Jarrod Johnson
d7df1e7891
Prevent users from dupe group memberships
2022-02-24 15:06:41 -05:00
Jarrod Johnson
2c9be7a4c4
Remove slp snoop of XCC
...
SSDP snoop catches XCC, and do only
SSDP for consistent format of
snoop info coming into the
xcc handler.
2022-02-24 08:08:50 -05:00
Jarrod Johnson
e390618dd9
Fix handling without olduuid in database
2022-02-23 10:13:06 -05:00
Jarrod Johnson
8f4846c248
Fix for partial returns
...
full_net_config may not always apply,
be sure to gracefully degrade.
2022-02-22 17:08:23 -05:00
Jarrod Johnson
ac8918c2b9
Add ips to ssh principals
...
For any static address, also grant
certificate for that.
2022-02-22 16:48:58 -05:00
Jarrod Johnson
3cf9edeeb8
Stub out buffering for shell sessions
...
This is not yet handled anyway.
For future, establish norm of a nodeid
to prefix multiple distinct sessions.
2022-02-22 08:49:31 -05:00
Jarrod Johnson
8fab8238ed
Disambiguate console from shell buffer
...
There is room for the console replay to get confused,
fix by fully qualifying the console name.
2022-02-18 17:31:13 -05:00
Jarrod Johnson
58b55b6ef6
Error on trying to double-add nodes or groups
...
Prevent user from repeatedly adding the
same group to a node or same node to a group.
2022-02-16 11:58:22 -05:00
Jarrod Johnson
33be75a9a2
Markup bandit exceptions
...
Apply bandit exceptions and explain
the rationale in each case
2022-02-16 09:10:33 -05:00
Jarrod Johnson
f10a27fd7a
Switch to mkstemp
...
Use mkstemp to more confidently reserve a filename as expected.
2022-02-15 17:13:04 -05:00
Jarrod Johnson
93a5496899
Reject reverse range noderange
...
It has been stated that no one would want to do this
on purpose, and thus it should reject. The rationale
being that if no one wants to do this, but did it
anyway, they presumably made a mistake.
So now such attempts will be blocked.
Keep the dead logic around for now
in case a future opinion changes things back.
2022-02-11 15:20:41 -05:00
Jarrod Johnson
bd428790ce
Try for more informative messoge an expression syntax error
2022-02-11 14:51:53 -05:00
Jarrod Johnson
f0c4943612
Merge branch 'master' of github.com:lenovo/confluent
2022-02-11 14:33:47 -05:00
Jarrod Johnson
f547071d38
Warn user of unworkable syntax
...
When used in {} expressions, attributes must obey python syntax rules,
try out the attribute name and report the issue when it would be a problem.
2022-02-11 14:32:52 -05:00
Jarrod Johnson
fbd3a442ac
Support numeric owner/group in syncfile list
2022-02-08 17:38:01 -05:00
Jarrod Johnson
b809514ef9
Fix osdeploy initialize dependency on master key
...
Make sure confluent has made /etc/confluent, and further always initialize the
encryption key, as it will almost certainly
be needed and easiest to just always
generate on first startup.
2022-02-08 16:40:41 -05:00
Jarrod Johnson
b1032d8c4c
Specify write mode for confluent_uuid file
2022-02-08 12:31:04 -05:00
Jarrod Johnson
e7b1791df3
Modify input in bandit-friendly way
...
bandit erroneously flags 'input' based
on possible python2-ism. Avoid the
error by using 'getinput', making that
input or raw_input based on the python version.
2022-02-08 10:59:15 -05:00
Jarrod Johnson
6e03f6ee0a
Correct syntax typo
2022-02-08 10:49:42 -05:00
Jarrod Johnson
358b719cec
Implement deployment binding for new installs
...
When doing osdeploy initialize,
save the uuid and have deployment
targets specifically pair back with site via
uuid.
2022-02-08 10:41:27 -05:00
Jarrod Johnson
4a38a88136
Add recognition of RHEL9 media
2022-02-07 09:20:05 -05:00
Jarrod Johnson
522d7e2b59
Fix configmanager issue witht more recent python3
2022-02-04 16:21:39 -05:00
Jarrod Johnson
485c323608
Stage uploads in memory
...
The strategy of duping file descriptors
is inadequate. The copies share
identical offsets.
Fix this by reading the file once into
memory, and using BytesIO to fake a file.
This is relatively memory intensive in theory, but in practice
pyghmi library had been duping everything to memory
anyway, so it is a wash for now.
2022-01-27 17:29:17 -05:00
Jarrod Johnson
effaba9661
Fix adding nodes with uuid for pxe
...
When adding nodes, they wouldn't be tracked for PXE
until id.uuid changed, or service restarted.
Fix by explicitly remapping all added and new names.
2022-01-26 08:35:10 -05:00
Jarrod Johnson
3f90c35bc9
Raise error on missing piece of syncfiles entry
2022-01-20 13:13:04 -05:00
Jarrod Johnson
456b43eeb7
Correctly align rtattr and nlmsg
...
When advancing through messages,
must pad to nearest multiple of
4. This resolves erroneously landing on incorrect offsets.
2022-01-19 13:21:59 -05:00
Jarrod Johnson
2d13921d54
Amend deployment initialize for consistent ownership
...
Depending on the options selected/not selected, the
/var/lib/confluent directory may have been initialized
incorrectly. Have all the potential paths begin with
ensuring /var/lib/confluent is correct, and then
use seteuid consistently to take care of the rest.
2022-01-14 15:08:19 -05:00
Jarrod Johnson
8b95e8f507
Improve osdeploy import error handling
...
Before, conditions that were unexpected
would result in hangs. Now
transition to and report error state.
2022-01-14 09:23:54 -05:00
Jarrod Johnson
fdc3d1c457
Broaden scope of logging issues with connecting to a leader.
...
Notably, certificate mismatch should be caught.
2022-01-14 07:39:25 -05:00
Jarrod Johnson
8d5d8ef5ed
Have later syncfiles entries supersede earlier
...
This allows a vague entry to
be followed by a specific
entry to allow 'common' content
and then a specific override.
2022-01-13 16:52:10 -05:00
Jarrod Johnson
aa816c0f1d
Have attribute update support wildcards
...
This makes nodeattrib behave more like nodeconfig.
2022-01-13 13:27:07 -05:00
Jarrod Johnson
b7a786dc83
Choose more accurate description of ambiguous switch situation
...
Technically, it need not be an aggregation, but link between switches generically covers it.
2022-01-12 09:31:44 -05:00
Jarrod Johnson
f46fc9f7de
Provide error about in-use dhcp
...
The events will more clearly indicate
when dnsmasq is not adequately configured.
2022-01-12 09:27:49 -05:00
Jarrod Johnson
2d95fb1d74
Improve 'ambiguous' notification in macmap.
...
When two nodes are ambiguous, provide more
info (mac) and also a suggestion of
which of the two appears most
trunk-like if one of them looks
suspiciously like a trunk.
2022-01-12 08:31:13 -05:00
Jarrod Johnson
04b462712d
Tolerate redfish variations and fix loop
...
Some redfish omit the trailing /, and the correct move on non-redfish
is to continue to next candidate,
not break.
2022-01-11 16:53:46 -05:00
Jarrod Johnson
9c40569429
Add el9 to spec files
2022-01-11 16:02:47 -05:00
Jarrod Johnson
6df73d88b3
If SSDP happens but HTTPS not ready, ignore
2022-01-07 10:45:10 -05:00
Jarrod Johnson
d5a8e881ab
Defer handler processing
...
This was done in slp, do it also for ssdp. This
hopefully does it's best to flush udp buffer more
quickly in at scale scenarios.
2022-01-07 09:55:49 -05:00
Jarrod Johnson
e54277f8f8
Fix ssdp snoop of XCC
...
SSDP was declaring victory too early, wait until
the right volume of information is confirmed available
before commiting to shared structures.
2022-01-07 09:00:44 -05:00
Jarrod Johnson
d18d7592d3
Suppress extraneous slp trace errors
...
If a half-behaving peer appears, suppress the error and permit a retry later.
2022-01-07 07:17:27 -05:00
Jarrod Johnson
60398bf8f7
Add passive detection of XCC via SSDP
...
Take ssdp alive packets to pick up
XCCs outside of active scans.
2022-01-06 16:48:39 -05:00
Jarrod Johnson
22024b23b8
Prefer shortname for collective
...
When a colleective begins, default
to using the shortname, even
if gethostname returns a long one.
2022-01-06 12:38:15 -05:00
Jarrod Johnson
8da513b152
Fix TSM to lower case uuid for discovery
...
TSM were inconsistent by presenting
all caps UUID sometimes.
2022-01-05 12:50:31 -05:00
Jarrod Johnson
6f272b9d50
Skip generic redfish check
...
For now, it won't do anything but waste
resources.
2022-01-05 12:35:42 -05:00
Jarrod Johnson
b3c0810574
Fix XCC preconfig with SSDP change
...
The SSDP unfortunately changes
some structure, change XCC
preconfig to expect the SSDP structure.
2022-01-05 12:10:34 -05:00
Jarrod Johnson
b90756d2a6
Move XCC detection to SSDP
...
XCC will be retiring SLP and to prepare
for that, move over to SSDP.
This required that the snoop be wired
up to detection correctly, that slp
no longer report XCC, that
the model/serial number be moved to xcc handler, and various fixes to SSDP.
2022-01-05 11:43:04 -05:00
Jarrod Johnson
978b52dbb6
Fix selection of suboptimal alias
...
When picking deploy server, stop on a close match if net.ipv4_address suggests
a same-subnet match rather than adding the last alias.
2021-12-28 09:47:47 -05:00
Jarrod Johnson
d47b088753
Fix mistake in error output
2021-12-22 23:29:21 -05:00
Jarrod Johnson
47a83f4628
Do not trace out if a packet can't be replied to
2021-12-20 12:37:18 -05:00
Jarrod Johnson
abec8c498c
Break netlink address fetch on invalid rta_len
...
It is considered valid for kernel to return a null rta_len
in the midst of data and expect the caller to terminate.
2021-12-20 12:28:35 -05:00