1574 Commits

Author SHA1 Message Date
Zuul
4aa6c10bc9 Merge "Cleanup docs building" 2020-03-02 12:10:02 +00:00
Andreas Jaeger
5cebea361b Cleanup docs building
* Remove doc/source/install/conf.py, it's unused.
* Remove settings that are provided by openstackdocstheme from conf.py
  files. Switch to newer openstackdocstheme for this.
* Remove unused deps from tox.ini: releasenotes and api-refonly need
  doc/requirements but not requirements.

Change-Id: Iab5ad6cde40c3342770c0112155fe5e1d262d1e8
2020-02-29 15:12:04 +01:00
Julia Kreger
bb3b2349f9 Pre-shared agent token
In order to improve security of the lookup/heartbeat
endpoints, we need to generate and provide temporary tokens
to the initial callers, if supported, to facilitate the
verification of commands.

This is the first patch in an entire series which utimately
enables the endpoint communication to be better secured.

The idea behind this started in private story 2006634 which
is locked as a security related filing covering multiple
aspects of ironic/ironic-python-agent interaction centered
around miss-use and generally exposed endpoints. That story
will remain marked as a private bug because it has several
different items covered, some of which did not prove to be
actually exploitable, but spawned stories 2006777, 2006773,
2007025, and is ultimately similar to Story 1526748.

Operationally this is a minimally invasive security
enhancement to lay the foundation to harden interactions
with the agent. This will take place over a series of
patches to both Ironic and the Ironic-Python-Agent.

Also see "Security of /heartbeat and /lookup endpoints"
in http://lists.openstack.org/pipermail/openstack-discuss/2019-November/010789.html

Story: 2007025
Task: 37818

Change-Id: I0118007cac3d6548e9d41c5e615a819150b6ef1a
2020-02-20 14:33:32 -08:00
Julia Kreger
7cb2517169 Project Contributing updates for Goal
This change covers changes to meet the goal of establishing contributor
documentation, which Ironic largely already had, but required some
enhancement and clarification.

This also includes rough context of the PTL duties and revision to the
primary repository CONTRIBUTING document, as suggested in some of the
goal related discussions.

Change-Id: Ia47eb56d7eb3c19c99fa7a61fb5605037dd9ebee
Story: #2007236
Task: #38528
2020-02-20 02:01:21 +00:00
Ilya Etingof
c99347faef Make redfish_system_id property optional
The `redfish_system_id` property of redfish hardware type has been
made optional. If not specified in `driver_info`, and the target BMC
manages a single ComputerSystem, ironic will assume that system.

Otherwise, ironic will fail requiring explicit `redfish_system_id`
specification in `driver_info`.

Also bumpted sushy dependency to >= 3.1.0.

Change-Id: I425baa7c7294c6c8a707e89df63a17da8e49b666
Story: 2007258
Task: 38619
2020-02-13 08:31:44 +01:00
Zuul
8c4571acf7 Merge "Remove references to 'firewall_driver'" 2020-02-07 12:12:10 +00:00
Andreas Jaeger
1366bde2db Disable debug output in doc building
Disable the debug output, we don't need 10s of lines to display the RST
file during normal builds.

Change-Id: I3c53ca2591d92e3354efb9da99cf2ee19ea51b7d
2020-02-06 11:27:36 +01:00
Arne Wiebalck
3ecaadbb35 Support node retirement
This change adds support for node retirement: nodes can
have additional properties 'retired' and 'retired_reason'
which change the way the nodes (can) traverse the FSM
and which operations are allowed. In particular:
- retired nodes cannot move from manageable to available;
- upon instance deletion, retired nodes move to manageable
  (rather than available).

Story: #2005425
Task: #38142

Change-Id: I8113a44c28f62bf83f8e213aeb6704f96055d52b
2020-01-28 11:01:32 +01:00
Zuul
8169f2532b Merge "Follow up to root device hints in instance_info" 2020-01-27 16:35:42 +00:00
Zuul
0d32338ce6 Merge "Make ironic-api compatible with WSGI containers other than mod_wsgi" 2020-01-24 20:10:32 +00:00
Dmitry Tantsur
4504bd5a8d Make ironic-api compatible with WSGI containers other than mod_wsgi
Using ironic-api-wsgi implies mod_wsgi, some other containers require
an importable module. This patch modifies ironic.api.wsgi to be usable
this way and documents it.

Change-Id: I8493eb36293a0214081e0adb59c3a267c9688819
2020-01-24 12:22:46 +01:00
Dmitry Tantsur
9050098e32 Follow up to root device hints in instance_info
Follow-up to commit 42dc9787e52670bb1e1baa36f08703dd802804f4:
* Refactor root device checking code to be in one place and extend
  the error message.
* Extend unit tests to cover the actual override.
* Update documentation.

Change-Id: I1d73f2233c766ff52268e242b8071dec12b2daca
2020-01-21 16:30:34 +01:00
Julia Kreger
7e825a28c0 Deprecate ibmc
The ibmc hardware type and related code is no longer being tested in
third party CI. No party has stepped up to continue maintaining and
supporting this code. As such, our standard practice is to deprecate
and remove the driver code.

Change-Id: I8e16d8a2f68623f98ae5e3acce886b29f95eacb5
Story: 2007185
Task: 38310
2020-01-20 09:27:09 -08:00
Dmitry Tantsur
9be5b37296 Document using CentOS 8 DIB IPA images for Ussuri and newer
Change-Id: I2e5e32da2c0a6c13c7174dcf2aa990ddc7e70c43
2020-01-14 13:09:57 +01:00
Zuul
2a43e371f1 Merge "Remove those switches for python2." 2019-12-31 18:00:50 +00:00
Madhuri Kumari
fcbf25aec5 Replace disk-image-create with ironic-python-agent-builder
Change-Id: I3e3d672eed0e059de7b01adc1e009f01dbd35a74
2019-12-27 10:54:25 +05:30
Wang Jerry
82b17f0b04 Remove those switches for python2.
Change-Id: Id00d8886b2025203ec0023092064aa8f70904202
2019-12-26 08:41:46 +00:00
Kaifeng Wang
9a6344d03c Add notes on the pxe template for aarch64
On verifying deployment on aarch64 bare metals, the linuxefi and
initrdefi are not available in grubaa64.efi, update doc to note
the potential change required on multi-architecture setup.

Change-Id: I92786eaed2c3bf6fb9f25672183bd9511e7a6e6e
2019-12-23 13:56:28 +08:00
Zuul
4b28072d4b Merge "Add owner to allocations and create relevant policies" 2019-12-12 19:53:55 +00:00
Madhuri Kumari
b293eb1af0 Remove deprecated ironic-agent element
ironic-agent is deprecated. ironic-python-agent-ramdisk is the new
element to build a ramdisk with ironic-python-agent

Change-Id: Ib9feb0bb9ccc97f7eb3f0669db05b98d96fbe918
2019-12-12 12:10:16 +05:30
Tzu-Mainn Chen
3fbb560af1 Add owner to allocations and create relevant policies
Add an owner to allocations. Depending on policy, a non-admin
can then create an allocation and have the owner set to their
project. Allocation processing then respects the owner.

Change-Id: I2965a4a601b9fa2c0212097da37b104a3e5514df
Story: #2006506
Task: #37540
2019-12-10 19:00:33 +00:00
Dmitry Tantsur
8a0b1a39f2 docs: add a missing heading
Change-Id: Iee4a9f4f13a9bd944e193e2cf09debc8fd8c21bc
2019-12-05 16:23:37 +01:00
Stephen Finucane
9a5e6ead2a Remove references to 'firewall_driver'
This option has been removed from nova. Drop references to it from the
documentation.

Change-Id: If6efd14ba28f6cb1eee2ce0c3cd9bbb89549c252
Signed-off-by: Stephen Finucane <sfinucan@redhat.com>
Depends-On: https://review.opendev.org/#/c/696514/
2019-11-28 12:44:00 +00:00
Zuul
d1cfeb0a09 Merge "Drop python 2.7 support and testing" 2019-11-27 14:10:33 +00:00
Zuul
e49ccfbdc1 Merge "Add instance_info/kernel_append_params to redfish" 2019-11-25 23:39:30 +00:00
Dmitry Tantsur
daa26b85db docs: update the local development quickstart to use JSON RPC
No need to make everyone install rabbitmq just to play with ironic.
Also make it clearer that MySQL is not required.

Change-Id: Ib286f30f16579815ca05c8477f7fd446cad6e453
2019-11-25 12:52:26 +01:00
Iury Gregory Melo Ferreira
b869b46c63 Drop python 2.7 support and testing
OpenStack is dropping the py2.7 support in ussuri cycle.

Ironic is ready with python 3 and ok to drop the
python 2.7 support.

Complete discussion & schedule can be found in
- http://lists.openstack.org/pipermail/openstack-discuss/2019-October/010142.html
- https://etherpad.openstack.org/p/drop-python2-support

Ussuri Communtiy-wide goal - https://review.opendev.org/#/c/691178/

Change-Id: I3cc36d79ffabf31607d503dada9e7512c639647c
2019-11-22 14:06:45 +01:00
Ilya Etingof
605f744570 Add instance_info/kernel_append_params to redfish
Adds `instance_info/kernel_append_params` property support to
`redfish` hardware type. If given, this property overrides
`[redfish]/kernel_append_params` ironic option.

The rationale for adding this property is to allow passing
node-specific kernel parameters to instance kernel.

One of the use-cases for this is to pass node static network
configuration to the kernel.

Change-Id: Ib1617f5a7ab34968d8bfe06fe49f3ba68e56f99f
Story: 2006691
Task: 36988
2019-11-21 12:39:53 +01:00
Steve Baker
7ebad2e344 Allow vendor_data to be included in a configdrive dict
configdrive can contain a vendor_data2.json file containing key/value
pairs injected by nova's vendordata mechanism[1].

This change lets Ironic accept a vendor_data key when configdrive is
provided as json, allowing parity with nova.

This change requires an openstacksdk release 0.37.0

[1] https://www.madebymikal.com/nova-vendordata-deployment-an-excessively-detailed-guide/

Change-Id: Id990b970619a113c5d5ead47fb550870d91b5e04
Task: 36756
Story: 2006597
Blueprint: nova-less-deploy
2019-10-31 08:55:39 +13:00
Zuul
b462ca420b Merge "Improve iDrac Documentation" 2019-10-30 13:58:50 +00:00
Mark Beierl
d114c75d83 Improve iDrac Documentation
Adds additional details on how to use the iDrac driver with
Ironic.

Change-Id: I598181a8227179b8c587b31905e38aa7595eef87
Co-Authored-By: Pranjali Srivastava <srivastavapranjali@ymail.com>
2019-10-28 13:53:02 -04:00
Zuul
bbb9bbb305 Merge "Using loop instead of with_X" 2019-10-26 05:40:51 +00:00
Zuul
56743e4232 Merge "Update release with information about zuul job" 2019-10-24 14:31:01 +00:00
Riccardo Pittau
89c30cb923 Using loop instead of with_X
The loop keyword is the current recommended way to handle loops,
and supports filters.
It's available since Ansible version 2.5 so changing ansible
requirement in driver-requirements.

Change-Id: Ibff1f07ca00b8f5a5274d73f9e53196f49c33a66
2019-10-24 10:02:20 +02:00
Zuul
0f95848d6f Merge "Add virtual media boot section to the docs" 2019-10-24 02:31:05 +00:00
Iury Gregory Melo Ferreira
3fa0397241 Update release with information about zuul job
After a release we need to update the `templates` for zuul
in master to have the job for the new cycle.

Change-Id: Ic275ea9ec97f74732f4bafa99037c2d8a8229b91
2019-10-23 12:50:12 +02:00
Ilya Etingof
ddcc7cc5e7 Add virtual media boot section to the docs
Describes virtual media boot in the `redfish` hardware type
documentation.

Change-Id: I7913a6693db46947de649e7b3a0dc7784e2b527e
2019-10-22 18:24:13 +02:00
Zuul
f85dc1b350 Merge "docs: use openstackdocstheme extlink extension" 2019-10-21 17:11:43 +00:00
Dmitry Tantsur
5d5cd90ddf Document systemd-nspawn as a nice trick for patching a ramdisk
Change-Id: I1f6d60a1db272293b701b44d705efc92933682a7
2019-10-17 13:05:40 +02:00
Shivanand Tendulker
d0489b55e0 Documentation for iLO hardware type deploy steps
Adds documentation for iLO hardware type deploy steps

Story: 2003817
Task: 36061
Story: 1722275
Task: 29904
Task: 36074
Change-Id: Icee6254a563bed14221da2723e15855bda9f4082
2019-10-09 07:55:23 -04:00
Riccardo Pittau
a25589b20f docs: use openstackdocstheme extlink extension
The extlink extension [1] ensures the urls have version-specific
references to other projects.

[1] https://docs.openstack.org/openstackdocstheme/latest/#external-link-helper

Change-Id: I0d5d445fae8a7ec60f6a9caacede7cc77770b36e
Story: 2006621
Task: 36825
2019-10-08 11:12:05 +02:00
Zuul
fd8b9747cb Merge "Remove earliest version from releasing docs, update examples" 2019-09-27 09:04:43 +00:00
Zuul
dddaa13b3f Merge "Update doc for CI" 2019-09-26 17:07:22 +00:00
Mark Goddard
f533f42ca6 Remove earliest version from releasing docs, update examples
The bug in reno is now fixed.

Change-Id: I803ec65157fce93a453b2b994e117a542aaad847
2019-09-26 15:49:35 +01:00
Iury Gregory Melo Ferreira
225ca979cd Update doc for CI
- Ara report was removed and we have the Zuul web page
that shows the information about the job build.

Change-Id: I74f70ee21421746983cb3c8d290cc6a619819e34
2019-09-26 15:32:26 +02:00
Dmitry Tantsur
dae6caca5c Document pre-built ramdisk images (including DIB)
Change-Id: Id4ba0992982788a03f960095e564df4fe7f3f518
2019-09-26 14:31:23 +02:00
Zuul
511477b697 Merge "Improve documentation about releasing deliverables" 2019-09-25 15:24:20 +00:00
Mark Goddard
f2c2437329 Improve documentation about releasing deliverables
Groups together the various types of deliverable, from the perspective
of the release schedule.

Change-Id: Ic6703c17fcd931636c31841637b450e3fb59e19f
2019-09-25 13:36:17 +00:00
Zuul
8912c061c6 Merge "Update env. variables in the documentation" 2019-09-23 22:13:07 +00:00
Dmitry Tantsur
b164e18f08 Document PXE retries
Change-Id: I5937fa190e780269ffa677aa01efaa1048fa20b0
2019-09-23 16:02:42 +02:00