While typing in confetty console in blind test and confetty was using a TLS socket,
the confetty console was noticably chunkier. The chunkiness could not be detected
on a UNIX socket. Setting NODELAY on both sides of the socket seems to have eliminated
chunkiness so that at least I can't tell confetty from ssh+ipmitool anymore.
For one, prevent unknown attributes from getting into configmanager from now on.
Additionally, have the attributes plugin manage to convey bad attributes when
encountered.
When doing a set, check the keynames and value types as
appropriate. raise ValueError in the configmanager case
since it could be code or human mistake. attributes plugin
then catches this error and propogates it up as an InvalidArgumentException
if it is just trying to pass in data from user.
If someone starts thinking of it as a filesystem, be obliging.
That means some people might want to 'dir', some people might
want to 'cat' things. Make it tend to do the right thing.
Have confetty assume that a plain nodename is a requset for console.
If a console session is started from interactive mode, return to
interactive mode on ctrl-e, c, . rather than exiting.
This allows non-privileged users to be authenticated by SO_PEERCRED.
In the case where the user is not a known confluent user, they are
given a chance to use a name/password.
The loop was sending failure back after an iteration of the loop
that fails to authenticate and then again at the beginning of the next iteration.
Remove the end iteration sending so that there is only one iteration of the
message
Properly implement authentication and switch the protocol over to the tlv
based protocol. Abandon all thought of the socket being directly accessible.
Any CLI semantics will be in confetty and an appliance wishing to expose that CLI
directly should use standard ssh stuff with a shell of confetty. The unix domain
authentication support makes this feasible (requires user creation push name into
confluent repository at the moment..)
Previously, was just keying by node. The problem of course being that
the first tenant to connect for a given node name dictates the console
object for everyone else. Correct this by keying by the tuple of tenant and node together.
Also, remove a required function from console interface. Now a plugin
is only responsible for their thread behavior and never responsible
for the consoleserver mechanism requirement for helping user session
do polling IO. This is additionally great because it means the
coordination is contained to each session object and many client connections
are not causing multiple calls to iterate the wait loop.
