Open Stack

On Wed, Oct 19, 2016 at 11:33 AM, Dan Sneddon <dsneddon at redhat.com> wrote:
> I am doing research to support the spec for TripleO deployment on
> routed networks [1]. I would like some input on how to represent
> multiple subnet ranges for the provisioning network in undercloud.conf.
>
> The Ironic Inspector dnsmasq service is currently configured using the
> puppet-ironic module, and the range of IP addresses is taken directly
> from undercloud.conf. For example, here is the .erb which configures
> /etc/ironic-inspector/dnsmasq.conf if using TFTP [2]:
>
> ###### inspector_dnsmasq_tftp.erb ######
> port=0
> interface=<%= @dnsmasq_interface %>
> bind-interfaces
> dhcp-range=<%= @dnsmasq_ip_range %>,29
> dhcp-boot=pxelinux.0,localhost.localdomain,<%= @dnsmasq_local_ip %>
> dhcp-sequential-ip
> ############
>
> Since there is only one dnsmasq_ip_range, only a single subnet is
> served via DHCP. What I would like to do is extend the undercloud.conf
> to support multiple IP ranges, and I'm looking for input on the best
> way to represent the data.
>

So I think this is just an issue with the current implementation.  I
think the awkwardness comes from trying to configure dnsmasq
specifically for the inspector use case and we may have tied them too
closely together in a inflexible fashion.  dnsmasq supports a
configuration folder that we could use instead which would allow us to
create as many of these as we'd like.  For example over in fuel[0],
the fuel master supports something similar and it uses multiple
configuration files to handle the case of additional dhcp ranges.  We
could extend the puppet-ironic to support something similar if we can
configure the underlying dnsmasq to point to a configuration
directory. If we create a ironic::inspector::dhcp_range resource then
the way to configure these extra ranges, then it is just an array of
hashes in hiera and it becomes much easier to manage than the proposed
data representation.  Additionally this would support the current
implementation (no change) and multiple ranges (new resource) with
little effort.

Thanks,
-Alex

[0] https://github.com/openstack/fuel-library/blob/master/deployment/puppet/fuel/manifests/dnsmasq/dhcp_range.pp

> I am not sure if we can be fully backwards-compatible here. My gut
> feeling is no, unless we leave the existing parameters as-is and add
> something like an "additional_inspection_ipranges" parameter. The data
> that will need to be represented for each subnet is:
>
> * Network subnet
> * Start and end of inspection IP range
> * Subnet mask (could be determined by parsing cidr, like 172.20.1.0/24)
> * Gateway router for the subnet
>
> We could potentially represent this data as a JSON, or as a list of
> strings. Here are some potential examples:
>
> JSON:
> additional_inspection_ipranges = [
>   {
>     "subnet": "172.20.1.0/24",
>     "start": "172.20.1.100",
>     "end": "172.20.1.120",
>     "gateway": "172.20.1.254"
>   },
>   {
>     "subnet": "172.20.2.0/24",
>     "start": "172.20.2.100",
>     "end": "172.20.2.120",
>     "gateway": "172.20.2.254"
>   }
> ]
>
> String:
> additional_inspection_ipranges =
> "172.20.1.0,172.20.1.100,172.20.1.120,255.255.255.0,172.20.1.254;172.20.2.0,172.20.2.100,172.20.2.120,255.255.255.0,172.20.2.254"
>
> Either of these might get unwieldy depending on the number of networks.
> Perhaps we could have a repeating parameter? Something like this:
>
> additional_inspection_iprange =
> "172.20.1.0,172.20.1.100,172.20.1.120,255.255.255.0,172.20.1.254"
> additional_inspection_iprange =
> "172.20.2.0,172.20.2.100,172.20.2.120,255.255.255.0,172.20.2.254"
>
> I would like some feedback about how to represent this data in a way
> that it can be easily parsed by Puppet, while remaining readable. Any
> suggestions would be very much appreciated.
>
> [1] - https://review.openstack.org/#/c/377088
> [2] -
> https://github.com/openstack/puppet-ironic/blob/master/templates/inspector_dnsmasq_tftp.erb
> --
> Dan Sneddon         |  Senior Principal OpenStack Engineer
> dsneddon at redhat.com |  redhat.com/openstack
> dsneddon:irc        |  @dxs:twitter
>
> __________________________________________________________________________
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev