This change updates the inventory handlers to provide an IPMI
privilege level (with a default of "ADMINISTRATOR") when making
hardware detection requests. If the privilege level is not specified,
IPMI requests will fail if the user does not have ADMINISTRATOR
privileges.
This change depends on changes 1076 and 1077.
signed-off-by: dave kormann <davek@research.att.com>
Change-Id: I06225d00adc719c324de5fc1a4b18d7ea2ac56f4
def handle(self):
usersconf = self.confman.get_users_config_handler()
def handle(self):
usersconf = self.confman.get_users_config_handler()
+ hostsconf = self.confman.get_hosts_config_handler()
admin_user = usersconf.get_admin_user()
self.add_global_var("home_dir", "/home/" + admin_user)
all_vars = self.inventory['all']['vars']
admin_user = usersconf.get_admin_user()
self.add_global_var("home_dir", "/home/" + admin_user)
all_vars = self.inventory['all']['vars']
power["ipmi_address"] = all_vars['hosts'][host]['hwmgmt']['address']
power["ipmi_password"] = all_vars['hosts'][host]['hwmgmt']['password']
power["ipmi_username"] = all_vars['hosts'][host]['hwmgmt']['user']
power["ipmi_address"] = all_vars['hosts'][host]['hwmgmt']['address']
power["ipmi_password"] = all_vars['hosts'][host]['hwmgmt']['password']
power["ipmi_username"] = all_vars['hosts'][host]['hwmgmt']['user']
+ power["ipmi_priv_level"] = hostsconf.get_hwmgmt_priv_level(host)
power["product_family"] = all_vars['hw_inventory_details'][host]['product_family']
power["vendor"] = all_vars['hw_inventory_details'][host]['vendor']
power["product_family"] = all_vars['hw_inventory_details'][host]['product_family']
power["vendor"] = all_vars['hw_inventory_details'][host]['vendor']
self._set_hw_types()
self._add_hw_config()
self._set_hw_types()
self._add_hw_config()
def _add_hw_config(self):
try:
text = Environment().from_string(JSON_HW_HOST_VAR).render(
def _add_hw_config(self):
try:
text = Environment().from_string(JSON_HW_HOST_VAR).render(
hwmgmt_addr = self._hosts_config_handler.get_hwmgmt_ip(name)
hwmgmt_user = self._hosts_config_handler.get_hwmgmt_user(name)
hwmgmt_pass = self._hosts_config_handler.get_hwmgmt_password(name)
hwmgmt_addr = self._hosts_config_handler.get_hwmgmt_ip(name)
hwmgmt_user = self._hosts_config_handler.get_hwmgmt_user(name)
hwmgmt_pass = self._hosts_config_handler.get_hwmgmt_password(name)
- return hw.get_hw_data(hwmgmt_addr, hwmgmt_user, hwmgmt_pass)
-
+ hwmgmt_priv_level = self._hosts_config_handler.get_hwmgmt_priv_level(name)
+ return hw.get_hw_data(hwmgmt_addr, hwmgmt_user, hwmgmt_pass, hwmgmt_priv_level)
+
def _set_hw_types(self):
hosts = self._hosts_config_handler.get_hosts()
for host in hosts:
def _set_hw_types(self):
hosts = self._hosts_config_handler.get_hosts()
for host in hosts:
host_object.vendor = hw_details.get("vendor", "Unknown")
host_object.product_family = hw_details.get("product_family", "Unknown")
host_object.mgmt_mac = hw_details.get('info', {}).get("MAC Address", "00:00:00:00:00:00")
host_object.vendor = hw_details.get("vendor", "Unknown")
host_object.product_family = hw_details.get("product_family", "Unknown")
host_object.mgmt_mac = hw_details.get('info', {}).get("MAC Address", "00:00:00:00:00:00")
- self.host_objects.append(host_object)
+ self.host_objects.append(host_object)
self.hwmgmt_address = None
self.hwmgmt_password = None
self.hwmgmt_user = None
self.hwmgmt_address = None
self.hwmgmt_password = None
self.hwmgmt_user = None
+ self.hwmgmt_priv_level = 'ADMINISTRATOR'
self.mgmt_mac = None
self.is_performance = False
self.os_max_threads = 16
self.mgmt_mac = None
self.is_performance = False
self.os_max_threads = 16
host.hwmgmt_address = hostsconf.get_hwmgmt_ip(name)
host.hwmgmt_user = hostsconf.get_hwmgmt_user(name)
host.hwmgmt_password = hostsconf.get_hwmgmt_password(name)
host.hwmgmt_address = hostsconf.get_hwmgmt_ip(name)
host.hwmgmt_user = hostsconf.get_hwmgmt_user(name)
host.hwmgmt_password = hostsconf.get_hwmgmt_password(name)
+ host.hwmgmt_priv_level = hostsconf.get_hwmgmt_priv_level(name)
host.mgmt_mac = hostsconf.get_mgmt_mac(name)
host.mgmt_mac = hostsconf.get_mgmt_mac(name)
hwmgmt_addr = self._hosts_config_handler.get_hwmgmt_ip(name)
hwmgmt_user = self._hosts_config_handler.get_hwmgmt_user(name)
hwmgmt_pass = self._hosts_config_handler.get_hwmgmt_password(name)
hwmgmt_addr = self._hosts_config_handler.get_hwmgmt_ip(name)
hwmgmt_user = self._hosts_config_handler.get_hwmgmt_user(name)
hwmgmt_pass = self._hosts_config_handler.get_hwmgmt_password(name)
- return hw.get_hw_type(hwmgmt_addr, hwmgmt_user, hwmgmt_pass)
+ hwmgmt_priv_level = self._hosts_config_handler.get_hwmgmt_priv_level(name)
+ return hw.get_hw_type(hwmgmt_addr, hwmgmt_user, hwmgmt_pass, hwmgmt_priv_level)
@staticmethod
def _get_os_disk(hw_type):
@staticmethod
def _get_os_disk(hw_type):
(attribute, profile, host))
def validate_hwmgmt(self, hwmgmt, host):
(attribute, profile, host))
def validate_hwmgmt(self, hwmgmt, host):
+ # this list may not be comprehensive, but it matches ironic's idea
+ # of valid privileges. In practice, we'll likely only see OPERATOR
+ # and ADMINISTRATOR. Case seems to matter here.
+ valid_ipmi_priv = ['USER', 'CALLBACK', 'OPERATOR', 'ADMINISTRATOR']
+
if not hwmgmt:
raise validation.ValidationError('Missing hwmgmt configuration for %s' % host)
if not hwmgmt.get('user'):
raise validation.ValidationError('Missing hwmgmt username for %s' % host)
if not hwmgmt.get('password'):
raise validation.ValidationError('Missing hwmgmt password for %s' % host)
if not hwmgmt:
raise validation.ValidationError('Missing hwmgmt configuration for %s' % host)
if not hwmgmt.get('user'):
raise validation.ValidationError('Missing hwmgmt username for %s' % host)
if not hwmgmt.get('password'):
raise validation.ValidationError('Missing hwmgmt password for %s' % host)
+ priv_level = hwmgmt.get('priv_level')
+ if priv_level and priv_level not in valid_ipmi_priv:
+ # priv_level is optional, but should be in the valid range.
+ raise validation.ValidationError('Invalid IPMI privilege level %s for %s' %
+ (priv_level, host))
validationutils = validation.ValidationUtils()
validationutils.validate_ip_address(hwmgmt.get('address'))
validationutils = validation.ValidationUtils()
validationutils.validate_ip_address(hwmgmt.get('address'))
class VersionValidation(cmvalidator.CMValidator):
domain = 'cloud.version'
class VersionValidation(cmvalidator.CMValidator):
domain = 'cloud.version'
# Should be same as 'version' in release build
# Should be same as 'version' in release build
- devel_version = [2, 0, 2]
+ devel_version = [2, 0, 3]
# Example:
# {1: 'This is the first change requiring new template version (1.1.0)',
# Example:
# {1: 'This is the first change requiring new template version (1.1.0)',