From b5ca8d02c5665c4fc155ab7a769a88aab1013839 Mon Sep 17 00:00:00 2001 From: Stefan Majer Date: Wed, 21 Jan 2026 13:45:42 +0100 Subject: [PATCH] Deploy metal-bmc --- deploy_partition.yaml | 2 ++ files/certs/nsq/client.json | 1 + inventories/group_vars/partition/metal-bmc.yaml | 14 ++++++++++++++ 3 files changed, 17 insertions(+) create mode 100644 inventories/group_vars/partition/metal-bmc.yaml diff --git a/deploy_partition.yaml b/deploy_partition.yaml index 58bcefca..562f2de7 100644 --- a/deploy_partition.yaml +++ b/deploy_partition.yaml @@ -86,6 +86,8 @@ tags: always - name: metal-roles/partition/roles/pixiecore tags: pixiecore + - name: metal-roles/partition/roles/metal-bmc + tags: metal-bmc - name: Deploy metal-core hosts: leaves diff --git a/files/certs/nsq/client.json b/files/certs/nsq/client.json index bf8ce2b9..a30408b1 100644 --- a/files/certs/nsq/client.json +++ b/files/certs/nsq/client.json @@ -2,6 +2,7 @@ "CN": "nsqd", "hosts": [ "metal-control-plane-nsqd", + "172.17.0.1.nip.io", "nsqd", "" ], diff --git a/inventories/group_vars/partition/metal-bmc.yaml b/inventories/group_vars/partition/metal-bmc.yaml new file mode 100644 index 00000000..36b993fd --- /dev/null +++ b/inventories/group_vars/partition/metal-bmc.yaml @@ -0,0 +1,14 @@ +--- +# taken from images/machine/openipmi/lan.conf +metal_bmc_bmc_superuser: ADMIN +metal_bmc_bmc_superuser_pwd: ADMIN + +metal_bmc_nsqd_addr: "{{ metal_control_plane_ingress_dns }}:4150" +metal_bmc_nsqd_ca_cert: "{{ lookup('file', 'certs/ca.pem') }}" +metal_bmc_nsqd_client_cert: "{{ lookup('file', 'certs/nsq/client.crt') }}" +metal_bmc_nsqd_client_cert_key: "{{ lookup('file', 'certs/nsq/client-key.pem') }}" + +# TODO console can not be disabled in metal-bmc, use the nsq certs to be able to start +metal_bmc_console_ca_cert: "{{ lookup('file', 'certs/ca.pem') }}" +metal_bmc_console_cert: "{{ lookup('file', 'certs/nsq/client.crt') }}" +metal_bmc_console_key: "{{ lookup('file', 'certs/nsq/client-key.pem') }}"