xCAT/confluent
2
0
Fork 0
mirror of https://github.com/xcat2/confluent.git synced 2025-03-12 15:16:54 +00:00
Code Issues Projects Releases Wiki Activity

Revise ESXi routed deployment

Browse Source 
-Have apiclient set timeout on getting credential to avoid hang
-Change dcuiweasel to start shell earlier for better debug
-Do not expire the ident token if deployment is armed continuous anyway
This commit is contained in:
Jarrod Johnson 2022-08-19 16:06:46 -04:00
parent a445107c7f
commit 801e43936c
3 changed files with 10 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
confluent_osdeploy/common/initramfs/opt/confluent/bin/apiclient
View File

@ -159,6 +159,7 @@ def get_net_apikey(nodename, mgr):
else:
cliaddr = ('::', 302)
clisock.bind(cliaddr)
clisock.settimeout(1)
clisock.connect(addrinfo[-1])
rsp = clisock.recv(8)
if rsp != b'\xc2\xd1-\xa8\x80\xd8j\xba':

14
confluent_osdeploy/esxi7/initramfs/bin/dcuiweasel
View File

@ -1,5 +1,11 @@
#!/bin/sh
# copernicus is hard coded, easier to script a fake sysfs
if [ ! -f /var/run/vmware/show-esx-shell-login ]; then
chvt 1
sleep 1
chvt 2
/etc/init.d/ESXShell start
fi
uuid=$(vsish -e get /hardware/bios/dmiInfo|grep -A15 UUID|sed -e 's/.*://'|sed -e ':a;N;$!ba;s/\n//g' | sed -e 's/ *0x//g')
uuid=${uuid:0:8}-${uuid:8:4}-${uuid:12:4}-${uuid:16:4}-${uuid:20:12}
mkdir -p /sys/devices/virtual/dmi/id/
@ -55,7 +61,9 @@ if [ -e /tmp/confluentident/cnflnt.yml ]; then
hmacfile=$(mktemp)
ln -s /opt/confluent/bin/clortho /opt/confluent/bin/genpasshmac
/opt/confluent/bin/genpasshmac $passfile $passcrypt $hmacfile $hmackeyfile
echo -n 'Registering new API key with deployment server: '
/opt/confluent/bin/apiclient -p $hmacfile /confluent-api/self/registerapikey $passcrypt
echo
cp $passfile /etc/confluent/confluent.apikey
fi
while ! grep NODENAME /etc/confluent/confluent.info; do
@ -84,12 +92,6 @@ if [ -z "$APIKEY" ]; then
APIKEY=$(cat /etc/confluent/confluent.apikey)
fi
while [ -z "$APIKEY" ]; do
if [ ! -f /var/run/vmware/show-esx-shell-login ]; then
chvt 1
sleep 1
chvt 2
/etc/init.d/ESXShell start
fi
echo "Deployment server failed to grant node deployment token, retrying token retrieval"
echo "A debug session has been made available on Alt-F1"
(/clortho $node $mgr || /opt/confluent/bin/clortho $node $mgr) > /etc/confluent/confluent.apikey

2
confluent_server/confluent/credserver.py
View File

@ -108,7 +108,7 @@ class CredServer(object):
client.close()
return
cfgupdate = {nodename: {'crypted.selfapikey': {'hashvalue': echotoken}, 'deployment.sealedapikey': '', 'deployment.apiarmed': ''}}
if hmackey:
if hmackey and apiarmed != 'continuous':
self.cfm.clear_node_attributes([nodename], ['secret.selfapiarmtoken'])
if apiarmed == 'continuous':
del cfgupdate[nodename]['deployment.apiarmed']