| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
| |
The fixed configdrive_use_object_store requires them.
Change-Id: Ie7323ae107c7f801be010353c7c4f3b8a43c3a1a
|
|
|
|
|
|
|
|
|
|
| |
Since we've dropped support for Python 2.7, it's time to look at
the bright future that Python 3.x will bring and stop forcing
compatibility with older versions.
This patch removes the six library from requirements, not
looking back.
Change-Id: Ib546f16965475c32b2f8caabd560e2c7d382ac5a
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently we expect keystoneauth to raise on missing endpoint, but in
many cases it returns None from get_endpoint instead. This causes two
kinds of problems:
* Raising Python exceptions in the code that is not ready to handle None
(e.g. get_ironic_api_url in deploy_utils).
* Passing endpoint_override=None to client constructors, thus effectively
ignoring provided adapter configuration options.
This change turns None into a proper error.
Change-Id: I8dad2e8ef5ff39167995dfe8266a48e80a29788b
|
|
|
|
|
|
|
|
|
| |
Fixes binary files upload to Swift. Prior to this
fix, binary file upload to Swift might fail at unicode
characters interpretation.
Story: 2005697
Change-Id: Icbe69bc628af8bdfd48327319f5c6b01607700bf
|
|
|
|
|
|
|
|
|
|
|
| |
python-swiftclient stopped supporting the temp url structure used when radosgw
was set as the endpoint_type in ocata, meaning only Newton and older versions
of python-swiftclient will work. Newton is deprecated, so remove the option.
This breaks the deprecation cycle, but since it has been not working for so
long it needs to just be dropped.
Change-Id: Ibdc93b049b7e1ae34cac9e1f599786439c46a685
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In many cases, including devstack and TripleO, the swift account to use
is based on the project_id of the 'service' project, so it makes sense
to use it as a default.
Similarly, the temporary URL key can be fetches from Swift, using HEAD
on the account used to access it.
In both cases it is assumed that the same project is used by Ironic
and Glance to access Swift. Explicit values have to be provided
otherwise.
Finally, the endpoint URL can be fetched from the service catalog. Care
is taken to strip the /v1/AUTH_<tenant ID> suffix.
Closes-Bug: #1737714
Change-Id: I701899928f0f780939f17aabc59eb90593ba95f0
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
in the change I52f1386df45ebe0a43b11fe1583e012dfa3af532
we lost most of swiftclient options in a belief that those are handled
by the keystoneauth session passed to the swiftclient.
In fact though, swiftclient only uses this session to get itself an
endpoint and a token, but it has no SessionClient, and does not use that
passed in session to make further requests to swift itself.
This patch restores all the logic that we had to decompose the session
object loaded from config to options that are passed to swiftclient
explicitly.
Change-Id: I08f382aa9d2ad22f7dbd65f7b54a8dd0a765ba44
Partial-Bug: #1699547
Closes-Bug: #1736158
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Split loading session and auth from config to separate functions,
allow to override options loaded from config.
This will lay ground to more efficiently load clients that allow
passing in both session and auth plugin objects separately.
- When resoving a service endpoint, either fetch the requested interface,
or first try 'internal' and then 'public'.
This is done due to our config lacking any options to set the default
interface for service endpoints to use, and we've used 'internal' by
default, although DevStack has no such endpoints for most services
any more [0].
This will be changed again when gradually introducing usage of
keystoneauth Adapters to ironic.
- Remove get_admin_token method, it was used only in glance-related code
once, and was simply moved there.
[0] https://review.openstack.org/#/c/433272
Change-Id: I73b21098f15af4d0445f89fdd6ad4e4a42177df6
Partial-Bug: #1699547
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently config drive can be stored in swift with keystone
authentication. This change allows ironic to store the config drive in
ceph radosgw and use radosgw authentication mechanism that is not
currently supported. It uses swift API compatibility for ceph radosgw.
New options:
[deploy]/configdrive_use_object_store
[deploy]/object_store_endpoint_type
Deprecations:
[conductor]/configdrive_use_swift
Replaced by: [deploy]/configdrive_use_object_store
[glance]/temp_url_endpoint_type
Replaced by: [deploy]/object_store_endpoint_type
Change-Id: I9204c718505376cfb73632b0d0f31cea00d5e4d8
Closes-Bug: #1642719
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
since v3.2.0 swiftclient supports instantiating the API client from
keystonauth session, and we already require this version as minimal in
ironic.
This patch removes existing workarounds in SwiftAPI code which were there
only to accomodate for absence of session handling in swiftclient,
and now the keystoneauth session built from the [swift] config section
is used directly to instantiate the swift API client.
Change-Id: I52f1386df45ebe0a43b11fe1583e012dfa3af532
Related-Bug: #1518938
|
|
|
|
|
|
|
|
| |
"object" is a built-in class name in python,
using it as a function argument name should
be avoided as it shadows the built-in.
Change-Id: Ic775eee07bba6aa919d9911a4e2d0f6b393b9ffc
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We currently construct Keystone client objects directly, which
is no longer the preferred way. Instead, we should be using Sessions
which allows use of different auth plugins. This change attempts to
migrate our Keystone usage to this model.
Additionally, we currently rely on the imported keystonemiddleware
auth_token's configuration for all of the Keystone credentials used
by the Ironic service user. This is bad, as that config is internal
to that library and may change at any time. Also, the service user
may be using different credentials than the token validator.
This refactors the keystone module to use Sessions.
It attempts to provide some backward compat for users
who have not yet updated their config,
by falling back to the authtoken config section when required.
Operators impact:
- Authentification parameters for each service now should specified in
the corresponding config section for this service ([glance], [neutron]
[swift], [inspector]).
This includes providing both Keystone session-related options
(timeout, SSL-related ones) and authentification options
(`auth_type`, `auth_url` and proper options for the auth plugin).
- New config section `service_catalog` for Ironic service user
credentials, used to resolve Ironic API URL from Keystone catalog.
- If loading from the service config section fails, an attempt is made
to use respective options from [keystone_authtoken] section as a
fall-back for backward compatibility.
Implementation details:
- using keystoneauth1 library instead of keystoneclient
- For each service the keystone session is created only once and is
reused further. This lowers the number of authentification requests
made to Keystone but implies that only auth plugins that can
re-authentificate themselves can be used (so no *Token plugins).
This patch does not update the DevStack plugin, in order to test
backwards compatibility with old config options.
DevStack plugin will be modified in a subsequent patch.
Change-Id: I166eebefc1e1335a1a7b632149cf6441512e9d5e
Closes-Bug: #1422632
Related-Bug: #1418341
Related-Bug: #1494776
Co-Authored-By: Adam Gandelman <adamg@ubuntu.com>
|
|
|
|
|
|
|
| |
Nova style refactor of config options in Ironic.
Change-Id: If2539aa019e9f2e03f74c9e32da50b9fad6f611d
Partial-Bug: #1561100
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently when SwiftAPI(common/swift.py) is initialized, region_name
is not specified; with multi-region setup, ironic may pick wrong swift
endpoint.
This fix loads region_name from keystone_authtoken/region_name, and
pass the value to SwiftAPI
Closes-Bug: #1554933
Change-Id: I7295fc96c3b9ed50214576e80723d1d9db1a7e38
|
|
|
|
| |
Change-Id: I3f0a893067acaf2d0797b1aefa10cf24276e3971
|
|
|
|
|
|
|
|
|
|
|
|
| |
Replace HTTP 'magic numbers' (also known as unnamed numerical constants)
with constants provided by the http_client/httplib library.
For example, use 'http_client.OK' instead of '200'
This was done before in commit 107e064ca1c981480f12fad03fdd02d1f4847422
but a few more HTTP numbers have slipped in since that commit.
Change-Id: Ia3db6b0c8ef832290ffde8510a7ebe33adf356c4
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Recently the patch Ic7865709cd87c45e6b7d49f15ce73354aa15401e
added some new imports in ironic.common.service, which caused
the following to be loaded in chain:
ironic.api.app ->
ironic.api.hooks ->
ironic.conductor.rpcapi ->
ironic.conductor.manager ->
ironic.common.swift
Today ironic.common.swift.SwiftAPI reads value of some CONF
variables in the constructor as default arguments. The
default values for the constructor is read at code initialization
time and same value is used subsequently on all calls. Because
the order of import was altered, code in swift.SwiftAPI was
initialized before ironic.conf was parsed in
config.parse_args (in ironic.common.service itself). The change
in this order caused all the default values to have None.
This commit stops the SwiftAPI from setting default values in
constructor method. It changes SwiftAPI.__init__() to set the
values for user, tenant from CONF at runtime if they were not
passed.
Closes-Bug: 1519774
Change-Id: I218c19dd908911140ca4640740b7dcdf2c3454ed
|
|
|
|
|
|
|
| |
Change log level for failure to delete swift temporary object.
Change-Id: I5111a589aea15512fd2cc145a02e19e2d61154ab
Closes-Bug: #1504012
|
|
|
|
|
|
|
|
| |
Several OpenStack projects wrap help messages for translation.
Follow suit by wrapping the help messages.
Change-Id: I38572dfa40b3cb10b1c58d9b555985c58afd70aa
Closes-Bug: #1413830
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch enforces the rules E123, E126, E127, and E128 in the ironic
code base:
E123 - closing bracket does not match indentation of opening
bracket’s line
E126 - continuation line over-indented for hanging indent
E127 - continuation line over-indented for visual indent
E128 - continuation line under-indented for visual indent
This fixes any parts of the current code which fails these rules and
removes these rules from the tox.ini flake8 ignore list.
Change-Id: Ia96582b5e9abc088d6c1694afc93c59be4a4065c
Closes-Bug: 1421522
|
|
|
|
|
|
|
|
|
|
| |
Current we have a keystonemiddleware.auth_token.cafile
which is used for talking to Openstack services using https.
Ironic doesn't pass this down to swiftclient for verifying
https connections.
Closes-Bug: 1454353
Change-Id: Id085ea6c0f1d072ec631b9851ddfde96852aca56
|
|
|
|
|
|
| |
Module 'log' from oslo-incubator was removed after release of oslo_log library.
Change-Id: I4261083dae076cea66c42ad16eb82a5faaeb1a65
|
|
|
|
|
|
|
| |
The oslo team is recommending changing to non-namespaced references.
Implements: blueprint drop-namespace-packages
Change-Id: I45462d9d49552044ad990f22bd6e6c5b37cf0649
|
|
|
|
|
|
|
|
|
|
| |
Now that ironic supports oslo.i18n, using the install function to
inject _ into the builtin has been deprecated. New i18n common module
used instead. In one module _ was imported from gettextutils, now
also changed to i18n import.
Closes-bug: #1346406
Change-Id: I672a975d479991982c24031e834a26e2c2811890
|
|
This commit introduces support for interacting with
swift for creating and deleting swift objects. This
will be initially used by ilo driver for hosting
temporary floppy images.
Change-Id: I9a3962820b7e18fb1014be1e43cb107facfede9f
Implements: blueprint ironic-ilo-virtualmedia-driver
|