7 files changed, 236 insertions, 35 deletions

diff --git a/doc/source/deploy/cleaning.rst b/doc/source/deploy/cleaning.rst
index 8897bf46b..0f1a42eda 100644
--- a/doc/source/deploy/cleaning.rst
+++ b/doc/source/deploy/cleaning.rst
@@ -34,6 +34,7 @@ This will enable the default set of steps, based on your hardware and Ironic
 drivers. If you're using an agent_* driver, this includes, by default, erasing
 all of the previous tenant's data.
 
+.. _InbandvsOutOfBandCleaning:
 
 In-Band vs Out-of-Band
 ======================
@@ -58,6 +59,8 @@ Out-of-band are actions performed by your management controller, such as IPMI,
 iLO, or DRAC. Out-of-band steps will be performed by Ironic using a Power or
 Management driver. Which steps are performed depends on the driver and hardware.
 
+For Out-of-Band cleaning operations supported by iLO drivers, refer to
+:ref:`ilo_node_cleaning`.
 
 FAQ
 ===
@@ -85,6 +88,12 @@ to disable erase_devices, you'd use the following config::
   [agent]
   agent_erase_devices_priority=0
 
+To enable/disable the in-band disk erase using ``agent_ilo`` driver, use the
+following config::
+
+  [ilo]
+  clean_priority_erase_devices=0
+
 
 What cleaning step is running?
 ------------------------------
diff --git a/doc/source/deploy/install-guide.rst b/doc/source/deploy/install-guide.rst
index 2907ad54b..5e253746e 100644
--- a/doc/source/deploy/install-guide.rst
+++ b/doc/source/deploy/install-guide.rst
@@ -4,8 +4,9 @@
 Bare Metal Service Installation Guide
 =====================================
 
-This document pertains to the Juno (2014.2) release of OpenStack.  Users of
-earlier releases may encounter some differences in configuration of services.
+This document pertains to the Kilo (2015.1) release of OpenStack Ironic.  Users
+of earlier releases may encounter differences, and are encouraged to look at
+earlier versions of this document for guidance.
 
 
 Service Overview
@@ -14,23 +15,33 @@ Service Overview
 The Bare Metal Service is a collection of components that provides support to
 manage and provision physical machines.
 
-Also known as the ``ironic`` project, the Bare Metal Service interacts with
-several other OpenStack services such as:
+Also known as the ``Ironic`` project, the Bare Metal Service may, depending
+upon configuration, interact with several other OpenStack services. This
+includes:
 
-- the Identity Service (keystone) for request authentication and to
+- the Telemetry (Ceilometer) for consuming the IPMI metrics
+- the Identity Service (Keystone) for request authentication and to
   locate other OpenStack services
-- the Image Service (glance) from which to retrieve images
-- the Networking Service (neutron) for DHCP and network configuration
-- the Compute Service (nova), which leverages the Bare Metal Service to
-  manage compute instances on bare metal.
+- the Image Service (Glance) from which to retrieve images and image meta-data
+- the Networking Service (Neutron) for DHCP and network configuration
+- the Compute Service (Nova) works with Ironic and acts as a user-facing API
+  for instance management, while Ironic provides the admin/operator API for
+  hardware management. Nova also provides scheduling facilities (matching
+  flavors <-> images <-> hardware), tenant quotas, IP assignment, and other
+  services which Ironic does not, in and of itself, provide.
+
+- the Block Storage (Cinder) will provide volumes, but the aspect is not yet available.
 
 The Bare Metal Service includes the following components:
 
-- ironic-api. A RESTful API that processes application requests by sending
+- ironic-api: A RESTful API that processes application requests by sending
   them to the ironic-conductor over RPC.
-- ironic-conductor. Adds/edits/deletes nodes; powers on/off nodes with
+- ironic-conductor: Adds/edits/deletes nodes; powers on/off nodes with
   ipmi or ssh; provisions/deploys/decommissions bare metal nodes.
-- Ironic client. A command-line interface (CLI) for interacting with
+- ironic-python-agent: A python service which is run in a temporary ramdisk to
+  provide ironic-conductor service(s) with remote access and in-band hardware
+  control.
+- python-ironicclient: A command-line interface (CLI) for interacting with
   the Bare Metal Service.
 
 Additionally, the Bare Metal Service has certain external dependencies, which are
@@ -44,6 +55,20 @@ very similar to other OpenStack Services:
 - A queue. A central hub for passing messages. It should use the same
   implementation as that of the Compute Service (typically RabbitMQ).
 
+Optionally, one may wish to utilize the following associated projects for
+additional functionality:
+
+- ironic-discoverd_; An associated service which performs in-band hardware
+  introspection by PXE booting unregistered hardware into a "discovery ramdisk".
+- diskimage-builder_; May be used to customize machine images, create and
+  discovery deploy ramdisks, if necessary.
+.. _ironic-discoverd: https://github.com/stackforge/ironic-discoverd
+.. _diskimage-builder: https://github.com/openstack/diskimage-builder
+
+
+.. todo: include coreos-image-builder reference here, once the split is done
+
+
 Install and Configure Prerequisites
 ===================================
 
@@ -676,21 +701,6 @@ steps on the Ironic conductor node to configure PXE UEFI environment.
 
     ironic node-update <node-uuid> add properties/capabilities='boot_mode:uefi'
 
-#. For deploying signed images, update the Ironic node with ``secure_boot``
-   capability in node's properties.
-   field::
-
-    ironic node-update <node-uuid> add properties/capabilities='secure_boot:true'
-
-#. Ensure the public key of the signed image is loaded into baremetal to deploy
-   signed images.
-   For HP Proliant Gen9 servers, one can enroll public key using iLO System
-   Utilities UI. Please refer to section ``Accessing Secure Boot options`` in
-   HP UEFI System Utilities User Guide http://www.hp.com/ctg/Manual/c04398276.pdf.
-   Also, one can refer to white paper on Secure Boot on Linux for HP Proliant
-   Servers at http://h20195.www2.hp.com/V2/getpdf.aspx/4AA5-4496ENW.pdf for
-   more details.
-
 #. Make sure that bare metal node is configured to boot in UEFI boot mode and
    boot device is set to network/pxe.
 
diff --git a/doc/source/deploy/upgrade-guide.rst b/doc/source/deploy/upgrade-guide.rst
new file mode 100644
index 000000000..2ce9e0952
--- /dev/null
+++ b/doc/source/deploy/upgrade-guide.rst
@@ -0,0 +1,36 @@
+.. _upgrade-guide:
+
+=====================================
+Bare Metal Service Upgrade Guide
+=====================================
+
+This document outlines various steps and notes for operators to consider when
+upgrading their Ironic-driven clouds from previous versions of OpenStack.
+
+The Ironic service is tightly coupled with the Ironic driver that is shipped
+with Nova. Currently, some special considerations must be taken into account
+when upgrading your cloud from previous versions of OpenStack.
+
+Upgrading from Juno to Kilo
+===========================
+
+When upgrading a cloud from Juno to Kilo, users must ensure the Nova
+service is upgraded prior to upgrading the Ironic service. Additionally,
+users need to set a special config flag in Nova prior to upgrading to ensure
+the newer version of Nova is not attempting to take advantage of new Ironic
+features until the Ironic service has been upgraded. The steps for upgrading
+your Nova and Ironic services are as follows:
+
+- Edit nova.conf and ensure force_config_drive=False is set in the [DEFAULT]
+  group. Restart nova-compute if necessary.
+- Install new Nova code, run database migrations
+- Install new python-ironicclient code.
+- Restart Nova services.
+- Install new Ironic code, run database migrations, restart Ironic services.
+- Edit nova.conf and set force_config_drive to your liking, restaring
+  nova-compute if necessary.
+
+Note that during the period between Nova's upgrade and Ironic's upgrades,
+instances can still be provisioned to nodes, however, any attempt by users
+to specify a config drive for an instance will cause error until Ironic's
+upgrade has completed.
diff --git a/doc/source/deploy/user-guide.rst b/doc/source/deploy/user-guide.rst
index 59d290a4e..89d0fd272 100644
--- a/doc/source/deploy/user-guide.rst
+++ b/doc/source/deploy/user-guide.rst
@@ -47,8 +47,8 @@ Conceptual Architecture
 =======================
 
 The following diagram shows the relationships and how all services come into
-play during the provisioning of a physical server. (Note that Swift can be
-used with Ironic, but is missing from this diagram.)
+play during the provisioning of a physical server. (Note that Ceilometer and
+Swift can be used with Ironic, but are missing from this diagram.)
 
 
 .. figure:: ../images/conceptual_architecture.png
diff --git a/doc/source/drivers/amt.rst b/doc/source/drivers/amt.rst
index 33e9701ac..ef6701a83 100644
--- a/doc/source/drivers/amt.rst
+++ b/doc/source/drivers/amt.rst
@@ -76,3 +76,14 @@ A detailed reference is available here, and a short guide follows below:
    ``amt_address``, and ``amt_username``
 
 * Boot an instance
+
+.. note::
+    It is recommended that nodes using the pxe_amt driver be deployed with the
+    `local boot`_ option. This is because the AMT firmware currently has no
+    support for setting a persistent boot device. Nodes deployed without the
+    `local boot`_ option could fail to boot if they are restarted outside of
+    Ironic's control (I.E. rebooted by a local user) because the node will
+    not attempt to PXE / network boot the kernel, using `local boot`_ solves this
+    known issue.
+
+.. _`local boot`: http://docs.openstack.org/developer/ironic/deploy/install-guide.html#local-boot-with-partition-images
diff --git a/doc/source/drivers/ilo.rst b/doc/source/drivers/ilo.rst
index 0cfe092ed..3ea0c1929 100644
--- a/doc/source/drivers/ilo.rst
+++ b/doc/source/drivers/ilo.rst
@@ -80,9 +80,10 @@ This driver should work on HP Proliant Gen8 Servers and above with iLO 4.
 It has been tested with the following servers:
 
 * ProLiant DL380e Gen8
-* ProLiant DL380e Gen8
 * ProLiant DL580 Gen8 UEFI
 * ProLiant DL180 Gen9 UEFI
+* ProLiant DL380 Gen9 UEFI
+* ProLiant DL580 Gen9 UEFI
 
 For more up-to-date information on server platform support info, refer
 iLO driver wiki [6]_.
@@ -95,11 +96,13 @@ Features
   by the nova flavor's extra spec.
 * Always boot from network using Virtual Media.
 * UEFI Boot Support
+* UEFI Secure Boot Support
 * Passing authentication token via secure, encrypted management network
   (Virtual Media). Provisioning is done using iSCSI over data network
   (like PXE driver), so this driver has the  benefit of security
   enhancement with the same performance. Hence it segregates management info
   from data channel.
+* Support for Out-Of-Band cleaning operations.
 * Remote Console
 * HW Sensors
 * Works well for machines with resource constraints (lesser amount of memory).
@@ -247,7 +250,15 @@ node::
 
 Boot modes
 ~~~~~~~~~~
-Refer boot_mode_support_ for more information.
+Refer to `Boot mode support`_ section for more information.
+
+UEFI Secure Boot
+~~~~~~~~~~~~~~~~
+Refer to `UEFI Secure Boot support`_ section for more information.
+
+Node cleaning
+~~~~~~~~~~~~~
+Refer to ilo_node_cleaning_ for more information.
 
 agent_ilo driver
 ^^^^^^^^^^^^^^^^
@@ -271,7 +282,8 @@ This driver should work on HP Proliant Gen8 Servers and above with iLO 4.
 It has been tested with the following servers:
 
 * ProLiant DL380e Gen8
-* ProLiant DL380e Gen8
+* ProLiant DL380 Gen9 UEFI
+* ProLiant DL580 Gen9 UEFI
 
 This driver supports only Gen 8 Class 0 systems (BIOS only).  For
 more up-to-date information, check the iLO driver wiki [6]_.
@@ -279,11 +291,16 @@ more up-to-date information, check the iLO driver wiki [6]_.
 Features
 ~~~~~~~~
 * PXE-less deploy with Virtual Media using Ironic Python Agent.
+* Support for out-of-band cleaning operations.
 * Remote Console
 * HW Sensors
 * IPA runs on the baremetal node and pulls the image directly from Swift.
 * IPA deployed instances always boots from local disk.
 * Segregates management info from data channel.
+* UEFI Boot Support
+* UEFI Secure Boot Support
+* Support to use default in-band cleaning operations supported by
+  Ironic Python Agent. For more details, see :ref:`InbandvsOutOfBandCleaning`.
 
 Requirements
 ~~~~~~~~~~~~
@@ -421,6 +438,18 @@ node::
 
   ironic node-create -d agent_ilo -i ilo_address=<ilo-ip-address> -i ilo_username=<ilo-username> -i ilo_password=<ilo-password> -i ilo_deploy_iso=<glance-uuid-of-deploy-iso>
 
+Boot modes
+~~~~~~~~~~
+Refer to `Boot mode support`_ section for more information.
+
+UEFI Secure Boot
+~~~~~~~~~~~~~~~~
+Refer to `UEFI Secure Boot support`_ section for more information.
+
+Node Cleaning
+~~~~~~~~~~~~~
+Refer to ilo_node_cleaning_ for more information.
+
 pxe_ilo driver
 ^^^^^^^^^^^^^^
 
@@ -456,6 +485,7 @@ Features
 * Automatic detection of current boot mode.
 * Automatic setting of the required boot mode if UEFI boot mode is requested
   by the nova flavor's extra spec.
+* Support for Out-Of-Band cleaning operations.
 
 Requirements
 ~~~~~~~~~~~~
@@ -510,13 +540,15 @@ node::
 
 Boot modes
 ~~~~~~~~~~
-Refer boot_mode_support_ for more information.
+Refer to `Boot mode support`_ section for more information.
+
+Node Cleaning
+~~~~~~~~~~~~~
+Refer to ilo_node_cleaning_ for more information.
 
 Functionalities across drivers
 ==============================
 
-.. _boot_mode_support:
-
 Boot mode support
 ^^^^^^^^^^^^^^^^^
 The following drivers support automatic detection and setting of boot
@@ -524,6 +556,7 @@ mode (Legacy BIOS or UEFI).
 
 * ``pxe_ilo``
 * ``iscsi_ilo``
+* ``agent_ilo``
 
 The boot modes can be configured in Ironic in the following way:
 
@@ -570,6 +603,104 @@ diskimage-builder command to build the image.  For example::
 
   disk-image-create ubuntu baremetal iso
 
+UEFI Secure Boot support
+^^^^^^^^^^^^^^^^^^^^^^^^
+The following drivers support UEFI secure boot deploy:
+
+* ``iscsi_ilo``
+* ``agent_ilo``
+
+The UEFI secure boot mode can be configured in Ironic by adding
+``secure_boot`` parameter in the ``capabilities`` parameter  within
+``properties`` field of an Ironic node.
+
+``secure_boot`` is a boolean parameter and takes value as ``true`` or
+``false``.
+
+To enable ``secure_boot`` on a node add it to ``capabilities`` as below::
+
+ ironic node-update <node-uuid> add properties/capabilities='secure_boot:true'
+
+Nodes having ``secure_boot`` set to ``true`` may be requested by adding an
+``extra_spec`` to the Nova flavor::
+
+  nova flavor-key ironic-test-3 set capabilities:secure_boot="true"
+  nova boot --flavor ironic-test-3 --image test-image instance-1
+
+If ``capabilities`` is used in ``extra_spec`` as above, Nova scheduler
+(``ComputeCapabilitiesFilter``) will match only Ironic nodes which have
+the ``secure_boot`` set appropriately in ``properties/capabilities``. It will
+filter out rest of the nodes.
+
+The above facility for matching in Nova can be used in heterogeneous
+environments where there is a mix of machines supporting and not supporting
+UEFI secure boot, and operator wants to provide a choice to the user
+regarding secure boot.  If the flavor doesn't contain ``secure_boot`` then
+Nova scheduler will not consider secure boot mode as a placement criteria,
+hence user may get a secure boot capable machine that matches with user
+specified flavors but deployment would not use its secure boot capability.
+Secure boot deploy would happen only when it is explicitly specified through
+flavor.
+
+Ensure the public key of the signed image is loaded into baremetal to deploy
+signed images.
+For HP Proliant Gen9 servers, one can enroll public key using iLO System
+Utilities UI. Please refer to section ``Accessing Secure Boot options`` in
+HP UEFI System Utilities User Guide. [7]_
+One can also refer to white paper on Secure Boot for Linux on HP Proliant
+servers for additional details. [8]_
+
+.. _ilo_node_cleaning:
+
+Node Cleaning
+^^^^^^^^^^^^^
+The following iLO drivers support node cleaning -
+
+* ``pxe_ilo``
+* ``iscsi_ilo``
+* ``agent_ilo``
+
+Supported Cleaning Operations
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+* The cleaning operations supported are:
+
+  -``reset_ilo``:
+    Resets the iLO. By default, enabled with priority 1.
+  -``reset_bios_to_default``:
+    Resets BIOS Settings to default. By default, enabled with priority 10.
+    This clean step is supported only on Gen9 and above servers.
+  -``reset_secure_boot_keys_to_default``:
+    Resets secure boot keys to manufacturer's defaults. This step is supported
+    only on Gen9 and above servers. By default, enabled with priority 20 .
+  -``reset_ilo_credential``:
+    Resets the iLO password, if 'ilo_change_password' is specified as part of
+    node's driver_info. By default, enabled with priority 30.
+  -``clear_secure_boot_keys``:
+    Clears all secure boot keys. This step is supported only on Gen9 and above
+    servers. By default, this step is disabled.
+
+* For in-band cleaning operations supported by ``agent_ilo`` driver, see
+  :ref:`InbandvsOutOfBandCleaning`.
+
+* All the cleaning steps have an explicit configuration option for priority.
+  In order to disable or change the priority of the clean steps, respective
+  configuration option for priority should be updated in ironic.conf.
+
+* Updating clean step priority to 0, will disable that particular clean step
+  and will not run during cleaning.
+
+* Configuration Options for the clean steps are listed under [ilo] section in
+  ironic.conf ::
+
+  - clean_priority_reset_ilo=1
+  - clean_priority_reset_bios_to_default=10
+  - clean_priority_reset_secure_boot_keys_to_default=20
+  - clean_priority_clear_secure_boot_keys=0
+  - clean_priority_reset_ilo_credential=30
+  - clean_priority_erase_devices=10
+
+For more information on node cleaning, see [9]_.
 
 References
 ==========
@@ -579,4 +710,7 @@ References
 .. [4] http://docs.openstack.org/developer/glance/configuring.html#configuring-the-swift-storage-backend
 .. [5] Ironic Python Agent - https://github.com/openstack/ironic-python-agent
 .. [6] https://wiki.openstack.org/wiki/Ironic/Drivers/iLODrivers
+.. [7] HP UEFI System Utilities User Guide - http://www.hp.com/ctg/Manual/c04398276.pdf
+.. [8] Secure Boot for Linux on HP Proliant servers http://h20195.www2.hp.com/V2/getpdf.aspx/4AA5-4496ENW.pdf
+.. [9] http://docs.openstack.org/developer/ironic/deploy/cleaning.html
 
diff --git a/doc/source/index.rst b/doc/source/index.rst
index a3339207d..7ea533fdb 100644
--- a/doc/source/index.rst
+++ b/doc/source/index.rst
@@ -57,6 +57,7 @@ Overview
 
   deploy/user-guide
   deploy/install-guide
+  deploy/upgrade-guide
   deploy/drivers
   deploy/cleaning