xCAT/confluent
2
0
Fork 0
mirror of https://github.com/xcat2/confluent.git synced 2026-05-07 09:25:13 +00:00
Code Issues Projects Releases Wiki Activity
2,117 Commits 41 Branches 79 Tags
65629548c995c72a6fbde2c8a6b04869a8fd5036
Commit Graph

2117 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jarrod Johnson 65629548c9 Add support for new BMC config capabilities 
This enables nodeconfig -r bmc and nodeconfig bmc.<attr> function.
 2019-08-27 14:56:19 -04:00
Jarrod Johnson 6cfbf4533c Add support for BMC clear and extended attributes 
This wires up new function in pyghmi.
 2019-08-27 14:32:16 -04:00
Jarrod Johnson 5794dd7f8c Add CP storage to discovery 2019-08-22 16:15:01 -04:00
Jarrod Johnson 48fa74e7a9 Explicitly use utf8 when encode error encountered 
Some platforms do not naturally do utf-8.  This is
pretty much always the answer, so try it if the default
encoding of a platform fails.
 2019-08-22 08:57:47 -04:00
Jarrod Johnson 59d5110b8f Also enable ipmi if user sets in console.method 2019-08-20 09:29:25 -04:00
Jarrod Johnson 051d79727b Fix sysvinit 
sysvinit lsb function is 'status_of_proc'
 2019-08-20 08:59:01 -04:00
Jarrod Johnson 4cdbc7807b Add thinkagile storage to discovery 
At least enumerate the ipv4 pieces.
 2019-08-19 16:37:14 -04:00
Jarrod Johnson feecee82db Mitigate excessive open web sessions 
Back to back discovery testing would exhaust web slots.
Severely mitigate through being more aggressive about logging out.
 2019-08-19 10:44:47 -04:00
Jarrod Johnson 395c0d4697 Preserve IPMI state unless user wants otherwise 
ALso a draft of navigating a forced password change
in the midst of a pre-hashed password conversion.
 2019-08-16 16:33:57 -04:00
Jarrod Johnson a963a8ca35 Handle forced password change and no IPMI for XCC 
XCC firmware will start mandating a password change before use.

Additionally, IPMI will be unavailable and will be needed for enabling SMM.

TODO:
-Discover USERID/TempW0rd42 nodes that weren't preconfigged

-Enable IPMI on non-SD530 if hardwaremanagement.method is not redfish.
 2019-08-15 16:40:15 -04:00
Jarrod Johnson d95464df6f Add a non-ip network string xmit concept 2019-08-08 16:14:05 -04:00
Jarrod Johnson 3f6e6d4c39 Support unavailable sensors in redfish 2019-08-08 15:02:26 -04:00
Jarrod Johnson c3176ab86a Add blink and identify reporting to redfish 2019-08-05 16:22:50 -04:00
Jarrod Johnson 4dab5fc527 Adapt to RHEL or Debian openssl config locations 2019-08-05 16:16:42 -04:00
Jarrod Johnson 8897842fc4 Fix SMM handler when None bmc 
This fixes a common scenario for using fe80 collection
2.3.0 		2019-07-26 13:50:59 -04:00
Jarrod Johnson a251a538b0 Improve SMM discovery 
SMM discovery behavior has seemingly gotten more picky with time.
First switch to an IPMI-free if the user has custom password.  The
web based approach is much less problematic than SMM IPMI stack in
this context.

If user specifies they want to use default credentials, we have
no choice but to use IPMI.  Omit things and shuffle order of operations
to mitigate problems.  It isn't perfect, but it does work eventually.
 2019-07-26 09:25:19 -04:00
Jarrod Johnson 480a747dcf Merge branch 'master' of github.com:jjohnson42/confluent 2019-07-25 13:10:08 -04:00
Jarrod Johnson af025f7304 Present log name when provided in nodeeventlog 
Some managers combine logs, allow disambiguation through including in output.
 2019-07-25 13:09:52 -04:00
Jarrod Johnson 21edd82177 Extend generic catches in redfish/ipmi 
Have it provide more detailed error data at
a glance to short out some debug requirements.
 2019-07-25 09:28:55 -04:00
Jarrod Johnson 8641885f86 Fix handling of socket error with neighbor 
If a system is half up, a different sort of timeout is given.
Handle this and also preserve the original exception better
if not one of these two.
 2019-07-25 08:52:47 -04:00
Jarrod Johnson 64cc2416d1 Fix list argument 2019-07-24 15:37:01 -04:00
Jarrod Johnson 2787e1d862 Present more data about missing entries from assign csv 
When doing an assign on csv, present all the missing entries
rather than stopping on the first.
 2019-07-23 11:57:35 -04:00
Jarrod Johnson 514a121c15 Print license install errors when provided 
When the service gives errors installing keys,
relay them to the user.
 2019-07-22 11:21:31 -04:00
Jarrod Johnson 00ce48b046 Fix behavior for bad nodelicense arguments 
Correctly show help and exit if unrecognized
parameter.
 2019-07-22 09:27:31 -04:00
Jarrod Johnson 44929e7975 Fix printing of unicode to pipe 
nodesensors would have a unicode error on pipe output.
 2019-07-19 15:36:43 -04:00
Jarrod Johnson da82fef0cb Have nodelist use nodeattrib completion 
Since nodelist may also show attribute values, use same completion function.
 2019-07-19 14:22:19 -04:00
Jarrod Johnson efcac0b181 Fix nodesensors -n with csv 2019-07-19 14:12:40 -04:00
Jarrod Johnson 46e2f53018 Always use GCM on encrypt 
Continue to support read using the old scheme, but even when
an integrity key is available, only use it to aid in decrypting
classic format, and always write in new format.
 2019-07-17 08:51:06 -04:00
Jarrod Johnson cf51928b3d Implement GCM and close gap in the HMAC 
When generating key material from scratch, skip HMAC and
activate GCM mode.

When using existing CBC/HMAC keys, start covering the IV value
in the HMAC.  For compatibility, HMAC validity is checked with
and without IV.
 2019-07-16 18:32:23 -04:00
Jarrod Johnson 151ba2e567 Add error messages to nodeattrib clear 
nodeattrib -c was not reporting useful error information.
 2019-07-15 13:28:09 -04:00
Jarrod Johnson bc87077397 Fix error handling and consistency in networking 
by-port specification was inconsistent and unhelpful in error between macmap and lldp.
 2019-07-15 11:07:59 -04:00
Jarrod Johnson a77b65737e Suppress usage on nodefirmware error 
It is very bizarre to have the usage output
after an error.
 2019-07-12 12:10:22 -04:00
Jarrod Johnson 19c2963cf9 Fix reassign with SMM 
SMM validation assumes an earlier connection, fix so that it will accept the certificate
if no certificate expected yet.
 2019-07-11 15:55:20 -04:00
Jarrod Johnson a0ea8eeae3 Fix nodediscover support of bmc_gateway 
The command expected spaces, but documentation
said underscore, support both old csvs and doc
compliant csvs.
 2019-07-11 15:36:31 -04:00
Jarrod Johnson 6ad1ce4df5 Back off concurrent retrieval. 
Some BMCs are incapable of handling concurrent requests.
This is a blow particularly to high latency management given
Redfish's tendency to require a lot of resource fetches, but
we don't have a particularly discoverable strategy for knowing
in advance whether an implementation is up for some optimization.
 2019-07-11 11:41:42 -04:00
Jarrod Johnson c53264872a Fix scenario with undefined passlength 
If passwordcomplexity were requested without a passwordlength,
things would be a problem.
 2019-07-11 10:53:43 -04:00
Jarrod Johnson d9f2c0b266 Correct mistake in setting names 2019-07-11 10:40:49 -04:00
Jarrod Johnson d528d45820 Add configuration to opt into password policies. 2019-07-11 10:19:46 -04:00
Jarrod Johnson 4eeac8d71a Explore password evaluation as an option. 
Password rules may be relevant to some scenarios.  In such a case, this
can provide guidance if the BMC does not have such a facility or
alternatively provide friendlier warnings than the BMC provides
around shortcomings of the password.
 2019-07-10 15:32:47 -04:00
Jarrod Johnson 6cc0eb0797 Add reassign to nodediscover 
Allow nodediscover to do 'reassign' to repeat discovery process for a discovered
node, without requiring an additional identifier.
 2019-07-09 13:53:30 -04:00
Jarrod Johnson bfd0de1a4a Add expiration to more places 2019-07-09 13:26:48 -04:00
Jarrod Johnson a787ac62c3 Add expiration data from ipmi plugin 
When pyghmi provides the information, enrich the return
data.
 2019-07-09 12:48:56 -04:00
Jarrod Johnson fd9b4a8650 Add support for expiration data, when available 2019-07-09 10:55:33 -04:00
Jarrod Johnson 373bf3dca7 Remove stray whitespace 
Fix formatting mistakes
 2019-07-09 10:18:34 -04:00
Jarrod Johnson 0ad0c626c2 Restore password policy set to nodediscover 
The shift away from IPMI had omitted the password policy set.
Amend the function and restore it to the sequence of events.
 2019-07-08 16:25:07 -04:00
Jarrod Johnson fbc4fc6846 Make unexpected error more specific 
Often a usable summary message is obfuscated.  Assume the subject line
is safe to relay, but continue to do a more verbose trace.
 2019-07-08 14:28:56 -04:00
Jarrod Johnson 3efc153615 Improve conversion reliability 
It was frequent that a token expiration would impact attempt to convert
an account.  Suppress the token based authentication to more reliably
have a fresh login.

Additionally, mitigate chance of exhausting user login limit.

Finally, switch to a generated password for the temporary account.  Should something go awry
between deleting the third-party account and recreating it, this
means the system will have to be reset through OS or F1 menu.  However this is better
than the risk of a well known backdoor account being inadvertently
created.
 2019-07-03 11:39:36 -04:00
Jarrod Johnson b7ff093e48 Fix ubuntu package install location 2019-07-02 14:42:45 -04:00
Jarrod Johnson 7275e98039 Remove IPMI specific parameters to user 
Users cannot have these settings in redfish
 2019-07-01 11:23:28 -04:00
Jarrod Johnson 2b0c50dc23 Refresh connection parameters on retry 
If the parameters changing cause a login failure,
take the opportunity to refresh that information to work
in the midst of a rediscover, for example.
 2019-07-01 09:15:01 -04:00