Refresh getcsr and installcert to handle latest firmware.
Also add ability to have pre-existing CSR, and trust the SAN on the way through.
If this becomes more properly a feature, then would likely impose a SAN
on certs, similar to the SSH principals, rather than deferring to the CSR
to get it right.
Some firmware cannot tolerate a web session being
active during a rename. Make sure logout has been done, and
give a retry if needed to let the session close out after
logging out.
For one, when using confluent expressions, induce {} to be an error to
trigger an error for someone trying to xargs something.
Another is to add warnings when clear does something deliberately, but
is something that might surprise a user, steering them toward
what they possibly might want to do instead.
When doing pxe and the noderange of the candidate managers fails,
try again without validation in case the user omitted collective members
from nodelist, but still used ',' to enumerate them.
Reap ssh-agent to avoid stale agents lying around.
Remove nuisance warnings about virbr0 when present.
Do a full runthrough as the confluent user to ssh to a node when user
requests with '-a', marking known_hosts and automation key issues.
For relay agent options, preserve and echo back the option,
needed for certain environments.
Also, it turns out that for whatever reason on some platforms, iPXE's
proxyDHCP logic can't seem to get a reply. In this scenario,
provide the filename in the DHCP offer without waiting for proxyDHCP.
This change may be worth evaluating more broadly, but may carry risk of not working
right with unmanaged DHCP servers.
The code was comparing two string constants, instead of
a variable to a constant. Correct the problem to enable
the preflight checks to work as intended.
Add capability to fingerprint media without doing a full import (/deployment/fingerprinting/)
Add fetching the profile info as json under the /deployment/ api.
Prepare to support custom distribution name on import
Whether due to the management node or node IP addresses,
check if deployment can reasonably proceed using IPv4 or IPv6,
and give a warning with some suggestions to check.
Also, add nodeinventory <node> -s as an example resolution for missing
uuid.
This opens the door for normalized common sensors
for clients that care about the semantics but
cannot keep track of inconsistent sensor names from
implementation to implementation.
Unfortunately, apache can get a bit odd over how it
reports a non-viable open socket for keepalive, which
can happen in certain windows.
Disable the keepalive feature and take some performance penalty in
browsers for the sake of more consistent return behavior and
fewer idle greenthreads doing nothing.
