Russian government is currently leading a full-scale bloody war in the neighboring state of Ukraine. Thousands of residential building have been destroyed by daily bombings, millions of people have become refugees. Civilians, including women and children, are being tortured, executed and left on the streets to rot. At the same time, people in Russia are jailed for any sign of disagreement. Thousands had to urgently leave the country. The author of this blog condemns this brutal, inhumane and heartless act of unprovoced aggression. Read the full statement.

Ironic 2021

2021 is over, right? Oh, 3 weeks ago already?? Time flies...

Here is my recollection of the most important events in the ironic world, as well as new features and other changes.

Charming Wallaby

The first release of 2021 brought in its paws these treats:

Generic work

BIOS settings retrieval

now happens automatically when a node transitions to the manageable state. By the time you need to decide which manual clean steps to run to prepare your node, the current settings are already cached and available through the BIOS API.

Custom deploy steps

can now be requested directly via the provisioning API, not only through deploy templates. This addition mostly targets standalone users and is already used in OpenShift for coreos-installer integration.

NVMe secure erasure

is now available in addition to the ATA secure erase. No more shredding your fancy NVMe storage! (But secure erase when formatting must be supported by the device.)

New policy framework

allows accessing Ironic API with system and project scoped tokens, as well as writing API policies that take these into account. See the new RBAC documentation for details.

Lazy-loading of objects

is an internal change that resulted in an up to 60% decrease of database reads!

Driver goodies

CD ejection via Redfish

can now be requested through a new eject_vmedia vendor passthru API. This is a handy addition for those who use the ramdisk deploy to run a third party installer and want to automatically disconnect the virtual CD in the end of the installation.

Automatic secure boot configuration

means that you can request secure boot to be configured after the deployment is done but before the node is booted into the instance. This makes secure boot compatible with iPXE out of box. The downside is that you don't have secure boot active when deploying and cleaning.

Redfish RAID

The redfish hardware type now supports building RAID.

iDRAC hardware type

added support for resetting iDRAC, clearing the job queue, exporting/importing configuration and building RAID.

Minor extras

Injecting files

into the final instances is now possible with the optional inject_files deploy step.

Disabling automated cleaning

can now be done per-node via the API, provided that the new policy baremetal:node:disable_cleaning allows it. We don't recommend disabling cleaning, but it may be necessary in some complex flows.

Cleaning pstore

is now possible via the new erase_pstore clean step. If you don't know what pstore is, you probably don't want to clean it :)

Intrepid Xena

Xena bravely brought us a smaller number of nonetheless very important additions.

Generic work

BIOS settings schema

is now available via the BIOS API. No more guessing, which fields are can set and to which values!

iSCSI deploy removal

finally happened! The recommended replacement is the good old direct deploy, which uses HTTP to deliver the image to the ramdisk.

Attention: you will need to configure an HTTP server now. Previously, those who relied on the pxe boot interface (as opposed to ipxe or virtual media) could avoid that.

Current boot mode and secure boot status

are now available in the API as the node's boot_mode and secure_boot fields. You can also request an immediate change via the new API endpoints:

PUT /v1/nodes/{node}/states/boot_mode
PUT /v1/nodes/{node}/states/secure_boot

To apply the change during deployment, you should still use the boot_mode and secure_boot capabilities.

Node history

is now saved and exposed via the new history API. You can track all important changes to nodes and all failures there.

If you want to save some performance by disabling this feature, you can do it via the new boolean configuration option [conductor]node_history.

Performance improvements

Thanks to the heroic effort by Julia the API performance has improved significantly (on top of the previous improvements in Wallaby).

Driver goodies

Redfish event subscriptions

can now be created/listed/deleted via the new event vendor passthru.

Minor extras

Hardware burn-in

is now available as a series of new clean steps. Make your nodes undergo some serious testing before trusting them with your precious production!

[deploy]ramdisk_image_download_source

is a new configuration option that controls how the image is cached and delivered when using the ramdisk deploy.

Summary

The changes listed above are just a subset of numerous additions and improvements to ironic and its satellite projects, so my apologies to those, whose favorite items I missed! Overall, it was a productive year, despite all the storms we had to withstand in our lives. The year 2022 will see us depleting the last two letters of the alphabet for release names - let's make them count!

Comments

Comments powered by Disqus