Commit Graph

11569 Commits

Author SHA1 Message Date
Zuul
183325d464 Merge "[doc] Cross-reference the updated power sync docs from tuning" 2021-08-25 06:46:19 +00:00
Dmitry Tantsur
7748b154b0 Silence debug logging from oslo_policy
While it's not entirely useless, it's extremely verbose and account
for 2/3 of ironic-api logs even when keystone is disabled.

Change-Id: I991d2af7eb6987830a5fa449026f43ac7a09fcff
2021-08-24 20:01:19 +02:00
Arne Wiebalck
e52a13cca9 [doc] Cross-reference the updated power sync docs from tuning
Change-Id: I44f92d329e1bd6fdba2ed038ee94753aeb349659
2021-08-24 15:26:08 +02:00
Zuul
067b0a2716 Merge "Add api endpoints for changing boot_mode and secure_boot state" 2021-08-24 09:49:56 +00:00
Cenne
bc95c92f7c Add api endpoints for changing boot_mode and secure_boot state
Done:
  - Node API endpoints expose
  - RPC methods
  - Conductor Manager methods
  - Conductor utils new methods
  - RBAC new policies
  - Node API tests
  - Manager Tests (+ some testing for utils methods)
  - RBAC tests
  - Docs (api-ref)
  - REST API version history
  - Releasenotes

Story: 2008567
Task: 41709

Change-Id: I2d72389edf546b99c536c6b130ca85ababf80591
2021-08-23 19:38:58 +02:00
Zuul
495c0b88bd Merge "[doc] Update power sync documentation" 2021-08-23 15:07:36 +00:00
Zuul
9f32ceda1a Merge "rfc3986: Replace deprecated URIReference.is_valid" 2021-08-23 10:58:37 +00:00
Takashi Kajinami
197e07d3de rfc3986: Replace deprecated URIReference.is_valid
The URIReference.is_valid method has been deprecated since rfc3986
1.1.0[1] and triggers the following deprecation warning.

DeprecationWarning: Please use rfc3986.validators.Validator instead.
This method will be eventually removed.

[1] https://github.com/python-hyper/rfc3986/commit/fd19bd90

Change-Id: I256e42b8aa736b278bab6b4aa145a859aca10e17
2021-08-21 01:49:26 +09:00
Arne Wiebalck
28b97db915 [doc] Update power sync documentation
Add some notes on potential UDP packet loss during conductor/BMC
power sync with IPMI, the corresponding increase in retries and
how to mitigate.

Change-Id: I4bc9a8f6f7f4da7f719a65f76ae97b1244701ee9
2021-08-20 15:27:43 +02:00
Vanou Ishii
1c3e20d859 Make curl in DevStack Bypass Proxy
This commit modifies curl option in wait_for_nova_resources to
bypass proxy with --noproxy option. Without this option, if you run
DevStack behind proxy, curl command fails with timeout &
wait_for_nova_resources also fails.
Because curl only accesses Placement service API, this modification
should be fair.

Change-Id: I5524a76594bb784f59be4d4e3970f72d4497891b
2021-08-11 15:19:30 +09:00
Zuul
b77a76dd63 Merge "Enable priority overrides to enable/disable steps" 2021-08-10 23:49:06 +00:00
Arne Wiebalck
e55502e0f1 [Trivial] Fix typo in burn-in docs
Change-Id: I87c645c24bbcdb903ebcee17ef05b382ad7e2d50
2021-08-10 14:20:51 +02:00
Jacob Anders
71481ac483 Enable priority overrides to enable/disable steps
Generic way to configure clean step priorites feature
( https://review.opendev.org/c/openstack/ironic/+/744117 ) enabled support
for customising clean step priorities for any clean step by setting a
configuration option. However, due to an error in code, it was not possible
to use this feature to enable/disable steps entirely using this option
as overrides were applied too late, after the disabled steps were already
filtered out.

This change fixes this error, making it possible to use step priority
override configuration option to enable/disable steps as required.

Story: 2009105
Change-Id: If3c01e6e4e8cedfe053e78fab9632bfff3682b06
2021-08-10 09:45:05 +10:00
Zuul
8434b56766 Merge "Fix subscription vendor passthru" 2021-08-06 09:58:26 +00:00
Dmitry Tantsur
528eb9e4a9 Retry stdlib ssl.SSLError
Apparently, connection to the agent can fail with

    Unexpected error when processing next clean step.
    SSLError: ('timed out',): ssl.SSLError: ('timed out',)

This change adds SSLError to retriable errors since most of them are
related to temporary conditions, and the certificate validation failure
is handled by requests separately.

Change-Id: I4805d410b4bc98196e77d8c44a217e363dc88f0a
2021-08-05 16:17:03 +02:00
Iury Gregory Melo Ferreira
a8bbfae5aa Fix subscription vendor passthru
* Instead of specifying the fields we want to oomit from create/get
subscription, now we are specifying the fields we want to be returned
(This will avoid problems when vendors are using different versions)

* When validating create_subscription are requiring that Context and
Protocol are present, use the default value from Redfish in case
they are not present in the Body request.

* When trying to delete a subscription that doesn't exist Ironic
returns 500 (default code from IronicException), this commit updates
the code to 404 to show that the subscription doesn't exist.

Change-Id: I81907be1ebc293118f5ffde4fd4d0485ade390df
2021-08-05 15:16:42 +02:00
Zuul
512364df9d Merge "Add lower-constraints job to current development branch" 2021-08-04 09:12:23 +00:00
Dmitry Tantsur
294046befa Use shim-signed on Ubuntu, shim is empty now
Also fix the documentation to use the correct paths and versions.

Change-Id: I7f004d40c1b8c617f9a456216df091e44d69693f
2021-08-03 13:07:22 +02:00
Riccardo Pittau
e5d35ba65c Add lower-constraints job to current development branch
The lower-constraints test was removed becuase of an issue where pip
could not correctly determine the required packages versions to install,
ending in an almost infinite loop that would end up in timeout, failure,
and general mayhem.
Recently the issue has been fixed and, if properly configured, the
lower-constraints test can provide good indication of which minimum
versions are required to support the current code.
This patch adds the test back to the current development branch.
The long term goal is to keep the lower-constraints file in the stable
branches, but remove the test job to avoid issues during backports.

Change-Id: I5fff32ec5dd1a045116bcf02349650b1f5e3a196
2021-07-30 14:20:28 +02:00
Zuul
b39989f50e Merge "ci-workarounds/get_extra_logging.yaml : avoid grep failure" 2021-07-29 15:55:20 +00:00
Ian Wienand
22b4f74690 ci-workarounds/get_extra_logging.yaml : avoid grep failure
If this grep doesn't match, the task returns a failure and it causes
the job to abort with POST_FAILURE.  I think more info is generally
helpful and you can always grep "netstat" on the file manually; thus
remove the grep to avoid suprious failure.

Change-Id: I189a0a8be25cb12e946d8ac58667b287f9698064
2021-07-29 16:39:19 +10:00
Riccardo Pittau
7aec74d4e6 Increase version of hacking and pycodestyle
Fix errors in unit tests

Change-Id: Ib5a75fc5e5b6b5661d36e3a27796c3c02ed90056
2021-07-28 11:33:15 +02:00
Zuul
652a161f9a Merge "Fix regression in ramdisk deploy kernel parameters" 2021-07-27 19:07:02 +00:00
Cenne
b03ff30f93 Fixes missing argument for log format string
Story: 2008567
Change-Id: Id5bcfad5cd4514dd710232d75fbd729856f16b17
2021-07-27 11:49:19 +02:00
Zuul
24468818e2 Merge "Minor updates to anaconda doc" 2021-07-27 08:49:53 +00:00
Dmitry Tantsur
171474d69a Fix regression in ramdisk deploy kernel parameters
After commit d7a5b3469c the custom kernel
parameters are not used in cleaning/inspection. This patch fixes it.

Change-Id: Ic017cc0f3aebd4858a1a6e3326e5cf0fc0888d24
2021-07-27 10:43:41 +02:00
Ruby Loo
c46ae1af42 Minor updates to anaconda doc
Some minor grammatical clean ups, clarifications in the
anaconda deploy interface documentation.

Change-Id: Ieeb427321c971fc6f59cb4a41d9630c687f5534f
2021-07-26 15:23:41 +00:00
Zuul
8d9bf692ec Merge "Document making bugfix releases and branches" 2021-07-26 01:44:27 +00:00
Dmitry Tantsur
59b4fb8dc1 Expand the IPMI documentation
Explaing which cipher suites must be used and how to pre-configure the
BMC. Also explain the privilege levels.

Change-Id: I93845ac9dd068b0ddb52693afe4993804857e5ea
2021-07-23 14:31:12 +02:00
Dmitry Tantsur
1e041bea3b Document making bugfix releases and branches
Change-Id: Id87da43caa33ee5f5e547497599b1f358a22b4ae
2021-07-22 18:16:35 +02:00
Zuul
f27ea44afc Merge "Update vendor_passthru subscriptions releasenote" 2021-07-22 08:14:50 +00:00
Zuul
51913a230c Merge "Add vendor_passthru method for subscriptions" 2021-07-22 07:46:22 +00:00
Iury Gregory Melo Ferreira
a2417571be Update vendor_passthru subscriptions releasenote
This is a follow-up to I5b7fa99b0ee64ccdc0f62d9686df655082db3665

Change-Id: Ib1145f9d34ad53966c2f4b24981316d4a8763340
2021-07-22 08:17:50 +02:00
Riccardo Pittau
f095a94787 Prepare 18.1 and clean up release notes
Change-Id: I8f33eefdce7a60fa8e48225ec20a801b3d1222f0
2021-07-21 19:19:43 +02:00
Zuul
c71583fc8a Merge "Scoped RBAC Devstack Plugin support" 2021-07-21 11:27:17 +00:00
Iury Gregory Melo Ferreira
4bc5142df2 Add vendor_passthru method for subscriptions
This patch adds two new vendor_passthru methods for Redfish:
- create_subscription (create a sbuscription)
- delete_subscription (delete a subscription)
- get_all_subscriptions (get all subscriptions on the node)
- get_subscription (get a single subscription)

Unit Tests in test_utils split into multiple classes to avoid random
failures due to cache.

Tested in bifrost env using two different HW:
- HPE EL8000 e910
- Dell R640

Story: #2009061
Task: #42854
Change-Id: I5b7fa99b0ee64ccdc0f62d9686df655082db3665
2021-07-21 10:27:32 +02:00
Zuul
103e34f5a8 Merge "Set glance limit for baremetal friendly images" 2021-07-20 13:48:03 +00:00
Zuul
59563e9581 Merge "Fix handling driver_info[agent_verify_ca] == False" 2021-07-20 08:25:42 +00:00
Julia Kreger
b5872c9032 Set glance limit for baremetal friendly images
The devstack default limit enforcement for glance defaults
to 1GB, and unfortunately this is too small for many to use
larger images such as centos which includes hardware firmware
images for execution on baremetal where drivers need the vendor
blobs in order to load/run.

Sets ironic-base to 5GB, and updates examples accordingly.

Depends-On: https://review.opendev.org/c/openstack/devstack/+/801309
Change-Id: I41294eb571d07a270a69e5b816cdbad530749a94
2021-07-19 10:32:43 -07:00
Zuul
41a10cffce Merge "Burn-in: Add documentation" 2021-07-19 15:04:01 +00:00
Zuul
33842cda0d Merge "Add a section to redfish doc for BIOS registry fields" 2021-07-19 10:17:54 +00:00
Julia Kreger
2cd6468346 Scoped RBAC Devstack Plugin support
Adds support to the ironic devstack plugin to configure
ironic to be used in a scope-enforcing mode in line with
the Secure RBAC effort. This change also defines two new
integration jobs *and* changes one of the existing
integration.

In these cases, we're testing functional crub interactions,
integration with nova, and integration with ironic-inspector.

As other services come online with their plugins and
devstack code being able to set the appropriate scope
enforcement configuration, we will be able to change the
overall operating default for all of ironic's jobs and
exclude the differences.

This effort identified issues in ironic-tempest-plugin,
tempest, devstack, and required plugin support in
ironic-inspector as well, and is ultimately required
to ensure we do not break the Secure RBAC.

Luckilly, it all works.

Change-Id: Ic40e47cb11a6b6e9915efcb12e7912861f25cae7
2021-07-15 21:58:31 +00:00
Arne Wiebalck
e488792ccc Burn-in: Add documentation
Add documentation for the CPU, memory, disk, and network burn-in
cleaning steps to the admin guide.

Change-Id: Ide8061f96eeb303490f06ebf31d2f2e6be93d0d1
2021-07-14 17:51:11 +02:00
Zuul
7b42258ab9 Merge "Fix Redfish RAID interface_type physical disk hint" 2021-07-14 15:31:11 +00:00
Bob Fournier
58ca01c22a Add a section to redfish doc for BIOS registry fields
Move the descriptions of the BIOS registry fields in the API to
a new section in the Redfish documentation.

Change-Id: Ifedb4526113bb84ccc598e13f5767b71a60f5532
2021-07-13 21:56:57 -04:00
Zuul
cf14413bf7 Merge "Sanity check object version changes" 2021-07-13 22:46:16 +00:00
Zuul
420940127d Merge "Fix iPXE docs: snponly is not always available" 2021-07-13 21:52:32 +00:00
Dmitry Tantsur
3199d289bd Fix iPXE docs: snponly is not always available
Actually, it's only available on RHEL/CentOS 8, but I hope the other
distributions will catch up.

Change-Id: I53314b8f16fd7b965c58370e33ab83501e7cb067
2021-07-13 14:43:07 +02:00
Riccardo Pittau
06124bae73 Update requirements
Update minimum required versions of python packages.
The updates is based on crosscheck requirements from required
packages:
oslo-log 4.3.0 depends on oslo.context>=2.20.0
oslo-config 6.8.0 depends on rfc3986>=1.2.0
oslo-config 6.8.0 depends on requests>=2.18.0
oslo-log 4.3.0 depends on pbr>=3.1.1
oslo-log 4.3.0 depends on oslo.serialization>=2.25.0
oslo-policy 3.7.0 depends on oslo.context>=2.22.0

Also update minimum versions of ddt and stestr to avoid compatibility
issues with recent Python versions (3.8 and higher).

Change-Id: I34b558f4e7b93618130af1ba2250f6ab8575d4d6
2021-07-13 14:37:28 +02:00
Dmitry Tantsur
e503048f09 Sanity check object version changes
Make sure there are no gaps in release and object versions.

Change-Id: Ib177a10ee5cc208494a331b0d080ad40c4a09aae
2021-07-13 14:05:56 +02:00