FIX: Allow configuration of IPMI privilege level

This change adds a priv_level argument to the hwmgmt specification.
The value of this parameter will be used as the requested privilege
level on IPMI requests.  Without this parameter, IPMI requests will
fail if the hwmgmt.user does not have ADMINISTRATOR privilege.  To
preserve the original semantics, the default value for the parameter
is ADMINISTRATOR.

signed-off-by: dave kormann <davek@research.att.com>
Change-Id: I8adf8d32510801914f4e8438190c52f5e9524209

diff --git a/cmdatahandlers/src/cmdatahandlers/hosts/config.py b/cmdatahandlers/src/cmdatahandlers/hosts/config.py
index 65b188b..a9a445e 100644 (file)
--- a/cmdatahandlers/src/cmdatahandlers/hosts/config.py
+++ b/cmdatahandlers/src/cmdatahandlers/hosts/config.py
@@ -82,6 +82,28 @@ class Config(config.Config):
             cidr = netconf.get_network_cidr(hwmgmtnet, domain)
             utils.validate_ip_in_network(ip, cidr)
 
+    def get_hwmgmt_priv_level(self, hostname):
+        """get the hwmgmt IPMI privilege level.  Defaults to ADMINISTRATOR
+
+           Arguments:
+
+           hostname: The name of the node
+
+           Return:
+
+           The prvilege level, or ADMINISTRATOR if unspecified
+
+           Raise:
+
+           ConfigError in-case of an error
+        """
+        self._validate_hostname(hostname)
+
+        if 'hwmgmt' not in self.config[self.ROOT][hostname]:
+            raise configerror.ConfigError('No hwmgmt info defined for host')
+
+        return self.config[self.ROOT][hostname]['hwmgmt'].get('priv_level', 'ADMINISTRATOR')
+
     def _validate_service_profiles(self, hostname):
         node_profiles = self.get_service_profiles(hostname)
         utils.validate_list_items_unique(node_profiles)

diff --git a/userconfigtemplate/user_config.yaml b/userconfigtemplate/user_config.yaml
index 6f8ce3a..fff4488 100644 (file)
--- a/userconfigtemplate/user_config.yaml
+++ b/userconfigtemplate/user_config.yaml
@@ -29,7 +29,7 @@
 ###        - Minor changes in template (e.g. new optional attributes or
 ###          changes in possible values, value ranges or default values)
 ###        - Backwards compatible
-version: 2.0.2
+version: 2.0.3
 
 ### Cloud name can consist of lower case letters, digits and dash (-).
 ### Name must start and end with a letter or a digit.
@@ -562,7 +562,10 @@ hosts:
             address: <VALUE>
             user: <VALUE>
             password: <VALUE>
-
+            # Optional: the IPMI privilege level to request.
+            # Typical values include 'USER', 'OPERATOR', 'ADMINISTRATOR'
+            # default is 'ADMINISTRATOR' if unspecified.
+            # priv_level: <VALUE>
         ### Optional parameter needed for virtual deployment to identify the
         ### nodes the mac address for the provisioning interface
         #mgmt_mac: [<VALUE1>, <VALUE2>, ...]