Update Inspector listener address and network

This patch allows ironic-inspector to listen on host IP
rather than 0.0.0.0, as well as allows an existing Neutron-managed
inspection network to be used for inspection traffic.

Change-Id: I645857ad62954f08b160e5889f93dc1f6423def2
This commit is contained in:
James Denton 2020-10-30 15:10:24 -05:00
parent af9cf08525
commit 7900aeb223
3 changed files with 9 additions and 2 deletions

View File

@ -156,12 +156,14 @@ ironic_keystone_auth_plugin: password
# Neutron network - Set these in a playbook/task - can be set manually.
# Only "name" or "uuid" is needed, uuid will take preference if both are specified.
# The cleaning network is not required to be set - it will default to the same as
# the provisioning network if not specified.
# The cleaning and inspection network is not required to be set; they will default
# to the provisioning network if not specified.
# ironic_neutron_provisioning_network_uuid: "UUID for provisioning network in neutron"
# ironic_neutron_cleaning_network_uuid: "UUID for cleaning network in neutron"
# ironic_neutron_inspection_network_uuid: "UUID for inspection network in neutron"
# ironic_neutron_provisioning_network_name: "Name of provisioning network in neutron"
# ironic_neutron_cleaning_network_name: "Name of cleaning network in neutron"
# ironic_neutron_inspection_network_name: "Name of inspection network in neutron"
# Integrated Openstack configuration
ironic_enabled_network_interfaces_list: "flat,noop{{ (ironic_neutron_provisioning_network_uuid is defined) | ternary(',neutron','') }}"
@ -293,6 +295,7 @@ ironic_inspector_service_description: "Ironic Baremetal Introspection Service"
ironic_inspector_service_publicuri_proto: "{{ openstack_service_publicuri_proto | default(ironic_service_proto) }}"
ironic_inspector_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(ironic_service_proto) }}"
ironic_inspector_service_internaluri_proto: "{{ openstack_service_internaluri_proto | default(ironic_service_proto) }}"
ironic_inspector_service_address: "{{ openstack_service_bind_address }}"
ironic_inspector_service_port: 5050
ironic_inspector_service_publicuri: "{{ ironic_inspector_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ ironic_inspector_service_port }}"
ironic_inspector_service_publicurl: "{{ ironic_inspector_service_publicuri }}"

View File

@ -1,6 +1,9 @@
# {{ ansible_managed }}
[DEFAULT]
listen_address = {{ ironic_inspector_service_address }}
listen_port = {{ ironic_inspector_service_port }}
rootwrap_config = /etc/ironic-inspector/rootwrap.conf
auth_strategy = keystone
debug = {{ debug }}

View File

@ -171,6 +171,7 @@ insecure = {{ keystone_service_adminuri_insecure | bool }}
{% if ironic_neutron_provisioning_network_name is defined %}
provisioning_network = {{ ironic_neutron_provisioning_network_uuid | default(ironic_neutron_provisioning_network_name) | default('') }}
cleaning_network = {{ ironic_neutron_cleaning_network_uuid | default(ironic_neutron_cleaning_network_name) | default(ironic_neutron_provisioning_network_uuid) | default(ironic_neutron_provisioning_network_name) | default('') }}
inspection_network = {{ ironic_neutron_inspection_network_uuid | default(ironic_neutron_inspection_network_name) | default(ironic_neutron_provisioning_network_uuid) | default(ironic_neutron_provisioning_network_name) | default('') }}
{% endif %}
[oslo_concurrency]