2
0
mirror of https://github.com/xcat2/confluent.git synced 2025-01-17 21:23:18 +00:00

2173 Commits

Author SHA1 Message Date
Jarrod Johnson
75f020f53c Have apiarmed continuous be properly respected for shared secret
Remote media was erroneously being invalidated, despite user opting
out of the strict security.
2023-01-19 14:54:18 -05:00
Jarrod Johnson
01f939b871 Have SuSE path also not be bothered by inability to restart web service 2023-01-18 08:50:30 -05:00
Jarrod Johnson
1f23750356 Add affluent detection to confluent
Affluent agent will now have an SSDP
response.  Add support for at
least recognizing and presenting
this in the discovery data.
2023-01-17 15:11:12 -05:00
Jarrod Johnson
d1265af828 Handle more errors
subprocess may throw other errors that aren't calledprocesserrors,
in newer python versions.  Handle the case more broadly.
2023-01-17 10:04:10 -05:00
Jarrod Johnson
51e53405d8 Add attributes for profiles to report state
Profiles may want to report things
like success and error
2023-01-13 12:54:21 -05:00
Jarrod Johnson
7f31ae5b57 Fix syntax error 2023-01-13 11:15:51 -05:00
Jarrod Johnson
a09e1a3f8b Handle IPv6 not set on IPMI nodes 2023-01-13 11:07:13 -05:00
Jarrod Johnson
bc452b9b9a Restore role-less group
If a group is missing a role,
coerce it to administrator
2023-01-13 10:01:52 -05:00
Jarrod Johnson
453d1f9ceb Add IPv6 configuration support
For redfish and IPMI devices,
support new IPv6 static configuration
controls
2023-01-13 10:01:28 -05:00
Jarrod Johnson
feed125c86 Fix restoration of old confluent db
Old confluent DB may have None in role. This is no longer
allowed.  Restore such entries by coercing them to 'Administrator'
which is how old confluent treated such users.
2023-01-12 08:38:55 -05:00
Jarrod Johnson
0e18a0c141 Fix routed nodeconfig in nodediscover 2023-01-09 08:55:46 -05:00
Jarrod Johnson
57b6d8677b Fix syncfiles compatibility with IPv6 2023-01-06 09:33:06 -05:00
Jarrod Johnson
130fce0320 Prevent bulk renames from stomping on itself
If multiple things try to renam to the same thing, block the action.
2022-12-15 15:42:10 -05:00
Jarrod Johnson
367854128a Several fixes for imgutil
imgutil had a number of issues
contending with a distribution-less
image being packed/unpacked.
2022-12-14 16:51:39 -05:00
Jarrod Johnson
adbf96f23f Use bytearray in PXE processing
Python 2 and 3 are inconsistent
with how they treat memoryview,
but they are consistent on bytearray
treatment

Since rqv is merely a cheaply sliceable view of rq, use rq directly
for functions where the difference
between 2 and 3 would matter.
2022-12-02 11:24:00 -05:00
Jarrod Johnson
58a4c22aa2 Allow custom privilege levels through messages layer
If a user has created custom roles, designate custom. as
a prefix to indicate they really
mean what they say
2022-11-30 11:40:36 -05:00
Jarrod Johnson
57d01ddcaa Base all web forwarding from 3901
This makes the web forwarding more predictable for
firewall rules
2022-11-28 15:17:59 -05:00
Jarrod Johnson
05bbd8f63a Further refine pxe logging and fix external DHCP pxe 2022-11-22 11:08:45 -05:00
Jarrod Johnson
bb54ca0f8f Fix mistake caused by erant paste 2022-11-22 09:31:39 -05:00
Jarrod Johnson
2c7b58d47a Put brakes on configuration if no gateway and target is remote
This configuration would certainly destroy remote connectivity.
2022-11-22 09:24:18 -05:00
Jarrod Johnson
7341164f36 Have pure proxyDHCP trigger discovery and logs
For users that fully delegate core DHCP, provide discovery and
logging for PXE as it comes in.
2022-11-22 09:09:21 -05:00
Jarrod Johnson
626aca0691 Implement proxyDHCP remote operation
Provide means to function if we are
only the proxyDHCP service, delegated
from DHCP server.
2022-11-21 13:26:37 -05:00
Jarrod Johnson
132e40cdcb Fix syntax mistak in attribute update 2022-11-21 10:18:58 -05:00
Jarrod Johnson
90a8d80b45 Rework trusted networks to attribute
This allows  more flexibility and less oddity with how remote subnets are treated.
2022-11-21 09:57:27 -05:00
Jarrod Johnson
963b35cd32 More aggressive timeout redfish checking
To make scans go faster, be more aggressive in
giving up on non-responsive targets.
2022-11-18 14:24:58 -05:00
Jarrod Johnson
9837ad7932 Add multi-address registration
This enables scanning a range or subnet
2022-11-18 14:14:31 -05:00
Jarrod Johnson
cee3943e4d If node was found by key lookup, skip the sysdisco attempt 2022-11-14 15:26:52 -05:00
Jarrod Johnson
03e632b630 Add register to nodediscover command
This connects the remote registration
api to the usual CLI usage
2022-11-14 09:42:59 -05:00
Jarrod Johnson
6a9024d87e Fix bad/unsupported targets in registration 2022-11-11 15:00:59 -05:00
Jarrod Johnson
9fa8a7124e Pull the typical XCC scanning to remote registration path 2022-11-11 14:33:54 -05:00
Jarrod Johnson
c6079a1ee6 Add ability to register remote systems in discovery
To start with, support Lenovo XCC systems
2022-11-11 12:16:41 -05:00
Jarrod Johnson
35abe0b9ad Fix IPv6 address support in geist plugin 2022-11-09 15:11:25 -05:00
Jarrod Johnson
578b05604b Reject fe80:: as always not same
For our purposes, this same-subnet check doesn't
apply to link-local
2022-11-07 13:50:45 -05:00
Jarrod Johnson
bd416f5000 Fix ipv4-free configuration in netutil 2022-11-03 14:43:49 -04:00
Jarrod Johnson
ca1f459364 Add remote scan to autosense startup 2022-11-03 13:59:14 -04:00
Jarrod Johnson
7e02987a8c Extend rescan to cover remote switches 2022-11-03 13:31:57 -04:00
Jarrod Johnson
327a45ef33 WIP toward rescan hitting the renotify on subscripbed switches 2022-11-03 10:49:58 -04:00
Jarrod Johnson
f1a0d22fe5 Fix subscription handling for the discovery api 2022-11-03 09:58:57 -04:00
Jarrod Johnson
1e78f11c2b Fix nodediscover CLI for subscribe/unsubscribe 2022-11-03 09:38:39 -04:00
Jarrod Johnson
7561b68b57 Rework subscriptions API
It's clear that the service will need
to explicitly track subscriptions
to enable rescan, for example,
and thus might as well restructure
the API around this information.
2022-11-03 09:21:15 -04:00
Jarrod Johnson
eec20a6457 Rename discovery remote to subscription
This will implement a consistent vocabulary
2022-11-01 13:51:54 -04:00
Jarrod Johnson
4802c52854 If attempt to auto-restart service, reduce severity of result
Provide feedback as a warning rather than aborting the command entirely
2022-11-01 10:05:24 -04:00
Jarrod Johnson
817038c6cf Specify the valid values for apiarmed
Further, add more warning text around apiarmed, as it is a serious security
decision to take on continuous.
2022-11-01 08:37:03 -04:00
Jarrod Johnson
e0feb104ff Add facilities to subscribe/unsubscribe from discovery agents
This connects the new affluent discovery facility
to local discovery view.
2022-10-28 16:58:30 -04:00
Jarrod Johnson
d534f29c57 Implement fastpath for delegated discovery
When an enlisted discovery agent
notifies, skip slow searches and use
the agents information directly.
2022-10-27 15:42:58 -04:00
Jarrod Johnson
f6d8294e83 Check IP viability before commencing configuration
This avoids a pointless partial configuration from proceeding.
2022-10-27 15:41:13 -04:00
Jarrod Johnson
6c806c8171 Fix tentative path for real path 2022-10-27 10:03:18 -04:00
Jarrod Johnson
8bf067cac8 Fix issues in the auth nets logic 2022-10-25 12:52:22 -04:00
Jarrod Johnson
0d2a1b856b Fixes for the auth_nets configuration 2022-10-25 12:35:18 -04:00
Jarrod Johnson
4864d6abb0 Add mechanism to extend authentication to remote networks
This allows user to designate certain networks to be treated as
if they were local.

This enables the initial token grant to be allowed to a remote network.

This still requires that the api be armed (which should generally be a narrow window of
opportunity) and that the
request be privileged, it
just allows remote networks to be
elevated to be as trusted as local.
2022-10-25 11:26:44 -04:00