xCAT/confluent
2
0
Fork 0
mirror of https://github.com/xcat2/confluent.git synced 2025-01-21 23:23:40 +00:00
Code Issues Projects Releases Wiki Activity
2,367 Commits 39 Branches 65 Tags
Commit Graph

2367 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jarrod Johnson
b789252c9c Merge branch 'master' into osdeploy 2020-03-11 14:00:52 -04:00
Jarrod Johnson
a413f321fe Fix console loss on server exit 
Catch the new exception that
was used to make other commands
exit cleaner.
 2020-03-11 13:58:37 -04:00
Jarrod Johnson
d38b06224c Merge branch 'master' into osdeploy 2020-03-11 09:30:18 -04:00
Jarrod Johnson
f2bd796c2a Further clean up license error handling 
Backup of nodelicense was not
consistently checked between
redfish and ipmi plugins.
 2020-03-11 09:29:41 -04:00
Jarrod Johnson
bf31c4872f Fix mistake in nodelicense save 
It was incorrectly presenting unrecognized error infomation.
 2020-03-11 09:22:16 -04:00
Jarrod Johnson
9ea9188fdf Get closer to replying to PXE 
Monitor and maintain a uuid and
mac map to node in preparation for
efficient handling of
DISCOVERs/REQUESTS from
ONIE and/or PXE.
 2020-03-10 11:16:59 -04:00
Jarrod Johnson
597393842a Add transaction ID to the carried information 
The ability to extend an OFFER requires that we also keep track
of the transaction id.
 2020-03-09 15:30:26 -04:00
Jarrod Johnson
b9fc9b3c19 Put the recvmsg info into the handler payload 
This allows the rest of the discovery infrastructure to operate
with this data.
 2020-03-09 15:14:05 -04:00
Jarrod Johnson
49b8e12a01 Update TODO 
We have now done IP_PKTINFO, but there is a potential TODO
if wanting to properly honor unicast request.

For now, will just do always-broadcast as the options to do unicast
are more complex to do (either construct the packets or inject neigh
entry manually)
 2020-03-09 15:05:19 -04:00
Jarrod Johnson
f20fb70336 Have the peer and target info on DHCP receive 
This has the data that will be handy in formulating a reply.
 2020-03-09 14:39:53 -04:00
Jarrod Johnson
934f8f0f20 Use recvmsg for PXE 
Switch to recvmsg in preparation for getting more
data for forming replies.
 2020-03-09 11:25:38 -04:00
Jarrod Johnson
945b8f2b4a Rename to reflect more function than CA 2020-03-09 08:52:29 -04:00
Jarrod Johnson
82921fb53d Add function to sign SSH key 
This will enable the known_hosts
to work.

shosts.equiv and sshd and ssh client
config will be handled elsewhere.
shosts.equiv will just be everything.
 2020-03-06 16:55:06 -05:00
Jarrod Johnson
59a0b00208 Flesh out the SSH code more 
Notably add user key management
and start poking things in
/var/lib/confluent
 2020-03-06 16:17:53 -05:00
Jarrod Johnson
34f2f6e359 Add a sample for doing SSH CA 
This will explore the concept for the
backend of the get certificate api.
 2020-03-06 13:43:54 -05:00
Jarrod Johnson
7fe47baab3 Fix another python 3 expectation 
python3 needs this stringified from socket that
provides bytes.
 2020-03-02 16:42:42 -05:00
Jarrod Johnson
3c1453c16b Actually use the de-lla address 
After removing the %, actually use the trimmed address.
 2020-03-02 16:23:18 -05:00
Jarrod Johnson
4529924cce Fix credserver python3 and LLA support 
Both client and server had an issue with LLA, along with the
usual python3-isms.
 2020-03-02 16:06:07 -05:00
Jarrod Johnson
97ddd59dbd Merge branch 'osdeploy' of github.com:jjohnson42/confluent into osdeploy 2020-03-02 14:55:11 -05:00
Jarrod Johnson
b7b2522f6b Fix python3 compatibility of ssdp 
The ssdp module in osdeploy was not reacting
adequately to copernicus.  fix the assumptions about bytes
versus str.
 2020-03-02 14:54:23 -05:00
Jarrod Johnson
bd0e187525 Merge branch 'master' into osdeploy 2020-03-02 13:15:22 -05:00
Jarrod Johnson
634e5a8944 Update gitignore 2020-03-02 13:15:09 -05:00
Jarrod Johnson
455b637c48 Merge branch 'master' into osdeploy 2020-03-02 11:30:30 -05:00
Jarrod Johnson
67e3530d16 Add group count to collate 
Feature request to offer the
ability to count output groups
rather than actually show output
groups.
 2020-03-02 11:29:28 -05:00
Jarrod Johnson
e257d526c3 Have ip_on_same_subnet normalize ::ffff: addresses 
This will cause the ips to count as equivalent rather than giving up
on them.
 2020-02-27 17:03:12 -05:00
Jarrod Johnson
a066f061c7 Remove IPv6 portion of IPv4 address 
If it is presented as an IPv6 compatible IPv4 address,
make it a normal IP address.
 2020-02-27 16:59:32 -05:00
Jarrod Johnson
29b4045817 Omit TRANS.TBL files from osimport 
Avoid clutter of TRANS.TBL files while importing an ISO
 2020-02-27 16:36:47 -05:00
Jarrod Johnson
f798239f90 Switch to using the standard confluent port for credserver 
Also add a check and only accept API arming
requests from local ips
 2020-02-27 16:36:16 -05:00
Jarrod Johnson
f955086cc3 Create an alternative api.armed behavior 
Move from a clock based expiration to a simpler 'once' versus
'continous' model.  'once' is intended to be used generally, 'continuous'
for stateless without benefit of TPM.  The goal would be to use TPM
to seal a key to avoid continuous.
 2020-02-27 13:33:05 -05:00
Jarrod Johnson
cd20a23626 Merge branch 'master' into osdeploy 2020-02-27 07:20:20 -05:00
Jarrod Johnson
3c26beda1d Fix loss of web connectivity during XCC discovery 
The password policy was incorrectly logging out in the
middle of the flow when a forced password change occurred.
Fix by externally managing the web session.
 2020-02-26 10:00:10 -05:00
Jarrod Johnson
54be209f4e Merge branch 'nodesearch' into osdeploy 2020-02-24 16:26:07 -05:00
Jarrod Johnson
114324f513 Add CA to self signed cert constraints 
Some applications require this be set for it to work
as an enrolled certificate.  Notably UEFI
requires this.
 2020-02-24 15:34:55 -05:00
Jarrod Johnson
d2de4ffa14 Fix single file OS image osimport 2020-02-21 14:25:18 -05:00
Jarrod Johnson
d4483bb59f Polish up the osimport concept more 2020-02-21 14:18:15 -05:00
Jarrod Johnson
90bec92d1f Fix python3 for os import 
Need to be explicit about binary data with python 3.
 2020-02-21 09:34:49 -05:00
Jarrod Johnson
4b3541e21d Suppress libarchive logging 
libarchive ffi goes crazy logging at *import* time.  Pre-empt
use of the logging with a null handler prior to import.
 2020-02-21 08:46:42 -05:00
Jarrod Johnson
737e7a440f Add a prototype for imageimporter 
This is a sample of fingerprinting, covering rhel/centos 7/8
and suse enterprise 12/15 and cumulus.

Mainly to run the gamut of detection schemes.

The schemes are for iso images, try to be very careful and adaptive.

Otherwise, go for a quick sum to see if we have a shot and a long checksum to confirm.
 2020-02-20 23:24:42 -05:00
Jarrod Johnson
24874bb4be Merge branch 'master' into nodesearch 2020-02-20 20:37:23 -05:00
Jarrod Johnson
e2d0e49fc7 Add HTTP boot architecture to pxe 
This paves the way for future response to HTTP boot
 2020-02-20 20:36:36 -05:00
Jarrod Johnson
da5a34c2e4 Fix wheezy builds 2020-02-20 08:05:21 -05:00
Jarrod Johnson
3629cb8ee7 Fix spelling of cumulus 2020-02-19 16:53:35 -05:00
Jarrod Johnson
8233e0a5bd Merge branch 'master' of github.com:jjohnson42/confluent 2020-02-19 16:26:48 -05:00
Jarrod Johnson
eae7b3bd80 Add discovery snoop for Cumulus ZTP 
When a cumulus switch does ZTP, detect
in the discovery facility.
 2020-02-19 16:26:33 -05:00
Jarrod Johnson
868367e052 Add sensing of ONIE switches 
Have nodediscover show detected
ONIE install devices.
 2020-02-19 15:20:45 -05:00
Jarrod Johnson
6289cfaac4 Fix nodeboot when used with -m 
nodeboot was erroneously using sys.argv rather
than the processed args from optionparser.
 2020-02-19 14:36:10 -05:00
Jarrod Johnson
f6d4fef5e6 Improve error message for collective 
When trying to not run as root, give a
better error message explaining the
situation more clearly.
 2020-02-18 16:16:40 -05:00
Jarrod Johnson
b1b7ec4d50 Add affluent plugin 
Implementing Cumulus NOS
support through an agent called
'affluent'.
 2020-02-18 14:23:57 -05:00
Jarrod Johnson
c0cd6de4f7 Remove PrivateDevices from unit file 
PrivateDevices breaks pam_unix, for some reason.  Remove this
protection.  We still have DevicePolicy closed and running as non-root,
so this should still be relatively safe.i
 2020-02-13 11:42:21 -05:00
Jarrod Johnson
4437e81e04 Leverage unix_chkpwd 
If doing PAM authentication, we
can setuid to the target user and then
pam_unix will use unix_chkpwd on
our behalf.

Problems with this working in the lab
was resolved by a yum reinstall pam,
so it was presumably due to messed up
setcap or similar experiments.
 2020-02-13 10:37:15 -05:00