mirror of
				https://github.com/xcat2/confluent.git
				synced 2025-10-26 00:45:43 +00:00 
			
		
		
		
	Revise ESXi routed deployment
-Have apiclient set timeout on getting credential to avoid hang -Change dcuiweasel to start shell earlier for better debug -Do not expire the ident token if deployment is armed continuous anyway
This commit is contained in:
		| @@ -159,6 +159,7 @@ def get_net_apikey(nodename, mgr): | ||||
|             else: | ||||
|                 cliaddr = ('::', 302) | ||||
|             clisock.bind(cliaddr) | ||||
|             clisock.settimeout(1) | ||||
|             clisock.connect(addrinfo[-1]) | ||||
|             rsp = clisock.recv(8) | ||||
|             if rsp != b'\xc2\xd1-\xa8\x80\xd8j\xba': | ||||
|   | ||||
| @@ -1,5 +1,11 @@ | ||||
| #!/bin/sh | ||||
| # copernicus is hard coded, easier to script a fake sysfs | ||||
| if [ ! -f /var/run/vmware/show-esx-shell-login ]; then | ||||
|     chvt 1 | ||||
|     sleep 1 | ||||
|     chvt 2 | ||||
|     /etc/init.d/ESXShell start | ||||
| fi | ||||
| uuid=$(vsish -e get /hardware/bios/dmiInfo|grep -A15 UUID|sed -e 's/.*://'|sed -e ':a;N;$!ba;s/\n//g' | sed -e 's/ *0x//g') | ||||
| uuid=${uuid:0:8}-${uuid:8:4}-${uuid:12:4}-${uuid:16:4}-${uuid:20:12} | ||||
| mkdir -p /sys/devices/virtual/dmi/id/ | ||||
| @@ -55,7 +61,9 @@ if [ -e /tmp/confluentident/cnflnt.yml ]; then | ||||
|     hmacfile=$(mktemp) | ||||
|     ln -s /opt/confluent/bin/clortho /opt/confluent/bin/genpasshmac | ||||
|     /opt/confluent/bin/genpasshmac $passfile $passcrypt $hmacfile $hmackeyfile | ||||
|     echo -n 'Registering new API key with deployment server: ' | ||||
|     /opt/confluent/bin/apiclient -p $hmacfile /confluent-api/self/registerapikey $passcrypt | ||||
|     echo | ||||
|     cp $passfile /etc/confluent/confluent.apikey | ||||
| fi | ||||
| while ! grep NODENAME /etc/confluent/confluent.info; do | ||||
| @@ -84,12 +92,6 @@ if [ -z "$APIKEY" ]; then | ||||
|     APIKEY=$(cat /etc/confluent/confluent.apikey) | ||||
| fi | ||||
| while [ -z "$APIKEY" ]; do | ||||
|     if [ ! -f /var/run/vmware/show-esx-shell-login ]; then | ||||
|         chvt 1 | ||||
|         sleep 1 | ||||
|         chvt 2 | ||||
|         /etc/init.d/ESXShell start | ||||
|     fi | ||||
|     echo "Deployment server failed to grant node deployment token, retrying token retrieval" | ||||
|     echo "A debug session has been made available on Alt-F1" | ||||
|     (/clortho $node $mgr || /opt/confluent/bin/clortho $node $mgr) > /etc/confluent/confluent.apikey | ||||
|   | ||||
| @@ -108,7 +108,7 @@ class CredServer(object): | ||||
|                     client.close() | ||||
|                     return | ||||
|             cfgupdate = {nodename: {'crypted.selfapikey': {'hashvalue': echotoken}, 'deployment.sealedapikey': '', 'deployment.apiarmed': ''}} | ||||
|             if hmackey: | ||||
|             if hmackey and apiarmed != 'continuous': | ||||
|                 self.cfm.clear_node_attributes([nodename], ['secret.selfapiarmtoken']) | ||||
|             if apiarmed == 'continuous': | ||||
|                 del cfgupdate[nodename]['deployment.apiarmed'] | ||||
|   | ||||
		Reference in New Issue
	
	Block a user