xCAT/confluent
2
0
Fork 0
mirror of https://github.com/xcat2/confluent.git synced 2025-01-13 11:17:49 +00:00
Code Issues Projects Releases Wiki Activity
2,148 Commits 39 Branches 64 Tags
Commit Graph

1114 Commits

Author SHA1 Message Date
Jarrod Johnson
6ea6ebd80e Remove superfluous dependency 2019-10-04 16:49:51 -04:00
Jarrod Johnson
5c288a27dd Have EL8 use python3 for confluent 2019-10-04 10:54:20 -04:00
Jarrod Johnson
d9be6ae2e9 Close console on disconnect 
Fixes leftover console on user initiated disconnect.
 2019-10-04 09:57:54 -04:00
Jarrod Johnson
59789bae7d Fix python3 ctypes str usage 
In python3, the string is likely to be unicode and incompatible
with the libc function.  If it isn't bytes, force it to be bytes.
 2019-10-03 16:06:15 -04:00
Jarrod Johnson
521be5d44d Further Python3 compatibility changes 
With this as well as eficompressor and pyghmi updates, things
seem to be in roughly working order
 2019-10-03 15:57:56 -04:00
Jarrod Johnson
6fb82bbbad Further Python3 compatibility changes 2019-10-02 11:29:13 -04:00
Jarrod Johnson
90e546bcac Implement a number of py3 compatible adjustments 2019-10-02 08:58:39 -04:00
Jarrod Johnson
147d59cba7 Migrate from PyPAM 
PyPAM is no longer part of the distributions.  Closest match is also not in
the distributions and also contains a security problem without an external
patch, so it is pulled in and pull request with copyright and license
intact.
 2019-10-01 11:28:43 -04:00
Jarrod Johnson
6a6fd3184e Add missing dependencies for EL8 2019-09-30 10:51:26 -04:00
Jarrod Johnson
c532cf9ecf Add EL8 requires adapting to confluent 2019-09-25 15:38:36 -04:00
Jarrod Johnson
8909fb16d6 Change rpm spec to build using python2 
This will fix shebang mangling.
 2019-09-23 11:11:16 -04:00
Jarrod Johnson
44d6bde3ff Make /usr/bin/env python point to python2 
Same as before, more RHEL8 compatibility changes
 2019-09-23 11:04:52 -04:00
Jarrod Johnson
5008128d57 Add IPv6 support to TSM 
TSM firmware fixes enable IPv6, enable our support of it.
 2019-09-19 10:02:40 -04:00
Jarrod Johnson
ed320f4a17 Add 'check' to permit comparison against current value 
For implementing some security policies, it is useful
to check new value against current value.
 2019-09-17 09:48:02 -04:00
Jarrod Johnson
de8292f6dd Ignore current channel if current channel is disabled 
A fluke can cause current channel to be 1 when we are wanting 8.
 2019-09-06 13:31:14 -04:00
Jarrod Johnson
8e071a2568 Fix missing import 
The smm change omitted a required import.
 2019-09-05 12:45:29 -04:00
Jarrod Johnson
7d84d0a021 Add network config to SD635/SD655 discovery 
This completes the most critical portion of SD635/SD655 functionality.
 2019-09-05 12:10:58 -04:00
Jarrod Johnson
c5f75bfa15 Fix slowdown when no password change needed 
If the password was pre-provisioned, accelerate the config
phase of tsm bringup.
 2019-09-05 11:10:38 -04:00
Jarrod Johnson
99d01d707f Fix incorrect bad auth on freshly changed password 
If the database backing the password had changed but cache hadn't updated,
then the cache miss was taken as always meaning no valid login.
 2019-09-05 11:09:11 -04:00
Jarrod Johnson
3e1690c860 Add authentication and ipmi configuration to SR635/SR655 
Network configuration and the lockout policy remain to be configured.
 2019-09-04 16:20:31 -04:00
Jarrod Johnson
a3f5630535 Add SR635/SR655 detection 
Currently merely detects.  A discover handler will be next step
to populate UUID and do initial setup.
 2019-09-03 15:49:27 -04:00
Jarrod Johnson
8d6744947e Extended bmc config support to redfish 
Though the underlying library is currenty a stub, bring the
confluent plugin to parity so that nodeconfig works fine
with redfish again.
 2019-09-03 11:05:51 -04:00
Jarrod Johnson
21b3c89974 Improve redfish plugin errors and attrib handling 
Redfish plugin was not handling the various socket error
behaviors correctly.

Additionally, the attribschanged handler was failing to actually
do anything, so commands would gladly reuse an old redfish
object if it were working.
 2019-09-03 10:06:18 -04:00
Jarrod Johnson
9718881c7b Merge branch 'master' of github.com:jjohnson42/confluent 2019-08-30 10:22:59 -04:00
Jarrod Johnson
fcbbdc8a8d Add python-pyopenssl and python-dateutil deps 
For wheezy, the only supported user wants to
always have collective capability.
Workaround pyghmi missing the dateutil dependency.
 2019-08-30 10:22:17 -04:00
Jarrod Johnson
97a950b145 Retain XCC IP on discovery if already set 
Do not change from DHCP if DHCP is working the way intended.
 2019-08-28 09:46:35 -04:00
Jarrod Johnson
a0e445d1b1 Force MSS down for forwarded connections 
Some endpoints may not be able to fully handle the natural
MSS suggested by MTU.
 2019-08-28 09:16:42 -04:00
Jarrod Johnson
6cfbf4533c Add support for BMC clear and extended attributes 
This wires up new function in pyghmi.
 2019-08-27 14:32:16 -04:00
Jarrod Johnson
5794dd7f8c Add CP storage to discovery 2019-08-22 16:15:01 -04:00
Jarrod Johnson
59d5110b8f Also enable ipmi if user sets in console.method 2019-08-20 09:29:25 -04:00
Jarrod Johnson
051d79727b Fix sysvinit 
sysvinit lsb function is 'status_of_proc'
 2019-08-20 08:59:01 -04:00
Jarrod Johnson
4cdbc7807b Add thinkagile storage to discovery 
At least enumerate the ipv4 pieces.
 2019-08-19 16:37:14 -04:00
Jarrod Johnson
feecee82db Mitigate excessive open web sessions 
Back to back discovery testing would exhaust web slots.
Severely mitigate through being more aggressive about logging out.
 2019-08-19 10:44:47 -04:00
Jarrod Johnson
395c0d4697 Preserve IPMI state unless user wants otherwise 
ALso a draft of navigating a forced password change
in the midst of a pre-hashed password conversion.
 2019-08-16 16:33:57 -04:00
Jarrod Johnson
a963a8ca35 Handle forced password change and no IPMI for XCC 
XCC firmware will start mandating a password change before use.

Additionally, IPMI will be unavailable and will be needed for enabling SMM.

TODO:
-Discover USERID/TempW0rd42 nodes that weren't preconfigged

-Enable IPMI on non-SD530 if hardwaremanagement.method is not redfish.
 2019-08-15 16:40:15 -04:00
Jarrod Johnson
3f6e6d4c39 Support unavailable sensors in redfish 2019-08-08 15:02:26 -04:00
Jarrod Johnson
c3176ab86a Add blink and identify reporting to redfish 2019-08-05 16:22:50 -04:00
Jarrod Johnson
4dab5fc527 Adapt to RHEL or Debian openssl config locations 2019-08-05 16:16:42 -04:00
Jarrod Johnson
8897842fc4 Fix SMM handler when None bmc 
This fixes a common scenario for using fe80 collection
 2019-07-26 13:50:59 -04:00
Jarrod Johnson
a251a538b0 Improve SMM discovery 
SMM discovery behavior has seemingly gotten more picky with time.
First switch to an IPMI-free if the user has custom password.  The
web based approach is much less problematic than SMM IPMI stack in
this context.

If user specifies they want to use default credentials, we have
no choice but to use IPMI.  Omit things and shuffle order of operations
to mitigate problems.  It isn't perfect, but it does work eventually.
 2019-07-26 09:25:19 -04:00
Jarrod Johnson
480a747dcf Merge branch 'master' of github.com:jjohnson42/confluent 2019-07-25 13:10:08 -04:00
Jarrod Johnson
af025f7304 Present log name when provided in nodeeventlog 
Some managers combine logs, allow disambiguation through including in output.
 2019-07-25 13:09:52 -04:00
Jarrod Johnson
21edd82177 Extend generic catches in redfish/ipmi 
Have it provide more detailed error data at
a glance to short out some debug requirements.
 2019-07-25 09:28:55 -04:00
Jarrod Johnson
8641885f86 Fix handling of socket error with neighbor 
If a system is half up, a different sort of timeout is given.
Handle this and also preserve the original exception better
if not one of these two.
 2019-07-25 08:52:47 -04:00
Jarrod Johnson
46e2f53018 Always use GCM on encrypt 
Continue to support read using the old scheme, but even when
an integrity key is available, only use it to aid in decrypting
classic format, and always write in new format.
 2019-07-17 08:51:06 -04:00
Jarrod Johnson
cf51928b3d Implement GCM and close gap in the HMAC 
When generating key material from scratch, skip HMAC and
activate GCM mode.

When using existing CBC/HMAC keys, start covering the IV value
in the HMAC.  For compatibility, HMAC validity is checked with
and without IV.
 2019-07-16 18:32:23 -04:00
Jarrod Johnson
151ba2e567 Add error messages to nodeattrib clear 
nodeattrib -c was not reporting useful error information.
 2019-07-15 13:28:09 -04:00
Jarrod Johnson
bc87077397 Fix error handling and consistency in networking 
by-port specification was inconsistent and unhelpful in error between macmap and lldp.
 2019-07-15 11:07:59 -04:00
Jarrod Johnson
19c2963cf9 Fix reassign with SMM 
SMM validation assumes an earlier connection, fix so that it will accept the certificate
if no certificate expected yet.
 2019-07-11 15:55:20 -04:00
Jarrod Johnson
6ad1ce4df5 Back off concurrent retrieval. 
Some BMCs are incapable of handling concurrent requests.
This is a blow particularly to high latency management given
Redfish's tendency to require a lot of resource fetches, but
we don't have a particularly discoverable strategy for knowing
in advance whether an implementation is up for some optimization.
 2019-07-11 11:41:42 -04:00