From 0815b534bebc4f3cd7869efb8872ac11e40d0bc6 Mon Sep 17 00:00:00 2001 From: dave kormann Date: Wed, 10 Jul 2019 11:26:16 -0400 Subject: [PATCH] FIX: Allow configuration of IPMI privilege level This change updates the ansible tasks to supply a privilege level (configured as hwmgmt.priv_level) when calling ipmitool. Without this change, ipmitool defaults to using the 'ADMINISTRATOR' privilege. This will fail on systems where hwmgmt.user is assigned a lower privilege level. This change depends on changes 1076, 1077, and 1078. signed-off-by: dave kormann Change-Id: If97a52fa2f2dbf903f2c8e2311e163b2ffd1b944 --- .gitreview | 4 ++-- roles/baremetal_provision/tasks/start_console_logging.yml | 4 ++-- roles/baremetal_provision/tasks/stop_console_logging.yml | 2 +- roles/initial_poweroff_hosts/tasks/poweroff_real_nodes.yml | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.gitreview b/.gitreview index 3254cdd..96259c8 100644 --- a/.gitreview +++ b/.gitreview @@ -1,5 +1,5 @@ [gerrit] -host=gerrit.att-akraino.org +host=gerrit.akraino.org port=29418 -project=rec/infra-ansible +project=ta/infra-ansible defaultremote=origin diff --git a/roles/baremetal_provision/tasks/start_console_logging.yml b/roles/baremetal_provision/tasks/start_console_logging.yml index 1f3992f..72a63bf 100644 --- a/roles/baremetal_provision/tasks/start_console_logging.yml +++ b/roles/baremetal_provision/tasks/start_console_logging.yml @@ -15,7 +15,7 @@ # limitations under the License. - name: Deactivate ipmi sol - command: "/usr/bin/ipmitool -I lanplus -H {{hosts[ironic_node_details.name]['hwmgmt']['address']}} -U {{hosts[ironic_node_details.name]['hwmgmt']['user']}} -P {{hosts[ironic_node_details.name]['hwmgmt']['password']}} sol deactivate" + command: "/usr/bin/ipmitool -I lanplus -H {{hosts[ironic_node_details.name]['hwmgmt']['address']}} -U {{hosts[ironic_node_details.name]['hwmgmt']['user']}} -P {{hosts[ironic_node_details.name]['hwmgmt']['password']}} -L {{hosts[ironic_node_details.name]['hwmgmt']['priv_level']}} sol deactivate" ignore_errors: yes no_log: True @@ -45,5 +45,5 @@ shell: "source /opt/tmux_setup/tmux.inc; tmux_session_start bash /bin/bash" - name: Start tmux windows for each nodes - shell: "source /opt/tmux_setup/tmux.inc; tmux_cmd {{ironic_node_details.name}} /usr/bin/ipmitool -I lanplus -H {{hosts[ironic_node_details.name]['hwmgmt']['address']}} -U {{hosts[ironic_node_details.name]['hwmgmt']['user']}} -P {{hosts[ironic_node_details.name]['hwmgmt']['password']}} sol activate" + shell: "source /opt/tmux_setup/tmux.inc; tmux_cmd {{ironic_node_details.name}} /usr/bin/ipmitool -I lanplus -H {{hosts[ironic_node_details.name]['hwmgmt']['address']}} -U {{hosts[ironic_node_details.name]['hwmgmt']['user']}} -P {{hosts[ironic_node_details.name]['hwmgmt']['password']}} -L {{hosts[ironic_node_details.name]['hwmgmt']['priv_level']}} sol activate" no_log: True diff --git a/roles/baremetal_provision/tasks/stop_console_logging.yml b/roles/baremetal_provision/tasks/stop_console_logging.yml index 45a6b81..06a3c6d 100644 --- a/roles/baremetal_provision/tasks/stop_console_logging.yml +++ b/roles/baremetal_provision/tasks/stop_console_logging.yml @@ -23,7 +23,7 @@ ignore_errors: yes - name: Deactivate ipmi sol - command: "/usr/bin/ipmitool -I lanplus -H {{hosts[ironic_node_details.name]['hwmgmt']['address']}} -U {{hosts[ironic_node_details.name]['hwmgmt']['user']}} -P {{hosts[ironic_node_details.name]['hwmgmt']['password']}} sol deactivate" + command: "/usr/bin/ipmitool -I lanplus -H {{hosts[ironic_node_details.name]['hwmgmt']['address']}} -U {{hosts[ironic_node_details.name]['hwmgmt']['user']}} -P {{hosts[ironic_node_details.name]['hwmgmt']['password']}} -L {{hosts[ironic_node_details.name]['hwmgmt']['priv_level']}} sol deactivate" ignore_errors: yes no_log: True diff --git a/roles/initial_poweroff_hosts/tasks/poweroff_real_nodes.yml b/roles/initial_poweroff_hosts/tasks/poweroff_real_nodes.yml index 6a188f4..ea5f098 100644 --- a/roles/initial_poweroff_hosts/tasks/poweroff_real_nodes.yml +++ b/roles/initial_poweroff_hosts/tasks/poweroff_real_nodes.yml @@ -15,7 +15,7 @@ # limitations under the License. - name: Ensure all the nodes in the deployment are powered-off. - command: "/usr/bin/ipmitool -I lanplus -H {{item.value['hwmgmt']['address']}} -U {{item.value['hwmgmt']['user']}} -P {{item.value['hwmgmt']['password']}} chassis power off" + command: "/usr/bin/ipmitool -I lanplus -H {{item.value['hwmgmt']['address']}} -U {{item.value['hwmgmt']['user']}} -P {{item.value['hwmgmt']['password']}} -L {{item.value['hwmgmt']['priv_level']}} chassis power off" with_dict: "{{nodes_to_power_off}}" no_log: True when: -- 2.16.6