To make tags consistent with traits, change db.api.node_tag_exists()
to raise a NodeNotFound exception if the node doesn't exist.
This is a follow up to bbff319f02.
Change-Id: Id0ddf448d97b5ac22ef5dc27154a1b229514a968
Partial-Bug:#1526266
Adds a NodeTrait model to the DB and DBAPI methods for the following:
* Set/unset node traits
* Get node traits
* Add/remove a single trait
* Check for existence of a node trait
All node traits are deleted when their owner node is deleted. Traits
cannot be specified on node creation currently.
Change-Id: I8b375a33dcb94d2cc73eaa93a5cc5aed86c27178
Partial-Bug: #1722194
On whole disk images a root partition is already created and populated, so
validating its size makes no sense. We don't do it for direct deploy.
Change-Id: I7a4114979afb310aeb77f99fbcf09ef7c54862d6
Closes-Bug: #1742451
This commit adds `rescue` interface to `BaseDriver` and implements
it for `fake-hardware` hardware type. It adds configuration
parameters '[DEFAULT]/enabled_rescue_interfaces' and
'[DEFAULT]/default_rescue_interface'. The default value of
configuration parameter '[DEFAULT]/enabled_rescue_interfaces' is
`no-rescue`.
It adds new rescue states and a new 'rescue' field to the Node
object. It adds objects.node.Node._convert_to_version().
The method handles converting the new rescue_interface field
between different versions of the Node.
Partial-bug: #1526449
Co-Authored-By: Jay Faulkner <jay@jvf.cc>
Co-Authored-By: Josh Gachnang <josh@pcsforeducation.com>
Co-Authored-By: Jesse J. Cook <jesse.j.cook@member.fsf.org>
Co-Authored-By: Mario Villaplana <mario.villaplana@gmail.com>
Co-Authored-By: Aparna <aparnavtce@gmail.com>
Co-Authored-By: Shivanand Tendulker <stendulker@gmail.com>
Change-Id: I1534247bf207a20a7a58534988192aef392eaff2
In a homogeneous hardware deployment that uses the same ramdisk for all
nodes, and possibly the same playbooks for actions with ansible deploy
interface, it is benefitial to make defaults of various `ansible_`
driver_info fields to be configurable via ironic configuration file
to simplify node enrollment.
This patch also deprecates `ansible_deploy_username` and
`ansible_deploy_key_file` options in node's driver_info in favor of
`ansible_username` and `ansible_key_file` respectively.
Change-Id: Ib198c07c1d414c0d78950e5d98a5176e12a7df13
Closes-Bug: #1736409
Instead of using stevedore NameDispatchExtensionManager and filter the
enabled drivers, use NamedExtensionManager with the list of enabled
names. That has the benefit of not loading the drivers we don't want.
Change-Id: I492a140f22f52a3ddc52b83a774efc8c17e68c20
Closes-Bug: #1738411
deprecates the following options in [neutron] section:
- url
- url_timeout
- auth_strategy
Changes some internal networking-related functions/methods
to accept a request context as optional keyword argument (defaults to
None).
This allows to pass a global request id to neutron client and
in future will simplify creating a user auth plugin from request
context.
For backward compatibility, when calling those functions/methods
without a request context, a dummy request context will be generated
automatically.
Change-Id: Ib327c7a141cfbca63b870027ad8e901c0f48bb2d
Partial-Bug: #1699547
This removes the method ironic.common.policy.enforce(). It was
deprecated in the Newton cycle and had been slated for removal
in Pike.
The deprecation happened in c7da7a6925.
Change-Id: I540e88c49c792e39481123e7bf4f204fcd86da0b
In many cases, including devstack and TripleO, the swift account to use
is based on the project_id of the 'service' project, so it makes sense
to use it as a default.
Similarly, the temporary URL key can be fetches from Swift, using HEAD
on the account used to access it.
In both cases it is assumed that the same project is used by Ironic
and Glance to access Swift. Explicit values have to be provided
otherwise.
Finally, the endpoint URL can be fetched from the service catalog. Care
is taken to strip the /v1/AUTH_<tenant ID> suffix.
Closes-Bug: #1737714
Change-Id: I701899928f0f780939f17aabc59eb90593ba95f0
This patch enables receiving agent_version as part of heartbeat, and
stores this information on driver_internal_info. This is so that Ironic
can dynamically adjust which features and parameters it uses based on
which version of the agent is being used.
Change-Id: I400adba5d908b657751a83971811e8586f46c673
Partial-Bug: #1602265
This may cause troubles as some config options may not be
registered yet on the import of dbsync module. Accessing
dbapi attributes, which is lazy-loaded, will force the
object to initialize, and it may fail at such an early
stage.
Change-Id: I3b37498325a191f7c42b3b856b1b2cf326d57492
in the change I52f1386df45ebe0a43b11fe1583e012dfa3af532
we lost most of swiftclient options in a belief that those are handled
by the keystoneauth session passed to the swiftclient.
In fact though, swiftclient only uses this session to get itself an
endpoint and a token, but it has no SessionClient, and does not use that
passed in session to make further requests to swift itself.
This patch restores all the logic that we had to decompose the session
object loaded from config to options that are passed to swiftclient
explicitly.
Change-Id: I08f382aa9d2ad22f7dbd65f7b54a8dd0a765ba44
Partial-Bug: #1699547
Closes-Bug: #1736158
During a rolling upgrade, when the new services are pinned to the
old release, the API version will also be pinned to the old release.
This will prevent users from accessing new features that may not quite
work.
The .sample was updated to reflect the change to the help string for
the [DEFAULT]/pin_release_version configuration option. The update also
pulled in changes for other options, from other (non-ironic) libraries.
Change-Id: I38a0f106b589945fb62071f3dfe5bff43c6fee93
Partial-Bug: #1708549
If no resource class is provided in a creation request, the value of
the new ``default_resource_class`` configuration option is used.
While this feature is implemented on the API level, it's not a part of
the API contract, so it's not covered by a microversion. It's particularly
important, because it allows this change to apply even to requests
using an old API version, thus making these versions usable after
the mandatory switch to resource classes in nova.
Change-Id: I58232d9c92d6ffca49d334e5fb7078bce19f1cb4
Closes-Bug: #1732190
The agent deploy mixin tries to collect logs from the deployment ramdisk
after powering off a node. This is clearly not going to work, as it
requires a call to the IPA API.
This change avoids collecting logs from the ramdisk in failure scenarios
where the node is powered off.
Change-Id: I353e73e3612ece893276c683ce469f8561e9ebf9
Closes-Bug: #1732939
This update enhances iRMC out-of-band hardware inspection for
FUJITSU PRIMERGY bare metal nodes having iRMC S4 and beyond.
The capabilities are server_model, rom_firmware_version,
pci_gpu_devices, trusted_boot and irmc_firmware_version.
Co-authored-By: Nguyen Van Trung <trungnv@vn.fujitsu.com>
Change-Id: I1958e18a5b9d933e2aa405b200bac7717f146611
Closes-Bug: #1637422
Inspector-client is a bit lacking behind other clients, as it does not
have Adapter-based SessionClient and thus does not support all
adapter-related options.
That's why we construct a session and an adapter from config section,
use adapter to resolve inspector API from service catalog
(or return the fixed endpoint_override one)
and then pass the session and inspector API endpoint to client.
This patch also deprecates `[inspector]service_url` in favor of
`[inspector]endpoint_override`.
As a side-effect, addressig inspector service now supports both regions
and interfaces to specify entry in service catalog.
Also, inspectorclient calls are now being made with the user token
(wrapped with a service token) when there is a token in the task's
request context.
Change-Id: I21836e712fa9764468ac2654525554b5b4f03741
Partial-Bug: #1699547
this patch changes the way glance client is instantiated, using
keystoneauth sessions and adapters.
In order to support glance API endpoint discovery from keystone catalog
and more unified way of client loading,
many options in `[glance]` config sections are deprecated,
mostly those that specified a (set of) glance API endpoint(s)
or parts of glance API address.
Instead, a single option `[glance]endpoint_override` must be used when
required to access a specific (possibly load-balanced)
glance API endpoint without discovering it from keystone catalog.
Another set of deprecated options are those that are duplicating
keystoneauth session options in [glance] section.
Also, intrinsic support for parsing the glance API URL from image ref
set to the full glance REST path to the image is removed as it was not
working any way since an 'http(s)://' image ref is not treated
as a glance image.
Change-Id: I6a93b71ac097e951dfc93fd1ee4d7ef483514f2c
Partial-Bug: #1699547
Closes-Bug: #1699542
Previously, provisioning network ports were only deleted during a
successful deployment, when the node's network is flipped from the
provisioning network to the tenant network. In many failure scenarios
this code path would not be reached, as well as the case of aborting
deployment. This is not normally an issue, because during instance
termination, nova deletes all ports with a device ID matching the
instance's UUID, including any remaining provisioning ports.
This change removes the provisioning network ports when tearing down a
node to ensure that they are deleted in all scenarios.
Change-Id: I5656802ee04b44247f4a81bb311b5e306a737a4e
Closes-Bug: #1732412
Related-Bug: #1607394
Vendor interfaces must not be mandatory. Missing no-vendor implementation
means that we require operators to enable the idrac vendor interface when
the idrac hardware type is enabled.
Change-Id: I6768a37bc268e367eaf93b12660a80d31eeca0c0
Closes-Bug: #1732166
Currently the status code returned by IPA's POST /v1/commands API is
completely ignored by Ironic. This causes deploys to get stuck, as
future heartbeats will see that the command has not yet been accepted
and will continue to wait.
If IPA returns an error code to Ironic's agent client, we should bubble
that exception up, causing a deploy failure higher in the chain.
This adds an AgentAPIError exception class, and raises it when the agent
returns a 400 status code or higher when issuing a command.
Co-Authored-By: Jay Faulkner <jay@jvf.cc>
Related-bug: 1542506
Change-Id: I07fb8115d254e877d8781207eaec203e3fdf8ad6
Reverting these changes because python-hpOneView does not provide HTTPS
secure connection with custom CAcert and could cause a possible security issue.
This reverts commit 3a5288a9ad.
Change-Id: I04d8435627873380bced7dc31f7469cdeb4bed12
Reverting these changes because python-hpOneView does not provide HTTPS
secure connection with custom CAcert and could cause a possible security issue.
This reverts commit 0ed998dfc8.
Change-Id: I8b7f767c2bda8f3d57881ef61466e5d73c898970
Ruby Loo