mirror of
https://github.com/xcat2/confluent.git
synced 2024-12-25 12:41:39 +00:00
Implement registration and retrieval
Remote discovery can now be registered by switches.
This commit is contained in:
parent
480849640e
commit
0dc7b532cc
@ -57,12 +57,15 @@ def print_disco(options, session, currmac, outhandler, columns):
|
||||
|
||||
procinfo.update(tmpinfo)
|
||||
if 'Switch' in columns or 'Port' in columns:
|
||||
for tmpinfo in session.read(
|
||||
'/networking/macs/by-mac/{0}'.format(currmac)):
|
||||
if 'ports' in tmpinfo:
|
||||
# The api sorts so that the most specific available value
|
||||
# is last
|
||||
procinfo.update(tmpinfo['ports'][-1])
|
||||
if 'switch' in procinfo:
|
||||
procinfo['port'] = procinfo['switchport']
|
||||
else:
|
||||
for tmpinfo in session.read(
|
||||
'/networking/macs/by-mac/{0}'.format(currmac)):
|
||||
if 'ports' in tmpinfo:
|
||||
# The api sorts so that the most specific available value
|
||||
# is last
|
||||
procinfo.update(tmpinfo['ports'][-1])
|
||||
record = []
|
||||
for col in columns:
|
||||
rawcol = columnmapping[col]
|
||||
|
@ -217,7 +217,12 @@ def send_discovery_datum(info):
|
||||
if info['handler'] == pxeh:
|
||||
enrich_pxe_info(info)
|
||||
yield msg.KeyValueData({'nodename': info.get('nodename', '')})
|
||||
yield msg.KeyValueData({'ipaddrs': [_printable_ip(x) for x in addresses]})
|
||||
if not info.get('forwarder_server', None):
|
||||
yield msg.KeyValueData({'ipaddrs': [_printable_ip(x) for x in addresses]})
|
||||
switch = info.get('forwarder_server', None)
|
||||
if switch:
|
||||
yield msg.KeyValueData({'switch': switch})
|
||||
yield msg.KeyValueData({'switchport': info['port']})
|
||||
sn = info.get('serialnumber', '')
|
||||
mn = info.get('modelnumber', '')
|
||||
uuid = info.get('uuid', '')
|
||||
@ -690,6 +695,8 @@ def detected(info):
|
||||
info['otheraddresses'] = set([])
|
||||
for i4addr in info.get('attributes', {}).get('ipv4-address', []):
|
||||
info['otheraddresses'].add(i4addr)
|
||||
for i4addr in info.get('attributes', {}).get('ipv4-addresses', []):
|
||||
info['otheraddresses'].add(i4addr)
|
||||
if handler and handler.https_supported and not handler.https_cert:
|
||||
if handler.cert_fail_reason == 'unreachable':
|
||||
log.log(
|
||||
|
@ -41,7 +41,6 @@ class NodeHandler(object):
|
||||
if info.get('forwarder_url', False):
|
||||
self.relay_url = info['forwarder_url']
|
||||
self.relay_server = info['forwarder_server']
|
||||
self.relay_token = info['forwarder_token']
|
||||
return
|
||||
# first let us prefer LLA if possible, since that's most stable
|
||||
for sa in info['addresses']:
|
||||
@ -144,7 +143,7 @@ class NodeHandler(object):
|
||||
relaycreds = self.configmanager.get_node_attributes(self.relay_server, 'secret.*', decrypt=True)
|
||||
relaycreds = relaycreds.get(self.relay_server, {})
|
||||
relayuser = relaycreds.get('secret.hardwaremanagementuser', {}).get('value', None)
|
||||
relaypass = relaycreds.get('secret.hardwaremanegementpassword', {}).get('value', None)
|
||||
relaypass = relaycreds.get('secret.hardwaremanagementpassword', {}).get('value', None)
|
||||
if not relayuser or not relaypass:
|
||||
raise Exception('No credentials for {0}'.format(self.relay_server))
|
||||
w.set_basic_credentials(relayuser, relaypass)
|
||||
|
@ -382,10 +382,12 @@ def _find_service(service, target):
|
||||
if pi is not None:
|
||||
yield pi
|
||||
|
||||
def check_fish(urldata):
|
||||
def check_fish(urldata, port=443, verifycallback=None):
|
||||
if not verifycallback:
|
||||
verifycallback = lambda x: True
|
||||
url, data = urldata
|
||||
try:
|
||||
wc = webclient.SecureHTTPConnection(_get_svrip(data), 443, verifycallback=lambda x: True)
|
||||
wc = webclient.SecureHTTPConnection(_get_svrip(data), port, verifycallback=verifycallback)
|
||||
peerinfo = wc.grab_json_response(url)
|
||||
except socket.error:
|
||||
return None
|
||||
|
@ -19,6 +19,10 @@ import json
|
||||
import os
|
||||
import time
|
||||
import yaml
|
||||
import confluent.discovery.protocols.ssdp as ssdp
|
||||
import eventlet
|
||||
webclient = eventlet.import_patched('pyghmi.util.webclient')
|
||||
|
||||
|
||||
currtz = None
|
||||
keymap = 'us'
|
||||
@ -154,10 +158,36 @@ def handle_request(env, start_response):
|
||||
reqbody = env['wsgi.input'].read(int(env['CONTENT_LENGTH']))
|
||||
if env['PATH_INFO'] == '/self/register_discovered':
|
||||
rb = json.loads(reqbody)
|
||||
addrs = rb.get('addresses', [])
|
||||
rb['addresses'] = []
|
||||
for addr in addrs:
|
||||
rb['addresses'].append(tuple(addr))
|
||||
if not rb.get('path', None):
|
||||
start_response('400 Bad Requst', [])
|
||||
yield 'Missing Path'
|
||||
return
|
||||
targurl = '/hubble/systems/by-port/{0}/webaccess'.format(rb['path'])
|
||||
tlsverifier = util.TLSCertVerifier(cfg, nodename, 'pubkeys.tls_hardwaremanager')
|
||||
wc = webclient.SecureHTTPConnection(nodename, 443, verifycallback=tlsverifier.verify_cert)
|
||||
relaycreds = cfg.get_node_attributes(nodename, 'secret.*', decrypt=True)
|
||||
relaycreds = relaycreds.get(nodename, {})
|
||||
relayuser = relaycreds.get('secret.hardwaremanagementuser', {}).get('value', None)
|
||||
relaypass = relaycreds.get('secret.hardwaremanagementpassword', {}).get('value', None)
|
||||
if not relayuser or not relaypass:
|
||||
raise Exception('No credentials for {0}'.format(nodename))
|
||||
wc.set_basic_credentials(relayuser, relaypass)
|
||||
wc.request('GET', targurl)
|
||||
rsp = wc.getresponse()
|
||||
_ = rsp.read()
|
||||
if rsp.status == 302:
|
||||
newurl = rsp.headers['Location']
|
||||
newhost, newport = newurl.replace('https://', '').split('/')[0].split(':')
|
||||
def verify_cert(certificate):
|
||||
hashval = base64.b64decode(rb['fingerprint'])
|
||||
if len(hashval) == 48:
|
||||
return hashlib.sha384(certificate).digest() == hashval
|
||||
raise Exception('Certificate validation failed')
|
||||
rb['addresses'] = [(newhost, newport)]
|
||||
rb['forwarder_url'] = targurl
|
||||
rb['forwarder_server'] = nodename
|
||||
rb['']
|
||||
ssdp.check_fish(('/DeviceDescription.json', rb), newport, verify_cert)
|
||||
disco.detected(rb)
|
||||
start_response('200 OK', [])
|
||||
yield 'Registered'
|
||||
|
Loading…
Reference in New Issue
Block a user