This patch introduces an optional backend encryption for the Ironic API
service. When used in conjunction with enabling TLS for service API
endpoints, network communcation will be encrypted end to end, from
client through HAProxy to the Ironic service.
Change-Id: I9edf7545c174ca8839ceaef877bb09f49ef2b451
Partially-Implements: blueprint add-ssl-internal-network
Per the recent Kayobe brekage due to TLS support in Ironic [1],
let's test Ironic Inspector API as well.
[1] https://review.opendev.org/750804
Change-Id: I7ccf0c4286f8907bc2fa2eabc41ec2876c9815a9
Pipe hid an issue that Ironic client was not available in CI,
making it look as if fake-hardware driver was not usable.
This commit applies separation of concerns to easily discern
between the two failures and provide better debugging experience.
Change-Id: Iac3d84b7d707b84a8426c8d787b29a368ff7ae85
Related-Bug: #1872481
We install kolla-ansible requirements in Zuul's Ansible playbooks.
This patch cleans up the installation in scripts so that they are
only concerned with auxiliary requirements:
- ansible (since we do not track it in requirements)
- ara (for log summaries)
- openstack clients (for first init and tests after deployment)
Additionally this patch installs openstack clients in a separate
virtualenv.
Note that all kolla-ansible requirements, ansible and ara are still
installed system-wide.
Change-Id: Iac04082ad39a9d823c515ba11c5db9af50ed225f
Signed-off-by: Radosław Piliszek <radoslaw.piliszek@gmail.com>
Adds four new CI jobs for testing centos/ubuntu binary/source deploys
with ironic enabled. These are run only when there are changes to the
ironic role.
Performs some simple testing by creating a node using the fake-hardware
hardware type and creating a server.
Change-Id: Ie669e57ce2af53257b4ca05f45193cb73f48827a
Depends-On: https://review.opendev.org/664011
