erderial
9bb402a1b8
Update confluent_selfcheck
2023-04-03 10:27:07 +03:00
erderial
13d4c57ee2
changes done as per request
2023-03-31 19:32:43 +03:00
erderial
88c47c9254
added functionality to check for net.*switch
...
added functionality to check for net.*switch
2023-03-31 16:43:15 +03:00
Jarrod Johnson
baa365fcac
Implement non-voting collective members
...
Provide for applications
where only a small subset of collective
members should be
considered to count
toward whether the collective
can proceed.
Commonly, 'service' nodes may
be numerous to do work, but may all want to go offline
during a maintenance window.
2023-03-06 11:56:15 -05:00
Jarrod Johnson
5ea214a726
Use eventlet subprocess
...
sshutil uses eventlet subprocess,
making calledprocesserror
hard to catch.
Adjust to consistently use same
subprocesss module.
2023-02-22 16:34:13 -05:00
Jarrod Johnson
fcde113e08
Add a check of dns.domain to selfcheck for node
2023-02-08 14:45:16 -05:00
Jarrod Johnson
1777223232
Fixes for osdeploy arm ipxe init
2023-01-27 08:40:31 -05:00
Jarrod Johnson
648290ffbc
Begin implementing aarch64 deploy support
2023-01-27 08:00:38 -05:00
Jarrod Johnson
01f939b871
Have SuSE path also not be bothered by inability to restart web service
2023-01-18 08:50:30 -05:00
Jarrod Johnson
d1265af828
Handle more errors
...
subprocess may throw other errors that aren't calledprocesserrors,
in newer python versions. Handle the case more broadly.
2023-01-17 10:04:10 -05:00
Jarrod Johnson
4802c52854
If attempt to auto-restart service, reduce severity of result
...
Provide feedback as a warning rather than aborting the command entirely
2022-11-01 10:05:24 -04:00
Jarrod Johnson
c612129d64
Have syncfiles attempt to use client ip, if feasible
...
When a node installs, it may not have it's node mapped address up,
or may not have one at all. Try to use the ip if it would be in the
same set that produced it's ssh certificate.
There remains a gap if a system has no static addressing *and* doesn't
map nodename to IP, but we have an impasse as the situation is too fuzzy
to grant a prinicpal in an SSH cert, and without that we can't securely
attempt rsync. For now, this scenario would still fail and I will
just hope that doesn't come up.
2022-10-05 08:31:37 -04:00
Jarrod Johnson
75484db014
Fix macok incorrect value on finding the mac
2022-10-03 10:33:21 -04:00
Jarrod Johnson
763b157802
Fix syntax error
2022-09-30 12:36:12 -04:00
Jarrod Johnson
6e803e9fca
Add insecure protocol check
2022-09-30 12:22:39 -04:00
Jarrod Johnson
9ecd3e3ac7
Add API check
...
Particularly SELinux is a frequently missed configuration
facet, alert when the selinux is blocking.
2022-09-30 12:17:31 -04:00
Jarrod Johnson
c647dec069
Add message on successful node attribute run
2022-09-29 15:45:07 -04:00
Jarrod Johnson
903de26dd8
Add node attribute checks to selfcheck
2022-09-29 15:27:12 -04:00
Jarrod Johnson
cf000d6872
Add node name resolution check
...
A common scenario for closed networks
is a misconfigured DNS situation.
Detect and report, as this can wreak havoc on a confluent instance.
2022-09-29 09:57:43 -04:00
Jarrod Johnson
1c811dbf3e
Fix python path automatically in confluent_selfcheck
2022-09-02 10:11:12 -04:00
Jarrod Johnson
503746131c
Add selfcheck to packaging
2022-09-02 09:53:06 -04:00
Jarrod Johnson
a0037a305c
Add confluent_selfcheck to server package
2022-09-02 09:44:13 -04:00
Jarrod Johnson
908e51221c
Correct minor formatting mistake in warning
2022-08-29 12:22:14 -04:00
Jarrod Johnson
570611f22b
Have osdeploy initialize skip SSH regen
...
When generating new key materials, most people say 'yes' and cause problems
where they cycle valid keys without
realizing the significance.
Replace prompting with an emphasized warning instead.
2022-08-29 11:10:45 -04:00
Jarrod Johnson
352da94005
Implement rebase feature ofr osdeploy
...
Permit user to opt into a rebase of a
profile, to pick up potential updates
from the confluent packaged stock
profiles for files the user has not yet
customized.
2022-08-25 15:21:49 -04:00
Jarrod Johnson
db5c31030d
Migrate DB on start
...
If python2 db format detected, use python2 to
dump to text, then python3 to restore to
get the python3 native version
2022-06-09 16:23:35 -04:00
Jarrod Johnson
6f484aab53
Allow restore to replace unsupported format
...
Going from python 2 to python 3, the dbm format
goes from the default to unsupported.
This allows a python3 confluentdbutil restore to handle
a python2 dump of unsupported format.
2022-06-09 15:49:06 -04:00
Jarrod Johnson
a3cce144bc
Extend manager principals for ssh
...
When doing osdeploy initialize -l (not recommended usually),
add on more forms of the name and ip addresses
to be consistent with node ssh behavior.
2022-05-24 07:24:56 -04:00
Jarrod Johnson
8ef91c16c0
Do not let an existing /var/lib/confluent block the requisite chown
2022-04-05 09:35:05 -04:00
Jarrod Johnson
21bfc29a89
Make more clear the default behavior when prompting
2022-03-24 11:18:37 -04:00
Jarrod Johnson
fdd3ec4233
Fix check for confluent service having started
...
Give confluent full chance to set things up prior
to proceeding.
2022-03-16 10:28:44 -04:00
Jarrod Johnson
15e7e4464e
Keep known_hosts cleaner
...
When repeating osdeploy initialize
of local known_hosts, more
gracefeully avoid duplicate entries.
2022-03-02 16:04:01 -05:00
Jarrod Johnson
b809514ef9
Fix osdeploy initialize dependency on master key
...
Make sure confluent has made /etc/confluent, and further always initialize the
encryption key, as it will almost certainly
be needed and easiest to just always
generate on first startup.
2022-02-08 16:40:41 -05:00
Jarrod Johnson
b1032d8c4c
Specify write mode for confluent_uuid file
2022-02-08 12:31:04 -05:00
Jarrod Johnson
6e03f6ee0a
Correct syntax typo
2022-02-08 10:49:42 -05:00
Jarrod Johnson
358b719cec
Implement deployment binding for new installs
...
When doing osdeploy initialize,
save the uuid and have deployment
targets specifically pair back with site via
uuid.
2022-02-08 10:41:27 -05:00
Jarrod Johnson
2d13921d54
Amend deployment initialize for consistent ownership
...
Depending on the options selected/not selected, the
/var/lib/confluent directory may have been initialized
incorrectly. Have all the potential paths begin with
ensuring /var/lib/confluent is correct, and then
use seteuid consistently to take care of the rest.
2022-01-14 15:08:19 -05:00
Jarrod Johnson
8b95e8f507
Improve osdeploy import error handling
...
Before, conditions that were unexpected
would result in hangs. Now
transition to and report error state.
2022-01-14 09:23:54 -05:00
Jarrod Johnson
d47b088753
Fix mistake in error output
2021-12-22 23:29:21 -05:00
Jarrod Johnson
faa20660ed
Assure confluent myname file is owned correctly
...
A lot of osdeploy initialize (which runs as root)
may induce creation of 'myname' file. Fix by
becoming confluent user, if applicable.
2021-12-14 07:24:47 -05:00
Jarrod Johnson
42f766d5f4
Fix osdeploy initialize when only ssh or tls is done
...
ssh is technically opt-in, though strongly recommended, so
osdeploy should cope with that.
TLS is pretty much required, but perhaps not done immediately,
so it gets similar treatmennt.
2021-12-02 11:38:18 -05:00
Jarrod Johnson
a9bd31a9c4
Provide error when makedirs fails in genesis
2021-10-23 13:08:14 -04:00
Jarrod Johnson
2073926256
Improve ctrl-c and other behaviors of osdeploy import
...
More reliably delete an import attempt to avoid odd behaviors.
2021-05-27 16:10:06 -04:00
Jarrod Johnson
8404ddf3a2
Fix import of sortutil
2021-04-06 10:43:37 -04:00
Jarrod Johnson
872a13589c
Sort collective members
...
Improve consistency of output by sorting the output.
2021-04-06 09:35:34 -04:00
Jarrod Johnson
8ab35b11cd
Add -a notation about syncfiles relevance
2021-03-24 16:01:48 -04:00
Jarrod Johnson
7c5dd85e74
Copy in ansible to genesis profiles
...
Make it clearer that there could be ansible support in genesis
2021-03-19 13:09:21 -04:00
Jarrod Johnson
a26624a614
Use ssh-agent to store keys
...
Also add the 'automation' key for ansible to
take advantage of.
2021-03-10 15:41:01 -05:00
Jarrod Johnson
0ff9d5dc7e
Merge branch 'master' into passfilehandle
2021-03-01 10:32:39 -05:00
Jarrod Johnson
f176ebe4c2
Fix typo in confluentdbutil
...
The restore function would fail
to chown directories due to typo
2021-03-01 10:31:28 -05:00