Hardware Inspection¶
Overview¶
Inspection allows Bare Metal service to discover required node properties
once required driver_info
fields (for example, IPMI credentials) are set
by an operator. Inspection will also create the Bare Metal service ports for the
discovered ethernet MACs. Operators will have to manually delete the Bare Metal
service ports for which physical media is not connected. This is required due
to the bug 1405131.
There are three kinds of inspection supported by Bare Metal service:
Out-of-band inspection is currently implemented by several hardware types, including
ilo
,idrac
andirmc
.In-band inspection utilizing the ironic-inspector project.
New experimental built-in in-band inspection.
The node should be in the manageable
state before inspection is initiated.
If it is in the enroll
or available
state, move it to manageable
first:
baremetal node manage <node_UUID>
Then inspection can be initiated using the following command:
baremetal node inspect <node_UUID>
Capabilities discovery¶
This is an incomplete list of capabilities we want to discover during inspection. The exact support is hardware and hardware type specific though, the most complete list is provided by the iLO Hardware Inspection Support.
secure_boot
(true
orfalse
)whether secure boot is supported for the node
boot_mode
(bios
oruefi
)the boot mode the node is using
cpu_vt
(true
orfalse
)whether the CPU virtualization is enabled
cpu_aes
(true
orfalse
)whether the AES CPU extensions are enabled
max_raid_level
(integer, 0-10)maximum RAID level supported by the node
pci_gpu_devices
(non-negative integer)number of GPU devices on the node
The operator can specify these capabilities in nova flavor for node to be selected for scheduling:
openstack flavor set my-baremetal-flavor --property capabilities:pci_gpu_devices="> 0"
openstack flavor set my-baremetal-flavor --property capabilities:secure_boot="true"
Please see a specific hardware type page for the exact list of capabilities this hardware type can discover.
In-band inspection¶
In-band inspection involves booting a ramdisk on the target node and fetching information directly from it. This process is more fragile and time-consuming than the out-of-band inspection, but it is not vendor-specific and works across a wide range of hardware.