| Commit message (Collapse) | Author | Age | Files | Lines |
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When cleaning fails, we power off the node, unless it has been running
a clean step already. This happens when aborting cleaning or on a boot
failure. This change makes sure that the power action does not wipe
the last_error field, resulting in a node with provision_state=CLEANFAIL
and last_error=None for several seconds. I've hit this in Metal3.
Also when aborting cleaning, make sure last_error is set during
the transition to CLEANFAIL, not when the clean up thread starts
running.
While here, make sure to log the current step in all cases, not only
when aborting a non-abortable step.
Change-Id: Id21dd7eb44dad149661ebe2d75a9b030aa70526f
Story: #2010603
Task: #47476
(cherry picked from commit 9a0fa631ca53b40f4dc1877a73e65ded8ac37616)
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
... And tags, but nobody uses tags since it is not available
via the API.
Anyhow, the online upgrade code was written under the assumption
that *all* tables had an "id" column. This is not always true
in the ironic data model for tables which started as pure extensions
of the Nodes table, and fails in particular when:
1) A database row has data stored in an ealier version of the object
2) That same object gets a version upgrade.
In the case which discovered this, BIOSSetting was added at version
1.0, and later updated to include additional fields which incremented
the version to 1.1. When the upgrade went to evaluate and iterate
through the fields, the command failed because the table was designed
around "node_id" instead of "id".
Story: 2010632
Task: 47590
Change-Id: I7bec6cfacb9d1558bc514c07386583436759f4df
(cherry picked from commit cbe5f86ce7c100f834701cf43f7b9b1bfdfb9ea5)
|
|/
|
|
|
|
|
|
|
|
|
|
| |
In a relatively odd turn of events, should cleaning
have started, but then timed out due to lost communications
or a hard failure of the machine, an agent token could
previously be orphaned preventing re-cleaning.
We now explicitly remove the token in this case.
Change-Id: I236cdf6ddb040284e9fd1fa10136ad17ef665638
(cherry picked from commit 47b5909486c336352c536eb2cadd121afea8cf12)
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Do not update `raid_configs` if operation is synchronous.
First, it is not needed, second, it will not be cleaned
up by async periodics. As the result the data remains
on the node and causes errors the next time node is in
cleaning state.
Story: 2010476
Task: 47037
Change-Id: Ib1850c58d1670c3555ac9b02eb7958a1b440a339
(cherry picked from commit 17c9e58c9ecaca6c058597d906c94a6d032b7efe)
|
|\ \ |
|
| |/
| |
| |
| |
| |
| |
| |
| | |
If the published image is a hardlink, the source selinux context is
preserved. This could cause access denied when retrieving the image
using its URL.
Change-Id: I550dac9d055ec30ec11530f18a675cf9e16063b5
|
|/
|
|
|
|
|
|
|
|
|
|
|
| |
In its current place, reno config changes will not cause
build-openstack-releasenotes job to run, which means changes can land to
that config without being tested. Yikes!
Also fixes error in regexp which was preventing this from actually
fixing the build-openstack-releasenotes job.
Co-Authored-By: Adam McArthur <adam@mcaq.me>
Change-Id: I4d46ba06ada1afb5fd1c63db5850a1983e502a6c
(cherry picked from commit fbe22b23bc3f1c89822e17417747378c9449ebeb)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A race condition can be observed in CI under heavy load where the
conductor triggers are boot of the agent before it is fully online
based upon state, but not considering the existence of an agent
token. As a result, agent is never able to check in with Ironic
and the overall operation fails.
We now consider agent token's existence before retrying PXE as
it is the very earliest indicator of a starting agent.
Change-Id: Ice764866a08647031d16570860ec384204269501
Story: 2010107
Task: 45674
(cherry picked from commit d75424b5e5685a9cf04b30a5b0555efd1313e9c3)
|
|
|
|
|
|
| |
Formatting changes in config file required for tox 4.0.
Change-Id: I84202ac10e9195647162f0b5737ebb610ef1ef93
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds new SNMPv3 auth protocols to iRMC which are supported
from iRMC S6.
Change-Id: Id2fca59bebb0745e6b16caaaa7838d1f1a2717e1
Story: 2010309
Task: 46353
(cherry picked from commit 233c6408389be5f3e271b46154943bc744e0290e)
(cherry picked from commit be0e687538c60b5273bc5a24829c137ad36b1661)
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently when using SNMPv3, iRMC driver does not use SNMPv3
authentication parameters so the SNMPv3 authentication will
always fail. And iRMC cannot recognize FIPS mode, so when FIPS mode
is enabled, iRMC driver could still use non-FIPS-compliant algorithms.
This commit changes iRMC driver to require and use SNMPv3
authentication parameters when 'irmc_snmp_version' is set to v3 and
also makes iRMC driver to force 'irmc_snmp_version' to v3,
'irmc_snmp_auth_proto' to SHA and 'irmc_snmp_priv_proto' to AES
when FIPS mode is enabled, because currently among the algorithms
supported by iRMC, only SHA and AES are FIPS compliant.
Conflicts:
doc/source/admin/drivers/irmc.rst
ironic/drivers/modules/irmc/common.py
ironic/tests/unit/drivers/modules/irmc/test_boot.py
ironic/tests/unit/drivers/modules/irmc/test_common.py
Change-Id: Id6f8996e4d103f849325f54fe0619b4acb43453a
Story: 2010085
Task: 45590
(cherry picked from commit 79f82c0262c84f1e317991052d065259b3a4683d)
|
|\ \
| |/
|/|
| | |
stable/yoga
|
| |
| |
| |
| |
| |
| | |
We removed the need for this library. Correcting release notes.
Change-Id: I76abedacba369798cfddd169ec24efdf40338c89
|
|\ \
| |/
|/| |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Adding a new library to a stable branch is against stable policy,
but we landed the patch anyway. In order to faciliate making a
release without violating policy against stable versions not
introducing new requirements, we've imported the relevant needed
methods from the packaging library locally.
Change-Id: Idca63219ee0491404bcecdc3ff74160e220d6511
|
|\ \ |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Previously, when a password change occured in ironic,
the session would not be invalidated, and this, in theory,
could lead to all sorts of issues with the old password
still being re-used for authentication.
In a large environment where credentials for BMCs may not
be centralized, this can quickly lead to repeated account
lockout experiences for the BMC service account.
Anyhow, now we consider it in tracking the sessions, so
when the saved password is changed, a new session is
established, and the old session is eventually expired out
of the cache.
Change-Id: I49e1907b89a9096aa043424b205e7bd390ed1a2f
(cherry picked from commit c2ba869040f535e4bb83481d1fe9468e7e6991d8)
|
| |/
|/|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
do_node_verify function runs vendor-driver-defined verify_step.
However, when vendor verify_step fails, it causes stuck of state
machine at verifying.
This is because do_node_verify function tries to retrieve name
of verify_step through node.verify_step but node doesn't have
verify_step attribute and there is no way to handle exception.
This commit fixes this issue.
Change-Id: Ie2ec6e08214661f7dc61c92de646e2f4d5bb5469
Story: 2010209
Task: 45942
(cherry picked from commit f6d2b2ed930caaa1fa7a6827876845eb02610848)
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, clear_job_queue and reset_idrac steps are only supported on
idrac-redfish driver on iDRAC9 hardware. However, Ironic still attempts
to run these steps on iDRAC8 BMCs configured with idrac-redfish driver
which results in verification failures. This change attempts to resolve
it by catching the related exception, logging a warning and continuing
verification. In case of cleaning, it still fails.
Story: 2010091
Task: 45630
Change-Id: Icd8c5378469887962ff32eea2f38697c539f7e95
(cherry picked from commit 1dda97c783653aef638113cb1faa250836ed99e1)
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This patch modifies iRMC driver to use certification file
when it connects to iRMC via HTTPS
Conflicts:
doc/source/admin/drivers/irmc.rst
driver-requirements.txt
ironic/drivers/modules/irmc/common.py
ironic/tests/unit/drivers/modules/irmc/test_common.py
ironic/tests/unit/drivers/modules/irmc/test_power.py
releasenotes/notes/irmc-add-certification-file-option-34e7a0062c768e58.yaml
Change-Id: If69ce1cf2789d9d60fb8e544596cf7d29eab514d
Co-authored-by: Kobayashi Daisuke <kobayashi.da-06@fujitsu.com>
Co-authored-by: Song Shukun <song.shukun@jp.fujitsu.com>
Story: 2009801
Task: 44345
(cherry picked from commit 64d7a7f3077bc000a18c4a0c56f122941b262483)
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Before version 4.8, jsonschema did some wild guessing when producing
error messages for schemas with several equivalent subschemas. In
version 4.8 it is no longer done, causing error messages that are more
correct but also more generic.
This change restores guessing the potential root cause without claiming
that it's the only possible root cause. Also the traits schema is
simplified to make it less ambiguous.
See https://github.com/python-jsonschema/jsonschema/issues/991 for details.
Change-Id: Ia75cecd2bfbc602b8b2b85bdda20fdc04c5eadf4
(cherry picked from commit 62f9c61ae6657227fd1f5dbc86c59a22b6bac28f)
|
| |
| |
| |
| |
| |
| |
| | |
It's spelled this way, not DisplayValueName.
Change-Id: I170d78bdb7ed0f6c36a80a9f2ceb9629f44394ed
(cherry picked from commit 9f1f58c6af3aabcb3ae56e5f7b292f07e81e2864)
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently, the prepare_ramdisk implementation of the
redfish-virtual-media boot interface skips configuring an ISO in
fast-track mode. When rebooting after BIOS/RAID settings changes, we
need to enforce the correct ISO configuration.
Change-Id: Ibdfe0775065f3b27478305dd18929a291df3ee3c
(cherry picked from commit 89f421b166915a22626dcb919382ce13f4588973)
|
|\ \
| |/
|/| |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fix indentation for case when raid_type is missing.
Generally, it is not expected that raid_type will be
missing, this is done as a precaution as raid_type
was introduced in Redfish 1.3.1. Now log warning
that raid_type is missing, thus cannot update
raid_config correctly.
Followup to I753c4b00c0a64bcdc89c9bc0afd46f1211f7847b
Change-Id: Id66b87309dd26a2a165b35ac1d81580e4605d629
(cherry picked from commit 3a621e3983eb2eb1d013d687acc3f5981cdfbc64)
|
|/
|
|
|
| |
Change-Id: I6c53192b69a7b433b2758aa9374cd10b20191af7
(cherry picked from commit e48c62187ca15e130c35b421e5e311eea9a334db)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Few unit tests change attribute of CONF variable via Python
assignment. This changes attribute of CONF, which is instance
of XxxOpt class defined in oslo_config, to Python literal value.
This affects result of another unit test.
To avoid this, we should change attribute of CONF variable with
set_override method.
Change-Id: I4bd8b1b4ea974834f1149fcaa79de85d24f5f7d1
Story: 2010214
Task: 45956
(cherry picked from commit 3b28d0984d5eb82320c632dd5840cebf6d0762ad)
|
|
|
|
|
|
|
|
|
|
|
|
| |
At current, retry_attempt & retry_interval in ironic.conf [molds]
is instance of StrOpt. However it should be IntOpt class.
If it remains to StrOpt class, tenacity.retry wrapper in common/molds.py
will fail with TypeError.
Change-Id: Iafedf2ec0326009585c1cac251ecae65c9e666ac
Story: 2010215
Task: 45957
(cherry picked from commit 35bc014ed94ee0c78ee8d44113fcea721f0c1af0)
|
|
|
|
|
|
|
|
|
|
| |
Specify the schema version for network_data and node, otherwise the
latest one is used.
Also fix one test where the error messages was changed.
Change-Id: I4a614d7e73348bbe6c355a40881b013cbfe00b03
(cherry picked from commit 55b9579f14ea08a2dc732336d8f552cc14ab895d)
|
|\ |
|
| |
| |
| |
| |
| |
| | |
Change-Id: Idf7991d8f8a8cebcdc0413f26ad31542f8ffa8a8
See: https://zuul-ci.org/docs/zuul/latest/releasenotes.html#relnotes-4-1-0-deprecation-notes
(cherry picked from commit 63e53797adca625edd2fdacd16a025bedccf8731)
|
|\ \ |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Missing whitespace renders formatting incorrectly.
Change-Id: I471fd859a5d8557188e6ad41143552457b5bdb50
(cherry picked from commit 737ff34e76949cd4429e0cede8ceebfeba986c9c)
|
|/ /
| |
| |
| |
| |
| |
| | |
The issue is fixed in iDRAC firmware 6.00.00.00.
Change-Id: Ie5b9ce3ed2a9b1cd61d51f64d72403f7dbc5367b
(cherry picked from commit 70812aa6edadf87eb04b0661c204693fa98c3dd4)
|
|\ \
| | |
| | |
| | | |
into stable/yoga
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Ramdisk deploys don't use IPA, no need to provide it. Cleaning may need
the agent, so only skip verification if cleaning is disabled.
Other boot interfaces may need fixing as well, I haven't checked them.
Change-Id: Ia2739311f065e19ba539fe3df7268075d6075787
(cherry picked from commit 65583e64172a0188d125117d1f2288e105832395)
|
|\ \ \
| |/ /
|/| | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The issue with standard Redfish virtual media boot has
been fixed now. Update to restrict use of redfish-virtual-media
based on iDRAC firmware version.
Change-Id: I8ead1d24a9bd502b64fe7dd058e77550fcee141c
(cherry picked from commit 73040c88d99f066644277f32e86d196305fc8596)
|
|/ /
| |
| |
| |
| |
| |
| | |
Story: 2003514
Task: 41940
Change-Id: I753c4b00c0a64bcdc89c9bc0afd46f1211f7847b
(cherry picked from commit 29364b7fb40327dc277c535e5b829133274ad420)
|
| |
| |
| |
| |
| | |
Change-Id: Ib1d415928a6555298d42e8d525f04eb1028a4bb8
(cherry picked from commit e0c758bb95f92081e54f3c8ed9fa95dcbe7d917e)
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We add the same workaround as in change [1] to yoga to fix grenade jobs.
This should be removed once swiftclient is realesed with the fix [2].
[1] https://review.opendev.org/c/openstack/devstack/+/844539\
[2] https://github.com/openstack/python-swiftclient/commit/9eee29d2e46e774eb08acb76c3317a58856f3f71
Change-Id: Ic19030028376df9e3b0ddf2fa81932686707e9b1
|
|/
|
|
|
|
|
|
|
|
|
|
| |
First, it's leaking information. Second, the URLs can be really long and
cause "OSError: [Errno 36] File name too long".
The same issue has already been fixed in the image cache, this change
updates building ISO. Since the files are created in a temporary
location, just use constant names.
Change-Id: Ie5e0523bb4a8941bcb8dc87c4a0b29cb28ddfe40
(cherry picked from commit 2d885126ec5b3cfbe548fa42325d53fbc47d8fd4)
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
In some cases the current conductor may have failed to updated
the heartbeat timestamp due to failure of resource starvation.
When this occurs the dbapi get_offline_conductors method will
include the current conductor in its return value.
In this scenario the conductor may end up forcefully remove
node reservations or allocations from itself, triggering takeover
which fail on-going operations.
This change adds a wrapper to exclude the current conductor.
The wrapper will log a warning to raise the issue.
Related-Bug: #1970484
Stroy: 2010016
Task: 45204
Depends-On: https://review.opendev.org/839910
Change-Id: I6a8f38934b475f792433be6f0882540b82ca26c1
(cherry picked from commit 4cf0147e86039e8fa2232c3de6d45f1405a515d0)
|
|\ \
| | |
| | |
| | | |
stable/yoga
|
| |/
| |
| |
| |
| |
| |
| | |
Prevents the ironic-lib CI from testing ironic-lib changes in IPA.
Change-Id: I936f6c1506c585826501ff3ac0bad0c755b4d360
(cherry picked from commit b94e52f55a0c4f9d6f3a771179da4ec5ccbddbd7)
|