openstack/openstack-ansible-os_ironic
Code Issues Proposed changes
openstack-ansible-os_ironic/templates/ironic.conf.j2
James Denton 2a24dd59ba Add Support for Deploying UEFI Baremetal Nodes 
This patchset adds support for deploying instances using UEFI baremetal
nodes. UEFI may replace Legacy BIOS mode in future Ironic releases. Tested
with Ubuntu Focal 20.04 LTS.

Change-Id: I0fa6234ec7321e1d69901175baeab4ddb08afc50
2021-12-12 14:24:30 +00:00

228 lines
8.2 KiB
Django/Jinja
Raw Blame History

# {{ ansible_managed }}
[DEFAULT]
# Disable stderr logging
use_stderr = False
use_journal = True
debug = {{ debug }}
auth_strategy = {{ ironic_auth_strategy }}
host = {{ inventory_hostname }}
memcached_servers = {{ ironic_memcached_servers }}
enabled_network_interfaces = {{ ironic_enabled_network_interfaces_list }}
default_network_interface = {{ ironic_default_network_interface }}
## RPC Backend
transport_url = {{ ironic_oslomsg_rpc_transport }}://{% for host in ironic_oslomsg_rpc_servers.split(',') %}{{ ironic_oslomsg_rpc_userid }}:{{ ironic_oslomsg_rpc_password }}@{{ host }}:{{ ironic_oslomsg_rpc_port }}{% if not loop.last %},{% else %}/{{ ironic_oslomsg_rpc_vhost }}{% if ironic_oslomsg_rpc_use_ssl | bool %}?ssl=1&ssl_version={{ ironic_oslomsg_rpc_ssl_version }}&ssl_ca_file={{ ironic_oslomsg_rpc_ssl_ca_file }}{% else %}?ssl=0{% endif %}{% endif %}{% endfor %}
# drivers
enabled_hardware_types = {{ filtered_ironic_drivers | json_query('[*].hardware_type') | unique | join(',') }}
enabled_boot_interfaces = {{ filtered_ironic_drivers | json_query('[*].boot') | unique | join(',') }}
enabled_deploy_interfaces = {{ filtered_ironic_drivers | json_query('[*].deploy') | unique | join(',') }}
enabled_inspect_interfaces = {{ filtered_ironic_drivers | json_query('[*].inspect') | unique | join(',') }}
enabled_management_interfaces = {{ filtered_ironic_drivers | json_query('[*].management') | unique | join(',') }}
enabled_power_interfaces = {{ filtered_ironic_drivers | json_query('[*].power') | unique | join(',') }}
# Ironic boot interface (defaults to None)
{% if ironic_ipxe_enabled | bool %}
default_boot_interface = ipxe
{% endif %}
[agent]
[amt]
[api]
[cimc]
[cisco_ucs]
[conductor]
{% if ironic_standalone | bool %}
api_url = {{ ironic_service_internaluri }}/
{% endif %}
sync_power_state_interval = {{ ironic_sync_power_state_interval }}
automated_clean = {{ ironic_automated_clean }}
[console]
[cors]
[cors.subdomain]
[database]
connection = {{ ironic_db_connection_string }}
max_overflow = {{ ironic_db_max_overflow }}
max_pool_size = {{ ironic_db_max_pool_size }}
pool_timeout = {{ ironic_db_pool_timeout }}
connection_recycle_time = {{ ironic_db_connection_recycle_time }}
[deploy]
erase_devices_priority = {{ ironic_erase_devices_priority }}
{% if not ironic_standalone | bool %}
object_store_endpoint_type = {{ ironic_swift_url_endpoint_type }}
{% endif %}
{% if ironic_enable_web_server_for_images | bool %}
http_root ={{ ironic_http_root }}
http_url = {{ ironic_http_url }}
{% endif %}
[dhcp]
dhcp_provider = {{ ironic_dhcp_provider }}
[disk_partitioner]
[disk_utils]
[glance]
# TODO(evrardjp): Remove this in the future to use the service catalog
# and reduce the amount of variables.
auth_url = {{ ironic_glance_keystone_auth_url }}
auth_type = {{ ironic_glance_keystone_auth_plugin }}
project_name = {{ ironic_glance_service_project_name }}
project_domain_id = {{ ironic_glance_service_project_domain_id }}
username = {{ ironic_glance_service_user_name }}
user_domain_id = {{ ironic_glance_service_user_domain_id }}
password = {{ glance_service_password }}
glance_api_servers = {{ ironic_glance_api_servers }}
{% if not ironic_standalone | bool and not ironic_enable_web_server_for_images | bool %}
swift_temp_url_key = {{ ironic_swift_temp_url_secret_key }}
swift_container = {{ ironic_swift_image_container }}
swift_endpoint_url = {{ ironic_swift_endpoint }}
swift_account = {{ ironic_swift_auth_account }}
swift_api_version = {{ ironic_swift_api_version }}
{% endif %}
[iboot]
[ilo]
{% if ironic_enable_web_server_for_images | bool %}
use_web_server_for_images = True
{% endif %}
[inspector]
{% if ironic_services['ironic-inspector']['group'] in group_names %}
auth_type = {{ ironic_keystone_auth_plugin }}
auth_url = {{ keystone_service_adminuri }}
insecure = {{ keystone_service_internaluri_insecure | bool }}
password = {{ ironic_inspector_service_password }}
project_domain_name = {{ ironic_inspector_service_domain_id }}
project_name ={{ ironic_inspector_service_project_name }}
user_domain_name = {{ ironic_inspector_service_domain_id }}
username = {{ ironic_inspector_service_user_name }}
valid_interfaces = {{ ironic_inspector_valid_interfaces }}
{% endif %}
[ipmi]
[irmc]
[ironic_lib]
[keystone]
region_name = {{ ironic_service_region }}
[keystone_authtoken]
insecure = {{ keystone_service_internaluri_insecure | bool }}
auth_type = {{ ironic_keystone_auth_plugin }}
auth_url = {{ keystone_service_adminuri }}
www_authenticate_uri = {{ keystone_service_internaluri }}
project_domain_id = {{ ironic_service_project_domain_id }}
user_domain_id = {{ ironic_service_user_domain_id }}
project_name = {{ ironic_service_project_name }}
username = {{ ironic_service_user_name }}
password = {{ ironic_service_password }}
region_name = {{ keystone_service_region }}
memcached_servers = {{ ironic_memcached_servers }}
token_cache_time = 300
# if your memcached server is shared, use these settings to avoid cache poisoning
memcache_security_strategy = ENCRYPT
memcache_secret_key = {{ memcached_encryption_key }}
[matchmaker_redis]
[service_catalog]
insecure = {{ keystone_service_internaluri_insecure | bool }}
auth_type = {{ ironic_keystone_auth_plugin }}
auth_url = {{ keystone_service_adminuri }}
www_authenticate_uri = {{ keystone_service_internaluri }}
project_domain_id = {{ ironic_service_project_domain_id }}
user_domain_id = {{ ironic_service_user_domain_id }}
project_name = {{ ironic_service_project_name }}
username = {{ ironic_service_user_name }}
password = {{ ironic_service_password }}
region_name = {{ keystone_service_region }}
[neutron]
auth_type = password
# Keystone auth using ironic credentials
username = {{ ironic_service_user_name }}
password = {{ ironic_service_password }}
project_name = {{ ironic_service_project_name }}
user_domain_id = {{ ironic_service_user_domain_id }}
project_domain_id = {{ ironic_service_project_domain_id }}
auth_url = {{ keystone_service_adminurl }}
insecure = {{ keystone_service_adminuri_insecure | bool }}
{% if ironic_neutron_provisioning_network_name is defined %}
provisioning_network = {{ ironic_neutron_provisioning_network_uuid | default(ironic_neutron_provisioning_network_name) | default('') }}
cleaning_network = {{ ironic_neutron_cleaning_network_uuid | default(ironic_neutron_cleaning_network_name) | default(ironic_neutron_provisioning_network_uuid) | default(ironic_neutron_provisioning_network_name) | default('') }}
inspection_network = {{ ironic_neutron_inspection_network_uuid | default(ironic_neutron_inspection_network_name) | default(ironic_neutron_provisioning_network_uuid) | default(ironic_neutron_provisioning_network_name) | default('') }}
{% endif %}
[nova]
auth_url = {{ keystone_service_adminurl }}
auth_type = password
# Keystone auth using ironic credentials
username = {{ ironic_service_user_name }}
password = {{ ironic_service_password }}
project_name = {{ ironic_service_project_name }}
user_domain_id = {{ ironic_service_user_domain_id }}
project_domain_id = {{ ironic_service_project_domain_id }}
insecure = {{ keystone_service_adminuri_insecure | bool }}
[oslo_concurrency]
lock_path = {{ ironic_lock_dir }}/{{ ironic_system_slice_name }}
[oslo_messaging_amqp]
[oslo_messaging_notifications]
transport_url = {{ ironic_oslomsg_notify_transport }}://{% for host in ironic_oslomsg_notify_servers.split(',') %}{{ ironic_oslomsg_notify_userid }}:{{ ironic_oslomsg_notify_password }}@{{ host }}:{{ ironic_oslomsg_notify_port }}{% if not loop.last %},{% else %}/{{ ironic_oslomsg_notify_vhost }}{% if ironic_oslomsg_notify_use_ssl | bool %}?ssl=1&ssl_version={{ ironic_oslomsg_notify_ssl_version }}&ssl_ca_file={{ ironic_oslomsg_notify_ssl_ca_file }}{% else %}?ssl=0{% endif %}{% endif %}{% endfor %}
[oslo_messaging_rabbit]
ssl = {{ ironic_oslomsg_rpc_use_ssl }}
pool_max_size = {{ ironic_wsgi_processes }}
[oslo_policy]
[pxe]
{% if ironic_ipxe_enabled | bool %}
pxe_bootfile_name = undionly.kpxe
uefi_ipxe_bootfile_name = ipxe.efi
pxe_config_template = $pybasedir/drivers/modules/ipxe_config.template
uefi_pxe_config_template = $pybasedir/drivers/modules/ipxe_config.template
{% endif %}
tftp_server = {{ ironic_tftp_server_address }}
pxe_append_params = {{ ironic_pxe_append_params }}
tftp_root = {{ ironic_tftpd_root }}
tftp_master_path = {{ ironic_tftpd_root }}/master_images
[seamicro]
[snmp]
[ssh]
[ssl]
[swift]
[virtualbox]
View Git Blame Copy Permalink