openstack/kolla-ansible
Code Issues Proposed changes
e303c74e68
kolla-ansible/ansible/roles/ironic/defaults/main.yml
Paul Bourke c96fe4146e Add cap NET_ADMIN for ironic_dnsmasq 
When attempting to inspect a node with ironic, it seems at times
ironic_dnsmasq fails to process dhcp bootp requests, giving the
following error repeating:

dnsmasq-dhcp: DHCPDISCOVER(eth0) 52:54:00:ff:15:55
dnsmasq-dhcp: DHCPOFFER(eth0) 192.169.5.100 52:54:00:ff:15:55
dnsmasq-dhcp: ARP-cache injection failed: Operation not permitted

Adding NET_ADMIN fixes this.

Co-Authored-By: Mark Goddard <mark@stackhpc.com>
Closes-Bug: #1762805
Change-Id: I39acb81801710f849336380d3fde01c70cd8d8ce
2018-04-30 14:47:16 +01:00

130 lines
5.0 KiB
YAML
Raw Blame History

---
project_name: "ironic"
ironic_services:
ironic-api:
container_name: ironic_api
group: ironic-api
enabled: true
image: "{{ ironic_api_image_full }}"
volumes:
- "{{ node_config_directory }}/ironic-api/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "kolla_logs:/var/log/kolla"
ironic-conductor:
container_name: ironic_conductor
group: ironic-conductor
enabled: true
image: "{{ ironic_conductor_image_full }}"
privileged: True
volumes:
- "{{ node_config_directory }}/ironic-conductor/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "/lib/modules:/lib/modules:ro"
- "/sys:/sys"
- "/dev:/dev"
- "/run:/run:shared"
- "kolla_logs:/var/log/kolla"
- "ironic:/var/lib/ironic"
- "ironic_pxe:/tftpboot/"
ironic-inspector:
container_name: ironic_inspector
group: ironic-inspector
enabled: true
image: "{{ ironic_inspector_image_full }}"
privileged: True
volumes:
- "{{ node_config_directory }}/ironic-inspector/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "kolla_logs:/var/log/kolla"
ironic-pxe:
container_name: ironic_pxe
group: ironic-pxe
enabled: true
image: "{{ ironic_pxe_image_full }}"
volumes:
- "{{ node_config_directory }}/ironic-pxe/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "ironic_pxe:/tftpboot/"
- "kolla_logs:/var/log/kolla"
ironic-dnsmasq:
container_name: ironic_dnsmasq
group: ironic-inspector
enabled: true
cap_add:
- NET_ADMIN
image: "{{ ironic_dnsmasq_image_full }}"
volumes:
- "{{ node_config_directory }}/ironic-dnsmasq/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "kolla_logs:/var/log/kolla"
####################
# Database
####################
ironic_database_name: "ironic"
ironic_database_user: "{% if use_preconfigured_databases | bool and use_common_mariadb_user | bool %}{{ database_user }}{% else %}ironic{% endif %}"
ironic_database_address: "{{ database_address }}:{{ database_port }}"
ironic_inspector_database_name: "ironic_inspector"
ironic_inspector_database_user: "{% if use_preconfigured_databases | bool and use_common_mariadb_user | bool %}{{ database_user }}{% else %}ironic_inspector{% endif %}"
ironic_inspector_database_address: "{{ database_address }}:{{ database_port }}"
####################
# Docker
####################
ironic_install_type: "{{ kolla_install_type }}"
ironic_tag: "{{ openstack_release }}"
ironic_api_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ ironic_install_type }}-ironic-api"
ironic_api_tag: "{{ ironic_tag }}"
ironic_api_image_full: "{{ ironic_api_image }}:{{ ironic_api_tag }}"
ironic_conductor_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ ironic_install_type }}-ironic-conductor"
ironic_conductor_tag: "{{ ironic_tag }}"
ironic_conductor_image_full: "{{ ironic_conductor_image }}:{{ ironic_conductor_tag }}"
ironic_pxe_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ ironic_install_type }}-ironic-pxe"
ironic_pxe_tag: "{{ ironic_tag }}"
ironic_pxe_image_full: "{{ ironic_pxe_image }}:{{ ironic_pxe_tag }}"
ironic_inspector_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ ironic_install_type }}-ironic-inspector"
ironic_inspector_tag: "{{ ironic_tag }}"
ironic_inspector_image_full: "{{ ironic_inspector_image }}:{{ ironic_inspector_tag }}"
ironic_dnsmasq_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ ironic_install_type }}-dnsmasq"
ironic_dnsmasq_tag: "{{ ironic_tag }}"
ironic_dnsmasq_image_full: "{{ ironic_dnsmasq_image }}:{{ ironic_dnsmasq_tag }}"
####################
# OpenStack
####################
ironic_inspector_keystone_user: "ironic-inspector"
ironic_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ ironic_api_port }}"
ironic_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ ironic_api_port }}"
ironic_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ ironic_api_port }}"
ironic_inspector_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ ironic_inspector_port }}"
ironic_inspector_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ ironic_inspector_port }}"
ironic_inspector_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ ironic_inspector_port }}"
ironic_logging_debug: "{{ openstack_logging_debug }}"
openstack_ironic_auth: "{{ openstack_auth }}"
openstack_ironic_inspector_auth: "{{ openstack_auth }}"
#########
# Ironic
#########
ironic_dnsmasq_interface: "{{ api_interface }}"
ironic_dnsmasq_dhcp_range:
ironic_cleaning_network:
ironic_console_serial_speed: "115200n8"
View Git Blame Copy Permalink