Jarrod Johnson
d4babbffa4
Check and try to start collective on startup
...
Not yet good enough for a leader to rejoin, but enough for a follower
to rejoin automatically.
2018-05-16 11:27:46 -04:00
Jarrod Johnson
1c930eba9d
Have attrib set wait on all collective members
...
This will mean that it is reliable that a nodeattrib ; <command>
in delegation scenarios is guaranteed to execute in order.
2018-05-16 11:27:46 -04:00
Jarrod Johnson
c4b564123f
Allow slave collective drones to set
...
It works (once), but needs xid fix.
2018-05-16 11:27:46 -04:00
Jarrod Johnson
6d728df4dc
Fix reuse of channel for receiving changes
2018-05-16 11:27:46 -04:00
Jarrod Johnson
f1e29393df
Succeed in pushing config to followers from leader
...
Still more work to be done for multiple transactions.
2018-05-16 11:27:46 -04:00
Jarrod Johnson
81bb16476c
Apply changes from leader subscription
2018-05-16 11:27:46 -04:00
Jarrod Johnson
035f10e7d7
Rough draft for ongoing syncronization
...
Putting thoughts down on how xmit will work, will add recv and relay,
do some testing, and then decide how much can be done to apply it neatly
to the various points.
2018-05-16 11:27:46 -04:00
Jarrod Johnson
830e6bb4e4
Clear configuration prior to sync
2018-05-16 11:27:46 -04:00
Jarrod Johnson
1eb542f6a8
Actually execute replicate-on-connect
...
This creates a duplicate of the leader.
2018-05-16 11:27:46 -04:00
Jarrod Johnson
b733049a0c
Add self to collective database
...
Database would omit initial leader otherwise.
2018-05-16 11:27:46 -04:00
Jarrod Johnson
a4d80e4e3a
Fixes to the connect draft
...
Needed to track it's own name, skip the banner and auth message...
2018-05-16 11:27:46 -04:00
Jarrod Johnson
a69b5fbb50
For enroll, track the remote cert special
...
For reconnect, we will have collective objects. However at
enroll time, we need to be special.
2018-05-16 11:27:46 -04:00
Jarrod Johnson
789dfe94d0
Fix missing import of eventlet
...
Unable to spawn the connect thread due to missing import.
2018-05-16 11:27:46 -04:00
Jarrod Johnson
73a376fd74
Fix backup of globals
...
Globals failed to open the backup file as writable, causing failure if
a global had been set.
2018-05-16 11:27:46 -04:00
Jarrod Johnson
57f390fd0a
Draft for starting the databse replication
...
Does not actually heed the data, or implement ongoing relay of data back and forth.
2018-05-16 11:27:46 -04:00
Jarrod Johnson
641bc7344a
Add hooks for collective mode and refactor
...
In support of config replication, need configmanager to do a few things
2018-05-16 11:27:46 -04:00
Jarrod Johnson
af940c972f
Add function to check address equivalence
...
As we start needing to compare addresses, provide a central function
to handle the various oddities associated with that.
2018-05-16 11:27:46 -04:00
Jarrod Johnson
468f00cd1c
Rename 'joinchallenge' to 'enroll'
...
Seems like a better word to use.
2018-05-16 11:27:46 -04:00
Jarrod Johnson
ce635068aa
Begin the 'connect' collective operation
...
First check if we are current leader, reject if not, then if cert
is invalid, reject, then comes the TODO.
2018-05-16 11:27:46 -04:00
Jarrod Johnson
348c6a7c38
Add collective info to DB backup
...
Now persisted to disk *and* accessible to backup.
2018-05-16 11:27:46 -04:00
Jarrod Johnson
a41a42ffd0
Persint collective info to disk
...
Additionally, simplify the concluding steps of the join conversation.
2018-05-16 11:27:46 -04:00
Jarrod Johnson
3a354a6300
Ensure the invitation works out to even multiple of 3 bytes
...
It's cosmetic, but a nice way to avoid '=' in the tokens.
2018-05-16 11:27:46 -04:00
Jarrod Johnson
fb9925bb84
Fix encoding of the response proof
...
The response was not decoded, causing it to always fail.
2018-05-16 11:27:46 -04:00
Jarrod Johnson
78bf1d5acd
Provide more feedback and fix some flow issues
2018-05-16 11:27:46 -04:00
Jarrod Johnson
8165b645d9
Fix invite process and unicode
...
Unicode strings do not fit with our world view, make them bytes.
2018-05-16 11:27:46 -04:00
Jarrod Johnson
c2783b6734
Rename swarm to collective in setup.py.tmpl
2018-05-16 11:27:46 -04:00
Jarrod Johnson
033d59b04a
Afetr some feedback, rename it 'collective'
2018-05-16 11:27:46 -04:00
Jarrod Johnson
4155954d1c
Add swarm to setup.py
...
Make sure the swarm content is actually installed.
2018-05-16 11:27:46 -04:00
Jarrod Johnson
1b912c4365
Further advance the swarm concept
...
This marks the start of attempting to connect the invitation
to sockets and using the invitation to measure the certificates as
well as proving client knowledge of an invitation token.
2018-05-16 11:27:46 -04:00
Jarrod Johnson
5f9ee3d3c5
Migrate 'multimanager' to 'swarm'
...
It's easier to say 'swarm' and conveys the sense without confusion
of 'cluster' mode.
2018-05-16 11:27:46 -04:00
Jarrod Johnson
cc9becea3b
Add ability to get client certificates
...
Unfortunately, to pull off the target user experience, we
must register a custom client certificate validation to allow
us to not require a CA.
2018-05-16 11:27:46 -04:00
Jarrod Johnson
1e0cf7e9fb
Create invitation management module
...
This facilitates the generation of invitations and logistics of proving
knowledge of the invitation and the integrity of the certificates.
peercert is to be gotten through getpeercert(binary_form=True) and
local cert through the util function to load from file, since we don't
have another way of getting local certificate.
2018-05-16 11:26:36 -04:00
Jarrod Johnson
7ebe9da24b
Add utility function to get certificate from file
...
This can be used to get our own certificate, for use in the
multimanager membership establishment.
2018-05-16 11:26:36 -04:00
Jarrod Johnson
7909f9e003
Switch to explicit SSL context when possible
...
This allows more fine grained control over the security parameters of
the TLS connection.
2018-04-23 14:18:51 -04:00
Jarrod Johnson
14ff33a44a
Only activate the remote API socket if user makes cert
...
This prevents the useless networking socket from being opened
when it cannot be used. This means most implementations will not
have an extra port to explain unless the user goes through the work
and knows what it would be.
2018-04-20 19:30:15 -04:00
Jarrod Johnson
0481f7889b
Make macmap api case insensitive
...
This helps usability of the api.
2018-04-20 13:25:02 -04:00
Jarrod Johnson
a1156097d2
Add facility to disable autosense
...
discovery autosense at scale may produce undesirable performance.
Provide an interface to turn off the autosense.
If autosense is off, manual scan can still be performed.
2018-04-13 16:54:27 -04:00
Jarrod Johnson
af72d0e71a
Update the discovery lookup tables on node add/remove
...
This will mitigate stale mappings in the discovery process.
2018-04-12 17:05:06 -04:00
Jarrod Johnson
008f8e22ae
Abort traversing gap in SMM chain
...
Once there is a gap, the next hop in the chain will be ambiguous.
Discovery must always precede from the front-most chassis.
2018-04-12 15:45:07 -04:00
Jarrod Johnson
39ee0da879
Fix makesetup for confluent_client
...
Fixing the redundant __init__.py led to no __init__.py, fix
that mistake.
2018-04-10 16:11:14 -04:00
Jarrod Johnson
91238f1dcb
Clean up pure python packaging
...
Fix __init__.py redundancy, update requirements to current state
of affairs.
2018-04-10 16:06:37 -04:00
Jarrod Johnson
76a4a91351
Fix pyparsing rpm name
...
Accept another likely formulation of an rpm name for
the package.
2018-04-10 15:11:20 -04:00
Jarrod Johnson
bd40f2f4a6
Fix mistake in indexing of url
2018-03-27 17:11:35 -04:00
Jarrod Johnson
66e8ce2dde
Merge branch 'master' of github.com:jjohnson42/confluent
2018-03-27 16:35:31 -04:00
Jarrod Johnson
f97c39cea4
Add hostname to api
...
The hostname of the BMC is added to the api.
2018-03-27 15:51:14 -04:00
Jarrod Johnson
6671b9aad3
Provide cleaner behavior on timeouts
...
If a timeout occurred outside of a keeplaive, provide
a more consistent message about the situation.
2018-03-23 08:27:27 -04:00
Jarrod Johnson
308db99dbb
Fix inconsistent dict member extension
...
If two portions of a list come back piecewise from the plugin that
are both lists, extend them rather than making a nested list.
2018-03-15 12:09:45 -04:00
Jarrod Johnson
a20b0abb43
Do not clear the buffer on superfluous reopen
...
If someone does a reopen, try to preserve the buffer, unless connect
proves there to be a deeper issue. The risk of staleness is low, but
the experience of the whole screen clearing is tricky. This was not
such an issue at the time, but using pyte causes clearbuffer to also
clear connected client terminals.
2018-03-14 17:00:44 -04:00
Jarrod Johnson
7413c44df8
Fix manual discovery
...
In manual discovery, maccount is not a field in the info, as no macmap
processing is done in manual.
2018-03-14 09:27:29 -04:00
Jarrod Johnson
463f61fac7
Modify XSS-Protection directive
2018-03-12 13:41:18 -04:00