We joyfully announce the release of: ironic 18.0.0: OpenStack Bare Metal Provisioning This release is part of the xena release series. The source is available from: https://opendev.org/openstack/ironic Download the package from: https://tarballs.openstack.org/ironic/ Please report issues through: https://storyboard.openstack.org/#!/project/943 For more details, please see below. 18.0.0 ^^^^^^ New Features ************ * Adding new clean steps to "ilo" and "ilo5" hardware type - "security_parameters_update", "update_minimum_password_length", and "update_auth_failure_logging_threshold" which allows users to modify ilo system security settings. * Provides the registry fields in the BIOS setting API and in the BIOS setting list when detail is requested. Also adds fields selector to query API. See story 2008571 (https://storyboard.openstack.org/#!/story/2008571). * Adds a new "deploy" verb as an alias to "active" and "undeploy" verb as an alias to "deleted". See story 2007551 (https://storyboard.openstack.org/#!/story/2007551). * Adds a new deploy interface "custom-agent" that can be used when all necessary deploy steps to provision an image are provided in the agent ramdisk. The default "write_image" deploy step is not present. * Get the BIOS Registry from Sushy and store the fields in the Ironic DB with the BIOS setting. See story 2008571 (https://storyboard.openstack.org/#!/story/2008571). * The "irmc-virtual-media" boot interface now supports setting kernel parameters via the "kernel_append_params" option in both the node's "driver_info" and "instance_info". This only applies when an image is built from a kernel and an initramfs, not when a pre-built ISO is used. * Adds support for setting kernel parameters for PXE and iPXE boot through the new "kernel_append_params" setting in the node's "driver_info" or "instance_info". * The "redfish-virtual-media", "ilo-virtual-media" and "idrac- redfish- virtual-media" boot interfaces now support "kernel_append_params" not only in the node's "instance_info", but also "driver_info". This only applies when the boot image is built from a kernel and an initramfs, not when a pre-built ISO is used. Upgrade Notes ************* * The deprecated "iscsi" deploy interface has been removed. Please update to a different deploy interface before upgrading. * The "ironic-dbsync upgrade" command for this version of ironic will add additional database indexes on the "nodes" table columns below. Depending on database size and complexity, this will take time to complete for every single index to be created. On MySQL or MariaDB, these indexes will only be created if an index does not already exist matching the field name with "_idx" appended.: * "owner" * "lessee" * "driver" * "provision_state" * "reservation" * "conductor_group" * "resource_class" An example of the SQL commands to generate these indexes can be found in the tuning (htts://docs.openstack.org/ironic/latest/admin/tuning.html) documentation. In testing with mock data, each column took approximately about 4 seconds per column to be indexed on a database with 115,000 rows. The existing database size and underlying server load will cause this time to vary. Sample queries also reduced result generation from an average of "0.40" seconds to an average of "0.02" seconds with a test data set. * Removes support for deploy interfaces that do not use deploy steps and rely on the monolithic "deploy" call instead. * Removes support for ironic-python-agent Victoria or older. Deprecation Notes ***************** * Using "[pxe]kernel_append_params" for the iRMC boot interface is now deprecated, please use "[irmc]kernel_append_params". * The configuration option "[pxe]pxe_append_params" has been renamed to "[pxe]kernel_append_params". The old name is now deprecated. * The "ilo-virtual-media" boot interface has previously declared support for the "ilo_kernel_append_params" option in "driver_info". It has never been implemented in reality and has been replaced by the new "kernel_append_params". * The node's "driver_info" parameters "redfish_deploy_iso" and "redfish_rescue_iso" have been renamed to "deploy_iso" and "rescue_iso" accordingly. The old names are deprecated. Bug Fixes ********* * If the agent accepts a command, but is unable to reply to Ironic (which sporadically happens before of the eventlet's TLS implementation), we currently retry the request and fail because the command is already executing. Ironic now detects this situation by checking the list of executing commands after receiving a connection error. If the requested command is the last one, we assume that the command request succeeded. * Adds "bios_interface" to the node list and node show api-ref. * Adds "bios_interface" to the node validate api-ref. * When local boot is used (e.g., by default), the instance image validation now happens only in the deploy interface, not in the boot interface (as before). Meaning that the boot interface validation will now pass in many cases where it would previously fail. * Fixes the "idrac-wsman" BIOS "factory_reset" clean and deploy step to indicate success and update the cached BIOS settings to their defaults only when the BIOS settings have actually been reset. See story 2008058 (https://storyboard.openstack.org/#!/story/2008058) for more details. * Removes temporary cleaning information on starting or restarting cleaning. * Improves lower-level performance issues with database activity where some often queried columns were not indexed when the database model was created, or as the model evolved. Operators seeking to pre- create these indexes may do so prior to upgrading. Please consult the tuning documentation in the Administrator's guide for the queries to leverage. * No longer masks configdrive when sending the node's record to in- band deploy steps. * Removes unnecessary delay before the start of the cleaning process when fast-track is used. * Correctly processes in-band deploy steps on fast-track deployment. * Correctly wipes agent token on inspection start and abort. * The behavior when a bootable iso ramdisk is provided behind an http server is to download and serve the image from the conductor; the image is removed only when the node is undeployed. In certain cases, for example on large deployments, this could cause undesired behaviors, like the conductor nodes running out of disk storage. To avoid this event we provide an option "[deploy]ramdisk_image_download_source" to be able to tell the ramdisk interface to directly use the bootable iso url from its original source instead of downloading it and serving it from the conductor node. The default behavior is unchanged. * Fixes providing agent tokens with pre-built ISO images and the "redfish-virtual-media" boot interface. * Fixes sub-optimal Ironic API performance where Secure RBAC related field level policy checks were executing without first checking if there were field results. This helps improve API performance when only specific columns have been requested by the API consumer. Other Notes *********** * Configuration drives are now stored in their JSON representation and only rendered when needed. This allows deploy steps to access the original JSON representation rather than only the rendered ISO image. * A new class "ironic.drivers.modules.agent.CustomAgentDeploy" can be used as a base class for deploy interfaces based on ironic- python- agent. Changes in ironic 17.0.0..18.0.0 -------------------------------- fe419bac1 Changes made to release documentation: f2ef05fce Prepare 18.0 and clean up release note 47001f3c0 Trivial: Fix version number in comment 6b0fc9089 Add bifrost-benchmark-ironic job 26cf25d98 Follow-up to Include bios registry fields in bios API e15440370 Include bios registry fields in bios API d5971fdff Update project conundrum related docs ffff76a68 Add basic tools for benchmarking 6cd645747 Secure RBAC - Efficent node santiziation 9a09f1bdc Add missing bios_interface to api-ref for validate API fb72d7dca Trivial: comment why we don't check retired in allocations 0ad427b78 Retrieve BIOS registry from sushy 172d1b22d Delay rendering configdrive 28a947803 Remove inventory time workaround for WS-man BIOS 0a8373872 Rename redfish_deploy_iso -> deploy_iso 205a8b303 Add additional node indexes f1c9ff0e9 Update min version of tox to use allowlist 722326f67 Clean up kernel_append_params for iRMC e51404c8e Clean up kernel_append_params for Redfish and iLO 2a73f5a84 Clean up kernel_append_params for PXE/iPXE 98c950061 Add bios_interface to api-ref spec c70b85876 Expand the deployment guide 26f660711 setup.cfg: Replace dashes with underscores 754f15c92 [doc] Update documentation about force_persistent_boot_device 6243a4b28 Rework the user guide b92fa285a Upgrade guide: remove ancient versions and group with Installation 35dea0789 Delete unavailable py2 package abfe383cc Fix deployment when executing a command fails after the command starts 53d06a797 Document the custom-agent deploy interface 4874f3c44 Provide an option to not cache bootable iso ramdisks e6bb99cd8 Avoid unnecessary validation in boot interfaces 47398edd3 Inherit InvalidImageRef from InvalidParameterValue 929907d68 Bye-bye iSCSI deploy, you served us well e79f16383 Update refarch with information about image_download_source bad281cf1 Clean up deprecated features of the agent deploy a7f4b4a21 Stop testing the iscsi deploy interface e85a36fe3 Deploy interface that fully relies on custom deploy steps d97f0fb5e Do not mask configdrive when executing in-band deploy steps 7ac60fb15 Docs: dhcp-less works with Glean 1.19.0 266be4eb4 Follow up to add iDRAC management via Redfish f4a700202 Remove temporary cleaning information on starting cleaning 7fecedad2 [doc][trivial] Fix diagram in agent token admin docs cf98a468e [doc][trivial] Fix typo in agent token admin docs da88ce8cd Update basic local.conf for quickstart df368cbd8 Read default cirros version from stackrc 5c303a5e0 Aliases for a few unfortunately named state transitions 9afa9b86d Process in-band deploy steps on fast-track 5a27ea6fe Followup patch for security dashboard clean steps ff7a32bc7 Remove a pause before cleaning when fast-tracking 65e2e1909 Fix fast track with redfish-virtual-media 233a8d2c4 Update to not use deprecated `get_task_monitor`. 8647aeca6 Do not use pregenerated tokens with a pre-built ISO c6e8281f8 Wipe agent tokens on inspection start and abort 82627acad Fix idrac-wsman BIOS factory_reset result finding 90d21edbf Update python-dracclient version f5413a9bd Add security dashboard clean steps to ilo drivers 0a417f52e Imported Translations from Zanata c6b8ee666 Update release note version header for wallaby 94bd4c8e3 Add Python3 xena unit tests dd56a20b6 Update master for stable/wallaby ae30139af Followup idrac configuration mold steps a036728fb Follow-up Automaticaly set cipher suite 7813fe888 Fix typo in security docs around is_admin rule d44b3b6fe CI: Collect a snapshot of network connections Diffstat (except docs and test files) ------------------------------------- .../source/baremetal-api-v1-node-management.inc | 1 + api-ref/source/baremetal-api-v1-nodes-bios.inc | 68 + api-ref/source/baremetal-api-v1-nodes.inc | 2 + api-ref/source/parameters.yaml | 73 +- api-ref/source/samples/driver-get-response.json | 4 +- .../samples/drivers-list-detail-response.json | 4 +- .../source/samples/node-bios-detail-response.json | 13 +- .../samples/node-bios-list-details-response.json | 30 + .../source/samples/node-bios-list-response.json | 4 +- .../samples/nodes-list-details-response.json | 2 +- bindep.txt | 1 - devstack/common_settings | 7 +- devstack/lib/ironic | 2 +- .../contributor/ironic-multitenant-networking.rst | 1 - .../images/ironic_standalone_with_ibmc_driver.svg | 1309 -------------- .../include/configure-ironic-api-mod_wsgi.inc | 10 +- .../install/include/configure-ironic-api.inc | 2 +- .../install/include/kernel-boot-parameters.inc | 13 +- driver-requirements.txt | 4 +- etc/ironic/rootwrap.d/ironic-utils.filters | 3 - ironic/api/controllers/v1/bios.py | 41 +- ironic/api/controllers/v1/node.py | 51 +- ironic/api/controllers/v1/utils.py | 28 +- ironic/api/controllers/v1/versions.py | 6 +- ironic/cmd/dbsync.py | 2 - ironic/cmd/status.py | 36 + ironic/common/exception.py | 2 +- ironic/common/pxe_utils.py | 6 +- ironic/common/release_mappings.py | 22 +- ironic/common/states.py | 12 + ironic/conductor/allocations.py | 2 + ironic/conductor/cleaning.py | 3 +- ironic/conductor/deployments.py | 59 +- ironic/conductor/manager.py | 12 +- ironic/conductor/utils.py | 20 +- ironic/conf/__init__.py | 4 +- ironic/conf/deploy.py | 16 + ironic/conf/drac.py | 8 +- ironic/conf/irmc.py | 10 + ironic/conf/iscsi.py | 44 - ironic/conf/opts.py | 1 - ironic/conf/pxe.py | 3 +- ironic/db/api.py | 16 +- .../2bbd96b6ccb9_add_bios_fields_from_registry.py | 46 + .../alembic/versions/ac00b586ab95_node_indexes.py | 48 + ironic/db/sqlalchemy/api.py | 74 +- ironic/db/sqlalchemy/models.py | 16 + ironic/drivers/generic.py | 7 +- ironic/drivers/modules/agent.py | 542 +++--- ironic/drivers/modules/agent_base.py | 95 +- ironic/drivers/modules/agent_client.py | 160 +- ironic/drivers/modules/ansible/deploy.py | 17 +- ironic/drivers/modules/deploy_utils.py | 5 +- ironic/drivers/modules/drac/bios.py | 144 +- ironic/drivers/modules/drac/management.py | 12 +- ironic/drivers/modules/ilo/boot.py | 12 +- ironic/drivers/modules/ilo/common.py | 40 + ironic/drivers/modules/ilo/inspect.py | 27 + ironic/drivers/modules/ilo/management.py | 129 ++ ironic/drivers/modules/image_utils.py | 16 +- ironic/drivers/modules/ipmitool.py | 18 +- ironic/drivers/modules/irmc/boot.py | 18 +- ironic/drivers/modules/iscsi_deploy.py | 813 --------- ironic/drivers/modules/pxe_base.py | 24 +- ironic/drivers/modules/redfish/bios.py | 55 +- ironic/drivers/modules/redfish/boot.py | 144 +- ironic/drivers/modules/redfish/management.py | 6 +- ironic/drivers/modules/redfish/utils.py | 32 +- ironic/drivers/utils.py | 62 + ironic/objects/bios.py | 67 +- ironic/objects/conductor.py | 2 +- ironic/objects/node.py | 11 +- .../unit/drivers/modules/ansible/test_deploy.py | 30 + .../unit/drivers/modules/drac/test_management.py | 24 +- .../unit/drivers/modules/ilo/test_management.py | 44 +- .../unit/drivers/modules/redfish/test_bios.py | 204 ++- .../unit/drivers/modules/redfish/test_boot.py | 398 ++++- .../drivers/modules/redfish/test_management.py | 33 +- .../unit/drivers/modules/redfish/test_utils.py | 37 + .../unit/drivers/modules/test_agent_client.py | 202 ++- .../unit/drivers/modules/test_deploy_utils.py | 7 +- .../unit/drivers/modules/test_iscsi_deploy.py | 1816 -------------------- .../unit/drivers/third_party_driver_mock_specs.py | 2 +- playbooks/ci-workarounds/get_extra_logging.yaml | 8 + playbooks/ci-workarounds/get_tftpd.yaml | 5 - ...security-param-clean-step-00d5548072a397f2.yaml | 7 + .../notes/agent-last-command-4ec6967c995ba84a.yaml | 9 + .../bios-interface-api-ref-ebf866cc7da2270b.yaml | 4 + ...nterface-api-ref-validate-ddb95461adb0e478.yaml | 4 + .../bios-registry-support-e7fd62908e9c222d.yaml | 8 + .../notes/boot-validate-6b4b6b40c8e27273.yaml | 7 + ...w-named-state-transitions-a32433ad65638706.yaml | 6 + ...factory-reset-status.yaml-52a6119b46e33b37.yaml | 8 + .../notes/bye-bye-iscsi-658920cf126db0b8.yaml | 5 + .../notes/cleaning-token-9755f96d1284f78a.yaml | 4 + .../notes/configdrive-render-8eb398d956393d60.yaml | 6 + .../create_node_indexes-841b679e6cf332fd.yaml | 35 + .../custom-agent-deploy-88989512c29a14c1.yaml | 10 + .../notes/decomposed-steps-9644d3b5ccbad1ea.yaml | 7 + .../deploy-step-configdrive-86ea2bb267211b88.yaml | 5 + .../notes/fast-track-opt-d50eab2cc58fddcb.yaml | 5 + .../fast-track-validate-723f27986a012ffe.yaml | 4 + .../notes/get-bios-registry-aadc74800e0770f7.yaml | 6 + .../notes/inspection-token-b3d9e8e34341d680.yaml | 4 + .../notes/irmc-append-params-380a281db43e6013.yaml | 11 + ...ion-no-cache-http-ramdisk-62fc29cdd1d5b152.yaml | 14 + .../notes/pxe-append-params-9cd5831959676371.yaml | 10 + .../redfish-append-params-4d28d922484c2731.yaml | 14 + .../notes/redfish-deploy-iso-9671ae83108f6385.yaml | 6 + .../redfish-iso-pregenerated-97040711c4537726.yaml | 5 + ...-sanitization-performance-dc7886952144bb04.yaml | 7 + releasenotes/source/index.rst | 1 + .../locale/en_GB/LC_MESSAGES/releasenotes.po | 525 +++++- releasenotes/source/wallaby.rst | 6 + setup.cfg | 10 +- tools/benchmark/README | 13 + .../benchmark/do_not_run_create_benchmark_data.py | 99 ++ tools/benchmark/generate-statistics.py | 195 +++ tox.ini | 8 +- zuul.d/ironic-jobs.yaml | 10 +- zuul.d/project.yaml | 6 +- 204 files changed, 6138 insertions(+), 6892 deletions(-) Requirements updates -------------------- diff --git a/driver-requirements.txt b/driver-requirements.txt index 457040ed4..e379bb99a 100644 --- a/driver-requirements.txt +++ b/driver-requirements.txt @@ -10 +10 @@ python-scciclient>=0.8.0 -python-dracclient>=5.1.0,<6.0.0 +python-dracclient>=5.1.0,<7.0.0 @@ -14 +14 @@ python-xclarityclient>=0.1.6 -sushy>=3.7.0 +sushy>=3.8.0