mirror of
				https://github.com/xcat2/xcat-core.git
				synced 2025-10-26 08:55:24 +00:00 
			
		
		
		
	Previously, it is impossible to know if the goconerver is started by xcat. This patch add a marker in /etc/goconserver/server.conf to help check the status. In addition, use server-cred.pem instead of server-key.pem as it is not exist on SN. This patch also control the service status of goconserver and conserver when restarting the xcatd service on service node. ``` [root@sn02 ~]# chdef sn02 setupconserver=1 1 object definitions have been created or modified. [root@sn02 ~]# service xcatd restart Restarting xcatd (via systemctl): [ OK ] [root@sn02 ~]# ps -ef | grep conserver root 27679 1 0 02:26 ? 00:00:00 /usr/sbin/conserver -o -O1 -d root 27680 27679 0 02:26 ? 00:00:00 /usr/sbin/conserver -o -O1 -d root 27756 26188 0 02:26 pts/1 00:00:00 grep --color=auto conserver [root@sn02 ~]# chdef sn02 setupconserver=2 1 object definitions have been created or modified. [root@sn02 ~]# service xcatd restart Restarting xcatd (via systemctl): [ OK ] [root@sn02 ~]# [root@sn02 ~]# [root@sn02 ~]# [root@sn02 ~]# ps -ef | grep conserver root 27885 1 0 02:26 ? 00:00:00 /usr/bin/goconserver root 27986 26188 0 02:33 pts/1 00:00:00 grep --color=auto conserver ```
		
			
				
	
	
		
			310 lines
		
	
	
		
			10 KiB
		
	
	
	
		
			Bash
		
	
	
		
			Executable File
		
	
	
	
	
			
		
		
	
	
			310 lines
		
	
	
		
			10 KiB
		
	
	
	
		
			Bash
		
	
	
		
			Executable File
		
	
	
	
	
| #!/bin/bash
 | |
| 
 | |
| # Provide serial console access to nodes
 | |
| 
 | |
| # To handle cases like running this via sudo, get the home dir properly
 | |
| os=`uname`
 | |
| if [ "$os" == "Linux" ]; then 
 | |
|     HOME=`getent passwd $(whoami)|cut -d: -f 6`
 | |
|     export HOME
 | |
| fi
 | |
| if [ "$os" == "AIX" ]; then
 | |
|     HOME=`lsuser -a home $(whoami)|cut -d= -f 2`
 | |
|     export HOME
 | |
| fi
 | |
| 
 | |
| if [ -z "$1" ] || [ "$1" = "-h"  ] || [ "$1" = "-help"  ] || [ "$1" = "--help"  ]; then
 | |
|     echo "rcons - remotely accesses the serial console of a node"
 | |
|     echo "rcons <singlenode> [conserver] [-f]"
 | |
|     echo "rcons <singlenode> [conserver] [-s]"
 | |
|     echo "rcons [-h|--help|-v|--version]"
 | |
|     exit 0
 | |
| fi
 | |
| if [ "$1" = "-v" -o "$1" = "--version" ]; then
 | |
|     if [ -z "$XCATROOT" ]; then
 | |
|         XCATROOT="/opt/xcat"
 | |
|     fi
 | |
|     perl -e 'use lib "$ENV{XCATROOT}/lib/perl"; use xCAT::Version; print xCAT::Version->Version() . "\n"'
 | |
|     exit 0
 | |
| fi
 | |
| 
 | |
| param_n=0
 | |
| for parameter in $@; do
 | |
|     ((param_n++))
 | |
| 
 | |
|     # check the second parameter to be conserver
 | |
|     if [ $param_n -eq 2 ]; then
 | |
|         if [ "$parameter" != "-f" ] && [ "$parameter" != "-s" ]; then
 | |
|             CONSERVER=$parameter
 | |
|         fi
 | |
|     fi
 | |
| 
 | |
|     if [ $param_n -ge 2 ]; then
 | |
|         if [ "$parameter" = "-f" ] || [ "$parameter" = "-s" ]; then
 | |
|             if [ -z "$FORCE" ]; then
 | |
|                 FORCE=$parameter
 | |
|             elif [ "$FORCE" != "$parameter" ]; then
 | |
|                 echo "Error: cannot use option -s and -f together."
 | |
|                 exit 1
 | |
|             fi
 | |
|         fi
 | |
|     fi
 | |
| 
 | |
|     if [ $param_n -ge 3 ]; then
 | |
|         if [ "$parameter" != "-f" ] && [ "$parameter" != "-s" ]; then
 | |
|             echo "Error: cannot recognize parameter \"$parameter\"."
 | |
|             exit 1
 | |
|         fi
 | |
|     fi
 | |
| done
 | |
| 
 | |
| # xCAT 2.9.1 allows for an option to use confluent as a rcons replacement and only use
 | |
| # confluent if this keyword is defined in the site table.  This allows for confluent to 
 | |
| # be installed on the xCAT management node and switch between conserver & confluent
 | |
| USE_CONFLUENT=0
 | |
| # If conluent is not enable, check the service status of goconserver.
 | |
| # If goconserver is strated, use rcons through goconserver, otherwise through conserver.
 | |
| USE_GOCONSERVER=0
 | |
| CONSOLE_SERVICE_KEYWORD=`tabdump site | grep consoleservice | cut -d, -f1 | tr -d '"'`
 | |
| CONSOLE_SERVICE_VALUE=`tabdump site | grep consoleservice | cut -d, -f2 | tr -d '"'`
 | |
| 
 | |
| if [ "$CONSOLE_SERVICE_KEYWORD" == "consoleservice" ]; then
 | |
|     if [ "$CONSOLE_SERVICE_VALUE" == "confluent" ]; then
 | |
|         USE_CONFLUENT=1
 | |
|     fi
 | |
| fi
 | |
| 
 | |
| if [ $USE_CONFLUENT != "1" ] && [ -f "/usr/bin/congo" ] && [ -f "/usr/bin/goconserver" ]; then
 | |
|     GOCONSERVER_RC=`service goconserver status >& /dev/null; echo $?`
 | |
|     if [[ ${GOCONSERVER_RC} == 0 ]]; then
 | |
|         USE_GOCONSERVER=1
 | |
|     fi
 | |
|     if [[ ${USE_GOCONSERVER} == 1 ]]; then
 | |
|         CONSERVER_RC=`pidof conserver >> /dev/null; echo $?`
 | |
|         if [[ ${CONSERVER_RC} == 0 ]]; then
 | |
|             echo "Error: Both goconserver and conserver are running, please stop one of them, and retry..."
 | |
|             exit 1
 | |
|         fi
 | |
|     fi
 | |
| fi
 | |
| 
 | |
| if [ $USE_CONFLUENT == "1" ] && ([ -x "/opt/confluent/bin/confetty" ] || [ -x "/usr/bin/confetty" ] || [ -x "/usr/local/bin/confetty" ]); then
 | |
|     # use confluent, make sure conserver is not also running
 | |
|     CONSERVER_RC=`pidof conserver >> /dev/null; echo $?`
 | |
|     if [[ ${CONSERVER_RC} == 0 ]]; then 
 | |
|         echo "Error: consoleservice is set to 'confluent' but conserver is running.  Stop conserver, run makeconfluentcfg, and retry..."
 | |
|         exit 1
 | |
|     fi
 | |
|     GOCONSERVER_RC=`service goconserver status >& /dev/null; echo $?`
 | |
|     if [[ ${GOCONSERVER_RC} == 0 ]]; then
 | |
|         echo "Error: consoleservice is set to 'confluent' but goconserver is running.  Stop goconserver, run makeconfluentcfg, and retry..."
 | |
|         exit 1
 | |
|     fi
 | |
|     CONFETTY="confetty"
 | |
|     if [ -x "/opt/confluent/bin/confetty" ]; then
 | |
| 	CONFETTY="/opt/confluent/bin/confetty"
 | |
|     fi
 | |
|     if [ ! -z "$CONSCONTROLPATH" ]; then
 | |
|         CONSCONTROLPATH="-c $CONSCONTROLPATH"
 | |
|     fi
 | |
|     if [ -z "$CONSERVER" ]; then
 | |
|         CONSERVER=`nodels $1 nodehm.conserver 2>/dev/null | awk -F: '{print $2}' | tr -d ' '`
 | |
|         declare -a ipaddrs=`ip -o a | awk {'print $4'} | cut -d/ -f1 | grep -v : | tr '\n' ' '`
 | |
|         for IP in ${ipaddrs[*]}; do 
 | |
|             if [[ "${CONSERVER}" == "${IP}" ]]; then 
 | |
|                 # conserver is the same node, do not connect using -s
 | |
|                 CONSERVER=""
 | |
|                 break
 | |
|             fi
 | |
|         done
 | |
|     fi
 | |
|     if [ -z "$CONSERVER" ]; then
 | |
| 	CONSERVER=$XCATHOST
 | |
|     fi
 | |
|     if [ ! -z "$CONSERVER" ]; then
 | |
| 	CONSERVER="-s $CONSERVER"
 | |
|     fi
 | |
|     $CONFETTY $CONSCONTROLPATH $CONSERVER  $1
 | |
| elif [ $USE_GOCONSERVER == "1" ]; then
 | |
|     # use goconserver
 | |
|     # make sure confluent is not also running, only if confluent is installed
 | |
|     if [[ -f "/etc/init.d/confluent" ]]; then
 | |
|         CONFLUENT_RC=`service confluent status >& /dev/null; echo $?`
 | |
|         if [[ ${CONFLUENT_RC} == 0 ]]; then
 | |
|             echo "Error: confluent is running.  Stop confluent, run makegocons, and retry..."
 | |
|             exit 1
 | |
|         fi
 | |
|     fi
 | |
|     if [ -z "$CONSERVER" ]; then
 | |
|         CONSERVER=`nodels $1 nodehm.conserver 2>/dev/null | awk -F: '{print $2}' | tr -d ' '`
 | |
|     fi
 | |
| 
 | |
|     if [ -z "$CONSERVER" ]; then
 | |
|         CONSERVER=$XCATHOST
 | |
|     fi
 | |
|     if [ -z "$CONSERVER" ]; then
 | |
|         CONSERVER=`hostname`
 | |
|     fi
 | |
|     CONGO_ENV="CONGO_SSL_KEY=$HOME/.xcat/client-cred.pem \
 | |
|                CONGO_SSL_CERT=$HOME/.xcat/client-cred.pem \
 | |
|                CONGO_SSL_CA_CERT=$HOME/.xcat/ca.pem \
 | |
|                CONGO_PORT=12430 \
 | |
|                CONGO_CLIENT_TYPE=xcat \
 | |
|                CONGO_SSL_INSECURE=true"
 | |
|     if [ "$CONSERVER" == `hostname` ]; then
 | |
|         host=`hostname -s`
 | |
|         if [ $? -ne 0 ]; then
 | |
|             echo "Error: could not get the short hostname for $CONSERVER."
 | |
|             exit 1
 | |
|         fi
 | |
|         CONGO_ENV="$CONGO_ENV \
 | |
|                    CONGO_SERVER_HOST=$host \
 | |
|                    CONGO_URL=https://$host:12429"
 | |
|         exec env $CONGO_ENV /usr/bin/congo console $1
 | |
|     else
 | |
|         host=`ssh $CONSERVER hostname -s`
 | |
|         if [ $? -ne 0 ]; then
 | |
|             echo "Error: could not get the short hostname for $CONSERVER."
 | |
|             exit 1
 | |
|         fi
 | |
|         CONGO_ENV="$CONGO_ENV \
 | |
|                    CONGO_SERVER_HOST=$host \
 | |
|                    CONGO_URL=https://$host:12429"
 | |
|         exec ssh -t $CONSERVER "$CONGO_ENV /usr/bin/congo console $1"
 | |
|     fi
 | |
| 
 | |
| elif [ -f "/usr/bin/console" ] || [ -f "/bin/console" ]; then
 | |
|     # use conserver
 | |
|     # make sure confluent is not also running, only if confluent is installed
 | |
|     if [[ -f "/etc/init.d/confluent" ]]; then 
 | |
|         CONFLUENT_RC=`service confluent status >& /dev/null; echo $?`
 | |
|         if [[ ${CONFLUENT_RC} == 0 ]]; then 
 | |
|             echo "Error: consoleservice is set to 'conserver' but confluent is running.  Stop confluent, run makeconservercf, and retry..."
 | |
|             exit 1
 | |
|         fi
 | |
|     fi
 | |
| 
 | |
|     if [ -z "$CONSERVER" ]; then
 | |
|         CONSERVER=`nodels $1 nodehm.conserver 2>/dev/null | awk -F: '{print $2}' | tr -d ' '`
 | |
|     fi
 | |
|     
 | |
|     if [ -z "$CONSERVER" ]; then
 | |
| 	CONSERVER=$XCATHOST
 | |
|     fi
 | |
|     if [ -z "$CONSERVER" ]; then
 | |
| 	CONSERVER=localhost
 | |
|     fi
 | |
|     #NOTE: IPv6 is not good with the below if going by IP, needs more sophisticated
 | |
|     #parsing
 | |
|     CONSERVER=`echo $CONSERVER|cut -d: -f 1`
 | |
|     CONSOLE_VER=`console -V | awk '/conserver.com version/ {print $4}'`
 | |
|     #Detect console support of SSL, only fixup consolerc if encryption is detected
 | |
|     if ! console -h 2>&1 | grep "encryption not compiled" > /dev/null; then
 | |
|         # generate .consolerc if it does not exist or is empty
 | |
|         if [ ! -s $HOME/.consolerc ]; then
 | |
|             if [ "$CONSOLE_VER" != "8.1.16" ]; then
 | |
|                 cat > $HOME/.consolerc << EOF
 | |
| config * {
 | |
|       port 782;
 | |
|       sslenabled yes;
 | |
|       sslcacertificatefile $HOME/.xcat/ca.pem;
 | |
|       sslcredentials $HOME/.xcat/client-cred.pem;
 | |
| }
 | |
| EOF
 | |
|             else
 | |
|                 cat > $HOME/.consolerc << EOF
 | |
| config * {
 | |
|       port 782;
 | |
|       sslenabled yes;
 | |
|       sslauthority $HOME/.xcat/ca.pem;
 | |
|       sslcredentials $HOME/.xcat/client-cred.pem;
 | |
| }
 | |
| EOF
 | |
|             fi
 | |
|         fi
 | |
|     else
 | |
|         # ssl is not enabled, comment out the ssl settings in .consolerc
 | |
| 	if [ -f $HOME/.consolerc ]; then
 | |
|             sed -i 's/\Wssl/#ssl/1' $HOME/.consolerc
 | |
| 	fi
 | |
|     fi
 | |
|     # for migration, upgrade conserver
 | |
|     if [ "$CONSOLE_VER" != "8.1.16" ]; then
 | |
|         sed -i 's/sslauthority/sslcacertificatefile/1' $HOME/.consolerc
 | |
|     fi
 | |
|     exec console $FORCE -M $CONSERVER $1
 | |
| else 
 | |
|     if [[ "$FORCE" == "-s" ]]; then
 | |
| 	echo "Read-only mode is not supported, please run rcons without -s option."
 | |
| 	exit 1
 | |
|     fi
 | |
|     #deal with consoles directly
 | |
|     output=`nodels $1 nodehm.conserver nodehm.cons nodehm.mgt 2>&1` 
 | |
|     if [ $? -ne 0 ]; then
 | |
| 	echo "$output"
 | |
| 	exit 1
 | |
|     fi 
 | |
| 
 | |
|     if [ -z "$CONSERVER" ]; then  
 | |
| 	CONSERVER=`echo "$output"|grep nodehm.conserver|cut -d: -f3|tr -d ' \n'`
 | |
|     fi
 | |
|     CONS=`echo "$output" |grep /nodehm.cons$/|cut -d: -f3 | tr -d ' \n'`
 | |
|     if [ -z "$CONS" ]; then
 | |
| 	CONS=`echo "$output"|grep nodehm.mgt|cut -d: -f3 | tr -d ' \n'`
 | |
|     fi
 | |
|     if [ -z "$CONS" ]; then
 | |
| 	echo "Error: nodehm.mgt or nodehm.cons for node $1 not setup."
 | |
| 	exit 1;
 | |
|     fi
 | |
|     
 | |
|     #check if conserver is local host
 | |
|     result=`ping -c1 $CONSERVER 2>&1`
 | |
|     if [ $? -eq 0 ]; then
 | |
|         index1=`expr index "$result" "\("`
 | |
|         index2=`expr index "$result" "\)"`
 | |
|         pos=`expr $index1 + 1`
 | |
|         length=`expr $index2 - $index1`
 | |
|         length=`expr $length - 1`
 | |
|         cons_ip=`expr substr "$result" $pos $length`
 | |
|         if [ "$os" == "AIX" ]; then
 | |
|           ifconfig |grep "$cons_ip"
 | |
|         else
 | |
|           ip addr |grep "$cons_ip"
 | |
|         fi
 | |
|         if [ $? -eq 0 ]; then
 | |
|            CONSERVER=""
 | |
|         fi
 | |
|     else 
 | |
| 	echo "Error: conserver $CONSERVER is not reachable."
 | |
|         exit 1;
 | |
|     fi
 | |
|     #echo "CONS=$CONS CONSERVER=$CONSERVER"
 | |
| 
 | |
|     # check if others are using the console
 | |
|     if [[ -n $CONSERVER ]]; then
 | |
|         ssh $CONSERVER ps -ef |grep $1 |grep -v grep |grep "$XCATROOT/share/xcat/cons" > /dev/null
 | |
|     else 
 | |
|         ps -ef |grep $1 |grep -v grep |grep "$XCATROOT/share/xcat/cons" > /dev/null
 | |
|     fi
 | |
|     if [ $? -eq 0 ]; then
 | |
|         if [[ "$FORCE" == "-f" ]] ; then
 | |
|            echo "Only one console can be run at a time for a node. Other consoles will be closed."
 | |
|         else
 | |
|            echo "Only one console can be run at a time for a node. Please close other consoles or run rcons with -f option."
 | |
|            exit 1;
 | |
|         fi
 | |
|     fi
 | |
| 
 | |
|     echo "**** Enter ~? for help *****"
 | |
|     if [ -z "$XCATROOT" ]; then
 | |
|         cmdpath="/opt/xcat/share/xcat/cons"	
 | |
|     else
 | |
|         cmdpath="$XCATROOT/share/xcat/cons"
 | |
|     fi
 | |
|     if [ -z "$CONSERVER" ]; then
 | |
|         exec $cmdpath/$CONS $1
 | |
|     else
 | |
|         exec ssh -t  $CONSERVER "$cmdpath/$CONS $1"
 | |
|     fi
 | |
| fi
 |