xCAT/confluent
2
0
Fork 0
mirror of https://github.com/xcat2/confluent.git synced 2025-08-29 06:18:15 +00:00
Code Issues Projects Releases Wiki Activity
4,398 Commits 39 Branches 72 Tags
830c9e171fa0ec70d2cd8882f8c129b08d506390
Commit Graph

19 Commits

Author SHA1 Message Date
Jarrod Johnson
2d13921d54 Amend deployment initialize for consistent ownership 
Depending on the options selected/not selected, the
/var/lib/confluent directory may have been initialized
incorrectly.  Have all the potential paths begin with
ensuring /var/lib/confluent is correct, and then
use seteuid consistently to take care of the rest.
 2022-01-14 15:08:19 -05:00
Jarrod Johnson
343e5eabe5 Utility function for running commands 
Given the python2/3 differences, good to have a single run
that returns stdout and stderr.

This should trigger the same behavior as timeout did, but
in a manner consistent between 2 and 3.
 2021-12-08 10:20:34 -05:00
Jarrod Johnson
40dea6a747 Support older python subprocess 
Older python did not provide timeout.  Keep the timeout
for the modern python that skips select without a timeout,
but try again without timeout to retain compatibility.
 2021-10-20 18:23:35 -04:00
Jarrod Johnson
deb5c2eed8 Fix potential delay in ssh-agent start 
Be consistent with other check_output
calls to allow eventlet to properly
background the process.
 2021-10-08 10:24:35 -04:00
Jarrod Johnson
5d20ee6cca Serialize ssh agent interaction 
Race conditions could occur when multiple
requests came in too close together.
 2021-09-23 09:40:10 -04:00
Jarrod Johnson
b8ddf149bd Skip newer agent behaviors with incompatible old ssh 
The previous attempt to support older ssh failed to completely
enact old behavior when needed.
 2021-06-04 13:40:39 -04:00
Jarrod Johnson
efd7f1de63 Conditionally apply agent to sshutil 
Older OSes (RHEL7/SLES12) cannot
do ssh-keygen with an agent.

Degrade to classic confluent behavior when that happens.
 2021-05-18 12:28:22 -04:00
Jarrod Johnson
35ef6170ba Implement syncfiles server side 2021-03-24 16:00:54 -04:00
Jarrod Johnson
e38dbc4470 Pull in the automation key into default profiles 2021-03-10 15:41:01 -05:00
Jarrod Johnson
a26624a614 Use ssh-agent to store keys 
Also add the 'automation' key for ansible to
take advantage of.
 2021-03-10 15:41:01 -05:00
Jarrod Johnson
e93c3241ed Provide for more hostnames 
This permits ssh infrastructure
to have multihomed nodes
handled more effeectively.
 2020-07-29 13:08:03 -04:00
Jarrod Johnson
4ecae144d9 Attempt to have both short and long names 
In ssh, long or short name may matter and user may use short
or long names as node names.

Try to make ssh equipped to be apathetic about the choice.
 2020-07-02 12:40:30 -04:00
Jarrod Johnson
4480d0418e Fix permissions of SSH CA key 
It was creating CA as root, which
blocked confluent functionality.
 2020-05-27 08:58:10 -04:00
Jarrod Johnson
987ac22b4e Fix permission issues with sshutil 
uid management was done incorrectly
 2020-05-22 18:13:00 -04:00
Jarrod Johnson
ba0d600bf7 Prepare osimage initialize 
Provide a helper for the various
setup steps required for
getting ready for OS deployment.
 2020-05-21 17:07:58 -04:00
Jarrod Johnson
eda645b792 Freshen up ssh and tls helpers 
TLS will now work from scratch

SSH user key management updated to final design
 2020-05-21 16:26:01 -04:00
Jarrod Johnson
16667ed41c Add SSH cert to self api 
This allows nodes to get a cert from
confluent.
 2020-04-16 13:11:05 -04:00
Jarrod Johnson
86a68bf7f9 Rework CA layout to file-per-CA 
Have the deployed system combine
into known_hosts.  This simplifies
potential contention.
 2020-04-16 10:08:27 -04:00
Jarrod Johnson
84988031a2 Move sshutil to a more practical place 
This makes the keysigning function available to the server.
 2020-04-16 09:49:30 -04:00