agent_status is used by anaconda ramdisk to inform the
conductor about state of the deployment. Valid agent
states are 'start', 'end' and 'error'. The agent_status_message
is used to describe the why the agent_status is set to a
particular state. Use of these parameters require API
version 1.72 or greater.
When anaconda finishes deployment the agent_status is
set to 'end'. When anaconda ramdisk is unable to deploy
the OS for some reason the agent_status is set to 'error'.
PXEAnacondaDeploy is implemented to handle the 'anaconda'
deploy interface. PXEAnacondaDeploy ties to together pieces
needed to deploy a node using anaconda ramdisk.
Co-Authored-By: Jay Faulkner <jay@jvf.cc>
Change-Id: Ieb452149730510b001c4712bbb2e0f28acfc3c2e
The fix for https://storyboard.openstack.org/#!/story/2008252 synced
the boot mode after changing the boot device, because Supermicro nodes
reset the boot mode if not included in the boot device set. However this
can cause a problem on Dell nodes when changing the mode uefi->bios or
bios->uefi. Restrict the syncing of the boot mode to Supermicro.
Story: 2008712
Task: 42046
Change-Id: I9f305cb3f33766c1c93cf4347368b1ce025fc635
This change adds support for managing an iDRAC -- reset, clear job
queue, and reset to known good state -- via the Redfish out-of-band
(OOB) management protocol to the idrac hardware type. This is offered by
new idrac-redfish management hardware interface implementation cleaning
steps: reset_idrac, clear_job_queue, and known_good_state.
known_good_state both resets an iDRAC and clears its job queue.
Story: 2007617
Task: 39628
Depends-On: https://review.opendev.org/c/x/sushy-oem-idrac/+/782254
Change-Id: Iad69c8d7cf3a373f5cfcc619a479a106efa2e4d4
This change adds a generic method of configuring clean step
priorities instead of making changes in Ironic code every time a new
clean step is introduced.
Change-Id: I56b9a878724d27af2ac05232a1680017de4d8df5
Story: 1618014
Ironic's sample configuration page previously did not render any
of the items in the default section, except for those items added
by other libraries. This was because we were trying to use an iterator
instead of a list.
Using an iterator, in theory should have worked, and did work for
normal invocations, but didn't work when it came to sphinx generated
output.
Instead of trying to use itertools to assemble everything, we just
now instead assemble the list and use a list_opts method like some
of the other more complex groups to add values.
Confirmed in local build output that the sphinx generated output
works as expected now.
Change-Id: I7f1cffb2a91728ab632ab0ccaa6acbb7e86fb533
Bandit has started to fail on master.
>> Issue: [B701:jinja2_autoescape_false] Using jinja2 templates with autoescape=False is dangerous and can lead to XSS. Ensure autoescape=True or use the select_autoescape function to mitigate XSS vulnerabilities.
Severity: High Confidence: Medium
Location: ironic/common/utils.py:491
More Info: https://bandit.readthedocs.io/en/latest/plugins/b701_jinja2_autoescape_false.html
489 # NOTE(pas-ha) not using default_for_string=False as we set the name
490 # of the template above for strings too.
491 env = jinja2.Environment(
492 loader=loader,
493 autoescape=jinja2.select_autoescape(),
494 undefined=jinja2.StrictUndefined if strict else jinja2.Undefined
495 )
It appears that Arun changed this around a little in
https://review.opendev.org/c/openstack/ironic/+/777448/10/ironic/common/utils.py
however this doesn't seem to pass reliably. As such, I'm returning
the notation of the label to the first line as it was before, which
seems to consistently pass bandit checking.
Change-Id: I7f5b7323b108b303b5b77609d5903128d4adca3c
The inclusion of a boot_method=vmedia kernel command line
argument is mandatory singnaling so IPA understands it has
been booted via virtual media, and to act accordingly.
Change-Id: I92751a3f4305fe0ded9ff379643b45132fe66157
Story: 2008749
Task: 42181
Utilities moved to ironic.common.molds.
New config section [molds] created and settings moved there.
Change-Id: I1177f7dd5d5157bb3a5c0bd09acd75c9a394ab47
The initial RAID levels have been extended by levels 5 and 6.
Update the documentation to reflect this.
Change-Id: Ifd7eb9d836b6fbf0a08648654ef2080b9717be83
In some cases the operator can't specify `ipmi_cipher_suite`
for each node and the problem with session can still occour:
`Error in open session response message : no matching cipher suite`
This patch adds a new configuration option that will take a list
of possible cipher suite versions that can be used when the error
occurs and the node doesn't have the `ipmi_cipher_suite` set.
Story: 2008739
Task: 42093
Change-Id: I6788585a83268e20ff6447e570995871bc9c25d5
When a specific configuration options list is created and delineated
out, it needs to be explicitly added so it gets pulled in, either
through each configuration generator file's list options method, or
in the case of default for the list of lists to iterate through.
It seems websever_verify_ca was missing in the docs, and this
results in it being properly generated.
Change-Id: I84709f5093c4b716b4cb21bd31fa05c65f93d8df
Story: 2008732
Task: 42084
I have been against it since the beginning of this work, hoping that we
can settle down on one network data format, one is more native for
Ironic because of our relation to OpenStack. This has not happened, with
e.g. CoreOS only using its own formats. So, let it be. Use with caution.
Change-Id: I872d010517cd343fcbcafadb4535f07ca15c2c95
Extends generic Redfish OOB inspection to add setting pxe_enabled
on the discovered ports for the idrac hardware type.
It retrieves the list of PXE device MAC addresses using an OEM extension
to the Redfish API if necessary
and updates the pxe_enabled field of Port.
Change-Id: Ife8387a3bdb75717b896cf1067d2490084665e49
Story: 2006819
Task: 37380
Co-Authored-By: Mahendra Kamble <mahendra.kamble358@gmail.com>
Co-Authored-By: Sonali Borkar <sonaliborkar85@gmail.com>
Support for floppy disks is increasingly harder to find, let us support
USB devices as an alternative.
Change-Id: Ib02b716cbcf1f7b4ed8e47cf3fcf40872f1dc9a1
Virtual media deployments can be conducted outside of the provisioning
network as long as the node gets an IP address somehow and can reach
ironic and its HTTP server. This changes adds new configuration that
allows to use public IP addresses for virtual media while keeping PXE
boots working and constrained to the provisioning network.
Change-Id: I8b859b2812160ff3911eb7d648eab835ef61d934
Story: #2008566
Task: #41706
Instead of using process_event('fail') use error_handlers,
otherwise in case of failure node gets stuck and fails
because of timeout, instead of failing earlier due to
step failure.
And improve coverage to test this error handling
and also happy paths.
Story: 2008307
Task: 41197
Change-Id: I1e957c2b526abc37920212b6431b11eedc9f89be
This is a follow up to commit 05df3d7aa4aa7a1fd25a2f2d55726197e1b5f9df
addressing issues with excessive logging and adding a missing unit test.
Change-Id: I827fa5dd813acbf1d478c64508f10c42d1460b4a
