Jarrod Johnson
395c0d4697
Preserve IPMI state unless user wants otherwise
...
ALso a draft of navigating a forced password change
in the midst of a pre-hashed password conversion.
2019-08-16 16:33:57 -04:00
Jarrod Johnson
a963a8ca35
Handle forced password change and no IPMI for XCC
...
XCC firmware will start mandating a password change before use.
Additionally, IPMI will be unavailable and will be needed for enabling SMM.
TODO:
-Discover USERID/TempW0rd42 nodes that weren't preconfigged
-Enable IPMI on non-SD530 if hardwaremanagement.method is not redfish.
2019-08-15 16:40:15 -04:00
Jarrod Johnson
d95464df6f
Add a non-ip network string xmit concept
2019-08-08 16:14:05 -04:00
Jarrod Johnson
3f6e6d4c39
Support unavailable sensors in redfish
2019-08-08 15:02:26 -04:00
Jarrod Johnson
c3176ab86a
Add blink and identify reporting to redfish
2019-08-05 16:22:50 -04:00
Jarrod Johnson
4dab5fc527
Adapt to RHEL or Debian openssl config locations
2019-08-05 16:16:42 -04:00
Jarrod Johnson
8897842fc4
Fix SMM handler when None bmc
...
This fixes a common scenario for using fe80 collection
2019-07-26 13:50:59 -04:00
Jarrod Johnson
a251a538b0
Improve SMM discovery
...
SMM discovery behavior has seemingly gotten more picky with time.
First switch to an IPMI-free if the user has custom password. The
web based approach is much less problematic than SMM IPMI stack in
this context.
If user specifies they want to use default credentials, we have
no choice but to use IPMI. Omit things and shuffle order of operations
to mitigate problems. It isn't perfect, but it does work eventually.
2019-07-26 09:25:19 -04:00
Jarrod Johnson
480a747dcf
Merge branch 'master' of github.com:jjohnson42/confluent
2019-07-25 13:10:08 -04:00
Jarrod Johnson
af025f7304
Present log name when provided in nodeeventlog
...
Some managers combine logs, allow disambiguation through including in output.
2019-07-25 13:09:52 -04:00
Jarrod Johnson
21edd82177
Extend generic catches in redfish/ipmi
...
Have it provide more detailed error data at
a glance to short out some debug requirements.
2019-07-25 09:28:55 -04:00
Jarrod Johnson
8641885f86
Fix handling of socket error with neighbor
...
If a system is half up, a different sort of timeout is given.
Handle this and also preserve the original exception better
if not one of these two.
2019-07-25 08:52:47 -04:00
Jarrod Johnson
64cc2416d1
Fix list argument
2019-07-24 15:37:01 -04:00
Jarrod Johnson
2787e1d862
Present more data about missing entries from assign csv
...
When doing an assign on csv, present all the missing entries
rather than stopping on the first.
2019-07-23 11:57:35 -04:00
Jarrod Johnson
514a121c15
Print license install errors when provided
...
When the service gives errors installing keys,
relay them to the user.
2019-07-22 11:21:31 -04:00
Jarrod Johnson
00ce48b046
Fix behavior for bad nodelicense arguments
...
Correctly show help and exit if unrecognized
parameter.
2019-07-22 09:27:31 -04:00
Jarrod Johnson
44929e7975
Fix printing of unicode to pipe
...
nodesensors would have a unicode error on pipe output.
2019-07-19 15:36:43 -04:00
Jarrod Johnson
da82fef0cb
Have nodelist use nodeattrib completion
...
Since nodelist may also show attribute values, use same completion function.
2019-07-19 14:22:19 -04:00
Jarrod Johnson
efcac0b181
Fix nodesensors -n with csv
2019-07-19 14:12:40 -04:00
Jarrod Johnson
46e2f53018
Always use GCM on encrypt
...
Continue to support read using the old scheme, but even when
an integrity key is available, only use it to aid in decrypting
classic format, and always write in new format.
2019-07-17 08:51:06 -04:00
Jarrod Johnson
cf51928b3d
Implement GCM and close gap in the HMAC
...
When generating key material from scratch, skip HMAC and
activate GCM mode.
When using existing CBC/HMAC keys, start covering the IV value
in the HMAC. For compatibility, HMAC validity is checked with
and without IV.
2019-07-16 18:32:23 -04:00
Jarrod Johnson
151ba2e567
Add error messages to nodeattrib clear
...
nodeattrib -c was not reporting useful error information.
2019-07-15 13:28:09 -04:00
Jarrod Johnson
bc87077397
Fix error handling and consistency in networking
...
by-port specification was inconsistent and unhelpful in error between macmap and lldp.
2019-07-15 11:07:59 -04:00
Jarrod Johnson
a77b65737e
Suppress usage on nodefirmware error
...
It is very bizarre to have the usage output
after an error.
2019-07-12 12:10:22 -04:00
Jarrod Johnson
19c2963cf9
Fix reassign with SMM
...
SMM validation assumes an earlier connection, fix so that it will accept the certificate
if no certificate expected yet.
2019-07-11 15:55:20 -04:00
Jarrod Johnson
a0ea8eeae3
Fix nodediscover support of bmc_gateway
...
The command expected spaces, but documentation
said underscore, support both old csvs and doc
compliant csvs.
2019-07-11 15:36:31 -04:00
Jarrod Johnson
6ad1ce4df5
Back off concurrent retrieval.
...
Some BMCs are incapable of handling concurrent requests.
This is a blow particularly to high latency management given
Redfish's tendency to require a lot of resource fetches, but
we don't have a particularly discoverable strategy for knowing
in advance whether an implementation is up for some optimization.
2019-07-11 11:41:42 -04:00
Jarrod Johnson
c53264872a
Fix scenario with undefined passlength
...
If passwordcomplexity were requested without a passwordlength,
things would be a problem.
2019-07-11 10:53:43 -04:00
Jarrod Johnson
d9f2c0b266
Correct mistake in setting names
2019-07-11 10:40:49 -04:00
Jarrod Johnson
d528d45820
Add configuration to opt into password policies.
2019-07-11 10:19:46 -04:00
Jarrod Johnson
4eeac8d71a
Explore password evaluation as an option.
...
Password rules may be relevant to some scenarios. In such a case, this
can provide guidance if the BMC does not have such a facility or
alternatively provide friendlier warnings than the BMC provides
around shortcomings of the password.
2019-07-10 15:32:47 -04:00
Jarrod Johnson
6cc0eb0797
Add reassign to nodediscover
...
Allow nodediscover to do 'reassign' to repeat discovery process for a discovered
node, without requiring an additional identifier.
2019-07-09 13:53:30 -04:00
Jarrod Johnson
bfd0de1a4a
Add expiration to more places
2019-07-09 13:26:48 -04:00
Jarrod Johnson
a787ac62c3
Add expiration data from ipmi plugin
...
When pyghmi provides the information, enrich the return
data.
2019-07-09 12:48:56 -04:00
Jarrod Johnson
fd9b4a8650
Add support for expiration data, when available
2019-07-09 10:55:33 -04:00
Jarrod Johnson
373bf3dca7
Remove stray whitespace
...
Fix formatting mistakes
2019-07-09 10:18:34 -04:00
Jarrod Johnson
0ad0c626c2
Restore password policy set to nodediscover
...
The shift away from IPMI had omitted the password policy set.
Amend the function and restore it to the sequence of events.
2019-07-08 16:25:07 -04:00
Jarrod Johnson
fbc4fc6846
Make unexpected error more specific
...
Often a usable summary message is obfuscated. Assume the subject line
is safe to relay, but continue to do a more verbose trace.
2019-07-08 14:28:56 -04:00
Jarrod Johnson
3efc153615
Improve conversion reliability
...
It was frequent that a token expiration would impact attempt to convert
an account. Suppress the token based authentication to more reliably
have a fresh login.
Additionally, mitigate chance of exhausting user login limit.
Finally, switch to a generated password for the temporary account. Should something go awry
between deleting the third-party account and recreating it, this
means the system will have to be reset through OS or F1 menu. However this is better
than the risk of a well known backdoor account being inadvertently
created.
2019-07-03 11:39:36 -04:00
Jarrod Johnson
b7ff093e48
Fix ubuntu package install location
2019-07-02 14:42:45 -04:00
Jarrod Johnson
7275e98039
Remove IPMI specific parameters to user
...
Users cannot have these settings in redfish
2019-07-01 11:23:28 -04:00
Jarrod Johnson
2b0c50dc23
Refresh connection parameters on retry
...
If the parameters changing cause a login failure,
take the opportunity to refresh that information to work
in the midst of a rediscover, for example.
2019-07-01 09:15:01 -04:00
Jarrod Johnson
54439d5f18
Fix cause of former 'login process died'
...
If a session died without calling logged, the confluent plugin
instance would be orphaned. Detect this situation to trigger a
retry.
2019-07-01 09:05:08 -04:00
Jarrod Johnson
65b4cbe8cc
Revised fix for redfish name missing case
2019-06-28 16:02:19 -04:00
Jarrod Johnson
c8931ae6e7
Revert "Carry fix for null names to redfish"
...
This reverts commit 8bbeeafa49
.
2019-06-28 16:01:26 -04:00
Jarrod Johnson
083f5c8654
Add python-dateutil rpm dependency
2019-06-28 15:41:17 -04:00
Jarrod Johnson
8bbeeafa49
Carry fix for null names to redfish
2019-06-28 15:14:59 -04:00
Jarrod Johnson
422f210f74
Handle adapters with null names
...
Under some situations, null names are given
for adapters, apply generic treatment to such
devices.
2019-06-28 15:13:56 -04:00
Jarrod Johnson
2e6029bd2c
Add a location.height attribute
...
This permits user to specify height for either unsupported systems
or to speed up the rackview drawing.
2019-06-28 09:30:53 -04:00
Jarrod Johnson
81c0adbbe3
More python 3 compatibility fixes
...
Improve more commands and modules to parse and execute under python 3.
2019-06-28 08:51:57 -04:00