2
0
mirror of https://github.com/xcat2/confluent.git synced 2024-11-23 01:53:28 +00:00
Commit Graph

2109 Commits

Author SHA1 Message Date
Jarrod Johnson
395c0d4697 Preserve IPMI state unless user wants otherwise
ALso a draft of navigating a forced password change
in the midst of a pre-hashed password conversion.
2019-08-16 16:33:57 -04:00
Jarrod Johnson
a963a8ca35 Handle forced password change and no IPMI for XCC
XCC firmware will start mandating a password change before use.

Additionally, IPMI will be unavailable and will be needed for enabling SMM.

TODO:
-Discover USERID/TempW0rd42 nodes that weren't preconfigged

-Enable IPMI on non-SD530 if hardwaremanagement.method is not redfish.
2019-08-15 16:40:15 -04:00
Jarrod Johnson
d95464df6f Add a non-ip network string xmit concept 2019-08-08 16:14:05 -04:00
Jarrod Johnson
3f6e6d4c39 Support unavailable sensors in redfish 2019-08-08 15:02:26 -04:00
Jarrod Johnson
c3176ab86a Add blink and identify reporting to redfish 2019-08-05 16:22:50 -04:00
Jarrod Johnson
4dab5fc527 Adapt to RHEL or Debian openssl config locations 2019-08-05 16:16:42 -04:00
Jarrod Johnson
8897842fc4 Fix SMM handler when None bmc
This fixes a common scenario for using fe80 collection
2019-07-26 13:50:59 -04:00
Jarrod Johnson
a251a538b0 Improve SMM discovery
SMM discovery behavior has seemingly gotten more picky with time.
First switch to an IPMI-free if the user has custom password.  The
web based approach is much less problematic than SMM IPMI stack in
this context.

If user specifies they want to use default credentials, we have
no choice but to use IPMI.  Omit things and shuffle order of operations
to mitigate problems.  It isn't perfect, but it does work eventually.
2019-07-26 09:25:19 -04:00
Jarrod Johnson
480a747dcf Merge branch 'master' of github.com:jjohnson42/confluent 2019-07-25 13:10:08 -04:00
Jarrod Johnson
af025f7304 Present log name when provided in nodeeventlog
Some managers combine logs, allow disambiguation through including in output.
2019-07-25 13:09:52 -04:00
Jarrod Johnson
21edd82177 Extend generic catches in redfish/ipmi
Have it provide more detailed error data at
a glance to short out some debug requirements.
2019-07-25 09:28:55 -04:00
Jarrod Johnson
8641885f86 Fix handling of socket error with neighbor
If a system is half up, a different sort of timeout is given.
Handle this and also preserve the original exception better
if not one of these two.
2019-07-25 08:52:47 -04:00
Jarrod Johnson
64cc2416d1 Fix list argument 2019-07-24 15:37:01 -04:00
Jarrod Johnson
2787e1d862 Present more data about missing entries from assign csv
When doing an assign on csv, present all the missing entries
rather than stopping on the first.
2019-07-23 11:57:35 -04:00
Jarrod Johnson
514a121c15 Print license install errors when provided
When the service gives errors installing keys,
relay them to the user.
2019-07-22 11:21:31 -04:00
Jarrod Johnson
00ce48b046 Fix behavior for bad nodelicense arguments
Correctly show help and exit if unrecognized
parameter.
2019-07-22 09:27:31 -04:00
Jarrod Johnson
44929e7975 Fix printing of unicode to pipe
nodesensors would have a unicode error on pipe output.
2019-07-19 15:36:43 -04:00
Jarrod Johnson
da82fef0cb Have nodelist use nodeattrib completion
Since nodelist may also show attribute values, use same completion function.
2019-07-19 14:22:19 -04:00
Jarrod Johnson
efcac0b181 Fix nodesensors -n with csv 2019-07-19 14:12:40 -04:00
Jarrod Johnson
46e2f53018 Always use GCM on encrypt
Continue to support read using the old scheme, but even when
an integrity key is available, only use it to aid in decrypting
classic format, and always write in new format.
2019-07-17 08:51:06 -04:00
Jarrod Johnson
cf51928b3d Implement GCM and close gap in the HMAC
When generating key material from scratch, skip HMAC and
activate GCM mode.

When using existing CBC/HMAC keys, start covering the IV value
in the HMAC.  For compatibility, HMAC validity is checked with
and without IV.
2019-07-16 18:32:23 -04:00
Jarrod Johnson
151ba2e567 Add error messages to nodeattrib clear
nodeattrib -c was not reporting useful error information.
2019-07-15 13:28:09 -04:00
Jarrod Johnson
bc87077397 Fix error handling and consistency in networking
by-port specification was inconsistent and unhelpful in error between macmap and lldp.
2019-07-15 11:07:59 -04:00
Jarrod Johnson
a77b65737e Suppress usage on nodefirmware error
It is very bizarre to have the usage output
after an error.
2019-07-12 12:10:22 -04:00
Jarrod Johnson
19c2963cf9 Fix reassign with SMM
SMM validation assumes an earlier connection, fix so that it will accept the certificate
if no certificate expected yet.
2019-07-11 15:55:20 -04:00
Jarrod Johnson
a0ea8eeae3 Fix nodediscover support of bmc_gateway
The command expected spaces, but documentation
said underscore, support both old csvs and doc
compliant csvs.
2019-07-11 15:36:31 -04:00
Jarrod Johnson
6ad1ce4df5 Back off concurrent retrieval.
Some BMCs are incapable of handling concurrent requests.
This is a blow particularly to high latency management given
Redfish's tendency to require a lot of resource fetches, but
we don't have a particularly discoverable strategy for knowing
in advance whether an implementation is up for some optimization.
2019-07-11 11:41:42 -04:00
Jarrod Johnson
c53264872a Fix scenario with undefined passlength
If passwordcomplexity were requested without a passwordlength,
things would be a problem.
2019-07-11 10:53:43 -04:00
Jarrod Johnson
d9f2c0b266 Correct mistake in setting names 2019-07-11 10:40:49 -04:00
Jarrod Johnson
d528d45820 Add configuration to opt into password policies. 2019-07-11 10:19:46 -04:00
Jarrod Johnson
4eeac8d71a Explore password evaluation as an option.
Password rules may be relevant to some scenarios.  In such a case, this
can provide guidance if the BMC does not have such a facility or
alternatively provide friendlier warnings than the BMC provides
around shortcomings of the password.
2019-07-10 15:32:47 -04:00
Jarrod Johnson
6cc0eb0797 Add reassign to nodediscover
Allow nodediscover to do 'reassign' to repeat discovery process for a discovered
node, without requiring an additional identifier.
2019-07-09 13:53:30 -04:00
Jarrod Johnson
bfd0de1a4a Add expiration to more places 2019-07-09 13:26:48 -04:00
Jarrod Johnson
a787ac62c3 Add expiration data from ipmi plugin
When pyghmi provides the information, enrich the return
data.
2019-07-09 12:48:56 -04:00
Jarrod Johnson
fd9b4a8650 Add support for expiration data, when available 2019-07-09 10:55:33 -04:00
Jarrod Johnson
373bf3dca7 Remove stray whitespace
Fix formatting mistakes
2019-07-09 10:18:34 -04:00
Jarrod Johnson
0ad0c626c2 Restore password policy set to nodediscover
The shift away from IPMI had omitted the password policy set.
Amend the function and restore it to the sequence of events.
2019-07-08 16:25:07 -04:00
Jarrod Johnson
fbc4fc6846 Make unexpected error more specific
Often a usable summary message is obfuscated.  Assume the subject line
is safe to relay, but continue to do a more verbose trace.
2019-07-08 14:28:56 -04:00
Jarrod Johnson
3efc153615 Improve conversion reliability
It was frequent that a token expiration would impact attempt to convert
an account.  Suppress the token based authentication to more reliably
have a fresh login.

Additionally, mitigate chance of exhausting user login limit.

Finally, switch to a generated password for the temporary account.  Should something go awry
between deleting the third-party account and recreating it, this
means the system will have to be reset through OS or F1 menu.  However this is better
than the risk of a well known backdoor account being inadvertently
created.
2019-07-03 11:39:36 -04:00
Jarrod Johnson
b7ff093e48 Fix ubuntu package install location 2019-07-02 14:42:45 -04:00
Jarrod Johnson
7275e98039 Remove IPMI specific parameters to user
Users cannot have these settings in redfish
2019-07-01 11:23:28 -04:00
Jarrod Johnson
2b0c50dc23 Refresh connection parameters on retry
If the parameters changing cause a login failure,
take the opportunity to refresh that information to work
in the midst of a rediscover, for example.
2019-07-01 09:15:01 -04:00
Jarrod Johnson
54439d5f18 Fix cause of former 'login process died'
If a session died without calling logged, the confluent plugin
instance would be orphaned.  Detect this situation to trigger a
retry.
2019-07-01 09:05:08 -04:00
Jarrod Johnson
65b4cbe8cc Revised fix for redfish name missing case 2019-06-28 16:02:19 -04:00
Jarrod Johnson
c8931ae6e7 Revert "Carry fix for null names to redfish"
This reverts commit 8bbeeafa49.
2019-06-28 16:01:26 -04:00
Jarrod Johnson
083f5c8654 Add python-dateutil rpm dependency 2019-06-28 15:41:17 -04:00
Jarrod Johnson
8bbeeafa49 Carry fix for null names to redfish 2019-06-28 15:14:59 -04:00
Jarrod Johnson
422f210f74 Handle adapters with null names
Under some situations, null names are given
for adapters, apply generic treatment to such
devices.
2019-06-28 15:13:56 -04:00
Jarrod Johnson
2e6029bd2c Add a location.height attribute
This permits user to specify height for either unsupported systems
or to speed up the rackview drawing.
2019-06-28 09:30:53 -04:00
Jarrod Johnson
81c0adbbe3 More python 3 compatibility fixes
Improve more commands and modules to parse and execute under python 3.
2019-06-28 08:51:57 -04:00