Browse Source

Rename discoverd -> inspector

As agreed on the summit I'm renaming the python modules
and doing some adjustments:
* This is a breaking change, so version is bumped to 2.0.0
* Used this chance to split conf options over proper sections
* RELEASES.rst is gone; it's too hard to keep it up-to-date;
  anyway git does better job at doing history
* Dropped deprecated option ports_for_inactive_interfaces
* Dropped old /v1/discover endpoint and associated client call
* No longer set on_discovery and newly_discovered in Node.extra
  (deprecated since 1.0.0, superseded by the get status API)
* Default firewall chain name is "ironic-inspector" and
  is configurable

Notes:
* Some links will be updated after real move.
* Stable branches will probably use the old name.
* Some usage of discovery word is left in context of
  "discovered data"
* DIB element will probably be deprecated, so leaving it
  alone for now.
* Some usages of word "discovery" in the README will be updated
  later to make this patch a bit smaller
* Ramdisk code will be moved to IPA, so not touching it too much

Change-Id: I59f1f5bfb1248ab69973dab845aa028df493054e
changes/99/185499/5
Dmitry Tantsur 7 years ago
parent
commit
d6404d2f99
  1. 10
      CONTRIBUTING.rst
  2. 14
      HTTP-API.rst
  3. 2
      MANIFEST.in
  4. 126
      README.rst
  5. 211
      RELEASES.rst
  6. 4
      bin/ironic-discoverd-ramdisk
  7. 4
      bin/ironic-inspector-ramdisk
  8. 131
      example.conf
  9. 13
      functest/run.py
  10. 12
      ironic-inspector.8
  11. 2
      ironic_inspector/__init__.py
  12. 58
      ironic_inspector/client.py
  13. 0
      ironic_inspector/common/__init__.py
  14. 2
      ironic_inspector/common/i18n.py
  15. 151
      ironic_inspector/conf.py
  16. 27
      ironic_inspector/firewall.py
  17. 17
      ironic_inspector/introspect.py
  18. 57
      ironic_inspector/main.py
  19. 14
      ironic_inspector/node_cache.py
  20. 0
      ironic_inspector/plugins/__init__.py
  21. 6
      ironic_inspector/plugins/base.py
  22. 8
      ironic_inspector/plugins/edeploy.py
  23. 4
      ironic_inspector/plugins/example.py
  24. 10
      ironic_inspector/plugins/root_device_hint.py
  25. 57
      ironic_inspector/plugins/standard.py
  26. 19
      ironic_inspector/process.py
  27. 34
      ironic_inspector/shell.py
  28. 0
      ironic_inspector/test/__init__.py
  29. 17
      ironic_inspector/test/base.py
  30. 32
      ironic_inspector/test/test_client.py
  31. 76
      ironic_inspector/test/test_firewall.py
  32. 37
      ironic_inspector/test/test_introspect.py
  33. 66
      ironic_inspector/test/test_main.py
  34. 19
      ironic_inspector/test/test_node_cache.py
  35. 4
      ironic_inspector/test/test_plugins_edeploy.py
  36. 4
      ironic_inspector/test/test_plugins_root_device_hint.py
  37. 14
      ironic_inspector/test/test_plugins_standard.py
  38. 85
      ironic_inspector/test/test_process.py
  39. 16
      ironic_inspector/test/test_utils.py
  40. 26
      ironic_inspector/utils.py
  41. 0
      ironic_inspector_ramdisk/__init__.py
  42. 6
      ironic_inspector_ramdisk/discover.py
  43. 16
      ironic_inspector_ramdisk/main.py
  44. 0
      ironic_inspector_ramdisk/test/__init__.py
  45. 10
      ironic_inspector_ramdisk/test/test_discover.py
  46. 8
      ironic_inspector_ramdisk/test/test_main.py
  47. 133
      locale/ironic-inspector.pot
  48. 8
      setup.cfg
  49. 36
      setup.py
  50. 12
      tox.ini

10
CONTRIBUTING.rst

@ -59,22 +59,22 @@ Github::
Run the service with::
.tox/py27/bin/ironic-discoverd --config-file example.conf
.tox/py27/bin/ironic-inspector --config-file example.conf
Of course you may have to modify ``example.conf`` to match your OpenStack
environment.
You can develop and test **ironic-discoverd** using
You can develop and test **ironic-inspector** using
`DevStack <http://docs.openstack.org/developer/devstack/>`_ plugin - see
https://etherpad.openstack.org/p/DiscoverdDevStack for the current status.
Writing a Plugin
~~~~~~~~~~~~~~~~
**ironic-discoverd** allows to hook your code into data processing chain after
**ironic-inspector** allows to hook your code into data processing chain after
introspection. Inherit ``ProcessingHook`` class defined in
`ironic_discoverd.plugins.base
<https://github.com/stackforge/ironic-discoverd/blob/master/ironic_discoverd/plugins/base.py>`_
`ironic_inspector.plugins.base
<https://github.com/stackforge/ironic-discoverd/blob/master/ironic_inspector/plugins/base.py>`_
module and overwrite any or both of the following methods:
``before_processing(node_info)``

14
HTTP-API.rst

@ -1,7 +1,7 @@
HTTP API
--------
By default **ironic-discoverd** listens on ``0.0.0.0:5050``, port
By default **ironic-inspector** listens on ``0.0.0.0:5050``, port
can be changed in configuration. Protocol is JSON over HTTP.
The HTTP API consist of these endpoints:
@ -17,7 +17,7 @@ Requires X-Auth-Token header with Keystone token for authentication.
Optional parameters:
* ``new_ipmi_password`` if set, **ironic-discoverd** will try to set IPMI
* ``new_ipmi_password`` if set, **ironic-inspector** will try to set IPMI
password on the machine to this value. Power credentials validation will be
skipped and manual power on will be required. See `Setting IPMI
credentials`_ for details.
@ -28,7 +28,7 @@ Optional parameters:
Response:
* 202 - accepted discovery request
* 202 - accepted introspection request
* 400 - bad request
* 401, 403 - missing or invalid authentication
* 404 - node cannot be found
@ -36,7 +36,7 @@ Response:
Get Introspection Status
~~~~~~~~~~~~~~~~~~~~~~~~
``GET /v1/introspection/<UUID>`` get hardware discovery status.
``GET /v1/introspection/<UUID>`` get hardware introspection status.
Requires X-Auth-Token header with Keystone token for authentication.
@ -49,14 +49,14 @@ Response:
Response body: JSON dictionary with keys:
* ``finished`` (boolean) whether discovery is finished
* ``finished`` (boolean) whether introspection is finished
* ``error`` error string or ``null``
Ramdisk Callback
~~~~~~~~~~~~~~~~
``POST /v1/continue`` internal endpoint for the discovery ramdisk to post
back discovered data. Should not be used for anything other than implementing
``POST /v1/continue`` internal endpoint for the ramdisk to post back
discovered data. Should not be used for anything other than implementing
the ramdisk. Request body: JSON dictionary with at least these keys:
* ``cpus`` number of CPU

2
MANIFEST.in

@ -1,6 +1,6 @@
include example.conf
include LICENSE
include ironic-discoverd.8
include ironic-inspector.8
include requirements.txt
include test-requirements.txt
include plugin-requirements.txt

126
README.rst

@ -7,14 +7,14 @@ properties discovery is a process of getting hardware parameters required for
scheduling from a bare metal node, given it's power management credentials
(e.g. IPMI address, user name and password).
A special *discovery ramdisk* is required to collect the information on a
A special ramdisk is required to collect the information on a
node. The default one can be built using diskimage-builder_ and
`ironic-discoverd-ramdisk element`_ (see Configuration_ below).
Support for **ironic-discoverd** is present in `Tuskar UI`_ --
Support for **ironic-inspector** is present in `Tuskar UI`_ --
OpenStack Horizon plugin for TripleO_.
**ironic-discoverd** requires OpenStack Juno (2014.2) release or newer.
**ironic-inspector** requires OpenStack Kilo (2015.1) release or newer.
Please use launchpad_ to report bugs and ask questions. Use PyPI_ for
downloads and accessing the released version of this README. Refer to
@ -27,12 +27,15 @@ CONTRIBUTING.rst_ for instructions on how to contribute.
.. _PyPI: https://pypi.python.org/pypi/ironic-discoverd
.. _CONTRIBUTING.rst: https://github.com/stackforge/ironic-discoverd/blob/master/CONTRIBUTING.rst
.. note::
**ironic-inspector** was called *ironic-discoverd* before version 2.0.0.
Workflow
--------
Usual hardware introspection flow is as follows:
* Operator installs undercloud with **ironic-discoverd**
* Operator installs undercloud with **ironic-inspector**
(e.g. using instack-undercloud_).
* Operator enrolls nodes into Ironic either manually or by uploading CSV file
@ -43,19 +46,18 @@ Usual hardware introspection flow is as follows:
`Node States`_.
* Operator sends nodes on introspection either manually using
**ironic-discoverd** API (see Usage_) or again via `Tuskar UI`_.
**ironic-inspector** API (see Usage_) or again via `Tuskar UI`_.
* On receiving node UUID **ironic-discoverd**:
* On receiving node UUID **ironic-inspector**:
* validates node power credentials, current power and provisioning states,
* allows firewall access to PXE boot service for the nodes,
* issues reboot command for the nodes, so that they boot the
discovery ramdisk.
* issues reboot command for the nodes, so that they boot the ramdisk.
* The discovery ramdisk collects the required information and posts it back
to **ironic-discoverd**.
* The ramdisk collects the required information and posts it back to
**ironic-inspector**.
* On receiving data from the discovery ramdisk, **ironic-discoverd**:
* On receiving data from the ramdisk, **ironic-inspector**:
* validates received data,
* finds the node in Ironic database using it's BMC address (MAC address in
@ -63,13 +65,13 @@ Usual hardware introspection flow is as follows:
* fills missing node properties with received data and creates missing ports.
.. note::
**ironic-discoverd** is responsible to create Ironic ports for some or all
NIC's found on the node. **ironic-discoverd** is also capable of
**ironic-inspector** is responsible to create Ironic ports for some or all
NIC's found on the node. **ironic-inspector** is also capable of
deleting ports that should not be present. There are two important
configuration options that affect this behavior: ``add_ports`` and
``keep_ports`` (please refer to ``example.conf`` for detailed explanation).
Default values as of **ironic-discoverd** 1.1.0 are ``add_ports=pxe``,
Default values as of **ironic-inspector** 1.1.0 are ``add_ports=pxe``,
``keep_ports=all``, which means that only one port will be added, which is
associated with NIC the ramdisk PXE booted from. No ports will be deleted.
This setting ensures that deploying on introspected nodes will succeed
@ -96,32 +98,23 @@ package and should be done separately.
Installation
------------
**ironic-discoverd** is available as an RPM from Fedora 22 repositories or from
Juno (and later) `RDO <https://www.rdoproject.org/>`_ for Fedora 20, 21
and EPEL 7. It will be installed and preconfigured if you used
instack-undercloud_ to build your undercloud.
Otherwise after enabling required repositories install it using::
yum install openstack-ironic-discoverd
To install only Python packages (including the client), use::
yum install python-ironic-discoverd
Install from PyPI_ (you may want to use virtualenv to isolate your
environment)::
Alternatively (e.g. if you need the latest version), you can install package
from PyPI_ (you may want to use virtualenv to isolate your environment)::
pip install ironic-inspector
pip install ironic-discoverd
Finally, there is a `DevStack <http://docs.openstack.org/developer/devstack/>`_
plugin for **ironic-discoverd** - see
Also there is a `DevStack <http://docs.openstack.org/developer/devstack/>`_
plugin for **ironic-inspector** - see
https://etherpad.openstack.org/p/DiscoverdDevStack for the current status.
Finally, some distributions (e.g. Fedora) provide **ironic-inspector**
packaged, some of them - under its old name *ironic-discoverd*.
Configuration
~~~~~~~~~~~~~
Copy ``example.conf`` to some permanent place
(``/etc/ironic-discoverd/discoverd.conf`` is what is used in the RPM).
(e.g. ``/etc/ironic-inspector/inspector.conf``).
Fill in at least these configuration values:
* ``os_username``, ``os_password``, ``os_tenant_name`` - Keystone credentials
@ -130,7 +123,7 @@ Fill in at least these configuration values:
* ``os_auth_url``, ``identity_uri`` - Keystone endpoints for validating
authentication tokens and checking user roles;
* ``database`` - where you want **ironic-discoverd** SQLite database
* ``database`` - where you want **ironic-inspector** SQLite database
to be placed;
* ``dnsmasq_interface`` - interface on which ``dnsmasq`` (or another DHCP
@ -160,8 +153,8 @@ As for PXE boot environment, you'll need:
is always advised).
* You need PXE boot server (e.g. *dnsmasq*) running on **the same** machine as
**ironic-discoverd**. Don't do any firewall configuration:
**ironic-discoverd** will handle it for you. In **ironic-discoverd**
**ironic-inspector**. Don't do any firewall configuration:
**ironic-inspector** will handle it for you. In **ironic-inspector**
configuration file set ``dnsmasq_interface`` to the interface your
PXE boot server listens on. Here is an example *dnsmasq.conf*::
@ -191,15 +184,17 @@ As for PXE boot environment, you'll need:
instead of ``discoverd_callback_url``. Modify ``pxelinux.cfg/default``
accordingly if you have one of these.
Here is *discoverd.conf* you may end up with::
Here is *inspector.conf* you may end up with::
[discoverd]
[DEFAULT]
debug = false
[ironic]
identity_uri = http://127.0.0.1:35357
os_auth_url = http://127.0.0.1:5000/v2.0
os_username = admin
os_password = password
os_tenant_name = admin
[firewall]
dnsmasq_interface = br-ctlplane
.. note::
@ -211,40 +206,41 @@ Here is *discoverd.conf* you may end up with::
Running
~~~~~~~
If you installed **ironic-discoverd** from the RPM, you already have
If you installed **ironic-inspector** from the RPM, you might already have
a *systemd* unit, so you can::
systemctl enable openstack-ironic-discoverd
systemctl start openstack-ironic-discoverd
systemctl enable openstack-ironic-inspector
systemctl start openstack-ironic-inspector
Otherwise run as ``root``::
ironic-discoverd --config-file /etc/ironic-discoverd/discoverd.conf
ironic-inspector --config-file /etc/ironic-inspector/inspector.conf
.. note::
Running as ``root`` is not required if **ironic-discoverd** does not
Running as ``root`` is not required if **ironic-inspector** does not
manage the firewall (i.e. ``manage_firewall`` is set to ``false`` in the
configuration file).
A good starting point for writing your own *systemd* unit should be `one used
in Fedora <http://pkgs.fedoraproject.org/cgit/openstack-ironic-discoverd.git/plain/openstack-ironic-discoverd.service>`_.
in Fedora <http://pkgs.fedoraproject.org/cgit/openstack-ironic-discoverd.git/plain/openstack-ironic-discoverd.service>`_
(note usage of old name).
Usage
-----
**ironic-discoverd** has a simple client library for Python and a CLI tool
**ironic-inspector** has a simple client library for Python and a CLI tool
bundled with it.
Client library is in module ``ironic_discoverd.client``, every call
Client library is in module ``ironic_inspector.client``, every call
accepts additional optional arguments:
* ``base_url`` **ironic-discoverd** API endpoint, defaults to
* ``base_url`` **ironic-inspector** API endpoint, defaults to
``127.0.0.1:5050``,
* ``auth_token`` Keystone authentication token.
CLI tool is based on OpenStackClient_ with prefix
``openstack baremetal introspection``. Accepts optional argument
``--discoverd-url`` with the **ironic-discoverd** API endpoint.
``--inspector-url`` with the **ironic-inspector** API endpoint.
* **Start introspection on a node**:
@ -256,7 +252,7 @@ CLI tool is based on OpenStackClient_ with prefix
* ``uuid`` - Ironic node UUID;
* ``new_ipmi_username`` and ``new_ipmi_password`` - if these are set,
**ironic-discoverd** will switch to manual power on and assigning IPMI
**ironic-inspector** will switch to manual power on and assigning IPMI
credentials on introspection. See `Setting IPMI Credentials`_ for details.
* **Query introspection status**:
@ -279,7 +275,7 @@ Using from Ironic API
~~~~~~~~~~~~~~~~~~~~~
Ironic Kilo introduced support for hardware introspection under name of
"inspection". **ironic-discoverd** introspection is supported for some generic
"inspection". **ironic-inspector** introspection is supported for some generic
drivers, please refer to `Ironic inspection documentation`_ for details.
Node States
@ -312,17 +308,17 @@ Node States
Setting IPMI Credentials
~~~~~~~~~~~~~~~~~~~~~~~~
If you have physical access to your nodes, you can use **ironic-discoverd** to
If you have physical access to your nodes, you can use **ironic-inspector** to
set IPMI credentials for them without knowing the original ones. The workflow
is as follows:
* Ensure nodes will PXE boot on the right network by default.
* Set ``enable_setting_ipmi_credentials = true`` in the **ironic-discoverd**
* Set ``enable_setting_ipmi_credentials = true`` in the **ironic-inspector**
configuration file.
* Enroll nodes in Ironic with setting their ``ipmi_address`` only. This step
allows **ironic-discoverd** to distinguish nodes.
allows **ironic-inspector** to distinguish nodes.
* Set maintenance mode on nodes. That's an important step, otherwise Ironic
might interfere with introspection process.
@ -336,16 +332,16 @@ is as follows:
* Manually power on the nodes and wait.
* After introspection is finished (watch nodes power state or use
**ironic-discoverd** status API) you can turn maintenance mode off.
**ironic-inspector** status API) you can turn maintenance mode off.
Note that due to various limitations on password value in different BMC,
**ironic-discoverd** will only accept passwords with length between 1 and 20
**ironic-inspector** will only accept passwords with length between 1 and 20
consisting only of letters and numbers.
Plugins
~~~~~~~
**ironic-discoverd** heavily relies on plugins for data processing. Even the
**ironic-inspector** heavily relies on plugins for data processing. Even the
standard functionality is largely based on plugins. Set ``processing_hooks``
option in the configuration file to change the set of plugins to be run on
introspection data. Note that order does matter in this option.
@ -389,7 +385,7 @@ Errors when starting introspection
In Kilo release with *python-ironicclient* 0.5.0 or newer Ironic
defaults to reporting provision state ``AVAILABLE`` for newly enrolled
nodes. **ironic-discoverd** will refuse to conduct introspection in
nodes. **ironic-inspector** will refuse to conduct introspection in
this state, as such nodes are supposed to be used by Nova for scheduling.
See `Node States`_ for instructions on how to put nodes into
the correct state.
@ -403,7 +399,7 @@ There may be 3 reasons why introspection can time out after some time
#. Fatal failure in processing chain before node was found in the local cache.
See `Troubleshooting data processing`_ for the hints.
#. Failure to load discovery ramdisk on the target node. See `Troubleshooting
#. Failure to load the ramdisk on the target node. See `Troubleshooting
PXE boot`_ for the hints.
#. Failure during ramdisk run. See `Troubleshooting ramdisk run`_ for the
@ -411,17 +407,19 @@ There may be 3 reasons why introspection can time out after some time
Troubleshooting data processing
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
In this case **ironic-discoverd** logs should give a good idea what went wrong.
In this case **ironic-inspector** logs should give a good idea what went wrong.
E.g. for RDO or Fedora the following command will output the full log::
sudo journalctl -u openstack-ironic-discoverd
sudo journalctl -u openstack-ironic-inspector
(use ``openstack-ironic-discoverd`` for version < 2.0.0).
.. note::
Service name and specific command might be different for other Linux
distributions.
distributions (and for old version of **ironic-inspector**).
If ``ramdisk_error`` plugin is enabled and ``ramdisk_logs_dir`` configuration
option is set, **ironic-discoverd** will store logs received from the ramdisk
option is set, **ironic-inspector** will store logs received from the ramdisk
to the ``ramdisk_logs_dir`` directory. This depends, however, on the ramdisk
implementation.
@ -436,7 +434,9 @@ on. You may need to restart introspection.
Another source of information is DHCP and TFTP server logs. Their location
depends on how the servers were installed and run. For RDO or Fedora use::
$ sudo journalctl -u openstack-ironic-discoverd-dnsmasq
$ sudo journalctl -u openstack-ironic-inspector-dnsmasq
(use ``openstack-ironic-discoverd-dnsmasq`` for version < 2.0.0).
The last resort is ``tcpdump`` utility. Use something like
::
@ -458,7 +458,7 @@ sure that:
propagating,
#. there is no additional firewall rules preventing access to port 67 on the
machine where *ironic-discoverd* and its DHCP server are installed.
machine where *ironic-inspector* and its DHCP server are installed.
If you see node receiving DHCP address and then failing to get kernel and/or
ramdisk or to boot them, make sure that:

211
RELEASES.rst

@ -1,211 +0,0 @@
Release Notes
-------------
1.2 Series
~~~~~~~~~~
See `1.2.0 release tracking page`_ for details.
**Upgrade Notes**
**Major Features**
**Other Changes**
**Known Issues**
.. _1.2.0 release tracking page: https://bugs.launchpad.net/ironic-discoverd/+milestone/1.2.0
1.1 Series
~~~~~~~~~~
See `1.1.0 release tracking page`_ for details.
**Upgrade Notes**
* This version no longer supports ancient ramdisks that sent ``macs`` instead
of ``interfaces``. It also raises exception if no valid interfaces were
found after processing.
* ``identity_uri`` parameter should be set to Keystone admin endpoint.
* ``overwrite_existing`` is now enabled by default.
* Running the service as
::
$ ironic-discoverd /path/to/config
is no longer supported, use
::
$ ironic-discoverd --config-file /path/to/config
**Major Features**
* Default to only creating a port for the NIC that the ramdisk was PXE booted
from, if such information is provided by ramdisk as ``boot_interface`` field.
Adjustable by ``add_ports`` option.
See `better-boot-interface-detection blueprint
<https://blueprints.launchpad.net/ironic-discoverd/+spec/better-boot-interface-detection>`_
for details.
* `Setting IPMI Credentials`_ feature is considered stable now and is exposed
in the client. It still needs to be enabled via configuration.
See `setup-ipmi-credentials-take2 blueprint
<https://blueprints.launchpad.net/ironic-discoverd/+spec/setup-ipmi-credentials-take2>`_
for what changed since 1.0.0 (tl;dr: everything).
* Proper CLI tool implemented as a plugin for OpenStackClient_.
Also client now properly sets error message from the server in its exception.
This might be a breaking change, if you relied on exception message
previously.
* The default value for ``overwrite_existing`` configuration option was
flipped, matching the default behavior for Ironic inspection.
* Switch to `oslo.config <http://docs.openstack.org/developer/oslo.config/>`_
for configuration management (many thanks to Yuiko Takada).
**Other Changes**
* New option ``add_ports`` allows precise control over which ports to add,
replacing deprecated ``ports_for_inactive_interfaces``.
* Experimental plugin ``edeploy`` to use with `eDeploy hardware detection and
classification utilities`_.
See `eDeploy blueprint`_ for details.
* Plugin ``root_device_hint`` for in-band root device discovery.
* Plugin ``ramdisk_error`` is now enabled by default.
* Serious authentication issues were fixed, ``keystonemiddleware`` is a new
requirement.
* Basic support for i18n via oslo.i18n.
**Known Issues**
.. _1.1.0 release tracking page: https://bugs.launchpad.net/ironic-discoverd/+milestone/1.1.0
.. _Setting IPMI Credentials: https://github.com/stackforge/ironic-discoverd#setting-ipmi-credentials
.. _OpenStackClient: http://docs.openstack.org/developer/python-openstackclient/
.. _eDeploy hardware detection and classification utilities: https://pypi.python.org/pypi/hardware
.. _eDeploy blueprint: https://blueprints.launchpad.net/ironic-discoverd/+spec/edeploy
1.0 Series
~~~~~~~~~~
1.0 is the first feature-complete release series. It's also the first series
to follow standard OpenStack processes from the beginning. All 0.2 series
users are advised to upgrade.
See `1.0.0 release tracking page`_ for details.
**1.0.1 release**
This maintenance fixed serious problem with authentication and unfortunately
brought new upgrade requirements:
* Dependency on *keystonemiddleware*;
* New configuration option ``identity_uri``, defaulting to localhost.
**Upgrade notes**
Action required:
* Fill in ``database`` option in the configuration file before upgrading.
* Stop relying on **ironic-discoverd** setting maintenance mode itself.
* Stop relying on ``discovery_timestamp`` node extra field.
Action recommended:
* Switch your init scripts to use ``ironic-discoverd --config-file <path>``
instead of just ``ironic-discoverd <path>``.
* Stop relying on ``on_discovery`` and ``newly_discovered`` being set in node
``extra`` field during and after introspection. Use new get status HTTP
endpoint and client API instead.
* Switch from ``discover`` to ``introspect`` HTTP endpoint and client API.
**Major features**
* Introspection now times out by default, set ``timeout`` option to alter.
* New API ``GET /v1/introspection/<uuid>`` and ``client.get_status`` for
getting discovery status.
See `get-status-api blueprint`_ for details.
* New API ``POST /v1/introspection/<uuid>`` and ``client.introspect``
is now used to initiate discovery, ``/v1/discover`` is deprecated.
See `v1 API reform blueprint`_ for details.
* ``/v1/continue`` is now sync:
* Errors are properly returned to the caller
* This call now returns value as a JSON dict (currently empty)
* Add support for plugins that hook into data processing pipeline. Refer to
Plugins_ for information on bundled plugins and to CONTRIBUTING.rst_ for
information on how to write your own.
See `plugin-architecture blueprint`_ for details.
* Support for OpenStack Kilo release and new Ironic state machine -
see `Kilo state machine blueprint`_.
As a side effect, no longer depend on maintenance mode for introspection.
Stop putting node in maintenance mode before introspection.
* Cache nodes under introspection in a local SQLite database.
``database`` configuration option sets where to place this database.
Improves performance by making less calls to Ironic API and makes possible
to get results of introspection.
**Other Changes**
* Firewall management can be disabled completely via ``manage_firewall``
option.
* Experimental support for updating IPMI credentials from within ramdisk.
Enable via configuration option ``enable_setting_ipmi_credentials``.
Beware that this feature lacks proper testing, is not supported
officially yet and is subject to changes without keeping backward
compatibility.
See `setup-ipmi-credentials blueprint`_ for details.
**Known Issues**
* `bug 1415040 <https://bugs.launchpad.net/ironic-discoverd/+bug/1415040>`_
it is required to set IP addresses instead of host names in
``ipmi_address``/``ilo_address``/``drac_host`` node ``driver_info`` field
for **ironic-discoverd** to work properly.
.. _1.0.0 release tracking page: https://bugs.launchpad.net/ironic-discoverd/+milestone/1.0.0
.. _setup-ipmi-credentials blueprint: https://blueprints.launchpad.net/ironic-discoverd/+spec/setup-ipmi-credentials
.. _Plugins: https://github.com/stackforge/ironic-discoverd#plugins
.. _CONTRIBUTING.rst: https://github.com/stackforge/ironic-discoverd/blob/master/CONTRIBUTING.rst
.. _plugin-architecture blueprint: https://blueprints.launchpad.net/ironic-discoverd/+spec/plugin-architecture
.. _get-status-api blueprint: https://blueprints.launchpad.net/ironic-discoverd/+spec/get-status-api
.. _Kilo state machine blueprint: https://blueprints.launchpad.net/ironic-discoverd/+spec/kilo-state-machine
.. _v1 API reform blueprint: https://blueprints.launchpad.net/ironic-discoverd/+spec/v1-api-reform
0.2 Series
~~~~~~~~~~
0.2 series is designed to work with OpenStack Juno release.
Not supported any more.
0.1 Series
~~~~~~~~~~
First stable release series. Not supported any more.

4
bin/ironic-discoverd-ramdisk

@ -1,4 +0,0 @@
#!/usr/bin/env python
from ironic_discoverd_ramdisk import main
main.main()

4
bin/ironic-inspector-ramdisk

@ -0,0 +1,4 @@
#!/usr/bin/env python
from ironic_inspector_ramdisk import main
main.main()

131
example.conf

@ -1,45 +1,115 @@
[DEFAULT]
#
# From ironic_inspector
#
# IP to listen on. (string value)
# Deprecated group/name - [discoverd]/listen_address
#listen_address = 0.0.0.0
# Port to listen on. (integer value)
# Deprecated group/name - [discoverd]/listen_port
#listen_port = 5050
# Whether to authenticate with Keystone on public HTTP endpoints. Note
# that introspection ramdisk postback endpoint is never authenticated.
# (boolean value)
# Deprecated group/name - [discoverd]/authenticate
#authenticate = true
# SQLite3 database to store nodes under introspection, required. Do
# not use :memory: here, it won't work. (string value)
# Deprecated group/name - [discoverd]/database
#database =
# Debug mode enabled/disabled. (boolean value)
# Deprecated group/name - [discoverd]/debug
#debug = false
[discoverd]
# Timeout after which introspection is considered failed, set to 0 to
# disable. (integer value)
# Deprecated group/name - [discoverd]/timeout
#timeout = 3600
# For how much time (in seconds) to keep status information about
# nodes after introspection was finished for them. Default value is 1
# week. (integer value)
# Deprecated group/name - [discoverd]/node_status_keep_time
#node_status_keep_time = 604800
# Amount of time in seconds, after which repeat clean up of timed out
# nodes and old nodes status information. (integer value)
# Deprecated group/name - [discoverd]/clean_up_period
#clean_up_period = 60
[firewall]
#
# From ironic_discoverd
# From ironic_inspector
#
# Whether to manage firewall rules for PXE port. (boolean value)
# Deprecated group/name - [discoverd]/manage_firewall
#manage_firewall = true
# Interface on which dnsmasq listens, the default is for VM's. (string
# value)
# Deprecated group/name - [discoverd]/dnsmasq_interface
#dnsmasq_interface = br-ctlplane
# Amount of time in seconds, after which repeat periodic update of
# firewall. (integer value)
# Deprecated group/name - [discoverd]/firewall_update_period
#firewall_update_period = 15
# iptables chain name to use. (string value)
#firewall_chain = ironic-inspector
[ironic]
#
# From ironic_inspector
#
# Keystone authentication endpoint. (string value)
# Deprecated group/name - [discoverd]/os_auth_url
#os_auth_url = http://127.0.0.1:5000/v2.0
# User name for accessing Keystone and Ironic API. (string value)
# Deprecated group/name - [discoverd]/os_username
#os_username =
# Password for accessing Keystone and Ironic API. (string value)
# Deprecated group/name - [discoverd]/os_password
#os_password =
# Tenant name for accessing Keystone and Ironic API. (string value)
# Deprecated group/name - [discoverd]/os_tenant_name
#os_tenant_name =
# Keystone admin endpoint. (string value)
# Deprecated group/name - [discoverd]/identity_uri
#identity_uri = http://127.0.0.1:35357
# Number of attempts to do when trying to connect to Ironic on start
# up. (integer value)
# Deprecated group/name - [discoverd]/ironic_retry_attempts
#ironic_retry_attempts = 5
# Amount of time between attempts to connect to Ironic on start up.
# (integer value)
# Deprecated group/name - [discoverd]/ironic_retry_period
#ironic_retry_period = 5
# Whether to manage firewall rules for PXE port. (boolean value)
#manage_firewall = true
# Interface on which dnsmasq listens, the default is for VM's. (string
# value)
#dnsmasq_interface = br-ctlplane
[processing]
# Amount of time in seconds, after which repeat periodic update of
# firewall. (integer value)
#firewall_update_period = 15
#
# From ironic_inspector
#
# Which MAC addresses to add as ports during introspection. Possible
# values: all (all MAC addresses), active (MAC addresses of NIC with
@ -47,6 +117,7 @@
# falls back to "active" if PXE MAC is not supplied by the ramdisk).
# (string value)
# Allowed values: all, active, pxe
# Deprecated group/name - [discoverd]/add_ports
#add_ports = pxe
# Which ports (already present on a node) to keep after introspection.
@ -54,64 +125,36 @@
# which MACs were present in introspection data), added (keep only
# MACs that we added during introspection). (string value)
# Allowed values: all, present, added
# Deprecated group/name - [discoverd]/keep_ports
#keep_ports = all
# Timeout after which introspection is considered failed, set to 0 to
# disable. (integer value)
#timeout = 3600
# For how much time (in seconds) to keep status information about
# nodes after introspection was finished for them. Default value is 1
# week. (integer value)
#node_status_keep_time = 604800
# Amount of time in seconds, after which repeat clean up of timed out
# nodes and old nodes status information. (integer value)
#clean_up_period = 60
# Whether to overwrite existing values in node database. Disable this
# option to make introspection a non-destructive operation. (boolean
# value)
# Deprecated group/name - [discoverd]/overwrite_existing
#overwrite_existing = true
# Whether to enable setting IPMI credentials during introspection.
# This is an experimental and not well tested feature, use at your own
# risk. (boolean value)
# Deprecated group/name - [discoverd]/enable_setting_ipmi_credentials
#enable_setting_ipmi_credentials = false
# IP to listen on. (string value)
#listen_address = 0.0.0.0
# Port to listen on. (integer value)
#listen_port = 5050
# Whether to authenticate with Keystone on public HTTP endpoints. Note
# that introspection ramdisk postback endpoint is never authenticated.
# (boolean value)
#authenticate = true
# SQLite3 database to store nodes under introspection, required. Do
# not use :memory: here, it won't work. (string value)
#database =
# Comma-separated list of enabled hooks for processing pipeline. Hook
# 'scheduler' updates the node with the minimum properties required by
# the Nova scheduler. Hook 'validate_interfaces' ensures that valid
# NIC data was provided by the ramdisk.Do not exclude these two unless
# you really know what you're doing. (string value)
# Deprecated group/name - [discoverd]/processing_hooks
#processing_hooks = ramdisk_error,scheduler,validate_interfaces
# Debug mode enabled/disabled. (boolean value)
#debug = false
# If set, logs from ramdisk will be stored in this directory. (string
# value)
# Deprecated group/name - [discoverd]/ramdisk_logs_dir
#ramdisk_logs_dir = <None>
# Whether to store ramdisk logs even if it did not return an error
# message (dependent upon "ramdisk_logs_dir" option being set).
# (boolean value)
# Deprecated group/name - [discoverd]/always_store_ramdisk_logs
#always_store_ramdisk_logs = false
# DEPRECATED: use add_ports. (boolean value)
#ports_for_inactive_interfaces = false

13
functest/run.py

@ -28,20 +28,23 @@ import unittest
import mock
import requests
from ironic_discoverd import client
from ironic_discoverd import main
from ironic_discoverd.test import base
from ironic_discoverd import utils
from ironic_inspector import client
from ironic_inspector import main
from ironic_inspector.test import base
from ironic_inspector import utils
CONF = """
[discoverd]
[ironic]
os_auth_url = http://url
os_username = user
os_password = password
os_tenant_name = tenant
[firewall]
manage_firewall = False
[processing]
enable_setting_ipmi_credentials = True
[DEFAULT]
database = %(db_file)s
"""

12
ironic-discoverd.8 → ironic-inspector.8

@ -1,15 +1,15 @@
.\" Manpage for ironic-discoverd.
.TH man 8 "08 Oct 2014" "1.0" "ironic-discoverd man page"
.\" Manpage for ironic-inspector.
.TH man 8 "08 Oct 2014" "1.0" "ironic-inspector man page"
.SH NAME
ironic-discoverd \- hardware discovery daemon for OpenStack Ironic.
ironic-inspector \- hardware introspection daemon for OpenStack Ironic.
.SH SYNOPSIS
ironic-discoverd CONFFILE
ironic-inspector CONFFILE
.SH DESCRIPTION
This command starts ironic-discoverd service, which starts and finishes
This command starts ironic-inspector service, which starts and finishes
hardware discovery and maintains firewall rules for nodes accessing PXE
boot service (usually dnsmasq).
.SH OPTIONS
The ironic-discoverd does not take any options. However, you should supply
The ironic-inspector does not take any options. However, you should supply
path to the configuration file.
.SH SEE ALSO
README page located at https://pypi.python.org/pypi/ironic-discoverd

2
ironic_discoverd/__init__.py → ironic_inspector/__init__.py

@ -11,5 +11,5 @@
# See the License for the specific language governing permissions and
# limitations under the License.
__version_info__ = (1, 2, 0)
__version_info__ = (2, 0, 0)
__version__ = '%d.%d.%d' % __version_info__

58
ironic_discoverd/client.py → ironic_inspector/client.py

@ -11,16 +11,11 @@
# See the License for the specific language governing permissions and
# limitations under the License.
from __future__ import print_function
import argparse
import json
from oslo_utils import netutils
import requests
import six
from ironic_discoverd.common.i18n import _
from ironic_inspector.common.i18n import _
_DEFAULT_URL = 'http://' + netutils.get_my_ipv4() + ':5050/v1'
@ -38,7 +33,7 @@ def _prepare(base_url, auth_token):
class ClientError(requests.HTTPError):
"""Error returned from a server."""
def __init__(self, response):
# discoverd returns error message in body
# inspector returns error message in body
msg = response.content.decode(_ERROR_ENCODING)
super(ClientError, self).__init__(msg, response=response)
@ -54,10 +49,10 @@ def introspect(uuid, base_url=None, auth_token=None,
"""Start introspection for a node.
:param uuid: node uuid
:param base_url: *ironic-discoverd* URL in form: http://host:port[/ver],
:param base_url: *ironic-inspector* URL in form: http://host:port[/ver],
defaults to ``http://<current host>:5050/v1``.
:param auth_token: Keystone authentication token.
:param new_ipmi_password: if set, *ironic-discoverd* will update IPMI
:param new_ipmi_password: if set, *ironic-inspector* will update IPMI
password to this value.
:param new_ipmi_username: if new_ipmi_password is set, this values sets
new IPMI user name. Defaults to one in
@ -79,9 +74,9 @@ def introspect(uuid, base_url=None, auth_token=None,
def get_status(uuid, base_url=None, auth_token=None):
"""Get introspection status for a node.
New in ironic-discoverd version 1.0.0.
New in ironic-inspector version 1.0.0.
:param uuid: node uuid.
:param base_url: *ironic-discoverd* URL in form: http://host:port[/ver],
:param base_url: *ironic-inspector* URL in form: http://host:port[/ver],
defaults to ``http://<current host>:5050/v1``.
:param auth_token: Keystone authentication token.
:raises: *requests* library HTTP errors.
@ -94,44 +89,3 @@ def get_status(uuid, base_url=None, auth_token=None):
headers=headers)
ClientError.raise_if_needed(res)
return res.json()
def discover(uuids, base_url=None, auth_token=None):
"""Post node UUID's for discovery.
DEPRECATED. Use introspect instead.
"""
if not all(isinstance(s, six.string_types) for s in uuids):
raise TypeError(_("Expected list of strings for uuids argument, "
"got %s") % uuids)
base_url, headers = _prepare(base_url, auth_token)
headers['Content-Type'] = 'application/json'
res = requests.post(base_url + "/discover",
data=json.dumps(uuids), headers=headers)
ClientError.raise_if_needed(res)
if __name__ == '__main__': # pragma: no cover
parser = argparse.ArgumentParser(description='Discover nodes.')
parser.add_argument('cmd', metavar='cmd',
choices=['introspect', 'get_status'],
help='command: introspect or get_status.')
parser.add_argument('uuid', metavar='UUID', type=str,
help='node UUID.')
parser.add_argument('--base-url', dest='base_url', action='store',
default=_DEFAULT_URL,
help='base URL, default to localhost.')
parser.add_argument('--auth-token', dest='auth_token', action='store',
default='',
help='Keystone token.')
args = parser.parse_args()
func = globals()[args.cmd]
try:
res = func(uuid=args.uuid, base_url=args.base_url,
auth_token=args.auth_token)
except Exception as exc:
print('Error:', exc)
else:
if res:
print(json.dumps(res))

0
ironic_discoverd/common/__init__.py → ironic_inspector/common/__init__.py

2
ironic_discoverd/common/i18n.py → ironic_inspector/common/i18n.py

@ -15,7 +15,7 @@
import oslo_i18n
_translators = oslo_i18n.TranslatorFactory(domain='ironic-discoverd')
_translators = oslo_i18n.TranslatorFactory(domain='ironic-inspector')
# The primary translation function using the well-known name "_"
_ = _translators.primary

151
ironic_discoverd/conf.py → ironic_inspector/conf.py

@ -17,42 +17,64 @@ from oslo_config import cfg
VALID_ADD_PORTS_VALUES = ('all', 'active', 'pxe')
VALID_KEEP_PORTS_VALUES = ('all', 'present', 'added')
SERVICE_OPTS = [
IRONIC_OPTS = [
cfg.StrOpt('os_auth_url',
default='http://127.0.0.1:5000/v2.0',
help='Keystone authentication endpoint.'),
help='Keystone authentication endpoint.',
deprecated_group='discoverd'),
cfg.StrOpt('os_username',
default='',
help='User name for accessing Keystone and Ironic API.'),
help='User name for accessing Keystone and Ironic API.',
deprecated_group='discoverd'),
cfg.StrOpt('os_password',
default='',
help='Password for accessing Keystone and Ironic API.',
secret=True),
secret=True,
deprecated_group='discoverd'),
cfg.StrOpt('os_tenant_name',
default='',
help='Tenant name for accessing Keystone and Ironic API.'),
help='Tenant name for accessing Keystone and Ironic API.',
deprecated_group='discoverd'),
cfg.StrOpt('identity_uri',
default='http://127.0.0.1:35357',
help='Keystone admin endpoint.'),
help='Keystone admin endpoint.',
deprecated_group='discoverd'),
cfg.IntOpt('ironic_retry_attempts',
default=5,
help='Number of attempts to do when trying to connect to '
'Ironic on start up.'),
'Ironic on start up.',
deprecated_group='discoverd'),
cfg.IntOpt('ironic_retry_period',
default=5,
help='Amount of time between attempts to connect to Ironic '
'on start up.'),
'on start up.',
deprecated_group='discoverd'),
]
FIREWALL_OPTS = [
cfg.BoolOpt('manage_firewall',
default=True,
help='Whether to manage firewall rules for PXE port.'),
help='Whether to manage firewall rules for PXE port.',
deprecated_group='discoverd'),
cfg.StrOpt('dnsmasq_interface',
default='br-ctlplane',
help='Interface on which dnsmasq listens, the default is for '
'VM\'s.'),
'VM\'s.',
deprecated_group='discoverd'),
cfg.IntOpt('firewall_update_period',
default=15,
help='Amount of time in seconds, after which repeat periodic '
'update of firewall.'),
'update of firewall.',
deprecated_group='discoverd'),
cfg.StrOpt('firewall_chain',
default='ironic-inspector',
help='iptables chain name to use.'),
]
PROCESSING_OPTS = [
cfg.StrOpt('add_ports',
default='pxe',
help='Which MAC addresses to add as ports during '
@ -61,7 +83,8 @@ SERVICE_OPTS = [
'addresses), pxe (only MAC address of NIC node PXE booted '
'from, falls back to "active" if PXE MAC is not supplied '
'by the ramdisk).',
choices=VALID_ADD_PORTS_VALUES),
choices=VALID_ADD_PORTS_VALUES,
deprecated_group='discoverd'),
cfg.StrOpt('keep_ports',
default='all',
help='Which ports (already present on a node) to keep after '
@ -69,45 +92,20 @@ SERVICE_OPTS = [
'all (do not delete anything), present (keep ports which MACs '
'were present in introspection data), added (keep only MACs '
'that we added during introspection).',
choices=VALID_KEEP_PORTS_VALUES),
cfg.IntOpt('timeout',
default=3600,
help='Timeout after which introspection is considered failed, '
'set to 0 to disable.'),
cfg.IntOpt('node_status_keep_time',
default=604800,
help='For how much time (in seconds) to keep status '
'information about nodes after introspection was '
'finished for them. Default value is 1 week.'),
cfg.IntOpt('clean_up_period',
default=60,
help='Amount of time in seconds, after which repeat clean up '
'of timed out nodes and old nodes status information.'),
choices=VALID_KEEP_PORTS_VALUES,
deprecated_group='discoverd'),
cfg.BoolOpt('overwrite_existing',
default=True,
help='Whether to overwrite existing values in node database. '
'Disable this option to make introspection a '
'non-destructive operation.'),
'non-destructive operation.',
deprecated_group='discoverd'),
cfg.BoolOpt('enable_setting_ipmi_credentials',
default=False,
help='Whether to enable setting IPMI credentials during '
'introspection. This is an experimental and not well '
'tested feature, use at your own risk.'),
cfg.StrOpt('listen_address',
default='0.0.0.0',
help='IP to listen on.'),
cfg.IntOpt('listen_port',
default=5050,
help='Port to listen on.'),
cfg.BoolOpt('authenticate',
default=True,
help='Whether to authenticate with Keystone on public HTTP '
'endpoints. Note that introspection ramdisk postback '
'endpoint is never authenticated.'),
cfg.StrOpt('database',
default='',
help='SQLite3 database to store nodes under introspection, '
'required. Do not use :memory: here, it won\'t work.'),
'tested feature, use at your own risk.',
deprecated_group='discoverd'),
cfg.StrOpt('processing_hooks',
default='ramdisk_error,scheduler,validate_interfaces',
help='Comma-separated list of enabled hooks for processing '
@ -116,27 +114,74 @@ SERVICE_OPTS = [
'Hook \'validate_interfaces\' ensures that valid NIC '
'data was provided by the ramdisk.'
'Do not exclude these two unless you really know what '
'you\'re doing.'),
cfg.BoolOpt('debug',
default=False,
help='Debug mode enabled/disabled.'),
'you\'re doing.',
deprecated_group='discoverd'),
cfg.StrOpt('ramdisk_logs_dir',
help='If set, logs from ramdisk will be stored in this '
'directory.'),
'directory.',
deprecated_group='discoverd'),
cfg.BoolOpt('always_store_ramdisk_logs',
default=False,
help='Whether to store ramdisk logs even if it did not return '
'an error message (dependent upon "ramdisk_logs_dir" option '
'being set).'),
cfg.BoolOpt('ports_for_inactive_interfaces',
'being set).',
deprecated_group='discoverd'),
]
SERVICE_OPTS = [
cfg.StrOpt('listen_address',
default='0.0.0.0',
help='IP to listen on.',
deprecated_group='discoverd'),
cfg.IntOpt('listen_port',
default=5050,
help='Port to listen on.',
deprecated_group='discoverd'),
cfg.BoolOpt('authenticate',
default=True,
help='Whether to authenticate with Keystone on public HTTP '
'endpoints. Note that introspection ramdisk postback '
'endpoint is never authenticated.',
deprecated_group='discoverd'),
cfg.StrOpt('database',
default='',
help='SQLite3 database to store nodes under introspection, '
'required. Do not use :memory: here, it won\'t work.',
deprecated_group='discoverd'),
cfg.BoolOpt('debug',
default=False,
help='DEPRECATED: use add_ports.'),
help='Debug mode enabled/disabled.',
deprecated_group='discoverd'),
cfg.IntOpt('timeout',
default=3600,
help='Timeout after which introspection is considered failed, '
'set to 0 to disable.',
deprecated_group='discoverd'),
cfg.IntOpt('node_status_keep_time',
default=604800,
help='For how much time (in seconds) to keep status '
'information about nodes after introspection was '
'finished for them. Default value is 1 week.',
deprecated_group='discoverd'),
cfg.IntOpt('clean_up_period',
default=60,
help='Amount of time in seconds, after which repeat clean up '
'of timed out nodes and old nodes status information.',
deprecated_group='discoverd'),
]
cfg.CONF.register_opts(SERVICE_OPTS, group='discoverd')
cfg.CONF.register_opts(SERVICE_OPTS)
cfg.CONF.register_opts(FIREWALL_OPTS, group='firewall')
cfg.CONF.register_opts(PROCESSING_OPTS, group='processing')
cfg.CONF.register_opts(IRONIC_OPTS, group='ironic')
def list_opts():
return [
('discoverd', SERVICE_OPTS)
('', SERVICE_OPTS),
('firewall', FIREWALL_OPTS),
('ironic', IRONIC_OPTS),
('processing', PROCESSING_OPTS),
]

27
ironic_discoverd/firewall.py → ironic_inspector/firewall.py

@ -17,17 +17,17 @@ import subprocess
from eventlet import semaphore
from oslo_config import cfg
from ironic_discoverd.common.i18n import _LE
from ironic_discoverd import node_cache
from ironic_discoverd import utils
from ironic_inspector.common.i18n import _LE
from ironic_inspector import node_cache
from ironic_inspector import utils
LOG = logging.getLogger("ironic_discoverd.firewall")
NEW_CHAIN = 'discovery_temp'
CHAIN = 'discovery'
CONF = cfg.CONF
LOG = logging.getLogger("ironic_inspector.firewall")
NEW_CHAIN = None
CHAIN = None
INTERFACE = None
LOCK = semaphore.BoundedSemaphore()
CONF = cfg.CONF
def _iptables(*args, **kwargs):
@ -51,11 +51,14 @@ def init():
Must be called one on start-up.
"""
if not CONF.discoverd.manage_firewall:
if not CONF.firewall.manage_firewall:
return
global INTERFACE
INTERFACE = CONF.discoverd.dnsmasq_interface
global INTERFACE, CHAIN, NEW_CHAIN
INTERFACE = CONF.firewall.dnsmasq_interface
CHAIN = CONF.firewall.firewall_chain
NEW_CHAIN = CHAIN + '_temp'
_clean_up(CHAIN)
# Not really needed, but helps to validate that we have access to iptables
_iptables('-N', CHAIN)
@ -71,7 +74,7 @@ def _clean_up(chain):
def clean_up():
"""Clean up everything before exiting."""
if not CONF.discoverd.manage_firewall:
if not CONF.firewall.manage_firewall:
return
_clean_up(CHAIN)
@ -96,7 +99,7 @@ def update_filters(ironic=None):
:param ironic: Ironic client instance, optional.
"""
if not CONF.discoverd.manage_firewall:
if not CONF.firewall.manage_firewall:
return
assert INTERFACE is not None

17
ironic_discoverd/introspect.py → ironic_inspector/introspect.py

@ -20,21 +20,21 @@ import eventlet
from ironicclient import exceptions
from oslo_config import cfg
from ironic_discoverd.common.i18n import _, _LI, _LW
from ironic_discoverd import firewall
from ironic_discoverd import node_cache
from ironic_discoverd import utils
from ironic_inspector.common.i18n import _, _LI, _LW
from ironic_inspector import firewall
from ironic_inspector import node_cache
from ironic_inspector import utils
CONF = cfg.CONF
LOG = logging.getLogger("ironic_discoverd.introspect")
LOG = logging.getLogger("ironic_inspector.introspect")
PASSWORD_ACCEPTED_CHARS = set(string.ascii_letters + string.digits)
PASSWORD_MAX_LENGTH = 20 # IPMI v2.0
def _validate_ipmi_credentials(node, new_ipmi_credentials):
if not CONF.discoverd.enable_setting_ipmi_credentials:
if not CONF.processing.enable_setting_ipmi_credentials:
raise utils.Error(
_('IPMI credentials setup is disabled in configuration'))
@ -113,9 +113,6 @@ def introspect(uuid, new_ipmi_credentials=None):
def _background_introspect(ironic, cached_node):
patch = [{'op': 'add', 'path': '/extra/on_discovery', 'value': 'true'}]
utils.retry_on_conflict(ironic.node.update, cached_node.uuid, patch)
# TODO(dtantsur): pagination
macs = [p.address for p in ironic.node.list_ports(cached_node.uuid,
limit=0)]
@ -147,4 +144,4 @@ def _background_introspect(ironic, cached_node):
LOG.info(_LI('Introspection environment is ready for node %(node)s, '
'manual power on is required within %(timeout)d seconds') %
{'node': cached_node.uuid,
'timeout': CONF.discoverd.timeout})
'timeout': CONF.timeout})

57
ironic_discoverd/main.py → ironic_inspector/main.py

@ -23,21 +23,21 @@ import flask
from oslo_config import cfg
from oslo_utils import uuidutils