We are tickled pink to announce the release of: ironic-python-agent 6.4.4: Ironic Python Agent Ramdisk This release is part of the victoria stable release series. The source is available from: https://opendev.org/openstack/ironic-python-agent Download the package from: https://tarballs.openstack.org/ironic-python-agent/ Please report issues through: https://storyboard.openstack.org/#!/project/openstack/ironic- python-agent For more details, please see below. 6.4.4 ^^^^^ New Features ************ * Adds an configuration option which can be encoded into the ramdisk itself or the PXE parameters being provided to instruct the agent to ignore bootloader installation or configuration failures. This functionality is useful to work around well-intentioned hardware which is auto-populating all possible device into the UEFI nvram firmware in order to try and help ensure the machine boots. Except, this can also mean any explict configuration attempt will fail. Operators needing this bypass can use the "ipa-ignore-bootloader- failure" configuration option on the PXE command line or utilize the "ignore_bootloader_failure" option for the Ramdisk configuration. In a future version of ironic, this setting may be able to be overriden by ironic node level configuration. * Adds the capability into the agent to read and act upon bootloader CSV files which serve as authoritative indicators of what bootloader to load instead of leaning towards utilizing the default. Known Issues ************ * If multiple bootloader CSV files are present on the EFI filesystem, the first CSV file discovered will be utilized. The Ironic team considers multiple files to be a defect in the image being deployed. This may be changed in the future. Bug Fixes ********* * Setting the new "ipa-ignore-bootloader-failure" config option prevents errors due to bootloader installation failure generated by automatic bootloader entries configuration from multiple attached devices. * The system file system configuration file for Linux machines, the "/etc/fstab" file is now updated to include a reference to the EFI partition in the case of a partition image base deployment. Without this reference, images deployed using partition images could end up in situations where upgrading the bootloader could fail. * Fixes a minor issue with the regular expression used for UEFI duplicate entry cleanup which was introduced in a prior change to refactor the cleanup operation to avoid UEFI firmware which treats deletion of entries after addition as an invalid operation. * Fixes cases where duplicates may not be found in the UEFI firmware NVRAM boot entry table by explicitly looking for, and deleting for matching labels in advance of creating the EFI boot loader entry. * IPA now properly checks if the root partition is already mounted. See Story 2008631 (https://storyboard.openstack.org/#!/story/2008631) for details. * Fixes an error with UEFI based deployments where using a partition image a NVMe device was previously failing due to the different device name pattern. * Fixes an issue where partitions are not visible due to a incorrect call to have the partition table re-read. * Fixes an issue where partitions are not visible due to an incorrect call to have the partition table re-read during raid configuration creation. * Fixes an issue where the NTP time sync at the IPA startup via chronyd is not immediate (which can break time sensitive components such as the generation of a TLS certificate). * Fixes failures with disk image conversions which result in memory allocation or input/output errors due to memory limitations by limiting the number of available memory allocation pools to a non- dynamic reasonable number which should not exceed the available system memory. * The lshw package version B.02.19.2-5 on CentOS 8.4 and 8.5 contains a bug (https://bugzilla.redhat.com/show_bug.cgi?id=1955250) that prevents the size of individual memory banks from being reported, with the result that the total memory size would be reported as 0 in some places. The total memory size is now taken from lshw's total memory size output (which does not suffer from the same problem) when available. * No longer crashes if MAC address cannot be determined for one of the network interfaces. * Fixes an issue where metadata erasure cleaning fails for partitions because the read-only file isn't found, while it is available at the base device. Adds a check for the base device file on failure. See story 2008696 (https://storyboard.openstack.org/#!/story/2008696). * Fixes the agent's EFI boot handling such that EFI assets from a partition image are preserved and used instead of overridden. This should permit operators to use Secure Boot with partition images IF the assets are already present in the partition image. * Mirrors the previously disconnected EFI system partitions (ESPs) in UEFI software RAID setups. Disconnected ESPs can lead to nodes booting with outdated kernel parameters or the UEFI firmware not finding bootable kernels at all. * Fixes incorrect root partition UUID after streaming a raw partition image. * Fixes nodes failing after deployment completes due to issues in the Grub2 EFI loader entry addition where a "BOOT.CSV" file provides the authoritative pointer to the bootloader to be used for booting the OS. The base issue with Grub2 is that it would update the UEFI bootloader NVRAM entries with whatever is present in a vendor specific "BOOT.CSV" or "BOOTX64.CSV" file. In some cases, a baremetal machine *can* crash when this occurs. More information can be found at story 2008962 (https://storyboard.openstack.org/#!/story/2008962). * Adds a call to "udevadm settle" in write_image.sh. After GPT and MBR are destroyed systemd-udevd gets triggered which may hold /dev/sda open preventing qemu-img from writting its image. * Provides a more specific error message if a UEFI-incompatible image is used in the UEFI mode. * Increase memory usage limit for "qemu-img convert" command to 2 GiB. See Story 2008667 (https://storyboard.openstack.org/#!/story/2008667) for details. Changes in ironic-python-agent 6.4.3..6.4.4 ------------------------------------------- 0b292a1 Re-read the partition table with partx -a, part 2 06cf7f3 Re-read the partition table with partx -a 9525a11 Fix UEFI record regex 47ac40a Delete EFI boot entry duplicate labels first 750934a Output verbose info from efibootmgr 48ffbaa Force immediate NTP time sync with chronyd at IPA startup 97ce08d Fix getting memory size in some lshw output 2645240 Reduce logging verbosity when collecting logs 474d2a9 Utilize CSV file for EFI loader selection 350a67e Make _get_efi_bootloaders return relative paths ee81184 Limit qemu-img execution arenas 601b833 Fix NVMe Partition image on UEFI b307c34 Point ipa-builder to stable/wallaby 6e0d08c Software RAID: RAID the ESPs 37c39b1 Fix missing data in log messages bc13adf Add a call to "udevadm settle" in write_image.sh b3f489c Do not fail network interface collection on unsupported interface 92a7d7a Fix root UUID for streamed partition images 2076df9 Add fstab pointer to EFI partition 1a19f8b Prepare to use tinycore 12 99b9953 Check the base device if the read-only file cannot be read de1e751 Increase the memory limit for qemu-img d1a365e Fixes local boot for partition images 0ff5726 Fix error message with UEFI-incompatible images a820851 Mock tests to return bios boot mode 9961ed6 Prevent broken partition image UEFI deploys 07cf2c1 Option to enable bootloader config failure bypass Diffstat (except docs and test files) ------------------------------------- ironic_python_agent/config.py | 12 + ironic_python_agent/extensions/image.py | 682 +++++++--- ironic_python_agent/extensions/standby.py | 4 + ironic_python_agent/hardware.py | 49 +- ironic_python_agent/shell/write_image.sh | 14 +- ironic_python_agent/utils.py | 23 +- ...all-failure-to-be-ignored-b99667b13afa9759.yaml | 21 + ...nd-efi-partition-to-fstab-e9f945a4dd19bd7a.yaml | 8 + .../notes/correct-uefi-regex-112211c2427cd4d9.yaml | 7 + .../de-duplicate-by-label-baa090c5b1bff992.yaml | 6 + ...boot-for-partition-images-755f570dc0982868.yaml | 7 + ...-partition-image-handling-b8487133a188fd32.yaml | 6 + .../notes/fix-rescan-device-7b00c6836b687ce8.yaml | 5 + .../fix-rescan-device-raid-29aa1558b036b496.yaml | 7 + .../fix_chronyd_time_sync-626a14b66ca37677.yaml | 6 + ...mit-qemu-img-malloc-arena-025ed84115481eae.yaml | 7 + .../lshw-no-memory-bank-size-05ea71987362986e.yaml | 9 + releasenotes/notes/no-mac-54616606ee6b844d.yaml | 5 + ...eck_read_only_base_device-5bc15ac2f034aca9.yaml | 7 + ...serve-efi-folder-contents-ea1e278b3093ec55.yaml | 7 + .../software-raid-raid-ESPs-25a2aa117b99620a.yaml | 7 + .../notes/streaming-uuid-fdf136a7745fbb3d.yaml | 5 + ...t-bootloader-csv-file-use-c815b520c600cd98.yaml | 22 + .../notes/udevadm-settle-9d3e5f1f20211857.yaml | 7 + .../notes/uefi-images-38c8536db189ffc1.yaml | 5 + .../notes/up-qemuimg-mem-1536183a02b3a235.yaml | 7 + tox.ini | 6 +- zuul.d/ironic-python-agent-jobs.yaml | 7 +- zuul.d/project.yaml | 20 +- 33 files changed, 2212 insertions(+), 453 deletions(-)