1 files changed, 83 insertions, 0 deletions
diff --git a/doc/source/admin/drivers/ilo.rst b/doc/source/admin/drivers/ilo.rst
index f764a6d89..b6825fc40 100644
--- a/doc/source/admin/drivers/ilo.rst
+++ b/doc/source/admin/drivers/ilo.rst
@@ -55,6 +55,8 @@ The hardware type ``ilo`` supports following HPE server features:
 * `Updating security parameters as manual clean step`_
 * `Update Minimum Password Length security parameter as manual clean step`_
 * `Update Authentication Failure Logging security parameter as manual clean step`_
+* `Create Certificate Signing Request(CSR) as manual clean step`_
+* `Add HTTPS Certificate as manual clean step`_
 * `Activating iLO Advanced license as manual clean step`_
 * `Removing CA certificates from iLO as manual clean step`_
 * `Firmware based UEFI iSCSI boot from volume support`_
@@ -65,6 +67,7 @@ The hardware type ``ilo`` supports following HPE server features:
 * `BIOS configuration support`_
 * `IPv6 support`_
 * `Layer 3 or DHCP-less ramdisk booting`_
+* `Events subscription`_
 
 Apart from above features hardware type ``ilo5`` also supports following
 features:
@@ -200,6 +203,18 @@ The ``ilo`` hardware type supports following hardware interfaces:
         enabled_hardware_types = ilo
         enabled_rescue_interfaces = agent,no-rescue
 
+* vendor
+    Supports ``ilo``, ``ilo-redfish`` and ``no-vendor``. The default is
+    ``ilo``. They can be enabled by using the
+    ``[DEFAULT]enabled_vendor_interfaces`` option in ``ironic.conf`` as given
+    below:
+
+    .. code-block:: ini
+
+        [DEFAULT]
+        enabled_hardware_types = ilo
+        enabled_vendor_interfaces = ilo,ilo-redfish,no-vendor
+
 
 The ``ilo5`` hardware type supports all the ``ilo`` interfaces described above,
 except for ``boot`` and ``raid`` interfaces. The details of ``boot`` and
@@ -751,6 +766,12 @@ Supported **Manual** Cleaning Operations
   ``update_auth_failure_logging_threshold``:
     Updates the Authentication Failure Logging security parameter. See
     `Update Authentication Failure Logging security parameter as manual clean step`_ for user guidance on usage.
+  ``create_csr``:
+    Creates the certificate signing request. See `Create Certificate Signing Request(CSR) as manual clean step`_
+    for user guidance on usage.
+  ``add_https_certificate``:
+    Adds the signed HTTPS certificate to the iLO. See `Add HTTPS Certificate as manual clean step`_ for user
+    guidance on usage.
 
 * iLO with firmware version 1.5 is minimally required to support all the
   operations.
@@ -1648,6 +1669,54 @@ Both the arguments ``logging_threshold`` and ``ignore`` are optional. The accept
 value be False. If user passes the value of logging_threshold as 0, the Authentication Failure Logging security
 parameter will be disabled.
 
+Create Certificate Signing Request(CSR) as manual clean step
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+iLO driver can invoke ``create_csr`` request as a manual clean step. This step is only supported for iLO5 based hardware.
+
+An example of a manual clean step with ``create_csr`` as the only clean step could be::
+
+    "clean_steps": [{
+        "interface": "management",
+        "step": "create_csr",
+        "args": {
+            "csr_params": {
+                "City": "Bengaluru",
+                "CommonName": "1.1.1.1",
+                "Country": "India",
+                "OrgName": "HPE",
+                "State": "Karnataka"
+            }
+        }
+    }]
+
+The ``[ilo]cert_path`` option in ``ironic.conf`` is used as the directory path for
+creating the CSR, which defaults to ``/var/lib/ironic/ilo``. The CSR is created in the directory location
+given in ``[ilo]cert_path`` in ``node_uuid`` directory as <node_uuid>.csr.
+
+
+Add HTTPS Certificate as manual clean step
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+iLO driver can invoke ``add_https_certificate`` request as a manual clean step. This step is only supported for
+iLO5 based hardware.
+
+An example of a manual clean step with ``add_https_certificate`` as the only clean step could be::
+
+    "clean_steps": [{
+        "interface": "management",
+        "step": "add_https_certificate",
+        "args": {
+            "cert_file": "/test1/iLO.crt"
+        }
+    }]
+
+Argument ``cert_file`` is mandatory. The ``cert_file`` takes the path or url of the certificate file.
+The url schemes supported are: ``file``, ``http`` and ``https``.
+The CSR generated in step ``create_csr`` needs to be signed by a valid CA and the resultant HTTPS certificate should
+be provided in ``cert_file``. It copies the ``cert_file`` to ``[ilo]cert_path`` under ``node.uuid`` as <node_uuid>.crt
+before adding it to iLO.
+
 RAID Support
 ^^^^^^^^^^^^
 
@@ -2136,6 +2205,20 @@ DHCP-less deploy is supported by ``ilo`` and ``ilo5`` hardware types.
 However it would work only with ilo-virtual-media boot interface. See
 :doc:`/admin/dhcp-less` for more information.
 
+Events subscription
+^^^^^^^^^^^^^^^^^^^
+Events subscription is supported by ``ilo`` and ``ilo5`` hardware types with
+``ilo`` vendor interface for Gen10 and Gen10 Plus servers. See
+:ref:`node-vendor-passthru-methods` for more information.
+
+Anaconda based deployment
+^^^^^^^^^^^^^^^^^^^^^^^^^
+Deployment with ``anaconda`` deploy interface is supported by ``ilo`` and
+``ilo5`` hardware type and works with ``ilo-pxe`` and ``ilo-ipxe``
+boot interfaces.  See :doc:`/admin/anaconda-deploy-interface` for
+more information.
+
+
 .. _`ssacli documentation`: https://support.hpe.com/hpsc/doc/public/display?docId=c03909334
 .. _`proliant-tools`: https://docs.openstack.org/diskimage-builder/latest/elements/proliant-tools/README.html
 .. _`HPE iLO4 User Guide`: https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=c03334051