| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The current check is insufficient: it passes for Kubernetes shared
volumes, although hard-linking between them is not possible.
This patch changes the approach to trying a hard link and falling
back to copyfile instead.
The patch relies on optimizations in Python 3.8 and thus should not
be backported beyond the Zed series to avoid performance regression.
Change-Id: I929944685b3ac61b2f63d2549198a2d8a1c8fe35
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Instead of clearing existing reservations at the beginning of
del_host, wait for the tasks holding them to go to completion. This
check continues indefinitely until the conductor process exits due to
one of:
- All reservations for this conductor are released
- CONF.graceful_shutdown_timeout has elapsed
- The process manager (systemd, kubernetes) sends SIGKILL after the
configured graceful period
Because the default values of [DEFAULT]graceful_shutdown_timeout and
[conductor]heartbeat_timeout are the same (60s) no other conductor
will claim a node as an orphan until this conductor exits.
Change-Id: Ib8db915746228cd87272740825aaaea1fdf953c7
|
| | |/
|/|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Bandit 1.7.5 dropped with logic to check requests invocations.
Specifically if a timeout is not explicitly set, then it results
in an error.
This should cause our bandit job to go green.
Closes-Bug: 2015284
Change-Id: I1dcb3075de63aae97bb22012a54736c293393185
|
| |\ \ |
|
| | |/
| |
| |
| | |
Change-Id: I0acc5303c1a38645318fb9be4cb068d069b7fe6a
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This mapping allows object version upgrades to be navigated
and needs to be updated pre-release otherwise we break the
inherent upgrade job to the latest state of the development
branch.
Also, had to backfill the records for the bugfix branch since,
while not required for that version to run, it is required to
have to upgrade from that version.
Also, lists antelope and 2023.1 as "named" releases, due to the
abiguity and configuration, it just seemed better to be on the
safe side.
Change-Id: I633275caf8c3dc750023fbb27bd8a3f4d23e9fa5
|
| |\ \
| |/
|/| |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When cleaning fails, we power off the node, unless it has been running
a clean step already. This happens when aborting cleaning or on a boot
failure. This change makes sure that the power action does not wipe
the last_error field, resulting in a node with provision_state=CLEANFAIL
and last_error=None for several seconds. I've hit this in Metal3.
Also when aborting cleaning, make sure last_error is set during
the transition to CLEANFAIL, not when the clean up thread starts
running.
While here, make sure to log the current step in all cases, not only
when aborting a non-abortable step.
Change-Id: Id21dd7eb44dad149661ebe2d75a9b030aa70526f
Story: #2010603
Task: #47476
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently when a conductor is stopped, the rpc service stops
responding to requests as soon as self.manager.del_host returns. This
means that until the hash ring is reset on the whole cluster, requests
can be sent to a service which is stopped.
This change waits for the remaining seconds to delay stopping until
CONF.hash_ring_reset_interval has elapsed. This will improve the
reliability of the cluster when scaling down or rolling out updates.
This delay only occurs when there is more than one online conductor,
to allow fast restarts on single-node ironic installs (bifrost,
metal3).
Change-Id: I643eb34f9605532c5c12dd2a42f4ea67bf3e0b40
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This change adds 'node_uuid' to:
ironic.objects.portgroup.Portgroup
'node_uuid' is a relationship using association_proxy in
models.Portgroup. Using the association_proxy removes the
need to do the node lookup to populate node uuid for
portgroups in the api controller.
NOTE:
On portgroup create a read is added to read the port from
the database, this ensures node_uuid is loaded and solves
the DetachedInstanceError which is otherwise raised.
The test test_list_with_deleted_port_group was deleted, if
the portgroup does not exist porgroup_uuid on the port will
be None, no need for extra handling of that case.
Bumps Portgroup object version to 1.5
Change-Id: I4317d034b6661da4248935cb0b9cb095982cc052
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Follow-up to I6b830e5cc30f1fa1f1900e7c45e6f246fa1ec51c
Original changa introduced some errors such as mismatched
arguments for exceptions
Story: 2010275
Task: 46204
Change-Id: I550e048ab22a6cd25502b41d1c579819df369249
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Follow-up to Ie174904420691be64ce6ca10bca3231f45a5bc58
which enables storage of inventory in Swift, but does not delete
the Swift entry when the node whose inventory is stored is deleted
Story: 2010275
Task: 46204
Change-Id: I74b19f7a42c1326d7ec04e6320176e81639ebfb4
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
- Basic support and testing for CRUD for node.shard.
- Policy checking for update node.shard.
- New API endpoint: GET /v1/shards
- Policy checking for GET /v1/shards
- Support for querying for nodes in a list of shards
Story: 2010378
Task: 46624
Change-Id: I385594339028c20cfc83fdcc4cbbec107efdacff
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
DB and object implementations for new node.shard key.
Story: 2010768
Task: 46624
Change-Id: Ia7ef3cffc321c93501b1cc5185972a4ac1dcb212
|
| |\ \ \ |
|
| | |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This change adds support for the ``service`` role, which is intended
largely for service to service communiation, such as if one wanted to
utilzie a "nova" project, and have an ironic service user within it,
and then configure the ``nova-compute`` service utilizing those credentials.
Or vice versa, an "ironic" project, with a nova user.
In this case, access is exceptionally similar to the rights afforded to
a "project scoped manager" or an "owner-admin".
Change-Id: Ifd098a4567d60c90550afe5236ae2af143b6bac2
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Use the new API that is consistent with
the existing API instead of instantiating the client
class directly.
This was introduced in release 14.1.0 here [1] and
added into oslo.messaging here [2]
[1] https://review.opendev.org/c/openstack/requirements/+/869340
[2] https://review.opendev.org/c/openstack/oslo.messaging/+/862419
Change-Id: I2aea1d4fb59e7440586d8d9cd27bc61d29f4530c
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Add api to access node inventory
Story: 2010275
Task: 46204
Change-Id: If50f665da5fbb16f7646f3d6195a6e14e7325b0a
|
| |\ \ \
| |/ /
|/| /
| |/ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This change adds 'node_uuid' to ironic.objects.port.Port
and adds a relationship using association_proxy in
models.Port. Using the association_proxy removes the need
to do the node lookup to populate node uuid for ports in
the api controller.
NOTE:
On port create a read is added to read the port from the
database, this ensures node_uuid is loaded and solves the
DetachedInstanceError which is otherwise raised.
Bumps Port object version to 1.11
With patch:
1. Returned 20000 ports in python 2.7768702507019043
seconds from the DB.
2. Took 0.433107852935791 seconds to iterate through
20000 port objects.
Ports table is roughly 12800000 bytes of JSON.
3. Took 5.662816762924194 seconds to return all 20000
ports via ports API call pattern.
Without patch:
1. Returned 20000 ports in python 1.0273635387420654
seconds from the DB.
2. Took 0.4772777557373047 seconds to iterate through
20000 port objects.
Ports table is roughly 12800000 bytes of JSON.
3. Took 147.8800814151764 seconds to return all 20000
ports via ports API call pattern.
Conclusion:
Test #1 plain dbapi.get_port_list() test is ~3 times
slower, but Test #3 doing the API call pattern test
is ~2500% better.
Story: 2007789
Task: 40035
Change-Id: Iff204b3056f3058f795f05dc1d240f494d60672a
|
| |\ \
| |/
|/| |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
The Ironic inspector allows users to choose between SQL, Swift
and NoStore. Ironic should offer similar functionality.
Story: 2010275
Task: 46204
Change-Id: Ie174904420691be64ce6ca10bca3231f45a5bc58
|
| |\ \
| |/
|/| |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fixes the anaconda deploy(URL based) and adds
anaconda_boot entry to pxe_grub_config.template so
that ProLiants can be also deployed in PXE mode.
Story: 2010347
Task: 46490
Change-Id: I4b9e3a2060d9d73de5cab31cc08d3a764dc56e90
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Prepare the ironic database to accommodate node inventory received from
the inspector once the API is implemented.
Story: 2010275
Task: 46204
Change-Id: I6b830e5cc30f1fa1f1900e7c45e6f246fa1ec51c
|
| |\ \
| |/
|/| |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
It relied on mocking tenacity.retry, but it's executed on class
initialization. Depending on the ordering, it may do nothing or
it may replace ImageService.call with a mock.
Instead, add a new tenacity helper that loads an option in runtime.
As a nice side effect, [glance]num_retries is now mutable.
Change-Id: I2e02231d294997e824db77c998ef8d352fa69075
|
| |/
|
|
|
|
|
|
|
| |
Fix the anaconda deploy for the ISO mounted
on a webserver.
Story: 2010322
Task: 46429
Change-Id: I2860faa7322116ffef1255709fe12f806257b069
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This is a pre-release commit for the Yoga release following our docs [1]
[1] https://docs.openstack.org/ironic/latest/contributor/releasing.html
We will clean-up the releasenotes and include the prelude in other patch
Change-Id: I3b8df0dce64c4ee3b20b7a714b6647d6e1ec0330
|
| |\ \
| |/
|/| |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The ``[dhcp]dhcp_provider`` configuration option can now be set to
``dnsmasq`` as an alternative to ``none`` for standalone deployments.
This enables the same node-specific DHCP capabilities as the
``neutron`` provider. See the ``[dnsmasq]`` section for configuration
options.
Change-Id: I3ab86ed68c6597d4fb4b0f2ae6d4fc34b1d59f11
Story: 2010203
Task: 45922
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Provide the ability to limit resource intensive or potentially
wide scale operations which could be a symptom of a highly
distructive and unplanned operation in progress.
The idea behind this change is to help guard the overall deployment
to prevent an overall resource exhaustion situation, or prevent an
attacker with valid credentials from putting an entire deployment
into a potentially disasterous cleaning situation since ironic only
other wise limits concurrency based upon running tasks by conductor.
Story: 2010007
Task: 45140
Change-Id: I642452cd480e7674ff720b65ca32bce59a4a834a
|
| |\ \ \
| |/ /
|/| | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The image lookup process, when handed a path attempts
to issue a HEAD request against the path and gets a
response which is devoid of details like a content length
or any properties. This is expected behavior, however if
we have a path, we also know we don't need to explicitly
attempt to make an HTTP HEAD request in an attempt to
match the glance ``kernel_id`` -> ``kernel`` and similar
value population behavior.
Also removes an invalid test which was written before the
overall method was fully understood.
And fixes the default fallback for kickstart template
configuration, so that it uses a URL instead of a
direct file path.
And fix logic in the handling of image property result
set, where the code previously assumed a ``stage2``
ramdisk was always required, and based other cleanup
upon that.
Change-Id: I589e9586d1279604a743746952aeabbc483825df
|
| |\ \ \ |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The stock anaconda template previously lacked any ability
to indicate "don't validate the tls certificate".
The capability for the installation to operate *without*
requiring this to be the case is necessary for efficient
and simple CI testing as injecting CA certificates is
an overly complex interaction for CI testing.
Also updates the overall anaconda documentation to indicate
the constraint exists, but does not indicate explicitly how
to disable the setting via ironic.conf.
Change-Id: Ia8e4320cbedb205ab183af121da53562792a8faa
|
| |\ \ \ \ |
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Adds capabilites for a project scoped admin to
create and delete nodes in Ironic's API.
These nodes are automatically associated with the
project of the requestor.
Effectively, this does allow anyone with sufficient
privilges, i.e. admin, in an OpenStack deployment
to be able to create new baremetal nodes and delete
those baremetal nodes. In this case, the user has
the "owner" level of rights in the RBAC model.
Change-Id: I3fd9ce5de0bc600275b5c4b7a95b0f9405342688
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Before version 4.8, jsonschema did some wild guessing when producing
error messages for schemas with several equivalent subschemas. In
version 4.8 it is no longer done, causing error messages that are more
correct but also more generic.
This change restores guessing the potential root cause without claiming
that it's the only possible root cause. Also the traits schema is
simplified to make it less ambiguous.
See https://github.com/python-jsonschema/jsonschema/issues/991 for details.
Change-Id: Ia75cecd2bfbc602b8b2b85bdda20fdc04c5eadf4
|
| |\ \ \ \ \
| |/ / / /
|/| / / /
| |/ / / |
|
| | |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
To use a source as a path with the anaconda deployment interface,
the kickstart template needs to utilize a 'url' command as opposed
to a second stage ramdisk.
This allows a seamless automatic switch without a customized
kickstart template to just use a URL.
Change-Id: I31febd4e131ed0cc1b37adb9318be8cb17136a68
|
| |/ /
| |
| |
| |
| |
| |
| | |
This commit bumps the release_mappings to 21.0 to be
used in the bugfix branch
Change-Id: I2bde869dfb05eb8d9baf035686833980d79e69ef
|
| |/
|
|
|
|
|
|
|
|
| |
Image lookups in the PXE interface, for anaconda specific code,
were previously hard coded to try and invoke use of glance if
needed.
Except, not everything is glance.
Change-Id: I8791623be95e7e47739ee051753de97eb0e5e2a3
|
