Ironic

ipmitool does not support OPERATOR priv level

Bug #1263790 reported by aeva black on 2013-12-23

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Ironic	Fix Released	Medium	Haomeng,Wang	Ironic 2014.1 "icehouse"
	OpenStack Compute (nova)	Won't Fix	Medium	Unassigned

Bug Description

If the BMC / IPMI credentials being used for management of hardware were only granted OPERATOR privileges, there is no way to inform Nova's baremetal driver or Ironic's ipmitool driver to use this non-default privilege level. These will issue ipmitool commands with no "-L" parameter, resulting in privilege errors, because the default ipmitool privlvl is ADMINISTRATOR.

This could be fixed by adding an optional field to store the privilege level.

Tags:

aeva black (tenbrae) on 2013-12-23

Changed in ironic:
status:	New → Triaged
importance:	Undecided → Medium
Changed in nova:
status:	New → Triaged
importance:	Undecided → Medium
tags:	added: baremetal

Revision history for this message

Haomeng,Wang (whaom) wrote on 2013-12-31:

Possible IPMI privilege levels are:

1 Callback level
2 User level
3 Operator level
4 Administrator level
5 OEM Proprietary level

@Devananda, so should we define the level number into our node's driver_info for each node when node is creating/updating, or add ironic.conf configuration option to define such level on global?

Revision history for this message

aeva black (tenbrae) wrote on 2014-01-20:

@Haomeng,

I think this should be an optional member of node's driver_info, and the ipmi drivers should default to administrator.

aeva black (tenbrae) on 2014-02-05

Changed in ironic:
milestone:	none → icehouse-3

Haomeng,Wang (whaom) on 2014-02-14

Changed in ironic:
assignee:	nobody → Haomeng,Wang (whaom)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-02-14: Fix proposed to ironic (master)

Fix proposed to branch: master
Review: https://review.openstack.org/73578

Changed in ironic:
status:	Triaged → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-02-20: Fix merged to ironic (master)

Reviewed: https://review.openstack.org/73578
Committed: https://git.openstack.org/cgit/openstack/ironic/commit/?id=44781dbacdb3c12aefe04a0a5a7868a6188c5539
Submitter: Jenkins
Branch: master

commit 44781dbacdb3c12aefe04a0a5a7868a6188c5539
Author: Haomeng, Wang <email address hidden>
Date: Fri Feb 14 19:27:59 2014 +0800

Supports OPERATOR priv level for ipmitool driver

    This could be fixed by adding an optional member of node's
    driver_info to store the privilege level. And add '-L' option for
    ipmitool command call.

Change-Id: Ia3cb2ade8b6823a6d33db2fc22da940211c60b7d
Closes-Bug: #1263790

Changed in ironic:
status:	In Progress → Fix Committed

Thierry Carrez (ttx) on 2014-03-05

Changed in ironic:
status:	Fix Committed → Fix Released

Thierry Carrez (ttx) on 2014-04-17

Changed in ironic:
milestone:	icehouse-3 → 2014.1

Sean Dague (sdague) on 2014-09-22

tags:

added: ironic
removed: baremetal

aeva black (tenbrae) on 2014-09-24

Changed in nova:
status:	Triaged → Won't Fix

Report a bug

This report contains Public information

Everyone can see this information.

Duplicates of this bug

Bug #1263789

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.