This change adds idrac hardware type support of a BIOS interface
implementation that utilizes the Redfish out-of-band (OOB) management
protocol and is compatible with the integrated Dell Remote Access
Controller (iDRAC) baseboard management controller (BMC). It is named
'idrac-redfish'.
The idrac hardware type declares support for that new interface
implementation, in addition to all BIOS interface implementations it has
been supporting. The highest priority BIOS interface remains the same,
the one which relies on the Web Services Management (WS-Man) OOB
management protocol. The new 'idrac-redfish' immediately follows it.
Co-Authored-By: Eric Barrera <eric_barrera@dell.com>
Co-Authored-By: Richard G. Pioso <richard.pioso@dell.com>
Co-Authored-By: Mike Raineri <mraineri@gmail.com>
Story: 2008100
Task: 40803
Depends-On: https://review.opendev.org/#/c/750020/
Change-Id: Ic5a1da418dccb0f3ec92914909aacd7c339d8837
This change fixes the 'redfish' BIOS interface 'apply_configuration'
cleaning/deploy step to work with Redfish Services that must be supplied
the Distributed Management Task Force (DMTF) Redfish standard
@Redfish.SettingsApplyTime annotation [1] to specify when to apply the
requested settings, such as the Dell EMC integrated Dell Remote Acesss
Controller (iDRAC).
Such services, typically offered by baseboard management controllers
(BMC), require POST of the annotation, along with the future intended
state of the settings. Otherwise, they may never be applied.
When the annotation is not supported, it is not provided with the future
intended state of the settings.
[1] http://redfish.dmtf.org/schemas/DSP0266_1.11.0.html#settings-resource
Co-Authored-By: Eric Barrera <eric_barrera@dell.com>
Co-Authored-By: Aija Jauntēva <aija.jaunteva@dell.com>
Co-Authored-By: Mike Raineri <mraineri@gmail.com>
Story: 2008163
Task: 40913
Depends-On: https://review.opendev.org/#/c/750020/
Change-Id: I28a948f306b40c36b12e6f786e1e43a61e84a0f2
We have a check in the code that is never true for manual power
actions because of what happens in the conductor manager. Remove it.
Change-Id: I50b7b78a41188c41e4944894851f1d12684f824a
The docs and releasenotes requirements migrated to doc/requirements.txt
we need not install things from requirements.txt.
Change-Id: I2633cd68b45d27ef3c964216a7d97cd442919101
The initial release note for the node object change doesn't
provide full context, and since it has received basic testing
we should be good to go at this point.
Change-Id: Iabb09b7087c400e2d0a278cc3add79bb8b0f3f62
First, use default_boot_mode in get_boot_mode instead of BIOS.
Second, call sync_boot_mode for all ramdisk types in the PXE boot,
not only during deployment.
Change-Id: I3f13bacbdcb319c191eeb8ae93aecf8fba68f9ec
This commit addresses remaining comments on the One Button
Secure Erase clean step patch for iLO5 based Gen10 servers.
Change-Id: I606991b77dfc409a4ab0b966afdbb368fe8c2b54
Accepts the certificate from a heartbeat and stores its path in
driver_internal_info for further usage by the agent client (or
any 3rd party deploy implementations).
Similarly to agent_url, the certificate is protected from further
changes (unless the local copy does not exist) and is removed
on reboot or tear down (unless fast-tracking).
Change-Id: I81b326116e62cd86ad22b533f55d061e5ed53e96
Story: #2007214
Task: #40603
In pxe_utils.py/create_pxe_config function, mac pxe configs will always
be created, so when we clear pxe configs, no matter whether the ip
address is None or not, we need to clear them.
Change-Id: I5cee9c4465630b162baf911ef9efef5f471671c0
Signed-off-by: Armstrong Liu <vpbvmw651078@gmail.com>
As part of the plan to deprecate the iSCSI deploy interface, changing
this option to a value that will work out-of-box for more deployments.
The standalone CI jobs are switched to http as well, the rest of jobs
are left with swift. The explicit indirect jobs are removed.
Change-Id: Idc56a70478dfe65e9b936006a5355d6b96e536e1
Story: #2008114
Task: #40831
While validating and downloading image references, allow HttpImageService
to use config parameters to enable/disable TLS verification and to use custom
certificates on the secured connections.
Change-Id: I5f308271004a24203ecbbc1718ba9070ed65b960
Story: #2007939
Task: #40404
This patch adds few of the security dashboard parameters
to iLO capabilities. It adds :
- overall_security_status
- last_firmware_scan_result
- security_override_switch
Story: 2008024
Task: 40678
Change-Id: I7ef2ce1a20fbc1b258fce0f8ebd53661b24e66ff
Removes the deprecated support for token-less agents which
better secures the ironic-python-agent<->ironic interactions
to help ensure heartbeat operations are coming from the same
node which originally checked-in with the Ironic and that
commands coming to an agent are originating from the same
ironic deployment which the agent checked-in with to begin
with.
Story: 2007025
Task: 40814
Change-Id: Id7a3f402285c654bc4665dcd45bd0730128bf9b0
This commit adds functionality to perform out-of-band one button
secure erase for iLO5 based HPE Proliant servers. Using this a
user can securely erase the whole system. It includes deleting
any deployment settings profiles, all licenses, Active Health
System (AHS) and warranty data stored there, reseting BIOS and
erasing supported non-volatile storage data.
Change-Id: I2f46a67580e8a607a91a3f6660feb85ed1827dc8
Story: #2007964
Task: #40458
The clean error only logged when tear down cleaning is also failed,
otherwise it just goes to last_error and easily gets overwritten.
Change-Id: Ib9fa060432b2a7a68101218136c49272c8271e24
Turns out we had the wrong RFC number noted for dhcpv6 options.
I'm guessing I accidently hit 8 instead of 9 when typing it out
originally.
Change-Id: I8c09a060b31bf4710b11565a9e798a67fa0f7cb3