Add possibility to use proper public URLs for endpoints

This fixes Ironic configuration when Keystone is enabled. Without this fix, provisioning of nodes will stop after waiting for further informations as IPA will be using default address (http://127.0.0.1:6585) because proper values are not present in Ironic database. Change-Id: I4c733dba8e65fe624c9de5b9c5722cef2df59109
2018-09-07 18:07:53 +02:00 · 2018-09-07 18:07:53 +02:00 · b1cb14bb4a
parent 4d0c892e10
commit b1cb14bb4a
4 changed files with 31 additions and 3 deletions
--- a/playbooks/roles/bifrost-ironic-install/tasks/keystone_setup.yml
+++ b/playbooks/roles/bifrost-ironic-install/tasks/keystone_setup.yml
@ -170,6 +170,11 @@
  environment: "{{ bifrost_venv_env if enable_venv else {} }}"
  when: test_ironic_admin_endpoint.rc != 0 or test_ironic_admin_endpoint.stdout == '[]'

+- name: "Setting external Ironic public URL"
+  set_fact:
+    ironic_public_url: "{{ ironic.keystone.public_url | default('http://127.0.0.1:6385/') | replace('127.0.0.1', hostvars[inventory_hostname]['ansible_' + ans_network_interface]['ipv4']['address']) }}"
+  when: use_public_urls | default(false) | bool
+
 - name: "Create ironic public endpoint"
  command: |
    openstack
@ -179,7 +184,7 @@
    --os-auth-url "{{ ironic.service_catalog.auth_url | default('http://127.0.0.1:5000/') }}"
    --os-project-name "{{ keystone.bootstrap.project_name | default('admin') }}"
    endpoint create --region "{{ keystone.bootstrap.region_name | default('RegionOne') }}"
-    baremetal public "{{ ironic.keystone.public_url | default('http://127.0.0.1:6385/') }}"
+    baremetal public "{{ ironic_public_url | default(ironic.keystone.public_url) | default('http://127.0.0.1:6385/') }}"
  no_log: true
  environment: "{{ bifrost_venv_env if enable_venv else {} }}"
  when: test_ironic_public_endpoint.rc != 0 or test_ironic_public_endpoint.stdout == '[]'
--- a/playbooks/roles/bifrost-ironic-install/tasks/keystone_setup_inspector.yml
+++ b/playbooks/roles/bifrost-ironic-install/tasks/keystone_setup_inspector.yml
@ -148,6 +148,11 @@
  environment: "{{ bifrost_venv_env if enable_venv else {} }}"
  when: test_ironic_inspector_admin_endpoint.rc != 0 or test_ironic_inspector_admin_endpoint.stdout == '[]'

+- name: "Setting external ironic-inspector public URL"
+  set_fact:
+    ironic_inspector_public_url: "{{ ironic_inspector.keystone.public_url | default('http://127.0.0.1:5050/') | replace('127.0.0.1', hostvars[inventory_hostname]['ansible_' + ans_network_interface]['ipv4']['address']) }}"
+  when: use_public_urls | default(false) | bool
+
 # NOTE(TheJulia): This seems like something that should be
 # to admin or internal interfaces. Perhaps we should attempt
 # remove it after we have a working keystone integrated CI job.
@ -160,7 +165,7 @@
    --os-auth-url "{{ ironic.service_catalog.auth_url | default('http://127.0.0.1:5000/') }}"
    --os-project-name admin
    endpoint create --region "{{ keystone.bootstrap.region_name | default('RegionOne') }}"
-    baremetal-introspection public "{{ ironic_inspector.keystone.public_url | default('http://127.0.0.1:5050/') }}"
+    baremetal-introspection public "{{ ironic_inspector_public_url | default(ironic_inspector.keystone.public_url) | default('http://127.0.0.1:5050/') }}"
  no_log: true
  environment: "{{ bifrost_venv_env if enable_venv else {} }}"
  when: test_ironic_inspector_public_endpoint.rc != 0 or test_ironic_inspector_public_endpoint.stdout == '[]'
--- a/playbooks/roles/bifrost-keystone-install/tasks/bootstrap.yml
+++ b/playbooks/roles/bifrost-keystone-install/tasks/bootstrap.yml
@ -161,6 +161,11 @@
    --keystone-user="{{ nginx_user }}" --keystone-group="{{ nginx_user }}"
  environment: "{{ bifrost_venv_env if enable_venv else {} }}"

+- name: "Setting external Keystone public URL"
+  set_fact:
+    keystone_public_url: "{{ keystone.bootstrap.public_url | replace('127.0.0.1', hostvars[inventory_hostname]['ansible_' + ans_network_interface]['ipv4']['address']) }}"
+  when: use_public_urls | default(false) | bool
+
 - name: "Bootstrap Keystone Database"
  command: >
    keystone-manage bootstrap
@ -169,7 +174,7 @@
    --bootstrap-project-name="{{ keystone.bootstrap.project_name }}"
    --bootstrap-service-name="keystone"
    --bootstrap-admin-url="{{ keystone.bootstrap.admin_url }}"
-    --bootstrap-public-url="{{ keystone.bootstrap.public_url }}"
+    --bootstrap-public-url="{{ keystone_public_url | default(keystone.bootstrap.public_url) }}"
    --bootstrap-internal-url="{{ keystone.bootstrap.internal_url }}"
    --bootstrap-region-id="{{ keystone.bootstrap.region_name }}"
  environment: "{{ bifrost_venv_env if enable_venv else {} }}"
--- a/releasenotes/notes/use_public_urls_endpoints-1220a7f4164696c3.yaml
+++ b/releasenotes/notes/use_public_urls_endpoints-1220a7f4164696c3.yaml
@ -0,0 +1,13 @@
+---
+features:
+  - |
+    By adding extra boolean variable ``-e use_public_urls=true``
+    Bifrost, if used with Keystone enabled, will configure
+    public services endpoints (for Keystone, Ironic and Ironic
+    Inspector) to contain the public IP address of the node
+    where Bifrost is running in replacement of the default
+    values which are set to point to localhost.
+
+    The default behaviour is kept unchanged, which means that
+    services public endpoints will contain references to
+    localhost aka 127.0.0.1.