| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
... And tags, but nobody uses tags since it is not available
via the API.
Anyhow, the online upgrade code was written under the assumption
that *all* tables had an "id" column. This is not always true
in the ironic data model for tables which started as pure extensions
of the Nodes table, and fails in particular when:
1) A database row has data stored in an ealier version of the object
2) That same object gets a version upgrade.
In the case which discovered this, BIOSSetting was added at version
1.0, and later updated to include additional fields which incremented
the version to 1.1. When the upgrade went to evaluate and iterate
through the fields, the command failed because the table was designed
around "node_id" instead of "id".
Story: 2010632
Task: 47590
Change-Id: I7bec6cfacb9d1558bc514c07386583436759f4df
(cherry picked from commit cbe5f86ce7c100f834701cf43f7b9b1bfdfb9ea5)
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
If the published image is a hardlink, the source selinux context is
preserved. This could cause access denied when retrieving the image
using its URL.
Change-Id: I550dac9d055ec30ec11530f18a675cf9e16063b5
|
| |/
|
|
|
|
|
|
|
|
|
|
|
| |
In its current place, reno config changes will not cause
build-openstack-releasenotes job to run, which means changes can land to
that config without being tested. Yikes!
Also fixes error in regexp which was preventing this from actually
fixing the build-openstack-releasenotes job.
Co-Authored-By: Adam McArthur <adam@mcaq.me>
Change-Id: I4d46ba06ada1afb5fd1c63db5850a1983e502a6c
(cherry picked from commit fbe22b23bc3f1c89822e17417747378c9449ebeb)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A race condition can be observed in CI under heavy load where the
conductor triggers are boot of the agent before it is fully online
based upon state, but not considering the existence of an agent
token. As a result, agent is never able to check in with Ironic
and the overall operation fails.
We now consider agent token's existence before retrying PXE as
it is the very earliest indicator of a starting agent.
Change-Id: Ice764866a08647031d16570860ec384204269501
Story: 2010107
Task: 45674
(cherry picked from commit d75424b5e5685a9cf04b30a5b0555efd1313e9c3)
|
| |
|
|
|
|
| |
Formatting changes in config file required for tox 4.0.
Change-Id: I84202ac10e9195647162f0b5737ebb610ef1ef93
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds new SNMPv3 auth protocols to iRMC which are supported
from iRMC S6.
Conflicts:
ironic/conf/irmc.py
ironic/drivers/modules/irmc/common.py
Change-Id: Id2fca59bebb0745e6b16caaaa7838d1f1a2717e1
Story: 2010309
Task: 46353
(cherry picked from commit 233c6408389be5f3e271b46154943bc744e0290e)
(cherry picked from commit be0e687538c60b5273bc5a24829c137ad36b1661)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently when using SNMPv3, iRMC driver does not use SNMPv3
authentication parameters so the SNMPv3 authentication will
always fail. And iRMC cannot recognize FIPS mode, so when FIPS mode
is enabled, iRMC driver could still use non-FIPS-compliant algorithms.
This commit changes iRMC driver to require and use SNMPv3
authentication parameters when 'irmc_snmp_version' is set to v3 and
also makes iRMC driver to force 'irmc_snmp_version' to v3,
'irmc_snmp_auth_proto' to SHA and 'irmc_snmp_priv_proto' to AES
when FIPS mode is enabled, because currently among the algorithms
supported by iRMC, only SHA and AES are FIPS compliant.
Conflicts:
ironic/common/utils.py
Change-Id: Id6f8996e4d103f849325f54fe0619b4acb43453a
Story: 2010085
Task: 45590
(cherry picked from commit 79f82c0262c84f1e317991052d065259b3a4683d)
(cherry picked from commit c274231bf5bb9260d2b13865ab20f39131d30b4b)
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Adding a new library to a stable branch is against stable policy,
but we landed the patch anyway. In order to faciliate making a
release without violating policy against stable versions not
introducing new requirements, we've imported the relevant needed
methods from the packaging library locally.
Change-Id: Idca63219ee0491404bcecdc3ff74160e220d6511
|
| |/
|
|
|
|
|
|
| |
We removed the need for this library. Correcting release notes.
Change-Id: I76abedacba369798cfddd169ec24efdf40338c89
(cherry picked from commit b418416c8b3277f831520ade605b5d5a95813454)
(cherry picked from commit a26ebea484ecd2d3617809469160a48e84bddf9d)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, the prepare_ramdisk implementation of the
redfish-virtual-media boot interface skips configuring an ISO in
fast-track mode. When rebooting after BIOS/RAID settings changes, we
need to enforce the correct ISO configuration.
Conflicts:
ironic/drivers/modules/deploy_utils.py
ironic/drivers/modules/redfish/bios.py
Change-Id: Ibdfe0775065f3b27478305dd18929a291df3ee3c
(cherry picked from commit 89f421b166915a22626dcb919382ce13f4588973)
(cherry picked from commit d85d7f8ac52f289b7b01096c65757b68791f4bd4)
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fix indentation for case when raid_type is missing.
Generally, it is not expected that raid_type will be
missing, this is done as a precaution as raid_type
was introduced in Redfish 1.3.1. Now log warning
that raid_type is missing, thus cannot update
raid_config correctly.
Followup to I753c4b00c0a64bcdc89c9bc0afd46f1211f7847b
Change-Id: Id66b87309dd26a2a165b35ac1d81580e4605d629
(cherry picked from commit 3a621e3983eb2eb1d013d687acc3f5981cdfbc64)
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Specify the schema version for network_data and node, otherwise the
latest one is used.
Also fix one test where the error messages was changed.
Change-Id: I4a614d7e73348bbe6c355a40881b013cbfe00b03
(cherry picked from commit 55b9579f14ea08a2dc732336d8f552cc14ab895d)
|
| |\ \ \ |
|
| | | |/
| |/|
| | |
| | |
| | |
| | |
| | | |
It's spelled this way, not DisplayValueName.
Change-Id: I170d78bdb7ed0f6c36a80a9f2ceb9629f44394ed
(cherry picked from commit 9f1f58c6af3aabcb3ae56e5f7b292f07e81e2864)
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This patch modifies iRMC driver to use certification file
when it connects to iRMC via HTTPS
Conflicts:
doc/source/admin/drivers/irmc.rst
driver-requirements.txt
ironic/drivers/modules/irmc/common.py
ironic/drivers/modules/irmc/raid.py
ironic/tests/unit/drivers/modules/irmc/test_common.py
ironic/tests/unit/drivers/modules/irmc/test_power.py
releasenotes/notes/irmc-add-certification-file-option-34e7a0062c768e58.yaml
Change-Id: If69ce1cf2789d9d60fb8e544596cf7d29eab514d
Co-authored-by: Kobayashi Daisuke <kobayashi.da-06@fujitsu.com>
Co-authored-by: Song Shukun <song.shukun@jp.fujitsu.com>
Story: 2009801
Task: 44345
(cherry picked from commit 64d7a7f3077bc000a18c4a0c56f122941b262483)
(cherry picked from commit 6c0152afa141d05ee28cba81178622021574ae17)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Few unit tests change attribute of CONF variable via Python
assignment. This changes attribute of CONF, which is instance
of XxxOpt class defined in oslo_config, to Python literal value.
This affects result of another unit test.
To avoid this, we should change attribute of CONF variable with
set_override method.
Change-Id: I4bd8b1b4ea974834f1149fcaa79de85d24f5f7d1
Story: 2010214
Task: 45956
(cherry picked from commit 3b28d0984d5eb82320c632dd5840cebf6d0762ad)
(cherry picked from commit 593a547a8dbbbeee2225520812f8b235c39656b0)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
At current, retry_attempt & retry_interval in ironic.conf [molds]
is instance of StrOpt. However it should be IntOpt class.
If it remains to StrOpt class, tenacity.retry wrapper in common/molds.py
will fail with TypeError.
Change-Id: Iafedf2ec0326009585c1cac251ecae65c9e666ac
Story: 2010215
Task: 45957
(cherry picked from commit 35bc014ed94ee0c78ee8d44113fcea721f0c1af0)
|
| |/
|
|
|
|
|
|
|
|
|
|
|
| |
Bandit's B509 (SNMPv3 no authentication/privacy) check is
triggered by our line wrapping, as the check looks at the
number of arguments, and triggers if it only parses 3 arguments.
In Ironic's case, we pass five arguments. Presumably, this is due
to the line wrapping. Ultimately this bandit check is very new
having only been added with in the last few months.
Change-Id: Idaee72a53a1f33bcab940c6ebe1e7c113a1cb1ce
(cherry picked from commit e02ab89410c194faf54eaa4133e64ff24f873120)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Story: 2003514
Task: 41940
Conflicts:
ironic/drivers/modules/redfish/raid.py
ironic/tests/unit/drivers/modules/redfish/test_raid.py
Change-Id: I753c4b00c0a64bcdc89c9bc0afd46f1211f7847b
(cherry picked from commit 29364b7fb40327dc277c535e5b829133274ad420)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes ``redfish`` RAID interface workflow to not create more than 1
logical disks per controller at the same time when controller does not
support 'Immediate' application time and system needs rebooting.
With this fix virtual disks are grouped by controller and executed
in batches when reboot is required.
This enables ``redfish`` RAID interface to be used with iDRAC systems
directly as although there are many controllers that support 'Immediate'
application time, they do it only when system has completed loading.
System intermittently completes loading after IPA starts executing
clean or deploy steps rendering controllers not supporting 'Immediate'
apply time and requiring reboot. This fix handles such scenario
instead of failing to create more than 1 virtual disk.
Story: 2009863
Task: 44529
Conflicts:
ironic/drivers/modules/redfish/raid.py
Change-Id: Ia2ce34f09695731b0f48798f662006c4904e2223
(cherry picked from commit d7d8f8754b36af4b686ce540e699fc5cb945c10c)
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Redfish Tasks do not report failures via HTTP status codes. Instead
have to check TaskState and TaskStatus.
Story: 2009767
Task: 44244
Change-Id: I8f9a89d18d22d18a2e695fde894bcd27f18f8954
(cherry picked from commit 196d8f7fc055667af501ea0569ba5c501a2c6e8d)
|
| |\ \ |
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Node can be in CLEANWAIT or DEPLOYWAIT during async step
handling when it needs another reboot. Without this change
node fails to boot back to IPA.
This unifies all occurrences and create utility method for
reuse. All occurrences are aligned to have the same set of
states in case they are needed in future.
Change-Id: I685c5827a70df4abb358635d89b86894671ac493
(cherry picked from commit dd1cb46f2b0146524f0cb4d3579ac5c5b9a6fa45)
|
| |/
|
|
|
|
|
|
|
|
|
|
| |
The issue with standard Redfish virtual media boot has
been fixed now. Update to restrict use of redfish-virtual-media
based on iDRAC firmware version.
Conflicts:
ironic/drivers/modules/redfish/boot.py
Change-Id: I8ead1d24a9bd502b64fe7dd058e77550fcee141c
(cherry picked from commit 73040c88d99f066644277f32e86d196305fc8596)
|
| |
|
|
|
| |
Change-Id: Ib1d415928a6555298d42e8d525f04eb1028a4bb8
(cherry picked from commit e0c758bb95f92081e54f3c8ed9fa95dcbe7d917e)
|
| |
|
|
|
|
| |
Change-Id: Idf7991d8f8a8cebcdc0413f26ad31542f8ffa8a8
See: https://zuul-ci.org/docs/zuul/latest/releasenotes.html#relnotes-4-1-0-deprecation-notes
(cherry picked from commit 63e53797adca625edd2fdacd16a025bedccf8731)
|
| |
|
|
|
|
|
| |
Prevents the ironic-lib CI from testing ironic-lib changes in IPA.
Change-Id: I936f6c1506c585826501ff3ac0bad0c755b4d360
(cherry picked from commit b94e52f55a0c4f9d6f3a771179da4ec5ccbddbd7)
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The anaconda deploy interface wasn't handling configdrive
correctly. This fixes:
- the code was incorrectly treating the config drive as a dict,
whereas it could also be in iso6600 format,
gzipped and base64-encoded. It is handled properly now.
- kickstart commands that deal with the config drive were added
to the end of the kickstart file. Which means that they are
executed after an ironic API request is sent to ironic to
indicate that the node has been provisioned and is ready
to be rebooted. Which means that there is a possible race
condition wrt these commands being completed before the node
is powered off. This has been fixed by putting the API request
at the end of the kickstart file. Also, a sync was added to
ensure that all modifications are written to disk.
- extra newlines ('\n') were incorrectly added to the user data content.
This broke the content-type decoding and cloud-init was unable to
proces them. The extra newlines have been removed.
Conflict: ironic/common/pxe_utils.py, build_kickstart_config_options()
and prepare_instance_kickstart_config() due to code changes in master
that aren't here. Manually fixed.
Change-Id: If00342a1bfa3e87b2094061b0e2b0b69de3a8a4f
(cherry picked from commit 09d8a94d5a9b3cabdf7fddc483821fd0df69e5ee)
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The anaconda deploy interface was saving internal information in
the node's instance_info, in the user-facing 'stage2' and
'ks_template' fields. This broke rebuilds using a different image
with different stage2 or template specified in the image properties.
This has been fixed by saving the information in the node's
driver_internal_info instead.
Addresses comments/nits from
https://review.opendev.org/c/openstack/ironic/+/827924.
Conflict: ironic/common/pxe_utils.py & ironic/drivers/modules/pxe.py
because Node.[set|del]_driver_internal_info() are only avail in
master; changed to copy the dict, make the changes, and then set
the node's driver_internal_info to the updated dict.
Change-Id: Id9428518d21290fb38a0f7471a2cb69a6cb3ffb2
(cherry picked from commit ab68c9d88b76e4ff83f9dffddcc204676fdb50d5)
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The anaconda deploy interface has a few issues that are
addressed here:
- fixes logic in get_instance_image_info() for anaconda. If the
ironic node's instance_info doesn't have both 'stage2' and
'ks_template' specified, we weren't using any values from the
instance_info. This has been fixed to use values from
instance_info if specified. Otherwise, they are set as follows:
The 'stage2' value is taken from the image properties.
We use the value for 'ks_template' if it is specified in the
image properties. If not (since it is optional), we use the
config option's '[anaconda]default_ks_template' value.
setting.
- For anaconda's stage2 directory, we were incorrectly creating a
directory using the full path of the stage2 file. It now
correctly creates the right directory.
- The anaconda deploy interface expects the node's instance_info
to be populated with the 'image_url'; added code to do that in
PXEAnacondaDeploy's prepare() method.
- When the deploy is finished and the bm node is being rebooted,
we incorrectly set the node's provision state to 'active'
instead of doing it via the provisioning state machine mechanism.
- The code that was doing the validation of the kickstart file was
incorrect and resulted in errors; this has been addressed.
- The '%traceback' section in the packaged 'ks.cfg.template' file
is deprecated and fails validation, so it has been removed.
Conflict: ironic/common/pxe_utils.py, cache_ramdisk_kernel(), due
to code changes in master that aren't in xena. Manually fixed.
Change-Id: I953e948bcfa108d4c8e7b145da2f52b652e52a10
(cherry picked from commit 06cc5d47dcdc49193e5e4e748471eb0b9ae97bbb)
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The keystoneauth's error message on connection problems is very
confusing:
Version requested but version discovery document was not found and
allow_version_hack was False
While I'm trying to improve the situation in [1], it still won't be
perfect. This patch adds some context to DiscoveryFailure.
We should probably do the same for other services, but inspector is
particularly affected since it can be used standalone.
[1] https://review.opendev.org/c/openstack/keystoneauth/+/825540
Change-Id: Ibd41580d1389c7584639bf000e330fec5ee1b73d
(cherry picked from commit 503e3658243bf8d793063734151c4f94e3af1fe4)
|
| |\ \ \
| |_|/
|/| | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
iPXE derives its "file names" from the last component of the URL path.
In case of the conductor's local server it's {mode}_{component} where
mode = deploy/rescue and component = kernel/ramdisk. However, in case
of Swift/Ceph, the last component will be different. This patch accounts
for it.
Change-Id: I7ba5545032069509a9c302abe1c21537ccb5ec8a
(cherry picked from commit c975eaa8c67d917feac75c9053cddcfb708e08a3)
|
| |\ \ \ |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
We need configdrives to pass information reliably, and the new cirros
image does not work without them.
Change-Id: I6cafa050d5c1c8289483f968d26c50485fd4528a
(cherry picked from commit 2f09b7b1026551cb5818436a3714260fee9fcac4)
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The standalone job changes boot_option in runtime, so local boot
can be used even when the default boot option is netboot.
Change-Id: Ia538907f3662e8cd84d988ea5d862c7f488558e1
(cherry picked from commit 7ac480412626c38fa3493088dbf49e29303491b6)
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The left/right single quotation marks cause an ascii decode error in
some python3.6 environments.
Change-Id: I80d1b3e7f9e2e23ddaca640714a342b63ae3a5fa
(cherry picked from commit b8ef35a98462c0605aa6efa47932f03e34cf994a)
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Cirros partition images are not compatible with local boot since they
don't ship grub (nor a normal root partition). This change adds a script
that builds a partition image with UEFI artifacts present. It still
cannot be booted in legacy mode, but it's a progress.
Set the tempest plugin's partition_netboot option. We need it to inform
the tempest plugin about the ability to do local boot. This option
already exists but is never set.
Also set the new default_boot_option parameter, which will be introduced
and used in Iaba563a2ecbca029889bc6894b2a7f0754d27b88.
Remove netboot from most of the UEFI jobs.
Conflicts:
devstack/files/bindep.txt
zuul.d/ironic-jobs.yaml
Change-Id: I15189e7f5928126c6b336b1416ce6408a4950062
(cherry picked from commit bbceca562e0b552cd2fc33b2833931ab3cbbfce5)
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Images can be generated on fly, so let us respect the decision of the
server to disable caching.
Also disable caching for file images: it's just waste of space.
Change-Id: I425b1915c73354af90329d5b3a1fb0a616adaa93
(cherry picked from commit 7043a414a8646eaf5841e87c3cf9a4790d0f8a39)
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Node history was particularly affected: limit was not converted from
string to integer, so "next" link was never added.
Add some safeguards to the generic API code.
Change-Id: I1328e2f07621bf7e39b96eb4a7ddb66c9a2b65bb
(cherry picked from commit 55144d3bd262be35c7a034fea083c3ed73fd63d8)
|
| |\ \ \
| |_|/
|/| | |
|
