This removes [pxe]/http_url and [pxe]/http_root options, which have been
deprecated for some time now. These moved to the [deploy] group.
Change-Id: I76283ee2bea474d5b0b0c345fe763fdd764a3bfa
Some configuration descriptions and default values have changed
without the sample configuration being updated. Some of these default
changes are the result of a global requirements update.
Change-Id: Iea6794e3b5c57f75d82a460fa2dd7d294c1c88b7
Introduce shred_final_overwrite_with_zeros, a new configuration option
to control whether devices will receive a final overwrite with zeros
during cleaning. Additionally, rename erase_devices_iterations to
shred_random_overwrite_iterations to clarify the true meaning of this
configuration option.
Also, ensure a warning is raised in the logs to raise awareness around
the potential security risk of running cleaning with iterations=0 and
overwrite_with_zeros=False.
Change-Id: I0dd3f488ab2cd0df778f34a5a23948fa0c6c4334
Closes-Bug: #1568811
Depends-On: I7053034f5b5bc6737b535ee601e6fb71284d4a83
Remove two config options that were DEPRECATED in Liberty cycle
from the config group section [agent]. They are:
- agent_pxe_append_params
- agent_pxe_config_template
These were marked for removal in the Mitaka release.
Change-Id: I5ceb895db7dcd7150b93059ddc8c4084228efca0
Closes-Bug: 1570475
Unfortunately there still no mechanism to synchronize events with Neutron.
Sometimes server can get to PXE faster than Neutron configures port for netboot.
It may occur with VMs, and hardware servers with fast boot enabled.
This patch introduce new config variable 'port_setup_delay'
that allows to wait for Neutron operations.
Change-Id: Iaeb78649a92b89e2c6eb0f545aed95a766d14430
Remove two deprecated options from the config group section [agent]
that were deprecated in the Liberty cycle. Those options are:
- agent_erase_devices_priority
- agent_erase_devices_iterations
These options had been renamed and deprecated by commit
9a35ca19b4872af2e02cb83b21a3746732802e74
Change-Id: I9c6df0979c2814b5f26f8fb596de6cf07e4f76aa
IPA supported iSCSI portal port customization by 272420 patch.
With this patch, we add new portal_port argument into
agent_client.start_iscsi_target() method to pass iSCSI portal
port to IPA side. And add new configuration into iscsi module as
below:
CONF.iscsi.portal_port
Reference:
https://review.openstack.org/#/c/272420/
Change-Id: Ia1515cbd6723a965e362a7dfa0b58077194401f3
Closes-Bug: #1523829
Do formatting changes to make our current generator output match up more
with how it will be with oslo-config-generator. This will make it easier
to review what changes occur to the ironic.conf.sample file when moving
to the use of oslo-config-generator.
* Put spaces between variable and value. For example "foo = spam",
instead of "foo=spam". If value is empty string, don't have trailing
space after equal.
* When there are 'choices' change the wording to "Allowed values" from
"Possible values". Intentionally did not change any of the other
messages with the wording 'Possible.*'
* When min_value and max_value are both present, no longer use
'Possible values' anymore but output them separately instead.
* Change the value of OPT type to 'unknown value'.
* Change the output of deprecated_for_removal flag.
* Regenerate sample config.
Co-Authored-By: Lin Tan <lin.tan@intel.com>
Change-Id: I1bc8b00eb98055a6e0f06af287cfa10c02ee2094
This adds the config option deploy.power_off_after_deploy_failure,
which will prevent powering off nodes once a deployment fails.
Powering off nodes means loss of the log output from the agent.
Choosing to leave the machine powered on would give an operator
the opportunity to troubleshoot the issue using agent logs on the
system in case of failure, or to prevent needing to power the machine
back on for provisioning after cleaning.
As a note, Nova will still attempt to delete the node on a failed
deployment, so the option will not be very effective in non-standalone
deployments until a similar patch is put into nova.
Related-bug: 1531217
Change-Id: I7c25946de50ffda2869307cb4016e0ccfe81d192
Co-Authored-By: Josh Gachnang <josh@servercobra.com>
Currently Ironic doesn't pass any certificate down for verifying
https connections in glance. New ironic config parameter
'glance_cafile' is added to [glance] section in ironic.conf to
pass the certificate down for https connection in glance.
Change-Id: I29e134d70addb16cd65dbd9c8038a23e76a57016
In the configuration sample file, the possible choices for some
configuration options is described twice. Once via `# Possible values:`
and the other as part of the help description. This will remove the
duplication in the help.
Change-Id: Ifaba17ea9029aa99db3ddffa9b7750c05b47460c
In case of network issue during the download of the ramdisk or the
kernel, ipxe can freeze. The default timeout value is "unlimited" [0] [1].
If force_power_state_during_sync is False, ironic will just ignore the
node until someone do an human intervention.
By setting a timeout, we ensure ipxe will just give up. Depending on the
BIOS configuration, a new boot attempt may be done immedialey without the
hassle of a hard reboot.
https://bugzilla.redhat.com/show_bug.cgi?id=1310778
[0] http://ipxe.org/cmd/kernel
[1] http://lists.ipxe.org/pipermail/ipxe-devel/2014-October/003829.html
Closes-Bug: 1550417
Change-Id: I472dfb73044df50849c9cf72de90e59151698376
I39637e22c344703ad48fc271f6f866aa018bbdd1 introduces the use of wipefs
to clean a disk, this through the ironic_lib.disk_utils module. wipefs
has been added to ironic_lib's rootwrap filter filter as expected.
We need to keep this one in sync because:
- of the gate: devstack uses it instead of the one from ironic_lib
- to preserve exsisting deployed installation where ironic_lib's filter
is not properly deployed yet.
This commit also comes with a NOTE message to explain the situation.
Change-Id: Id69706d7a78ff37a360cc23d6a076bc13bbdf14c
Add more useful config info in ironic.conf.sample.
1. Possible values
2. Minimum value
3. Maximum value
And update the ironic.conf.sample.
Change-Id: Ibb46764c5e343f65cfb64503c73d848c412cf4a0
Configuration options has a parameter called "deprecated_for_removal" to
indicate that one option is planned to be removed in a future release.
This patch is extending the config generator script to add this
information to the output .sample file.
Change-Id: I3d3a69ea9ca700edf96ede947ff7b074e7978484
Closes-Bug: #1549351
This change switches the conductor to using Futurist library executor and
periodic tasks worker instead of oslo.service periodic tasks. This allows
running periodic tasks in parallel and relying on more standard interfaces
(futures, executors) when dealing with asynchronous execution.
A green thread executor is used instead of using an eventlet green pool
directly. The maximum number of workers is taken from the existing
workers_pool_size configuration option, and no tasks are allowed
to be enqueued to mimic the previous behaviour (might be lifted later).
The periodic tasks worker is using the same executor, and its main loop thread
is also running on it. For this reason minimum value for workers_pool_size
is now 3: periodic task main loop, keep alive thread and at least one thread for
other tasks. A special decorator for driver-periodic tasks is now deprecated,
as the generic decorator can be used there as well.
Closes-Bug: #1526277
Change-Id: I57bf7cebfb6db805b6c521bacfef2993b16ce1ee
This module enables iRMC out-of-band hardware inspection for FUJITSU
PRIMERGY bare metal nodes having iRMC S4 and beyond.
Change-Id: I8f406a9beb3fd3c01b15f764211ffd18494464f6
Closes-Bug: #1525108
Since we have automated cleaning and manual cleaning, the config
'clean_nodes' is a bit confusing since it only refers to automated
cleaning. It is replaced with 'automated_clean'.
This deprecates the 'clean_nodes' config; the plan is to delete it
in Newton cycle.
Updates to the documentation to explicitly mention automated vs
manual cleaning is done in a separate patch.
This includes a reno-style release note about the upgrade impact.
Change-Id: I5b4fbac1753cb4213eb151b663490f381b751597
Partial-Bug: #1526290
The term 'zapping' has been replaced by 'manual cleaning'. This
removes 'zapping' from the code. Since one of the changes is in
the help for a config option, ironic.conf.sample was updated
(note that it was out of date).
(References to 'zapping' in the documentation is addressed in a
separate patch.)
Change-Id: Icc0303cf26b464b84ba97636b41d9edfa16b8dbd
Partial-Bug: #1526290
Disable default execution of clean step 'reset_ilo' during automated
cleaning. Resetting of iLO is not required during every invocation
of automated cleaning.
Change-Id: I45a5542c8db339417916c64455eba0fae9c3f44a
Closes-Bug: 1542977
Caching of swift temporary is only useful for ironic python agent in
case of using proxies to download instance image.
This change adds the following:
- caching of temp URLs, so that proxy server does not invalidate the
cached image for every deployment.
- [glance]swift_temp_url_expected_download_start_delay option, so
that it is not possible to set swift_temp_url_duration less than
the value specified. This option is also used to determine if
cached temp URL will be still valid when agent ramdisk starts up.
To preserve current behavior, this value is set to 0.
Partial-bug: #1526222
Change-Id: If79bc0067db92c8917a15a0989143a1133ad4519
When run on a system that has a hostname or Fully Qualified Domain Name
(FQDN) of 'localhost' the generated config file would be wrong as it
would change the default values of 'localhost' to the value 'ironic'
To prevent this we mock out the calls to system.getfqdn() and
system.gethostname()
Change the default value shown in the config file for 3rd party
libraries that use either the FQDN or hostname as their default value
from 'ironic' to 'localhost'.
Also regenerate the etc/ironic/ironic.conf.sample file
Change-Id: Ibaec7f2488896824e225e4f159a6284f31f17328
Closes-Bug: #1524768
ironic.common.utils.dd(), mkfs(), unlink_without_raise(),
and is_http_url() methods were moved to ironic-lib. This
removes the copies in ironic and updates the code to use
the methods in ironic-lib.
Change-Id: I09c0a037b7979079cbfe5e33cbfd157ea3f3f79d
The API should not return tracebacks in a production environment. As
deployers often run services in debug mode, because OpenStack is hard to
debug, we should not return tracebacks in debug mode. To allow
developers etc to continue to use this feature, add a new config option
'debug_tracebacks_in_api' that maintains this behavior.
Also add to troubleshooting docs.
Change-Id: Idbbf7efc45140e9e3d8b9491edd58905cbba0363
Closes-Bug: #1525002
This patch updates and removes obsoleted config parameters in
ironic.conf.sample with updates of keystonemiddleware is 4.0.0 and
oslo.messaging 3.1.0.
Related-bug: #1522841
Change-Id: I1c24c49f6a07fc4289d8732b0ab4e6ced179e47e
The disk partitioner related code from ironic/common/disk_partitioner.py
and ironic/drivers/modules/deploy_utils.py is being moved to ironic-lib.
The code in ironic needs to be removed and use ironic-lib to perform
disk related activities.
Change-Id: I7b1b1d8b45b947a7b5715f3c6ab49d84e84b6b90