| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
SNMP driver was using the wrong dictionary key to retrieve auth_protocol
and priv_protocol from driver info. As a result, the SNMP client was
created with empty strings for both those fields. Any nodes configured
to use SNMP v3 with those fields failed because the SNMP driver was
unable to perform power related operations due to authentication error.
- Use correct keys for snmp auth_protocol and priv_protocol when
creating SNMP client
- Sanitize snmp auth_key and priv_key in API results
Story: 2010613
Task: 47535
Change-Id: I5efd3c9f79a021f1a8e613c3d13b6596a7972672
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Follow-up to I385594339028c20cfc83fdcc4cbbec107efdacff
Story: 2010378
Task: 46624
Change-Id: I95f3caaaf3fd92d60ce39b5803747728f65bbc17
|
| |\ \ \
| |_|/
|/| | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This change adds 'node_uuid' to:
ironic.objects.portgroup.Portgroup
'node_uuid' is a relationship using association_proxy in
models.Portgroup. Using the association_proxy removes the
need to do the node lookup to populate node uuid for
portgroups in the api controller.
NOTE:
On portgroup create a read is added to read the port from
the database, this ensures node_uuid is loaded and solves
the DetachedInstanceError which is otherwise raised.
The test test_list_with_deleted_port_group was deleted, if
the portgroup does not exist porgroup_uuid on the port will
be None, no need for extra handling of that case.
Bumps Portgroup object version to 1.5
Change-Id: I4317d034b6661da4248935cb0b9cb095982cc052
|
| |\ \ \ |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This request parameter will allow an operator to ask the question
"Do I need to assign shards to any of my nodes?".
Change-Id: I26b745e5ef2b320a8d8a0667ac61c080fcdcd576
|
| |\ \ \ \
| |/ / /
|/| | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Follow-up to Ie174904420691be64ce6ca10bca3231f45a5bc58
which enables storage of inventory in Swift, but does not delete
the Swift entry when the node whose inventory is stored is deleted
Story: 2010275
Task: 46204
Change-Id: I74b19f7a42c1326d7ec04e6320176e81639ebfb4
|
| | |_|/
|/| |
| | |
| | |
| | |
| | |
| | |
| | | |
Adds ability to query ports by shard.
Example usage: /v1/ports?shard=lol,cats
Change-Id: Icacef7f71414d30f492a6d144bcc89dff4891784
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
- Basic support and testing for CRUD for node.shard.
- Policy checking for update node.shard.
- New API endpoint: GET /v1/shards
- Policy checking for GET /v1/shards
- Support for querying for nodes in a list of shards
Story: 2010378
Task: 46624
Change-Id: I385594339028c20cfc83fdcc4cbbec107efdacff
|
| |/ /
| |
| |
| |
| |
| |
| |
| | |
DB and object implementations for new node.shard key.
Story: 2010768
Task: 46624
Change-Id: Ia7ef3cffc321c93501b1cc5185972a4ac1dcb212
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Move functions storing and obtaining introspection data
from drivers/modules/inspector.py and api/controllers/v1/node.py
to driver/modules/inspect_utils.py
Follow-up to change If50f665da5fbb16f7646f3d6195a6e14e7325b0a
Story: 2010275
Task: 46204
Change-Id: I2b206670aff6ad3a9f9cc76236453abf42663cad
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Create [inventory] to hold CONF parameters for storage of introspection data
Story: 2010275
Task: 46204
Change-Id: I06fa4f69160206dd350856e264cbb0842e34fd2a
|
| |\ \
| |/
|/| |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Add api to access node inventory
Story: 2010275
Task: 46204
Change-Id: If50f665da5fbb16f7646f3d6195a6e14e7325b0a
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change adds 'node_uuid' to ironic.objects.port.Port
and adds a relationship using association_proxy in
models.Port. Using the association_proxy removes the need
to do the node lookup to populate node uuid for ports in
the api controller.
NOTE:
On port create a read is added to read the port from the
database, this ensures node_uuid is loaded and solves the
DetachedInstanceError which is otherwise raised.
Bumps Port object version to 1.11
With patch:
1. Returned 20000 ports in python 2.7768702507019043
seconds from the DB.
2. Took 0.433107852935791 seconds to iterate through
20000 port objects.
Ports table is roughly 12800000 bytes of JSON.
3. Took 5.662816762924194 seconds to return all 20000
ports via ports API call pattern.
Without patch:
1. Returned 20000 ports in python 1.0273635387420654
seconds from the DB.
2. Took 0.4772777557373047 seconds to iterate through
20000 port objects.
Ports table is roughly 12800000 bytes of JSON.
3. Took 147.8800814151764 seconds to return all 20000
ports via ports API call pattern.
Conclusion:
Test #1 plain dbapi.get_port_list() test is ~3 times
slower, but Test #3 doing the API call pattern test
is ~2500% better.
Story: 2007789
Task: 40035
Change-Id: Iff204b3056f3058f795f05dc1d240f494d60672a
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Adds capabilites for a project scoped admin to
create and delete nodes in Ironic's API.
These nodes are automatically associated with the
project of the requestor.
Effectively, this does allow anyone with sufficient
privilges, i.e. admin, in an OpenStack deployment
to be able to create new baremetal nodes and delete
those baremetal nodes. In this case, the user has
the "owner" level of rights in the RBAC model.
Change-Id: I3fd9ce5de0bc600275b5c4b7a95b0f9405342688
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Before version 4.8, jsonschema did some wild guessing when producing
error messages for schemas with several equivalent subschemas. In
version 4.8 it is no longer done, causing error messages that are more
correct but also more generic.
This change restores guessing the potential root cause without claiming
that it's the only possible root cause. Also the traits schema is
simplified to make it less ambiguous.
See https://github.com/python-jsonschema/jsonschema/issues/991 for details.
Change-Id: Ia75cecd2bfbc602b8b2b85bdda20fdc04c5eadf4
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When you have a multi-db deployment, or even just many
different threads operating on the same server with different
transactions, you can run into a situation where one thread
initiates a transaction to get a list of nodes, and then
another triggers a delete of the chassis (and most likely node,
but hey, there is really no way to detect that and work.)
So as the API is processing the response and making the json
result set, the query to resolve a chassis_id on a node object
can begin to fail.
Before this patch, this would raise an exception to the client.
Now, we just suppress the error, and return the field value
as None.
In the grand scheme, the node is likely has also already
been deleted as well.
Change-Id: I3594ac580c01454c70922a965a2a653a8b568cbb
Closes-Bug: 1508995
Story: 1508995
Task: 10038
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Specify the schema version for network_data and node, otherwise the
latest one is used.
Also fix one test where the error messages was changed.
Change-Id: I4a614d7e73348bbe6c355a40881b013cbfe00b03
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change finds a node with the same name as the allocation and
moves it to the beginning of the shuffled candidate list so that node
is the first allocation attempt.
It is common for node naming scheme to match the node's role (such as
compute-1, compute-2). Also this often matches the hostname
(allocation name) scheme. Without this change, this scenario will
generally result in swapped names (node compute-1 having hostname
compute-2, etc).
By preferring matching names this situation can be avoided in the
majority of cases, while not otherwise affecting the candidiate
allocation approach.
Change-Id: Ie990bfc209959d58852b9080778602eab5aa30af
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Create a new Sphinx extension called 'web_api_docstring' to process
docstrings from the API classes, in order to generate API
documentation.
Story: 2009785
Task: 44291
Change-Id: Ia6b2b3741e2b1cbd29531c21795df4f0f0dc70ca
|
| |/
|
|
|
|
|
|
|
| |
Node history was particularly affected: limit was not converted from
string to integer, so "next" link was never added.
Add some safeguards to the generic API code.
Change-Id: I1328e2f07621bf7e39b96eb4a7ddb66c9a2b65bb
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| | |
Since the default value resource_url is None, make sure the
parameter is set to 'nodes' when getting all nodes.
Change-Id: I6cc52eb56c7888a433d24aa79154143d6f35cf83
|
| |/
|
|
|
|
|
| |
Since the default value resource_url is None, make sure the
parameter is set to 'ports' when getting all ports.
Change-Id: Id603ae5a4a802dfc8f866b15c8d327d95eba9310
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| | |
This is useful when some nodes need the "agent" power interface, while
the others can be deployed normally.
Change-Id: Ief7df40c83ef03d0ec5ae92d09ceffd39d3c12a3
|
| |/
|
|
|
|
|
|
|
| |
The logic for restricted allocation creation checks that the
user is not trying to create an allocation with an owner other
than themselves. However the logic as it stands will always fail,
as it does not check if the user actually set an allocation owner.
Change-Id: I780d8e88f9319dc37ab56309bddbfb6b5f3c9d13
|
| |
|
|
|
|
|
|
|
|
|
| |
Adds API for retrieving node history events
via a node. Includes pagination and limitation
of the response set.
Story: 2002980
Tas: 42961
Change-Id: I22a92fa6c30d721f6a5dd0670b2e0a9cf76ad7b1
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
This commit add support for the fields query parameter to the GET /v1/drivers?fields=... and GET /v1/drivers/<driver_name>?fields=....
Story: 1674775
Task: 10581
Change-Id: I2ca4eb490e320e736a93851eed526ec862be901e
|
| |/
|
|
|
|
|
| |
Story: 2008567
Task: 41709
depends-on: https://review.opendev.org/c/openstack/ironic/+/800084
Change-Id: I44e41dc3d8abcb99a2248d7b9c7ac5e9d786bb98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Done:
- Node API endpoints expose
- RPC methods
- Conductor Manager methods
- Conductor utils new methods
- RBAC new policies
- Node API tests
- Manager Tests (+ some testing for utils methods)
- RBAC tests
- Docs (api-ref)
- REST API version history
- Releasenotes
Story: 2008567
Task: 41709
Change-Id: I2d72389edf546b99c536c6b130ca85ababf80591
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* add fields to Node object
* expose them at endpoint `/v1/nodes/{node_ident}/states`
* update states on powersync / entering managed state.
* tests
* update api endpoint info in api-ref
Story: 2008567
Task: 41709
Change-Id: Iddd1421a6fa37d69da56658a2fefa5bc8cfd15e4
|
| |
|
|
|
|
|
|
|
|
| |
Change https://review.opendev.org/c/openstack/ironic/+/794880
included a few minor typos and required a clarification of a point
which.
This change just makes those minor text changes.
Change-Id: I883d4ca89ba984c29b53b531af98f2f0be39edbf
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The biggest amount of API overhead is the node sanitization
process, at least at this point in time.
We have streamlined the database interaction to ensure specific
field selection lists are as orderly as possible, but the
node sanitization code re-executes some methods over and over
which do not require variable data from the underlying node.
These are blanket settings "is the user allowed to see x, or y".
Which means we can call node_sanitize pre-seeding these
arguments and execute the calls once, instead of a thousand times
to have the same exact result.
Story: 2008885
Task: 42433
Change-Id: I342e7900cac388cb4749480684418a5a15ac60eb
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change modifies the nodes _get_nodes_collection method to
consider and pass in an explicit lisst of requested fields into
the node list method, while also including the required fields
for things like ownership/policy checking.
And slightly modifies node_convert_with_links method to simplify
it while enabling field validity to be checked, and specific
requisite field lists provided in based upon that value.
And also optionally builds the traits list as they are nolonger
*always* populated on all objects with fully populated objects
as only partially hydrated objects are provided back when specific
fields are requested.
Story: 2008885
Task: 42572
Change-Id: Ided419263d84184cab902944b6c518f98618c9d2
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The instance_uuid handling on the detailed node information
endpoint of the api (/v1/nodes/detail?instance_uuid=<uuid>),
which is used by services such as Nova for explicit node status
lookups, previously had special conditional logic surrounding it
which skipped the inclusion of the API requestor project-id, from
being incorporated into the database query.
Ultimately, this allowed an authenticated user to obtain a partially
redacted node entry where sensitive informational fields were scrubbed
from the response payload.
With this fix, queries for an explicit instance_uuid now follow the
standard path inside the Ironic API to the database which includes
inclusion of a requestor Project-ID if required by configured policy.
Change-Id: I9bfa5a54e02c8a1e9c8cad6b9acdbad6ab62bef3
Story: 2008976
Task: 42620
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
An investigation of performance issues in Ironic revealed that the
policy checking was performing extra un-needed work which performed
excess computational overhead when parsing the result data.
In this specific case, the Secure RBAC work added some additional
policy checks around individual the fields.
Change-Id: I77b6e0e6c721f2ff1f8b9f511acde97fcdb21a39
Story: 2008885
Task: 42432
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Provide the fields in the BIOS setting API -
``/v1/nodes/{node}/bios/{setting}``, and in the BIOS setting list API
when details are requested - ``/v1/nodes/<node>/bios?detail=True``.
Story: #2008571
Task: #42483
Change-Id: Ie86ec57e428e2bb2efd099a839105e51a94824ab
|
| |/
|
|
|
|
|
|
|
|
|
|
|
| |
When the configdrive input is JSON (meta_data, etc), delay the rendering
until the ISO image is actually used. It has two benefits:
1) Avoid storing a large ISO image in instance_info,
2) Allow deploy steps to access the original user's input.
Fix configdrive masking to correctly mask dicts.
Story: #2008875
Task: #42419
Change-Id: I86d30bbb505b8c794bfa6412606f4516f8885aa9
|
| |
|
|
|
|
|
|
|
|
| |
This RFE proposes a new microversion that will provide
aliases to two poorly named provisioning verbs
to match the existing CLI commands
Story: #2007551
Task: #39402
Change-Id: Ifd14aebbfb4b17c5108f44092dac0b89d1c2c50a
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
agent_status is used by anaconda ramdisk to inform the
conductor about state of the deployment. Valid agent
states are 'start', 'end' and 'error'. The agent_status_message
is used to describe the why the agent_status is set to a
particular state. Use of these parameters require API
version 1.72 or greater.
When anaconda finishes deployment the agent_status is
set to 'end'. When anaconda ramdisk is unable to deploy
the OS for some reason the agent_status is set to 'error'.
PXEAnacondaDeploy is implemented to handle the 'anaconda'
deploy interface. PXEAnacondaDeploy ties to together pieces
needed to deploy a node using anaconda ramdisk.
Co-Authored-By: Jay Faulkner <jay@jvf.cc>
Change-Id: Ieb452149730510b001c4712bbb2e0f28acfc3c2e
|
