xCAT/confluent
2
0
Fork 0
mirror of https://github.com/xcat2/confluent.git synced 2024-11-22 17:43:14 +00:00
Code Issues Projects Releases Wiki Activity
3,144 Commits 39 Branches 63 Tags 18 MiB
95466392f9
Commit Graph

1647 Commits

Author SHA1 Message Date
Jarrod Johnson
95466392f9 Fix typo in confluentdbutil 
The restore function would fail
to chown directories due to typo
 2021-03-01 10:32:13 -05:00
Jarrod Johnson
b3857f8d33 Fix chained discovery of DWC SMMv2 
SMMv2 for DWC has more ports. Make the code
not care about which port is which for checking
for matching smm fingerprints.
 2021-03-01 10:32:05 -05:00
Jarrod Johnson
7eb06f2722 Improve concurrency of SLP 
During a scan, unicast TCP
interrogation of candidates
was done serially. Do this
concurrently so that poorly
behaving targets do not prolong
a scan.
 2021-02-26 13:31:07 -05:00
Jarrod Johnson
a2f5b11185 Add Usb to nodesetboot 
Particularly for redfish, this is a more specific target
 2021-02-01 08:43:47 -05:00
Jarrod Johnson
6458eac93b Tolerate multiple forms of 'stringy' 
The fromstring needs to accept either, so
amend it to do so.
 2021-01-22 12:43:15 -05:00
Jarrod Johnson
8df15b3a54 Tolerate different SR635/SR655 response 
Some SR635/SR655 behave differently.  Adjust by adapting as possible,
but never making an assumption about data being present.
 2021-01-22 10:30:19 -05:00
Jarrod Johnson
c8e1efecdb Mitigate XML parse risks 
The intended xml never has !entity tags and
thus we can reject any such XML outright and
avoid billion laughs and similar abuses.
 2021-01-21 17:46:21 -05:00
Jarrod Johnson
dba4c40f0e Fix collective join with empty config 
Collective join without a key set would fail on
first try.
 2021-01-21 11:19:13 -05:00
Jarrod Johnson
edc4804146 Discover larger SMMv2 based chassis 
SMMv2 can support 12 servers, so increase the limit.
 2021-01-20 09:08:56 -05:00
Jarrod Johnson
7cfdf11bf2 Fix collective name return 
It inadvertently would return None when
rereading from file.
 2021-01-19 17:34:28 -05:00
Jarrod Johnson
5736c41daa Add more data to discovery 
Some applications may
want to source more information
from systems to help
identify things, particularly with
partially preconfigured systems.
 2021-01-15 10:34:43 -05:00
Jarrod Johnson
ebf50359f0 Fix file descriptor leak by web forwarder 
It failed to close the two sockets when a socket was
done.
 2021-01-13 16:50:17 -05:00
Jarrod Johnson
a738b761b4 Fix XCC discovery with Whitley changes 2021-01-12 11:47:02 -05:00
Jarrod Johnson
d27ef81e32 Fix PXE handling of candidate managers 2021-01-11 13:33:26 -05:00
Jarrod Johnson
f5344fabaa Correct typo in new attribute text 2021-01-11 13:13:03 -05:00
Jarrod Johnson
fa1c2f5c1e Only offer deployment if a candidate manager 
If candidate managers are defined, and this node is not in
that set, ignore PXE and SSDP requests to opt out of
deployment.
 2021-01-08 16:32:41 -05:00
Jarrod Johnson
25c3f40559 Cache manager name 
Since the get_myname() may be called much much more
frequently now that it is in the deployment flow,
have it cache results to save a lot of disk I/O
 2021-01-08 16:30:51 -05:00
Jarrod Johnson
5812a0eef6 Have a rebalance shortly after becoming leader 
This will handle startup and takeover when the current leader dies.
 2021-01-08 16:15:11 -05:00
Jarrod Johnson
086ce9823b First phase of collective manager candidate implementation 
This implements recovery on loss of collective member to
the least loaded candidates for the node.
 2021-01-08 16:00:24 -05:00
Jarrod Johnson
2d6bdffebe Finalize the ssh.trustnodes facility 
This is the confluent approach to handling the same
problem that xCAT SSH Zones do.
 2021-01-08 14:05:37 -05:00
Jarrod Johnson
efdbeeae0d Fix SNMPv2 on non-cisco switches 
The cisco change was causing problems elsewhere.
 2021-01-08 09:16:40 -05:00
Jarrod Johnson
a2a1142f18 Draft implementation of ssh trust segmentation 
Have equiv optionally be restricted to a subset of nodes
so that node to node ssh may be enabled within subsets
without enabling across the board.

This is akin to 'zones' in xCAT, albeit a bit more flexible
and covering both users and administrative access.
 2021-01-06 11:52:43 -05:00
Jarrod Johnson
1ec5231ebe Do not reply to mismatched IP in confluent search 
If an OS queries for confluent, but will not have a viable address,
avoid replying to let more usable network paths prevail.

For example, one OS was coming up with 169.254 with no dhcp server,
and being told it could do well to talk to 172.29, which obviously
would not work.
 2021-01-05 15:17:23 -05:00
Jarrod Johnson
4768bc257a Handle API change for setting user name 
The web api now requires the word Administrator instead of
the number 4.
 2020-12-15 16:44:55 -05:00
Jarrod Johnson
b29e7bc94a Add new requirement in newer ESXi versions 
New ESXi versions use a new efi executable during
boot.
 2020-12-15 14:39:15 -05:00
Jarrod Johnson
04d63a269d Fix detection of CentOS 8.3 
They changed their package name to be consistent with
their focal shift.
 2020-12-15 12:59:48 -05:00
Jarrod Johnson
36f027ac71 Implement support for Cisco switches 
Cisco bridge mib requires to be instanced by vlan.
Detect through proprietary mibs and use it to
guide bridge mib walking.
 2020-12-15 10:46:14 -05:00
Jarrod Johnson
1238babe60 Notate future development requirements 2020-12-14 13:09:02 -05:00
Jarrod Johnson
f9a82bde00 Fix arch detection in CentOS stream 2020-12-14 10:42:52 -05:00
Jarrod Johnson
48c868e935 Detect architecture for CentOS stream 
CentOS stream changed the release rpm to be noarch.
 2020-12-14 10:23:05 -05:00
Jarrod Johnson
caf9115439 Fix CentOS stream support 2020-12-14 10:04:31 -05:00
Jarrod Johnson
8b11acbcf2 Recognize CentOS Stream 
Allow installation of CentOS stream as a profile.
 2020-12-14 09:47:56 -05:00
Jarrod Johnson
47f04c8462 Provide guidance if the user tries to use defaults 
Default username/password is no longer a
viable long term credentiol for XCC, have user
clearly be told to change and that they
shouldn't have to worry about the default
user and password.
 2020-12-11 10:37:00 -05:00
Jarrod Johnson
5b0e23b8d4 Provide better feedback on XCC security lockouts 
Rather than 'NoneType' error about grab_json_response,
provide actual recognizable feedback
 2020-12-11 10:21:21 -05:00
Jarrod Johnson
14d9284cc5 Fix older Oracle Linux 7 
Older OL has another release file thtat
was tripping the fingerprinting code.
 2020-12-10 13:48:51 -05:00
Jarrod Johnson
cd251fa5d6 Add support for OL7 and older other EL7 flavors 
Older EL7 didn't have platform-python in installer,
change to fallback to old /usr/bin/python if
needed.
 2020-12-10 10:54:30 -05:00
Jarrod Johnson
8d47395e53 Add fetch of '<script>.d' scripts 
This can be used by firstboot/post scripts to
get modularized scripts.
 2020-12-09 16:46:58 -05:00
Jarrod Johnson
87ef68e26a Add 'memory' console.logging 
If console.logging is not desired, but reconstituting the screen is,
provide 'memory' as a method to do that.

On slow disks this can significantly improve performance.
 2020-12-09 13:47:46 -05:00
Jarrod Johnson
55b97793fd Lower concurrency limit of ipmi actions 
IPMI actions can be a bit sensitive. Introduce some serialization
for improved robustness in liue of better parallelism.

The ideal would be to have 128 per core/process in the end, but for now,
a pool for 128 concurrent operations in flight at a time.
 2020-12-08 18:23:13 -05:00
Jarrod Johnson
99609aa669 Add Oracle Linux signature check to osimage 
Oracle Linux was being misidenntified as RHEL,
fix so that oracle linux is treated differently.
 2020-12-07 15:08:28 -05:00
Jarrod Johnson
ff7f5daac6 Parallelize and timeout ssdp queries 
Badly behaving 'desc.tmpl' servers exist in the world,
do not get tripped up or slowed down too much by
having aggressive timeout and making it parallel.
 2020-12-04 17:14:35 -05:00
Jarrod Johnson
2d58741f15 Fix PXE/HTTP boot UUID and Mac case sensitivity 
Like the SSDP code, PXE too had case sensitivity issues
 2020-12-04 12:42:14 -05:00
Jarrod Johnson
57b74d59af Force uuid to lowercase in uuid mapping 
Most of the codebase presumes lower case uuid, but
the uuid mapping was preserving whatever case the
attribute was in, making it case sensitive.

In the normal discovery process, this was filled in
as lower case. However if id.uuid is filled in manually
with uppercase, this broke the node lookup by uuid.
 2020-12-04 07:41:40 -05:00
Jarrod Johnson
014727d355 Label boot.img with profile name 
This allows for easier
search should an image want it
 2020-11-09 15:45:44 -05:00
Jarrod Johnson
dc262c366c Fix false positive in affluent detection 
Make sure we don't receive
a redirect or other
when asking for mac tables.
 2020-11-09 11:23:54 -05:00
Jarrod Johnson
8f99d87fda Reduce calls to update_neigh 
On a mostly stable system, update_neigh will
continue to drive a significant portion of
background activity. Mitigate to only call if
circumstances suggest a need, or once every
30 seconds.
 2020-11-09 09:00:57 -05:00
Jarrod Johnson
edaaa2393d Hook up apiclient to TPM2 persistence, when available 2020-11-06 16:38:05 -05:00
Jarrod Johnson
31c2c5f6f7 Fix errors in the TPM2 support 2020-11-06 13:38:37 -05:00
Jarrod Johnson
f7e7d05729 Add TPM2 support to node api key handling 
This is an optional capability that image payloads may use
to use the TPM2 to protect an apikey as an alternative to
arming a weak authentication invocation
 2020-11-06 10:00:36 -05:00
Jarrod Johnson
b4e6e7caa8 Check for some issues in a manual assign request 
One is to provide clear feedback when a nodename is requested
that was not previously defined, to make it more clear that
it is a requirement and/or guard against going too far while
the config function will be missing data it needs to complete
onboarding.

Another is to break if the request is trying to assign a node
to a different definition when it already exists under a different
name.
 2020-10-30 08:18:27 -04:00