Introduce a new parameter in driver_internal_info called
agent_erase_devices_zeroize to control the behavior of shred. This
parameter controls the --zero argument used when invoking shred.
Configuring this to false disabled the last pass of zeroes, leaving the
device with random data.
Change-Id: I7053034f5b5bc6737b535ee601e6fb71284d4a83
Partial-bug: #1568811
Depends-On: Ia7ea8d909df9ae86a6dbd68ba94746b171535eb8
Create a helper function: create_hdparm_info() and use it in the unit
tests.
Also fix mispelling of 'indicative'
Change-Id: Ifa15fde72bc0ca6d925408c1dcafce85c192abb7
Presently should the ATA erasure operation fails, IPA halts the
cleaning process and the node goes to CLEANFAIL state as a result.
This failure could be the result of a previous cleaning failure
that left drive security enabled, for which code has been added
in an attempt to address this case by attempting to unlock the
the drive.
In the event that an operator wishes to automatically fallback to
disk scrubbing operations, the capability has been added through
a driver_internal_info field "agent_continue_if_ata_erase_failed"
that can be set to True, however defaults to False keeping the
same behavior that IPA presently exhibits in the event of ATA
erase operations failing.
Partial-Bug: #1536695
Change-Id: I88edd9477f4f05aa55b2fe8efa4bbff1c5573bb1
In the DIB build the DHCP code (provided by the dhcp-all-interfaces element)
races with the service starting IPA. It does not matter for deployment itself,
as we're waiting for the route to the Ironic API to appear. However, for
inspection it may result in reporting back all NIC's without IP addresses.
Inspection fails in this case.
This change makes inspection wait for *all* NIC's to get their IP addresses up
to a small timeout. The timeout is 60 seconds by default and can be changed
via the new ipa-inspection-dhcp-wait-timeout kernel option (0 to not wait).
After the wait inspection proceedes in any case, so the worst downside
is making inspection 60 seconds longer.
To avoid waiting for NIC's that are not even connected, this change extends the
NetworkInterface class with 'has_carrier' field.
Closes-Bug: #1564954
Change-Id: I5bf14de4c1c622f4bf6e3eadbe20c44759da5d66
If we do not set this explicitly, tar will warn "journal: implausibly
old time stamp" when the user tries to untar the log files.
Change-Id: I4a5a1ffd4eeca9697cdcf16e02d3ff3c22d7132c
Fixes nits raised in review for Change ID
I3ca0382f05e88700c56d3c7f4b4ecf7b8fc3bc0c
Remove useless id field, fix capitalization and grammar.
Change-Id: I7976993d1ac9354e035a5e7dba6ef8cc392537e3
Currently we hardcode the iSCSI port to its default. With this
patch, we added new portal_port argument into iscsi.start_iscsi_target
api, cover both lio and tgt two iscsi target operations.
And for IPA client and driver code change, will commit more patch to
cover.
Change-Id: I6da20487ccba6cbac04d36b8643afdd1e3920b12
Partial-Bug: #1523829
If the local disk has already a partition table, it must be clean up
before the disk is exposed through iscsi. Otherwise this disk partition
can create a conflict during the grub installation.
How reproducible:
1. Inject an image on the root disk, like for example ipxe.usb or ipxe.iso
2. Try to deploy a system on the node using Ironic
3. The node is properly deployed but the grub installation has failed
with the following error:
attempting to install grub to a disk with multiple partition labels
A simple sgdisk -Z /dev/vdX is not enough because grub-install will
inspect the disk and will still detect a remaining partition.
This commit makes use of the ironic-lib to do the clean up of the disk.
The additional review Id59fa5a06b9115c0f9afc09aae95daaac97e2fac increase
the amount of data to wipe.
References:
https://bugzilla.redhat.com/show_bug.cgi?id=1310883
Partial-Bug: 1550604
Change-Id: Ie68cb6296c782e904d40f6e9de0faa52ab2af2bf
This commit adds the disk_label support for partition
images. It also fixes the node_uuid info passed to the
ironic_lib.
Partial-Bug: 1560560
Change-Id: I8b8ef20787468c1b8dc6fbc0b8905abd285325e1
The agent returns "efi_system_partition_uuid=None" in the
status message for uefi netboot for partition images.
This commit fixes to remove this unwanted message
from the status message as efi partition is created only
for localboot.
Closes-bug: 1526289
Change-Id: I6376406cdde29493619f50b0a6cd8b6ce3784d6e
Binding to the first interface that has an IP address is error-prone: there is
no guarantee that ironic can reach us via this inteface. It is much safer to
detect the interface facing ironic and bind to it.
Unused LookupAgentInterfaceError exception is deleted.
The TinyIPA build also requires iptables dependency at build time to insert the
required kernel modules.
Closes-Bug: #1558956
Change-Id: I9586805e6c7f52a50834bc03efeb72d1faa6cb65
This patch is modifying the shutdown.sh script to not use SYSRQ when
performing power actions. SYSRQ has a similar effect to a hardware reset
button/power switch, which can be problematic after copying an image to
the disk (data loss) therefore, this patch is changing the script to use
soft power action via the poweroff and reboot commands.
SYSRQ was required before because the ironic-python-agent service was
running inside a docker container, but since we've moved it to run into
a chroot (when built with coreos) or on the ramdisk's OS (when built
with DIB) the SYSRQ actions are not needed anymore.
In many parts of Ironic we were considering the standby.{power_off,
reboot} methods of IPA to be soft actions, which they are not at
present. This patch is also fixing that assumption.
Change-Id: Ibe3a3f61a4a0e98b2c2501ad95154839933b4d7a
Closes-Bug: #1557450
This patch is adding a new command called sync to the standby module of
IPA. The new command runs synchronously and it's responsible for
flushing file system buffers to the disks.
The initial intention for this command is to use it as part of the fix
for the bug #1512492 where some hardware/firmwares do have problems to
come back online after a soft ACPI power off, therefore we need to call
sync() to make sure all file system buffers have been synced and then
issue a hard power off (e.g via the BMC).
Partial-Bug: #1512492
Change-Id: I5cd1d1b821426e995dc584452494b93ab23917e0
It also adds the ironic-lib in the requirements
list of the IPA package.
Partial-bug: 1526289
Depends-On: I22bc29a39bf5c35f3eecb6d4e51cebd6aee0ce19
Change-Id: I37908470484744bb720f741d378106d1cb1227a3
This patch is fixing a programmatic error in the heartbeat() method of
the APIClient() class. When 409 (Conflict) was returned from the the
Ironic API the code wasn't parsing the content of the response
correctly.
Change-Id: I01fbb8d866b2f94fe128d0bc40b69d05b5add1a3
Closes-Bug: #1556199
Logging the whole journalctl output is not the best idea. Fortunately,
it does not work right now and fails with a traceback :)
This change adds a new log_stdout argument to utils.execute() and uses it in
the "logs" inspection collector.
Also do not log the logs while logging the collected data.
Change-Id: Ibc726ac2c4f5eb06c73ac4765bb400077b84a6cc
It's normal that ironic returns 409 Conflict from time to time, so
it's a bit confusing that we report this with Exception level and
traceback.
Change-Id: I1627c61facc3fadd0f5d9d324150e7d2833c7fbc
Closes-Bug: #1533113
This patch is making the list_all_block_devices() method to wait for
udev to settle it's event queue prior to listing the devices.
Sometimes the ironic-python-agent service may start before all devices
were detected and end up erroring out because it couldn't find a
suitable disk for deployment.
Closes-Bug: #1551300
Change-Id: I1ae2062a711115a1ea14b79ae9ace7ddd2fff9d5
Changed implementation to strip tokens up until the first 'Size: '
string. This will allow for less parsing errors in the first
six lines of the following output:
"dmidecode --type 17 | grep Size" returns:
Maximum Memory Module Size: 4096 MB
Maximum Total Memory Size: 8192 MB
Size: 2048 MB
Size: 2048 MB
Added a condition in the exception handling to address the
issue of the bug on other outputs like:
Installed Size: Not Installed
Enabled Size: Not Installed
Size: No Module Installed
Size: 1024 MB
Common strings like "No Module Installed" and "Not Installed" are
normal. These two strings are hard coded in the before mentioned
comparison and when found are logged as warnings instead of errors.
Change-Id: If3475afcebfc7af7e9256b99924919557c4d909c
Closes-Bug: #1521202
When neither tgt nor linux-io are available, we only get error
message like 'No such file or directory', this situation should
be detected and return a better error instead.
Change-Id: I334717a1a8a728aa6da6024ff9fc6d817399a41f
Closes-Bug: #1540958
