Allow customization of internal endpoints IP address

This will replace the default 127.0.0.1 by say a potential
Ironic internal network IP address.

Change-Id: I4ea97c574fa27b6a3639cbda5d129c9cd0ceb16a
This commit is contained in:
Olivier Bourdon 2018-10-02 15:11:37 +02:00
parent 1e19c45199
commit a13a599feb
4 changed files with 30 additions and 3 deletions

View File

@ -187,6 +187,11 @@
environment: "{{ bifrost_venv_env if enable_venv else {} }}"
when: test_ironic_public_endpoint.rc != 0 or test_ironic_public_endpoint.stdout == '[]'
- name: "Setting internal Ironic URL"
set_fact:
ironic_private_url: "{{ ironic.keystone.internal_url | default('http://127.0.0.1:6385/') | replace('127.0.0.1', private_ip) }}"
when: private_ip is defined and private_ip | length > 0
- name: "Create ironic internal endpoint"
command: |
openstack
@ -196,7 +201,7 @@
--os-auth-url "{{ ironic.service_catalog.auth_url | default('http://127.0.0.1:5000/') }}"
--os-project-name "{{ keystone.bootstrap.project_name | default('admin') }}"
endpoint create --region "{{ keystone.bootstrap.region_name | default('RegionOne') }}"
baremetal internal "{{ ironic.keystone.internal_url | default('http://127.0.0.1:6385/') }}"
baremetal internal "{{ ironic_private_url | default(ironic.keystone.internal_url) | default('http://127.0.0.1:6385/') }}"
no_log: true
environment: "{{ bifrost_venv_env if enable_venv else {} }}"
when: test_ironic_internal_endpoint.rc != 0 or test_ironic_internal_endpoint.stdout == '[]'

View File

@ -169,6 +169,11 @@
environment: "{{ bifrost_venv_env if enable_venv else {} }}"
when: test_ironic_inspector_public_endpoint.rc != 0 or test_ironic_inspector_public_endpoint.stdout == '[]'
- name: "Setting internal ironic-inspector URL"
set_fact:
ironic_inspector_private_url: "{{ ironic_inspector.keystone.internal_url | default('http://127.0.0.1:5050/') | replace('127.0.0.1', private_ip) }}"
when: private_ip is defined and private_ip | length > 0
- name: "Create ironic-inspector internal endpoint"
command: |
openstack
@ -178,7 +183,7 @@
--os-auth-url "{{ ironic.service_catalog.auth_url | default('http://127.0.0.1:5000/') }}"
--os-project-name admin
endpoint create --region "{{ keystone.bootstrap.region_name | default('RegionOne') }}"
baremetal-introspection internal "{{ ironic_inspector.keystone.internal_url | default('http://127.0.0.1:5050/') }}"
baremetal-introspection internal "{{ ironic_inspector_private_url | default(ironic_inspector.keystone.internal_url) | default('http://127.0.0.1:5050/') }}"
no_log: true
environment: "{{ bifrost_venv_env if enable_venv else {} }}"
when: test_ironic_inspector_internal_endpoint.rc != 0 or test_ironic_inspector_internal_endpoint.stdout == '[]'

View File

@ -166,6 +166,11 @@
keystone_public_url: "{{ keystone.bootstrap.public_url | replace('127.0.0.1', hostvars[inventory_hostname]['ansible_' + ans_network_interface]['ipv4']['address']) }}"
when: use_public_urls | default(false) | bool
- name: "Setting internal Keystone URL"
set_fact:
keystone_private_url: "{{ keystone.bootstrap.internal_url | replace('127.0.0.1', private_ip) }}"
when: private_ip is defined and private_ip | length > 0
- name: "Bootstrap Keystone Database"
command: >
keystone-manage bootstrap
@ -175,7 +180,7 @@
--bootstrap-service-name="keystone"
--bootstrap-admin-url="{{ keystone.bootstrap.admin_url }}"
--bootstrap-public-url="{{ keystone_public_url | default(keystone.bootstrap.public_url) }}"
--bootstrap-internal-url="{{ keystone.bootstrap.internal_url }}"
--bootstrap-internal-url="{{ keystone_private_url | default(keystone.bootstrap.internal_url) }}"
--bootstrap-region-id="{{ keystone.bootstrap.region_name }}"
environment: "{{ bifrost_venv_env if enable_venv else {} }}"
when: >

View File

@ -0,0 +1,12 @@
---
features:
- |
By adding extra string variable ``-e private_ip=8.8.8.8``
Bifrost, if used with Keystone enabled, will configure
private/internal services endpoints (for Keystone, Ironic and Ironic
Inspector) to contain this private IP address in replacement
of the default values which are set to point to localhost.
The default behaviour is kept unchanged, which means that
services private endpoints will contain references to
localhost aka 127.0.0.1.