2
0
mirror of https://github.com/xcat2/confluent.git synced 2025-08-29 14:28:18 +00:00
Commit Graph

60 Commits

Author SHA1 Message Date
Jarrod Johnson
f467cfe7c4 Add log message for mac interrogation of switch
Clarify when things go wrong due to certificate.
2022-06-30 13:28:26 -04:00
Jarrod Johnson
b7a786dc83 Choose more accurate description of ambiguous switch situation
Technically, it need not be an aggregation, but link between switches generically covers it.
2022-01-12 09:31:44 -05:00
Jarrod Johnson
2d95fb1d74 Improve 'ambiguous' notification in macmap.
When two nodes are ambiguous, provide more
info (mac) and also a suggestion of
which of the two appears most
trunk-like if one of them looks
suspiciously like a trunk.
2022-01-12 08:31:13 -05:00
Jarrod Johnson
1b88e44c59 Ignore broken lldp results
Some switches may have broken incomplete records,
skip such records to focus on viable complete records.
2021-09-16 15:49:36 -04:00
Jarrod Johnson
37dca72579 Allow managercandidates to limit switch interrogation
If a switch is a node and has denoted allowed managers,
do not interrogate that switch if this member is not
permitted.
2021-04-16 14:19:51 -04:00
Jarrod Johnson
1aea406852 Restore error handling to SNMP
Properly carry and reconstitute exceptions
used to drive the specific errors.
2021-04-16 14:09:44 -04:00
Jarrod Johnson
374b87e2d7 Offload macmap SNMP activity to an auxillary process
This doesn't make the code more efficient, but it
keeps it from slowing down the main process
and allows it to leverage an additional core
to do the work.

Still needs work to restore the error reporting.
2021-04-15 17:22:15 -04:00
Jarrod Johnson
6a88f35fc2 Fix compatibility with some switch configurations
While some implementations mess up portid and need portdescr instead, others are
just the opposite.

Tolerate match either by description or name.
2021-03-10 13:40:47 -05:00
Jarrod Johnson
7a27fba94b Workaround non-cisco switch crash
Querying Cisco MIB on certain
firmware levels of non-cisco switches
causes a crash.  Tolerate and
wait a bit to give SNMP a chance to restart.
2021-03-10 09:51:05 -05:00
Jarrod Johnson
36f027ac71 Implement support for Cisco switches
Cisco bridge mib requires to be instanced by vlan.
Detect through proprietary mibs and use it to
guide bridge mib walking.
2020-12-15 10:46:14 -05:00
Jarrod Johnson
dc262c366c Fix false positive in affluent detection
Make sure we don't receive
a redirect or other
when asking for mac tables.
2020-11-09 11:23:54 -05:00
Jarrod Johnson
1113c2a849 Improve duplicate switch attribute errors 2020-10-02 13:36:45 -04:00
Jarrod Johnson
587197e934 Refresh chained SMM discovery for SMMv2
Additionally, amend overall
discovery to force chain validation
rather than theoretically
accepting a low mac count match.
2020-10-02 11:45:50 -04:00
Jarrod Johnson
9828ea5898 Fix chained smm discovery on cumulus 2020-09-14 11:02:00 -04:00
Jarrod Johnson
5e01d9c97b Handle unresolvable switches gracecfully
Rather than a trace log,
keep it to only the event log.
2020-09-02 11:50:50 -04:00
Jarrod Johnson
7cd7068dd7 Remove stray developer output
Remove a developer repr from log
output.
2020-02-07 16:01:29 -05:00
Jarrod Johnson
48f0330568 Add affluent support to /networking
The /networking backend will now
check for affluent on the switches and
use it if possible for improved performance.
2020-02-07 15:57:33 -05:00
Jarrod Johnson
3660cf18cc Fix a number of issues
For one, there were still bytes v. str for python3 issues in the
certificate exception and credential handling for smm and generic
credential lookup.

There was a python2-ism in lldp that needed to be made 2/3 agnostic
with ord() of a 'bytes' member, converting to bytearray for
normalized behavior.

The discovery core had an issue with chained smms where a set
was used which cannot take a dict, and so it is converted to a list.

If a temporary password is used but the user did not provide a permanent
password that is viable, make the error more explicit.
2019-12-10 11:54:24 -05:00
Jarrod Johnson
bc87077397 Fix error handling and consistency in networking
by-port specification was inconsistent and unhelpful in error between macmap and lldp.
2019-07-15 11:07:59 -04:00
Jarrod Johnson
38f9583be3 Implement direct add switches
Allow addition of switches without associated
nodes.  This allows populating mac database
without requiring associated nodes.
2019-02-28 13:00:12 -05:00
Jarrod Johnson
f4cf74b699 Fix modifying dictionary while iterating
Need to make a stable value before iterating to delete.
2019-01-31 14:28:45 -05:00
Jarrod Johnson
8d9a082739 Provide better exceptions and propogate them to client on snmp
When doing snmp, messages would always go to log only, even if the
user was at the confetty cli.  Give user access to knowing the error
impacting the query.
2018-10-04 14:59:25 -04:00
Jarrod Johnson
326f56219b Fix /networking/macs/by-mac
The module apimacmap was not correctly scoped.
2018-10-01 14:40:02 -04:00
Jarrod Johnson
f7965d235a Improve /networking/macs API behavior
For the 'by-mac', only remove the structure when it is ready for API
view without changing internal view.

For the 'by-switch', do the update per switch and after it's done.

Provide ability to check scan status through reading
/networking/macs/rescan
2018-08-28 11:10:32 -04:00
Jarrod Johnson
33fe0a3db4 Fix wrong port name for G8332
Was using the incorrect half of the return, which broke on G8332.
2018-05-22 09:36:55 -04:00
Jarrod Johnson
5fe2d2a31c Fix unprintable characters in some chassisid
Some switches send raw octets back, some printable.  Try to normalize
when unprintable chassis id are detected.  This is not 100%, if the hex
would be all between 20 and 80 throughout the string, then this will
fail to do the right thing.

Hopefully, the amount of times when lldp partners disagree on how to
implement LLDP-MIB will be limited.  Currently it is known than Lenovo
and Juniper switches disagree, and both of those have what would
be unprintable values in the mfg portion of the chassis id.
2018-05-21 15:53:42 -04:00
Jarrod Johnson
0481f7889b Make macmap api case insensitive
This helps usability of the api.
2018-04-20 13:25:02 -04:00
Jarrod Johnson
0f4940cd7c Tolerate empty string to be blank snmp user
For SNMP password without user, accept '' as a synonym for None
2018-01-16 13:14:13 -05:00
Jarrod Johnson
8226c2bd77 Fix mistakes in the draft discovery code
A couple of blatantly obvious mistakes were made that require fixing.
2018-01-16 12:13:34 -05:00
Jarrod Johnson
3398acaf52 Match XCC to enclosure in a chained setup
Also apply fixes and lay groundwork for eventual 'secure' discovery
policy.  As such a policy is too limited to be practical at this point
(SMM only) the full deal is postponed until it would be feasible.
2018-01-10 15:53:49 -05:00
Jarrod Johnson
0c0a450fc2 Implement requisite functions to do chain SMM discovery
Hook into the neighbor data and lldp to identify SMMs.

Still need to provide context to the XCCs based on the chassis-uuid
property.
2018-01-09 17:25:31 -05:00
Jarrod Johnson
76bfb29d60 Try to put the brakes on too many mac discovery attempts
In various scenarios, too many macs on a port can be a sign of trouble.
For example, a chained SMM configuration with head on switch port, or
incorrectly pointing a nodes net attributes at a switch uplink port, or
defining SMMs without any nodes, causing XCCs to think they are
rackmount.  This sets some sanity value for avoiding problems.  This is
of course a mitigation, invalid scenarios could still run afoul of the
limits, but it should catch a large chunk of offending scenarios.
2017-11-14 14:28:31 -05:00
Jarrod Johnson
8c21c59459 Dynamic backoff for switch scan
Have switch scan back off propritonate to time it takes to walk the
switches.  Avoid being back to back on switch scans.
2017-10-27 16:50:39 -04:00
Jarrod Johnson
f07a0e333f Use natural sort in parts of macmap api
It was hard to traverse things through default sort, provide
natural sort to node names and port names.
2017-10-20 15:15:59 -04:00
Jarrod Johnson
c95d3cf906 Note for future chassis id relationship 2017-10-04 09:43:35 -04:00
Jarrod Johnson
db89cdc62c Add portid and chassisid for cross-reference
In the hypothetical of generating a graph, having a hard assurance
of the required LLDP TLVs can aid in viable code.
2017-10-03 14:57:32 -04:00
Jarrod Johnson
697716b296 Provide a cleaner error on peer not found
Auto-refresh and provide cleaner error on ultimately missing data.
2017-10-03 11:52:28 -04:00
Jarrod Johnson
60b7083dce Handle URL safety of LLDP data
LLDP data does not care about URL safety.  Have a mechanism that
does a pretty good job of translating too and from, at some cost.
2017-10-03 11:23:57 -04:00
Jarrod Johnson
f4cfe8758e Fixes to the recent attempt
Names had '/' in it and some assumptions about key were broken.  Correct
the various mistakes.
2017-10-03 10:30:18 -04:00
Jarrod Johnson
cc0fc52064 Reuse neighbor data
Improve responsiveness by only refetching data if the data is over
a minute old.
2017-10-03 10:01:57 -04:00
Jarrod Johnson
526eb45969 Fix to match all critera than any.
It was matching *any* of the criteria, it needed to match all.
2017-10-02 17:04:38 -04:00
Jarrod Johnson
3606aab3f0 Only director-ify multiple entry type selectors 2017-10-02 17:01:43 -04:00
Jarrod Johnson
eb70b21573 Properly reflect results as collections/directories 2017-10-02 16:56:52 -04:00
Jarrod Johnson
e95b5da8b7 Wire up peerid
The entries did not have peerid in them, rectify the oversight.
2017-10-02 16:56:17 -04:00
Jarrod Johnson
b5e4d302f9 Actually wire up the parameterized version 2017-10-02 16:53:27 -04:00
Jarrod Johnson
1fb6eb230b Change mind about peerid
Stick to the identifiers mandated by LLDP, and only those to
base the peerid (by-name can help otherwise).
2017-10-02 13:32:56 -04:00
Jarrod Johnson
4236f3fd78 Work on a better neighbor interface
The API was lacking in imagination, flesh it out more.
2017-09-28 17:09:05 -04:00
Jarrod Johnson
d4265fa406 Normalize likely HEX strings
Chassis Id and Port Id are highly likely to present as hex strings,
detect and present this case more sanely.
2017-09-28 16:28:33 -04:00
Jarrod Johnson
529e3b2239 Fix a few issues found in testing
Switches need some data sanitized.  Also used IndexError instead of
KeyError, and add handling for interfaces with slashes in the name.
The name 'verified' also fits better than 'authenticated'
2017-09-28 14:27:34 -04:00
Jarrod Johnson
2ed80d86b1 Implement proper neighbor structure
Also fix a bug in macmap and assume SHA auth protocol for SNMPv3
2017-09-27 15:03:09 -04:00