Jarrod Johnson
b3857f8d33
Fix chained discovery of DWC SMMv2
...
SMMv2 for DWC has more ports. Make the code
not care about which port is which for checking
for matching smm fingerprints.
2021-03-01 10:32:05 -05:00
Jarrod Johnson
7eb06f2722
Improve concurrency of SLP
...
During a scan, unicast TCP
interrogation of candidates
was done serially. Do this
concurrently so that poorly
behaving targets do not prolong
a scan.
2021-02-26 13:31:07 -05:00
Jarrod Johnson
a2f5b11185
Add Usb to nodesetboot
...
Particularly for redfish, this is a more specific target
2021-02-01 08:43:47 -05:00
Jarrod Johnson
6458eac93b
Tolerate multiple forms of 'stringy'
...
The fromstring needs to accept either, so
amend it to do so.
2021-01-22 12:43:15 -05:00
Jarrod Johnson
8df15b3a54
Tolerate different SR635/SR655 response
...
Some SR635/SR655 behave differently. Adjust by adapting as possible,
but never making an assumption about data being present.
2021-01-22 10:30:19 -05:00
Jarrod Johnson
c8e1efecdb
Mitigate XML parse risks
...
The intended xml never has !entity tags and
thus we can reject any such XML outright and
avoid billion laughs and similar abuses.
2021-01-21 17:46:21 -05:00
Jarrod Johnson
dba4c40f0e
Fix collective join with empty config
...
Collective join without a key set would fail on
first try.
2021-01-21 11:19:13 -05:00
Jarrod Johnson
edc4804146
Discover larger SMMv2 based chassis
...
SMMv2 can support 12 servers, so increase the limit.
2021-01-20 09:08:56 -05:00
Jarrod Johnson
7cfdf11bf2
Fix collective name return
...
It inadvertently would return None when
rereading from file.
2021-01-19 17:34:28 -05:00
Jarrod Johnson
5736c41daa
Add more data to discovery
...
Some applications may
want to source more information
from systems to help
identify things, particularly with
partially preconfigured systems.
2021-01-15 10:34:43 -05:00
Jarrod Johnson
ebf50359f0
Fix file descriptor leak by web forwarder
...
It failed to close the two sockets when a socket was
done.
2021-01-13 16:50:17 -05:00
Jarrod Johnson
a738b761b4
Fix XCC discovery with Whitley changes
2021-01-12 11:47:02 -05:00
Jarrod Johnson
d27ef81e32
Fix PXE handling of candidate managers
2021-01-11 13:33:26 -05:00
Jarrod Johnson
f5344fabaa
Correct typo in new attribute text
2021-01-11 13:13:03 -05:00
Jarrod Johnson
fa1c2f5c1e
Only offer deployment if a candidate manager
...
If candidate managers are defined, and this node is not in
that set, ignore PXE and SSDP requests to opt out of
deployment.
2021-01-08 16:32:41 -05:00
Jarrod Johnson
25c3f40559
Cache manager name
...
Since the get_myname() may be called much much more
frequently now that it is in the deployment flow,
have it cache results to save a lot of disk I/O
2021-01-08 16:30:51 -05:00
Jarrod Johnson
5812a0eef6
Have a rebalance shortly after becoming leader
...
This will handle startup and takeover when the current leader dies.
2021-01-08 16:15:11 -05:00
Jarrod Johnson
086ce9823b
First phase of collective manager candidate implementation
...
This implements recovery on loss of collective member to
the least loaded candidates for the node.
2021-01-08 16:00:24 -05:00
Jarrod Johnson
2d6bdffebe
Finalize the ssh.trustnodes facility
...
This is the confluent approach to handling the same
problem that xCAT SSH Zones do.
2021-01-08 14:05:37 -05:00
Jarrod Johnson
efdbeeae0d
Fix SNMPv2 on non-cisco switches
...
The cisco change was causing problems elsewhere.
2021-01-08 09:16:40 -05:00
Jarrod Johnson
a2a1142f18
Draft implementation of ssh trust segmentation
...
Have equiv optionally be restricted to a subset of nodes
so that node to node ssh may be enabled within subsets
without enabling across the board.
This is akin to 'zones' in xCAT, albeit a bit more flexible
and covering both users and administrative access.
2021-01-06 11:52:43 -05:00
Jarrod Johnson
1ec5231ebe
Do not reply to mismatched IP in confluent search
...
If an OS queries for confluent, but will not have a viable address,
avoid replying to let more usable network paths prevail.
For example, one OS was coming up with 169.254 with no dhcp server,
and being told it could do well to talk to 172.29, which obviously
would not work.
2021-01-05 15:17:23 -05:00
Jarrod Johnson
4768bc257a
Handle API change for setting user name
...
The web api now requires the word Administrator instead of
the number 4.
2020-12-15 16:44:55 -05:00
Jarrod Johnson
b29e7bc94a
Add new requirement in newer ESXi versions
...
New ESXi versions use a new efi executable during
boot.
2020-12-15 14:39:15 -05:00
Jarrod Johnson
04d63a269d
Fix detection of CentOS 8.3
...
They changed their package name to be consistent with
their focal shift.
2020-12-15 12:59:48 -05:00
Jarrod Johnson
36f027ac71
Implement support for Cisco switches
...
Cisco bridge mib requires to be instanced by vlan.
Detect through proprietary mibs and use it to
guide bridge mib walking.
2020-12-15 10:46:14 -05:00
Jarrod Johnson
1238babe60
Notate future development requirements
2020-12-14 13:09:02 -05:00
Jarrod Johnson
f9a82bde00
Fix arch detection in CentOS stream
2020-12-14 10:42:52 -05:00
Jarrod Johnson
48c868e935
Detect architecture for CentOS stream
...
CentOS stream changed the release rpm to be noarch.
2020-12-14 10:23:05 -05:00
Jarrod Johnson
caf9115439
Fix CentOS stream support
2020-12-14 10:04:31 -05:00
Jarrod Johnson
8b11acbcf2
Recognize CentOS Stream
...
Allow installation of CentOS stream as a profile.
2020-12-14 09:47:56 -05:00
Jarrod Johnson
47f04c8462
Provide guidance if the user tries to use defaults
...
Default username/password is no longer a
viable long term credentiol for XCC, have user
clearly be told to change and that they
shouldn't have to worry about the default
user and password.
2020-12-11 10:37:00 -05:00
Jarrod Johnson
5b0e23b8d4
Provide better feedback on XCC security lockouts
...
Rather than 'NoneType' error about grab_json_response,
provide actual recognizable feedback
2020-12-11 10:21:21 -05:00
Jarrod Johnson
14d9284cc5
Fix older Oracle Linux 7
...
Older OL has another release file thtat
was tripping the fingerprinting code.
2020-12-10 13:48:51 -05:00
Jarrod Johnson
cd251fa5d6
Add support for OL7 and older other EL7 flavors
...
Older EL7 didn't have platform-python in installer,
change to fallback to old /usr/bin/python if
needed.
2020-12-10 10:54:30 -05:00
Jarrod Johnson
8d47395e53
Add fetch of '<script>.d' scripts
...
This can be used by firstboot/post scripts to
get modularized scripts.
2020-12-09 16:46:58 -05:00
Jarrod Johnson
87ef68e26a
Add 'memory' console.logging
...
If console.logging is not desired, but reconstituting the screen is,
provide 'memory' as a method to do that.
On slow disks this can significantly improve performance.
2020-12-09 13:47:46 -05:00
Jarrod Johnson
55b97793fd
Lower concurrency limit of ipmi actions
...
IPMI actions can be a bit sensitive. Introduce some serialization
for improved robustness in liue of better parallelism.
The ideal would be to have 128 per core/process in the end, but for now,
a pool for 128 concurrent operations in flight at a time.
2020-12-08 18:23:13 -05:00
Jarrod Johnson
99609aa669
Add Oracle Linux signature check to osimage
...
Oracle Linux was being misidenntified as RHEL,
fix so that oracle linux is treated differently.
2020-12-07 15:08:28 -05:00
Jarrod Johnson
ff7f5daac6
Parallelize and timeout ssdp queries
...
Badly behaving 'desc.tmpl' servers exist in the world,
do not get tripped up or slowed down too much by
having aggressive timeout and making it parallel.
2020-12-04 17:14:35 -05:00
Jarrod Johnson
2d58741f15
Fix PXE/HTTP boot UUID and Mac case sensitivity
...
Like the SSDP code, PXE too had case sensitivity issues
2020-12-04 12:42:14 -05:00
Jarrod Johnson
57b74d59af
Force uuid to lowercase in uuid mapping
...
Most of the codebase presumes lower case uuid, but
the uuid mapping was preserving whatever case the
attribute was in, making it case sensitive.
In the normal discovery process, this was filled in
as lower case. However if id.uuid is filled in manually
with uppercase, this broke the node lookup by uuid.
2020-12-04 07:41:40 -05:00
Jarrod Johnson
014727d355
Label boot.img with profile name
...
This allows for easier
search should an image want it
2020-11-09 15:45:44 -05:00
Jarrod Johnson
dc262c366c
Fix false positive in affluent detection
...
Make sure we don't receive
a redirect or other
when asking for mac tables.
2020-11-09 11:23:54 -05:00
Jarrod Johnson
8f99d87fda
Reduce calls to update_neigh
...
On a mostly stable system, update_neigh will
continue to drive a significant portion of
background activity. Mitigate to only call if
circumstances suggest a need, or once every
30 seconds.
2020-11-09 09:00:57 -05:00
Jarrod Johnson
edaaa2393d
Hook up apiclient to TPM2 persistence, when available
2020-11-06 16:38:05 -05:00
Jarrod Johnson
31c2c5f6f7
Fix errors in the TPM2 support
2020-11-06 13:38:37 -05:00
Jarrod Johnson
f7e7d05729
Add TPM2 support to node api key handling
...
This is an optional capability that image payloads may use
to use the TPM2 to protect an apikey as an alternative to
arming a weak authentication invocation
2020-11-06 10:00:36 -05:00
Jarrod Johnson
b4e6e7caa8
Check for some issues in a manual assign request
...
One is to provide clear feedback when a nodename is requested
that was not previously defined, to make it more clear that
it is a requirement and/or guard against going too far while
the config function will be missing data it needs to complete
onboarding.
Another is to break if the request is trying to assign a node
to a different definition when it already exists under a different
name.
2020-10-30 08:18:27 -04:00
Jarrod Johnson
10ac1756f1
Do not clear the entire nodes lookup on remap
...
remap may only amend part of the map,
do not cause that to clear out the good data.
2020-10-29 15:49:31 -04:00