The line we're looking for is not there when IPA is in a container, at least
for CentOS based containers. Just fall back to sysrq on errors.
Change-Id: Ie4ee605ad9c6cda58808512a563247175859c71e
Currently if one interface cannot be handled (e.g. it has empty MAC),
the whole collection fails. Ignore unsupported interfaces instead.
Change-Id: Ibdaad62b39c239d4f3fb3111c2fae9e31e877b28
_early_log prints to stdout, which is fine in some cases,
however in other cases it gets lost in the shuffle of process
launch by things like systemd.
Lets try to save everything, and re-log it so it is easy to
debug early issues.
Change-Id: I334a9073d17cccec4c669fae82edc3e388debc5c
Add file to the reno documentation build to show release notes for
stable/wallaby.
Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/wallaby.
Sem-Ver: feature
Change-Id: Ibbcd82ef613d07f57623d5d22335f017ecd23edb
Virtual media devices based logic needs to be
guarded from being used or considered based upon
if the machine actually booted from virtual media,
or not.
At the same time, actual devices need to be checked
in order to make sure they align with what we expect
in order to prevent consideration of content which
should not be leveraged.
Change-Id: If2d5c6f4815c9e42798a2d96d59015e1b1dbd457
Story: 2008749
Task: 42108
IPA standalone mode is a developer-only option, and if enabled
accidentally on a production agent could cause undesired behavior.
Developers who need this behavior should build a purpose-built agent,
with standalone hardcoded to True in cmd/agent.py.
Change-Id: Icc67dbe15acbbf6fee886f274d2169a0769a5053
The root UUID changes after a streamed partition image is written to
the block device, causing later deployment failure when assuming the
old UUID.
This change updates the root UUID after streaming the partition image
is complete.
This issue may have been missed in local testing because deploying the
same image repeatedly will result in stable root UUID across runs.
Change-Id: Ice4630c16fc216980488d1427f3b02e1b8a417fa
For some drives, the partition e.g. `/dev/sda1` will not have the
'ro' file which can result in a metadata erasure failure but the base
device (`/dev/sda`) will have this file. Add an additional check
for the base device.
Change-Id: Ia01bdbf82cee6ce15fabdc42f9c23036df55b4c5
Story: 2008696
Task: 42004
We appear to be bumping up against this limit when deploying
RHCOS images(currently 977MB). Curiously the problem isn't
happening all the time but increasing the limit eliminates it.
This limit was intruduced to guard against a malicious image
allocating an arbitrary amount of memory. Nothing else runs
on hosts when IPA is running so we should be ok bumping up
the limit.
Story: #2008667
Task: #41955
Change-Id: I9405995915a874b00b7177c9642c5469d05d66a8
At the moment, it is not possible for Ironic to clean up a
RAID array that is built from an entire device. This patch
allows it to do so by overriding the behaviour of attempting
to find the device name if the device names does not end with
a number and is a real block device.
Story: #2008663
Task: #41948
Change-Id: I66b0990acaec45b1635795563987b99f9fa04ac7
This change adds support for utilising NVMe specific cleaning tools
on supported devices. This will remove the neccessity of using shred to
securely delete the contents of a NVMe drive and enable using nvme-cli
tools instead, improving cleaning performance and reducing wear on the device.
Story: 2008290
Task: 41168
Change-Id: I2f63db9b739e53699bd5f164b79640927bf757d7
IPA is not properly checking if the root partition is already
mounted. Device is being passed to os.path.ismount() instead
of the mount point.
Story: 2008631
Task: 41839
Change-Id: I37a6e7e6bbe0bbbb0317c6e55bb822dafe7cce20
This change adds a deploy step inject_files that adds a flexible
way to inject files into the instance.
Change-Id: I0e70a2cbc13744195c9493a48662e465ec010dbe
Story: #2008611
Task: #41794
It's somewhat confusing at the moment, since we're trying to find
a UEFI partition by UUID "None". Don't search for partition if
we don't know its UUID, and provide a better error message.
Change-Id: Ief874084132797a445ddae8009264712a05facfd
Previously, partition images were hard coded to be bios based
as opposed to consulting all of the values AND the node itself
before making the most appropriate determination. Now the agent
utilises the internal helper to properly determine the boot
mode when calling ironic-lib.
Story: 2008070
Task: 41265
Change-Id: Id5eeda69d5b9de2b393af414472d57b0d4380c43
Adds support for the EFI partition to be appended to fstab so the
filesystem can be automounted and EFI loader updated should the
deployed operating system need to do so.
This should enable bootloaders to be upgraded by linux based
operating systems after the instance has been deployed when
a partition image was utilized for the initial deployment.
Change-Id: Iec28a8841cc01ec8b01a3f5cca070c934c7a2531
Story: 2008070
Task: 40754
Partition images can sometimes contain a /boot folder structure
event he assets for EFI booting on that filesystem. Which is a
good thing. The conundrum is that Ironic does not handle this
properly and potentially replaces the bootloader in this sequence
such that grub2-install is used instead of signed bootloader assets.
As such, we should be preserving the assets and using them from
a partition image much like we do when we have a wholedisk
image and can identify the assets.
Now we will preserve the EFI boot assets, copy them to the new EFI
boot partition, and call the EFI setup methods to manage the EFI
nvram.
Note, this change also splits the logic path out that performs the
end call of the EFI boot manager into a reusable method but does
not retool all of the testing as it is intertwined in the
install_grub2 testing.
Also adds some additional debug logging, as much of the bootloader
installation code has multiple fallback/cleanup points which makes
it difficult to debug from logs.
Story: 2008070
Task: 40753
Change-Id: If17d4b4c06df5504987e61a1fde6662e9acd6989
Partition images through the agent have the unfortunate
side effect of being executed without full node context
by default. Luckilly we've had a similar problem and
cache the node.
This patch changes the lookup from a default of msdos
partitions to use the cached node object.
Change-Id: I002816c9372fdf1cc32f3c67f420073551479fd9
Some hardware is very well intentioned. However this intention
can result in the UEFI NVRAM table being full which prevents us
from adding new records to the table. We can't be sure what to
delete, so in this case some operators just need the ability to
tell ironic "it is okay if this fails, it will still work."
The added ``ignore_bootloader_failure`` option adds
this capability which can be set per-node either in the agent
configuation via the ramdisk image, or in the pxe_append_params
configuration parameter for the node itself with a
``ipa-ignore-bootloader-failure`` option in order to prevent
the failure from being raised.
Change-Id: If3c83fb2ea2025fce092d495a64f32077c70d2d6
Story: 2008386
Task: 41309
For ramdisk TLS (and other potential future enhancements) we need
to be able to inject configuration and certificates into the ramdisk.
Since we cannot pass files through kernel parameters, we need to
put them on the generated ISO or (in the future) config drive.
This change detects IPA configuration and copies it into the ramdisk
early enough for any configuration files to get picked.
Changed /dev/disk/by-label to blkid since the former may not exist
on all ramdisks (e.g. tinyIPA).
Change-Id: Ic64d7842a59795bbf02f194221dedc07c6b56e8c
Add the ability to bring up VLAN interfaces and include them in the
introspection report. A new configuration field is added -
``ipa-enable-vlan-interfaces``, which defines either the VLAN interface
to enable, the interface to use, or 'all' - which indicates all
interfaces. If the particular VLAN is not provided, IPA will
use the lldp info for the interface to determine which VLANs should
be enabled.
Change-Id: Icb4f66a02b298b4d165ebb58134cd31029e535cc
Story: 2008298
Task: 41183
Add an automatic clean step to clean the Linux kernel's pstore.
The step is disabled by default.
Story: #2008317
Task: #41214
Change-Id: Ie1a42dfff4c7e1c7abeaf39feca956bb9e2ea497
It'd allow for example custom ansible playbooks to use UUIDs of the
introspected node's disks. In future it might also enable agent
to use UUID (or by_path value) to refer to a device instead of
name, as it happens currently.
Change-Id: Id00437d2295c39fb12f3c25a92b30b56a58eef13
Add possibility to use disk LABEL to identify rootfs uuid for
Software RAID deployment
Change-Id: I77f36e70ddc539af0190db1c1abe0fb2c66f34b4
Story: 2008303
Task: 41188
Follow-up on Ib96a1057792f45f2e4554671e32c436140463ee8 to
improve some of the wording and review feedback by
Dmitry Tantsur.
Change-Id: Id77b0d72f3d78e5befd05fbdb6b21bc780f4ddfe