arif/xcat-core
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

fix for bug 4119: add comments for postscripts confignics/configeth/configib

Browse Source
This commit is contained in:
ligc
2014-07-24 16:50:30 -05:00
parent 292d7ea5d9 08d923735c
commit 843bad685c
20 changed files with 243 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
perl-xCAT/xCAT/PPCboot.pm
View File

@@ -350,6 +350,27 @@ sub do_rnetboot {
last;
}
}
# Set the boot mode to norm from 'of' (open firmware)
# NOW, only necessary for IVM
my $hwtype = @$exp[2];
if ($hwtype eq "ivm") {
my $server = @$exp[3];
# creat connection first
my @newexp = xCAT::PPCcli::connect( $request, $hwtype, $server );
if (ref($newexp[0]) eq "Expect" ) {
my $cfg = "lpar_id=@$d[0],boot_mode=norm";
# change the boot mode to 'norm'
xCAT::PPCcli::chsyscfg(\@newexp, "prof", $d, $cfg);
xCAT::PPCcli::disconnect(\@newexp);
} else {
my $rsp;
$rsp->{data} = ["Failed to set the boot mode to normal. For rnetboot command, you have to rpower off and then on the node after finishing the OS deployment."];
xCAT::MsgUtils->message("E", $rsp, $request->{callback});
}
}
return $result;
}

9
perl-xCAT/xCAT/SLP.pm
View File

@@ -287,7 +287,7 @@ sub dodiscover {
if ($rethash{$peername}) {
next; #got a dupe, discard
}
my $result = process_slp_packet(packet=>$slpkg,sockaddr=>$pkg,'socket'=>$args{'socket'});
my $result = process_slp_packet(packet=>$slpkg,sockaddr=>$pkg,'socket'=>$args{'socket'}, peername=>$peername, callback=>$args{reqcallback});
if ($result) {
if ($peername =~ /\./) { #ipv4
$peername =~ s/::ffff://;
@@ -371,9 +371,10 @@ sub process_slp_packet {
if ($parsedpacket->{FunctionId} == 2) {#Service Reply
parse_service_reply($parsedpacket->{payload},$parsedpacket);
unless (ref $parsedpacket->{service_urls} and scalar @{$parsedpacket->{service_urls}}) { return undef; }
if ($parsedpacket->{attributes}) { #service reply had ext
return $parsedpacket; #don't bother sending attrrequest, already got it in first packet
if ($parsedpacket->{attributes} && get_mac_for_addr($args{peername})) {
#service reply had ext. Stop here if has gotten attributes and got mac.
#continue the unicast request for service attributes if cannot find mac for peernode
return $parsedpacket; #don't bother sending attrrequest, already got it in first packet
}
my $srvtype = $xid_to_srvtype_map{$parsedpacket->{Xid}};
my $packet = generate_attribute_request(%args,SrvType=>$srvtype);

11
xCAT-server/lib/xcat/plugins/credentials.pm
View File

@@ -198,6 +198,17 @@ sub process_request
`logger -t xCAT -p local4.info "credentials: Unable to read private RSA key"` ;
next;
}
} elsif ($parm =~ /ssh_ecdsa_hostkey/) {
`logger -t xCAT -p local4.info "credentials: sending $parm"` ;
if (-r "/etc/xcat/hostkeys/$client/ssh_host_ecdsa_key") {
$tfilename="/etc/xcat/hostkeys/$client/ssh_host_ecdsa_key";
} elsif (-r "/etc/xcat/hostkeys/ssh_host_ecdsa_key") {
$tfilename="/etc/xcat/hostkeys/ssh_host_ecdsa_key";
} else {
push @{$rsp->{'error'}},"Unable to read private ECDSA key from /etc/xcat/hostkeys";
`logger -t xCAT -p local4.info "credentials: Unable to read private ECDSA key"` ;
next;
}
} elsif ($parm =~ /xcat_cfgloc/) {
`logger -t xCAT -p local4.info "credentials: sending $parm"` ;
unless (-r "/etc/xcat/cfgloc") {

6
xCAT-server/lib/xcat/plugins/kit.pm
View File

@@ -1411,7 +1411,8 @@ sub addkit
if ( $hasplugin ) {
# Issue xcatd reload to load the new plugins
system("/etc/init.d/xcatd restart");
#system("/etc/init.d/xcatd restart");
system("XCATRELOAD=yes xcatd -p /var/run/xcatd.pid");
}
}
}
@@ -1731,7 +1732,8 @@ sub rmkit
if ( $hasplugin ) {
# Issue xcatd reload to load the new plugins
system("/etc/init.d/xcatd restart");
#system("/etc/init.d/xcatd restart");
system("XCATRELOAD=yes xcatd -p /var/run/xcatd.pid");
}
}

27
xCAT-server/lib/xcat/plugins/lsslp.pm
View File

@@ -1090,6 +1090,30 @@ sub parse_responses {
trace( $request, "Discover node $atthash{hostname}: type is $atthash{type},\
mtm is $atthash{mtm},sn is $atthash{serial}, ip is $atthash{ip},\
mac is $atthash{mac}, otherinterfaces is $atthash{otherinterfaces}" );
} elsif ($type eq SERVICE_IVM) {
$atthash{type} = $service_slp{$type};
$atthash{mtm} = ${$attributes->{'machinetype-model'}}[0];
$atthash{serial} = ${$attributes->{'serial-number'}}[0];
$atthash{id} = ${$attributes->{'lparid'}}[0];
$atthash{ip} = ${$attributes->{'ip-address'}}[0];
$atthash{hostname} = get_host_from_url($request, $attributes);
$atthash{hostname} =~ s/^Server/ivm/;
my @ips = @{$attributes->{'ip-address'}};
foreach my $tmpip (@ips) {
if (exists($::OLD_DATA_CACHE{"ivm*".$atthash{mtm}."*".$atthash{serial}})){
$atthash{hostname} = $::OLD_DATA_CACHE{"ivm*".$atthash{mtm}."*".$atthash{serial}};
push @matchnode, 'Server-'.$atthash{mtm}.'-SN'.$atthash{serial};
$atthash{ip} = $tmpip;
}
}
$atthash{mac} = $rsp;
$atthash{url} = ${$searchmacs{$rsp}}{payload};
$atthash{otherinterfaces} = ${$attributes->{'ip-address'}}[0];
$outhash{'Server-'.$atthash{mtm}.'-SN'.$atthash{serial}} = \%atthash;
$$length = length( $atthash{ip}) if ( length( $atthash{ip} ) > $$length );
trace( $request, "Discover node $atthash{hostname}: type is $atthash{type},\
mtm is $atthash{mtm},sn is $atthash{serial}, ip is $atthash{ip},\
mac is $atthash{mac}, otherinterfaces is $atthash{otherinterfaces}" );
}elsif (($type eq SERVICE_FSP) && (${$attributes->{'machinetype-model'}}[0] =~ /^7895|1457|7954/ )) {
# Skip this entry if "-s CEC" was specified - we do not list FSP entries for Flex when only CECs were requested
next unless ($option_s ne "CEC");
@@ -1546,6 +1570,9 @@ sub format_stanza {
if ($type =~ /^fsp|bpa|cmm$/){
$result .= "\totherinterfaces=${$outhash->{$name}}{otherinterfaces}\n";
}
if ($type eq "ivm") {
$result .= "\tip=${$outhash->{$name}}{ip}\n";
}
$result .= "\thwtype=$globalhwtype{$type}\n";
}
return( $result );

22
xCAT-server/sbin/xcatconfig
View File

@@ -916,10 +916,12 @@ sub settunables
If node private node hostkeys do not exist in either directory or force option
or generate host key option, we need to generate them
These keys are installed on the nodes in /etc/ssh directory and allow the
node to ssh without password node to node.
node to ssh to the other nodes and the MN or SN to be able to ssh to the node
Without known_hosts warning messages.
They are store in /etc/xcat/hostkeys on the MN.
This also includes some migration to /install/postscripts/hostkeys
The public key is also installed in /install/postscripts/hostkeys
for the install process
The private key is downloaded by remoteshell postscript using the credentials.pm interface
=cut
@@ -956,7 +958,7 @@ sub genSSHNodeHostKey
}
}
# remove the old keys
# remove the old keys from the /intall/postscripts/hostkeys directroy
if (-r $hostkey)
{
my $cmd = "/bin/rm $::INSTALLDIR/postscripts/hostkeys/ssh_host*";
@@ -970,7 +972,7 @@ sub genSSHNodeHostKey
}
}
# remove the old keys
# remove the old keys from the /etc/xcat/hostkeys directory
if (-r $hostkey2)
{
my $cmd = "/bin/rm /etc/xcat/hostkeys/ssh_host*";
@@ -1014,6 +1016,18 @@ sub genSSHNodeHostKey
{
xCAT::MsgUtils->message('E', "Could not generate SSH2 DSA key.");
}
# see if this system supports the ecdsa
if (-e "/etc/ssh/ssh_host_ecdsa_key") {
xCAT::MsgUtils->message('I', "Generating SSH2 ECDSA Key...");
$cmd =
"/usr/bin/ssh-keygen -t ecdsa -f /etc/xcat/hostkeys/ssh_host_ecdsa_key -C '' -N ''";
$outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E', "Could not generate SSH2 ECDSA key.");
}
}
# copy the public keys to install directory
$cmd =

31
xCAT/postscripts/aixremoteshell
View File

@@ -201,11 +201,31 @@ sub setupSSH
$msg = "aixremoteshell: Could not get ssh_host_rsa_key file.\n";
`logger -t xcat -p local4.err $msg`;
}
if ( $nodetype eq "service") {
# is there is a ecdsa host key on the node, then get the one from the MN/SN
my $filename = "/etc/ssh/ssh_host_ecdsa_key";
if (-e $filename) {
my $response=&getresponse("ssh_ecdsa_hostkey");
if (defined ($response) ) {
my $fd;
&runcmd("mkdir -p /etc/ssh");
open($fd, '>',$filename);
print $fd $response;
close($fd);
# set the permissions
my $cmd = "chmod 600 $filename > /dev/null 2>&1";
&runcmd($cmd);
}
else {
$msg = "aixremoteshell: Could not get ssh_host_ecdsa_key file.\n";
`logger -t xcat -p local4.err $msg`;
}
}
if ( $nodetype eq "service") {
&runcmd("mkdir -p /etc/xcat/hostkeys; cp /etc/ssh/ssh* /etc/xcat/hostkeys/. > /dev/null 2>&1");
}
# Decide whether to enable ssh between the nodes
if ($enablesshbetweennodes eq "YES") {
# Decide whether to enable passwordless ssh between the nodes
if ($enablesshbetweennodes eq "YES") {
my $response=&getresponse("ssh_root_key");
if (defined ($response) ) {
my $fd;
@@ -216,7 +236,6 @@ sub setupSSH
close($fd);
# set the permissions
#TODO - what perms are needed???
my $cmd = "chmod 600 $filename > /dev/null 2>&1";
&runcmd($cmd);
@@ -227,8 +246,8 @@ sub setupSSH
else {
$msg = "aixremoteshell: Could not get id_rsa file.\n";
`logger -t xcat -p local4.err $msg`;
}
}
}
}
return 0;
}

7
xCAT/postscripts/config_chef_server
View File

@@ -3,9 +3,10 @@
str_dir_name=`dirname $0`
. $str_dir_name/xcatlib.sh
if [ "$(uname -s|tr 'A-Z' 'a-z')" = "linux" ];then
str_dir_name=`dirname $0`
. $str_dir_name/xcatlib.sh
fi
#-------------------------------------------------------------------------------

8
xCAT/postscripts/configbond
View File

@@ -34,9 +34,11 @@
# NETWORKS_LINE2=netname=10_0_2_0-255_255_255_0||net=10.0.2.0||mask=255.255.255.0||mgtifname=eth0||gateway=10.0.2.2||dhcpserver=||tftpserver=10.0.2.15||nameservers=||ntpservers=||logservers=||dynamicrange=||staticrange=||staticrangeincrement=||nodehostname=||ddnsdomain=||vlanid=||domain=||disable=||comments=
# locd library for network caculation
str_dir_name=`dirname $0`
. $str_dir_name/xcatlib.sh
# load library for network caculation
if [ "$(uname -s|tr 'A-Z' 'a-z')" = "linux" ];then
str_dir_name=`dirname $0`
. $str_dir_name/xcatlib.sh
fi
# Subroutine to display message and pass it to syslog
# Usage: showmsg "message to putput" ["error"]

9
xCAT/postscripts/configeth
View File

@@ -1,4 +1,5 @@
#!/bin/bash
<<<<<<< HEAD
# IBM(c) 2014 EPL license http://www.eclipse.org/legal/epl-v10.html
@@ -9,8 +10,14 @@
#-------------------------------------------------------------------------------
str_dir_name=`dirname $0`
=======
>>>>>>> 08d923735c2c134b7bcd2a2b976706c10bc2f1cc
. $str_dir_name/xcatlib.sh
f [ "$(uname -s|tr 'A-Z' 'a-z')" = "linux" ];then
str_dir_name=`dirname $0`
. $str_dir_name/xcatlib.sh
fi
function configipv4(){
str_if_name=$1

8
xCAT/postscripts/configib
View File

@@ -17,10 +17,10 @@
# NETWORKS_LINE2='netname=ib1||net=15.0.1.0||mask=255.255.255.0||mgtifname=||gateway=15.0.1.254||dhcpserver=||tftpserver=||nameservers=||ntpservers=||logservers=||dynamicrange=||staticrange=||staticrangeincrement=||nodehostname=||ddnsdomain=||vlanid=||domain=||disable=||comments='
# NETWORKS_LINE3='netname=ib3||net=15.0.3.0||mask=255.255.255.0||mgtifname=||gateway=||dhcpserver=||tftpserver=||nameservers=||ntpservers=||logservers=||dynamicrange=||staticrange=||staticrangeincrement=||nodehostname=||ddnsdomain=||vlanid=||domain=||disable=||comments='
str_dir_name=`dirname $0`
. $str_dir_name/xcatlib.sh
if [ "$(uname -s|tr 'A-Z' 'a-z')" = "linux" ];then
str_dir_name=`dirname $0`
. $str_dir_name/xcatlib.sh
fi
#This is the number of ports for each ib adpator.
portnum=1

7
xCAT/postscripts/confignics
View File

@@ -13,8 +13,11 @@
#=cut
#-------------------------------------------------------------------------------
str_dir_name=`dirname $0`
. $str_dir_name/xcatlib.sh
if [ "$(uname -s|tr 'A-Z' 'a-z')" = "linux" ];then
str_dir_name=`dirname $0`
. $str_dir_name/xcatlib.sh
fi
#the nics' information contain:
#1. ip address

6
xCAT/postscripts/enablekdump
View File

@@ -4,9 +4,11 @@
#
str_dir_name=`dirname $0`
if [ "$(uname -s|tr 'A-Z' 'a-z')" = "linux" ];then
str_dir_name=`dirname $0`
. $str_dir_name/xcatlib.sh
fi
. $str_dir_name/xcatlib.sh
# create /etc/sysconfig/network-scripts/
pmatch ()

7
xCAT/postscripts/install_puppet_server
View File

@@ -2,9 +2,10 @@
# IBM(c) 2013 EPL license http://www.eclipse.org/legal/epl-v10.html
str_dir_name=`dirname $0`
. $str_dir_name/xcatlib.sh
if [ "$(uname -s|tr 'A-Z' 'a-z')" = "linux" ];then
str_dir_name=`dirname $0`
. $str_dir_name/xcatlib.sh
fi
#-------------------------------------------------------------------------------
#=head1 install_puppet_server

81
xCAT/postscripts/remoteshell
View File

@@ -4,7 +4,7 @@
# This script adds xCAT specific setup to the /etc/ssh/sshd_config and ssh_config file
# It calls getcredentials.awk to get from the xcatmaster ssh host keys from the
# /etc/xcat/hostkeys directory and puts in /etc/ssh on the node the following keys
# ssh_host_dsa_key,ssh_host_rsa_key
# ssh_host_dsa_key,ssh_host_rsa_key, ssh_host_ecdsa_key (if supported)
# It calls getcredentials.awk to get from the xcatmaster root ssh keys from the
# ~/.ssh directory on the xcatmaster and put in ~/.ssh on the node the following keys:
# If site.enablesshbetweennodes is yes
@@ -13,9 +13,10 @@
# if on the Management Node, exit
str_dir_name=`dirname $0`
. $str_dir_name/xcatlib.sh
if [ "$(uname -s|tr 'A-Z' 'a-z')" = "linux" ];then
str_dir_name=`dirname $0`
. $str_dir_name/xcatlib.sh
fi
if [ -e /etc/xCATMN ]; then
logger -t xcat -p local4.info "remoteshell:Running on the Management Node , exiting "
@@ -87,6 +88,7 @@ allowcred.awk &
CREDPID=$!
sleep 1
#download the ssh host dsa private keys
if [ $useflowcontrol = "1" ]; then
#first contact daemon xcatflowrequest <server> 3001
logger -t xCAT -p local4.info "remoteshell: sending xcatflowrequest $master 3001"
@@ -153,6 +155,7 @@ else
fi
rm /tmp/ssh_dsa_hostkey
# download the host rsa key
if [ $useflowcontrol = "1" ]; then
#first contact daemon xcatflowrequest <server> 3001
logger -t xCAT -p local4.info "remoteshell: sending xcatflowrequest $master 3001"
@@ -164,6 +167,7 @@ if [ $useflowcontrol = "1" ]; then
useflowcontrol=0
fi
fi
getcredentials.awk ssh_rsa_hostkey | grep -E -v '</{0,1}xcatresponse>|</{0,1}serverdone>' | sed -e 's/&lt;/</' -e 's/&gt;/>/' -e 's/&amp;/&/' -e 's/&quot/"/' -e "s/&apos;/'/" > /tmp/ssh_rsa_hostkey
#check whether the message is an error or not
@@ -217,6 +221,75 @@ else
fi
rm /tmp/ssh_rsa_hostkey
# if there is a ecdsa host key on the node then download the replacement from the MN/SN
if [ -f /etc/ssh/ssh_host_ecdsa_key ]; then
# download the host ecdsa key
if [ $useflowcontrol = "1" ]; then
#first contact daemon xcatflowrequest <server> 3001
logger -t xCAT -p local4.info "remoteshell: sending xcatflowrequest $master 3001"
/$xcatpost/xcatflowrequest $master 3001
rc=$?
logger -t xCAT -p local4.info "remoteshell:xcatflowrequest return=$rc"
if [ $rc -ne 0 ]; then
logger -t xCAT -p local4.info "remoteshell: error from xcatflowrequest, will not use flow control"
useflowcontrol=0
fi
fi
getcredentials.awk ssh_ecdsa_hostkey | grep -E -v '</{0,1}xcatresponse>|</{0,1}serverdone>' | sed -e 's/&lt;/</' -e 's/&gt;/>/' -e 's/&amp;/&/' -e 's/&quot/"/' -e "s/&apos;/'/" > /tmp/ssh_ecdsa_hostkey
#check whether the message is an error or not
grep -E '<error>' /tmp/ssh_ecdsa_hostkey
if [ $? -ne 0 ]; then
#the message received is the data we request
cat /tmp/ssh_ecdsa_hostkey | grep -E -v '</{0,1}errorcode>|/{0,1}data>|</{0,1}content>|</{0,1}desc>' >/etc/ssh/ssh_host_ecdsa_key
logger -t xCAT -p local4.info ssh_ecdsa_hostkey
MYCONT=`cat /etc/ssh/ssh_host_ecdsa_key`
MAX_RETRIES=10
RETRY=0
while [ -z "$MYCONT" ]; do
# not using flow control , need to sleep
if [ $useflowcontrol = "0" ]; then
let SLI=$RANDOM%10
let SLI=SLI+10
sleep $SLI
fi
RETRY=$(($RETRY+1))
if [ $RETRY -eq $MAX_RETRIES ]
then
break
fi
if [ $useflowcontrol = "1" ]; then
#first contact daemon xcatflowrequest <server> 3001
logger -t xCAT -p local4.info "remoteshell: sending xcatflowrequest $master 3001"
/$xcatpost/xcatflowrequest $master 3001
rc=$?
logger -t xCAT -p local4.info "remoteshell:xcatflowrequest return=$rc"
if [ $rc -ne 0 ]; then
logger -t xCAT -p local4.info "remoteshell: error from xcatflowrequest, will not use flow control"
useflowcontrol=0
fi
fi
getcredentials.awk ssh_ecdsa_hostkey | grep -v '<'|sed -e 's/&lt;/</' -e 's/&gt;/>/' -e 's/&amp;/&/' -e 's/&quot/"/' -e "s/&apos;/'/" > /etc/ssh/ssh_host_ecdsa_key
MYCONT=`cat /etc/ssh/ssh_host_ecdsa_key`
done
chmod 600 /etc/ssh/ssh_host_ecdsa_key
if ! grep "PRIVATE KEY" /etc/ssh/ssh_host_ecdsa_key > /dev/null 2>&1 ; then
rm /etc/ssh/ssh_host_ecdsa_key
else
ssh-keygen -y -f /etc/ssh/ssh_host_ecdsa_key > /etc/ssh/ssh_host_ecdsa_key.pub
chmod 644 /etc/ssh/ssh_host_ecdsa_key.pub
chown root /etc/ssh/ssh_host_ecdsa_key.pub
fi
else
#This is an error message
ERR_MSG=`sed -n 's%.*<error>\(.*\)</error>.*%\1%p' /tmp/ssh_ecdsa_hostkey`
logger -t xCAT -p local4.err Error: $ERR_MSG
fi
rm /tmp/ssh_ecdsa_hostkey
fi
if [[ $NTYPE = service ]]; then
mkdir -p /etc/xcat/hostkeys
cp /etc/ssh/ssh* /etc/xcat/hostkeys/.

7
xCAT/postscripts/routeop
View File

@@ -23,8 +23,11 @@
#=cut
#-------------------------------------------------------------------------------
str_dir_name=`dirname $0`
. $str_dir_name/xcatlib.sh
if [ "$(uname -s|tr 'A-Z' 'a-z')" = "linux" ];then
str_dir_name=`dirname $0`
. $str_dir_name/xcatlib.sh
fi
op=$1

6
xCAT/postscripts/setupesx
View File

@@ -2,9 +2,11 @@
# example on how to set up ESX. We setup ssh and also add a basic
# VLAN configuration
str_dir_name=`dirname $0`
. $str_dir_name/xcatlib.sh
if [ "$(uname -s|tr 'A-Z' 'a-z')" = "linux" ];then
str_dir_name=`dirname $0`
. $str_dir_name/xcatlib.sh
fi
logger -t xcat -p local4.info setupesx
# Enable SSH access to root and exchange keys

6
xCAT/postscripts/setupntp
View File

@@ -7,9 +7,11 @@
#---------------------------------------------------------------------------
str_dir_name=`dirname $0`
. $str_dir_name/xcatlib.sh
if [ "$(uname -s|tr 'A-Z' 'a-z')" = "linux" ];then
str_dir_name=`dirname $0`
. $str_dir_name/xcatlib.sh
fi
# if on the Management Node, exit
if [ -e /etc/xCATMN ]; then

7
xCAT/postscripts/sudoer
View File

@@ -8,10 +8,11 @@
#------------------------------------------------------------------------------
str_dir_name=`dirname $0`
. $str_dir_name/xcatlib.sh
if [ "$(uname -s|tr 'A-Z' 'a-z')" = "linux" ];then
str_dir_name=`dirname $0`
. $str_dir_name/xcatlib.sh
fi
# Configuration for the sudoer
SUDOER="xcat"

8
xCAT/postscripts/syslog
View File

@@ -14,10 +14,10 @@
#=cut
#-------------------------------------------------------------------------------
str_dir_name=`dirname $0`
. $str_dir_name/xcatlib.sh
if [ "$(uname -s|tr 'A-Z' 'a-z')" = "linux" ];then
str_dir_name=`dirname $0`
. $str_dir_name/xcatlib.sh
fi
master=$MASTER
conf_file="/etc/syslog.conf"