xCAT/xcat-core
2
0
Fork 0
mirror of https://github.com/xcat2/xcat-core.git synced 2025-05-29 09:13:08 +00:00
Code Issues Releases Wiki Activity
xcat-core/xCAT-client/bin/rcons
chenglch 6135900321 Use short hostname in rcons for goconserver 
As the certificate of xcat is signed with short hostname, this
commit force to use the short hostname in  the environment variable for
`congo console`.
2017-12-06 14:36:34 +08:00

308 lines
10 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
# Provide serial console access to nodes
# To handle cases like running this via sudo, get the home dir properly
os=`uname`
if [ "$os" == "Linux" ]; then
HOME=`getent passwd $(whoami)|cut -d: -f 6`
export HOME
fi
if [ "$os" == "AIX" ]; then
HOME=`lsuser -a home $(whoami)|cut -d= -f 2`
export HOME
fi
if [ -z "$1" ] || [ "$1" = "-h" ] || [ "$1" = "-help" ] || [ "$1" = "--help" ]; then
echo "rcons - remotely accesses the serial console of a node"
echo "rcons <singlenode> [conserver] [-f]"
echo "rcons <singlenode> [conserver] [-s]"
echo "rcons [-h|--help|-v|--version]"
exit 0
fi
if [ "$1" = "-v" -o "$1" = "--version" ]; then
if [ -z "$XCATROOT" ]; then
XCATROOT="/opt/xcat"
fi
perl -e 'use lib "$ENV{XCATROOT}/lib/perl"; use xCAT::Version; print xCAT::Version->Version() . "\n"'
exit 0
fi
param_n=0
for parameter in $@; do
((param_n++))
# check the second parameter to be conserver
if [ $param_n -eq 2 ]; then
if [ "$parameter" != "-f" ] && [ "$parameter" != "-s" ]; then
CONSERVER=$parameter
fi
fi
if [ $param_n -ge 2 ]; then
if [ "$parameter" = "-f" ] || [ "$parameter" = "-s" ]; then
if [ -z "$FORCE" ]; then
FORCE=$parameter
elif [ "$FORCE" != "$parameter" ]; then
echo "Error: cannot use option -s and -f together."
exit 1
fi
fi
fi
if [ $param_n -ge 3 ]; then
if [ "$parameter" != "-f" ] && [ "$parameter" != "-s" ]; then
echo "Error: cannot recognize parameter \"$parameter\"."
exit 1
fi
fi
done
# xCAT 2.9.1 allows for an option to use confluent as a rcons replacement and only use
# confluent if this keyword is defined in the site table. This allows for confluent to
# be installed on the xCAT management node and switch between conserver & confluent
USE_CONFLUENT=0
# If conluent is not enable, check the service status of goconserver.
# If goconserver is strated, use rcons through goconserver, otherwise through conserver.
USE_GOCONSERVER=0
CONSOLE_SERVICE_KEYWORD=`tabdump site | grep consoleservice | cut -d, -f1 | tr -d '"'`
CONSOLE_SERVICE_VALUE=`tabdump site | grep consoleservice | cut -d, -f2 | tr -d '"'`
if [ "$CONSOLE_SERVICE_KEYWORD" == "consoleservice" ]; then
if [ "$CONSOLE_SERVICE_VALUE" == "confluent" ]; then
USE_CONFLUENT=1
fi
fi
if [ $USE_CONFLUENT != "1" ] && [ -f "/usr/bin/congo" ] && [ -f "/usr/bin/goconserver" ]; then
GOCONSERVER_RC=`service goconserver status >& /dev/null; echo $?`
if [[ ${GOCONSERVER_RC} == 0 ]]; then
USE_GOCONSERVER=1
fi
if [[ ${USE_GOCONSERVER} == 1 ]]; then
CONSERVER_RC=`pidof conserver >> /dev/null; echo $?`
if [[ ${CONSERVER_RC} == 0 ]]; then
echo "Error: Both goconserver and conserver are running, please stop one of them, and retry..."
exit 1
fi
fi
fi
if [ $USE_CONFLUENT == "1" ] && ([ -x "/opt/confluent/bin/confetty" ] || [ -x "/usr/bin/confetty" ] || [ -x "/usr/local/bin/confetty" ]); then
# use confluent, make sure conserver is not also running
CONSERVER_RC=`pidof conserver >> /dev/null; echo $?`
if [[ ${CONSERVER_RC} == 0 ]]; then
echo "Error: consoleservice is set to 'confluent' but conserver is running. Stop conserver, run makeconfluentcfg, and retry..."
exit 1
fi
GOCONSERVER_RC=`service goconserver status >& /dev/null; echo $?`
if [[ ${GOCONSERVER_RC} == 0 ]]; then
echo "Error: consoleservice is set to 'confluent' but goconserver is running. Stop goconserver, run makeconfluentcfg, and retry..."
exit 1
fi
CONFETTY="confetty"
if [ -x "/opt/confluent/bin/confetty" ]; then
CONFETTY="/opt/confluent/bin/confetty"
fi
if [ ! -z "$CONSCONTROLPATH" ]; then
CONSCONTROLPATH="-c $CONSCONTROLPATH"
fi
if [ -z "$CONSERVER" ]; then
CONSERVER=`nodels $1 nodehm.conserver 2>/dev/null | awk -F: '{print $2}' | tr -d ' '`
declare -a ipaddrs=`ip -o a | awk {'print $4'} | cut -d/ -f1 | grep -v : | tr '\n' ' '`
for IP in ${ipaddrs[*]}; do
if [[ "${CONSERVER}" == "${IP}" ]]; then
# conserver is the same node, do not connect using -s
CONSERVER=""
break
fi
done
fi
if [ -z "$CONSERVER" ]; then
CONSERVER=$XCATHOST
fi
if [ ! -z "$CONSERVER" ]; then
CONSERVER="-s $CONSERVER"
fi
$CONFETTY $CONSCONTROLPATH $CONSERVER $1
elif [ $USE_GOCONSERVER == "1" ]; then
# use goconserver
# make sure confluent is not also running, only if confluent is installed
if [[ -f "/etc/init.d/confluent" ]]; then
CONFLUENT_RC=`service confluent status >& /dev/null; echo $?`
if [[ ${CONFLUENT_RC} == 0 ]]; then
echo "Error: confluent is running. Stop confluent, run makegocons, and retry..."
exit 1
fi
fi
if [ -z "$CONSERVER" ]; then
CONSERVER=`nodels $1 nodehm.conserver 2>/dev/null | awk -F: '{print $2}' | tr -d ' '`
fi
if [ -z "$CONSERVER" ]; then
CONSERVER=$XCATHOST
fi
if [ -z "$CONSERVER" ]; then
CONSERVER=`hostname`
fi
CONGO_ENV="CONGO_SSL_KEY=$HOME/.xcat/client-cred.pem \
CONGO_SSL_CERT=$HOME/.xcat/client-cred.pem \
CONGO_SSL_CA_CERT=$HOME/.xcat/ca.pem \
CONGO_PORT=12430"
if [ "$CONSERVER" == `hostname` ]; then
host=`hostname -s`
if [ $? -ne 0 ]; then
echo "Error: could not get the short hostname for $CONSERVER."
exit 1
fi
CONGO_ENV="$CONGO_ENV \
CONGO_SERVER_HOST=$host \
CONGO_URL=https://$host:12429"
exec env $CONGO_ENV /usr/bin/congo console $1
else
host=`ssh $CONSERVER hostname -s`
if [ $? -ne 0 ]; then
echo "Error: could not get the short hostname for $CONSERVER."
exit 1
fi
CONGO_ENV="$CONGO_ENV \
CONGO_SERVER_HOST=$host \
CONGO_URL=https://$host:12429"
exec ssh -t $CONSERVER "$CONGO_ENV /usr/bin/congo console $1"
fi
elif [ -f "/usr/bin/console" ] || [ -f "/bin/console" ]; then
# use conserver
# make sure confluent is not also running, only if confluent is installed
if [[ -f "/etc/init.d/confluent" ]]; then
CONFLUENT_RC=`service confluent status >& /dev/null; echo $?`
if [[ ${CONFLUENT_RC} == 0 ]]; then
echo "Error: consoleservice is set to 'conserver' but confluent is running. Stop confluent, run makeconservercf, and retry..."
exit 1
fi
fi
if [ -z "$CONSERVER" ]; then
CONSERVER=`nodels $1 nodehm.conserver 2>/dev/null | awk -F: '{print $2}' | tr -d ' '`
fi
if [ -z "$CONSERVER" ]; then
CONSERVER=$XCATHOST
fi
if [ -z "$CONSERVER" ]; then
CONSERVER=localhost
fi
#NOTE: IPv6 is not good with the below if going by IP, needs more sophisticated
#parsing
CONSERVER=`echo $CONSERVER|cut -d: -f 1`
CONSOLE_VER=`console -V | awk '/conserver.com version/ {print $4}'`
#Detect console support of SSL, only fixup consolerc if encryption is detected
if ! console -h 2>&1 | grep "encryption not compiled" > /dev/null; then
# generate .consolerc if it does not exist or is empty
if [ ! -s $HOME/.consolerc ]; then
if [ "$CONSOLE_VER" != "8.1.16" ]; then
cat > $HOME/.consolerc << EOF
config * {
port 782;
sslenabled yes;
sslcacertificatefile $HOME/.xcat/ca.pem;
sslcredentials $HOME/.xcat/client-cred.pem;
}
EOF
else
cat > $HOME/.consolerc << EOF
config * {
port 782;
sslenabled yes;
sslauthority $HOME/.xcat/ca.pem;
sslcredentials $HOME/.xcat/client-cred.pem;
}
EOF
fi
fi
else
# ssl is not enabled, comment out the ssl settings in .consolerc
if [ -f $HOME/.consolerc ]; then
sed -i 's/\Wssl/#ssl/1' $HOME/.consolerc
fi
fi
# for migration, upgrade conserver
if [ "$CONSOLE_VER" != "8.1.16" ]; then
sed -i 's/sslauthority/sslcacertificatefile/1' $HOME/.consolerc
fi
exec console $FORCE -M $CONSERVER $1
else
if [[ "$FORCE" == "-s" ]]; then
echo "Read-only mode is not supported, please run rcons without -s option."
exit 1
fi
#deal with consoles directly
output=`nodels $1 nodehm.conserver nodehm.cons nodehm.mgt 2>&1`
if [ $? -ne 0 ]; then
echo "$output"
exit 1
fi
if [ -z "$CONSERVER" ]; then
CONSERVER=`echo "$output"|grep nodehm.conserver|cut -d: -f3|tr -d ' \n'`
fi
CONS=`echo "$output" |grep /nodehm.cons$/|cut -d: -f3 | tr -d ' \n'`
if [ -z "$CONS" ]; then
CONS=`echo "$output"|grep nodehm.mgt|cut -d: -f3 | tr -d ' \n'`
fi
if [ -z "$CONS" ]; then
echo "Error: nodehm.mgt or nodehm.cons for node $1 not setup."
exit 1;
fi
#check if conserver is local host
result=`ping -c1 $CONSERVER 2>&1`
if [ $? -eq 0 ]; then
index1=`expr index "$result" "\("`
index2=`expr index "$result" "\)"`
pos=`expr $index1 + 1`
length=`expr $index2 - $index1`
length=`expr $length - 1`
cons_ip=`expr substr "$result" $pos $length`
if [ "$os" == "AIX" ]; then
ifconfig |grep "$cons_ip"
else
ip addr |grep "$cons_ip"
fi
if [ $? -eq 0 ]; then
CONSERVER=""
fi
else
echo "Error: conserver $CONSERVER is not reachable."
exit 1;
fi
#echo "CONS=$CONS CONSERVER=$CONSERVER"
# check if others are using the console
if [[ -n $CONSERVER ]]; then
ssh $CONSERVER ps -ef |grep $1 |grep -v grep |grep "$XCATROOT/share/xcat/cons" > /dev/null
else
ps -ef |grep $1 |grep -v grep |grep "$XCATROOT/share/xcat/cons" > /dev/null
fi
if [ $? -eq 0 ]; then
if [[ "$FORCE" == "-f" ]] ; then
echo "Only one console can be run at a time for a node. Other consoles will be closed."
else
echo "Only one console can be run at a time for a node. Please close other consoles or run rcons with -f option."
exit 1;
fi
fi
echo "**** Enter ~? for help *****"
if [ -z "$XCATROOT" ]; then
cmdpath="/opt/xcat/share/xcat/cons"
else
cmdpath="$XCATROOT/share/xcat/cons"
fi
if [ -z "$CONSERVER" ]; then
exec $cmdpath/$CONS $1
else
exec ssh -t $CONSERVER "$cmdpath/$CONS $1"
fi
fi
Reference in New Issue View Git Blame Copy Permalink