Commit to repository, even though not yet used. It is likely to
be renamed. The purpose is to help generate an appropriate self signed
cert for https including all the ip addresses as subject alternative
names so that names or addresses may be used with installers that
have had the cert injected.
Without incurring execution penalty, endeavor to sort available
data in an opportunistic way. This certainly does not guarantee order,
but it makes it highly likely for quick queries to appear orderly.
There are circumstances where the advertised IP is
useful information, even if that IP cannot be validated.
It is also the case that most of the time the advertised IP
is useless if not validated, so it is an optional field.
Have the cache operate against the sha256 of the passphrase rather
than the passhprase directly (mitigate presence of password in memory).
Pull PAM into the cache behavior to accelerate PAM based usage.
Rearrange things so that both built in confluent and PAM passwords
can be used.
Various behaviors break if the administrator declares a chain goes
to nowhere, throw up an error and hopefully see it caught to detect
this misconfiguration.
This concept is potentially problematic, as a volume named 'all' is
valid. Additionally, if really wanting all, the caller probably wants
the full storage configuration, better provide that up a level to
avoid requiring many calls to do that.
When confetty exits without doing anything, it causes
sockapi to reference an empty request. Check for that before
checking if it is a collective request.
The BMC is at much higher risk for rejecting the password
(e.g. the password does not pass complexity requirements). If the
username changes, but the password is still default, it is very
confusing. Give the password change the chance to break the
configuration process first.
One, make the tracking bools enforce a lock to reduce confusion
Treat an initializing peer as failed, to avoid getting too fixated
on an uncertain target.
Make sure that no more than one follower is tried at a time by
killing before starting a new one, and syncing up the configmanager
state
Decline to act on an assimilation request if we are trying to connect
and also if the current leader asks us to connect and we already are.
Avoid calling get_leader while connecting, as that can cause a member
to decide to become a leader while trying to connect, by swapping
the reactions to the connect request.
Avoid trying to assimilate existing followers.
Fix some logging.
The initialization lock is meant to avoid collective and generic
initialization stepping on each other. This is somewhat reduced in
efficacy if one has a sync running while the other is changing relevant
data.
