Update git submodules
* Update ironic-python-agent from branch 'master'
- Merge "Attempt to read the partition table after writing an image"
- Add source code link for the project to README
Change-Id: Ib8e0c9a41b4b73aaba13b794eaf2134b85bbeff9
- Merge "Update author email address"
- Update author email address
Change-Id: I7bad0c5799be2cc550efee20507e882ed055cc9a
- Merge "Change HTTP links to HTTPS"
- Change HTTP links to HTTPS
Change-Id: I963c32407c109c840d59f4dcf945f2fc78e096f2
- Update http link to https
Change-Id: I5cf2627d999d4f3cf7bc2367f4d9cfddf6391146
- Merge "add coverage job"
- Merge "spelling error"
- Merge "Update min tox version to 2.0"
- Merge "zuul-ify primary IPA jobs"
- Merge "Allow erasing metadata from disk partitions"
- zuul-ify primary IPA jobs
Change-Id: I13312560389f8b1298dd62cedd654fb8f66d3dfe
- Update link addresses
Change-Id: I52f275917be720b1e48f17876deb10cd4e6d2501
- spelling error
Change-Id: I20e5373e6b906f893adbd4ec609c71203766b3d3
- Attempt to read the partition table after writing an image
This patch adds code that tries to read the partition table after we've
successfully written an image to make sure the image that we wrote has a
valid partition table so we can more easily guarantee that what we've
written is bootable and not just junk. Without a valid partition table
writing a config drive will fail for whole disk images.
Co-Authored-By: Dmitry Tantsur <dtantsur@redhat.com>
Change-Id: I5cfd8c433a4db3e0d2d5086250e629d16234b7a4
Story: 2001760
Task: 12159
- Allow erasing metadata from disk partitions
Modify the metadata erasing call chain to retrieve a list of devices
that includes partitions in addition to disks so it can erase metadata
from all of them, otherwise incidentally recreating disk partitions
causes the Linux kernel to discover and automatically recreate some
types of storage entities (eg LVM PVs, VGs, & LVs, RAID members &
devices).
Change-Id: If8f47a083966051856439e3291a6872929b93e3b
Story: #2003673
Task: #26192
- Merge "Update min tox version to 2.0"
- Merge "Fix multi-device behavior"
- Update min tox version to 2.0
The commands used by constraints need at least tox 2.0.
Change-Id: I4813ed34b22895d59db26d15ee5158de8840628a
- Update min tox version to 2.0
The commands used by constraints need at least tox 2.0. Update to
reflect reality, which should help with local running of constraints
targets.
Change-Id: I005b46aebeb7f347b6721790723ea6be41a0d67e
- add coverage job
Insert python coverage job for py-test.
Change-Id: I13b9a0710e442abb06af328aad4e769628a383e1
- Merge "Allow streaming raw partition images"
- Follow up to parallel disk erasure
Improve test to verify apply_async is called twice as expected.
Story: 1546949
Task: 11548
Change-Id: I41736dfb2932dd0036bbc4cbc51929bf61a16569
- Merge "Allow using ironic-lib from source when building tinyipa"
- Merge "Parallel erase disk devices"
- Parallel erase disk devices
Currently we erase the disks one by one, which takes a long
time to finish, this patch adds support to the IPA so that
it can erase disks in parallel if told so.
Story: 1546949
Task: 11548
Co-Authored-By: yuan liang <leetpy2@gmail.com>
Co-Authored-By: Kaifeng Wang <kaifeng.w@gmail.com>
Change-Id: If5cfb6ec000a654d07103c4b378d4c135249e238
- Merge "Enhanced checksum support"
- Fix BMC IP address detection on CoreOS images
On CoreOS images, IPA runs in a Debian Jessie chroot which uses mawk as
its default awk implementation. However, mawk doesn't support POSIX
character classes such as [:space:], which means get_bmc_address() fails
to parse the BMC IP address from the output of ipmitool.
This patch replaces the use of [[:space:]] by [ \t] which is equivalent
for the purpose of parsing the output of ipmitool. Note that matching on
tab characters is not strictly required as the packaged version of
ipmitool only uses space characters, but is left in case tabs are used
in other versions.
Change-Id: I0e3306a4d4584ca28e03608e9f7270b770960a39
Story: #2004121
Task: #27571
- Allow streaming raw partition images
Currently we support streaming raw whole disk images, but not
partition ones. This change enables it.
Change-Id: Ie95102aa3f2054a6b429f3d3e0926e90923c5faf
Story: #2003809
Task: #26558
- Add missing dependencies to CoreOS IPA docker image
The iptables and lshw utilities are both required for IPA: iptables is
used when collecting system logs and lshw is used to get the total
physical memory and system details. However, they were not installed in
the docker image embedded in CoreOS IPA images. Since the docker image
is used as a chroot to run IPA, it cannot access binaries available
outside in the main CoreOS file system.
Change-Id: Ic2188b49e717c62315db6c33b74b2e161436b052
Story: #2004092
Task: #27494
- Raise udevadm settle timeout from 5 to 20 seconds
To fix for grenade slow discovery of e1000 network devices.
Ironic Inspector grenade job is using e1000 driver since
change: I4ec297281380896ffe9004c4de7117586ded7149
In some cases the e1000 devices has not registered yet,
and thus the dhcp init script does not find any interfaces
to bring up. This causes the grenade job to continue with
no networking, and the job finally fail.
Make the udev settle timout configurable (default 20 sec)
in finalise-tinyipa.sh.
Let's hope 20 seconds is enough. If not we now have more
logs to identify the issue.
Change-Id: I82beecc78afb4b23234d2d5eca4f46f84f20525e
- Enhanced checksum support
Adds enhanced checksum support to IPA, when os_hash_algo and os_hash_value
are passed in via image_info, it will be used to calculate image checksum
and verification.
In other cases, the old md5 checksum is used.
Change-Id: I1d2f33e7059910326b4ac3f7786543b333a93a5a
Story: 2003938
Task: 26846
- Merge "Change nic driver to e1000 for CoreOS jobs"
- Mark CoreOS check jobs non-voting
Due to a higher failure rate, which is largely due
to nested virtualization failures with CoreOS where
one or more of the CI infrastucture providers do not
support nested virtualization, we are marking the
CoreOS CI check jobs as non-voting. This is in order
to reduce the need to recheck.
Change-Id: Id2a5dc766b79ec1131e33f9a49ceca8095c363ef
Story: #2003985
Task: #26928
- Allow using ironic-lib from source when building tinyipa
This change simplifies development of IPA by allowing to install
ironib-lib from a local checkout with modifications.
Change-Id: I142c6d389d94141db8bc9e3eeaae50a687bcd7b1
- Change nic driver to e1000 for CoreOS jobs
This change was created after observing a number of the CoreOS
IPA build/test jobs were exhibiting a high failure rate with
the virt-nic.
Similar to the issues recently addressed in ironic's grenade
job, lets explicitly set the NIC to e1000 as that seems to be
more reliable for the CoreOS jobs.
Change-Id: I6365fe138d1b1ddc98a49f1a1da0b82d77678599
- Correct headings in README.rst
Currently it's titled "Team and repository tags", which is obviously
not the project name. Also the top-level title is duplicated twice.
Also remove the link to wiki that contains no helpful information.
Change-Id: I6c997576f7ffe00fe660ad51213e70369b325e0b
- Fix multi-device behavior
ATARAID is functionally a version of software
RAID where the setup is managed by the controller
and the Operating System takes over managing the
RAID after boot. Most commonly this is found for
mirrored boot devices.
Prior to this patch, we were looking for non-dependent
items (i.e. base block devices), with a type of disk.
Now we will permit the "disk" to be added to the list
if lsblk indicates that it is a type containing "raid".
The lsblk results should not change as we explicitly
look for disk objects.
Change-Id: Ia4a03b33cc06ce42e1bc33026683c28b31901cb7
Story: #2003445
Task: #24647
- Merge "add python 3.6 unit test job"
- Replace assertEqual(True/False, expr) with assertTrue/assertFalse in tests
In some cases, If the result of expr is a boolen value, we shoud use
assertTrue/assertFalse to instead. Beacause it is clear and simple.
Change-Id: Ie61369f6335a90b09bb24192282d33da5272c13f
Story: #2003785
Task: #26490
- Merge "switch documentation job to new PTI"
- Merge "import zuul job settings from project-config"
- Merge "Clear GPT and MBR headers with dd to avoid sgdisk CRC errors"
- add python 3.6 unit test job
This is a mechanically generated patch to add a unit test job running
under Python 3.6 as part of the python3-first goal.
See the python3-first goal document for details:
https://governance.openstack.org/tc/goals/stein/python3-first.html
Change-Id: I6cdb80e7be5dfe1362628727160d6186f7bafd27
Story: #2002586
Task: #24302
- switch documentation job to new PTI
This is a mechanically generated patch to switch the documentation
jobs to use the new PTI versions of the jobs as part of the
python3-first goal.
See the python3-first goal document for details:
https://governance.openstack.org/tc/goals/stein/python3-first.html
Change-Id: I14605e8455a87998f449fed9815b470bb701745a
Story: #2002586
Task: #24302
- import zuul job settings from project-config
This is a mechanically generated patch to complete step 1 of moving
the zuul job settings out of project-config and into each project
repository.
Because there will be a separate patch on each branch, the branch
specifiers for branch-specific jobs have been removed.
Because this patch is generated by a script, there may be some
cosmetic changes to the layout of the YAML file(s) as the contents are
normalized.
See the python3-first goal document for details:
https://governance.openstack.org/tc/goals/stein/python3-first.html
Change-Id: Icfa5db2a099cb3acb79a39824c48c3e4505758ce
Story: #2002586
Task: #24302
- Update reno for stable/rocky
Change-Id: I7506753ff1829ca5386d67d751c40b5e022b028d
- Clear GPT and MBR headers with dd to avoid sgdisk CRC errors
This change adds a dd before the existing sgdisk -Z command to
workaround CRC verification errors.
Change-Id: Ia1ac4e1c0faf14ad4bb11c2a1c796c93ca8cb5e3
Closes-Bug: #1737556
Story: 1737556
Task: 11496
- Merge "fall back to PARTUUID if UUID not found."
- Merge "Collect IPv6 address during introspection"
- Merge "Install grub to PReP partition when prep_boot_part_uuid is provided"
- fall back to PARTUUID if UUID not found.
Change-Id: Icbf1fd8179658bd8bcd15f99aaaee796288dbf6f
Story: 2002052
Task: 19714
- Merge "fix uname mock arguments for get-pip.py"
- fix uname mock arguments for get-pip.py
Change-Id: I36b3c8c7b0dfca41db54490306f47ddbf8eec836
- Collect IPv6 address during introspection
This patch adds support to retrieve IPv6 address.
A new field ``ipv6_address`` is added to NetworkInterface
and store the assigned IPv6 address (if any).
Co-Authored-By: Kaifeng Wang <kaifeng.w@gmail.com>
Change-Id: Ia527a5aa48e3daf66d2be190e43935b38b3bd6f9
Closes-Bug: #1744064
Story: #1744064
Task: #11604
- Install grub to PReP partition when prep_boot_part_uuid is provided
Installs the grub bootloader to the PreP Boot partition when the
prep_boot_partition_uuid is provided. This is required when
booting a partition image locally on ppc64* systems.
This change also passes the cpu_arch along to work_on_disk so
that the PReP partition is created when partitioning disks for
local boot on ppc64* systems,
Change-Id: I70667d43af962b357e6eeccba258f4fa5a91a09e
Depends-On: I2bc9f13ec605de7b7b96d96a1a4edebee0af76dc
Story: #1749057
Task: #22999
- Remove testrepository
This commit is a follow-up of "switch to using stestr"
which was merged already [1].
After switch to using stestr, testrepository is unnecessary
and should be removed.
[1] https://review.openstack.org/578521
Change-Id: Ic4005aa6f4bf5fb52fc207ff1cec666ccef8d0da
- Merge "Switch to using stestr"
- Merge "Provide knob to disable ata secure erase"
- Switch to using stestr
According to Openstack summit session [1] stestr is maintained project
to which all Openstack projects should migrate.
Let's switch it then.
[1] https://etherpad.openstack.org/p/YVR-python-pti
Also adjust requiremenst to past the gate checks.
Change-Id: If7a0ebd9cca26cb67eb2ec9036d0aa2693fdffbf
Signed-off-by: Chuck Short <chucks@redhat.com>
- Merge "Refuse secure erase if ATA command does not work"
- Provide knob to disable ata secure erase
We need to allow the operator to able to
explicitly disable secure erase, in case
it is problematic in their environment
or hardware.
Change-Id: I4c68efa65cdd7f88f54f8dd9a8bcbeee9e8124a8
Story: #2002546
Task: #22108
- Refuse secure erase if ATA command does not work
Adds dependency upon smartmontools's binary smartctl to
query the block devices via ATA mode which fails on pass-thru
buses such as ATA over SCSI and ATA over USB, in an effort
to prevent the initiation of ATA secure erase with one
of these interfaces in place which may render the disk
unreachable after security options are enabled for
ATA Secure Erase or upon the Secure Erase command being
sent to the Hard Disk.
Change-Id: I7635a197eb000650e919fac386b38ac15ef17041
Story: #2002546
Task: #22109
Depends-On: Ibbfd168844524d91927bdd6e67d973e0bd519bf2
- Reduce CoreOS CPU count to 1
It seems nested virt, while much faster, likes to crash due to
what appears to be a SMP issue. So lets try one CPU.
Change-Id: Ibbfd168844524d91927bdd6e67d973e0bd519bf2
- Enable Auto VM engine for CoreOS CI jobs
The CoreOS ramdisk can take anywhere from 300-500 seconds to
startup depending on the size of the image and the underlying
hypervisor performance.
Given this time window, it is easy to cause the CI job to
timeout. Lets let the VM engine be chosen to use KVM if
available.
Change-Id: Ie4e096ccd71a3667fea34731cd5268b56e3cd2b9
- Merge "Cleanup CI jobs for IPA"
- Switch from sourceforge to github for ipmitool
Currently CI fails on build ipa image on xenial, because downloading
with wget from sourceforce is giving SSL error. Start using the
github mirror, that is not having this problem.
Additionally added autoconf, autogen, automake, and libtool
to the build requirements as the new ipmitool package is based
off of repository commit history tags and did not contain
a pregenerated configure file.
Change-Id: I139679db835b7a87c55f69a4d807ff8ec9099e3a
- Cleanup CI jobs for IPA
Renamed jobs to more appropriate names, and extended
base timouts, as well as the build timeouts for coreos
as the image we work with today is a little larger
than it was previously.
Change-Id: I2884ba795bae689b40826b8c7e2714e3eb5811fb
Depends-On: I139679db835b7a87c55f69a4d807ff8ec9099e3a
- Merge "Try to unlock failed device before proceeding"
- Try to unlock failed device before proceeding
When a hard error has occured with secure erase,
we should attempt an unlock of the device becuase
the current mode can prevent disk IO. This may upset
some things like raid controllers even if they are
in a pass-through mode.
Change-Id: I32e1d962fbbb4a305d5dbebea92ac48ebd9b67ca
Story: #2002546
Task: #22107
- fix tox python3 overrides
We want to default to running all tox environments under python 3, so
set the basepython value in each environment.
We do not want to specify a minor version number, because we do not
want to have to update the file every time we upgrade python.
We do not want to set the override once in testenv, because that
breaks the more specific versions used in default environments like
py35 and py36.
Change-Id: I3c8e5c663a3fd881430f84fc502e46192de77fc7
- Add release notes link to README
Add release notes url doc link to README.rst.
Change-Id: I12652da892ccb6b43d7686db522b972c4bdc3df7
- Merge "Add min/max values to integer config options"
- Add a release note for secure erase changes
Change-Id: I6eaa8d8657f153c81ccc7cc2b49cb63a8c1637b3
- Add min/max values to integer config options
None of the existing ironic-python-agent integer config options included
min or max values. Added appropriate min/max values for the integer
config options.
Two of the integer options are for ports (listen_port and
advertise_port). These were changed to use the more appropriate
oslo_config cfg.PortOpt instead of cfg.IntOpt. PortOpt has the proper
min and max values built in.
Change-Id: I98709a45d099aea62c9973beb6817591cb445a9c
Story: 1731950
- Merge "write byte objects when using os.write"
- Merge "Fix for fatal error when GPT was used and only MBR was cleaned"
- Merge "rework ATA secure erase"
- write byte objects when using os.write
Change-Id: I184a9d0bf4a0ba0776d519b3a3b9ccd39151b4ae
Story: 2002052
Task: 19713
- Fix for fatal error when GPT was used and only MBR was cleaned
You can generate this error if after having provisioned a node
using GPT partitioning, you clean its MBR using say
dd if=/dev/zero bs=1024 count=1 of=/dev/sda
and then cleanup all Ironic/Bifrost informations to get it
reprovisioned.
In this case sgdisk -Z returns an error and last_error field
in Ironic contains:
Error writing image to device: Writing image to device
/dev/sda failed with exit code 2
Caution: invalid main GPT header, but valid backup;
regenerating main header\nfrom backup!\n
\nInvalid partition data!\
Change-Id: Ib617737fff5e40cb376edda0232e0726d9c71231
- rework ATA secure erase
hdparm versions prior to 9.51 interpret the value, NULL, as a
password with string value: "NULL".
Example output of hdparm with NULL password:
[root@localhost ~]# hdparm --user-master u --security-unlock NULL /dev/sda
security_password="NULL"
/dev/sda:
Issuing SECURITY_UNLOCK command, password="NULL", user=user
SECURITY_UNLOCK: Input/output error
Example output of hdparm with "" as password:
[root@localhost ~]# hdparm --user-master u --security-unlock "" /dev/sda
security_password=""
/dev/sda:
Issuing SECURITY_UNLOCK command, password="", user=user
Note the values of security_password in the output above. The output
was observed on a CentOS 7 system, which ships hdparm 9.43 in the
offical repositories.
This change attempts to unlock the drive with the empty string if an
unlock with NULL was unsucessful.
Issuing a security-unlock will cause a state transition from SEC4
(security enabled, locked, not frozen) to SEC5 (security enabled,
unlocked, not frozen). In order to check that a password unlock attempt
was successful it makes sense to check that the drive is in the unlocked
state (a necessary condition for SEC5). Only after all unlock attempts
fail, do we consider the drive out of our control.
The conditions to check the drive is in the right state have been
adjusted to ensure that the drive is in the SEC5 state prior to issuing
a secure erase. Previously, on the "recovery from previous fail" path,
the security state was asserted to be "not enabled" after an unlock -
this could never have been the case.
A good overview of the ATA security states can be found here:
http://www.admin-magazine.com/Archive/2014/19/Using-the-ATA-security-features-of-modern-hard-disks-and-SSDs
Change-Id: Ic24b706a04ff6c08d750b9e3d79eb79eab2952ad
Story: 2001762
Task: 12161
Story: 2001763
Task: 12162
- Rescue bug: tinyipa fails to acquire IP in multitenant env
It seems the udhcpc script is not executable and no sleeping
cause tinyipa fails to acquire IP in multi-tenant env.
Story: #2002024
Change-Id: I3a693d75bfa54fe905bd3cd0587bb139934c087c
- Merge "Do not run functional (API) tests in the CI"
- Merge "Fix gate and bump CoreOS version to latest stable."
- Do not run functional (API) tests in the CI
These tests exercise Ironic API with the fake driver, thus they provide
no coverage for IPA and can be excluded.
Change-Id: I02eb41b112f1da413178cbdc5834d2904e9d26e9
- Fix gate and bump CoreOS version to latest stable.
Increases the amount of ram for CoreOS IPA to 2GB
as the base CoreOS image is now 310MB.
Bumped CPU count for CoreOS runs to 2 CPUs as the
concurrency helps boot times for the CoreOS ramdisk.
Adds netbase, udev, and open-iscsi to debian jessie container
as they are no longer present in the default container.
Explicitly set path variable for execution in the debian
container as udevadm is in /sbin, and we may not have
/sbin on the path that is passed through to the
chroot.
Also fixed new pep8 test failures.
Story: #1600228
Task: #16287
Change-Id: I488445dfd261b7bca322a0be7b4d8ca6105750a3
- Gate fix: Cap hacking to avoid gate failure
hacking is not capped in g-r and it is in
blacklist for requirement as hacking new version
can break the gate jobs.
Hacking can break gate jobs because of various
reasons:
- There might be new rule addition in hacking
- Some rules becomes default from non-default
- Updates in pycodestyle etc
That was the main reason it was not added in g-r
auto sync also. Most of the project maintained the
compatible and cap the hacking version in
test-requirements.txt and update to new version when
project is ready. Bumping new version might need code
fix also on project side depends on what new in that
version.
If project does not have cap the hacking version then,
there is possibility of gate failure whenever new hacking
version is released by QA team.
Example of such failure in recent release of hacking 1.1.0
- http://lists.openstack.org/pipermail/openstack-dev/2018-May/130282.html
Change-Id: I2c84d3368bd6675c28ebba695e0c1afdd2867588
This commit is contained in:
Zuul
Gerrit Code Review
parent
2d33e6e509
commit
ce33b09b34
|
|
@ -1 +1 @@
|
|||
Subproject commit 2df41a80e3da889ab726a336ffa8b14800e61cda
|
||||
Subproject commit c5f31db691fafb687c3d0e2bcde08b08dc48ab06
|
||||
Loading…
Reference in New Issue