Age | Commit message (Collapse) | Author | Files | Lines |
|
This commit is to add PowerSupply State/Health status according to the
Redfish PowerSupply schema.
If the `xyz.openbmc_project.Inventory.Item`
interface does not exist, the state status property is set to
default "Present".
If the `xyz.openbmc_project.State.Decorator.OperationalStatus`
interface does not exist, the health status property is set to
default "OK".
ref: http://redfish.dmtf.org/schemas/v1/PowerSupply.v1_5_0.json
Code that updates the OperationalStatus for all the inventory
https://github.com/openbmc/openpower-vpd-parser/blob/ \
3fb026386546cfd288ab4f86156c9aa0ffa145d6/ibm_vpd_app.cpp#L620
Tested: Validator passes
curl -k -H "X-Auth-Token: $token" -X GET
https://${bmc}/redfish/v1/Chassis/chassis/PowerSubsystem/
PowerSupplies/powersupply0
{
"@odata.id": "/redfish/v1/Chassis/chassis/PowerSubsystem/
PowerSupplies/powersupply0",
"@odata.type": "#PowerSupply.v1_5_0.PowerSupply",
"Id": "powersupply0",
"Name": "powersupply0",
"Status": {
"Health": "OK"
"State": "Enabled"
}
}
Signed-off-by: George Liu <liuxiwei@inspur.com>
Change-Id: I121b665a4e605024644cc7c9392f88a71703481e
Signed-off-by: Lakshmi Yadlapati <lakshmiy@us.ibm.com>
|
|
Remove passing ec by value for getProperty.
Change-Id: I9070ca7035fead14faa236eb1b17937ffe13045b
Signed-off-by: Willy Tu <wltu@google.com>
|
|
The content type check is required in the update service. This may be a
security issue.
The correct content types to update service are multipart/form-data and
application/octet-stream. The multipart content type was missing from
the contentTypes array which is added in this drop.
Added couple of test cases.
Tested:
1) Make sure that update service content type
application/octet-stream are working correctly.
$ curl -k -H 'X-Auth-Token: THIbp1G0DiNVj3JrCZMf' -H 'Content-Type: \
application/octet-stream' -X POST \
-T ./obmc-phosphor-image-everest.ext4.mmc.tar \
https://${bmc}/redfish/v1/UpdateService/update
{
"@odata.id": "/redfish/v1/TaskService/Tasks/0",
"@odata.type": "#Task.v1_4_3.Task",
"Id": "0",
"TaskState": "Running",
"TaskStatus": "OK"
2) Make sure that update service content type
multipart/form-data are working correctly.
$ curl -k -H 'X-Auth-Token: Vc7KBgM6z3uMs1G7uVqu' \
-H Content-Type:multipart/form-data \
-F 'UpdateParameters={"Targets":["/redfish/v1/Managers/bmc"], \
"@Redfish.OperationApplyTime":"Immediate"};type=application/json'\
-F 'UpdateFile=@obmc-phosphor-image-p10bmc.ext4.mmc.tar; \
type=application/octet-stream' \
https://${bmc}/redfish/v1/UpdateService/update
{
"@Message.ExtendedInfo": [
{
"@odata.type": "#Message.v1_1_1.Message",
"Message": "The request completed successfully.",
"MessageArgs": [],
"MessageId": "Base.1.16.0.Success",
"MessageSeverity": "OK",
"Resolution": "None"
}
],
"@odata.id": "/redfish/v1/TaskService/Tasks/0",
"@odata.type": "#Task.v1_4_3.Task",
"Id": "0",
"TaskState": "Running",
"TaskStatus": "OK"
3) Make sure that command fails when content type is missing.
$ curl -k -H 'X-Auth-Token: vH3B88sh323sfy0YG8eN' -H Content-Type: \
-X POST -T ./obmc-phosphor-image-everest.ext4.mmc.tar \
https://${bmc}/redfish/v1/UpdateService/update
Bad Request
[INFO "http_connection.hpp":201] Request: 0x177f920 HTTP/1.1 POST \
/redfish/v1/UpdateService/update ::ffff:x.x.xx.xxx
|
[DEBUG "update_service.hpp":687] doPost: contentType=
[DEBUG "update_service.hpp":692] Bad content type specified:
4) Make sure that command fails when wrong cotent type specified.
$ curl -k -H 'X-Auth-Token: OQzODMaR0G29AjpD2YmT' -H 'Content-Type: \
application/octet-json' -X POST \
-T ./obmc-phosphor-image-everest.ext4.mmc.tar \
https://${bmc}/redfish/v1/UpdateService/update
Bad Request
[INFO "http_connection.hpp":201] Request: 0x17a69d0 HTTP/1.1 POST \
/redfish/v1/UpdateService/update ::ffff:x.x.xx.xxx
|
[DEBUG "update_service.hpp":687] doPost:
contentType=application/octet-json
[DEBUG "update_service.hpp":720] Bad content type specified:
application/octet-json
5) Make sure that command fails when header is not specified.
$ curl -k -H 'X-Auth-Token: Z1AEXg075qGKi0xISu6o' -X POST \
-T ./obmc-phosphor-image-everest.ext4.mmc.tar \
https://${bmc}/redfish/v1/UpdateService/update
Bad Request
[INFO "http_connection.hpp":201] Request: 0x17a69d0 HTTP/1.1 \
POST /redfish/v1/UpdateService/update ::ffff:x.x.xx.xxx
|
[DEBUG "update_service.hpp":687] doPost: contentType=
[DEBUG "update_service.hpp":692] Bad content type specified:
Change-Id: I48b709b6219debfed9ff60dd46ab87652e5a1fe5
Signed-off-by: Ninad Palsule <ninad@linux.ibm.com>
|
|
Updated Storage resource to `#Storage.v1_9_1.Storage` to support the
change.
Follow the Swordfish spec to setup the Storage relationship[1].
There will now be two Storage Collection `/redfish/v1/Stroage` and
`/redfish/v1/Systems/system/Storage`. The storage in `/Storage` will be
treated as a subsystem and only link to the `/Systems/system/Storage`
under `Links/StorageServices` resource.
The `/Storage` won't contain Drives or StorageControllers.
Tested:
Passed Redfish Validator for related resources.
```
*** /redfish/v1/Storage/storage_1
INFO - Type (Storage.v1_7_1.Storage), GET SUCCESS (time: 0)
WARNING - StorageControllers: The given property is deprecated: This property has been deprecated in favor of Controllers to allow for storage controllers to be represented as their own resources.
INFO - Attempt 1 of /redfish/v1/Chassis/chassis0/Drives/drive0
INFO - Response Time for GET to /redfish/v1/Chassis/chassis_0/Drives/drive_0: 0.07591272401623428 seconds.
INFO - PASS
INFO -
```
Chassis
```
wget -qO- http://localhost:80/redfish/v1/Chassis/chassis0
{
"@odata.id": "/redfish/v1/Chassis/chassis0",
"@odata.type": "#Chassis.v1_14_0.Chassis",
"Id": "chassis0",
"Links": {
"Storage": [
{
"@odata.id": "/redfish/v1/Systems/system/Storage/storage0"
}
],
"Storage@odata.count": 1
},
"Name": "chassis0",
}}
```
Storage Collection
```
wget -qO- http://localhost:80/redfish/v1/Storage
{
"@odata.id": "/redfish/v1/Storage",
"@odata.type": "#StorageCollection.StorageCollection",
"Members": [
{
"@odata.id": "/redfish/v1/Storage/storage0"
}
],
"Members@odata.count": 1,
"Name": "Storage Collection"
}
wget -qO- http://localhost:80/redfish/v1/Systems/system/Storage
{
"@odata.id": "/redfish/v1/Systems/system/Storage",
"@odata.type": "#StorageCollection.StorageCollection",
"Members": [
{
"@odata.id": "/redfish/v1/Systems/system/Storage/storage0"
}
],
"Members@odata.count": 1,
"Name": "Storage Collection"
}
```
Storage
```
wget -qO- http://localhost:80/redfish/v1/Storage/storage0
{
"@odata.id": "/redfish/v1/Storage/storage0",
"@odata.type": "#Storage.v1_9_1.Storage",
"Id": "storage0",
"Links": {
"StorageServices": [
{
"@odata.id": "/redfish/v1/Systems/system/Storage/storage0"
}
],
"StorageServices@odata.count": 1
},
"Name": "Storage",
"Status": {
"State": "Enabled"
}
}
wget -qO- http://localhost:80/redfish/v1/Systems/system/Storage/storage0
{
"@odata.id": "/redfish/v1/Systems/system/Storage/storage0",
"@odata.type": "#Storage.v1_9_1.Storage",
"Drives": [
{
"@odata.id": "/redfish/v1/Chassis/chassis0/Drives/drive0"
}
],
"Drives@odata.count": 1,
"Id": "storage0",
"Name": "Storage",[1]
"Status": {
"Health": "OK",
"HealthRollup": "OK",
"State": "Enabled"
},
"StorageControllers": [
{
"@odata.id": "/redfish/v1/Systems/system/Storage/storage0#/StorageControllers/0",
"@odata.type": "#Storage.v1_7_0.StorageController",
"MemberId": "controller",
"Name": "controller",
"Status": {
"Health": "OK",
"HealthRollup": "OK",
"State": "Enabled"
}
}
]
}
```
[1] https://www.snia.org/sites/default/files/technical-work/swordfish/draft/v1.2.2/pdf/Swordfish_v1.2.2_NVMeMappingGuide.pdf#page=17
Change-Id: Ib81b68e7f61b817d4dfa4ed2f27afd6e74e8ce58
Signed-off-by: Tom Tung <shes050117@gmail.com>
Signed-off-by: Willy Tu <wltu@google.com>
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
Change-Id: I2128e223f6c2d07d5c8e5a865921468a7510faf2
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
Per the input-validation rules that we follow[1], we should ALWAYS be
checking to see that there's a valid content type.
Change the default.
Tested: Only a default change, code compiles.
[1] https://cheatsheetseries.owasp.org/cheatsheets/Input_Validation_Cheat_Sheet.html
Change-Id: I4cd58a5d2fb0a49671fc5ec0398010036c743591
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
With delegate expand, the default expand level is -=
`queryCapabilities.canDelegateExpandLevel`. This creates an overlap of
expand process between delegate expand vs. default expand.
With
query.expandLevel = 2 ->
query.expandLevel = 1 and delegated.expandLevel = 1.
Both delegated and default expand will try to only expand of level one
instead of level 2 for the default.
The code in
https://github.com/openbmc/bmcweb/blob/479e899d5f57a67647f83b7f615d2c8565290bcf/redfish-core/include/utils/query_param.hpp#L583-L597
stated that the level with "@odata.id" + other property is treated as a
seperate level. So with `query.expandLevel = 1` it just loop through the
id that was already expanded and is noop.
Tested:
Before:
/redfish/v1/Chassis/BMC/Sensors?$expand=.($levels=2) returns
the same result as level=1. Needs level=3 to expand to the next level.
The RelatedItem in here doesn't get expanded with level=2.
```
wget -qO- 'http://localhost:80/redfish/v1/Chassis/BMC/Sensors?$expand=.($levels=1)'
...
{
"@odata.id": "/redfish/v1/Chassis/BMC/Sensors/temperature_DIMMXX",
"@odata.type": "#Sensor.v1_2_0.Sensor",
"Id": "temperature_DIMMXX",
"Name": "DIMMXX",
"Reading": 30.0,
"ReadingRangeMax": 127.0,
"ReadingRangeMin": -128.0,
"ReadingType": "Temperature",
"ReadingUnits": "Cel",
"RelatedItem": [
{
"@odata.id": "/redfish/v1/Systems/system/Memory/dimmXX"
}
],
"Status": {
"Health": "OK",
"State": "Enabled"
},
"Thresholds": {
"LowerCaution": {
"Reading": null
},
"LowerCritical": {
"Reading": null
},
"UpperCaution": {
"Reading": 93.0
},
"UpperCritical": {
"Reading": 95.0
}
}
}
],
"Members@odata.count": 242,
"Name": "Sensors"
}
```
After:
level=2 was able to expand to the next level.
Change-Id: I542177a94a33f8df7afbb68837f3a53b86140c86
Signed-off-by: Willy Tu <wltu@google.com>
|
|
This is one that I couldn't figure out for a while. Turns out that
fields has both a set() and an insert() method. Whereas set() replaces,
insert() appends, which is what we want in this case.
This allows us to call the actual methods several times, instead of
essentially string injecting our own code, which should make it clearer.
At the same time, there was one unit test that was structured such that
it was using addHeader to clear a header, so this commit adds an
explicit "clearHeader()" method, so we can be explicit.
Tested:
Logging into the webui in chrome (which uses POST /login) shows:
401 with no cookie header if the incorrect password is used
200 with 2 Set-Cookie headers set:
Set-Cookie:
SESSION=<session tag>; SameSite=Strict; Secure; HttpOnly
Set-Cookie:
XSRF-TOKEN=<token tag>; SameSite=Strict; Secure
Change-Id: I9b87a48ea6ba892fc08e66940563dea86edb9a65
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
The router is a giant behemoth. Start breaking it down into pieces.
Tested: Redfish service validator passes.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I9d04f53a58ffce3ecbd88dded1aa6e9648d2a762
|
|
Some logging entries are categorized as ERROR, but they would better be
as WARNING.
1)
```
$ curl -k -X GET https://${bmc}:18080/redfish/v1/Managers/bmc/LogServices/Dump/Entries/INVALID
{
....
"code": "Base.1.13.0.InternalError",
"message": "The request failed due to an internal service error. The service is still operational."
}
}%
(2023-06-01 23:29:40) [ERROR "log_services.hpp":665] Can't find Dump Entry
(2023-06-01 23:29:40) [CRITICAL "error_messages.cpp":282] Internal Error \
../../../../../../../../../bmcweb/redfish-core/lib/log_services.hpp(666:36) \
`redfish::getDumpEntryById(const std::shared_ptr<bmcweb::AsyncResp>&, const std::string&, \
const std::string&)::<lambda(const boost::system::error_code&, const dbus::utility::ManagedObjectType&)>`:
```
2)
```
$ curl -k -X GET https://${bmc}:18080/redfish/v1/UpdateService/FirmwareInventory/INVALID
(2023-05-31 15:03:38) [ERROR "update_service.hpp":1010] Input swID X1cd6ce5fZ not found!
```
Tested:
- Set bmcweb-logging=error to obtain Error or higher logs
- Run the above commands and watch out logs
- Redfish validator passed and see whether there are unexpected error or higher level logs
Change-Id: I5f14eedd68fd3454cdf2a5b2f34442a7718e718a
Signed-off-by: Myung Bae <myungbae@us.ibm.com>
|
|
In about half of our code, AsyncResp objects take the name asyncResp,
and in the other half they take the name aResp. While the difference
between them is negligeble and arbitrary, having two naming conventions
makes it more difficult to do automated changes over time via grep.
This commit was generated automtatically with the command:
git grep -l 'aResp' | xargs sed -i 's|aResp|asyncResp|g'
Tested: Code compiles.
Change-Id: Id363437b6a78f51e91cbf60aa0a0c2286f36a037
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
This code has never used strands.
Tested: Code compiles
Change-Id: I59a204fe3f3a26b2a9a8ede990335c58889fb7e6
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
With EthernetInterface 1.9.0, creation of VLAN interface is done by
POST EthernetInterfaceCollection. This patch implements the POST
handler to do so.
Tested:
* With valid RelatedInterfaces and VLANId provided, new VLAN interface
is successfully created.
* Creating VLAN over another VLAN or non-existent interface returns
error.
* Creating an existing VLAN returns ResourceAlreadyExists error.
* Invalid RelatedInterfaces links are rejected.
Change-Id: I6b1064193eccf7ec487b43139a73d9932b6eea84
Signed-off-by: Jiaqing Zhao <jiaqing.zhao@intel.com>
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
After using EthernetInterface to represent a VLAN interface, DELETE
handler is required for deleting VLAN interfaces.
Tested:
* VLAN interfaces can be deleted successfully via DELETE request.
* Deleting a physical interface returns ResourceCannotBeDeleted error.
* Deleting a non-existent interface returns ResourceNotFound error.
Change-Id: Ib22063eb3ddea0614c390ba83d4e6af29d007165
Signed-off-by: Jiaqing Zhao <jiaqing.zhao@intel.com>
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
In OpenBMC, VLAN is a virtual interface that has its own configuration
like IP address. Redfish schema 2021.2+ also suggests using individual
EthernetInterface to show VLAN information. This patch exposes VLAN
interfaces as EthernetInterface for configuring them.
Now bmcweb also shows BMC VLAN interfaces under /redfish/v1/Managers
/bmc/EthernetInterfaces.
Fixes bmcweb issue #79 (Unable configure IP on VLAN interface via
redfish).
Tested:
* Both physical and VLAN interfaces are now in the interface collection
* Only VLAN interfaces have the VLAN property and RelatedInterfaces
property pointing to its parent interface
* IP address of both physical and VLAN interfaces can be modified by
PATCH request successfully
* Redfish validator passed
Change-Id: I608892275cfbef4af8e7a03a10d67a9c2fa3ff53
Signed-off-by: Jiaqing Zhao <jiaqing.zhao@intel.com>
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
After removing all usages of VLanNetworkInterface that deprecated in
EthernetInterface 1.7.0, time to bump it to 1.9.0 for implementing
the new API design.
Tested:
Redfish validator passed.
Change-Id: Ia89d56a1325918c23ce54c9b8c0dde4342e32764
Signed-off-by: Jiaqing Zhao <jiaqing.zhao@intel.com>
|
|
In Redfish Schema (DSP2046) 2022.3 introduces EthernetInterface 1.9.0
that allows creating VLAN interface by POST EthernetInterface [1]
instead of using the deprecated VLanNetworkInterface. This patch
removes all current usage of VLanNetworkInterface.
This patchest (topic:redfish-ethernet-1.9) introduces breaking API
changes to current VLAN management features. All deprecated VLAN APIs
are removed, VLAN interfaces will be managed in the same way as the
EthernetInterface Resource, except they can be created or deleted.
Since webui-vue has not implemented anything related to VLAN yet, it
is not impacted.
Solves the issue mentioned in 188cb6294105 ("ethernet: Bump
EthernetInterface schema 1.4.1 -> 1.6.0")
[1] https://redfishforum.com/thread/619
Tested:
Redfish validator passed on a board with VLAN interface. No VLAN
interface is exposed in Redfish.
Change-Id: I9b243a5bb0f07642aa60bc13a622e862f62ee871
Signed-off-by: Jiaqing Zhao <jiaqing.zhao@intel.com>
|
|
Move Storage to v1.13.0. The Storage schema moved StorageControllers to
its own resource + collection and deprecated the existing
StorageControllers property in Storage. A link to the collection has
been added in Storage instead.
The StorageController and StorageControllerCollection are added based
on the old resource as specified in
https://redfish.dmtf.org/schemas/v1/Storage.v1_14_0.json
Added the new StorageController to remove the deprecated
`Storage/StorageControllers`. This will have the same functionility as
the existing StorageController with the exception that HealthPopulate
is not supported right now.
There will be no customer impact (other than Health resource). The
clients will now need to get the StorageController collection and then
Storagecontroller instead of directly from Storage.
Tested:
RedfishValidator passed for Storage
```
*** /redfish/v1/Systems/system/Storage
INFO - Attempt 1 of /redfish/v1/Systems/system/Storage
INFO - Response Time for GET to /redfish/v1/Systems/system/Storage: 0.04373445897363126 seconds.
INFO - Type (StorageCollection.StorageCollection), GET SUCCESS (time: 0:00:00.044128)
INFO - Attempt 1 of /redfish/v1/Systems/system/Storage/1
INFO - Response Time for GET to /redfish/v1/Systems/system/Storage/1: 0.3353928590659052 seconds.
INFO - PASS
INFO -
*** /redfish/v1/Systems/system/Storage/1
INFO - Type (Storage.v1_13_0.Storage), GET SUCCESS (time: 0:00:00.335720)
*** /redfish/v1/Systems/system/Storage/1/Controllers
INFO - Type (StorageControllerCollection.StorageControllerCollection), GET SUCCESS (time: 0:00:00.046414)
INFO - Attempt 1 of /redfish/v1/Systems/system/Storage/1/Controllers/cpld
INFO - Response Time for GET to /redfish/v1/Systems/system/Storage/1/Controllers/cpld: 0.05196243803948164 seconds.
INFO - Attempt 1 of /redfish/v1/Systems/system/Storage/1/Controllers/morristown
INFO - Response Time for GET to /redfish/v1/Systems/system/Storage/1/Controllers/morristown: 0.05082511808723211 seconds.
INFO - PASS
INFO -
...
*** /redfish/v1/Systems/system/Storage/1/Controllers/controller_0
INFO - Type (StorageController.v1_6_0.StorageController), GET SUCCESS (time: 0:00:00.052223)
INFO - PASS
INFO -
*** /redfish/v1/Systems/system/Storage/1/Controllers/controller_1
INFO - Type (StorageController.v1_6_0.StorageController), GET SUCCESS (time: 0:00:00.051165)
INFO - PASS
INFO -
```
```
wget -qO - http://localhost:80/redfish/v1/Systems/system/Storage/1/Controllers
{
"@odata.id": "/redfish/v1/Systems/system/Storage/1/Controllers",
"@odata.type": "#StorageControllerCollection.StorageControllerCollection",
"Members": [
{
"@odata.id": "/redfish/v1/Systems/system/Storage/1/Controllers/controller_0"
},
{
"@odata.id": "/redfish/v1/Systems/system/Storage/1/Controllers/controller_1"
}
],
"Members@odata.count": 2,
"Name": "Storage Controller Collection"
}
```
```
wget -qO - http://localhost:80/redfish/v1/Systems/system/Storage/1/Controllers/controller_1
{
"@odata.id":
"/redfish/v1/Systems/system/Storage/1/Controllers/controller_1",
"@odata.type": "#StorageController.v1_6_0.StorageController",
"Id": "cpld",
"Name": "cpld",
"Status": {
"State": "Enabled"
}
}
```
Change-Id: I1c171514d5613f93d283d764ffb69b16dc3ba74d
Signed-off-by: Willy Tu <wltu@google.com>
|
|
Convert all types to uint8_t to not hit the conversion warning.
Change-Id: Ia535ca0a2f4045cbde06a2f8f8eaad9570a0f4a5
Signed-off-by: Willy Tu <wltu@google.com>
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
All new uses should be using boost::urls::url now. This was the last
usage.
Tested: Logged into webui, and observed the correct URL behavior.
In browser window /foobar
Forwarded to /?next=/foobar#/login
Which is correct.
Note, this is different behavior slightly than before. It was found
that the URI precedence goes query string THEN fragment, rather than the
other way around that we had it. This was flagged when moving over to
boost url structures.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ifb354537d71a43c531d7d380dd889cf646731e39
|
|
std::string::data now has a non-const variation in c++20. This allows
us to remove a NOLINT and follow the standard.
Tested: Login succeeds.
Change-Id: Ie49932fae8efa90afe1a238f7059924747300521
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
This drop adds support to specify AccountTypes at the time of user
creation. Made sure that HostConsole is only supported for user with
administrator role.
Testing:
$ curl -k -X POST https://${bmc}/redfish/v1/AccountService/Accounts
-d '{"UserName": "user99", "Password": "0penBmc0", "RoleId":
"Administrator", "AccountTypes": ["HostConsole"]}'
{
"@Message.ExtendedInfo": [
{
"@odata.type": "#Message.v1_1_1.Message",
"Message": "The resource has been created successfully.",
"MessageArgs": [],
"MessageId": "Base.1.13.0.Created",
"MessageSeverity": "OK",
"Resolution": "None."
}
]
}
$ curl -k
https://root:0penBmc@bmc1:443/redfish/v1/AccountService/Accounts/user99
{
"@odata.id": "/redfish/v1/AccountService/Accounts/user99",
"@odata.type": "#ManagerAccount.v1_7_0.ManagerAccount",
"AccountTypes": [
"HostConsole"
],
"Description": "User Account",
"Enabled": true,
"Id": "user99",
"Links": {
"Role": {
"@odata.id": "/redfish/v1/AccountService/Roles/Administrator"
}
},
"Locked": false,
"Locked@Redfish.AllowableValues": [
"false"
],
"Name": "User Account",
"Password": null,
"PasswordChangeRequired": false,
"RoleId": "Administrator",
"StrictAccountTypes": true,
"UserName": "user99"
}
Also ran following testcases:
$ curl -k -X POST https://${bmc}/redfish/v1/AccountService/Accounts
-d '{"UserName": "user99", "Password": "0penBmc0", "RoleId":
"Administrator", "AccountTypes": ["HostConsole"]}'
$ curl -k -X POST https://${bmc}/redfish/v1/AccountService/Accounts
-d '{"UserName": "user99", "Password": "0penBmc0", "RoleId":
"Operator", "AccountTypes": ["HostConsole"]}'
$ curl -k -X POST https://${bmc}/redfish/v1/AccountService/Accounts
-d '{"UserName": "user99", "Password": "0penBmc0", "RoleId":
"ReadOnly", "AccountTypes": ["HostConsole"]}'
$ curl -k -X POST https://${bmc}/redfish/v1/AccountService/Accounts
-d '{"UserName": "user99", "Password": "0penBmc0", "RoleId":
"Administrator", "AccountTypes": ["ManagerConsole"]}'
$ curl -k -X POST https://${bmc}/redfish/v1/AccountService/Accounts
-d '{"UserName": "user99", "Password": "0penBmc0", "RoleId":
"Administrator", "AccountTypes": ["Redfish"]}'
$ curl -k -X POST https://${bmc}/redfish/v1/AccountService/Accounts
-d '{"UserName": "user99", "Password": "0penBmc0", "RoleId":
"Administrator", "AccountTypes": ["WebUI"]}'
$ curl -k -X POST https://${bmc}/redfish/v1/AccountService/Accounts
-d '{"UserName": "user99", "Password": "0penBmc0", "RoleId":
"Administrator", "AccountTypes": ["IPMI"]}'
$ curl -k -X POST https://${bmc}/redfish/v1/AccountService/Accounts
-d '{"UserName": "user99", "Password": "0penBmc0", "RoleId":
"Administrator", "AccountTypes": ["Redfish", "IPMI", "HostConsole",
"ManagerConsole", "WebUI"]}'
$ curl -k -X POST https://${bmc}/redfish/v1/AccountService/Accounts
-d '{"UserName": "user99", "Password": "0penBmc0", "RoleId":
"Administrator", "AccountTypes": ["Redfish", "HostConsole",
"ManagerConsole", "WebUI"]}'
$ curl -k -X POST https://${bmc}/redfish/v1/AccountService/Accounts
-d '{"UserName": "user99", "Password": "0penBmc0", "RoleId":
"Administrator", "AccountTypes": ["Redfish", "ManagerConsole",
"WebUI"]}'
$ curl -k -X POST https://${bmc}/redfish/v1/AccountService/Accounts
-d '{"UserName": "user99", "Password": "0penBmc0", "RoleId":
"Administrator", "AccountTypes": ["Redfish", "HostConsole", "WebUI"]}'
$ curl -k -X POST https://${bmc}/redfish/v1/AccountService/Accounts
-d '{"UserName": "user99", "Password": "0penBmc0", "RoleId":
"Administrator", "AccountTypes": ["IPMI", "HostConsole",
"ManagerConsole"]}'
$ curl -k -X POST https://${bmc}/redfish/v1/AccountService/Accounts
-d '{"UserName": "user99", "Password": "0penBmc0", "RoleId":
"Operator", "AccountTypes": ["Redfish", "ManagerConsole", "WebUI"]}'
$ curl -k -X POST https://${bmc}/redfish/v1/AccountService/Accounts
-d '{"UserName": "user99", "Password": "0penBmc0", "RoleId":
"ReadOnly", "AccountTypes": ["Redfish", "ManagerConsole", "WebUI"]}'
Change-Id: I19ff994e712bcfaf827a5f8dd02a752a6ab92214
Signed-off-by: Ninad Palsule <ninadpalsule@us.ibm.com>
|
|
This commit enhances the redfish API to set and unset userGroups
information for each user account.
Users with ConfigureUsers level privilege can patch (Set and Unset)
AccountTypes of each user role. In addition, a user with
"ConfigureSelf" level privilege can only set or Update their password.
"Redfish" is always enabled in each user role. However,
"ConfigureUsers" can disable other user redfish services. But if
"ConfigureUsers" try to disable its redfish service, that generates an
error.
In this commit, users can enable and disable "redfish", "ssh",
"hostconsole" and "ipmi" services from each user where ssh is a special
case.
The 'web' group does not control access to the web interface, and
doesn't appear to do anything. The 'redfish' in the UserGroups is
mapped to both Redfish and WebUI AccountTypes. To enable redfish
User Group both of these account types should be specified, and none
to disable it.
Tested:
Testing was done using curl command with ConfigureUsers and
ConfigureSelf.
$ curl -k -X PATCH
https://$bmc:18080/redfish/v1/AccountService/Accounts/webuser -d
'{"AccountTypes": ["Redfish", "WebUI", "ManagerConsole",
"HostConsole"]}'
{
"@Message.ExtendedInfo": [
{
"@odata.type": "#Message.v1_1_1.Message",
"Message": "The request completed successfully.",
"MessageArgs": [],
"MessageId": "Base.1.13.0.Success",
"MessageSeverity": "OK",
"Resolution": "None"
}
]
}
Also ran following cases:
$ curl -k -X PATCH
https://${bmc}/redfish/v1/AccountService/Accounts/user99
-d '{"AccountTypes": ["HostConsole"]}'
$ curl -k -X PATCH
https://${bmc}/redfish/v1/AccountService/Accounts/user99
-d '{"AccountTypes": ["IPMI"]}'
$ curl -k -X PATCH
https://${bmc}/redfish/v1/AccountService/Accounts/user99
-d '{"AccountTypes": ["Redfish", "WebUI"]}'
$ curl -k -X PATCH
https://${bmc}/redfish/v1/AccountService/Accounts/user99
-d '{"AccountTypes": ["ManagerConsole"]}'
$ curl -k -X PATCH
https://${bmc}/redfish/v1/AccountService/Accounts/user99
-d '{"AccountTypes": ["Redfish", "IPMI", "HostConsole",
"ManagerConsole", "WebUI"]}'
{
"error": {
"@Message.ExtendedInfo": [
{
"@odata.type": "#Message.v1_1_1.Message",
"Message": "There are insufficient privileges for the account or
credentials associated with the current session to
perform the requested operation.",
"MessageArgs": [],
"MessageId": "Base.1.13.0.InsufficientPrivilege",
"MessageSeverity": "Critical",
"Resolution": "Either abandon the operation or change the
associated access rights and resubmit the request if the
operation failed."
}
],
"code": "Base.1.13.0.InsufficientPrivilege",
"message": "There are insufficient privileges for the account or
credentials associated with the current session to
perform the requested operation."
}
$ curl -k -H 'X-Auth-Token: IpnCBj1Lozh53Jhzxu7T' -X PATCH
https://${bmc}/redfish/v1/AccountService/Accounts/user999
-d '{"Password":"0penBmc123"}'
{
"@Message.ExtendedInfo": [
{
"@odata.type": "#Message.v1_1_1.Message",
"Message": "The request completed successfully.",
"MessageArgs": [],
"MessageId": "Base.1.13.0.Success",
"MessageSeverity": "OK",
"Resolution": "None"
}
]
Signed-off-by: Ninad Palsule <ninadpalsule@us.ibm.com>
Signed-off-by: Abhishek Patel <Abhishek.Patel@ibm.com>
Change-Id: I1a0344ca45556b820bb77c3dcb459f27eb032501
Signed-off-by: Shantappa Teekappanavar <shantappa.teekappanavar@ibm.com>
|
|
A new feature has been proposed[1] and implemented[2] which can be
optionally enabled on a system to not allow a chassis or host power on
operation when the BMC is not in a "Ready" state.
In those situations, if a power on operation is requested, the D-Bus
error response will be a specific BMCNotReady error. In those
situations, respond to the user with a more targeted error asking them
to retry in 10 seconds. The 10s retry is based on my experience with
OpenBMC based systems, the longest time between bmcweb being up and
running and BMC Ready is around 30s.
Tested:
- Enabled BMC Ready feature, manually put BMC in NotReady state,
and requested a:
```
/redfish/v1/Chassis/chassis/Actions/Chassis.Reset -d '{"ResetType": "PowerCycle"}'
```
- Confirmed new response message:
```
"Message": "The service is temporarily unavailable. Retry in 10 seconds."
```
- Stopped Chassis state service and verified expected "internal service
error" on same request
- Ran similar test with Systems/system/Actions/ComputerSystem.Reset API
- Confirmed good paths still worked as expected
[1]: https://lists.ozlabs.org/pipermail/openbmc/2023-May/033383.html
[2]: https://gerrit.openbmc.org/q/topic:bmc-ready-check
Change-Id: I6a6e5774c96b4f37c794ba49a5e06d3e51156d09
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
|
|
This extra quote snuch into the comment somehow. Fix it.
Change-Id: I5aa14e1f43b1de9cabda006f7f9727d611c5aea3
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
NOTICE: Future-deprecated features used:
* 0.64.0: {'copy arg in configure_file'}
Port to the new version of this, which is install_data.
Tested: Meson configure no longer throws the above warning.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I9c4d91c3c45bc52dde69ca34d7fc686e2e6c0d74
|
|
c9374ff613b6836010877f8083e75657abc78343
Was recently checked in that adds subproject files for nlohmann. It
opted for the name "nlohmann" when the upstream project installs itself
as "nlohmann_json". This mismatch causes a yocto build failure.
Fix it.
Tested: Code compiles
Change-Id: I2df5f473a61172593e9a1045fc5a229e06e3afc2
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
this-> is redundant when operating within a class member scope. We
should aim to be consistent.
This change was done automatically with sed replace
Tested: Code compiles
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: If791e83e0bd5f84031e65156b7ea082ded8e158c
|
|
This drop adds support for multiple consoles. The following changes are
made to achieve this.
- Kept the "/console0" route for backward compatibility
- Added a new route "/console/<str>" to support multiple consoles. All
new consoles must use this route string.
Testing:
- Make sure that old console path /console0 is working.
[INFO "http_connection.hpp":209] Request: 0x1bc2e60 HTTP/1.1
GET /console0 ::ffff:x.x.xx.xxx
[DEBUG "routing.hpp":1240] Matched rule (upgrade) '/console0' 1 / 2
[DEBUG "obmc_console.hpp":212] Connection 0x1bdb67c opened
[DEBUG "obmc_console.hpp":241] Console Object path =
/xyz/openbmc_project/console/default service =
xyz.openbmc_project.Console.default Request target = /console0
[DEBUG "obmc_console.hpp":198] Console web socket path: /console0
Console unix FD: 12 duped FD: 13
[DEBUG "obmc_console.hpp":82] Reading from socket
[DEBUG "obmc_console.hpp":162] Remove connection 0x1bdb67c from
obmc console
- Make sure that new path for default console working
[INFO "http_connection.hpp":209] Request: 0x1bd76a8 HTTP/1.1
GET /console/default ::ffff:x.x.xx.xxx
[DEBUG "routing.hpp":1240] Matched rule (upgrade) '/console/<str>'
1 / 2
[DEBUG "obmc_console.hpp":212] Connection 0x1baf82c opened
[DEBUG "obmc_console.hpp":241] Console Object path =
/xyz/openbmc_project/console/default service =
xyz.openbmc_project.Console.default Request
target = /console/default
[DEBUG "obmc_console.hpp":198] Console web socket path:
/console/default Console unix FD: 12 duped FD: 13
[DEBUG "obmc_console.hpp":82] Reading from socket
[INFO "obmc_console.hpp":154] Closing websocket. Reason:
[DEBUG "obmc_console.hpp":162] Remove connection 0x1baf82c from
obmc console
- Make sure that path for hypervisor console is working.
[INFO "http_connection.hpp":209] Request: 0x1bc2e60 HTTP/1.1
GET /console/hypervisor ::ffff:x.x.xx.xxx
[DEBUG "routing.hpp":1240] Matched rule (upgrade) '/console/<str>'
1 / 2
[DEBUG "obmc_console.hpp":212] Connection 0x1bc5234 opened
[DEBUG "obmc_console.hpp":241] Console Object path =
/xyz/openbmc_project/console/hypervisor service =
xyz.openbmc_project.Console.hypervisor Request
target = /console/hypervisor
[DEBUG "obmc_console.hpp":198] Console web socket path:
/console/hypervisor Console unix FD: 12 duped FD: 13
[DEBUG "obmc_console.hpp":82] Reading from socket
[INFO "obmc_console.hpp":154] Closing websocket. Reason:
[DEBUG "obmc_console.hpp":162] Remove connection 0x1bc5234 from
obmc console
- Make sure that bad console path is failing properly due to DBUS error.
[INFO "http_connection.hpp":209] Request: 0x1bd76a8 HTTP/1.1
GET /console/badconsoleid ::ffff:x.x.xx.xxx
[DEBUG "routing.hpp":1240] Matched rule (upgrade) '/console/<str>'
1 / 2
[DEBUG "obmc_console.hpp":212] Connection 0x1bdb67c opened
[DEBUG "obmc_console.hpp":241] Console Object path =
/xyz/openbmc_project/console/badconsoleid service =
xyz.openbmc_project.Console.badconsoleid Request
target = /console/badconsoleid
[ERROR "obmc_console.hpp":174] Failed to call console Connect()
method DBUS error: No route to host
Change-Id: I9b617bc51e3ddc605dd7f4d213c805d05d2cfead
Signed-off-by: Ninad Palsule <ninad@linux.ibm.com>
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
This commit is entirely just moving code, such that not all compile
units need to pull in the full html serializer.
Tested: Unit tests pass. Pretty good coverage.
Redfish service validator passes.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ifaebe9534c0693dc678fd994517563b89aca0cc5
|
|
This commit adds the SSE style eventservice subscription style event
Using this, end user can subscribe for Redfish event logs using GET
on SSE uris from browser.
Tested:
- From Browser did GET on above SSE URI and
generated some Redfish event logs(power cycle)
and saw redfish event logs streaming on browser.
- After SSE registration, Check Subscription collections
and GET on individual subscription and saw desired
response.
- Ran RedfishValidation and its passed.
Change-Id: I7f4b7a34974080739c4ba968ed570489af0474de
Signed-off-by: AppaRao Puli <apparao.puli@linux.intel.com>
Signed-off-by: P Dheeraj Srujan Kumar <p.dheeraj.srujan.kumar@intel.com>
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
Like the other dependencies, we should support auto download of these
packages through subproject.
Tested:
meson build
ninja -C build
Succeeded when tinyxml2 and nlohmann were not installed on the host
system.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Iad3769c6d8377f6eff78c34b98ca80da5e4fa187
|
|
These got missed in the initial patchset. Add them
Tested: At the end of the series.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I120986fb0afc34d5e0572d2cc2e1d8ff6994ee3c
|
|
In the same way we're doing other places.
Tested: THe last commit of the series will be tested.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I177e61dd3741f3885516a2f645a7039d274786cb
|
|
Currently, getPCIeDeviceList is only used by systems.hpp to obtain the
list of PCIe devices. However, there are plans to use this function in
other parts of the PCIe code as well. To better organize our code and
make the function more reusable, this commit moves getPCIeDeviceList to
pcie_util.hpp, a common location for PCIe-related utilities.
Tested:
'''
curl -k https://$bmc/redfish/v1/Systems/system
{
"@odata.id": "/redfish/v1/Systems/system",
"@odata.type": "#ComputerSystem.v1_16_0.ComputerSystem",
"Actions": {
"#ComputerSystem.Reset": {
"@Redfish.ActionInfo": "/redfish/v1/Systems/system/ResetActionInfo",
"target": "/redfish/v1/Systems/system/Actions/ComputerSystem.Reset"
}
},
.....
.....
"PCIeDevices": [
{
"@odata.id": "/redfish/v1/Systems/system/PCIeDevices/dp0_drive2"
},
{
"@odata.id": "/redfish/v1/Systems/system/PCIeDevices/dp0_drive3"
},
.....
.....
{
"@odata.id": "/redfish/v1/Systems/system/PCIeDevices/pcie_card0"
},
{
"@odata.id": "/redfish/v1/Systems/system/PCIeDevices/pcie_card1"
},
{
"@odata.id": "/redfish/v1/Systems/system/PCIeDevices/pcie_card10"
},
.....
{
"@odata.id": "/redfish/v1/Systems/system/PCIeDevices/pcie_card9"
}
],
"PCIeDevices@odata.count": 20,
.....
.....
'''
Change-Id: I3aaa5b55e8574929154ffd743db53da6fbaeb75d
Signed-off-by: Lakshmi Yadlapati <lakshmiy@us.ibm.com>
|
|
This prototype got added twice, once with int as a value, and once with
size_t. This builds fine in 64 bit, but in 32 bit, fails.
Tested: Code compiles
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ie3de779330d768cdd84d5647d242d5fe447d2a85
|
|
This makes several changes to server-sent events to allow it to merge
to master. The routing system has been removed in leiu of using
content-type eventstream detection. Timers have been added to the
sse connections, and sse connections now rely on async_wait, rather
than a full read.
Tested: WIP
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Id0ff0ebc2b3a795b3dba008e440556a9fdd882c2
|
|
Server-Sent-Event is a standard describing how servers can initiate
data transmission towards clients once an initial client connection has
been established. Unlike websockets (which are bidirectional),
Server-Sent-Events(SSE) are unidirectional and commonly used to send
message updates or continuous data streams to a browser client.
This is base patch for adding Server-Sent-Events routing support to
bmcweb. Redfish EventService SSE style subscription uses SSE route for
sending the Events/MetricReports to client which establishes the
connection.
Tested this patch with along with EventService SSE support patches and
verified the functionalty on browser.
Tested:
- Tested using follow-up patches on top which adds
support for Redfish EventService SSE style subscription
and observed events are getting sent periodically.
- Created SSE subscription from the browser by visiting
https://<BMC IP>/redfish/v1/EventService/SSE
Change-Id: I36956565cbba30c2007852c9471f477f6d1736e9
Signed-off-by: AppaRao Puli <apparao.puli@linux.intel.com>
Signed-off-by: P Dheeraj Srujan Kumar <p.dheeraj.srujan.kumar@intel.com>
Signed-off-by: V-Sanjana <sanjana.v@intel.com>
|
|
User input must be validated to avoid the out-of-memory issue. This
commit adds the size check on input parameters such as Context,
Destination and Header field while create or update the
EventDestination.
Added a generic error message "PropertySizeExceeded" in message registry
which is used as response when size limit is exceeded.
Tested
- Validated using POST on Event Subscription.
- When Context, Destination and Headers were too long,
received a error message denoting the same.
Change-Id: Ibab847ce0c99f445a76e6d3aee8074428bb7d30f
Signed-off-by: AppaRao Puli <apparao.puli@intel.com>
Signed-off-by: Ayushi Smriti <smriti.ayushi@intel.com>
Signed-off-by: P Dheeraj Srujan Kumar <p.dheeraj.srujan.kumar@intel.com>
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
Update Base registry to 1.16.0, and Resource Event registry to 1.3.0
Patch was generated automatically.
Tested: Code builds.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ie9c15a657459cf7ec7fa5b4bf89460049fbce554
|
|
Debugging internalError responses from bmcweb has been a consistent
pain point for us. It does help to at least have the boost error code
logged to the journal. Ensure the error code is logged to the journal
consistently within the chassis file.
If this commit makes sense to the maintainers then I will work on making
this consistent in other files at a later date.
Tested:
- Verified it compiled and one of the error paths traced the appropriate
boost error code.
Change-Id: I76b7644bc18e76fff69595fb5f1bc23d257563e9
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
|
|
Backpressure on incoming bytes helps both to simplify the layering of
the console, as well as prevent some cases of OOM crashes.
Similar to what we did with nbd_proxy, move obmc console over to the new
sendEx interface, allowing for backpressure, and fixed size std::array
buffers.
Tested:
Made sure single console can see the data.
Made sure two consoles can see the data.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I63d142fc5e8f8a734f3a7b8d0aa3f0d8c263d5ba
|
|
I jumped the gun a little on merging this. This commit moves the
health-populate option to be called redfish-health-populate
and disables it by default
Tested: Code compiles
Change-Id: I9b2ffef828ec912e011d5d82fbfeaae5fb66ff2a
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
When a non-existent PCIeFunctionId is queried, bmcweb
returns the success but with the incorrect output.
```
curl -k -X GET https://${bmc}:18080/redfish/v1/Systems/system/PCIeDevices/pcie_card1/PCIeFunctions/12
{
"@odata.id": "/redfish/v1/Systems/system/PCIeDevices/pcie_card1/PCIeFunctions/12",
"@odata.type": "#PCIeFunction.v1_2_3.PCIeFunction",
"FunctionId": 12,
"Id": "12",
"Links": {
"PCIeDevice": {
"@odata.id": "/redfish/v1/Systems/system/PCIeDevices/pcie_card1"
}
},
"Name": "PCIe Function"
}%
```
This should be resulted as
```
"@odata.type": "#Message.v1_1_1.Message",
"Message": "The requested resource of type PCIeFunction named '12' was not found.",
```
Change-Id: If6a1453e3e549e07b6961ff80ebf37b0537e2b7c
Signed-off-by: Myung Bae <myungbae@us.ibm.com>
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
Atoi has the potential to cause crashes if users request non-integer
pcie function numbers. Replace with functional code.
Tested: WIP
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I6742ff6b69e6df4a4afae26610effa01f2450b1b
|
|
Sensors that are not found are incorrectly reported as internal Server error
and its logging is done as Error.
.
It will be changed to 404 - Not found and its logging will be WARNING.
```
redfishtool raw GET -r ${bmc} -u admin -p 0penBmc0 -S Always /redfish/v1/Chassis/chassis/Sensors/temperature_PCIE_1_Temp_invalid
redfishtool: Transport: Response Error: status_code: 500 -- Internal Server Error
redfishtool: raw: Error getting response
curl -k -X GET https://${bmc}/redfish/v1/Chassis/chassis/Sensors/temperature_PCIE_1_Temp_invalid
{
"@odata.id": "/redfish/v1/Chassis/chassis/Sensors/temperature_PCIE_1_Temp_invalid",
"error": {
"@Message.ExtendedInfo": [
{
"@odata.type": "#Message.v1_1_1.Message",
"Message": "The request failed due to an internal service error. The service is still operational.",
"MessageArgs": [],
"MessageId": "Base.1.13.0.InternalError",
"MessageSeverity": "Critical",
"Resolution": "Resubmit the request. If the problem persists, consider resetting the service."
}
],
"code": "Base.1.13.0.InternalError",
"message": "The request failed due to an internal service error. The service is still operational."
}
}%
```
Its logging is
```
redfishtool: Transport: Response Error: status_code: 500 -- Internal Server Error(2023-05-31 15:16:43) [CRITICAL "error_messages.cpp":282] Internal Error ../../../../../../../../../bmcweb/redfish-core/lib/sensors.hpp(2928:36) `redfish::sensors::handleSensorGet(App&, const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>&, const std::string&, const std::string&)::<lambda(const boost::system::error_code&, const dbus::utility::MapperGetObject&)>`:
(2023-05-31 15:16:43) [ERROR "sensors.hpp":2929] Sensor getSensorPaths resp_handler: Dbus error generic:5
```
The expected behavior will be
```
redfishtool raw GET -r ${bmc} -u admin -p 0penBmc0 -S Always /redfish/v1/Chassis/chassis/Sensors/temperature_PCIE_1_Temp_invalid
redfishtool: Transport: Response Error: status_code: 404 -- Not Found
curl -k -X GET https://${bmc}/redfish/v1/Chassis/chassis/Sensors/temperature_PCIE_1_Temp_invalid
{
"@odata.id": "/redfish/v1/Chassis/chassis/Sensors/temperature_PCIE_1_Temp_invalid",
"error": {
"@Message.ExtendedInfo": [
{
"@odata.type": "#Message.v1_1_1.Message",
"Message": "The requested resource of type temperature_PCIE_1_Temp_invalid named 'Sensor' was not found.",
"MessageArgs": [
"temperature_PCIE_1_Temp_invalid",
"Sensor"
],
"MessageId": "Base.1.13.0.ResourceNotFound",
"MessageSeverity": "Critical",
"Resolution": "Provide a valid resource identifier and resubmit the request."
}
],
"code": "Base.1.13.0.ResourceNotFound",
"message": "The requested resource of type temperature_PCIE_1_Temp_invalid named 'Sensor' was not found."
}
}%
```
Its logging will be:
```
(2023-05-31 20:17:55) [WARNING "sensors.hpp":2928] Sensor not found from getSensorPaths
```
Change-Id: I5a51c1b5c0125b5396068311602964d4e249e297
Signed-off-by: Myung Bae <myungbae@us.ibm.com>
|
|
Redfish deprecated the Processor/Memory Summary Status (state, health,
healthrollup) attributes. Please refer to redfish spec for more details:
https://redfish.dmtf.org/schemas/v1/ComputerSystem.v1_20_0.json
Initially I tried to fix the summary status issues,
(https://gerrit.openbmc.org/c/openbmc/bmcweb/+/60663)
But later it was decided that we should also remove these attributes
from the bmcweb code. Here is a link to discussion on discord:
https://discord.com/channels/775381525260664832/855566794994221117/1093939076710793296
This drop hides these attributes under defined
BMCWEB_ENABLE_PROC_MEM_STATUS. This option is disabled by default.
These attributes will be permanently removed from code in 1Q 2024
(in 8-9 months).
Testing:
- Redfish validator passed excepted couple of failures but those are
failing without my changes too.
- Make sure that summary status for memory and processor is not seen
in the output.
Without fix:
------------
'''
$ curl -s -k https://${bmc}/redfish/v1/Systems/system
.....
"MemorySummary": {
"Status": {
"Health": "OK",
"HealthRollup": "OK",
"State": "Enabled"
},
"TotalSystemMemoryGiB": 256
},
.....
"ProcessorSummary": {
"CoreCount": 20,
"Count": 4,
"Status": {
"Health": "OK",
"HealthRollup": "OK",
"State": "Enabled"
}
},
.....
''''
With fix:
---------
'''
"MemorySummary": {
"TotalSystemMemoryGiB": 256
},
.....
"ProcessorSummary": {
"CoreCount": 20,
"Count": 4
},
.....
''''
- Turned on BMCWEB_ALLOW_DEPRECATED_PROC_MEM_STATUS flag and made sure
that properties are shown again.
Change-Id: I1e0ee386bd4f365599afcf46e5d587285af635ad
Signed-off-by: Ninad Palsule <ninadpalsule@us.ibm.com>
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
The Health populate calls GetManagedObjects at `/` which can take a lot
of time. Add the option to disable to improve performance if it is not
needed.
Tested:
```
$ meson build -Dhealth-populate=disabled
...
User defined options
backend : ninja
health-populate : disabled
```
Build passed.
Health Status removed. Some resource still create HealthPopulate, but
does not populate. It will require further refactoring to clean it out.
Testing on `/redfish/v1/Chassis?$expand=.($levels=1)`
On 14 chassis, from about 2.5 seconds to 400 ms. :)
Before:
```
Getting times for chassis
Getting good line count with wget -q -O- localhost:80/redfish/v1/Chassis?$expand=.($levels=1)
Line count: 980
17:05:56: real 0m2.908s user 0m0.000s sys 0m0.030s
17:05:59: real 0m2.414s user 0m0.010s sys 0m0.010s
17:05:03: real 0m3.410s user 0m0.000s sys 0m0.020s
17:05:09: real 0m2.372s user 0m0.000s sys 0m0.010s
17:05:13: real 0m3.407s user 0m0.010s sys 0m0.000s
17:05:19: real 0m2.420s user 0m0.010s sys 0m0.000s
17:05:23: real 0m3.463s user 0m0.010s sys 0m0.000s
17:05:29: real 0m2.414s user 0m0.000s sys 0m0.010s
17:05:33: real 0m2.843s user 0m0.010s sys 0m0.010s
17:05:38: real 0m2.512s user 0m0.000s sys 0m0.020s
17:05:42: real 0m2.474s user 0m0.000s sys 0m0.010s
17:05:47: real 0m2.557s user 0m0.010s sys 0m0.010s
17:05:52: real 0m2.439s user 0m0.020s sys 0m0.000s
17:05:56: real 0m3.127s user 0m0.010s sys 0m0.000s
17:05:01: real 0m2.563s user 0m0.020s sys 0m0.000s
17:05:06: real 0m2.392s user 0m0.020s sys 0m0.020s
17:05:10: real 0m2.405s user 0m0.020s sys 0m0.000s
17:05:15: real 0m2.514s user 0m0.010s sys 0m0.010s
17:05:19: real 0m2.809s user 0m0.020s sys 0m0.010s
17:05:24: real 0m2.944s user 0m0.010s sys 0m0.010s
17:05:29: real 0m2.537s user 0m0.010s sys 0m0.000s
17:05:34: real 0m3.290s user 0m0.000s sys 0m0.000s
17:05:39: real 0m2.601s user 0m0.040s sys 0m0.000s
17:05:43: real 0m2.398s user 0m0.010s sys 0m0.040s
17:05:48: real 0m2.664s user 0m0.000s sys 0m0.020s
17:05:53: real 0m2.323s user 0m0.010s sys 0m0.000s
17:05:57: real 0m3.033s user 0m0.000s sys 0m0.010s
17:05:02: real 0m3.243s user 0m0.000s sys 0m0.010s
17:05:07: real 0m2.604s user 0m0.010s sys 0m0.010s
17:05:12: real 0m2.813s user 0m0.010s sys 0m0.010s
17:05:17: real 0m2.325s user 0m0.020s sys 0m0.000s
17:05:21: real 0m2.577s user 0m0.010s sys 0m0.000s
17:05:26: real 0m2.882s user 0m0.030s sys 0m0.000s
17:05:31: real 0m2.572s user 0m0.000s sys 0m0.020s
17:05:35: real 0m2.678s user 0m0.010s sys 0m0.010s
17:05:40: real 0m2.656s user 0m0.010s sys 0m0.010s
17:05:45: real 0m2.921s user 0m0.020s sys 0m0.000s
17:05:49: real 0m2.723s user 0m0.000s sys 0m0.020s
17:05:54: real 0m2.910s user 0m0.010s sys 0m0.010s
17:05:59: real 0m2.601s user 0m0.020s sys 0m0.000s
17:05:04: real 0m2.615s user 0m0.000s sys 0m0.000s
```
After:
```
Getting times for chassis
Getting good line count with wget -q -O- localhost:80/redfish/v1/Chassis?$expand=.($levels=1)
Line count: 980
16:04:43: real 0m0.188s user 0m0.020s sys 0m0.000s
16:04:43: real 0m0.195s user 0m0.010s sys 0m0.000s
16:04:45: real 0m0.219s user 0m0.010s sys 0m0.000s
16:04:48: real 0m0.226s user 0m0.020s sys 0m0.000s
16:04:50: real 0m0.208s user 0m0.020s sys 0m0.010s
16:04:52: real 0m0.226s user 0m0.010s sys 0m0.010s
16:04:54: real 0m0.419s user 0m0.000s sys 0m0.010s
16:04:57: real 0m0.222s user 0m0.010s sys 0m0.020s
16:04:59: real 0m0.194s user 0m0.000s sys 0m0.010s
16:04:01: real 0m0.191s user 0m0.010s sys 0m0.010s
16:04:04: real 0m0.276s user 0m0.010s sys 0m0.020s
16:04:06: real 0m0.183s user 0m0.020s sys 0m0.000s
16:04:08: real 0m0.193s user 0m0.040s sys 0m0.000s
16:04:10: real 0m0.406s user 0m0.020s sys 0m0.010s
16:04:13: real 0m0.317s user 0m0.000s sys 0m0.000s
16:04:15: real 0m0.442s user 0m0.005s sys 0m0.005s
16:04:18: real 0m0.226s user 0m0.010s sys 0m0.000s
16:04:20: real 0m0.217s user 0m0.020s sys 0m0.000s
16:04:22: real 0m0.200s user 0m0.010s sys 0m0.030s
16:04:24: real 0m0.423s user 0m0.010s sys 0m0.010s
16:04:27: real 0m0.203s user 0m0.020s sys 0m0.010s
16:04:29: real 0m0.433s user 0m0.000s sys 0m0.000s
16:04:31: real 0m0.318s user 0m0.020s sys 0m0.000s
16:04:34: real 0m1.206s user 0m0.000s sys 0m0.010s
16:04:37: real 0m0.403s user 0m0.000s sys 0m0.020s
16:04:39: real 0m0.353s user 0m0.010s sys 0m0.000s
16:04:42: real 0m0.291s user 0m0.000s sys 0m0.030s
16:04:44: real 0m0.742s user 0m0.020s sys 0m0.010s
16:04:47: real 0m0.369s user 0m0.010s sys 0m0.000s
16:04:49: real 0m0.215s user 0m0.020s sys 0m0.000s
16:04:52: real 0m0.204s user 0m0.000s sys 0m0.010s
16:04:54: real 0m0.418s user 0m0.000s sys 0m0.000s
16:04:56: real 0m0.215s user 0m0.000s sys 0m0.010s
16:04:58: real 0m0.202s user 0m0.010s sys 0m0.010s
16:04:01: real 0m0.202s user 0m0.010s sys 0m0.010s
16:04:03: real 0m0.212s user 0m0.010s sys 0m0.000s
16:04:05: real 0m0.694s user 0m0.010s sys 0m0.010s
16:04:08: real 0m0.201s user 0m0.010s sys 0m0.010s
16:04:10: real 0m0.230s user 0m0.000s sys 0m0.020s
16:04:12: real 0m0.206s user 0m0.010s sys 0m0.010s
16:04:15: real 0m0.446s user 0m0.010s sys 0m0.010s
```
Change-Id: I90b242e2cd24973420de871fedf9793dd1e310f3
Signed-off-by: Willy Tu <wltu@google.com>
|
|
Added new ConsoleHandler class to prepare for the multiple consoles
support. All global fields are moved to the ConsoleHandler class and a
new global map added to remember the ConsoleHandler for each console
path. There is single ConsoleHandler per connection so we don't need
session map per route. There is a limit added for max number of
connection allowed to avoid any service attacks.
Testing:
- Make sure that single console works fine and data is seen on the
console.
- Make sure that multiple consoles of type host console are created
and data is seen on all consoles. Also using traces made sure
that new handlers are destroyed.
Traces: Traces shows that multiple consoles active and later destroyed.
[INFO "http_connection.hpp":209] Request: 0x24bb790 HTTP/1.1 GET
/console0 ::ffff:x.xx.xxx.xx
[DEBUG "routing.hpp":1240] Matched rule (upgrade) '/console0' 1 / 2
[DEBUG "obmc_console.hpp":238] Connection 0x24eb424 opened
[DEBUG "obmc_console.hpp":150] Obmc handler 0x24c18fc added 1 for path
0x24eb424
[DEBUG "obmc_console.hpp":257] Console Object path =
/xyz/openbmc_project/console/default service =
xyz.openbmc_project.Console.default Request target = /console0
[DEBUG "obmc_console.hpp":224] Console web socket path: /console0
Console unix FD: 13 duped FD: 14
[DEBUG "obmc_console.hpp":44] Outbuffer empty. Bailing out
[INFO "http_connection.hpp":209] Request: 0x265d740 HTTP/1.1 GET
/console0 ::ffff:x.xx.xxx.xx
[DEBUG "routing.hpp":1240] Matched rule (upgrade) '/console0' 1 / 2
[DEBUG "obmc_console.hpp":238] Connection 0x2661de4 opened
[DEBUG "obmc_console.hpp":150] Obmc handler 0x25e69ac added 1 for path
0x2661de4
[DEBUG "obmc_console.hpp":257] Console Object path =
/xyz/openbmc_project/console/default service =
xyz.openbmc_project.Console.default Request target = /console0
[DEBUG "obmc_console.hpp":224] Console web socket path: /console0
Console unix FD: 19 duped FD: 20
[DEBUG "obmc_console.hpp":44] Outbuffer empty. Bailing out
[INFO "http_connection.hpp":209] Request: 0x265d740 HTTP/1.1 GET
/console0 ::ffff:x.xx.xxx.xx
[DEBUG "routing.hpp":1240] Matched rule (upgrade) '/console0' 1 / 2
[DEBUG "obmc_console.hpp":238] Connection 0x25f1fdc opened
[DEBUG "obmc_console.hpp":150] Obmc handler 0x26ff22c added 1 for path
0x25f1fdc
[DEBUG "obmc_console.hpp":257] Console Object path =
/xyz/openbmc_project/console/default service =
xyz.openbmc_project.Console.default Request target = /console0
[DEBUG "obmc_console.hpp":224] Console web socket path: /console0
Console unix FD: 19 duped FD: 21
[DEBUG "obmc_console.hpp":44] Outbuffer empty. Bailing out
[INFO "obmc_console.hpp":177] Closing websocket. Reason:
[DEBUG "obmc_console.hpp":184] Remove connection 0x25f1fdc from obmc
handler 0x26ff22c for path /console0
[INFO "obmc_console.hpp":177] Closing websocket. Reason:
[DEBUG "obmc_console.hpp":184] Remove connection 0x2661de4 from obmc
handler 0x25e69ac for path /console0
[INFO "obmc_console.hpp":177] Closing websocket. Reason:
[DEBUG "obmc_console.hpp":184] Remove connection 0x24eb424 from obmc
handler 0x24c18fc for path /console0
Change-Id: I77a58a3a186e87611219aed90b221f9b8be7fa2f
Signed-off-by: Ninad Palsule <ninad@linux.ibm.com>
|
|
This commit adds a meson option to allow selecting which dns resolver
bmcweb uses. There are use cases, like Open Compute Project Inband
Management Agent, that would require not using dbus, which would require
us to fall back to the asio resolver. This commit makes the existing
asio resolver constructor, and async_resolve methods match the
equivalents in asio (which we intended to do anyway), then adds a macro
and configure option for being able to select which resolver backend to
rely on.
Tested: Code can now compile without sdbusplus.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I3220214367179f131a60082bdfaf7e725d35c125
|