openstack/ironic
Code Issues Proposed changes
761dadba73
ironic/releasenotes/notes
History
Pavlo Shchelokovskyy f9ea26ebf3 Migrate to using keystoneauth Sessions 
We currently construct Keystone client objects directly, which
is no longer the preferred way.  Instead, we should be using Sessions
which allows use of different auth plugins.  This change attempts to
migrate our Keystone usage to this model.

Additionally, we currently rely on the imported keystonemiddleware
auth_token's configuration for all of the Keystone credentials used
by the Ironic service user.  This is bad, as that config is internal
to that library and may change at any time.  Also, the service user
may be using different credentials than the token validator.

This refactors the keystone module to use Sessions.
It attempts to provide some backward compat for users
who have not yet updated their config,
by falling back to the authtoken config section when required.

Operators impact:

- Authentification parameters for each service now should specified in
  the corresponding config section for this service ([glance], [neutron]
  [swift], [inspector]).
  This includes providing both Keystone session-related options
  (timeout, SSL-related ones) and authentification options
  (`auth_type`, `auth_url` and proper options for the auth plugin).

- New config section `service_catalog` for Ironic service user
  credentials, used to resolve Ironic API URL from Keystone catalog.

- If loading from the service config section fails, an attempt is made
  to use respective options from [keystone_authtoken] section as a
  fall-back for backward compatibility.

Implementation details:

- using keystoneauth1 library instead of keystoneclient

- For each service the keystone session is created only once and is
  reused further. This lowers the number of authentification requests
  made to Keystone but implies that only auth plugins that can
  re-authentificate themselves can be used (so no *Token plugins).

This patch does not update the DevStack plugin, in order to test
backwards compatibility with old config options.
DevStack plugin will be modified in a subsequent patch.

Change-Id: I166eebefc1e1335a1a7b632149cf6441512e9d5e
Closes-Bug: #1422632
Related-Bug: #1418341
Related-Bug: #1494776
Co-Authored-By: Adam Gandelman <adamg@ubuntu.com>
2016-08-03 11:24:21 -07:00
..
.placeholder Add reno for release notes management 2015-11-13 03:22:32 -08:00
5.0-release-afb1fbbe595b6bc8.yaml Prep for 5.0 release 2016-03-03 23:46:35 +00:00
active-node-creation-a41c9869c966c82b.yaml Follow-up to Active Node Creation 2016-06-17 09:25:23 -04:00
add-agent-erase-fallback-b07613a7042fe236.yaml Add config option for ATA erase fallback in agent 2016-06-06 08:16:50 -04:00
add-agent-iboot-0a4b5471c6ace461.yaml Catch up release notes for Mitaka 2015-11-25 23:13:56 +00:00
add-agent-proxy-support-790e629634ca2eb7.yaml Add proxy related parameters to agent driver 2016-02-05 20:52:23 +00:00
add-choice-to-some-options-9fb327c48e6bfda1.yaml Prep for 5.0 release 2016-03-03 23:46:35 +00:00
add-ipv6-pxe-support-8fb51c355cc977c4.yaml Catch up release notes for Mitaka 2015-11-25 23:13:56 +00:00
add-iscsi-portal-port-option-bde3b386f44f2a90.yaml add new portal_port option for iscsi module 2016-04-13 07:46:14 +00:00
add-network-interface-api-a3a56b8d0c796d88.yaml Follow-up to 317392 2016-07-15 11:50:35 +00:00
add-network-interfaces-0a13c4aba252573e.yaml Add network interface to base driver class 2016-07-12 19:08:07 +03:00
add-neutron-network-interface-aa9e7e65011ab8cd.yaml Add 'neutron' network interface 2016-07-13 13:38:56 +03:00
add-node-resource-class-c31e26df4196293e.yaml Add node.resource_class field 2016-07-28 11:49:27 +00:00
add-oneview-driver-96088bf470b16c34.yaml Catch up release notes for Mitaka 2015-11-25 23:13:56 +00:00
add-port-advanced-net-fields-55465091f019d962.yaml Follow-up fixes to 206244 2016-07-13 18:12:35 -07:00
add-port-internal-info-b7e02889416570f7.yaml Add internal_info field to ports and portgroups 2016-07-07 19:56:13 +03:00
Add-port-option-support-to-ipmitool-e125d07fe13c53e7.yaml Add port option support for ipmitool 2015-12-08 13:17:49 -08:00
add-socat-console-ipmitool-ab4402ec976c5c96.yaml IPMITool: add IPMISocatConsole and IPMIConsole class 2016-07-25 16:42:31 +09:00
add-ssl-support-4547801eedba5942.yaml Catch up release notes for Mitaka 2015-11-25 23:13:56 +00:00
add-support-for-no-poweroff-on-failure-86e43b3e39043990.yaml Config to stop powering off nodes on failure 2016-03-23 17:06:50 +00:00
adding-audit-middleware-b95f2a00baed9750.yaml Add support for the audit middleware 2016-07-26 11:43:35 -07:00
adopt-ironic-context-5e75540dc2b2f009.yaml Follow-up patch of 0607226fc4 2016-04-19 11:29:32 +08:00
adopt-oslo-config-generator-15afd2e7c2f008b4.yaml Fix formatting of a release note 2016-05-30 11:42:03 -04:00
adoption-feature-update-d2160954a2c36b0a.yaml Bug fixes and doc updates for adoption 2016-07-21 08:52:21 -04:00
agent_partition_image-48a03700f41a3980.yaml Add support for partition images in agent drivers 2016-03-21 16:12:08 +00:00
agent-api-bf9f18d8d38075e4.yaml Implement new heartbeat for AgentDeploy 2016-07-20 18:24:01 +02:00
agent-can-request-reboot-6238e13e2e898f68.yaml Support reboot_requested bool on agent clean_steps 2016-03-28 18:37:41 +00:00
agent-wol-driver-4116f64907d0db9c.yaml Catch up release notes for Mitaka 2015-11-25 23:13:56 +00:00
amt-driver-wake-up-0880ed85476968be.yaml Add reno for AMT wakeup patch 2015-12-03 07:46:36 -08:00
automated_clean_config-0170c95ae210f953.yaml Replace config 'clean_nodes' with 'automated_clean' 2016-02-10 16:03:28 +00:00
bmc_reset-warm-9396ac444cafd734.yaml FIX: IPMI bmc_reset() always executed as "warm" 2016-04-22 15:13:39 +01:00
boot-ipxe-inc-workaround-548e10d1d6616752.yaml Fall back to old boot.ipxe behaviour if inc command is not found 2015-12-01 11:15:56 +01:00
bug-1506657-3bcb4ef46623124d.yaml Catch up release notes for Mitaka 2015-11-25 23:13:56 +00:00
bug-1518374-decd73fd82c2eb94.yaml Catch up release notes for Mitaka 2015-11-25 23:13:56 +00:00
bug-1548086-ed88646061b88faf.yaml Support for passing CA certificate in Ironic Glance Communication 2016-03-07 10:06:03 +00:00
bug-1570283-6cdc62e4ef43cb02.yaml Fix releasenotes formatting error 2016-06-27 16:26:11 -07:00
bug-1579635-cffd990b51bcb5ab.yaml Fix formatting error in releasenotes 2016-05-13 12:56:51 -07:00
bug-1592335-7c5835868fe364ea.yaml Add validation of 'ilo_deploy_iso' in deploy.validate() 2016-06-21 21:39:10 -07:00
cleaning-retry-fix-89a5d0e65920a064.yaml Add cleanwait timeout cleanup process 2016-06-13 17:17:14 -04:00
clear-node-target-power-state-de1f25be46d3e6d7.yaml Clear target_power_state on conductor startup 2016-06-21 15:22:37 +00:00
clear-target-stable-states-4545602d7aed9898.yaml Make sure target state is cleared on stable states 2016-03-18 11:50:35 +00:00
configure-notifications-72824356e7d8832a.yaml NOTIFICATION_TRANSPORT should be global 2016-06-01 10:25:05 -04:00
correct-api-version-check-conditional-for-nodename-439bebc02fb5493d.yaml Correct api version check conditional for node.name 2016-04-07 12:13:35 +03:00
debug-no-api-tracebacks-a8a0caddc9676b06.yaml Don't return tracebacks in API response in debug mode 2016-01-04 15:11:03 +00:00
dhcp-provider-clean-dhcp-9352717903d6047e.yaml Catch up release notes for Mitaka 2015-11-25 23:13:56 +00:00
disable-clean-step-reset-ilo-1869a6e08f39901c.yaml Disable clean step 'reset_ilo' for iLO drivers by default 2016-02-07 23:51:57 -08:00
disk-label-capability-d36d126e0ad36dca.yaml Add new 'disk_label' capability 2016-03-08 14:16:38 +00:00
disk-label-fix-7580de913835ff44.yaml Add disk_label and node_uuid for agent drivers 2016-03-22 17:02:13 +00:00
drac-migrate-to-dracclient-2bd8a6d1dd3fdc69.yaml Follow-up on dracclient refactor 2016-02-05 11:06:21 +01:00
drac-missing-lookup-3ad98e918e1a852a.yaml Fix missing lookup() vendor method error for pxe_drac 2016-02-04 14:25:46 +00:00
duplicated-driver-entry-775370ad84736206.yaml Fix: Duplicated driver causes conductor to fail 2016-03-24 15:51:38 +00:00
emit-metrics-for-api-calls-69f18fd1b9d54b05.yaml Metric chassis, driver, node, and port API calls 2016-07-15 18:15:11 +00:00
fix-agent-ilo-temp-image-cleanup-711429d0e67807ae.yaml Catch up release notes for Mitaka 2015-11-25 23:13:56 +00:00
fix-api-access-logs-68b9ca4f411f339c.yaml API service logs access requests again 2016-01-22 10:22:30 -08:00
fix-api-node-name-updates-f3813295472795be.yaml Fix API node name updates 2016-04-22 12:01:47 +03:00
fix-clean-steps-not-running-0d065cb022bc0419.yaml Fix bug where clean steps do not run 2015-12-03 17:45:53 +00:00
fix-cleaning-spawn-error-60b60281f3be51c2.yaml Fix spawn error hook in "continue_node_clean" RPC method 2016-02-02 16:30:13 +02:00
fix-cve-2016-4985-b62abae577025365.yaml Mask password on agent lookup according to policy 2016-06-21 08:26:23 -07:00
fix-get-deploy-info-port.yaml Use correct iscsi portal port in continue_deploy 2016-05-30 20:24:50 +03:00
fix-ilo-firmware-update-swift-path-with-pseudo-folder-0660345510ec0bb4.yaml File download fails with swift pseudo folder 2016-05-04 00:36:03 -07:00
fix-ipa-ephemeral-partition-1f1e020727a49078.yaml Properly set ephemeral size in agent drivers 2016-06-22 09:53:40 +00:00
fix-ipmi-numeric-password-75e080aa8bdfb9a2.yaml Catch up release notes for Mitaka 2015-11-25 23:13:56 +00:00
fix-ipmitool-console-empty-password-a8edc5e2a1a7daf6.yaml Catch up release notes for Mitaka 2015-11-25 23:13:56 +00:00
fix-ipxe-macro-4ae8bc4fe82e8f19.yaml Catch up release notes for Mitaka 2015-11-25 23:13:56 +00:00
fix-ipxe-template-for-whole-disk-image-943da0311ca7aeb5.yaml Fix iPXE template for whole disk image 2015-12-10 20:17:53 +00:00
fix-mac-address-48060f9e2847a38c.yaml Normalize MAC OctetString to fix InvalidMAC exception 2016-03-31 11:25:07 +09:00
fix-mitaka-ipa-iscsi.yaml Gracefully degrade start_iscsi_target for Mitaka ramdisk 2016-06-08 12:55:05 +03:00
fix-sync-power-state-last-error-65fa42bad8e38c3b.yaml Catch up release notes for Mitaka 2015-11-25 23:13:56 +00:00
fix-virtualbox-localboot-not-working-558a3dec72b5116b.yaml Fix VirtualBox cannot set boot device when powered on 2016-04-29 09:01:26 +08:00
futurist-e9c55699f479f97a.yaml Switch to Futurist library for asynchronous execution and periodic tasks 2016-02-24 15:44:05 +01:00
get-supported-boot-devices-manadatory-task-0462fc072d6ea517.yaml Catch up release notes for Mitaka 2015-11-25 23:13:56 +00:00
hexraw-support-removed-8e8fa07595a629f4.yaml Remove support for 'hexraw' iPXE type 2016-05-30 11:04:23 -04:00
ilo-automated-cleaning-fails-14ee438de3dd8690.yaml Fixes automated cleaning failure in iLO drivers 2016-02-22 07:27:17 -08:00
ilo-boot-interface-92831b78c5614733.yaml Catch up release notes for Mitaka 2015-11-25 23:13:56 +00:00
ilo-do-not-power-off-non-deploying-nodes-0a3aed7c8ea3940a.yaml Follow-up to I244c3f31d0ad26194887cfb9b79f96b5111296c6 2016-04-05 15:26:24 -04:00
ilo-erase-device-priority-config-509661955a11c28e.yaml Deprecate [ilo]/clean_priority_erase_devices config 2016-07-14 12:22:34 +01:00
ilo-firmware-update-manual-clean-step-e6763dc6dc0d441b.yaml Firmware update(iLO) as manual cleaning step 2016-03-04 12:34:37 -08:00
ilo-license-activate-manual-clean-step-84d335998d708b49.yaml Add clean step in iLO drivers to activate iLO license 2016-03-03 03:59:49 -08:00
inspection-agent-drivers-cad619ec8a4874b1.yaml Catch up release notes for Mitaka 2015-11-25 23:13:56 +00:00
inspector-for-cisco-bffe1d1af7aec677.yaml Enable Ironic Inspector for Cisco Drivers 2016-02-03 16:35:05 +00:00
ipa-streams-raw-images-1010327b0dad763c.yaml Catch up release notes for Mitaka 2015-11-25 23:13:56 +00:00
ipxe_retry_on_failure-e71fc6b3e9a5be3b.yaml ipxe: retry on failure 2016-04-19 10:20:36 -04:00
ipxe_timeout_parameter-03fc3c76c520fac2.yaml ipxe: add --timeout parameter to kernel and initrd 2016-03-02 10:49:12 -05:00
ipxe-and-uefi-7722bd5db71df02c.yaml Add UEFI support for iPXE 2015-12-22 18:10:24 +00:00
ipxe-uefi-f5be11c7b0606a84.yaml Fix issues with uefi-ipxe booting 2016-01-17 05:59:47 +00:00
irmc-boot-interface-8c2e26affd1ebfc4.yaml Catch up release notes for Mitaka 2015-11-25 23:13:56 +00:00
irmc-oob-inspection-6d072c60f6c88ecb.yaml Follow up nits of irmc oob inspection 2016-02-29 11:42:06 +09:00
iscsi-inband-cleaning-bff87aac16e5d488.yaml Catch up release notes for Mitaka 2015-11-25 23:13:56 +00:00
keystone-auth-3155762c524e44df.yaml Migrate to using keystoneauth Sessions 2016-08-03 11:24:21 -07:00
kill-old-ramdisk-6fa7a16269ff11b0.yaml Remove support for the old ramdisk (DIB deploy-ironic element) 2016-06-09 13:43:21 +02:00
list-nodes-by-driver-a1ab9f2b73f652f8.yaml API to list nodes using the same driver 2016-03-01 09:59:48 +00:00
logging-keystoneauth-9db7e56c54c2473d.yaml Reduce amount of unhelpful debug logging in the API service 2016-04-07 12:10:07 +02:00
manual-clean-4cc2437be1aea69a.yaml Add manual cleaning to documentation 2016-02-22 15:46:46 -05:00
name-root-device-hints-a1484ea01e399065.yaml Extend root device hints to support device name 2016-02-02 17:29:15 +00:00
neutron-port-timeout-cbd82e1d09c6a46c.yaml Allow to set Neutron port setup delay from config 2016-04-21 18:17:01 +03:00
no-downward-sql-migration-52279e875cd8b7a3.yaml Remove downgrade support from migrations 2016-02-08 15:31:15 +00:00
no-instance-uuid-workaround-fc458deb168c7a8b.yaml Remove workaround for nova removing instance_uuid during cleaning 2016-06-14 17:21:13 +02:00
node-deletion-update-resources-53862e48ab658f77.yaml Update resources only for specific node during deletion. 2016-04-29 19:16:12 +00:00
node-name-remove-720aa8007f2f8b75.yaml Enable removing name when updating node 2016-02-26 09:18:14 +00:00
notimplementederror-misspell-276a181afd652cf6.yaml Correct NotImplemented to NotImplementedError in rpcapi.py 2015-12-09 11:10:58 +08:00
oob-power-off-7bbdf5947ed24bf8.yaml Agent: Out-of-band power off on deploy 2016-03-22 10:48:59 +00:00
opentack-baremetal-request-id-daa72b785eaaaa8d.yaml Append 'Openstack-Request-Id' header to the response 2016-03-22 10:38:39 -07:00
pass-metrics-config-to-agent-on-lookup-6db9ae187c4e8151.yaml Pass agent metrics config via conductor 2016-08-02 17:56:43 +00:00
pass-region-to-swiftclient-c8c8bf1020f62ebc.yaml Pass region_name to SwiftAPI 2016-03-14 19:23:54 -07:00
radosgw-temp-url-b04aac50698b4461.yaml Catch up release notes for Mitaka 2015-11-25 23:13:56 +00:00
raid-to-support-jbod-568f88207b9216e2.yaml RAID interface to support JBOD volumes 2016-05-04 14:28:48 +00:00
refactor-ironic-lib-22939896d8d46a77.yaml Refactor disk partitioner code from ironic and use ironic-lib. 2015-12-09 22:03:35 -08:00
release-4.3.0-cc531ab7190f8a00.yaml Catch up release notes for Mitaka 2015-11-25 23:13:56 +00:00
remove-clean-nodes-38cfa633ca518f99.yaml Remove [conductor]/clean_nodes config option 2016-05-16 20:53:18 +00:00
remove-deprecated-option-names-6d5d53cc70dd2d49.yaml Remove two deprecated config option names from [agent] section 2016-04-13 21:58:40 -07:00
remove-DEPRECATED-options-from-[agent]-7b6cce21b5f52022.yaml Remove two DEPRECATED config options from [agent] 2016-04-21 10:09:01 -07:00
remove-discoverd-group-03eaf75e9f94d7be.yaml Remove "discoverd" configuration group 2016-05-16 13:40:36 +00:00
remove-driver-periodic-task-f5e513b06b601ce4.yaml Remove deprecated driver_periodic_task 2016-05-16 21:26:37 +00:00
remove-exception-message-92100debeb40d4c7.yaml Remove "message" attribute support from IronicException 2016-05-16 20:53:14 +00:00
remove-manage-tftp-0c2f4f417b92b1ee.yaml Remove [agent]/manage_tftp option 2016-05-16 13:40:59 +00:00
remove-periodic-interval-45f57ebad9aaa14e.yaml Remove "periodic_interval" config option 2016-05-17 11:45:45 +00:00
remove-pxe-http-5a05c54f57747bfe.yaml Remove deprecated [pxe]/http_* options 2016-05-16 13:41:07 +00:00
remove-verbose-option-261f1b9e24212ee2.yaml Remove verbose option 2016-05-17 07:44:44 -04:00
reserved-node-names-67a08012ed1131ae.yaml Follow-up patch of 8e5e69869d 2016-05-25 16:02:25 -04:00
restart-console-on-conductor-startup-5cff6128c325b18e.yaml Restart consoles on conductor startup 2016-04-18 17:46:26 +08:00
root-api-version-info-9dd6cadd3d3d4bbe.yaml Catch up release notes for Mitaka 2015-11-25 23:13:56 +00:00
root-device-hints-rotational-c21f02130394e1d4.yaml Add and document the "rotational" root device hint 2016-07-12 17:14:34 +01:00
shred-final-overwrite-with-zeros-50b5ba5b19c0da27.yaml Allow configuring shred's final overwrite with zeros 2016-05-10 15:13:21 -04:00
snmp-reboot-delay-d18ee3f6c6fc0998.yaml Catch up release notes for Mitaka 2015-11-25 23:13:56 +00:00
ssh-console-58721af6830f8892.yaml Add console feature to ssh driver 2015-12-22 15:35:49 +00:00
update-irmc-set-boot-device-fd50d9dce42aaa89.yaml Force iRMC vmedia boot from remotely connected CD/DVD 2016-03-31 12:04:37 +09:00
update-python-scciclient-required-version-71398d5d5e1c0bf8.yaml Update python-scciclient version number 2015-12-08 11:23:55 +09:00
validate-ilo-certificates-3ab98bb8cfad7d60.yaml Support to validate iLO SSL certificate in iLO drivers 2016-07-18 10:00:16 -07:00
validate-node-properties-73509ee40f409ca2.yaml Catch up release notes for Mitaka 2015-11-25 23:13:56 +00:00
vendor-passthru-shared-lock-6a9e32952ee6c2fe.yaml Allow vendor drivers to acquire shared locks 2016-05-13 14:13:57 +00:00
wipe-disk-before-deployment-0a8b9cede4a659e9.yaml iscsi: wipe the disk before deployment 2016-04-22 15:47:07 +00:00
wwn-extension-root-device-hints-de40ca1444ba4888.yaml Catch up release notes for Mitaka 2015-11-25 23:13:56 +00:00
xenserver-ssh-driver-398084fe91ac56f1.yaml Catch up release notes for Mitaka 2015-11-25 23:13:56 +00:00