ironic: Add kolla_ironic_inspection_network

In more advanced Ironic network setups - all three Ironic networks
should be isolated - i.e. separate networks for cleaning, inspection
and provisioning.

This patch implements separate inspection network.

Change-Id: I527b3bf50c465604f5d2e71a15c27a65a153bec8
Signed-off-by: Will Szumski <will@stackhpc.com>

ansible/inventory/group_vars/all/ironic

@@ -94,6 +94,9 @@ kolla_ironic_default_vendor_interface:
 # Name of the Neutron network to use for cleaning.
 kolla_ironic_cleaning_network: "{{ kolla_ironic_provisioning_network if cleaning_net_name == provision_wl_net_name else 'cleaning-net' }}"
 
+# Name of the Neutron network to use for inspection.
+kolla_ironic_inspection_network: "{{ kolla_ironic_provisioning_network if inspection_net_name == provision_wl_net_name else 'inspection-net' }}"
+
 # Name of the Neutron network to use for provisioning.
 kolla_ironic_provisioning_network: 'provision-net'
 

ansible/provision-net.yml

@@ -5,17 +5,32 @@
   tags:
     - provision-net
     - cleaning-net
+    - inspection-net
   tasks:
     - name: Create controllers group with ironic enabled
       group_by:
         key: "controllers_for_provision_net_{{ kolla_enable_ironic | bool }}"
       changed_when: false
 
-- name: Ensure provisioning and cleaning networks and subnets are registered in neutron
+- name: Ensure inspection, provisioning and cleaning networks and subnets are registered in neutron
   # Only required to run on a single host.
   hosts: controllers_for_provision_net_True[0]
   vars:
     venv: "{{ virtualenv_path }}/openstacksdk"
+    inspection_net:
+      name: "{{ kolla_ironic_inspection_network }}"
+      mtu: "{{ inspection_net_name | net_mtu | default(omit, True) }}"
+      provider_network_type: "{% if inspection_net_name | net_vlan %}vlan{% else %}flat{% endif %}"
+      provider_physical_network: "{{ inspection_net_name | net_physical_network | default('physnet1', True) }}"
+      provider_segmentation_id: "{{ inspection_net_name | net_vlan }}"
+      # Flat networks need to be shared to allow instances to use them.
+      shared: "{{ (inspection_net_name | net_vlan) is none }}"
+      subnets:
+        - name: "{{ kolla_ironic_inspection_network }}"
+          cidr: "{{ inspection_net_name | net_cidr }}"
+          gateway_ip: "{{ inspection_net_name | net_neutron_gateway or provision_wl_net_name | net_gateway | default(omit, True) }}"
+          allocation_pool_start: "{{ inspection_net_name | net_neutron_allocation_pool_start }}"
+          allocation_pool_end: "{{ inspection_net_name | net_neutron_allocation_pool_end }}"
     provision_net:
       name: "{{ kolla_ironic_provisioning_network }}"
       mtu: "{{ provision_wl_net_name | net_mtu | default(omit, True) }}"
@@ -48,6 +63,7 @@
   tags:
     - provision-net
     - cleaning-net
+    - inspection-net
   tasks:
     - name: Validate OpenStack password authentication parameters
       fail:

ansible/roles/kolla-openstack/defaults/main.yml

@@ -547,6 +547,9 @@ kolla_ironic_default_vendor_interface:
 # Name or UUID of the Neutron network to use for cleaning.
 kolla_ironic_cleaning_network:
 
+# Name or UUID of the Neutron network to use for inspection.
+kolla_ironic_inspection_network:
+
 # Name or UUID of the Neutron network to use for provisioning.
 kolla_ironic_provisioning_network:
 

ansible/roles/kolla-openstack/templates/kolla/config/ironic.conf

@@ -20,6 +20,7 @@ deploy_logs_local_path = /var/log/kolla/ironic/deploy
 
 [neutron]
 cleaning_network = {{ kolla_ironic_cleaning_network }}
+inspection_network = {{ kolla_ironic_inspection_network }}
 provisioning_network = {{ kolla_ironic_provisioning_network }}
 
 [pxe]

etc/kayobe/ironic.yml

@@ -94,6 +94,9 @@
 # Name of the Neutron network to use for cleaning.
 #kolla_ironic_cleaning_network:
 
+# Name of the Neutron network to use for inspection.
+#kolla_ironic_inspection_network:
+
 # Name of the Neutron network to use for provisioning.
 #kolla_ironic_provisioning_network:
 

releasenotes/notes/kolla-ironic-inspection-network-6cd3977447492236.yaml

@@ -0,0 +1,6 @@
+---
+features:
+  - |
+    Adds support for ``kolla_ironic_inspection_network`` which will be created
+    in Neutron for Ironic Inspection purposes (defaults to using provisioning
+    network for backwards compatibility)..