Split ramdisk deploy information away from other deploy interfaces,
since it's so different from the other interfaces (and to highlight
it in the top-level index).
Change-Id: Id3a5d71141451a45e89ffdba903966bb7da84d55
Per discussions with stendulker, the Edgeline servers are not
recognized by proliantutils which means they are not handled
properly and the wrong devices can be set/selected for setting
the next boot device. This is largely because proliantutils
thinks Edgeline hardware is 8th generation instead of 10th
generation hardware.
Since the docs explicitly state Proliant line of rackmount
servers, it seems logical to clarify the Edgeline servers
as it is a different line of servers with a different
market focus.
Change-Id: I75062be1799ea5dd906e675d1b53c10d4f23ce3a
This commit addresses remaining comments on the One Button
Secure Erase clean step patch for iLO5 based Gen10 servers.
Change-Id: I606991b77dfc409a4ab0b966afdbb368fe8c2b54
Accepts the certificate from a heartbeat and stores its path in
driver_internal_info for further usage by the agent client (or
any 3rd party deploy implementations).
Similarly to agent_url, the certificate is protected from further
changes (unless the local copy does not exist) and is removed
on reboot or tear down (unless fast-tracking).
Change-Id: I81b326116e62cd86ad22b533f55d061e5ed53e96
Story: #2007214
Task: #40603
This patch adds few of the security dashboard parameters
to iLO capabilities. It adds :
- overall_security_status
- last_firmware_scan_result
- security_override_switch
Story: 2008024
Task: 40678
Change-Id: I7ef2ce1a20fbc1b258fce0f8ebd53661b24e66ff
Removes the deprecated support for token-less agents which
better secures the ironic-python-agent<->ironic interactions
to help ensure heartbeat operations are coming from the same
node which originally checked-in with the Ironic and that
commands coming to an agent are originating from the same
ironic deployment which the agent checked-in with to begin
with.
Story: 2007025
Task: 40814
Change-Id: Id7a3f402285c654bc4665dcd45bd0730128bf9b0
Please consider providing lolcat gifs to the fund to help
ironic developers recover from the headaches of iPXE + LACP.
In all seriousness, we needed to document this headache and it
does so at a fairly high level so we are not shaming anything
specifically.
Change-Id: Ic792697a0574e45723c8076002aa802ad22b3d54
This commit adds functionality to perform out-of-band one button
secure erase for iLO5 based HPE Proliant servers. Using this a
user can securely erase the whole system. It includes deleting
any deployment settings profiles, all licenses, Active Health
System (AHS) and warranty data stored there, reseting BIOS and
erasing supported non-volatile storage data.
Change-Id: I2f46a67580e8a607a91a3f6660feb85ed1827dc8
Story: #2007964
Task: #40458
Describes virtual media based L3/DHCP-less ramdisk booting in the
`redfish` hardware type documentation.
Added warning to the deploy-ramdisk docs since the images
we publish will not work.
Co-Authored: Iury Gregory Melo Ferreira <iurygregory@gmail.com>
Change-Id: If9ead46db30ce519f128550f1071a1f01f7a5ccf
Story: 2006691
Task: 37073
Allows certain flexibility when it comes to low RAM vs high RAM nodes,
and large vs small images. Also deploy_interface is settable per node,
so this feature makes it easier to migrate from the iscsi deploy.
Story: #2008075
Task: #40766
Change-Id: Idf3bbc6d24042ce1d9a895095b5cb0979dd3183d
For low RAM nodes we need a way to convert even http:// images to raw
and serve them locally. Add a new image_download_source value "local"
that works the same as "http" but also affects http:// images.
Change-Id: I8da968ccfad6e7a508e9b763b9e3f96007438b6a
Story: #2008075
Task: #40765
Implemented via the same mechanism as for image_download_source=http.
Forcing raw format (and thus streaming) is supported as well.
Since we always re-calculate checksums for such images, the requirement
on providing them via the API is lifted.
Change-Id: Ife385c3b363c28559c90e5a54e9c6f6807d207ff
Story: #2008075
Task: #40764
This updates the notifications documentation so that the
node information in the sample node-related notifications
reflect the latest versions of the notification payloads.
Which includes the driver_internal_info recently added to
version 1.16 of NodeSetProvisionStatePayload.
Change-Id: I87fb443ff393a2a58f9d19a9011df062f85af3af
Story: #2008054
Task: #40771
This patch removes the dependency from ironicclient to
communicate with neutron in favor of openstacksdk.
Also:
* Use import keystoneauth1.loading as ks_loading accross
the project.
* Refactor to have one 'get_client' function, removing the
'_get_config_client' method. Setting config_client=True
when calling 'get_client' returns a client using auth
options values from conf parameters.
Depends-On: https://review.opendev.org/735601
Change-Id: Ib6c0fa2acfc33deb9c5b36ae724d5d8304d1dd29
It's very confusing that we use username/password everywhere, except
for [json_rpc]. Just use the standard options.
Also the version if keystoneauth is bumpted to one that supports
http_basic.
Change-Id: Icc834c3f8febd45c2548314ee00b85a7f9cebd2c
Based on latest changes [1] in the releases project that changed the
behavior of list_unreleased_changes.
[1] 4912f7d5d0
Change-Id: If5fd848bf3fddeb1ae66dc9aafa882588b83f41a
To prevent the administrator guide from growing too long, split
away advanced topics (i.e. stuff we don't expect most of admins
to read, use or understand).
Story: #2007771
Task: #40382
Change-Id: Ia3e3178692c96aaebdd4479e865a56fbe63c820a
