On whole disk images a root partition is already created and populated, so
validating its size makes no sense. We don't do it for direct deploy.
Change-Id: I7a4114979afb310aeb77f99fbcf09ef7c54862d6
Closes-Bug: #1742451
We now use the project openstack/ironic-tempest-plugin to store our
tempest plugin. All content from the ironic_tempest_plugin/ directory
has been ported to that project.
We no longer want to have the plugin content stored here so we delete
it.
Remove check in tools/flake8wrap.sh that prevented changes to the
ironic_tempest_plugin/ directory.
Change-Id: I700bd7b71472fa91f6bc02aebc055584df08e0ef
This patch implements uWSGI support for ironic API service.
ironic/api/app.wsgi is deprecated in favor of pbr generated
ironic-api-wsgi
Co-Authored-By: anascko <ovoshchana@mirantis.com>
Change-Id: Ieb68c1042e31b77f9a549fd90afe31a65008deca
Closes-Bug: #1719260
Closes-Bug: #1668966
In a homogeneous hardware deployment that uses the same ramdisk for all
nodes, and possibly the same playbooks for actions with ansible deploy
interface, it is benefitial to make defaults of various `ansible_`
driver_info fields to be configurable via ironic configuration file
to simplify node enrollment.
This patch also deprecates `ansible_deploy_username` and
`ansible_deploy_key_file` options in node's driver_info in favor of
`ansible_username` and `ansible_key_file` respectively.
Change-Id: Ib198c07c1d414c0d78950e5d98a5176e12a7df13
Closes-Bug: #1736409
removes code that allowed some service sections to not have and use
keystoneauth adapter options.
Also deprecates `[keystone]region_name` option in favor of per-client
option of the same name.
Change-Id: Ifd58947b016bfa93b516dd47a170ba8f5abf277e
Closes-Bug: #1699547
This commit makes changes based upon review feedback
in I1958e18a5b9d933e2aa405b200bac7717f146611.
- Updates documentation describes required software by python-scciclient
- Updates release note
Co-authored-By: Tran Ha Tuyen <tuyenth@vn.fujitsu.com>
Related-Bug: #1637422
Change-Id: I1ca1e1e02b8c2102e0dbd858c0a51df0dd6b58fb
deprecates the following options in [neutron] section:
- url
- url_timeout
- auth_strategy
Changes some internal networking-related functions/methods
to accept a request context as optional keyword argument (defaults to
None).
This allows to pass a global request id to neutron client and
in future will simplify creating a user auth plugin from request
context.
For backward compatibility, when calling those functions/methods
without a request context, a dummy request context will be generated
automatically.
Change-Id: Ib327c7a141cfbca63b870027ad8e901c0f48bb2d
Partial-Bug: #1699547
In many cases, including devstack and TripleO, the swift account to use
is based on the project_id of the 'service' project, so it makes sense
to use it as a default.
Similarly, the temporary URL key can be fetches from Swift, using HEAD
on the account used to access it.
In both cases it is assumed that the same project is used by Ironic
and Glance to access Swift. Explicit values have to be provided
otherwise.
Finally, the endpoint URL can be fetched from the service catalog. Care
is taken to strip the /v1/AUTH_<tenant ID> suffix.
Closes-Bug: #1737714
Change-Id: I701899928f0f780939f17aabc59eb90593ba95f0
This patch enables receiving agent_version as part of heartbeat, and
stores this information on driver_internal_info. This is so that Ironic
can dynamically adjust which features and parameters it uses based on
which version of the agent is being used.
Change-Id: I400adba5d908b657751a83971811e8586f46c673
Partial-Bug: #1602265
in the change I52f1386df45ebe0a43b11fe1583e012dfa3af532
we lost most of swiftclient options in a belief that those are handled
by the keystoneauth session passed to the swiftclient.
In fact though, swiftclient only uses this session to get itself an
endpoint and a token, but it has no SessionClient, and does not use that
passed in session to make further requests to swift itself.
This patch restores all the logic that we had to decompose the session
object loaded from config to options that are passed to swiftclient
explicitly.
Change-Id: I08f382aa9d2ad22f7dbd65f7b54a8dd0a765ba44
Partial-Bug: #1699547
Closes-Bug: #1736158
During a rolling upgrade, when the new services are pinned to the
old release, the API version will also be pinned to the old release.
This will prevent users from accessing new features that may not quite
work.
The .sample was updated to reflect the change to the help string for
the [DEFAULT]/pin_release_version configuration option. The update also
pulled in changes for other options, from other (non-ironic) libraries.
Change-Id: I38a0f106b589945fb62071f3dfe5bff43c6fee93
Partial-Bug: #1708549
If no resource class is provided in a creation request, the value of
the new ``default_resource_class`` configuration option is used.
While this feature is implemented on the API level, it's not a part of
the API contract, so it's not covered by a microversion. It's particularly
important, because it allows this change to apply even to requests
using an old API version, thus making these versions usable after
the mandatory switch to resource classes in nova.
Change-Id: I58232d9c92d6ffca49d334e5fb7078bce19f1cb4
Closes-Bug: #1732190
The agent deploy mixin tries to collect logs from the deployment ramdisk
after powering off a node. This is clearly not going to work, as it
requires a call to the IPA API.
This change avoids collecting logs from the ramdisk in failure scenarios
where the node is powered off.
Change-Id: I353e73e3612ece893276c683ce469f8561e9ebf9
Closes-Bug: #1732939
This update enhances iRMC out-of-band hardware inspection for
FUJITSU PRIMERGY bare metal nodes having iRMC S4 and beyond.
The capabilities are server_model, rom_firmware_version,
pci_gpu_devices, trusted_boot and irmc_firmware_version.
Co-authored-By: Nguyen Van Trung <trungnv@vn.fujitsu.com>
Change-Id: I1958e18a5b9d933e2aa405b200bac7717f146611
Closes-Bug: #1637422
Inspector-client is a bit lacking behind other clients, as it does not
have Adapter-based SessionClient and thus does not support all
adapter-related options.
That's why we construct a session and an adapter from config section,
use adapter to resolve inspector API from service catalog
(or return the fixed endpoint_override one)
and then pass the session and inspector API endpoint to client.
This patch also deprecates `[inspector]service_url` in favor of
`[inspector]endpoint_override`.
As a side-effect, addressig inspector service now supports both regions
and interfaces to specify entry in service catalog.
Also, inspectorclient calls are now being made with the user token
(wrapped with a service token) when there is a token in the task's
request context.
Change-Id: I21836e712fa9764468ac2654525554b5b4f03741
Partial-Bug: #1699547
this patch changes the way glance client is instantiated, using
keystoneauth sessions and adapters.
In order to support glance API endpoint discovery from keystone catalog
and more unified way of client loading,
many options in `[glance]` config sections are deprecated,
mostly those that specified a (set of) glance API endpoint(s)
or parts of glance API address.
Instead, a single option `[glance]endpoint_override` must be used when
required to access a specific (possibly load-balanced)
glance API endpoint without discovering it from keystone catalog.
Another set of deprecated options are those that are duplicating
keystoneauth session options in [glance] section.
Also, intrinsic support for parsing the glance API URL from image ref
set to the full glance REST path to the image is removed as it was not
working any way since an 'http(s)://' image ref is not treated
as a glance image.
Change-Id: I6a93b71ac097e951dfc93fd1ee4d7ef483514f2c
Partial-Bug: #1699547
Closes-Bug: #1699542
Release notes are version independent, so remove version/release
values. We've found that projects now require the service package
to be installed in order to build release notes, and this is entirely
due to the current convention of pulling in the version information.
Release notes should not need installation in order to build, so this
unnecessary version setting needs to be removed.
This is needed for new release notes publishing, see
I56909152975f731a9d2c21b2825b972195e48ee8 and the discussion starting
at
http://lists.openstack.org/pipermail/openstack-dev/2017-November/124480.html
.
Change-Id: Id30ea68f37bdb2623e683a1c1238596f3a8978f7
Previously, provisioning network ports were only deleted during a
successful deployment, when the node's network is flipped from the
provisioning network to the tenant network. In many failure scenarios
this code path would not be reached, as well as the case of aborting
deployment. This is not normally an issue, because during instance
termination, nova deletes all ports with a device ID matching the
instance's UUID, including any remaining provisioning ports.
This change removes the provisioning network ports when tearing down a
node to ensure that they are deleted in all scenarios.
Change-Id: I5656802ee04b44247f4a81bb311b5e306a737a4e
Closes-Bug: #1732412
Related-Bug: #1607394
Vendor interfaces must not be mandatory. Missing no-vendor implementation
means that we require operators to enable the idrac vendor interface when
the idrac hardware type is enabled.
Change-Id: I6768a37bc268e367eaf93b12660a80d31eeca0c0
Closes-Bug: #1732166
Currently the status code returned by IPA's POST /v1/commands API is
completely ignored by Ironic. This causes deploys to get stuck, as
future heartbeats will see that the command has not yet been accepted
and will continue to wait.
If IPA returns an error code to Ironic's agent client, we should bubble
that exception up, causing a deploy failure higher in the chain.
This adds an AgentAPIError exception class, and raises it when the agent
returns a 400 status code or higher when issuing a command.
Co-Authored-By: Jay Faulkner <jay@jvf.cc>
Related-bug: 1542506
Change-Id: I07fb8115d254e877d8781207eaec203e3fdf8ad6
Reverting these changes because python-hpOneView does not provide HTTPS
secure connection with custom CAcert and could cause a possible security issue.
This reverts commit 5de0ccccd69258b930ed8ab7b91ca3a1aad705c1.
Change-Id: I4cf20e59fac71ef2d548182c084bcbed2193fada
Reverting these changes because python-hpOneView does not provide HTTPS
secure connection with custom CAcert and could cause a possible security issue.
This reverts commit bab1054a0a04dfb6b3e8f489b7df18f5966d9029.
Change-Id: I540c20ba697f35aced79e158d190b7a85d60311f
Reverting these changes because python-hpOneView does not provide HTTPS
secure connection with custom CAcert and could cause a possible security issue.
This reverts commit 037360f64d5db7401df1d656fa8f1932011b5587.
Change-Id: I2a95f3cd23f20c363fe97fc347c9d2619d2ab5e9
this patch pulls the ansible deploy interface code
and related ansible playbooks and auxiliary files
from ironic-staging-drivers project into main ironic tree.
As discussed in the spec, the use of ramdisk callbacks
(lookup and hearbeats) is now mandatory with this deploy interface.
Playbooks and modules were updated to require Ansible>=2.4,
and custom Ansible module for executing 'parted' was replaced
with usage of built-in Ansible module.
The custom Ansible callback plugin now uses journald logger
by default to adapt to the default DevStack setup.
Documentation and devstack plugin changes enabling automated
testing of this interface will be proposed in followup patches.
Change-Id: I43f54688287953ccb1c2836437aea76236e6560b
Related-Bug: #1526308
Previously the python-ilorest-library didn't support python3,
this patch updates the library requirement to a minimum version
that supports python3.
Change-Id: I5907267a8b2f24b915f03fc0b149a885a458fe2a
This adds a release note about the fix for 0 (zero) being a
valid port number.
This is a follow up to d3da9dec0ea5102a3f7b217843d03f2147753b9e
Change-Id: Iaee651f76f61174e34815acc78cda42695716038
Closes-Bug: #1729628