We are stoked to announce the release of:
ironic 16.1.0: OpenStack Bare Metal Provisioning
This release is part of the wallaby release series.
The source is available from:
https://opendev.org/openstack/ironic
Download the package from:
https://tarballs.openstack.org/ironic/
Please report issues through:
https://storyboard.openstack.org/#!/project/943
For more details, please see below.
16.1.0 ^^^^^^
New Features ************
* Allows disabling automated cleaning per node if it is enabled globally. An existing "automated_clean" field will allow disabling of automated cleaning on the node object. A new "baremetal:node:disable_cleaning" policy is added which defaults to "baremetal:node:update".
* Retrieves BIOS configuration settings when moving a node to "manageable". This allows the settings to be used when choosing which node to deploy. For more details, see story 2008326 (https://storyboard.openstack.org/#!/story/2008326).
* When deploying a node with software RAID with an image not from Glance, the new "instance_info" field "image_rootfs_uuid" can be used to specify the UUID of the root partition to install the bootloader on.
* The ramdisk log file name now contains the node name when it is set.
* Provides a new vendor passthru method for Redfish to eject a virtual_media device. A specific device can be given (either "cd", "dvd", "floppy", or "usb"), or if no device is provided then all attached devices will be ejected.
* A new option "[agent]api_ca_file" allows passing a CA file to the ramdisk when "redfish-virtual-media" boot is used. Requires ironic- python-agent from the Wallaby cycle.
Known Issues ************
* Building ramdisks for DHCP-less deploy using the "simple-init" element is known not to work for distributions using NetworkManager. The "debian-minimal" element seems to work.
* When "redfish-virtual-media" is used, fast-track mode will not work as expected, nodes will be rebooted between operations.
Upgrade Notes *************
* The default value of "[api]api_workers" is now limited to 4. Set it explicitly if you need a higher value.
* An automated detection of a IPMI BMC hardware vendor has been added to appropriately handle IPMI BMC variations. Ironic will now query this and save this value if not already set in order to avoid querying for every single operation. Operators upgrading should expect an elongated first power state synchronization if for nodes with the "ipmi" hardware type.
* The "agent" RAID interface now removes any root device hint after the RAID configuration is successfully deleted.
Bug Fixes *********
* No longer launches too many API workers on systems with a lot of CPU cores by default.
* Fixes the logic which determines the partition table type to utilize with partition images account for the boot mode of the machine. If no value is set by the API user, Ironic now correctly defaults to GPT if the node has been set in UEFI mode.
* It is no longer possible to set a port's "physical_network" to an empty string, making the port unusable.
* Fixes recognition of a busy agent to also handle recognition during deployment steps by more uniformly detecting and identifying when the "ironic-python-agent" service is busy.
* Fixes inspection with the "idrac-redfish-virtual-media" boot interface.
* Correctly handles the node's custom network data when the "noop" network interface is used. Previously it was ignored.
* Fixes incorrect injected network data location when using virtual media.
* Fixes "redfish" BIOS "apply_configuration" clean and deploy step to fail correctly in case of error when checking if BIOS updates are successfully applied. Before the fix when BIOS updates were unsuccessful, then node cleaning or deploying failed with timeout instead of actual error in clean or deploy step.
* Fixes "idrac-wsman" RAID "create_configuration" clean step, "apply_configuration" deploy step and "delete_configuration" clean and deploy step to fail correctly in case of error when checking completed jobs. Before the fix when RAID job failed, then node cleaning or deploying failed with timeout instead of actual error in clean or deploy step.
* Fixes issues when "UEFI" boot mode has been requested with persistent boot to "DISK" where some versions of "ipmitool" do not properly handle multiple options being set at the same time. While some of this logic was addressed in upstream ipmitool (https://github.com/ipmitool/ipmitool/issues/163) development, new versions are not released and vendors maintain downstream forks of the ipmitool utility. When considering vendor specific selector differences (https://storyboard.openstack.org/#!/story/2008241) along with the current stance of new versions from the upstream "ipmitool" community, it only made sense to handle this logic with- in Ironic. In part this was because if already set the selector value would not be updated. Now ironic always transmits the selector value for "UEFI".
* Fixes handling of Supermicro "UEFI" supporting BMCs with the "ipmi" hardware type such that an appropriate boot device selector value is sent to the remote BMC to indicate boot from local storage. This is available for both persistent and one-time boot applications. For more information, please consult story 2008241 (https://storyboard.openstack.org/#!/story/2008241).
* Fixes handling of the "ipmi" hardware type where "UEFI" boot mode and "one-time" boot to PXE has been requested. As Ironic now specifically transmits the raw commands, this setting should be properly appied where previously PXE boot operations may have previously occured in "Legacy BIOS" mode.
* Calculating the ipmitool "-N" and "-R" arguments from the configuration options "[ipmi]command_retry_timeout" and "[ipmi]min_command_interval" now takes into account the 1 second interval increment that ipmitool adds on each retry event.
Failure-path ipmitool run duration will now be just less than "command_retry_timeout" instead of much longer.
* When configured to use JSON RPC, the "[DEFAULT]host" configuration option can now be set to an IPv6 address. Previously it could only be an IPv4 address or a DNS name.
* No longer tries to pass "BOOTIF=None" as a kernel parameter when using virtual media. This could break inspection.
* Fixes the issue that when the MAC address of a port group is not set and been attached to instance, the landed bond port cannot get IP address due to inconsistent MAC address between the tenant port and the initially allocated one in the config drive.
* Fixes the issue that root device hint is not removed after the "agent" RAID interface has successfully deleted RAID configuration. The previous hint is not guranteed to be valid and may cause a deployment failure.
* Fixes cleaning with the "ramdisk" deploy interface by reusing the same procedure as for the "direct" deploy interface.
* Fixes a bug where a conductor could fail to complete a deployment if there was contention on a shared lock. This would manifest as an instance being stuck in the "deploying" state, though the node had in fact started or even completed its final boot.
* After changing the boot device via Redfish, checks that the boot mode being reported matches what is configured and, if not, sets it to the configured value. Some BMCs change the boot mode when the device is set via Redfish, see story 2008252 (https://storyboard.openstack.org/#!/story/2008252) for details.
* Fixes wiping agent token on rebooting via API.
* Adds secure boot support to ilo-uefi-https boot interface. Secure boot support already exists for other boot interfaces but missing for this interface.
* The virtual media ISO image building process now respects the "default_boot_mode" configuration option.
* Fixes timeout in fast-track mode with "redfish-virtual-media" when running one operation after another (e.g. cleaning after inspection).
* Fixes permission issues when injecting network data into a virtual media.
* Adds timeout to HTTP image validation and downloading operations, so that the "direct" deploy does not hang when the remote server is not responsive. The default timeout is 60 seconds and can be changed via the new "webserver_connection_timeout" option.
Other Notes ***********
* Adds a "detect_vendor" management interface method to the "ipmi" hardware type. This method is being promoted as a higher level interface as the fundimental need to be able to have logic aware of the hardware vendor is necessary with vendor agnostic drivers where slight differences require slightly different behavior.
* The "configdrive" argument to some utils in "ironic.common.images" and "ironic.drivers.modules.image_utils" has been replaced with a new "inject_files" argument. The previous approach did not really work in all situations and we don't expect 3rd party drivers to use it.
Changes in ironic 16.0.0..16.1.0 --------------------------------
4cb406b8f Update outdated descripton for `default_boot_option` 443694b18 remove lower-constraints in tox 8669837ea Consistently use utils functions for policy auth 3b15d543f Document that DHCP-less deploy does work with debian-minimal ca37578a0 Include HeartbeatMixin in the ramdisk deploy 9a858ad4f Remove detect_vendor decorator 50657a87d Complete the REST API POST documentation 840488e59 Remove lower-constraints job 8b83e9ec6 Revert "devstack: build DIB images with CentOS Stream by default" a599f898d Document the current status of the DHCP-less deploy 255fac17a Rewrite DHCP-less documentation 628109f96 Inject TLS certificate when using virtual media 4e9c6184c Fix release guide and include intermediate branches 5c7158f01 Avoid a full install in tox environments that do not need it 219bf0c37 Prepare release 16.1 a7ac9ce8c IPMI: Handle vendor set boot device differences 97ceb38a7 CI: switch the multinode job to tempest-multinode-full-base acb1c6b48 Do not pin Python version in tox config bf6e28fa6 Use ddt for existing policy tests 98732623b Fix lower-constraints with the new pip resolver 05f2c8b79 devstack: build DIB images with CentOS Stream by default 8a2c715a0 Add TLS troubleshooting guide entry b7ddeb314 Support port name 475af371d Use openstack-tox for ironic-tox-unit-with-driver-libs 32ab90b3b Test patching booleans with string values a3644ebd6 Improve object_to_dict arguments 9ea414298 CI: add a non-voting bifrost-vmedia-uefi job 681940c8f Add secure boot support to ilo-uefi-https e41893c9d JSON conversion followup change ee6119e77 Allow disabling automated_clean per node bfc2ad56d Always retry locking when performing task handoff 98958cd0a Add vendor_passthru method for virtual media 89af9aef8 Make standalone jobs voting again f408d63ad Expunge the internal version of WSME 000bc72cc Convert volume/targets endpoint to plain JSON 2099c47e7 Convert volume/connectors endpoint to plain JSON 0bab4f176 Don't allow patching port internal_info d4f8d4d94 [doc][trivial] Fix spelling error ed4abbd51 Fix disk label to account for UEFI 9df407845 Minor follow-up doc change e59bbe571 Remove from_dict function from context 20886329e Update .rst files 3a8f4324d Convert volume endpoint to plain JSON ca53858db Convert ramdisk endpoint to plain JSON 989064a74 Convert portgroups endpoint to plain JSON b911acb10 Convert ports endpoint to plain JSON fc4793960 Convert nodes endpoint to plain JSON c16ed232d Convert event endpoint to plain JSON 6a906a9d8 Convert drivers endpoint to plain JSON 284e22bc0 Convert deploy_templates endpoint to plain JSON 3c128467a Convert conductors endpoint to plain JSON 4e810dc8b Convert chassis endpoint to plain JSON 541f1acb2 Convert bios endpoint to plain JSON 7b5c26c4b Convert allocations endpoint to plain JSON 236c6b174 Utility functions for REST API JSON handling 8677be53b Duplicate trait validation with jsonschema 3846965e9 Add expose body decorator, status_code argument 6ea0e8eaf New argument validate decorator 870181f3a Update `cleaning_error_handler` 1ab192bec Convert last bionic jobs to focal d48479b52 Simplify injecting network data into an ISO image 3fd513ee1 Fix incorrect network_data.json location 9b18336f7 Retrieve BIOS configuration when moving node to ``manageable`` 31f3f9fca Document how to build an ESP image for redfish-virtual-media 2e5d01d48 Fix DHCP-less operations with the noop network interface 6a48900ad Make driver documentation more prominent on the landing page fe01ddb2b Fixes the issue that instance bond port can't get IP address 2d5c7f80d Docs: a more complete example of ramdisk boot with redfish-virtual-media c9c492725 Limit the default value of [api]api_workers to 4 6f92e2b90 Enforce autospec in some api controllers modules 64df3702c Update TOX_CONSTRAINTS_FILE 23951f4b4 Fix idrac-wsman RAID step async error handling 70b7ca345 Fix redfish BIOS apply config error handling 3e5f3df91 Enforce autospec in some api controllers modules 4bc1b7702 Fix typo in ipxe_config.template 551ca9c8f Prevent timeouts when using fast-track with redfish-virtual-media 545dc2106 Handle agent still doing the prior command 2dfb3f5ec Make redfish-virtual-media respect default_boot_mode db7c0c069 devstack: log all requests to sushy-emulator 0a5fe3b40 Remove the support to create port in API 9696ec9a5 Mark standalone job non-voting/remove from gate 85b489288 json-rpc: surround IPv6 address with [] in conductor URL d5d4a9996 Changes to add exception in "default_interface()" function 2e2b07bb9 Move the multinode grenade job to the experimental pipeline 87e634dee CI: increase cleaning timeout and tie it to PXE boot timeout fece20c8a devstack: remove no longer required UEFI hacks 91d6426b0 Fixes empty physical_network is not guarded da4c583ea Add node name to ironic-conductor ramdisk log filename fe37fb6d5 Add timeout to image operations in the direct deploy 0a6862218 Allow passing rootfs_uuid for the standalone case 685131fd3 Sync boot mode when changing the boot device via Redfish 322f139e9 Revert patching _syscmd_uname e6f0adcbc Python 3.9: base64.{en,de}codestring function is removed ab77c5b17 Document by_path root device hint 7cb757d7b Change auth type to none in dev-quickstart b0b8435bf Update test requirements d5ca2ac7f Update .rst files 1de3db3b1 Fix ipmitool timing argument calculation fc2964cb7 Run bifrost integration job on focal 86bee227c Use centos as base element for dib images 7a89ddcf0 Do not pass BOOTIF=None if no BOOTIF can be guessed ade35dab2 Remove obsolete trusted boot doc 3b06feb91 Update checking reno script to use python3 6a34d4782 Remove root device hint after delete_configuration 2261302ed Log the ports we bind in flat acdf1dc77 Updates ironic documentation 1dfb61dc4 Refactoring: split away continue_node_deploy/clean c9c605d8b Trivial: use the correct error handler for do_next_clean_step e39858dd8 Wiping agent tokens on reboot via API - take 2 4775288b9 migrate testing to ubuntu focal eac7226ce CI: update bindep for centos-8 py36 job changes a25da1c58 Imported Translations from Zanata db5570038 Fix inspection for idrac 2bf0eefe9 Clarify power state logging 1c49b62e2 Add Python3 wallaby unit tests a76c1932e Update master for stable/victoria f5589de02 Remove compatibility with conductors that do not support groups
Diffstat (except docs and test files) -------------------------------------
api-ref/source/baremetal-api-v1-chassis.inc | 9 +- .../source/baremetal-api-v1-deploy-templates.inc | 10 + api-ref/source/baremetal-api-v1-nodes-vifs.inc | 2 + api-ref/source/baremetal-api-v1-nodes.inc | 63 +- api-ref/source/baremetal-api-v1-portgroups.inc | 7 +- api-ref/source/baremetal-api-v1-ports.inc | 1 + api-ref/source/baremetal-api-v1-volume.inc | 4 +- api-ref/source/parameters.yaml | 158 ++- bindep.txt | 2 +- devstack/lib/ironic | 82 +- .../include/local-boot-partition-images.inc | 4 +- ironic/api/args.py | 381 ------ ironic/api/controllers/base.py | 53 - ironic/api/controllers/v1/allocation.py | 412 +++--- ironic/api/controllers/v1/bios.py | 90 +- ironic/api/controllers/v1/chassis.py | 295 ++-- ironic/api/controllers/v1/collection.py | 68 +- ironic/api/controllers/v1/conductor.py | 187 +-- ironic/api/controllers/v1/deploy_template.py | 421 +++--- ironic/api/controllers/v1/driver.py | 326 ++--- ironic/api/controllers/v1/event.py | 79 +- ironic/api/controllers/v1/node.py | 1434 ++++++++------------ ironic/api/controllers/v1/notification_utils.py | 5 +- ironic/api/controllers/v1/port.py | 633 ++++----- ironic/api/controllers/v1/portgroup.py | 460 +++---- ironic/api/controllers/v1/ramdisk.py | 50 +- ironic/api/controllers/v1/types.py | 515 ------- ironic/api/controllers/v1/utils.py | 345 ++++- ironic/api/controllers/v1/volume.py | 72 +- ironic/api/controllers/v1/volume_connector.py | 359 ++--- ironic/api/controllers/v1/volume_target.py | 378 ++---- ironic/api/expose.py | 222 --- ironic/api/method.py | 47 +- ironic/api/types.py | 709 ---------- ironic/common/args.py | 397 ++++++ ironic/common/context.py | 11 - ironic/common/driver_factory.py | 10 +- ironic/common/exception.py | 22 +- ironic/common/image_service.py | 7 +- ironic/common/images.py | 160 +-- ironic/common/json_rpc/client.py | 5 +- ironic/common/neutron.py | 24 +- ironic/common/policy.py | 8 +- ironic/common/release_mappings.py | 20 +- ironic/common/wsgi_service.py | 11 +- ironic/conductor/cleaning.py | 93 +- ironic/conductor/deployments.py | 46 + ironic/conductor/manager.py | 89 +- ironic/conductor/rpcapi.py | 3 +- ironic/conductor/task_manager.py | 13 +- ironic/conductor/utils.py | 100 +- ironic/conf/agent.py | 4 + ironic/conf/api.py | 6 +- ironic/conf/default.py | 14 +- ironic/db/api.py | 8 + .../alembic/versions/c0455649680c_port_name.py} | 28 +- ironic/db/sqlalchemy/api.py | 14 +- ironic/db/sqlalchemy/models.py | 2 + ironic/drivers/base.py | 20 +- ironic/drivers/drac.py | 3 +- ironic/drivers/modules/agent.py | 3 + ironic/drivers/modules/agent_base.py | 103 +- ironic/drivers/modules/agent_client.py | 37 + ironic/drivers/modules/deploy_utils.py | 11 +- ironic/drivers/modules/drac/raid.py | 18 +- ironic/drivers/modules/drac/vendor_passthru.py | 8 + ironic/drivers/modules/ilo/boot.py | 13 +- ironic/drivers/modules/ilo/management.py | 18 +- ironic/drivers/modules/ilo/raid.py | 10 +- ironic/drivers/modules/image_utils.py | 122 +- ironic/drivers/modules/ipmitool.py | 177 ++- ironic/drivers/modules/ipxe_config.template | 2 +- ironic/drivers/modules/irmc/boot.py | 3 +- ironic/drivers/modules/network/common.py | 30 +- ironic/drivers/modules/network/flat.py | 4 + ironic/drivers/modules/network/neutron.py | 6 +- ironic/drivers/modules/pxe.py | 3 +- ironic/drivers/modules/redfish/bios.py | 9 +- ironic/drivers/modules/redfish/boot.py | 19 +- ironic/drivers/modules/redfish/management.py | 6 +- ironic/drivers/modules/redfish/vendor.py | 92 ++ ironic/drivers/redfish.py | 6 + ironic/drivers/utils.py | 3 + ironic/objects/port.py | 60 +- .../unit/api/controllers/v1/test_allocation.py | 41 +- .../unit/api/controllers/v1/test_collection.py | 102 ++ .../api/controllers/v1/test_deploy_template.py | 99 +- .../api/controllers/v1/test_notification_utils.py | 12 - .../unit/api/controllers/v1/test_portgroup.py | 14 +- .../api/controllers/v1/test_volume_connector.py | 14 +- .../unit/api/controllers/v1/test_volume_target.py | 14 +- .../drivers/ipxe_config_boot_from_iso.template | 2 +- ...e_config_boot_from_volume_extra_volume.template | 2 +- ...nfig_boot_from_volume_no_extra_volumes.template | 2 +- .../unit/drivers/ipxe_config_timeout.template | 2 +- .../drivers/modules/drac/test_periodic_task.py | 30 +- .../unit/drivers/modules/ilo/test_management.py | 20 +- .../unit/drivers/modules/network/test_common.py | 8 - .../unit/drivers/modules/network/test_neutron.py | 90 +- .../unit/drivers/modules/redfish/test_bios.py | 70 +- .../unit/drivers/modules/redfish/test_boot.py | 39 +- .../drivers/modules/redfish/test_management.py | 31 +- .../unit/drivers/modules/redfish/test_vendor.py | 116 ++ .../unit/drivers/modules/test_agent_client.py | 45 + .../unit/drivers/modules/test_deploy_utils.py | 45 + lower-constraints.txt | 147 -- ...o_disable_automated_clean-a3ccb1e19940a7a4.yaml | 7 + .../notes/api-workers-c06ea95a0c55b8cf.yaml | 9 + ...me-gpt-for-uefi-boot-mode-8f9c77721394459a.yaml | 7 + .../notes/bios-config-manage-ccefd24054cc73ee.yaml | 7 + .../notes/dhcp-less-less-2a35df67d840f9d5.yaml | 6 + .../empty-physical-network-2248a4adef210289.yaml | 5 + .../fix-busy-agent-check-3cf75242b4783009.yaml | 6 + .../fix-inspection-for-idrac-34b3ea09452af8be.yaml | 4 + .../notes/fix-network-data-e10f2bf9dc38ba1a.yaml | 5 + .../notes/fix-network-data2-f2600afdcc182dc4.yaml | 4 + ...figuration-error-handling-464695b09e4f81ac.yaml | 8 + ...async-step-error-handling-f44e2001ac018d12.yaml | 8 + ...uefi-disk-pxe-persistance-0d871825591918b5.yaml | 37 + .../notes/image_rootfs_uuid-1ea54ba043d1aeaf.yaml | 6 + ...pmi_command_retry_timeout-889a49b402e82b97.yaml | 10 + .../notes/json-rpc-ipv6-host-30eca350f34bc091.yaml | 6 + .../notes/no-fake-bootif-505cc5bf48e7731f.yaml | 5 + ...mize-ramdisk-log-filename-270c401780b16e9c.yaml | 4 + .../notes/portgroup-mac-649ed31c3525e4f0.yaml | 7 + .../raid-remove-root-hint-ec87efd18e894256.yaml | 10 + .../notes/ramdisk-clean-2d3b033a401b911b.yaml | 5 + ...fix-stuck-deploying-state-43d51149a02c08b8.yaml | 7 + ...r-changing-redfish-device-f60ef90ba5675215.yaml | 8 + .../notes/token-reboot-3f18cf73e4dd10d3.yaml | 4 + ...https_secure_boot_support-41f4976e02c11162.yaml | 6 + ...dor-passthru-eject-vmedia-e4456320ee1c70c1.yaml | 7 + .../notes/vmedia-boot-mode-f75c6fbef6349cbf.yaml | 5 + .../notes/vmedia-fast-track-903076c33c4aca04.yaml | 9 + .../vmedia-inject-files-b6e226e2db4cff06.yaml | 10 + .../notes/vmedia-tls-117daa5ae0a9e30d.yaml | 6 + .../notes/webserver-timeout-d85781bf634cef39.yaml | 7 + releasenotes/source/index.rst | 1 + .../locale/en_GB/LC_MESSAGES/releasenotes.po | 38 +- releasenotes/source/victoria.rst | 6 + setup.cfg | 2 + test-requirements.txt | 9 +- tools/check-releasenotes.py | 2 +- tools/test-setup.sh | 23 + tox.ini | 39 +- zuul.d/ironic-jobs.yaml | 17 +- zuul.d/project.yaml | 29 +- 239 files changed, 8213 insertions(+), 9084 deletions(-)
Requirements updates --------------------
diff --git a/test-requirements.txt b/test-requirements.txt index fb628fe40..72cd8e6b9 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -4 +4 @@ -hacking>=3.0.1,<3.1.0 # Apache-2.0 + @@ -7 +6,0 @@ ddt>=1.0.1 # MIT -doc8>=0.6.0 # Apache-2.0 @@ -17,2 +15,0 @@ WebTest>=2.0.27 # MIT -bashate>=0.5.1 # Apache-2.0 -pycodestyle>=2.0.0,<2.6.0 # MIT @@ -20,3 +17 @@ pysnmp>=4.4.12 -flake8-import-order>=0.17.1 # LGPLv3 -Pygments>=2.2.0 # BSD -bandit!=1.6.0,>=1.1.0,<2.0.0 # Apache-2.0 +bandit!=1.6.0,>=1.1.0,<2.0.0 # Apache-2.0 \ No newline at end of file