From d6b7c536d53984b714e7278c685cdfa837a55bdb Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Thu, 17 May 2018 14:20:59 -0400 Subject: [PATCH 1/4] Fix discovery of old SMM firmware Older SMM firmware will not have neighbor data, ignore and move on in such a case. --- confluent_server/confluent/discovery/core.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/confluent_server/confluent/discovery/core.py b/confluent_server/confluent/discovery/core.py index 1cc31a9c..defb761a 100644 --- a/confluent_server/confluent/discovery/core.py +++ b/confluent_server/confluent/discovery/core.py @@ -741,6 +741,8 @@ def get_smm_neighbor_fingerprints(smmaddr, cv): smmaddr = '[{0}]'.format(smmaddr) wc = webclient.SecureHTTPConnection(smmaddr, verifycallback=cv) neighs = wc.grab_json_response('/scripts/neighdata.json') + if not neighs: + return for idx in (4, 5): if 'sha256' not in neighs[idx]: continue From 5dddae0ebf4dedc91e1452420005b1ecae418ba9 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Thu, 17 May 2018 14:40:19 -0400 Subject: [PATCH 2/4] Cleaner handling of invalid names in restore attempt Detect problems ahead af time and more cleanly print a message. --- confluent_server/bin/confluentdbutil | 6 +++++- confluent_server/confluent/config/configmanager.py | 7 +++++++ 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/confluent_server/bin/confluentdbutil b/confluent_server/bin/confluentdbutil index e5acb419..cce5a371 100755 --- a/confluent_server/bin/confluentdbutil +++ b/confluent_server/bin/confluentdbutil @@ -51,7 +51,11 @@ if args[0] == 'restore': if pid is not None: print("Confluent is running, must shut down to restore db") sys.exit(1) - cfm.restore_db_from_directory(dumpdir, options.password) + try: + cfm.restore_db_from_directory(dumpdir, options.password) + except Exception as e: + print(str(e)) + sys.exit(1) elif args[0] == 'dump': if options.password is None and not (options.unprotected or options.redact): print("Must indicate a password to protect or -u to opt opt of " diff --git a/confluent_server/confluent/config/configmanager.py b/confluent_server/confluent/config/configmanager.py index 9d2087af..deac7284 100644 --- a/confluent_server/confluent/config/configmanager.py +++ b/confluent_server/confluent/config/configmanager.py @@ -1415,6 +1415,13 @@ class ConfigManager(object): tmpconfig[confarea] = {} for element in dumpdata[confarea]: newelement = copy.deepcopy(dumpdata[confarea][element]) + try: + noderange._parser.parseString( + '({0})'.format(element)).asList() + except noderange.pp.ParseException as pe: + raise ValueError( + '"{0}" is not a supported name, it must be renamed or ' + 'removed from backup to restore'.format(element)) for attribute in dumpdata[confarea][element]: if newelement[attribute] == '*REDACTED*': raise Exception( From 232140899e974a018d6d96931674b99d52c3b1c0 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Thu, 17 May 2018 15:35:52 -0400 Subject: [PATCH 3/4] Sample script for mac to ipv6 translation Useful for some generic applications where nodediscover does not have full support, but must be used with care as it doesn't guarantee the mac address is what we expect it to be. --- .../samples/nodeattrib_from_switch.py | 35 +++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 confluent_client/samples/nodeattrib_from_switch.py diff --git a/confluent_client/samples/nodeattrib_from_switch.py b/confluent_client/samples/nodeattrib_from_switch.py new file mode 100644 index 00000000..1e38d269 --- /dev/null +++ b/confluent_client/samples/nodeattrib_from_switch.py @@ -0,0 +1,35 @@ +#!/usr/bin/env python + +# This is a sample python script for going through all observed mac addresses +# and assuming they are BMC related and printing nodeattrib commands +# for each node to access the bmc using the interface specified on the command +# line + +# Not necessarily as useful if there may be mistakes in the +# net.switch/net.switchport attributes, but a handy utility in a pinch when +# you really know + + +import confluent.client as cl +import socket +import struct +c = cl.Command() +macs = [] +interface = sys.argv[1] +for mac in c.read('/networking/macs/by-mac/'): + macs.append(mac['item']['href']) +for mac in macs: + macinfo = list(c.read('/networking/macs/by-mac/{0}'.format(mac)))[0] + if 'possiblenode' in macinfo and macinfo['possiblenode']: + if macinfo['macsonport'] > 1: + print('Ambiguous set of macs on port for ' + macinfo[ + 'possiblenode']) + prefix = int(mac.replace('-', '')[:6], 16) ^ 0b100000000000000000 + prefix = prefix << 8 + prefix |= 0xff + suffix = int(mac.replace('-', '')[6:], 16) + suffix |= 0xfe000000 + rawn = struct.pack('!QLL', 0xfe80000000000000, prefix, suffix) + bmc = socket.inet_ntop(socket.AF_INET6, rawn) + print('nodeattrib {0} bmc={1}%{2}'.format(macinfo['possiblenode'], + bmc, interface)) From 9826235d4d5166da090af3dc130c3be28c3a98ed Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Thu, 17 May 2018 15:40:20 -0400 Subject: [PATCH 4/4] Update warning to be commented out, just in case.. --- confluent_client/samples/nodeattrib_from_switch.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/confluent_client/samples/nodeattrib_from_switch.py b/confluent_client/samples/nodeattrib_from_switch.py index 1e38d269..b8e88ec3 100644 --- a/confluent_client/samples/nodeattrib_from_switch.py +++ b/confluent_client/samples/nodeattrib_from_switch.py @@ -22,7 +22,7 @@ for mac in macs: macinfo = list(c.read('/networking/macs/by-mac/{0}'.format(mac)))[0] if 'possiblenode' in macinfo and macinfo['possiblenode']: if macinfo['macsonport'] > 1: - print('Ambiguous set of macs on port for ' + macinfo[ + print('#Ambiguous set of macs on port for ' + macinfo[ 'possiblenode']) prefix = int(mac.replace('-', '')[:6], 16) ^ 0b100000000000000000 prefix = prefix << 8