- 积分
- 16840
在线时间 小时
最后登录1970-1-1
|
马上注册,结交更多好友,享用更多功能,让你轻松玩转社区。
您需要 登录 才可以下载或查看,没有账号?开始注册
x
Overview
: N. {, \) v& sIronic is the openstack service for handling bare metal, i.e., the physical machines. It can work standalone as well as with other OpenStack services (notably, Neutron and Nova).: x& Y8 l, l& C* s
4 Z7 `, r! ]/ D/ Y, h% ^Pre-deployment Configuration; m2 b! {( y1 O% z( U d
Enable Ironic in /etc/kolla/globals.yml:! J/ T Y8 @6 e% _: w# l
, ~( B5 h8 x* I( x$ X, n' Z
enable_ironic: "yes"
9 D0 A ]" B& i+ yIn the same file, define a network interface as the default NIC for dnsmasq and define a network to be used for the Ironic cleaning network:
" f, T2 O& x& O& k; V* x4 V) u
$ v9 h$ C k; p( g& Y+ }ironic_dnsmasq_interface: "eth1"
% i( V' Z8 z4 \9 }ironic_cleaning_network: "public1") T& p9 l* S( n' I8 Q
Finally, define at least one DHCP range for Ironic inspector:
) X0 i" a7 x2 f! R6 E; v0 Q/ a8 C4 Y, U) w2 \, Y6 Q
ironic_dnsmasq_dhcp_ranges:
! t: R, `9 W, R+ f: L9 ` - range: "192.168.50.100,192.168.50.110"7 A+ G7 c% z$ C% @
Another example of a single range with a router (multiple routers are possible by separating addresses with commas):& ]% V; W( I$ P. Y5 w& w
4 \- R7 w: M2 h/ {1 n+ c& U4 D$ x
ironic_dnsmasq_dhcp_ranges:
$ g, H6 U- h/ ~6 @) f - range: "192.168.50.100,192.168.50.110"
# g" L/ q3 a/ J+ [& a& g: s5 a routers: "192.168.50.1"
6 V1 z% c: M- i/ lTogether with an router there can be provided the NTP (time source) server. For example it can be the same address as default router for the range:
* i. t! P T" ^$ N& D4 D3 p/ w# H4 @2 X0 d- z4 A; J
ironic_dnsmasq_dhcp_ranges:* x5 R) [' V% Z0 M; T- U
- range: "192.168.50.100,192.168.50.110"1 ~7 \& ~: [9 Z* k& P
routers: "192.168.50.1"
4 B" n. X: U+ D! M" I& l) T& H( r ntp_server: "192.168.50.1"/ c! g; {' X' M7 c# v
To support DHCP relay, it is also possible to define a netmask in the range. It is advisable to also provide a router to allow the traffic to reach the Ironic server.% g, g1 b9 J! s
( s4 G1 { K3 t9 F2 H) L `ironic_dnsmasq_dhcp_ranges:
6 `0 v0 d0 V2 F0 w: w X' h0 _0 e - range: "192.168.5.100,192.168.50.110,255.255.255.0"$ `( a9 U7 }! p9 u# H) H
routers: "192.168.50.1"
: @( B, t1 K4 {, }$ s+ f2 wMultiple ranges are possible, they can be either for directly-connected interfaces or relays (if with netmask):
$ G: o+ z% f. j
6 S z! e' p4 d4 Yironic_dnsmasq_dhcp_ranges:; l2 f) k: I5 M+ i
- range: "192.168.50.100,192.168.50.110"' j# w. T- T* A4 }& v: e$ D& c6 e
- range: "192.168.60.100,192.168.60.110,255.255.255.0"* d. B* ~) h( e, s& {& j) T
routers: "192.168.60.1"
. Z# P/ L6 D4 n$ x K* ]2 yThe default lease time for each range can be configured globally via ironic_dnsmasq_dhcp_default_lease_time variable or per range via lease_time parameter.
& G/ Q. ^5 o o% X. W1 i! f+ W' |7 U
In the same file, specify the PXE bootloader file for Ironic Inspector. The file is relative to the /var/lib/ironic/tftpboot directory. The default is pxelinux.0, and should be correct for x86 systems. Other platforms may require a differentvalue, for example aarch64 on Debian requires debian-installer/arm64/bootnetaa64.efi.
: M! w6 g. B8 r/ D
' ^7 o+ i6 h# u' U8 Q# \2 Nironic_dnsmasq_boot_file: pxelinux.0: a% A" t$ `: m/ v' B! L5 G
Ironic inspector also requires a deploy kernel and ramdisk to be placed in /etc/kolla/config/ironic/. The following example uses coreos which is commonly used in Ironic deployments, though any compatible kernel/ramdisk may be used:% [# R& Y) f# k- h4 K2 c
( U7 q/ ] I/ K2 j& V6 j$ ?curl https://tarballs.opendev.org/ope ... table-2023.2.kernel \5 {" V' M8 r9 H* `' h1 V8 a+ L
-o /etc/kolla/config/ironic/ironic-agent.kernel
6 o" ]3 Z- p. F" B5 h+ a: p: g5 h" y( W
curl https://tarballs.opendev.org/ope ... le-2023.2.initramfs \9 g/ K1 g& a" A( h6 S9 `
-o /etc/kolla/config/ironic/ironic-agent.initramfs( }3 D7 a6 `$ Y9 n
You may optionally pass extra kernel parameters to the inspection kernel using:
6 L1 C7 F; S& g# I
# q+ O* Z( S* p* y d4 |ironic_inspector_kernel_cmdline_extras: ['ipa-lldp-timeout=90.0', 'ipa-collect-lldp=1']
& N4 U+ H G: g6 Zin /etc/kolla/globals.yml.
7 H1 b3 X+ E) y8 k' L# l' ?: [
/ o0 i: D' k" P, }; F; z$ UConfigure conductor’s HTTP server port (optional). E& Q% l- L# F; Z! h
The port used for conductor’s HTTP server is controlled via ironic_http_port in /etc/kolla/globals.yml:
: v$ S) X( g& }" w/ K, T4 k+ m0 e5 k2 y& F3 X N
ironic_http_port: "8089"' {# O- Q( W/ R! s |+ p/ Q
Revert to plain PXE (not recommended)
( K' ^$ T; _- u/ i& OStarting with Yoga, Ironic has changed the default PXE from plain PXE to iPXE. Kolla Ansible follows this upstream decision by choosing iPXE as the default for Ironic Inspector but allows users to revert to the previous default of plain PXE by setting the following in /etc/kolla/globals.yml:3 c# U# N" F4 g" r4 J# q8 \
- Y# a' d- L6 N% u- Q U: E
ironic_dnsmasq_serve_ipxe: "no"
6 D+ F3 e# G+ f' H5 u$ TTo revert Ironic to previous default as well, set pxe as default_boot_interface in /etc/kolla/config/ironic.conf:
' [/ }4 X& Q5 U
: x2 E# l2 M4 v5 I: ~[DEFAULT]4 j; C \8 M# L
default_boot_interface = pxe
+ O+ U4 H' _3 EAttach ironic to external keystone (optional)
% D# `% h; n% _0 ?$ MIn multi-regional deployment keystone could be installed in one region (let’s say region 1) and ironic - in another region (let’s say region 2). In this case we don’t install keystone together with ironic in region 2, but have to configure ironic to connect to existing keystone in region 1. To deploy ironic in this way we have to set variable enable_keystone to "no".2 D8 H: E5 k( \; p, I2 ^
2 f- W ^9 y% s: t" @9 G! ~enable_keystone: "no": E' V& ^5 e; ^% G
It will prevent keystone from being installed in region 2.
7 M; B3 S7 [, p+ t* {/ z/ N9 v* f7 r9 M4 `4 y: V
To add keystone-related sections in ironic.conf, it is also needed to set variable ironic_enable_keystone_integration to "yes"5 z) U- D! x% X, b. H& }0 Y7 ]
/ f7 M# Y1 E8 xironic_enable_keystone_integration: "yes"- ~* R6 w5 D, h: \1 w# z
Avoiding problems with high availability1 p$ G. ?6 l& \2 V# U: M! s
Note
* d7 G h0 F1 e! J r2 i4 `5 b' Y; M9 A) w1 D
This section assumes that you have not yet deployed the Nova Compute Ironic service. If you have already deployed multiple instances of the service and have one or more baremetal nodes registered, the following operations are non-trivial. You will likely have to use the nova-manage command (or pre-Caracal edit the DB) to ensure that all Ironic nodes are registered with a single Nova Compute Ironic instance. This is an advanced subject and is not covered here. Stop now if you don’t know what you are doing.' a( @+ I0 T+ _ w
9 S# T9 w. u, f6 X3 b. e1 d
Nova Compute Ironic HA is known to be unstable. Pending a better solution, a workaround is to avoid the feature by running a single Nova Compute Ironic instance. For example:! [/ m" ~7 t) [: |9 J
' N+ A- Q) `5 L6 E% Q: A" n1 u- [nova-compute-ironic:children]
7 e( ~, E' E# W% Y" e2 o4 e4 ?- nova
. |. c& c3 r4 ~4 {% g6 {. {+ [nova-compute-ironic]
& |9 T4 Z8 K- e5 r% T* c# H" n, O+ controller1
/ ?' H$ ?- [/ s4 ]; l# q' pIf you choose to do this, it is helpful to pin the service host name to a ‘synthetic’ constant. This means that if you need to re-deploy the service to another host, the Ironic nodes will automatically use the new service instance. Otherwise you will need to manually move active Ironic nodes to the new service, with either the nova-manage CLI, or pre-Caracal, by editing the Nova database.
. o0 p. y. a- k- d S8 B p# [6 P( b% K
The config option to pin the host name is nova_compute_ironic_custom_host and must be set as a group or host var. Note that, unless you know what you are doing, you must not change or set this option if you have already deployed Ironic nodes.$ D! ?" n' |% i ^- `- }
W1 U* h- O7 Y6 [' a/ kThis config option is also useful for Ironic Shards. Whilst these are not explicitly supported by Kolla Ansible, some further information can be found here.6 {( |. ?3 |5 d& y
. ]) j; n8 U" D! k: _1 u& `6 I& Y
Note that Ironic HA is not affected, and continues to work as normal.
' T' X: y1 n8 G1 T8 c1 p" n4 q3 o; s3 F# R' a
Deployment
* u) A; Y9 Y0 X9 P7 q1 A! s2 vRun the deploy as usual:
. g3 C. m, U/ j* v; B
3 s, @/ F8 \- L p- z! Ikolla-ansible deploy: |* S, ]. Q, g6 Y X" |" G
Post-deployment configuration
6 L# B1 K, F3 g1 g4 ]8 pThe Ironic documentation describes how to create the deploy kernel and ramdisk and register them with Glance. In this example we’re reusing the same images that were fetched for the Inspector:
9 X% d t- K, r$ t/ q! D5 }1 I% ]. i/ _. u9 F% H- B
openstack image create --disk-format aki --container-format aki --public \5 W4 ]/ U' C2 @3 g" s6 L; [2 G* N/ C
--file /etc/kolla/config/ironic/ironic-agent.kernel deploy-vmlinuz
1 ^, }( D1 l, l$ u0 f7 v% M- s8 Q4 d4 T4 f
openstack image create --disk-format ari --container-format ari --public \
/ v j7 ~! m/ g9 L --file /etc/kolla/config/ironic/ironic-agent.initramfs deploy-initrd
! @' `9 U$ @' ]# d5 eThe Ironic documentation describes how to create Nova flavors for bare metal. For example:6 D, W5 H+ p8 b% ~8 l8 Y. V* L
* P9 V$ G1 I( [2 f
openstack flavor create my-baremetal-flavor \9 {7 }6 P2 L! r7 R
--ram 512 --disk 1 --vcpus 1 \
8 o/ h! O! _) \ --property resources:CUSTOM_BAREMETAL_RESOURCE_CLASS=1 \
C5 n% [" s( @8 ?6 H' P, o$ ~( A --property resources:VCPU=0 \7 z; l: D" I+ I4 ~9 r
--property resources:MEMORY_MB=0 \8 e" @ J; r' w- ?" ^
--property resources:DISK_GB=0
+ g0 H- i( y9 x( V* `The Ironic documentation describes how to enroll baremetal nodes and ports. In the following example ensure to substitute correct values for the kernel, ramdisk, and MAC address for your baremetal node.) o3 m* H# f( {, p$ ^' p8 ~
' {" l/ G, g0 s
openstack baremetal node create --driver ipmi --name baremetal-node \
# t3 d7 ~# I! V9 v$ { --driver-info ipmi_port=6230 --driver-info ipmi_username=admin \# g2 c3 `' D/ M; V! ~0 H; g4 O3 G
--driver-info ipmi_password=password \
& z) Q( q3 c3 n: C3 d$ S --driver-info ipmi_address=192.168.5.1 \
7 {, f$ l5 T& ~' l5 b8 I --resource-class baremetal-resource-class --property cpus=1 \
3 o+ }7 k+ y% |7 H3 c9 C --property memory_mb=512 --property local_gb=1 \
! G! w9 `, Y, } --property cpu_arch=x86_64 \! T! d% e5 G1 m; ?; S
--driver-info deploy_kernel=15f3c95f-d778-43ad-8e3e-9357be09ca3d \
$ V) M( `+ v5 W: `" h- X ? --driver-info deploy_ramdisk=9b1e1ced-d84d-440a-b681-39c216f24121, x0 X9 |/ G- m {# b, y3 X3 s
/ f/ g1 {* z1 A- k6 v# Oopenstack baremetal port create 52:54:00:ff:15:55 \3 Z" G* M1 u) Q5 Y
--node 57aa574a-5fea-4468-afcf-e2551d464412 \' J! u7 F+ E1 a! V5 u7 b3 b
--physical-network physnet1! u: c$ v! \+ D0 F1 h9 K1 u
Make the baremetal node available to nova:
2 k M$ j: f; h. ?' {" i
D9 G, q/ N& E# r/ u( w: zopenstack baremetal node manage 57aa574a-5fea-4468-afcf-e2551d464412: X! ~9 b: U h+ q5 K5 \; |
openstack baremetal node provide 57aa574a-5fea-4468-afcf-e2551d4644123 ~1 x: s+ W b' O
It may take some time for the node to become available for scheduling in nova. Use the following commands to wait for the resources to become available:
$ x( M$ _ a, Z' d! I* `% R! p9 q/ N5 Z2 i
openstack hypervisor stats show; S5 t8 s( Y2 j: u: D
openstack hypervisor show 57aa574a-5fea-4468-afcf-e2551d4644127 M! O% I. {5 z, ?+ u( C
Booting the baremetal
/ Q: x7 L$ h8 z% bAssuming you have followed the examples above and created the demo resources as shown in the Quick Start for deployment/evaluation, you can now use the following example command to boot the baremetal instance:8 J! P4 w. o! y- N# E
7 P; b+ n4 p, S7 F- ?openstack server create --image cirros --flavor my-baremetal-flavor \
' @8 U4 h' z- S" D9 r --key-name mykey --network public1 demo11 J3 a o2 T5 e' W
In other cases you will need to adapt the command to match your environment.; |1 O2 Q" _! `4 C0 `
# S9 o4 J" n& U# n. Z2 l
Notes* w/ H: M$ Q* F' C2 D5 L
Debugging DHCP
% b/ G. I5 I: [" C% S1 D5 l3 eThe following tcpdump command can be useful when debugging why dhcp requests may not be hitting various pieces of the process:
# D) ^' {+ s' k3 [7 k3 W4 Z7 \0 h8 B# Z' T1 o
tcpdump -i <interface> port 67 or port 68 or port 69 -e -n
* K6 ~! c6 x- ?5 E- zConfiguring the Web Console7 @0 o9 Z& P9 E) F2 d
Configuration based off upstream Node web console." t& @. @ R; W/ B |5 o
# W6 v1 w2 A! K- |Serial speed must be the same as the serial configuration in the BIOS settings. Default value: 115200bps, 8bit, non-parity.If you have different serial speed." \1 I$ x" T A9 |+ P
* _2 r, ?! [; g# \" l/ G
Set ironic_console_serial_speed in /etc/kolla/globals.yml:
& ]7 f5 y o& L5 {7 F5 d+ C7 ^( c% U' `( f* ^" d$ p7 c
ironic_console_serial_speed: 9600n8" f$ R$ r3 q8 C! i
: o; Q! D Q) Q q$ v2 y2 d |
|
/4 
窥视卡
雷达卡
发表于 2025-2-25 09:00:00
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
照妖镜
