openstack-ansible-os_ironic/defaults/main.yml

---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# Defaults file for openstack-ansible-ironic

# Verbosity Options
debug: False

# Set the host which will execute the shade modules
# for the service setup. The host must already have
# clouds.yaml properly configured.
ironic_service_setup_host: "{{ openstack_service_setup_host | default('localhost') }}"
ironic_service_setup_host_python_interpreter: "{{ openstack_service_setup_host_python_interpreter | default((ironic_service_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_python['executable'])) }}"

# Comma separated list of Glance API servers
ironic_glance_api_servers: "{{ (glance_service_internalurl | default('http://localhost')) | urlsplit('scheme') ~ '://' ~ (glance_service_internalurl | default('http://localhost')) | urlsplit('netloc') }}"

# Set the package install state for distribution and pip packages
# Options are 'present' and 'latest'
ironic_package_state: "latest"
ironic_pip_package_state: "latest"

ironic_git_repo: https://git.openstack.org/openstack/ironic
ironic_git_install_branch: master
ironic_upper_constraints_url: "{{ requirements_git_url | default('https://git.openstack.org/cgit/openstack/requirements/plain/upper-constraints.txt?h=' ~ requirements_git_install_branch | default('master')) }}"
ironic_git_constraints:
  - "git+{{ ironic_git_repo }}@{{ ironic_git_install_branch }}#egg=ironic"
  - "--constraint {{ ironic_upper_constraints_url }}"

ironic_pip_install_args: "{{ pip_install_options | default('') }}"

# Name of the virtual env to deploy into
ironic_venv_tag: "{{ venv_tag | default('untagged') }}"
ironic_bin: "/openstack/venvs/ironic-{{ ironic_venv_tag }}/bin"

# System info
ironic_system_user_name: ironic
ironic_system_group_name: ironic
ironic_system_shell: /bin/bash
ironic_system_comment: ironic system user
ironic_system_home_folder: "/var/lib/{{ ironic_system_user_name }}"
ironic_lock_path: /var/lock/ironic

# Ironic Program and Service names
python_ironic_client_program_name: ironic
ironic_services:
  ironic-api:
    group: ironic_api
    service_name: ironic-api
    init_config_overrides: "{{ ironic_api_init_config_overrides }}"
    wsgi_app: True
    wsgi_name: ironic-api-wsgi
    uwsgi_overrides: "{{ ironic_api_uwsgi_ini_overrides }}"
    uwsgi_port: "{{ ironic_service_port }}"
    uwsgi_bind_address: "{{ ironic_uwsgi_bind_address }}"
  ironic-conductor:
    group: ironic_conductor
    service_name: ironic-conductor
    init_config_overrides: "{{ ironic_conductor_init_config_overrides }}"
    execstarts: "{{ ironic_bin }}/ironic-conductor"


ironic_service_name: ironic
ironic_service_type: baremetal
ironic_service_proto: http
ironic_service_publicuri_proto: "{{ openstack_service_publicuri_proto | default(ironic_service_proto) }}"
ironic_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(ironic_service_proto) }}"
ironic_service_internaluri_proto: "{{ openstack_service_internaluri_proto | default(ironic_service_proto) }}"
ironic_service_port: 6385
ironic_service_description: "Ironic baremetal provisioning service"
ironic_service_publicuri: "{{ ironic_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ ironic_service_port }}"
ironic_service_publicurl: "{{ ironic_service_publicuri }}"
ironic_service_adminuri: "{{ ironic_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ ironic_service_port }}"
ironic_service_adminurl: "{{ ironic_service_adminuri }}"
ironic_service_internaluri: "{{ ironic_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ ironic_service_port }}"
ironic_service_internalurl: "{{ ironic_service_internaluri }}"
ironic_program_name: ironic-api
ironic_service_region: RegionOne
ironic_service_project_name: "service"
ironic_service_project_domain_id: default
ironic_service_user_domain_id: default
ironic_service_role_name: "admin"
ironic_service_in_ldap: False

# Ironic image store information
#
### Hosted Web Server
#
# Set this to True to use http web server to host floppy
# images and generated boot ISO. This requires http_root and
# http_url to be configured in the [deploy] section of the
# config file. If this is set to False, then Ironic will use
# Swift to host the floppy images and generated boot_iso.
ironic_enable_web_server_for_images: False
ironic_http_url: null
ironic_http_root: null
#
### Swift Config
#
ironic_swift_image_container: glance_images
ironic_swift_api_version: v1
ironic_swift_url_endpoint_type: swift
# The ironic swift auth account and swift endpoints will be generated using the
#  known swift data as provided by swift stat. If you wish to set either of these
#  items to something else define these variables.
# ironic_swift_auth_account: AUTH_1234567890
# ironic_swift_endpoint: https://localhost:8080

# Is this Ironic installation working standalone?
# If you're wanting Ironic to work without being integrated to other OpenStack
# services, set this to True, and update the dhcp configuration appropriately
ironic_standalone: False

# Enables or disables automated cleaning. Automated cleaning
# is a configurable set of steps, such as erasing disk drives,
# that are performed on the node to ensure it is in a baseline
# state and ready to be deployed to.
ironic_automated_clean: false
# Set to 0 to disable erase devices on cleaning
ironic_erase_devices_priority: 10

# Database
ironic_db_setup_host: "{{ ('galera_all' in groups) | ternary(groups['galera_all'][0], 'localhost') }}"
ironic_galera_address: "{{ galera_address | default('127.0.0.1') }}"
ironic_galera_user: ironic
ironic_galera_database: ironic
ironic_galera_use_ssl: "{{ galera_use_ssl | default(False) }}"
ironic_galera_ssl_ca_cert: "{{ galera_ssl_ca_cert | default('/etc/ssl/certs/galera-ca.pem') }}"

## Keystone authentication middleware
ironic_keystone_auth_plugin: password

# Neutron network - Set these in a playbook/task - can be set manually.
# Only "name" or "uuid" is needed, uuid will take preference if both are specified.
# The cleaning network is not required to be set - it will default to the same as
# the provisioning network if not specified.
# ironic_neutron_provisioning_network_uuid: "UUID for provisioning network in neutron"
# ironic_neutron_cleaning_network_uuid: "UUID for cleaning network in neutron"
# ironic_neutron_provisioning_network_name: "Name of provisioning network in neutron"
# ironic_neutron_cleaning_network_name: "Name of cleaning network in neutron"

# Integrated Openstack configuration
ironic_enabled_network_interfaces_list: "flat,noop{{ (ironic_neutron_provisioning_network_uuid is defined) | ternary(',neutron','') }}"
ironic_default_network_interface: "{{ (ironic_neutron_provisioning_network_uuid is defined) | ternary('neutron','flat') }}"
ironic_auth_strategy: keystone
ironic_dhcp_provider: "{{ (ironic_standalone | bool) | ternary('none', 'neutron') }}"
ironic_sync_power_state_interval: "{{ (ironic_standalone | bool) | ternary('-1', '60') }}"
ironic_db_connection_string: "mysql+pymysql://{{ ironic_galera_user }}:{{ ironic_container_mysql_password }}@{{ ironic_galera_address }}/ironic{% if ironic_galera_use_ssl | bool %}&ssl_ca={{ ironic_galera_ssl_ca_cert }}{% endif %}"

# Ironic db tuning
ironic_db_max_overflow: 10
ironic_db_max_pool_size: 120
ironic_db_pool_timeout: 30

# Common configuration
ironic_node_name: ironic

# If you want to regenerate the ironic users SSH keys, on each run, set this
# var to True. Otherwise keys will be generated on the first run and not
# regenerated each run.
ironic_recreate_keys: False

ironic_tftp_server_address: "{{ ansible_host }}"

ironic_pip_packages:
  - cryptography
  - ImcSdk
  - ironic
  - osprofiler
  - proliantutils
  - PyMySQL
  - pysnmp
  - python-dracclient
  - python-ilorest-library
  - python-ironicclient
  - python-ironic-inspector-client
  - python-memcached
  - python-scciclient
  - python-swiftclient
  - python-xclarityclient
  - sushy
  - systemd-python
  - UcsSdk

## Oslo Messaging Info
# RPC
ironic_oslomsg_rpc_host_group: "{{ oslomsg_rpc_host_group | default('rabbitmq_all') }}"
ironic_oslomsg_rpc_setup_host: "{{ (ironic_oslomsg_rpc_host_group in groups) | ternary(groups[ironic_oslomsg_rpc_host_group][0], 'localhost') }}"
ironic_oslomsg_rpc_transport: "{{ oslomsg_rpc_transport | default('rabbit') }}"
ironic_oslomsg_rpc_servers: "{{ oslomsg_rpc_servers | default('127.0.0.1') }}"
ironic_oslomsg_rpc_port: "{{ oslomsg_rpc_port | default('5672') }}"
ironic_oslomsg_rpc_use_ssl: "{{ oslomsg_rpc_use_ssl | default(False) }}"
ironic_oslomsg_rpc_userid: ironic
ironic_oslomsg_rpc_vhost: /ironic

# Notify
ironic_oslomsg_notify_host_group: "{{ oslomsg_notify_host_group | default('rabbitmq_all') }}"
ironic_oslomsg_notify_setup_host: "{{ (ironic_oslomsg_notify_host_group in groups) | ternary(groups[ironic_oslomsg_notify_host_group][0], 'localhost') }}"
ironic_oslomsg_notify_transport: "{{ oslomsg_notify_transport | default('rabbit') }}"
ironic_oslomsg_notify_servers: "{{ oslomsg_notify_servers | default('127.0.0.1') }}"
ironic_oslomsg_notify_port: "{{ oslomsg_notify_port | default('5672') }}"
ironic_oslomsg_notify_use_ssl: "{{ oslomsg_notify_use_ssl | default(False) }}"
ironic_oslomsg_notify_userid: "{{ ironic_oslomsg_rpc_userid }}"
ironic_oslomsg_notify_password: "{{ ironic_oslomsg_rpc_password }}"
ironic_oslomsg_notify_vhost: "{{ ironic_oslomsg_rpc_vhost }}"

## (Qdrouterd) integration
# TODO(ansmith): Change structure when more backends will be supported
ironic_oslomsg_amqp1_enabled: "{{ ironic_oslomsg_rpc_transport == 'amqp' }}"

ironic_optional_oslomsg_amqp1_pip_packages:
  - oslo.messaging[amqp1]

# Auth
ironic_service_user_name: "ironic"

# WSGI settings
ironic_wsgi_threads: 1
ironic_wsgi_processes_max: 16
ironic_wsgi_processes: "{{ [[ansible_processor_vcpus|default(4) // 4, 1] | max, ironic_wsgi_processes_max] | min }}"
ironic_uwsgi_bind_address: 0.0.0.0

### OpenStack Services to integrate with

# Glance
ironic_glance_auth_strategy: "{{ ironic_auth_strategy }}"
ironic_glance_service_project_name: "{{ glance_service_project_name | default('service') }}"
ironic_glance_service_project_domain_id: "{{ glance_service_project_domain_id | default('default') }}"
ironic_glance_keystone_auth_plugin: "{{ glance_keystone_auth_plugin | default('password') }}"
ironic_glance_service_user_name: "{{ glance_service_user_name | default('glance') }}"
ironic_glance_service_user_domain_id: "{{ glance_service_user_domain_id | default('default') }}"
ironic_glance_keystone_auth_url: "{{ keystone_service_internalurl | default('http://localhost:5000/v3') }}"

# Neutron
ironic_neutron_auth_strategy: "{{ ironic_auth_strategy }}"

# This variable is used by the repo_build process to determine
# which host group to check for members of before building the
# pip packages required by this role. The value is picked up
# by the py_pkgs lookup.
ironic_role_project_group: ironic_all

### Config Overrides
ironic_ironic_conf_overrides: {}
ironic_rootwrap_conf_overrides: {}
ironic_policy_overrides: {}
ironic_api_uwsgi_ini_overrides: {}

# pxe boot
ironic_pxe_append_params: "ipa-debug=1 systemd.journald.forward_to_console=yes"

ironic_api_init_config_overrides: {}
ironic_conductor_init_config_overrides: {}

# driver definitions
ironic_drivers_enabled:
  - agent_ipmitool
  - pxe_ipmitool