xCAT/confluent
2
0
Fork 0
mirror of https://github.com/xcat2/confluent.git synced 2025-01-16 12:47:50 +00:00
Code Issues Projects Releases Wiki Activity
2,396 Commits 39 Branches 64 Tags
Commit Graph

2396 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jarrod Johnson
16209bc3d6 Merge branch 'master' into osdeploy 2020-03-26 14:11:03 -04:00
Jarrod Johnson
f6c44922f8 Add support for forced password change 
ThinkAgile CP storage BMC firmware now requires
a password change be navigated prior to operation.
 2020-03-26 14:10:17 -04:00
Jarrod Johnson
41aa9e1cd2 Optimize chown 
chown does not need to be called recursively every update/install.
 2020-03-24 18:08:34 -04:00
Jarrod Johnson
0c96882fda Restore Python 3 compatibility for pxe 
The changes accidentally broke python 3, make a
bytes explicit to fix.
 2020-03-24 17:54:07 -04:00
Jarrod Johnson
00681489c7 Add python2 compatibility to pxe 
Various facets of pxe.py were python3-only,
make it compatible with python2 for now.
 2020-03-24 17:26:39 -04:00
Jarrod Johnson
8c2336b8fa Implemennt static when no DHCP 
This permits an offer for a nominally static
node, unless it either doesn't map to an IP or
has dhcp method explicitly declared.
 2020-03-24 15:09:28 -04:00
Jarrod Johnson
a1bb603570 Fix multinet support and prefix 2020-03-24 10:31:19 -04:00
Jarrod Johnson
96cbfa5568 Prepare get_nic_config for servicing pxe 
Ability to retrieve node network information according to context
of interface index that receives the packet.
 2020-03-23 17:18:17 -04:00
Jarrod Johnson
f0e5572b05 Remove filename from DHCP reply 
filename is ignored if pxeclient anyway.  This will provide a
consistent approach for boot file for dhcp-elsewhere and
fixed ip clients alike.

Also add some TODO about how to enable DHCPREQUEST
processing when the time comes, as today the code skipping
option parsing for DISCOVER packets trips up the ability
to continue.  We must make sure we don't call discovery
handler again for REQUEST after doing so for DISCOVER.
 2020-03-20 17:57:04 -04:00
Jarrod Johnson
895216d94f Setting PXEClient in option 60 
This trigges the proxyDHCP sequence to follow up.
 2020-03-20 17:40:29 -04:00
Jarrod Johnson
1c7c897267 Add option 97 (UUID) to OFFER 
Per PXE specification, this is among the required fields.
 2020-03-20 17:23:33 -04:00
Jarrod Johnson
20a26e6fdb Implement the UDP checksum 
As long as we are doing UDP and IP in house, might as well do the
optional UDP checksum.
 2020-03-20 16:55:20 -04:00
Jarrod Johnson
433f67730c Add RAW capability to the service 
This is required for the new PXE support
 2020-03-20 14:59:30 -04:00
Jarrod Johnson
fcd73399fa Add IP and UDP header to OFFER attempt 
It d oesn't quite work, but it looks convincing.  UDP checksum may
need to be added, and beyond that explore changes to the payload since
it is likely not enough DHCP was provided.
 2020-03-19 18:39:32 -04:00
Jarrod Johnson
b7d85b2166 Switch to ctypes for sendto 
First, IP level sendto doesn't give the freedom to send 25.255.255.255
out of the interface desired.  So have to go link layer.

Second, while python can do sendto, we have the interface index number
from recvmsg (which was ctypes).  python expects the name instead
(wwhich it promptly turns... back into the index we start with).  I
could have added code to get the name using some syscalls which would
have been work and produced more system calls, or added the code to
directly use sendto, which would also be efficient at runtime.

So I chose to use ctypes for both recvmsg and sendto here.
 2020-03-19 16:20:47 -04:00
Jarrod Johnson
22de1153c2 Continue draft of PXE support 
It is able to vaguely construct a DHCPOFFER now, though it doesn't go
the right way for starters.
 2020-03-18 17:12:26 -04:00
Jarrod Johnson
e0223706b0 Add a sample CentOS/RH handler snippet 
Begin work to prepare profiles for booting.
 2020-03-16 18:03:07 -04:00
Jarrod Johnson
451ff6b5a3 Fix geometry in dir2img 
The geometry was incorrect in dir2img, ensure the file is
a multiple of 512 bytes.
 2020-03-16 14:47:21 -04:00
Jarrod Johnson
b3c49c532c Rewrite dir2img in python 
It is a good measure to prep for more heavy usage in
OS deployment.

While changes were being made anyway, also cut time to make
an image in half.
 2020-03-16 12:52:18 -04:00
Jarrod Johnson
8fb206b1f7 Fix cert util on pythoen3 
python 3 had bytes and not str and need to be
decoded before string operations.
 2020-03-16 09:27:34 -04:00
Jarrod Johnson
1bf7c6970f Merge branch 'master' into osdeploy 2020-03-13 11:06:26 -04:00
Jarrod Johnson
a86d962984 Fix missing pwd import 
The pwd module was accidentally omitted, fix the mistake.
 2020-03-13 11:04:16 -04:00
Jarrod Johnson
6ade0952c7 Workaround incorrect TLS clients 
Standards compliant TLS clients require
that IP addresses be compared against
IP type SAN fields.

However, some firmware ignores IP fields and only checks DNS fields.

Workaround and provide compatibility
by duplicating the IP as DNS and IP fields.

Also, clean up the temporary config file when done.
 2020-03-12 19:06:05 -04:00
Jarrod Johnson
517101f596 Reduce spurious logging 
When ignoring DHCPREQUEST,
do not log, since DISCOVER
was enough logging.
 2020-03-12 18:08:48 -04:00
Jarrod Johnson
1bfc949466 Add message when insecure is needed 
Practically speaking, this will be only choice for most people, but we
must make sure that the user acknowledges the risk.
 2020-03-12 17:42:56 -04:00
Jarrod Johnson
e97214ca50 Merge branch 'master' into osdeploy 2020-03-12 16:05:08 -04:00
Jarrod Johnson
9ee29aabe1 Set certificate ownership properly 
When creating certificate for collective, ensure that the certificate
is usable by confluent when running
as non-root.
 2020-03-12 16:04:23 -04:00
Jarrod Johnson
57ff9808c4 Fix infinite loop in DHCP parsing 
Accidentally failed to actually traverse
the data.
 2020-03-11 15:43:34 -04:00
Jarrod Johnson
0f67f5c382 Draft attempt at refactoring PXE 
The plan is to have 'discovery'
data only on DISCOVER, but
still parse and be able to react to
REQUEST packets.

Additionally add the attributes
to control deployment state and
permissible protocols.
 2020-03-11 15:22:45 -04:00
Jarrod Johnson
b789252c9c Merge branch 'master' into osdeploy 2020-03-11 14:00:52 -04:00
Jarrod Johnson
a413f321fe Fix console loss on server exit 
Catch the new exception that
was used to make other commands
exit cleaner.
 2020-03-11 13:58:37 -04:00
Jarrod Johnson
d38b06224c Merge branch 'master' into osdeploy 2020-03-11 09:30:18 -04:00
Jarrod Johnson
f2bd796c2a Further clean up license error handling 
Backup of nodelicense was not
consistently checked between
redfish and ipmi plugins.
 2020-03-11 09:29:41 -04:00
Jarrod Johnson
bf31c4872f Fix mistake in nodelicense save 
It was incorrectly presenting unrecognized error infomation.
 2020-03-11 09:22:16 -04:00
Jarrod Johnson
9ea9188fdf Get closer to replying to PXE 
Monitor and maintain a uuid and
mac map to node in preparation for
efficient handling of
DISCOVERs/REQUESTS from
ONIE and/or PXE.
 2020-03-10 11:16:59 -04:00
Jarrod Johnson
597393842a Add transaction ID to the carried information 
The ability to extend an OFFER requires that we also keep track
of the transaction id.
 2020-03-09 15:30:26 -04:00
Jarrod Johnson
b9fc9b3c19 Put the recvmsg info into the handler payload 
This allows the rest of the discovery infrastructure to operate
with this data.
 2020-03-09 15:14:05 -04:00
Jarrod Johnson
49b8e12a01 Update TODO 
We have now done IP_PKTINFO, but there is a potential TODO
if wanting to properly honor unicast request.

For now, will just do always-broadcast as the options to do unicast
are more complex to do (either construct the packets or inject neigh
entry manually)
 2020-03-09 15:05:19 -04:00
Jarrod Johnson
f20fb70336 Have the peer and target info on DHCP receive 
This has the data that will be handy in formulating a reply.
 2020-03-09 14:39:53 -04:00
Jarrod Johnson
934f8f0f20 Use recvmsg for PXE 
Switch to recvmsg in preparation for getting more
data for forming replies.
 2020-03-09 11:25:38 -04:00
Jarrod Johnson
945b8f2b4a Rename to reflect more function than CA 2020-03-09 08:52:29 -04:00
Jarrod Johnson
82921fb53d Add function to sign SSH key 
This will enable the known_hosts
to work.

shosts.equiv and sshd and ssh client
config will be handled elsewhere.
shosts.equiv will just be everything.
 2020-03-06 16:55:06 -05:00
Jarrod Johnson
59a0b00208 Flesh out the SSH code more 
Notably add user key management
and start poking things in
/var/lib/confluent
 2020-03-06 16:17:53 -05:00
Jarrod Johnson
34f2f6e359 Add a sample for doing SSH CA 
This will explore the concept for the
backend of the get certificate api.
 2020-03-06 13:43:54 -05:00
Jarrod Johnson
7fe47baab3 Fix another python 3 expectation 
python3 needs this stringified from socket that
provides bytes.
 2020-03-02 16:42:42 -05:00
Jarrod Johnson
3c1453c16b Actually use the de-lla address 
After removing the %, actually use the trimmed address.
 2020-03-02 16:23:18 -05:00
Jarrod Johnson
4529924cce Fix credserver python3 and LLA support 
Both client and server had an issue with LLA, along with the
usual python3-isms.
 2020-03-02 16:06:07 -05:00
Jarrod Johnson
97ddd59dbd Merge branch 'osdeploy' of github.com:jjohnson42/confluent into osdeploy 2020-03-02 14:55:11 -05:00
Jarrod Johnson
b7b2522f6b Fix python3 compatibility of ssdp 
The ssdp module in osdeploy was not reacting
adequately to copernicus.  fix the assumptions about bytes
versus str.
 2020-03-02 14:54:23 -05:00
Jarrod Johnson
bd0e187525 Merge branch 'master' into osdeploy 2020-03-02 13:15:22 -05:00