Request class from Werkzeug now includes json capability by default.
See [1] and [2] for more info.
[1] 2cd4fa9484
[2] 7b52ecd8f3
Change-Id: I3c74b26ef4aff07c371364203a5b39c658b552a7
This is very convenient for debugging and is something ironic and
ironic-inspector already do.
Register SSL options earlier so that they're accounted for.
Change-Id: I56aca8eec1dfeb065ac657452a7076a9e3d17cc3
Adds a new flag (on by default) that enables generating a TLS
certificate and sending it to ironic via heartbeat. Whether
ironic supports auto-generated certificates is determined by
checking its API version.
Change-Id: I01f83dd04cfec2adc9e2a6b9c531391773ed36e5
Depends-On: https://review.opendev.org/747136
Depends-On: https://review.opendev.org/749975
Story: #2007214
Task: #40604
This change enables operators to set [DEFAULT]listen_tls to
true configure IPA to be host its WSGI server over TLS using
existing SSL support in oslo.service.
In addition to configuring this in IPA, a deployer will need to
also set [ssl]cert_file, [ssl]key_file, and optionally
[ssl]ca_file in their ipa config, in addition to embedding those
files into the IPA ramdisk in order for this to be functional.
In order to make this change work, we also need to monkey patch
socket library early, or else oslo.service will end up passing an
unpatched socket to the eventlet wsgi server, which causes
deadlocks.
Change-Id: Ib7decae410915f3c27b045ee08538c94d455b030
The listen_port and listen_host directives are intended to allow
deployers of IPA to change the port and host IPA listens on. These
configs have not been obeyed since the migration to the oslo.service
wsgi server.
Story: 2008016
Task: 40668
Change-Id: I76235a6e6ffdf80a0f5476f577b055223cdf1585
Adds support to the agent to receive, store, and return
that token to ironic's API, when supported.
This feature allows ironic and ultimately the agent to
authenticate interactions, when supported, to prevent
malicious abuse of the API endpoint.
Sem-Ver: feature
Change-Id: I6db9117a38be946b785e6f5e75ada1bfdff560ba
The change in frameworks with the API changed the overall execution
behavior from single threaded serialized execution threaded to
multithreaded through eventlet.
But we signaled ourselves to wait for the API to stop, but never
actually stopped the API.
As setting the flag to stop the API is a hard notification that
the API must now exit, there is no reason to wait and block exit,
hence the simple nature of this change.
Now the threads should exit, IPA should exit, and rescue should
ideally work.
Change-Id: I3faf2d169d4edac6a2321f8649bb9ce478885ea1
Story: 2006998
Task: 37768
WSME is no longer maintained and Pecan is an overkill for our (purely
internal) API. This change rewrites the API in Werkzeug (the library
underneath Flask). I don't use Flask here since it's also an overkill
for API with 4 meaningful endpoints.
Change-Id: Ifed45f70869adf00e795202a53a2a53c9c57ef30
Since we've dropped support for Python 2.7, it's time to look at
the bright future that Python 3.x will bring and stop forcing
compatibility with older versions.
This patch removes the six library from requirements, not
looking back.
Change-Id: I4795417aa649be75ba7162a8cf30eacbb88c7b5e
Increases the amount of ram for CoreOS IPA to 2GB
as the base CoreOS image is now 310MB.
Bumped CPU count for CoreOS runs to 2 CPUs as the
concurrency helps boot times for the CoreOS ramdisk.
Adds netbase, udev, and open-iscsi to debian jessie container
as they are no longer present in the default container.
Explicitly set path variable for execution in the debian
container as udevadm is in /sbin, and we may not have
/sbin on the path that is passed through to the
chroot.
Also fixed new pep8 test failures.
Story: #1600228
Task: #16287
Change-Id: I488445dfd261b7bca322a0be7b4d8ca6105750a3
/ironic-python-agent/api/app.wsgi is an empty file.
As suggestion from John L. Villalovos, we probably should delete it.
Change-Id: I695aca42b76dfad1b74418c05a48c5cba3b7d71e
Use latest version of flake8-import-order package, like we do in
openstack/ironic
Fix two issues detected by new version.
Change-Id: Idb8f0fd79c3d6b34611288f77948d042cd837806
This utilizes the new metrics support in ironic-lib to allow the agent to
report timing metrics for agent API methods as configured in ironic-lib.
Additionally, this adds developer docs on how to use metrics in IPA,
including some caveats specific to ironic-lib.metrics use in IPA.
Co-Authored-By: Jay Faulkner <jay@jvf.cc>
Co-Authored-By: Alex Weeks <alex.weeks@gmail.com>
Change-Id: Ic08d4ff78b6fb614b474b956a32eac352a14262a
Partial-bug: #1526219
This patch adds code into the tinyipa build process and IPA itself to
allow the required python code to be PYTHONOPTIMIZE precompiled into
pyo files, this speeds up IPA startup time in a nested virt by 50%.
Change-Id: Ib60c420719ea52a602c1752b572d3b217c2cefc7
A GET to /v1 in the API returns a link to a URL for a repository that is no
longer maintained. This commit changes the link to point to the correct
documentation.
Change-Id: I8779cd1840627ff8759527b7514306293682aaae
Debugging the agent is a huge pain point. Tracebacks are rarely logged,
error messages are often only returned via the API, and lack of
info logging makes it hard to determine where some failures occur.
Some errors only return a 500 with no error message or logs.
Change-Id: I0a127de6e4abf62e20d5c5ad583ba46738604d2d
The docstrings here were all giving WARNINGs or ERRORs during the docs
build, and were generally making unappealing looking developer
documentation. I corrected the syntax and did what was neccessary to
make the build come out clean.
Change-Id: I74b00a7f125770b0468cff3bdf26d0d52cd054d7
(cherry picked from commit c0921cdff372ce1fd6df1c4ab4eb5463e2cba0e4)
Allow multiple extensions to be loaded by switching to ExtensionManager
from stevedore. Remove any reference to modes.
Change-Id: Ic160478625226b4dd17bd68b3d37f3b05823e519
