- fence_aliyun: add credentials file support, filter parameter, and
optimize log output Resolves: RHEL-31488, RHEL-31485, RHEL-31483
This commit is contained in:
parent
be3bd8b54d
commit
c48babef63
209
RHEL-31488-RHEL-31485-RHEL-31483-fence_aliyun-update.patch
Normal file
209
RHEL-31488-RHEL-31485-RHEL-31483-fence_aliyun-update.patch
Normal file
@ -0,0 +1,209 @@
|
||||
--- a/agents/aliyun/fence_aliyun.py 2024-04-04 10:22:53.720906183 +0200
|
||||
+++ b/agents/aliyun/fence_aliyun.py 2024-04-04 10:21:47.626425090 +0200
|
||||
@@ -1,53 +1,67 @@
|
||||
#!@PYTHON@ -tt
|
||||
|
||||
-import sys, re
|
||||
+import sys
|
||||
import logging
|
||||
import atexit
|
||||
import json
|
||||
+
|
||||
sys.path.append("@FENCEAGENTSLIBDIR@")
|
||||
from fencing import *
|
||||
-from fencing import fail, fail_usage, EC_TIMED_OUT, run_delay
|
||||
+from fencing import fail_usage, run_delay
|
||||
+
|
||||
|
||||
try:
|
||||
sys.path.insert(0, '/usr/lib/fence-agents/support/aliyun')
|
||||
from aliyunsdkcore import client
|
||||
from aliyunsdkcore.auth.credentials import EcsRamRoleCredential
|
||||
+ from aliyunsdkcore.profile import region_provider
|
||||
+except ImportError as e:
|
||||
+ logging.warn("The 'aliyunsdkcore' module has been not installed or is unavailable, try to execute the command 'pip install aliyun-python-sdk-core --upgrade' to solve. error: %s" % e)
|
||||
+
|
||||
+
|
||||
+try:
|
||||
from aliyunsdkecs.request.v20140526.DescribeInstancesRequest import DescribeInstancesRequest
|
||||
from aliyunsdkecs.request.v20140526.StartInstanceRequest import StartInstanceRequest
|
||||
from aliyunsdkecs.request.v20140526.StopInstanceRequest import StopInstanceRequest
|
||||
from aliyunsdkecs.request.v20140526.RebootInstanceRequest import RebootInstanceRequest
|
||||
- from aliyunsdkcore.profile import region_provider
|
||||
-except ImportError:
|
||||
- pass
|
||||
+except ImportError as e:
|
||||
+ logging.warn("The 'aliyunsdkecs' module has been not installed or is unavailable, try to execute the command 'pip install aliyun-python-sdk-ecs --upgrade' to solve. error: %s" % e)
|
||||
+
|
||||
|
||||
def _send_request(conn, request):
|
||||
+ logging.debug("send request action: %s" % request.get_action_name())
|
||||
request.set_accept_format('json')
|
||||
try:
|
||||
response_str = conn.do_action_with_exception(request)
|
||||
- response_detail = json.loads(response_str)
|
||||
- logging.debug("_send_request reponse: %s" % response_detail)
|
||||
- return response_detail
|
||||
except Exception as e:
|
||||
- fail_usage("Failed: _send_request failed: %s" % e)
|
||||
+ fail_usage("Failed: send request failed: Error: %s" % e)
|
||||
+
|
||||
+ response_detail = json.loads(response_str)
|
||||
+ logging.debug("reponse: %s" % response_detail)
|
||||
+ return response_detail
|
||||
|
||||
def start_instance(conn, instance_id):
|
||||
+ logging.debug("start instance %s" % instance_id)
|
||||
request = StartInstanceRequest()
|
||||
request.set_InstanceId(instance_id)
|
||||
_send_request(conn, request)
|
||||
|
||||
def stop_instance(conn, instance_id):
|
||||
+ logging.debug("stop instance %s" % instance_id)
|
||||
request = StopInstanceRequest()
|
||||
request.set_InstanceId(instance_id)
|
||||
request.set_ForceStop('true')
|
||||
_send_request(conn, request)
|
||||
|
||||
def reboot_instance(conn, instance_id):
|
||||
+ logging.debug("reboot instance %s" % instance_id)
|
||||
request = RebootInstanceRequest()
|
||||
request.set_InstanceId(instance_id)
|
||||
request.set_ForceStop('true')
|
||||
_send_request(conn, request)
|
||||
|
||||
def get_status(conn, instance_id):
|
||||
+ logging.debug("get instance %s status" % instance_id)
|
||||
request = DescribeInstancesRequest()
|
||||
request.set_InstanceIds(json.dumps([instance_id]))
|
||||
response = _send_request(conn, request)
|
||||
@@ -59,20 +73,30 @@
|
||||
return instance_status
|
||||
|
||||
def get_nodes_list(conn, options):
|
||||
+ logging.debug("start to get nodes list")
|
||||
result = {}
|
||||
request = DescribeInstancesRequest()
|
||||
request.set_PageSize(100)
|
||||
+
|
||||
+ if "--filter" in options:
|
||||
+ filter_key = options["--filter"].split("=")[0].strip()
|
||||
+ filter_value = options["--filter"].split("=")[1].strip()
|
||||
+ params = request.get_query_params()
|
||||
+ params[filter_key] = filter_value
|
||||
+ request.set_query_params(params)
|
||||
+
|
||||
response = _send_request(conn, request)
|
||||
- instance_status = None
|
||||
if response is not None:
|
||||
instance_list = response.get('Instances').get('Instance')
|
||||
for item in instance_list:
|
||||
instance_id = item.get('InstanceId')
|
||||
instance_name = item.get('InstanceName')
|
||||
result[instance_id] = (instance_name, None)
|
||||
+ logging.debug("get nodes list: %s" % result)
|
||||
return result
|
||||
|
||||
def get_power_status(conn, options):
|
||||
+ logging.debug("start to get power(%s) status" % options["--plug"])
|
||||
state = get_status(conn, options["--plug"])
|
||||
|
||||
if state == "Running":
|
||||
@@ -81,14 +105,11 @@
|
||||
status = "off"
|
||||
else:
|
||||
status = "unknown"
|
||||
-
|
||||
- logging.info("get_power_status: %s" % status)
|
||||
-
|
||||
+ logging.debug("the power(%s) status is %s" % (options["--plug"], status))
|
||||
return status
|
||||
|
||||
-
|
||||
def set_power_status(conn, options):
|
||||
- logging.info("set_power_status: %s" % options["--action"])
|
||||
+ logging.info("start to set power(%s) status to %s" % (options["--plug"], options["--action"]))
|
||||
|
||||
if (options["--action"]=="off"):
|
||||
stop_instance(conn, options["--plug"])
|
||||
@@ -97,7 +118,6 @@
|
||||
elif (options["--action"]=="reboot"):
|
||||
reboot_instance(conn, options["--plug"])
|
||||
|
||||
-
|
||||
def define_new_opts():
|
||||
all_opt["region"] = {
|
||||
"getopt" : "r:",
|
||||
@@ -126,17 +146,42 @@
|
||||
all_opt["ram_role"] = {
|
||||
"getopt": ":",
|
||||
"longopt": "ram-role",
|
||||
- "help": "--ram-role=[name] Ram Role",
|
||||
+ "help": "--ram-role=[name] Ram Role",
|
||||
"shortdesc": "Ram Role.",
|
||||
"required": "0",
|
||||
"order": 5
|
||||
}
|
||||
+ all_opt["credentials_file"] = {
|
||||
+ "getopt": ":",
|
||||
+ "longopt": "credentials-file",
|
||||
+ "help": "--credentials-file=[path] Path to aliyun-cli credentials file",
|
||||
+ "shortdesc": "Path to credentials file",
|
||||
+ "required": "0",
|
||||
+ "order": 6
|
||||
+ }
|
||||
+ all_opt["credentials_file_profile"] = {
|
||||
+ "getopt": ":",
|
||||
+ "longopt": "credentials-file-profile",
|
||||
+ "help": "--credentials-file-profile=[profile] Credentials file profile",
|
||||
+ "shortdesc": "Credentials file profile",
|
||||
+ "required": "0",
|
||||
+ "default": "default",
|
||||
+ "order": 7
|
||||
+ }
|
||||
+ all_opt["filter"] = {
|
||||
+ "getopt": ":",
|
||||
+ "longopt": "filter",
|
||||
+ "help": "--filter=[key=value] Filter (e.g. InstanceIds=[\"i-XXYYZZAA1\",\"i-XXYYZZAA2\"]",
|
||||
+ "shortdesc": "Filter for list-action.",
|
||||
+ "required": "0",
|
||||
+ "order": 8
|
||||
+ }
|
||||
|
||||
# Main agent method
|
||||
def main():
|
||||
conn = None
|
||||
|
||||
- device_opt = ["port", "no_password", "region", "access_key", "secret_key", "ram_role"]
|
||||
+ device_opt = ["port", "no_password", "region", "access_key", "secret_key", "ram_role", "credentials_file", "credentials_file_profile", "filter"]
|
||||
|
||||
atexit.register(atexit_handler)
|
||||
|
||||
@@ -164,8 +209,25 @@
|
||||
ram_role = options["--ram-role"]
|
||||
role = EcsRamRoleCredential(ram_role)
|
||||
conn = client.AcsClient(region_id=region, credential=role)
|
||||
- region_provider.modify_point('Ecs', region, 'ecs.%s.aliyuncs.com' % region)
|
||||
-
|
||||
+ elif "--credentials-file" in options and "--credentials-file-profile" in options:
|
||||
+ import os, configparser
|
||||
+ try:
|
||||
+ config = configparser.ConfigParser()
|
||||
+ config.read(os.path.expanduser(options["--credentials-file"]))
|
||||
+ access_key = config.get(options["--credentials-file-profile"], "aliyun_access_key_id")
|
||||
+ secret_key = config.get(options["--credentials-file-profile"], "aliyun_access_key_secret")
|
||||
+ conn = client.AcsClient(access_key, secret_key, region)
|
||||
+ except Exception as e:
|
||||
+ fail_usage("Failed: failed to read credentials file: %s" % e)
|
||||
+ else:
|
||||
+ fail_usage("Failed: User credentials are not set. Please set the Access Key and the Secret Key, or configure the RAM role.")
|
||||
+
|
||||
+ # Use intranet endpoint to access ECS service
|
||||
+ try:
|
||||
+ region_provider.modify_point('Ecs', region, 'ecs.%s.aliyuncs.com' % region)
|
||||
+ except Exception as e:
|
||||
+ logging.warn("Failed: failed to modify endpoint to 'ecs.%s.aliyuncs.com': %s" % (region, e))
|
||||
+
|
||||
# Operate the fencing device
|
||||
result = fence_action(conn, options, set_power_status, get_power_status, get_nodes_list)
|
||||
sys.exit(result)
|
@ -59,7 +59,7 @@
|
||||
Name: fence-agents
|
||||
Summary: Set of unified programs capable of host isolation ("fencing")
|
||||
Version: 4.10.0
|
||||
Release: 69%{?alphatag:.%{alphatag}}%{?dist}
|
||||
Release: 70%{?alphatag:.%{alphatag}}%{?dist}
|
||||
License: GPLv2+ and LGPLv2+
|
||||
URL: https://github.com/ClusterLabs/fence-agents
|
||||
Source0: https://fedorahosted.org/releases/f/e/fence-agents/%{name}-%{version}.tar.gz
|
||||
@ -250,6 +250,7 @@ Patch49: RHEL-14344-fence_zvmip-1-document-user-permissions.patch
|
||||
Patch50: RHEL-14030-1-all-agents-metadata-update-IO-Power-Network.patch
|
||||
Patch51: RHEL-14030-2-fence_cisco_mds-undo-metadata-change.patch
|
||||
Patch52: RHEL-14344-fence_zvmip-2-fix-manpage-formatting.patch
|
||||
Patch53: RHEL-31488-RHEL-31485-RHEL-31483-fence_aliyun-update.patch
|
||||
|
||||
### HA support libs/utils ###
|
||||
# all archs
|
||||
@ -422,6 +423,7 @@ BuildRequires: %{systemd_units}
|
||||
%patch -p1 -P 50
|
||||
%patch -p1 -P 51
|
||||
%patch -p1 -P 52
|
||||
%patch -p1 -P 53
|
||||
|
||||
# prevent compilation of something that won't get used anyway
|
||||
sed -i.orig 's|FENCE_ZVM=1|FENCE_ZVM=0|' configure.ac
|
||||
@ -1517,6 +1519,11 @@ are located on corosync cluster nodes.
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Thu Apr 4 2024 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.10.0-70
|
||||
- fence_aliyun: add credentials file support, filter parameter, and
|
||||
optimize log output
|
||||
Resolves: RHEL-31488, RHEL-31485, RHEL-31483
|
||||
|
||||
* Thu Mar 21 2024 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.10.0-69
|
||||
- ha-cloud-support: upgrade bundled pyroute2 libs to fix issue in
|
||||
gcp-vpc-move-route's stop-action
|
||||
|
Loading…
Reference in New Issue
Block a user