diff --git a/playbooks/roles/bifrost-deploy-nodes-dynamic/defaults/main.yml b/playbooks/roles/bifrost-deploy-nodes-dynamic/defaults/main.yml index 896c4e294..9db613996 100644 --- a/playbooks/roles/bifrost-deploy-nodes-dynamic/defaults/main.yml +++ b/playbooks/roles/bifrost-deploy-nodes-dynamic/defaults/main.yml @@ -4,6 +4,7 @@ ironic_url: "http://localhost:6385/" file_url_port: "8080" network_interface: "virbr0" ans_network_interface: "{{ network_interface | replace('-', '_') }}" +internal_ip: "{{ hostvars[inventory_hostname]['ansible_' + ans_network_interface]['ipv4']['address'] }}" http_boot_folder: "/httpboot" deploy_image_filename: "deployment_image.qcow2" deploy_image: "{{http_boot_folder}}/{{deploy_image_filename}}" diff --git a/playbooks/roles/bifrost-deploy-nodes-dynamic/tasks/main.yml b/playbooks/roles/bifrost-deploy-nodes-dynamic/tasks/main.yml index b9839e2c9..668cdc96d 100644 --- a/playbooks/roles/bifrost-deploy-nodes-dynamic/tasks/main.yml +++ b/playbooks/roles/bifrost-deploy-nodes-dynamic/tasks/main.yml @@ -76,7 +76,7 @@ ironic_url: "{{ ironic_url }}" uuid: "{{ uuid }}" state: present - config_drive: "{{ deploy_url_protocol }}://{{ hostvars[inventory_hostname]['ansible_' + ans_network_interface]['ipv4']['address'] }}:{{ file_url_port }}/configdrive-{{ uuid }}.iso.gz" + config_drive: "{{ deploy_url_protocol }}://{{ internal_ip }}:{{ file_url_port }}/configdrive-{{ uuid }}.iso.gz" instance_info: "{{ instance_info }}" wait: "{{ wait_for_node_deploy }}" timeout: " {{ wait_timeout | default(1800) }}" @@ -103,9 +103,9 @@ ironic_url: "{{ ironic_url | default(omit) }}" uuid: "{{ uuid }}" state: present - config_drive: "{{ deploy_url_protocol }}://{{ hostvars[inventory_hostname]['ansible_' + ans_network_interface]['ipv4']['address'] }}:{{ file_url_port }}/configdrive-{{ uuid }}.iso.gz" + config_drive: "{{ deploy_url_protocol }}://{{ internal_ip }}:{{ file_url_port }}/configdrive-{{ uuid }}.iso.gz" instance_info: - image_source: "{{ deploy_url_protocol }}://{{ hostvars[inventory_hostname]['ansible_' + ans_network_interface]['ipv4']['address'] }}:{{ file_url_port }}/{{deploy_image_filename}}" + image_source: "{{ deploy_url_protocol }}://{{ internal_ip }}:{{ file_url_port }}/{{deploy_image_filename}}" image_checksum: "{{ test_deploy_image.stat.checksum }}" image_disk_format: "qcow2" wait: "{{ wait_for_node_deploy }}" diff --git a/playbooks/roles/bifrost-ironic-install/README.md b/playbooks/roles/bifrost-ironic-install/README.md index 958e0cbb9..6448909e4 100644 --- a/playbooks/roles/bifrost-ironic-install/README.md +++ b/playbooks/roles/bifrost-ironic-install/README.md @@ -52,6 +52,13 @@ network_interface: "virbr0" By default this role installs dnsmasq to act as a DHCP server for provisioning hosts. In the event this is not required, set the following configuration: +internal_ip: "" +internal_interface: {"address": .. "network": .. "netmask": .. "broadcast": ..} + +The IP address and network interface information which will be used by bare +metal machines to connect to the conductor and the internal HTTP server, +and for cross-service interactions. + include_dhcp_server: false If you chose to utilize the dhcp server, You may wish to set default ranges: diff --git a/playbooks/roles/bifrost-ironic-install/defaults/main.yml b/playbooks/roles/bifrost-ironic-install/defaults/main.yml index d14fe176a..a23967a64 100644 --- a/playbooks/roles/bifrost-ironic-install/defaults/main.yml +++ b/playbooks/roles/bifrost-ironic-install/defaults/main.yml @@ -44,6 +44,8 @@ skip_migrations: "{{ skip_bootstrap }}" # This is used in ipa_* so it must be before network_interface: "virbr0" ans_network_interface: "{{ network_interface | replace('-', '_') }}" +internal_interface: "{{ hostvars[inventory_hostname]['ansible_' + ans_network_interface]['ipv4'] }}" +internal_ip: "{{ internal_interface['address'] }}" # Normally this would setting would be http in a bifrost installation # without TLS. This setting allows a user to override the setting in case @@ -60,7 +62,7 @@ ipxe_efi_binary: ipxe.efi ipa_kernel: "{{http_boot_folder}}/ipa.kernel" ipa_ramdisk: "{{http_boot_folder}}/ipa.initramfs" -ipa_kernel_url: "{{ ipa_file_protocol }}://{{ hostvars[inventory_hostname]['ansible_' + ans_network_interface]['ipv4']['address'] }}:{{file_url_port}}/ipa.kernel" +ipa_kernel_url: "{{ ipa_file_protocol }}://{{ internal_ip }}:{{ file_url_port }}/ipa.kernel" ipa_kernel_upstream_url: >- {%- if use_tinyipa | bool -%} https://tarballs.openstack.org/ironic-python-agent/tinyipa/files/tinyipa-{{ ipa_upstream_release }}.vmlinuz @@ -71,7 +73,7 @@ ipa_kernel_upstream_url: >- {%- endif -%} ipa_kernel_upstream_checksum_algo: "sha256" ipa_kernel_upstream_checksum_url: "{{ ipa_kernel_upstream_url }}.{{ ipa_kernel_upstream_checksum_algo }}" -ipa_ramdisk_url: "{{ ipa_file_protocol }}://{{ hostvars[inventory_hostname]['ansible_' + ans_network_interface]['ipv4']['address'] }}:{{file_url_port}}/ipa.initramfs" +ipa_ramdisk_url: "{{ ipa_file_protocol }}://{{ internal_ip }}:{{ file_url_port }}/ipa.initramfs" ipa_ramdisk_upstream_url: >- {%- if use_tinyipa | bool -%} https://tarballs.openstack.org/ironic-python-agent/tinyipa/files/tinyipa-{{ ipa_upstream_release }}.gz diff --git a/playbooks/roles/bifrost-ironic-install/tasks/bootstrap.yml b/playbooks/roles/bifrost-ironic-install/tasks/bootstrap.yml index 920092a3a..07ae353f9 100644 --- a/playbooks/roles/bifrost-ironic-install/tasks/bootstrap.yml +++ b/playbooks/roles/bifrost-ironic-install/tasks/bootstrap.yml @@ -223,7 +223,7 @@ when: inventory_dhcp | bool == true - name: "Retrieve interface IP informations" set_fact: - itf_infos: "{{ hostvars[inventory_hostname]['ansible_' + ans_network_interface]['ipv4'] }}" + itf_infos: "{{ internal_interface }}" dhcp_netaddr: "{{ dhcp_pool_start }}/{{ dhcp_static_mask }}" when: include_dhcp_server | bool == true - name: "Compute interface and DHCP network informations" diff --git a/playbooks/roles/bifrost-ironic-install/tasks/keystone_setup.yml b/playbooks/roles/bifrost-ironic-install/tasks/keystone_setup.yml index 17393d5b1..76ecbd740 100644 --- a/playbooks/roles/bifrost-ironic-install/tasks/keystone_setup.yml +++ b/playbooks/roles/bifrost-ironic-install/tasks/keystone_setup.yml @@ -171,7 +171,7 @@ - name: "Setting external Ironic public URL" set_fact: - ironic_public_url: "{{ ironic.keystone.public_url | default('http://127.0.0.1:6385/') | replace('127.0.0.1', public_ip | default(hostvars[inventory_hostname]['ansible_' + ans_network_interface]['ipv4']['address'])) }}" + ironic_public_url: "{{ ironic.keystone.public_url | default('http://127.0.0.1:6385/') | replace('127.0.0.1', public_ip | default(internal_ip)) }}" when: use_public_urls | default(false) | bool - name: "Create ironic public endpoint" diff --git a/playbooks/roles/bifrost-ironic-install/tasks/keystone_setup_inspector.yml b/playbooks/roles/bifrost-ironic-install/tasks/keystone_setup_inspector.yml index 3b8e6dcce..c0f2c2367 100644 --- a/playbooks/roles/bifrost-ironic-install/tasks/keystone_setup_inspector.yml +++ b/playbooks/roles/bifrost-ironic-install/tasks/keystone_setup_inspector.yml @@ -150,7 +150,7 @@ - name: "Setting external ironic-inspector public URL" set_fact: - ironic_inspector_public_url: "{{ ironic_inspector.keystone.public_url | default('http://127.0.0.1:5050/') | replace('127.0.0.1', public_ip | default(hostvars[inventory_hostname]['ansible_' + ans_network_interface]['ipv4']['address'])) }}" + ironic_inspector_public_url: "{{ ironic_inspector.keystone.public_url | default('http://127.0.0.1:5050/') | replace('127.0.0.1', public_ip | default(internal_ip)) }}" when: use_public_urls | default(false) | bool # NOTE(TheJulia): This seems like something that should be diff --git a/playbooks/roles/bifrost-ironic-install/templates/dnsmasq.conf.j2 b/playbooks/roles/bifrost-ironic-install/templates/dnsmasq.conf.j2 index e6b3d2fd8..9959addcb 100644 --- a/playbooks/roles/bifrost-ironic-install/templates/dnsmasq.conf.j2 +++ b/playbooks/roles/bifrost-ironic-install/templates/dnsmasq.conf.j2 @@ -13,7 +13,7 @@ port=0 port=53 {% endif %} -listen-address={{ hostvars[inventory_hostname]['ansible_' + ans_network_interface]['ipv4']['address'] }} +listen-address={{ internal_ip }} # On systems which support it, dnsmasq binds the wildcard address, # even when it is listening on only some interfaces. It then discards @@ -101,7 +101,7 @@ dhcp-boot=tag:efi,tag:!ipxe,/{{ ipxe_efi_binary }} {% if testing | bool == true %} dhcp-boot=tag:ipxe,http://192.168.122.1:{{ file_url_port }}/boot.ipxe {% else %} -dhcp-boot=tag:ipxe,http://{{ hostvars[inventory_hostname]['ansible_' + ans_network_interface]['ipv4']['address'] }}:{{ file_url_port }}/boot.ipxe +dhcp-boot=tag:ipxe,http://{{ internal_ip }}:{{ file_url_port }}/boot.ipxe {% endif %} # Catch-all boot options used when no other boot options are matched. diff --git a/playbooks/roles/bifrost-ironic-install/templates/inspector-default-boot-ipxe.j2 b/playbooks/roles/bifrost-ironic-install/templates/inspector-default-boot-ipxe.j2 index 5bc3d9077..c7c548332 100644 --- a/playbooks/roles/bifrost-ironic-install/templates/inspector-default-boot-ipxe.j2 +++ b/playbooks/roles/bifrost-ironic-install/templates/inspector-default-boot-ipxe.j2 @@ -5,6 +5,6 @@ dhcp || reboot goto introspect :introspect -kernel {{ ipa_kernel_url }} ipa-inspection-callback-url=http://{{ hostvars[inventory_hostname]['ansible_' + ans_network_interface ]['ipv4']['address'] }}:5050/v1/continue {% if fast_track | bool %}ipa-api-url=http://{{ hostvars[inventory_hostname]['ansible_' + ans_network_interface ]['ipv4']['address'] }}:6385{% endif %} systemd.journald.forward_to_console=yes BOOTIF=${mac} nofb nomodeset vga=normal console=ttyS0 {{ inspector_extra_kernel_options | default('') }} initrd={{ ipa_ramdisk_url | basename }} +kernel {{ ipa_kernel_url }} ipa-inspection-callback-url=http://{{ internal_ip }}:5050/v1/continue {% if fast_track | bool %}ipa-api-url=http://{{ internal_ip }}:6385{% endif %} systemd.journald.forward_to_console=yes BOOTIF=${mac} nofb nomodeset vga=normal console=ttyS0 {{ inspector_extra_kernel_options | default('') }} initrd={{ ipa_ramdisk_url | basename }} initrd {{ ipa_ramdisk_url }} boot diff --git a/playbooks/roles/bifrost-ironic-install/templates/ironic.conf.j2 b/playbooks/roles/bifrost-ironic-install/templates/ironic.conf.j2 index 778d1b773..ed1c5129c 100644 --- a/playbooks/roles/bifrost-ironic-install/templates/ironic.conf.j2 +++ b/playbooks/roles/bifrost-ironic-install/templates/ironic.conf.j2 @@ -47,7 +47,7 @@ pxe_append_params = console=ttyS0 pxe_append_params = systemd.journald.forward_to_console=yes {{ extra_kernel_options | default('') }} {% endif %} pxe_config_template = $pybasedir/drivers/modules/ipxe_config.template -tftp_server = {{ hostvars[inventory_hostname]['ansible_' + ans_network_interface]['ipv4']['address'] }} +tftp_server = {{ internal_ip }} tftp_root = /tftpboot pxe_bootfile_name = undionly.kpxe ipxe_enabled = true @@ -59,7 +59,7 @@ uefi_pxe_config_template = $pybasedir/drivers/modules/ipxe_config.template {% endif %} [deploy] -http_url = http://{{ hostvars[inventory_hostname]['ansible_' + ans_network_interface]['ipv4']['address'] }}:{{ file_url_port }}/ +http_url = http://{{ internal_ip }}:{{ file_url_port }}/ http_root = {{ http_boot_folder }} default_boot_option = local fast_track = {{ fast_track }} @@ -100,10 +100,10 @@ user_domain_id = default project_name = {{ ironic.service_catalog.project_name }} project_domain_id = default region_name = {{ keystone.bootstrap.region_name | default('RegionOne')}} -callback_endpoint_override = http://{{ hostvars[inventory_hostname]['ansible_' + ans_network_interface]['ipv4']['address'] }}:5050 +callback_endpoint_override = http://{{ internal_ip }}:5050 {% else %} auth_type=none -endpoint_override = http://{{ hostvars[inventory_hostname]['ansible_' + ans_network_interface]['ipv4']['address'] }}:5050 +endpoint_override = http://{{ internal_ip }}:5050 {% endif %} {% endif %} @@ -131,7 +131,7 @@ region_name = {{ keystone.bootstrap.region_name | default('RegionOne')}} {% else %} auth_type = none {% endif %} -endpoint_override = http://{{ hostvars[inventory_hostname]['ansible_' + ans_network_interface]['ipv4']['address'] }}:6385 +endpoint_override = http://{{ internal_ip }}:6385 [json_rpc] {% if enable_keystone is defined and enable_keystone | bool == true %} diff --git a/playbooks/roles/bifrost-keystone-install/defaults/main.yml b/playbooks/roles/bifrost-keystone-install/defaults/main.yml index 08a1217aa..997aafb40 100644 --- a/playbooks/roles/bifrost-keystone-install/defaults/main.yml +++ b/playbooks/roles/bifrost-keystone-install/defaults/main.yml @@ -25,6 +25,10 @@ cors_allowed_origin: "http://localhost:8000" # not need to be modified by the user. enable_cors_credential_support: false +network_interface: "virbr0" +ans_network_interface: "{{ network_interface | replace('-', '_') }}" +internal_ip: "{{ hostvars[inventory_hostname]['ansible_' + ans_network_interface]['ipv4']['address'] }}" + # Defaults required by this role that are normally inherited via # other roles. file_url_port: 8080 diff --git a/playbooks/roles/bifrost-keystone-install/tasks/bootstrap.yml b/playbooks/roles/bifrost-keystone-install/tasks/bootstrap.yml index bf2e0964b..7b40ea89b 100644 --- a/playbooks/roles/bifrost-keystone-install/tasks/bootstrap.yml +++ b/playbooks/roles/bifrost-keystone-install/tasks/bootstrap.yml @@ -115,7 +115,7 @@ - name: "Setting external Keystone public URL" set_fact: - keystone_public_url: "{{ keystone.bootstrap.public_url | replace('127.0.0.1', public_ip | default(hostvars[inventory_hostname]['ansible_' + ans_network_interface]['ipv4']['address'])) }}" + keystone_public_url: "{{ keystone.bootstrap.public_url | replace('127.0.0.1', public_ip | default(internal_ip)) }}" when: use_public_urls | default(false) | bool - name: "Setting internal Keystone URL" diff --git a/releasenotes/notes/internal-address-c1f9ffb731373ea3.yaml b/releasenotes/notes/internal-address-c1f9ffb731373ea3.yaml new file mode 100644 index 000000000..ff28ae499 --- /dev/null +++ b/releasenotes/notes/internal-address-c1f9ffb731373ea3.yaml @@ -0,0 +1,7 @@ +--- +features: + - | + Adds a new parameter ``internal_ip`` specifying which IP address + to use for nodes to reach ironic and the HTTP server, and for cross-service + interactions when keystone is disabled. By default the IPv4 address of + the ``network_interface`` is used.