openstack/openstack-ansible-os_ironic
Code Issues Proposed changes
1c4955e4b2
openstack-ansible-os_ironic/templates/inspector.conf.j2
Cam Loader 7da7127071 Adds configuration for the Ironic Inspector 
This commit enables and configures the Ironic Inspector. This feature
allows for baremetal nodes to be introspected. This provides useful
information about an Ironic host. Such information includes harware
and mac addresses.

Depends-On: https://review.opendev.org/680553
Change-Id: I2ee09d9cc20f9b8e4430c55129cd8bac9435299d
2019-12-06 06:21:05 +00:00

102 lines
3.1 KiB
Django/Jinja
Raw Blame History

# {{ ansible_managed }}
[DEFAULT]
rootwrap_config = /etc/ironic-inspector/rootwrap.conf
auth_strategy = keystone
debug = {{ debug }}
# RPC Backend
transport_url = {{ ironic_inspector_oslomsg_rpc_transport }}://{% for host in ironic_inspector_oslomsg_rpc_servers.split(',') %}{{ ironic_inspector_oslomsg_rpc_userid }}:{{ ironic_oslomsg_rpc_password }}@{{ host }}:{{ ironic_inspector_oslomsg_rpc_port }}{% if not loop.last %},{% else %}/{{ ironic_inspector_oslomsg_rpc_vhost }}{% if ironic_inspector_oslomsg_rpc_use_ssl | bool %}?ssl=1{% else %}?ssl=0{% endif %}{% endif %}{% endfor %}
[capabilities]
[cors]
[database]
connection = {{ ironic_inspector_openstack_db_connection_string }}
max_overflow = {{ ironic_inspector_db_max_overflow }}
max_pool_size = {{ ironic_inspector_db_max_pool_size }}
pool_timeout = {{ ironic_inspector_db_pool_timeout }}
[discovery]
enroll_node_driver = ipmi
[dnsmasq_pxe_filter]
{% if ironic_inspector_pxe_filter == "dnsmasq" %}
dhcp_hostsdir = /etc/dnsmasq.d/dhcp-hostsdir
dnsmasq_start_command = systemctl start dnsmasq
dnsmasq_stop_command = systemctl stop dnsmasq
{% endif %}
[iptables]
{% if ironic_inspector_pxe_filter == "iptables" %}
manage_firewall = True
{% endif %}
dnsmasq_interface = br-ironic
[ironic]
username = ironic
password = {{ ironic_service_password }}
project_name = service
user_domain_name = {{ ironic_service_user_domain_id }}
project_domain_name = {{ ironic_service_project_domain_id }}
auth_url = {{ keystone_service_adminurl }}
insecure = {{ keystone_service_adminuri_insecure | bool }}
auth_type = password
valid_interfaces = internal,public
insecure = {{ keystone_service_internaluri_insecure | bool }}
[keystone_authtoken]
insecure = {{ keystone_service_internaluri_insecure | bool }}
auth_type = password
auth_url = {{ keystone_service_adminuri }}
auth_uri = {{ keystone_service_internaluri }}
project_domain_id = default
user_domain_id = default
project_name = "service"
username = ironic_inspector
password = {{ ironic_inspector_service_password }}
region_name = {{ keystone_service_region }}
memcached_servers = {{ memcached_servers }}
# if your memcached server is shared, use these settings to avoid cache poisoning
memcache_security_strategy = ENCRYPT
memcache_secret_key = {{ memcached_encryption_key }}
[oslo_policy]
[pci_devices]
[processing]
add_ports = pxe
keep_ports = present
store_data = database
store_data_location = report_path
ramdisk_logs_dir = /ironic/log
always_store_ramdisk_logs = true
{% if ironic_inspector_processing_hooks is defined %}
processing_hooks = {{ ironic_inspector_processing_hooks }}
{% endif %}
{% if ironic_inspector_enable_discovery == true %}
node_not_found_hook = enroll
{% endif %}
[pxe_filter]
{% if ironic_inspector_dhcp_type == "isc_dhcp" %}
driver = iptables
{% else %}
driver = dnsmasq
{% endif %}
[swift]
username = swift-inspector
password = {{ ironic_inspector_swift_password }}
project_name = ironic-inspector
user_domain_name = default
project_domain_name = default
auth_url = {{ keystone_service_adminurl }}
insecure = {{ keystone_service_adminuri_insecure | bool }}
auth_type = password
valid_interfaces = internal,public
container = ironic-inspector
View Git Blame Copy Permalink