deca07de3c
The agent needs to be able to understand if the agent token is supported and is a mandatory feature of the ironic deployment as that can alter some of the behavior of the agent itself. Also adds documentation on the subject for administrators. Story: 2007025 Task: 37821 Change-Id: Ic635e0ed6d378d6a34a4a82e66ca647eee33bc26
20 lines
848 B
YAML
20 lines
848 B
YAML
---
|
|
features:
|
|
- |
|
|
Adds support of ``agent token`` which serves as a mechanism to secure
|
|
the normally unauthenticated API endpoints in ironic which are used in
|
|
the mechanics of baremetal provisioning. This feature is optional, however
|
|
operators may require this feature by changing the
|
|
``[DEFAULT]require_agent_token`` setting to ``True``.
|
|
upgrades:
|
|
- |
|
|
In order to use the new Agent Token support, all ramdisk settings should
|
|
be updated for all nodes in ironic. If token use is required by ironic's
|
|
configuration, and the ramdisks have not been updated, then all
|
|
deployment, cleaning, and rescue operations will fail until the version of
|
|
the ironic-python-agent ramdisk has been updated.
|
|
issues:
|
|
- |
|
|
The ``ansible`` deployment interface does not support use of an
|
|
``agent token`` at this time.
|