diff --git a/charts/drydock/Chart.yaml b/charts/drydock/Chart.yaml index 9083e359..5b30a576 100644 --- a/charts/drydock/Chart.yaml +++ b/charts/drydock/Chart.yaml @@ -15,7 +15,7 @@ apiVersion: v1 description: A Helm chart for Drydock name: drydock -version: 0.1.2 +version: 0.1.1 keywords: - drydock home: https://github.com/openstack/airship-drydock diff --git a/doc/source/_static/drydock.conf.sample b/doc/source/_static/drydock.conf.sample index f4a7e5d0..323d4df9 100644 --- a/doc/source/_static/drydock.conf.sample +++ b/doc/source/_static/drydock.conf.sample @@ -1,8 +1,112 @@ [DEFAULT] +# +# From drydock_provisioner +# + +# Polling interval in seconds for checking subtask or downstream status (integer +# value) +# Minimum value: 1 +#poll_interval = 10 + +# How long a leader has to check-in before leadership can be usurped, in seconds +# (integer value) +#leader_grace_period = 300 + +# How often will an instance attempt to claim leadership, in seconds (integer +# value) +#leadership_claim_interval = 30 + + +[database] + +# +# From drydock_provisioner +# + +# The URI database connect string. (string value) +#database_connect_string = + +# The SQLalchemy database connection pool size. (integer value) +#pool_size = 15 + +# Should DB connections be validated prior to use. (boolean value) +#pool_pre_ping = true + +# How long a request for a connection should wait before one becomes available. +# (integer value) +#pool_timeout = 30 + +# How many connections above pool_size are allowed to be open during high usage. +# (integer value) +#pool_overflow = 10 + +# Time, in seconds, when a connection should be closed and re-established. -1 +# for no recycling. (integer value) +#connection_recycle = -1 + [keystone_authtoken] +# +# From drydock_provisioner +# + +# Authentication URL (string value) +#auth_url = + +# Scope for system operations (string value) +#system_scope = + +# Domain ID to scope to (string value) +#domain_id = + +# Domain name to scope to (string value) +#domain_name = + +# Project ID to scope to (string value) +# Deprecated group/name - [keystone_authtoken]/tenant_id +#project_id = + +# Project name to scope to (string value) +# Deprecated group/name - [keystone_authtoken]/tenant_name +#project_name = + +# Domain ID containing project (string value) +#project_domain_id = + +# Domain name containing project (string value) +#project_domain_name = + +# ID of the trust to use as a trustee use (string value) +#trust_id = + +# Optional domain ID to use with v3 and v2 parameters. It will be used for both +# the user and project domain in v3 and ignored in v2 authentication. (string +# value) +#default_domain_id = + +# Optional domain name to use with v3 API and v2 parameters. It will be used for +# both the user and project domain in v3 and ignored in v2 authentication. +# (string value) +#default_domain_name = + +# User id (string value) +#user_id = + +# Username (string value) +# Deprecated group/name - [keystone_authtoken]/user_name +#username = + +# User's domain id (string value) +#user_domain_id = + +# User's domain name (string value) +#user_domain_name = + +# User's password (string value) +#password = + # # From keystonemiddleware.auth_token # @@ -162,6 +266,84 @@ #auth_section = +[libvirt_driver] + +# +# From drydock_provisioner +# + +# Polling interval in seconds for querying libvirt status (integer value) +#poll_interval = 10 + + +[logging] + +# +# From drydock_provisioner +# + +# Global log level for Drydock (string value) +#log_level = INFO + +# Logger name for the top-level logger (string value) +#global_logger_name = drydock_provisioner + +# Logger name for OOB driver logging (string value) +#oobdriver_logger_name = ${global_logger_name}.oobdriver + +# Logger name for Node driver logging (string value) +#nodedriver_logger_name = ${global_logger_name}.nodedriver + +# Logger name for Kubernetes driver logging (string value) +#kubernetesdriver_logger_name = ${global_logger_name}.kubernetesdriver + +# Logger name for API server logging (string value) +#control_logger_name = ${global_logger_name}.control + + +[maasdriver] + +# +# From drydock_provisioner +# + +# The API key for accessing MaaS (string value) +#maas_api_key = + +# The URL for accessing MaaS API (string value) +#maas_api_url = + +# Update MAAS to use the provided Node OOB params, overwriting discovered values +# (boolean value) +#use_node_oob_params = false + +# Skip BMC reconfiguration during commissioning (requires MAAS 2.7+) (boolean +# value) +#skip_bmc_config = false + +# Polling interval for querying MaaS status in seconds (integer value) +#poll_interval = 10 + + +[network] + +# +# From drydock_provisioner +# + +# Timeout for initial read of outgoing HTTP calls from Drydock in seconds. +# (integer value) +#http_client_connect_timeout = 16 + +# Timeout for initial read of outgoing HTTP calls from Drydock in seconds. +# (integer value) +#http_client_read_timeout = 300 + +# Number of retries for transient errors of outgoing HTTP calls from Drydock. +# (integer value) +#http_client_retries = 3 + + [oslo_policy] # @@ -220,3 +402,102 @@ # Absolute path client key file REST based policy check (string value) #remote_ssl_client_key_file = + + +[plugins] + +# +# From drydock_provisioner +# + +# Module path string of a input ingester to enable (string value) +#ingester = drydock_provisioner.ingester.plugins.yaml.YamlIngester + +# List of module path strings of OOB drivers to enable (list value) +#oob_driver = drydock_provisioner.drivers.oob.pyghmi_driver.PyghmiDriver + +# Module path string of the Node driver to enable (string value) +#node_driver = drydock_provisioner.drivers.node.maasdriver.driver.MaasNodeDriver + +# Module path string of the Kubernetes driver to enable (string value) +#kubernetes_driver = drydock_provisioner.drivers.kubernetes.promenade_driver.driver.PromenadeDriver + +# Module path string of the Network driver enable (string value) +#network_driver = + + +[pyghmi_driver] + +# +# From drydock_provisioner +# + +# Polling interval in seconds for querying IPMI status (integer value) +#poll_interval = 10 + + +[redfish_driver] + +# +# From drydock_provisioner +# + +# Maximum number of connection retries to Redfish server (integer value) +# Minimum value: 1 +#max_retries = 10 + +# Maximum reties to wait for power state change (integer value) +# Minimum value: 1 +#power_state_change_max_retries = 18 + +# Polling interval in seconds between retries for power state change (integer +# value) +#power_state_change_retry_interval = 10 + +# Use SSL to communicate with Redfish API server (boolean value) +#use_ssl = true + + +[timeouts] + +# +# From drydock_provisioner +# + +# Fallback timeout when a specific one is not configured (integer value) +#drydock_timeout = 5 + +# Timeout in minutes for creating site network templates (integer value) +#create_network_template = 2 + +# Timeout in minutes for creating user credentials (integer value) +#configure_user_credentials = 2 + +# Timeout in minutes for initial node identification (integer value) +#identify_node = 10 + +# Timeout in minutes for node commissioning and hardware configuration (integer +# value) +#configure_hardware = 30 + +# Timeout in minutes for configuring node networking (integer value) +#apply_node_networking = 5 + +# Timeout in minutes for configuring node storage (integer value) +#apply_node_storage = 5 + +# Timeout in minutes for configuring node platform (integer value) +#apply_node_platform = 5 + +# Timeout in minutes for deploying a node (integer value) +#deploy_node = 45 + +# Timeout in minutes between deployment completion and the all boot actions +# reporting status (integer value) +#bootaction_final_status = 15 + +# Timeout in minutes for releasing a node (integer value) +#destroy_node = 30 + +# Timeout in minutes for relabeling a node (integer value) +#relabel_node = 5 diff --git a/doc/source/_static/policy.yaml.sample b/doc/source/_static/policy.yaml.sample index e69de29b..54f02d18 100644 --- a/doc/source/_static/policy.yaml.sample +++ b/doc/source/_static/policy.yaml.sample @@ -0,0 +1,70 @@ +# Actions requiring admin authority +#"admin_required": "role:admin or is_admin:1" + +# Get task status +# GET /api/v1.0/tasks +# GET /api/v1.0/tasks/{task_id} +#"physical_provisioner:read_task": "role:admin" + +# Create a task +# POST /api/v1.0/tasks +#"physical_provisioner:create_task": "role:admin" + +# Create validate_design task +# POST /api/v1.0/tasks +#"physical_provisioner:validate_design": "role:admin" + +# Create verify_site task +# POST /api/v1.0/tasks +#"physical_provisioner:verify_site": "role:admin" + +# Create prepare_site task +# POST /api/v1.0/tasks +#"physical_provisioner:prepare_site": "role:admin" + +# Create verify_nodes task +# POST /api/v1.0/tasks +#"physical_provisioner:verify_nodes": "role:admin" + +# Create prepare_nodes task +# POST /api/v1.0/tasks +#"physical_provisioner:prepare_nodes": "role:admin" + +# Create deploy_nodes task +# POST /api/v1.0/tasks +#"physical_provisioner:deploy_nodes": "role:admin" + +# Create destroy_nodes task +# POST /api/v1.0/tasks +#"physical_provisioner:destroy_nodes": "role:admin" + +# Deletes tasks by age +# DELETE /api/v1.0/tasks +#"physical_provisioner:delete_tasks": "role:admin" + +# Create relabel_nodes task +# POST /api/v1.0/tasks +#"physical_provisioner:relabel_nodes": "role:admin" + +# Read build data for a node +# GET /api/v1.0/nodes/{nodename}/builddata +#"physical_provisioner:read_build_data": "role:admin" + +# Read loaded design data +# GET /api/v1.0/designs +# GET /api/v1.0/designs/{design_id} +#"physical_provisioner:read_data": "role:admin" + +# Load design data +# POST /api/v1.0/designs +# POST /api/v1.0/designs/{design_id}/parts +#"physical_provisioner:ingest_data": "role:admin" + +# et health status +# GET /api/v1.0/health/extended +#"physical_provisioner:health_data": "role:admin" + +# Validate site design +# POST /api/v1.0/validatedesign +#"physical_provisioner:validate_site_design": "role:admin" + diff --git a/etc/drydock/drydock.conf.sample b/etc/drydock/drydock.conf.sample index f4a7e5d0..323d4df9 100644 --- a/etc/drydock/drydock.conf.sample +++ b/etc/drydock/drydock.conf.sample @@ -1,8 +1,112 @@ [DEFAULT] +# +# From drydock_provisioner +# + +# Polling interval in seconds for checking subtask or downstream status (integer +# value) +# Minimum value: 1 +#poll_interval = 10 + +# How long a leader has to check-in before leadership can be usurped, in seconds +# (integer value) +#leader_grace_period = 300 + +# How often will an instance attempt to claim leadership, in seconds (integer +# value) +#leadership_claim_interval = 30 + + +[database] + +# +# From drydock_provisioner +# + +# The URI database connect string. (string value) +#database_connect_string = + +# The SQLalchemy database connection pool size. (integer value) +#pool_size = 15 + +# Should DB connections be validated prior to use. (boolean value) +#pool_pre_ping = true + +# How long a request for a connection should wait before one becomes available. +# (integer value) +#pool_timeout = 30 + +# How many connections above pool_size are allowed to be open during high usage. +# (integer value) +#pool_overflow = 10 + +# Time, in seconds, when a connection should be closed and re-established. -1 +# for no recycling. (integer value) +#connection_recycle = -1 + [keystone_authtoken] +# +# From drydock_provisioner +# + +# Authentication URL (string value) +#auth_url = + +# Scope for system operations (string value) +#system_scope = + +# Domain ID to scope to (string value) +#domain_id = + +# Domain name to scope to (string value) +#domain_name = + +# Project ID to scope to (string value) +# Deprecated group/name - [keystone_authtoken]/tenant_id +#project_id = + +# Project name to scope to (string value) +# Deprecated group/name - [keystone_authtoken]/tenant_name +#project_name = + +# Domain ID containing project (string value) +#project_domain_id = + +# Domain name containing project (string value) +#project_domain_name = + +# ID of the trust to use as a trustee use (string value) +#trust_id = + +# Optional domain ID to use with v3 and v2 parameters. It will be used for both +# the user and project domain in v3 and ignored in v2 authentication. (string +# value) +#default_domain_id = + +# Optional domain name to use with v3 API and v2 parameters. It will be used for +# both the user and project domain in v3 and ignored in v2 authentication. +# (string value) +#default_domain_name = + +# User id (string value) +#user_id = + +# Username (string value) +# Deprecated group/name - [keystone_authtoken]/user_name +#username = + +# User's domain id (string value) +#user_domain_id = + +# User's domain name (string value) +#user_domain_name = + +# User's password (string value) +#password = + # # From keystonemiddleware.auth_token # @@ -162,6 +266,84 @@ #auth_section = +[libvirt_driver] + +# +# From drydock_provisioner +# + +# Polling interval in seconds for querying libvirt status (integer value) +#poll_interval = 10 + + +[logging] + +# +# From drydock_provisioner +# + +# Global log level for Drydock (string value) +#log_level = INFO + +# Logger name for the top-level logger (string value) +#global_logger_name = drydock_provisioner + +# Logger name for OOB driver logging (string value) +#oobdriver_logger_name = ${global_logger_name}.oobdriver + +# Logger name for Node driver logging (string value) +#nodedriver_logger_name = ${global_logger_name}.nodedriver + +# Logger name for Kubernetes driver logging (string value) +#kubernetesdriver_logger_name = ${global_logger_name}.kubernetesdriver + +# Logger name for API server logging (string value) +#control_logger_name = ${global_logger_name}.control + + +[maasdriver] + +# +# From drydock_provisioner +# + +# The API key for accessing MaaS (string value) +#maas_api_key = + +# The URL for accessing MaaS API (string value) +#maas_api_url = + +# Update MAAS to use the provided Node OOB params, overwriting discovered values +# (boolean value) +#use_node_oob_params = false + +# Skip BMC reconfiguration during commissioning (requires MAAS 2.7+) (boolean +# value) +#skip_bmc_config = false + +# Polling interval for querying MaaS status in seconds (integer value) +#poll_interval = 10 + + +[network] + +# +# From drydock_provisioner +# + +# Timeout for initial read of outgoing HTTP calls from Drydock in seconds. +# (integer value) +#http_client_connect_timeout = 16 + +# Timeout for initial read of outgoing HTTP calls from Drydock in seconds. +# (integer value) +#http_client_read_timeout = 300 + +# Number of retries for transient errors of outgoing HTTP calls from Drydock. +# (integer value) +#http_client_retries = 3 + + [oslo_policy] # @@ -220,3 +402,102 @@ # Absolute path client key file REST based policy check (string value) #remote_ssl_client_key_file = + + +[plugins] + +# +# From drydock_provisioner +# + +# Module path string of a input ingester to enable (string value) +#ingester = drydock_provisioner.ingester.plugins.yaml.YamlIngester + +# List of module path strings of OOB drivers to enable (list value) +#oob_driver = drydock_provisioner.drivers.oob.pyghmi_driver.PyghmiDriver + +# Module path string of the Node driver to enable (string value) +#node_driver = drydock_provisioner.drivers.node.maasdriver.driver.MaasNodeDriver + +# Module path string of the Kubernetes driver to enable (string value) +#kubernetes_driver = drydock_provisioner.drivers.kubernetes.promenade_driver.driver.PromenadeDriver + +# Module path string of the Network driver enable (string value) +#network_driver = + + +[pyghmi_driver] + +# +# From drydock_provisioner +# + +# Polling interval in seconds for querying IPMI status (integer value) +#poll_interval = 10 + + +[redfish_driver] + +# +# From drydock_provisioner +# + +# Maximum number of connection retries to Redfish server (integer value) +# Minimum value: 1 +#max_retries = 10 + +# Maximum reties to wait for power state change (integer value) +# Minimum value: 1 +#power_state_change_max_retries = 18 + +# Polling interval in seconds between retries for power state change (integer +# value) +#power_state_change_retry_interval = 10 + +# Use SSL to communicate with Redfish API server (boolean value) +#use_ssl = true + + +[timeouts] + +# +# From drydock_provisioner +# + +# Fallback timeout when a specific one is not configured (integer value) +#drydock_timeout = 5 + +# Timeout in minutes for creating site network templates (integer value) +#create_network_template = 2 + +# Timeout in minutes for creating user credentials (integer value) +#configure_user_credentials = 2 + +# Timeout in minutes for initial node identification (integer value) +#identify_node = 10 + +# Timeout in minutes for node commissioning and hardware configuration (integer +# value) +#configure_hardware = 30 + +# Timeout in minutes for configuring node networking (integer value) +#apply_node_networking = 5 + +# Timeout in minutes for configuring node storage (integer value) +#apply_node_storage = 5 + +# Timeout in minutes for configuring node platform (integer value) +#apply_node_platform = 5 + +# Timeout in minutes for deploying a node (integer value) +#deploy_node = 45 + +# Timeout in minutes between deployment completion and the all boot actions +# reporting status (integer value) +#bootaction_final_status = 15 + +# Timeout in minutes for releasing a node (integer value) +#destroy_node = 30 + +# Timeout in minutes for relabeling a node (integer value) +#relabel_node = 5 diff --git a/etc/drydock/policy.yaml.sample b/etc/drydock/policy.yaml.sample index e69de29b..54f02d18 100644 --- a/etc/drydock/policy.yaml.sample +++ b/etc/drydock/policy.yaml.sample @@ -0,0 +1,70 @@ +# Actions requiring admin authority +#"admin_required": "role:admin or is_admin:1" + +# Get task status +# GET /api/v1.0/tasks +# GET /api/v1.0/tasks/{task_id} +#"physical_provisioner:read_task": "role:admin" + +# Create a task +# POST /api/v1.0/tasks +#"physical_provisioner:create_task": "role:admin" + +# Create validate_design task +# POST /api/v1.0/tasks +#"physical_provisioner:validate_design": "role:admin" + +# Create verify_site task +# POST /api/v1.0/tasks +#"physical_provisioner:verify_site": "role:admin" + +# Create prepare_site task +# POST /api/v1.0/tasks +#"physical_provisioner:prepare_site": "role:admin" + +# Create verify_nodes task +# POST /api/v1.0/tasks +#"physical_provisioner:verify_nodes": "role:admin" + +# Create prepare_nodes task +# POST /api/v1.0/tasks +#"physical_provisioner:prepare_nodes": "role:admin" + +# Create deploy_nodes task +# POST /api/v1.0/tasks +#"physical_provisioner:deploy_nodes": "role:admin" + +# Create destroy_nodes task +# POST /api/v1.0/tasks +#"physical_provisioner:destroy_nodes": "role:admin" + +# Deletes tasks by age +# DELETE /api/v1.0/tasks +#"physical_provisioner:delete_tasks": "role:admin" + +# Create relabel_nodes task +# POST /api/v1.0/tasks +#"physical_provisioner:relabel_nodes": "role:admin" + +# Read build data for a node +# GET /api/v1.0/nodes/{nodename}/builddata +#"physical_provisioner:read_build_data": "role:admin" + +# Read loaded design data +# GET /api/v1.0/designs +# GET /api/v1.0/designs/{design_id} +#"physical_provisioner:read_data": "role:admin" + +# Load design data +# POST /api/v1.0/designs +# POST /api/v1.0/designs/{design_id}/parts +#"physical_provisioner:ingest_data": "role:admin" + +# et health status +# GET /api/v1.0/health/extended +#"physical_provisioner:health_data": "role:admin" + +# Validate site design +# POST /api/v1.0/validatedesign +#"physical_provisioner:validate_site_design": "role:admin" + diff --git a/tox.ini b/tox.ini index a0f2e3cc..9521c0da 100644 --- a/tox.ini +++ b/tox.ini @@ -70,14 +70,20 @@ commands= {toxinidir}/python/tests/unit/ {toxinidir}/python/tests/integration/postgres [testenv:genconfig] -allowlist_externals=tee - sh -commands = sh -c 'oslo-config-generator --config-file=etc/drydock/drydock-config-generator.conf | tee etc/drydock/drydock.conf.sample doc/source/_static/drydock.conf.sample' +allowlist_externals = + tee + sh +commands = + pip3 install ./python/ --use-pep517 + sh -c 'oslo-config-generator --config-file=etc/drydock/drydock-config-generator.conf | tee etc/drydock/drydock.conf.sample doc/source/_static/drydock.conf.sample' [testenv:genpolicy] -allowlist_externals=tee - sh -commands = sh -c 'oslopolicy-sample-generator --config-file etc/drydock/drydock-policy-generator.conf | tee etc/drydock/policy.yaml.sample doc/source/_static/policy.yaml.sample' +allowlist_externals = + tee + sh +commands = + pip3 install ./python/ --use-pep517 + sh -c 'oslopolicy-sample-generator --config-file etc/drydock/drydock-policy-generator.conf | tee etc/drydock/policy.yaml.sample doc/source/_static/policy.yaml.sample' [testenv:pep8] commands = flake8 \