Changes to support standalone ironic

For standalone ironic deployments, such as those deployed using bifrost, there
is typically no keystone or placement service running. Use of the ironic API is
without authentication. We use clouds.yaml in this case.

Change-Id: I61ed791d019e43f6dfc632fa185f079b385c290c
Story: 2004425
Task: 28077

ansible/deploy.yml

@@ -30,6 +30,7 @@
 
 - name: Wait for resources to become available
   import_playbook: resource_wait.yml
+  when: wait_for_placement | bool
   tags: openstack, resource
 
 - name: Clean up Tenks state

ansible/host_vars/localhost

@@ -115,3 +115,8 @@ bmc_emulators:
   pxe_snmp: virtualpdu
   redfish: sushy-tools
   snmp: virtualpdu
+
+# Whether to wait for nodes' resources to be registered in the Placement
+# service. If the Placement service is not in use, for example in standalone
+# ironic installations, this flag should be set to 'false'.
+wait_for_placement: true

ansible/override.yml.example

@@ -57,3 +57,8 @@ deploy_ramdisk: ipa.initramfs
 # files.
 physnet_mappings:
   physnet0: brfoo
+
+# Whether to wait for nodes' resources to be registered in the Placement
+# service. If the Placement service is not in use, for example in standalone
+# ironic installations, this flag should be set to 'false'.
+wait_for_placement: true

ansible/roles/ironic-enrolment/tasks/main.yml

@@ -2,9 +2,12 @@
 - name: Check that OpenStack credentials exist in the environment
   fail:
     msg: >
-      $OS_USERNAME was not found in the environment. Ensure the OpenStack
-      credentials exist in your environment, perhaps by sourcing your RC file.
-  when: not lookup('env', 'OS_USERNAME')
+      OpenStack credentials were not found in the environment.  Ensure the
+      OpenStack credentials exist in your environment, perhaps by sourcing your
+      RC file.
+  when:
+    - not lookup('env', 'OS_USERNAME')
+    - not lookup('env', 'OS_CLOUD')
 
 # This is useful to get a uniquely generated temporary path.
 - name: Create temporary file for pip requirements
@@ -26,6 +29,31 @@
   until: result is success
   retries: 3
 
+# If using clouds.yaml for authentication we need to pass in the ironic_url
+# argument to the os_ironic module, due to a quirk in its implementation.
+# Grab the endpoint from the file.
+- block:
+  - name: Query clouds.yaml
+    os_client_config:
+      clouds: "{{ lookup('env', 'OS_CLOUD') }}"
+    delegate_to: localhost
+    vars:
+      ansible_python_interpreter: >-
+        {{ lookup('env', 'VIRTUAL_ENV') | default('/usr', true) ~ '/bin/python' }}
+
+  - name: Fail if the cloud was not found
+    fail:
+      msg: >
+        Cloud {{ lookup('env', 'OS_CLOUD') }} was not found in clouds.yaml
+    when: >-
+      openstack.clouds | length == 0 or
+      not openstack.clouds[0].get('auth', {}).get('endpoint')
+
+  - name: Set a fact about the ironic API endpoint
+    set_fact:
+      ironic_url: "{{ openstack.clouds[0].auth.endpoint }}"
+  when: lookup('env', 'OS_CLOUD') | length > 0
+
 - name: Detect ironic API version
   command: >-
     {{ ironic_virtualenv_path }}/bin/openstack

ansible/roles/ironic-enrolment/tasks/node.yml

@@ -42,7 +42,9 @@
 
 - name: Configure node in Ironic
   os_ironic:
-    auth_type: password
+    auth_type: "{{ 'password' if lookup('env', 'OS_USERNAME') else omit }}"
+    cloud: "{{ lookup('env', 'OS_CLOUD') | default(omit, true) }}"
+    ironic_url: "{{ ironic_url | default(omit) }}"
     driver: "{{ node.ironic_driver }}"
     driver_info:
       power:

ansible/roles/virtualbmc-daemon/README.md

@@ -15,3 +15,4 @@ Role Variables
   Virtual BMC.
 - `vbmcd_python_upper_constraints_url`: The URL of the upper constraints file
   to pass to pip when installing Python packages.
+- `vbmcd_args`: Arguments to pass to the Virtual BMC daemon.

ansible/roles/virtualbmc-daemon/defaults/main.yml

@@ -4,3 +4,5 @@ vbmcd_virtualenv_path:
 # The URL of the upper constraints file to pass to pip when installing Python
 # packages.
 vbmcd_python_upper_constraints_url:
+# Arguments to pass to Virtual BMC daemon.
+vbmcd_args: --foreground

ansible/roles/virtualbmc-daemon/templates/vbmcd.service.j2

@@ -4,4 +4,4 @@ Description=Virtual BMC daemon
 [Service]
 Type=simple
 Restart=on-failure
-ExecStart="{{ vbmcd_virtualenv_path }}/bin/vbmcd" --foreground
+ExecStart="{{ vbmcd_virtualenv_path }}/bin/vbmcd" {{ vbmcd_args }}

doc/source/configuration.rst

@@ -48,3 +48,24 @@ your overrides file, and this will be used for all hosts. If different mappings
 are required for different hosts, you will need to individually specify them in
 an inventory host_vars file: for a host with hostname *myhost*, set
 ``physnet_mappings`` within the file ``ansible/inventory/host_vars/myhost``.
+
+Standalone Ironic
+-----------------
+
+In standalone ironic environments, the placement service is typically not
+available. To prevent Tenks from attempting to communicate with placement, set
+``wait_for_placement`` to ``false``.
+
+It is likely that a standalone ironic environment will not use authentication
+to access the ironic API. In this case, it is possible to set the ironic API
+URL via ``clouds.yaml``. For example:
+
+.. code-block:: yaml
+
+   ---
+   clouds:
+     standalone:
+       auth_type: "none"
+       endpoint: http://localhost:6385
+
+Then set the ``OS_CLOUD`` environment variable to ``standalone``.

releasenotes/notes/standalone-ironic-33281da1623e912d.yaml

@@ -0,0 +1,5 @@
+---
+features:
+  - |
+    Adds support for standalone Ironic. This includes support for environments
+    without keystone for authentication, and without a placement service.