775 Commits

Author SHA1 Message Date
Zuul
e9425da77e Merge "Do not validate root partition size for whole disk images in iscsi deploy" 2018-01-15 13:51:24 +00:00
brandonzhao
eb4a47c808 Update links
Use https instead of http for links

Change-Id: I1dd41b455f042aa921787090421da571f4d6ec8e
2018-01-12 19:29:10 +08:00
Zuul
7ac39e4029 Merge "Remove ironic_tempest_plugin/ directory" 2018-01-11 00:46:43 +00:00
Dmitry Tantsur
a7623d92dc Do not validate root partition size for whole disk images in iscsi deploy
On whole disk images a root partition is already created and populated, so
validating its size makes no sense. We don't do it for direct deploy.

Change-Id: I7a4114979afb310aeb77f99fbcf09ef7c54862d6
Closes-Bug: #1742451
2018-01-10 15:53:23 +01:00
Dmitry Tantsur
f1c26abc24 Clean up release notes before a release
Change-Id: I9f1344ce247a82689878c9b5f852f0f802e8247e
2018-01-09 16:51:55 +01:00
John L. Villalovos
7e1287f243 Remove ironic_tempest_plugin/ directory
We now use the project openstack/ironic-tempest-plugin to store our
tempest plugin. All content from the ironic_tempest_plugin/ directory
has been ported to that project.

We no longer want to have the plugin content stored here so we delete
it.

Remove check in tools/flake8wrap.sh that prevented changes to the
ironic_tempest_plugin/ directory.

Change-Id: I700bd7b71472fa91f6bc02aebc055584df08e0ef
2018-01-05 15:12:13 -08:00
Vasyl Saienko
61b81d0c73 Add uWSGI support
This patch implements uWSGI support for ironic API service.
ironic/api/app.wsgi is deprecated in favor of pbr generated
ironic-api-wsgi

Co-Authored-By: anascko <ovoshchana@mirantis.com>

Change-Id: Ieb68c1042e31b77f9a549fd90afe31a65008deca
Closes-Bug: #1719260
Closes-Bug: #1668966
2017-12-28 18:08:49 +02:00
Pavlo Shchelokovskyy
ce7119eaf3 [ansible] add defaults to config
In a homogeneous hardware deployment that uses the same ramdisk for all
nodes, and possibly the same playbooks for actions with ansible deploy
interface, it is benefitial to make defaults of various `ansible_`
driver_info fields to be configurable via ironic configuration file
to simplify node enrollment.

This patch also deprecates `ansible_deploy_username` and
`ansible_deploy_key_file` options in node's driver_info in favor of
`ansible_username` and `ansible_key_file` respectively.

Change-Id: Ib198c07c1d414c0d78950e5d98a5176e12a7df13
Closes-Bug: #1736409
2017-12-20 10:06:11 +00:00
Zuul
2924c3efb6 Merge "Finalize migration to keystoneauth adapters" 2017-12-20 02:21:54 +00:00
Pavlo Shchelokovskyy
ba53acb279 Finalize migration to keystoneauth adapters
removes code that allowed some service sections to not have and use
keystoneauth adapter options.

Also deprecates `[keystone]region_name` option in favor of per-client
option of the same name.

Change-Id: Ifd58947b016bfa93b516dd47a170ba8f5abf277e
Closes-Bug: #1699547
2017-12-19 12:17:35 +02:00
Zuul
547159c893 Merge "Use adapters for neutronclient" 2017-12-18 05:51:38 +00:00
Zuul
75499e1ccf Merge "Follow up Add additional capabilities discovery for iRMC driver" 2017-12-15 14:57:17 +00:00
Nguyen Hung Phuong
076b3e649e Follow up Add additional capabilities discovery for iRMC driver
This commit makes changes based upon review feedback
in I1958e18a5b9d933e2aa405b200bac7717f146611.
 - Updates documentation describes required software by python-scciclient
 - Updates release note

Co-authored-By: Tran Ha Tuyen <tuyenth@vn.fujitsu.com>

Related-Bug: #1637422
Change-Id: I1ca1e1e02b8c2102e0dbd858c0a51df0dd6b58fb
2017-12-15 14:26:06 +00:00
Pavlo Shchelokovskyy
4d43262955 Use adapters for neutronclient
deprecates the following options in [neutron] section:
- url
- url_timeout
- auth_strategy

Changes some internal networking-related functions/methods
to accept a request context as optional keyword argument (defaults to
None).
This allows to pass a global request id to neutron client and
in future will simplify creating a user auth plugin from request
context.
For backward compatibility, when calling those functions/methods
without a request context, a dummy request context will be generated
automatically.

Change-Id: Ib327c7a141cfbca63b870027ad8e901c0f48bb2d
Partial-Bug: #1699547
2017-12-14 13:36:03 +02:00
Zuul
a8b676f7dd Merge "Auto-detect the defaults for [glance]swift_{account,temp_url_key,endpoint_url}" 2017-12-13 16:09:25 +00:00
Dmitry Tantsur
83dd6a1c0e Auto-detect the defaults for [glance]swift_{account,temp_url_key,endpoint_url}
In many cases, including devstack and TripleO, the swift account to use
is based on the project_id of the 'service' project, so it makes sense
to use it as a default.

Similarly, the temporary URL key can be fetches from Swift, using HEAD
on the account used to access it.

In both cases it is assumed that the same project is used by Ironic
and Glance to access Swift. Explicit values have to be provided
otherwise.

Finally, the endpoint URL can be fetched from the service catalog. Care
is taken to strip the /v1/AUTH_<tenant ID> suffix.

Closes-Bug: #1737714
Change-Id: I701899928f0f780939f17aabc59eb90593ba95f0
2017-12-12 11:48:06 +01:00
Sam Betts
b642f28be4 Receive and store agent version on heartbeat
This patch enables receiving agent_version as part of heartbeat, and
stores this information on driver_internal_info. This is so that Ironic
can dynamically adjust which features and parameters it uses based on
which version of the agent is being used.

Change-Id: I400adba5d908b657751a83971811e8586f46c673
Partial-Bug: #1602265
2017-12-11 16:25:47 +00:00
Zuul
39a63602c7 Merge "Pin API version during rolling upgrade" 2017-12-07 07:13:53 +00:00
Zuul
6e920c1052 Merge "Fix swiftclient creation" 2017-12-06 22:51:13 +00:00
Pavlo Shchelokovskyy
9ee28252a4 Fix swiftclient creation
in the change I52f1386df45ebe0a43b11fe1583e012dfa3af532
we lost most of swiftclient options in a belief that those are handled
by the keystoneauth session passed to the swiftclient.

In fact though, swiftclient only uses this session to get itself an
endpoint and a token, but it has no SessionClient, and does not use that
passed in session to make further requests to swift itself.

This patch restores all the logic that we had to decompose the session
object loaded from config to options that are passed to swiftclient
explicitly.

Change-Id: I08f382aa9d2ad22f7dbd65f7b54a8dd0a765ba44
Partial-Bug: #1699547
Closes-Bug: #1736158
2017-12-06 14:14:29 +00:00
Ruby Loo
feac8cfb78 Pin API version during rolling upgrade
During a rolling upgrade, when the new services are pinned to the
old release, the API version will also be pinned to the old release.
This will prevent users from accessing new features that may not quite
work.

The .sample was updated to reflect the change to the help string for
the [DEFAULT]/pin_release_version configuration option. The update also
pulled in changes for other options, from other (non-ironic) libraries.

Change-Id: I38a0f106b589945fb62071f3dfe5bff43c6fee93
Partial-Bug: #1708549
2017-12-04 10:17:30 -05:00
Zuul
65a969118a Merge "Add additional capabilities discovery for iRMC driver" 2017-11-30 20:00:30 +00:00
Zuul
52f20d1565 Merge "Add ansible deploy interface" 2017-11-27 18:14:15 +00:00
Dmitry Tantsur
265993316b Add a configuration option for the default resource class
If no resource class is provided in a creation request, the value of
the new ``default_resource_class`` configuration option is used.

While this feature is implemented on the API level, it's not a part of
the API contract, so it's not covered by a microversion. It's particularly
important, because it allows this change to apply even to requests
using an old API version, thus making these versions usable after
the mandatory switch to resource classes in nova.

Change-Id: I58232d9c92d6ffca49d334e5fb7078bce19f1cb4
Closes-Bug: #1732190
2017-11-24 17:54:22 +01:00
Zuul
27ce77142b Merge "Use adapters for inspectorclient" 2017-11-22 23:06:32 +00:00
Zuul
d9780f2eee Merge "Use adapters for cinderclient" 2017-11-22 22:51:35 +00:00
Zuul
bbb58672ab Merge "Don't collect logs from powered off nodes" 2017-11-22 14:40:21 +00:00
Mark Goddard
752c82ccd9 Don't collect logs from powered off nodes
The agent deploy mixin tries to collect logs from the deployment ramdisk
after powering off a node. This is clearly not going to work, as it
requires a call to the IPA API.

This change avoids collecting logs from the ramdisk in failure scenarios
where the node is powered off.

Change-Id: I353e73e3612ece893276c683ce469f8561e9ebf9
Closes-Bug: #1732939
2017-11-21 16:01:46 +00:00
Nguyen Hung Phuong
7adbf11bb8 Add additional capabilities discovery for iRMC driver
This update enhances iRMC out-of-band hardware inspection for
FUJITSU PRIMERGY bare metal nodes having iRMC S4 and beyond.

The capabilities are server_model, rom_firmware_version,
pci_gpu_devices, trusted_boot and irmc_firmware_version.

Co-authored-By: Nguyen Van Trung <trungnv@vn.fujitsu.com>

Change-Id: I1958e18a5b9d933e2aa405b200bac7717f146611
Closes-Bug: #1637422
2017-11-21 17:49:42 +07:00
Pavlo Shchelokovskyy
303ac3f835 Use adapters for inspectorclient
Inspector-client is a bit lacking behind other clients, as it does not
have Adapter-based SessionClient and thus does not support all
adapter-related options.
That's why we construct a session and an adapter from config section,
use adapter to resolve inspector API from service catalog
(or return the fixed endpoint_override one)
and then pass the session and inspector API endpoint to client.

This patch also deprecates `[inspector]service_url` in favor of
`[inspector]endpoint_override`.

As a side-effect, addressig inspector service now supports both regions
and interfaces to specify entry in service catalog.

Also, inspectorclient calls are now being made with the user token
(wrapped with a service token) when there is a token in the task's
request context.

Change-Id: I21836e712fa9764468ac2654525554b5b4f03741
Partial-Bug: #1699547
2017-11-21 09:33:08 +02:00
Pavlo Shchelokovskyy
3e84bdb6db Use adapters for cinderclient
deprecates the `[cinder]url` option in favor of
[cinder]endpoint_override.

Change-Id: Idd02e8cf0892965a3138479e49ec40cfeda7c96d
Partial-Bug: #1699547
2017-11-21 09:32:21 +02:00
OpenStack Proposal Bot
d8083326cf Imported Translations from Zanata
For more information about this automatic import see:
https://docs.openstack.org/i18n/latest/reviewing-translation-import.html

Change-Id: Ic15ba2c45183073712a26bb906bde2d47c807ebc
2017-11-21 06:16:45 +00:00
Zuul
b9ebc7f121 Merge "Rework keystone auth for glance" 2017-11-20 17:38:10 +00:00
Pavlo Shchelokovskyy
63e0ff2f6c Rework keystone auth for glance
this patch changes the way glance client is instantiated, using
keystoneauth sessions and adapters.

In order to support glance API endpoint discovery from keystone catalog
and more unified way of client loading,
many options in `[glance]` config sections are deprecated,
mostly those that specified a (set of) glance API endpoint(s)
or parts of glance API address.
Instead, a single option `[glance]endpoint_override` must be used when
required to access a specific (possibly load-balanced)
glance API endpoint without discovering it from keystone catalog.

Another set of deprecated options are those that are duplicating
keystoneauth session options in [glance] section.

Also, intrinsic support for parsing the glance API URL from image ref
set to the full glance REST path to the image is removed as it was not
working any way since an 'http(s)://' image ref is not treated
as a glance image.

Change-Id: I6a93b71ac097e951dfc93fd1ee4d7ef483514f2c
Partial-Bug: #1699547
Closes-Bug: #1699542
2017-11-17 11:40:14 -05:00
Andreas Jaeger
af050b5d69 Remove setting of version/release from releasenotes
Release notes are version independent, so remove version/release
values. We've found that projects now require the service package
to be installed in order to build release notes, and this is entirely
due to the current convention of pulling in the version information.

Release notes should not need installation in order to build, so this
unnecessary version setting needs to be removed.

This is needed for new release notes publishing, see
I56909152975f731a9d2c21b2825b972195e48ee8 and the discussion starting
at
http://lists.openstack.org/pipermail/openstack-dev/2017-November/124480.html
.

Change-Id: Id30ea68f37bdb2623e683a1c1238596f3a8978f7
2017-11-17 10:13:05 +01:00
Zuul
068be1d6fc Merge "Fail deploy if agent returns >= 400" 2017-11-17 06:45:52 +00:00
Mark Goddard
9e2b3284ea Remove provisioning network ports during tear down
Previously, provisioning network ports were only deleted during a
successful deployment, when the node's network is flipped from the
provisioning network to the tenant network. In many failure scenarios
this code path would not be reached, as well as the case of aborting
deployment. This is not normally an issue, because during instance
termination, nova deletes all ports with a device ID matching the
instance's UUID, including any remaining provisioning ports.

This change removes the provisioning network ports when tearing down a
node to ensure that they are deleted in all scenarios.

Change-Id: I5656802ee04b44247f4a81bb311b5e306a737a4e
Closes-Bug: #1732412
Related-Bug: #1607394
2017-11-15 18:32:08 +00:00
Dmitry Tantsur
4432fa9950 Add no-vendor interface to the idrac hardware types
Vendor interfaces must not be mandatory. Missing no-vendor implementation
means that we require operators to enable the idrac vendor interface when
the idrac hardware type is enabled.

Change-Id: I6768a37bc268e367eaf93b12660a80d31eeca0c0
Closes-Bug: #1732166
2017-11-14 13:04:57 +01:00
Jim Rollenhagen
22ea3fb3b7 Fail deploy if agent returns >= 400
Currently the status code returned by IPA's POST /v1/commands API is
completely ignored by Ironic. This causes deploys to get stuck, as
future heartbeats will see that the command has not yet been accepted
and will continue to wait.

If IPA returns an error code to Ironic's agent client, we should bubble
that exception up, causing a deploy failure higher in the chain.

This adds an AgentAPIError exception class, and raises it when the agent
returns a 400 status code or higher when issuing a command.

Co-Authored-By: Jay Faulkner <jay@jvf.cc>

Related-bug: 1542506
Change-Id: I07fb8115d254e877d8781207eaec203e3fdf8ad6
2017-11-09 22:10:58 -08:00
Xavier
a02cbf46dc Revert "Fix persistent information when getting boot device"
Reverting these changes because python-hpOneView does not provide HTTPS
secure connection with custom CAcert and could cause a possible security issue.

This reverts commit 5de0ccccd69258b930ed8ab7b91ca3a1aad705c1.

Change-Id: I4cf20e59fac71ef2d548182c084bcbed2193fada
2017-11-09 16:14:14 -03:00
Hugo Nicodemos
6762458e95 Revert "Add a timeout for powering on/off a node on HPE OneView Driver"
Reverting these changes because python-hpOneView does not provide HTTPS
secure connection with custom CAcert and could cause a possible security issue.

This reverts commit bab1054a0a04dfb6b3e8f489b7df18f5966d9029.

Change-Id: I540c20ba697f35aced79e158d190b7a85d60311f
2017-11-09 16:13:45 -03:00
Hugo Nicodemos
9b523967e1 Revert "Remove python-oneviewclient from Ironic OneView drivers"
Reverting these changes because python-hpOneView does not provide HTTPS
secure connection with custom CAcert and could cause a possible security issue.

This reverts commit 037360f64d5db7401df1d656fa8f1932011b5587.

Change-Id: I2a95f3cd23f20c363fe97fc347c9d2619d2ab5e9
2017-11-09 16:12:03 -03:00
Pavlo Shchelokovskyy
9b1a7ceb4b Add ansible deploy interface
this patch pulls the ansible deploy interface code
and related ansible playbooks and auxiliary files
from ironic-staging-drivers project into main ironic tree.

As discussed in the spec, the use of ramdisk callbacks
(lookup and hearbeats) is now mandatory with this deploy interface.
Playbooks and modules were updated to require Ansible>=2.4,
and custom Ansible module for executing 'parted' was replaced
with usage of built-in Ansible module.

The custom Ansible callback plugin now uses journald logger
by default to adapt to the default DevStack setup.

Documentation and devstack plugin changes enabling automated
testing of this interface will be proposed in followup patches.

Change-Id: I43f54688287953ccb1c2836437aea76236e6560b
Related-Bug: #1526308
2017-11-09 10:30:56 +00:00
Dmitry Tantsur
93ab9aac34 Clean up release notes from the upcoming release
Change-Id: Iacdc3fdcf1fc221995963f8900a7e8ee06c9900d
2017-11-09 10:56:33 +01:00
Pavlo Shchelokovskyy
db52bedef7 Fix misplaced reno note
Change-Id: I3888548746816c2651ef4bf3930c5e9a685c5228
2017-11-08 18:16:32 +02:00
Zuul
a3896fa8c4 Merge "Follow up Secure boot support for irmc-virtual-media driver" 2017-11-07 13:30:31 +00:00
Hugo Nicodemos
57bf86b06a Update python-ilorest-library to hardware type OneView
Previously the python-ilorest-library didn't support python3,
this patch updates the library requirement to a minimum version
that supports python3.

Change-Id: I5907267a8b2f24b915f03fc0b149a885a458fe2a
2017-11-06 11:01:55 -03:00
Zuul
aafa9b32e4 Merge "Add release note for fix to port 0 being valid" 2017-11-03 23:41:57 +00:00
Zuul
9d4ee7b699 Merge "Remove python-oneviewclient from Ironic OneView drivers" 2017-11-03 17:15:21 +00:00
Ruby Loo
322c1719d0 Add release note for fix to port 0 being valid
This adds a release note about the fix for 0 (zero) being a
valid port number.

This is a follow up to d3da9dec0ea5102a3f7b217843d03f2147753b9e

Change-Id: Iaee651f76f61174e34815acc78cda42695716038
Closes-Bug: #1729628
2017-11-02 11:31:35 -04:00