From 3e21587f226211ec2c5f69353daea47907a4a4b6 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Thu, 26 Aug 2021 08:58:02 -0400 Subject: [PATCH 1/4] Update error text for redfish to cover completely unsupported redfish systems --- .../confluent/plugins/hardwaremanagement/redfish.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/confluent_server/confluent/plugins/hardwaremanagement/redfish.py b/confluent_server/confluent/plugins/hardwaremanagement/redfish.py index 13df986e..45e68da6 100644 --- a/confluent_server/confluent/plugins/hardwaremanagement/redfish.py +++ b/confluent_server/confluent/plugins/hardwaremanagement/redfish.py @@ -183,7 +183,7 @@ class IpmiCommandWrapper(ipmicommand.Command): if 'Access Denied' in str(pe): raise exc.TargetEndpointBadCredentials() if 'Redfish not ready' in str(pe): - raise exc.TargetEndpointUnreachable('Redfish not yet ready') + raise exc.TargetEndpointUnreachable('Redfish is not supported by this system or is not yet ready') raise def close_confluent(self): From 6bf51a20b222ddfddf123e15d631dc6b38085749 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Thu, 26 Aug 2021 09:33:16 -0400 Subject: [PATCH 2/4] Set nodename as hostname prior to post for el class distros --- confluent_osdeploy/el7/profiles/default/scripts/prechroot.sh | 2 ++ confluent_osdeploy/el8/profiles/default/scripts/prechroot.sh | 2 ++ 2 files changed, 4 insertions(+) diff --git a/confluent_osdeploy/el7/profiles/default/scripts/prechroot.sh b/confluent_osdeploy/el7/profiles/default/scripts/prechroot.sh index 5b6d5be8..51651124 100644 --- a/confluent_osdeploy/el7/profiles/default/scripts/prechroot.sh +++ b/confluent_osdeploy/el7/profiles/default/scripts/prechroot.sh @@ -12,6 +12,8 @@ export confluent_mgr confluent_profile nodename cp -a /etc/confluent /mnt/sysimage/etc chmod -R og-rwx /mnt/sysimage/etc/confluent cp /tmp/functions /mnt/sysimage/etc/confluent/ +hostnamectl set-hostname $nodename +cp /etc/hostname /mnt/sysimage/etc/hostname . /tmp/functions if [ -f /tmp/cryptboot ]; then cp /tmp/cryptboot /mnt/sysimage/tmp/ diff --git a/confluent_osdeploy/el8/profiles/default/scripts/prechroot.sh b/confluent_osdeploy/el8/profiles/default/scripts/prechroot.sh index 5b6d5be8..51651124 100644 --- a/confluent_osdeploy/el8/profiles/default/scripts/prechroot.sh +++ b/confluent_osdeploy/el8/profiles/default/scripts/prechroot.sh @@ -12,6 +12,8 @@ export confluent_mgr confluent_profile nodename cp -a /etc/confluent /mnt/sysimage/etc chmod -R og-rwx /mnt/sysimage/etc/confluent cp /tmp/functions /mnt/sysimage/etc/confluent/ +hostnamectl set-hostname $nodename +cp /etc/hostname /mnt/sysimage/etc/hostname . /tmp/functions if [ -f /tmp/cryptboot ]; then cp /tmp/cryptboot /mnt/sysimage/tmp/ From d0c23e490b53e9786ef33ef846312e615694f281 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Thu, 26 Aug 2021 10:38:34 -0400 Subject: [PATCH 3/4] Tolerate delays in crypt-dm completion for imgutil --- imgutil/imgutil | 23 +++++++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) diff --git a/imgutil/imgutil b/imgutil/imgutil index b64473c4..62905c9b 100644 --- a/imgutil/imgutil +++ b/imgutil/imgutil @@ -15,6 +15,7 @@ import struct import subprocess import sys import tempfile +import time libc = ctypes.CDLL(ctypes.util.find_library('c')) CLONE_NEWNS = 0x00020000 @@ -315,7 +316,16 @@ def encrypt_image(plainfile, cryptfile, keyfile): lastoffset = plainin.tell() cryptout.write(chunk) chunk = plainin.read(2097152) - subprocess.check_call(['dmsetup', 'remove', dmname]) + mounted = True + tries = 30 + time.sleep(0.1) + while mounted: + tries -= 1 + try: + subprocess.check_call(['dmsetup', 'remove', dmname]) + mounted = False + except subprocess.CalledProcessError: + time.sleep(0.1) subprocess.check_call(['losetup', '-d', loopdev]) oum = os.umask(0o077) with open(keyfile, 'w') as keyout: @@ -890,7 +900,16 @@ def unpack_image(args): subprocess.check_call(['unsquashfs', '-d', 'rootfs', indir]) finally: if cleandmtable: - subprocess.check_call(['dmsetup', 'remove', cleandmtable]) + mounted = True + tries = 30 + time.sleep(0.1) + while mounted and tries: + tries -= 1 + try: + subprocess.check_call(['dmsetup', 'remove', cleandmtable]) + mounted = False + except subprocess.CalledProcessError: + time.sleep(0.1) def pack_image(args): From 7c617a160bf82345fe33189cf25220d6431d9c1c Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Thu, 26 Aug 2021 11:52:22 -0400 Subject: [PATCH 4/4] Close socket in relay_data Closing the socket outside of relay_data causes relay_data to stay alive, causing eventlet to think a filehandle is open that is not. A reasonable question would be why eventlet fails to error that read when the filehandle is closed, but for now, move the close activity to the relay_data handler. This resolves "Second simultaneous read on fileno" conditions introduced by the fix for leaking filehandles. --- confluent_server/confluent/consoleserver.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/confluent_server/confluent/consoleserver.py b/confluent_server/confluent/consoleserver.py index 81f97b27..b7023361 100644 --- a/confluent_server/confluent/consoleserver.py +++ b/confluent_server/confluent/consoleserver.py @@ -658,6 +658,7 @@ class ProxyConsole(object): while data: self.data_handler(data) data = tlvdata.recv(self.remote) + self.remote.close() def get_buffer_age(self): # the server sends a buffer age if appropriate, no need to handle @@ -720,7 +721,6 @@ class ProxyConsole(object): if self.remote: try: tlvdata.send(self.remote, {'operation': 'stop'}) - self.remote.close() except Exception: pass self.clisession = None