Jarrod Johnson
57f390fd0a
Draft for starting the databse replication
...
Does not actually heed the data, or implement ongoing relay of data back and forth.
2018-05-16 11:27:46 -04:00
Jarrod Johnson
641bc7344a
Add hooks for collective mode and refactor
...
In support of config replication, need configmanager to do a few things
2018-05-16 11:27:46 -04:00
Jarrod Johnson
af940c972f
Add function to check address equivalence
...
As we start needing to compare addresses, provide a central function
to handle the various oddities associated with that.
2018-05-16 11:27:46 -04:00
Jarrod Johnson
468f00cd1c
Rename 'joinchallenge' to 'enroll'
...
Seems like a better word to use.
2018-05-16 11:27:46 -04:00
Jarrod Johnson
ce635068aa
Begin the 'connect' collective operation
...
First check if we are current leader, reject if not, then if cert
is invalid, reject, then comes the TODO.
2018-05-16 11:27:46 -04:00
Jarrod Johnson
348c6a7c38
Add collective info to DB backup
...
Now persisted to disk *and* accessible to backup.
2018-05-16 11:27:46 -04:00
Jarrod Johnson
a41a42ffd0
Persint collective info to disk
...
Additionally, simplify the concluding steps of the join conversation.
2018-05-16 11:27:46 -04:00
Jarrod Johnson
3a354a6300
Ensure the invitation works out to even multiple of 3 bytes
...
It's cosmetic, but a nice way to avoid '=' in the tokens.
2018-05-16 11:27:46 -04:00
Jarrod Johnson
fb9925bb84
Fix encoding of the response proof
...
The response was not decoded, causing it to always fail.
2018-05-16 11:27:46 -04:00
Jarrod Johnson
78bf1d5acd
Provide more feedback and fix some flow issues
2018-05-16 11:27:46 -04:00
Jarrod Johnson
8165b645d9
Fix invite process and unicode
...
Unicode strings do not fit with our world view, make them bytes.
2018-05-16 11:27:46 -04:00
Jarrod Johnson
c2783b6734
Rename swarm to collective in setup.py.tmpl
2018-05-16 11:27:46 -04:00
Jarrod Johnson
033d59b04a
Afetr some feedback, rename it 'collective'
2018-05-16 11:27:46 -04:00
Jarrod Johnson
4155954d1c
Add swarm to setup.py
...
Make sure the swarm content is actually installed.
2018-05-16 11:27:46 -04:00
Jarrod Johnson
1b912c4365
Further advance the swarm concept
...
This marks the start of attempting to connect the invitation
to sockets and using the invitation to measure the certificates as
well as proving client knowledge of an invitation token.
2018-05-16 11:27:46 -04:00
Jarrod Johnson
5f9ee3d3c5
Migrate 'multimanager' to 'swarm'
...
It's easier to say 'swarm' and conveys the sense without confusion
of 'cluster' mode.
2018-05-16 11:27:46 -04:00
Jarrod Johnson
cc9becea3b
Add ability to get client certificates
...
Unfortunately, to pull off the target user experience, we
must register a custom client certificate validation to allow
us to not require a CA.
2018-05-16 11:27:46 -04:00
Jarrod Johnson
1e0cf7e9fb
Create invitation management module
...
This facilitates the generation of invitations and logistics of proving
knowledge of the invitation and the integrity of the certificates.
peercert is to be gotten through getpeercert(binary_form=True) and
local cert through the util function to load from file, since we don't
have another way of getting local certificate.
2018-05-16 11:26:36 -04:00
Jarrod Johnson
7ebe9da24b
Add utility function to get certificate from file
...
This can be used to get our own certificate, for use in the
multimanager membership establishment.
2018-05-16 11:26:36 -04:00
Jarrod Johnson
7909f9e003
Switch to explicit SSL context when possible
...
This allows more fine grained control over the security parameters of
the TLS connection.
2018-04-23 14:18:51 -04:00
Jarrod Johnson
14ff33a44a
Only activate the remote API socket if user makes cert
...
This prevents the useless networking socket from being opened
when it cannot be used. This means most implementations will not
have an extra port to explain unless the user goes through the work
and knows what it would be.
2018-04-20 19:30:15 -04:00
Jarrod Johnson
0481f7889b
Make macmap api case insensitive
...
This helps usability of the api.
2018-04-20 13:25:02 -04:00
Jarrod Johnson
a1156097d2
Add facility to disable autosense
...
discovery autosense at scale may produce undesirable performance.
Provide an interface to turn off the autosense.
If autosense is off, manual scan can still be performed.
2018-04-13 16:54:27 -04:00
Jarrod Johnson
af72d0e71a
Update the discovery lookup tables on node add/remove
...
This will mitigate stale mappings in the discovery process.
2018-04-12 17:05:06 -04:00
Jarrod Johnson
008f8e22ae
Abort traversing gap in SMM chain
...
Once there is a gap, the next hop in the chain will be ambiguous.
Discovery must always precede from the front-most chassis.
2018-04-12 15:45:07 -04:00
Jarrod Johnson
39ee0da879
Fix makesetup for confluent_client
...
Fixing the redundant __init__.py led to no __init__.py, fix
that mistake.
2018-04-10 16:11:14 -04:00
Jarrod Johnson
91238f1dcb
Clean up pure python packaging
...
Fix __init__.py redundancy, update requirements to current state
of affairs.
2018-04-10 16:06:37 -04:00
Jarrod Johnson
76a4a91351
Fix pyparsing rpm name
...
Accept another likely formulation of an rpm name for
the package.
2018-04-10 15:11:20 -04:00
Jarrod Johnson
bd40f2f4a6
Fix mistake in indexing of url
2018-03-27 17:11:35 -04:00
Jarrod Johnson
66e8ce2dde
Merge branch 'master' of github.com:jjohnson42/confluent
2018-03-27 16:35:31 -04:00
Jarrod Johnson
f97c39cea4
Add hostname to api
...
The hostname of the BMC is added to the api.
2018-03-27 15:51:14 -04:00
Jarrod Johnson
6671b9aad3
Provide cleaner behavior on timeouts
...
If a timeout occurred outside of a keeplaive, provide
a more consistent message about the situation.
2018-03-23 08:27:27 -04:00
Jarrod Johnson
308db99dbb
Fix inconsistent dict member extension
...
If two portions of a list come back piecewise from the plugin that
are both lists, extend them rather than making a nested list.
2018-03-15 12:09:45 -04:00
Jarrod Johnson
a20b0abb43
Do not clear the buffer on superfluous reopen
...
If someone does a reopen, try to preserve the buffer, unless connect
proves there to be a deeper issue. The risk of staleness is low, but
the experience of the whole screen clearing is tricky. This was not
such an issue at the time, but using pyte causes clearbuffer to also
clear connected client terminals.
2018-03-14 17:00:44 -04:00
Jarrod Johnson
7413c44df8
Fix manual discovery
...
In manual discovery, maccount is not a field in the info, as no macmap
processing is done in manual.
2018-03-14 09:27:29 -04:00
Jarrod Johnson
463f61fac7
Modify XSS-Protection directive
2018-03-12 13:41:18 -04:00
Jarrod Johnson
110820e7b7
Revert "Accommodate XCC firmware behavior"
...
This reverts commit 9baa1f5652e90c7d6e9de07260739ed8b3b5299b.
2018-03-06 15:52:53 -05:00
Jarrod Johnson
71214eb613
Revert "Correct indentation"
...
This reverts commit a2163244db628d82c5b2596bf187cb6be214c018.
2018-03-06 15:52:45 -05:00
Jarrod Johnson
7593d21a87
Add missing exceptions import
...
exc was not imported
2018-03-06 11:25:36 -05:00
Jarrod Johnson
3ae7d85820
Fix confluentdbgcli on screen resize
2018-03-01 13:39:25 -05:00
Jarrod Johnson
0d06eedc81
Move curruuid up so it is always set
...
If detected pre-discovered, curruuid was not being set correctly
2018-02-28 11:53:03 -05:00
Jarrod Johnson
ca27385eaa
Fix confluentdbutil restore with typed attributes
...
Typed attributes would fail the check. Additionally, the error itself
was buggy, so fix that while we are at it.
2018-02-27 14:51:37 -05:00
Jarrod Johnson
9269c9feff
Provide more reasonable error message to user
...
If a protocol is unsupported, propogate error message usefully.
2018-02-27 14:51:00 -05:00
Jarrod Johnson
7736056bf2
Fix hangtraces analyzer
...
With threadid, the analyzer was failing to collapse identical threads.
2018-02-27 11:28:37 -05:00
Jarrod Johnson
530c6553fd
Block creation of nodes that can't be in noderanges
...
Noderange grammar prevents referencing certain nodenames. Use the
noderange grammar to evaluate any incoming node or group at a very
low level.
2018-02-26 15:47:47 -05:00
Jarrod Johnson
62ac582b61
Provide better reseat error message on non-enclosure
...
If a user were to try to reseat a node that isn't enclosure based or
at least does not have the configuration, provide a clue as to what
happened.
2018-02-22 14:56:25 -05:00
Jarrod Johnson
d7b3859460
Try to have collate preserve original noderange
...
When a noderange is given, prepare for a reverse lookup of same nodes,
so collate has a shot of giving back what was put in.
2018-02-14 15:09:21 -05:00
Jarrod Johnson
0fd2d26f82
Add access to nodefirmware shortcut
...
The nodefirmware can now request firmware more selectively.
2018-02-14 14:38:20 -05:00
Jarrod Johnson
453f6d8016
Catch general SSL errors to BMC
...
Provide better info on general SSL misbehaviors.
2018-02-13 13:17:29 -05:00
Jarrod Johnson
ee84622e7d
Dynamic retry timer
...
Opportunistically try to be more aggressive, scaling back
with retry number and cluster size.
2018-02-12 14:34:12 -05:00