Currently we erase the disks one by one, which takes a long
time to finish, this patch adds support to the IPA so that
it can erase disks in parallel if told so.
Story: 1546949
Task: 11548
Co-Authored-By: yuan liang <leetpy2@gmail.com>
Co-Authored-By: Kaifeng Wang <kaifeng.w@gmail.com>
Change-Id: If5cfb6ec000a654d07103c4b378d4c135249e238
On CoreOS images, IPA runs in a Debian Jessie chroot which uses mawk as
its default awk implementation. However, mawk doesn't support POSIX
character classes such as [:space:], which means get_bmc_address() fails
to parse the BMC IP address from the output of ipmitool.
This patch replaces the use of [[:space:]] by [ \t] which is equivalent
for the purpose of parsing the output of ipmitool. Note that matching on
tab characters is not strictly required as the packaged version of
ipmitool only uses space characters, but is left in case tabs are used
in other versions.
Change-Id: I0e3306a4d4584ca28e03608e9f7270b770960a39
Story: #2004121
Task: #27571
ATARAID is functionally a version of software
RAID where the setup is managed by the controller
and the Operating System takes over managing the
RAID after boot. Most commonly this is found for
mirrored boot devices.
Prior to this patch, we were looking for non-dependent
items (i.e. base block devices), with a type of disk.
Now we will permit the "disk" to be added to the list
if lsblk indicates that it is a type containing "raid".
The lsblk results should not change as we explicitly
look for disk objects.
Change-Id: Ia4a03b33cc06ce42e1bc33026683c28b31901cb7
Story: #2003445
Task: #24647
This patch adds support to retrieve IPv6 address.
A new field ``ipv6_address`` is added to NetworkInterface
and store the assigned IPv6 address (if any).
Co-Authored-By: Kaifeng Wang <kaifeng.w@gmail.com>
Change-Id: Ia527a5aa48e3daf66d2be190e43935b38b3bd6f9
Closes-Bug: #1744064
Story: #1744064
Task: #11604
We need to allow the operator to able to
explicitly disable secure erase, in case
it is problematic in their environment
or hardware.
Change-Id: I4c68efa65cdd7f88f54f8dd9a8bcbeee9e8124a8
Story: #2002546
Task: #22108
Adds dependency upon smartmontools's binary smartctl to
query the block devices via ATA mode which fails on pass-thru
buses such as ATA over SCSI and ATA over USB, in an effort
to prevent the initiation of ATA secure erase with one
of these interfaces in place which may render the disk
unreachable after security options are enabled for
ATA Secure Erase or upon the Secure Erase command being
sent to the Hard Disk.
Change-Id: I7635a197eb000650e919fac386b38ac15ef17041
Story: #2002546
Task: #22109
Depends-On: Ibbfd168844524d91927bdd6e67d973e0bd519bf2
When a hard error has occured with secure erase,
we should attempt an unlock of the device becuase
the current mode can prevent disk IO. This may upset
some things like raid controllers even if they are
in a pass-through mode.
Change-Id: I32e1d962fbbb4a305d5dbebea92ac48ebd9b67ca
Story: #2002546
Task: #22107
hdparm versions prior to 9.51 interpret the value, NULL, as a
password with string value: "NULL".
Example output of hdparm with NULL password:
[root@localhost ~]# hdparm --user-master u --security-unlock NULL /dev/sda
security_password="NULL"
/dev/sda:
Issuing SECURITY_UNLOCK command, password="NULL", user=user
SECURITY_UNLOCK: Input/output error
Example output of hdparm with "" as password:
[root@localhost ~]# hdparm --user-master u --security-unlock "" /dev/sda
security_password=""
/dev/sda:
Issuing SECURITY_UNLOCK command, password="", user=user
Note the values of security_password in the output above. The output
was observed on a CentOS 7 system, which ships hdparm 9.43 in the
offical repositories.
This change attempts to unlock the drive with the empty string if an
unlock with NULL was unsucessful.
Issuing a security-unlock will cause a state transition from SEC4
(security enabled, locked, not frozen) to SEC5 (security enabled,
unlocked, not frozen). In order to check that a password unlock attempt
was successful it makes sense to check that the drive is in the unlocked
state (a necessary condition for SEC5). Only after all unlock attempts
fail, do we consider the drive out of our control.
The conditions to check the drive is in the right state have been
adjusted to ensure that the drive is in the SEC5 state prior to issuing
a secure erase. Previously, on the "recovery from previous fail" path,
the security state was asserted to be "not enabled" after an unlock -
this could never have been the case.
A good overview of the ATA security states can be found here:
http://www.admin-magazine.com/Archive/2014/19/Using-the-ATA-security-features-of-modern-hard-disks-and-SSDs
Change-Id: Ic24b706a04ff6c08d750b9e3d79eb79eab2952ad
Story: 2001762
Task: 12161
Story: 2001763
Task: 12162
Currently the generic hardware manager uses dmidecode to get the
total physical memory and system details. This patch switches the
generic hardware manager to use lshw, as it is capable of reading
more than DMI [0]. This enables systems that do not support DMI
to use the generic hardware manager, such as IBM Power systems.
[0] https://github.com/lyonel/lshw/blob/master/README.md
Closes-Bug: #1715790
Change-Id: Ie370331df6bb5ef131c5cb60f458877e2a7ad71a
Depends-On: Idaf05b8efce28cd0cbf339cf693db4f55a693d9b
This is the followup patch for
commit d0a53149f82a3587515a4371f0f4cad8570dc715) fixing
issues with the unit tests not addressed initially.
Change-Id: I7889bf908bcb64b79bf303c6ae356fd3f4e94a83
This fixes an off-by-one error in a warning message.
This is a follow-up to 3189c16a5e95ade468fa8bc37302eb9979f5a8c9.
Change-Id: I89b56974c1b919f4c03498873d3ce9860d5644c5
Related-Bug: #1670916
This patch is changing the _wait_for_disks() method behavior to wait to
a specific disk if any device hints is specified. There are cases where
the deployment might fail or succeed randomly depending on the order and
time that the disks shows up.
If no root device hints is specified, the method will just wait for any
suitable disk to show up, like before.
The _wait_for_disks call was made into a proper hardware manager method.
It is now also called each time the cached node is updated, not only
on start up. This is to ensure that we wait for the device, matching
root device hints (which are part of the node).
The loop was corrected to avoid redundant sleeps and warnings.
Finally, this patch adds more logging around detecting the root device.
Co-Authored-By: Dmitry Tantsur <dtantsur@redhat.com>
Change-Id: I10ca70d6a390ed802505c0d10d440dfb52beb56c
Closes-Bug: #1670916
When inspecting block devices on a node, discover and
report the /dev/disk/by-path/XXX name along with the
/dev/XXX block device name.
The second name does not change between Linux system
reboots and has greater chances to be the same across
similarly configured nodes.
Note: this patch depends on
https://review.openstack.org/#/c/500524/
library patch, but this dependency can't be expressed
with Depends-On clause. Therefore once this patch
requires a followup patch to enable one currently disabled
test in this patch.
Change-Id: I09874f19890500d352521f89573e2aaf50a29022
Closes-Bug: #1679726
It seems to be incorrect at least for some iLO machines.
Also harden the code against invalid output from ipmitool.
Change-Id: I733785e9c7d86eadca963f0776910504bf91bcfe
Closes-Bug: #1714944
It may happen that BMC is configured to use non-zero channel.
In this case we should iterate across all of them as long as we
get a correct IP address (in this case different than "0.0.0.0"
which is a placeholder for not configured console).
Change-Id: I3c351af1882b24c8f56e4363249b19b5c3a4a446
Closes-Bug: #1702514
This change removes the now unused "warnerrors" setting,
which is replaced by "warning-is-error" in sphinx
releases >= 1.5 [1].
[1] http://lists.openstack.org/pipermail/openstack-dev/
2017-March/113085.html
Change-Id: I9bf18ff72f36dfd3496b9672604e8bb98999b133
Currently, get_bios_given_nic_name logs 'biosdevname not found' for
every NIC. This patch changes it to log only once when the executable
is not found.
Removes a redundant 'return' statement.
Change-Id: Ic42ec23876b6f7b28d8f6ac1bd37bdbfa20cf421
Adds an extra field ``biosdevname`` to network interface inventory
collected by ``default`` inspection collector (which collects the whole
inventory returned by hardware manager) of ironic-python-agent.
This feature requires biosdevname utility to collect the bios given NIC
names. The tooling module for tinyIPA is created for the same purpose.
For CoreOS IPA pxe images, biosdevname tooling module is limited,
because Docker repository is created and embedded into CoreOS pxe
images. The Docker repository uses debian to download the packages.
Debian does not have biosdevname package.
Adds an export variable TINYIPA_REQUIRE_BIOSDEVNAME. Set this
variable to ``true`` in your shell before building tinyIPA.
Closes-Bug: #1635351
Change-Id: Ia96af59e2a74868cac59e5a88cfbb3be60d85687
Removes two reserved fields ``switch_port_descr`` and
``switch_chassis_descr`` that were deprecated in the Newton cycle.
Change-Id: Icd2251af63a69d60d1e72eddf651a168fdae94fa
If there is a problem with psutil failing we have a catch-all
exception. Explain reasoning for the catch-all exception.
Change-Id: Id2e22e4ff93d96c795f474e72a684dfe3db87a58
Global requirements was recently updated to force psutil=>3.0.1. This
patch removes support for older versions of psutil as well as changing
to opportunistically attempt to work if a version >5 is released but
doesn't change the interface we use.
Change-Id: I1f7fab33fd275fb8b5cd7704dc13375402756d06
Related-bug: #1659137
An upper-constraints update to psutil caused IPA to start using psutil
5.0.1. We had a hard-coded assumption that psutil would be major version
1 or 2. This allows us to use the updated psutil and attempts to simply
fail gracefully if an unrecognized psutil version is used.
Change-Id: Ibe072440159561b34a29b478d955876e5fb7f103
Closes-Bug: 1659137
This patch adds a new hardware manager, which will disable the embedded
LLDP agent on Intel CNA network cards in order to allow the gathering of
LLDP data during the inspection process.
Change-Id: I572756ac6a7bf67a7f446738ba9d145e1c1bdc48
Closes-Bug: #1623659
This patch is adding a "hctl" attribute to the BlockDevices. HCTL stands
for: Host, Channel, Target and Lun, which is basically the SCSI address.
The idea behind this patch is to allow root device hints to find the
disk for deployment based on the SCSI address.
Partial-Bug: #1648036
Change-Id: If8897c68609e0df0378ee919b803ca5e497def02
This patch add Mellanox Manager to support Mellanox
InfiniBand NICs.
It adds client_id to the NetworkInterface for the
InfiniBand network interface.
The Mellanox Manager provides it own implementation of
get_interface_info. The mlnx get_interface_info generate
InfiniBand MAC and client-id from the InfiniBand network
interface address.
Closes-Bug: #1532534
Change-Id: I4e7f7649a1bdeaa3ee99b2748037b0f37fea486c
This patch dispatches out the network_interface_info
to allow vendor hardware managers to plug the spacific
implementation. It also move neworking releated methods
form hardware to netutils
Related-Bug: #1532534
Change-Id: Idcd25c4753c009b5ba70bea97ee4eb83391a77a9
Use hacking 0.12.0
Use the new checks that are available:
[H106] Don’t put vim configuration in source files.
[H203] Use assertIs(Not)None to check for None.
[H904] Delay string interpolations at logging calls.
Fix code so tests pass.
Change-Id: If22ad272c332f30624ce10861408d377908b152b
Depends-On: I2aa44b62f900d4dfd67701b01eadd0523fbfaf07
This patch is updating IPA to use the match_root_device_hints() method
provided by ironic-lib version 2.2.0.
Partial-Bug: #1561137
Depends-On: I1d9dc7a57ea391a3419710c289242b39a4201463
Change-Id: Id93dd0360137df600f5a656348279e56c6b84bf9
In Python 2.6 it was required to use {0}, {1}...{n} when using the
string format function. In Python 2.7 and Python 3 it it not required.
Change {N} to {} in code.
This brings the code in style alignment with other projects like
ironic and ironic-lib.
Change-Id: I81c4bb67b0974f73905f14b589b3dd0a7131650d
Depends-On: I8f0e5405f3e2d6e35418c73f610ac6b779dd75e5
This patch is adding a new cleaning step called "erase_devices_metadata"
to the GenericHardwareManager. This step is responsible for erasing the
metadata of the disks present in the node (partition tables, signatures,
filesystem identifiers etc...).
It's important to note that the "erase_devices" cleaning step will also
remove all these metadatas (because it will zero/shred the whole disk)
but, it takes a lot of time to run and for some usages of Ironic only
cleaning the device metadata and leaving the data from previous tenants
on the disk after the machine is recycled is fine. That's the use case
for systems using Ironic just to install the same base image onto many
nodes which will run another cloud on top afterwards (TripleO).
The new cleaning step has a default priority of 99, so it should run
before the "erase_devices" cleaning step so that we can guarantee that
the metadata was removed even in case of a failure when cleaning the
disks.
The version of the GenericHardwareManager was bumped to "1.1" with the
addition of this new clean step.
This patch make use of the "destroy_disk_metadata" method from ironic-lib
to get rid of the metadata.
Closes-Bug: #1603411
Change-Id: I3d7b39d5ee3e03ce63185e4168b1ac954a896c93
Address some comments on the original review, mainly changing
the release note to be more specific.
Change-Id: I0af397fab174e4a7b426fdc69e50dffce5578577
Per Doug's email[0], 'warnerrors' in setup.cfg hasn't actually been
working for some time now, and we've piled up a few warnings. Fix these
before a pbr release to unbreak it gets pushed out and breaks our doc
builds.
[0] http://lists.openstack.org/pipermail/openstack-dev/2016-June/097849.html
Change-Id: I6576a56234918febb21e7e4860544eb952123c09
When matching the root device hints passed to Ironic and the devices
present in the disk, the logic to the "size" attribute was different was
outside the main loop. This patch refactors that uses the same loop for
matching the size attribute, improving a little the readability.
This patch also makes sure that we convert the value of "size" to
integer before attempting to match it.
Change-Id: I619153232b9b58696369185ad5be90ccfd38a4ed
It is required to issue iscsistart -b on those hardware in order for
/dev/sda /dev/sdb etc to be exposed to the OS.
On this type of hw, without the fix
introspection fails with - missing: ['local_gb']' err.
Change-Id: If6667b123e9b890d97c03612596fb78ee2b0ae85
Closes-Bug: 1590606
This patch is extending the root device hints to also consider if a disk
is a rotational device or not. This hint makes it easier to separate
SSDs and HDDs when selecting the device to deploy the image onto.
Partial-Bug: #1599517
Change-Id: I270fe57df825929bdef7911b3a6757cf7163a5f1
Documentation follow-up to the LLDP patch, commit
a7f0af722f96950e3bf67e26b922f80c1bd503ab. Provide the meaning of the
acronymns TLV and LLDP.
Change-Id: Icce3eb5519dfcfc9b6f7e23003cf056646da6c50
To support multi-tenant networking in Ironic we need to be able to
discover not just the NICs a baremetal machine has but also the physical
connectivity to switches in the network.
This patch collects LLDP (Link Layer Discovery Protocol) data as part of
the list interfaces stage of the generic hardware manager. This
information can then be processed by the ironic inspector to populate
the local link information on each ironic port.
The processing done on this data in ironic python agent is limited, this
is to allow for server side processing hooks to process as much or as
little of the data as they want. This is to allow for multi-vendor
environments that might use different parts of the LLDP packet to use a
generic ramdisk and configure the processing server side using inspector
plugins.
Reserved fields switch_port_descr and switch_chassis_descr have been
deprecated for removal in Ocata in favor of passing the whole packet.
Change-Id: Idae9b1ede1797029da1bd521501b121957ca1f1a
Partial-Bug: #1526403
https://review.openstack.org/#/c/320295/ introduced two internal
variables: _DISK_WAIT_ATTEMPTS and _DISK_WAIT_DELAY. These values are
hardcoded. This patch adds configuration options for these so
that an operator can change them based on their own needs/fleet of
hardware.
Change-Id: I2ba97669ec710fb4a435307466cd8add9c2293ba
Closes-Bug: #1585663
