Delete the deploy kernel, ramdisk, and ISO files during cleanup
to trigger rebuild on the subsequent stack.sh run.
Closes-Bug: #2076358
Change-Id: I6600b67c9b3455d8191126b24a1941ae7c384e36
Wraps `wget` commands with sleep and mutiple retry support
for resilient network downloads.
Partial-Bug: #2098417
Change-Id: Id3e083cc97b71211e5080ad21e2c09d04d8559fa
This is a forklift of the nova novncproxy service to act as the noVNC
front-end to graphical consoles.
The service does the following:
- serves noVNC web assets for the browser based VNC client
- creates a websocket to proxy VNC traffic to an actual VNC server
- decouples authentication traffic so that the source server can have
a different authentication method than the browser client
The forklifted code has been adapted to Ironic conventions, including:
- [vnc] config options following Ironic conventions and using existing
config options where appropriate
- Removing the unnecessary authentication method VeNCrypt, leaving only
the None auth method.
- Adapting the ironic-novncproxy command to use Ironic's service launch
approach, allowing it to be started as part of the all-in-one ironic
- Replace Nova's approach of looking up the instance via the token.
Instead the node UUID is included in the websocket querystring
alongside the token
- Removing cookie fallback when token is missing from querystring
- Removing expected protocol validation in the websocket handshake
- Removing internal access path support
- Removing enforce_session_timeout as this will be done at the
container level
Related-Bug: 2086715
Change-Id: I575a8671e2262408ba1d690cfceabe992c2d4fef
The emulator *and* the EFI binary paths are different
when using Centos/Fedora, and Fedora/Centos are distinctly
different with EFI folder paths.
Change-Id: I2c6ba884735f22cc9153de0a24282758ffbdc496
While doing some work on a fips-enabled machine, using centos,
I noticed the check is looking for a ubuntu package version.
Realistically, that is wrong, since 2.90 in general is what
we're seeking.
Change-Id: I02179f10a360a5dd83f4efe28c1ecbb51afb57ab
IPv6 job using UEFI and OVN with dhcpv6-stateful address mode.
Updates the devstack plugin to ensure CentOS DIB ironic-python-agent is
always used for dhcpb6-stateful, udhcpc in tinycore does not support
DHCPv6.
Ensure mtu on the ironic-provision network matches PUBLIC_BRIDGE_MTU
when Ironic IPv6 is used. This ensures we do not get packet drops from
over-mtu.
Devstack plugin will ignore any HOST_IPV6 address discovered, always
using the magigv6 interface and 'fc00::1' as IRONIC_HOST_IPV6.
Change-Id: Iab97d78d7a075eaef3bdcfc08fc4f184a5ea490a
So the prime driver behind pinning the MTU down on our interfaces is so
traffic can cross mutlinode vxlan tunnels between nodes where the devstack
plugin is executing to support more complex tests.
But the reality is that doesn't always make sense, and when Neutron
has a default mtu override based upon "upstream" traffic constraints,
that is likey okay as well.
Part of the CI configuration auto-pins the MTU down, which is fine
for single node testing, however with multinode we need to pin the
MTU further down to try and prevent packets from being dropped on
the internal interfaces use to wire up test VMs.
Change-Id: Idc145f4eea87a8db69202b8d7953975d7d5cba2c
Each run of devstack results in the dnsmasq version being restored to
the distro package version before being replaced by this override. This
means that a second run of stack.sh fails because the dnsmasq checkout
directory already exists.
This change moves the checkout to a tmp dir. This also stops git
complaining about nested git repos from the devstack repo.
Change-Id: Ida3892f2e706fa5a791a048f26440d84876be125
This migrates ironic-lib code and usages to code in ironic.common.
Relevant unit tests were migrated as well.
Also removes support for ironic-lib from CI and devstack.
Change-Id: Ic96a09735f04ff98c6fec23d782566da3061c409
I have requested a new release from dnsmasq here:
https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q4/017828.html
but until they perform one, we should at least checkout and build
a version of dnsmasq with this fix, instead of downgrading to one that
is slightly less broken.
Related-Bug: 2026757
Change-Id: I8abac5fa729035341c90d7881cb35aff751da101
This adds a wsgi entrypoint module which can be used with a wsgi runner,
such as uwsgi, to launch Ironic API processes without the need of a
separate script.
The legacy WSGI script is currently being installed by PBR, and as part
of the migration to a pyproject.yaml-compatible PBR, we cannot use the
wsgi-scripts plugin anymore, and will be removing the script installed
by it in a future Ironic release.
The new WSGI script, because it has statements at the module top-level,
cannot be autodocumented; we now exclude it.
Also we don't treat all warnings as errors in pdf docs builds to allow
the use of mock autosummary, starting with including the wsgi module.
Co-Authored-By: Doug Goldstein <cardoe@cardoe.com>
Change-Id: I584ac6a25c4e6cd9744a609b50d12b434a930dc6
An interesting, and frustrating aspect of 4k block devices is that the math begins
to be impacted across the whole of the useage of the device.
Specifically the LVM block spacing also begins to be thrown
"out of alignment" which changes user calculations.
Most users doing smaller allocations likely won't matter, but users doing
thin volumes or filling the percentage of the remaining usable volume, also then
break.
So realistically, the best path to ensure we have appropriate 4k device testing,
and our dependent tooling in diskimage-builder is also getting tested, is to run
the more complex case in our CI job.
This change is dependent upon two other changes which are under review.
Change-Id: I5b23403c783fa84b4158708741524c3dc9a92722
grenade by default enable GLOBAL_VENV which means it
install and run everything from virtual env
- https://review.opendev.org/c/openstack/grenade/+/930507
We faced the error in ironic grenade scripts in virtual env
so GLOBAL_VENV was disabled explicitly. This fixing the scripts
and enable GLOBAL_VENV in ironic jobs also.
Change-Id: I48ee1dd4adc2e5bcc18c5f116d979e7524248495
No jobs are setting this, nor have any set it in some time. Remove it.
Change-Id: I38a092de125e382607d89d8e5a3b85db809a6d61
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
Nothing is setting this anymore, making this a layer of indirection
we do not need. Remove it.
Change-Id: Iba3674536ee98ba4d2d0cb5ffb0ec52e5286b7e7
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
Add a CI job to leverage a 4k logical block disk image which is
deployed to the remote system to ensure the build pipeline and
code to naviate 4k disk images is in working order.
Change-Id: If7aee654f9282b33ea489558f45f45cfed86e9d1
This change makes it possible to test the new "agent" implementation.
The PXE environment is not migrated so far, so managed inspection is
assumed by default.
Change-Id: I60a11454aefc01333e3f788e2b09ec6e47423223
Right now, when restacking to get new code checked out, we fail due to
the dnsmasq directory already existing. Now, skip the downgrade if we
detect the correct version -- as we would on a second run.
Change-Id: I5c3d28f75b66d14540cbafa03bff8b7def688da5
In trying to chase down why the raw tftp boot of grub is not
happy, I determined that the tftp folder being created had the
wrong permissions out of the box. Ironic has an optional knob for
this, so we're going to set it by default.
Change-Id: If2a0e5e47163a3525ecd245e8b54cacea9a615de
This commit introduces support for provisioning ARM (aarch64)
fake-bare-metal VMs in Ironic for the purpose of eventually supporting
CI testing on ARM64 architecture-based hardware.
Change-Id: Ie4bff8892228275ad0fb940c30e8071f7f4c423f
There has been no testing of this hardware type in quite some time,
and the last we heard the vendor was moving towards redfish.
Change-Id: Ib32db463981ec54430884ac760956b7c7b40b17f
Codespell upgrade caused failures, fixed spelling where
appropriate, added ignores where appropriate.
Some new package release broke pep8 runs; fixed by no
longer pinning Pygments version.
Change-Id: I670bbb170823d6a0ace8eeb9d9e486e8e9bf7404
This makes all the image upload commands in the devstack plugin use
--file instead of stdin redirection, and also uses an absolute path.
One of the commands was already doing it this way. By doing the upload
like this, it makes the devstack plugin usable with the OCaaS devstack
mode (for faster openstack client ops) since we can't pass the image
stream via stdin. Most people will be using --file for uploading
anyway, so this is probably more realistic anyway.
Change-Id: I8d97ed731133d02aed46a078c50769692ad7ba04
Cirros partition images have some underlying limitations,
meaning it is not ideal for any step which requires the image
to hae commands executed in it to perform operations, such as
mounting additional filesystems in UEFI mode, or installing
grub in BIOS mode.
This is because cirros images are an unpacked ramdisk, in other
words, the posted disk image *has no* contents on the root
filesystem of the image. While we attempt to unpack[0] this as well,
this can also fail creating false failures resulting in check
jobs failing and then working on recheck.
As the constraint is the same as the BIOS mode check, and there
is no realistic fix, this change removes the boot mode check and
thus always disables partition image testing with tempest *when*
cirros is in use.
note 0: We presently unpack using a virtual machine launch so it
takes place with the same process as when cirros starts, however
linux doesn't always boot, and the tools don't really determine
if that is the case or not, and if we retool it, we should just
move to a direct extraction and image re-pack.
Change-Id: I7687ff1eddb14d22b981860d4c4c9b172bae45b7
Had someone try to boot the tinycore ISO on a UEFI machine, and they
got a nice error. Just turns out we needed to update our docs a little
bit to provide appropriate clarity.
Change-Id: I1adfb62ea22d0b58740ceadc8c338fc04d9b78de
