blob: e8919438599c4f8bdb5cb4df652a140c181218d0 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
|
===========
Rescue Mode
===========
Ironic supports putting nodes in rescue mode using hardware types that
support rescue interfaces. A rescue operation can be used to boot nodes
into a rescue ramdisk so that the ``rescue`` user can access the node.
This provides the ability to access the node when normal access is not
possible. For example, if there is a need to perform manual password
reset or data recovery in the event of some failure, a rescue operation
can be used. IPA rescue extension exposes a command ``finalize_rescue``
(that is used by Ironic) to set the password for the ``rescue`` user
when the rescue ramdisk is booted.
finalize_rescue command
=======================
The rescue extension exposes the command ``finalize_rescue``; when
invoked, it triggers rescue mode::
POST /v1/commands
{"name": "rescue.finalize_rescue",
"params": {
"rescue_password": "p455w0rd"}
}
``rescue_password`` is a required parameter for this command.
Upon success, it returns following data in response::
{"command_name": "finalize_rescue",
"command_params": {
"rescue_password": "p455w0rd"},
"command_status": "SUCCEEDED"
"command_result": null
"command_error": null
}
If successful, this synchronous command will:
1. Write the salted and crypted ``rescue_password`` to
``/etc/ipa-rescue-config/ipa-rescue-password`` in the chroot or filesystem
that ironic-python-agent is running in.
2. Stop the ironic-python-agent process after completing these actions and
returning the response to the API request.
|
