Commit Graph

1084 Commits

Author SHA1 Message Date
Dmitry Tantsur
3e05a03f7c Deprecate LLDP in inventory in favour of a new collector
Binary LLDP data is bloating inventory causing us to disable its collection
by default. For other similar low-level information, such as PCI devices
or DMI data, we already use inspection collectors instead. Now that the
inventory format is shared with out-of-band inspection, having LLDP
there makes even less sense.

This change adds a new collector ``lldp`` to replace the now-deprecated
inventory field.

Change-Id: I56be06a7d1db28407e1128c198c12bea0809d3a3
2023-04-26 19:33:51 +00:00
Dmitry Tantsur
0304c73c0e Report system firmware information in the inventory
Change-Id: I5b6ceb9cdcf4baa97a6f0482d1030d14f3f2ecff
2023-03-31 14:28:32 +02:00
Arne Wiebalck
b32f6c6d94 [Trivial] Fix typo in efi_utils
Change-Id: I692e045e6bc8683038a2e85a6a132687d2b30f18
2023-03-15 14:25:42 +01:00
Zuul
088610844a Merge "update NVIDIA NIC firmware images and settings by ironic-python-agent" 2023-01-31 19:35:53 +00:00
Dmitry Tantsur
c26f498f49 Make logs collection a hardware manager call
This allows hardware managers to collect additional logs.

Change-Id: If082b921d4bf71c4cc41a5a72db6995b08637374
2023-01-25 15:17:06 +01:00
waleed mousa
2c7f95e3ac update NVIDIA NIC firmware images and settings by ironic-python-agent
Add "update_nvidia_nic_firmware_image" and "update_nvidia_nic_firmware_settings"
clean steps to MellanoxDeviceHardwareManager.

By adding those two steps, we can update the firmware image and
firmware settings of NVIDIA NICs by ironic-python-agent using
manual cleaning command
The clean steps require mstflint package installed on the image.
The "update_nvidia_nic_firmware_image" clean step requires to pass
"images" parameter to the clean command
The "images" parameter is a json blob contains
a list of images, where each image contains a map of:
  * url: to firmware image (file://, http://)
  * checksum: checksum of the provided image
  * checksumType: md5/sha512/sha256
  * componentFlavor: PSID of the nic
  * version: version of the FW

The "update_nvidia_nic_firmware_settings" clean step requires to pass
"settings" parameter to the clean command
The "settings" parameter is a json blob contains
a list of settings, where each settings contains a map of:
  * deviceID: device ID
  * globalConfig: global config
  * function0Config: function 0 config
  * function1Config: function 1 config

Change-Id: Icfaffd7c58c3c73c3fa28cfc2a6c954d2c93c16e
Story: 2010228
Task: 46016
2023-01-11 14:00:07 +00:00
Riccardo Pittau
604c7081db Fix create configuration unit tests
The unit tests for create_configuration give different result if
ran on a bios or uefi booted machine because they get the
partition table type value based on the utils function
get_node_boot_mode.
Let's mock the boot_mode as we do in other tests to get an
independent result.

Change-Id: Ic0e7daea7ec4ce0806cd126c27166f84690c5d9e
2022-12-15 11:49:34 +01:00
Zuul
a1670753a2 Merge "Fix failure of bind mount in _install_grub2" 2022-10-17 23:46:05 +00:00
Rozzii
830fdfa4c6
prioritize lsblk as a source of device serials
The current way of prioritizing ID/DM_SERIAL_SHORT or ID/DM_SERIAL works
in most cases but the udev values seem to be unreliable.

Based on experience it looks like lsblk might be a better
source of truth than udev in regerards to serial number
information. This commit makes lsblk the default provider
of block device serial number information.

Story: 2010263
Task: 46161

Change-Id: I16039b46676f1a61b32ee7ca7e6d526e65829113
2022-10-10 19:31:47 +03:00
Vanou Ishii
0bf579c955 Fix failure of bind mount in _install_grub2
When IPA runs _install_grub2, IPA tries to bind mount /dev, /proc and /run
to <temporal directory path root partition mounted>/{dev,proc,run}.
However that bind mount fails because there aren't such mount point path
under temporal directory.
To fix this failure, this patch add mkdir command before bind mount.

Story: 2010292
Task: 46273
Change-Id: I434ce1bf1863ee0f11c4d09918d6d2d8dc065c02
2022-09-22 19:34:12 +09:00
Jakub Jelinek
a99bf274e4 SoftwareRAID: Enable skipping RAIDS
Extend the ability to skip disks to RAID devices
This allows users to specify the volume name of
a logical device in the skip list which is then not cleaned
or created again during the create/apply configuration phase
The volume name can be specified in target raid config provided
the change https://review.opendev.org/c/openstack/ironic-python-agent/+/853182/
passes

Story: 2010233

Change-Id: Ib9290a97519bc48e585e1bafb0b60cc14e621e0f
2022-09-05 20:43:51 +00:00
Zuul
ed6a8d28b7 Merge "Create RAIDs with volume name" 2022-09-02 19:26:57 +00:00
Jakub Jelinek
daa20b01d1 Create RAIDs with volume name
Use 'volume_name' field from 'target_raid_config' to create logical
disks if it is present
Do not allow two logical disks to have the same volume name

Change-Id: If3e4e9f8698ec3e0cb49717f8ed2087d2ba03f2c
2022-09-02 14:51:42 +00:00
Julia Kreger
f3e3de8097 Fix software raid output poisoning
In the event a device name is set to contain a raid device path,
it is possible for the Name and Events field values of mdadm's
detailed output to contain text which inadvertently gets captured and
mapped as component data for the "holder" devices of the RAID set.

This would cause invalid values to get passed to UEFI methods
which would cause a deployment to fail under these circumstances.

We now ignore the Name and Events fields in mdadm output.

Change-Id: If721dfe1caa5915326482969e55fbf4697538231
2022-08-24 10:15:27 -07:00
Zuul
f89d54f4b8 Merge "Improve function list_block_devices_check_skip_list" 2022-08-17 12:47:45 +00:00
Jakub Jelinek
1ac61e1dbd Improve function list_block_devices_check_skip_list
Fix minor issues suggested by dtantsur
Add an example of skip list specification to the documentation

A follow-up patch to I3bdad3cca8acb3e0a69ebb218216e8c8419e9d65

Change-Id: Ic94a33b7bc0572a1cc8f92b330474ec63a173e81
2022-08-16 15:17:15 +00:00
Zuul
3a4baa637f Merge "Enable skipping disks for cleaning" 2022-08-16 11:49:48 +00:00
Jakub Jelinek
0212337bd5 Enable skipping disks for cleaning
Introduce a field skip_block_devices in properties - this is a list of dictionaries
Create a helper function list_block_devices_check_skip_list
Update tests of erase_devices_express to use node when calling _list_erasable_devices
Add tests covering various options of the skip list definition
Use the helper function in get_os_install_device when node is cached

Story: 2009914

Change-Id: I3bdad3cca8acb3e0a69ebb218216e8c8419e9d65
2022-08-11 09:30:00 +00:00
Zuul
eb2215090a Merge "Use lsblk json output for safety_check_block_device" 2022-08-03 23:47:17 +00:00
Jakub Jelinek
e196fdfb62 Remove unused lines of code
The 5 lines of code were extracted from erase_devices_metadata to _list_erasable_devices, but now are duplicated in both functions.
The variable block_devices is not used in erase_devices_metadata.

Change-Id: I89f56c69d90fb0eb61907d6667266fbd57d333af
2022-07-20 10:00:53 +00:00
Riccardo Pittau
b5fac66bc3 Use lsblk json output for safety_check_block_device
Change-Id: Ibfc2e203287d92e66567c33dc48f59392852b88e
2022-07-20 11:56:27 +02:00
Zuul
21b21a5f15 Merge "Guard shared device/cluster filesystems" 2022-07-20 08:23:55 +00:00
Julia Kreger
beb7484858 Guard shared device/cluster filesystems
Certain filesystems are sometimes used in specialty computing
environments where a shared storage infrastructure or fabric exists.
These filesystems allow for multi-host shared concurrent read/write
access to the underlying block device by *not* locking the entire
device for exclusive use. Generally ranges of the disk are reserved
for each interacting node to write to, and locking schemes are used
to prevent collissions.

These filesystems are common for use cases where high availability
is required or ability for individual computers to collaborate on a
given workload is critical, such as a group of hypervisors supporting
virtual machines because it can allow for nearly seamless transfer
of workload from one machine to another.

Similar technologies are also used for cluster quorum and cluster
durable state sharing, however that is not specifically considered
in scope.

Where things get difficult is becuase the entire device is not
exclusively locked with the storage fabrics, and in some cases locking
is handled by a Distributed Lock Manager on the network, or via special
sector interactions amongst the cluster members which understand
and support the filesystem.

As a reult of this IO/Interaction model, an Ironic-Python-Agent
performing cleaning can effectively destroy the cluster just by
attempting to clean storage which it percieves as attached locally.
This is not IPA's fault, often this case occurs when a Storage
Administrator forgot to update LUN masking or volume settings on
a SAN as it relates to an individual host in the overall
computing environment. The net result of one node cleaning the
shared volume may include restoration from snapshot, backup
storage, or may ultimately cause permenant data loss, depending
on the environment and the usage of that environment.

Included in this patch:
- IBM GPFS - Can be used on a shared block device... apparently according
             to IBM's documentation. The standard use of GPFS is more Ceph
             like in design... however GPFS is also a specially licensed
             commercial offering, so it is a red flag if this is
             encountered, and should be investigated by the environment's
             systems operator.
- Red Hat GFS2 - Is used with shared common block devices in clusters.
- VMware VMFS - Is used with shared SAN block devices, as well as
                local block devices. With shared block devices,
                ranges of the disk are locked instead of the whole
                disk, and the ranges are mapped to virtual machine
                disk interfaces.
                It is unknown, due to lack of information, if this
                will detect and prevent erasure of VMFS logical
                extent volumes.

Co-Authored-by: Jay Faulkner <jay@jvf.cc>
Change-Id: Ic8cade008577516e696893fdbdabf70999c06a5b
Story: 2009978
Task: 44985
2022-07-19 13:24:03 -07:00
Dmitry Tantsur
6a1334a068 Drop support for instance netboot
Change-Id: I2b4c543537dac8904028fdcdb590c1c214238e10
2022-07-07 16:38:22 +02:00
Zuul
5129eb4933 Merge "Fix passing kwargs in clean steps" 2022-07-04 13:56:52 +00:00
Zuul
ccf4ee31cf Merge "Gather details about bond interfaces if present" 2022-07-02 02:56:46 +00:00
Zuul
7d15efd7a6 Merge "Remove oslo.serialization dependency" 2022-07-02 02:56:44 +00:00
Zuul
0cf5959f67 Merge "Collect udev properties in the ramdisk logs" 2022-07-02 00:37:35 +00:00
waleedm
eb07839bd4 Fix passing kwargs in clean steps
Pass kwargs to dispatch_to_managers method in execute_clean_step

Change-Id: Ida4ed4646659b2ee3f8f92b0a4d73c0266dd5a99
Story: 2010123
Task: 45705
2022-07-01 23:03:55 +00:00
Zuul
a9de7f80cc Merge "Use json for lsblk output" 2022-06-30 23:38:15 +00:00
Zuul
312e1527ab Merge "Warn when smartctl not found" 2022-06-27 12:10:31 +00:00
Zuul
2d486d9061 Merge "Remove importlib-metadata from requirements" 2022-06-24 20:46:47 +00:00
Mark Goddard
b68fa6b2e1 Warn when smartctl not found
Currently, if smartctl is not found by IPA, it will silently skip ATA
secure erase and proceed to shred (if enabled). This is supposedly for
backwards compatibility, but is quite hard to diagnose.

This change adds a warning message to make it more obvious what is
happening.

TrivialFix

Change-Id: I03a381e99de79f201ec7e9a388777c3d48457e93
2022-06-24 16:58:37 +01:00
Riccardo Pittau
1356157ec8 Remove importlib-metadata from requirements
We don't need it anymore as we don't support python < 3.8
Also it was removed from global requirements so it breaks the
requirements check.

Change-Id: Ia12cbef3515f823fdd627a36020cf7801bf6d734
2022-06-21 17:54:39 +02:00
Derek Higgins
7e4fe3bf6a Gather details about bond interfaces if present
If present gather information about bonded interfaces.

Story: #2010093
Task: #45637

Change-Id: I394187640b4788ebec21c3391d33ed728fb72ffa
2022-06-21 09:45:03 +01:00
Dmitry Tantsur
a98675890f Collect udev properties in the ramdisk logs
Change-Id: Ifcf3dfff00b604dec1e2f430369ab8053f50f137
2022-06-17 16:19:58 +02:00
Riccardo Pittau
64ffd2ee80 Remove oslo.serialization dependency
Use pure json instead of jsonutils.

Borrow encode function from oslo.serialization to be used in the
utils module.

Change-Id: Ied9a2259a4329a86b4f0853bd1fb187563c0a036
2022-06-17 09:37:35 +02:00
Dmitry Tantsur
69e2254503 Fix discovering WWN/serial for devicemapper devices
UDev prefix is DM_ not ID_ for them. On top of that, they don't have
short serials (or at least don't always have).

Change-Id: I5b6075fbff72201a2fd620f789978acceafc417b
2022-06-14 19:06:53 +02:00
Riccardo Pittau
09ea41c83d Use json for lsblk output
The lsblk output is available in json format since version 2.27 of
util-linux [1]

https: //mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.27/v2.27-ReleaseNotes

Change-Id: I0c5812736b7a320cc4ecc333f80db70eb78cc76d
2022-06-14 17:50:05 +02:00
Julia Kreger
014d37743a Multipath Hardware path handling
Removes multipath base devices from consideration by
default, and instead allows the device-mapper device
managed by multipath to be picked up and utilized
instead.

In effect, allowing us to ignore standby paths *and*
leverage multiple concurrent IO paths if so offered
via ALUA.

In reality, anyone who has previously built IPA with
multipath tooling might not have encountered issues
previously because they used Active/Active SAN storage
environments. They would have worked because the IO lock
would have been exchanged between controllers and paths.
However, Active/Passive environments will block passive
paths from access, ultimately preventing new locks from
being established without proper negotiation. Ultimately
requiring multipathing *and* the agent to be smart enough
to know to disqualify underlying paths to backend storage
volumes.

An additional benefit of this is active/active MPIO devices
will, as long as ``multipath`` is present inside the ramdisk,
no longer possibly result in duplicate IO wipes occuring
accross numerous devices.

Story: #2010003
Task: #45108
Resolves: rhbz#2076622
Resolves: rhbz#2070519
Change-Id: I0fd6356f036d5ff17510fb838eaf418164cdfc92
2022-05-18 20:26:39 -03:00
Zuul
6b8f387498 Merge "Collect a full lsblk output in the ramdisk logs" 2022-05-09 14:21:43 +00:00
Zuul
979eea621e Merge "Do not try to guess EFI partition path by its number" 2022-05-05 15:17:35 +00:00
Dmitry Tantsur
f09f6c9f1a Do not try to guess EFI partition path by its number
The logic of adding a partition number to the device path does not work
for devicemapper devices (e.g. a multipath storage device).

Change-Id: I9a445e847d282c50adfa4bad5e7136776861005d
2022-05-04 15:06:02 +02:00
Dmitry Tantsur
65c4de903a Use a pre-defined partition UUID to detect configdrive on GPT
Using partition numbers is currently broken for devicemapper devices.
Fortunately, GPT has partition UUIDs, so we can just generate one and
use it for lookup.

Change-Id: I41ffe4f8e4c6e43182090b5aa2a2b4b34f32efd5
2022-04-29 16:56:53 +02:00
Dmitry Tantsur
424e649bed Collect a full lsblk output in the ramdisk logs
The existing lsblk call is very handy for an overview, but there a lot
more useful pairs to collect. Collect them in a machine-readable format
to be able to use in debugging and further development.

Change-Id: Ib27843524421944ee93de975d275e93276a5597a
2022-04-29 14:24:19 +02:00
Riccardo Pittau
8111475eb0 Use Werkzeug modern version
Request class from Werkzeug now includes json capability by default.
See [1] and [2] for more info.

[1] 2cd4fa9484
[2] 7b52ecd8f3

Change-Id: I3c74b26ef4aff07c371364203a5b39c658b552a7
2022-04-14 10:47:06 +00:00
Zuul
a247fbcc8c Merge "Refactor efi_utils for easier maintaining and debugging" 2022-03-18 20:55:57 +00:00
Zuul
f08f70134d Merge "Improve efficiency of storage cleaning in mixed media envs" 2022-03-15 18:05:29 +00:00
Jacob Anders
c5f7f18bcb Improve efficiency of storage cleaning in mixed media envs
https://storyboard.openstack.org/#!/story/2008290 added support
for NVMe-native storage cleaning, greatly improving storage clean
times on NVMe-based nodes as well as reducing device wear.

This is a follow up change which aims to make further improvements
to cleaning efficiency in mixed NVMe-HDD environments. This is
achieved by combining NVMe-native cleaning methods on NVMe devices
with traditional metadata clean on non-NVMe devices.

Story: 2009264
Task: 43498
Change-Id: I445d8f4aaa6cd191d2e540032aed3148fdbff341
2022-03-15 19:00:25 +10:00
Zuul
de28b7bfdc Merge "Create fstab entry with appropriate label" 2022-03-11 00:40:01 +00:00