This patch adds standard SSL options to IPA config and makes use of them
when making HTTP requests.
For now, a single set of certificates is used when needed.
In the future configuration can be expanded to allow per-service
certificates.
Besides, the 'insecure' option (defaults to False) can be overridden
through kernel command line parameter 'ipa-insecure'.
This will allow running IPA in CI-like environments with self-signed SSL
certificates.
Change-Id: I259d9b3caa9ba1dc3d7382f375b8e086a5348d80
Closes-Bug: #1642515
Add regex validation of api_url specified in configuration file.
Oslo config will raise exception if no supported protocol prefix
is included in Ironic api address in configuration file.
Supported protocols are http and https.
Closes-Bug: #1630785
Change-Id: I437b4ea0a2995921ddede03bc670087fdbbc8b83
The old generate_sample.sh is broken already as it refers to
non-existing openstack/common path.
Let's use oslo-config-generator as many other OpenStack projects do.
Also, where applicable, option descriptions are updated with the
corresponding kernel parameters to set those options durig pxe boot.
Change-Id: Id4a0df30ea573d52f3b359f357fe8f4a29751939
Currently, if IPA is booted without an ironic api url, it will default
to localhost and fail to connect. Instead, we now explicitly fail and
print a log message if no api callback url is provided.
Change-Id: I0271be94ba7febc6abd5bf3343f6fa179bc1a6a4
Closes-Bug: #1643966
Lookup/Heartbeat via vendor passthru was deprecated in Newton.
This patch removes the corresponding functionality from IPA,
and also removes handling of 'ipa-driver-name' kernel parameter,
as it was only used in code related to old passthru.
Change-Id: I2c7989063ab3e4c0bae33f05d6d2ed857a2d9944
Closes-Bug: #1640533
To support multi-tenant networking in Ironic we need to be able to
discover not just the NICs a baremetal machine has but also the physical
connectivity to switches in the network.
This patch collects LLDP (Link Layer Discovery Protocol) data as part of
the list interfaces stage of the generic hardware manager. This
information can then be processed by the ironic inspector to populate
the local link information on each ironic port.
The processing done on this data in ironic python agent is limited, this
is to allow for server side processing hooks to process as much or as
little of the data as they want. This is to allow for multi-vendor
environments that might use different parts of the LLDP packet to use a
generic ramdisk and configure the processing server side using inspector
plugins.
Reserved fields switch_port_descr and switch_chassis_descr have been
deprecated for removal in Ocata in favor of passing the whole packet.
Change-Id: Idae9b1ede1797029da1bd521501b121957ca1f1a
Partial-Bug: #1526403
https://review.openstack.org/#/c/320295/ introduced two internal
variables: _DISK_WAIT_ATTEMPTS and _DISK_WAIT_DELAY. These values are
hardcoded. This patch adds configuration options for these so
that an operator can change them based on their own needs/fleet of
hardware.
Change-Id: I2ba97669ec710fb4a435307466cd8add9c2293ba
Closes-Bug: #1585663
Every other Ironic python agent kernel parameter is prefixed with "ipa-".
This patch allows users to use the old "lldp-timeout" parameter or the new
"ipa-lldp-timeout" parameter. Warning message is logged if "lldp-timeout"
parameter is used.
(Also fixed typo while I'm at it.)
Change-Id: Icc05ead31506628e4926be6549916a19cad48db3
Closes-Bug: #1588325
This patch moves the IPA oslo configs out of the agent cmd into their
own module so that it is safe to import them from other places in the
application without causing circular imports.
Change-Id: I100792bd0d1f369763afaa6f93e144e9967c3048
