openstack/openstack-ansible-os_ironic
Code Issues Proposed changes
openstack-ansible-os_ironic/templates/ironic.conf.j2
James Denton 8f3a9e207c Add iPXE support to Ironic Conductor 
This patchset adds support for iPXE, which can speed up baremetal
provisioning considerably due to the use of HTTP versus TFTP.

Change-Id: I8b49ae37a0380cd7a2191f050a52c85cc373026b
2020-10-22 15:24:19 +00:00

215 lines
7.3 KiB
Django/Jinja
Raw Blame History

# {{ ansible_managed }}
[DEFAULT]
# Disable stderr logging
use_stderr = False
use_journal = True
debug = {{ debug }}
auth_strategy = {{ ironic_auth_strategy }}
host = {{ inventory_hostname }}
memcached_servers = {{ ironic_memcached_servers }}
enabled_network_interfaces = {{ ironic_enabled_network_interfaces_list }}
default_network_interface = {{ ironic_default_network_interface }}
## RPC Backend
transport_url = {{ ironic_oslomsg_rpc_transport }}://{% for host in ironic_oslomsg_rpc_servers.split(',') %}{{ ironic_oslomsg_rpc_userid }}:{{ ironic_oslomsg_rpc_password }}@{{ host }}:{{ ironic_oslomsg_rpc_port }}{% if not loop.last %},{% else %}/{{ ironic_oslomsg_rpc_vhost }}{% if ironic_oslomsg_rpc_use_ssl | bool %}?ssl=1{% else %}?ssl=0{% endif %}{% endif %}{% endfor %}
# drivers
enabled_hardware_types = {{ filtered_ironic_drivers | json_query('[*].hardware_type') | unique | join(',') }}
enabled_boot_interfaces = {{ filtered_ironic_drivers | json_query('[*].boot') | unique | join(',') }}
enabled_deploy_interfaces = {{ filtered_ironic_drivers | json_query('[*].deploy') | unique | join(',') }}
enabled_inspect_interfaces = {{ filtered_ironic_drivers | json_query('[*].inspect') | unique | join(',') }}
enabled_management_interfaces = {{ filtered_ironic_drivers | json_query('[*].management') | unique | join(',') }}
enabled_power_interfaces = {{ filtered_ironic_drivers | json_query('[*].power') | unique | join(',') }}
# Ironic boot interface (defaults to None)
{% if ironic_ipxe_enabled | bool %}
default_boot_interface = ipxe
{% endif %}
[agent]
[amt]
[api]
[cimc]
[cisco_ucs]
[conductor]
{% if ironic_standalone | bool %}
api_url = {{ ironic_service_internaluri }}/
{% endif %}
sync_power_state_interval = {{ ironic_sync_power_state_interval }}
automated_clean = {{ ironic_automated_clean }}
[console]
[cors]
[cors.subdomain]
[database]
connection = {{ ironic_db_connection_string }}
max_overflow = {{ ironic_db_max_overflow }}
max_pool_size = {{ ironic_db_max_pool_size }}
pool_timeout = {{ ironic_db_pool_timeout }}
[deploy]
erase_devices_priority = {{ ironic_erase_devices_priority }}
{% if not ironic_standalone | bool %}
object_store_endpoint_type = {{ ironic_swift_url_endpoint_type }}
{% endif %}
{% if ironic_enable_web_server_for_images | bool %}
http_root ={{ ironic_http_root }}
http_url = {{ ironic_http_url }}
{% endif %}
[dhcp]
dhcp_provider = {{ ironic_dhcp_provider }}
[disk_partitioner]
[disk_utils]
[glance]
# TODO(evrardjp): Remove this in the future to use the service catalog
# and reduce the amount of variables.
auth_url = {{ ironic_glance_keystone_auth_url }}
auth_type = {{ ironic_glance_keystone_auth_plugin }}
project_name = {{ ironic_glance_service_project_name }}
project_domain_id = {{ ironic_glance_service_project_domain_id }}
username = {{ ironic_glance_service_user_name }}
user_domain_id = {{ ironic_glance_service_user_domain_id }}
password = {{ glance_service_password }}
glance_api_servers = {{ ironic_glance_api_servers }}
{% if not ironic_standalone | bool and not ironic_enable_web_server_for_images | bool %}
swift_temp_url_key = {{ ironic_swift_temp_url_secret_key }}
swift_container = {{ ironic_swift_image_container }}
swift_endpoint_url = {{ ironic_swift_endpoint }}
swift_account = {{ ironic_swift_auth_account }}
swift_api_version = {{ ironic_swift_api_version }}
{% endif %}
[iboot]
[ilo]
{% if ironic_enable_web_server_for_images | bool %}
use_web_server_for_images = True
{% endif %}
[inspector]
{% if ironic_services['ironic-inspector']['group'] in group_names %}
auth_type = {{ ironic_keystone_auth_plugin }}
auth_url = {{ keystone_service_adminuri }}
insecure = {{ keystone_service_internaluri_insecure | bool }}
password = {{ ironic_inspector_service_password }}
project_domain_name = {{ ironic_inspector_service_domain_id }}
project_name ={{ ironic_inspector_service_project_name }}
user_domain_name = {{ ironic_inspector_service_domain_id }}
username = {{ ironic_inspector_service_user_name }}
valid_interfaces = {{ ironic_inspector_valid_interfaces }}
{% endif %}
[ipmi]
[irmc]
[ironic_lib]
[keystone]
region_name = {{ ironic_service_region }}
[keystone_authtoken]
insecure = {{ keystone_service_internaluri_insecure | bool }}
auth_type = {{ ironic_keystone_auth_plugin }}
auth_url = {{ keystone_service_adminuri }}
www_authenticate_uri = {{ keystone_service_internaluri }}
project_domain_id = {{ ironic_service_project_domain_id }}
user_domain_id = {{ ironic_service_user_domain_id }}
project_name = {{ ironic_service_project_name }}
username = {{ ironic_service_user_name }}
password = {{ ironic_service_password }}
region_name = {{ keystone_service_region }}
memcached_servers = {{ ironic_memcached_servers }}
token_cache_time = 300
# if your memcached server is shared, use these settings to avoid cache poisoning
memcache_security_strategy = ENCRYPT
memcache_secret_key = {{ memcached_encryption_key }}
[matchmaker_redis]
[service_catalog]
insecure = {{ keystone_service_internaluri_insecure | bool }}
auth_type = {{ ironic_keystone_auth_plugin }}
auth_url = {{ keystone_service_adminuri }}
www_authenticate_uri = {{ keystone_service_internaluri }}
project_domain_id = {{ ironic_service_project_domain_id }}
user_domain_id = {{ ironic_service_user_domain_id }}
project_name = {{ ironic_service_project_name }}
username = {{ ironic_service_user_name }}
password = {{ ironic_service_password }}
region_name = {{ keystone_service_region }}
[neutron]
auth_type = password
# Keystone auth using ironic credentials
username = {{ ironic_service_user_name }}
password = {{ ironic_service_password }}
project_name = {{ ironic_service_project_name }}
user_domain_id = {{ ironic_service_user_domain_id }}
project_domain_id = {{ ironic_service_project_domain_id }}
auth_url = {{ keystone_service_adminurl }}
insecure = {{ keystone_service_adminuri_insecure | bool }}
{% if ironic_neutron_provisioning_network_name is defined %}
provisioning_network = {{ ironic_neutron_provisioning_network_uuid | default(ironic_neutron_provisioning_network_name) | default('') }}
cleaning_network = {{ ironic_neutron_cleaning_network_uuid | default(ironic_neutron_cleaning_network_name) | default(ironic_neutron_provisioning_network_uuid) | default(ironic_neutron_provisioning_network_name) | default('') }}
{% endif %}
[oslo_concurrency]
lock_path = {{ ironic_lock_path }}
[oslo_messaging_amqp]
[oslo_messaging_notifications]
transport_url = {{ ironic_oslomsg_notify_transport }}://{% for host in ironic_oslomsg_notify_servers.split(',') %}{{ ironic_oslomsg_notify_userid }}:{{ ironic_oslomsg_notify_password }}@{{ host }}:{{ ironic_oslomsg_notify_port }}{% if not loop.last %},{% else %}/{{ ironic_oslomsg_notify_vhost }}{% if ironic_oslomsg_notify_use_ssl | bool %}?ssl=1{% else %}?ssl=0{% endif %}{% endif %}{% endfor %}
[oslo_messaging_rabbit]
ssl = {{ ironic_oslomsg_rpc_use_ssl }}
pool_max_size = {{ ironic_wsgi_processes }}
[oslo_policy]
[pxe]
{% if ironic_ipxe_enabled | bool %}
pxe_bootfile_name = undionly.kpxe
uefi_pxe_bootfile_name = ipxe.efi
pxe_config_template = $pybasedir/drivers/modules/ipxe_config.template
uefi_pxe_config_template = $pybasedir/drivers/modules/ipxe_config.template
{% endif %}
tftp_server = {{ ironic_tftp_server_address }}
pxe_append_params = {{ ironic_pxe_append_params }}
tftp_root = {{ ironic_tftpd_root }}
tftp_master_path = {{ ironic_tftpd_root }}/master_images
[seamicro]
[snmp]
[ssh]
[ssl]
[swift]
[virtualbox]
View Git Blame Copy Permalink