel_cmdline_extras: [] ironic_inspector_kernel_cmdline_extras: []

View File

@ -11,7 +11,7 @@
{% set pxe_cfg = 'grub.cfg' if enable_ironic_pxe_uefi | bool else 'default' %} {% set pxe_cfg = 'grub.cfg' if enable_ironic_pxe_uefi | bool else 'default' %}
{ {
"command": "/usr/sbin/in.tftpd --verbose --foreground --user nobody --address 0.0.0.0:69 --map-file /map-file /var/lib/ironic/tftpboot", "command": "/usr/sbin/in.tftpd --verbose --foreground --user nobody --address {{ ironic_tftp_listen_address }}:69 --map-file /map-file /var/lib/ironic/tftpboot",
"config_files": [ "config_files": [
{% if not ironic_dnsmasq_serve_ipxe | bool and groups['ironic-inspector'] | length > 0 %} {% if not ironic_dnsmasq_serve_ipxe | bool and groups['ironic-inspector'] | length > 0 %}
{% if not enable_ironic_pxe_uefi | bool %} {% if not enable_ironic_pxe_uefi | bool %}