xCAT/confluent
2
0
Fork 0
mirror of https://github.com/xcat2/confluent.git synced 2025-01-17 13:13:18 +00:00
Code Issues Projects Releases Wiki Activity
2,314 Commits 39 Branches 65 Tags
Commit Graph

201 Commits

Author SHA1 Message Date
Jarrod Johnson
201985dd0e Fix missing argument to rpc_set_user 
Requests were unable to traverse
a collective.
 2020-02-05 14:55:51 -05:00
Jarrod Johnson
1aee19997a Carry errors across msgpack 
Messages that were formerly carried
as pickled exceptions are now sent
as generic strings over msgpack.
 2020-02-04 10:16:48 -05:00
Jarrod Johnson
4be4100014 Fix configmanager msgpack 
msgpack method had some regressions.  For one, python2 strings
became bytes on mixed collective, fix by using raw=False on the
receiver.

Additionally, del_nodes tends to use sets, and that's not viable for
msgpack.  Guard against that.
 2020-01-29 09:24:57 -05:00
Jarrod Johnson
445950d02a Roll back library level force of role 
Doing collective and config restore breaks.  The API
will still prevent implicit role assumption.
 2020-01-28 10:05:04 -05:00
Jarrod Johnson
cf72cf2d8c Require role explicitly on user/group creation 
Rather than default to administrator, require
the user to explicitly set the role to administrator.
 2020-01-27 16:12:03 -05:00
Jarrod Johnson
0652a7321b Apply whitelist to rpc functions in configmanager 2020-01-27 15:59:22 -05:00
Jarrod Johnson
4c8ba92856 Change configuration sync to use msgpack 
This removes use of pickle for config sync over network.
 2020-01-27 15:53:29 -05:00
Jarrod Johnson
30398fc434 More explicit follower health checking 
Be more careful about collective member health assessment,
explicitly closing a follower when it has failure and prefacing
collective commands with a check prior to performing the actual
changes.
 2019-11-11 10:49:25 -05:00
Jarrod Johnson
4b6899d4af Mark node as 'dirty' if it's group is removed 
Group removal would end up with the on-disk copy not reflecting
the node membership, even though in-memory copy is fine.
Fix by adding the missing dirty mark to the entry.
 2019-11-04 13:43:29 -05:00
Jarrod Johnson
a967c224fe Add TSMSOL plugin 
This enables ipmi-free access to TSM SOL console
 2019-10-29 15:20:40 -04:00
Jarrod Johnson
c0b69f64b8 Error when noderange tries to use secret 
secret. cannot be used in expressions, provide
an error in such a case.
 2019-10-24 12:04:47 -04:00
Jarrod Johnson
ceced11ae8 Fix python3 compatibility issue 2019-10-14 16:28:32 -04:00
Jarrod Johnson
62084b3605 More fixes for python3/2 compatibility 2019-10-14 15:22:44 -04:00
Jarrod Johnson
fc626d36ba Fix greenlet 'isAlive' 
There is no 'isAlive' in a greenlet.
 2019-10-14 13:59:24 -04:00
Jarrod Johnson
606a308046 Fix quorum notification in mixed 2/3 collective 2019-10-14 10:33:13 -04:00
Jarrod Johnson
e008932389 Fix python3 collective leader 
rpc needs to be fully binary
 2019-10-11 11:11:27 -04:00
Jarrod Johnson
8cab591a8b Add collective member deletion 
This allows deletion of a dead member, down to deleting down to non-collective
mode.
 2019-10-10 11:30:03 -04:00
Jarrod Johnson
6ce6740b77 Provide deletion of collective member 2019-10-10 08:50:42 -04:00
Jarrod Johnson
8a4a219a14 Fix two more python2 string behavior 
In python3, bytes[n] is an int, but not in python2.

Sidestep by doing bytearray() for both, which is consistent
between the two.
 2019-10-09 15:06:23 -04:00
Jarrod Johnson
0edd1efe0d Fix python3 dump_keys 
When doing format on base64
output, it must be explicitly
coerced into native string
format.
 2019-10-08 13:21:34 -04:00
Jarrod Johnson
8e87f5b9e5 Fix python3 issue with base64 and str 2019-10-08 11:20:27 -04:00
Jarrod Johnson
0633b2ca67 Fix syntax error in code 2019-10-08 10:59:44 -04:00
Jarrod Johnson
c1953bdad3 Another set of python 3 compatibility 
Numerous issues arose, particularly
when participating in a mixed
collective.
 2019-10-08 10:45:43 -04:00
Jarrod Johnson
8fc3b7c9c0 Implement cross-python collective compat 
This enables cross-version compatibility
for a collective.
 2019-10-07 15:41:38 -04:00
Jarrod Johnson
521be5d44d Further Python3 compatibility changes 
With this as well as eficompressor and pyghmi updates, things
seem to be in roughly working order
 2019-10-03 15:57:56 -04:00
Jarrod Johnson
6fb82bbbad Further Python3 compatibility changes 2019-10-02 11:29:13 -04:00
Jarrod Johnson
90e546bcac Implement a number of py3 compatible adjustments 2019-10-02 08:58:39 -04:00
Jarrod Johnson
46e2f53018 Always use GCM on encrypt 
Continue to support read using the old scheme, but even when
an integrity key is available, only use it to aid in decrypting
classic format, and always write in new format.
 2019-07-17 08:51:06 -04:00
Jarrod Johnson
cf51928b3d Implement GCM and close gap in the HMAC 
When generating key material from scratch, skip HMAC and
activate GCM mode.

When using existing CBC/HMAC keys, start covering the IV value
in the HMAC.  For compatibility, HMAC validity is checked with
and without IV.
 2019-07-16 18:32:23 -04:00
Jarrod Johnson
2e6029bd2c Add a location.height attribute 
This permits user to specify height for either unsupported systems
or to speed up the rackview drawing.
 2019-06-28 09:30:53 -04:00
Jarrod Johnson
a6809aae98 Add Monitor role 
Add a monitor role that is only viable for monitoring relevant
tasks.
 2019-05-02 10:04:40 -04:00
Jarrod Johnson
4d5bfb13bf Add support for Operator role 
Support a reduced privilege user that can still perform
most operations, but cannot modify, delete, or add
users/groups to confluent or to BMCs.
 2019-05-01 16:57:15 -04:00
Jarrod Johnson
8fbd99cf5c Fix misakes in usergroups 
Deletion was incorrect and restore from json did not work.
 2019-04-30 16:18:12 -04:00
Jarrod Johnson
31f2161b57 Add user groups to confluent 
This allows a system/ldap group to be used instead of directly
specifying individual authorized users.
 2019-04-30 14:55:54 -04:00
Jarrod Johnson
0e2e6267cd Add ability for noderange to wildcard attrib names 
Useful for net.*attribs to search when nic is unknown.
 2019-03-07 15:19:17 -05:00
Jarrod Johnson
4446308030 Add ability to rename nodegroups 
If we can rename nodes, should be able to rename groups.
 2019-03-01 15:03:43 -05:00
Jarrod Johnson
7703c6c2ab Enable Server Portion of renamae node 
This plumbs up through the messages and attributes plugin.
 2019-03-01 14:37:07 -05:00
Jarrod Johnson
8ce5a7dccf Phase 1 of node rename support 
Provide foundation for node renaming, including
updating groups and inheritance and notifying collection
watchers of the change, and updating the existing watchers
with the new notification fingerprint.
 2019-03-01 13:21:57 -05:00
Jarrod Johnson
23c9e6315a Update node collection handlers for renamed 
Rename support will provide a map of old to new name.  Have the
existing node collection watchers accept a new argument.
 2019-02-28 15:57:35 -05:00
Jarrod Johnson
2bbf4b9e98 Implement direct add switches 
Allow addition of switches without associated
nodes.  This allows populating mac database
without requiring associated nodes.
 2019-02-28 12:59:41 -05:00
Jarrod Johnson
938a6e44df Add checking for noderange conflict 
A confluent nodegroup may either be a normal static one, which
can be used for attribute inheritence, or a dynamic one, which
cannot be used with static list or static attributes.

Warn the user when they try to set that up to make it more obvious
that the dynamic groups can't do what they are trying to do.
 2019-02-25 15:23:54 -05:00
Jarrod Johnson
337ab3b1a0 Merge branch 'master' of github.com:jjohnson42/confluent 2019-01-31 14:29:03 -05:00
Jarrod Johnson
8a5f1c6dc5 Parse string arguments to nodes attributes as noderange 
Since everywhere else accepts noderange, it is a reasonable
expectation for the nodes attribute on nodegroups to also
take a noderange.  Correct this inconsistency.
 2019-01-30 09:55:38 -05:00
Jarrod Johnson
188feec0b4 Repair if transactioncount exists but wrong size 
If filesystem is full, this could be a side effect that would impact
a later start in a collective context.  This mechanism induces repair
from a collective peer.
 2019-01-28 16:20:07 -05:00
Jarrod Johnson
d979d29b0b Implement checking of input attributes 
For attributes that have a well known set of inputs, provide the
data to the messages layer to provide a useful error to the user.
 2019-01-22 16:02:17 -05:00
Jarrod Johnson
2c94a10e23 Add complexity and reuse rules to discovery 
Discovery can now relax two more common policies that have users
wanting to disable them.
 2019-01-17 11:02:05 -05:00
Jarrod Johnson
3012de1fe4 Prioritize deletion of transactioncount 
If the invalidation is incomplete, make sure that transactioncount
is invalidated first to avoid it being able to propogate through
a collective.
 2018-10-11 09:16:57 -04:00
Jarrod Johnson
2d0199a4e9 Wrap bdb deletion in same lock that sync itself uses 
If os.remove happens at a bad time, it causes an unfortunate behavior
in dbm.  Serialize this sort of operation to avoid the bad behavior.
 2018-10-10 15:24:55 -04:00
Jarrod Johnson
6b70a4322a Fix rollback 
The fix for the stale data introduced breaking clear rollback
Restore the behavior and make self._cfgstore a somewhat slower property
for now.
 2018-10-10 15:22:20 -04:00
Jarrod Johnson
6a784e3a1c Ensure sync is complete prior to leaving configmanager sync 
The initialization lock is meant to avoid collective and generic
initialization stepping on each other.  This is somewhat reduced in
efficacy if one has a sync running while the other is changing relevant
data.
 2018-10-10 14:49:33 -04:00