From 74da3d64e828a7c7a9bfb3f3561a7da449d05990 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Tue, 19 Nov 2013 10:22:36 -0500 Subject: [PATCH 1/8] Change the html explorer to defer status code until end to allow for error code 500 to work --- confluent/httpapi.py | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/confluent/httpapi.py b/confluent/httpapi.py index 318f4757..05264171 100644 --- a/confluent/httpapi.py +++ b/confluent/httpapi.py @@ -235,13 +235,15 @@ def resourcehandler(env, start_response): start_response('400 Bad Request', headers) yield '400 - Bad Request' return - start_response('200 OK', headers) + pagecontent = "" if mimetype == 'text/html': for datum in _assemble_html(hdlr, resource, querydict, url): - yield datum + pagecontent += datum else: for datum in _assemble_json(hdlr, resource, url): - yield datum + pagecontent += datum + start_response('200 OK', headers) + yield pagecontent def _assemble_html(responses, resource, querydict, url): From 67642b7e19e29e4d38fbaab4c03795a961abc53e Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Fri, 22 Nov 2013 17:15:46 -0500 Subject: [PATCH 2/8] Rework http json in the following ways: -defer to document completion (all at once) for more straightforward code -data only gets into arrays when there is a multitude -at least for now, 'pretty print' the dumps in http interface --- confluent/httpapi.py | 57 +++++++++++++++---------------------------- confluent/messages.py | 20 +++++++++++++++ 2 files changed, 40 insertions(+), 37 deletions(-) diff --git a/confluent/httpapi.py b/confluent/httpapi.py index 05264171..89ccb39b 100644 --- a/confluent/httpapi.py +++ b/confluent/httpapi.py @@ -287,55 +287,38 @@ def _assemble_json(responses, resource, url): #once and hold on to all the data in memory docomma = False links = { - 'self': ['{"href":"%s"}' % resource], + 'self': {"href":resource}, } if url == '/': pass elif resource[-1] == '/': - links['collection'] = ['{"href":"%s"}' % '../'] + links['collection'] = {"href":"../"} else: - links['collection'] = ['{"href":"%s"}' % './'] - yield '{' - hadrsp = False + links['collection'] = {"href":"./"} + rspdata = {} for rsp in responses: if isinstance(rsp, confluent.messages.LinkRelation): - haldata = rsp.json_hal() + haldata = rsp.raw_rel() for hk in haldata.iterkeys(): if hk in links: - links[hk].append(haldata[hk]) + if isinstance(links[hk], list): + links[hk].append(haldata[hk]) + else: + links[hk] = [ links[hk], haldata[hk] ] else: - links[hk] = [haldata[hk]] - continue - hadrsp = True - if docomma: - yield ',' + links[hk] = haldata[hk] else: - docomma = True - yield rsp.json() - docomma = False - if hadrsp: - yield ',' - yield '"_links": {' - groupcomma = False - for link in links.iterkeys(): - if groupcomma: - yield ',' - else: - groupcomma = True - yield json.dumps(link) + ":" - if len(links[link]) == 1: - yield links[link][0] - else: - yield '[' - for lk in links[link]: - if docomma: - yield ',' + rsp = rsp.rawdata() + for dk in rsp.iterkeys(): + if dk in rspdata: + if isinstance(rspdata[dk], list): + rspdata[dk].append(rsp[dk]) + else: + rspdata[dk] = [ rspdata[dk], rsp[dk] ] else: - docomma = True - yield lk - yield ']' - yield '}' - yield '}' + rspdata[dk] = rsp[dk] + rspdata["_links"] = links + yield json.dumps(rspdata, sort_keys=True, indent=4) def serve(): diff --git a/confluent/messages.py b/confluent/messages.py index 466c885f..4544f3a8 100644 --- a/confluent/messages.py +++ b/confluent/messages.py @@ -18,6 +18,12 @@ class ConfluentMessage(object): jsonsnippet = json.dumps(self.kvpairs, separators=(',', ':'))[1:-1] return jsonsnippet + def rawdata(self): + """Return pythonic representation of the response. + + Used by httpapi while assembling data prior to json serialization""" + return self.kvpairs + def strip_node(self, node): self.kvpairs = self.kvpairs[node] @@ -74,9 +80,23 @@ class ConfluentChoiceMessage(ConfluentMessage): class LinkRelation(ConfluentMessage): def json_hal(self): + """Provide json_hal style representation of the relation. + + This currently only makes sense for the socket api. + """ return {self.rel: '{ "href": "%s" }' % self.href } + def raw_rel(self): + """Provide python structure of the relation. + + This currently is only sensible to consume from httpapi. + """ + return { self.rel: { "href": self.href }} + def html(self): + """Provide an html representation of the link relation. + + This is used by the API explorer aspect of httpapi""" return '%s' % (self.href, self.rel, self.href) From 891325419136f8705187fc65d96faf04c293859f Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Fri, 22 Nov 2013 17:57:02 -0500 Subject: [PATCH 3/8] Suppress 'put' for collections in api explorer --- confluent/httpapi.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/confluent/httpapi.py b/confluent/httpapi.py index 89ccb39b..e7232f87 100644 --- a/confluent/httpapi.py +++ b/confluent/httpapi.py @@ -263,8 +263,10 @@ def _assemble_html(responses, resource, querydict, url): if url == '/': pass elif resource[-1] == '/': + iscollection = True yield '../
' else: + iscollection = False yield './
' pendingrsp = [] for rsp in responses: @@ -276,7 +278,8 @@ def _assemble_html(responses, resource, querydict, url): for rsp in pendingrsp: yield rsp.html() yield "
" - yield '' + if not iscollection: + yield '' def _assemble_json(responses, resource, url): From 163f96177a0c4f9568d99ba72891f5dd7d3974ba Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Fri, 22 Nov 2013 17:58:38 -0500 Subject: [PATCH 4/8] Fix problem where root collection crashed after previous change --- confluent/httpapi.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/confluent/httpapi.py b/confluent/httpapi.py index e7232f87..07614966 100644 --- a/confluent/httpapi.py +++ b/confluent/httpapi.py @@ -261,7 +261,7 @@ def _assemble_html(responses, resource, querydict, url): yield '' yield '%s
' % (resource, resource) if url == '/': - pass + iscollection = True elif resource[-1] == '/': iscollection = True yield '../
' From 343600c2aa766a964f98b18fecebcff5345bbaf0 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Fri, 22 Nov 2013 18:27:15 -0500 Subject: [PATCH 5/8] Rework the 'update' button for clearer use alongside other buttons --- confluent/httpapi.py | 5 +++-- confluent/messages.py | 3 ++- plugins/hardwaremanagement/ipmi.py | 8 +++++++- 3 files changed, 12 insertions(+), 4 deletions(-) diff --git a/confluent/httpapi.py b/confluent/httpapi.py index 07614966..aec32850 100644 --- a/confluent/httpapi.py +++ b/confluent/httpapi.py @@ -257,7 +257,6 @@ def _assemble_html(responses, resource, querydict, url): yield '
' yield 'Only fields that have their boxes checked will have their ' yield 'respective values honored by the confluent server.
' - yield '' yield '' yield '%s
' % (resource, resource) if url == '/': @@ -279,7 +278,9 @@ def _assemble_html(responses, resource, querydict, url): yield rsp.html() yield "
" if not iscollection: - yield '' + yield '' + else: + yield '' def _assemble_json(responses, resource, url): diff --git a/confluent/messages.py b/confluent/messages.py index 4544f3a8..c8f3ff05 100644 --- a/confluent/messages.py +++ b/confluent/messages.py @@ -98,6 +98,7 @@ class LinkRelation(ConfluentMessage): This is used by the API explorer aspect of httpapi""" return '%s' % (self.href, self.rel, self.href) + #return '%s Date: Fri, 22 Nov 2013 19:19:28 -0500 Subject: [PATCH 6/8] Have REST explorer provide delete controls where such a function would be supported --- confluent/httpapi.py | 14 ++++++-------- confluent/messages.py | 9 ++++++++- confluent/pluginapi.py | 2 +- 3 files changed, 15 insertions(+), 10 deletions(-) diff --git a/confluent/httpapi.py b/confluent/httpapi.py index aec32850..4c2f8921 100644 --- a/confluent/httpapi.py +++ b/confluent/httpapi.py @@ -149,13 +149,18 @@ def _assign_consessionid(consolesession): def resourcehandler(env, start_response): """Function to handle new wsgi requests """ - authorized = _authorize_request(env) mimetype = _pick_mimetype(env) reqbody = None reqtype = None if 'CONTENT_LENGTH' in env and int(env['CONTENT_LENGTH']) > 0: reqbody = env['wsgi.input'].read(int(env['CONTENT_LENGTH'])) reqtype = env['CONTENT_TYPE'] + operation = opmap[env['REQUEST_METHOD']] + querydict = _get_query_dict(env, reqbody, reqtype) + if 'restexplorerop' in querydict: + operation = querydict['restexplorerop'] + del querydict['restexplorerop'] + authorized = _authorize_request(env) if authorized['code'] == 401: start_response('401 Authentication Required', [('Content-type', 'text/plain'), @@ -174,11 +179,6 @@ def resourcehandler(env, start_response): headers.extend(("Set-Cookie", m.OutputString()) for m in authorized['cookie'].values()) cfgmgr = authorized['cfgmgr'] - operation = opmap[env['REQUEST_METHOD']] - querydict = _get_query_dict(env, reqbody, reqtype) - if 'restexplorerop' in querydict: - operation = querydict['restexplorerop'] - del querydict['restexplorerop'] if '/console/session' in env['PATH_INFO']: #hard bake JSON into this path, do not support other incarnations prefix, _, _ = env['PATH_INFO'].partition('/console/session') @@ -279,8 +279,6 @@ def _assemble_html(responses, resource, querydict, url): yield "
" if not iscollection: yield '' - else: - yield '' def _assemble_json(responses, resource, url): diff --git a/confluent/messages.py b/confluent/messages.py index c8f3ff05..09a22905 100644 --- a/confluent/messages.py +++ b/confluent/messages.py @@ -103,9 +103,16 @@ class LinkRelation(ConfluentMessage): class ChildCollection(LinkRelation): - def __init__(self, collname): + def __init__(self, collname, candelete=False): self.rel = 'item' self.href = collname + self.candelete = candelete + + def html(self): + if self.candelete: + return '%s . . . . . . . . . . . . . . . . . . ' % (self.href, self.rel, self.href, self.href) + else: + return '%s' % (self.href, self.rel, self.href) def get_input_message(path, operation, inputdata, nodes=None): if path[0] == 'power' and path[1] == 'state' and operation != 'retrieve': diff --git a/confluent/pluginapi.py b/confluent/pluginapi.py index 31d855a1..6992dcc1 100644 --- a/confluent/pluginapi.py +++ b/confluent/pluginapi.py @@ -97,7 +97,7 @@ def iterate_collections(iterable): for coll in iterable: if coll[-1] != '/': coll = coll + '/' - yield msg.ChildCollection(coll) + yield msg.ChildCollection(coll, candelete=True) def iterate_resources(fancydict): for resource in fancydict.iterkeys(): From 51f6a6995b56e10a52f1d05f89d4a27400a00969 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Fri, 22 Nov 2013 19:36:32 -0500 Subject: [PATCH 7/8] Wire up delete buttons to actually work --- confluent/config/configmanager.py | 9 +++++++++ confluent/messages.py | 3 +++ confluent/pluginapi.py | 13 ++++++++++++- 3 files changed, 24 insertions(+), 1 deletion(-) diff --git a/confluent/config/configmanager.py b/confluent/config/configmanager.py index 4feebcce..c09c7f6c 100644 --- a/confluent/config/configmanager.py +++ b/confluent/config/configmanager.py @@ -554,6 +554,15 @@ class ConfigManager(object): nodecfg = self._cfgstore['nodes'][node] self._do_inheritance(nodecfg, attr, group) + def del_nodes(self, nodes): + if 'nodes' not in self._cfgstore: + return + for node in nodes: + if node in self._cfgstore['nodes']: + self._sync_groups_to_node(node=node, groups=[]) + del self._cfgstore['nodes'][node] + self._bg_sync_to_file() + def set_node_attributes(self, attribmap): if 'nodes' not in self._cfgstore: self._cfgstore['nodes'] = {} diff --git a/confluent/messages.py b/confluent/messages.py index 09a22905..42acb9ea 100644 --- a/confluent/messages.py +++ b/confluent/messages.py @@ -58,6 +58,9 @@ class ConfluentMessage(object): snippet += 'value="%s">' % (key) return snippet +class DeletedResource(ConfluentMessage): + def __init__(self): + self.kvpairs = {} class ConfluentChoiceMessage(ConfluentMessage): diff --git a/confluent/pluginapi.py b/confluent/pluginapi.py index 6992dcc1..44d43626 100644 --- a/confluent/pluginapi.py +++ b/confluent/pluginapi.py @@ -107,6 +107,12 @@ def iterate_resources(fancydict): resource += '/' yield msg.ChildCollection(resource) +def delete_node_collection(collectionpath, configmanager): + if len(collectionpath) == 2: #just node + node = collectionpath[-1] + configmanager.del_nodes([node]) + yield msg.DeletedResource() + def enumerate_node_collection(collectionpath, configmanager): if collectionpath == [ 'node' ]: #it is simple '/node/', need a list of nodes return iterate_collections(configmanager.get_nodes()) @@ -146,7 +152,12 @@ def handle_path(path, operation, configmanager, inputdata=None): except IndexError: # doesn't actually have a long enough path return iterate_collections(configmanager.get_nodes()) if iscollection: - return enumerate_node_collection(pathcomponents, configmanager) + if operation == "delete": + return delete_node_collection(pathcomponents, configmanager) + elif operation == "retrieve": + return enumerate_node_collection(pathcomponents, configmanager) + else: + raise Exception("TODO here") del pathcomponents[0:2] try: plugroute = nested_lookup(noderesources, pathcomponents).routeinfo From d8efb18034eb0955d9751dbe834e21305394d545 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Mon, 25 Nov 2013 13:14:41 -0500 Subject: [PATCH 8/8] Comment out as-yet unused attributes, bring them in as they become relevant --- confluent/config/attributes.py | 301 +++++++++++++++++---------------- 1 file changed, 151 insertions(+), 150 deletions(-) diff --git a/confluent/config/attributes.py b/confluent/config/attributes.py index baece07e..f7a9c1e3 100644 --- a/confluent/config/attributes.py +++ b/confluent/config/attributes.py @@ -52,6 +52,7 @@ nic = { # 'node', which can be considered a 'system' or a 'vm' node = { 'groups': { + 'type': (list, tuple), 'default': 'all', 'description': ('List of static groups for which this node is' 'considered a member'), @@ -62,95 +63,95 @@ node = { 'id': { 'description': ('Numeric identifier for node') }, - 'location.timezone': { - 'description': 'POSIX timezone to apply to this node', - }, - 'status.summary': { - 'description': ('An assessment of the overall health of the node. It' - 'can be "optimal", "warning", "critical"'), - }, - 'status.lastheartbeat': { - 'description': 'Timestamp of last received heartbeat', - }, - 'status.heartbeatexpiry': { - 'description': 'Time when Heartbeat will be considered expired', - }, - 'status.deployment': { - 'description': 'State of any deployment activity in progress', - }, - 'status.faultdetails': { - 'description': 'Detailed problem data, if any', - }, - 'network.gateway': { - 'description': 'Default gateway to configure node with', - }, - 'network.nameservers': { - 'description': '''DNS servers for node to use''', - }, - 'network.domain': { - 'description': 'Value to append to nodename, if any, to get FQDN', - }, - 'network.interfaces': { - 'dictof': 'nic', - 'description': ('Dict of network interfaces to configure on node. ' - 'Keyed on hardware address.'), - }, - 'storage.osvolume': { - 'default': 'auto', - 'description': 'Description of storage to target when deploying OS', - }, - 'storage.clientiqn': { - 'description': ('Indicates IQN used by this node when communicating' - 'with iSCSI servers'), - }, - 'storage.iscsiserver': { - 'description': 'Address of iSCSI server used for boot if applicable', - }, - 'storage.pool': { - 'description': ('For scenarios like SAN boot and virtualization, this' - 'describes the pool to allocate boot volume from'), - }, - 'os.imagename': { - 'description': 'The OS Image applied or to be applied to node', - }, - 'console.speed': { - 'default': 'auto', - 'description': ('Indicate the speed at which to run serial port.' - 'Default behavior is to autodetect the appropriate' - 'value as possible') - }, - 'console.port': { - 'default': 'auto', - 'description': ('Indicate which port to use for text console. Default' - 'behavior is to auto detect the value appropriate for' - 'the platform. "Disable" can be used to suppress' - 'serial console configuration') - }, +# 'location.timezone': { +# 'description': 'POSIX timezone to apply to this node', +# }, +# 'status.summary': { +# 'description': ('An assessment of the overall health of the node. It' +# 'can be "optimal", "warning", "critical"'), +# }, +# 'status.lastheartbeat': { +# 'description': 'Timestamp of last received heartbeat', +# }, +# 'status.heartbeatexpiry': { +# 'description': 'Time when Heartbeat will be considered expired', +# }, +# 'status.deployment': { +# 'description': 'State of any deployment activity in progress', +# }, +# 'status.faultdetails': { +# 'description': 'Detailed problem data, if any', +# }, +# 'network.gateway': { +# 'description': 'Default gateway to configure node with', +# }, +# 'network.nameservers': { +# 'description': '''DNS servers for node to use''', +# }, +# 'network.domain': { +# 'description': 'Value to append to nodename, if any, to get FQDN', +# }, +# 'network.interfaces': { +# 'dictof': 'nic', +# 'description': ('Dict of network interfaces to configure on node. ' +# 'Keyed on hardware address.'), +# }, +# 'storage.osvolume': { +# 'default': 'auto', +# 'description': 'Description of storage to target when deploying OS', +# }, +# 'storage.clientiqn': { +# 'description': ('Indicates IQN used by this node when communicating' +# 'with iSCSI servers'), +# }, +# 'storage.iscsiserver': { +# 'description': 'Address of iSCSI server used for boot if applicable', +# }, +# 'storage.pool': { +# 'description': ('For scenarios like SAN boot and virtualization, this' +# 'describes the pool to allocate boot volume from'), +# }, +# 'os.imagename': { +# 'description': 'The OS Image applied or to be applied to node', +# }, +# 'console.speed': { +# 'default': 'auto', +# 'description': ('Indicate the speed at which to run serial port.' +# 'Default behavior is to autodetect the appropriate' +# 'value as possible') +# }, +# 'console.port': { +# 'default': 'auto', +# 'description': ('Indicate which port to use for text console. Default' +# 'behavior is to auto detect the value appropriate for' +# 'the platform. "Disable" can be used to suppress' +# 'serial console configuration') +# }, 'console.method': { 'description': ('Indicate the method used to access the console of' 'The managed node.') }, - 'virtualization.host': { - 'description': ('Hypervisor where this node does/should reside'), - 'appliesto': ['vm'], - }, - 'virtualization.computepool': { - 'description': ('Set of compute resources this node is permitted to' - ' be created on/be migrated to'), - 'appliesto': ['vm'], - }, - 'virtualization.storagemodel': { - 'description': ('The model of storage adapter to emulate in a virtual' - 'machine. Defaults to virtio-blk for KVM, vmscsi for' - 'VMware'), - 'appliesto': ['vm'], - }, - 'virtualization.nicmodel': { - 'description': ('The model of NIC adapter to emulate in a virtual' - 'machine. Defaults to virtio-net for KVM, vmxnet3 for' - 'VMware'), - 'appliesto': ['vm'], - }, +# 'virtualization.host': { +# 'description': ('Hypervisor where this node does/should reside'), +# 'appliesto': ['vm'], +# }, +# 'virtualization.computepool': { +# 'description': ('Set of compute resources this node is permitted to' +# ' be created on/be migrated to'), +# 'appliesto': ['vm'], +# }, +# 'virtualization.storagemodel': { +# 'description': ('The model of storage adapter to emulate in a virtual' +# 'machine. Defaults to virtio-blk for KVM, vmscsi for' +# 'VMware'), +# 'appliesto': ['vm'], +# }, +# 'virtualization.nicmodel': { +# 'description': ('The model of NIC adapter to emulate in a virtual' +# 'machine. Defaults to virtio-net for KVM, vmxnet3 for' +# 'VMware'), +# 'appliesto': ['vm'], +# }, 'hardwaremanagement.manager': { 'description': 'The management address dedicated to this node', }, @@ -158,56 +159,56 @@ node = { 'description': 'The method used to perform operations such as power ' 'control, get sensor data, get inventory, and so on. ' }, - 'enclosure.manager': { - 'description': "The management device for this node's chassis", - 'appliesto': ['system'], - }, - 'enclosure.bay': { - 'description': 'The bay in the enclosure, if any', - 'appliesto': ['system'], - }, - 'enclosure.type': { - 'description': '''The type of enclosure in use (e.g. IBM BladeCenter, -IBM Flex)''', - 'appliesto': ['system'], - }, - 'inventory.serialnumber': { - 'description': 'The manufacturer serial number of node', - }, - 'inventory.uuid': { - 'description': 'The UUID of the node as presented in DMI', - }, - 'inventory.modelnumber': { - 'description': 'The manufacturer dictated model number for the node', - }, - 'inventory.snmpengineid': { - 'description': 'The SNMP Engine id used by this node', - }, - 'secret.snmpuser': { - 'description': 'The user to use for SNMPv3 access to this node', - }, - 'secret.snmppassphrase': { - 'description': 'The passphrase to use for SNMPv3 access to this node', - }, - 'secret.snmplocalizedkey': { - 'description': ("SNMPv3 key localized to this node's SNMP Engine id" - 'This can be used in lieu of snmppassphrase to avoid' - 'retaining the passphrase TODO: document procedure' - 'to commit passphrase to localized key'), - }, - 'secret.snmpcommunity': { - 'description': ('SNMPv1 community string, it is highly recommended to' - 'step up to SNMPv3'), - }, - 'secret.localadminpassphrase': { - 'description': ('The passphrase to apply to local root/administrator ' - 'account. ' - 'If the environment is 100% Linux, the value may be ' - 'one-way crypted as in /etc/shadow. For Windows, if ' - 'the value is not set or is one-way crypted, the ' - 'local ' - 'Administrator account will be disabled, requiring AD') - }, +# 'enclosure.manager': { +# 'description': "The management device for this node's chassis", +# 'appliesto': ['system'], +# }, +# 'enclosure.bay': { +# 'description': 'The bay in the enclosure, if any', +# 'appliesto': ['system'], +# }, +# 'enclosure.type': { +# 'description': '''The type of enclosure in use (e.g. IBM BladeCenter, +#IBM Flex)''', +# 'appliesto': ['system'], +# }, +# 'inventory.serialnumber': { +# 'description': 'The manufacturer serial number of node', +# }, +# 'inventory.uuid': { +# 'description': 'The UUID of the node as presented in DMI', +# }, +# 'inventory.modelnumber': { +# 'description': 'The manufacturer dictated model number for the node', +# }, +# 'inventory.snmpengineid': { +# 'description': 'The SNMP Engine id used by this node', +# }, +# 'secret.snmpuser': { +# 'description': 'The user to use for SNMPv3 access to this node', +# }, +# 'secret.snmppassphrase': { +# 'description': 'The passphrase to use for SNMPv3 access to this node', +# }, +# 'secret.snmplocalizedkey': { +# 'description': ("SNMPv3 key localized to this node's SNMP Engine id" +# 'This can be used in lieu of snmppassphrase to avoid' +# 'retaining the passphrase TODO: document procedure' +# 'to commit passphrase to localized key'), +# }, +# 'secret.snmpcommunity': { +# 'description': ('SNMPv1 community string, it is highly recommended to' +# 'step up to SNMPv3'), +# }, +# 'secret.localadminpassphrase': { +# 'description': ('The passphrase to apply to local root/administrator ' +# 'account. ' +# 'If the environment is 100% Linux, the value may be ' +# 'one-way crypted as in /etc/shadow. For Windows, if ' +# 'the value is not set or is one-way crypted, the ' +# 'local ' +# 'Administrator account will be disabled, requiring AD') +# }, 'secret.ipmikg': { 'description': 'Optional Integrity key for IPMI communication' }, @@ -224,19 +225,19 @@ IBM Flex)''', 'to connect over the network and value is not set, ' 'PASSW0RD is attempted') }, - 'secret.managementuser': { - 'description': ('Username to be set and used by protocols like SSH and ' - 'HTTP where client provides passphrase over the network.' - 'Given the distinct security models betwen this class ' - 'of protocols and SNMP and IPMI, snmp and ipmi utilize ' - 'dedicated values.'), - }, - 'secret.managementpassphrase': { - 'description': ('Passphrase to be set and used by protocols like SSH ' - 'and HTTP, where client sends passphrase over the ' - 'network. Given distinct security models between ' - 'this class of protocols, SNMP, and IPMI, SNMP and ' - 'IPMI are given their own settings with distinct ' - 'behaviors'), - }, +# 'secret.managementuser': { +# 'description': ('Username to be set and used by protocols like SSH and ' +# 'HTTP where client provides passphrase over the network.' +# 'Given the distinct security models betwen this class ' +# 'of protocols and SNMP and IPMI, snmp and ipmi utilize ' +# 'dedicated values.'), +# }, +# 'secret.managementpassphrase': { +# 'description': ('Passphrase to be set and used by protocols like SSH ' +# 'and HTTP, where client sends passphrase over the ' +# 'network. Given distinct security models between ' +# 'this class of protocols, SNMP, and IPMI, SNMP and ' +# 'IPMI are given their own settings with distinct ' +# 'behaviors'), +# }, }