Glean mounts the configdrive and does not unmount it afterwards.
If a mount point already exists, just use it.
Change-Id: Ia62279afbb9fd9770864942dc40629b69ae8f4ae
For ramdisk TLS (and other potential future enhancements) we need
to be able to inject configuration and certificates into the ramdisk.
Since we cannot pass files through kernel parameters, we need to
put them on the generated ISO or (in the future) config drive.
This change detects IPA configuration and copies it into the ramdisk
early enough for any configuration files to get picked.
Changed /dev/disk/by-label to blkid since the former may not exist
on all ramdisks (e.g. tinyIPA).
Change-Id: Ic64d7842a59795bbf02f194221dedc07c6b56e8c
We log them as completed when they start executing.
Also fix a problem in remove_large_keys that prevented items
with defaultdict from being logged.
Change-Id: I34a06cc85f55c693416f8c4c9877d55d6affafc9
DIB builds instance images with EFI partitions that only have the boot
flag, but not esp. According to parted documentation, boot is an alias
for esp on GPT, so accept it as well.
To avoid complexities when parsing parted output, the implementation
is switched to existing utils and ironic-lib functions.
Change-Id: I5f57535e5a89528c38d0879177b59db6c0f5c06e
Story: #2007455
Task: #39423
The proposed changes concern two steps:
First, when creating the RAID configuration, have a GPT partition
table type (this is not necessary, but more natural with UEFI).
Also, leave some space, either for the EFI partitions or the BIOS
boot partitions, outside the Software RAID.
Secondly, when installing the bootloader, make sure the correct
boot partitions are created or relocated.
Change-Id: Icf0a76b0de89e7a8494363ec91b2f1afda4faa3b
Story: #2006379
Task: #37635
Attempt to sync the clock and save it to the hardware clock.
This feature supports use of chrony or ntpdate.
Sem-Ver: feature
Change-Id: I178d7614429d582e742d9cba6d0fa3ae099775e3
Story: 1619054
Task: 11591
This patch changes the workflow for whole disk images when using uefi.
If we can identify the bootloader and it's valid we can update using
efibootmgr since grub2-install have problems specially on secure boot
mode.
We also updated the regex to search for the uefi partition on the disk,
since in some cases the parted command output can be without the FS
for the partition with esp Flag.
Change-Id: I7167e71e5d2352a045565289b200e5530d0ba11d
Story: #2006847
Task: #37435
This patch adds a function that will be responsible to identify
the efi partition on a give device, this is necessary on the Software
Raid scenario and when installing bootloader.
Change-Id: I5f326db2d37b2a15090ec84e477e63f7d92e7447
Co-Authored-By: Raphael Glon <raphael.glon@corp.ovh.com>
Since we've dropped support for Python 2.7, it's time to look at
the bright future that Python 3.x will bring and stop forcing
compatibility with older versions.
This patch removes the six library from requirements, not
looking back.
Change-Id: I4795417aa649be75ba7162a8cf30eacbb88c7b5e
The lshw output is huge even on virtual machines, and it pollutes
the debug logging. This change silences it. Instead, the lshw output
is collected as part of the ramdisk logs.
Depends-On: https://review.opendev.org/#/c/665635/
Change-Id: I6a3015b2d8d09f6f48b5cbd39dc84bd75b72f909
As some BIOSes try to boot only from the "first" disk, Ironic
should order potential disks not only by size, but also by name.
This patch proposes to add secondary sorting by device name when
identifying the root disk.
Change-Id: I4017c839eeb9d00d2b4ad5b90e4e9b65b74296c7
Story: #2004976
Task: #29434
Even though it was working opening the file in 'read' mode, it really
should be opened in 'write' mode, since we are redirecting the output
to the file.
Interestingly it does fail in 'read' mode if the command is:
echo something
But passes in 'write' mode.
Change-Id: Ic67091881e0be377e527b78d270ab48962881ae0
Make sure that logs are encoded as text (not byte strings) in
python3 to allow theirs serialization in JSON.
Closes-Bug: #1668533
Change-Id: I3d0d87ca766146457d905f89c26331a415bd54f8
This patch adds standard SSL options to IPA config and makes use of them
when making HTTP requests.
For now, a single set of certificates is used when needed.
In the future configuration can be expanded to allow per-service
certificates.
Besides, the 'insecure' option (defaults to False) can be overridden
through kernel command line parameter 'ipa-insecure'.
This will allow running IPA in CI-like environments with self-signed SSL
certificates.
Change-Id: I259d9b3caa9ba1dc3d7382f375b8e086a5348d80
Closes-Bug: #1642515
This patch replaces python standard base64 library call to
oslo_serialization.base64 to follow OpenStack Python3 porting
standard [1].
Use base64 encoding takes 8-bit binary byte data and encodes it. On
Python3, A string is a sequence of Unicode characters thus base64 has
no idea what to do with Unicode data, it's not 8-bit[2]. We use
oslo_serialization.base64 for both python2 and python3.
[1] https://wiki.openstack.org/wiki/Python3
[2] http://stackoverflow.com/questions/8908287/base64-encoding-in-python-3
Change-Id: I1dafe878a71f37d223eaf58ea8e2e8c6b4422a14
This patch set updated two wrong words:
+ In error.py file, it should be changed from "messsage" to "message"
+ In utils.py file, it should be changed from "containg" to "contaning"
Change-Id: I5ad121ec58ccc6e5f3cc499eca50d16e691f217e
This patch is replacing the "-ax" options of the ps command when
collecting the logs to "au". The "-x" option is not supported by the
BusyBox in the TinyIPA ramdisk.
Closes-Bug: #1599839
Change-Id: Id0c86db6aa16c63550890e1cd488994025f5dd68
The log extension is responsible for retrieving logs from the system,
if journalctl is present the logs will come from it, otherwise we
fallback to getting the logs from the /var/log directory + dmesg logs.
In the coreos ramdisk, we need to bind mount /run/log in the container
so the IPA service can have access to the journal.
For the tinyIPA ramdisk, the logs from IPA are now being redirected to
/var/logs/ironic-python-agent.log instead of only going to the default
stdout.
Inspector now shares the same method of collecting logs, extending its
capabilities for non-systemd systems.
Partial-Bug: #1587143
Change-Id: Ie507e2e5c58cffa255bbfb2fa5ffb95cb98ed8c4
Every other Ironic python agent kernel parameter is prefixed with "ipa-".
This patch allows users to use the old "lldp-timeout" parameter or the new
"ipa-lldp-timeout" parameter. Warning message is logged if "lldp-timeout"
parameter is used.
(Also fixed typo while I'm at it.)
Change-Id: Icc05ead31506628e4926be6549916a19cad48db3
Closes-Bug: #1588325
utils.SUPPORTED_ROOT_DEVICE_HINTS is no longer being used so
delete it. (The method that used it was removed in
33535cd572b90a817b9c96b42a0d2fe54751351d).
Change-Id: Ibb675d4496d7814778f3bab9c161734013479116
In order to support a more complex syntax for root device hints (e.g
operators: greater than, less than, in, etc...) we need to stop relying
on the kernel command line for passing the root device hints. This patch
changes this approach by getting the root device hints from a cached
node object that was set in the hardware module.
Two new functions: "cache_node" and "get_cached_node" were added to the
hardware module. The idea is to facilitate the access to a node object
representation from the hardware extension methods without changing
method signatures, which would break compatibility with out-of-tree
hardware managers.
Note that the new "get_cached_node" is just a guard function to
facilitate the tests for the code.
The function parse_root_device_hints() and its tests were removed since
it's not used/needed anymore.
Partial-Bug: #1561137
Change-Id: I830fe7da1a59b46e348213b6f451c2ee55f6008c
Logging the whole journalctl output is not the best idea. Fortunately,
it does not work right now and fails with a traceback :)
This change adds a new log_stdout argument to utils.execute() and uses it in
the "logs" inspection collector.
Also do not log the logs while logging the collected data.
Change-Id: Ibc726ac2c4f5eb06c73ac4765bb400077b84a6cc
This patch enables virtual media deploy even if the expected virtual
floppy device name "/dev/disk/by-label/ir-vfd-dev" is capitalized to
"/dev/disk/by-label/IR-VFD-DEV".
This change is necessary because some bare metal hardware such as
FUJITSU RX1330 series create the capitalized virtual floppy device
name.
Change-Id: I436b3f9524a83814e082f8dd421df3e53b33f792
Closes-Bug: #1541167
This patch adds a missing param docstring into the normalize function
in util.py.
Change-Id: I91ecc0970fc386163657ab521d8cdd898694a426
Partial-bug: 1367915
Previous some of these methods were not well documented. Hopefully they
now are.
Change-Id: If73987a2dd234b71a1c2af9b764becc34aee4496
Partial-bug: 1367915
Bring ironic-python-agent in line with the other ironic projects.
Stop ignoring all E12* errors except E129
Stop ignoring E711
Change-Id: Icb9bc198473d1b5e807c20869eb2af7f4d7ac360
Adds a new module ironic_python_agent.inspector and new entry point
for extensions, which will allow vendor-specific inspection.
Inspection is run on service start up just before the lookup.
Due to this early start, and due to the fact we don't even know
MAC address of nodes on inspection (to say nothing about IP addresses),
exception handling is a bit different from other agent features:
we try hard not to error out until we send at least something to inspector.
Change-Id: I00932463d41819fd0a050782e2c88eddf6fc08c6
ordereddict, and a related workaround method, were removed as we no
longer support python 2.6. Collections contains ordereddict on newer
python versions.
Change-Id: I48cc55a5c56fbc1f71442fc858eb4905f0213988
* Added NetworkInterface.ip4_address
* Added HardwareManager.get_bmc_address()
* Added Memory.physical_mb
This is total memory as reported by dmidecode, and yes,
it's different from total, as it includes kernel reserved space.
* Added CPU.architecture
As a side effect, get_cpus was switched to lscpu.
Also fixes problem when get_cpus reported the current frequency
instead of maximum one.
Change-Id: I4080d4d551eb0bb995a94ef9a300351910c09fb9
This patch add Python 3 support for IPA. We still need to enable it on
gate to avoid code breaking the support from sneaking in.
Partial-Bug: #1474896
Depends-On: I5a774eaa8d978f4d50faca4dc1b03a87fb194ce2
Change-Id: If47c0797b63d2914b3c47aba62ec5201301b6c33
This does a few things:
* Update hacking to the version in global-requirements. Old hacking was
installing a version of pbr that was breaking other packages.
* Fix all the hacking/pep8 rules that updating hacking raised.
* Do some general docstring cleanup, while already in there cleaning up
a bunch of docstrings due to H405 violations.
Change-Id: I1fc1e59d4c3d7b14631f8b576e3f3854bc452188
Closes-Bug: #1461717
When using virtual media, restarting ironic-python-agent
leads to errors like 'File exists'. This is because
we use static directory (/vmedia_mnt) as mount path
and we don't remove it. It's better to use mkdtemp to create
a temporary directory for mounting virtual media
device.
Change-Id: Ibb4c3d3a2024cf51ef198bd396fb9e86ad72a320
When parameters are passed to agent through virtual
media, the device might be connected only for a short
while (dur to swift temp-url expiration, ironic removing
the floppy image, etc). This change will enable agent
to cache the parameters and use it for any time later on.
After caching, the agent parameters need not be re-read
from /proc/cmdline or from the virtual media device.
Implements: blueprint ipa-as-default-ramdisk
Change-Id: Ia8c7020c91c987ec884c5640421f0583dbf1c3d9
This patch add support for root device hints on IPA. Instead of picking
the first disk >= 4G, if the hints are specified IPA will look at it
to decide which device it should pick for the deployment. The initial
patch supports the following hints: Size, model, WWN, serial, vendor.
Implements: blueprint ipa-as-default-ramdisk
Implements: blueprint root-device-hints
Change-Id: I2b00b3fb3b61001033750dd8951f9353d6f2e361
This commit changes agent deploy ramdisk to find out
the virtual media device by using labels instead of
looking at the model of block device. This helps in
finding out the device irrespective of the hardware.
Corresponding Ironic change is
If5b78d9af7048f2631d050ee5ce01ab7a67e2354.
Closes-Bug: 1429340
Change-Id: Ib6cc226dc4fb341d913f707737493c31a3f77152
The function _get_agent_params() parse the parameters passed to the agent
via kernel cmdline or vmedia. Other parts of the code needs to access
these parameters as well, so this patch is moving _get_agent_params()
and the related functions to a common place (utils.py).
Change-Id: I860f84d1d13511fff56d4aa56358ee597a9760d5
