From 38742f166f6c2c2349da0c4b817566b9589eeadd Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Wed, 18 Dec 2024 16:38:03 +0100 Subject: [PATCH] ironic: Add kolla_ironic_inspection_network In more advanced Ironic network setups - all three Ironic networks should be isolated - i.e. separate networks for cleaning, inspection and provisioning. This patch implements separate inspection network. Change-Id: I527b3bf50c465604f5d2e71a15c27a65a153bec8 Signed-off-by: Will Szumski --- ansible/inventory/group_vars/all/ironic | 3 +++ ansible/provision-net.yml | 18 +++++++++++++++++- .../roles/kolla-openstack/defaults/main.yml | 3 +++ .../templates/kolla/config/ironic.conf | 1 + etc/kayobe/ironic.yml | 3 +++ ...ic-inspection-network-6cd3977447492236.yaml | 6 ++++++ 6 files changed, 33 insertions(+), 1 deletion(-) create mode 100644 releasenotes/notes/kolla-ironic-inspection-network-6cd3977447492236.yaml diff --git a/ansible/inventory/group_vars/all/ironic b/ansible/inventory/group_vars/all/ironic index 72f26e2f7..cf7dc884e 100644 --- a/ansible/inventory/group_vars/all/ironic +++ b/ansible/inventory/group_vars/all/ironic @@ -94,6 +94,9 @@ kolla_ironic_default_vendor_interface: # Name of the Neutron network to use for cleaning. kolla_ironic_cleaning_network: "{{ kolla_ironic_provisioning_network if cleaning_net_name == provision_wl_net_name else 'cleaning-net' }}" +# Name of the Neutron network to use for inspection. +kolla_ironic_inspection_network: "{{ kolla_ironic_provisioning_network if inspection_net_name == provision_wl_net_name else 'inspection-net' }}" + # Name of the Neutron network to use for provisioning. kolla_ironic_provisioning_network: 'provision-net' diff --git a/ansible/provision-net.yml b/ansible/provision-net.yml index 66d28adc7..c64a70867 100644 --- a/ansible/provision-net.yml +++ b/ansible/provision-net.yml @@ -5,17 +5,32 @@ tags: - provision-net - cleaning-net + - inspection-net tasks: - name: Create controllers group with ironic enabled group_by: key: "controllers_for_provision_net_{{ kolla_enable_ironic | bool }}" changed_when: false -- name: Ensure provisioning and cleaning networks and subnets are registered in neutron +- name: Ensure inspection, provisioning and cleaning networks and subnets are registered in neutron # Only required to run on a single host. hosts: controllers_for_provision_net_True[0] vars: venv: "{{ virtualenv_path }}/openstacksdk" + inspection_net: + name: "{{ kolla_ironic_inspection_network }}" + mtu: "{{ inspection_net_name | net_mtu | default(omit, True) }}" + provider_network_type: "{% if inspection_net_name | net_vlan %}vlan{% else %}flat{% endif %}" + provider_physical_network: "{{ inspection_net_name | net_physical_network | default('physnet1', True) }}" + provider_segmentation_id: "{{ inspection_net_name | net_vlan }}" + # Flat networks need to be shared to allow instances to use them. + shared: "{{ (inspection_net_name | net_vlan) is none }}" + subnets: + - name: "{{ kolla_ironic_inspection_network }}" + cidr: "{{ inspection_net_name | net_cidr }}" + gateway_ip: "{{ inspection_net_name | net_neutron_gateway or provision_wl_net_name | net_gateway | default(omit, True) }}" + allocation_pool_start: "{{ inspection_net_name | net_neutron_allocation_pool_start }}" + allocation_pool_end: "{{ inspection_net_name | net_neutron_allocation_pool_end }}" provision_net: name: "{{ kolla_ironic_provisioning_network }}" mtu: "{{ provision_wl_net_name | net_mtu | default(omit, True) }}" @@ -48,6 +63,7 @@ tags: - provision-net - cleaning-net + - inspection-net tasks: - name: Validate OpenStack password authentication parameters fail: diff --git a/ansible/roles/kolla-openstack/defaults/main.yml b/ansible/roles/kolla-openstack/defaults/main.yml index 0d9f2b697..2a20e3ac7 100644 --- a/ansible/roles/kolla-openstack/defaults/main.yml +++ b/ansible/roles/kolla-openstack/defaults/main.yml @@ -547,6 +547,9 @@ kolla_ironic_default_vendor_interface: # Name or UUID of the Neutron network to use for cleaning. kolla_ironic_cleaning_network: +# Name or UUID of the Neutron network to use for inspection. +kolla_ironic_inspection_network: + # Name or UUID of the Neutron network to use for provisioning. kolla_ironic_provisioning_network: diff --git a/ansible/roles/kolla-openstack/templates/kolla/config/ironic.conf b/ansible/roles/kolla-openstack/templates/kolla/config/ironic.conf index f91aad0db..79adce40c 100644 --- a/ansible/roles/kolla-openstack/templates/kolla/config/ironic.conf +++ b/ansible/roles/kolla-openstack/templates/kolla/config/ironic.conf @@ -20,6 +20,7 @@ deploy_logs_local_path = /var/log/kolla/ironic/deploy [neutron] cleaning_network = {{ kolla_ironic_cleaning_network }} +inspection_network = {{ kolla_ironic_inspection_network }} provisioning_network = {{ kolla_ironic_provisioning_network }} [pxe] diff --git a/etc/kayobe/ironic.yml b/etc/kayobe/ironic.yml index 1298fcb67..311a75695 100644 --- a/etc/kayobe/ironic.yml +++ b/etc/kayobe/ironic.yml @@ -94,6 +94,9 @@ # Name of the Neutron network to use for cleaning. #kolla_ironic_cleaning_network: +# Name of the Neutron network to use for inspection. +#kolla_ironic_inspection_network: + # Name of the Neutron network to use for provisioning. #kolla_ironic_provisioning_network: diff --git a/releasenotes/notes/kolla-ironic-inspection-network-6cd3977447492236.yaml b/releasenotes/notes/kolla-ironic-inspection-network-6cd3977447492236.yaml new file mode 100644 index 000000000..04187c12f --- /dev/null +++ b/releasenotes/notes/kolla-ironic-inspection-network-6cd3977447492236.yaml @@ -0,0 +1,6 @@ +--- +features: + - | + Adds support for ``kolla_ironic_inspection_network`` which will be created + in Neutron for Ironic Inspection purposes (defaults to using provisioning + network for backwards compatibility)..