xCAT/confluent
2
0
Fork 0
mirror of https://github.com/xcat2/confluent.git synced 2025-01-15 04:07:51 +00:00
Code Issues Projects Releases Wiki Activity
3,766 Commits 39 Branches 64 Tags
Commit Graph

1799 Commits

Author SHA1 Message Date
Jarrod Johnson
3e21587f22 Update error text for redfish to cover completely unsupported redfish 
systems
 2021-08-26 08:58:02 -04:00
Jarrod Johnson
6bb6b362ab Provide support for merging multiple sources to single destination 2021-08-24 17:39:06 -04:00
Jarrod Johnson
0cfd18d84e Add a little main to experiment with neighutil 2021-08-24 17:18:10 -04:00
Jarrod Johnson
51a73737a7 Fix new neigh behavior 
It would sometimes miss a lookup.
 2021-08-24 17:15:56 -04:00
Jarrod Johnson
4f4d02d68f Refactor neighutil 
Stick to bytes in the expensive part, only convert to and from
presentation form on lookup need.

Convert all external calls to a unified lookup logic.
 2021-08-24 16:19:41 -04:00
Jarrod Johnson
797465b3eb Handle some intra-collective errors better 2021-08-24 15:50:03 -04:00
Jarrod Johnson
69b58836f6 Change to built in neigh fetch 
Rather than outsource, slowly,
to ip neigh for this frequent task,
call netlink directly.
 2021-08-24 11:54:33 -04:00
Jarrod Johnson
06cfd408fc Fix handling of abrupt client close 2021-08-24 07:57:14 -04:00
Jarrod Johnson
f855dda70f Sort list of distributions and profiles 
The default sort order of listdir
isn't particularly helpful to anyone.
 2021-08-18 15:40:58 -04:00
Jarrod Johnson
b07ca72a8b Close stray filehandles 
Proxied terminals and dispsatched
requests would leak filehandles.
 2021-08-17 17:18:10 -04:00
Jarrod Johnson
130e3adbc6 Add uuid fill-in for pxe when policy allows 
If permissive or open, and xcc is known, but uuid missing,
fill it in.

If open or pxe, and can know node through XCC fingerprint,
then accetp that as a clue.

Also, do not search ethernet switches when xcc cert helps identity.
 2021-08-12 14:17:57 -04:00
Jarrod Johnson
0f543c80e9 Add a more specific error if we have a guess about nodename 
If a manual add procedure has not
specified a mac or uuid, but
the discovery framework has a guess about it,
have that guess appear
in events with suggestion on
how to proceed.
 2021-08-12 13:07:57 -04:00
Jarrod Johnson
034eca3bb0 Refine PXE/HTTP log 
Add logs for ignored boot requests, suppress discovery warning for known uuids,
and generally throttle logging these to once per mac address per minute.
 2021-08-11 08:14:32 -04:00
Jarrod Johnson
2a0491ef0c Add ability to specify custom increment in [] 
Often, it's desired to target odd or even, provide custom increment/step syntax,
but only in the [] context.

Perhaps one day can add n1-n12:2 support, but for now, this is easier to handle.
 2021-08-09 11:19:07 -04:00
Jarrod Johnson
f9846cb564 Fix inability to delete a completed servicedata event 2021-08-05 08:31:13 -04:00
Jarrod Johnson
9bfdd20919 Add sanity check to confluent start 
Refuse to start if /etc/confluent is in bad shape that
may create issues later.
 2021-08-04 10:54:21 -04:00
Jarrod Johnson
b604ec4773 Fix detection of missing sync source 
Rather than just assume we want a directory when glob
finds no matches, just take the empty result.
 2021-08-02 11:33:08 -04:00
Jarrod Johnson
2219297afc Fix simple password support 
Simple password was broken during the MFA addition, restore
the most common authentication mechanism.
 2021-07-29 13:16:33 -04:00
Jarrod Johnson
08f226a3bf Recognize Ubuntu 20.04.2 2021-07-28 14:31:04 -04:00
Jarrod Johnson
54667570bd Create encrypted image and private profile data 
Prepare for securing os profile witht custom images
 2021-07-23 16:13:24 -04:00
Jarrod Johnson
29d0dd6678 Add missing profile content for cloning 2021-07-21 12:47:43 -04:00
Jarrod Johnson
db735a654d Aggregate vt buffer feeds 
If we start developing a backlog
of content to feed to the buffer manager,
aggregate updates to batch submit them more efficiently.
 2021-07-19 11:16:12 -04:00
Jarrod Johnson
a8b54ff434 Fix initial collective join 
Initial collective join combined
with the orderly collective startup
hit a chicken and egg problem.

Disable initting on first enrollment
to let enrollment drive
that specific initialization to
restore behavior.
 2021-07-19 10:25:35 -04:00
Jarrod Johnson
a953a6afba Provide clearer error when osdeploy initialize is not done 
osdeploy import needs to have things prepared by
osdeploy initialize.  Check for it having run and error if needed.
 2021-07-14 15:40:38 -04:00
Jarrod Johnson
430428eba2 Add missing dependencies to the confluent server package 2021-07-08 09:33:35 -04:00
Jarrod Johnson
ef1649208e Switch to using separate CA for TLS 
This allows regenerating TLS cert
without updating boot images.

For example, if ip address changes need a new cert, no
longer should the nodes need new certs to trust
just due to that.
 2021-06-30 14:25:46 -04:00
Jarrod Johnson
35b9635840 Clear armed API if current node token is used 
If a node is armed, but instead unseals the prior key from TPM,
implicitly clear the armed state to avoid leaving it armed.
 2021-06-28 13:30:09 -04:00
Jarrod Johnson
9c43dbff47 Rework MFA handling 
Avoid calling PAM in the parent process, as
this seems to cause problems with some PAM
configurations.
 2021-06-28 11:34:11 -04:00
Jarrod Johnson
f830514d10 Implement support for additional pam prompts 
For example, if PAM has OTP, then support it.
 2021-06-25 17:26:32 -04:00
Jarrod Johnson
b8c9e9c535 Begin work to support complex PAM conversations 
For example, TOTP setups need
more prompts, this will pass
the info to the client for the client to adjust.
 2021-06-23 16:31:42 -04:00
Jarrod Johnson
fc19ca4e36 Change to pythton-dnspython for dependency 
Multiple compatible packages exist that provide same name, accept
either.
 2021-06-23 08:37:00 -04:00
Jarrod Johnson
7122c17ce0 Remove pyte requirement 
We no longer use pyte, remove the requirement.
 2021-06-08 16:43:06 -04:00
Jarrod Johnson
bbe9bc3e06 Constrain plugin collections to flat by default 
When asking for a path that exceeds the plugincollection,
thten provide generic 'not found' behavior.
 2021-06-04 14:48:31 -04:00
Jarrod Johnson
58157b23d7 Error if noderange includes too many ) 
By default, pyparsing consumes only as much of the
input as matches the grammar. Tell it to consume all
of the noderange and error if there's more string than
matches our grammar.
 2021-06-04 14:19:06 -04:00
Jarrod Johnson
b8ddf149bd Skip newer agent behaviors with incompatible old ssh 
The previous attempt to support older ssh failed to completely
enact old behavior when needed.
 2021-06-04 13:40:39 -04:00
Jarrod Johnson
2073926256 Improve ctrl-c and other behaviors of osdeploy import 
More reliably delete an import attempt to avoid odd behaviors.
 2021-05-27 16:10:06 -04:00
Jarrod Johnson
734e12f0f1 Amend long wait to only apply to shutdown 
The previous 30 seconds was a good amount to
wait for everything but a graceful shutdown.

The new 5 minute wait is too long to wait to
find out a system can't turn on.

Apply the 5 minute wait only on clean shutdown
request.
 2021-05-27 09:57:07 -04:00
Jarrod Johnson
deb2b98e7f
Merge pull request #59 from zhougj4/master 
[merge-LXCA] pull request
 2021-05-27 09:54:44 -04:00
Zhou Guangjun
32c84993b0 [merge-LXCA] fix problem in merge with upstream - htmlify the dict 
Details:
Revision: d9cc888e68abe7794ade82a251c4dffe9108a014
Author: Michael Du <duxd2@LENOVO.COM>
Date: 2017/8/2 21:06:22
 2021-05-27 09:58:05 +08:00
Jarrod Johnson
af10e0ea91 Explicitly provide content-length 0 on 204 
For some vintages of eventlet+apache, this is required
to avoid invalid responses from the server.
 2021-05-25 10:18:13 -04:00
zhougj4
7363af866f Merge branch 'lenovo:master' into master 2021-05-24 10:46:50 +02:00
Jarrod Johnson
7c4b500e92 Add boot.img function to CoreOS 2021-05-21 11:11:01 -04:00
Jarrod Johnson
9ac4cf0641 Rename generically to coreos 
We should be able to support either RH or Fedora
flavors.
 2021-05-19 17:28:05 -04:00
Jarrod Johnson
52b39e632d Draft CoreOS support 
Preliminary work toward supporting CoreOS
 2021-05-19 17:12:56 -04:00
Jarrod Johnson
efd7f1de63 Conditionally apply agent to sshutil 
Older OSes (RHEL7/SLES12) cannot
do ssh-keygen with an agent.

Degrade to classic confluent behavior when that happens.
 2021-05-18 12:28:22 -04:00
Jarrod Johnson
af06c150b0 Add error message for long profile names 
If a profile name pushes the filename field of dhcp
beyond what it can support, log an event and
do not offer a corrupted
dhcp offer packet.
 2021-05-18 09:44:02 -04:00
Zhou Guangjun
32db72e38f [merge-LXCA] (138083) [ipmi] Restart Normally and Power off Normally job failed with the message Ensure that the endpoint is reachable on the network from LXCA 
Details:
Revision: d02e5b653f764aeca44efd108acaabc8b173b482
Author: Zhou Guangjun <zhougj4@lenovo.com>
Date: 2018/10/17 17:26:39
 2021-05-13 14:34:02 +08:00
Zhou Guangjun
9648f1c8ac [merge-LXCA] Add support for graphical consoles 
Details:
Revision: a0f0309ee0bc731463794da9d685fa56bc62bc6f
Author: Allan Vidal <avidal@lenovo.com>
Date: 2015/11/26 3:50:31
 2021-05-12 10:49:13 +08:00
Jarrod Johnson
aa7701ea3c More usefully indicate unfound interfaces 
Rather than no data, provide
not found error when requesting a currently unsupported name.
 2021-05-11 08:02:19 -04:00
Jarrod Johnson
8543129fb9 Invalidate sealed token on new token 
If a new token grant occurs, do not
retain stale token sealed, as it can be misleading.
 2021-05-05 09:17:42 -04:00