This fetches the latest CoreOS stable version and builds the image using
that version.
Co-Authored-By: Arun S A G <sagarun@gmail.com>
Depends-On: Idfdc54210e33c71719c7fd0c905d0b802809e173
Depends-On: I6a572bdd791841add913d33c5b79b59033c3f237
Change-Id: I7201450b21304fa29f22437c05da9e04daa4b9f8
systemd-nspawn has been adding more and more security features, the
latest being /sys and /proc/sys being completely read only. This breaks
several things IPA needs to do from the container, including the sysrq
triggers used for reboot.
Additionally, any downstream hardware manager that wants to implement
software RAID requires this fix, as mdadm needs to write to /sys to
assemble arrays. Linux-IO has a similar issue with not operating in
a read only /sys environment.
This changes IPA to run in a chroot instead of a container. This should
be the same from the perspective of IPA, but have no security rules
limiting what we can do inside the ramdisk.
Co-Authored-By: Alex Weeks <alex.weeks@gmail.com>
Change-Id: I6a572bdd791841add913d33c5b79b59033c3f237
Closes-bug: 1524033
Somehow it didn't pop earlier. Updated tests to contain some creepy
russian letters :)
Closes-Bug: #1517913
Change-Id: I4c6712ea1e813d1f0f0d0aedaccfa1187526e0ec
Now pyudev raises DeviceNotFoundByFileError which does not inherit
from EnvironmentError, so our 'except' block in hardware.py no longer
catch the exception. It broke unit tests, but it can also potentially
break the deploy.
This patch updates hardware.py to catch both old a new exceptions.
Change-Id: Iaefd6089f6f766a241054d8e132b2f3098c8130d
Closes-Bug: #1522756
The iSCSI extension now tries to use Linux-IO first (via rtslib)
and falls back to tgtd if Linux-IO can't be used (e.g. in the CoreOS-based
image which uses containers).
Change-Id: I9cc7a30d9c93c445a66d183146e9260c2b096d33
Closes-Bug: #1504562
This patch adds support for streaming a raw image directly onto the disk,
that means no more time spent writing the image to a tmpfs partition prior
to copying it to the disk. Checksum computation is also done as the image
is being streamed. Streaming raw images is disabled by default, however
this behavior can be enabled by passing a key called "stream_raw_images"
with the value of True to the prepare_image() command of IPA.
For non-raw images this may not be possible, not sure about all image
file formats, but common types such as qcow2 requires random access to
the image file in order to be converted to raw.
Closes-Bug: #1505685
Change-Id: Iddf67907bc9b54bbd3065a97064cb5a3602cfe18
Prior to this patch downloading and computing the checksum of the image
were done in different stages, after the download the file would need
to be re-read and the checksum was computed. This patch is changing it
by creating a ImageDownload class which computes the checksum at the same
time the image is being downloaded, this saves time and also make the
code more portable.
Related-Bug: #1505685
Change-Id: I71f9f2bd9a62a6a6cc474d0ae519591cea6381d6
This patch is a follow up patch fixing some nits left by the review
da9c3b0adc67efa916fc534d975823c0a45948a1, this patch adds the
wwn_with_extension and wwn_vendor_extension root device hints to the
"serializable_fields" list attribute of the BlockDevice class and fixes
some tests.
Change-Id: I6039be535988319276f9ac355c80997d34328ce8
Currently there is a problem on partition creation for MBR
case. If disk exceeds 2TB, partition creation fails because
we are hitting max msdos limit. Detect total disk size, and if
it exceeds that limit, create the partition at the end of legal
limits.
Fixes-Bug: #1517077
Change-Id: I11dd3f11eaa6af764151b442768d10289ced6d3f
This change adds proxies parameter to requests.get method when
downloading images, and also sets no_proxy environment variable,
as requests does not support such parameter directly.
Implements: blueprint agent-image-proxy
Change-Id: I000ff9d0d4f5bde4766d085dc5a1c6cea1949bc5
This patch is extending the root device hints to also look at
ID_WWN_WITH_EXTENSION and ID_WWN_VENDOR_EXTENSION from udev.
Prior to this patch the IPA ramdisk only cared about ID_WWN but in some
systems in some platforms with a RAID controller, this ID can be same
even if they are different disks (see bug 1516641).
Closes-Bug: #1516641
Change-Id: Ic3e9a1111dfcc99702190c173562a0dccf5f94c4
This patch fixes the ReST doc so that generated HTML file can keep
double dashes of command line option by enclosing the option in double
back quote such as ``--standalone`` and ``--debug``.
Change-Id: Icf25ff8ddfb7c04d82d6e63885cad0ec62e86cba
We are using oslo.log now, but some of the modules still use logging.
We should use oslo.log to keep consistency, besides, oslo.log can
provide fine wrapper for OpenStack projects.
Change-Id: Ibe57e503b88b39e284a9e4b11a1886cd4e8d4ccf
The ISCSIError class defines a class-level message attribute with
value: "Error starting iSCSI target". This attribute is further
processed in RESTError.__init__ method, the ISCSIError super-class, to
create an Exception message concatenating self.message with provided
details argument. However, the ISCISError.__init__ method provides a
details attribute prefixed with the same text to the super(ISCSIError,
self).__init__ method. As a result, the text appears twice:
"ISCSIError: Error starting iSCSI target: Error starting iSCSI target:
ISCSI daemon didn't initialize. Failed with exit code 107. stdout: .
stderr: tgtadm: failed to send request hdr to tgt daemon, Transport
endpoint is not connected"
The patch purpose is to remove the details prefix to avoid duplicate
text in the exception text while honouring ISCSIError.message.
Change-Id: I9e1434ae17da5112527a841ac069ed2285566cca
The intention of the iscsi extension _wait_for_iscsi_daemon function
is to wait till the tgtd process boots completely before running any
iscsi commands through the tgtadm command line utility. The tgtd
process utilises a unix socket for communication with the user and the
_wait_for_iscsi_daemon function asserts the tgtd process status based
on the socket presence. The socket name/path to use is not specified
by iscsi extension configuration but rather falls-back to a
(system-wide) default value[1]. Since tgtd version 1.0.60, this path
changed from /var/run/tgtd.ipc_abstract_namespace to
/var/run/tgtd/socket[2] and now causes a false-negative while waiting
for the tgtd process to boot[3].
This patch follows implementation suggestion from the bug report[3] to
avoid relying on the socket presence but rather to check the tgtd
status by trying to communicate through the tgtadm tool.
[1] https://github.com/openstack/ironic-python-agent/blob/
5bbb9ded082f2cfde5e8877e9f33294eb93a5fb7/
ironic_python_agent/extensions/iscsi.py#L47 [2]
https://github.com/fujita/tgt/commit/
d1aa4dcfd691c9409dbad5db49ce6754ce9c1b5a
[3] https://bugs.launchpad.net/ironic-python-agent/+bug/1505923
Closes-Bug: #1505923
Change-Id: If3284e0b441fe6c2da507640c08a4bbefd9dad2b
This patch adds a missing param docstring into the normalize function
in util.py.
Change-Id: I91ecc0970fc386163657ab521d8cdd898694a426
Partial-bug: 1367915
