| Commit message (Collapse) | Author | Age | Files | Lines |
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Since iRMC S6 2.00, iRMC firmware disables IPMI over LAN
with default iRMC firmware configuration.
To deal with this firmware incompatibility, this commit
modifies driver's methods which use IPMI to first try
IPMI and, if IPMI fails, try to use Redfish API.
Story: 2010396
Task: 46746
Change-Id: I1730279d2225f1248ecf7fe403a5e503b6c3ff87
(cherry picked from commit d23f72ee501a5bdcc89806eb0ebbba929a36e64d)
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The current check is insufficient: it passes for Kubernetes shared
volumes, although hard-linking between them is not possible.
This patch changes the approach to trying a hard link and falling
back to copyfile instead.
The patch relies on optimizations in Python 3.8 and thus should not
be backported beyond the Zed series to avoid performance regression.
Change-Id: I929944685b3ac61b2f63d2549198a2d8a1c8fe35
(cherry picked from commit 59c6ad96ce35c9deecfedb5698c5806f3883a8af)
|
| |
| |
| |
| |
| |
| |
| |
| | |
Lookup returns generic 404 errors for security reasons. Logging is
the only way of debugging any issues during it.
Change-Id: I860ed6b90468a403f0f6cdec9c3d84bc872fda06
(cherry picked from commit 21437135ab3a8c9aa2fea99c48ab42eb45630941)
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
... And tags, but nobody uses tags since it is not available
via the API.
Anyhow, the online upgrade code was written under the assumption
that *all* tables had an "id" column. This is not always true
in the ironic data model for tables which started as pure extensions
of the Nodes table, and fails in particular when:
1) A database row has data stored in an ealier version of the object
2) That same object gets a version upgrade.
In the case which discovered this, BIOSSetting was added at version
1.0, and later updated to include additional fields which incremented
the version to 1.1. When the upgrade went to evaluate and iterate
through the fields, the command failed because the table was designed
around "node_id" instead of "id".
Story: 2010632
Task: 47590
Change-Id: I7bec6cfacb9d1558bc514c07386583436759f4df
(cherry picked from commit cbe5f86ce7c100f834701cf43f7b9b1bfdfb9ea5)
|
|\ \ |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
In a relatively odd turn of events, should cleaning
have started, but then timed out due to lost communications
or a hard failure of the machine, an agent token could
previously be orphaned preventing re-cleaning.
We now explicitly remove the token in this case.
Change-Id: I236cdf6ddb040284e9fd1fa10136ad17ef665638
(cherry picked from commit 47b5909486c336352c536eb2cadd121afea8cf12)
|
|\ \ \
| |/ /
|/| | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
While investigating a very curious report, I discovered that
if somehow the power was *already* turned off to a node, say
through an incorrect BMC *or* human action, and Ironic were
to pick it up (as it does by default, because it checks before
applying the power state, then it would not wipe the token
information, preventing the agent from connecting on the next
action/attempt/operation.
We now remove the token on all calls to conductor
utilities node_power_action method when appropriate, even
if no other work is required.
Change-Id: Ie89e8be9ad2887467f277772445d4bef79fa5ea1
(cherry picked from commit bcf6c12269168c5b4f0d9d4d3212e813f1827494)
|
|/ /
| |
| |
| |
| |
| |
| |
| | |
Even if a glance image is raw, we still recalculate the checksum after
"converting" it to raw. This process may take exceptionally long.
Change-Id: Id93d518b8d2b8064ff901f1a0452abd825e366c0
(cherry picked from commit f00da959eaa70a7e77059655c0050137cee78568)
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When cleaning fails, we power off the node, unless it has been running
a clean step already. This happens when aborting cleaning or on a boot
failure. This change makes sure that the power action does not wipe
the last_error field, resulting in a node with provision_state=CLEANFAIL
and last_error=None for several seconds. I've hit this in Metal3.
Also when aborting cleaning, make sure last_error is set during
the transition to CLEANFAIL, not when the clean up thread starts
running.
While here, make sure to log the current step in all cases, not only
when aborting a non-abortable step.
Change-Id: Id21dd7eb44dad149661ebe2d75a9b030aa70526f
Story: #2010603
Task: #47476
(cherry picked from commit 9a0fa631ca53b40f4dc1877a73e65ded8ac37616)
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This commit modifies iRMC driver to use ironic.conf [deploy]
default_boot_mode as default value of boot_mode.
Before this commit, iRMC driver assumes Legacy BIOS as default
boot_mode and value of default_boot_mode doesn't have any effect
on iRMC driver's behavior.
Story: 2010381
Task: 46643
Change-Id: Ic5a235785a1a2bb37fef38bd3a86f40125acb3d9
(cherry picked from commit 071cf9b2dd2233509c3cdb8261c0ee7b391e6b2c)
|
|\ \ |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Do not update `raid_configs` if operation is synchronous.
First, it is not needed, second, it will not be cleaned
up by async periodics. As the result the data remains
on the node and causes errors the next time node is in
cleaning state.
Story: 2010476
Task: 47037
Change-Id: Ib1850c58d1670c3555ac9b02eb7958a1b440a339
(cherry picked from commit 17c9e58c9ecaca6c058597d906c94a6d032b7efe)
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| | |
If the published image is a hardlink, the source selinux context is
preserved. This could cause access denied when retrieving the image
using its URL.
Change-Id: I550dac9d055ec30ec11530f18a675cf9e16063b5
(cherry picked from commit c05c09fd3ac7ed2c3a5dd13a602e3ae70dfb8734)
|
|/
|
|
|
|
|
|
|
| |
Mocks can no longer be provided as the specs for other Mocks.
See https://github.com/python/cpython/issues/87644 and
https://docs.python.org/3.11/whatsnew/3.11.html for more info.
Change-Id: If7c10d9bfd0bb410b3bc5180b737439c92e515da
(cherry picked from commit 342f4b37d757ac247aece95f7a4c3410a026b625)
|
|
|
|
|
|
|
|
|
|
|
|
| |
It relied on mocking tenacity.retry, but it's executed on class
initialization. Depending on the ordering, it may do nothing or
it may replace ImageService.call with a mock.
Instead, add a new tenacity helper that loads an option in runtime.
As a nice side effect, [glance]num_retries is now mutable.
Change-Id: I2e02231d294997e824db77c998ef8d352fa69075
(cherry picked from commit cab51a9fcc022f2e4bb634277dd20e90e2dc78f7)
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This is a pre-release commit for the Yoga release following our docs [1]
[1] https://docs.openstack.org/ironic/latest/contributor/releasing.html
We will clean-up the releasenotes and include the prelude in other patch
Change-Id: I3b8df0dce64c4ee3b20b7a714b6647d6e1ec0330
|
|\ \ |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The ``[dhcp]dhcp_provider`` configuration option can now be set to
``dnsmasq`` as an alternative to ``none`` for standalone deployments.
This enables the same node-specific DHCP capabilities as the
``neutron`` provider. See the ``[dnsmasq]`` section for configuration
options.
Change-Id: I3ab86ed68c6597d4fb4b0f2ae6d4fc34b1d59f11
Story: 2010203
Task: 45922
|
|\ \ \
| |_|/
|/| | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
PERC 9 and PERC 10 might not be in RAID mode with no or limited RAID
support. This fixes to convert any eligible controllers to RAID mode
during delete_configuration clean step or deploy step.
Story: 2010272
Task: 46199
Change-Id: I5e85df95a66aed9772ae0660b2c85ca3a39b96c7
|
|\ \ \ |
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Provide the ability to limit resource intensive or potentially
wide scale operations which could be a symptom of a highly
distructive and unplanned operation in progress.
The idea behind this change is to help guard the overall deployment
to prevent an overall resource exhaustion situation, or prevent an
attacker with valid credentials from putting an entire deployment
into a potentially disasterous cleaning situation since ironic only
other wise limits concurrency based upon running tasks by conductor.
Story: 2010007
Task: 45140
Change-Id: I642452cd480e7674ff720b65ca32bce59a4a834a
|
|\ \ \ |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
When we added concurrent disk erasures, we kept the concurrency
to 1 as to not risk any different oeprator behavior, at the cost
of not faster erasure times.
That being said, we have had the setting in place for some time
and we have received no reports of issues, so we are incrementing
it to four as that should be still quite relatively safe from a
concurrency standpoint for disk controllers in systems.
Change-Id: I6326422d60ec024a739ca596f46552bbd91b0419
|
|\ \ \ \ |
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Ironic validates network interface before the cleaning process,
currently invalid parameter is captured but for not others.
There is chance that a node could be stucked at the cleaning
state on networking issues or temporary service down of neutron
service.
This patch adds NetworkError to the exception hanlding to cover
such cases.
Change-Id: If20de2ad4ae4177dea10b7ebfc9a91ca6fbabdb9
|
|\ \ \ \ |
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
We will use this in the future to prepare for SQLAlchemy 2.0. For now,
we're simply using it to filter out some of the more annoying warnings
and to highlight general SQLAlchemy issues we need to address.
Change-Id: I7c26c20e4b36c4f3b98873939677b966ec6186a5
Signed-off-by: Stephen Finucane <sfinucan@redhat.com>
|
|\ \ \ \ \
| |_|/ / /
|/| | | | |
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
The image lookup process, when handed a path attempts
to issue a HEAD request against the path and gets a
response which is devoid of details like a content length
or any properties. This is expected behavior, however if
we have a path, we also know we don't need to explicitly
attempt to make an HTTP HEAD request in an attempt to
match the glance ``kernel_id`` -> ``kernel`` and similar
value population behavior.
Also removes an invalid test which was written before the
overall method was fully understood.
And fixes the default fallback for kickstart template
configuration, so that it uses a URL instead of a
direct file path.
And fix logic in the handling of image property result
set, where the code previously assumed a ``stage2``
ramdisk was always required, and based other cleanup
upon that.
Change-Id: I589e9586d1279604a743746952aeabbc483825df
|
|\ \ \ \ \ |
|
| | |/ / /
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This commit adds new clean steps create_csr and add_https_certificate
to allow users to create certificate signing request and adds
https certificate to the iLO.
Story: 2009118
Task: 43016
Change-Id: I1e2da0e0da5e397b6e519e817e0bf60a02bbf007
|
|\ \ \ \ \ |
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
default_boot_mode is effective regardless of the management
interface capabilities as it also sets the default for the boot
image used.
Change-Id: I012aa4067f8fa54eab7a2b860259d1aea5b94955
|
|\ \ \ \ \ \ |
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Enables event subscription methods by inheriting RedfishVendorPassthru
for ilo and ilo5 hardware types
Story: 2010207
Task: 45931
Change-Id: I96f7e44069402e3f1d25bcd527408008ca5e77cb
|
| |_|/ / / /
|/| | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
* Resolved PEP8 issues
* Trimmed comments to remove extraneous information
* Changed rfc1902.Integer() calls to the correct snmp.Integer() calls
* Fixed power state logic checking for new PDUs that don't have transitional states (e.g., 'pendingOn')
* Removed redundant warning messages
* Added unit tests for Raritan PD2, ServerTech Sentry 3/4, and Vertiv Geist drivers
* Updated documentation to list tested PDUs for the new drivers
* Updated release notes
Change-Id: I9da7b9042b817c346f75a44cd8287e1f63efcb56
|
|\ \ \ \ \ \ |
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
oslo.db 12.1.0 has changed the default value for the 'autocommit'
parameter of 'LegacyEngineFacade' from 'True' to 'False'. This is a
necessary step to ensure compatibility with SQLAlchemy 2.0. However, we
are currently relying on the autocommit behavior and need changes to
explicitly manage sessions. Until that happens, we need to override the
default.
Change-Id: I9e095d810ff5398920e8ffd4f2f089d9b8d29335
Signed-off-by: Stephen Finucane <sfinucan@redhat.com>
|
|\ \ \ \ \ \ \
| |/ / / / / /
|/| | | | | | |
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
The stock anaconda template previously lacked any ability
to indicate "don't validate the tls certificate".
The capability for the installation to operate *without*
requiring this to be the case is necessary for efficient
and simple CI testing as injecting CA certificates is
an overly complex interaction for CI testing.
Also updates the overall anaconda documentation to indicate
the constraint exists, but does not indicate explicitly how
to disable the setting via ironic.conf.
Change-Id: Ia8e4320cbedb205ab183af121da53562792a8faa
|
|\ \ \ \ \ \ \ |
|
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Previously, when a password change occured in ironic,
the session would not be invalidated, and this, in theory,
could lead to all sorts of issues with the old password
still being re-used for authentication.
In a large environment where credentials for BMCs may not
be centralized, this can quickly lead to repeated account
lockout experiences for the BMC service account.
Anyhow, now we consider it in tracking the sessions, so
when the saved password is changed, a new session is
established, and the old session is eventually expired out
of the cache.
Change-Id: I49e1907b89a9096aa043424b205e7bd390ed1a2f
|
|\ \ \ \ \ \ \ \ |
|
| | |_|/ / / / /
| |/| | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Adds capabilites for a project scoped admin to
create and delete nodes in Ironic's API.
These nodes are automatically associated with the
project of the requestor.
Effectively, this does allow anyone with sufficient
privilges, i.e. admin, in an OpenStack deployment
to be able to create new baremetal nodes and delete
those baremetal nodes. In this case, the user has
the "owner" level of rights in the RBAC model.
Change-Id: I3fd9ce5de0bc600275b5c4b7a95b0f9405342688
|
|\ \ \ \ \ \ \ \ |
|