It was recently learned by the OpenStack community that running qemu-img
on untrusted images without a format pre-specified can present a
security risk. Furthermore, some of these specific image formats have
inherently unsafe features. This is rooted in how qemu-img operates
where all image drivers are loaded and attempt to evaluate the input data.
This can result in several different vectors which this patch works to
close.
This change imports the qemu-img handling code from Ironic-Lib into
Ironic, and image format inspection code, which has been developed by
the wider community to validate general safety of images before converting
them for use in a deployment.
This patch contains functional changes related to the hardening of these
calls including how images are handled, and updates documentation to
provide context and guidance to operators.
Closes-Bug: 2071740
Change-Id: I7fac5c64f89aec39e9755f0930ee47ff8f7aed47
Signed-off-by: Julia Kreger <juliaashleykreger@gmail.com>
Ironic already has support for automatically setting a lessee on
deployment, but it is only supported for direct deployments with Ironic,
as it uses request context which is not preserved in the Nova driver.
Now, when combined with the related Nova change, Ironic can support this
behavior for fully integrated installations. On deploy time, Nova will
set several fields -- including project_id -- in instance info. If
enabled, Ironic will then use that project_id as the automatic lessee.
The previous behavior of using the project_id from the request context
is still supported as a fallback.
This is being tracked in nova as blueprint ironic-guest-metadata.
Closes-Bug: #2063352
Change-Id: Id381a3d201c2f1b137279decc0e32096d4d95012
With the removal of the wsman interfaces in the idrac driver and only
redfish being supported, the idrac driver should inherit from the
redfish driver to ensure that it properly supports all the redfish
supported interfaces. Furthermore with several of the interfaces being
no-op passthru to the redfish implementation there is no reason to not
let the user select those interfaces as well. With an eye towards not
having to support these in the future, direct users to use the stock
redfish versions in the docs as well.
Change-Id: I79ab44f31660e6d5311db46223e8bd60d2b3f213
Signed-off-by: Doug Goldstein <cardoe@cardoe.com>
Lots of references to deprecated ways of doing things, as well as two
entire separate sections dedicated to how disk erasure works.
Also ensured we reference new valid config options surrounding disk
erasure.
Additional improvments could include adding documentation around how to
skip disks per node (or linking to any preexisting docs around it).
Change-Id: Ifa029e26eff0637b443d094d85e773b885d0979b
Since we're a plugin, the TARGET_BRANCH instructions in the normal
devstack guide are not enough. We should specifically instruct people to
avoid this pitfall.
Change-Id: I7c9fd98c582984036e0b19714b8f387a31e8715f
Currently, if the inspection network is not provided, neutron-based
network interfaces fail with something like:
Driver redfish does not support inspection (disabled or not implemented)
This is utterly misleading. Use a hand-crafted error message instead.
Same for the PXE boot interface. Also add missing documentation.
Change-Id: I79086db1c270e02a6c74b870acc336e8da54dea3
The documentation contains a significant amount of grammar mistakes.
This could cause confusion in certain scenarios to correctly understanding the
context. Starting to go though the documentation and pushing this commit
as a start.
Change-Id: If2c18909a83ba501b5ffae494934fb631b009e54
Update api-ref, documentation to reflect the new
endpoints and the new way to set node provision state.
Related-Bug: #2027690
Change-Id: I2106691c08eb04d1001ccf97e6e08fc811356874
Implement cross-referencing to configuration options
through out the Ironic documentation.
Closes-Bug: #2076111
Change-Id: I28712a3a92eb7e7d9875e49ea3ed8800168262fe
Ironic docs improvements. Addressing one of the issues from
the Ironic documentation audit. Using gerunds in titles and
including *Ironic* in the title to improve SEO.
Closes-Bug: #2072351
Related-Bug: #2072349
Change-Id: I9f9c47654386df416b51e8a0cd48f5a89f55e799
Adds runbooks; the new API feature that makes it possible for
project members to self-serve maintenance tasks through curated step
lists associated with target nodes via traits.
In addition to basic CRUD support, runbook extends current API flow for
performing manual cleaning and servicing to support runbooks in lieu of
an explicit/arbitrary ``clean_steps`` and ``service_steps`` user-defined
lists.
Demo Video: https://youtu.be/00PJS4SXFYQ
Closes-Bug: #2027690
Change-Id: I43555ef72cb882adcada2ed875fda40eed0dd034
To utilize the idrac-redfish interfaces, you need the sushy-oem-idrac
package to be installed along side of sushy itself.
Change-Id: I3376cd0b40fce49345121ad84d35749241e9dbe8
This is a quick and easy way to get Ironic up for testing; updated to be
even quicker and easier if you don't need multiprocess or mysql.
Co-Authored-By: CID <cid@gr-oss.io>
Change-Id: Ibef8a24868fd1f507e69e6d615d6327031d11495
Issues an error on removed items still used in the configuration.
Issues a warning on deprecated items or nodes that use removed drivers
or interfaces.
Change-Id: Iebb4cd611f7111cde20acf9ba3d4c9127925b6cf
Closes-Bug: #2051954
Adds a pretty straightforward Sphinx plugin that reads the JSON profile
file and renders it nicely in a document that is then included from
the Redfish page.
Change-Id: Ic2da61cb510897eac8a2e162816cfd05cc22994c
This is largely inspired by the excellent feedback we got from David
Welsch, although this patch is only a very early first step towards
where we want to be with the documentation.
First, I'm splitting the large administrator guide into several large
sections: features, operation, architecture. Some of their topic might
actually find a better home outside of the administrator guide, but I
don't go that far in this change.
Second, I'm grouping several separate things together with the larger
topics:
- API topics are relevant for users and are grouped with the user guide
- Configuration guide and release notes are grouped with the
administrator guide.
- The command reference is renamed for clarity and also grouped with the
administrator guide since these are not user-visible commands.
- I'm dropping the "Advanced topics" subsection. While I like its
intention (and I think it was me who added it in the first place),
it's clear that such separation makes these topics much less
discoverable.
Third, I'm playing with :maxdepth: here to make the sub-pages more
informative.
Change-Id: Icd0a35b252136b7da107c6346c48473cf1b99bcb
The goal here is to give newcomers an easier overview of the contributor
guide. Currently, the index page only points at a couple of sections in
the contributor index, which may be confusing. So:
1) Expand the contributor reference from the index page one more level.
2) Update headings in the contributor guide to match the toctrees and
their expected level.
3) Expand toctrees in the contributor index one more level.
4) Move references to the development enviroment to a higher level
toctree to make them visible in the index.
5) Apply consistent upper case heading.
Change-Id: Ifb9fdc96b368095437771217090120e83eaa0fa7
Instead of only file-based persistence which leaves files
with credentials on the conductor disk for the duration of
the session.
User can now pass ``True`` to the ``store_cred_in_env`` parameter
which instead stores IPMI password as an environment variable, still
for the duration of the session, but limiting exposure to just the
user session of ironic and anyone that has access to it.
Defaults to ``False``.
Closes-Bug: #2058749
Change-Id: Icd91e969e5c58bf42fc50958c3cd1acabd36ccdf
The syntax we're using there is not valid, change to a definition list,
add double ticks and change a mention of an option to a link.
Change-Id: Idf37436d034fe8bb65bff92eddadfd82d7431df0
