From d123f4c97ac48c1167ac39849de50d2e596f2231 Mon Sep 17 00:00:00 2001 From: James Antill Date: Thu, 26 May 2022 06:51:55 -0400 Subject: [PATCH] Auto sync2gitlab import of fence-agents-4.2.1-89.el8.src.rpm --- .gitignore | 38 + EMPTY | 1 - bz1470813-fencing-1-disable-timeout.patch | 1233 +++++++++++ bz1470813-fencing-2-fix-power-timeout.patch | 40 + ...encing-3-make-timeout-0-mean-forever.patch | 38 + ...encing-4-make-timeout-0-mean-forever.patch | 22 + ...70827-all-agents-log-exceptions-fail.patch | 198 ++ bz1650214-fence_azure_arm-bundled.patch | 12 + ...-fence_hpblade-fix-log_expect_syntax.patch | 50 + ...orrect-SCSI-key-node-ID-10-or-higher.patch | 24 + ...73-fence_vmware_soap-cleanup-sigterm.patch | 41 + ...-1-fence_scsi-watchdog-retry-support.patch | 146 ++ ...54976-2-build-fix-check_used_options.patch | 23 + bz1666914-1-fence_redfish.patch | 812 ++++++++ ...14-2-fence_redfish-fail-invalid-cert.patch | 60 + ...1-fence_redfish-use-ipport-parameter.patch | 43 + ...-ip-parameter-backward-compatibility.patch | 24 + ..._gce-add-serviceaccount-file-support.patch | 73 + ...fence_gce-fix-python3-encoding-issue.patch | 22 + bz1700546-fence_azure_arm-skip_shutdown.patch | 48 + ...redfish-full-redfish-spec-compliance.patch | 65 + ...9780-fence_rhevm-RHEV-v4-API-support.patch | 164 ++ ...-fence_mpath-fix-watchdog-hardreboot.patch | 21 + ...2263-fence_rhevm-1-use-UTF8-encoding.patch | 32 + ...ce_rhevm-2-fix-debug-encoding-issues.patch | 31 + bz1714458-fence_scsi-node-id-new-format.patch | 30 + ...chdog-fix-retry-failing-on-first-try.patch | 42 + ...4862-fence_ibm_vpc-fence_ibm_powervs.patch | 740 +++++++ bz1732766-fence_aliyun-1-add-RAM-role.patch | 152 ++ ...aliyun-2-import-EcsRamRoleCredential.patch | 39 + ...ware_rest-fix-keyerror-suspended-vms.patch | 23 + ...nce_iloX_ssh-monitor-timeout-warning.patch | 25 + bz1748443-fence_zvmip-python3-fixes.patch | 43 + ...96-fence_scsi-add-readonly-parameter.patch | 79 + ...atchdog-trigger-multipath-disconnect.patch | 40 + ...e_mpath-1-add-plug-parameter-support.patch | 197 ++ ...ce_mpath-2-fix-plug-parameter-issues.patch | 73 + ...ence_evacuate-1-fix-region_name-type.patch | 66 + ...ence_evacuate-2-fix-project-shortopt.patch | 77 + ...ute-disable-service-after-force-down.patch | 42 + ...24-fence_vmware_rest-improve-logging.patch | 61 + ...63674-fence_rhevm-add-cookie-support.patch | 109 + ...-fencing-improve-stdin-quote-parsing.patch | 23 + ...1-fencing-inetX_only-SSH-fence_zvmip.patch | 756 +++++++ ...h-fence_vmware_soap-suppress-warning.patch | 51 + ...ence_scsi-add-hash-key-value-support.patch | 237 +++ bz1774458-fence_sbd-stderr-support.patch | 39 + ...5-fencing-1-add-stonith_status_sleep.patch | 47 + ...ncing-2-metadata-fix-long-parameters.patch | 22 + ...rove-logging-and-metadata-usage-text.patch | 130 ++ ...739-fence_vmware_rest-1-fix-encoding.patch | 23 + ...vmware_rest-2-support-utf-8-vm-names.patch | 38 + ...fence_vmware_rest-3-fix-encode-issue.patch | 23 + ...p-log-exception-message-for-SSLError.patch | 23 + ...nce_mpath-fix-reserve-parameter-typo.patch | 22 + ...57-fence_aws-improve-parameter-logic.patch | 48 + ...16203-fence_aws-1-fix-race-condition.patch | 421 ++++ ...203-fence_aws-2-fix-python3-encoding.patch | 22 + ...8157-fence_azure_arm-fix-MSI-support.patch | 75 + ...ware_rest-improve-exception-handling.patch | 44 + ...e_vmware_rest-1-add-filter-parameter.patch | 92 + ...are_rest-2-fix-1000-VM-monitor-error.patch | 76 + ...ence_evacuate-fix-insecure-parameter.patch | 122 ++ ...9776-fence_aws-catch-connectionerror.patch | 95 + ...e_scsi-dont-write-key-device-to-file.patch | 60 + ...rt-comma-and-space-separated-devices.patch | 23 + ...-allow-increasing-ipmitool-verbosity.patch | 1489 +++++++++++++ ...nce_evacuate-support-private-flavors.patch | 26 + ...-fence_lpar-fix-long-user-host-issue.patch | 127 ++ ...26-fence_lpar-fix-list-status-action.patch | 145 ++ bz1896827-fence_aws-add-imdsv2-support.patch | 40 + bz1906978-fence_gce-default-to-onoff.patch | 36 + ...4313-fence_zvmip-fix-disable-timeout.patch | 23 + ...0947-fence_redfish-1-add-diag-action.patch | 53 + ...ence_redfish-2-add-diag-action-logic.patch | 49 + bz1920947-fence_redfish-3-fix-typo.patch | 22 + ...7-fence_mpath-watchdog-retry-support.patch | 111 + ...-fence_ipmilan-add-fence_ipmilanplus.patch | 38 + ...41989-fence_aws-add-filter-parameter.patch | 91 + bz1942363-fence_gce-default-to-cycle.patch | 37 + ...3163-fence_zvmip-add-ssl-tls-support.patch | 100 + bz1969953-fence_gce-1-add-proxy-support.patch | 70 + bz1969953-fence_gce-2-bundled.patch | 10 + ...9953-fence_gce-3-fix-httplib2-import.patch | 18 + ...e_sbd-dont-spam-logs-disable-timeout.patch | 23 + ...77588-1-fencing-add-EC_FETCH_VM_UUID.patch | 22 + bz1977588-2-fence_kubevirt.patch | 144 ++ bz1977588-3-fence_kubevirt-fix-status.patch | 55 + ...8-4-fence_kubevirt-power-timeout-40s.patch | 35 + ..._kubevirt-get-namespace-from-context.patch | 88 + ...0710-1-fence_amt_ws-fix-or-dead-code.patch | 22 + bz2010710-2-fence_amt_ws-boot-option.patch | 32 + bz2048857-fence_aws-botocore-bundled.patch | 11 + fence-agents.spec | 1850 +++++++++++++++++ fence_aliyun-1.patch | 344 +++ fence_aliyun-2.patch | 58 + fence_aliyun-3-logging.patch | 51 + fence_aliyun-4-bundled.patch | 11 + fence_aliyun-5-list-instance-names.patch | 31 + fence_aliyun-6-correct-help-indentation.patch | 31 + fence_cisco_ucs-encode-POSTFIELDS.patch | 22 + ...te-fence_evacuate-fix-compute-domain.patch | 232 +++ ...evacuate-fix-evacuable-tag-mix-issue.patch | 20 + ...kdriver-logging-default-method-cycle.patch | 674 ++++++ fence_gce-2-filter-aggregatedlist.patch | 25 + fence_gce-3-stackdriver-logging-note.patch | 34 + ..._ipmilan-show-correct-default-method.patch | 26 + ...pilan-fence_ilo_ssh-add-ilo5-support.patch | 33 + fence_kdump-fix-strncpy-issue.patch | 36 + fence_mpath-watchdog-support.patch | 176 ++ fix-version.patch | 10 + python3-has_key-fixes.patch | 74 + sources | 38 + 113 files changed, 14303 insertions(+), 1 deletion(-) create mode 100644 .gitignore delete mode 100644 EMPTY create mode 100644 bz1470813-fencing-1-disable-timeout.patch create mode 100644 bz1470813-fencing-2-fix-power-timeout.patch create mode 100644 bz1470813-fencing-3-make-timeout-0-mean-forever.patch create mode 100644 bz1470813-fencing-4-make-timeout-0-mean-forever.patch create mode 100644 bz1470827-all-agents-log-exceptions-fail.patch create mode 100644 bz1650214-fence_azure_arm-bundled.patch create mode 100644 bz1654616-fence_hpblade-fix-log_expect_syntax.patch create mode 100644 bz1654968-fence_scsi-fix-incorrect-SCSI-key-node-ID-10-or-higher.patch create mode 100644 bz1654973-fence_vmware_soap-cleanup-sigterm.patch create mode 100644 bz1654976-1-fence_scsi-watchdog-retry-support.patch create mode 100644 bz1654976-2-build-fix-check_used_options.patch create mode 100644 bz1666914-1-fence_redfish.patch create mode 100644 bz1666914-2-fence_redfish-fail-invalid-cert.patch create mode 100644 bz1677327-1-fence_redfish-use-ipport-parameter.patch create mode 100644 bz1677327-2-fence_redfish-ip-parameter-backward-compatibility.patch create mode 100644 bz1685814-fence_gce-add-serviceaccount-file-support.patch create mode 100644 bz1696584-fence_gce-fix-python3-encoding-issue.patch create mode 100644 bz1700546-fence_azure_arm-skip_shutdown.patch create mode 100644 bz1704228-fence_redfish-full-redfish-spec-compliance.patch create mode 100644 bz1709780-fence_rhevm-RHEV-v4-API-support.patch create mode 100644 bz1709926-fence_mpath-fix-watchdog-hardreboot.patch create mode 100644 bz1712263-fence_rhevm-1-use-UTF8-encoding.patch create mode 100644 bz1712263-fence_rhevm-2-fix-debug-encoding-issues.patch create mode 100644 bz1714458-fence_scsi-node-id-new-format.patch create mode 100644 bz1720198-fence_scsi-watchdog-fix-retry-failing-on-first-try.patch create mode 100644 bz1728203-bz1874862-fence_ibm_vpc-fence_ibm_powervs.patch create mode 100644 bz1732766-fence_aliyun-1-add-RAM-role.patch create mode 100644 bz1732766-fence_aliyun-2-import-EcsRamRoleCredential.patch create mode 100644 bz1732773-fence_vmware_rest-fix-keyerror-suspended-vms.patch create mode 100644 bz1734811-fence_iloX_ssh-monitor-timeout-warning.patch create mode 100644 bz1748443-fence_zvmip-python3-fixes.patch create mode 100644 bz1750596-fence_scsi-add-readonly-parameter.patch create mode 100644 bz1751704-fence_mpath-fix-watchdog-trigger-multipath-disconnect.patch create mode 100644 bz1753228-fence_mpath-1-add-plug-parameter-support.patch create mode 100644 bz1753228-fence_mpath-2-fix-plug-parameter-issues.patch create mode 100644 bz1760201-fence_compute-fence_evacuate-1-fix-region_name-type.patch create mode 100644 bz1760201-fence_compute-fence_evacuate-2-fix-project-shortopt.patch create mode 100644 bz1760213-fence_compute-disable-service-after-force-down.patch create mode 100644 bz1760224-fence_vmware_rest-improve-logging.patch create mode 100644 bz1763674-fence_rhevm-add-cookie-support.patch create mode 100644 bz1769783-fencing-improve-stdin-quote-parsing.patch create mode 100644 bz1771594-1-fencing-inetX_only-SSH-fence_zvmip.patch create mode 100644 bz1771594-2-fence_redfish-fence_vmware_soap-suppress-warning.patch create mode 100644 bz1773890-fence_scsi-add-hash-key-value-support.patch create mode 100644 bz1774458-fence_sbd-stderr-support.patch create mode 100644 bz1780825-fencing-1-add-stonith_status_sleep.patch create mode 100644 bz1780825-fencing-2-metadata-fix-long-parameters.patch create mode 100644 bz1781357-fence_aws-improve-logging-and-metadata-usage-text.patch create mode 100644 bz1793739-fence_vmware_rest-1-fix-encoding.patch create mode 100644 bz1793739-fence_vmware_rest-2-support-utf-8-vm-names.patch create mode 100644 bz1793739-fence_vmware_rest-3-fix-encode-issue.patch create mode 100644 bz1796654-fence_vmware_soap-log-exception-message-for-SSLError.patch create mode 100644 bz1798641-fence_mpath-fix-reserve-parameter-typo.patch create mode 100644 bz1810457-fence_aws-improve-parameter-logic.patch create mode 100644 bz1816203-fence_aws-1-fix-race-condition.patch create mode 100644 bz1816203-fence_aws-2-fix-python3-encoding.patch create mode 100644 bz1818157-fence_azure_arm-fix-MSI-support.patch create mode 100644 bz1827559-fence_vmware_rest-improve-exception-handling.patch create mode 100644 bz1827652-fence_vmware_rest-1-add-filter-parameter.patch create mode 100644 bz1827652-fence_vmware_rest-2-fix-1000-VM-monitor-error.patch create mode 100644 bz1830776-fence_compute-fence_evacuate-fix-insecure-parameter.patch create mode 100644 bz1839776-fence_aws-catch-connectionerror.patch create mode 100644 bz1841087-fence_scsi-dont-write-key-device-to-file.patch create mode 100644 bz1851115-fence_mpath-support-comma-and-space-separated-devices.patch create mode 100644 bz1853973-fence_ipmilan-allow-increasing-ipmitool-verbosity.patch create mode 100644 bz1859932-fence_evacuate-support-private-flavors.patch create mode 100644 bz1860544-fence_lpar-fix-long-user-host-issue.patch create mode 100644 bz1861926-fence_lpar-fix-list-status-action.patch create mode 100644 bz1896827-fence_aws-add-imdsv2-support.patch create mode 100644 bz1906978-fence_gce-default-to-onoff.patch create mode 100644 bz1914313-fence_zvmip-fix-disable-timeout.patch create mode 100644 bz1920947-fence_redfish-1-add-diag-action.patch create mode 100644 bz1920947-fence_redfish-2-add-diag-action-logic.patch create mode 100644 bz1920947-fence_redfish-3-fix-typo.patch create mode 100644 bz1922437-fence_mpath-watchdog-retry-support.patch create mode 100644 bz1925015-fence_ipmilan-add-fence_ipmilanplus.patch create mode 100644 bz1941989-fence_aws-add-filter-parameter.patch create mode 100644 bz1942363-fence_gce-default-to-cycle.patch create mode 100644 bz1963163-fence_zvmip-add-ssl-tls-support.patch create mode 100644 bz1969953-fence_gce-1-add-proxy-support.patch create mode 100644 bz1969953-fence_gce-2-bundled.patch create mode 100644 bz1969953-fence_gce-3-fix-httplib2-import.patch create mode 100644 bz1971683-fence_sbd-dont-spam-logs-disable-timeout.patch create mode 100644 bz1977588-1-fencing-add-EC_FETCH_VM_UUID.patch create mode 100644 bz1977588-2-fence_kubevirt.patch create mode 100644 bz1977588-3-fence_kubevirt-fix-status.patch create mode 100644 bz1977588-4-fence_kubevirt-power-timeout-40s.patch create mode 100644 bz1977588-5-fence_kubevirt-get-namespace-from-context.patch create mode 100644 bz2010710-1-fence_amt_ws-fix-or-dead-code.patch create mode 100644 bz2010710-2-fence_amt_ws-boot-option.patch create mode 100644 bz2048857-fence_aws-botocore-bundled.patch create mode 100644 fence-agents.spec create mode 100644 fence_aliyun-1.patch create mode 100644 fence_aliyun-2.patch create mode 100644 fence_aliyun-3-logging.patch create mode 100644 fence_aliyun-4-bundled.patch create mode 100644 fence_aliyun-5-list-instance-names.patch create mode 100644 fence_aliyun-6-correct-help-indentation.patch create mode 100644 fence_cisco_ucs-encode-POSTFIELDS.patch create mode 100644 fence_compute-fence_evacuate-fix-compute-domain.patch create mode 100644 fence_evacuate-fix-evacuable-tag-mix-issue.patch create mode 100644 fence_gce-1-stackdriver-logging-default-method-cycle.patch create mode 100644 fence_gce-2-filter-aggregatedlist.patch create mode 100644 fence_gce-3-stackdriver-logging-note.patch create mode 100644 fence_ilo3-fence_ipmilan-show-correct-default-method.patch create mode 100644 fence_impilan-fence_ilo_ssh-add-ilo5-support.patch create mode 100644 fence_kdump-fix-strncpy-issue.patch create mode 100644 fence_mpath-watchdog-support.patch create mode 100644 fix-version.patch create mode 100644 python3-has_key-fixes.patch create mode 100644 sources diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..cd256b2 --- /dev/null +++ b/.gitignore @@ -0,0 +1,38 @@ +/Jinja2-3.0.2.tar.gz +/MarkupSafe-2.0.1.tar.gz +/PyYAML-6.0.tar.gz +/aliyun-python-sdk-core-2.13.1.tar.gz +/aliyun-python-sdk-ecs-4.9.3.tar.gz +/aliyun-python-sdk-vpc-3.0.2.tar.gz +/botocore-1.23.46.tar.gz +/cachetools-4.2.4.tar.gz +/certifi-2021.10.8.tar.gz +/chardet-4.0.0.tar.gz +/charset-normalizer-2.0.7.tar.gz +/fence-agents-4.2.1.tar.gz +/google-auth-2.3.0.tar.gz +/httplib2-0.19.1-py3-none-any.whl +/idna-3.3.tar.gz +/jmespath-0.10.0.tar.gz +/kubernetes-12.0.1.tar.gz +/oauthlib-3.1.1.tar.gz +/openshift-0.12.1.tar.gz +/packaging-21.2-py3-none-any.whl +/pyasn1-0.4.8.tar.gz +/pyasn1-modules-0.2.8.tar.gz +/pycryptodome-3.6.4.tar.gz +/pyparsing-2.4.7-py2.py3-none-any.whl +/pyparsing-3.0.1.tar.gz +/python-dateutil-2.8.2.tar.gz +/python-string-utils-1.0.0.tar.gz +/requests-2.26.0.tar.gz +/requests-oauthlib-1.3.0.tar.gz +/rsa-4.7.2.tar.gz +/ruamel.yaml-0.17.16.tar.gz +/ruamel.yaml.clib-0.2.6.tar.gz +/setuptools-58.3.0.tar.gz +/setuptools_scm-6.3.2.tar.gz +/six-1.16.0.tar.gz +/tomli-1.0.1.tar.gz +/urllib3-1.26.7.tar.gz +/websocket-client-1.2.1.tar.gz diff --git a/EMPTY b/EMPTY deleted file mode 100644 index 0519ecb..0000000 --- a/EMPTY +++ /dev/null @@ -1 +0,0 @@ - \ No newline at end of file diff --git a/bz1470813-fencing-1-disable-timeout.patch b/bz1470813-fencing-1-disable-timeout.patch new file mode 100644 index 0000000..28dc70f --- /dev/null +++ b/bz1470813-fencing-1-disable-timeout.patch @@ -0,0 +1,1233 @@ +From c9e44928d5818bb6c609756bf3ac936afce22610 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Fri, 7 Aug 2020 16:08:47 +0200 +Subject: [PATCH 1/2] fencing: add disable-timeout parameter, and make it + default when run from Pacemaker (at least 2.0+) + +--- + lib/fencing.py.py | 16 ++++++++++++++-- + 1 file changed, 14 insertions(+), 2 deletions(-) + +diff --git a/lib/fencing.py.py b/lib/fencing.py.py +index 63b13036..4a41af02 100644 +--- a/lib/fencing.py.py ++++ b/lib/fencing.py.py +@@ -351,6 +351,12 @@ + "default" : "20", + "required" : "0", + "order" : 200}, ++ "disable_timeout" : { ++ "getopt" : ":", ++ "longopt" : "disable-timeout", ++ "help" : "--disable-timeout=[true/false] Disable timeout (true/false) (default: true when run from Pacemaker 2.0+)", ++ "required" : "0", ++ "order" : 200}, + "power_wait" : { + "getopt" : ":", + "longopt" : "power-wait", +@@ -469,8 +475,8 @@ + DEPENDENCY_OPT = { + "default" : ["help", "debug", "verbose", "verbose_level", + "version", "action", "agent", "power_timeout", +- "shell_timeout", "login_timeout", "power_wait", +- "retry_on", "delay", "quiet"], ++ "shell_timeout", "login_timeout", "disable_timeout", ++ "power_wait", "retry_on", "delay", "quiet"], + "passwd" : ["passwd_script"], + "sudo" : ["sudo_path"], + "secure" : ["identity_file", "ssh_options", "ssh_path", "inet4_only", "inet6_only"], +@@ -769,6 +775,12 @@ def check_input(device_opt, opt, other_conditions = False): + if "--password-script" in options: + options["--password"] = os.popen(options["--password-script"]).read().rstrip() + ++ if os.environ.get("PCMK_service") == "pacemaker-fenced" and "--disable-timeout" not in options: ++ options["--disable-timeout"] = "1" ++ ++ if options.get("--disable-timeout", "").lower() in ["1", "yes", "on", "true"]: ++ options["--power-timeout"] = options["--shell-timeout"] = options["--login-timeout"] = 0 ++ + return options + + ## Obtain a power status from possibly more than one plug + +From 3ca4f45d0d32204fc4346a445720a8b894243604 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Tue, 6 Oct 2020 15:05:42 +0200 +Subject: [PATCH 2/2] metadata: update for disable_timeout parameter + +--- + tests/data/metadata/fence_aliyun.xml | 5 +++++ + tests/data/metadata/fence_alom.xml | 5 +++++ + tests/data/metadata/fence_amt.xml | 5 +++++ + tests/data/metadata/fence_amt_ws.xml | 5 +++++ + tests/data/metadata/fence_apc.xml | 5 +++++ + tests/data/metadata/fence_apc_snmp.xml | 5 +++++ + tests/data/metadata/fence_aws.xml | 5 +++++ + tests/data/metadata/fence_azure_arm.xml | 5 +++++ + tests/data/metadata/fence_bladecenter.xml | 5 +++++ + tests/data/metadata/fence_brocade.xml | 5 +++++ + tests/data/metadata/fence_cisco_mds.xml | 5 +++++ + tests/data/metadata/fence_cisco_ucs.xml | 5 +++++ + tests/data/metadata/fence_compute.xml | 5 +++++ + tests/data/metadata/fence_docker.xml | 5 +++++ + tests/data/metadata/fence_drac.xml | 5 +++++ + tests/data/metadata/fence_drac5.xml | 5 +++++ + tests/data/metadata/fence_dummy.xml | 5 +++++ + tests/data/metadata/fence_eaton_snmp.xml | 5 +++++ + tests/data/metadata/fence_emerson.xml | 5 +++++ + tests/data/metadata/fence_eps.xml | 5 +++++ + tests/data/metadata/fence_evacuate.xml | 5 +++++ + tests/data/metadata/fence_gce.xml | 5 +++++ + tests/data/metadata/fence_hds_cb.xml | 5 +++++ + tests/data/metadata/fence_heuristics_ping.xml | 5 +++++ + tests/data/metadata/fence_hpblade.xml | 5 +++++ + tests/data/metadata/fence_ibmblade.xml | 5 +++++ + tests/data/metadata/fence_idrac.xml | 5 +++++ + tests/data/metadata/fence_ifmib.xml | 5 +++++ + tests/data/metadata/fence_ilo.xml | 5 +++++ + tests/data/metadata/fence_ilo2.xml | 5 +++++ + tests/data/metadata/fence_ilo3.xml | 5 +++++ + tests/data/metadata/fence_ilo3_ssh.xml | 5 +++++ + tests/data/metadata/fence_ilo4.xml | 5 +++++ + tests/data/metadata/fence_ilo4_ssh.xml | 5 +++++ + tests/data/metadata/fence_ilo_moonshot.xml | 5 +++++ + tests/data/metadata/fence_ilo_mp.xml | 5 +++++ + tests/data/metadata/fence_ilo_ssh.xml | 5 +++++ + tests/data/metadata/fence_imm.xml | 5 +++++ + tests/data/metadata/fence_intelmodular.xml | 5 +++++ + tests/data/metadata/fence_ipdu.xml | 5 +++++ + tests/data/metadata/fence_ipmilan.xml | 5 +++++ + tests/data/metadata/fence_ironic.xml | 5 +++++ + tests/data/metadata/fence_ldom.xml | 5 +++++ + tests/data/metadata/fence_lpar.xml | 5 +++++ + tests/data/metadata/fence_mpath.xml | 5 +++++ + tests/data/metadata/fence_netio.xml | 5 +++++ + tests/data/metadata/fence_openstack.xml | 5 +++++ + tests/data/metadata/fence_ovh.xml | 5 +++++ + tests/data/metadata/fence_powerman.xml | 5 +++++ + tests/data/metadata/fence_pve.xml | 5 +++++ + tests/data/metadata/fence_raritan.xml | 5 +++++ + tests/data/metadata/fence_rcd_serial.xml | 5 +++++ + tests/data/metadata/fence_redfish.xml | 5 +++++ + tests/data/metadata/fence_rhevm.xml | 5 +++++ + tests/data/metadata/fence_rsa.xml | 5 +++++ + tests/data/metadata/fence_rsb.xml | 5 +++++ + tests/data/metadata/fence_sanbox2.xml | 5 +++++ + tests/data/metadata/fence_sbd.xml | 5 +++++ + tests/data/metadata/fence_scsi.xml | 5 +++++ + tests/data/metadata/fence_tripplite_snmp.xml | 5 +++++ + tests/data/metadata/fence_vbox.xml | 5 +++++ + tests/data/metadata/fence_virsh.xml | 5 +++++ + tests/data/metadata/fence_vmware.xml | 5 +++++ + tests/data/metadata/fence_vmware_rest.xml | 5 +++++ + tests/data/metadata/fence_vmware_soap.xml | 5 +++++ + tests/data/metadata/fence_vmware_vcloud.xml | 5 +++++ + tests/data/metadata/fence_wti.xml | 5 +++++ + tests/data/metadata/fence_xenapi.xml | 5 +++++ + tests/data/metadata/fence_zvmip.xml | 5 +++++ + 73 files changed, 365 insertions(+) + +diff --git a/tests/data/metadata/fence_aliyun.xml b/tests/data/metadata/fence_aliyun.xml +index 8f236806..d90acf71 100644 +--- a/tests/data/metadata/fence_aliyun.xml ++++ b/tests/data/metadata/fence_aliyun.xml +@@ -83,6 +83,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_alom.xml b/tests/data/metadata/fence_alom.xml +index ef6c06c3..91679e8e 100644 +--- a/tests/data/metadata/fence_alom.xml ++++ b/tests/data/metadata/fence_alom.xml +@@ -143,6 +143,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_amt.xml b/tests/data/metadata/fence_amt.xml +index ee174852..f2e7ac69 100644 +--- a/tests/data/metadata/fence_amt.xml ++++ b/tests/data/metadata/fence_amt.xml +@@ -116,6 +116,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_amt_ws.xml b/tests/data/metadata/fence_amt_ws.xml +index 9c223c8d..e6e03ea8 100644 +--- a/tests/data/metadata/fence_amt_ws.xml ++++ b/tests/data/metadata/fence_amt_ws.xml +@@ -112,6 +112,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_apc.xml b/tests/data/metadata/fence_apc.xml +index efad9db8..2ee96f32 100644 +--- a/tests/data/metadata/fence_apc.xml ++++ b/tests/data/metadata/fence_apc.xml +@@ -153,6 +153,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_apc_snmp.xml b/tests/data/metadata/fence_apc_snmp.xml +index a1947672..435f96dc 100644 +--- a/tests/data/metadata/fence_apc_snmp.xml ++++ b/tests/data/metadata/fence_apc_snmp.xml +@@ -158,6 +158,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_aws.xml b/tests/data/metadata/fence_aws.xml +index 527fc86c..1f3ab3b9 100644 +--- a/tests/data/metadata/fence_aws.xml ++++ b/tests/data/metadata/fence_aws.xml +@@ -86,6 +86,11 @@ For instructions see: https://boto3.readthedocs.io/en/latest/guide/quickstart.ht + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_azure_arm.xml b/tests/data/metadata/fence_azure_arm.xml +index 42c9952f..7e55863b 100644 +--- a/tests/data/metadata/fence_azure_arm.xml ++++ b/tests/data/metadata/fence_azure_arm.xml +@@ -143,6 +143,11 @@ When using network fencing the reboot-action will cause a quick-return once the + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_bladecenter.xml b/tests/data/metadata/fence_bladecenter.xml +index f2ee28b1..6ff6bee7 100644 +--- a/tests/data/metadata/fence_bladecenter.xml ++++ b/tests/data/metadata/fence_bladecenter.xml +@@ -148,6 +148,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_brocade.xml b/tests/data/metadata/fence_brocade.xml +index f3287503..2cfa7594 100644 +--- a/tests/data/metadata/fence_brocade.xml ++++ b/tests/data/metadata/fence_brocade.xml +@@ -148,6 +148,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_cisco_mds.xml b/tests/data/metadata/fence_cisco_mds.xml +index a0e62cba..4f744f0a 100644 +--- a/tests/data/metadata/fence_cisco_mds.xml ++++ b/tests/data/metadata/fence_cisco_mds.xml +@@ -157,6 +157,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_cisco_ucs.xml b/tests/data/metadata/fence_cisco_ucs.xml +index f4543f4b..a57a8486 100644 +--- a/tests/data/metadata/fence_cisco_ucs.xml ++++ b/tests/data/metadata/fence_cisco_ucs.xml +@@ -133,6 +133,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_compute.xml b/tests/data/metadata/fence_compute.xml +index a5ce53cd..0589c146 100644 +--- a/tests/data/metadata/fence_compute.xml ++++ b/tests/data/metadata/fence_compute.xml +@@ -168,6 +168,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_docker.xml b/tests/data/metadata/fence_docker.xml +index 6e3306d4..789f6c71 100644 +--- a/tests/data/metadata/fence_docker.xml ++++ b/tests/data/metadata/fence_docker.xml +@@ -121,6 +121,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_drac.xml b/tests/data/metadata/fence_drac.xml +index 451ee504..1179727a 100644 +--- a/tests/data/metadata/fence_drac.xml ++++ b/tests/data/metadata/fence_drac.xml +@@ -113,6 +113,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_drac5.xml b/tests/data/metadata/fence_drac5.xml +index 564008ab..9a3c0c1e 100644 +--- a/tests/data/metadata/fence_drac5.xml ++++ b/tests/data/metadata/fence_drac5.xml +@@ -157,6 +157,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_dummy.xml b/tests/data/metadata/fence_dummy.xml +index ec4d5b46..5287ec59 100644 +--- a/tests/data/metadata/fence_dummy.xml ++++ b/tests/data/metadata/fence_dummy.xml +@@ -63,6 +63,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_eaton_snmp.xml b/tests/data/metadata/fence_eaton_snmp.xml +index 1ec07c68..d2260308 100644 +--- a/tests/data/metadata/fence_eaton_snmp.xml ++++ b/tests/data/metadata/fence_eaton_snmp.xml +@@ -157,6 +157,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_emerson.xml b/tests/data/metadata/fence_emerson.xml +index fbdcbcde..870e363a 100644 +--- a/tests/data/metadata/fence_emerson.xml ++++ b/tests/data/metadata/fence_emerson.xml +@@ -157,6 +157,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_eps.xml b/tests/data/metadata/fence_eps.xml +index 47cad6f0..2e710249 100644 +--- a/tests/data/metadata/fence_eps.xml ++++ b/tests/data/metadata/fence_eps.xml +@@ -120,6 +120,11 @@ Agent basically works by connecting to hidden page and pass appropriate argument + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_evacuate.xml b/tests/data/metadata/fence_evacuate.xml +index f32b48eb..bf34df2e 100644 +--- a/tests/data/metadata/fence_evacuate.xml ++++ b/tests/data/metadata/fence_evacuate.xml +@@ -163,6 +163,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_gce.xml b/tests/data/metadata/fence_gce.xml +index 1ec1aa9e..78c0b0d6 100644 +--- a/tests/data/metadata/fence_gce.xml ++++ b/tests/data/metadata/fence_gce.xml +@@ -113,6 +113,11 @@ For instructions see: https://cloud.google.com/compute/docs/tutorials/python-gui + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_hds_cb.xml b/tests/data/metadata/fence_hds_cb.xml +index 5529472d..e3f511dd 100644 +--- a/tests/data/metadata/fence_hds_cb.xml ++++ b/tests/data/metadata/fence_hds_cb.xml +@@ -148,6 +148,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_heuristics_ping.xml b/tests/data/metadata/fence_heuristics_ping.xml +index 53e3bb05..4336adf4 100644 +--- a/tests/data/metadata/fence_heuristics_ping.xml ++++ b/tests/data/metadata/fence_heuristics_ping.xml +@@ -88,6 +88,11 @@ This is not a fence agent by itself! Its only purpose is to enable/disable anoth + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_hpblade.xml b/tests/data/metadata/fence_hpblade.xml +index bbb51668..cdc2f85c 100644 +--- a/tests/data/metadata/fence_hpblade.xml ++++ b/tests/data/metadata/fence_hpblade.xml +@@ -148,6 +148,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_ibmblade.xml b/tests/data/metadata/fence_ibmblade.xml +index 6585c4fb..b9ffbd1a 100644 +--- a/tests/data/metadata/fence_ibmblade.xml ++++ b/tests/data/metadata/fence_ibmblade.xml +@@ -157,6 +157,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_idrac.xml b/tests/data/metadata/fence_idrac.xml +index efecc720..c19ceefd 100644 +--- a/tests/data/metadata/fence_idrac.xml ++++ b/tests/data/metadata/fence_idrac.xml +@@ -155,6 +155,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + Path to ipmitool binary +diff --git a/tests/data/metadata/fence_ifmib.xml b/tests/data/metadata/fence_ifmib.xml +index 93bd8aa3..e0e9e0b5 100644 +--- a/tests/data/metadata/fence_ifmib.xml ++++ b/tests/data/metadata/fence_ifmib.xml +@@ -159,6 +159,11 @@ It was written with managed ethernet switches in mind, in order to fence iSCSI S + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_ilo.xml b/tests/data/metadata/fence_ilo.xml +index 7ed91061..691d48bc 100644 +--- a/tests/data/metadata/fence_ilo.xml ++++ b/tests/data/metadata/fence_ilo.xml +@@ -139,6 +139,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_ilo2.xml b/tests/data/metadata/fence_ilo2.xml +index 5527cf21..c43e8738 100644 +--- a/tests/data/metadata/fence_ilo2.xml ++++ b/tests/data/metadata/fence_ilo2.xml +@@ -139,6 +139,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_ilo3.xml b/tests/data/metadata/fence_ilo3.xml +index b5db044c..cf85c47f 100644 +--- a/tests/data/metadata/fence_ilo3.xml ++++ b/tests/data/metadata/fence_ilo3.xml +@@ -155,6 +155,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + Path to ipmitool binary +diff --git a/tests/data/metadata/fence_ilo3_ssh.xml b/tests/data/metadata/fence_ilo3_ssh.xml +index a3c8f11c..5433d042 100644 +--- a/tests/data/metadata/fence_ilo3_ssh.xml ++++ b/tests/data/metadata/fence_ilo3_ssh.xml +@@ -156,6 +156,11 @@ WARNING: The monitor-action is prone to timeouts. Use the fence_ilo-equivalent t + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_ilo4.xml b/tests/data/metadata/fence_ilo4.xml +index 210b05d2..aaf3bf5a 100644 +--- a/tests/data/metadata/fence_ilo4.xml ++++ b/tests/data/metadata/fence_ilo4.xml +@@ -155,6 +155,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + Path to ipmitool binary +diff --git a/tests/data/metadata/fence_ilo4_ssh.xml b/tests/data/metadata/fence_ilo4_ssh.xml +index 9b993dd5..663853dd 100644 +--- a/tests/data/metadata/fence_ilo4_ssh.xml ++++ b/tests/data/metadata/fence_ilo4_ssh.xml +@@ -156,6 +156,11 @@ WARNING: The monitor-action is prone to timeouts. Use the fence_ilo-equivalent t + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_ilo_moonshot.xml b/tests/data/metadata/fence_ilo_moonshot.xml +index 1e31424a..c0739e1b 100644 +--- a/tests/data/metadata/fence_ilo_moonshot.xml ++++ b/tests/data/metadata/fence_ilo_moonshot.xml +@@ -148,6 +148,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_ilo_mp.xml b/tests/data/metadata/fence_ilo_mp.xml +index b825cd32..1ce0327c 100644 +--- a/tests/data/metadata/fence_ilo_mp.xml ++++ b/tests/data/metadata/fence_ilo_mp.xml +@@ -143,6 +143,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_ilo_ssh.xml b/tests/data/metadata/fence_ilo_ssh.xml +index df87fd5f..8a3d5b1a 100644 +--- a/tests/data/metadata/fence_ilo_ssh.xml ++++ b/tests/data/metadata/fence_ilo_ssh.xml +@@ -156,6 +156,11 @@ WARNING: The monitor-action is prone to timeouts. Use the fence_ilo-equivalent t + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_imm.xml b/tests/data/metadata/fence_imm.xml +index d00ad7fa..d969a4c7 100644 +--- a/tests/data/metadata/fence_imm.xml ++++ b/tests/data/metadata/fence_imm.xml +@@ -155,6 +155,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + Path to ipmitool binary +diff --git a/tests/data/metadata/fence_intelmodular.xml b/tests/data/metadata/fence_intelmodular.xml +index ed5afcb8..37d85f65 100644 +--- a/tests/data/metadata/fence_intelmodular.xml ++++ b/tests/data/metadata/fence_intelmodular.xml +@@ -159,6 +159,11 @@ Note: Since firmware update version 2.7, SNMP v2 write support is removed, and r + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_ipdu.xml b/tests/data/metadata/fence_ipdu.xml +index 78575c7c..ade366c3 100644 +--- a/tests/data/metadata/fence_ipdu.xml ++++ b/tests/data/metadata/fence_ipdu.xml +@@ -157,6 +157,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_ipmilan.xml b/tests/data/metadata/fence_ipmilan.xml +index d4c23f73..649f5bcd 100644 +--- a/tests/data/metadata/fence_ipmilan.xml ++++ b/tests/data/metadata/fence_ipmilan.xml +@@ -155,6 +155,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + Path to ipmitool binary +diff --git a/tests/data/metadata/fence_ironic.xml b/tests/data/metadata/fence_ironic.xml +index 84beaffc..c79e1f11 100644 +--- a/tests/data/metadata/fence_ironic.xml ++++ b/tests/data/metadata/fence_ironic.xml +@@ -113,6 +113,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_ldom.xml b/tests/data/metadata/fence_ldom.xml +index 4bb38571..b02b4883 100644 +--- a/tests/data/metadata/fence_ldom.xml ++++ b/tests/data/metadata/fence_ldom.xml +@@ -150,6 +150,11 @@ Very useful parameter is -c (or cmd_prompt in stdin mode). This must be set to s + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_lpar.xml b/tests/data/metadata/fence_lpar.xml +index 7ddc2c45..94e2273a 100644 +--- a/tests/data/metadata/fence_lpar.xml ++++ b/tests/data/metadata/fence_lpar.xml +@@ -162,6 +162,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_mpath.xml b/tests/data/metadata/fence_mpath.xml +index 83d69f6c..bf014fcd 100644 +--- a/tests/data/metadata/fence_mpath.xml ++++ b/tests/data/metadata/fence_mpath.xml +@@ -69,6 +69,11 @@ The fence_mpath agent works by having a unique key for each node that has to be + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_netio.xml b/tests/data/metadata/fence_netio.xml +index b409bde7..43aca0af 100644 +--- a/tests/data/metadata/fence_netio.xml ++++ b/tests/data/metadata/fence_netio.xml +@@ -108,6 +108,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_openstack.xml b/tests/data/metadata/fence_openstack.xml +index 645cd655..eddd8de7 100644 +--- a/tests/data/metadata/fence_openstack.xml ++++ b/tests/data/metadata/fence_openstack.xml +@@ -133,6 +133,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_ovh.xml b/tests/data/metadata/fence_ovh.xml +index e8160bf7..551007f1 100644 +--- a/tests/data/metadata/fence_ovh.xml ++++ b/tests/data/metadata/fence_ovh.xml +@@ -98,6 +98,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_powerman.xml b/tests/data/metadata/fence_powerman.xml +index 3bf56882..9df6f25b 100644 +--- a/tests/data/metadata/fence_powerman.xml ++++ b/tests/data/metadata/fence_powerman.xml +@@ -73,6 +73,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_pve.xml b/tests/data/metadata/fence_pve.xml +index 1c83f2ef..37485597 100644 +--- a/tests/data/metadata/fence_pve.xml ++++ b/tests/data/metadata/fence_pve.xml +@@ -131,6 +131,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_raritan.xml b/tests/data/metadata/fence_raritan.xml +index 537cb141..90f21b54 100644 +--- a/tests/data/metadata/fence_raritan.xml ++++ b/tests/data/metadata/fence_raritan.xml +@@ -108,6 +108,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_rcd_serial.xml b/tests/data/metadata/fence_rcd_serial.xml +index b2a20cb7..c13c81ca 100644 +--- a/tests/data/metadata/fence_rcd_serial.xml ++++ b/tests/data/metadata/fence_rcd_serial.xml +@@ -61,6 +61,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_redfish.xml b/tests/data/metadata/fence_redfish.xml +index 32ea402e..6daf2cd9 100644 +--- a/tests/data/metadata/fence_redfish.xml ++++ b/tests/data/metadata/fence_redfish.xml +@@ -138,6 +138,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_rhevm.xml b/tests/data/metadata/fence_rhevm.xml +index deb326c3..ba78a928 100644 +--- a/tests/data/metadata/fence_rhevm.xml ++++ b/tests/data/metadata/fence_rhevm.xml +@@ -152,6 +152,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_rsa.xml b/tests/data/metadata/fence_rsa.xml +index 51009427..4f7d0b93 100644 +--- a/tests/data/metadata/fence_rsa.xml ++++ b/tests/data/metadata/fence_rsa.xml +@@ -143,6 +143,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_rsb.xml b/tests/data/metadata/fence_rsb.xml +index 7d8575d1..6f81c6ac 100644 +--- a/tests/data/metadata/fence_rsb.xml ++++ b/tests/data/metadata/fence_rsb.xml +@@ -143,6 +143,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_sanbox2.xml b/tests/data/metadata/fence_sanbox2.xml +index bf07f360..c18beea5 100644 +--- a/tests/data/metadata/fence_sanbox2.xml ++++ b/tests/data/metadata/fence_sanbox2.xml +@@ -118,6 +118,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_sbd.xml b/tests/data/metadata/fence_sbd.xml +index db52b49a..24f648a2 100644 +--- a/tests/data/metadata/fence_sbd.xml ++++ b/tests/data/metadata/fence_sbd.xml +@@ -76,6 +76,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_scsi.xml b/tests/data/metadata/fence_scsi.xml +index ceb79de5..ea093c7c 100644 +--- a/tests/data/metadata/fence_scsi.xml ++++ b/tests/data/metadata/fence_scsi.xml +@@ -86,6 +86,11 @@ When used as a watchdog device you can define e.g. retry=1, retry-sleep=2 and ve + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_tripplite_snmp.xml b/tests/data/metadata/fence_tripplite_snmp.xml +index becc0d18..3d104e06 100644 +--- a/tests/data/metadata/fence_tripplite_snmp.xml ++++ b/tests/data/metadata/fence_tripplite_snmp.xml +@@ -158,6 +158,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_vbox.xml b/tests/data/metadata/fence_vbox.xml +index 045fbe9e..ef37e27d 100644 +--- a/tests/data/metadata/fence_vbox.xml ++++ b/tests/data/metadata/fence_vbox.xml +@@ -150,6 +150,11 @@ By default, vbox needs to log in as a user that is a member of the vboxusers gro + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_virsh.xml b/tests/data/metadata/fence_virsh.xml +index 2ab09c33..2439be68 100644 +--- a/tests/data/metadata/fence_virsh.xml ++++ b/tests/data/metadata/fence_virsh.xml +@@ -150,6 +150,11 @@ By default, virsh needs root account to do properly work. So you must allow ssh + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_vmware.xml b/tests/data/metadata/fence_vmware.xml +index 14b504ed..5a3c2f5b 100644 +--- a/tests/data/metadata/fence_vmware.xml ++++ b/tests/data/metadata/fence_vmware.xml +@@ -156,6 +156,11 @@ After you have successfully installed VI Perl Toolkit or VIX API, you should be + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_vmware_rest.xml b/tests/data/metadata/fence_vmware_rest.xml +index 41b09ba2..3c3693af 100644 +--- a/tests/data/metadata/fence_vmware_rest.xml ++++ b/tests/data/metadata/fence_vmware_rest.xml +@@ -139,6 +139,11 @@ NOTE: If there's more than 1000 VMs there is a filter parameter to work around t + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_vmware_soap.xml b/tests/data/metadata/fence_vmware_soap.xml +index ee385adf..33d2371b 100644 +--- a/tests/data/metadata/fence_vmware_soap.xml ++++ b/tests/data/metadata/fence_vmware_soap.xml +@@ -130,6 +130,11 @@ Name of virtual machine (-n / port) has to be used in inventory path format (e.g + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_vmware_vcloud.xml b/tests/data/metadata/fence_vmware_vcloud.xml +index 21c9b77d..eef2cf9a 100644 +--- a/tests/data/metadata/fence_vmware_vcloud.xml ++++ b/tests/data/metadata/fence_vmware_vcloud.xml +@@ -132,6 +132,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_wti.xml b/tests/data/metadata/fence_wti.xml +index 8064b703..e43c0c03 100644 +--- a/tests/data/metadata/fence_wti.xml ++++ b/tests/data/metadata/fence_wti.xml +@@ -148,6 +148,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_xenapi.xml b/tests/data/metadata/fence_xenapi.xml +index a1694ec5..60e6291d 100644 +--- a/tests/data/metadata/fence_xenapi.xml ++++ b/tests/data/metadata/fence_xenapi.xml +@@ -98,6 +98,11 @@ + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + +diff --git a/tests/data/metadata/fence_zvmip.xml b/tests/data/metadata/fence_zvmip.xml +index 95c2ded3..094bc6b8 100644 +--- a/tests/data/metadata/fence_zvmip.xml ++++ b/tests/data/metadata/fence_zvmip.xml +@@ -141,6 +141,11 @@ to access the system's directory manager. + + Wait X seconds before fencing is started + ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ + + + diff --git a/bz1470813-fencing-2-fix-power-timeout.patch b/bz1470813-fencing-2-fix-power-timeout.patch new file mode 100644 index 0000000..bf736a0 --- /dev/null +++ b/bz1470813-fencing-2-fix-power-timeout.patch @@ -0,0 +1,40 @@ +From 4202a863b25e456b7e419cbfc33c45ae179eb760 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Thu, 15 Oct 2020 10:34:03 +0200 +Subject: [PATCH] fencing: fix power-timeout when using new disable-timeout + parameter + +--- + lib/fencing.py.py | 8 +++++++- + 1 file changed, 7 insertions(+), 1 deletion(-) + +diff --git a/lib/fencing.py.py b/lib/fencing.py.py +index 4a41af02..4639a9a5 100644 +--- a/lib/fencing.py.py ++++ b/lib/fencing.py.py +@@ -10,6 +10,8 @@ + import textwrap + import __main__ + ++import itertools ++ + RELEASE_VERSION = "@RELEASE_VERSION@" + + __all__ = ['atexit_handler', 'check_input', 'process_input', 'all_opt', 'show_docs', +@@ -821,11 +823,15 @@ def async_set_multi_power_fn(connection, options, set_power_fn, get_power_fn, re + set_power_fn(connection, options) + time.sleep(int(options["--power-wait"])) + +- for _ in range(int(options["--power-timeout"])): ++ for _ in itertools.count(1): + if get_multi_power_fn(connection, options, get_power_fn) != options["--action"]: + time.sleep(1) + else: + return True ++ ++ if int(options["--power-timeout"]) > 0 and _ >= int(options["--power-timeout"]): ++ break ++ + return False + + def sync_set_multi_power_fn(connection, options, sync_set_power_fn, retry_attempts): diff --git a/bz1470813-fencing-3-make-timeout-0-mean-forever.patch b/bz1470813-fencing-3-make-timeout-0-mean-forever.patch new file mode 100644 index 0000000..9445561 --- /dev/null +++ b/bz1470813-fencing-3-make-timeout-0-mean-forever.patch @@ -0,0 +1,38 @@ +From 4cf6887e98c712b99f741dbfe54932c60e93741b Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Tue, 3 Nov 2020 14:30:12 +0100 +Subject: [PATCH] fencing: fix to make timeout(s)=0 be treated as forever for + agents using pexpect + +--- + lib/fencing.py.py | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +diff --git a/lib/fencing.py.py b/lib/fencing.py.py +index 4639a9a5..fa34f13a 100644 +--- a/lib/fencing.py.py ++++ b/lib/fencing.py.py +@@ -500,10 +500,13 @@ def __init__(self, options, command, **kwargs): + self.opt = options + + def log_expect(self, pattern, timeout): +- result = self.expect(pattern, timeout) ++ result = self.expect(pattern, timeout if timeout != 0 else None) + logging.debug("Received: %s", self.before + self.after) + return result + ++ def read_nonblocking(self, size, timeout): ++ return pexpect.spawn.read_nonblocking(self, size=100, timeout=timeout if timeout != 0 else None) ++ + def send(self, message): + logging.debug("Sent: %s", message) + return pexpect.spawn.send(self, message) +@@ -516,7 +519,7 @@ def frun(command, timeout=30, withexitstatus=False, events=None, + extra_args=None, logfile=None, cwd=None, env=None, **kwargs): + if sys.version_info[0] > 2: + kwargs.setdefault('encoding', 'utf-8') +- return pexpect.run(command, timeout=timeout, ++ return pexpect.run(command, timeout=timeout if timeout != 0 else None, + withexitstatus=withexitstatus, events=events, + extra_args=extra_args, logfile=logfile, cwd=cwd, + env=env, **kwargs) diff --git a/bz1470813-fencing-4-make-timeout-0-mean-forever.patch b/bz1470813-fencing-4-make-timeout-0-mean-forever.patch new file mode 100644 index 0000000..1bd250f --- /dev/null +++ b/bz1470813-fencing-4-make-timeout-0-mean-forever.patch @@ -0,0 +1,22 @@ +From 083ecce0e7b6cd41eef026c8a1ba986f8814a7d9 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Thu, 5 Nov 2020 11:53:55 +0100 +Subject: [PATCH] fencing: fix run_command() to allow timeout=0 to mean forever + +--- + lib/fencing.py.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/fencing.py.py b/lib/fencing.py.py +index fa34f13a..9654f57b 100644 +--- a/lib/fencing.py.py ++++ b/lib/fencing.py.py +@@ -1062,7 +1062,7 @@ def run_command(options, command, timeout=None, env=None, log_command=None): + + thread = threading.Thread(target=process.wait) + thread.start() +- thread.join(timeout) ++ thread.join(timeout if timeout else None) + if thread.is_alive(): + process.kill() + fail(EC_TIMED_OUT, stop=(int(options.get("retry", 0)) < 1)) diff --git a/bz1470827-all-agents-log-exceptions-fail.patch b/bz1470827-all-agents-log-exceptions-fail.patch new file mode 100644 index 0000000..34818be --- /dev/null +++ b/bz1470827-all-agents-log-exceptions-fail.patch @@ -0,0 +1,198 @@ +From bf32059e26f6a7d019df0f7949ce66adf997bc21 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Fri, 8 Feb 2019 14:16:31 +0100 +Subject: [PATCH] log exceptions to be more detailed when failing + +--- + agents/apc/fence_apc.py | 6 ++++-- + agents/cisco_ucs/fence_cisco_ucs.py | 3 ++- + agents/eps/fence_eps.py | 3 ++- + agents/ilo_moonshot/fence_ilo_moonshot.py | 3 ++- + agents/lpar/fence_lpar.py | 6 ++++-- + agents/ovh/fence_ovh.py | 3 ++- + agents/sanbox2/fence_sanbox2.py | 12 ++++++++---- + agents/vmware_soap/fence_vmware_soap.py | 9 ++++++--- + 8 files changed, 30 insertions(+), 15 deletions(-) + +diff --git a/agents/apc/fence_apc.py b/agents/apc/fence_apc.py +index 24a5a4232..dd0287f83 100644 +--- a/agents/apc/fence_apc.py ++++ b/agents/apc/fence_apc.py +@@ -90,7 +90,8 @@ def get_power_status(conn, options): + try: + (_, status) = outlets[options["--plug"]] + return status.lower().strip() +- except KeyError: ++ except KeyError as e: ++ logging.error("Failed: {}".format(str(e))) + fail(EC_STATUS) + + def set_power_status(conn, options): +@@ -199,7 +200,8 @@ def get_power_status5(conn, options): + try: + (_, status) = outlets[options["--plug"]] + return status.lower().strip() +- except KeyError: ++ except KeyError as e: ++ logging.error("Failed: {}".format(str(e))) + fail(EC_STATUS) + + def set_power_status5(conn, options): +diff --git a/agents/cisco_ucs/fence_cisco_ucs.py b/agents/cisco_ucs/fence_cisco_ucs.py +index ec3117548..2280dbbc7 100644 +--- a/agents/cisco_ucs/fence_cisco_ucs.py ++++ b/agents/cisco_ucs/fence_cisco_ucs.py +@@ -174,7 +174,8 @@ def main(): + if result == None: + ## Cookie is absenting in response + fail(EC_LOGIN_DENIED) +- except Exception: ++ except Exception as e: ++ logging.error("Failed: {}".format(str(e))) + fail(EC_LOGIN_DENIED) + + options_global["cookie"] = result.group(1) +diff --git a/agents/eps/fence_eps.py b/agents/eps/fence_eps.py +index 74c89b95b..f0df86231 100644 +--- a/agents/eps/fence_eps.py ++++ b/agents/eps/fence_eps.py +@@ -56,7 +56,8 @@ def eps_run_command(options, params): + conn.close() + except socket.timeout: + fail(EC_TIMED_OUT) +- except socket.error: ++ except socket.error as e: ++ logging.error("Failed: {}".format(str(e))) + fail(EC_LOGIN_DENIED) + + return result +diff --git a/agents/ilo_moonshot/fence_ilo_moonshot.py b/agents/ilo_moonshot/fence_ilo_moonshot.py +index a066a9c91..6f5cca320 100644 +--- a/agents/ilo_moonshot/fence_ilo_moonshot.py ++++ b/agents/ilo_moonshot/fence_ilo_moonshot.py +@@ -21,7 +21,8 @@ def get_power_status(conn, options): + try: + (_, status) = nodes[options["--plug"]] + return status.lower() +- except KeyError: ++ except KeyError as e: ++ logging.error("Failed: {}".format(str(e))) + fail(EC_STATUS) + + def set_power_status(conn, options): +diff --git a/agents/lpar/fence_lpar.py b/agents/lpar/fence_lpar.py +index a16103733..66cb65e41 100644 +--- a/agents/lpar/fence_lpar.py ++++ b/agents/lpar/fence_lpar.py +@@ -37,7 +37,8 @@ def get_power_status(conn, options): + try: + status = re.compile("^" + options["--plug"] + ",(.*?),.*$", + re.IGNORECASE | re.MULTILINE).search(conn.before).group(1) +- except AttributeError: ++ except AttributeError as e: ++ logging.error("Failed: {}".format(str(e))) + fail(EC_STATUS_HMC) + elif options["--hmc-version"] in ["4", "IVM"]: + conn.send("lssyscfg -r lpar -m "+ options["--managed"] + +@@ -49,7 +50,8 @@ def get_power_status(conn, options): + + try: + status = re.compile(",state=(.*?),", re.IGNORECASE).search(conn.before).group(1) +- except AttributeError: ++ except AttributeError as e: ++ logging.error("Failed: {}".format(str(e))) + fail(EC_STATUS_HMC) + + return _normalize_status(status) +diff --git a/agents/ovh/fence_ovh.py b/agents/ovh/fence_ovh.py +index f5403c54d..2b7eb864f 100644 +--- a/agents/ovh/fence_ovh.py ++++ b/agents/ovh/fence_ovh.py +@@ -66,7 +66,8 @@ def soap_login(options): + try: + soap = Client(url, doctor=d) + session = soap.service.login(options["--username"], options["--password"], 'en', 0) +- except Exception: ++ except Exception as e: ++ logging.error("Failed: {}".format(str(e))) + fail(EC_LOGIN_DENIED) + + options["session"] = session +diff --git a/agents/sanbox2/fence_sanbox2.py b/agents/sanbox2/fence_sanbox2.py +index 679d1d983..179fe0e8b 100644 +--- a/agents/sanbox2/fence_sanbox2.py ++++ b/agents/sanbox2/fence_sanbox2.py +@@ -28,7 +28,8 @@ def get_power_status(conn, options): + conn.send_eol("admin end") + conn.send_eol("exit") + conn.close() +- except Exception: ++ except Exception as e: ++ logging.error("Failed: {}".format(str(e))) + pass + fail(EC_TIMED_OUT) + +@@ -54,7 +55,8 @@ def set_power_status(conn, options): + conn.send_eol("admin end") + conn.send_eol("exit") + conn.close() +- except Exception: ++ except Exception as e: ++ logging.error("Failed: {}".format(str(e))) + pass + fail(EC_TIMED_OUT) + +@@ -66,7 +68,8 @@ def set_power_status(conn, options): + conn.send_eol("admin end") + conn.send_eol("exit") + conn.close() +- except Exception: ++ except Exception as e: ++ logging.error("Failed: {}".format(str(e))) + pass + fail(EC_TIMED_OUT) + +@@ -91,7 +94,8 @@ def get_list_devices(conn, options): + conn.send_eol("admin end") + conn.send_eol("exit") + conn.close() +- except Exception: ++ except Exception as e: ++ logging.error("Failed: {}".format(str(e))) + pass + fail(EC_TIMED_OUT) + +diff --git a/agents/vmware_soap/fence_vmware_soap.py b/agents/vmware_soap/fence_vmware_soap.py +index f2ab68b02..a7f08b3d6 100644 +--- a/agents/vmware_soap/fence_vmware_soap.py ++++ b/agents/vmware_soap/fence_vmware_soap.py +@@ -68,7 +68,8 @@ def soap_login(options): + conn.service.Login(mo_SessionManager, options["--username"], options["--password"]) + except requests.exceptions.SSLError as ex: + fail_usage("Server side certificate verification failed: %s" % ex) +- except Exception: ++ except Exception as e: ++ logging.error("Server side certificate verification failed: {}".format(str(e))) + fail(EC_LOGIN_DENIED) + + options["ServiceContent"] = ServiceContent +@@ -126,7 +127,8 @@ def get_power_status(conn, options): + + try: + raw_machines = conn.service.RetrievePropertiesEx(mo_PropertyCollector, propFilterSpec) +- except Exception: ++ except Exception as e: ++ logging.error("Failed: {}".format(str(e))) + fail(EC_STATUS) + + (machines, uuid, mappingToUUID) = process_results(raw_machines, {}, {}, {}) +@@ -135,7 +137,8 @@ def get_power_status(conn, options): + while hasattr(raw_machines, 'token'): + try: + raw_machines = conn.service.ContinueRetrievePropertiesEx(mo_PropertyCollector, raw_machines.token) +- except Exception: ++ except Exception as e: ++ logging.error("Failed: {}".format(str(e))) + fail(EC_STATUS) + (more_machines, more_uuid, more_mappingToUUID) = process_results(raw_machines, {}, {}, {}) + machines.update(more_machines) diff --git a/bz1650214-fence_azure_arm-bundled.patch b/bz1650214-fence_azure_arm-bundled.patch new file mode 100644 index 0000000..747c151 --- /dev/null +++ b/bz1650214-fence_azure_arm-bundled.patch @@ -0,0 +1,12 @@ +diff -uNr a/agents/azure_arm/fence_azure_arm.py b/agents/azure_arm/fence_azure_arm.py +--- a/agents/azure_arm/fence_azure_arm.py 2018-06-28 14:24:54.000000000 +0200 ++++ b/agents/azure_arm/fence_azure_arm.py 2019-01-15 10:24:16.030092206 +0100 +@@ -7,6 +7,8 @@ + sys.path.append("@FENCEAGENTSLIBDIR@") + from fencing import * + from fencing import fail_usage, run_command, run_delay ++ ++sys.path.insert(0, '/usr/lib/fence-agents/bundled/azure') + import azure_fence + + def get_nodes_list(clients, options): diff --git a/bz1654616-fence_hpblade-fix-log_expect_syntax.patch b/bz1654616-fence_hpblade-fix-log_expect_syntax.patch new file mode 100644 index 0000000..bb239b1 --- /dev/null +++ b/bz1654616-fence_hpblade-fix-log_expect_syntax.patch @@ -0,0 +1,50 @@ +From 342570c5a5af4c277be283507ef7898a078e2df9 Mon Sep 17 00:00:00 2001 +From: mmartinv <32071463+mmartinv@users.noreply.github.com> +Date: Fri, 16 Nov 2018 12:55:58 +0100 +Subject: [PATCH] Fix 'log_expect' in fence_hpblade.py + +Update the 'log_expect' call to the new method definition. +--- + agents/hpblade/fence_hpblade.py | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/agents/hpblade/fence_hpblade.py b/agents/hpblade/fence_hpblade.py +index b2cc94a3..fbc89f61 100644 +--- a/agents/hpblade/fence_hpblade.py ++++ b/agents/hpblade/fence_hpblade.py +@@ -16,7 +16,7 @@ + + def get_enclosure_type(conn, options): + conn.send_eol("show enclosure info") +- conn.log_expect(options, options["--command-prompt"], int(options["--shell-timeout"])) ++ conn.log_expect(options["--command-prompt"], int(options["--shell-timeout"])) + + type_re=re.compile(r"^\s*Enclosure Type: (\w+)(.*?)\s*$") + enclosure="unknown" +@@ -39,7 +39,7 @@ def get_power_status(conn, options): + powrestr = "^\\s*Power: (.*?)\\s*$" + + conn.send_eol(cmd_send) +- conn.log_expect(options, options["--command-prompt"], int(options["--shell-timeout"])) ++ conn.log_expect(options["--command-prompt"], int(options["--shell-timeout"])) + + power_re = re.compile(powrestr) + status = "unknown" +@@ -72,7 +72,7 @@ def set_power_status(conn, options): + conn.send_eol("poweron " + dev + options["--plug"]) + elif options["--action"] == "off": + conn.send_eol("poweroff " + dev + options["--plug"] + " force") +- conn.log_expect(options, options["--command-prompt"], int(options["--shell-timeout"])) ++ conn.log_expect(options["--command-prompt"], int(options["--shell-timeout"])) + + def get_instances_list(conn, options): + outlets = {} +@@ -84,7 +84,7 @@ def get_instances_list(conn, options): + listrestr = "^\\s*(\\d+)\\s+(.*?)\\s+(.*?)\\s+OK\\s+(.*?)\\s+(.*?)\\s*$" + + conn.send_eol(cmd_send) +- conn.log_expect(options, options["--command-prompt"], int(options["--shell-timeout"])) ++ conn.log_expect(options["--command-prompt"], int(options["--shell-timeout"])) + + list_re = re.compile(listrestr) + for line in conn.before.splitlines(): diff --git a/bz1654968-fence_scsi-fix-incorrect-SCSI-key-node-ID-10-or-higher.patch b/bz1654968-fence_scsi-fix-incorrect-SCSI-key-node-ID-10-or-higher.patch new file mode 100644 index 0000000..9560368 --- /dev/null +++ b/bz1654968-fence_scsi-fix-incorrect-SCSI-key-node-ID-10-or-higher.patch @@ -0,0 +1,24 @@ +From f77297b654586bf539e78957f26cae1d22c6f081 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Fri, 2 Nov 2018 09:24:56 +0100 +Subject: [PATCH] fence_scsi: fix incorrect SCSI key when node ID is 10 or + higher + + The last four digits of the SCSI key will be zero padded digit between 0000-0009. +--- + agents/scsi/fence_scsi.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/agents/scsi/fence_scsi.py b/agents/scsi/fence_scsi.py +index 2180d0c9..79ada4fa 100644 +--- a/agents/scsi/fence_scsi.py ++++ b/agents/scsi/fence_scsi.py +@@ -191,7 +191,7 @@ def get_cluster_id(options): + def get_node_id(options): + cmd = options["--corosync-cmap-path"] + " nodelist" + +- match = re.search(r".(\d).ring._addr \(str\) = " + options["--plug"] + "\n", run_cmd(options, cmd)["out"]) ++ match = re.search(r".(\d+).ring._addr \(str\) = " + options["--plug"] + "\n", run_cmd(options, cmd)["out"]) + return match.group(1) if match else fail_usage("Failed: unable to parse output of corosync-cmapctl or node does not exist") + + diff --git a/bz1654973-fence_vmware_soap-cleanup-sigterm.patch b/bz1654973-fence_vmware_soap-cleanup-sigterm.patch new file mode 100644 index 0000000..8d27ea4 --- /dev/null +++ b/bz1654973-fence_vmware_soap-cleanup-sigterm.patch @@ -0,0 +1,41 @@ +From 116fb7d1253ac31a8f174187dfe9f4a0c6546ade Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Fri, 7 Sep 2018 15:56:56 +0200 +Subject: [PATCH] fence_vmware_soap: cleanup when receiving SIGTERM + +--- + agents/vmware_soap/fence_vmware_soap.py | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/agents/vmware_soap/fence_vmware_soap.py b/agents/vmware_soap/fence_vmware_soap.py +index b90edc9b..dd1a4ed6 100644 +--- a/agents/vmware_soap/fence_vmware_soap.py ++++ b/agents/vmware_soap/fence_vmware_soap.py +@@ -3,7 +3,7 @@ + import sys + import shutil, tempfile, suds + import logging, requests +-import atexit ++import atexit, signal + sys.path.append("@FENCEAGENTSLIBDIR@") + + from suds.client import Client +@@ -211,6 +211,9 @@ def logout(): + except Exception: + pass + ++def signal_handler(signum, frame): ++ raise Exception("Signal \"%d\" received which has triggered an exit of the process." % signum) ++ + def main(): + global options_global + global conn_global +@@ -219,6 +222,8 @@ def main(): + atexit.register(atexit_handler) + atexit.register(logout) + ++ signal.signal(signal.SIGTERM, signal_handler) ++ + options_global = check_input(device_opt, process_input(device_opt)) + + ## diff --git a/bz1654976-1-fence_scsi-watchdog-retry-support.patch b/bz1654976-1-fence_scsi-watchdog-retry-support.patch new file mode 100644 index 0000000..276c439 --- /dev/null +++ b/bz1654976-1-fence_scsi-watchdog-retry-support.patch @@ -0,0 +1,146 @@ +From 11a63822fbdc0a9ebe1b668b26a59f1cc9649f6c Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Wed, 24 Oct 2018 14:51:27 +0200 +Subject: [PATCH] fence_scsi: watchdog retries support + +--- + agents/scsi/fence_scsi.py | 60 ++++++++++++++++++++---------- + tests/data/metadata/fence_scsi.xml | 4 +- + 2 files changed, 43 insertions(+), 21 deletions(-) + +diff --git a/agents/scsi/fence_scsi.py b/agents/scsi/fence_scsi.py +index 79ada4fa..8a1e4c77 100644 +--- a/agents/scsi/fence_scsi.py ++++ b/agents/scsi/fence_scsi.py +@@ -158,13 +158,15 @@ def get_reservation_key(options, dev): + return match.group(1) if match else None + + +-def get_registration_keys(options, dev): ++def get_registration_keys(options, dev, fail=True): + reset_dev(options,dev) + keys = [] + cmd = options["--sg_persist-path"] + " -n -i -k -d " + dev + out = run_cmd(options, cmd) + if out["err"]: +- fail_usage("Cannot get registration keys") ++ fail_usage("Cannot get registration keys", fail) ++ if not fail: ++ return [] + for line in out["out"].split("\n"): + match = re.search(r"\s+0x(\S+)\s*", line) + if match: +@@ -218,9 +220,8 @@ def get_key(fail=True): + try: + f = open(file_path, "r") + except IOError: +- if fail: +- fail_usage("Failed: Cannot open file \""+ file_path + "\"") +- else: ++ fail_usage("Failed: Cannot open file \""+ file_path + "\"", fail) ++ if not fail: + return None + return f.readline().strip().lower() + +@@ -244,9 +245,8 @@ def dev_read(fail=True): + try: + f = open(file_path, "r") + except IOError: +- if fail: +- fail_usage("Failed: Cannot open file \"" + file_path + "\"") +- else: ++ fail_usage("Failed: Cannot open file \"" + file_path + "\"", fail) ++ if not fail: + return None + # get not empty lines from file + devs = [line.strip() for line in f if line.strip()] +@@ -371,14 +371,20 @@ def define_new_opts(): + } + + +-def scsi_check_get_verbose(): ++def scsi_check_get_options(options): + try: +- f = open("/etc/sysconfig/watchdog", "r") ++ f = open("/etc/sysconfig/stonith", "r") + except IOError: +- return False +- match = re.search(r"^\s*verbose=yes", "".join(f.readlines()), re.MULTILINE) ++ return options ++ ++ match = re.findall(r"^\s*(\S*)\s*=\s*(\S*)\s*", "".join(f.readlines()), re.MULTILINE) ++ ++ for m in match: ++ options[m[0].lower()] = m[1].lower() ++ + f.close() +- return bool(match) ++ ++ return options + + + def scsi_check(hardreboot=False): +@@ -388,7 +394,10 @@ def scsi_check(hardreboot=False): + options["--sg_turs-path"] = "@SG_TURS_PATH@" + options["--sg_persist-path"] = "@SG_PERSIST_PATH@" + options["--power-timeout"] = "5" +- if scsi_check_get_verbose(): ++ options["retry"] = "0" ++ options["retry-sleep"] = "1" ++ options = scsi_check_get_options(options) ++ if "verbose" in options and options["verbose"] == "yes": + logging.getLogger().setLevel(logging.DEBUG) + devs = dev_read(fail=False) + if not devs: +@@ -399,11 +408,18 @@ def scsi_check(hardreboot=False): + logging.error("Key not found") + return 0 + for dev in devs: +- if key in get_registration_keys(options, dev): +- logging.debug("key " + key + " registered with device " + dev) +- return 0 +- else: +- logging.debug("key " + key + " not registered with device " + dev) ++ for n in range(int(options["retry"]) + 1): ++ if n > 0: ++ logging.debug("retry: " + str(n) + " of " + options["retry"]) ++ if key in get_registration_keys(options, dev, fail=False): ++ logging.debug("key " + key + " registered with device " + dev) ++ return 0 ++ else: ++ logging.debug("key " + key + " not registered with device " + dev) ++ ++ if n < int(options["retry"]): ++ time.sleep(float(options["retry-sleep"])) ++ + logging.debug("key " + key + " registered with any devices") + + if hardreboot == True: +@@ -452,7 +468,11 @@ def main(): + device(s). The result is that only registered nodes may write to the \ + device(s). When a node failure occurs, the fence_scsi agent will remove the \ + key belonging to the failed node from the device(s). The failed node will no \ +-longer be able to write to the device(s). A manual reboot is required." ++longer be able to write to the device(s). A manual reboot is required.\ ++\n.P\n\ ++When used as a watchdog device you can define e.g. retry=1, retry-sleep=2 and \ ++verbose=yes parameters in /etc/sysconfig/stonith if you have issues with it \ ++failing." + docs["vendorurl"] = "" + show_docs(options, docs) + +diff --git a/tests/data/metadata/fence_scsi.xml b/tests/data/metadata/fence_scsi.xml +index 45a84168..b8cdabd1 100644 +--- a/tests/data/metadata/fence_scsi.xml ++++ b/tests/data/metadata/fence_scsi.xml +@@ -1,7 +1,9 @@ + + + fence_scsi is an I/O fencing agent that uses SCSI-3 persistent reservations to control access to shared storage devices. These devices must support SCSI-3 persistent reservations (SPC-3 or greater) as well as the "preempt-and-abort" subcommand. +-The fence_scsi agent works by having each node in the cluster register a unique key with the SCSI device(s). Once registered, a single node will become the reservation holder by creating a "write exclusive, registrants only" reservation on the device(s). The result is that only registered nodes may write to the device(s). When a node failure occurs, the fence_scsi agent will remove the key belonging to the failed node from the device(s). The failed node will no longer be able to write to the device(s). A manual reboot is required. ++The fence_scsi agent works by having each node in the cluster register a unique key with the SCSI device(s). Once registered, a single node will become the reservation holder by creating a "write exclusive, registrants only" reservation on the device(s). The result is that only registered nodes may write to the device(s). When a node failure occurs, the fence_scsi agent will remove the key belonging to the failed node from the device(s). The failed node will no longer be able to write to the device(s). A manual reboot is required. ++ ++When used as a watchdog device you can define e.g. retry=1, retry-sleep=2 and verbose=yes parameters in /etc/sysconfig/stonith if you have issues with it failing. + + + diff --git a/bz1654976-2-build-fix-check_used_options.patch b/bz1654976-2-build-fix-check_used_options.patch new file mode 100644 index 0000000..068375d --- /dev/null +++ b/bz1654976-2-build-fix-check_used_options.patch @@ -0,0 +1,23 @@ +From 267afc5caa0580cc483220e671cda094413a4e16 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Wed, 28 Nov 2018 09:54:16 +0100 +Subject: [PATCH] build: fix if-redirection to make check_used_options run for + the agents as intended + +--- + make/fencebuild.mk | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/make/fencebuild.mk b/make/fencebuild.mk +index 9e8bd692..143082f0 100644 +--- a/make/fencebuild.mk ++++ b/make/fencebuild.mk +@@ -33,7 +33,7 @@ define gen_agent_from_py + -e 's#@''PING4_CMD@#${PING4_CMD}#g' \ + > $@ + +- if [ 0 -eq `echo "$(@)" | grep fence_ 2>&1 /dev/null; echo $$?` ]; then \ ++ if [ 0 -eq `echo "$(@)" | grep fence_ > /dev/null 2>&1; echo $$?` ]; then \ + PYTHONPATH=$(abs_top_srcdir)/lib:$(abs_top_builddir)/lib $(PYTHON) $(top_srcdir)/lib/check_used_options.py $@; \ + else true ; fi + diff --git a/bz1666914-1-fence_redfish.patch b/bz1666914-1-fence_redfish.patch new file mode 100644 index 0000000..c6f5dfd --- /dev/null +++ b/bz1666914-1-fence_redfish.patch @@ -0,0 +1,812 @@ +From 64e3f3ef4d0abefd2836fe015c87173310b1e130 Mon Sep 17 00:00:00 2001 +From: Jose Delarosa +Date: Mon, 3 Dec 2018 10:11:15 -0600 +Subject: [PATCH 1/8] Add new fence agent for Redfish + +- Agent works on all fence devices that implement the Redfish API specification +- Agent programatically finds the Systems Resouce URI if it's not provided +--- + agents/redfish/fence_redfish.py | 151 +++++++++++++++++++++ + tests/data/metadata/fence_redfish.xml | 181 ++++++++++++++++++++++++++ + 2 files changed, 332 insertions(+) + create mode 100644 agents/redfish/fence_redfish.py + create mode 100644 tests/data/metadata/fence_redfish.xml + +diff --git a/agents/redfish/fence_redfish.py b/agents/redfish/fence_redfish.py +new file mode 100644 +index 00000000..df7cf8c2 +--- /dev/null ++++ b/agents/redfish/fence_redfish.py +@@ -0,0 +1,151 @@ ++#!@PYTHON@ -tt ++ ++# Copyright (c) 2018 Dell Inc. or its subsidiaries. All Rights Reserved. ++ ++# Fence agent for devices that support the Redfish API Specification. ++ ++import sys ++import re ++import json ++import requests ++import atexit ++sys.path.append("@FENCEAGENTSLIBDIR@") ++ ++from requests.packages.urllib3.exceptions import InsecureRequestWarning ++from fencing import * ++from fencing import fail_usage ++ ++def get_power_status(conn, options): ++ uri = options["--systems-uri"] ++ response = send_get_request(options, uri) ++ if response['ret'] is False: ++ fail_usage("Couldn't get power information") ++ data = response['data'] ++ if data[u'PowerState'].strip() == "On": ++ return "on" ++ else: ++ return "off" ++ ++def set_power_status(conn, options): ++ action = { ++ 'on' : "On", ++ 'off': "ForceOff", ++ 'reboot': "GracefulRestart" ++ }[options["--action"]] ++ ++ payload = {'ResetType': action} ++ headers = {'content-type': 'application/json'} ++ ++ # Search for 'Actions' key and extract URI from it ++ uri = options["--systems-uri"] ++ response = send_get_request(options, uri) ++ if response['ret'] is False: ++ return {'ret': False} ++ data = response['data'] ++ uri = data["Actions"]["#ComputerSystem.Reset"]["target"] ++ ++ response = send_post_request(options, uri, payload, headers) ++ if response['ret'] is False: ++ fail_usage("Error sending power command") ++ return ++ ++def send_get_request(options, uri): ++ full_uri = "https://" + options["--ip"] + uri ++ try: ++ resp = requests.get(full_uri, verify=False, ++ auth=(options["--username"], options["--password"])) ++ data = resp.json() ++ except: ++ return {'ret': False} ++ return {'ret': True, 'data': data} ++ ++def send_post_request(options, uri, payload, headers): ++ full_uri = "https://" + options["--ip"] + uri ++ try: ++ requests.post(full_uri, data=json.dumps(payload), ++ headers=headers, verify=False, ++ auth=(options["--username"], options["--password"])) ++ except: ++ return {'ret': False} ++ return {'ret': True} ++ ++def find_systems_resource(options): ++ uri = options["--redfish-uri"] ++ response = send_get_request(options, uri) ++ if response['ret'] is False: ++ return {'ret': False} ++ data = response['data'] ++ ++ if 'Systems' not in data: ++ # Systems resource not found" ++ return {'ret': False} ++ else: ++ uri = data["Systems"]["@odata.id"] ++ response = send_get_request(options, uri) ++ if response['ret'] is False: ++ return {'ret': False} ++ data = response['data'] ++ ++ # need to be able to handle more than one entry ++ for member in data[u'Members']: ++ system_uri = member[u'@odata.id'] ++ return {'ret': True, 'uri': system_uri} ++ ++def define_new_opts(): ++ all_opt["redfish-uri"] = { ++ "getopt" : ":", ++ "longopt" : "redfish-uri", ++ "help" : "--redfish-uri=[uri] Base or starting Redifsh URI", ++ "required" : "0", ++ "default" : "/redfish/v1", ++ "shortdesc" : "Base or starting Redfish URI", ++ "order": 1 ++ } ++ all_opt["systems-uri"] = { ++ "getopt" : ":", ++ "longopt" : "systems-uri", ++ "help" : "--systems-uri=[uri] Redfish Systems resource URI", ++ "required" : "0", ++ "shortdesc" : "Redfish Systems resource URI, i.e. /redfish/v1/Systems/System.Embedded.1", ++ "order": 1 ++ } ++ ++def main(): ++ atexit.register(atexit_handler) ++ device_opt = ["ipaddr", "login", "passwd", "redfish-uri", "systems-uri", "ssl"] ++ define_new_opts() ++ ++ opt = process_input(device_opt) ++ ++ all_opt["ipport"]["default"] = "443" ++ options = check_input(device_opt, opt) ++ ++ docs = {} ++ docs["shortdesc"] = "I/O Fencing agent for Redfish" ++ docs["longdesc"] = "fence_redfish is an I/O Fencing agent which can be used with \ ++Out-of-Band controllers that support Redfish APIs. These controllers provide remote \ ++access to control power on a server." ++ docs["vendorurl"] = "http://www.dmtf.org" ++ show_docs(options, docs) ++ ++ ## ++ ## Operate the fencing device ++ #### ++ ++ # Disable insecure-certificate-warning message ++ if "--ssl-insecure" in opt: ++ requests.packages.urllib3.disable_warnings(InsecureRequestWarning) ++ ++ if "--systems-uri" not in opt: ++ # Systems URI not provided, find it ++ sysresult = find_systems_resource(options) ++ if sysresult['ret'] is False: ++ sys.exit(1) ++ else: ++ options["--systems-uri"] = sysresult["uri"] ++ ++ result = fence_action(None, options, set_power_status, get_power_status, None) ++ sys.exit(result) ++ ++if __name__ == "__main__": ++ main() +diff --git a/tests/data/metadata/fence_redfish.xml b/tests/data/metadata/fence_redfish.xml +new file mode 100644 +index 00000000..43d447d0 +--- /dev/null ++++ b/tests/data/metadata/fence_redfish.xml +@@ -0,0 +1,181 @@ ++ ++ ++fence_redfish is an I/O Fencing agent which can be used with Out-of-Band controllers that support Redfish APIs. These controllers provide remote access to control power on a server. ++http://www.dmtf.org ++ ++ ++ ++ ++ TCP/UDP port to use for connection with device ++ ++ ++ ++ ++ SSL connection with verifying fence device's certificate ++ ++ ++ ++ ++ Redfish Systems resource URI, i.e. /redfish/v1/Systems/System.Embedded.1 ++ ++ ++ ++ ++ Fencing Action ++ ++ ++ ++ ++ Forces agent to use IPv6 addresses only ++ ++ ++ ++ ++ IP Address or Hostname ++ ++ ++ ++ ++ IP address or hostname of fencing device (together with --port-as-ip) ++ ++ ++ ++ ++ Script to retrieve password ++ ++ ++ ++ ++ Forces agent to use IPv4 addresses only ++ ++ ++ ++ ++ Login password or passphrase ++ ++ ++ ++ ++ SSL connection ++ ++ ++ ++ ++ Base or starting Redfish URI ++ ++ ++ ++ ++ SSL connection without verifying fence device's certificate ++ ++ ++ ++ ++ Login Name ++ ++ ++ ++ ++ IP address or hostname of fencing device (together with --port-as-ip) ++ ++ ++ ++ ++ Login Name ++ ++ ++ ++ ++ Base or starting Redfish URI ++ ++ ++ ++ ++ IP Address or Hostname ++ ++ ++ ++ ++ Redfish Systems resource URI, i.e. /redfish/v1/Systems/System.Embedded.1 ++ ++ ++ ++ ++ Login password or passphrase ++ ++ ++ ++ ++ Script to retrieve password ++ ++ ++ ++ ++ Verbose mode ++ ++ ++ ++ ++ Write debug information to given file ++ ++ ++ ++ ++ Write debug information to given file ++ ++ ++ ++ ++ Display version information and exit ++ ++ ++ ++ ++ Display help and exit ++ ++ ++ ++ ++ Wait X seconds after issuing ON/OFF ++ ++ ++ ++ ++ Wait X seconds for cmd prompt after login ++ ++ ++ ++ ++ Test X seconds for status change after ON/OFF ++ ++ ++ ++ ++ Wait X seconds before fencing is started ++ ++ ++ ++ ++ Wait X seconds for cmd prompt after issuing command ++ ++ ++ ++ ++ Make "port/plug" to be an alias to IP address ++ ++ ++ ++ ++ Count of attempts to retry power on ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ + +From 6921a34d64d098a7b1f32205e0be434438c36898 Mon Sep 17 00:00:00 2001 +From: Jose Delarosa +Date: Mon, 3 Dec 2018 10:46:52 -0600 +Subject: [PATCH 2/8] Updated fence_redfish.xml with make xml-upload + +--- + tests/data/metadata/fence_redfish.xml | 148 ++++++++++++++------------ + 1 file changed, 79 insertions(+), 69 deletions(-) + +diff --git a/tests/data/metadata/fence_redfish.xml b/tests/data/metadata/fence_redfish.xml +index 43d447d0..a39541e6 100644 +--- a/tests/data/metadata/fence_redfish.xml ++++ b/tests/data/metadata/fence_redfish.xml +@@ -3,110 +3,115 @@ + fence_redfish is an I/O Fencing agent which can be used with Out-of-Band controllers that support Redfish APIs. These controllers provide remote access to control power on a server. + http://www.dmtf.org + +- +- +- +- TCP/UDP port to use for connection with device +- +- +- +- +- SSL connection with verifying fence device's certificate +- +- +- +- +- Redfish Systems resource URI, i.e. /redfish/v1/Systems/System.Embedded.1 +- + + + +- Fencing Action ++ Fencing action ++ ++ ++ ++ ++ Forces agent to use IPv4 addresses only + + + + + Forces agent to use IPv6 addresses only + +- ++ + + +- IP Address or Hostname ++ IP address or hostname of fencing device + +- +- ++ ++ + +- IP address or hostname of fencing device (together with --port-as-ip) ++ IP address or hostname of fencing device + +- +- +- +- Script to retrieve password ++ ++ ++ ++ TCP/UDP port to use for connection with device + +- +- +- +- Forces agent to use IPv4 addresses only ++ ++ ++ ++ Login name + + + + + Login password or passphrase + +- +- +- +- SSL connection +- +- +- +- +- Base or starting Redfish URI ++ ++ ++ ++ Script to run to retrieve password + +- +- +- +- SSL connection without verifying fence device's certificate ++ ++ ++ ++ Login password or passphrase + +- +- ++ ++ + +- Login Name ++ Script to run to retrieve password + + + + + IP address or hostname of fencing device (together with --port-as-ip) + +- +- ++ ++ + +- Login Name ++ IP address or hostname of fencing device (together with --port-as-ip) ++ ++ ++ ++ ++ Base or starting Redfish URI + + + + + Base or starting Redfish URI + +- +- ++ ++ ++ ++ Use SSL connection with verifying certificate ++ ++ ++ ++ ++ Use SSL connection without verifying certificate ++ ++ ++ ++ ++ Use SSL connection with verifying certificate ++ ++ ++ + +- IP Address or Hostname ++ Redfish Systems resource URI, i.e. /redfish/v1/Systems/System.Embedded.1 + + + + + Redfish Systems resource URI, i.e. /redfish/v1/Systems/System.Embedded.1 + +- +- ++ ++ + +- Login password or passphrase ++ Login name + +- +- +- +- Script to retrieve password ++ ++ ++ ++ Disable logging to stderr. Does not affect --verbose or --debug-file or logging to syslog. + + + +@@ -133,41 +138,45 @@ + + Display help and exit + +- +- ++ ++ + +- Wait X seconds after issuing ON/OFF ++ Wait X seconds before fencing is started + + + + + Wait X seconds for cmd prompt after login + ++ ++ ++ ++ Make "port/plug" to be an alias to IP address ++ + + + + Test X seconds for status change after ON/OFF + +- +- ++ ++ + +- Wait X seconds before fencing is started ++ Wait X seconds after issuing ON/OFF + + + + + Wait X seconds for cmd prompt after issuing command + +- +- +- +- Make "port/plug" to be an alias to IP address +- + + + + Count of attempts to retry power on + ++ ++ ++ Path to gnutls-cli binary ++ + + + +@@ -176,6 +185,7 @@ + + + ++ + + + + +From 755627fadd711848ea256d72f5e75f36f83b4d31 Mon Sep 17 00:00:00 2001 +From: Jose Delarosa +Date: Mon, 3 Dec 2018 11:55:23 -0600 +Subject: [PATCH 3/8] Added run_delay() + +--- + agents/redfish/fence_redfish.py | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/agents/redfish/fence_redfish.py b/agents/redfish/fence_redfish.py +index df7cf8c2..0e4a4f68 100644 +--- a/agents/redfish/fence_redfish.py ++++ b/agents/redfish/fence_redfish.py +@@ -13,7 +13,7 @@ + + from requests.packages.urllib3.exceptions import InsecureRequestWarning + from fencing import * +-from fencing import fail_usage ++from fencing import fail_usage, run_delay + + def get_power_status(conn, options): + uri = options["--systems-uri"] +@@ -127,6 +127,7 @@ def main(): + access to control power on a server." + docs["vendorurl"] = "http://www.dmtf.org" + show_docs(options, docs) ++ run_delay(options) + + ## + ## Operate the fencing device + +From 15fef4c47f391a3f03c714d86c9670ea209dec99 Mon Sep 17 00:00:00 2001 +From: Jose Delarosa +Date: Tue, 4 Dec 2018 10:56:58 -0600 +Subject: [PATCH 4/8] Modify power status check + +- Only returns off if PowerState = Off +- Otherwise returns on +--- + agents/redfish/fence_redfish.py | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/agents/redfish/fence_redfish.py b/agents/redfish/fence_redfish.py +index 0e4a4f68..7998fb1c 100644 +--- a/agents/redfish/fence_redfish.py ++++ b/agents/redfish/fence_redfish.py +@@ -21,10 +21,10 @@ def get_power_status(conn, options): + if response['ret'] is False: + fail_usage("Couldn't get power information") + data = response['data'] +- if data[u'PowerState'].strip() == "On": +- return "on" +- else: ++ if data[u'PowerState'].strip() == "Off": + return "off" ++ else: ++ return "on" + + def set_power_status(conn, options): + action = { + +From acf70f4672be65562841227ab0b4cacb87965f44 Mon Sep 17 00:00:00 2001 +From: Jose Delarosa +Date: Wed, 5 Dec 2018 10:39:32 -0600 +Subject: [PATCH 5/8] Changed reboot type to ForceRestart + +--- + agents/redfish/fence_redfish.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/agents/redfish/fence_redfish.py b/agents/redfish/fence_redfish.py +index 7998fb1c..3fe2bfc0 100644 +--- a/agents/redfish/fence_redfish.py ++++ b/agents/redfish/fence_redfish.py +@@ -30,7 +30,7 @@ def set_power_status(conn, options): + action = { + 'on' : "On", + 'off': "ForceOff", +- 'reboot': "GracefulRestart" ++ 'reboot': "ForceRestart" + }[options["--action"]] + + payload = {'ResetType': action} + +From 56e3358d45050ac669c099c56873feefa1ecda38 Mon Sep 17 00:00:00 2001 +From: Jose Delarosa +Date: Wed, 5 Dec 2018 10:54:44 -0600 +Subject: [PATCH 6/8] Replaced default port 443 with default ssl enabled option + +--- + agents/redfish/fence_redfish.py | 2 +- + tests/data/metadata/fence_redfish.xml | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/agents/redfish/fence_redfish.py b/agents/redfish/fence_redfish.py +index 3fe2bfc0..6a2dbb76 100644 +--- a/agents/redfish/fence_redfish.py ++++ b/agents/redfish/fence_redfish.py +@@ -117,7 +117,7 @@ def main(): + + opt = process_input(device_opt) + +- all_opt["ipport"]["default"] = "443" ++ all_opt["ssl"]["default"] = "1" + options = check_input(device_opt, opt) + + docs = {} +diff --git a/tests/data/metadata/fence_redfish.xml b/tests/data/metadata/fence_redfish.xml +index a39541e6..e1c18584 100644 +--- a/tests/data/metadata/fence_redfish.xml ++++ b/tests/data/metadata/fence_redfish.xml +@@ -80,7 +80,7 @@ + + + +- ++ + Use SSL connection with verifying certificate + + + +From 5c25a85b22a17d6bbc3dcb47c99b76e3a99a5857 Mon Sep 17 00:00:00 2001 +From: Jose Delarosa +Date: Wed, 5 Dec 2018 13:29:42 -0600 +Subject: [PATCH 7/8] Renamed variable to avoid reusing variable name + +--- + agents/redfish/fence_redfish.py | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/agents/redfish/fence_redfish.py b/agents/redfish/fence_redfish.py +index 6a2dbb76..1ea25cd8 100644 +--- a/agents/redfish/fence_redfish.py ++++ b/agents/redfish/fence_redfish.py +@@ -42,9 +42,9 @@ def set_power_status(conn, options): + if response['ret'] is False: + return {'ret': False} + data = response['data'] +- uri = data["Actions"]["#ComputerSystem.Reset"]["target"] ++ action_uri = data["Actions"]["#ComputerSystem.Reset"]["target"] + +- response = send_post_request(options, uri, payload, headers) ++ response = send_post_request(options, action_uri, payload, headers) + if response['ret'] is False: + fail_usage("Error sending power command") + return + +From 7dce8b1e22d57fec0d34e91a99fab9d8a06f1303 Mon Sep 17 00:00:00 2001 +From: Jose Delarosa +Date: Thu, 6 Dec 2018 10:33:06 -0600 +Subject: [PATCH 8/8] Removed unnecessary variable assignments to simplify code + +--- + agents/redfish/fence_redfish.py | 12 ++++-------- + 1 file changed, 4 insertions(+), 8 deletions(-) + +diff --git a/agents/redfish/fence_redfish.py b/agents/redfish/fence_redfish.py +index 1ea25cd8..67ef67ab 100644 +--- a/agents/redfish/fence_redfish.py ++++ b/agents/redfish/fence_redfish.py +@@ -16,8 +16,7 @@ + from fencing import fail_usage, run_delay + + def get_power_status(conn, options): +- uri = options["--systems-uri"] +- response = send_get_request(options, uri) ++ response = send_get_request(options, options["--systems-uri"]) + if response['ret'] is False: + fail_usage("Couldn't get power information") + data = response['data'] +@@ -37,8 +36,7 @@ def set_power_status(conn, options): + headers = {'content-type': 'application/json'} + + # Search for 'Actions' key and extract URI from it +- uri = options["--systems-uri"] +- response = send_get_request(options, uri) ++ response = send_get_request(options, options["--systems-uri"]) + if response['ret'] is False: + return {'ret': False} + data = response['data'] +@@ -70,8 +68,7 @@ def send_post_request(options, uri, payload, headers): + return {'ret': True} + + def find_systems_resource(options): +- uri = options["--redfish-uri"] +- response = send_get_request(options, uri) ++ response = send_get_request(options, options["--redfish-uri"]) + if response['ret'] is False: + return {'ret': False} + data = response['data'] +@@ -80,8 +77,7 @@ def find_systems_resource(options): + # Systems resource not found" + return {'ret': False} + else: +- uri = data["Systems"]["@odata.id"] +- response = send_get_request(options, uri) ++ response = send_get_request(options, data["Systems"]["@odata.id"]) + if response['ret'] is False: + return {'ret': False} + data = response['data'] diff --git a/bz1666914-2-fence_redfish-fail-invalid-cert.patch b/bz1666914-2-fence_redfish-fail-invalid-cert.patch new file mode 100644 index 0000000..a834644 --- /dev/null +++ b/bz1666914-2-fence_redfish-fail-invalid-cert.patch @@ -0,0 +1,60 @@ +From 7aa3c50d1d02dd26bdeac99c49ada72f842d88e8 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Thu, 17 Jan 2019 16:52:52 +0100 +Subject: [PATCH] fence_redfish: fail when using invalid cert without + --ssl-insecure + +--- + agents/redfish/fence_redfish.py | 16 ++++++++++------ + 1 file changed, 10 insertions(+), 6 deletions(-) + +diff --git a/agents/redfish/fence_redfish.py b/agents/redfish/fence_redfish.py +index 67ef67ab..5b719d4b 100644 +--- a/agents/redfish/fence_redfish.py ++++ b/agents/redfish/fence_redfish.py +@@ -6,6 +6,7 @@ + + import sys + import re ++import logging + import json + import requests + import atexit +@@ -20,6 +21,9 @@ def get_power_status(conn, options): + if response['ret'] is False: + fail_usage("Couldn't get power information") + data = response['data'] ++ ++ logging.debug("PowerState is: " + data[u'PowerState']) ++ + if data[u'PowerState'].strip() == "Off": + return "off" + else: +@@ -50,21 +54,21 @@ def set_power_status(conn, options): + def send_get_request(options, uri): + full_uri = "https://" + options["--ip"] + uri + try: +- resp = requests.get(full_uri, verify=False, ++ resp = requests.get(full_uri, verify=not "--ssl-insecure" in options, + auth=(options["--username"], options["--password"])) + data = resp.json() +- except: +- return {'ret': False} ++ except Exception as e: ++ fail_usage("Failed: send_get_request: " + str(e)) + return {'ret': True, 'data': data} + + def send_post_request(options, uri, payload, headers): + full_uri = "https://" + options["--ip"] + uri + try: + requests.post(full_uri, data=json.dumps(payload), +- headers=headers, verify=False, ++ headers=headers, verify=not "--ssl-insecure" in options, + auth=(options["--username"], options["--password"])) +- except: +- return {'ret': False} ++ except Exception as e: ++ fail_usage("Failed: send_post_request: " + str(e)) + return {'ret': True} + + def find_systems_resource(options): diff --git a/bz1677327-1-fence_redfish-use-ipport-parameter.patch b/bz1677327-1-fence_redfish-use-ipport-parameter.patch new file mode 100644 index 0000000..e2514f1 --- /dev/null +++ b/bz1677327-1-fence_redfish-use-ipport-parameter.patch @@ -0,0 +1,43 @@ +From 9ebd2e2e36ae0de5c9164f4ac3fd29bdac0cab61 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Thu, 14 Feb 2019 10:03:33 +0100 +Subject: [PATCH] fence_redfish: use "ipport" parameter and improve logging + +--- + agents/redfish/fence_redfish.py | 9 ++++++--- + 1 file changed, 6 insertions(+), 3 deletions(-) + +diff --git a/agents/redfish/fence_redfish.py b/agents/redfish/fence_redfish.py +index 5b719d4b..28840058 100644 +--- a/agents/redfish/fence_redfish.py ++++ b/agents/redfish/fence_redfish.py +@@ -22,7 +22,10 @@ def get_power_status(conn, options): + fail_usage("Couldn't get power information") + data = response['data'] + +- logging.debug("PowerState is: " + data[u'PowerState']) ++ try: ++ logging.debug("PowerState is: " + data[u'PowerState']) ++ except Exception: ++ fail_usage("Unable to get PowerState: " + "https://" + options["--ip"] + ":" + str(options["--ipport"]) + options["--systems-uri"]) + + if data[u'PowerState'].strip() == "Off": + return "off" +@@ -52,7 +55,7 @@ def set_power_status(conn, options): + return + + def send_get_request(options, uri): +- full_uri = "https://" + options["--ip"] + uri ++ full_uri = "https://" + options["--ip"] + ":" + str(options["--ipport"]) + uri + try: + resp = requests.get(full_uri, verify=not "--ssl-insecure" in options, + auth=(options["--username"], options["--password"])) +@@ -62,7 +65,7 @@ def send_get_request(options, uri): + return {'ret': True, 'data': data} + + def send_post_request(options, uri, payload, headers): +- full_uri = "https://" + options["--ip"] + uri ++ full_uri = "https://" + options["--ip"] + ":" + str(options["--ipport"]) + uri + try: + requests.post(full_uri, data=json.dumps(payload), + headers=headers, verify=not "--ssl-insecure" in options, diff --git a/bz1677327-2-fence_redfish-ip-parameter-backward-compatibility.patch b/bz1677327-2-fence_redfish-ip-parameter-backward-compatibility.patch new file mode 100644 index 0000000..3d97c4e --- /dev/null +++ b/bz1677327-2-fence_redfish-ip-parameter-backward-compatibility.patch @@ -0,0 +1,24 @@ +From 21898e45ca2624546de99086a27a14dd1ff86a2b Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Thu, 21 Feb 2019 09:08:03 +0100 +Subject: [PATCH] fence_redfish: backwards compatibility for : + +--- + agents/redfish/fence_redfish.py | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/agents/redfish/fence_redfish.py b/agents/redfish/fence_redfish.py +index 28840058..f1424232 100644 +--- a/agents/redfish/fence_redfish.py ++++ b/agents/redfish/fence_redfish.py +@@ -140,6 +140,10 @@ def main(): + if "--ssl-insecure" in opt: + requests.packages.urllib3.disable_warnings(InsecureRequestWarning) + ++ # backwards compatibility for : ++ if options["--ip"].count(":") == 1: ++ (options["--ip"], options["--ipport"]) = options["--ip"].split(":") ++ + if "--systems-uri" not in opt: + # Systems URI not provided, find it + sysresult = find_systems_resource(options) diff --git a/bz1685814-fence_gce-add-serviceaccount-file-support.patch b/bz1685814-fence_gce-add-serviceaccount-file-support.patch new file mode 100644 index 0000000..6f13714 --- /dev/null +++ b/bz1685814-fence_gce-add-serviceaccount-file-support.patch @@ -0,0 +1,73 @@ +diff --color -uNr a/agents/gce/fence_gce.py b/agents/gce/fence_gce.py +--- a/agents/gce/fence_gce.py 2021-06-11 14:28:37.751959830 +0200 ++++ b/agents/gce/fence_gce.py 2021-06-11 14:54:03.638926494 +0200 +@@ -15,9 +15,15 @@ + import urllib2 as urlrequest + sys.path.append("@FENCEAGENTSLIBDIR@") + +-import googleapiclient.discovery + from fencing import fail_usage, run_delay, all_opt, atexit_handler, check_input, process_input, show_docs, fence_action +- ++try: ++ import googleapiclient.discovery ++ try: ++ from google.oauth2.credentials import Credentials as GoogleCredentials ++ except: ++ from oauth2client.client import GoogleCredentials ++except: ++ pass + + METADATA_SERVER = 'http://metadata.google.internal/computeMetadata/v1/' + METADATA_HEADERS = {'Metadata-Flavor': 'Google'} +@@ -175,12 +181,21 @@ + "required" : "0", + "order" : 4 + } ++ all_opt["serviceaccount"] = { ++ "getopt" : ":", ++ "longopt" : "serviceaccount", ++ "help" : "--serviceaccount=[filename] Service account json file location e.g. serviceaccount=/somedir/service_account.json", ++ "shortdesc" : "Service Account to use for authentication to the google cloud APIs.", ++ "required" : "0", ++ "order" : 9 ++ } + + + def main(): + conn = None + +- device_opt = ["port", "no_password", "zone", "project", "stackdriver-logging", "method"] ++ device_opt = ["port", "no_password", "zone", "project", "stackdriver-logging", ++ "method", "serviceaccount"] + + atexit.register(atexit_handler) + +@@ -226,10 +241,24 @@ + + # Prepare cli + try: +- credentials = None +- if tuple(googleapiclient.__version__) < tuple("1.6.0"): +- import oauth2client.client +- credentials = oauth2client.client.GoogleCredentials.get_application_default() ++ serviceaccount = options.get("--serviceaccount") ++ if serviceaccount: ++ scope = ['https://www.googleapis.com/auth/cloud-platform'] ++ logging.debug("using credentials from service account") ++ try: ++ from google.oauth2.service_account import Credentials as ServiceAccountCredentials ++ credentials = ServiceAccountCredentials.from_service_account_file(filename=serviceaccount, scopes=scope) ++ except ImportError: ++ from oauth2client.service_account import ServiceAccountCredentials ++ credentials = ServiceAccountCredentials.from_json_keyfile_name(serviceaccount, scope) ++ else: ++ try: ++ from googleapiclient import _auth ++ credentials = _auth.default_credentials(); ++ except: ++ credentials = GoogleCredentials.get_application_default() ++ logging.debug("using application default credentials") ++ + conn = googleapiclient.discovery.build('compute', 'v1', credentials=credentials) + except Exception as err: + fail_usage("Failed: Create GCE compute v1 connection: {}".format(str(err))) diff --git a/bz1696584-fence_gce-fix-python3-encoding-issue.patch b/bz1696584-fence_gce-fix-python3-encoding-issue.patch new file mode 100644 index 0000000..9e9f7ad --- /dev/null +++ b/bz1696584-fence_gce-fix-python3-encoding-issue.patch @@ -0,0 +1,22 @@ +From 64ac6207152508392690b7c1dfcac3fe0a76adfd Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Fri, 5 Apr 2019 09:48:52 +0200 +Subject: [PATCH] fence_gce: fix Python 3 encoding issue + +--- + agents/gce/fence_gce.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/agents/gce/fence_gce.py b/agents/gce/fence_gce.py +index 93cd11801..b171710d9 100644 +--- a/agents/gce/fence_gce.py ++++ b/agents/gce/fence_gce.py +@@ -146,7 +146,7 @@ def get_metadata(metadata_key, params=None, timeout=None): + url = '%s?%s' % (metadata_url, params) + request = urlrequest.Request(url, headers=METADATA_HEADERS) + request_opener = urlrequest.build_opener(urlrequest.ProxyHandler({})) +- return request_opener.open(request, timeout=timeout * 1.1).read() ++ return request_opener.open(request, timeout=timeout * 1.1).read().decode("utf-8") + + + def define_new_opts(): diff --git a/bz1700546-fence_azure_arm-skip_shutdown.patch b/bz1700546-fence_azure_arm-skip_shutdown.patch new file mode 100644 index 0000000..708eb84 --- /dev/null +++ b/bz1700546-fence_azure_arm-skip_shutdown.patch @@ -0,0 +1,48 @@ +From 1b3e548fcc0bd427dade178fa260567047ff3a0e Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Mon, 6 May 2019 13:24:18 +0200 +Subject: [PATCH] fence_azure_arm: use skip_shutdown feature when available + +The "skip_shutdown" parameter is ignored in older Azure SDK, so there's +no need for a fallback option. +--- + agents/azure_arm/fence_azure_arm.py | 6 +++--- + tests/data/metadata/fence_azure_arm.xml | 2 +- + 2 files changed, 4 insertions(+), 4 deletions(-) + +diff --git a/agents/azure_arm/fence_azure_arm.py b/agents/azure_arm/fence_azure_arm.py +index 58b9eeb13..be0d40345 100755 +--- a/agents/azure_arm/fence_azure_arm.py ++++ b/agents/azure_arm/fence_azure_arm.py +@@ -114,8 +114,8 @@ def set_power_status(clients, options): + azure_fence.set_network_state(compute_client, network_client, rgName, vmName, "unblock") + + if (options["--action"]=="off"): +- logging.info("Deallocating " + vmName + " in resource group " + rgName) +- compute_client.virtual_machines.deallocate(rgName, vmName) ++ logging.info("Poweroff " + vmName + " in resource group " + rgName) ++ compute_client.virtual_machines.power_off(rgName, vmName, skip_shutdown=True) + elif (options["--action"]=="on"): + logging.info("Starting " + vmName + " in resource group " + rgName) + compute_client.virtual_machines.start(rgName, vmName) +@@ -199,7 +199,7 @@ def main(): + + docs = {} + docs["shortdesc"] = "Fence agent for Azure Resource Manager" +- docs["longdesc"] = "Used to deallocate virtual machines and to report power state of virtual machines running in Azure. It uses Azure SDK for Python to connect to Azure.\ ++ docs["longdesc"] = "fence_azure_arm is an I/O Fencing agent for Azure Resource Manager. It uses Azure SDK for Python to connect to Azure.\ + \n.P\n\ + For instructions to setup credentials see: https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal\ + \n.P\n\ +diff --git a/tests/data/metadata/fence_azure_arm.xml b/tests/data/metadata/fence_azure_arm.xml +index 1c0b6cc6b..97ecfdba4 100644 +--- a/tests/data/metadata/fence_azure_arm.xml ++++ b/tests/data/metadata/fence_azure_arm.xml +@@ -1,6 +1,6 @@ + + +-Used to deallocate virtual machines and to report power state of virtual machines running in Azure. It uses Azure SDK for Python to connect to Azure. ++fence_azure_arm is an I/O Fencing agent for Azure Resource Manager. It uses Azure SDK for Python to connect to Azure. + + For instructions to setup credentials see: https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal + diff --git a/bz1704228-fence_redfish-full-redfish-spec-compliance.patch b/bz1704228-fence_redfish-full-redfish-spec-compliance.patch new file mode 100644 index 0000000..3b8ba13 --- /dev/null +++ b/bz1704228-fence_redfish-full-redfish-spec-compliance.patch @@ -0,0 +1,65 @@ +From 75a74debba2205547d8eefae221221c2c71d99ce Mon Sep 17 00:00:00 2001 +From: Jose Delarosa +Date: Mon, 15 Apr 2019 12:46:42 -0500 +Subject: [PATCH] fence_redfish: add headers to HTTP methods + +* Needed for full compliance with Redfish spec. +* May cause errors in some devices if not sent. +--- + agents/redfish/fence_redfish.py | 13 +++++++++---- + 1 file changed, 9 insertions(+), 4 deletions(-) + +diff --git a/agents/redfish/fence_redfish.py b/agents/redfish/fence_redfish.py +index f1424232..390a4827 100644 +--- a/agents/redfish/fence_redfish.py ++++ b/agents/redfish/fence_redfish.py +@@ -16,6 +16,11 @@ + from fencing import * + from fencing import fail_usage, run_delay + ++GET_HEADERS = {'accept': 'application/json', 'OData-Version': '4.0'} ++POST_HEADERS = {'content-type': 'application/json', 'accept': 'application/json', ++ 'OData-Version': '4.0'} ++ ++ + def get_power_status(conn, options): + response = send_get_request(options, options["--systems-uri"]) + if response['ret'] is False: +@@ -40,7 +45,6 @@ def set_power_status(conn, options): + }[options["--action"]] + + payload = {'ResetType': action} +- headers = {'content-type': 'application/json'} + + # Search for 'Actions' key and extract URI from it + response = send_get_request(options, options["--systems-uri"]) +@@ -49,7 +53,7 @@ def set_power_status(conn, options): + data = response['data'] + action_uri = data["Actions"]["#ComputerSystem.Reset"]["target"] + +- response = send_post_request(options, action_uri, payload, headers) ++ response = send_post_request(options, action_uri, payload) + if response['ret'] is False: + fail_usage("Error sending power command") + return +@@ -58,17 +62,18 @@ def send_get_request(options, uri): + full_uri = "https://" + options["--ip"] + ":" + str(options["--ipport"]) + uri + try: + resp = requests.get(full_uri, verify=not "--ssl-insecure" in options, ++ headers=GET_HEADERS, + auth=(options["--username"], options["--password"])) + data = resp.json() + except Exception as e: + fail_usage("Failed: send_get_request: " + str(e)) + return {'ret': True, 'data': data} + +-def send_post_request(options, uri, payload, headers): ++def send_post_request(options, uri, payload): + full_uri = "https://" + options["--ip"] + ":" + str(options["--ipport"]) + uri + try: + requests.post(full_uri, data=json.dumps(payload), +- headers=headers, verify=not "--ssl-insecure" in options, ++ headers=POST_HEADERS, verify=not "--ssl-insecure" in options, + auth=(options["--username"], options["--password"])) + except Exception as e: + fail_usage("Failed: send_post_request: " + str(e)) diff --git a/bz1709780-fence_rhevm-RHEV-v4-API-support.patch b/bz1709780-fence_rhevm-RHEV-v4-API-support.patch new file mode 100644 index 0000000..6f115e8 --- /dev/null +++ b/bz1709780-fence_rhevm-RHEV-v4-API-support.patch @@ -0,0 +1,164 @@ +From a4e8b77ac51a0e4a6de489823ee1be47cbc7eb18 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Thu, 9 May 2019 12:09:48 +0200 +Subject: [PATCH] fence_rhevm: add RHEV v4 API support and auto-detection + +--- + agents/rhevm/fence_rhevm.py | 44 +++++++++++++++++++++++------ + tests/data/metadata/fence_rhevm.xml | 7 ++++- + 2 files changed, 41 insertions(+), 10 deletions(-) + +diff --git a/agents/rhevm/fence_rhevm.py b/agents/rhevm/fence_rhevm.py +index a1cdaf605..6012c4239 100644 +--- a/agents/rhevm/fence_rhevm.py ++++ b/agents/rhevm/fence_rhevm.py +@@ -9,7 +9,8 @@ + from fencing import fail, EC_FETCH_VM_UUID, run_delay + + RE_GET_ID = re.compile("(.*?)", re.IGNORECASE) ++RE_STATUS = re.compile("(.*?)", re.IGNORECASE) ++RE_STATE = re.compile("(.*?)", re.IGNORECASE) + RE_GET_NAME = re.compile("(.*?)", re.IGNORECASE) + + def get_power_status(conn, options): +@@ -25,7 +26,10 @@ def get_power_status(conn, options): + + options["id"] = result.group(2) + +- result = RE_STATUS.search(res) ++ if tuple(map(int, options["--api-version"].split(".")))[0] > 3: ++ result = RE_STATUS.search(res) ++ else: ++ result = RE_STATE.search(res) + if result == None: + # We were able to parse ID so output is correct + # in some cases it is possible that RHEV-M output does not +@@ -59,7 +63,10 @@ def get_list(conn, options): + lines = res.split(" 3: ++ status = RE_STATUS.search(lines[i]).group(1) ++ else: ++ status = RE_STATE.search(lines[i]).group(1) + outlets[name] = ("", status) + except AttributeError: + return {} +@@ -69,6 +76,13 @@ def get_list(conn, options): + return outlets + + def send_command(opt, command, method="GET"): ++ if opt["--api-version"] == "auto": ++ opt["--api-version"] = "4" ++ res = send_command(opt, "") ++ if re.search("Error", res): ++ opt["--api-version"] = "3" ++ logging.debug("auto-detected API version: " + opt["--api-version"]) ++ + ## setup correct URL + if "--ssl" in opt or "--ssl-secure" in opt or "--ssl-insecure" in opt: + url = "https:" +@@ -90,7 +104,7 @@ def send_command(opt, command, method="GET"): + web_buffer = io.BytesIO() + conn.setopt(pycurl.URL, url.encode("UTF-8")) + conn.setopt(pycurl.HTTPHEADER, [ +- "Version: 3", ++ "Version: {}".format(opt["--api-version"]), + "Content-type: application/xml", + "Accept: application/xml", + "Prefer: persistent-auth", +@@ -130,8 +144,9 @@ def send_command(opt, command, method="GET"): + + result = web_buffer.getvalue().decode("UTF-8") + +- logging.debug("%s\n", command) +- logging.debug("%s\n", result) ++ logging.debug("url: %s\n", url) ++ logging.debug("command: %s\n", command) ++ logging.debug("result: %s\n", result) + + return result + +@@ -151,6 +166,15 @@ def define_new_opts(): + "required" : "0", + "shortdesc" : "Reuse cookies for authentication", + "order" : 1} ++ all_opt["api_version"] = { ++ "getopt" : ":", ++ "longopt" : "api-version", ++ "help" : "--api-version " ++ "Version of RHEV API (default: auto)", ++ "required" : "0", ++ "order" : 2, ++ "default" : "auto", ++ } + all_opt["api_path"] = { + "getopt" : ":", + "longopt" : "api-path", +@@ -158,20 +182,19 @@ def define_new_opts(): + "default" : "/ovirt-engine/api", + "required" : "0", + "shortdesc" : "The path part of the API URL", +- "order" : 2} ++ "order" : 3} + all_opt["disable_http_filter"] = { + "getopt" : "", + "longopt" : "disable-http-filter", + "help" : "--disable-http-filter Set HTTP Filter header to false", + "required" : "0", + "shortdesc" : "Set HTTP Filter header to false", +- "order" : 3} ++ "order" : 4} + + + def main(): + device_opt = [ + "ipaddr", +- "api_path", + "login", + "passwd", + "ssl", +@@ -179,6 +202,8 @@ def main(): + "web", + "port", + "use_cookies", ++ "api_version", ++ "api_path", + "disable_http_filter", + ] + +@@ -186,6 +211,7 @@ def main(): + define_new_opts() + + all_opt["power_wait"]["default"] = "1" ++ all_opt["shell_timeout"]["default"] = "5" + + options = check_input(device_opt, process_input(device_opt)) + +diff --git a/tests/data/metadata/fence_rhevm.xml b/tests/data/metadata/fence_rhevm.xml +index 6344db79f..c56cf64b6 100644 +--- a/tests/data/metadata/fence_rhevm.xml ++++ b/tests/data/metadata/fence_rhevm.xml +@@ -98,6 +98,11 @@ + + Login name + ++ ++ ++ ++ Version of RHEV API (default: auto) ++ + + + The path part of the API URL +@@ -164,7 +169,7 @@ + + + +- ++ + Wait X seconds for cmd prompt after issuing command + + diff --git a/bz1709926-fence_mpath-fix-watchdog-hardreboot.patch b/bz1709926-fence_mpath-fix-watchdog-hardreboot.patch new file mode 100644 index 0000000..2b187c2 --- /dev/null +++ b/bz1709926-fence_mpath-fix-watchdog-hardreboot.patch @@ -0,0 +1,21 @@ +From e5c6c2e134fd397ffe3319adc7afb8b633a251b2 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Tue, 14 May 2019 16:44:59 +0200 +Subject: [PATCH] fence_mpath: import ctypes to fix watchdog hardreboot + +--- + agents/mpath/fence_mpath.py | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/agents/mpath/fence_mpath.py b/agents/mpath/fence_mpath.py +index d9ac2ef54..e4f598361 100644 +--- a/agents/mpath/fence_mpath.py ++++ b/agents/mpath/fence_mpath.py +@@ -6,6 +6,7 @@ + import os + import logging + import atexit ++import ctypes + sys.path.append("@FENCEAGENTSLIBDIR@") + from fencing import fail_usage, run_command, atexit_handler, check_input, process_input, show_docs + from fencing import fence_action, all_opt, run_delay diff --git a/bz1712263-fence_rhevm-1-use-UTF8-encoding.patch b/bz1712263-fence_rhevm-1-use-UTF8-encoding.patch new file mode 100644 index 0000000..281e006 --- /dev/null +++ b/bz1712263-fence_rhevm-1-use-UTF8-encoding.patch @@ -0,0 +1,32 @@ +From a77165d7c8caadf514462d359c6d564048c2c33a Mon Sep 17 00:00:00 2001 +From: Sandro <42254081+Numblesix@users.noreply.github.com> +Date: Tue, 29 Jan 2019 13:29:52 +0100 +Subject: [PATCH] Changed Encoding to UTF-8 + +Starting from RHV/Ovirt 4.2 we saw issues with the agent(unable to fence) after switching to UTF-8 all worked again. +--- + agents/rhevm/fence_rhevm.py | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/agents/rhevm/fence_rhevm.py b/agents/rhevm/fence_rhevm.py +index 2a5107cc6..a1cdaf605 100644 +--- a/agents/rhevm/fence_rhevm.py ++++ b/agents/rhevm/fence_rhevm.py +@@ -88,7 +88,7 @@ def send_command(opt, command, method="GET"): + ## send command through pycurl + conn = pycurl.Curl() + web_buffer = io.BytesIO() +- conn.setopt(pycurl.URL, url.encode("ascii")) ++ conn.setopt(pycurl.URL, url.encode("UTF-8")) + conn.setopt(pycurl.HTTPHEADER, [ + "Version: 3", + "Content-type: application/xml", +@@ -128,7 +128,7 @@ def send_command(opt, command, method="GET"): + + opt["cookie"] = cookie + +- result = web_buffer.getvalue().decode() ++ result = web_buffer.getvalue().decode("UTF-8") + + logging.debug("%s\n", command) + logging.debug("%s\n", result) diff --git a/bz1712263-fence_rhevm-2-fix-debug-encoding-issues.patch b/bz1712263-fence_rhevm-2-fix-debug-encoding-issues.patch new file mode 100644 index 0000000..9603498 --- /dev/null +++ b/bz1712263-fence_rhevm-2-fix-debug-encoding-issues.patch @@ -0,0 +1,31 @@ +From 965924fe8bf7dcd0bc15fb0e9265ab49bb8a5dd8 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Mon, 20 May 2019 15:49:39 +0200 +Subject: [PATCH] fence_rhevm: fix debug encoding issues + +Tested with UTF-8 encoded comment in result, which caused this issue, +and added to command and url in case they are in UTF-8 decoded state. +--- + agents/rhevm/fence_rhevm.py | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/agents/rhevm/fence_rhevm.py b/agents/rhevm/fence_rhevm.py +index 6012c423..9e4650cd 100644 +--- a/agents/rhevm/fence_rhevm.py ++++ b/agents/rhevm/fence_rhevm.py +@@ -144,9 +144,9 @@ def send_command(opt, command, method="GET"): + + result = web_buffer.getvalue().decode("UTF-8") + +- logging.debug("url: %s\n", url) +- logging.debug("command: %s\n", command) +- logging.debug("result: %s\n", result) ++ logging.debug("url: %s\n", url.encode("UTF-8")) ++ logging.debug("command: %s\n", command.encode("UTF-8")) ++ logging.debug("result: %s\n", result.encode("UTF-8")) + + return result + +-- +2.21.0 + diff --git a/bz1714458-fence_scsi-node-id-new-format.patch b/bz1714458-fence_scsi-node-id-new-format.patch new file mode 100644 index 0000000..0364930 --- /dev/null +++ b/bz1714458-fence_scsi-node-id-new-format.patch @@ -0,0 +1,30 @@ +From 1c4a64ca803831b44c96c75022abe5bb8713cd1a Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Wed, 22 May 2019 10:13:34 +0200 +Subject: [PATCH] fence_scsi: detect node ID using new format, and fallback to + old format before failing + +--- + agents/scsi/fence_scsi.py | 8 +++++++- + 1 file changed, 7 insertions(+), 1 deletion(-) + +diff --git a/agents/scsi/fence_scsi.py b/agents/scsi/fence_scsi.py +index 8a1e4c77..5580e08b 100644 +--- a/agents/scsi/fence_scsi.py ++++ b/agents/scsi/fence_scsi.py +@@ -192,8 +192,14 @@ def get_cluster_id(options): + + def get_node_id(options): + cmd = options["--corosync-cmap-path"] + " nodelist" ++ out = run_cmd(options, cmd)["out"] ++ ++ match = re.search(r".(\d+).name \(str\) = " + options["--plug"] + "\n", out) ++ ++ # try old format before failing ++ if not match: ++ match = re.search(r".(\d+).ring._addr \(str\) = " + options["--plug"] + "\n", out) + +- match = re.search(r".(\d+).ring._addr \(str\) = " + options["--plug"] + "\n", run_cmd(options, cmd)["out"]) + return match.group(1) if match else fail_usage("Failed: unable to parse output of corosync-cmapctl or node does not exist") + + diff --git a/bz1720198-fence_scsi-watchdog-fix-retry-failing-on-first-try.patch b/bz1720198-fence_scsi-watchdog-fix-retry-failing-on-first-try.patch new file mode 100644 index 0000000..010fc00 --- /dev/null +++ b/bz1720198-fence_scsi-watchdog-fix-retry-failing-on-first-try.patch @@ -0,0 +1,42 @@ +From 418b3a36c8a7de0e984a0cd4707f2b90f279c4ce Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Thu, 13 Jun 2019 11:29:25 +0200 +Subject: [PATCH] fence_scsi watchdog: dont exit when command fails using retry + parameter + +--- + lib/fencing.py.py | 7 ++++--- + 1 file changed, 4 insertions(+), 3 deletions(-) + +diff --git a/lib/fencing.py.py b/lib/fencing.py.py +index 8cd0a813..6f2526a9 100644 +--- a/lib/fencing.py.py ++++ b/lib/fencing.py.py +@@ -530,7 +530,7 @@ def fail_usage(message="", stop=True): + logging.error("Please use '-h' for usage\n") + sys.exit(EC_GENERIC_ERROR) + +-def fail(error_code): ++def fail(error_code, stop=True): + message = { + EC_LOGIN_DENIED : "Unable to connect/login to fencing device", + EC_CONNECTION_LOST : "Connection lost", +@@ -546,7 +546,8 @@ def fail(error_code): + + }[error_code] + "\n" + logging.error("%s\n", message) +- sys.exit(EC_GENERIC_ERROR) ++ if stop: ++ sys.exit(EC_GENERIC_ERROR) + + def usage(avail_opt): + print("Usage:") +@@ -1009,7 +1010,7 @@ def run_command(options, command, timeout=None, env=None, log_command=None): + thread.join(timeout) + if thread.is_alive(): + process.kill() +- fail(EC_TIMED_OUT) ++ fail(EC_TIMED_OUT, stop=(int(options.get("retry", 0)) < 1)) + + status = process.wait() + diff --git a/bz1728203-bz1874862-fence_ibm_vpc-fence_ibm_powervs.patch b/bz1728203-bz1874862-fence_ibm_vpc-fence_ibm_powervs.patch new file mode 100644 index 0000000..d68612c --- /dev/null +++ b/bz1728203-bz1874862-fence_ibm_vpc-fence_ibm_powervs.patch @@ -0,0 +1,740 @@ +From 3078e4d55d3bad2bbf9309785fdb2b53afac8d65 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Tue, 13 Jul 2021 13:39:33 +0200 +Subject: [PATCH] fence_ibm_vpc/fence_ibm_powervs: new fence agents + +--- + agents/ibm_powervs/fence_ibm_powervs.py | 202 +++++++++++++++++++ + agents/ibm_vpc/fence_ibm_vpc.py | 230 ++++++++++++++++++++++ + tests/data/metadata/fence_ibm_powervs.xml | 134 +++++++++++++ + tests/data/metadata/fence_ibm_vpc.xml | 134 +++++++++++++ + 5 files changed, 724 insertions(+) + create mode 100755 agents/ibm_powervs/fence_ibm_powervs.py + create mode 100755 agents/ibm_vpc/fence_ibm_vpc.py + create mode 100644 tests/data/metadata/fence_ibm_powervs.xml + create mode 100644 tests/data/metadata/fence_ibm_vpc.xml + +diff --git a/agents/ibm_powervs/fence_ibm_powervs.py b/agents/ibm_powervs/fence_ibm_powervs.py +new file mode 100755 +index 000000000..6649771ea +--- /dev/null ++++ b/agents/ibm_powervs/fence_ibm_powervs.py +@@ -0,0 +1,202 @@ ++#!@PYTHON@ -tt ++ ++import sys ++import pycurl, io, json ++import logging ++import atexit ++sys.path.append("@FENCEAGENTSLIBDIR@") ++from fencing import * ++from fencing import fail, run_delay, EC_LOGIN_DENIED, EC_STATUS ++ ++state = { ++ "ACTIVE": "on", ++ "SHUTOFF": "off", ++ "ERROR": "unknown" ++} ++ ++def get_list(conn, options): ++ outlets = {} ++ ++ try: ++ command = "cloud-instances/{}/pvm-instances".format(options["--instance"]) ++ res = send_command(conn, command) ++ except Exception as e: ++ logging.debug("Failed: {}".format(e)) ++ return outlets ++ ++ for r in res["pvmInstances"]: ++ if "--verbose" in options: ++ logging.debug(json.dumps(r, indent=2)) ++ outlets[r["pvmInstanceID"]] = (r["serverName"], state[r["status"]]) ++ ++ return outlets ++ ++def get_power_status(conn, options): ++ try: ++ command = "cloud-instances/{}/pvm-instances/{}".format( ++ options["--instance"], options["--plug"]) ++ res = send_command(conn, command) ++ result = get_list(conn, options)[options["--plug"]][1] ++ except KeyError as e: ++ logging.debug("Failed: Unable to get status for {}".format(e)) ++ fail(EC_STATUS) ++ ++ return result ++ ++def set_power_status(conn, options): ++ action = { ++ "on" : '{"action" : "start"}', ++ "off" : '{"action" : "immediate-shutdown"}', ++ }[options["--action"]] ++ ++ try: ++ send_command(conn, "cloud-instances/{}/pvm-instances/{}/action".format( ++ options["--instance"], options["--plug"]), "POST", action) ++ except Exception as e: ++ logging.debug("Failed: Unable to set power to {} for {}".format(options["--action"], e)) ++ fail(EC_STATUS) ++ ++def connect(opt): ++ conn = pycurl.Curl() ++ ++ ## setup correct URL ++ conn.base_url = "https://" + opt["--region"] + ".power-iaas.cloud.ibm.com/pcloud/v1/" ++ ++ if opt["--verbose-level"] > 1: ++ conn.setopt(pycurl.VERBOSE, 1) ++ ++ conn.setopt(pycurl.TIMEOUT, int(opt["--shell-timeout"])) ++ conn.setopt(pycurl.SSL_VERIFYPEER, 1) ++ conn.setopt(pycurl.SSL_VERIFYHOST, 2) ++ ++ # set auth token for later requests ++ conn.setopt(pycurl.HTTPHEADER, [ ++ "Content-Type: application/json", ++ "Authorization: Bearer {}".format(opt["--token"]), ++ "CRN: {}".format(opt["--crn"]), ++ "User-Agent: curl", ++ ]) ++ ++ return conn ++ ++def disconnect(conn): ++ conn.close() ++ ++def send_command(conn, command, method="GET", action=None): ++ url = conn.base_url + command ++ ++ conn.setopt(pycurl.URL, url.encode("ascii")) ++ ++ web_buffer = io.BytesIO() ++ ++ if method == "GET": ++ conn.setopt(pycurl.POST, 0) ++ if method == "POST": ++ conn.setopt(pycurl.POSTFIELDS, action) ++ if method == "DELETE": ++ conn.setopt(pycurl.CUSTOMREQUEST, "DELETE") ++ ++ conn.setopt(pycurl.WRITEFUNCTION, web_buffer.write) ++ ++ try: ++ conn.perform() ++ except Exception as e: ++ raise(e) ++ ++ rc = conn.getinfo(pycurl.HTTP_CODE) ++ result = web_buffer.getvalue().decode("UTF-8") ++ ++ web_buffer.close() ++ ++ if rc != 200: ++ if len(result) > 0: ++ raise Exception("{}: {}".format(rc, ++ result["value"]["messages"][0]["default_message"])) ++ else: ++ raise Exception("Remote returned {} for request to {}".format(rc, url)) ++ ++ if len(result) > 0: ++ result = json.loads(result) ++ ++ logging.debug("url: {}".format(url)) ++ logging.debug("method: {}".format(method)) ++ logging.debug("response code: {}".format(rc)) ++ logging.debug("result: {}\n".format(result)) ++ ++ return result ++ ++def define_new_opts(): ++ all_opt["token"] = { ++ "getopt" : ":", ++ "longopt" : "token", ++ "help" : "--token=[token] Bearer Token", ++ "required" : "1", ++ "shortdesc" : "Bearer Token", ++ "order" : 0 ++ } ++ all_opt["crn"] = { ++ "getopt" : ":", ++ "longopt" : "crn", ++ "help" : "--crn=[crn] CRN", ++ "required" : "1", ++ "shortdesc" : "CRN", ++ "order" : 0 ++ } ++ all_opt["instance"] = { ++ "getopt" : ":", ++ "longopt" : "instance", ++ "help" : "--instance=[instance] PowerVS Instance", ++ "required" : "1", ++ "shortdesc" : "PowerVS Instance", ++ "order" : 0 ++ } ++ all_opt["region"] = { ++ "getopt" : ":", ++ "longopt" : "region", ++ "help" : "--region=[region] Region", ++ "required" : "1", ++ "shortdesc" : "Region", ++ "order" : 0 ++ } ++ ++ ++def main(): ++ device_opt = [ ++ "token", ++ "crn", ++ "instance", ++ "region", ++ "port", ++ "no_password", ++ ] ++ ++ atexit.register(atexit_handler) ++ define_new_opts() ++ ++ all_opt["shell_timeout"]["default"] = "15" ++ all_opt["power_timeout"]["default"] = "30" ++ all_opt["power_wait"]["default"] = "1" ++ ++ options = check_input(device_opt, process_input(device_opt)) ++ ++ docs = {} ++ docs["shortdesc"] = "Fence agent for IBM PowerVS" ++ docs["longdesc"] = """fence_ibm_powervs is an I/O Fencing agent which can be \ ++used with IBM PowerVS to fence virtual machines.""" ++ docs["vendorurl"] = "https://www.ibm.com" ++ show_docs(options, docs) ++ ++ #### ++ ## Fence operations ++ #### ++ run_delay(options) ++ ++ conn = connect(options) ++ atexit.register(disconnect, conn) ++ ++ result = fence_action(conn, options, set_power_status, get_power_status, get_list) ++ ++ sys.exit(result) ++ ++if __name__ == "__main__": ++ main() +diff --git a/agents/ibm_vpc/fence_ibm_vpc.py b/agents/ibm_vpc/fence_ibm_vpc.py +new file mode 100755 +index 000000000..9f84f7b2d +--- /dev/null ++++ b/agents/ibm_vpc/fence_ibm_vpc.py +@@ -0,0 +1,230 @@ ++#!@PYTHON@ -tt ++ ++import sys ++import pycurl, io, json ++import logging ++import atexit ++sys.path.append("@FENCEAGENTSLIBDIR@") ++from fencing import * ++from fencing import fail, run_delay, EC_LOGIN_DENIED, EC_STATUS ++ ++state = { ++ "running": "on", ++ "stopped": "off", ++ "starting": "unknown", ++ "stopping": "unknown", ++ "restarting": "unknown", ++ "pending": "unknown", ++} ++ ++def get_list(conn, options): ++ outlets = {} ++ ++ try: ++ command = "instances?version=2021-05-25&generation=2&limit={}".format(options["--limit"]) ++ res = send_command(conn, command) ++ except Exception as e: ++ logging.debug("Failed: Unable to get list: {}".format(e)) ++ return outlets ++ ++ for r in res["instances"]: ++ if options["--verbose-level"] > 1: ++ logging.debug("Node:\n{}".format(json.dumps(r, indent=2))) ++ logging.debug("Status: " + state[r["status"]]) ++ outlets[r["id"]] = (r["name"], state[r["status"]]) ++ ++ return outlets ++ ++def get_power_status(conn, options): ++ try: ++ command = "instances/{}?version=2021-05-25&generation=2".format(options["--plug"]) ++ res = send_command(conn, command) ++ result = state[res["status"]] ++ if options["--verbose-level"] > 1: ++ logging.debug("Result:\n{}".format(json.dumps(res, indent=2))) ++ logging.debug("Status: " + result) ++ except Exception as e: ++ logging.debug("Failed: Unable to get status for {}: {}".format(options["--plug"], e)) ++ fail(EC_STATUS) ++ ++ return result ++ ++def set_power_status(conn, options): ++ action = { ++ "on" : '{"type" : "start"}', ++ "off" : '{"type" : "stop"}', ++ }[options["--action"]] ++ ++ try: ++ command = "instances/{}/actions?version=2021-05-25&generation=2".format(options["--plug"]) ++ send_command(conn, command, "POST", action, 201) ++ except Exception as e: ++ logging.debug("Failed: Unable to set power to {} for {}".format(options["--action"], e)) ++ fail(EC_STATUS) ++ ++def get_bearer_token(conn, options): ++ token = None ++ try: ++ conn.setopt(pycurl.HTTPHEADER, [ ++ "Content-Type: application/x-www-form-urlencoded", ++ "User-Agent: curl", ++ ]) ++ token = send_command(conn, "https://iam.cloud.ibm.com/identity/token", "POST", "grant_type=urn:ibm:params:oauth:grant-type:apikey&apikey={}".format(options["--apikey"]))["access_token"] ++ except Exception: ++ logging.error("Failed: Unable to authenticate") ++ fail(EC_LOGIN_DENIED) ++ ++ return token ++ ++def connect(opt): ++ conn = pycurl.Curl() ++ ++ ## setup correct URL ++ conn.base_url = "https://" + opt["--region"] + ".iaas.cloud.ibm.com/v1/" ++ ++ if opt["--verbose-level"] > 1: ++ conn.setopt(pycurl.VERBOSE, 1) ++ ++ conn.setopt(pycurl.TIMEOUT, int(opt["--shell-timeout"])) ++ conn.setopt(pycurl.SSL_VERIFYPEER, 1) ++ conn.setopt(pycurl.SSL_VERIFYHOST, 2) ++ ++ # get bearer token ++ bearer_token = get_bearer_token(conn, opt) ++ ++ # set auth token for later requests ++ conn.setopt(pycurl.HTTPHEADER, [ ++ "Content-Type: application/json", ++ "Authorization: Bearer {}".format(bearer_token), ++ "User-Agent: curl", ++ ]) ++ ++ return conn ++ ++def disconnect(conn): ++ conn.close() ++ ++def send_command(conn, command, method="GET", action=None, expected_rc=200): ++ if not command.startswith("https"): ++ url = conn.base_url + command ++ else: ++ url = command ++ ++ conn.setopt(pycurl.URL, url.encode("ascii")) ++ ++ web_buffer = io.BytesIO() ++ ++ if method == "GET": ++ conn.setopt(pycurl.POST, 0) ++ if method == "POST": ++ conn.setopt(pycurl.POSTFIELDS, action) ++ if method == "DELETE": ++ conn.setopt(pycurl.CUSTOMREQUEST, "DELETE") ++ ++ conn.setopt(pycurl.WRITEFUNCTION, web_buffer.write) ++ ++ try: ++ conn.perform() ++ except Exception as e: ++ raise(e) ++ ++ rc = conn.getinfo(pycurl.HTTP_CODE) ++ result = web_buffer.getvalue().decode("UTF-8") ++ ++ web_buffer.close() ++ ++ # actions (start/stop/reboot) report 201 when they've been created ++ if rc != expected_rc: ++ logging.debug("rc: {}, result: {}".format(rc, result)) ++ if len(result) > 0: ++ raise Exception("{}: {}".format(rc, ++ result["value"]["messages"][0]["default_message"])) ++ else: ++ raise Exception("Remote returned {} for request to {}".format(rc, url)) ++ ++ if len(result) > 0: ++ result = json.loads(result) ++ ++ logging.debug("url: {}".format(url)) ++ logging.debug("method: {}".format(method)) ++ logging.debug("response code: {}".format(rc)) ++ logging.debug("result: {}\n".format(result)) ++ ++ return result ++ ++def define_new_opts(): ++ all_opt["apikey"] = { ++ "getopt" : ":", ++ "longopt" : "apikey", ++ "help" : "--apikey=[key] API Key", ++ "required" : "1", ++ "shortdesc" : "API Key", ++ "order" : 0 ++ } ++ all_opt["instance"] = { ++ "getopt" : ":", ++ "longopt" : "instance", ++ "help" : "--instance=[instance] Cloud Instance", ++ "required" : "1", ++ "shortdesc" : "Cloud Instance", ++ "order" : 0 ++ } ++ all_opt["region"] = { ++ "getopt" : ":", ++ "longopt" : "region", ++ "help" : "--region=[region] Region", ++ "required" : "1", ++ "shortdesc" : "Region", ++ "order" : 0 ++ } ++ all_opt["limit"] = { ++ "getopt" : ":", ++ "longopt" : "limit", ++ "help" : "--limit=[number] Limit number of nodes returned by API", ++ "required" : "1", ++ "default": 50, ++ "shortdesc" : "Number of nodes returned by API", ++ "order" : 0 ++ } ++ ++ ++def main(): ++ device_opt = [ ++ "apikey", ++ "instance", ++ "region", ++ "limit", ++ "port", ++ "no_password", ++ ] ++ ++ atexit.register(atexit_handler) ++ define_new_opts() ++ ++ all_opt["shell_timeout"]["default"] = "15" ++ all_opt["power_timeout"]["default"] = "30" ++ all_opt["power_wait"]["default"] = "1" ++ ++ options = check_input(device_opt, process_input(device_opt)) ++ ++ docs = {} ++ docs["shortdesc"] = "Fence agent for IBM Cloud VPC" ++ docs["longdesc"] = """fence_ibm_vpc is an I/O Fencing agent which can be \ ++used with IBM Cloud VPC to fence virtual machines.""" ++ docs["vendorurl"] = "https://www.ibm.com" ++ show_docs(options, docs) ++ ++ #### ++ ## Fence operations ++ #### ++ run_delay(options) ++ ++ conn = connect(options) ++ atexit.register(disconnect, conn) ++ ++ result = fence_action(conn, options, set_power_status, get_power_status, get_list) ++ ++ sys.exit(result) ++ ++if __name__ == "__main__": ++ main() +diff --git a/tests/data/metadata/fence_ibm_powervs.xml b/tests/data/metadata/fence_ibm_powervs.xml +new file mode 100644 +index 000000000..fe86331bd +--- /dev/null ++++ b/tests/data/metadata/fence_ibm_powervs.xml +@@ -0,0 +1,134 @@ ++ ++ ++fence_ibm_powervs is an I/O Fencing agent which can be used with IBM PowerVS to fence virtual machines. ++https://www.ibm.com ++ ++ ++ ++ ++ CRN ++ ++ ++ ++ ++ PowerVS Instance ++ ++ ++ ++ ++ Region ++ ++ ++ ++ ++ Bearer Token ++ ++ ++ ++ ++ Fencing action ++ ++ ++ ++ ++ Physical plug number on device, UUID or identification of machine ++ ++ ++ ++ ++ Physical plug number on device, UUID or identification of machine ++ ++ ++ ++ ++ Disable logging to stderr. Does not affect --verbose or --debug-file or logging to syslog. ++ ++ ++ ++ ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). ++ ++ ++ ++ ++ Write debug information to given file ++ ++ ++ ++ ++ Write debug information to given file ++ ++ ++ ++ ++ Display version information and exit ++ ++ ++ ++ ++ Display help and exit ++ ++ ++ ++ ++ Separator for CSV created by 'list' operation ++ ++ ++ ++ ++ Wait X seconds before fencing is started ++ ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ ++ ++ ++ ++ Wait X seconds for cmd prompt after login ++ ++ ++ ++ ++ Test X seconds for status change after ON/OFF ++ ++ ++ ++ ++ Wait X seconds after issuing ON/OFF ++ ++ ++ ++ ++ Wait X seconds for cmd prompt after issuing command ++ ++ ++ ++ ++ Sleep X seconds between status calls during a STONITH action ++ ++ ++ ++ ++ Count of attempts to retry power on ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ +diff --git a/tests/data/metadata/fence_ibm_vpc.xml b/tests/data/metadata/fence_ibm_vpc.xml +new file mode 100644 +index 000000000..926efcaa0 +--- /dev/null ++++ b/tests/data/metadata/fence_ibm_vpc.xml +@@ -0,0 +1,134 @@ ++ ++ ++fence_ibm_vpc is an I/O Fencing agent which can be used with IBM Cloud VPC to fence virtual machines. ++https://www.ibm.com ++ ++ ++ ++ ++ API Key ++ ++ ++ ++ ++ Cloud Instance ++ ++ ++ ++ ++ Number of nodes returned by API ++ ++ ++ ++ ++ Region ++ ++ ++ ++ ++ Fencing action ++ ++ ++ ++ ++ Physical plug number on device, UUID or identification of machine ++ ++ ++ ++ ++ Physical plug number on device, UUID or identification of machine ++ ++ ++ ++ ++ Disable logging to stderr. Does not affect --verbose or --debug-file or logging to syslog. ++ ++ ++ ++ ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). ++ ++ ++ ++ ++ Write debug information to given file ++ ++ ++ ++ ++ Write debug information to given file ++ ++ ++ ++ ++ Display version information and exit ++ ++ ++ ++ ++ Display help and exit ++ ++ ++ ++ ++ Separator for CSV created by 'list' operation ++ ++ ++ ++ ++ Wait X seconds before fencing is started ++ ++ ++ ++ ++ Disable timeout (true/false) (default: true when run from Pacemaker 2.0+) ++ ++ ++ ++ ++ Wait X seconds for cmd prompt after login ++ ++ ++ ++ ++ Test X seconds for status change after ON/OFF ++ ++ ++ ++ ++ Wait X seconds after issuing ON/OFF ++ ++ ++ ++ ++ Wait X seconds for cmd prompt after issuing command ++ ++ ++ ++ ++ Sleep X seconds between status calls during a STONITH action ++ ++ ++ ++ ++ Count of attempts to retry power on ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ diff --git a/bz1732766-fence_aliyun-1-add-RAM-role.patch b/bz1732766-fence_aliyun-1-add-RAM-role.patch new file mode 100644 index 0000000..fd636fa --- /dev/null +++ b/bz1732766-fence_aliyun-1-add-RAM-role.patch @@ -0,0 +1,152 @@ +From 31548d184c977521dad5e6320c7a74ed732c19bb Mon Sep 17 00:00:00 2001 +From: dongchen126 <51401223+dongchen126@users.noreply.github.com> +Date: Thu, 11 Jul 2019 14:05:58 +0800 +Subject: [PATCH 1/4] Update fence_aliyun.py + +1.Import region provider to enable Alibaba cloud private zone functionality which support API endpoint access from intranet +2.Add ram role functionality to improve security which disable AccessKey ID and Access Key Secret +--- + agents/aliyun/fence_aliyun.py | 28 +++++++++++++++++++++------- + 1 file changed, 21 insertions(+), 7 deletions(-) + +diff --git a/agents/aliyun/fence_aliyun.py b/agents/aliyun/fence_aliyun.py +index d780e2ab..aea1ea8f 100644 +--- a/agents/aliyun/fence_aliyun.py ++++ b/agents/aliyun/fence_aliyun.py +@@ -15,6 +15,7 @@ + from aliyunsdkecs.request.v20140526.StartInstanceRequest import StartInstanceRequest + from aliyunsdkecs.request.v20140526.StopInstanceRequest import StopInstanceRequest + from aliyunsdkecs.request.v20140526.RebootInstanceRequest import RebootInstanceRequest ++ from aliyunsdkcore.profile import region_provider + except ImportError: + pass + +@@ -121,12 +122,20 @@ def define_new_opts(): + "required" : "0", + "order" : 4 + } ++ all_opt["ram_role"] = { ++ "getopt": "m:", ++ "longopt": "ram-role", ++ "help": "-m, --ram-role=[name] Ram Role", ++ "shortdesc": "Ram Role.", ++ "required": "0", ++ "order": 5 ++ } + + # Main agent method + def main(): + conn = None + +- device_opt = ["port", "no_password", "region", "access_key", "secret_key"] ++ device_opt = ["port", "no_password", "region", "access_key", "secret_key", "ram_role"] + + atexit.register(atexit_handler) + +@@ -144,13 +153,18 @@ def main(): + + run_delay(options) + +- if "--region" in options and "--access-key" in options and "--secret-key" in options: ++ if "--region" in options: + region = options["--region"] +- access_key = options["--access-key"] +- secret_key = options["--secret-key"] +- conn = client.AcsClient(access_key, secret_key, region) +- +- ++ if "--access-key" in options and "--secret-key" in options: ++ access_key = options["--access-key"] ++ secret_key = options["--secret-key"] ++ conn = client.AcsClient(access_key, secret_key, region) ++ elif "--ram-role" in options: ++ ram_role = options["--ram-role"] ++ role = EcsRamRoleCredential(ram_role) ++ conn = client.AcsClient(region_id=region, credential=role) ++ region_provider.modify_point('Ecs', region, 'ecs.%s.aliyuncs.com' % region) ++ + # Operate the fencing device + result = fence_action(conn, options, set_power_status, get_power_status, get_nodes_list) + sys.exit(result) + +From 285d29d398bbf8f87da7acfde3f89f83b32fa586 Mon Sep 17 00:00:00 2001 +From: chen dong <51401223+dongchen126@users.noreply.github.com> +Date: Thu, 11 Jul 2019 15:30:10 +0800 +Subject: [PATCH 2/4] Update fence_aliyun.xml + +Add ram role for security +Add region provider for private zone functionality +--- + tests/data/metadata/fence_aliyun.xml | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/tests/data/metadata/fence_aliyun.xml b/tests/data/metadata/fence_aliyun.xml +index b41d82bf..eecd6f4e 100644 +--- a/tests/data/metadata/fence_aliyun.xml ++++ b/tests/data/metadata/fence_aliyun.xml +@@ -33,6 +33,11 @@ + + Secret Key. + ++ ++ ++ ++ Ram Role. ++ + + + + +From d4de57fdb94eeee483988584086c5690c8967f76 Mon Sep 17 00:00:00 2001 +From: chen dong <51401223+dongchen126@users.noreply.github.com> +Date: Wed, 24 Jul 2019 17:23:48 +0800 +Subject: [PATCH 3/4] Update fence_aliyun.py +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +delet paramater “m” +--- + agents/aliyun/fence_aliyun.py | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/agents/aliyun/fence_aliyun.py b/agents/aliyun/fence_aliyun.py +index aea1ea8f..3bc825fe 100644 +--- a/agents/aliyun/fence_aliyun.py ++++ b/agents/aliyun/fence_aliyun.py +@@ -123,9 +123,9 @@ def define_new_opts(): + "order" : 4 + } + all_opt["ram_role"] = { +- "getopt": "m:", ++ "getopt": ":", + "longopt": "ram-role", +- "help": "-m, --ram-role=[name] Ram Role", ++ "help": "--ram-role=[name] Ram Role", + "shortdesc": "Ram Role.", + "required": "0", + "order": 5 + +From 367c17ef4f44b6cce2d10f0a220b55b02d0d631e Mon Sep 17 00:00:00 2001 +From: chen dong <51401223+dongchen126@users.noreply.github.com> +Date: Wed, 24 Jul 2019 17:25:39 +0800 +Subject: [PATCH 4/4] Update fence_aliyun.xml + +delete "m" parameter +--- + tests/data/metadata/fence_aliyun.xml | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/tests/data/metadata/fence_aliyun.xml b/tests/data/metadata/fence_aliyun.xml +index eecd6f4e..2de3a8aa 100644 +--- a/tests/data/metadata/fence_aliyun.xml ++++ b/tests/data/metadata/fence_aliyun.xml +@@ -34,7 +34,7 @@ + Secret Key. + + +- ++ + + Ram Role. + diff --git a/bz1732766-fence_aliyun-2-import-EcsRamRoleCredential.patch b/bz1732766-fence_aliyun-2-import-EcsRamRoleCredential.patch new file mode 100644 index 0000000..db4416d --- /dev/null +++ b/bz1732766-fence_aliyun-2-import-EcsRamRoleCredential.patch @@ -0,0 +1,39 @@ +From b5f1bd2a257ce868b6845d77abdfc741c19d4d3e Mon Sep 17 00:00:00 2001 +From: chen dong <51401223+dongchen126@users.noreply.github.com> +Date: Thu, 11 Jul 2019 15:30:10 +0800 +Subject: [PATCH] Update fence_aliyun.xml +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Add ram role for security +Add region provider for private zone functionality + +Update fence_aliyun.py + +delet paramater “m” + +Update fence_aliyun.xml + +delete "m" parameter + +Update fence_aliyun.py + +add "EcsRamRoleCredential" class from aliyun SDK +--- + agents/aliyun/fence_aliyun.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/agents/aliyun/fence_aliyun.py b/agents/aliyun/fence_aliyun.py +index 3bc825fe..aa0b741d 100644 +--- a/agents/aliyun/fence_aliyun.py ++++ b/agents/aliyun/fence_aliyun.py +@@ -10,7 +10,7 @@ + + try: + from aliyunsdkcore import client +- ++ from aliyunsdkcore.auth.credentials import EcsRamRoleCredential + from aliyunsdkecs.request.v20140526.DescribeInstancesRequest import DescribeInstancesRequest + from aliyunsdkecs.request.v20140526.StartInstanceRequest import StartInstanceRequest + from aliyunsdkecs.request.v20140526.StopInstanceRequest import StopInstanceRequest diff --git a/bz1732773-fence_vmware_rest-fix-keyerror-suspended-vms.patch b/bz1732773-fence_vmware_rest-fix-keyerror-suspended-vms.patch new file mode 100644 index 0000000..3c9af83 --- /dev/null +++ b/bz1732773-fence_vmware_rest-fix-keyerror-suspended-vms.patch @@ -0,0 +1,23 @@ +From 33a638ff624839d7fa2d409479c348abee57763e Mon Sep 17 00:00:00 2001 +From: dwannamaker-onr +Date: Tue, 25 Jun 2019 15:28:00 -0400 +Subject: [PATCH] Fixed issue with SUSPENDED VMs + +If any VMs in the vCenter are suspended, you get a KeyError because that state is not expected. This breaks list and monitor actions. +--- + agents/vmware_rest/fence_vmware_rest.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/agents/vmware_rest/fence_vmware_rest.py b/agents/vmware_rest/fence_vmware_rest.py +index b544d385..53b4066d 100644 +--- a/agents/vmware_rest/fence_vmware_rest.py ++++ b/agents/vmware_rest/fence_vmware_rest.py +@@ -8,7 +8,7 @@ + from fencing import * + from fencing import fail, run_delay, EC_LOGIN_DENIED, EC_STATUS + +-state = {"POWERED_ON": "on", 'POWERED_OFF': "off"} ++state = {"POWERED_ON": "on", 'POWERED_OFF': "off", 'SUSPENDED': "off"} + + def get_power_status(conn, options): + res = send_command(conn, "vcenter/vm?filter.names={}".format(options["--plug"]))["value"] diff --git a/bz1734811-fence_iloX_ssh-monitor-timeout-warning.patch b/bz1734811-fence_iloX_ssh-monitor-timeout-warning.patch new file mode 100644 index 0000000..ba26ed3 --- /dev/null +++ b/bz1734811-fence_iloX_ssh-monitor-timeout-warning.patch @@ -0,0 +1,25 @@ +From 7c1348d53aa8080f2fcfc344a2f4a2372739a62c Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Tue, 6 Aug 2019 13:06:13 +0200 +Subject: [PATCH] fence_ilo_ssh*: add timeout warning in metadata/manpage + +--- + agents/ilo_ssh/fence_ilo_ssh.py | 5 ++++- + 5 files changed, 16 insertions(+), 5 deletions(-) + +diff --git a/agents/ilo_ssh/fence_ilo_ssh.py b/agents/ilo_ssh/fence_ilo_ssh.py +index 88f13d17..a27e3418 100644 +--- a/agents/ilo_ssh/fence_ilo_ssh.py ++++ b/agents/ilo_ssh/fence_ilo_ssh.py +@@ -51,7 +51,10 @@ def main(): + docs = {} + docs["shortdesc"] = "Fence agent for HP iLO over SSH" + docs["longdesc"] = "fence_ilo_ssh is a fence agent that connects to iLO device. It logs into \ +-device via ssh and reboot a specified outlet. " ++device via ssh and reboot a specified outlet.\ ++\n.P\n\ ++WARNING: The monitor-action is prone to timeouts. Use the fence_ilo-equivalent \ ++to avoid this issue." + docs["vendorurl"] = "http://www.hp.com" + docs["symlink"] = [("fence_ilo3_ssh", "Fence agent for HP iLO3 over SSH"), + ("fence_ilo4_ssh", "Fence agent for HP iLO4 over SSH"), diff --git a/bz1748443-fence_zvmip-python3-fixes.patch b/bz1748443-fence_zvmip-python3-fixes.patch new file mode 100644 index 0000000..90586aa --- /dev/null +++ b/bz1748443-fence_zvmip-python3-fixes.patch @@ -0,0 +1,43 @@ +From 2735a4ee096f87fda2e94029db7f059d7be28464 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Thu, 5 Sep 2019 10:28:18 +0200 +Subject: [PATCH] fence_zvmip: fix Python 3 issues + +--- + agents/zvm/fence_zvmip.py | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/agents/zvm/fence_zvmip.py b/agents/zvm/fence_zvmip.py +index 5fbe53e4..e6bb01d1 100644 +--- a/agents/zvm/fence_zvmip.py ++++ b/agents/zvm/fence_zvmip.py +@@ -37,7 +37,7 @@ def open_socket(options): + return conn + + def smapi_pack_string(string): +- return struct.pack("!i%ds" % (len(string)), len(string), string) ++ return struct.pack("!i%ds" % (len(string)), len(string), string.encode("UTF-8")) + + def prepare_smapi_command(options, smapi_function, additional_args): + packet_size = 3*INT4 + len(smapi_function) + len(options["--username"]) + len(options["--password"]) +@@ -126,7 +126,7 @@ def get_list_of_images(options, command, data_as_plug): + data = "" + + while True: +- read_data = conn.recv(1024, socket.MSG_WAITALL) ++ read_data = conn.recv(1024, socket.MSG_WAITALL).decode("UTF-8") + data += read_data + if array_len == len(data): + break +@@ -136,9 +136,9 @@ def get_list_of_images(options, command, data_as_plug): + + parsed_len = 0 + while parsed_len < array_len: +- string_len = struct.unpack("!i", data[parsed_len:parsed_len+INT4])[0] ++ string_len = struct.unpack("!i", data[parsed_len:parsed_len+INT4].encode("UTF-8"))[0] + parsed_len += INT4 +- image_name = struct.unpack("!%ds" % (string_len), data[parsed_len:parsed_len+string_len])[0] ++ image_name = struct.unpack("!%ds" % (string_len), data[parsed_len:parsed_len+string_len].encode("UTF-8"))[0].decode("UTF-8") + parsed_len += string_len + images.add(image_name) + diff --git a/bz1750596-fence_scsi-add-readonly-parameter.patch b/bz1750596-fence_scsi-add-readonly-parameter.patch new file mode 100644 index 0000000..dea7876 --- /dev/null +++ b/bz1750596-fence_scsi-add-readonly-parameter.patch @@ -0,0 +1,79 @@ +From f1f8fe7791d0bf439f7caf1365c371153f9819ff Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Thu, 14 May 2020 15:41:52 +0200 +Subject: [PATCH] fence_scsi: add readonly parameter + +--- + agents/scsi/fence_scsi.py | 21 ++++++++++++++++++--- + tests/data/metadata/fence_scsi.xml | 5 +++++ + 2 files changed, 23 insertions(+), 3 deletions(-) + +diff --git a/agents/scsi/fence_scsi.py b/agents/scsi/fence_scsi.py +index 9b6af556..77817f35 100644 +--- a/agents/scsi/fence_scsi.py ++++ b/agents/scsi/fence_scsi.py +@@ -150,7 +150,10 @@ def reserve_dev(options, dev): + + def get_reservation_key(options, dev): + reset_dev(options,dev) +- cmd = options["--sg_persist-path"] + " -n -i -r -d " + dev ++ opts = "" ++ if "--readonly" in options: ++ opts = "-y " ++ cmd = options["--sg_persist-path"] + " -n -i " + opts + "-r -d " + dev + out = run_cmd(options, cmd) + if out["err"]: + fail_usage("Cannot get reservation key") +@@ -161,7 +164,10 @@ def get_reservation_key(options, dev): + def get_registration_keys(options, dev, fail=True): + reset_dev(options,dev) + keys = [] +- cmd = options["--sg_persist-path"] + " -n -i -k -d " + dev ++ opts = "" ++ if "--readonly" in options: ++ opts = "-y " ++ cmd = options["--sg_persist-path"] + " -n -i " + opts + "-k -d " + dev + out = run_cmd(options, cmd) + if out["err"]: + fail_usage("Cannot get registration keys", fail) +@@ -342,6 +348,14 @@ def define_new_opts(): + "shortdesc" : "Use the APTPL flag for registrations. This option is only used for the 'on' action.", + "order": 1 + } ++ all_opt["readonly"] = { ++ "getopt" : "", ++ "longopt" : "readonly", ++ "help" : "--readonly Open DEVICE read-only. May be useful with PRIN commands if there are unwanted side effects with the default read-write open.", ++ "required" : "0", ++ "shortdesc" : "Open DEVICE read-only.", ++ "order": 4 ++ } + all_opt["logfile"] = { + "getopt" : ":", + "longopt" : "logfile", +@@ -464,7 +478,8 @@ def main(): + + device_opt = ["no_login", "no_password", "devices", "nodename", "port",\ + "no_port", "key", "aptpl", "fabric_fencing", "on_target", "corosync_cmap_path",\ +- "sg_persist_path", "sg_turs_path", "logfile", "vgs_path", "force_on", "key_value"] ++ "sg_persist_path", "sg_turs_path", "readonly", "logfile", "vgs_path",\ ++ "force_on", "key_value"] + + define_new_opts() + +diff --git a/tests/data/metadata/fence_scsi.xml b/tests/data/metadata/fence_scsi.xml +index b840f3cf..d0818b0d 100644 +--- a/tests/data/metadata/fence_scsi.xml ++++ b/tests/data/metadata/fence_scsi.xml +@@ -36,6 +36,11 @@ When used as a watchdog device you can define e.g. retry=1, retry-sleep=2 and ve + + Name of the node to be fenced. The node name is used to generate the key value used for the current operation. This option will be ignored when used with the -k option. + ++ ++ ++ ++ Open DEVICE read-only. ++ + + + diff --git a/bz1751704-fence_mpath-fix-watchdog-trigger-multipath-disconnect.patch b/bz1751704-fence_mpath-fix-watchdog-trigger-multipath-disconnect.patch new file mode 100644 index 0000000..8c804c2 --- /dev/null +++ b/bz1751704-fence_mpath-fix-watchdog-trigger-multipath-disconnect.patch @@ -0,0 +1,40 @@ +From 2df8abf25eddc8da71c193ca29f6be51e66b02f0 Mon Sep 17 00:00:00 2001 +From: Hideo Yamauchi +Date: Thu, 12 Sep 2019 08:44:49 +0900 +Subject: [PATCH] High: mpath: Correction of failure detection behavior from + watchdog service. + +--- + agents/mpath/fence_mpath.py | 8 +++++--- + 1 file changed, 5 insertions(+), 3 deletions(-) + +diff --git a/agents/mpath/fence_mpath.py b/agents/mpath/fence_mpath.py +index e4f59836..b17388eb 100644 +--- a/agents/mpath/fence_mpath.py ++++ b/agents/mpath/fence_mpath.py +@@ -117,12 +117,14 @@ def get_reservation_key(options, dev): + match = re.search(r"\s+key\s*=\s*0x(\S+)\s+", out["out"], re.IGNORECASE) + return match.group(1) if match else None + +-def get_registration_keys(options, dev): ++def get_registration_keys(options, dev, fail=True): + keys = [] + cmd = options["--mpathpersist-path"] + " -i -k -d " + dev + out = run_cmd(options, cmd) + if out["err"]: +- fail_usage("Cannot get registration keys") ++ fail_usage("Cannot get registration keys", fail) ++ if not fail: ++ return [] + for line in out["out"].split("\n"): + match = re.search(r"\s+0x(\S+)\s*", line) + if match: +@@ -183,7 +185,7 @@ def mpath_check(hardreboot=False): + logging.error("No devices found") + return 0 + for dev, key in list(devs.items()): +- if key in get_registration_keys(options, dev): ++ if key in get_registration_keys(options, dev, fail=False): + logging.debug("key " + key + " registered with device " + dev) + return 0 + else: diff --git a/bz1753228-fence_mpath-1-add-plug-parameter-support.patch b/bz1753228-fence_mpath-1-add-plug-parameter-support.patch new file mode 100644 index 0000000..216f48c --- /dev/null +++ b/bz1753228-fence_mpath-1-add-plug-parameter-support.patch @@ -0,0 +1,197 @@ +From d866e11213ebeab8da280b41371a968ae12410bd Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Fri, 13 Sep 2019 12:48:46 +0200 +Subject: [PATCH] fence_mpath: use -n/--plug/port parameter to be able to use + pcmk_host_map + +--- + agents/mpath/fence_mpath.py | 63 +++++++++++++++++------------ + tests/data/metadata/fence_mpath.xml | 12 +++++- + 2 files changed, 49 insertions(+), 26 deletions(-) + +diff --git a/agents/mpath/fence_mpath.py b/agents/mpath/fence_mpath.py +index e4f59836..dfc5657b 100644 +--- a/agents/mpath/fence_mpath.py ++++ b/agents/mpath/fence_mpath.py +@@ -16,11 +16,11 @@ def get_status(conn, options): + status = "off" + for dev in options["devices"]: + is_block_device(dev) +- if options["--key"] in get_registration_keys(options, dev): ++ if options["--plug"] in get_registration_keys(options, dev): + status = "on" + else: + logging.debug("No registration for key "\ +- + options["--key"] + " on device " + dev + "\n") ++ + options["--plug"] + " on device " + dev + "\n") + + if options["--action"] == "monitor": + dev_read(options) +@@ -36,10 +36,10 @@ def set_status(conn, options): + is_block_device(dev) + + register_dev(options, dev) +- if options["--key"] not in get_registration_keys(options, dev): ++ if options["--plug"] not in get_registration_keys(options, dev): + count += 1 + logging.debug("Failed to register key "\ +- + options["--key"] + "on device " + dev + "\n") ++ + options["--plug"] + "on device " + dev + "\n") + continue + dev_write(options, dev) + +@@ -48,7 +48,7 @@ def set_status(conn, options): + and get_reservation_key(options, dev) is None: + count += 1 + logging.debug("Failed to create reservation (key="\ +- + options["--key"] + ", device=" + dev + ")\n") ++ + options["--plug"] + ", device=" + dev + ")\n") + + else: + dev_keys = dev_read(options) +@@ -56,14 +56,14 @@ def set_status(conn, options): + for dev in options["devices"]: + is_block_device(dev) + +- if options["--key"] in get_registration_keys(options, dev): ++ if options["--plug"] in get_registration_keys(options, dev): + preempt_abort(options, dev_keys[dev], dev) + + for dev in options["devices"]: +- if options["--key"] in get_registration_keys(options, dev): ++ if options["--plug"] in get_registration_keys(options, dev): + count += 1 + logging.debug("Failed to remove key "\ +- + options["--key"] + " on device " + dev + "\n") ++ + options["--plug"] + " on device " + dev + "\n") + continue + + if not get_reservation_key(options, dev): +@@ -97,16 +97,16 @@ def is_block_device(dev): + + # cancel registration + def preempt_abort(options, host, dev): +- cmd = options["--mpathpersist-path"] + " -o --preempt-abort --prout-type=5 --param-rk=" + host +" --param-sark=" + options["--key"] +" -d " + dev ++ cmd = options["--mpathpersist-path"] + " -o --preempt-abort --prout-type=5 --param-rk=" + host +" --param-sark=" + options["--plug"] +" -d " + dev + return not bool(run_cmd(options, cmd)["err"]) + + def register_dev(options, dev): +- cmd = options["--mpathpersist-path"] + " -o --register --param-sark=" + options["--key"] + " -d " + dev ++ cmd = options["--mpathpersist-path"] + " -o --register --param-sark=" + options["--plug"] + " -d " + dev + #cmd return code != 0 but registration can be successful + return not bool(run_cmd(options, cmd)["err"]) + + def reserve_dev(options, dev): +- cmd = options["--mpathpersist-path"] + " -o --reserv --prout-type=5 --param-rk=" + options["--key"] + " -d " + dev ++ cmd = options["--mpathpersist-path"] + " -o --reserv --prout-type=5 --param-rk=" + options["--plug"] + " -d " + dev + return not bool(run_cmd(options, cmd)["err"]) + + def get_reservation_key(options, dev): +@@ -141,7 +141,7 @@ def dev_write(options, dev): + fail_usage("Failed: Cannot open file \""+ file_path + "\"") + out = store_fh.read() + if not re.search(r"^" + dev + r"\s+", out): +- store_fh.write(dev + "\t" + options["--key"] + "\n") ++ store_fh.write(dev + "\t" + options["--plug"] + "\n") + store_fh.close() + + def dev_read(options, fail=True): +@@ -209,12 +209,9 @@ def define_new_opts(): + all_opt["key"] = { + "getopt" : "k:", + "longopt" : "key", +- "help" : "-k, --key=[key] Key to use for the current operation", +- "required" : "1", +- "shortdesc" : "Key to use for the current operation. This key should be \ +-unique to a node and have to be written in /etc/multipath.conf. For the \"on\" action, the key specifies the key use to \ +-register the local node. For the \"off\" action, this key specifies the key to \ +-be removed from the device(s).", ++ "help" : "-k, --key=[key] Replaced by -n, --plug", ++ "required" : "0", ++ "shortdesc" : "Replaced by -n, --plug", + "order": 1 + } + all_opt["mpathpersist_path"] = { +@@ -240,10 +237,18 @@ def main(): + atexit.register(atexit_handler) + + device_opt = ["no_login", "no_password", "devices", "key", "sudo", \ +- "fabric_fencing", "on_target", "store_path", "mpathpersist_path", "force_on"] ++ "fabric_fencing", "on_target", "store_path", \ ++ "mpathpersist_path", "force_on", "port", "no_port"] + + define_new_opts() + ++ all_opt["port"]["help"] = "Key to use for the current operation" ++ all_opt["port"]["shortdesc"] = "Key to use for the current operation. \ ++This key should be unique to a node and have to be written in \ ++/etc/multipath.conf. For the \"on\" action, the key specifies the key use to \ ++register the local node. For the \"off\" action, this key specifies the key to \ ++be removed from the device(s)." ++ + # fence_mpath_check + if os.path.basename(sys.argv[0]) == "fence_mpath_check": + sys.exit(mpath_check()) +@@ -252,6 +257,17 @@ def main(): + + options = check_input(device_opt, process_input(device_opt), other_conditions=True) + ++ # hack to remove list/list-status actions which are not supported ++ options["device_opt"] = [ o for o in options["device_opt"] if o != "separator" ] ++ ++ # workaround to avoid regressions ++ if "--key" in options: ++ options["--plug"] = options["--key"] ++ del options["--key"] ++ elif options["--action"] in ["off", "on", "reboot", "status"] \ ++ and "--plug" not in options: ++ fail_usage("Failed: You have to enter plug number or machine identification", stop) ++ + docs = {} + docs["shortdesc"] = "Fence agent for multipath persistent reservation" + docs["longdesc"] = "fence_mpath is an I/O fencing agent that uses SCSI-3 \ +@@ -271,16 +287,13 @@ def main(): + run_delay(options) + + # Input control BEGIN +- if not "--key" in options: +- fail_usage("Failed: key is required") +- + if options["--action"] == "validate-all": + sys.exit(0) + +- options["devices"] = options["--devices"].split(",") +- +- if not options["devices"]: ++ if not ("--devices" in options and options["--devices"]): + fail_usage("Failed: No devices found") ++ ++ options["devices"] = options["--devices"].split(",") + # Input control END + + result = fence_action(None, options, set_status, get_status) +diff --git a/tests/data/metadata/fence_mpath.xml b/tests/data/metadata/fence_mpath.xml +index bbe9ad2b..fe9378df 100644 +--- a/tests/data/metadata/fence_mpath.xml ++++ b/tests/data/metadata/fence_mpath.xml +@@ -14,9 +14,19 @@ The fence_mpath agent works by having a unique key for each node that has to be + + List of devices to use for current operation. Devices can be comma-separated list of device-mapper multipath devices (eg. /dev/mapper/3600508b400105df70000e00000ac0000 or /dev/mapper/mpath1). Each device must support SCSI-3 persistent reservations. + +- ++ + + ++ Replaced by -n, --plug ++ ++ ++ ++ ++ Key to use for the current operation. This key should be unique to a node and have to be written in /etc/multipath.conf. For the "on" action, the key specifies the key use to register the local node. For the "off" action, this key specifies the key to be removed from the device(s). ++ ++ ++ ++ + Key to use for the current operation. This key should be unique to a node and have to be written in /etc/multipath.conf. For the "on" action, the key specifies the key use to register the local node. For the "off" action, this key specifies the key to be removed from the device(s). + + diff --git a/bz1753228-fence_mpath-2-fix-plug-parameter-issues.patch b/bz1753228-fence_mpath-2-fix-plug-parameter-issues.patch new file mode 100644 index 0000000..d668e27 --- /dev/null +++ b/bz1753228-fence_mpath-2-fix-plug-parameter-issues.patch @@ -0,0 +1,73 @@ +From 868c494d17952eecc6736683c6df04aa9d3a3199 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Fri, 20 Sep 2019 12:06:55 +0200 +Subject: [PATCH] fence_mpath: fix fail_usage() issue and a couple of other + minor issues w/the newly added plug/port parameter + +--- + agents/mpath/fence_mpath.py | 12 +++++++----- + tests/data/metadata/fence_mpath.xml | 10 +++++----- + 2 files changed, 12 insertions(+), 10 deletions(-) + +diff --git a/agents/mpath/fence_mpath.py b/agents/mpath/fence_mpath.py +index 25aeb052..73517851 100644 +--- a/agents/mpath/fence_mpath.py ++++ b/agents/mpath/fence_mpath.py +@@ -213,7 +213,7 @@ def define_new_opts(): + "longopt" : "key", + "help" : "-k, --key=[key] Replaced by -n, --plug", + "required" : "0", +- "shortdesc" : "Replaced by -n, --plug", ++ "shortdesc" : "Replaced by port/-n/--plug", + "order": 1 + } + all_opt["mpathpersist_path"] = { +@@ -244,7 +244,8 @@ def main(): + + define_new_opts() + +- all_opt["port"]["help"] = "Key to use for the current operation" ++ all_opt["port"]["required"] = "0" ++ all_opt["port"]["help"] = "-n, --plug=[key] Key to use for the current operation" + all_opt["port"]["shortdesc"] = "Key to use for the current operation. \ + This key should be unique to a node and have to be written in \ + /etc/multipath.conf. For the \"on\" action, the key specifies the key use to \ +@@ -266,9 +267,10 @@ def main(): + if "--key" in options: + options["--plug"] = options["--key"] + del options["--key"] +- elif options["--action"] in ["off", "on", "reboot", "status"] \ +- and "--plug" not in options: +- fail_usage("Failed: You have to enter plug number or machine identification", stop) ++ elif "--help" not in options and options["--action"] in ["off", "on", \ ++ "reboot", "status", "validate-all"] and "--plug" not in options: ++ stop_after_error = False if options["--action"] == "validate-all" else True ++ fail_usage("Failed: You have to enter plug number or machine identification", stop_after_error) + + docs = {} + docs["shortdesc"] = "Fence agent for multipath persistent reservation" +diff --git a/tests/data/metadata/fence_mpath.xml b/tests/data/metadata/fence_mpath.xml +index fe9378df..f5e60823 100644 +--- a/tests/data/metadata/fence_mpath.xml ++++ b/tests/data/metadata/fence_mpath.xml +@@ -17,15 +17,15 @@ The fence_mpath agent works by having a unique key for each node that has to be + + + +- Replaced by -n, --plug ++ Replaced by port/-n/--plug + +- +- ++ ++ + + Key to use for the current operation. This key should be unique to a node and have to be written in /etc/multipath.conf. For the "on" action, the key specifies the key use to register the local node. For the "off" action, this key specifies the key to be removed from the device(s). + +- +- ++ ++ + + Key to use for the current operation. This key should be unique to a node and have to be written in /etc/multipath.conf. For the "on" action, the key specifies the key use to register the local node. For the "off" action, this key specifies the key to be removed from the device(s). + diff --git a/bz1760201-fence_compute-fence_evacuate-1-fix-region_name-type.patch b/bz1760201-fence_compute-fence_evacuate-1-fix-region_name-type.patch new file mode 100644 index 0000000..2d8ba1c --- /dev/null +++ b/bz1760201-fence_compute-fence_evacuate-1-fix-region_name-type.patch @@ -0,0 +1,66 @@ +From 32d2aa2cea22bb38fc3eeded1f6682daad097908 Mon Sep 17 00:00:00 2001 +From: Gauvain Pocentek +Date: Tue, 13 Aug 2019 20:11:21 +0200 +Subject: [PATCH] Fix argument parsing for region_name + +The region_name attribute for fence_compute and fence_evacuate is not a boolean +and should expect a string argument. +--- + agents/compute/fence_compute.py | 2 +- + agents/evacuate/fence_evacuate.py | 2 +- + tests/data/metadata/fence_compute.xml | 2 +- + tests/data/metadata/fence_evacuate.xml | 2 +- + 4 files changed, 4 insertions(+), 4 deletions(-) + +diff --git a/agents/compute/fence_compute.py b/agents/compute/fence_compute.py +index 0e6c8044..a94bdc46 100644 +--- a/agents/compute/fence_compute.py ++++ b/agents/compute/fence_compute.py +@@ -381,7 +381,7 @@ def define_new_opts(): + "order": 1, + } + all_opt["region_name"] = { +- "getopt" : "", ++ "getopt" : ":", + "longopt" : "region-name", + "help" : "--region-name=[region] Region Name", + "required" : "0", +diff --git a/agents/evacuate/fence_evacuate.py b/agents/evacuate/fence_evacuate.py +index 2b9af273..76e78b87 100644 +--- a/agents/evacuate/fence_evacuate.py ++++ b/agents/evacuate/fence_evacuate.py +@@ -318,7 +318,7 @@ def define_new_opts(): + "order": 1, + } + all_opt["region_name"] = { +- "getopt" : "", ++ "getopt" : ":", + "longopt" : "region-name", + "help" : "--region-name=[region] Region Name", + "required" : "0", +diff --git a/tests/data/metadata/fence_compute.xml b/tests/data/metadata/fence_compute.xml +index 1dcbfc54..abc276ca 100644 +--- a/tests/data/metadata/fence_compute.xml ++++ b/tests/data/metadata/fence_compute.xml +@@ -55,7 +55,7 @@ + + + +- ++ + Region Name + + +diff --git a/tests/data/metadata/fence_evacuate.xml b/tests/data/metadata/fence_evacuate.xml +index 4f1f6a58..7decb05c 100644 +--- a/tests/data/metadata/fence_evacuate.xml ++++ b/tests/data/metadata/fence_evacuate.xml +@@ -55,7 +55,7 @@ + + + +- ++ + Region Name + + diff --git a/bz1760201-fence_compute-fence_evacuate-2-fix-project-shortopt.patch b/bz1760201-fence_compute-fence_evacuate-2-fix-project-shortopt.patch new file mode 100644 index 0000000..1458956 --- /dev/null +++ b/bz1760201-fence_compute-fence_evacuate-2-fix-project-shortopt.patch @@ -0,0 +1,77 @@ +From 708d0a8e4e45d4f4a6bee67f0a9ebc0ff573e1ff Mon Sep 17 00:00:00 2001 +From: Kumabuchi Kenji +Date: Fri, 25 Oct 2019 16:34:40 +0900 +Subject: [PATCH] fix shortopt in fence-compute / fence_evacuate help messages + +Signed-off-by: Kumabuchi Kenji +--- + agents/compute/fence_compute.py | 2 +- + agents/evacuate/fence_evacuate.py | 2 +- + tests/data/metadata/fence_compute.xml | 4 ++-- + tests/data/metadata/fence_evacuate.xml | 4 ++-- + 4 files changed, 6 insertions(+), 6 deletions(-) + +diff --git a/agents/compute/fence_compute.py b/agents/compute/fence_compute.py +index c08a9dbe..d0e012e6 100644 +--- a/agents/compute/fence_compute.py ++++ b/agents/compute/fence_compute.py +@@ -365,7 +365,7 @@ def define_new_opts(): + all_opt["project-domain"] = { + "getopt" : "P:", + "longopt" : "project-domain", +- "help" : "-d, --project-domain=[name] Keystone v3 Project Domain", ++ "help" : "-P, --project-domain=[name] Keystone v3 Project Domain", + "required" : "0", + "shortdesc" : "Keystone v3 Project Domain", + "default" : "Default", +diff --git a/agents/evacuate/fence_evacuate.py b/agents/evacuate/fence_evacuate.py +index 76e78b87..60bb130e 100644 +--- a/agents/evacuate/fence_evacuate.py ++++ b/agents/evacuate/fence_evacuate.py +@@ -302,7 +302,7 @@ def define_new_opts(): + all_opt["project-domain"] = { + "getopt" : "P:", + "longopt" : "project-domain", +- "help" : "-d, --project-domain=[name] Keystone v3 Project Domain", ++ "help" : "-P, --project-domain=[name] Keystone v3 Project Domain", + "required" : "0", + "shortdesc" : "Keystone v3 Project Domain", + "default" : "Default", +diff --git a/tests/data/metadata/fence_compute.xml b/tests/data/metadata/fence_compute.xml +index abc276ca..99d56af0 100644 +--- a/tests/data/metadata/fence_compute.xml ++++ b/tests/data/metadata/fence_compute.xml +@@ -74,12 +74,12 @@ + Allow Insecure TLS Requests + + +- ++ + + Keystone v3 Project Domain + + +- ++ + + Keystone v3 Project Domain + +diff --git a/tests/data/metadata/fence_evacuate.xml b/tests/data/metadata/fence_evacuate.xml +index 7decb05c..8c720b80 100644 +--- a/tests/data/metadata/fence_evacuate.xml ++++ b/tests/data/metadata/fence_evacuate.xml +@@ -74,12 +74,12 @@ + Allow Insecure TLS Requests + + +- ++ + + Keystone v3 Project Domain + + +- ++ + + Keystone v3 Project Domain + diff --git a/bz1760213-fence_compute-disable-service-after-force-down.patch b/bz1760213-fence_compute-disable-service-after-force-down.patch new file mode 100644 index 0000000..a8161d1 --- /dev/null +++ b/bz1760213-fence_compute-disable-service-after-force-down.patch @@ -0,0 +1,42 @@ +From 099758a41bbb153c4a13a89de57cdcb72e1f1ea7 Mon Sep 17 00:00:00 2001 +From: Michele Baldessari +Date: Fri, 11 Oct 2019 10:39:53 +0200 +Subject: [PATCH] fence_compute: Invert the force-down/service disable order + +In OpenStack Train we first observed that IHA was not working via +https://bugzilla.redhat.com/show_bug.cgi?id=1760213 + +The reason for this is that nova has made the disabling of the compute +service depend on the compute node being up via: +https://review.opendev.org/#/c/654596/ + +By first calling force-down, the subsequence service-disable API +call won't wait for the reachability of the compute node any +longer and the whole operation has the same outcome. + +Tested this on an OSP Train environment and we correctly +got Instance HA working again and we observed the VMs being +restarted on the available compute nodes. + +Co-Authored-By: Luca Miccini +--- + agents/compute/fence_compute.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/agents/compute/fence_compute.py b/agents/compute/fence_compute.py +index a94bdc46..c08a9dbe 100644 +--- a/agents/compute/fence_compute.py ++++ b/agents/compute/fence_compute.py +@@ -117,11 +117,11 @@ def set_power_status_off(connection, options): + if status in [ "off" ]: + return + +- connection.services.disable(options["--plug"], 'nova-compute') + try: + # Until 2.53 + connection.services.force_down( + options["--plug"], "nova-compute", force_down=True) ++ connection.services.disable(options["--plug"], 'nova-compute') + except Exception as e: + # Something went wrong when we tried to force the host down. + # That could come from either an incompatible API version diff --git a/bz1760224-fence_vmware_rest-improve-logging.patch b/bz1760224-fence_vmware_rest-improve-logging.patch new file mode 100644 index 0000000..9b39fa6 --- /dev/null +++ b/bz1760224-fence_vmware_rest-improve-logging.patch @@ -0,0 +1,61 @@ +From a128c296c18faa1b58c3f067370bde64e7c49dae Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Wed, 9 Oct 2019 14:35:48 +0200 +Subject: [PATCH] fence_vmware_rest: improve logging + +--- + agents/vmware_rest/fence_vmware_rest.py | 23 +++++++++++++++++++---- + 1 file changed, 19 insertions(+), 4 deletions(-) + +diff --git a/agents/vmware_rest/fence_vmware_rest.py b/agents/vmware_rest/fence_vmware_rest.py +index 53b4066d..cd99b4ac 100644 +--- a/agents/vmware_rest/fence_vmware_rest.py ++++ b/agents/vmware_rest/fence_vmware_rest.py +@@ -11,7 +11,11 @@ + state = {"POWERED_ON": "on", 'POWERED_OFF': "off", 'SUSPENDED': "off"} + + def get_power_status(conn, options): +- res = send_command(conn, "vcenter/vm?filter.names={}".format(options["--plug"]))["value"] ++ try: ++ res = send_command(conn, "vcenter/vm?filter.names={}".format(options["--plug"]))["value"] ++ except Exception as e: ++ logging.debug("Failed: {}".format(e)) ++ fail(EC_STATUS) + + if len(res) == 0: + fail(EC_STATUS) +@@ -28,12 +32,20 @@ def set_power_status(conn, options): + "off" : "stop" + }[options["--action"]] + +- send_command(conn, "vcenter/vm/{}/power/{}".format(options["id"], action), "POST") ++ try: ++ send_command(conn, "vcenter/vm/{}/power/{}".format(options["id"], action), "POST") ++ except Exception as e: ++ logging.debug("Failed: {}".format(e)) ++ fail(EC_STATUS) + + def get_list(conn, options): + outlets = {} + +- res = send_command(conn, "vcenter/vm") ++ try: ++ res = send_command(conn, "vcenter/vm") ++ except: ++ logging.debug("Failed: {}".format(e)) ++ fail(EC_STATUS) + + for r in res["value"]: + outlets[r["name"]] = ("", state[r["power_state"]]) +@@ -87,7 +99,10 @@ def connect(opt): + return conn + + def disconnect(conn): +- send_command(conn, "com/vmware/cis/session", "DELETE") ++ try: ++ send_command(conn, "com/vmware/cis/session", "DELETE") ++ except Exception as e: ++ logging.debug("Failed: {}".format(e)) + conn.close() + + def send_command(conn, command, method="GET"): diff --git a/bz1763674-fence_rhevm-add-cookie-support.patch b/bz1763674-fence_rhevm-add-cookie-support.patch new file mode 100644 index 0000000..d4f7be9 --- /dev/null +++ b/bz1763674-fence_rhevm-add-cookie-support.patch @@ -0,0 +1,109 @@ +From b885e0f65af626154096a49554e9765e18bfbbd9 Mon Sep 17 00:00:00 2001 +From: Frank Toth +Date: Wed, 16 Oct 2019 13:58:50 +0800 +Subject: [PATCH 1/3] Added cookie file management to properly reuse session + and do not create new one every time. + +--- + agents/rhevm/fence_rhevm.py | 15 ++++++++++++++- + 1 file changed, 14 insertions(+), 1 deletion(-) + +diff --git a/agents/rhevm/fence_rhevm.py b/agents/rhevm/fence_rhevm.py +index 9e4650cd..defa35e6 100644 +--- a/agents/rhevm/fence_rhevm.py ++++ b/agents/rhevm/fence_rhevm.py +@@ -117,7 +117,12 @@ def send_command(opt, command, method="GET"): + conn.setopt(pycurl.HTTPAUTH, pycurl.HTTPAUTH_BASIC) + conn.setopt(pycurl.USERPWD, opt["--username"] + ":" + opt["--password"]) + if "--use-cookies" in opt: +- conn.setopt(pycurl.COOKIEFILE, "") ++ if "--cookie-file" in opt: ++ cookie_file = opt["--cookie-file"] ++ else: ++ cookie_file = "/tmp/fence_rhevm_" + opt["--ip"] + "_" + opt["--username"] + "_cookie.dat" ++ conn.setopt(pycurl.COOKIEFILE, cookie_file) ++ conn.setopt(pycurl.COOKIEJAR, cookie_file) + + conn.setopt(pycurl.TIMEOUT, int(opt["--shell-timeout"])) + if "--ssl" in opt or "--ssl-secure" in opt: +@@ -166,6 +171,14 @@ def define_new_opts(): + "required" : "0", + "shortdesc" : "Reuse cookies for authentication", + "order" : 1} ++ all_opt["cookie_file"] = { ++ "getopt" : ":", ++ "longopt" : "cookie-file", ++ "help" : "--cookie-file Path to cookie file for authentication\n" ++ "\t\t\t\t (Default: /tmp/fence_rhevm_ip_username_cookie.dat)", ++ "required" : "0", ++ "shortdesc" : "Path to cookie file for authentication", ++ "order" : 2} + all_opt["api_version"] = { + "getopt" : ":", + "longopt" : "api-version", + +From 874344acbfee5f774b320e384a46e1ce953a34ce Mon Sep 17 00:00:00 2001 +From: Frank Toth +Date: Wed, 16 Oct 2019 23:41:50 +0800 +Subject: [PATCH 2/3] Added cookie_file to device_opt array. Use + tempfile.gettempdir() to get the TMP dir instead of hardcoded /tmp + +--- + agents/rhevm/fence_rhevm.py | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/agents/rhevm/fence_rhevm.py b/agents/rhevm/fence_rhevm.py +index defa35e6..25aecbe5 100644 +--- a/agents/rhevm/fence_rhevm.py ++++ b/agents/rhevm/fence_rhevm.py +@@ -4,6 +4,7 @@ + import pycurl, io + import logging + import atexit ++import tempfile + sys.path.append("@FENCEAGENTSLIBDIR@") + from fencing import * + from fencing import fail, EC_FETCH_VM_UUID, run_delay +@@ -120,7 +121,7 @@ def send_command(opt, command, method="GET"): + if "--cookie-file" in opt: + cookie_file = opt["--cookie-file"] + else: +- cookie_file = "/tmp/fence_rhevm_" + opt["--ip"] + "_" + opt["--username"] + "_cookie.dat" ++ cookie_file = tempfile.gettempdir() + "/fence_rhevm_" + opt["--ip"] + "_" + opt["--username"] + "_cookie.dat" + conn.setopt(pycurl.COOKIEFILE, cookie_file) + conn.setopt(pycurl.COOKIEJAR, cookie_file) + +@@ -215,6 +216,7 @@ def main(): + "web", + "port", + "use_cookies", ++ "cookie_file", + "api_version", + "api_path", + "disable_http_filter", + +From 196513cfc0edfd28f483a00b4adfa230b666a47d Mon Sep 17 00:00:00 2001 +From: Frank Toth +Date: Fri, 18 Oct 2019 05:16:18 +0200 +Subject: [PATCH 3/3] After 'make xml-upload' + +--- + tests/data/metadata/fence_rhevm.xml | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/tests/data/metadata/fence_rhevm.xml b/tests/data/metadata/fence_rhevm.xml +index c56cf64b..2b6b02b2 100644 +--- a/tests/data/metadata/fence_rhevm.xml ++++ b/tests/data/metadata/fence_rhevm.xml +@@ -103,6 +103,11 @@ + + Version of RHEV API (default: auto) + ++ ++ ++ ++ Path to cookie file for authentication ++ + + + The path part of the API URL diff --git a/bz1769783-fencing-improve-stdin-quote-parsing.patch b/bz1769783-fencing-improve-stdin-quote-parsing.patch new file mode 100644 index 0000000..adf0754 --- /dev/null +++ b/bz1769783-fencing-improve-stdin-quote-parsing.patch @@ -0,0 +1,23 @@ +From 82626dbdb12519e95a5df70ae6ae21bc17112f43 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Wed, 13 Feb 2019 13:28:25 +0100 +Subject: [PATCH] fencing: improve stdin parse function + +- Remove quotes around stdin parameters for consistency with CLI +parameters and to be able to quote number and time parameters +--- + lib/fencing.py.py | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/lib/fencing.py.py b/lib/fencing.py.py +index 287cd01f..8cd0a813 100644 +--- a/lib/fencing.py.py ++++ b/lib/fencing.py.py +@@ -1389,6 +1389,7 @@ def _parse_input_stdin(avail_opt): + + (name, value) = (line + "=").split("=", 1) + value = value[:-1] ++ value = re.sub("^\"(.*)\"$", "\\1", value) + + if name.replace("-", "_") in mapping_longopt_names: + name = mapping_longopt_names[name.replace("-", "_")] diff --git a/bz1771594-1-fencing-inetX_only-SSH-fence_zvmip.patch b/bz1771594-1-fencing-inetX_only-SSH-fence_zvmip.patch new file mode 100644 index 0000000..6ee722d --- /dev/null +++ b/bz1771594-1-fencing-inetX_only-SSH-fence_zvmip.patch @@ -0,0 +1,756 @@ +From cecf3b3edeccbac6293b95073b0c0ad4f02a8652 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Tue, 12 Nov 2019 17:25:57 +0100 +Subject: [PATCH] fencing: only use inetX_only parameters for SSH based agents + and fence_zvmip, and fixed syntax issue for Gawk v5+ + +--- + agents/zvm/fence_zvmip.py | 2 +- + lib/fencing.py.py | 4 ++-- + make/agentpycheck.mk | 2 +- + tests/data/metadata/fence_amt.xml | 10 ---------- + tests/data/metadata/fence_amt_ws.xml | 10 ---------- + tests/data/metadata/fence_apc_snmp.xml | 10 ---------- + tests/data/metadata/fence_cisco_mds.xml | 10 ---------- + tests/data/metadata/fence_cisco_ucs.xml | 10 ---------- + tests/data/metadata/fence_docker.xml | 10 ---------- + tests/data/metadata/fence_drac.xml | 10 ---------- + tests/data/metadata/fence_eaton_snmp.xml | 10 ---------- + tests/data/metadata/fence_emerson.xml | 10 ---------- + tests/data/metadata/fence_eps.xml | 10 ---------- + tests/data/metadata/fence_ibmblade.xml | 10 ---------- + tests/data/metadata/fence_idrac.xml | 10 ---------- + tests/data/metadata/fence_ifmib.xml | 10 ---------- + tests/data/metadata/fence_ilo.xml | 10 ---------- + tests/data/metadata/fence_ilo2.xml | 10 ---------- + tests/data/metadata/fence_ilo3.xml | 10 ---------- + tests/data/metadata/fence_ilo4.xml | 10 ---------- + tests/data/metadata/fence_imm.xml | 10 ---------- + tests/data/metadata/fence_intelmodular.xml | 10 ---------- + tests/data/metadata/fence_ipdu.xml | 10 ---------- + tests/data/metadata/fence_ipmilan.xml | 10 ---------- + tests/data/metadata/fence_netio.xml | 10 ---------- + tests/data/metadata/fence_powerman.xml | 10 ---------- + tests/data/metadata/fence_pve.xml | 10 ---------- + tests/data/metadata/fence_raritan.xml | 10 ---------- + tests/data/metadata/fence_redfish.xml | 10 ---------- + tests/data/metadata/fence_rhevm.xml | 10 ---------- + tests/data/metadata/fence_sanbox2.xml | 10 ---------- + tests/data/metadata/fence_tripplite_snmp.xml | 10 ---------- + tests/data/metadata/fence_vmware_rest.xml | 10 ---------- + tests/data/metadata/fence_vmware_soap.xml | 10 ---------- + tests/data/metadata/fence_vmware_vcloud.xml | 10 ---------- + 36 files changed, 4 insertions(+), 334 deletions(-) + +diff --git a/agents/zvm/fence_zvmip.py b/agents/zvm/fence_zvmip.py +index e6bb01d1..5b272bb9 100644 +--- a/agents/zvm/fence_zvmip.py ++++ b/agents/zvm/fence_zvmip.py +@@ -146,7 +146,7 @@ def get_list_of_images(options, command, data_as_plug): + return (return_code, reason_code, images) + + def main(): +- device_opt = ["ipaddr", "login", "passwd", "port", "method", "missing_as_off"] ++ device_opt = ["ipaddr", "login", "passwd", "port", "method", "missing_as_off", "inet4_only", "inet6_only"] + + atexit.register(atexit_handler) + +diff --git a/lib/fencing.py.py b/lib/fencing.py.py +index 2a0b0b91..4b54aa7c 100644 +--- a/lib/fencing.py.py ++++ b/lib/fencing.py.py +@@ -459,9 +459,9 @@ + "delay", "quiet"], + "passwd" : ["passwd_script"], + "sudo" : ["sudo_path"], +- "secure" : ["identity_file", "ssh_options", "ssh_path"], ++ "secure" : ["identity_file", "ssh_options", "ssh_path", "inet4_only", "inet6_only"], + "telnet" : ["telnet_path"], +- "ipaddr" : ["ipport", "inet4_only", "inet6_only"], ++ "ipaddr" : ["ipport"], + "port" : ["separator"], + "ssl" : ["ssl_secure", "ssl_insecure", "gnutlscli_path"], + "snmp" : ["snmp_auth_prot", "snmp_sec_level", "snmp_priv_prot", \ +diff --git a/make/agentpycheck.mk b/make/agentpycheck.mk +index 58122c65..13482bf2 100644 +--- a/make/agentpycheck.mk ++++ b/make/agentpycheck.mk +@@ -1,5 +1,5 @@ + DATADIR:=$(abs_top_srcdir)/tests/data/metadata +-AWK_VAL='BEGIN {store=-1} /name=\".*_path\"/ {store=2} {if (store!=0) {print}; store--}' ++AWK_VAL='BEGIN {store=-1} /name=".*_path"/ {store=2} {if (store!=0) {print}; store--}' + + TEST_TARGET=$(filter-out $(TEST_TARGET_SKIP),$(TARGET)) + +diff --git a/tests/data/metadata/fence_amt.xml b/tests/data/metadata/fence_amt.xml +index c1e24db9..5f0adc98 100644 +--- a/tests/data/metadata/fence_amt.xml ++++ b/tests/data/metadata/fence_amt.xml +@@ -19,16 +19,6 @@ + + Change the default boot behavior of the machine. + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_amt_ws.xml b/tests/data/metadata/fence_amt_ws.xml +index 07c22db3..86f36f6c 100644 +--- a/tests/data/metadata/fence_amt_ws.xml ++++ b/tests/data/metadata/fence_amt_ws.xml +@@ -19,16 +19,6 @@ + + Change the default boot behavior of the machine. + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_apc_snmp.xml b/tests/data/metadata/fence_apc_snmp.xml +index 26661d6a..7f1c616c 100644 +--- a/tests/data/metadata/fence_apc_snmp.xml ++++ b/tests/data/metadata/fence_apc_snmp.xml +@@ -14,16 +14,6 @@ + + Set the community string + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_cisco_mds.xml b/tests/data/metadata/fence_cisco_mds.xml +index 1917595e..15d7798c 100644 +--- a/tests/data/metadata/fence_cisco_mds.xml ++++ b/tests/data/metadata/fence_cisco_mds.xml +@@ -13,16 +13,6 @@ + + Set the community string + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_cisco_ucs.xml b/tests/data/metadata/fence_cisco_ucs.xml +index 40581da7..848e72f8 100644 +--- a/tests/data/metadata/fence_cisco_ucs.xml ++++ b/tests/data/metadata/fence_cisco_ucs.xml +@@ -8,16 +8,6 @@ + + Fencing action + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_docker.xml b/tests/data/metadata/fence_docker.xml +index fdd6324c..3285314c 100644 +--- a/tests/data/metadata/fence_docker.xml ++++ b/tests/data/metadata/fence_docker.xml +@@ -8,16 +8,6 @@ + + Fencing action + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_drac.xml b/tests/data/metadata/fence_drac.xml +index 405d660a..2184ee0c 100644 +--- a/tests/data/metadata/fence_drac.xml ++++ b/tests/data/metadata/fence_drac.xml +@@ -18,16 +18,6 @@ + + Force Python regex for command prompt + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_eaton_snmp.xml b/tests/data/metadata/fence_eaton_snmp.xml +index 33957ed1..3dd92dd2 100644 +--- a/tests/data/metadata/fence_eaton_snmp.xml ++++ b/tests/data/metadata/fence_eaton_snmp.xml +@@ -13,16 +13,6 @@ + + Set the community string + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_emerson.xml b/tests/data/metadata/fence_emerson.xml +index 87205c1b..f6886469 100644 +--- a/tests/data/metadata/fence_emerson.xml ++++ b/tests/data/metadata/fence_emerson.xml +@@ -13,16 +13,6 @@ + + Set the community string + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_eps.xml b/tests/data/metadata/fence_eps.xml +index 68d8fb69..26e75477 100644 +--- a/tests/data/metadata/fence_eps.xml ++++ b/tests/data/metadata/fence_eps.xml +@@ -15,16 +15,6 @@ Agent basically works by connecting to hidden page and pass appropriate argument + + Name of hidden page + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_ibmblade.xml b/tests/data/metadata/fence_ibmblade.xml +index eff551f6..5084b3a0 100644 +--- a/tests/data/metadata/fence_ibmblade.xml ++++ b/tests/data/metadata/fence_ibmblade.xml +@@ -13,16 +13,6 @@ + + Set the community string + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_idrac.xml b/tests/data/metadata/fence_idrac.xml +index f4588b35..55d9ced3 100644 +--- a/tests/data/metadata/fence_idrac.xml ++++ b/tests/data/metadata/fence_idrac.xml +@@ -32,16 +32,6 @@ + + Hexadecimal-encoded Kg key for IPMIv2 authentication + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_ifmib.xml b/tests/data/metadata/fence_ifmib.xml +index b5f3b1d4..c07a6e1f 100644 +--- a/tests/data/metadata/fence_ifmib.xml ++++ b/tests/data/metadata/fence_ifmib.xml +@@ -15,16 +15,6 @@ It was written with managed ethernet switches in mind, in order to fence iSCSI S + + Set the community string + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_ilo.xml b/tests/data/metadata/fence_ilo.xml +index eb2e7a72..44b3c43a 100644 +--- a/tests/data/metadata/fence_ilo.xml ++++ b/tests/data/metadata/fence_ilo.xml +@@ -9,16 +9,6 @@ + + Fencing action + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_ilo2.xml b/tests/data/metadata/fence_ilo2.xml +index b14aa2fb..e9cae6d2 100644 +--- a/tests/data/metadata/fence_ilo2.xml ++++ b/tests/data/metadata/fence_ilo2.xml +@@ -9,16 +9,6 @@ + + Fencing action + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_ilo3.xml b/tests/data/metadata/fence_ilo3.xml +index deaeaaf0..2a99e0a4 100644 +--- a/tests/data/metadata/fence_ilo3.xml ++++ b/tests/data/metadata/fence_ilo3.xml +@@ -32,16 +32,6 @@ + + Hexadecimal-encoded Kg key for IPMIv2 authentication + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_ilo4.xml b/tests/data/metadata/fence_ilo4.xml +index bbf0833b..68790266 100644 +--- a/tests/data/metadata/fence_ilo4.xml ++++ b/tests/data/metadata/fence_ilo4.xml +@@ -32,16 +32,6 @@ + + Hexadecimal-encoded Kg key for IPMIv2 authentication + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_imm.xml b/tests/data/metadata/fence_imm.xml +index 22cb54e7..e22e4723 100644 +--- a/tests/data/metadata/fence_imm.xml ++++ b/tests/data/metadata/fence_imm.xml +@@ -32,16 +32,6 @@ + + Hexadecimal-encoded Kg key for IPMIv2 authentication + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_intelmodular.xml b/tests/data/metadata/fence_intelmodular.xml +index 4f2e8c49..5e0d3b19 100644 +--- a/tests/data/metadata/fence_intelmodular.xml ++++ b/tests/data/metadata/fence_intelmodular.xml +@@ -15,16 +15,6 @@ Note: Since firmware update version 2.7, SNMP v2 write support is removed, and r + + Set the community string + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_ipdu.xml b/tests/data/metadata/fence_ipdu.xml +index 0b615852..546e372c 100644 +--- a/tests/data/metadata/fence_ipdu.xml ++++ b/tests/data/metadata/fence_ipdu.xml +@@ -13,16 +13,6 @@ + + Set the community string + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_ipmilan.xml b/tests/data/metadata/fence_ipmilan.xml +index b9ce66f8..3e13d288 100644 +--- a/tests/data/metadata/fence_ipmilan.xml ++++ b/tests/data/metadata/fence_ipmilan.xml +@@ -32,16 +32,6 @@ + + Hexadecimal-encoded Kg key for IPMIv2 authentication + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_netio.xml b/tests/data/metadata/fence_netio.xml +index e6350ed4..79d27af3 100644 +--- a/tests/data/metadata/fence_netio.xml ++++ b/tests/data/metadata/fence_netio.xml +@@ -8,16 +8,6 @@ + + Fencing action + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_powerman.xml b/tests/data/metadata/fence_powerman.xml +index f0499d86..ce72e002 100644 +--- a/tests/data/metadata/fence_powerman.xml ++++ b/tests/data/metadata/fence_powerman.xml +@@ -8,16 +8,6 @@ + + Fencing action + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_pve.xml b/tests/data/metadata/fence_pve.xml +index b727a7e8..5d744903 100644 +--- a/tests/data/metadata/fence_pve.xml ++++ b/tests/data/metadata/fence_pve.xml +@@ -8,16 +8,6 @@ + + Fencing action + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_raritan.xml b/tests/data/metadata/fence_raritan.xml +index c75783fd..565eebc7 100644 +--- a/tests/data/metadata/fence_raritan.xml ++++ b/tests/data/metadata/fence_raritan.xml +@@ -8,16 +8,6 @@ + + Fencing action + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_redfish.xml b/tests/data/metadata/fence_redfish.xml +index e1c18584..91b483b7 100644 +--- a/tests/data/metadata/fence_redfish.xml ++++ b/tests/data/metadata/fence_redfish.xml +@@ -8,16 +8,6 @@ + + Fencing action + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_rhevm.xml b/tests/data/metadata/fence_rhevm.xml +index 2b6b02b2..73c9906f 100644 +--- a/tests/data/metadata/fence_rhevm.xml ++++ b/tests/data/metadata/fence_rhevm.xml +@@ -8,16 +8,6 @@ + + Fencing action + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_sanbox2.xml b/tests/data/metadata/fence_sanbox2.xml +index 9832841e..7e20c8ce 100644 +--- a/tests/data/metadata/fence_sanbox2.xml ++++ b/tests/data/metadata/fence_sanbox2.xml +@@ -18,16 +18,6 @@ + + Force Python regex for command prompt + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_tripplite_snmp.xml b/tests/data/metadata/fence_tripplite_snmp.xml +index 22d3db5d..d3769133 100644 +--- a/tests/data/metadata/fence_tripplite_snmp.xml ++++ b/tests/data/metadata/fence_tripplite_snmp.xml +@@ -14,16 +14,6 @@ + + Set the community string + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_vmware_rest.xml b/tests/data/metadata/fence_vmware_rest.xml +index 1e1f790f..5b497a6a 100644 +--- a/tests/data/metadata/fence_vmware_rest.xml ++++ b/tests/data/metadata/fence_vmware_rest.xml +@@ -8,16 +8,6 @@ + + Fencing action + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_vmware_soap.xml b/tests/data/metadata/fence_vmware_soap.xml +index 46d29116..da6a1002 100644 +--- a/tests/data/metadata/fence_vmware_soap.xml ++++ b/tests/data/metadata/fence_vmware_soap.xml +@@ -10,16 +10,6 @@ Name of virtual machine (-n / port) has to be used in inventory path format (e.g + + Fencing action + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_vmware_vcloud.xml b/tests/data/metadata/fence_vmware_vcloud.xml +index 69269a2d..505eaf2b 100644 +--- a/tests/data/metadata/fence_vmware_vcloud.xml ++++ b/tests/data/metadata/fence_vmware_vcloud.xml +@@ -8,16 +8,6 @@ + + Fencing action + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + diff --git a/bz1771594-2-fence_redfish-fence_vmware_soap-suppress-warning.patch b/bz1771594-2-fence_redfish-fence_vmware_soap-suppress-warning.patch new file mode 100644 index 0000000..889c6f9 --- /dev/null +++ b/bz1771594-2-fence_redfish-fence_vmware_soap-suppress-warning.patch @@ -0,0 +1,51 @@ +From 559771f2c5a638f7e14ec9c0ef1068c86ee9d40e Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Tue, 26 Nov 2019 14:09:14 +0100 +Subject: [PATCH] fence_redfish/fence_vmware_soap: suppress warnings correctly + with new python-requests + +python-requests doesnt suppress warnings anymore, so it needs to be done in urllib3: https://stackoverflow.com/questions/27981545/suppress-insecurerequestwarning-unverified-https-request-is-being-made-in-pytho/28002687#28002687 +--- + agents/redfish/fence_redfish.py | 4 ++-- + agents/vmware_soap/fence_vmware_soap.py | 4 ++-- + 2 files changed, 4 insertions(+), 4 deletions(-) + +diff --git a/agents/redfish/fence_redfish.py b/agents/redfish/fence_redfish.py +index 390a4827..c7c6492c 100644 +--- a/agents/redfish/fence_redfish.py ++++ b/agents/redfish/fence_redfish.py +@@ -12,7 +12,6 @@ + import atexit + sys.path.append("@FENCEAGENTSLIBDIR@") + +-from requests.packages.urllib3.exceptions import InsecureRequestWarning + from fencing import * + from fencing import fail_usage, run_delay + +@@ -143,7 +142,8 @@ def main(): + + # Disable insecure-certificate-warning message + if "--ssl-insecure" in opt: +- requests.packages.urllib3.disable_warnings(InsecureRequestWarning) ++ import urllib3 ++ urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) + + # backwards compatibility for : + if options["--ip"].count(":") == 1: +diff --git a/agents/vmware_soap/fence_vmware_soap.py b/agents/vmware_soap/fence_vmware_soap.py +index dd1a4ed6..53e8d8f4 100644 +--- a/agents/vmware_soap/fence_vmware_soap.py ++++ b/agents/vmware_soap/fence_vmware_soap.py +@@ -37,10 +37,10 @@ def soap_login(options): + if "--ssl" in options or "--ssl-secure" in options or "--ssl-insecure" in options: + if "--ssl-insecure" in options: + import ssl +- from requests.packages.urllib3.exceptions import InsecureRequestWarning ++ import urllib3 + if hasattr(ssl, '_create_unverified_context'): + ssl._create_default_https_context = ssl._create_unverified_context +- requests.packages.urllib3.disable_warnings(InsecureRequestWarning) ++ urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) + verify = False + else: + verify = True diff --git a/bz1773890-fence_scsi-add-hash-key-value-support.patch b/bz1773890-fence_scsi-add-hash-key-value-support.patch new file mode 100644 index 0000000..b8cf248 --- /dev/null +++ b/bz1773890-fence_scsi-add-hash-key-value-support.patch @@ -0,0 +1,237 @@ +From baf8d524e89d7f6c716e8241a12d8135debadfcc Mon Sep 17 00:00:00 2001 +From: Ondrej Famera +Date: Sun, 20 Oct 2019 20:13:40 +0900 +Subject: [PATCH 1/4] add new method for autogenerating SCSI key + +this methos generates second part of SCSI key based on hash of cluster +node name instead of currently used ID based approach which can brake if +the nodes get removed from cluster but whole cluster is not restarted +because the IDs changes. With hash approach hashes stays same. +Note that there is theoretical risk that hashes could colide. +--- + agents/scsi/fence_scsi.py | 32 ++++++++++++++++++++++++++++-- + tests/data/metadata/fence_scsi.xml | 5 +++++ + 2 files changed, 35 insertions(+), 2 deletions(-) + +diff --git a/agents/scsi/fence_scsi.py b/agents/scsi/fence_scsi.py +index 5580e08b..4cc9b66c 100644 +--- a/agents/scsi/fence_scsi.py ++++ b/agents/scsi/fence_scsi.py +@@ -202,9 +202,20 @@ def get_node_id(options): + + return match.group(1) if match else fail_usage("Failed: unable to parse output of corosync-cmapctl or node does not exist") + ++def get_node_hash(options): ++ try: ++ return hashlib.md5(options["--plug"].encode('ascii')).hexdigest() ++ except ValueError: ++ # FIPS requires usedforsecurity=False and might not be ++ # available on all distros: https://bugs.python.org/issue9216 ++ return hashlib.md5(options["--plug"].encode('ascii'), usedforsecurity=False).hexdigest() ++ + + def generate_key(options): +- return "%.4s%.4d" % (get_cluster_id(options), int(get_node_id(options))) ++ if options["--key_value"] == "hash": ++ return "%.4s%.4s" % (get_cluster_id(options), get_node_hash(options)) ++ else: ++ return "%.4s%.4d" % (get_cluster_id(options), int(get_node_id(options))) + + + # save node key to file +@@ -375,6 +386,19 @@ def define_new_opts(): + "default" : "@VGS_PATH@", + "order": 300 + } ++ all_opt["key_value"] = { ++ "getopt" : ":", ++ "longopt" : "key_value", ++ "help" : "--key_value= SCSI key node generation method", ++ "required" : "0", ++ "shortdesc" : "Method used to generate the SCSI key. \"id\" (default) \ ++uses the positional ID from \"corosync-cmactl nodelist\" output which can get inconsistent \ ++when nodes are removed from cluster without full cluster restart. \"hash\" uses part of hash \ ++made out of node names which is not affected over time but there is theoretical chance that \ ++hashes can collide as size of SCSI key is quite limited.", ++ "default" : "id", ++ "order": 300 ++ } + + + def scsi_check_get_options(options): +@@ -440,7 +464,7 @@ def main(): + + device_opt = ["no_login", "no_password", "devices", "nodename", "port",\ + "no_port", "key", "aptpl", "fabric_fencing", "on_target", "corosync_cmap_path",\ +- "sg_persist_path", "sg_turs_path", "logfile", "vgs_path", "force_on"] ++ "sg_persist_path", "sg_turs_path", "logfile", "vgs_path", "force_on", "key_value"] + + define_new_opts() + +@@ -517,6 +541,10 @@ def main(): + if options["--key"] == "0" or not options["--key"]: + fail_usage("Failed: key cannot be 0", stop_after_error) + ++ if "--key_value" in options\ ++ and (options["--key_value"] != "id" and options["--key_value"] != "hash"): ++ fail_usage("Failed: key_value has to be 'id' or 'hash'", stop_after_error) ++ + if options["--action"] == "validate-all": + sys.exit(0) + +diff --git a/tests/data/metadata/fence_scsi.xml b/tests/data/metadata/fence_scsi.xml +index b8cdabd1..56c6224d 100644 +--- a/tests/data/metadata/fence_scsi.xml ++++ b/tests/data/metadata/fence_scsi.xml +@@ -105,6 +105,11 @@ When used as a watchdog device you can define e.g. retry=1, retry-sleep=2 and ve + + Path to corosync-cmapctl binary + ++ ++ ++ ++ Method used to generate the SCSI key. "id" (default) uses the positional ID from "corosync-cmactl nodelist" output which can get inconsistent when nodes are removed from cluster without full cluster restart. "hash" uses part of hash made out of node names which is not affected over time but there is theoretical chance that hashes can collide as size of SCSI key is quite limited. ++ + + + Path to sg_persist binary + +From ee7a5ea238b4b3312384e4cfd9edd392c311d17a Mon Sep 17 00:00:00 2001 +From: Ondrej Famera +Date: Fri, 1 Nov 2019 13:16:58 +0900 +Subject: [PATCH 2/4] rename 'key_value' to 'key-value' for manual invokation + +--- + agents/scsi/fence_scsi.py | 12 ++++++------ + tests/data/metadata/fence_scsi.xml | 2 +- + 2 files changed, 7 insertions(+), 7 deletions(-) + +diff --git a/agents/scsi/fence_scsi.py b/agents/scsi/fence_scsi.py +index 4cc9b66c..7d515e16 100644 +--- a/agents/scsi/fence_scsi.py ++++ b/agents/scsi/fence_scsi.py +@@ -212,7 +212,7 @@ def get_node_hash(options): + + + def generate_key(options): +- if options["--key_value"] == "hash": ++ if options["--key-value"] == "hash": + return "%.4s%.4s" % (get_cluster_id(options), get_node_hash(options)) + else: + return "%.4s%.4d" % (get_cluster_id(options), int(get_node_id(options))) +@@ -388,8 +388,8 @@ def define_new_opts(): + } + all_opt["key_value"] = { + "getopt" : ":", +- "longopt" : "key_value", +- "help" : "--key_value= SCSI key node generation method", ++ "longopt" : "key-value", ++ "help" : "--key-value= SCSI key node generation method", + "required" : "0", + "shortdesc" : "Method used to generate the SCSI key. \"id\" (default) \ + uses the positional ID from \"corosync-cmactl nodelist\" output which can get inconsistent \ +@@ -541,9 +541,9 @@ def main(): + if options["--key"] == "0" or not options["--key"]: + fail_usage("Failed: key cannot be 0", stop_after_error) + +- if "--key_value" in options\ +- and (options["--key_value"] != "id" and options["--key_value"] != "hash"): +- fail_usage("Failed: key_value has to be 'id' or 'hash'", stop_after_error) ++ if "--key-value" in options\ ++ and (options["--key-value"] != "id" and options["--key-value"] != "hash"): ++ fail_usage("Failed: key-value has to be 'id' or 'hash'", stop_after_error) + + if options["--action"] == "validate-all": + sys.exit(0) +diff --git a/tests/data/metadata/fence_scsi.xml b/tests/data/metadata/fence_scsi.xml +index 56c6224d..72800688 100644 +--- a/tests/data/metadata/fence_scsi.xml ++++ b/tests/data/metadata/fence_scsi.xml +@@ -106,7 +106,7 @@ When used as a watchdog device you can define e.g. retry=1, retry-sleep=2 and ve + Path to corosync-cmapctl binary + + +- ++ + + Method used to generate the SCSI key. "id" (default) uses the positional ID from "corosync-cmactl nodelist" output which can get inconsistent when nodes are removed from cluster without full cluster restart. "hash" uses part of hash made out of node names which is not affected over time but there is theoretical chance that hashes can collide as size of SCSI key is quite limited. + + +From 58105710876bd6a2220f92ea37d621991d68bf4b Mon Sep 17 00:00:00 2001 +From: Ondrej Famera +Date: Fri, 1 Nov 2019 13:20:17 +0900 +Subject: [PATCH 3/4] expand longdesc of fence_scsi to describe the impact of + key_value option + +--- + agents/scsi/fence_scsi.py | 6 +++++- + tests/data/metadata/fence_scsi.xml | 2 +- + 2 files changed, 6 insertions(+), 2 deletions(-) + +diff --git a/agents/scsi/fence_scsi.py b/agents/scsi/fence_scsi.py +index 7d515e16..4b2bfe20 100644 +--- a/agents/scsi/fence_scsi.py ++++ b/agents/scsi/fence_scsi.py +@@ -493,7 +493,11 @@ def main(): + devices must support SCSI-3 persistent reservations (SPC-3 or greater) as \ + well as the \"preempt-and-abort\" subcommand.\nThe fence_scsi agent works by \ + having each node in the cluster register a unique key with the SCSI \ +-device(s). Once registered, a single node will become the reservation holder \ ++device(s). Reservation key is generated from \"node id\" (default) or from \ ++\"node name hash\" (recommended) by adjusting \"key_value\" option. \ ++Using hash is recommended to prevent issues when removing nodes \ ++from cluster without full cluster restart. \ ++Once registered, a single node will become the reservation holder \ + by creating a \"write exclusive, registrants only\" reservation on the \ + device(s). The result is that only registered nodes may write to the \ + device(s). When a node failure occurs, the fence_scsi agent will remove the \ +diff --git a/tests/data/metadata/fence_scsi.xml b/tests/data/metadata/fence_scsi.xml +index 72800688..6f914823 100644 +--- a/tests/data/metadata/fence_scsi.xml ++++ b/tests/data/metadata/fence_scsi.xml +@@ -1,7 +1,7 @@ + + + fence_scsi is an I/O fencing agent that uses SCSI-3 persistent reservations to control access to shared storage devices. These devices must support SCSI-3 persistent reservations (SPC-3 or greater) as well as the "preempt-and-abort" subcommand. +-The fence_scsi agent works by having each node in the cluster register a unique key with the SCSI device(s). Once registered, a single node will become the reservation holder by creating a "write exclusive, registrants only" reservation on the device(s). The result is that only registered nodes may write to the device(s). When a node failure occurs, the fence_scsi agent will remove the key belonging to the failed node from the device(s). The failed node will no longer be able to write to the device(s). A manual reboot is required. ++The fence_scsi agent works by having each node in the cluster register a unique key with the SCSI device(s). Reservation key is generated from "node id" (default) or from "node name hash" (recommended) by adjusting "key_value" option. Using hash is recommended to prevent issues when removing nodes from cluster without full cluster restart. Once registered, a single node will become the reservation holder by creating a "write exclusive, registrants only" reservation on the device(s). The result is that only registered nodes may write to the device(s). When a node failure occurs, the fence_scsi agent will remove the key belonging to the failed node from the device(s). The failed node will no longer be able to write to the device(s). A manual reboot is required. + + When used as a watchdog device you can define e.g. retry=1, retry-sleep=2 and verbose=yes parameters in /etc/sysconfig/stonith if you have issues with it failing. + + +From 6a73919ab70d76fcf4ce19b4fd00e182e41f33b5 Mon Sep 17 00:00:00 2001 +From: Ondrej Famera +Date: Sat, 16 Nov 2019 17:03:42 +0900 +Subject: [PATCH 4/4] emphasize the recommendation to use 'hash' over 'id' + +--- + agents/scsi/fence_scsi.py | 2 +- + tests/data/metadata/fence_scsi.xml | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/agents/scsi/fence_scsi.py b/agents/scsi/fence_scsi.py +index 4b2bfe20..9b6af556 100644 +--- a/agents/scsi/fence_scsi.py ++++ b/agents/scsi/fence_scsi.py +@@ -494,7 +494,7 @@ def main(): + well as the \"preempt-and-abort\" subcommand.\nThe fence_scsi agent works by \ + having each node in the cluster register a unique key with the SCSI \ + device(s). Reservation key is generated from \"node id\" (default) or from \ +-\"node name hash\" (recommended) by adjusting \"key_value\" option. \ ++\"node name hash\" (RECOMMENDED) by adjusting \"key_value\" option. \ + Using hash is recommended to prevent issues when removing nodes \ + from cluster without full cluster restart. \ + Once registered, a single node will become the reservation holder \ +diff --git a/tests/data/metadata/fence_scsi.xml b/tests/data/metadata/fence_scsi.xml +index 6f914823..b840f3cf 100644 +--- a/tests/data/metadata/fence_scsi.xml ++++ b/tests/data/metadata/fence_scsi.xml +@@ -1,7 +1,7 @@ + + + fence_scsi is an I/O fencing agent that uses SCSI-3 persistent reservations to control access to shared storage devices. These devices must support SCSI-3 persistent reservations (SPC-3 or greater) as well as the "preempt-and-abort" subcommand. +-The fence_scsi agent works by having each node in the cluster register a unique key with the SCSI device(s). Reservation key is generated from "node id" (default) or from "node name hash" (recommended) by adjusting "key_value" option. Using hash is recommended to prevent issues when removing nodes from cluster without full cluster restart. Once registered, a single node will become the reservation holder by creating a "write exclusive, registrants only" reservation on the device(s). The result is that only registered nodes may write to the device(s). When a node failure occurs, the fence_scsi agent will remove the key belonging to the failed node from the device(s). The failed node will no longer be able to write to the device(s). A manual reboot is required. ++The fence_scsi agent works by having each node in the cluster register a unique key with the SCSI device(s). Reservation key is generated from "node id" (default) or from "node name hash" (RECOMMENDED) by adjusting "key_value" option. Using hash is recommended to prevent issues when removing nodes from cluster without full cluster restart. Once registered, a single node will become the reservation holder by creating a "write exclusive, registrants only" reservation on the device(s). The result is that only registered nodes may write to the device(s). When a node failure occurs, the fence_scsi agent will remove the key belonging to the failed node from the device(s). The failed node will no longer be able to write to the device(s). A manual reboot is required. + + When used as a watchdog device you can define e.g. retry=1, retry-sleep=2 and verbose=yes parameters in /etc/sysconfig/stonith if you have issues with it failing. + diff --git a/bz1774458-fence_sbd-stderr-support.patch b/bz1774458-fence_sbd-stderr-support.patch new file mode 100644 index 0000000..59a6794 --- /dev/null +++ b/bz1774458-fence_sbd-stderr-support.patch @@ -0,0 +1,39 @@ +From f37e5ba0b6c8dab527f947bfc602d50b953a7d08 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Tue, 17 Sep 2019 15:15:06 +0200 +Subject: [PATCH] fence_sbd: support errors on stderr + +--- + agents/sbd/fence_sbd.py | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/agents/sbd/fence_sbd.py b/agents/sbd/fence_sbd.py +index b1df70ac..3ae8df6e 100644 +--- a/agents/sbd/fence_sbd.py ++++ b/agents/sbd/fence_sbd.py +@@ -8,6 +8,7 @@ + from fencing import fail_usage, run_command, fence_action, all_opt + from fencing import atexit_handler, check_input, process_input, show_docs + from fencing import run_delay ++import itertools + + DEVICE_INIT = 1 + DEVICE_NOT_INIT = -3 +@@ -82,7 +83,7 @@ def check_sbd_device(options, device_path): + + (return_code, out, err) = run_command(options, cmd) + +- for line in out.split("\n"): ++ for line in itertools.chain(out.split("\n"), err.split("\n")): + if len(line) == 0: + continue + +@@ -148,7 +149,7 @@ def get_msg_timeout(options): + + (return_code, out, err) = run_command(options, cmd) + +- for line in out.split("\n"): ++ for line in itertools.chain(out.split("\n"), err.split("\n")): + if len(line) == 0: + continue + diff --git a/bz1780825-fencing-1-add-stonith_status_sleep.patch b/bz1780825-fencing-1-add-stonith_status_sleep.patch new file mode 100644 index 0000000..4151486 --- /dev/null +++ b/bz1780825-fencing-1-add-stonith_status_sleep.patch @@ -0,0 +1,47 @@ +From b322891e91649d47656d63c73a0e08e9627f0b38 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Wed, 28 Apr 2021 12:20:07 +0200 +Subject: [PATCH] fencing: add stonith_status_sleep parameter for sleep between + status calls during a STONITH action + +--- + lib/fencing.py.py | 13 +++++++++++-- + 76 files changed, 386 insertions(+), 2 deletions(-) + +diff --git a/lib/fencing.py.py b/lib/fencing.py.py +index 9654f57be..bd7f529f7 100644 +--- a/lib/fencing.py.py ++++ b/lib/fencing.py.py +@@ -367,6 +367,14 @@ + "default" : "0", + "required" : "0", + "order" : 200}, ++ "stonith_status_sleep" : { ++ "getopt" : ":", ++ "longopt" : "stonith-status-sleep", ++ "type" : "second", ++ "help" : "--stonith-status-sleep=[seconds] Sleep X seconds between status calls during a STONITH action", ++ "default" : "1", ++ "required" : "0", ++ "order" : 200}, + "missing_as_off" : { + "getopt" : "", + "longopt" : "missing-as-off", +@@ -478,7 +486,8 @@ + "default" : ["help", "debug", "verbose", "verbose_level", + "version", "action", "agent", "power_timeout", + "shell_timeout", "login_timeout", "disable_timeout", +- "power_wait", "retry_on", "delay", "quiet"], ++ "power_wait", "stonith_status_sleep", "retry_on", "delay", ++ "quiet"], + "passwd" : ["passwd_script"], + "sudo" : ["sudo_path"], + "secure" : ["identity_file", "ssh_options", "ssh_path", "inet4_only", "inet6_only"], +@@ -828,7 +837,7 @@ def async_set_multi_power_fn(connection, options, set_power_fn, get_power_fn, re + + for _ in itertools.count(1): + if get_multi_power_fn(connection, options, get_power_fn) != options["--action"]: +- time.sleep(1) ++ time.sleep(int(options["--stonith-status-sleep"])) + else: + return True diff --git a/bz1780825-fencing-2-metadata-fix-long-parameters.patch b/bz1780825-fencing-2-metadata-fix-long-parameters.patch new file mode 100644 index 0000000..5aea6f9 --- /dev/null +++ b/bz1780825-fencing-2-metadata-fix-long-parameters.patch @@ -0,0 +1,22 @@ +From 199b5e8a63d8b3457262751b7fbe187f92b38e73 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Tue, 4 May 2021 09:33:34 +0200 +Subject: [PATCH] fencing: fix issue with hardcoded help text length for + metadata + +--- + lib/fencing.py.py | 2 +- + 77 files changed, 153 insertions(+), 153 deletions(-) + +diff --git a/lib/fencing.py.py b/lib/fencing.py.py +index bd7f529f7..b0ddde850 100644 +--- a/lib/fencing.py.py ++++ b/lib/fencing.py.py +@@ -641,7 +641,7 @@ def metadata(options, avail_opt, docs): + mixed = _encode_html_entities(mixed) + + if not "shortdesc" in opt: +- shortdesc = re.sub("\s\s+", " ", opt["help"][31:]) ++ shortdesc = re.sub(".*\s\s+", "", opt["help"][31:]) + else: + shortdesc = opt["shortdesc"] diff --git a/bz1781357-fence_aws-improve-logging-and-metadata-usage-text.patch b/bz1781357-fence_aws-improve-logging-and-metadata-usage-text.patch new file mode 100644 index 0000000..e81dce6 --- /dev/null +++ b/bz1781357-fence_aws-improve-logging-and-metadata-usage-text.patch @@ -0,0 +1,130 @@ +From 7ac16fb281fa8cfc51a31f672014c614c81aec82 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Fri, 31 Jan 2020 15:53:47 +0100 +Subject: [PATCH] fence_aws: improve logging and metadata/usage text + +--- + agents/aws/fence_aws.py | 36 +++++++++++++++++++------------ + tests/data/metadata/fence_aws.xml | 6 +++--- + 2 files changed, 25 insertions(+), 17 deletions(-) + +diff --git a/agents/aws/fence_aws.py b/agents/aws/fence_aws.py +index 647b66fc..74321e8e 100644 +--- a/agents/aws/fence_aws.py ++++ b/agents/aws/fence_aws.py +@@ -5,7 +5,7 @@ + import atexit + sys.path.append("@FENCEAGENTSLIBDIR@") + from fencing import * +-from fencing import fail, fail_usage, EC_TIMED_OUT, run_delay ++from fencing import fail, fail_usage, run_delay, EC_STATUS + + import boto3 + from botocore.exceptions import ClientError, EndpointConnectionError, NoRegionError +@@ -19,6 +19,8 @@ def get_nodes_list(conn, options): + fail_usage("Failed: Incorrect Access Key or Secret Key.") + except EndpointConnectionError: + fail_usage("Failed: Incorrect Region.") ++ except Exception as e: ++ logging.error("Failed to get node list: %s", e) + + return result + +@@ -38,20 +40,26 @@ def get_power_status(conn, options): + except EndpointConnectionError: + fail_usage("Failed: Incorrect Region.") + except IndexError: +- return "fail" ++ fail(EC_STATUS) ++ except Exception as e: ++ logging.error("Failed to get power status: %s", e) ++ fail(EC_STATUS) + + def set_power_status(conn, options): +- if (options["--action"]=="off"): +- conn.instances.filter(InstanceIds=[options["--plug"]]).stop(Force=True) +- elif (options["--action"]=="on"): +- conn.instances.filter(InstanceIds=[options["--plug"]]).start() +- ++ try: ++ if (options["--action"]=="off"): ++ conn.instances.filter(InstanceIds=[options["--plug"]]).stop(Force=True) ++ elif (options["--action"]=="on"): ++ conn.instances.filter(InstanceIds=[options["--plug"]]).start() ++ except Exception as e: ++ logging.error("Failed to power %s %s: %s", \ ++ options["--action"], options["--plug"], e) + + def define_new_opts(): + all_opt["region"] = { + "getopt" : "r:", + "longopt" : "region", +- "help" : "-r, --region=[name] Region, e.g. us-east-1", ++ "help" : "-r, --region=[region] Region, e.g. us-east-1", + "shortdesc" : "Region.", + "required" : "0", + "order" : 2 +@@ -59,7 +67,7 @@ def define_new_opts(): + all_opt["access_key"] = { + "getopt" : "a:", + "longopt" : "access-key", +- "help" : "-a, --access-key=[name] Access Key", ++ "help" : "-a, --access-key=[key] Access Key", + "shortdesc" : "Access Key.", + "required" : "0", + "order" : 3 +@@ -67,7 +75,7 @@ def define_new_opts(): + all_opt["secret_key"] = { + "getopt" : "s:", + "longopt" : "secret-key", +- "help" : "-s, --secret-key=[name] Secret Key", ++ "help" : "-s, --secret-key=[key] Secret Key", + "shortdesc" : "Secret Key.", + "required" : "0", + "order" : 4 +@@ -107,16 +115,16 @@ def main(): + conn = boto3.resource('ec2', region_name=region, + aws_access_key_id=access_key, + aws_secret_access_key=secret_key) +- except: +- fail_usage("Failed: Unable to connect to AWS. Check your configuration.") ++ except Exception as e: ++ fail_usage("Failed: Unable to connect to AWS: " + str(e)) + else: + # If setup with "aws configure" or manually in + # ~/.aws/credentials + try: + conn = boto3.resource('ec2') +- except: ++ except Exception as e: + # If any of region/access/secret are missing +- fail_usage("Failed: Unable to connect to AWS. Check your configuration.") ++ fail_usage("Failed: Unable to connect to AWS: " + str(e)) + + # Operate the fencing device + result = fence_action(conn, options, set_power_status, get_power_status, get_nodes_list) +diff --git a/tests/data/metadata/fence_aws.xml b/tests/data/metadata/fence_aws.xml +index 4dea4418..5e5d5d99 100644 +--- a/tests/data/metadata/fence_aws.xml ++++ b/tests/data/metadata/fence_aws.xml +@@ -22,17 +22,17 @@ For instructions see: https://boto3.readthedocs.io/en/latest/guide/quickstart.ht + Physical plug number on device, UUID or identification of machine + + +- ++ + + Region. + + +- ++ + + Access Key. + + +- ++ + + Secret Key. + diff --git a/bz1793739-fence_vmware_rest-1-fix-encoding.patch b/bz1793739-fence_vmware_rest-1-fix-encoding.patch new file mode 100644 index 0000000..c215ab1 --- /dev/null +++ b/bz1793739-fence_vmware_rest-1-fix-encoding.patch @@ -0,0 +1,23 @@ +From 06cba4aa30322f410b0b2fec5785be39d0953433 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Wed, 12 Feb 2020 14:21:54 +0100 +Subject: [PATCH] fence_vmware_rest: fix encoding to avoid issues with UTF-8 + encoded comments + +--- + agents/vmware_rest/fence_vmware_rest.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/agents/vmware_rest/fence_vmware_rest.py b/agents/vmware_rest/fence_vmware_rest.py +index cd99b4ac..d07bc10d 100644 +--- a/agents/vmware_rest/fence_vmware_rest.py ++++ b/agents/vmware_rest/fence_vmware_rest.py +@@ -127,7 +127,7 @@ def send_command(conn, command, method="GET"): + raise Exception(e[1]) + + rc = conn.getinfo(pycurl.HTTP_CODE) +- result = web_buffer.getvalue().decode() ++ result = web_buffer.getvalue().decode("UTF-8") + + web_buffer.close() + diff --git a/bz1793739-fence_vmware_rest-2-support-utf-8-vm-names.patch b/bz1793739-fence_vmware_rest-2-support-utf-8-vm-names.patch new file mode 100644 index 0000000..ce113af --- /dev/null +++ b/bz1793739-fence_vmware_rest-2-support-utf-8-vm-names.patch @@ -0,0 +1,38 @@ +From 80aea3942aaca881349230a32b5dcc06c57de98a Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Tue, 19 May 2020 15:10:16 +0200 +Subject: [PATCH] fence_vmware_rest: support UTF-8 VM names + +--- + agents/vmware_rest/fence_vmware_rest.py | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +diff --git a/agents/vmware_rest/fence_vmware_rest.py b/agents/vmware_rest/fence_vmware_rest.py +index 675de246..a038a096 100644 +--- a/agents/vmware_rest/fence_vmware_rest.py ++++ b/agents/vmware_rest/fence_vmware_rest.py +@@ -8,11 +8,14 @@ + from fencing import * + from fencing import fail, run_delay, EC_LOGIN_DENIED, EC_STATUS + ++if sys.version_info[0] > 2: import urllib.parse as urllib ++else: import urllib ++ + state = {"POWERED_ON": "on", 'POWERED_OFF': "off", 'SUSPENDED': "off"} + + def get_power_status(conn, options): + try: +- res = send_command(conn, "vcenter/vm?filter.names={}".format(options["--plug"]))["value"] ++ res = send_command(conn, "vcenter/vm?filter.names={}".format(urllib.quote(options["--plug"])))["value"] + except Exception as e: + logging.debug("Failed: {}".format(e)) + fail(EC_STATUS) +@@ -58,7 +61,7 @@ def get_list(conn, options): + fail(EC_STATUS) + + for r in res["value"]: +- outlets[r["name"]] = ("", state[r["power_state"]]) ++ outlets[r["name"].encode("UTF-8")] = ("", state[r["power_state"]]) + + return outlets + diff --git a/bz1793739-fence_vmware_rest-3-fix-encode-issue.patch b/bz1793739-fence_vmware_rest-3-fix-encode-issue.patch new file mode 100644 index 0000000..55b7f17 --- /dev/null +++ b/bz1793739-fence_vmware_rest-3-fix-encode-issue.patch @@ -0,0 +1,23 @@ +From 2ac3b05200477f3f04ce73de439e84c10a269552 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Thu, 2 Jul 2020 12:05:33 +0200 +Subject: [PATCH] fence_vmware_rest: remove .encode() that made the list action + fail on Python 3. It works fine with/without this on Python 2.x + +--- + agents/vmware_rest/fence_vmware_rest.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/agents/vmware_rest/fence_vmware_rest.py b/agents/vmware_rest/fence_vmware_rest.py +index a038a096..e49fd566 100644 +--- a/agents/vmware_rest/fence_vmware_rest.py ++++ b/agents/vmware_rest/fence_vmware_rest.py +@@ -61,7 +61,7 @@ def get_list(conn, options): + fail(EC_STATUS) + + for r in res["value"]: +- outlets[r["name"].encode("UTF-8")] = ("", state[r["power_state"]]) ++ outlets[r["name"]] = ("", state[r["power_state"]]) + + return outlets + diff --git a/bz1796654-fence_vmware_soap-log-exception-message-for-SSLError.patch b/bz1796654-fence_vmware_soap-log-exception-message-for-SSLError.patch new file mode 100644 index 0000000..c362210 --- /dev/null +++ b/bz1796654-fence_vmware_soap-log-exception-message-for-SSLError.patch @@ -0,0 +1,23 @@ +From 39e96371ab9ab1318db004c0ddbb1049d1c0f474 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Thu, 11 Jun 2020 10:25:34 +0200 +Subject: [PATCH] fence_vmware_soap: log exception message for SSLError + exception + +--- + agents/vmware_soap/fence_vmware_soap.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/agents/vmware_soap/fence_vmware_soap.py b/agents/vmware_soap/fence_vmware_soap.py +index 53e8d8f4..f2ab68b0 100644 +--- a/agents/vmware_soap/fence_vmware_soap.py ++++ b/agents/vmware_soap/fence_vmware_soap.py +@@ -67,7 +67,7 @@ def soap_login(options): + + conn.service.Login(mo_SessionManager, options["--username"], options["--password"]) + except requests.exceptions.SSLError as ex: +- fail_usage("Server side certificate verification failed") ++ fail_usage("Server side certificate verification failed: %s" % ex) + except Exception: + fail(EC_LOGIN_DENIED) + diff --git a/bz1798641-fence_mpath-fix-reserve-parameter-typo.patch b/bz1798641-fence_mpath-fix-reserve-parameter-typo.patch new file mode 100644 index 0000000..03d7c5e --- /dev/null +++ b/bz1798641-fence_mpath-fix-reserve-parameter-typo.patch @@ -0,0 +1,22 @@ +From 0d3ff341c5dcff7ded0274ae20460895f35c13d6 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Thu, 13 Feb 2020 15:40:24 +0100 +Subject: [PATCH] fence_mpath: fix --reserve parameter typo + +--- + agents/mpath/fence_mpath.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/agents/mpath/fence_mpath.py b/agents/mpath/fence_mpath.py +index 73517851..a3d9fe23 100644 +--- a/agents/mpath/fence_mpath.py ++++ b/agents/mpath/fence_mpath.py +@@ -106,7 +106,7 @@ def register_dev(options, dev): + return not bool(run_cmd(options, cmd)["err"]) + + def reserve_dev(options, dev): +- cmd = options["--mpathpersist-path"] + " -o --reserv --prout-type=5 --param-rk=" + options["--plug"] + " -d " + dev ++ cmd = options["--mpathpersist-path"] + " -o --reserve --prout-type=5 --param-rk=" + options["--plug"] + " -d " + dev + return not bool(run_cmd(options, cmd)["err"]) + + def get_reservation_key(options, dev): diff --git a/bz1810457-fence_aws-improve-parameter-logic.patch b/bz1810457-fence_aws-improve-parameter-logic.patch new file mode 100644 index 0000000..29c1f8c --- /dev/null +++ b/bz1810457-fence_aws-improve-parameter-logic.patch @@ -0,0 +1,48 @@ +From 1c2f791b6b2be13bcceaa096df52654164b1f6cb Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Thu, 5 Mar 2020 14:10:29 +0100 +Subject: [PATCH] fence_aws: improve connect parameter logic, so region can be + specified as parameter, while using role or keys from ~/.aws/config + +--- + agents/aws/fence_aws.py | 27 +++++++++------------------ + 1 file changed, 9 insertions(+), 18 deletions(-) + +diff --git a/agents/aws/fence_aws.py b/agents/aws/fence_aws.py +index 74321e8e..4a4d9de2 100644 +--- a/agents/aws/fence_aws.py ++++ b/agents/aws/fence_aws.py +@@ -107,24 +107,15 @@ def main(): + + run_delay(options) + +- if "--region" in options and "--access-key" in options and "--secret-key" in options: +- region = options["--region"] +- access_key = options["--access-key"] +- secret_key = options["--secret-key"] +- try: +- conn = boto3.resource('ec2', region_name=region, +- aws_access_key_id=access_key, +- aws_secret_access_key=secret_key) +- except Exception as e: +- fail_usage("Failed: Unable to connect to AWS: " + str(e)) +- else: +- # If setup with "aws configure" or manually in +- # ~/.aws/credentials +- try: +- conn = boto3.resource('ec2') +- except Exception as e: +- # If any of region/access/secret are missing +- fail_usage("Failed: Unable to connect to AWS: " + str(e)) ++ region = options.get("--region") ++ access_key = options.get("--access-key") ++ secret_key = options.get("--secret-key") ++ try: ++ conn = boto3.resource('ec2', region_name=region, ++ aws_access_key_id=access_key, ++ aws_secret_access_key=secret_key) ++ except Exception as e: ++ fail_usage("Failed: Unable to connect to AWS: " + str(e)) + + # Operate the fencing device + result = fence_action(conn, options, set_power_status, get_power_status, get_nodes_list) diff --git a/bz1816203-fence_aws-1-fix-race-condition.patch b/bz1816203-fence_aws-1-fix-race-condition.patch new file mode 100644 index 0000000..ce17980 --- /dev/null +++ b/bz1816203-fence_aws-1-fix-race-condition.patch @@ -0,0 +1,421 @@ +From 1742baf17954c58a84b9c668a617bac78303ce95 Mon Sep 17 00:00:00 2001 +From: Guilherme Felix +Date: Tue, 17 Mar 2020 13:18:38 +0000 +Subject: [PATCH 1/9] fence_aws: Fix fence race condition by checking local + instance status + +--- + agents/aws/fence_aws.py | 37 ++++++++++++++++++++++++++++++++++++- + 1 file changed, 36 insertions(+), 1 deletion(-) + +diff --git a/agents/aws/fence_aws.py b/agents/aws/fence_aws.py +index 4a4d9de2..f37f68d6 100644 +--- a/agents/aws/fence_aws.py ++++ b/agents/aws/fence_aws.py +@@ -3,6 +3,7 @@ + import sys, re + import logging + import atexit ++import requests + sys.path.append("@FENCEAGENTSLIBDIR@") + from fencing import * + from fencing import fail, fail_usage, run_delay, EC_STATUS +@@ -10,6 +11,17 @@ + import boto3 + from botocore.exceptions import ClientError, EndpointConnectionError, NoRegionError + ++def get_instance_id(): ++ try: ++ r = requests.get('http://169.254.169.254/latest/meta-data/instance-id') ++ return r.content ++ except HTTPError as http_err: ++ logging.error('HTTP error occurred while trying to access EC2 metadata server: %s', http_err) ++ except Exception as err: ++ logging.error('A fatal error occurred while trying to access EC2 metadata server: %s', err) ++ return None ++ ++ + def get_nodes_list(conn, options): + result = {} + try: +@@ -45,10 +57,33 @@ def get_power_status(conn, options): + logging.error("Failed to get power status: %s", e) + fail(EC_STATUS) + ++def get_self_power_status(conn, options): ++ try: ++ instance = conn.instances.filter(Filters=[{"Name": "instance-id", "Values": [instance_id]}]) ++ state = list(instance)[0].state["Name"] ++ if state == "running": ++ logging.debug("Captured my (%s) state and it %s - returning OK - Proceeding with fencing",instance_id,state.upper()) ++ return "ok" ++ else: ++ logging.debug("Captured my (%s) state it is %s - returning Alert - Unable to fence other nodes",instance_id,state.upper()) ++ return "alert" ++ ++ except ClientError: ++ fail_usage("Failed: Incorrect Access Key or Secret Key.") ++ except EndpointConnectionError: ++ fail_usage("Failed: Incorrect Region.") ++ except IndexError: ++ return "fail" ++ + def set_power_status(conn, options): ++ my_instance = get_instance_id() + try: + if (options["--action"]=="off"): +- conn.instances.filter(InstanceIds=[options["--plug"]]).stop(Force=True) ++ if (get_self_power_status(conn,myinstance) == "ok"): ++ logging.info("Called StopInstance API call for %s", options["--plug"]) ++ conn.instances.filter(InstanceIds=[options["--plug"]]).stop(Force=True) ++ else: ++ logging.info("Skipping fencing as instance is not in running status") + elif (options["--action"]=="on"): + conn.instances.filter(InstanceIds=[options["--plug"]]).start() + except Exception as e: + +From 45e429b3132ebc9e78121c3fbb15f0bf46845a59 Mon Sep 17 00:00:00 2001 +From: Guilherme Felix +Date: Tue, 17 Mar 2020 13:28:34 +0000 +Subject: [PATCH 2/9] fence_aws: Use local logger and improve logging + experience + +--- + agents/aws/fence_aws.py | 34 ++++++++++++++++++++++++++-------- + 1 file changed, 26 insertions(+), 8 deletions(-) + +diff --git a/agents/aws/fence_aws.py b/agents/aws/fence_aws.py +index f37f68d6..b0b6685a 100644 +--- a/agents/aws/fence_aws.py ++++ b/agents/aws/fence_aws.py +@@ -6,7 +6,7 @@ + import requests + sys.path.append("@FENCEAGENTSLIBDIR@") + from fencing import * +-from fencing import fail, fail_usage, run_delay, EC_STATUS ++from fencing import fail, fail_usage, run_delay, EC_STATUS, SyslogLibHandler + + import boto3 + from botocore.exceptions import ClientError, EndpointConnectionError, NoRegionError +@@ -16,13 +16,14 @@ def get_instance_id(): + r = requests.get('http://169.254.169.254/latest/meta-data/instance-id') + return r.content + except HTTPError as http_err: +- logging.error('HTTP error occurred while trying to access EC2 metadata server: %s', http_err) ++ logger.error('HTTP error occurred while trying to access EC2 metadata server: %s', http_err) + except Exception as err: +- logging.error('A fatal error occurred while trying to access EC2 metadata server: %s', err) ++ logger.error('A fatal error occurred while trying to access EC2 metadata server: %s', err) + return None + + + def get_nodes_list(conn, options): ++ logger.info("Starting monitor operation") + result = {} + try: + for instance in conn.instances.all(): +@@ -32,14 +33,16 @@ def get_nodes_list(conn, options): + except EndpointConnectionError: + fail_usage("Failed: Incorrect Region.") + except Exception as e: +- logging.error("Failed to get node list: %s", e) +- ++ logger.error("Failed to get node list: %s", e) ++ logger.debug("Monitor operation OK: %s",result) + return result + + def get_power_status(conn, options): ++ logger.debug("Starting status operation") + try: + instance = conn.instances.filter(Filters=[{"Name": "instance-id", "Values": [options["--plug"]]}]) + state = list(instance)[0].state["Name"] ++ logger.info("Status operation for EC2 instance %s returned state: %s",options["--plug"],state.upper()) + if state == "running": + return "on" + elif state == "stopped": +@@ -80,14 +83,14 @@ def set_power_status(conn, options): + try: + if (options["--action"]=="off"): + if (get_self_power_status(conn,myinstance) == "ok"): +- logging.info("Called StopInstance API call for %s", options["--plug"]) + conn.instances.filter(InstanceIds=[options["--plug"]]).stop(Force=True) ++ logger.info("Called StopInstance API call for %s", options["--plug"]) + else: +- logging.info("Skipping fencing as instance is not in running status") ++ logger.info("Skipping fencing as instance is not in running status") + elif (options["--action"]=="on"): + conn.instances.filter(InstanceIds=[options["--plug"]]).start() + except Exception as e: +- logging.error("Failed to power %s %s: %s", \ ++ logger.error("Failed to power %s %s: %s", \ + options["--action"], options["--plug"], e) + + def define_new_opts(): +@@ -142,6 +145,13 @@ def main(): + + run_delay(options) + ++ if options.get("--verbose") is not None: ++ lh = logging.FileHandler('/var/log/fence_aws_debug.log') ++ logger.addHandler(lh) ++ lhf = logging.Formatter('%(asctime)s - %(name)s - %(levelname)s - %(message)s') ++ lh.setFormatter(lhf) ++ logger.setLevel(logging.DEBUG) ++ + region = options.get("--region") + access_key = options.get("--access-key") + secret_key = options.get("--secret-key") +@@ -157,4 +167,12 @@ def main(): + sys.exit(result) + + if __name__ == "__main__": ++ ++ logger = logging.getLogger("fence_aws") ++ logger.propagate = False ++ logger.setLevel(logging.INFO) ++ logger.addHandler(SyslogLibHandler()) ++ logger.getLogger('botocore.vendored').propagate = False ++ ++ + main() + +From 00569921597b8007c67296ab8332747baf1e6fae Mon Sep 17 00:00:00 2001 +From: Guilherme Felix +Date: Tue, 17 Mar 2020 13:33:02 +0000 +Subject: [PATCH 3/9] fence_aws: Decouple boto3 and botocore debug logging from + local logging + +--- + agents/aws/fence_aws.py | 26 +++++++++++++++++++++++++- + 1 file changed, 25 insertions(+), 1 deletion(-) + +diff --git a/agents/aws/fence_aws.py b/agents/aws/fence_aws.py +index b0b6685a..11714315 100644 +--- a/agents/aws/fence_aws.py ++++ b/agents/aws/fence_aws.py +@@ -118,18 +118,27 @@ def define_new_opts(): + "required" : "0", + "order" : 4 + } ++ all_opt["boto3_debug"] = { ++ "getopt" : "b:", ++ "longopt" : "boto3_debug", ++ "help" : "-b, --boto3_debug=on|off Boto3 and Botocore library debug logging", ++ "shortdesc": "Boto Lib debug", ++ "required": "0", ++ "order": 5 ++ } + + # Main agent method + def main(): + conn = None + +- device_opt = ["port", "no_password", "region", "access_key", "secret_key"] ++ device_opt = ["port", "no_password", "region", "access_key", "secret_key", "boto3_debug"] + + atexit.register(atexit_handler) + + define_new_opts() + + all_opt["power_timeout"]["default"] = "60" ++ all_opt["boto3_debug"]["default"] = "off" + + options = check_input(device_opt, process_input(device_opt)) + +@@ -151,6 +160,21 @@ def main(): + lhf = logging.Formatter('%(asctime)s - %(name)s - %(levelname)s - %(message)s') + lh.setFormatter(lhf) + logger.setLevel(logging.DEBUG) ++ ++ if options["--boto3_debug"] != "on": ++ boto3.set_stream_logger('boto3',logging.INFO) ++ boto3.set_stream_logger('botocore',logging.INFO) ++ logging.getLogger('botocore').propagate = False ++ logging.getLogger('boto3').propagate = False ++ else: ++ log_format = logging.Formatter('%(asctime)s %(name)-12s %(levelname)-8s %(message)s') ++ logging.getLogger('botocore').propagate = False ++ logging.getLogger('boto3').propagate = False ++ fdh = logging.FileHandler('/var/log/fence_aws_boto3.log') ++ fdh.setFormatter(log_format) ++ logging.getLogger('boto3').addHandler(fdh) ++ logging.getLogger('botocore').addHandler(fdh) ++ logging.debug("Boto debug level is %s and sending debug info to /var/log/fence_aws_boto3.log", options["--boto3_debug"]) + + region = options.get("--region") + access_key = options.get("--access-key") + +From ed309bd51dfd5e0fed30156e7a312d5b5a8f4bd4 Mon Sep 17 00:00:00 2001 +From: Guilherme Felix +Date: Thu, 19 Mar 2020 16:02:47 +0000 +Subject: [PATCH 4/9] fence_aws: Fix typos and variable names + +--- + agents/aws/fence_aws.py | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/agents/aws/fence_aws.py b/agents/aws/fence_aws.py +index 11714315..207631e8 100644 +--- a/agents/aws/fence_aws.py ++++ b/agents/aws/fence_aws.py +@@ -60,7 +60,7 @@ def get_power_status(conn, options): + logging.error("Failed to get power status: %s", e) + fail(EC_STATUS) + +-def get_self_power_status(conn, options): ++def get_self_power_status(conn, instance_id): + try: + instance = conn.instances.filter(Filters=[{"Name": "instance-id", "Values": [instance_id]}]) + state = list(instance)[0].state["Name"] +@@ -82,7 +82,7 @@ def set_power_status(conn, options): + my_instance = get_instance_id() + try: + if (options["--action"]=="off"): +- if (get_self_power_status(conn,myinstance) == "ok"): ++ if (get_self_power_status(conn,my_instance) == "ok"): + conn.instances.filter(InstanceIds=[options["--plug"]]).stop(Force=True) + logger.info("Called StopInstance API call for %s", options["--plug"]) + else: +@@ -196,7 +196,7 @@ def main(): + logger.propagate = False + logger.setLevel(logging.INFO) + logger.addHandler(SyslogLibHandler()) +- logger.getLogger('botocore.vendored').propagate = False ++ logging.getLogger('botocore.vendored').propagate = False + + + main() + +From 624c652a95a676286af408898186186b7d7fcf55 Mon Sep 17 00:00:00 2001 +From: Guilherme Felix +Date: Thu, 19 Mar 2020 16:58:45 +0000 +Subject: [PATCH 5/9] fence_aws: Missing brackets on boto3_debug metadata + +--- + agents/aws/fence_aws.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/agents/aws/fence_aws.py b/agents/aws/fence_aws.py +index 207631e8..8916f4a0 100644 +--- a/agents/aws/fence_aws.py ++++ b/agents/aws/fence_aws.py +@@ -121,7 +121,7 @@ def define_new_opts(): + all_opt["boto3_debug"] = { + "getopt" : "b:", + "longopt" : "boto3_debug", +- "help" : "-b, --boto3_debug=on|off Boto3 and Botocore library debug logging", ++ "help" : "-b, --boto3_debug=[on|off] Boto3 and Botocore library debug logging", + "shortdesc": "Boto Lib debug", + "required": "0", + "order": 5 + +From 7c641a6885c4ab67b7739a43892d92d95a6f566c Mon Sep 17 00:00:00 2001 +From: Guilherme Felix +Date: Thu, 19 Mar 2020 17:04:31 +0000 +Subject: [PATCH 6/9] fence_aws: Fix travis build #1 + +--- + agents/aws/fence_aws.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/agents/aws/fence_aws.py b/agents/aws/fence_aws.py +index 8916f4a0..f41a47e4 100644 +--- a/agents/aws/fence_aws.py ++++ b/agents/aws/fence_aws.py +@@ -121,7 +121,7 @@ def define_new_opts(): + all_opt["boto3_debug"] = { + "getopt" : "b:", + "longopt" : "boto3_debug", +- "help" : "-b, --boto3_debug=[on|off] Boto3 and Botocore library debug logging", ++ "help" : "-b, --boto3_debug=[option] Boto3 and Botocore library debug logging", + "shortdesc": "Boto Lib debug", + "required": "0", + "order": 5 + +From 257af7ccc9789646adc7abf1e7dbac744b756071 Mon Sep 17 00:00:00 2001 +From: Guilherme Felix +Date: Fri, 20 Mar 2020 10:59:56 +0000 +Subject: [PATCH 7/9] fence_aws: Updated metadata XML file + +--- + tests/data/metadata/fence_aws.xml | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/tests/data/metadata/fence_aws.xml b/tests/data/metadata/fence_aws.xml +index 5e5d5d99..acfebb61 100644 +--- a/tests/data/metadata/fence_aws.xml ++++ b/tests/data/metadata/fence_aws.xml +@@ -36,6 +36,11 @@ For instructions see: https://boto3.readthedocs.io/en/latest/guide/quickstart.ht + + Secret Key. + ++ ++ ++ ++ Boto Lib debug ++ + + + + +From 8f78bc19356b5e07d0021aaf7da3fc4e712e00f0 Mon Sep 17 00:00:00 2001 +From: Guilherme Felix +Date: Fri, 20 Mar 2020 12:13:16 +0000 +Subject: [PATCH 8/9] fence_aws: Moving logger config next to import statements + for visibility + +--- + agents/aws/fence_aws.py | 13 ++++++------- + 1 file changed, 6 insertions(+), 7 deletions(-) + +diff --git a/agents/aws/fence_aws.py b/agents/aws/fence_aws.py +index f41a47e4..72fb8843 100644 +--- a/agents/aws/fence_aws.py ++++ b/agents/aws/fence_aws.py +@@ -11,6 +11,12 @@ + import boto3 + from botocore.exceptions import ClientError, EndpointConnectionError, NoRegionError + ++logger = logging.getLogger("fence_aws") ++logger.propagate = False ++logger.setLevel(logging.INFO) ++logger.addHandler(SyslogLibHandler()) ++logging.getLogger('botocore.vendored').propagate = False ++ + def get_instance_id(): + try: + r = requests.get('http://169.254.169.254/latest/meta-data/instance-id') +@@ -192,11 +198,4 @@ def main(): + + if __name__ == "__main__": + +- logger = logging.getLogger("fence_aws") +- logger.propagate = False +- logger.setLevel(logging.INFO) +- logger.addHandler(SyslogLibHandler()) +- logging.getLogger('botocore.vendored').propagate = False +- +- + main() + +From 570a05c425fe55008c8892ebaad8a73d36143909 Mon Sep 17 00:00:00 2001 +From: Guilherme Felix +Date: Fri, 20 Mar 2020 14:17:55 +0000 +Subject: [PATCH 9/9] fence_aws: Remove empty line + +--- + agents/aws/fence_aws.py | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/agents/aws/fence_aws.py b/agents/aws/fence_aws.py +index 72fb8843..ed55f390 100644 +--- a/agents/aws/fence_aws.py ++++ b/agents/aws/fence_aws.py +@@ -197,5 +197,4 @@ def main(): + sys.exit(result) + + if __name__ == "__main__": +- +- main() ++ main() +\ No newline at end of file diff --git a/bz1816203-fence_aws-2-fix-python3-encoding.patch b/bz1816203-fence_aws-2-fix-python3-encoding.patch new file mode 100644 index 0000000..2751b79 --- /dev/null +++ b/bz1816203-fence_aws-2-fix-python3-encoding.patch @@ -0,0 +1,22 @@ +From 9758f8c83c44ad6949d4411042c59bcf9365f67e Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Tue, 24 Mar 2020 15:31:13 +0100 +Subject: [PATCH] fence_aws: fix Python 3 encoding issue + +--- + agents/aws/fence_aws.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/agents/aws/fence_aws.py b/agents/aws/fence_aws.py +index ed55f390..17c2fedb 100644 +--- a/agents/aws/fence_aws.py ++++ b/agents/aws/fence_aws.py +@@ -20,7 +20,7 @@ + def get_instance_id(): + try: + r = requests.get('http://169.254.169.254/latest/meta-data/instance-id') +- return r.content ++ return r.content.decode("UTF-8") + except HTTPError as http_err: + logger.error('HTTP error occurred while trying to access EC2 metadata server: %s', http_err) + except Exception as err: diff --git a/bz1818157-fence_azure_arm-fix-MSI-support.patch b/bz1818157-fence_azure_arm-fix-MSI-support.patch new file mode 100644 index 0000000..5e33400 --- /dev/null +++ b/bz1818157-fence_azure_arm-fix-MSI-support.patch @@ -0,0 +1,75 @@ +From 2c9ee29d1e28dbdd5e305156ae70451e31d976c0 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Thu, 4 Jun 2020 14:43:15 +0200 +Subject: [PATCH 1/2] fence_azure_arm: log metadata when debugging + +--- + lib/azure_fence.py.py | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/lib/azure_fence.py.py b/lib/azure_fence.py.py +index 7bb43adc..4e44ca9d 100644 +--- a/lib/azure_fence.py.py ++++ b/lib/azure_fence.py.py +@@ -41,6 +41,7 @@ def get_from_metadata(parameter): + import requests + try: + r = requests.get('http://169.254.169.254/metadata/instance?api-version=2017-08-01', headers = {"Metadata":"true"}) ++ logging.debug("metadata: " + str(r.json())) + return str(r.json()["compute"][parameter]) + except: + logging.warning("Not able to use metadata service. Am I running in Azure?") + +From e3e3199cbf35855c6ab512ac06d7249df94eb3e7 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Thu, 4 Jun 2020 14:43:52 +0200 +Subject: [PATCH 2/2] fence_azure_arm: fixes to make MSI support work + +--- + agents/azure_arm/fence_azure_arm.py | 3 ++- + tests/data/metadata/fence_azure_arm.xml | 4 ++-- + 2 files changed, 4 insertions(+), 3 deletions(-) + +diff --git a/agents/azure_arm/fence_azure_arm.py b/agents/azure_arm/fence_azure_arm.py +index be0d4034..6b1a3770 100755 +--- a/agents/azure_arm/fence_azure_arm.py ++++ b/agents/azure_arm/fence_azure_arm.py +@@ -184,7 +184,7 @@ def main(): + compute_client = None + network_client = None + +- device_opt = ["login", "passwd", "port", "resourceGroup", "tenantId", "subscriptionId", "network-fencing", "msi", "cloud"] ++ device_opt = ["login", "no_login", "no_password", "passwd", "port", "resourceGroup", "tenantId", "subscriptionId", "network-fencing", "msi", "cloud"] + + atexit.register(atexit_handler) + +@@ -222,6 +222,7 @@ def main(): + + try: + config = azure_fence.get_azure_config(options) ++ options["--resourceGroup"] = config.RGName + compute_client = azure_fence.get_azure_compute_client(config) + if "--network-fencing" in options: + network_client = azure_fence.get_azure_network_client(config) +diff --git a/tests/data/metadata/fence_azure_arm.xml b/tests/data/metadata/fence_azure_arm.xml +index 97ecfdba..7ea672af 100644 +--- a/tests/data/metadata/fence_azure_arm.xml ++++ b/tests/data/metadata/fence_azure_arm.xml +@@ -23,7 +23,7 @@ When using network fencing the reboot-action will cause a quick-return once the + + Fencing action + +- ++ + + + Application ID +@@ -58,7 +58,7 @@ When using network fencing the reboot-action will cause a quick-return once the + + Physical plug number on device, UUID or identification of machine + +- ++ + + + Application ID diff --git a/bz1827559-fence_vmware_rest-improve-exception-handling.patch b/bz1827559-fence_vmware_rest-improve-exception-handling.patch new file mode 100644 index 0000000..1c61b35 --- /dev/null +++ b/bz1827559-fence_vmware_rest-improve-exception-handling.patch @@ -0,0 +1,44 @@ +From 020f48a309bcad659dc493960d2b39e8e1243085 Mon Sep 17 00:00:00 2001 +From: Thomas Abraham +Date: Mon, 20 Apr 2020 20:28:43 -0400 +Subject: [PATCH] fence_vmware_rest: improve exception handling in + send_command() + +If an exception occurs, simply raise it. pycurl's perform() method can +generate a pycurl.error object, which does not support indexing and +attempting to do so will generate an exception that hides the original +exception. + +Also, don't assume that the remote will return a JSON formatted response. +If it doesn't, a exception will occur accessing result which will not +raise the intended exception. +--- + agents/vmware_rest/fence_vmware_rest.py | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git a/agents/vmware_rest/fence_vmware_rest.py b/agents/vmware_rest/fence_vmware_rest.py +index d07bc10d..1505ffe6 100644 +--- a/agents/vmware_rest/fence_vmware_rest.py ++++ b/agents/vmware_rest/fence_vmware_rest.py +@@ -124,7 +124,7 @@ def send_command(conn, command, method="GET"): + try: + conn.perform() + except Exception as e: +- raise Exception(e[1]) ++ raise(e) + + rc = conn.getinfo(pycurl.HTTP_CODE) + result = web_buffer.getvalue().decode("UTF-8") +@@ -135,7 +135,11 @@ def send_command(conn, command, method="GET"): + result = json.loads(result) + + if rc != 200: +- raise Exception("{}: {}".format(rc, result["value"]["messages"][0]["default_message"])) ++ if len(result) > 0: ++ raise Exception("{}: {}".format(rc, ++ result["value"]["messages"][0]["default_message"])) ++ else: ++ raise Exception("Remote returned {} for request to {}".format(rc, url)) + + logging.debug("url: {}".format(url)) + logging.debug("method: {}".format(method)) diff --git a/bz1827652-fence_vmware_rest-1-add-filter-parameter.patch b/bz1827652-fence_vmware_rest-1-add-filter-parameter.patch new file mode 100644 index 0000000..2e17f7f --- /dev/null +++ b/bz1827652-fence_vmware_rest-1-add-filter-parameter.patch @@ -0,0 +1,92 @@ +From ab193580dcdd810b7bef69cc04cebef315f4781d Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Thu, 23 Apr 2020 15:55:11 +0200 +Subject: [PATCH] fence_vmware_rest: add filter parameter + +--- + agents/vmware_rest/fence_vmware_rest.py | 24 ++++++++++++++++++++--- + tests/data/metadata/fence_vmware_rest.xml | 9 ++++++++- + 2 files changed, 29 insertions(+), 4 deletions(-) + +diff --git a/agents/vmware_rest/fence_vmware_rest.py b/agents/vmware_rest/fence_vmware_rest.py +index 1505ffe6..6daff121 100644 +--- a/agents/vmware_rest/fence_vmware_rest.py ++++ b/agents/vmware_rest/fence_vmware_rest.py +@@ -42,7 +42,10 @@ def get_list(conn, options): + outlets = {} + + try: +- res = send_command(conn, "vcenter/vm") ++ command = "vcenter/vm" ++ if "--filter" in options: ++ command = command + "?" + options["--filter"] ++ res = send_command(conn, command) + except: + logging.debug("Failed: {}".format(e)) + fail(EC_STATUS) +@@ -157,6 +160,16 @@ def define_new_opts(): + "required" : "0", + "shortdesc" : "The path part of the API URL", + "order" : 2} ++ all_opt["filter"] = { ++ "getopt" : ":", ++ "longopt" : "filter", ++ "help" : "--filter=[filter] Filter to only return relevant VMs" ++ " (e.g. \"filter.names=node1&filter.names=node2\").", ++ "default" : "", ++ "required" : "0", ++ "shortdesc" : "Filter to only return relevant VMs. It can be used to avoid " ++ "the agent failing when more than 1000 VMs should be returned.", ++ "order" : 2} + + + def main(): +@@ -169,6 +182,7 @@ def main(): + "notls", + "web", + "port", ++ "filter", + ] + + atexit.register(atexit_handler) +@@ -181,8 +195,12 @@ def main(): + + docs = {} + docs["shortdesc"] = "Fence agent for VMware REST API" +- docs["longdesc"] = "fence_vmware_rest is an I/O Fencing agent which can be \ +-used with VMware API to fence virtual machines." ++ docs["longdesc"] = """fence_vmware_rest is an I/O Fencing agent which can be \ ++used with VMware API to fence virtual machines. ++ ++NOTE: If there's more than 1000 VMs there is a filter parameter to work around \ ++the API limit. See https://code.vmware.com/apis/62/vcenter-management#/VM%20/get_vcenter_vm \ ++for full list of filters.""" + docs["vendorurl"] = "https://www.vmware.com" + show_docs(options, docs) + +diff --git a/tests/data/metadata/fence_vmware_rest.xml b/tests/data/metadata/fence_vmware_rest.xml +index 5b497a6a..d60c8775 100644 +--- a/tests/data/metadata/fence_vmware_rest.xml ++++ b/tests/data/metadata/fence_vmware_rest.xml +@@ -1,6 +1,8 @@ + + +-fence_vmware_rest is an I/O Fencing agent which can be used with VMware API to fence virtual machines. ++fence_vmware_rest is an I/O Fencing agent which can be used with VMware API to fence virtual machines. ++ ++NOTE: If there's more than 1000 VMs there is a filter parameter to work around the API limit. See https://code.vmware.com/apis/62/vcenter-management#/VM%20/get_vcenter_vm for full list of filters. + https://www.vmware.com + + +@@ -87,6 +89,11 @@ + + The path part of the API URL + ++ ++ ++ ++ Filter to only return relevant VMs. It can be used to avoid the agent failing when more than 1000 VMs should be returned. ++ + + + diff --git a/bz1827652-fence_vmware_rest-2-fix-1000-VM-monitor-error.patch b/bz1827652-fence_vmware_rest-2-fix-1000-VM-monitor-error.patch new file mode 100644 index 0000000..0f83fa7 --- /dev/null +++ b/bz1827652-fence_vmware_rest-2-fix-1000-VM-monitor-error.patch @@ -0,0 +1,76 @@ +From 0296bc8512e37b8b935bc342b6493ed4fa8aa001 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Thu, 14 May 2020 13:17:04 +0200 +Subject: [PATCH 1/2] fence_vmware_rest: fix exception and remove default value + for filter parameter (which was shown in the manpage) + +--- + agents/vmware_rest/fence_vmware_rest.py | 3 +-- + tests/data/metadata/fence_vmware_rest.xml | 2 +- + 2 files changed, 2 insertions(+), 3 deletions(-) + +diff --git a/agents/vmware_rest/fence_vmware_rest.py b/agents/vmware_rest/fence_vmware_rest.py +index 6daff121..2635ae07 100644 +--- a/agents/vmware_rest/fence_vmware_rest.py ++++ b/agents/vmware_rest/fence_vmware_rest.py +@@ -46,7 +46,7 @@ def get_list(conn, options): + if "--filter" in options: + command = command + "?" + options["--filter"] + res = send_command(conn, command) +- except: ++ except Exception as e: + logging.debug("Failed: {}".format(e)) + fail(EC_STATUS) + +@@ -165,7 +165,6 @@ def define_new_opts(): + "longopt" : "filter", + "help" : "--filter=[filter] Filter to only return relevant VMs" + " (e.g. \"filter.names=node1&filter.names=node2\").", +- "default" : "", + "required" : "0", + "shortdesc" : "Filter to only return relevant VMs. It can be used to avoid " + "the agent failing when more than 1000 VMs should be returned.", +diff --git a/tests/data/metadata/fence_vmware_rest.xml b/tests/data/metadata/fence_vmware_rest.xml +index d60c8775..830b6a21 100644 +--- a/tests/data/metadata/fence_vmware_rest.xml ++++ b/tests/data/metadata/fence_vmware_rest.xml +@@ -91,7 +91,7 @@ NOTE: If there's more than 1000 VMs there is a filter parameter to work around t + + + +- ++ + Filter to only return relevant VMs. It can be used to avoid the agent failing when more than 1000 VMs should be returned. + + + +From 7420cf9f11568be7239956bed4631cdbaa6fb87c Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Thu, 14 May 2020 14:17:03 +0200 +Subject: [PATCH 2/2] fence_vmware_rest: dont fail when receiving more than + 1000 VM error during monitor-action + +--- + agents/vmware_rest/fence_vmware_rest.py | 9 ++++++++- + 1 file changed, 8 insertions(+), 1 deletion(-) + +diff --git a/agents/vmware_rest/fence_vmware_rest.py b/agents/vmware_rest/fence_vmware_rest.py +index 2635ae07..675de246 100644 +--- a/agents/vmware_rest/fence_vmware_rest.py ++++ b/agents/vmware_rest/fence_vmware_rest.py +@@ -48,7 +48,14 @@ def get_list(conn, options): + res = send_command(conn, command) + except Exception as e: + logging.debug("Failed: {}".format(e)) +- fail(EC_STATUS) ++ if str(e).startswith("400"): ++ if options.get("--original-action") == "monitor": ++ return outlets ++ else: ++ logging.error("More than 1000 VMs returned. Use --filter parameter to limit which VMs to list.") ++ fail(EC_STATUS) ++ else: ++ fail(EC_STATUS) + + for r in res["value"]: + outlets[r["name"]] = ("", state[r["power_state"]]) diff --git a/bz1830776-fence_compute-fence_evacuate-fix-insecure-parameter.patch b/bz1830776-fence_compute-fence_evacuate-fix-insecure-parameter.patch new file mode 100644 index 0000000..914b7e3 --- /dev/null +++ b/bz1830776-fence_compute-fence_evacuate-fix-insecure-parameter.patch @@ -0,0 +1,122 @@ +From 8920d2fc7993453e7ad05f807f6ec51745b408a5 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Mon, 4 May 2020 16:53:55 +0200 +Subject: [PATCH] fence_compute/fence_evacuate: fix --insecure parameter + +--- + agents/compute/fence_compute.py | 10 +++++++--- + agents/evacuate/fence_evacuate.py | 10 +++++++--- + tests/data/metadata/fence_compute.xml | 2 +- + tests/data/metadata/fence_evacuate.xml | 2 +- + 4 files changed, 16 insertions(+), 8 deletions(-) + +diff --git a/agents/compute/fence_compute.py b/agents/compute/fence_compute.py +index d0e012e6..f53b97da 100644 +--- a/agents/compute/fence_compute.py ++++ b/agents/compute/fence_compute.py +@@ -281,7 +281,7 @@ def create_nova_connection(options): + + loader = loading.get_plugin_loader('password') + keystone_auth = loader.load_from_options(**kwargs) +- keystone_session = session.Session(auth=keystone_auth, verify=(not options["--insecure"])) ++ keystone_session = session.Session(auth=keystone_auth, verify=not "--insecure" in options) + + nova_versions = [ "2.11", "2" ] + for version in nova_versions: +@@ -307,7 +307,7 @@ def create_nova_connection(options): + None, # Password + None, # Tenant + None, # Auth URL +- insecure=options["--insecure"], ++ insecure="--insecure" in options, + region_name=options["--region-name"], + endpoint_type=options["--endpoint-type"], + session=keystone_session, auth=keystone_auth, +@@ -395,7 +395,6 @@ def define_new_opts(): + "help" : "--insecure Explicitly allow agent to perform \"insecure\" TLS (https) requests", + "required" : "0", + "shortdesc" : "Allow Insecure TLS Requests", +- "default" : "False", + "order": 2, + } + all_opt["domain"] = { +@@ -484,6 +483,11 @@ def main(): + options["--domain"] = options["--compute-domain"] + del options["--domain"] + ++ # Disable insecure-certificate-warning message ++ if "--insecure" in options: ++ import urllib3 ++ urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) ++ + logging.debug("Running "+options["--action"]) + connection = create_nova_connection(options) + +diff --git a/agents/evacuate/fence_evacuate.py b/agents/evacuate/fence_evacuate.py +index 60bb130e..88837dd8 100644 +--- a/agents/evacuate/fence_evacuate.py ++++ b/agents/evacuate/fence_evacuate.py +@@ -217,7 +217,7 @@ def create_nova_connection(options): + + loader = loading.get_plugin_loader('password') + keystone_auth = loader.load_from_options(**kwargs) +- keystone_session = session.Session(auth=keystone_auth, verify=(not options["--insecure"])) ++ keystone_session = session.Session(auth=keystone_auth, verify=not "--insecure" in options) + + versions = [ "2.11", "2" ] + for version in versions: +@@ -244,7 +244,7 @@ def create_nova_connection(options): + None, # Password + None, # Tenant + None, # Auth URL +- insecure=options["--insecure"], ++ insecure="--insecure" in options, + region_name=options["--region-name"], + endpoint_type=options["--endpoint-type"], + session=keystone_session, auth=keystone_auth, +@@ -332,7 +332,6 @@ def define_new_opts(): + "help" : "--insecure Explicitly allow agent to perform \"insecure\" TLS (https) requests", + "required" : "0", + "shortdesc" : "Allow Insecure TLS Requests", +- "default" : "False", + "order": 2, + } + all_opt["domain"] = { +@@ -397,6 +396,11 @@ def main(): + del options["--domain"] + + ++ # Disable insecure-certificate-warning message ++ if "--insecure" in options: ++ import urllib3 ++ urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) ++ + connection = create_nova_connection(options) + + # Un-evacuating a server doesn't make sense +diff --git a/tests/data/metadata/fence_compute.xml b/tests/data/metadata/fence_compute.xml +index 99d56af0..2f183268 100644 +--- a/tests/data/metadata/fence_compute.xml ++++ b/tests/data/metadata/fence_compute.xml +@@ -70,7 +70,7 @@ + + + +- ++ + Allow Insecure TLS Requests + + +diff --git a/tests/data/metadata/fence_evacuate.xml b/tests/data/metadata/fence_evacuate.xml +index 8c720b80..95da0e1b 100644 +--- a/tests/data/metadata/fence_evacuate.xml ++++ b/tests/data/metadata/fence_evacuate.xml +@@ -70,7 +70,7 @@ + + + +- ++ + Allow Insecure TLS Requests + + diff --git a/bz1839776-fence_aws-catch-connectionerror.patch b/bz1839776-fence_aws-catch-connectionerror.patch new file mode 100644 index 0000000..674586e --- /dev/null +++ b/bz1839776-fence_aws-catch-connectionerror.patch @@ -0,0 +1,95 @@ +From be20615859c518b3161b08ee63f5da5213eba91d Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Mon, 25 May 2020 14:03:53 +0200 +Subject: [PATCH 1/2] fence_aws: catch ConnectionError and suppress traceback + for caught exceptions + +--- + agents/aws/fence_aws.py | 10 ++++++---- + 1 file changed, 6 insertions(+), 4 deletions(-) + +diff --git a/agents/aws/fence_aws.py b/agents/aws/fence_aws.py +index 17c2fedb..191f5de1 100644 +--- a/agents/aws/fence_aws.py ++++ b/agents/aws/fence_aws.py +@@ -9,14 +9,14 @@ + from fencing import fail, fail_usage, run_delay, EC_STATUS, SyslogLibHandler + + import boto3 +-from botocore.exceptions import ClientError, EndpointConnectionError, NoRegionError ++from botocore.exceptions import ConnectionError, ClientError, EndpointConnectionError, NoRegionError + + logger = logging.getLogger("fence_aws") + logger.propagate = False + logger.setLevel(logging.INFO) + logger.addHandler(SyslogLibHandler()) + logging.getLogger('botocore.vendored').propagate = False +- ++ + def get_instance_id(): + try: + r = requests.get('http://169.254.169.254/latest/meta-data/instance-id') +@@ -38,6 +38,8 @@ def get_nodes_list(conn, options): + fail_usage("Failed: Incorrect Access Key or Secret Key.") + except EndpointConnectionError: + fail_usage("Failed: Incorrect Region.") ++ except ConnectionError as e: ++ fail_usage("Failed: Unable to connect to AWS: " + str(e)) + except Exception as e: + logger.error("Failed to get node list: %s", e) + logger.debug("Monitor operation OK: %s",result) +@@ -169,7 +171,7 @@ def main(): + + if options["--boto3_debug"] != "on": + boto3.set_stream_logger('boto3',logging.INFO) +- boto3.set_stream_logger('botocore',logging.INFO) ++ boto3.set_stream_logger('botocore',logging.CRITICAL) + logging.getLogger('botocore').propagate = False + logging.getLogger('boto3').propagate = False + else: +@@ -197,4 +199,4 @@ def main(): + sys.exit(result) + + if __name__ == "__main__": +- main() +\ No newline at end of file ++ main() + +From 50772024cffa60d05938d328bbd5cffd930f6b42 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Mon, 25 May 2020 14:07:14 +0200 +Subject: [PATCH 2/2] fence_aws: improve boto3_debug boolean handling + +--- + agents/aws/fence_aws.py | 4 ++-- + 2 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/agents/aws/fence_aws.py b/agents/aws/fence_aws.py +index 191f5de1..483a2991 100644 +--- a/agents/aws/fence_aws.py ++++ b/agents/aws/fence_aws.py +@@ -132,6 +132,7 @@ def define_new_opts(): + "help" : "-b, --boto3_debug=[option] Boto3 and Botocore library debug logging", + "shortdesc": "Boto Lib debug", + "required": "0", ++ "default": "False", + "order": 5 + } + +@@ -146,7 +147,6 @@ def main(): + define_new_opts() + + all_opt["power_timeout"]["default"] = "60" +- all_opt["boto3_debug"]["default"] = "off" + + options = check_input(device_opt, process_input(device_opt)) + +@@ -169,7 +169,7 @@ def main(): + lh.setFormatter(lhf) + logger.setLevel(logging.DEBUG) + +- if options["--boto3_debug"] != "on": ++ if options["--boto3_debug"].lower() not in ["1", "yes", "on", "true"]: + boto3.set_stream_logger('boto3',logging.INFO) + boto3.set_stream_logger('botocore',logging.CRITICAL) + logging.getLogger('botocore').propagate = False diff --git a/bz1841087-fence_scsi-dont-write-key-device-to-file.patch b/bz1841087-fence_scsi-dont-write-key-device-to-file.patch new file mode 100644 index 0000000..5bc1198 --- /dev/null +++ b/bz1841087-fence_scsi-dont-write-key-device-to-file.patch @@ -0,0 +1,60 @@ +From 431e8bc40288d97d80f07ec195c0a07c5f8c065a Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Tue, 10 Nov 2020 12:46:50 +0100 +Subject: [PATCH] fence_scsi: dont write key to device if it's already + registered, and open file correctly to avoid using regex against end-of-file + +--- + agents/scsi/fence_scsi.py | 12 +++++------- + 1 file changed, 5 insertions(+), 7 deletions(-) + +diff --git a/agents/scsi/fence_scsi.py b/agents/scsi/fence_scsi.py +index 77817f35..9a86689d 100644 +--- a/agents/scsi/fence_scsi.py ++++ b/agents/scsi/fence_scsi.py +@@ -135,6 +135,8 @@ def register_dev(options, dev): + for slave in get_mpath_slaves(dev): + register_dev(options, slave) + return True ++ if get_reservation_key(options, dev, False) == options["--key"]: ++ return True + reset_dev(options, dev) + cmd = options["--sg_persist-path"] + " -n -o -I -S " + options["--key"] + " -d " + dev + cmd += " -Z" if "--aptpl" in options else "" +@@ -148,14 +150,14 @@ def reserve_dev(options, dev): + return not bool(run_cmd(options, cmd)["err"]) + + +-def get_reservation_key(options, dev): ++def get_reservation_key(options, dev, fail=True): + reset_dev(options,dev) + opts = "" + if "--readonly" in options: + opts = "-y " + cmd = options["--sg_persist-path"] + " -n -i " + opts + "-r -d " + dev + out = run_cmd(options, cmd) +- if out["err"]: ++ if out["err"] and fail: + fail_usage("Cannot get reservation key") + match = re.search(r"\s+key=0x(\S+)\s+", out["out"], re.IGNORECASE) + return match.group(1) if match else None +@@ -257,6 +259,7 @@ def dev_write(dev, options): + f = open(file_path, "a+") + except IOError: + fail_usage("Failed: Cannot open file \""+ file_path + "\"") ++ f.seek(0) + out = f.read() + if not re.search(r"^" + dev + "\s+", out, flags=re.MULTILINE): + f.write(dev + "\n") +@@ -277,11 +280,6 @@ def dev_read(fail=True): + return devs + + +-def dev_delete(options): +- file_path = options["store_path"] + ".dev" +- os.remove(file_path) if os.path.exists(file_path) else None +- +- + def get_clvm_devices(options): + devs = [] + cmd = options["--vgs-path"] + " " +\ diff --git a/bz1851115-fence_mpath-support-comma-and-space-separated-devices.patch b/bz1851115-fence_mpath-support-comma-and-space-separated-devices.patch new file mode 100644 index 0000000..cd36647 --- /dev/null +++ b/bz1851115-fence_mpath-support-comma-and-space-separated-devices.patch @@ -0,0 +1,23 @@ +From 2d0057dabae0b4cd4394fec5a60a3f649c8e3d2b Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Wed, 1 Jul 2020 13:18:26 +0200 +Subject: [PATCH] fence_mpath: allow spaces for comma-separated devices and add + support for space-separated devices + +--- + agents/mpath/fence_mpath.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/agents/mpath/fence_mpath.py b/agents/mpath/fence_mpath.py +index a3d9fe23..bc15aae2 100644 +--- a/agents/mpath/fence_mpath.py ++++ b/agents/mpath/fence_mpath.py +@@ -297,7 +297,7 @@ def main(): + if not ("--devices" in options and options["--devices"]): + fail_usage("Failed: No devices found") + +- options["devices"] = options["--devices"].split(",") ++ options["devices"] = [d for d in re.split("\s*,\s*|\s+", options["--devices"].strip()) if d] + # Input control END + + result = fence_action(None, options, set_status, get_status) diff --git a/bz1853973-fence_ipmilan-allow-increasing-ipmitool-verbosity.patch b/bz1853973-fence_ipmilan-allow-increasing-ipmitool-verbosity.patch new file mode 100644 index 0000000..28abff6 --- /dev/null +++ b/bz1853973-fence_ipmilan-allow-increasing-ipmitool-verbosity.patch @@ -0,0 +1,1489 @@ +From 3c377e48d96fbe80a5be5e9fd1a15c4b3a7d25e4 Mon Sep 17 00:00:00 2001 +From: Reid wahl +Date: Mon, 6 Jul 2020 03:58:42 -0700 +Subject: [PATCH 1/2] fencing: Add verbose_level option + +Currently, `verbose` is a boolean, all-or-nothing option. It would be +useful to be able to set more granular verbosity levels when debugging +an issue. + +This patch adds a `verbose_level` option to allow setting higher +verbosities. This option can be set explicitly (e.g., +`--verbose-level=3`). Alternatively, multiple `verbose` flags (e.g., +`-vvv`) can be passed on the command line; `verbose_level` is set to +the number of `-v` flags. + +If both an explicit `verbose_level` and one or more `-v` options are +set, the `verbose_level` takes precedence and overrides any `-v` flags. +If `verbose_level > 0` and there are no `-v` flags, the `verbose` +option is enabled implicitly. + +Later patches will enable individual fence agents to use the new +verbosity levels. + +Related to: RHBZ#1853973 +--- + lib/fencing.py.py | 58 ++++++++++++++++--- + tests/data/metadata/fence_aliyun.xml | 7 ++- + tests/data/metadata/fence_alom.xml | 7 ++- + tests/data/metadata/fence_amt.xml | 7 ++- + tests/data/metadata/fence_amt_ws.xml | 7 ++- + tests/data/metadata/fence_apc.xml | 7 ++- + tests/data/metadata/fence_apc_snmp.xml | 7 ++- + tests/data/metadata/fence_aws.xml | 7 ++- + tests/data/metadata/fence_azure_arm.xml | 7 ++- + tests/data/metadata/fence_bladecenter.xml | 7 ++- + tests/data/metadata/fence_brocade.xml | 7 ++- + tests/data/metadata/fence_cisco_mds.xml | 7 ++- + tests/data/metadata/fence_cisco_ucs.xml | 7 ++- + tests/data/metadata/fence_compute.xml | 7 ++- + tests/data/metadata/fence_docker.xml | 7 ++- + tests/data/metadata/fence_drac.xml | 7 ++- + tests/data/metadata/fence_drac5.xml | 7 ++- + tests/data/metadata/fence_dummy.xml | 7 ++- + tests/data/metadata/fence_eaton_snmp.xml | 7 ++- + tests/data/metadata/fence_emerson.xml | 7 ++- + tests/data/metadata/fence_eps.xml | 7 ++- + tests/data/metadata/fence_evacuate.xml | 7 ++- + tests/data/metadata/fence_gce.xml | 7 ++- + tests/data/metadata/fence_hds_cb.xml | 7 ++- + tests/data/metadata/fence_heuristics_ping.xml | 7 ++- + tests/data/metadata/fence_hpblade.xml | 7 ++- + tests/data/metadata/fence_ibmblade.xml | 7 ++- + tests/data/metadata/fence_idrac.xml | 7 ++- + tests/data/metadata/fence_ifmib.xml | 7 ++- + tests/data/metadata/fence_ilo.xml | 7 ++- + tests/data/metadata/fence_ilo2.xml | 7 ++- + tests/data/metadata/fence_ilo3.xml | 7 ++- + tests/data/metadata/fence_ilo3_ssh.xml | 7 ++- + tests/data/metadata/fence_ilo4.xml | 7 ++- + tests/data/metadata/fence_ilo4_ssh.xml | 7 ++- + tests/data/metadata/fence_ilo_moonshot.xml | 7 ++- + tests/data/metadata/fence_ilo_mp.xml | 7 ++- + tests/data/metadata/fence_ilo_ssh.xml | 7 ++- + tests/data/metadata/fence_imm.xml | 7 ++- + tests/data/metadata/fence_intelmodular.xml | 7 ++- + tests/data/metadata/fence_ipdu.xml | 7 ++- + tests/data/metadata/fence_ipmilan.xml | 7 ++- + tests/data/metadata/fence_ironic.xml | 7 ++- + tests/data/metadata/fence_ldom.xml | 7 ++- + tests/data/metadata/fence_lpar.xml | 7 ++- + tests/data/metadata/fence_mpath.xml | 7 ++- + tests/data/metadata/fence_netio.xml | 7 ++- + tests/data/metadata/fence_openstack.xml | 7 ++- + tests/data/metadata/fence_ovh.xml | 7 ++- + tests/data/metadata/fence_powerman.xml | 7 ++- + tests/data/metadata/fence_pve.xml | 7 ++- + tests/data/metadata/fence_raritan.xml | 7 ++- + tests/data/metadata/fence_rcd_serial.xml | 7 ++- + tests/data/metadata/fence_redfish.xml | 7 ++- + tests/data/metadata/fence_rhevm.xml | 7 ++- + tests/data/metadata/fence_rsa.xml | 7 ++- + tests/data/metadata/fence_rsb.xml | 7 ++- + tests/data/metadata/fence_sanbox2.xml | 7 ++- + tests/data/metadata/fence_sbd.xml | 7 ++- + tests/data/metadata/fence_scsi.xml | 7 ++- + tests/data/metadata/fence_tripplite_snmp.xml | 7 ++- + tests/data/metadata/fence_vbox.xml | 7 ++- + tests/data/metadata/fence_virsh.xml | 7 ++- + tests/data/metadata/fence_vmware.xml | 7 ++- + tests/data/metadata/fence_vmware_rest.xml | 7 ++- + tests/data/metadata/fence_vmware_soap.xml | 7 ++- + tests/data/metadata/fence_vmware_vcloud.xml | 7 ++- + tests/data/metadata/fence_wti.xml | 7 ++- + tests/data/metadata/fence_xenapi.xml | 7 ++- + tests/data/metadata/fence_zvmip.xml | 7 ++- + 73 files changed, 482 insertions(+), 80 deletions(-) + +diff --git a/lib/fencing.py.py b/lib/fencing.py.py +index 4b54aa7c..63b13036 100644 +--- a/lib/fencing.py.py ++++ b/lib/fencing.py.py +@@ -38,27 +38,40 @@ + "help" : "-h, --help Display this help and exit", + "required" : "0", + "shortdesc" : "Display help and exit", +- "order" : 54}, ++ "order" : 55}, + "version" : { + "getopt" : "V", + "longopt" : "version", + "help" : "-V, --version Display version information and exit", + "required" : "0", + "shortdesc" : "Display version information and exit", +- "order" : 53}, ++ "order" : 54}, + "verbose" : { + "getopt" : "v", + "longopt" : "verbose", +- "help" : "-v, --verbose Verbose mode", ++ "help" : "-v, --verbose Verbose mode. " ++ "Multiple -v flags can be stacked on the command line " ++ "(e.g., -vvv) to increase verbosity.", + "required" : "0", + "order" : 51}, ++ "verbose_level" : { ++ "getopt" : ":", ++ "longopt" : "verbose-level", ++ "type" : "integer", ++ "help" : "--verbose-level " ++ "Level of debugging detail in output. Defaults to the " ++ "number of --verbose flags specified on the command " ++ "line, or to 1 if verbose=1 in a stonith device " ++ "configuration (i.e., on stdin).", ++ "required" : "0", ++ "order" : 52}, + "debug" : { + "getopt" : "D:", + "longopt" : "debug-file", + "help" : "-D, --debug-file=[debugfile] Debugging to output file", + "required" : "0", + "shortdesc" : "Write debug information to given file", +- "order" : 52}, ++ "order" : 53}, + "delay" : { + "getopt" : ":", + "longopt" : "delay", +@@ -454,9 +467,10 @@ + + # options which are added automatically if 'key' is encountered ("default" is always added) + DEPENDENCY_OPT = { +- "default" : ["help", "debug", "verbose", "version", "action", "agent", \ +- "power_timeout", "shell_timeout", "login_timeout", "power_wait", "retry_on", \ +- "delay", "quiet"], ++ "default" : ["help", "debug", "verbose", "verbose_level", ++ "version", "action", "agent", "power_timeout", ++ "shell_timeout", "login_timeout", "power_wait", ++ "retry_on", "delay", "quiet"], + "passwd" : ["passwd_script"], + "sudo" : ["sudo_path"], + "secure" : ["identity_file", "ssh_options", "ssh_path", "inet4_only", "inet6_only"], +@@ -683,6 +697,26 @@ def check_input(device_opt, opt, other_conditions = False): + if options["--action"] in ["metadata", "manpage"] or any(k in options for k in ("--help", "--version")): + return options + ++ try: ++ options["--verbose-level"] = int(options["--verbose-level"]) ++ except ValueError: ++ options["--verbose-level"] = -1 ++ ++ if options["--verbose-level"] < 0: ++ logging.warning("Parse error: Option 'verbose_level' must " ++ "be an integer greater than or equal to 0. " ++ "Setting verbose_level to 0.") ++ options["--verbose-level"] = 0 ++ ++ if options["--verbose-level"] == 0 and "--verbose" in options: ++ logging.warning("Parse error: Ignoring option 'verbose' " ++ "because it conflicts with verbose_level=0") ++ del options["--verbose"] ++ ++ if options["--verbose-level"] > 0: ++ # Ensure verbose key exists ++ options["--verbose"] = 1 ++ + if "--verbose" in options: + logging.getLogger().setLevel(logging.DEBUG) + +@@ -1409,6 +1443,9 @@ def _parse_input_stdin(avail_opt): + opt["--"+all_opt[name]["longopt"]] = "1" + else: + logging.warning("Parse error: Ignoring option '%s' because it does not have value\n", name) ++ ++ opt.setdefault("--verbose-level", opt.get("--verbose", 0)) ++ + return opt + + def _parse_input_cmdline(avail_opt): +@@ -1428,10 +1465,15 @@ def _parse_input_cmdline(avail_opt): + + # Short and long getopt names are changed to consistent "--" + long name (e.g. --username) + long_opts = {} +- for arg_name in list(dict(entered_opt).keys()): ++ verbose_count = 0 ++ for arg_name in [k for (k, v) in entered_opt]: + all_key = [key for (key, value) in list(filtered_opts.items()) \ + if "--" + value.get("longopt", "") == arg_name or "-" + value.get("getopt", "").rstrip(":") == arg_name][0] + long_opts["--" + filtered_opts[all_key]["longopt"]] = dict(entered_opt)[arg_name] ++ if all_key == "verbose": ++ verbose_count += 1 ++ ++ long_opts.setdefault("--verbose-level", verbose_count) + + # This test is specific because it does not apply to input on stdin + if "port_as_ip" in avail_opt and not "--port-as-ip" in long_opts and "--plug" in long_opts: +diff --git a/tests/data/metadata/fence_aliyun.xml b/tests/data/metadata/fence_aliyun.xml +index 2de3a8aa..8f236806 100644 +--- a/tests/data/metadata/fence_aliyun.xml ++++ b/tests/data/metadata/fence_aliyun.xml +@@ -46,7 +46,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_alom.xml b/tests/data/metadata/fence_alom.xml +index d6bb3d5b..ef6c06c3 100644 +--- a/tests/data/metadata/fence_alom.xml ++++ b/tests/data/metadata/fence_alom.xml +@@ -111,7 +111,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_amt.xml b/tests/data/metadata/fence_amt.xml +index 5f0adc98..ee174852 100644 +--- a/tests/data/metadata/fence_amt.xml ++++ b/tests/data/metadata/fence_amt.xml +@@ -80,7 +80,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_amt_ws.xml b/tests/data/metadata/fence_amt_ws.xml +index 86f36f6c..9c223c8d 100644 +--- a/tests/data/metadata/fence_amt_ws.xml ++++ b/tests/data/metadata/fence_amt_ws.xml +@@ -80,7 +80,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_apc.xml b/tests/data/metadata/fence_apc.xml +index 7330d8bc..efad9db8 100644 +--- a/tests/data/metadata/fence_apc.xml ++++ b/tests/data/metadata/fence_apc.xml +@@ -116,7 +116,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_apc_snmp.xml b/tests/data/metadata/fence_apc_snmp.xml +index 7f1c616c..a1947672 100644 +--- a/tests/data/metadata/fence_apc_snmp.xml ++++ b/tests/data/metadata/fence_apc_snmp.xml +@@ -121,7 +121,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_aws.xml b/tests/data/metadata/fence_aws.xml +index 12f67322..527fc86c 100644 +--- a/tests/data/metadata/fence_aws.xml ++++ b/tests/data/metadata/fence_aws.xml +@@ -49,7 +49,12 @@ For instructions see: https://boto3.readthedocs.io/en/latest/guide/quickstart.ht + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_azure_arm.xml b/tests/data/metadata/fence_azure_arm.xml +index 7ea672af..42c9952f 100644 +--- a/tests/data/metadata/fence_azure_arm.xml ++++ b/tests/data/metadata/fence_azure_arm.xml +@@ -106,7 +106,12 @@ When using network fencing the reboot-action will cause a quick-return once the + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_bladecenter.xml b/tests/data/metadata/fence_bladecenter.xml +index 0762e43f..f2ee28b1 100644 +--- a/tests/data/metadata/fence_bladecenter.xml ++++ b/tests/data/metadata/fence_bladecenter.xml +@@ -111,7 +111,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_brocade.xml b/tests/data/metadata/fence_brocade.xml +index ef2b9833..f3287503 100644 +--- a/tests/data/metadata/fence_brocade.xml ++++ b/tests/data/metadata/fence_brocade.xml +@@ -111,7 +111,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_cisco_mds.xml b/tests/data/metadata/fence_cisco_mds.xml +index 15d7798c..a0e62cba 100644 +--- a/tests/data/metadata/fence_cisco_mds.xml ++++ b/tests/data/metadata/fence_cisco_mds.xml +@@ -120,7 +120,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_cisco_ucs.xml b/tests/data/metadata/fence_cisco_ucs.xml +index 848e72f8..f4543f4b 100644 +--- a/tests/data/metadata/fence_cisco_ucs.xml ++++ b/tests/data/metadata/fence_cisco_ucs.xml +@@ -96,7 +96,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_compute.xml b/tests/data/metadata/fence_compute.xml +index 2f183268..a5ce53cd 100644 +--- a/tests/data/metadata/fence_compute.xml ++++ b/tests/data/metadata/fence_compute.xml +@@ -131,7 +131,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_docker.xml b/tests/data/metadata/fence_docker.xml +index 3285314c..6e3306d4 100644 +--- a/tests/data/metadata/fence_docker.xml ++++ b/tests/data/metadata/fence_docker.xml +@@ -84,7 +84,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_drac.xml b/tests/data/metadata/fence_drac.xml +index 2184ee0c..451ee504 100644 +--- a/tests/data/metadata/fence_drac.xml ++++ b/tests/data/metadata/fence_drac.xml +@@ -81,7 +81,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_drac5.xml b/tests/data/metadata/fence_drac5.xml +index 069f7b00..564008ab 100644 +--- a/tests/data/metadata/fence_drac5.xml ++++ b/tests/data/metadata/fence_drac5.xml +@@ -120,7 +120,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_dummy.xml b/tests/data/metadata/fence_dummy.xml +index 873c565b..ec4d5b46 100644 +--- a/tests/data/metadata/fence_dummy.xml ++++ b/tests/data/metadata/fence_dummy.xml +@@ -31,7 +31,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_eaton_snmp.xml b/tests/data/metadata/fence_eaton_snmp.xml +index 3dd92dd2..1ec07c68 100644 +--- a/tests/data/metadata/fence_eaton_snmp.xml ++++ b/tests/data/metadata/fence_eaton_snmp.xml +@@ -120,7 +120,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_emerson.xml b/tests/data/metadata/fence_emerson.xml +index f6886469..fbdcbcde 100644 +--- a/tests/data/metadata/fence_emerson.xml ++++ b/tests/data/metadata/fence_emerson.xml +@@ -120,7 +120,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_eps.xml b/tests/data/metadata/fence_eps.xml +index 26e75477..47cad6f0 100644 +--- a/tests/data/metadata/fence_eps.xml ++++ b/tests/data/metadata/fence_eps.xml +@@ -83,7 +83,12 @@ Agent basically works by connecting to hidden page and pass appropriate argument + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_evacuate.xml b/tests/data/metadata/fence_evacuate.xml +index 95da0e1b..f32b48eb 100644 +--- a/tests/data/metadata/fence_evacuate.xml ++++ b/tests/data/metadata/fence_evacuate.xml +@@ -126,7 +126,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_gce.xml b/tests/data/metadata/fence_gce.xml +index 79b82ebb..3b8a24a4 100644 +--- a/tests/data/metadata/fence_gce.xml ++++ b/tests/data/metadata/fence_gce.xml +@@ -56,7 +56,12 @@ For instructions see: https://cloud.google.com/compute/docs/tutorials/python-gui + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_hds_cb.xml b/tests/data/metadata/fence_hds_cb.xml +index 71cfd8ed..5529472d 100644 +--- a/tests/data/metadata/fence_hds_cb.xml ++++ b/tests/data/metadata/fence_hds_cb.xml +@@ -111,7 +111,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_heuristics_ping.xml b/tests/data/metadata/fence_heuristics_ping.xml +index 3dbceeb2..53e3bb05 100644 +--- a/tests/data/metadata/fence_heuristics_ping.xml ++++ b/tests/data/metadata/fence_heuristics_ping.xml +@@ -56,7 +56,12 @@ This is not a fence agent by itself! Its only purpose is to enable/disable anoth + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_hpblade.xml b/tests/data/metadata/fence_hpblade.xml +index 6cdc73ed..bbb51668 100644 +--- a/tests/data/metadata/fence_hpblade.xml ++++ b/tests/data/metadata/fence_hpblade.xml +@@ -111,7 +111,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_ibmblade.xml b/tests/data/metadata/fence_ibmblade.xml +index 5084b3a0..6585c4fb 100644 +--- a/tests/data/metadata/fence_ibmblade.xml ++++ b/tests/data/metadata/fence_ibmblade.xml +@@ -120,7 +120,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_idrac.xml b/tests/data/metadata/fence_idrac.xml +index 55d9ced3..efecc720 100644 +--- a/tests/data/metadata/fence_idrac.xml ++++ b/tests/data/metadata/fence_idrac.xml +@@ -123,7 +123,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_ifmib.xml b/tests/data/metadata/fence_ifmib.xml +index c07a6e1f..93bd8aa3 100644 +--- a/tests/data/metadata/fence_ifmib.xml ++++ b/tests/data/metadata/fence_ifmib.xml +@@ -122,7 +122,12 @@ It was written with managed ethernet switches in mind, in order to fence iSCSI S + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_ilo.xml b/tests/data/metadata/fence_ilo.xml +index 44b3c43a..7ed91061 100644 +--- a/tests/data/metadata/fence_ilo.xml ++++ b/tests/data/metadata/fence_ilo.xml +@@ -107,7 +107,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_ilo2.xml b/tests/data/metadata/fence_ilo2.xml +index e9cae6d2..5527cf21 100644 +--- a/tests/data/metadata/fence_ilo2.xml ++++ b/tests/data/metadata/fence_ilo2.xml +@@ -107,7 +107,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_ilo3.xml b/tests/data/metadata/fence_ilo3.xml +index 2a99e0a4..b5db044c 100644 +--- a/tests/data/metadata/fence_ilo3.xml ++++ b/tests/data/metadata/fence_ilo3.xml +@@ -123,7 +123,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_ilo3_ssh.xml b/tests/data/metadata/fence_ilo3_ssh.xml +index e46d607c..a3c8f11c 100644 +--- a/tests/data/metadata/fence_ilo3_ssh.xml ++++ b/tests/data/metadata/fence_ilo3_ssh.xml +@@ -124,7 +124,12 @@ WARNING: The monitor-action is prone to timeouts. Use the fence_ilo-equivalent t + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_ilo4.xml b/tests/data/metadata/fence_ilo4.xml +index 68790266..210b05d2 100644 +--- a/tests/data/metadata/fence_ilo4.xml ++++ b/tests/data/metadata/fence_ilo4.xml +@@ -123,7 +123,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_ilo4_ssh.xml b/tests/data/metadata/fence_ilo4_ssh.xml +index a2c4614a..9b993dd5 100644 +--- a/tests/data/metadata/fence_ilo4_ssh.xml ++++ b/tests/data/metadata/fence_ilo4_ssh.xml +@@ -124,7 +124,12 @@ WARNING: The monitor-action is prone to timeouts. Use the fence_ilo-equivalent t + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_ilo_moonshot.xml b/tests/data/metadata/fence_ilo_moonshot.xml +index 00e43840..1e31424a 100644 +--- a/tests/data/metadata/fence_ilo_moonshot.xml ++++ b/tests/data/metadata/fence_ilo_moonshot.xml +@@ -111,7 +111,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_ilo_mp.xml b/tests/data/metadata/fence_ilo_mp.xml +index 2bba33dc..b825cd32 100644 +--- a/tests/data/metadata/fence_ilo_mp.xml ++++ b/tests/data/metadata/fence_ilo_mp.xml +@@ -111,7 +111,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_ilo_ssh.xml b/tests/data/metadata/fence_ilo_ssh.xml +index 1c8145b8..df87fd5f 100644 +--- a/tests/data/metadata/fence_ilo_ssh.xml ++++ b/tests/data/metadata/fence_ilo_ssh.xml +@@ -124,7 +124,12 @@ WARNING: The monitor-action is prone to timeouts. Use the fence_ilo-equivalent t + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_imm.xml b/tests/data/metadata/fence_imm.xml +index e22e4723..d00ad7fa 100644 +--- a/tests/data/metadata/fence_imm.xml ++++ b/tests/data/metadata/fence_imm.xml +@@ -123,7 +123,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_intelmodular.xml b/tests/data/metadata/fence_intelmodular.xml +index 5e0d3b19..ed5afcb8 100644 +--- a/tests/data/metadata/fence_intelmodular.xml ++++ b/tests/data/metadata/fence_intelmodular.xml +@@ -122,7 +122,12 @@ Note: Since firmware update version 2.7, SNMP v2 write support is removed, and r + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_ipdu.xml b/tests/data/metadata/fence_ipdu.xml +index 546e372c..78575c7c 100644 +--- a/tests/data/metadata/fence_ipdu.xml ++++ b/tests/data/metadata/fence_ipdu.xml +@@ -120,7 +120,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_ipmilan.xml b/tests/data/metadata/fence_ipmilan.xml +index 3e13d288..d4c23f73 100644 +--- a/tests/data/metadata/fence_ipmilan.xml ++++ b/tests/data/metadata/fence_ipmilan.xml +@@ -123,7 +123,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_ironic.xml b/tests/data/metadata/fence_ironic.xml +index 5775f285..84beaffc 100644 +--- a/tests/data/metadata/fence_ironic.xml ++++ b/tests/data/metadata/fence_ironic.xml +@@ -76,7 +76,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_ldom.xml b/tests/data/metadata/fence_ldom.xml +index b3c53458..4bb38571 100644 +--- a/tests/data/metadata/fence_ldom.xml ++++ b/tests/data/metadata/fence_ldom.xml +@@ -113,7 +113,12 @@ Very useful parameter is -c (or cmd_prompt in stdin mode). This must be set to s + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_lpar.xml b/tests/data/metadata/fence_lpar.xml +index 16d43a78..7ddc2c45 100644 +--- a/tests/data/metadata/fence_lpar.xml ++++ b/tests/data/metadata/fence_lpar.xml +@@ -125,7 +125,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_mpath.xml b/tests/data/metadata/fence_mpath.xml +index f5e60823..83d69f6c 100644 +--- a/tests/data/metadata/fence_mpath.xml ++++ b/tests/data/metadata/fence_mpath.xml +@@ -37,7 +37,12 @@ The fence_mpath agent works by having a unique key for each node that has to be + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_netio.xml b/tests/data/metadata/fence_netio.xml +index 79d27af3..b409bde7 100644 +--- a/tests/data/metadata/fence_netio.xml ++++ b/tests/data/metadata/fence_netio.xml +@@ -71,7 +71,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_openstack.xml b/tests/data/metadata/fence_openstack.xml +index 22517657..645cd655 100644 +--- a/tests/data/metadata/fence_openstack.xml ++++ b/tests/data/metadata/fence_openstack.xml +@@ -101,7 +101,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_ovh.xml b/tests/data/metadata/fence_ovh.xml +index b2767cc0..e8160bf7 100644 +--- a/tests/data/metadata/fence_ovh.xml ++++ b/tests/data/metadata/fence_ovh.xml +@@ -61,7 +61,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_powerman.xml b/tests/data/metadata/fence_powerman.xml +index ce72e002..3bf56882 100644 +--- a/tests/data/metadata/fence_powerman.xml ++++ b/tests/data/metadata/fence_powerman.xml +@@ -41,7 +41,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_pve.xml b/tests/data/metadata/fence_pve.xml +index 5d744903..1c83f2ef 100644 +--- a/tests/data/metadata/fence_pve.xml ++++ b/tests/data/metadata/fence_pve.xml +@@ -94,7 +94,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_raritan.xml b/tests/data/metadata/fence_raritan.xml +index 565eebc7..537cb141 100644 +--- a/tests/data/metadata/fence_raritan.xml ++++ b/tests/data/metadata/fence_raritan.xml +@@ -71,7 +71,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_rcd_serial.xml b/tests/data/metadata/fence_rcd_serial.xml +index c22f78de..b2a20cb7 100644 +--- a/tests/data/metadata/fence_rcd_serial.xml ++++ b/tests/data/metadata/fence_rcd_serial.xml +@@ -29,7 +29,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_redfish.xml b/tests/data/metadata/fence_redfish.xml +index 91b483b7..32ea402e 100644 +--- a/tests/data/metadata/fence_redfish.xml ++++ b/tests/data/metadata/fence_redfish.xml +@@ -106,7 +106,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_rhevm.xml b/tests/data/metadata/fence_rhevm.xml +index 73c9906f..deb326c3 100644 +--- a/tests/data/metadata/fence_rhevm.xml ++++ b/tests/data/metadata/fence_rhevm.xml +@@ -115,7 +115,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_rsa.xml b/tests/data/metadata/fence_rsa.xml +index f9a55f82..51009427 100644 +--- a/tests/data/metadata/fence_rsa.xml ++++ b/tests/data/metadata/fence_rsa.xml +@@ -111,7 +111,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_rsb.xml b/tests/data/metadata/fence_rsb.xml +index 022835be..7d8575d1 100644 +--- a/tests/data/metadata/fence_rsb.xml ++++ b/tests/data/metadata/fence_rsb.xml +@@ -111,7 +111,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_sanbox2.xml b/tests/data/metadata/fence_sanbox2.xml +index 7e20c8ce..bf07f360 100644 +--- a/tests/data/metadata/fence_sanbox2.xml ++++ b/tests/data/metadata/fence_sanbox2.xml +@@ -81,7 +81,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_sbd.xml b/tests/data/metadata/fence_sbd.xml +index 6095a74b..db52b49a 100644 +--- a/tests/data/metadata/fence_sbd.xml ++++ b/tests/data/metadata/fence_sbd.xml +@@ -39,7 +39,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_scsi.xml b/tests/data/metadata/fence_scsi.xml +index d0818b0d..ceb79de5 100644 +--- a/tests/data/metadata/fence_scsi.xml ++++ b/tests/data/metadata/fence_scsi.xml +@@ -54,7 +54,12 @@ When used as a watchdog device you can define e.g. retry=1, retry-sleep=2 and ve + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_tripplite_snmp.xml b/tests/data/metadata/fence_tripplite_snmp.xml +index d3769133..becc0d18 100644 +--- a/tests/data/metadata/fence_tripplite_snmp.xml ++++ b/tests/data/metadata/fence_tripplite_snmp.xml +@@ -121,7 +121,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_vbox.xml b/tests/data/metadata/fence_vbox.xml +index 3b53c7d2..045fbe9e 100644 +--- a/tests/data/metadata/fence_vbox.xml ++++ b/tests/data/metadata/fence_vbox.xml +@@ -113,7 +113,12 @@ By default, vbox needs to log in as a user that is a member of the vboxusers gro + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_virsh.xml b/tests/data/metadata/fence_virsh.xml +index 864986d0..2ab09c33 100644 +--- a/tests/data/metadata/fence_virsh.xml ++++ b/tests/data/metadata/fence_virsh.xml +@@ -113,7 +113,12 @@ By default, virsh needs root account to do properly work. So you must allow ssh + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_vmware.xml b/tests/data/metadata/fence_vmware.xml +index 48fc408b..14b504ed 100644 +--- a/tests/data/metadata/fence_vmware.xml ++++ b/tests/data/metadata/fence_vmware.xml +@@ -124,7 +124,12 @@ After you have successfully installed VI Perl Toolkit or VIX API, you should be + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_vmware_rest.xml b/tests/data/metadata/fence_vmware_rest.xml +index 830b6a21..41b09ba2 100644 +--- a/tests/data/metadata/fence_vmware_rest.xml ++++ b/tests/data/metadata/fence_vmware_rest.xml +@@ -102,7 +102,12 @@ NOTE: If there's more than 1000 VMs there is a filter parameter to work around t + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_vmware_soap.xml b/tests/data/metadata/fence_vmware_soap.xml +index da6a1002..ee385adf 100644 +--- a/tests/data/metadata/fence_vmware_soap.xml ++++ b/tests/data/metadata/fence_vmware_soap.xml +@@ -93,7 +93,12 @@ Name of virtual machine (-n / port) has to be used in inventory path format (e.g + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_vmware_vcloud.xml b/tests/data/metadata/fence_vmware_vcloud.xml +index 505eaf2b..21c9b77d 100644 +--- a/tests/data/metadata/fence_vmware_vcloud.xml ++++ b/tests/data/metadata/fence_vmware_vcloud.xml +@@ -95,7 +95,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_wti.xml b/tests/data/metadata/fence_wti.xml +index 872e4a90..8064b703 100644 +--- a/tests/data/metadata/fence_wti.xml ++++ b/tests/data/metadata/fence_wti.xml +@@ -111,7 +111,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_xenapi.xml b/tests/data/metadata/fence_xenapi.xml +index f6f4e46d..a1694ec5 100644 +--- a/tests/data/metadata/fence_xenapi.xml ++++ b/tests/data/metadata/fence_xenapi.xml +@@ -61,7 +61,12 @@ + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + +diff --git a/tests/data/metadata/fence_zvmip.xml b/tests/data/metadata/fence_zvmip.xml +index 408ad977..95c2ded3 100644 +--- a/tests/data/metadata/fence_zvmip.xml ++++ b/tests/data/metadata/fence_zvmip.xml +@@ -104,7 +104,12 @@ to access the system's directory manager. + + + +- Verbose mode ++ Verbose mode. Multiple -v flags can be stacked on the command line (e.g., -vvv) to increase verbosity. ++ ++ ++ ++ ++ Level of debugging detail in output. Defaults to the number of --verbose flags specified on the command line, or to 1 if verbose=1 in a stonith device configuration (i.e., on stdin). + + + + +From 60544f8642c483fce74d3c146d29c3c1a8bdd021 Mon Sep 17 00:00:00 2001 +From: Reid wahl +Date: Thu, 9 Jul 2020 22:17:15 -0700 +Subject: [PATCH 2/2] fence_ipmilan: Add ability to increase ipmitool verbosity + +Currently, the `-v` flag only causes the `ipmitool` command line and +output to be printed. + +This patch allows `fence_ipmilan` to accept additional `-v` flags and +pass them on to `ipmitool` to get more verbosity. + +Depends on: PR#346 +Resolves: RHBZ#1853973 +--- + agents/ipmilan/fence_ipmilan.py | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/agents/ipmilan/fence_ipmilan.py b/agents/ipmilan/fence_ipmilan.py +index ecd35582..ee014e79 100644 +--- a/agents/ipmilan/fence_ipmilan.py ++++ b/agents/ipmilan/fence_ipmilan.py +@@ -92,6 +92,10 @@ def append(cls, cmd, log=None): + # --action / -o + Cmd.append(" chassis power " + action) + ++ # --verbose-level ++ if options["--verbose-level"] > 1: ++ Cmd.append(" -" + "v" * (options["--verbose-level"] - 1)) ++ + return (Cmd.cmd, Cmd.log) + + def define_new_opts(): diff --git a/bz1859932-fence_evacuate-support-private-flavors.patch b/bz1859932-fence_evacuate-support-private-flavors.patch new file mode 100644 index 0000000..60eddd2 --- /dev/null +++ b/bz1859932-fence_evacuate-support-private-flavors.patch @@ -0,0 +1,26 @@ +From 18ef1622475db947aef70042523f4a176c4155bd Mon Sep 17 00:00:00 2001 +From: Luca Miccini +Date: Thu, 23 Jul 2020 14:33:38 +0200 +Subject: [PATCH] [fence_evacuate] Enable evacuation of instances using private + flavors + +This commit extends the flavor.list() api call in the fence_evacuate +agent to fetch private flavors that could be tagged with the 'evacuable' +attribute, allowing instance-ha to be enabled on a per tenant basis. +--- + agents/evacuate/fence_evacuate.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/agents/evacuate/fence_evacuate.py b/agents/evacuate/fence_evacuate.py +index 88837dd8..53d6fd15 100644 +--- a/agents/evacuate/fence_evacuate.py ++++ b/agents/evacuate/fence_evacuate.py +@@ -87,7 +87,7 @@ def _is_server_evacuable(server, evac_flavors, evac_images): + + def _get_evacuable_flavors(connection): + result = [] +- flavors = connection.flavors.list() ++ flavors = connection.flavors.list(is_public=None) + # Since the detailed view for all flavors doesn't provide the extra specs, + # we need to call each of the flavor to get them. + for flavor in flavors: diff --git a/bz1860544-fence_lpar-fix-long-user-host-issue.patch b/bz1860544-fence_lpar-fix-long-user-host-issue.patch new file mode 100644 index 0000000..f65f6ba --- /dev/null +++ b/bz1860544-fence_lpar-fix-long-user-host-issue.patch @@ -0,0 +1,127 @@ +From 3424464d3e447308f171399302cf76eb573a618f Mon Sep 17 00:00:00 2001 +From: Reid wahl +Date: Fri, 24 Jul 2020 18:22:24 -0700 +Subject: [PATCH] fence_lpar: Fix parse error from long command line + +When Pacemaker executes `fence_lpar` and the HMC command line is greater +than 80 characters, a parse error causes agent failure. This can happen +with a long user name and/or long managed system name. It happens only +when Pacemaker spawns the `fence_lpar` process; it does not happen when +`fence_lpar` is run from the CLI. + +A long command line gets a carriage return ('\r') added at the 80 +character mark and wraps back to the beginning of the line with no line +feed ('\n'), overwriting the displayed characters. `fence_lpar`'s regex +matches handle this fine when it's run from the command line. + +The problem is that when Pacemaker spawns fence_lpar, **for some +reason** there are backspace characters in the buffer when we hit the +'\r' character. This seems to overwrite some of the `conn.before` +string. As a result, the regex doesn't match `conn.before`, and the +agent fails. + +This patch works around the `conn.before` weirdness by reading and +discarding the first received line **before** any regex processing. + +Resolves: RHBZ#1860544 +Resolves: RHBZ#1860545 + +Signed-off-by: Reid Wahl +--- + agents/lpar/fence_lpar.py | 33 +++++++++++++++++++++++++++------ + 1 file changed, 27 insertions(+), 6 deletions(-) + +diff --git a/agents/lpar/fence_lpar.py b/agents/lpar/fence_lpar.py +index 270bbe3b..9dfabc43 100644 +--- a/agents/lpar/fence_lpar.py ++++ b/agents/lpar/fence_lpar.py +@@ -19,6 +19,9 @@ + def get_power_status(conn, options): + if options["--hmc-version"] == "3": + conn.send("lssyscfg -r lpar -m " + options["--managed"] + " -n " + options["--plug"] + " -F name,state\n") ++ ++ # First line (command) may cause parsing issues if long ++ conn.readline() + conn.log_expect(options["--command-prompt"], int(options["--power-timeout"])) + + try: +@@ -29,6 +32,9 @@ def get_power_status(conn, options): + elif options["--hmc-version"] in ["4", "IVM"]: + conn.send("lssyscfg -r lpar -m "+ options["--managed"] + + " --filter 'lpar_names=" + options["--plug"] + "'\n") ++ ++ # First line (command) may cause parsing issues if long ++ conn.readline() + conn.log_expect(options["--command-prompt"], int(options["--power-timeout"])) + + try: +@@ -49,6 +55,9 @@ def set_power_status(conn, options): + if options["--hmc-version"] == "3": + conn.send("chsysstate -o " + options["--action"] + " -r lpar -m " + options["--managed"] + + " -n " + options["--plug"] + "\n") ++ ++ # First line (command) may cause parsing issues if long ++ conn.readline() + conn.log_expect(options["--command-prompt"], int(options["--power-timeout"])) + elif options["--hmc-version"] in ["4", "IVM"]: + if options["--action"] == "on": +@@ -60,17 +69,23 @@ def set_power_status(conn, options): + else: + conn.send("chsysstate -o shutdown -r lpar --immed" + + " -m " + options["--managed"] + " -n " + options["--plug"] + "\n") ++ ++ # First line (command) may cause parsing issues if long ++ conn.readline() + conn.log_expect(options["--command-prompt"], int(options["--power-timeout"])) + + def get_lpar_list(conn, options): + outlets = {} + if options["--hmc-version"] == "3": + conn.send("query_partition_names -m " + options["--managed"] + "\n") ++ ++ ## We have to remove first line (command) ++ conn.readline() + conn.log_expect(options["--command-prompt"], int(options["--power-timeout"])) + +- ## We have to remove first 3 lines (command + header) and last line (part of new prompt) ++ ## We have to remove next 2 lines (header) and last line (part of new prompt) + #### +- res = re.search("^.+?\n(.+?\n){2}(.*)\n.*$", conn.before, re.S) ++ res = re.search("^(.+?\n){2}(.*)\n.*$", conn.before, re.S) + + if res == None: + fail_usage("Unable to parse output of list command") +@@ -81,11 +96,14 @@ def get_lpar_list(conn, options): + elif options["--hmc-version"] == "4": + conn.send("lssyscfg -r lpar -m " + options["--managed"] + + " -F name:state\n") ++ ++ ## We have to remove first line (command) ++ conn.readline() + conn.log_expect(options["--command-prompt"], int(options["--power-timeout"])) + +- ## We have to remove first line (command) and last line (part of new prompt) ++ ## We have to remove last line (part of new prompt) + #### +- res = re.search("^.+?\n(.*)\n.*$", conn.before, re.S) ++ res = re.search("^(.*)\n.*$", conn.before, re.S) + + if res == None: + fail_usage("Unable to parse output of list command") +@@ -100,11 +118,14 @@ def get_lpar_list(conn, options): + elif options["--hmc-version"] == "IVM": + conn.send("lssyscfg -r lpar -m " + options["--managed"] + + " -F name,state\n") ++ ++ ## We have to remove first line (command) ++ conn.readline() + conn.log_expect(options["--command-prompt"], int(options["--power-timeout"])) + +- ## We have to remove first line (command) and last line (part of new prompt) ++ ## We have to remove last line (part of new prompt) + #### +- res = re.search("^.+?\n(.*)\n.*$", conn.before, re.S) ++ res = re.search("^(.*)\n.*$", conn.before, re.S) + + if res == None: + fail_usage("Unable to parse output of list command") diff --git a/bz1861926-fence_lpar-fix-list-status-action.patch b/bz1861926-fence_lpar-fix-list-status-action.patch new file mode 100644 index 0000000..5842f73 --- /dev/null +++ b/bz1861926-fence_lpar-fix-list-status-action.patch @@ -0,0 +1,145 @@ +From 6d0b2cb598135b697ee583e3514aa427fc0e4cf8 Mon Sep 17 00:00:00 2001 +From: Reid Wahl +Date: Wed, 29 Jul 2020 18:33:17 -0700 +Subject: [PATCH 1/2] fence_lpar: Fix list-status action + +The `list-status` action prints "UNKNOWN" status for all LPARs when +`--hmc-version` is `"4"` or `"IVM"`. + +This commit fixes that by mapping the statuses returned by the HMC +(e.g., "Running") to the statuses that the fencing library expects +(e.g., "on"). + +Resolves: RHBZ#1861926 + +Signed-off-by: Reid Wahl +--- + agents/lpar/fence_lpar.py | 27 +++++++++++++++------------ + 1 file changed, 15 insertions(+), 12 deletions(-) + +diff --git a/agents/lpar/fence_lpar.py b/agents/lpar/fence_lpar.py +index 9dfabc43..03068466 100644 +--- a/agents/lpar/fence_lpar.py ++++ b/agents/lpar/fence_lpar.py +@@ -16,6 +16,16 @@ + from fencing import * + from fencing import fail, fail_usage, EC_STATUS_HMC + ++## ++## Transformation to standard ON/OFF status if possible ++def _normalize_status(status): ++ if status in ["Running", "Open Firmware", "Shutting Down", "Starting"]: ++ status = "on" ++ else: ++ status = "off" ++ ++ return status ++ + def get_power_status(conn, options): + if options["--hmc-version"] == "3": + conn.send("lssyscfg -r lpar -m " + options["--managed"] + " -n " + options["--plug"] + " -F name,state\n") +@@ -42,14 +52,7 @@ def get_power_status(conn, options): + except AttributeError: + fail(EC_STATUS_HMC) + +- ## +- ## Transformation to standard ON/OFF status if possible +- if status in ["Running", "Open Firmware", "Shutting Down", "Starting"]: +- status = "on" +- else: +- status = "off" +- +- return status ++ return _normalize_status(status) + + def set_power_status(conn, options): + if options["--hmc-version"] == "3": +@@ -111,10 +114,10 @@ def get_lpar_list(conn, options): + lines = res.group(1).split("\n") + for outlet_line in lines: + try: +- (port, status) = outlet_line.split(":") ++ (port, status) = outlet_line.rstrip().split(":") + except ValueError: + fail_usage('Output does not match expected HMC version, try different one'); +- outlets[port] = ("", status) ++ outlets[port] = ("", _normalize_status(status)) + elif options["--hmc-version"] == "IVM": + conn.send("lssyscfg -r lpar -m " + options["--managed"] + + " -F name,state\n") +@@ -133,10 +136,10 @@ def get_lpar_list(conn, options): + lines = res.group(1).split("\n") + for outlet_line in lines: + try: +- (port, status) = outlet_line.split(",") ++ (port, status) = outlet_line.rstrip().split(",") + except ValueError: + fail_usage('Output does not match expected HMC version, try different one'); +- outlets[port] = ("", status) ++ outlets[port] = ("", _normalize_status(status)) + + return outlets + + +From 4f7b40c0cde896f2f5b09e796ba34450e90aee6c Mon Sep 17 00:00:00 2001 +From: Reid Wahl +Date: Wed, 29 Jul 2020 18:43:47 -0700 +Subject: [PATCH 2/2] fence_lpar: Reduce code duplication in get_lpar_list + +The logic for HMC version 4 and HMC version IVM are the same except for +the use of a different separator character. This commit condenses them +into one block. + +Signed-off-by: Reid Wahl +--- + agents/lpar/fence_lpar.py | 28 ++++------------------------ + 1 file changed, 4 insertions(+), 24 deletions(-) + +diff --git a/agents/lpar/fence_lpar.py b/agents/lpar/fence_lpar.py +index 03068466..7560a82c 100644 +--- a/agents/lpar/fence_lpar.py ++++ b/agents/lpar/fence_lpar.py +@@ -96,31 +96,11 @@ def get_lpar_list(conn, options): + lines = res.group(2).split("\n") + for outlet_line in lines: + outlets[outlet_line.rstrip()] = ("", "") +- elif options["--hmc-version"] == "4": +- conn.send("lssyscfg -r lpar -m " + options["--managed"] + +- " -F name:state\n") +- +- ## We have to remove first line (command) +- conn.readline() +- conn.log_expect(options["--command-prompt"], int(options["--power-timeout"])) +- +- ## We have to remove last line (part of new prompt) +- #### +- res = re.search("^(.*)\n.*$", conn.before, re.S) +- +- if res == None: +- fail_usage("Unable to parse output of list command") ++ elif options["--hmc-version"] in ["4", "IVM"]: ++ sep = ":" if options["--hmc-version"] == "4" else "," + +- lines = res.group(1).split("\n") +- for outlet_line in lines: +- try: +- (port, status) = outlet_line.rstrip().split(":") +- except ValueError: +- fail_usage('Output does not match expected HMC version, try different one'); +- outlets[port] = ("", _normalize_status(status)) +- elif options["--hmc-version"] == "IVM": + conn.send("lssyscfg -r lpar -m " + options["--managed"] + +- " -F name,state\n") ++ " -F name" + sep + "state\n") + + ## We have to remove first line (command) + conn.readline() +@@ -136,7 +116,7 @@ def get_lpar_list(conn, options): + lines = res.group(1).split("\n") + for outlet_line in lines: + try: +- (port, status) = outlet_line.rstrip().split(",") ++ (port, status) = outlet_line.rstrip().split(sep) + except ValueError: + fail_usage('Output does not match expected HMC version, try different one'); + outlets[port] = ("", _normalize_status(status)) diff --git a/bz1896827-fence_aws-add-imdsv2-support.patch b/bz1896827-fence_aws-add-imdsv2-support.patch new file mode 100644 index 0000000..a5bdad3 --- /dev/null +++ b/bz1896827-fence_aws-add-imdsv2-support.patch @@ -0,0 +1,40 @@ +From c9f8890264e0257197b31124dbb26c1046475314 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Fri, 13 Nov 2020 14:30:43 +0100 +Subject: [PATCH] fence_aws: add support for IMDSv2 + +--- + agents/aws/fence_aws.py | 8 +++++--- + 1 file changed, 5 insertions(+), 3 deletions(-) + +diff --git a/agents/aws/fence_aws.py b/agents/aws/fence_aws.py +index 483a2991..e2a2391f 100644 +--- a/agents/aws/fence_aws.py ++++ b/agents/aws/fence_aws.py +@@ -3,12 +3,13 @@ + import sys, re + import logging + import atexit +-import requests + sys.path.append("@FENCEAGENTSLIBDIR@") + from fencing import * + from fencing import fail, fail_usage, run_delay, EC_STATUS, SyslogLibHandler + ++import requests + import boto3 ++from requests import HTTPError + from botocore.exceptions import ConnectionError, ClientError, EndpointConnectionError, NoRegionError + + logger = logging.getLogger("fence_aws") +@@ -19,8 +20,9 @@ + + def get_instance_id(): + try: +- r = requests.get('http://169.254.169.254/latest/meta-data/instance-id') +- return r.content.decode("UTF-8") ++ token = requests.put('http://169.254.169.254/latest/api/token', headers={"X-aws-ec2-metadata-token-ttl-seconds" : "21600"}).content.decode("UTF-8") ++ r = requests.get('http://169.254.169.254/latest/meta-data/instance-id', headers={"X-aws-ec2-metadata-token" : token}).content.decode("UTF-8") ++ return r + except HTTPError as http_err: + logger.error('HTTP error occurred while trying to access EC2 metadata server: %s', http_err) + except Exception as err: diff --git a/bz1906978-fence_gce-default-to-onoff.patch b/bz1906978-fence_gce-default-to-onoff.patch new file mode 100644 index 0000000..9642832 --- /dev/null +++ b/bz1906978-fence_gce-default-to-onoff.patch @@ -0,0 +1,36 @@ +From 6f1743a7c34b00b0d1602675598ae22a2a3de6b4 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Thu, 14 Jan 2021 15:11:14 +0100 +Subject: [PATCH] fence_gce: default to onoff + +--- + agents/gce/fence_gce.py | 2 -- + tests/data/metadata/fence_gce.xml | 2 +- + 2 files changed, 1 insertion(+), 3 deletions(-) + +diff --git a/agents/gce/fence_gce.py b/agents/gce/fence_gce.py +index bf5f5693..84cf3634 100644 +--- a/agents/gce/fence_gce.py ++++ b/agents/gce/fence_gce.py +@@ -334,8 +334,6 @@ def main(): + define_new_opts() + + all_opt["power_timeout"]["default"] = "60" +- all_opt["method"]["default"] = "cycle" +- all_opt["method"]["help"] = "-m, --method=[method] Method to fence (onoff|cycle) (Default: cycle)" + + options = check_input(device_opt, process_input(device_opt)) + +diff --git a/tests/data/metadata/fence_gce.xml b/tests/data/metadata/fence_gce.xml +index 33478721..77812ffb 100644 +--- a/tests/data/metadata/fence_gce.xml ++++ b/tests/data/metadata/fence_gce.xml +@@ -12,7 +12,7 @@ For instructions see: https://cloud.google.com/compute/docs/tutorials/python-gui + + + +- ++ + diff --git a/bz1914313-fence_zvmip-fix-disable-timeout.patch b/bz1914313-fence_zvmip-fix-disable-timeout.patch new file mode 100644 index 0000000..ee80db1 --- /dev/null +++ b/bz1914313-fence_zvmip-fix-disable-timeout.patch @@ -0,0 +1,23 @@ +From 900afe24edf0f400e9f1ed9b4df66e62cfee380e Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Fri, 8 Jan 2021 16:16:59 +0100 +Subject: [PATCH] fence_zvmip: fix shell-timeout when using new disable-timeout + parameter + +--- + agents/zvm/fence_zvmip.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/agents/zvm/fence_zvmip.py b/agents/zvm/fence_zvmip.py +index 5b272bb9..001106a4 100644 +--- a/agents/zvm/fence_zvmip.py ++++ b/agents/zvm/fence_zvmip.py +@@ -28,7 +28,7 @@ def open_socket(options): + + conn = socket.socket() + conn.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) +- conn.settimeout(float(options["--shell-timeout"])) ++ conn.settimeout(float(options["--shell-timeout"]) or None) + try: + conn.connect(addr) + except socket.error: diff --git a/bz1920947-fence_redfish-1-add-diag-action.patch b/bz1920947-fence_redfish-1-add-diag-action.patch new file mode 100644 index 0000000..68d2cda --- /dev/null +++ b/bz1920947-fence_redfish-1-add-diag-action.patch @@ -0,0 +1,53 @@ +From 570e04d68c3595b137b104ba723aa2e6ceca5a3a Mon Sep 17 00:00:00 2001 +From: Reid Wahl +Date: Wed, 27 Jan 2021 01:45:43 -0800 +Subject: [PATCH] fence_redfish: Add diag action + +Sends NMI to fenced node. + +Ref: + - http://redfish.dmtf.org/schemas/DSP2046_2020.3.html#redfish.dmtf.org/schemas/v1/ComputerSystem.json|details|ResetType + +Resolves: RHBZ#1920947 + +Signed-off-by: Reid Wahl +--- + agents/redfish/fence_redfish.py | 6 ++++-- + tests/data/metadata/fence_redfish.xml | 1 + + 2 files changed, 5 insertions(+), 2 deletions(-) + +diff --git a/agents/redfish/fence_redfish.py b/agents/redfish/fence_redfish.py +index 1b259576..9a7d604d 100644 +--- a/agents/redfish/fence_redfish.py ++++ b/agents/redfish/fence_redfish.py +@@ -40,7 +40,8 @@ def set_power_status(conn, options): + action = { + 'on' : "On", + 'off': "ForceOff", +- 'reboot': "ForceRestart" ++ 'reboot': "ForceRestart", ++ 'diag': "Nmi" + }[options["--action"]] + + payload = {'ResetType': action} +@@ -119,7 +120,8 @@ def define_new_opts(): + + def main(): + atexit.register(atexit_handler) +- device_opt = ["ipaddr", "login", "passwd", "redfish-uri", "systems-uri", "ssl"] ++ device_opt = ["ipaddr", "login", "passwd", "redfish-uri", "systems-uri", ++ "ssl", "diag"] + define_new_opts() + + opt = process_input(device_opt) +diff --git a/tests/data/metadata/fence_redfish.xml b/tests/data/metadata/fence_redfish.xml +index 6daf2cd9..fb112781 100644 +--- a/tests/data/metadata/fence_redfish.xml ++++ b/tests/data/metadata/fence_redfish.xml +@@ -187,5 +187,6 @@ + + + ++ + + diff --git a/bz1920947-fence_redfish-2-add-diag-action-logic.patch b/bz1920947-fence_redfish-2-add-diag-action-logic.patch new file mode 100644 index 0000000..3b328bb --- /dev/null +++ b/bz1920947-fence_redfish-2-add-diag-action-logic.patch @@ -0,0 +1,49 @@ +From b50523850e7fe1ba73d4ff0ede193c9860eff2bc Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Fri, 7 May 2021 10:35:00 +0200 +Subject: [PATCH] fence_redfish: add missing diag logic + +--- + agents/redfish/fence_redfish.py | 15 +++++++++++++-- + 1 file changed, 13 insertions(+), 2 deletions(-) + +diff --git a/agents/redfish/fence_redfish.py b/agents/redfish/fence_redfish.py +index 9a7d604d3..0f5af523c 100644 +--- a/agents/redfish/fence_redfish.py ++++ b/agents/redfish/fence_redfish.py +@@ -42,7 +42,7 @@ def set_power_status(conn, options): + 'off': "ForceOff", + 'reboot': "ForceRestart", + 'diag': "Nmi" +- }[options["--action"]] ++ }[options.get("original-action") or options["--action"]] + + payload = {'ResetType': action} + +@@ -56,6 +56,8 @@ def set_power_status(conn, options): + response = send_post_request(options, action_uri, payload) + if response['ret'] is False: + fail_usage("Error sending power command") ++ if options.get("original-action") == "diag": ++ return True + return + + def send_get_request(options, uri): +@@ -159,7 +161,16 @@ def main(): + else: + options["--systems-uri"] = sysresult["uri"] + +- result = fence_action(None, options, set_power_status, get_power_status, None) ++ reboot_fn = None ++ if options["--action"] == "diag": ++ # Diag is a special action that can't be verified so we will reuse reboot functionality ++ # to minimize impact on generic library ++ options["original-action"] = options["--action"] ++ options["--action"] = "reboot" ++ options["--method"] = "cycle" ++ reboot_fn = set_power_status ++ ++ result = fence_action(None, options, set_power_status, get_power_status, None, reboot_fn) + sys.exit(result) + + if __name__ == "__main__": diff --git a/bz1920947-fence_redfish-3-fix-typo.patch b/bz1920947-fence_redfish-3-fix-typo.patch new file mode 100644 index 0000000..24f49f3 --- /dev/null +++ b/bz1920947-fence_redfish-3-fix-typo.patch @@ -0,0 +1,22 @@ +From 753e126d0b642159b3e936de76a814f753f0d918 Mon Sep 17 00:00:00 2001 +From: Jeffrey Cutter +Date: Mon, 16 Nov 2020 14:29:30 -0500 +Subject: [PATCH] fence_redfish: Fix typo in help. + +--- + agents/redfish/fence_redfish.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/agents/redfish/fence_redfish.py b/agents/redfish/fence_redfish.py +index c7c6492c6..1b259576e 100644 +--- a/agents/redfish/fence_redfish.py ++++ b/agents/redfish/fence_redfish.py +@@ -102,7 +102,7 @@ def define_new_opts(): + all_opt["redfish-uri"] = { + "getopt" : ":", + "longopt" : "redfish-uri", +- "help" : "--redfish-uri=[uri] Base or starting Redifsh URI", ++ "help" : "--redfish-uri=[uri] Base or starting Redfish URI", + "required" : "0", + "default" : "/redfish/v1", + "shortdesc" : "Base or starting Redfish URI", diff --git a/bz1922437-fence_mpath-watchdog-retry-support.patch b/bz1922437-fence_mpath-watchdog-retry-support.patch new file mode 100644 index 0000000..41d0c3d --- /dev/null +++ b/bz1922437-fence_mpath-watchdog-retry-support.patch @@ -0,0 +1,111 @@ +From 2c9ce6a7667e09010d498ca9d9bcf6e476123bbb Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Thu, 20 May 2021 12:51:12 +0200 +Subject: [PATCH] fence_mpath: watchdog retries support + +Added options to be able to be able to set number of retries and sleep between retries. +--- + agents/mpath/fence_mpath.py | 44 +++++++++++++++++++++-------- + tests/data/metadata/fence_mpath.xml | 4 ++- + 2 files changed, 35 insertions(+), 13 deletions(-) + +diff --git a/agents/mpath/fence_mpath.py b/agents/mpath/fence_mpath.py +index 08dab6536..61ab1f205 100644 +--- a/agents/mpath/fence_mpath.py ++++ b/agents/mpath/fence_mpath.py +@@ -4,6 +4,7 @@ + import stat + import re + import os ++import time + import logging + import atexit + import ctypes +@@ -167,14 +168,20 @@ def dev_read(options, fail=True): + store_fh.close() + return dev_key + +-def mpath_check_get_verbose(): ++def mpath_check_get_options(options): + try: +- f = open("/etc/sysconfig/watchdog", "r") ++ f = open("/etc/sysconfig/stonith", "r") + except IOError: +- return False +- match = re.search(r"^\s*verbose=yes", "".join(f.readlines()), re.MULTILINE) ++ return options ++ ++ match = re.findall(r"^\s*(\S*)\s*=\s*(\S*)\s*", "".join(f.readlines()), re.MULTILINE) ++ ++ for m in match: ++ options[m[0].lower()] = m[1].lower() ++ + f.close() +- return bool(match) ++ ++ return options + + def mpath_check(hardreboot=False): + if len(sys.argv) >= 3 and sys.argv[1] == "repair": +@@ -183,18 +190,27 @@ def mpath_check(hardreboot=False): + options["--mpathpersist-path"] = "/usr/sbin/mpathpersist" + options["--store-path"] = "/var/run/cluster" + options["--power-timeout"] = "5" +- if mpath_check_get_verbose(): ++ options["retry"] = "0" ++ options["retry-sleep"] = "1" ++ options = mpath_check_get_options(options) ++ if "verbose" in options and options["verbose"] == "yes": + logging.getLogger().setLevel(logging.DEBUG) + devs = dev_read(options, fail=False) + if not devs: + logging.error("No devices found") + return 0 + for dev, key in list(devs.items()): +- if key in get_registration_keys(options, dev, fail=False): +- logging.debug("key " + key + " registered with device " + dev) +- return 0 +- else: +- logging.debug("key " + key + " not registered with device " + dev) ++ for n in range(int(options["retry"]) + 1): ++ if n > 0: ++ logging.debug("retry: " + str(n) + " of " + options["retry"]) ++ if key in get_registration_keys(options, dev, fail=False): ++ logging.debug("key " + key + " registered with device " + dev) ++ return 0 ++ else: ++ logging.debug("key " + key + " not registered with device " + dev) ++ ++ if n < int(options["retry"]): ++ time.sleep(float(options["retry-sleep"])) + logging.debug("key " + key + " registered with any devices") + + if hardreboot == True: +@@ -289,7 +305,11 @@ def main(): + device(s). The result is that only registered nodes may write to the \ + device(s). When a node failure occurs, the fence_mpath agent will remove the \ + key belonging to the failed node from the device(s). The failed node will no \ +-longer be able to write to the device(s). A manual reboot is required." ++longer be able to write to the device(s). A manual reboot is required.\ ++\n.P\n\ ++When used as a watchdog device you can define e.g. retry=1, retry-sleep=2 and \ ++verbose=yes parameters in /etc/sysconfig/stonith if you have issues with it \ ++failing." + docs["vendorurl"] = "https://www.sourceware.org/dm/" + show_docs(options, docs) + +diff --git a/tests/data/metadata/fence_mpath.xml b/tests/data/metadata/fence_mpath.xml +index 524776aa0..0255d4b4e 100644 +--- a/tests/data/metadata/fence_mpath.xml ++++ b/tests/data/metadata/fence_mpath.xml +@@ -1,7 +1,9 @@ + + + fence_mpath is an I/O fencing agent that uses SCSI-3 persistent reservations to control access multipath devices. Underlying devices must support SCSI-3 persistent reservations (SPC-3 or greater) as well as the "preempt-and-abort" subcommand. +-The fence_mpath agent works by having a unique key for each node that has to be set in /etc/multipath.conf. Once registered, a single node will become the reservation holder by creating a "write exclusive, registrants only" reservation on the device(s). The result is that only registered nodes may write to the device(s). When a node failure occurs, the fence_mpath agent will remove the key belonging to the failed node from the device(s). The failed node will no longer be able to write to the device(s). A manual reboot is required. ++The fence_mpath agent works by having a unique key for each node that has to be set in /etc/multipath.conf. Once registered, a single node will become the reservation holder by creating a "write exclusive, registrants only" reservation on the device(s). The result is that only registered nodes may write to the device(s). When a node failure occurs, the fence_mpath agent will remove the key belonging to the failed node from the device(s). The failed node will no longer be able to write to the device(s). A manual reboot is required. ++ ++When used as a watchdog device you can define e.g. retry=1, retry-sleep=2 and verbose=yes parameters in /etc/sysconfig/stonith if you have issues with it failing. + https://www.sourceware.org/dm/ + + diff --git a/bz1925015-fence_ipmilan-add-fence_ipmilanplus.patch b/bz1925015-fence_ipmilan-add-fence_ipmilanplus.patch new file mode 100644 index 0000000..c642704 --- /dev/null +++ b/bz1925015-fence_ipmilan-add-fence_ipmilanplus.patch @@ -0,0 +1,38 @@ +From 08a4521f9361c7ca4877e691fa82cc0e8f51d707 Mon Sep 17 00:00:00 2001 +From: Thomas Renninger +Date: Wed, 3 Feb 2021 11:20:14 +0100 +Subject: [PATCH] Add fence_ipmilanplus as fence_ipmilan wrapper always + enabling lanplus + +Lanplus (IPMI protocol version 2) is the up-to-date protocol to +connect to all recent IPMI driven BMCs. +Using fence_ipmilan without lanplus=1 will fail on these. + +To get around compatibility issues (old HW might still exist), +a new fence_agent is introduced via link and basename check. +--- + agents/ipmilan/fence_ipmilan.py | 3 + + 9 files changed, 240 insertions(+) + create mode 100644 tests/data/metadata/fence_ipmilanplus.xml + +diff --git a/agents/ipmilan/fence_ipmilan.py b/agents/ipmilan/fence_ipmilan.py +index ee014e79..f751de69 100644 +--- a/agents/ipmilan/fence_ipmilan.py ++++ b/agents/ipmilan/fence_ipmilan.py +@@ -187,6 +187,8 @@ def main(): + all_opt["lanplus"]["default"] = "1" + elif os.path.basename(sys.argv[0]) == "fence_ilo5": + all_opt["lanplus"]["default"] = "1" ++ elif os.path.basename(sys.argv[0]) == "fence_ipmilanplus": ++ all_opt["lanplus"]["default"] = "1" + + all_opt["ipport"]["default"] = "623" + all_opt["method"]["help"] = "-m, --method=[method] Method to fence (onoff|cycle) (Default: onoff)\n" \ +@@ -206,6 +208,7 @@ def main(): + docs["symlink"] = [("fence_ilo3", "Fence agent for HP iLO3"), + ("fence_ilo4", "Fence agent for HP iLO4"), + ("fence_ilo5", "Fence agent for HP iLO5"), ++ ("fence_ipmilanplus", "Fence agent for IPMIv2 lanplus"), + ("fence_imm", "Fence agent for IBM Integrated Management Module"), + ("fence_idrac", "Fence agent for Dell iDRAC")] + show_docs(options, docs) diff --git a/bz1941989-fence_aws-add-filter-parameter.patch b/bz1941989-fence_aws-add-filter-parameter.patch new file mode 100644 index 0000000..18d457b --- /dev/null +++ b/bz1941989-fence_aws-add-filter-parameter.patch @@ -0,0 +1,91 @@ +From d920421ccb3abb42ecb9ea3ba56948db00fe1c80 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Tue, 23 Mar 2021 12:14:11 +0100 +Subject: [PATCH] fence_aws: add filter parameter to be able to limit which + nodes are listed + +--- + agents/aws/fence_aws.py | 27 +++++++++++++++++++++------ + tests/data/metadata/fence_aws.xml | 5 +++++ + 2 files changed, 26 insertions(+), 6 deletions(-) + +diff --git a/agents/aws/fence_aws.py b/agents/aws/fence_aws.py +index 8322df9ed..c947bf29c 100644 +--- a/agents/aws/fence_aws.py ++++ b/agents/aws/fence_aws.py +@@ -38,8 +38,15 @@ def get_nodes_list(conn, options): + logger.info("Starting monitor operation") + result = {} + try: +- for instance in conn.instances.all(): +- result[instance.id] = ("", None) ++ if "--filter" in options: ++ filter_key = options["--filter"].split("=")[0].strip() ++ filter_value = options["--filter"].split("=")[1].strip() ++ filter = [{ "Name": filter_key, "Values": [filter_value] }] ++ for instance in conn.instances.filter(Filters=filter): ++ result[instance.id] = ("", None) ++ else: ++ for instance in conn.instances.all(): ++ result[instance.id] = ("", None) + except ClientError: + fail_usage("Failed: Incorrect Access Key or Secret Key.") + except EndpointConnectionError: +@@ -111,7 +118,7 @@ def define_new_opts(): + all_opt["region"] = { + "getopt" : "r:", + "longopt" : "region", +- "help" : "-r, --region=[region] Region, e.g. us-east-1", ++ "help" : "-r, --region=[region] Region, e.g. us-east-1", + "shortdesc" : "Region.", + "required" : "0", + "order" : 2 +@@ -132,21 +139,29 @@ def define_new_opts(): + "required" : "0", + "order" : 4 + } ++ all_opt["filter"] = { ++ "getopt" : ":", ++ "longopt" : "filter", ++ "help" : "--filter=[key=value] Filter (e.g. vpc-id=[vpc-XXYYZZAA]", ++ "shortdesc": "Filter for list-action", ++ "required": "0", ++ "order": 5 ++ } + all_opt["boto3_debug"] = { + "getopt" : "b:", + "longopt" : "boto3_debug", +- "help" : "-b, --boto3_debug=[option] Boto3 and Botocore library debug logging", ++ "help" : "-b, --boto3_debug=[option] Boto3 and Botocore library debug logging", + "shortdesc": "Boto Lib debug", + "required": "0", + "default": "False", +- "order": 5 ++ "order": 6 + } + + # Main agent method + def main(): + conn = None + +- device_opt = ["port", "no_password", "region", "access_key", "secret_key", "boto3_debug"] ++ device_opt = ["port", "no_password", "region", "access_key", "secret_key", "filter", "boto3_debug"] + + atexit.register(atexit_handler) + +diff --git a/tests/data/metadata/fence_aws.xml b/tests/data/metadata/fence_aws.xml +index 1f3ab3b97..a767e93c2 100644 +--- a/tests/data/metadata/fence_aws.xml ++++ b/tests/data/metadata/fence_aws.xml +@@ -36,6 +36,11 @@ For instructions see: https://boto3.readthedocs.io/en/latest/guide/quickstart.ht + + Secret Key. + ++ ++ ++ ++ Filter for list-action ++ + + + diff --git a/bz1942363-fence_gce-default-to-cycle.patch b/bz1942363-fence_gce-default-to-cycle.patch new file mode 100644 index 0000000..3034deb --- /dev/null +++ b/bz1942363-fence_gce-default-to-cycle.patch @@ -0,0 +1,37 @@ +From b8793b7cdacf0eb13e86581fcba1f78bb7a4bc13 Mon Sep 17 00:00:00 2001 +From: Tim Megela +Date: Thu, 11 Mar 2021 06:41:59 -0500 +Subject: [PATCH] Default method moved back to powercycle + +Moving back to powercycle as the default method for GCE. This is the recommended approach from Google. Using on/off as the default will have unintended consequences on google cloud platforms. +--- + agents/gce/fence_gce.py | 2 ++ + tests/data/metadata/fence_gce.xml | 2 +- + 2 files changed, 3 insertions(+), 1 deletion(-) + +diff --git a/agents/gce/fence_gce.py b/agents/gce/fence_gce.py +index 1784e1b70..d59ce2bad 100644 +--- a/agents/gce/fence_gce.py ++++ b/agents/gce/fence_gce.py +@@ -358,6 +358,8 @@ def main(): + define_new_opts() + + all_opt["power_timeout"]["default"] = "60" ++ all_opt["method"]["default"] = "cycle" ++ all_opt["method"]["help"] = "-m, --method=[method] Method to fence (onoff|cycle) (Default: cycle)" + + options = check_input(device_opt, process_input(device_opt)) + +diff --git a/tests/data/metadata/fence_gce.xml b/tests/data/metadata/fence_gce.xml +index f09c771f3..bb5137878 100644 +--- a/tests/data/metadata/fence_gce.xml ++++ b/tests/data/metadata/fence_gce.xml +@@ -12,7 +12,7 @@ For instructions see: https://cloud.google.com/compute/docs/tutorials/python-gui + + + +- ++ + diff --git a/bz1963163-fence_zvmip-add-ssl-tls-support.patch b/bz1963163-fence_zvmip-add-ssl-tls-support.patch new file mode 100644 index 0000000..1e43aa3 --- /dev/null +++ b/bz1963163-fence_zvmip-add-ssl-tls-support.patch @@ -0,0 +1,100 @@ +From 81be3c529ec1165f3135b4f14fbec2a19403cfbe Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Fri, 27 Aug 2021 08:53:36 +0200 +Subject: [PATCH] fence_zvmip: add ssl/tls support + +--- + agents/zvm/fence_zvmip.py | 20 ++++++++++++++++---- + tests/data/metadata/fence_zvmip.xml | 19 +++++++++++++++++++ + 2 files changed, 35 insertions(+), 4 deletions(-) + +diff --git a/agents/zvm/fence_zvmip.py b/agents/zvm/fence_zvmip.py +index 001106a44..874eb699f 100644 +--- a/agents/zvm/fence_zvmip.py ++++ b/agents/zvm/fence_zvmip.py +@@ -26,12 +26,22 @@ def open_socket(options): + except socket.gaierror: + fail(EC_LOGIN_DENIED) + +- conn = socket.socket() ++ if "--ssl" in options: ++ import ssl ++ sock = socket.socket() ++ sslcx = ssl.create_default_context() ++ if "--ssl-insecure" in options: ++ sslcx.check_hostname = False ++ sslcx.verify_mode = ssl.CERT_NONE ++ conn = sslcx.wrap_socket(sock, server_hostname=options["--ip"]) ++ else: ++ conn = socket.socket() + conn.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) + conn.settimeout(float(options["--shell-timeout"]) or None) + try: + conn.connect(addr) +- except socket.error: ++ except socket.error as e: ++ logging.debug(e) + fail(EC_LOGIN_DENIED) + + return conn +@@ -122,11 +132,12 @@ def get_list_of_images(options, command, data_as_plug): + images = set() + + if output_len > 3*INT4: ++ recvflag = socket.MSG_WAITALL if "--ssl" not in options else 0 + array_len = struct.unpack("!i", conn.recv(INT4))[0] + data = "" + + while True: +- read_data = conn.recv(1024, socket.MSG_WAITALL).decode("UTF-8") ++ read_data = conn.recv(1024, recvflag).decode("UTF-8") + data += read_data + if array_len == len(data): + break +@@ -146,7 +157,8 @@ def get_list_of_images(options, command, data_as_plug): + return (return_code, reason_code, images) + + def main(): +- device_opt = ["ipaddr", "login", "passwd", "port", "method", "missing_as_off", "inet4_only", "inet6_only"] ++ device_opt = ["ipaddr", "login", "passwd", "port", "method", "missing_as_off", ++ "inet4_only", "inet6_only", "ssl"] + + atexit.register(atexit_handler) + +diff --git a/tests/data/metadata/fence_zvmip.xml b/tests/data/metadata/fence_zvmip.xml +index f84115c08..d91192946 100644 +--- a/tests/data/metadata/fence_zvmip.xml ++++ b/tests/data/metadata/fence_zvmip.xml +@@ -91,6 +91,21 @@ to access the system's directory manager. + + Physical plug number on device, UUID or identification of machine + ++ ++ ++ ++ Use SSL connection with verifying certificate ++ ++ ++ ++ ++ Use SSL connection without verifying certificate ++ ++ ++ ++ ++ Use SSL connection with verifying certificate ++ + + + +@@ -181,6 +196,10 @@ to access the system's directory manager. + + Count of attempts to retry power on + ++ ++ ++ Path to gnutls-cli binary ++ + + + diff --git a/bz1969953-fence_gce-1-add-proxy-support.patch b/bz1969953-fence_gce-1-add-proxy-support.patch new file mode 100644 index 0000000..55dbc5b --- /dev/null +++ b/bz1969953-fence_gce-1-add-proxy-support.patch @@ -0,0 +1,70 @@ +diff --color -uNr a/agents/gce/fence_gce.py b/agents/gce/fence_gce.py +--- a/agents/gce/fence_gce.py 2021-06-11 14:57:01.138390529 +0200 ++++ b/agents/gce/fence_gce.py 2021-06-11 15:12:45.829855806 +0200 +@@ -1,6 +1,7 @@ + #!@PYTHON@ -tt + + import atexit ++import httplib2 + import logging + import os + import sys +@@ -18,6 +19,7 @@ + from fencing import fail_usage, run_delay, all_opt, atexit_handler, check_input, process_input, show_docs, fence_action + try: + import googleapiclient.discovery ++ import socks + try: + from google.oauth2.credentials import Credentials as GoogleCredentials + except: +@@ -189,13 +191,30 @@ + "required" : "0", + "order" : 9 + } ++ all_opt["proxyhost"] = { ++ "getopt" : ":", ++ "longopt" : "proxyhost", ++ "help" : "--proxyhost=[proxy_host] The proxy host to use, if one is needed to access the internet (Example: 10.122.0.33)", ++ "shortdesc" : "If a proxy is used for internet access, the proxy host should be specified.", ++ "required" : "0", ++ "order" : 10 ++ } ++ all_opt["proxyport"] = { ++ "getopt" : ":", ++ "type" : "integer", ++ "longopt" : "proxyport", ++ "help" : "--proxyport=[proxy_port] The proxy port to use, if one is needed to access the internet (Example: 3127)", ++ "shortdesc" : "If a proxy is used for internet access, the proxy port should be specified.", ++ "required" : "0", ++ "order" : 11 ++ } + + + def main(): + conn = None + + device_opt = ["port", "no_password", "zone", "project", "stackdriver-logging", +- "method", "serviceaccount"] ++ "method", "serviceaccount", "proxyhost", "proxyport"] + + atexit.register(atexit_handler) + +@@ -259,7 +278,17 @@ + credentials = GoogleCredentials.get_application_default() + logging.debug("using application default credentials") + +- conn = googleapiclient.discovery.build('compute', 'v1', credentials=credentials) ++ if options.get("--proxyhost") and options.get("--proxyport"): ++ proxy_info = httplib2.ProxyInfo( ++ proxy_type=socks.PROXY_TYPE_HTTP, ++ proxy_host=options.get("--proxyhost"), ++ proxy_port=int(options.get("--proxyport"))) ++ http = credentials.authorize(httplib2.Http(proxy_info=proxy_info)) ++ conn = googleapiclient.discovery.build( ++ 'compute', 'v1', http=http, cache_discovery=False) ++ else: ++ conn = googleapiclient.discovery.build( ++ 'compute', 'v1', credentials=credentials, cache_discovery=False) + except Exception as err: + fail_usage("Failed: Create GCE compute v1 connection: {}".format(str(err))) + diff --git a/bz1969953-fence_gce-2-bundled.patch b/bz1969953-fence_gce-2-bundled.patch new file mode 100644 index 0000000..5d857e7 --- /dev/null +++ b/bz1969953-fence_gce-2-bundled.patch @@ -0,0 +1,10 @@ +--- a/agents/gce/fence_gce.py 2021-09-07 11:39:36.718667514 +0200 ++++ b/agents/gce/fence_gce.py 2021-09-07 11:39:30.423648309 +0200 +@@ -17,6 +17,7 @@ + + from fencing import fail_usage, run_delay, all_opt, atexit_handler, check_input, process_input, show_docs, fence_action + try: ++ sys.path.insert(0, '/usr/lib/fence-agents/bundled/google') + import googleapiclient.discovery + try: + from google.oauth2.credentials import Credentials as GoogleCredentials diff --git a/bz1969953-fence_gce-3-fix-httplib2-import.patch b/bz1969953-fence_gce-3-fix-httplib2-import.patch new file mode 100644 index 0000000..a915239 --- /dev/null +++ b/bz1969953-fence_gce-3-fix-httplib2-import.patch @@ -0,0 +1,18 @@ +--- a/agents/gce/fence_gce.py 2021-10-19 10:29:17.000000000 +0000 ++++ b/agents/gce/fence_gce.py 2021-10-26 15:26:11.348781027 +0000 +@@ -1,7 +1,6 @@ + #!@PYTHON@ -tt + + import atexit +-import httplib2 + import logging + import os + import sys +@@ -19,6 +18,7 @@ + from fencing import fail_usage, run_delay, all_opt, atexit_handler, check_input, process_input, show_docs, fence_action + try: + sys.path.insert(0, '/usr/lib/fence-agents/bundled/google') ++ import httplib2 + import googleapiclient.discovery + import socks + try: diff --git a/bz1971683-fence_sbd-dont-spam-logs-disable-timeout.patch b/bz1971683-fence_sbd-dont-spam-logs-disable-timeout.patch new file mode 100644 index 0000000..393ca78 --- /dev/null +++ b/bz1971683-fence_sbd-dont-spam-logs-disable-timeout.patch @@ -0,0 +1,23 @@ +From b220f963934f69044a39109fa065a95cd0972183 Mon Sep 17 00:00:00 2001 +From: Hideo Yamauchi +Date: Fri, 2 Jul 2021 09:09:49 +0900 +Subject: [PATCH] Mid: fence_sbd: A warning message is output when + disable-timeout is enabled. + +--- + agents/sbd/fence_sbd.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/agents/sbd/fence_sbd.py b/agents/sbd/fence_sbd.py +index 3ae8df6e3..0c876b16e 100644 +--- a/agents/sbd/fence_sbd.py ++++ b/agents/sbd/fence_sbd.py +@@ -398,7 +398,7 @@ def main(): + # then that defined within sbd we should report this. + power_timeout = int(options["--power-timeout"]) + sbd_msg_timeout = get_msg_timeout(options) +- if power_timeout <= sbd_msg_timeout: ++ if 0 < power_timeout <= sbd_msg_timeout: + logging.warn("power timeout needs to be \ + greater then sbd message timeout") + diff --git a/bz1977588-1-fencing-add-EC_FETCH_VM_UUID.patch b/bz1977588-1-fencing-add-EC_FETCH_VM_UUID.patch new file mode 100644 index 0000000..e598bdf --- /dev/null +++ b/bz1977588-1-fencing-add-EC_FETCH_VM_UUID.patch @@ -0,0 +1,22 @@ +diff --color -uNr a/lib/fencing.py.py b/lib/fencing.py.py +--- a/lib/fencing.py.py 2021-11-01 10:14:04.045398051 +0100 ++++ b/lib/fencing.py.py 2021-11-01 10:24:47.111235305 +0100 +@@ -29,6 +29,7 @@ + EC_STATUS_HMC = 9 + EC_PASSWORD_MISSING = 10 + EC_INVALID_PRIVILEGES = 11 ++EC_FETCH_VM_UUID = 12 + + LOG_FORMAT = "%(asctime)-15s %(levelname)s: %(message)s" + +@@ -574,7 +575,9 @@ + EC_STATUS_HMC : "Failed: Either unable to obtain correct plug status, " + "partition is not available or incorrect HMC version used", + EC_PASSWORD_MISSING : "Failed: You have to set login password", +- EC_INVALID_PRIVILEGES : "Failed: The user does not have the correct privileges to do the requested action." ++ EC_INVALID_PRIVILEGES : "Failed: The user does not have the correct privileges to do the requested action.", ++ EC_FETCH_VM_UUID : "Failed: Can not find VM UUID by its VM name given in the parameter." ++ + }[error_code] + "\n" + logging.error("%s\n", message) + if stop: diff --git a/bz1977588-2-fence_kubevirt.patch b/bz1977588-2-fence_kubevirt.patch new file mode 100644 index 0000000..9ac8927 --- /dev/null +++ b/bz1977588-2-fence_kubevirt.patch @@ -0,0 +1,144 @@ +diff --color -uNr a/agents/kubevirt/fence_kubevirt.py b/agents/kubevirt/fence_kubevirt.py +--- a/agents/kubevirt/fence_kubevirt.py 1970-01-01 01:00:00.000000000 +0100 ++++ b/agents/kubevirt/fence_kubevirt.py 2021-10-25 13:25:59.904501348 +0200 +@@ -0,0 +1,140 @@ ++#!@PYTHON@ -tt ++ ++import sys ++import logging ++sys.path.append("@FENCEAGENTSLIBDIR@") ++from fencing import * ++from fencing import fail, fail_usage, run_delay, EC_STATUS ++ ++try: ++ sys.path.insert(0, '/usr/lib/fence-agents/bundled/kubevirt') ++ from kubernetes.client.exceptions import ApiException ++except ImportError: ++ logging.error("Couldn\'t import kubernetes.client.exceptions.ApiException - not found or not accessible") ++ ++def get_nodes_list(conn, options): ++ logging.debug("Starting list/monitor operation") ++ result = {} ++ try: ++ apiversion = options.get("--apiversion") ++ namespace = options.get("--namespace") ++ include_uninitialized = True ++ vm_api = conn.resources.get(api_version=apiversion, kind='VirtualMachine') ++ vm_list = vm_api.get(namespace=namespace) ++ for vm in vm_list.items: ++ result[vm.metadata.name] = ("", None) ++ except Exception as e: ++ logging.error("Exception when calling VirtualMachine list: %s", e) ++ return result ++ ++def get_power_status(conn, options): ++ logging.debug("Starting get status operation") ++ try: ++ apiversion = options.get("--apiversion") ++ namespace = options.get("--namespace") ++ name = options.get("--plug") ++ vmi_api = conn.resources.get(api_version=apiversion, ++ kind='VirtualMachineInstance') ++ vmi = vmi_api.get(name=name, namespace=namespace) ++ if vmi is not None: ++ phase = vmi.status.phase ++ if phase == "Running": ++ return "on" ++ return "off" ++ except ApiException as e: ++ if e.status == 404: ++ return "off" ++ logging.error("Failed to get power status, with API Exception: %s", e) ++ fail(EC_STATUS) ++ except Exception as e: ++ logging.error("Failed to get power status, with Exception: %s", e) ++ fail(EC_STATUS) ++ ++def set_power_status(conn, options): ++ logging.debug("Starting set status operation") ++ try: ++ apiversion= options.get("--apiversion") ++ namespace = options.get("--namespace") ++ name = options.get("--plug") ++ action = 'start' if options["--action"] == "on" else 'stop' ++ virtctl_vm_action(conn, action, namespace, name, apiversion) ++ except Exception as e: ++ logging.error("Failed to set power status, with Exception: %s", e) ++ fail(EC_STATUS) ++ ++def define_new_opts(): ++ all_opt["namespace"] = { ++ "getopt" : ":", ++ "longopt" : "namespace", ++ "help" : "--namespace=[namespace] Namespace of the KubeVirt machine", ++ "shortdesc" : "Namespace of the KubeVirt machine.", ++ "required" : "1", ++ "order" : 2 ++ } ++ all_opt["kubeconfig"] = { ++ "getopt" : ":", ++ "longopt" : "kubeconfig", ++ "help" : "--kubeconfig=[kubeconfig] Kubeconfig file path", ++ "shortdesc": "Kubeconfig file path", ++ "required": "0", ++ "order": 4 ++ } ++ all_opt["apiversion"] = { ++ "getopt" : ":", ++ "longopt" : "apiversion", ++ "help" : "--apiversion=[apiversion] Version of the KubeVirt API", ++ "shortdesc" : "Version of the KubeVirt API.", ++ "required" : "0", ++ "default" : "kubevirt.io/v1", ++ "order" : 5 ++ } ++ ++def virtctl_vm_action(conn, action, namespace, name, apiversion): ++ path = '/apis/subresources.{api_version}/namespaces/{namespace}/virtualmachines/{name}/{action}' ++ path = path.format(api_version=apiversion, namespace=namespace, name=name, action=action) ++ return conn.request('put', path, header_params={'accept': '*/*'}) ++ ++def validate_options(required_options_list, options): ++ for required_option in required_options_list: ++ if required_option not in options: ++ fail_usage("Failed: %s option must be provided" % required_option) ++ ++# Main agent method ++def main(): ++ conn = None ++ ++ device_opt = ["port", "namespace", "kubeconfig", "ssl_insecure", "no_password", "apiversion"] ++ define_new_opts() ++ options = check_input(device_opt, process_input(device_opt)) ++ ++ docs = {} ++ docs["shortdesc"] = "Fence agent for KubeVirt" ++ docs["longdesc"] = "fence_kubevirt is an I/O Fencing agent for KubeVirt." ++ docs["vendorurl"] = "https://kubevirt.io/" ++ show_docs(options, docs) ++ ++ run_delay(options) ++ ++ validate_options(['--namespace'], options) ++ ++ # Disable insecure-certificate-warning message ++ if "--ssl-insecure" in options: ++ import urllib3 ++ urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) ++ ++ try: ++ from kubernetes import config ++ from openshift.dynamic import DynamicClient ++ kubeconfig = options.get('--kubeconfig') ++ k8s_client = config.new_client_from_config(config_file=kubeconfig) ++ conn = DynamicClient(k8s_client) ++ except ImportError: ++ logging.error("Couldn\'t import kubernetes.config or " ++ "openshift.dynamic.DynamicClient - not found or not accessible") ++ ++ # Operate the fencing device ++ result = fence_action(conn, options, set_power_status, get_power_status, get_nodes_list) ++ sys.exit(result) ++ ++if __name__ == "__main__": ++ main() diff --git a/bz1977588-3-fence_kubevirt-fix-status.patch b/bz1977588-3-fence_kubevirt-fix-status.patch new file mode 100644 index 0000000..fb62dd2 --- /dev/null +++ b/bz1977588-3-fence_kubevirt-fix-status.patch @@ -0,0 +1,55 @@ +From c23bfc3b9fc6e1dc7b1350e340171f3827fb6fb7 Mon Sep 17 00:00:00 2001 +From: Nir Argaman +Date: Mon, 1 Nov 2021 08:34:00 +0200 +Subject: [PATCH] fence_kubevirt: Fix kubevirt VM status + +--- + agents/kubevirt/fence_kubevirt.py | 19 +++++++++++++------ + 1 file changed, 13 insertions(+), 6 deletions(-) + +diff --git a/agents/kubevirt/fence_kubevirt.py b/agents/kubevirt/fence_kubevirt.py +index 70c14d89a..61ffcaa09 100755 +--- a/agents/kubevirt/fence_kubevirt.py ++++ b/agents/kubevirt/fence_kubevirt.py +@@ -4,7 +4,7 @@ + import logging + sys.path.append("@FENCEAGENTSLIBDIR@") + from fencing import * +-from fencing import fail, fail_usage, run_delay, EC_STATUS ++from fencing import fail, fail_usage, run_delay, EC_STATUS, EC_FETCH_VM_UUID + + try: + from kubernetes.client.exceptions import ApiException +@@ -35,13 +35,15 @@ def get_power_status(conn, options): + vmi_api = conn.resources.get(api_version=apiversion, + kind='VirtualMachineInstance') + vmi = vmi_api.get(name=name, namespace=namespace) +- if vmi is not None: +- phase = vmi.status.phase +- if phase == "Running": +- return "on" +- return "off" ++ return translate_status(vmi.status.phase) + except ApiException as e: + if e.status == 404: ++ try: ++ vm_api = conn.resources.get(api_version=apiversion, kind='VirtualMachine') ++ vm = vm_api.get(name=name, namespace=namespace) ++ except ApiException as e: ++ logging.error("VM %s doesn't exist", name) ++ fail(EC_FETCH_VM_UUID) + return "off" + logging.error("Failed to get power status, with API Exception: %s", e) + fail(EC_STATUS) +@@ -49,6 +51,11 @@ def get_power_status(conn, options): + logging.error("Failed to get power status, with Exception: %s", e) + fail(EC_STATUS) + ++def translate_status(instance_status): ++ if instance_status == "Running": ++ return "on" ++ return "unknown" ++ + def set_power_status(conn, options): + logging.debug("Starting set status operation") + try: diff --git a/bz1977588-4-fence_kubevirt-power-timeout-40s.patch b/bz1977588-4-fence_kubevirt-power-timeout-40s.patch new file mode 100644 index 0000000..684a46c --- /dev/null +++ b/bz1977588-4-fence_kubevirt-power-timeout-40s.patch @@ -0,0 +1,35 @@ +From a3d8ce78ed5687954847560f77daafe6474de33f Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Tue, 2 Nov 2021 09:44:33 +0100 +Subject: [PATCH] fence_kubevirt: set default power-timeout to 40s + +--- + agents/kubevirt/fence_kubevirt.py | 6 ++++++ + tests/data/metadata/fence_kubevirt.xml | 2 +- + 2 files changed, 7 insertions(+), 1 deletion(-) + +diff --git a/agents/kubevirt/fence_kubevirt.py b/agents/kubevirt/fence_kubevirt.py +index 61ffcaa09..8392b75a0 100755 +--- a/agents/kubevirt/fence_kubevirt.py ++++ b/agents/kubevirt/fence_kubevirt.py +@@ -2,6 +2,7 @@ + + import sys + import logging ++import atexit + sys.path.append("@FENCEAGENTSLIBDIR@") + from fencing import * + from fencing import fail, fail_usage, run_delay, EC_STATUS, EC_FETCH_VM_UUID +@@ -110,7 +111,12 @@ def main(): + conn = None + + device_opt = ["port", "namespace", "kubeconfig", "ssl_insecure", "no_password", "apiversion"] ++ ++ atexit.register(atexit_handler) + define_new_opts() ++ ++ all_opt["power_timeout"]["default"] = "40" ++ + options = check_input(device_opt, process_input(device_opt)) + + docs = {} diff --git a/bz1977588-5-fence_kubevirt-get-namespace-from-context.patch b/bz1977588-5-fence_kubevirt-get-namespace-from-context.patch new file mode 100644 index 0000000..aa394e0 --- /dev/null +++ b/bz1977588-5-fence_kubevirt-get-namespace-from-context.patch @@ -0,0 +1,88 @@ +From 647841dea9d93922779a4aa7d0b5f52f5bc2b4e9 Mon Sep 17 00:00:00 2001 +From: Dan Kenigsberg +Date: Thu, 13 Jan 2022 14:57:26 +0200 +Subject: [PATCH] fence_kubevirt: take default namespace from context + +If --namespace is not provided to kubectl, a default one is taken from +kubeconfig context. Let fence_kubevirt behave similarly. + +Signed-off-by: Dan Kenigsberg +--- + agents/kubevirt/fence_kubevirt.py | 24 +++++++++++++----------- + 2 files changed, 14 insertions(+), 12 deletions(-) + +diff --git a/agents/kubevirt/fence_kubevirt.py b/agents/kubevirt/fence_kubevirt.py +index 8392b75a0..8c27a0334 100755 +--- a/agents/kubevirt/fence_kubevirt.py ++++ b/agents/kubevirt/fence_kubevirt.py +@@ -12,12 +12,21 @@ + except ImportError: + logging.error("Couldn\'t import kubernetes.client.exceptions.ApiException - not found or not accessible") + ++def _get_namespace(options): ++ from kubernetes import config ++ ++ ns = options.get("--namespace") ++ if ns is None: ++ ns = config.kube_config.list_kube_config_contexts()[1]['context']['namespace'] ++ ++ return ns ++ + def get_nodes_list(conn, options): + logging.debug("Starting list/monitor operation") + result = {} + try: + apiversion = options.get("--apiversion") +- namespace = options.get("--namespace") ++ namespace = _get_namespace(options) + include_uninitialized = True + vm_api = conn.resources.get(api_version=apiversion, kind='VirtualMachine') + vm_list = vm_api.get(namespace=namespace) +@@ -31,7 +40,7 @@ def get_power_status(conn, options): + logging.debug("Starting get status operation") + try: + apiversion = options.get("--apiversion") +- namespace = options.get("--namespace") ++ namespace = _get_namespace(options) + name = options.get("--plug") + vmi_api = conn.resources.get(api_version=apiversion, + kind='VirtualMachineInstance') +@@ -61,7 +70,7 @@ def set_power_status(conn, options): + logging.debug("Starting set status operation") + try: + apiversion= options.get("--apiversion") +- namespace = options.get("--namespace") ++ namespace = _get_namespace(options) + name = options.get("--plug") + action = 'start' if options["--action"] == "on" else 'stop' + virtctl_vm_action(conn, action, namespace, name, apiversion) +@@ -75,7 +84,7 @@ def define_new_opts(): + "longopt" : "namespace", + "help" : "--namespace=[namespace] Namespace of the KubeVirt machine", + "shortdesc" : "Namespace of the KubeVirt machine.", +- "required" : "1", ++ "required" : "0", + "order" : 2 + } + all_opt["kubeconfig"] = { +@@ -101,11 +110,6 @@ def virtctl_vm_action(conn, action, namespace, name, apiversion): + path = path.format(api_version=apiversion, namespace=namespace, name=name, action=action) + return conn.request('put', path, header_params={'accept': '*/*'}) + +-def validate_options(required_options_list, options): +- for required_option in required_options_list: +- if required_option not in options: +- fail_usage("Failed: %s option must be provided" % required_option) +- + # Main agent method + def main(): + conn = None +@@ -127,8 +131,6 @@ def main(): + + run_delay(options) + +- validate_options(['--namespace'], options) +- + # Disable insecure-certificate-warning message + if "--ssl-insecure" in options: + import urllib3 diff --git a/bz2010710-1-fence_amt_ws-fix-or-dead-code.patch b/bz2010710-1-fence_amt_ws-fix-or-dead-code.patch new file mode 100644 index 0000000..bdbeab0 --- /dev/null +++ b/bz2010710-1-fence_amt_ws-fix-or-dead-code.patch @@ -0,0 +1,22 @@ +From 06855a8227fa91f6216119daa3d32d5858c62837 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Mon, 27 Sep 2021 12:05:41 +0200 +Subject: [PATCH] fence_amt_ws: fix "or" causing dead code + +--- + agents/amt_ws/fence_amt_ws.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/agents/amt_ws/fence_amt_ws.py b/agents/amt_ws/fence_amt_ws.py +index 23c8a61a4..122cec309 100755 +--- a/agents/amt_ws/fence_amt_ws.py ++++ b/agents/amt_ws/fence_amt_ws.py +@@ -148,7 +148,7 @@ def set_boot_order(_, client, options): + + if options["--boot-option"] == "pxe": + device = "Intel(r) AMT: Force PXE Boot" +- elif options["--boot-option"] == "hd" or "hdsafe": ++ elif options["--boot-option"] in ["hd", "hdsafe"]: + device = "Intel(r) AMT: Force Hard-drive Boot" + elif options["--boot-option"] == "cd": + device = "Intel(r) AMT: Force CD/DVD Boot" diff --git a/bz2010710-2-fence_amt_ws-boot-option.patch b/bz2010710-2-fence_amt_ws-boot-option.patch new file mode 100644 index 0000000..dd37fef --- /dev/null +++ b/bz2010710-2-fence_amt_ws-boot-option.patch @@ -0,0 +1,32 @@ +From 9812473270e9a404c632358c1debfa4a1fb440fe Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Wed, 20 Oct 2021 15:46:42 +0200 +Subject: [PATCH] fence_amt_ws: fix --boot-option (choices are uppercased while + getting parsed) + +--- + agents/amt_ws/fence_amt_ws.py | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/agents/amt_ws/fence_amt_ws.py b/agents/amt_ws/fence_amt_ws.py +index 122cec309..5e7452a97 100755 +--- a/agents/amt_ws/fence_amt_ws.py ++++ b/agents/amt_ws/fence_amt_ws.py +@@ -146,13 +146,13 @@ def set_boot_order(_, client, options): + wsman = 'http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd' + namespace = CIM_BootConfigSetting + +- if options["--boot-option"] == "pxe": ++ if options["--boot-option"] == "PXE": + device = "Intel(r) AMT: Force PXE Boot" +- elif options["--boot-option"] in ["hd", "hdsafe"]: ++ elif options["--boot-option"] in ["HD", "HDSAFE"]: + device = "Intel(r) AMT: Force Hard-drive Boot" +- elif options["--boot-option"] == "cd": ++ elif options["--boot-option"] == "CD": + device = "Intel(r) AMT: Force CD/DVD Boot" +- elif options["--boot-option"] == "diag": ++ elif options["--boot-option"] == "DIAG": + device = "Intel(r) AMT: Force Diagnostic Boot" + else: + logging.error('Boot device: %s not supported.', \ diff --git a/bz2048857-fence_aws-botocore-bundled.patch b/bz2048857-fence_aws-botocore-bundled.patch new file mode 100644 index 0000000..7e31da1 --- /dev/null +++ b/bz2048857-fence_aws-botocore-bundled.patch @@ -0,0 +1,11 @@ +--- a/agents/aws/fence_aws.py 2022-02-09 10:51:19.579385154 +0100 ++++ b/agents/aws/fence_aws.py 2022-02-09 10:51:47.148478185 +0100 +@@ -7,6 +7,8 @@ + from fencing import * + from fencing import fail, fail_usage, run_delay, EC_STATUS, SyslogLibHandler + ++sys.path.insert(0, '/usr/lib/fence-agents/bundled/aws') ++ + import requests + import boto3 + from requests import HTTPError diff --git a/fence-agents.spec b/fence-agents.spec new file mode 100644 index 0000000..576566a --- /dev/null +++ b/fence-agents.spec @@ -0,0 +1,1850 @@ +# Copyright 2004-2011 Red Hat, Inc. +# This copyrighted material is made available to anyone wishing to use, +# modify, copy, or redistribute it subject to the terms and conditions +# of the GNU General Public License v.2. + +# keep around ready for later user +## global alphatag git0a6184070 + +# bundles +%global bundled_lib_dir bundled +# alibaba +# python-pycryptodome bundle +%global pycryptodome pycryptodome +%global pycryptodome_version 3.6.4 +%global pycryptodome_dir %{bundled_lib_dir}/aliyun/%{pycryptodome} +# python-aliyun-sdk-core bundle +%global aliyunsdkcore aliyun-python-sdk-core +%global aliyunsdkcore_version 2.13.1 +%global aliyunsdkcore_dir %{bundled_lib_dir}/aliyun/%{aliyunsdkcore} +# python-aliyun-sdk-ecs bundle +%global aliyunsdkecs aliyun-python-sdk-ecs +%global aliyunsdkecs_version 4.9.3 +%global aliyunsdkecs_dir %{bundled_lib_dir}/aliyun/%{aliyunsdkecs} +# python-aliyun-sdk-vpc bundle +%global aliyunsdkvpc aliyun-python-sdk-vpc +%global aliyunsdkvpc_version 3.0.2 +%global aliyunsdkvpc_dir %{bundled_lib_dir}/aliyun/%{aliyunsdkvpc} +# aws +%global botocore botocore +%global botocore_version 1.23.46 +%global chardet chardet +%global chardet_version 4.0.0 +## for pip install only +%global jmespath jmespath +%global jmespath_version 0.10.0 +# google cloud +%global httplib2 httplib2 +%global httplib2_version 0.19.1 +# kubevirt +%global openshift openshift +%global openshift_version 0.12.1 +%global ruamelyamlclib ruamel.yaml.clib +%global ruamelyamlclib_version 0.2.6 +%global kubernetes kubernetes +%global kubernetes_version 12.0.1 +%global certifi certifi +%global certifi_version 2021.10.8 +%global googleauth google-auth +%global googleauth_version 2.3.0 +%global cachetools cachetools +%global cachetools_version 4.2.4 +%global pyasn1modules pyasn1-modules +%global pyasn1modules_version 0.2.8 +%global pyasn1 pyasn1 +%global pyasn1_version 0.4.8 +%global dateutil dateutil +%global dateutil_version 2.8.2 +%global pyyaml PyYAML +%global pyyaml_version 6.0 +%global six six +%global six_version 1.16.0 +%global urllib3 urllib3 +%global urllib3_version 1.26.7 +%global websocketclient websocket-client +%global websocketclient_version 1.2.1 +%global jinja2 Jinja2 +%global jinja2_version 3.0.2 +%global markupsafe MarkupSafe +%global markupsafe_version 2.0.1 +%global stringutils string-utils +%global stringutils_version 1.0.0 +%global requests requests +%global requests_version 2.26.0 +%global chrstnormalizer charset-normalizer +%global chrstnormalizer_version 2.0.7 +%global idna idna +%global idna_version 3.3 +%global reqstsoauthlib requests-oauthlib +%global reqstsoauthlib_version 1.3.0 +%global oauthlib oauthlib +%global oauthlib_version 3.1.1 +%global ruamelyaml ruamel.yaml +%global ruamelyaml_version 0.17.16 +%global setuptools setuptools +%global setuptools_version 58.3.0 + +Name: fence-agents +Summary: Set of unified programs capable of host isolation ("fencing") +Version: 4.2.1 +Release: 89%{?alphatag:.%{alphatag}}%{?dist} +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +URL: https://github.com/ClusterLabs/fence-agents +Source0: https://fedorahosted.org/releases/f/e/fence-agents/%{name}-%{version}.tar.gz +# aliyun +Source1: %{pycryptodome}-%{pycryptodome_version}.tar.gz +Source2: %{aliyunsdkcore}-%{aliyunsdkcore_version}.tar.gz +Source3: %{aliyunsdkecs}-%{aliyunsdkecs_version}.tar.gz +Source4: %{aliyunsdkvpc}-%{aliyunsdkvpc_version}.tar.gz +# google cloud +Source5: %{httplib2}-%{httplib2_version}-py3-none-any.whl +Source6: pyparsing-2.4.7-py2.py3-none-any.whl +# aws +Source7: %{botocore}-%{botocore_version}.tar.gz +Source8: %{jmespath}-%{jmespath_version}.tar.gz +Source9: %{chardet}-%{chardet_version}.tar.gz +# kubevirt +## pip download --no-binary :all: openshift "ruamel.yaml.clib>=0.1.2" +### BEGIN +Source10: %{openshift}-%{openshift_version}.tar.gz +Source11: %{ruamelyamlclib}-%{ruamelyamlclib_version}.tar.gz +Source12: %{kubernetes}-%{kubernetes_version}.tar.gz +Source13: %{certifi}-%{certifi_version}.tar.gz +Source14: %{googleauth}-%{googleauth_version}.tar.gz +Source15: %{cachetools}-%{cachetools_version}.tar.gz +Source16: %{pyasn1modules}-%{pyasn1modules_version}.tar.gz +Source17: %{pyasn1}-%{pyasn1_version}.tar.gz +Source18: python-%{dateutil}-%{dateutil_version}.tar.gz +Source19: %{pyyaml}-%{pyyaml_version}.tar.gz +## rsa is dependency for "pip install", +## but gets removed to use cryptography lib instead +Source20: rsa-4.7.2.tar.gz +Source21: %{six}-%{six_version}.tar.gz +Source22: %{urllib3}-%{urllib3_version}.tar.gz +Source23: %{websocketclient}-%{websocketclient_version}.tar.gz +Source24: %{jinja2}-%{jinja2_version}.tar.gz +Source25: %{markupsafe}-%{markupsafe_version}.tar.gz +Source26: python-%{stringutils}-%{stringutils_version}.tar.gz +Source27: %{requests}-%{requests_version}.tar.gz +Source28: %{chrstnormalizer}-%{chrstnormalizer_version}.tar.gz +Source29: %{idna}-%{idna_version}.tar.gz +Source30: %{reqstsoauthlib}-%{reqstsoauthlib_version}.tar.gz +Source31: %{oauthlib}-%{oauthlib_version}.tar.gz +Source32: %{ruamelyaml}-%{ruamelyaml_version}.tar.gz +Source33: %{setuptools}-%{setuptools_version}.tar.gz +## required for installation +Source34: setuptools_scm-6.3.2.tar.gz +Source35: packaging-21.2-py3-none-any.whl +Source36: pyparsing-3.0.1.tar.gz +Source37: tomli-1.0.1.tar.gz +### END + +Patch0: fence_impilan-fence_ilo_ssh-add-ilo5-support.patch +Patch1: fence_mpath-watchdog-support.patch +Patch2: fence_ilo3-fence_ipmilan-show-correct-default-method.patch +Patch3: fence_evacuate-fix-evacuable-tag-mix-issue.patch +Patch4: fence_compute-fence_evacuate-fix-compute-domain.patch +Patch5: fence_gce-1-stackdriver-logging-default-method-cycle.patch +Patch6: fence_gce-2-filter-aggregatedlist.patch +Patch7: fence_aliyun-1.patch +Patch8: fence_aliyun-2.patch +Patch9: fence_aliyun-3-logging.patch +Patch10: fence_aliyun-4-bundled.patch +Patch11: python3-has_key-fixes.patch +Patch12: fence_kdump-fix-strncpy-issue.patch +Patch13: fix-version.patch +Patch14: fence_gce-3-stackdriver-logging-note.patch +Patch15: fence_aliyun-5-list-instance-names.patch +Patch16: fence_aliyun-6-correct-help-indentation.patch +Patch17: fence_cisco_ucs-encode-POSTFIELDS.patch +Patch18: bz1654968-fence_scsi-fix-incorrect-SCSI-key-node-ID-10-or-higher.patch +Patch19: bz1654976-1-fence_scsi-watchdog-retry-support.patch +Patch20: bz1654976-2-build-fix-check_used_options.patch +Patch21: bz1654616-fence_hpblade-fix-log_expect_syntax.patch +Patch22: bz1654973-fence_vmware_soap-cleanup-sigterm.patch +Patch23: bz1650214-fence_azure_arm-bundled.patch +Patch24: bz1666914-1-fence_redfish.patch +Patch25: bz1666914-2-fence_redfish-fail-invalid-cert.patch +Patch26: bz1677327-1-fence_redfish-use-ipport-parameter.patch +Patch27: bz1677327-2-fence_redfish-ip-parameter-backward-compatibility.patch +Patch28: bz1696584-fence_gce-fix-python3-encoding-issue.patch +Patch29: bz1709926-fence_mpath-fix-watchdog-hardreboot.patch +Patch30: bz1709780-fence_rhevm-RHEV-v4-API-support.patch +Patch31: bz1712263-fence_rhevm-1-use-UTF8-encoding.patch +Patch32: bz1712263-fence_rhevm-2-fix-debug-encoding-issues.patch +Patch33: bz1700546-fence_azure_arm-skip_shutdown.patch +Patch34: bz1704228-fence_redfish-full-redfish-spec-compliance.patch +Patch35: bz1714458-fence_scsi-node-id-new-format.patch +Patch36: bz1720198-fence_scsi-watchdog-fix-retry-failing-on-first-try.patch +Patch37: bz1732773-fence_vmware_rest-fix-keyerror-suspended-vms.patch +Patch38: bz1748443-fence_zvmip-python3-fixes.patch +Patch39: bz1732766-fence_aliyun-1-add-RAM-role.patch +Patch40: bz1732766-fence_aliyun-2-import-EcsRamRoleCredential.patch +Patch41: bz1734811-fence_iloX_ssh-monitor-timeout-warning.patch +Patch42: bz1751704-fence_mpath-fix-watchdog-trigger-multipath-disconnect.patch +Patch43: bz1760213-fence_compute-disable-service-after-force-down.patch +Patch44: bz1760201-fence_compute-fence_evacuate-1-fix-region_name-type.patch +Patch45: bz1760224-fence_vmware_rest-improve-logging.patch +Patch46: bz1760201-fence_compute-fence_evacuate-2-fix-project-shortopt.patch +Patch47: bz1769783-fencing-improve-stdin-quote-parsing.patch +Patch48: bz1763674-fence_rhevm-add-cookie-support.patch +Patch49: bz1773890-fence_scsi-add-hash-key-value-support.patch +Patch50: bz1774458-fence_sbd-stderr-support.patch +Patch51: bz1771594-1-fencing-inetX_only-SSH-fence_zvmip.patch +Patch52: bz1771594-2-fence_redfish-fence_vmware_soap-suppress-warning.patch +Patch53: bz1781357-fence_aws-improve-logging-and-metadata-usage-text.patch +Patch54: bz1753228-fence_mpath-1-add-plug-parameter-support.patch +Patch55: bz1753228-fence_mpath-2-fix-plug-parameter-issues.patch +Patch56: bz1798641-fence_mpath-fix-reserve-parameter-typo.patch +Patch57: bz1810457-fence_aws-improve-parameter-logic.patch +Patch58: bz1816203-fence_aws-1-fix-race-condition.patch +Patch59: bz1816203-fence_aws-2-fix-python3-encoding.patch +Patch60: bz1827559-fence_vmware_rest-improve-exception-handling.patch +Patch61: bz1827652-fence_vmware_rest-1-add-filter-parameter.patch +Patch62: bz1827652-fence_vmware_rest-2-fix-1000-VM-monitor-error.patch +Patch63: bz1830776-fence_compute-fence_evacuate-fix-insecure-parameter.patch +Patch64: bz1750596-fence_scsi-add-readonly-parameter.patch +Patch65: bz1793739-fence_vmware_rest-1-fix-encoding.patch +Patch66: bz1793739-fence_vmware_rest-2-support-utf-8-vm-names.patch +Patch67: bz1839776-fence_aws-catch-connectionerror.patch +Patch68: bz1796654-fence_vmware_soap-log-exception-message-for-SSLError.patch +Patch69: bz1793739-fence_vmware_rest-3-fix-encode-issue.patch +Patch70: bz1860544-fence_lpar-fix-long-user-host-issue.patch +Patch71: bz1859932-fence_evacuate-support-private-flavors.patch +Patch72: bz1818157-fence_azure_arm-fix-MSI-support.patch +Patch73: bz1851115-fence_mpath-support-comma-and-space-separated-devices.patch +Patch74: bz1853973-fence_ipmilan-allow-increasing-ipmitool-verbosity.patch +Patch75: bz1861926-fence_lpar-fix-list-status-action.patch +Patch76: bz1470813-fencing-1-disable-timeout.patch +Patch77: bz1470813-fencing-2-fix-power-timeout.patch +Patch78: bz1470813-fencing-3-make-timeout-0-mean-forever.patch +Patch79: bz1470813-fencing-4-make-timeout-0-mean-forever.patch +Patch80: bz1841087-fence_scsi-dont-write-key-device-to-file.patch +Patch81: bz1896827-fence_aws-add-imdsv2-support.patch +Patch82: bz1914313-fence_zvmip-fix-disable-timeout.patch +Patch83: bz1906978-fence_gce-default-to-onoff.patch +Patch84: bz1925015-fence_ipmilan-add-fence_ipmilanplus.patch +Patch85: bz1920947-fence_redfish-1-add-diag-action.patch +Patch86: bz1941989-fence_aws-add-filter-parameter.patch +Patch87: bz1780825-fencing-1-add-stonith_status_sleep.patch +Patch88: bz1780825-fencing-2-metadata-fix-long-parameters.patch +Patch89: bz1942363-fence_gce-default-to-cycle.patch +Patch90: bz1920947-fence_redfish-2-add-diag-action-logic.patch +Patch91: bz1920947-fence_redfish-3-fix-typo.patch +Patch92: bz1922437-fence_mpath-watchdog-retry-support.patch +Patch93: bz1685814-fence_gce-add-serviceaccount-file-support.patch +Patch94: bz1728203-bz1874862-fence_ibm_vpc-fence_ibm_powervs.patch +Patch95: bz1969953-fence_gce-1-add-proxy-support.patch +Patch96: bz1969953-fence_gce-2-bundled.patch +Patch97: bz1470827-all-agents-log-exceptions-fail.patch +Patch98: bz2010710-1-fence_amt_ws-fix-or-dead-code.patch +Patch99: bz2010710-2-fence_amt_ws-boot-option.patch +Patch100: bz1969953-fence_gce-3-fix-httplib2-import.patch +Patch101: bz1971683-fence_sbd-dont-spam-logs-disable-timeout.patch +Patch102: bz1977588-1-fencing-add-EC_FETCH_VM_UUID.patch +Patch103: bz1977588-2-fence_kubevirt.patch +Patch104: bz1977588-3-fence_kubevirt-fix-status.patch +Patch105: bz1977588-4-fence_kubevirt-power-timeout-40s.patch +Patch106: bz1963163-fence_zvmip-add-ssl-tls-support.patch +Patch107: bz1977588-5-fence_kubevirt-get-namespace-from-context.patch +Patch108: bz2048857-fence_aws-botocore-bundled.patch + +%if 0%{?fedora} || 0%{?rhel} > 7 +%global supportedagents amt_ws apc apc_snmp bladecenter brocade cisco_mds cisco_ucs compute drac5 eaton_snmp emerson eps evacuate hds_cb hpblade ibmblade ibm_powervs ibm_vpc ifmib ilo ilo_moonshot ilo_mp ilo_ssh intelmodular ipdu ipmilan kdump kubevirt lpar mpath redfish rhevm rsa rsb sbd scsi vmware_rest vmware_soap wti +%ifarch x86_64 +%global testagents virsh heuristics_ping aliyun aws azure_arm gce +%endif +%ifarch ppc64le +%global testagents virsh heuristics_ping +%endif +%ifarch s390x +%global testagents virsh zvm heuristics_ping +%endif +%ifnarch x86_64 ppc64le s390x +%global testagents virsh heuristics_ping +%endif + +%global allfenceagents %(cat < /dev/null 2>&1 ||: + +%description +A collection of executables to handle isolation ("fencing") of possibly +misbehaving hosts by the means of remote power management, blocking +network, storage, or similar. They operate through a unified interface +(calling conventions) devised for the original Red Hat clustering solution. + +%package common +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Common base for Fence Agents +Requires: python3-pexpect python3-pycurl +BuildArch: noarch +%description common +A collection of executables to handle isolation ("fencing") of possibly +misbehaving hosts by the means of remote power management, blocking +network, storage, or similar. + +This package contains support files including the Python fencing library. +%files common +%doc doc/COPYING.* doc/COPYRIGHT doc/README.licence +%{_datadir}/fence +%exclude %{_datadir}/fence/azure_fence.* +%exclude %{_datadir}/fence/__pycache__/azure_fence.* +%exclude %{_datadir}/fence/XenAPI.* +%exclude %{_datadir}/fence/__pycache__/XenAPI.* +%{_datadir}/cluster +%exclude %{_datadir}/cluster/fence_mpath_check* +%exclude %{_datadir}/cluster/fence_scsi_check* +%exclude %{_sbindir}/* +%exclude %{_mandir}/man8/* + +%package all +License: GPLv2+ and LGPLv2+ and ASL 2.0 +Group: System Environment/Base +Summary: Set of unified programs capable of host isolation ("fencing") +Requires: %(echo "%{allfenceagents}" | sed "s/\( \|$\)/ >= %{version}-%{release}\1/g") +%ifarch i686 x86_64 +Requires: fence-virt +%endif +%ifarch ppc64le +Requires: fence-agents-lpar >= %{version}-%{release} +%endif +%ifarch s390x +Requires: fence-agents-zvm >= %{version}-%{release} +%endif +Provides: %{name} >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} +%description all +A collection of executables to handle isolation ("fencing") of possibly +misbehaving hosts by the means of remote power management, blocking +network, storage, or similar. + +This package serves as a catch-all for all supported fence agents. +%files all + +%ifarch x86_64 +%package aliyun +License: GPLv2+ and LGPLv2+ and ASL 2.0 and BSD and MIT +Group: System Environment/Base +Summary: Fence agent for Alibaba Cloud (Aliyun) +Requires: fence-agents-common >= %{version}-%{release} +Requires: python3-jmespath >= 0.9.0 +# python-pycryptodome bundle +Provides: bundled(python-%{pycryptodome}) = %{pycryptodome_version} +# python-aliyun-sdk-core bundle +Provides: bundled(python-aliyun-sdk-core) = %{aliyunsdkcore_version} +# python-aliyun-sdk-ecs bundle +Provides: bundled(python-aliyun-sdk-ecs) = %{aliyunsdkecs_version} +# python-aliyun-sdk-vpc bundle +Provides: bundled(python-aliyun-sdk-vpc) = %{aliyunsdkvpc_version} +Obsoletes: %{name} < %{version}-%{release} +%description aliyun +The fence-agents-aliyun package contains a fence agent for Alibaba Cloud (Aliyun) instances. +%files aliyun +%defattr(-,root,root,-) +# bundled libraries +%doc pycryptodome_README.rst aliyun*_README* +%license pycryptodome_LICENSE.rst +%{_sbindir}/fence_aliyun +%{_mandir}/man8/fence_aliyun.8* +# bundled libraries +/usr/lib/fence-agents/%{bundled_lib_dir}/aliyun +%endif + +%package amt-ws +License: ASL 2.0 +Group: System Environment/Base +Summary: Fence agent for Intel AMT (WS-Man) devices +Requires: fence-agents-common >= %{version}-%{release} +Requires: openwsman-python3 +Obsoletes: %{name} < %{version}-%{release} +BuildArch: noarch +%description amt-ws +The fence-agents-amt-ws package contains a fence agent for AMT (WS-Man) devices. +%files amt-ws +%defattr(-,root,root,-) +%{_sbindir}/fence_amt_ws +%{_mandir}/man8/fence_amt_ws.8* + +%package apc +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Fence agent for APC devices +Requires: openssh-clients +%if 0%{?fedora} < 33 || (0%{?rhel} && 0%{?rhel} < 9) || (0%{?centos} && 0%{?centos} < 9) || 0%{?suse_version} +%if (0%{?rhel} && 0%{?rhel} < 8) || (0%{?centos} && 0%{?centos} < 8) +Requires: telnet +%else +Recommends: telnet +%endif +%endif +Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} +BuildArch: noarch +%description apc +Fence agent for APC devices that are accessed via telnet or SSH. +%files apc +%{_sbindir}/fence_apc +%{_mandir}/man8/fence_apc.8* + +%package apc-snmp +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Fence agents for APC devices (SNMP) +Requires: net-snmp-utils +Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} +BuildArch: noarch +%description apc-snmp +Fence agents for APC devices that are accessed via the SNMP protocol. +%files apc-snmp +%{_sbindir}/fence_apc_snmp +%{_mandir}/man8/fence_apc_snmp.8* + +%ifarch x86_64 +%package aws +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Fence agent for Amazon AWS +Requires: fence-agents-common >= %{version}-%{release} +Requires: python3-boto3 +Provides: bundled(python3-%{botocore}) = %{botocore_version} +Provides: bundled(python3-%{urllib3}) = %{urllib3_version} +Provides: bundled(python3-%{requests}) = %{requests_version} +Provides: bundled(python3-%{certifi}) = %{certifi_version} +Provides: bundled(python3-%{chrstnormalizer}) = %{chrstnormalizer_version} +Provides: bundled(python3-%{idna}) = %{idna_version} +Provides: bundled(python3-%{chardet}) = %{chardet_version} +Provides: bundled(python3-%{dateutil}) = %{dateutil_version} +Provides: bundled(python3-%{six}) = %{six_version} +Provides: bundled(python3-%{jmespath}) = %{jmespath_version} +Obsoletes: %{name} < %{version}-%{release} +BuildArch: noarch +%description aws +Fence agent for Amazon AWS instances. +%files aws +%{_sbindir}/fence_aws +%{_mandir}/man8/fence_aws.8* +# bundled libraries +/usr/lib/fence-agents/%{bundled_lib_dir}/aws +%endif + +%ifarch x86_64 +%package azure-arm +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Fence agent for Azure Resource Manager +Requires: fence-agents-common >= %{version}-%{release} +Requires: python3-azure-sdk >= 4.0.0-9 +Obsoletes: %{name} < %{version}-%{release} +BuildArch: noarch +%description azure-arm +Fence agent for Azure Resource Manager instances. +%files azure-arm +%{_sbindir}/fence_azure_arm +%{_datadir}/fence/azure_fence.py* +%{_datadir}/fence/__pycache__/azure_fence.* +%{_mandir}/man8/fence_azure_arm.8* +%endif + +%package bladecenter +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Fence agent for IBM BladeCenter +Requires: openssh-clients +%if 0%{?fedora} < 33 || (0%{?rhel} && 0%{?rhel} < 9) || (0%{?centos} && 0%{?centos} < 9) || 0%{?suse_version} +%if (0%{?rhel} && 0%{?rhel} < 8) || (0%{?centos} && 0%{?centos} < 8) +Requires: telnet +%else +Recommends: telnet +%endif +%endif +Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} +BuildArch: noarch +%description bladecenter +Fence agent for IBM BladeCenter devices that are accessed +via telnet or SSH. +%files bladecenter +%{_sbindir}/fence_bladecenter +%{_mandir}/man8/fence_bladecenter.8* + +%package brocade +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Fence agent for Brocade switches +Requires: openssh-clients +%if 0%{?fedora} < 33 || (0%{?rhel} && 0%{?rhel} < 9) || (0%{?centos} && 0%{?centos} < 9) || 0%{?suse_version} +%if (0%{?rhel} && 0%{?rhel} < 8) || (0%{?centos} && 0%{?centos} < 8) +Requires: telnet +%else +Recommends: telnet +%endif +%endif +Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} +BuildArch: noarch +%description brocade +Fence agent for Brocade devices that are accessed via telnet or SSH. +%files brocade +%{_sbindir}/fence_brocade +%{_mandir}/man8/fence_brocade.8* + +%package cisco-mds +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Fence agent for Cisco MDS 9000 series +Requires: net-snmp-utils +Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} +BuildArch: noarch +%description cisco-mds +Fence agent for Cisco MDS 9000 series devices that are accessed +via the SNMP protocol. +%files cisco-mds +%{_sbindir}/fence_cisco_mds +%{_mandir}/man8/fence_cisco_mds.8* + +%package cisco-ucs +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Fence agent for Cisco UCS series +Requires: python3-pycurl +Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} +BuildArch: noarch +%description cisco-ucs +Fence agent for Cisco UCS series devices that are accessed +via the SNMP protocol. +%files cisco-ucs +%{_sbindir}/fence_cisco_ucs +%{_mandir}/man8/fence_cisco_ucs.8* + +%package compute +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Fence agent for Nova compute nodes +Requires: python3-requests +Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} +BuildArch: noarch +%description compute +Fence agent for Nova compute nodes. +%files compute +%{_sbindir}/fence_compute +%{_sbindir}/fence_evacuate +%{_mandir}/man8/fence_compute.8* +%{_mandir}/man8/fence_evacuate.8* + +%package drac5 +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Fence agent for Dell DRAC 5 +Requires: openssh-clients +%if 0%{?fedora} < 33 || (0%{?rhel} && 0%{?rhel} < 9) || (0%{?centos} && 0%{?centos} < 9) || 0%{?suse_version} +%if (0%{?rhel} && 0%{?rhel} < 8) || (0%{?centos} && 0%{?centos} < 8) +Requires: telnet +%else +Recommends: telnet +%endif +%endif +Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} +BuildArch: noarch +%description drac5 +Fence agent for Dell DRAC 5 series devices that are accessed +via telnet or SSH. +%files drac5 +%{_sbindir}/fence_drac5 +%{_mandir}/man8/fence_drac5.8* + +%package eaton-snmp +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Fence agent for Eaton network power switches +Requires: net-snmp-utils +Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} +BuildArch: noarch +%description eaton-snmp +Fence agent for Eaton network power switches that are accessed +via the SNMP protocol. +%files eaton-snmp +%{_sbindir}/fence_eaton_snmp +%{_mandir}/man8/fence_eaton_snmp.8* + +%package emerson +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Fence agent for Emerson devices (SNMP) +Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} +BuildArch: noarch +%description emerson +Fence agent for Emerson devices that are accessed via +the SNMP protocol. +%files emerson +%{_sbindir}/fence_emerson +%{_mandir}/man8/fence_emerson.8* + +%package eps +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Fence agent for ePowerSwitch 8M+ power switches +Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} +BuildArch: noarch +%description eps +Fence agent for ePowerSwitch 8M+ power switches that are accessed +via the HTTP(s) protocol. +%files eps +%{_sbindir}/fence_eps +%{_mandir}/man8/fence_eps.8* + +%ifarch x86_64 +%package gce +License: GPLv2+ and LGPLv2+ and MIT +Group: System Environment/Base +Summary: Fence agent for GCE (Google Cloud Engine) +Requires: fence-agents-common >= %{version}-%{release} +Requires: python3-google-api-client +Requires: python3-pysocks +# google cloud +Provides: bundled(python-httplib2) = %{httplib2_version} +Obsoletes: %{name} < %{version}-%{release} +BuildArch: noarch +%description gce +Fence agent for GCE (Google Cloud Engine) instances. +%files gce +%{_sbindir}/fence_gce +%{_mandir}/man8/fence_gce.8* +# bundled libraries +/usr/lib/fence-agents/%{bundled_lib_dir}/google +%endif + +%package heuristics-ping +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Pseudo fence agent to affect other agents based on ping-heuristics +Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} +BuildArch: noarch +%description heuristics-ping +Fence pseudo agent used to affect other agents based on +ping-heuristics. +%files heuristics-ping +%{_sbindir}/fence_heuristics_ping +%{_mandir}/man8/fence_heuristics_ping.8* + +%package hpblade +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Fence agent for HP BladeSystem devices +Requires: openssh-clients +%if 0%{?fedora} < 33 || (0%{?rhel} && 0%{?rhel} < 9) || (0%{?centos} && 0%{?centos} < 9) || 0%{?suse_version} +%if (0%{?rhel} && 0%{?rhel} < 8) || (0%{?centos} && 0%{?centos} < 8) +Requires: telnet +%else +Recommends: telnet +%endif +%endif +Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} +BuildArch: noarch +%description hpblade +Fence agent for HP BladeSystem devices that are accessed via telnet +or SSH. +%files hpblade +%{_sbindir}/fence_hpblade +%{_mandir}/man8/fence_hpblade.8* + +%package ibmblade +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Fence agent for IBM BladeCenter +Requires: net-snmp-utils +Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} +BuildArch: noarch +%description ibmblade +Fence agent for IBM BladeCenter devices that are accessed +via the SNMP protocol. +%files ibmblade +%{_sbindir}/fence_ibmblade +%{_mandir}/man8/fence_ibmblade.8* + +%package ibm-powervs +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Fence agent for IBM PowerVS +Requires: fence-agents-common = %{version}-%{release} +BuildArch: noarch +%description ibm-powervs +Fence agent for IBM PowerVS that are accessed via REST API. +%files ibm-powervs +%{_sbindir}/fence_ibm_powervs +%{_mandir}/man8/fence_ibm_powervs.8* + +%package ibm-vpc +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Fence agent for IBM Cloud VPC +Requires: fence-agents-common = %{version}-%{release} +BuildArch: noarch +%description ibm-vpc +Fence agent for IBM Cloud VPC that are accessed via REST API. +%files ibm-vpc +%{_sbindir}/fence_ibm_vpc +%{_mandir}/man8/fence_ibm_vpc.8* + +%package ifmib +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Fence agent for devices with IF-MIB interfaces +Requires: net-snmp-utils +Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} +BuildArch: noarch +%description ifmib +Fence agent for IF-MIB interfaces that are accessed via +the SNMP protocol. +%files ifmib +%{_sbindir}/fence_ifmib +%{_mandir}/man8/fence_ifmib.8* + +%package ilo2 +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Fence agents for HP iLO2 devices +Requires: gnutls-utils +Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} +BuildArch: noarch +%description ilo2 +Fence agents for HP iLO2 devices that are accessed via +the HTTP(s) protocol. +%files ilo2 +%{_sbindir}/fence_ilo +%{_sbindir}/fence_ilo2 +%{_mandir}/man8/fence_ilo.8* +%{_mandir}/man8/fence_ilo2.8* + +%package ilo-moonshot +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Fence agent for HP iLO Moonshot devices +Requires: openssh-clients +%if 0%{?fedora} < 33 || (0%{?rhel} && 0%{?rhel} < 9) || (0%{?centos} && 0%{?centos} < 9) || 0%{?suse_version} +%if (0%{?rhel} && 0%{?rhel} < 8) || (0%{?centos} && 0%{?centos} < 8) +Requires: telnet +%else +Recommends: telnet +%endif +%endif +Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} +BuildArch: noarch +%description ilo-moonshot +Fence agent for HP iLO Moonshot devices that are accessed +via telnet or SSH. +%files ilo-moonshot +%{_sbindir}/fence_ilo_moonshot +%{_mandir}/man8/fence_ilo_moonshot.8* + +%package ilo-mp +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Fence agent for HP iLO MP devices +Requires: openssh-clients +%if 0%{?fedora} < 33 || (0%{?rhel} && 0%{?rhel} < 9) || (0%{?centos} && 0%{?centos} < 9) || 0%{?suse_version} +%if (0%{?rhel} && 0%{?rhel} < 8) || (0%{?centos} && 0%{?centos} < 8) +Requires: telnet +%else +Recommends: telnet +%endif +%endif +Requires: fence-agents-common = %{version}-%{release} +Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} +BuildArch: noarch +%description ilo-mp +Fence agent for HP iLO MP devices that are accessed via telnet or SSH. +%files ilo-mp +%{_sbindir}/fence_ilo_mp +%{_mandir}/man8/fence_ilo_mp.8* + +%package ilo-ssh +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Fence agents for HP iLO devices over SSH +Requires: openssh-clients +Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} +BuildArch: noarch +%description ilo-ssh +Fence agents for HP iLO devices that are accessed via telnet or SSH. +%files ilo-ssh +%{_sbindir}/fence_ilo_ssh +%{_mandir}/man8/fence_ilo_ssh.8* +%{_sbindir}/fence_ilo3_ssh +%{_mandir}/man8/fence_ilo3_ssh.8* +%{_sbindir}/fence_ilo4_ssh +%{_mandir}/man8/fence_ilo4_ssh.8* +%{_sbindir}/fence_ilo5_ssh +%{_mandir}/man8/fence_ilo5_ssh.8* + +%package intelmodular +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Fence agent for devices with Intel Modular interfaces +Requires: net-snmp-utils +Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} +BuildArch: noarch +%description intelmodular +Fence agent for Intel Modular interfaces that are accessed +via the SNMP protocol. +%files intelmodular +%{_sbindir}/fence_intelmodular +%{_mandir}/man8/fence_intelmodular.8* + +%package ipdu +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Fence agent for IBM iPDU network power switches +Requires: net-snmp-utils +Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} +BuildArch: noarch +%description ipdu +Fence agent for IBM iPDU network power switches that are accessed +via the SNMP protocol. +%files ipdu +%{_sbindir}/fence_ipdu +%{_mandir}/man8/fence_ipdu.8* + +%package ipmilan +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Fence agents for devices with IPMI interface +Requires: /usr/bin/ipmitool +Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} +BuildArch: noarch +%description ipmilan +Fence agents for devices with IPMI interface. +%files ipmilan +%{_sbindir}/fence_ipmilan +%{_mandir}/man8/fence_ipmilan.8* +%{_sbindir}/fence_idrac +%{_mandir}/man8/fence_idrac.8* +%{_sbindir}/fence_ilo3 +%{_mandir}/man8/fence_ilo3.8* +%{_sbindir}/fence_ilo4 +%{_mandir}/man8/fence_ilo4.8* +%{_sbindir}/fence_ilo5 +%{_mandir}/man8/fence_ilo5.8* +%{_sbindir}/fence_ipmilanplus +%{_mandir}/man8/fence_ipmilanplus.8* +%{_sbindir}/fence_imm +%{_mandir}/man8/fence_imm.8* + +%package kdump +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Fence agent for use with kdump crash recovery service +Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} +# this cannot be noarch since it's compiled +%description kdump +Fence agent for use with kdump crash recovery service. +%files kdump +%{_sbindir}/fence_kdump +%{_libexecdir}/fence_kdump_send +%{_mandir}/man8/fence_kdump.8* +%{_mandir}/man8/fence_kdump_send.8* + +%package kubevirt +License: GPLv2+ and LGPLv2+ and ASL 2.0 and BSD and BSD-2-Clause and BSD-3-Clause and ISC and MIT and MPL-2.0 +Summary: Fence agent for KubeVirt platform +Requires: fence-agents-common = %{version}-%{release} +Provides: bundled(python3-%{openshift}) = %{openshift_version} +Provides: bundled(python3-%{ruamelyamlclib}) = %{ruamelyamlclib_version} +Provides: bundled(python3-%{kubernetes}) = %{kubernetes_version} +Provides: bundled(python3-%{certifi}) = %{certifi_version} +Provides: bundled(python3-%{googleauth}) = %{googleauth_version} +Provides: bundled(python3-%{cachetools}) = %{cachetools_version} +Provides: bundled(python3-%{pyasn1modules}) = %{pyasn1modules_version} +Provides: bundled(python3-%{pyasn1}) = %{pyasn1_version} +Provides: bundled(python3-%{dateutil}) = %{dateutil_version} +Provides: bundled(python3-%{pyyaml}) = %{pyyaml_version} +Provides: bundled(python3-%{six}) = %{six_version} +Provides: bundled(python3-%{urllib3}) = %{urllib3_version} +Provides: bundled(python3-%{websocketclient}) = %{websocketclient_version} +Provides: bundled(python3-%{jinja2}) = %{jinja2_version} +Provides: bundled(python3-%{markupsafe}) = %{markupsafe_version} +Provides: bundled(python3-%{stringutils}) = %{stringutils_version} +Provides: bundled(python3-%{requests}) = %{requests_version} +Provides: bundled(python3-%{chrstnormalizer}) = %{chrstnormalizer_version} +Provides: bundled(python3-%{idna}) = %{idna_version} +Provides: bundled(python3-%{reqstsoauthlib}) = %{reqstsoauthlib_version} +Provides: bundled(python3-%{oauthlib}) = %{oauthlib_version} +Provides: bundled(python3-%{ruamelyaml}) = %{ruamelyaml_version} +Provides: bundled(python3-%{setuptools}) = %{setuptools_version} +%description kubevirt +Fence agent for KubeVirt platform. +%files kubevirt +%{_sbindir}/fence_kubevirt +%{_mandir}/man8/fence_kubevirt.8* +# bundled libraries +/usr/lib/fence-agents/%{bundled_lib_dir}/kubevirt + +%package lpar +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Fence agent for IBM LPAR +Requires: openssh-clients +%if 0%{?fedora} < 33 || (0%{?rhel} && 0%{?rhel} < 9) || (0%{?centos} && 0%{?centos} < 9) || 0%{?suse_version} +%if (0%{?rhel} && 0%{?rhel} < 8) || (0%{?centos} && 0%{?centos} < 8) +Requires: telnet +%else +Recommends: telnet +%endif +%endif +Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} +BuildArch: noarch +%description lpar +Fence agent for IBM LPAR devices that are accessed via telnet or SSH. +%files lpar +%{_sbindir}/fence_lpar +%{_mandir}/man8/fence_lpar.8* + +%package mpath +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Fence agent for reservations over Device Mapper Multipath +Requires: device-mapper-multipath +Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} +BuildArch: noarch +%description mpath +Fence agent for SCSI persistent reservation over +Device Mapper Multipath. +%files mpath +%{_sbindir}/fence_mpath +%{_datadir}/cluster/fence_mpath_check* +%{_mandir}/man8/fence_mpath.8* + +%package redfish +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Fence agent for Redfish +Requires: fence-agents-common >= %{version}-%{release} +Requires: python3-requests +Obsoletes: %{name} < %{version}-%{release} +%description redfish +The fence-agents-redfish package contains a fence agent for Redfish +%files redfish +%defattr(-,root,root,-) +%{_sbindir}/fence_redfish +%{_mandir}/man8/fence_redfish.8* + +%package rhevm +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Fence agent for RHEV-M +Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} +BuildArch: noarch +%description rhevm +Fence agent for RHEV-M via REST API. +%files rhevm +%{_sbindir}/fence_rhevm +%{_mandir}/man8/fence_rhevm.8* + +%if 0%{?fedora} || 0%{?rhel} > 7 +%package rsa +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Fence agent for IBM RSA II +Requires: openssh-clients +%if 0%{?fedora} < 33 || (0%{?rhel} && 0%{?rhel} < 9) || (0%{?centos} && 0%{?centos} < 9) || 0%{?suse_version} +%if (0%{?rhel} && 0%{?rhel} < 8) || (0%{?centos} && 0%{?centos} < 8) +Requires: telnet +%else +Recommends: telnet +%endif +%endif +Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} +BuildArch: noarch +%description rsa +Fence agent for IBM RSA II devices that are accessed +via telnet or SSH. +%files rsa +%{_sbindir}/fence_rsa +%{_mandir}/man8/fence_rsa.8* +%endif + +%package rsb +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Fence agent for Fujitsu RSB +Requires: openssh-clients +%if 0%{?fedora} < 33 || (0%{?rhel} && 0%{?rhel} < 9) || (0%{?centos} && 0%{?centos} < 9) || 0%{?suse_version} +%if (0%{?rhel} && 0%{?rhel} < 8) || (0%{?centos} && 0%{?centos} < 8) +Requires: telnet +%else +Recommends: telnet +%endif +%endif +Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} +BuildArch: noarch +%description rsb +Fence agent for Fujitsu RSB devices that are accessed +via telnet or SSH. +%files rsb +%{_sbindir}/fence_rsb +%{_mandir}/man8/fence_rsb.8* + +%if 0%{?fedora} || 0%{?rhel} > 7 +%package sbd +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Fence agent for SBD (storage-based death) +Requires: sbd +Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} +BuildArch: noarch +%description sbd +Fence agent for SBD (storage-based death). +%files sbd +%{_sbindir}/fence_sbd +%{_mandir}/man8/fence_sbd.8* +%endif + +%package scsi +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Fence agent for SCSI persistent reservations +Requires: sg3_utils +Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} +BuildArch: noarch +%description scsi +Fence agent for SCSI persistent reservations. +%files scsi +%{_sbindir}/fence_scsi +%{_datadir}/cluster/fence_scsi_check +%{_datadir}/cluster/fence_scsi_check_hardreboot +%{_mandir}/man8/fence_scsi.8* + +%package virsh +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Fence agent for virtual machines based on libvirt +Requires: openssh-clients /usr/bin/virsh +Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} +BuildArch: noarch +%description virsh +Fence agent for virtual machines that are accessed via SSH. +%files virsh +%{_sbindir}/fence_virsh +%{_mandir}/man8/fence_virsh.8* + +%package vmware-rest +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Fence agent for VMWare with REST API +Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} +BuildArch: noarch +%description vmware-rest +Fence agent for VMWare with REST API. +%files vmware-rest +%{_sbindir}/fence_vmware_rest +%{_mandir}/man8/fence_vmware_rest.8* + +%package vmware-soap +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Fence agent for VMWare with SOAP API v4.1+ +Requires: python3-suds python3-requests +Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} +BuildArch: noarch +%description vmware-soap +Fence agent for VMWare with SOAP API v4.1+. +%files vmware-soap +%{_sbindir}/fence_vmware_soap +%{_mandir}/man8/fence_vmware_soap.8* + +%package wti +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Fence agent for WTI Network power switches +Requires: openssh-clients +%if 0%{?fedora} < 33 || (0%{?rhel} && 0%{?rhel} < 9) || (0%{?centos} && 0%{?centos} < 9) || 0%{?suse_version} +%if (0%{?rhel} && 0%{?rhel} < 8) || (0%{?centos} && 0%{?centos} < 8) +Requires: telnet +%else +Recommends: telnet +%endif +%endif +Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} +BuildArch: noarch +%description wti +Fence agent for WTI network power switches that are accessed +via telnet or SSH. +%files wti +%{_sbindir}/fence_wti +%{_mandir}/man8/fence_wti.8* + +%ifarch s390x +%package zvm +License: GPLv2+ and LGPLv2+ +Group: System Environment/Base +Summary: Fence agent for IBM z/VM over IP +Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} +BuildArch: noarch +%description zvm +Fence agent for IBM z/VM over IP. +%files zvm +%{_sbindir}/fence_zvmip +%{_mandir}/man8/fence_zvmip.8* +%endif + +%changelog +* Fri Mar 4 2022 Oyvind Albrigtsen - 4.2.1-89 +- fence_ibm_vpc: new fence agent + Resolves: rhbz#1728203 + +* Fri Feb 11 2022 Oyvind Albrigtsen - 4.2.1-88 +- fence_aws: upgrade botocore to fix IMDSv2 support + Resolves: rhbz#2048857 + +* Wed Jan 19 2022 Oyvind Albrigtsen - 4.2.1-85 +- fence_ibm_powervs: new fence agent + Resolves: rhbz#1874862 + +* Mon Jan 17 2022 Oyvind Albrigtsen - 4.2.1-84 +- fence_kubevirt: new fence agent + Resolves: rhbz#1977588 + +* Thu Nov 11 2021 Oyvind Albrigtsen - 4.2.1-83 +- fence_zvmip: add SSL/TLS support + Resolves: rhbz#1963163 + +* Tue Nov 2 2021 Oyvind Albrigtsen - 4.2.1-80 +- fence_sbd: dont spam logs when disable_timeout is enabled + Resolves: rhbz#1971683 + +* Wed Oct 27 2021 Oyvind Albrigtsen - 4.2.1-79 +- fence_amt_ws: fix "or" causing dead code + Resolves: rhbz#2010710 +- fence_gce: add proxy support + Resolves: rhbz#1969953 + +* Tue Oct 19 2021 Oyvind Albrigtsen - 4.2.1-78 +- all agents: log exceptions when failing + Resolves: rhbz#1470827 + +* Wed Aug 11 2021 Oyvind Albrigtsen - 4.2.1-75 +- fence_gce: add serviceaccount JSON file support + Resolves: rhbz#1685814 + +* Thu May 20 2021 Oyvind Albrigtsen - 4.2.1-72 +- fence_mpath: add watchdog retry support + Resolves: rhbz#1922437 + +* Fri May 7 2021 Oyvind Albrigtsen - 4.2.1-71 +- fence_redfish: add diag action + Resolves: rhbz#1920947 + +* Thu May 6 2021 Oyvind Albrigtsen - 4.2.1-70 +- fence_gce: change default back to cycle to avoid "soft" off + Resolves: rhbz#1942363 + +* Tue May 4 2021 Oyvind Albrigtsen - 4.2.1-69 +- fencing: add "stonith_status_sleep" parameter to set sleep between + status calls during STONITH action + Resolves: rhbz#1780825 + +* Fri Apr 30 2021 Oyvind Albrigtsen - 4.2.1-68 +- fence_aws: add "filter" parameter + Resolves: rhbz#1941989 + +* Wed Mar 3 2021 Oyvind Albrigtsen - 4.2.1-67 +- fence_ipmilanplus: new symlink agent with lanplus enabled by default + Resolves: rhbz#1925015 + +* Tue Feb 2 2021 Oyvind Albrigtsen - 4.2.1-65 +- fence_gce: default to onoff + Resolves: rhbz#1906978 + +* Mon Jan 11 2021 Oyvind Albrigtsen - 4.2.1-63 +- fence_zvmip: fix disable-timeout not working correctly + Resolves: rhbz#1914313 + +* Fri Nov 13 2020 Oyvind Albrigtsen - 4.2.1-62 +- fence_aws: add support for IMDSv2 + Resolves: rhbz#1896827 + +* Tue Nov 10 2020 Oyvind Albrigtsen - 4.2.1-61 +- fence_scsi: dont write key to device if it's already registered, + and dont write device to file when cluster is started again + Resolves: rhbz#1841087 + +* Thu Nov 5 2020 Oyvind Albrigtsen - 4.2.1-59 +- fencing: add disable-timeout parameter and make it true by default + for Pacemaker 2.0+ + Resolves: rhbz#1470813, rhbz#1436429 + +* Mon Sep 14 2020 Oyvind Albrigtsen - 4.2.1-54 +- fence_azure_arm: fix MSI support + Resolves: rhbz#1818157 +- fence_mpath: allow spaces for comma-separated devices and add + support for space-separated devices + Resolves: rhbz#1851115 +- fence_ipmilan: add ability to increase ipmitool verbosity + Resolves: rhbz#1853973 +- fence_lpar: fix list-status action + Resolves: rhbz#1861926 +- all agents: make telnet a weak dependency + Resolves: rhbz#1851232 + +* Fri Aug 7 2020 Oyvind Albrigtsen - 4.2.1-53 +- fence_evacuate: enable evacuation of instances using private flavors + Resolves: rhbz#1859932 + +* Tue Jul 28 2020 Oyvind Albrigtsen - 4.2.1-52 +- fence_lpar: fix issue with long username, hostname, etc not + working when the command run by the agent exceeds 80 characters + Resolves: rhbz#1860544 + +* Thu Jul 2 2020 Oyvind Albrigtsen - 4.2.1-51 +- fence_vmware_rest: fix encoding issues + Resolves: rhbz#1793739 + +* Thu Jun 11 2020 Oyvind Albrigtsen - 4.2.1-50 +- fence_vmware_soap: log exception message for SSLError exception + Resolves: rhbz#1796654 + +* Wed May 27 2020 Oyvind Albrigtsen - 4.2.1-49 +- fence_aws: improve logging by catching ConnectionError exception + Resolves: rhbz#1839776 + +* Fri May 15 2020 Oyvind Albrigtsen - 4.2.1-47 +- fence_vmware_rest: add filter parameter to avoid 1000 VM API limit + and avoid failing when hitting it during the monitor-action + Resolves: rhbz#1827652 +- fence_compute/fence_evacuate: fix --insecure parameter + Resolves: rhbz#1830776 +- fence_scsi: add readonly parameter + Resolves: rhbz#1750596 + +* Tue Apr 28 2020 Oyvind Albrigtsen - 4.2.1-45 +- fence_vmware_rest: improve exception handling + Resolves: rhbz#1827559 + +* Tue Mar 24 2020 Oyvind Albrigtsen - 4.2.1-44 +- fence_aws: fix possible race condition + + Resolves: rhbz#1816203 + +* Fri Mar 13 2020 Oyvind Albrigtsen - 4.2.1-42 +- fence-agents-lpar: build on non-ppc64le arch's + Resolves: rhbz#1804907 +- fence_aws: improve parameter logic to allow setting region parameter + while using credentials from ~/.aws/config + Resolves: rhbz#1810457 + +* Thu Feb 13 2020 Oyvind Albrigtsen - 4.2.1-41 +- fence_mpath: add plug parameter support to be able to use pcmk_host_map + Resolves: rhbz#1753228 +- fence_mpath: fix --reserve parameter typo + Resolves: rhbz#1798641 + +* Fri Jan 31 2020 Oyvind Albrigtsen - 4.2.1-40 +- fence_aws: improve logging and metadata/usage text + Resolves: rhbz#1781357 + +* Tue Nov 26 2019 Oyvind Albrigtsen - 4.2.1-39 +- fencing: only use inetX_only parameters for SSH based agents and + fence_zvmip + Resolves: rhbz#1771594 + +* Wed Nov 20 2019 Oyvind Albrigtsen - 4.2.1-38 +- fence_sbd: add stderr support + Resolves: rhbz#1774458 + +* Tue Nov 19 2019 Oyvind Albrigtsen - 4.2.1-37 +- fence_scsi: add hash key-value support + Resolves: rhbz#1773890 + +* Wed Nov 13 2019 Oyvind Albrigtsen - 4.2.1-35 +- fence_rhevm: add cookie support + Resolves: rhbz#1763674 + +* Thu Nov 7 2019 Oyvind Albrigtsen - 4.2.1-34 +- fence_compute/fence_evacuate: fix region_name content type and + project shortopt in usage text and project-domain shortopt + Resolves: rhbz#1760201 +- fencing: improve stdin quote parsing + Resolves: rhbz#1769783 + +* Fri Oct 18 2019 Oyvind Albrigtsen - 4.2.1-33 +- fence_vmware_rest: improve logging + Resolves: rhbz#1760224 + +* Wed Oct 16 2019 Oyvind Albrigtsen - 4.2.1-32 +- fence_compute: disable service after force-down + Resolves: rhbz#1760213 + +* Thu Oct 3 2019 Oyvind Albrigtsen - 4.2.1-31 +- fence_aliyun: add RAM role support + Resolves: rhbz#1732766 +- fence_ilo4_ssh/fence_ilo5_ssh: add monitor timeout warning + Resolves: rhbz#1734811 +- fence_mpath: fix watchdog reboot not triggered when multipath + disconnected + Resolves: rhbz#1751704 + +* Fri Sep 6 2019 Oyvind Albrigtsen - 4.2.1-30 +- fence_zvmip: fix Python 3 issues + Resolves: rhbz#1748443 + +* Thu Jul 25 2019 Oyvind Albrigtsen - 4.2.1-29 +- fence_vmware_rest: fix KeyError issue for suspended VMs + Resolves: rhbz#1732773 + +* Wed Jul 24 2019 Oyvind Albrigtsen - 4.2.1-28 +- fence_mpath: fix watchdog hardreboot + Resolves: rhbz#1709926 + +* Thu Jun 13 2019 Oyvind Albrigtsen - 4.2.1-27 +- fence_scsi watchdog: fix failing on first try when using retry + Resolves: rhbz#1720198 + +* Tue May 28 2019 Oyvind Albrigtsen - 4.2.1-25 +- fence_redfish: add header for full Redfish spec compliance + Resolves: rhbz#1704228 +- fence_scsi: fix to match new node ID format + Resolves: rhbz#1714458 + +* Thu May 23 2019 Oyvind Albrigtsen - 4.2.1-24 +- fence_azure_arm: use skip_shutdown feature + Resolves: rhbz#1700546 + +* Tue May 21 2019 Oyvind Albrigtsen - 4.2.1-23 +- fence_rhevm: add RHEV v4 API support and auto-detection + Resolves: rhbz#1709780 +- fence_rhevm: fix encoding issues + Resolves: rhbz#1712263 + +* Fri Apr 5 2019 Oyvind Albrigtsen - 4.2.1-22 +- fence_gce: fix Python 3 encoding issue + Resolves: rhbz#1696584 + +* Mon Apr 1 2019 Oyvind Albrigtsen - 4.2.1-21 +- Add CI gating tests + Resolves: rhbz#1682125 + +* Fri Mar 22 2019 Oyvind Albrigtsen - 4.2.1-20 +- fence_aliyun: upgrade python-aliyun-sdk-core to fix httplib issue + Resolves: rhbz#1677945 + +* Tue Mar 19 2019 Oyvind Albrigtsen - 4.2.1-18 +- fence_redfish: use ipport parameter + Resolves: rhbz#1677327 + +* Fri Feb 8 2019 Oyvind Albrigtsen - 4.2.1-17 +- fence-agents-vmware-soap: add missing python3-requests dependency + Resolves: rhbz#1591502 + +* Mon Jan 28 2019 Oyvind Albrigtsen - 4.2.1-16 +- fence_redfish: new fence agent + Resolves: rhbz#1666914 + +* Fri Jan 25 2019 Oyvind Albrigtsen - 4.2.1-13 +- fence-agents-scsi: add missing fence-agents-common dependency + Resolves: rhbz#1665170 +- fence_azure_arm: add bundled directory to search path + Resolves: rhbz#1650214 + +* Fri Dec 7 2018 Oyvind Albrigtsen - 4.2.1-11 +- fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher + Resolves: rhbz#1654968 +- fence_scsi: add watchdog retry support + Resolves: rhbz#1654976 +- fence_hpblade: fix log_expect syntax + Resolves: rhbz#1654616 +- fence_vmware_soap: cleanup when receiving SIGTERM + Resolves: rhbz#1654973 + +* Mon Oct 8 2018 Oyvind Albrigtsen - 4.2.1-10 +- spec-file improvements by Jan Pokorny +- fence_aliyun: bundled libraries + Resolves: rhbz#1625208 + +* Tue Aug 14 2018 Oyvind Albrigtsen - 4.2.1-7 +- fence_kdump: fix strncpy issue + +* Wed Jul 11 2018 Oyvind Albrigtsen - 4.2.1-6 +- fence_evacuate: fix evacuable tag mix issue + +* Wed Jul 4 2018 Oyvind Albrigtsen - 4.2.1-5 +- Use %{__python3} macro to set correct Python #! + +* Mon Jun 18 2018 Oyvind Albrigtsen - 4.2.1-4 +- fence_vmware_soap: fix python3-suds issue +- Remove unsupported agents + +* Mon Jun 11 2018 Oyvind Albrigtsen - 4.2.1-2 +- Remove fence-agents-amt due to missing amtterm + +* Thu May 31 2018 Oyvind Albrigtsen - 4.2.1-1 +- new upstream release + +* Thu May 17 2018 Oyvind Albrigtsen - 4.2.0-1 +- new upstream release + +* Thu Feb 15 2018 Oyvind Albrigtsen - 4.1.1-1 +- new upstream release +- fence_vmware_soap / fence_ovh: use Python 2 till python3-suds bug + is fixed + +* Fri Feb 9 2018 Oyvind Albrigtsen - 4.1.0-2 +- new upstream release + +* Wed Feb 07 2018 Fedora Release Engineering - 4.0.24-15 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Thu Jan 11 2018 Iryna Shcherbina - 4.0.24-14 +- Cleanup no longer needed Python 2 dependencies + +* Tue Nov 07 2017 Troy Dawson - 4.0.24-13 +- Cleanup spec file conditionals + +* Tue Aug 29 2017 Oyvind Albrigtsen - 4.0.24-12 +- fence-agents-common: remove fence_scsi_check files +- fence-scsi: add "fence_scsi_check_hardreboot" + +* Thu Aug 3 2017 Oyvind Albrigtsen - 4.0.24-10 +- fence_zvm: fix "uintptr_t" undeclared + +* Thu Aug 3 2017 Oyvind Albrigtsen - 4.0.24-9 +- Fix encoding for pexpect with Python 3.6 + + Resolves: rhbz#1473908 + +* Wed Aug 02 2017 Fedora Release Engineering - 4.0.24-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Wed Jul 26 2017 Fedora Release Engineering - 4.0.24-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Fri Feb 10 2017 Fedora Release Engineering - 4.0.24-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Fri Dec 23 2016 Oyvind Albrigtsen - 4.0.24-5 +- Fix to build in Python 3 only environment + +* Mon Dec 19 2016 Miro Hrončok - 4.0.24-4 +- Rebuild for Python 3.6 + +* Wed Sep 21 2016 Marek Grac - 4.0.24-4 +- Remove Obsoletes that are no longer valid + +* Fri Sep 2 2016 Oyvind Albrigtsen - 4.0.24-2 +- fence-agents-common: add dependency on python3-pycurl + +* Fri Aug 26 2016 Oyvind Albrigtsen - 4.0.24-1 +- new upstream release + +* Wed Jul 13 2016 Oyvind Albrigtsen - 4.0.23-2 +- fix build issue on s390 + +* Tue Jul 12 2016 Oyvind Albrigtsen - 4.0.23-1 +- new upstream release +- new package fence-agents-amt-ws +- new package fence-agents-compute +- new package fence-agents-drac +- new package fence-agents-hds-cb +- new package fence-agents-mpath +- new package fence-agents-sanbox2 +- new package fence-agents-sbd +- new package fence-agents-vbox +- new package fence-agents-vmware +- new package fence-agents-xenapi + +* Wed Feb 03 2016 Fedora Release Engineering - 4.0.20-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Tue Aug 11 2015 Marek Grac - 4.0.20-1 +- new upstream release +- new package fence-agents-rcd-serial + +* Wed Jun 17 2015 Fedora Release Engineering - 4.0.16-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Thu Mar 05 2015 Marek Grac - 4.0.16-1 +- new upstream release + +* Mon Feb 09 2015 Marek Grac - 4.0.15-1 +- new upstream release + +* Thu Jan 08 2015 Marek Grac - 4.0.14-1 +- new upstream release +- new packages fence-agents-zvm and fence-agents-emerson + +* Thu Oct 16 2014 Marek Grac - 4.0.12-1 +- new upstream release +- new package fence-agents-ilo-ssh + +* Wed Aug 27 2014 Marek Grac - 4.0.10 +- new upstream release +- new package fence-agents-ilo-moonshot + +* Sat Jun 07 2014 Fedora Release Engineering - 4.0.9-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Fri May 16 2014 Marek Grac - 4.0.9 +- new upstream release +- new package fence-agents-pve + +* Mon Apr 07 2014 Marek Grac - 4.0.8-1 +- new upstream release +- new package fence-agents-raritan + +* Wed Feb 26 2014 Marek Grac - 4.0.7-3 +- requires a specific version of fence-agents-common + +* Mon Feb 17 2014 Marek Grac - 4.0.7-2 +- new upstream release +- changed dependancy from nss/nspr to gnutls-utils + +* Fri Jan 10 2014 Marek Grac - 4.0.4-4 +- new upstream release +- new package fence-agents-amt + +* Mon Oct 07 2013 Marek Grac - 4.0.4-3 +- new upstream release +- new package fence-agents-netio + +* Tue Sep 03 2013 Marek Grac - 4.0.3-1 +- new upstream release +- new packages fence-agents-brocade and fence-agents-ovh + +* Sat Aug 03 2013 Fedora Release Engineering - 4.0.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Thu Jul 18 2013 Petr Pisar - 4.0.1-2 +- Perl 5.18 rebuild + +* Mon Jul 01 2013 Marek Grac - 4.0.1-1 +- new upstream release + +* Mon Jun 24 2013 Marek Grac - 4.0.0-5 +- fence-agents-all should provide fence-agent for clean update path + +* Wed Apr 03 2013 Marek Grac - 4.0.0-4 +- minor changes in spec file + +* Thu Mar 21 2013 Marek Grac - 4.0.0-3 +- minor changes in spec file + +* Mon Mar 18 2013 Marek Grac - 4.0.0-2 +- minor changes in spec file + +* Mon Mar 11 2013 Marek Grac - 4.0.0-1 +- new upstream release +- introducing subpackages + + diff --git a/fence_aliyun-1.patch b/fence_aliyun-1.patch new file mode 100644 index 0000000..c5f656b --- /dev/null +++ b/fence_aliyun-1.patch @@ -0,0 +1,344 @@ +From 418df5845d1781e18e300cf17b2de714e4ff09d1 Mon Sep 17 00:00:00 2001 +From: "feng.changf1" +Date: Tue, 24 Jul 2018 15:56:50 +0800 +Subject: [PATCH 1/3] Add Aliyun fence agent. + +--- + agents/aliyun/fence_aliyun.py | 146 ++++++++++++++++++++++++++++++++++++++++++ + 1 file changed, 146 insertions(+) + create mode 100644 agents/aliyun/fence_aliyun.py + +diff --git a/agents/aliyun/fence_aliyun.py b/agents/aliyun/fence_aliyun.py +new file mode 100644 +index 00000000..ec7d2316 +--- /dev/null ++++ b/agents/aliyun/fence_aliyun.py +@@ -0,0 +1,146 @@ ++#!/usr/bin/python -tt ++ ++import sys, re ++import logging ++import atexit ++import json ++sys.path.append("@FENCEAGENTSLIBDIR@") ++from fencing import * ++from fencing import fail, fail_usage, EC_TIMED_OUT, run_delay ++ ++from aliyunsdkcore import client ++ ++from aliyunsdkecs.request.v20140526.DescribeInstancesRequest import DescribeInstancesRequest ++from aliyunsdkecs.request.v20140526.StartInstanceRequest import StartInstanceRequest ++from aliyunsdkecs.request.v20140526.StopInstanceRequest import StopInstanceRequest ++from aliyunsdkecs.request.v20140526.RebootInstanceRequest import RebootInstanceRequest ++ ++def _send_request(conn, request): ++ request.set_accept_format('json') ++ try: ++ response_str = conn.do_action_with_exception(request) ++ response_detail = json.loads(response_str) ++ return response_detail ++ except Exception as e: ++ fail_usage("Failed: _send_request failed") ++ ++def start_instance(conn, instance_id): ++ request = StartInstanceRequest() ++ request.set_InstanceId(instance_id) ++ _send_request(conn, request) ++ ++def stop_instance(conn, instance_id): ++ request = StopInstanceRequest() ++ request.set_InstanceId(instance_id) ++ request.set_ForceStop('true') ++ _send_request(conn, request) ++ ++def reboot_instance(conn, instance_id): ++ request = RebootInstanceRequest() ++ request.set_InstanceId(instance_id) ++ request.set_ForceStop('true') ++ _send_request(conn, request) ++ ++def get_status(conn, instance_id): ++ request = DescribeInstancesRequest() ++ request.set_InstanceIds(json.dumps([instance_id])) ++ response = _send_request(conn, request) ++ instance_status = None ++ if response is not None: ++ instance_list = response.get('Instances').get('Instance') ++ for item in instance_list: ++ instance_status = item.get('Status') ++ return instance_status ++ ++def get_nodes_list(conn, options): ++ result = {} ++ request = DescribeInstancesRequest() ++ response = _send_request(conn, request) ++ instance_status = None ++ if response is not None: ++ instance_list = response.get('Instances').get('Instance') ++ for item in instance_list: ++ instance_id = item.get('InstanceId') ++ result[instance_id] = ("", None) ++ return result ++ ++def get_power_status(conn, options): ++ state = get_status(conn, options["--plug"]) ++ if state == "Running": ++ return "on" ++ elif state == "Stopped": ++ return "off" ++ else: ++ return "unknown" ++ ++ ++def set_power_status(conn, options): ++ if (options["--action"]=="off"): ++ stop_instance(conn, options["--plug"]) ++ elif (options["--action"]=="on"): ++ start_instance(conn, options["--plug"]) ++ elif (options["--action"]=="reboot"): ++ reboot_instance(conn, options["--plug"]) ++ ++ ++def define_new_opts(): ++ all_opt["region"] = { ++ "getopt" : "r:", ++ "longopt" : "region", ++ "help" : "-r, --region=[name] Region, e.g. cn-hangzhou", ++ "shortdesc" : "Region.", ++ "required" : "0", ++ "order" : 2 ++ } ++ all_opt["access_key"] = { ++ "getopt" : "a:", ++ "longopt" : "access-key", ++ "help" : "-a, --access-key=[name] Access Key", ++ "shortdesc" : "Access Key.", ++ "required" : "0", ++ "order" : 3 ++ } ++ all_opt["secret_key"] = { ++ "getopt" : "s:", ++ "longopt" : "secret-key", ++ "help" : "-s, --secret-key=[name] Secret Key", ++ "shortdesc" : "Secret Key.", ++ "required" : "0", ++ "order" : 4 ++ } ++ ++# Main agent method ++def main(): ++ conn = None ++ ++ device_opt = ["port", "no_password", "region", "access_key", "secret_key"] ++ ++ atexit.register(atexit_handler) ++ ++ define_new_opts() ++ ++ all_opt["power_timeout"]["default"] = "60" ++ ++ options = check_input(device_opt, process_input(device_opt)) ++ ++ docs = {} ++ docs["shortdesc"] = "Fence agent for Aliyun (Aliyun Web Services)" ++ docs["longdesc"] = "fence_aliyun is an I/O Fencing agent for Aliyun" ++ docs["vendorurl"] = "http://www.aliyun.com" ++ show_docs(options, docs) ++ ++ run_delay(options) ++ ++ if "--region" in options and "--access-key" in options and "--secret-key" in options: ++ region = options["--region"] ++ access_key = options["--access-key"] ++ secret_key = options["--secret-key"] ++ conn = client.AcsClient(access_key, secret_key, region) ++ ++ ++ # Operate the fencing device ++ result = fence_action(conn, options, set_power_status, get_power_status, get_nodes_list) ++ sys.exit(result) ++ ++if __name__ == "__main__": ++ main() + +From 28b55555abda9b6c278a7f082bb22c4f6f1e2474 Mon Sep 17 00:00:00 2001 +From: "feng.changf1" +Date: Tue, 24 Jul 2018 17:18:53 +0800 +Subject: [PATCH 2/3] Add Aliyun fence agent. + +--- + tests/data/metadata/fence_aliyun.xml | 113 +++++++++++++++++++++++++++++++++++ + 1 file changed, 113 insertions(+) + create mode 100644 tests/data/metadata/fence_aliyun.xml + +diff --git a/tests/data/metadata/fence_aliyun.xml b/tests/data/metadata/fence_aliyun.xml +new file mode 100644 +index 00000000..1db692ee +--- /dev/null ++++ b/tests/data/metadata/fence_aliyun.xml +@@ -0,0 +1,113 @@ ++ ++ ++fence_aliyun is an I/O Fencing agent for Aliyun ++http://www.aliyun.com ++ ++ ++ ++ ++ Fencing action ++ ++ ++ ++ ++ Physical plug number on device, UUID or identification of machine ++ ++ ++ ++ ++ Physical plug number on device, UUID or identification of machine ++ ++ ++ ++ ++ Region. ++ ++ ++ ++ ++ Access Key. ++ ++ ++ ++ ++ Secret Key. ++ ++ ++ ++ ++ Disable logging to stderr. Does not affect --verbose or --debug-file or logging to syslog. ++ ++ ++ ++ ++ Verbose mode ++ ++ ++ ++ ++ Write debug information to given file ++ ++ ++ ++ ++ Write debug information to given file ++ ++ ++ ++ ++ Display version information and exit ++ ++ ++ ++ ++ Display help and exit ++ ++ ++ ++ ++ Separator for CSV created by 'list' operation ++ ++ ++ ++ ++ Wait X seconds before fencing is started ++ ++ ++ ++ ++ Wait X seconds for cmd prompt after login ++ ++ ++ ++ ++ Test X seconds for status change after ON/OFF ++ ++ ++ ++ ++ Wait X seconds after issuing ON/OFF ++ ++ ++ ++ ++ Wait X seconds for cmd prompt after issuing command ++ ++ ++ ++ ++ Count of attempts to retry power on ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ + +From 53bbd91e91c231c89ae8981238bb15d85d02207b Mon Sep 17 00:00:00 2001 +From: "feng.changf1" +Date: Tue, 24 Jul 2018 17:26:45 +0800 +Subject: [PATCH 3/3] Fix CI error. + +--- + agents/aliyun/fence_aliyun.py | 32 +++++++++++++++++--------------- + 1 file changed, 17 insertions(+), 15 deletions(-) + +diff --git a/agents/aliyun/fence_aliyun.py b/agents/aliyun/fence_aliyun.py +index ec7d2316..0f24b83e 100644 +--- a/agents/aliyun/fence_aliyun.py ++++ b/agents/aliyun/fence_aliyun.py +@@ -1,20 +1,22 @@ + #!/usr/bin/python -tt + +-import sys, re +-import logging +-import atexit +-import json +-sys.path.append("@FENCEAGENTSLIBDIR@") +-from fencing import * +-from fencing import fail, fail_usage, EC_TIMED_OUT, run_delay +- +-from aliyunsdkcore import client +- +-from aliyunsdkecs.request.v20140526.DescribeInstancesRequest import DescribeInstancesRequest +-from aliyunsdkecs.request.v20140526.StartInstanceRequest import StartInstanceRequest +-from aliyunsdkecs.request.v20140526.StopInstanceRequest import StopInstanceRequest +-from aliyunsdkecs.request.v20140526.RebootInstanceRequest import RebootInstanceRequest +- ++try: ++ import sys, re ++ import logging ++ import atexit ++ import json ++ sys.path.append("@FENCEAGENTSLIBDIR@") ++ from fencing import * ++ from fencing import fail, fail_usage, EC_TIMED_OUT, run_delay ++ ++ from aliyunsdkcore import client ++ ++ from aliyunsdkecs.request.v20140526.DescribeInstancesRequest import DescribeInstancesRequest ++ from aliyunsdkecs.request.v20140526.StartInstanceRequest import StartInstanceRequest ++ from aliyunsdkecs.request.v20140526.StopInstanceRequest import StopInstanceRequest ++ from aliyunsdkecs.request.v20140526.RebootInstanceRequest import RebootInstanceRequest ++except ImportError: ++ pass + def _send_request(conn, request): + request.set_accept_format('json') + try: diff --git a/fence_aliyun-2.patch b/fence_aliyun-2.patch new file mode 100644 index 0000000..eb4c735 --- /dev/null +++ b/fence_aliyun-2.patch @@ -0,0 +1,58 @@ +From 8db45537fb470624a754ea1243cc4f349a9b413d Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Tue, 24 Jul 2018 13:10:41 +0200 +Subject: [PATCH] fence_aliyun: fix CI and add Python detection + +--- + agents/aliyun/fence_aliyun.py | 19 ++++++++++--------- + tests/data/metadata/fence_aliyun.xml | 1 + + 2 files changed, 11 insertions(+), 9 deletions(-) + +diff --git a/agents/aliyun/fence_aliyun.py b/agents/aliyun/fence_aliyun.py +index 0f24b83e..aa6c0acf 100644 +--- a/agents/aliyun/fence_aliyun.py ++++ b/agents/aliyun/fence_aliyun.py +@@ -1,14 +1,14 @@ +-#!/usr/bin/python -tt ++#!@PYTHON@ -tt + +-try: +- import sys, re +- import logging +- import atexit +- import json +- sys.path.append("@FENCEAGENTSLIBDIR@") +- from fencing import * +- from fencing import fail, fail_usage, EC_TIMED_OUT, run_delay ++import sys, re ++import logging ++import atexit ++import json ++sys.path.append("@FENCEAGENTSLIBDIR@") ++from fencing import * ++from fencing import fail, fail_usage, EC_TIMED_OUT, run_delay + ++try: + from aliyunsdkcore import client + + from aliyunsdkecs.request.v20140526.DescribeInstancesRequest import DescribeInstancesRequest +@@ -17,6 +17,7 @@ + from aliyunsdkecs.request.v20140526.RebootInstanceRequest import RebootInstanceRequest + except ImportError: + pass ++ + def _send_request(conn, request): + request.set_accept_format('json') + try: +diff --git a/tests/data/metadata/fence_aliyun.xml b/tests/data/metadata/fence_aliyun.xml +index 1db692ee..b41d82bf 100644 +--- a/tests/data/metadata/fence_aliyun.xml ++++ b/tests/data/metadata/fence_aliyun.xml +@@ -108,6 +108,7 @@ + + + ++ + + + diff --git a/fence_aliyun-3-logging.patch b/fence_aliyun-3-logging.patch new file mode 100644 index 0000000..52c2dca --- /dev/null +++ b/fence_aliyun-3-logging.patch @@ -0,0 +1,51 @@ +From 790cbaa66f3927a84739af4a1f0e8bba295cdc36 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Mon, 30 Jul 2018 10:43:04 +0200 +Subject: [PATCH] fence_aliyun: add logging + +--- + agents/aliyun/fence_aliyun.py | 16 ++++++++++++---- + 1 file changed, 12 insertions(+), 4 deletions(-) + +diff --git a/agents/aliyun/fence_aliyun.py b/agents/aliyun/fence_aliyun.py +index aa6c0acf..2cda6b7f 100644 +--- a/agents/aliyun/fence_aliyun.py ++++ b/agents/aliyun/fence_aliyun.py +@@ -23,9 +23,10 @@ def _send_request(conn, request): + try: + response_str = conn.do_action_with_exception(request) + response_detail = json.loads(response_str) ++ logging.debug("_send_request reponse: %s" % response_detail) + return response_detail + except Exception as e: +- fail_usage("Failed: _send_request failed") ++ fail_usage("Failed: _send_request failed: %s" % e) + + def start_instance(conn, instance_id): + request = StartInstanceRequest() +@@ -69,15 +70,22 @@ def get_nodes_list(conn, options): + + def get_power_status(conn, options): + state = get_status(conn, options["--plug"]) ++ + if state == "Running": +- return "on" ++ status = "on" + elif state == "Stopped": +- return "off" ++ status = "off" + else: +- return "unknown" ++ status = "unknown" ++ ++ logging.info("get_power_status: %s" % status) ++ ++ return status + + + def set_power_status(conn, options): ++ logging.info("set_power_status: %s" % options["--action"]) ++ + if (options["--action"]=="off"): + stop_instance(conn, options["--plug"]) + elif (options["--action"]=="on"): diff --git a/fence_aliyun-4-bundled.patch b/fence_aliyun-4-bundled.patch new file mode 100644 index 0000000..99a0b50 --- /dev/null +++ b/fence_aliyun-4-bundled.patch @@ -0,0 +1,11 @@ +diff -uNr a/agents/aliyun/fence_aliyun.py b/agents/aliyun/fence_aliyun.py +--- a/agents/aliyun/fence_aliyun.py 2018-07-24 14:30:29.030311806 +0200 ++++ b/agents/aliyun/fence_aliyun.py 2018-07-24 14:31:10.023884949 +0200 +@@ -9,6 +9,7 @@ + from fencing import fail, fail_usage, EC_TIMED_OUT, run_delay + + try: ++ sys.path.insert(0, '/usr/lib/fence-agents/bundled/aliyun') + from aliyunsdkcore import client + + from aliyunsdkecs.request.v20140526.DescribeInstancesRequest import DescribeInstancesRequest diff --git a/fence_aliyun-5-list-instance-names.patch b/fence_aliyun-5-list-instance-names.patch new file mode 100644 index 0000000..40bebac --- /dev/null +++ b/fence_aliyun-5-list-instance-names.patch @@ -0,0 +1,31 @@ +From c21d60fbcf0b11dcbf4f70006c8ffaeac4ca7dbd Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Tue, 28 Aug 2018 15:20:10 +0200 +Subject: [PATCH] fence_aliyun: list instance names and show up to 100 + instances + +--- + agents/aliyun/fence_aliyun.py | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/agents/aliyun/fence_aliyun.py b/agents/aliyun/fence_aliyun.py +index 2cda6b7f..b3aca12f 100644 +--- a/agents/aliyun/fence_aliyun.py ++++ b/agents/aliyun/fence_aliyun.py +@@ -59,13 +59,15 @@ def get_status(conn, instance_id): + def get_nodes_list(conn, options): + result = {} + request = DescribeInstancesRequest() ++ request.set_PageSize(100) + response = _send_request(conn, request) + instance_status = None + if response is not None: + instance_list = response.get('Instances').get('Instance') + for item in instance_list: + instance_id = item.get('InstanceId') +- result[instance_id] = ("", None) ++ instance_name = item.get('InstanceName') ++ result[instance_id] = (instance_name, None) + return result + + def get_power_status(conn, options): diff --git a/fence_aliyun-6-correct-help-indentation.patch b/fence_aliyun-6-correct-help-indentation.patch new file mode 100644 index 0000000..39b1551 --- /dev/null +++ b/fence_aliyun-6-correct-help-indentation.patch @@ -0,0 +1,31 @@ +From 588f935b1f79c8355d461fe9f8597151fbcd7fa2 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Thu, 30 Aug 2018 09:11:58 +0200 +Subject: [PATCH] fence_aliyun: correct indentation for *key in help + +--- + agents/aliyun/fence_aliyun.py | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/agents/aliyun/fence_aliyun.py b/agents/aliyun/fence_aliyun.py +index 2cda6b7f..7d04c5bb 100644 +--- a/agents/aliyun/fence_aliyun.py ++++ b/agents/aliyun/fence_aliyun.py +@@ -106,7 +106,7 @@ def define_new_opts(): + all_opt["access_key"] = { + "getopt" : "a:", + "longopt" : "access-key", +- "help" : "-a, --access-key=[name] Access Key", ++ "help" : "-a, --access-key=[name] Access Key", + "shortdesc" : "Access Key.", + "required" : "0", + "order" : 3 +@@ -114,7 +114,7 @@ def define_new_opts(): + all_opt["secret_key"] = { + "getopt" : "s:", + "longopt" : "secret-key", +- "help" : "-s, --secret-key=[name] Secret Key", ++ "help" : "-s, --secret-key=[name] Secret Key", + "shortdesc" : "Secret Key.", + "required" : "0", + "order" : 4 diff --git a/fence_cisco_ucs-encode-POSTFIELDS.patch b/fence_cisco_ucs-encode-POSTFIELDS.patch new file mode 100644 index 0000000..6515deb --- /dev/null +++ b/fence_cisco_ucs-encode-POSTFIELDS.patch @@ -0,0 +1,22 @@ +From 70bd4ffa245ef7e8b7698228bab3b41c240d50d2 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Tue, 4 Sep 2018 12:35:07 +0200 +Subject: [PATCH] fence_cisco_ucs: encode POSTFIELDS + +--- + agents/cisco_ucs/fence_cisco_ucs.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/agents/cisco_ucs/fence_cisco_ucs.py b/agents/cisco_ucs/fence_cisco_ucs.py +index d509b3e0..ec311754 100644 +--- a/agents/cisco_ucs/fence_cisco_ucs.py ++++ b/agents/cisco_ucs/fence_cisco_ucs.py +@@ -111,7 +111,7 @@ def send_command(opt, command, timeout): + web_buffer = io.BytesIO() + conn.setopt(pycurl.URL, url.encode("ascii")) + conn.setopt(pycurl.HTTPHEADER, ["Content-type: text/xml"]) +- conn.setopt(pycurl.POSTFIELDS, command) ++ conn.setopt(pycurl.POSTFIELDS, command.encode("ascii")) + conn.setopt(pycurl.WRITEFUNCTION, web_buffer.write) + conn.setopt(pycurl.TIMEOUT, timeout) + if "--ssl" in opt or "--ssl-secure" in opt: diff --git a/fence_compute-fence_evacuate-fix-compute-domain.patch b/fence_compute-fence_evacuate-fix-compute-domain.patch new file mode 100644 index 0000000..3ae0ae8 --- /dev/null +++ b/fence_compute-fence_evacuate-fix-compute-domain.patch @@ -0,0 +1,232 @@ +From 15635df9d12ce693f473d5ebcd5b7cacb81e2295 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Mon, 16 Jul 2018 11:14:16 +0200 +Subject: [PATCH] fence_compute/fence_evacuate: workaround for compute-domain + regression + +--- + agents/compute/fence_compute.py | 24 +++++++++++++++++++----- + agents/evacuate/fence_evacuate.py | 24 +++++++++++++++++++----- + tests/data/metadata/fence_compute.xml | 24 ++++++++++++++++++++++-- + tests/data/metadata/fence_evacuate.xml | 24 ++++++++++++++++++++++-- + 4 files changed, 82 insertions(+), 14 deletions(-) + +diff --git a/agents/compute/fence_compute.py b/agents/compute/fence_compute.py +index ec2d093c..aac9b296 100644 +--- a/agents/compute/fence_compute.py ++++ b/agents/compute/fence_compute.py +@@ -353,7 +353,7 @@ def define_new_opts(): + "default" : "", + "order": 1, + } +- all_opt["user_domain"] = { ++ all_opt["user-domain"] = { + "getopt" : "u:", + "longopt" : "user-domain", + "help" : "-u, --user-domain=[name] Keystone v3 User Domain", +@@ -362,7 +362,7 @@ def define_new_opts(): + "default" : "Default", + "order": 2, + } +- all_opt["project_domain"] = { ++ all_opt["project-domain"] = { + "getopt" : "P:", + "longopt" : "project-domain", + "help" : "-d, --project-domain=[name] Keystone v3 Project Domain", +@@ -433,6 +433,14 @@ def define_new_opts(): + "default" : "False", + "order": 5, + } ++ all_opt["compute-domain"] = { ++ "getopt" : ":", ++ "longopt" : "compute-domain", ++ "help" : "--compute-domain=[string] Replaced by --domain", ++ "required" : "0", ++ "shortdesc" : "Replaced by domain", ++ "order": 6, ++ } + + def set_multi_power_fn(connection, options, set_power_fn, get_power_fn, retry_attempts=1): + for _ in range(retry_attempts): +@@ -450,9 +458,10 @@ def main(): + global override_status + atexit.register(atexit_handler) + +- device_opt = ["login", "passwd", "tenant_name", "auth_url", "fabric_fencing", +- "no_login", "no_password", "port", "domain", "project_domain", "user_domain", +- "no_shared_storage", "endpoint_type", "record_only", "instance_filtering", "insecure", "region_name"] ++ device_opt = ["login", "passwd", "tenant_name", "auth_url", "fabric_fencing", "no_login", ++ "no_password", "port", "domain", "compute-domain", "project-domain", ++ "user-domain", "no_shared_storage", "endpoint_type", "record_only", ++ "instance_filtering", "insecure", "region_name"] + define_new_opts() + all_opt["shell_timeout"]["default"] = "180" + +@@ -470,6 +479,11 @@ def main(): + + run_delay(options) + ++ # workaround to avoid regressions ++ if "--compute-domain" in options and options["--compute-domain"]: ++ options["--domain"] = options["--compute-domain"] ++ del options["--domain"] ++ + logging.debug("Running "+options["--action"]) + connection = create_nova_connection(options) + +diff --git a/agents/evacuate/fence_evacuate.py b/agents/evacuate/fence_evacuate.py +index 615dede7..529a60dd 100644 +--- a/agents/evacuate/fence_evacuate.py ++++ b/agents/evacuate/fence_evacuate.py +@@ -287,7 +287,7 @@ def define_new_opts(): + "default" : "", + "order": 1, + } +- all_opt["user_domain"] = { ++ all_opt["user-domain"] = { + "getopt" : "u:", + "longopt" : "user-domain", + "help" : "-u, --user-domain=[name] Keystone v3 User Domain", +@@ -296,7 +296,7 @@ def define_new_opts(): + "default" : "Default", + "order": 2, + } +- all_opt["project_domain"] = { ++ all_opt["project-domain"] = { + "getopt" : "P:", + "longopt" : "project-domain", + "help" : "-d, --project-domain=[name] Keystone v3 Project Domain", +@@ -358,14 +358,22 @@ def define_new_opts(): + "default" : "False", + "order": 5, + } ++ all_opt["compute-domain"] = { ++ "getopt" : ":", ++ "longopt" : "compute-domain", ++ "help" : "--compute-domain=[string] Replaced by --domain", ++ "required" : "0", ++ "shortdesc" : "Replaced by domain", ++ "order": 6, ++ } + + def main(): + atexit.register(atexit_handler) + + device_opt = ["login", "passwd", "tenant_name", "auth_url", +- "no_login", "no_password", "port", "domain", "project_domain", +- "user_domain", "no_shared_storage", "endpoint_type", +- "instance_filtering", "insecure", "region_name"] ++ "no_login", "no_password", "port", "domain", "compute-domain", ++ "project-domain", "user-domain", "no_shared_storage", ++ "endpoint_type", "instance_filtering", "insecure", "region_name"] + define_new_opts() + all_opt["shell_timeout"]["default"] = "180" + +@@ -380,6 +388,12 @@ def main(): + + run_delay(options) + ++ # workaround to avoid regressions ++ if "--compute-domain" in options and options["--compute-domain"]: ++ options["--domain"] = options["--compute-domain"] ++ del options["--domain"] ++ ++ + connection = create_nova_connection(options) + + # Un-evacuating a server doesn't make sense +diff --git a/tests/data/metadata/fence_compute.xml b/tests/data/metadata/fence_compute.xml +index e1dac97c..1dcbfc54 100644 +--- a/tests/data/metadata/fence_compute.xml ++++ b/tests/data/metadata/fence_compute.xml +@@ -73,12 +73,22 @@ + + Allow Insecure TLS Requests + +- ++ + + + Keystone v3 Project Domain + +- ++ ++ ++ ++ Keystone v3 Project Domain ++ ++ ++ ++ ++ Keystone v3 User Domain ++ ++ + + + Keystone v3 User Domain +@@ -103,6 +113,16 @@ + + Only record the target as needing evacuation + ++ ++ ++ ++ Replaced by domain ++ ++ ++ ++ ++ Replaced by domain ++ + + + +diff --git a/tests/data/metadata/fence_evacuate.xml b/tests/data/metadata/fence_evacuate.xml +index 6f8bd0a4..4f1f6a58 100644 +--- a/tests/data/metadata/fence_evacuate.xml ++++ b/tests/data/metadata/fence_evacuate.xml +@@ -73,12 +73,22 @@ + + Allow Insecure TLS Requests + +- ++ + + + Keystone v3 Project Domain + +- ++ ++ ++ ++ Keystone v3 Project Domain ++ ++ ++ ++ ++ Keystone v3 User Domain ++ ++ + + + Keystone v3 User Domain +@@ -98,6 +108,16 @@ + + Disable functionality for dealing with shared storage + ++ ++ ++ ++ Replaced by domain ++ ++ ++ ++ ++ Replaced by domain ++ + + + +-- +2.17.1 + diff --git a/fence_evacuate-fix-evacuable-tag-mix-issue.patch b/fence_evacuate-fix-evacuable-tag-mix-issue.patch new file mode 100644 index 0000000..a83ff74 --- /dev/null +++ b/fence_evacuate-fix-evacuable-tag-mix-issue.patch @@ -0,0 +1,20 @@ +diff -uNr a/agents/evacuate/fence_evacuate.py b/agents/evacuate/fence_evacuate.py +--- a/agents/evacuate/fence_evacuate.py 2018-06-28 14:24:54.000000000 +0200 ++++ b/agents/evacuate/fence_evacuate.py 2018-07-11 09:08:56.975072003 +0200 +@@ -74,12 +74,15 @@ + } + + def _is_server_evacuable(server, evac_flavors, evac_images): ++ reason = "flavor "+server.flavor.get('id') + if server.flavor.get('id') in evac_flavors: + return True + if hasattr(server.image, 'get'): + if server.image.get('id') in evac_images: + return True +- logging.debug("Instance %s is not evacuable" % server.image.get('id')) ++ reason = reason +" and image "+server.image.get('id') ++ ++ logging.debug("Instance is not evacuable: no match for %s" % reason) + return False + + def _get_evacuable_flavors(connection): diff --git a/fence_gce-1-stackdriver-logging-default-method-cycle.patch b/fence_gce-1-stackdriver-logging-default-method-cycle.patch new file mode 100644 index 0000000..bafa753 --- /dev/null +++ b/fence_gce-1-stackdriver-logging-default-method-cycle.patch @@ -0,0 +1,674 @@ +From 59ae9d00060da5329d7ca538974498292bbe1d91 Mon Sep 17 00:00:00 2001 +From: Helen Koike +Date: Tue, 26 Jun 2018 10:18:29 -0300 +Subject: [PATCH 1/7] fence_gce: add support for stackdriver logging + +Add --logging option to enable sending logs to google stackdriver +--- + agents/gce/fence_gce.py | 65 +++++++++++++++++++++++++++++++++++++-- + tests/data/metadata/fence_gce.xml | 5 +++ + 2 files changed, 67 insertions(+), 3 deletions(-) + +diff --git a/agents/gce/fence_gce.py b/agents/gce/fence_gce.py +index 3abb5207..3af5bfc8 100644 +--- a/agents/gce/fence_gce.py ++++ b/agents/gce/fence_gce.py +@@ -1,12 +1,19 @@ + #!@PYTHON@ -tt + + import atexit ++import logging ++import platform + import sys ++import time + sys.path.append("@FENCEAGENTSLIBDIR@") + + import googleapiclient.discovery + from fencing import fail_usage, run_delay, all_opt, atexit_handler, check_input, process_input, show_docs, fence_action + ++ ++LOGGER = logging ++ ++ + def translate_status(instance_status): + "Returns on | off | unknown." + if instance_status == "RUNNING": +@@ -27,6 +34,7 @@ def get_nodes_list(conn, options): + + return result + ++ + def get_power_status(conn, options): + try: + instance = conn.instances().get( +@@ -38,18 +46,37 @@ def get_power_status(conn, options): + fail_usage("Failed: get_power_status: {}".format(str(err))) + + ++def wait_for_operation(conn, project, zone, operation): ++ while True: ++ result = conn.zoneOperations().get( ++ project=project, ++ zone=zone, ++ operation=operation['name']).execute() ++ if result['status'] == 'DONE': ++ if 'error' in result: ++ raise Exception(result['error']) ++ return ++ time.sleep(1) ++ ++ + def set_power_status(conn, options): + try: + if options["--action"] == "off": +- conn.instances().stop( ++ LOGGER.info("Issuing poweroff of %s in zone %s" % (options["--plug"], options["--zone"])) ++ operation = conn.instances().stop( + project=options["--project"], + zone=options["--zone"], + instance=options["--plug"]).execute() ++ wait_for_operation(conn, options["--project"], options["--zone"], operation) ++ LOGGER.info("Poweroff of %s in zone %s complete" % (options["--plug"], options["--zone"])) + elif options["--action"] == "on": +- conn.instances().start( ++ LOGGER.info("Issuing poweron of %s in zone %s" % (options["--plug"], options["--zone"])) ++ operation = conn.instances().start( + project=options["--project"], + zone=options["--zone"], + instance=options["--plug"]).execute() ++ wait_for_operation(conn, options["--project"], options["--zone"], operation) ++ LOGGER.info("Poweron of %s in zone %s complete" % (options["--plug"], options["--zone"])) + except Exception as err: + fail_usage("Failed: set_power_status: {}".format(str(err))) + +@@ -71,11 +98,24 @@ def define_new_opts(): + "required" : "1", + "order" : 3 + } ++ all_opt["logging"] = { ++ "getopt" : ":", ++ "longopt" : "logging", ++ "help" : "--logging=[bool] Logging, true/false", ++ "shortdesc" : "Stackdriver-logging support.", ++ "longdesc" : "If enabled (set to true), IP failover logs will be posted to stackdriver logging.", ++ "required" : "0", ++ "default" : "false", ++ "order" : 4 ++ } + + def main(): + conn = None ++ global LOGGER ++ ++ hostname = platform.node() + +- device_opt = ["port", "no_password", "zone", "project"] ++ device_opt = ["port", "no_password", "zone", "project", "logging"] + + atexit.register(atexit_handler) + +@@ -97,6 +137,25 @@ def main(): + + run_delay(options) + ++ # Prepare logging ++ logging_env = options.get('--logging') ++ if logging_env: ++ logging_env = logging_env.lower() ++ if any(x in logging_env for x in ['yes', 'true', 'enabled']): ++ try: ++ import google.cloud.logging.handlers ++ client = google.cloud.logging.Client() ++ handler = google.cloud.logging.handlers.CloudLoggingHandler(client, name=hostname) ++ formatter = logging.Formatter('gcp:stonish "%(message)s"') ++ LOGGER = logging.getLogger(hostname) ++ handler.setFormatter(formatter) ++ LOGGER.addHandler(handler) ++ LOGGER.setLevel(logging.INFO) ++ except ImportError: ++ LOGGER.error('Couldn\'t import google.cloud.logging, ' ++ 'disabling Stackdriver-logging support') ++ ++ # Prepare cli + try: + credentials = None + if tuple(googleapiclient.__version__) < tuple("1.6.0"): +diff --git a/tests/data/metadata/fence_gce.xml b/tests/data/metadata/fence_gce.xml +index 2a147f21..805ecc6b 100644 +--- a/tests/data/metadata/fence_gce.xml ++++ b/tests/data/metadata/fence_gce.xml +@@ -30,6 +30,11 @@ For instructions see: https://cloud.google.com/compute/docs/tutorials/python-gui + + Project ID. + ++ ++ ++ ++ Stackdriver-logging support. ++ + + + + +From bb34acd8b0b150599c393d56dd81a7d8185b27d3 Mon Sep 17 00:00:00 2001 +From: Helen Koike +Date: Tue, 26 Jun 2018 10:44:41 -0300 +Subject: [PATCH 2/7] fence_gce: set project and zone as not required + +Try to retrieve the GCE project if the script is being executed inside a +GCE machine if --project is not provided. +Try to retrieve the zone automatically from GCE if --zone is not +provided. +--- + agents/gce/fence_gce.py | 63 +++++++++++++++++++++++++++++++++++++-- + tests/data/metadata/fence_gce.xml | 4 +-- + 2 files changed, 63 insertions(+), 4 deletions(-) + +diff --git a/agents/gce/fence_gce.py b/agents/gce/fence_gce.py +index 3af5bfc8..e53dc5a6 100644 +--- a/agents/gce/fence_gce.py ++++ b/agents/gce/fence_gce.py +@@ -12,6 +12,8 @@ + + + LOGGER = logging ++METADATA_SERVER = 'http://metadata.google.internal/computeMetadata/v1/' ++METADATA_HEADERS = {'Metadata-Flavor': 'Google'} + + + def translate_status(instance_status): +@@ -81,13 +83,56 @@ def set_power_status(conn, options): + fail_usage("Failed: set_power_status: {}".format(str(err))) + + ++def get_instance(conn, project, zone, instance): ++ request = conn.instances().get( ++ project=project, zone=zone, instance=instance) ++ return request.execute() ++ ++ ++def get_zone(conn, project, instance): ++ request = conn.instances().aggregatedList(project=project) ++ while request is not None: ++ response = request.execute() ++ zones = response.get('items', {}) ++ for zone in zones.values(): ++ for inst in zone.get('instances', []): ++ if inst['name'] == instance: ++ return inst['zone'].split("/")[-1] ++ request = conn.instances().aggregatedList_next( ++ previous_request=request, previous_response=response) ++ raise Exception("Unable to find instance %s" % (instance)) ++ ++ ++def get_metadata(metadata_key, params=None, timeout=None): ++ """Performs a GET request with the metadata headers. ++ ++ Args: ++ metadata_key: string, the metadata to perform a GET request on. ++ params: dictionary, the query parameters in the GET request. ++ timeout: int, timeout in seconds for metadata requests. ++ ++ Returns: ++ HTTP response from the GET request. ++ ++ Raises: ++ urlerror.HTTPError: raises when the GET request fails. ++ """ ++ timeout = timeout or 60 ++ metadata_url = os.path.join(METADATA_SERVER, metadata_key) ++ params = urlparse.urlencode(params or {}) ++ url = '%s?%s' % (metadata_url, params) ++ request = urlrequest.Request(url, headers=METADATA_HEADERS) ++ request_opener = urlrequest.build_opener(urlrequest.ProxyHandler({})) ++ return request_opener.open(request, timeout=timeout * 1.1).read() ++ ++ + def define_new_opts(): + all_opt["zone"] = { + "getopt" : ":", + "longopt" : "zone", + "help" : "--zone=[name] Zone, e.g. us-central1-b", + "shortdesc" : "Zone.", +- "required" : "1", ++ "required" : "0", + "order" : 2 + } + all_opt["project"] = { +@@ -95,7 +140,7 @@ def define_new_opts(): + "longopt" : "project", + "help" : "--project=[name] Project ID", + "shortdesc" : "Project ID.", +- "required" : "1", ++ "required" : "0", + "order" : 3 + } + all_opt["logging"] = { +@@ -109,6 +154,7 @@ def define_new_opts(): + "order" : 4 + } + ++ + def main(): + conn = None + global LOGGER +@@ -165,6 +211,19 @@ def main(): + except Exception as err: + fail_usage("Failed: Create GCE compute v1 connection: {}".format(str(err))) + ++ # Get project and zone ++ if not options.get("--project"): ++ try: ++ options["--project"] = get_metadata('project/project-id') ++ except Exception as err: ++ fail_usage("Failed retrieving GCE project. Please provide --project option: {}".format(str(err))) ++ ++ if not options.get("--zone"): ++ try: ++ options["--zone"] = get_zone(conn, options['--project'], options['--plug']) ++ except Exception as err: ++ fail_usage("Failed retrieving GCE zone. Please provide --zone option: {}".format(str(err))) ++ + # Operate the fencing device + result = fence_action(conn, options, set_power_status, get_power_status, get_nodes_list) + sys.exit(result) +diff --git a/tests/data/metadata/fence_gce.xml b/tests/data/metadata/fence_gce.xml +index 805ecc6b..507b8385 100644 +--- a/tests/data/metadata/fence_gce.xml ++++ b/tests/data/metadata/fence_gce.xml +@@ -20,12 +20,12 @@ For instructions see: https://cloud.google.com/compute/docs/tutorials/python-gui + + Physical plug number on device, UUID or identification of machine + +- ++ + + + Zone. + +- ++ + + + Project ID. + +From 8ae1af8068d1718a861a25bf954e14392384fa55 Mon Sep 17 00:00:00 2001 +From: Helen Koike +Date: Wed, 4 Jul 2018 09:25:46 -0300 +Subject: [PATCH 3/7] fence_gce: add power cycle as default method + +Add function to power cycle an instance and set cycle as the default +method to reboot. +--- + agents/gce/fence_gce.py | 21 +++++++++++++++++++-- + tests/data/metadata/fence_gce.xml | 8 ++++++++ + 2 files changed, 27 insertions(+), 2 deletions(-) + +diff --git a/agents/gce/fence_gce.py b/agents/gce/fence_gce.py +index e53dc5a6..3f77dc24 100644 +--- a/agents/gce/fence_gce.py ++++ b/agents/gce/fence_gce.py +@@ -83,6 +83,21 @@ def set_power_status(conn, options): + fail_usage("Failed: set_power_status: {}".format(str(err))) + + ++def power_cycle(conn, options): ++ try: ++ LOGGER.info('Issuing reset of %s in zone %s' % (options["--plug"], options["--zone"])) ++ operation = conn.instances().reset( ++ project=options["--project"], ++ zone=options["--zone"], ++ instance=options["--plug"]).execute() ++ wait_for_operation(conn, options["--project"], options["--zone"], operation) ++ LOGGER.info('Reset of %s in zone %s complete' % (options["--plug"], options["--zone"])) ++ return True ++ except Exception as err: ++ LOGGER.error("Failed: power_cycle: {}".format(str(err))) ++ return False ++ ++ + def get_instance(conn, project, zone, instance): + request = conn.instances().get( + project=project, zone=zone, instance=instance) +@@ -161,13 +176,15 @@ def main(): + + hostname = platform.node() + +- device_opt = ["port", "no_password", "zone", "project", "logging"] ++ device_opt = ["port", "no_password", "zone", "project", "logging", "method"] + + atexit.register(atexit_handler) + + define_new_opts() + + all_opt["power_timeout"]["default"] = "60" ++ all_opt["method"]["default"] = "cycle" ++ all_opt["method"]["help"] = "-m, --method=[method] Method to fence (onoff|cycle) (Default: cycle)" + + options = check_input(device_opt, process_input(device_opt)) + +@@ -225,7 +242,7 @@ def main(): + fail_usage("Failed retrieving GCE zone. Please provide --zone option: {}".format(str(err))) + + # Operate the fencing device +- result = fence_action(conn, options, set_power_status, get_power_status, get_nodes_list) ++ result = fence_action(conn, options, set_power_status, get_power_status, get_nodes_list, power_cycle) + sys.exit(result) + + if __name__ == "__main__": +diff --git a/tests/data/metadata/fence_gce.xml b/tests/data/metadata/fence_gce.xml +index 507b8385..f522550f 100644 +--- a/tests/data/metadata/fence_gce.xml ++++ b/tests/data/metadata/fence_gce.xml +@@ -10,6 +10,14 @@ For instructions see: https://cloud.google.com/compute/docs/tutorials/python-gui + + Fencing action + ++ ++ ++ ++ ++ Method to fence ++ + + + + +From 68644764695b79a3b75826fe009ea7da675677f7 Mon Sep 17 00:00:00 2001 +From: Helen Koike +Date: Thu, 5 Jul 2018 11:04:32 -0300 +Subject: [PATCH 4/7] fence_gce: add missing imports to retrieve the project + +--- + agents/gce/fence_gce.py | 9 +++++++++ + 1 file changed, 9 insertions(+) + +diff --git a/agents/gce/fence_gce.py b/agents/gce/fence_gce.py +index 3f77dc24..9b7b5e55 100644 +--- a/agents/gce/fence_gce.py ++++ b/agents/gce/fence_gce.py +@@ -2,9 +2,18 @@ + + import atexit + import logging ++import os + import platform + import sys + import time ++if sys.version_info >= (3, 0): ++ # Python 3 imports. ++ import urllib.parse as urlparse ++ import urllib.request as urlrequest ++else: ++ # Python 2 imports. ++ import urllib as urlparse ++ import urllib2 as urlrequest + sys.path.append("@FENCEAGENTSLIBDIR@") + + import googleapiclient.discovery + +From f8f3f11187341622c26e4e439dfda6a37ad660b0 Mon Sep 17 00:00:00 2001 +From: Helen Koike +Date: Thu, 5 Jul 2018 11:05:32 -0300 +Subject: [PATCH 5/7] fence_gce: s/--loging/--stackdriver-logging/ + +--- + agents/gce/fence_gce.py | 42 ++++++++++++++++++--------------------- + tests/data/metadata/fence_gce.xml | 11 +++++++--- + 2 files changed, 27 insertions(+), 26 deletions(-) + +diff --git a/agents/gce/fence_gce.py b/agents/gce/fence_gce.py +index 9b7b5e55..a6befe39 100644 +--- a/agents/gce/fence_gce.py ++++ b/agents/gce/fence_gce.py +@@ -167,14 +167,13 @@ def define_new_opts(): + "required" : "0", + "order" : 3 + } +- all_opt["logging"] = { +- "getopt" : ":", +- "longopt" : "logging", +- "help" : "--logging=[bool] Logging, true/false", ++ all_opt["stackdriver-logging"] = { ++ "getopt" : "", ++ "longopt" : "stackdriver-logging", ++ "help" : "--stackdriver-logging Enable Logging to Stackdriver", + "shortdesc" : "Stackdriver-logging support.", +- "longdesc" : "If enabled (set to true), IP failover logs will be posted to stackdriver logging.", ++ "longdesc" : "If enabled IP failover logs will be posted to stackdriver logging.", + "required" : "0", +- "default" : "false", + "order" : 4 + } + +@@ -185,7 +184,7 @@ def main(): + + hostname = platform.node() + +- device_opt = ["port", "no_password", "zone", "project", "logging", "method"] ++ device_opt = ["port", "no_password", "zone", "project", "stackdriver-logging", "method"] + + atexit.register(atexit_handler) + +@@ -210,22 +209,19 @@ def main(): + run_delay(options) + + # Prepare logging +- logging_env = options.get('--logging') +- if logging_env: +- logging_env = logging_env.lower() +- if any(x in logging_env for x in ['yes', 'true', 'enabled']): +- try: +- import google.cloud.logging.handlers +- client = google.cloud.logging.Client() +- handler = google.cloud.logging.handlers.CloudLoggingHandler(client, name=hostname) +- formatter = logging.Formatter('gcp:stonish "%(message)s"') +- LOGGER = logging.getLogger(hostname) +- handler.setFormatter(formatter) +- LOGGER.addHandler(handler) +- LOGGER.setLevel(logging.INFO) +- except ImportError: +- LOGGER.error('Couldn\'t import google.cloud.logging, ' +- 'disabling Stackdriver-logging support') ++ if options.get('--stackdriver-logging'): ++ try: ++ import google.cloud.logging.handlers ++ client = google.cloud.logging.Client() ++ handler = google.cloud.logging.handlers.CloudLoggingHandler(client, name=hostname) ++ formatter = logging.Formatter('gcp:stonish "%(message)s"') ++ LOGGER = logging.getLogger(hostname) ++ handler.setFormatter(formatter) ++ LOGGER.addHandler(handler) ++ LOGGER.setLevel(logging.INFO) ++ except ImportError: ++ LOGGER.error('Couldn\'t import google.cloud.logging, ' ++ 'disabling Stackdriver-logging support') + + # Prepare cli + try: +diff --git a/tests/data/metadata/fence_gce.xml b/tests/data/metadata/fence_gce.xml +index f522550f..79b82ebb 100644 +--- a/tests/data/metadata/fence_gce.xml ++++ b/tests/data/metadata/fence_gce.xml +@@ -38,9 +38,14 @@ For instructions see: https://cloud.google.com/compute/docs/tutorials/python-gui + + Project ID. + +- +- +- ++ ++ ++ ++ Stackdriver-logging support. ++ ++ ++ ++ + Stackdriver-logging support. + + + +From 9ae0a072424fa982e1d18a2cb661628c38601c3a Mon Sep 17 00:00:00 2001 +From: Helen Koike +Date: Sat, 7 Jul 2018 18:42:01 -0300 +Subject: [PATCH 6/7] fence_gce: use root logger for stackdriver + +--- + agents/gce/fence_gce.py | 29 +++++++++++++++-------------- + 1 file changed, 15 insertions(+), 14 deletions(-) + +diff --git a/agents/gce/fence_gce.py b/agents/gce/fence_gce.py +index a6befe39..1d5095ae 100644 +--- a/agents/gce/fence_gce.py ++++ b/agents/gce/fence_gce.py +@@ -20,7 +20,6 @@ + from fencing import fail_usage, run_delay, all_opt, atexit_handler, check_input, process_input, show_docs, fence_action + + +-LOGGER = logging + METADATA_SERVER = 'http://metadata.google.internal/computeMetadata/v1/' + METADATA_HEADERS = {'Metadata-Flavor': 'Google'} + +@@ -73,37 +72,37 @@ def wait_for_operation(conn, project, zone, operation): + def set_power_status(conn, options): + try: + if options["--action"] == "off": +- LOGGER.info("Issuing poweroff of %s in zone %s" % (options["--plug"], options["--zone"])) ++ logging.info("Issuing poweroff of %s in zone %s" % (options["--plug"], options["--zone"])) + operation = conn.instances().stop( + project=options["--project"], + zone=options["--zone"], + instance=options["--plug"]).execute() + wait_for_operation(conn, options["--project"], options["--zone"], operation) +- LOGGER.info("Poweroff of %s in zone %s complete" % (options["--plug"], options["--zone"])) ++ logging.info("Poweroff of %s in zone %s complete" % (options["--plug"], options["--zone"])) + elif options["--action"] == "on": +- LOGGER.info("Issuing poweron of %s in zone %s" % (options["--plug"], options["--zone"])) ++ logging.info("Issuing poweron of %s in zone %s" % (options["--plug"], options["--zone"])) + operation = conn.instances().start( + project=options["--project"], + zone=options["--zone"], + instance=options["--plug"]).execute() + wait_for_operation(conn, options["--project"], options["--zone"], operation) +- LOGGER.info("Poweron of %s in zone %s complete" % (options["--plug"], options["--zone"])) ++ logging.info("Poweron of %s in zone %s complete" % (options["--plug"], options["--zone"])) + except Exception as err: + fail_usage("Failed: set_power_status: {}".format(str(err))) + + + def power_cycle(conn, options): + try: +- LOGGER.info('Issuing reset of %s in zone %s' % (options["--plug"], options["--zone"])) ++ logging.info('Issuing reset of %s in zone %s' % (options["--plug"], options["--zone"])) + operation = conn.instances().reset( + project=options["--project"], + zone=options["--zone"], + instance=options["--plug"]).execute() + wait_for_operation(conn, options["--project"], options["--zone"], operation) +- LOGGER.info('Reset of %s in zone %s complete' % (options["--plug"], options["--zone"])) ++ logging.info('Reset of %s in zone %s complete' % (options["--plug"], options["--zone"])) + return True + except Exception as err: +- LOGGER.error("Failed: power_cycle: {}".format(str(err))) ++ logging.error("Failed: power_cycle: {}".format(str(err))) + return False + + +@@ -180,7 +179,6 @@ def define_new_opts(): + + def main(): + conn = None +- global LOGGER + + hostname = platform.node() + +@@ -209,18 +207,21 @@ def main(): + run_delay(options) + + # Prepare logging +- if options.get('--stackdriver-logging'): ++ if options.get('--stackdriver-logging') is not None: + try: + import google.cloud.logging.handlers + client = google.cloud.logging.Client() + handler = google.cloud.logging.handlers.CloudLoggingHandler(client, name=hostname) ++ handler.setLevel(logging.INFO) + formatter = logging.Formatter('gcp:stonish "%(message)s"') +- LOGGER = logging.getLogger(hostname) + handler.setFormatter(formatter) +- LOGGER.addHandler(handler) +- LOGGER.setLevel(logging.INFO) ++ root_logger = logging.getLogger() ++ if options.get('--verbose') is None: ++ root_logger.setLevel(logging.INFO) ++ logging.getLogger("googleapiclient").setLevel(logging.ERROR) ++ root_logger.addHandler(handler) + except ImportError: +- LOGGER.error('Couldn\'t import google.cloud.logging, ' ++ logging.error('Couldn\'t import google.cloud.logging, ' + 'disabling Stackdriver-logging support') + + # Prepare cli + +From a52e643708908539d6e5fdb5d36a6cea935e4481 Mon Sep 17 00:00:00 2001 +From: Helen Koike +Date: Wed, 11 Jul 2018 17:16:49 -0300 +Subject: [PATCH 7/7] fence_gce: minor changes in logging + +- Remove hostname (use --plug instead). +- Supress messages from googleapiclient and oauth2client if not error in +non verbose mode. +- s/stonish/stonith +--- + agents/gce/fence_gce.py | 13 ++++++------- + 1 file changed, 6 insertions(+), 7 deletions(-) + +diff --git a/agents/gce/fence_gce.py b/agents/gce/fence_gce.py +index 1d5095ae..3eca0139 100644 +--- a/agents/gce/fence_gce.py ++++ b/agents/gce/fence_gce.py +@@ -3,7 +3,6 @@ + import atexit + import logging + import os +-import platform + import sys + import time + if sys.version_info >= (3, 0): +@@ -180,8 +179,6 @@ def define_new_opts(): + def main(): + conn = None + +- hostname = platform.node() +- + device_opt = ["port", "no_password", "zone", "project", "stackdriver-logging", "method"] + + atexit.register(atexit_handler) +@@ -207,18 +204,20 @@ def main(): + run_delay(options) + + # Prepare logging +- if options.get('--stackdriver-logging') is not None: ++ if options.get('--verbose') is None: ++ logging.getLogger('googleapiclient').setLevel(logging.ERROR) ++ logging.getLogger('oauth2client').setLevel(logging.ERROR) ++ if options.get('--stackdriver-logging') is not None and options.get('--plug'): + try: + import google.cloud.logging.handlers + client = google.cloud.logging.Client() +- handler = google.cloud.logging.handlers.CloudLoggingHandler(client, name=hostname) ++ handler = google.cloud.logging.handlers.CloudLoggingHandler(client, name=options['--plug']) + handler.setLevel(logging.INFO) +- formatter = logging.Formatter('gcp:stonish "%(message)s"') ++ formatter = logging.Formatter('gcp:stonith "%(message)s"') + handler.setFormatter(formatter) + root_logger = logging.getLogger() + if options.get('--verbose') is None: + root_logger.setLevel(logging.INFO) +- logging.getLogger("googleapiclient").setLevel(logging.ERROR) + root_logger.addHandler(handler) + except ImportError: + logging.error('Couldn\'t import google.cloud.logging, ' diff --git a/fence_gce-2-filter-aggregatedlist.patch b/fence_gce-2-filter-aggregatedlist.patch new file mode 100644 index 0000000..29b7203 --- /dev/null +++ b/fence_gce-2-filter-aggregatedlist.patch @@ -0,0 +1,25 @@ +From 8e801d513b9a500ac0d717476aadc1cdabc0a92e Mon Sep 17 00:00:00 2001 +From: Helen Koike +Date: Thu, 19 Jul 2018 13:13:53 -0300 +Subject: [PATCH] fence_gce: filter call to aggregatedList + +Don't list all the instances in the project, filter only the one we are +interested in. +--- + agents/gce/fence_gce.py | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/agents/gce/fence_gce.py b/agents/gce/fence_gce.py +index 3eca0139..93cd1180 100644 +--- a/agents/gce/fence_gce.py ++++ b/agents/gce/fence_gce.py +@@ -112,7 +112,8 @@ def get_instance(conn, project, zone, instance): + + + def get_zone(conn, project, instance): +- request = conn.instances().aggregatedList(project=project) ++ fl = 'name="%s"' % instance ++ request = conn.instances().aggregatedList(project=project, filter=fl) + while request is not None: + response = request.execute() + zones = response.get('items', {}) diff --git a/fence_gce-3-stackdriver-logging-note.patch b/fence_gce-3-stackdriver-logging-note.patch new file mode 100644 index 0000000..8589b77 --- /dev/null +++ b/fence_gce-3-stackdriver-logging-note.patch @@ -0,0 +1,34 @@ +diff -uNr a/agents/gce/fence_gce.py b/agents/gce/fence_gce.py +--- a/agents/gce/fence_gce.py 2018-07-30 16:09:45.811531118 +0200 ++++ b/agents/gce/fence_gce.py 2018-07-30 16:31:28.970202508 +0200 +@@ -174,9 +174,9 @@ + all_opt["stackdriver-logging"] = { + "getopt" : "", + "longopt" : "stackdriver-logging", +- "help" : "--stackdriver-logging Enable Logging to Stackdriver", +- "shortdesc" : "Stackdriver-logging support.", +- "longdesc" : "If enabled IP failover logs will be posted to stackdriver logging.", ++ "help" : "--stackdriver-logging Enable Logging to Stackdriver. Using stackdriver logging requires additional libraries (google-cloud-logging).", ++ "shortdesc" : "Stackdriver-logging support. Requires additional libraries (google-cloud-logging).", ++ "longdesc" : "If enabled IP failover logs will be posted to stackdriver logging. Using stackdriver logging requires additional libraries (google-cloud-logging).", + "required" : "0", + "order" : 4 + } +diff -uNr a/tests/data/metadata/fence_gce.xml b/tests/data/metadata/fence_gce.xml +--- a/tests/data/metadata/fence_gce.xml 2018-07-30 16:09:45.548532576 +0200 ++++ b/tests/data/metadata/fence_gce.xml 2018-07-30 16:32:05.392988450 +0200 +@@ -41,12 +41,12 @@ + + + +- Stackdriver-logging support. ++ Stackdriver-logging support. Requires additional libraries (google-cloud-logging). + + + + +- Stackdriver-logging support. ++ Stackdriver-logging support. Requires additional libraries (google-cloud-logging). + + + diff --git a/fence_ilo3-fence_ipmilan-show-correct-default-method.patch b/fence_ilo3-fence_ipmilan-show-correct-default-method.patch new file mode 100644 index 0000000..677ebb1 --- /dev/null +++ b/fence_ilo3-fence_ipmilan-show-correct-default-method.patch @@ -0,0 +1,26 @@ +From bd1b11884f33f5fce5ca7618c9f87b540592e1b6 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Mon, 2 Jul 2018 16:36:41 +0200 +Subject: [PATCH] fence_ilo3/fence_ipmilan: show correct default method (onoff) + in help + +--- + agents/ipmilan/fence_ipmilan.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/agents/ipmilan/fence_ipmilan.py b/agents/ipmilan/fence_ipmilan.py +index 453d7365..9610f1c6 100644 +--- a/agents/ipmilan/fence_ipmilan.py ++++ b/agents/ipmilan/fence_ipmilan.py +@@ -171,7 +171,7 @@ def main(): + all_opt["lanplus"]["default"] = "1" + + all_opt["ipport"]["default"] = "623" +- all_opt["method"]["help"] = "-m, --method=[method] Method to fence (onoff|cycle) (Default: cycle)\n" \ ++ all_opt["method"]["help"] = "-m, --method=[method] Method to fence (onoff|cycle) (Default: onoff)\n" \ + "WARNING! This fence agent might report success before the node is powered off. " \ + "You should use -m/method onoff if your fence device works correctly with that option." + +-- +2.17.1 + diff --git a/fence_impilan-fence_ilo_ssh-add-ilo5-support.patch b/fence_impilan-fence_ilo_ssh-add-ilo5-support.patch new file mode 100644 index 0000000..8e23e64 --- /dev/null +++ b/fence_impilan-fence_ilo_ssh-add-ilo5-support.patch @@ -0,0 +1,33 @@ +diff -uNr a/agents/ilo_ssh/fence_ilo_ssh.py b/agents/ilo_ssh/fence_ilo_ssh.py +--- a/agents/ilo_ssh/fence_ilo_ssh.py 2018-06-18 12:14:35.000000000 +0200 ++++ b/agents/ilo_ssh/fence_ilo_ssh.py 2018-06-28 12:26:14.274615003 +0200 +@@ -54,7 +54,8 @@ + device via ssh and reboot a specified outlet. " + docs["vendorurl"] = "http://www.hp.com" + docs["symlink"] = [("fence_ilo3_ssh", "Fence agent for HP iLO3 over SSH"), +- ("fence_ilo4_ssh", "Fence agent for HP iLO4 over SSH")] ++ ("fence_ilo4_ssh", "Fence agent for HP iLO4 over SSH"), ++ ("fence_ilo5_ssh", "Fence agent for HP iLO5 over SSH")] + show_docs(options, docs) + + options["eol"] = "\r" +diff -uNr a/agents/ipmilan/fence_ipmilan.py b/agents/ipmilan/fence_ipmilan.py +--- a/agents/ipmilan/fence_ipmilan.py 2018-06-18 12:14:35.000000000 +0200 ++++ b/agents/ipmilan/fence_ipmilan.py 2018-06-28 12:26:14.275614990 +0200 +@@ -169,6 +169,8 @@ + all_opt["lanplus"]["default"] = "1" + elif os.path.basename(sys.argv[0]) == "fence_ilo4": + all_opt["lanplus"]["default"] = "1" ++ elif os.path.basename(sys.argv[0]) == "fence_ilo5": ++ all_opt["lanplus"]["default"] = "1" + + all_opt["ipport"]["default"] = "623" + all_opt["method"]["help"] = "-m, --method=[method] Method to fence (onoff|cycle) (Default: cycle)\n" \ +@@ -187,6 +189,7 @@ + docs["vendorurl"] = "" + docs["symlink"] = [("fence_ilo3", "Fence agent for HP iLO3"), + ("fence_ilo4", "Fence agent for HP iLO4"), ++ ("fence_ilo5", "Fence agent for HP iLO5"), + ("fence_imm", "Fence agent for IBM Integrated Management Module"), + ("fence_idrac", "Fence agent for Dell iDRAC")] + show_docs(options, docs) diff --git a/fence_kdump-fix-strncpy-issue.patch b/fence_kdump-fix-strncpy-issue.patch new file mode 100644 index 0000000..7514b81 --- /dev/null +++ b/fence_kdump-fix-strncpy-issue.patch @@ -0,0 +1,36 @@ +From ac83d8ce3d8dd868b0e887528e7c269cee4dcac8 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Tue, 31 Jul 2018 15:57:38 +0200 +Subject: [PATCH] fence_kdump: fix strncpy issue + +--- + agents/kdump/fence_kdump.c | 2 +- + agents/kdump/fence_kdump_send.c | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/agents/kdump/fence_kdump.c b/agents/kdump/fence_kdump.c +index e2f3cd80..768a9344 100644 +--- a/agents/kdump/fence_kdump.c ++++ b/agents/kdump/fence_kdump.c +@@ -351,7 +351,7 @@ get_options_node (fence_kdump_opts_t *opts) + hints.ai_protocol = IPPROTO_UDP; + hints.ai_flags = AI_NUMERICSERV; + +- strncpy (node->name, opts->nodename, sizeof (node->name)); ++ strncpy (node->name, opts->nodename, sizeof (node->name) - 1); + snprintf (node->port, sizeof (node->port), "%d", opts->ipport); + + node->info = NULL; +diff --git a/agents/kdump/fence_kdump_send.c b/agents/kdump/fence_kdump_send.c +index d668bed3..638f8c97 100644 +--- a/agents/kdump/fence_kdump_send.c ++++ b/agents/kdump/fence_kdump_send.c +@@ -116,7 +116,7 @@ get_options_node (fence_kdump_opts_t *opts) + hints.ai_protocol = IPPROTO_UDP; + hints.ai_flags = AI_NUMERICSERV; + +- strncpy (node->name, opts->nodename, sizeof (node->name)); ++ strncpy (node->name, opts->nodename, sizeof (node->name) - 1); + snprintf (node->port, sizeof (node->port), "%d", opts->ipport); + + node->info = NULL; diff --git a/fence_mpath-watchdog-support.patch b/fence_mpath-watchdog-support.patch new file mode 100644 index 0000000..c2f0122 --- /dev/null +++ b/fence_mpath-watchdog-support.patch @@ -0,0 +1,176 @@ +From 199b1efee0ba1f01c27ca689a15465cf4a258ee6 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Mon, 22 Jan 2018 11:27:28 +0100 +Subject: [PATCH] fence_mpath: add watchdog support + +--- + agents/Makefile.am | 11 ++++++++ + agents/mpath/fence_mpath.py | 50 ++++++++++++++++++++++++++++++++++--- + configure.ac | 6 +++++ + make/fencebuild.mk | 2 +- + tests/data/metadata/fence_mpath.xml | 2 +- + 5 files changed, 66 insertions(+), 5 deletions(-) + +diff --git a/agents/Makefile.am b/agents/Makefile.am +index 2524a3ab..833d2af5 100644 +--- a/agents/Makefile.am ++++ b/agents/Makefile.am +@@ -50,6 +50,11 @@ zvm_fence_zvm_SOURCES = zvm/fence_zvm.c + zvm_fence_zvm_CFLAGS = -D_GNU_SOURCE -Izvm + endif + ++if BUILD_FENCE_MPATH ++mpathdatadir = $(CLUSTERDATA) ++mpathdata_SCRIPTS = mpath/fence_mpath_check mpath/fence_mpath_check_hardreboot ++endif ++ + if BUILD_FENCE_SCSI + scsidatadir = $(CLUSTERDATA) + scsidata_SCRIPTS = scsi/fence_scsi_check scsi/fence_scsi_check_hardreboot +@@ -72,6 +77,12 @@ manual/fence_ack_manual: manual/fence_ack_manual.in + -e 's#@clustervarrun@#${CLUSTERVARRUN}#g' \ + > $@ + ++mpath/fence_mpath_check: mpath/fence_mpath ++ cp $^ $@ ++ ++mpath/fence_mpath_check_hardreboot: mpath/fence_mpath ++ cp $^ $@ ++ + scsi/fence_scsi_check: scsi/fence_scsi + cp $^ $@ + +diff --git a/agents/mpath/fence_mpath.py b/agents/mpath/fence_mpath.py +index ac5bc794..d9ac2ef5 100644 +--- a/agents/mpath/fence_mpath.py ++++ b/agents/mpath/fence_mpath.py +@@ -143,25 +143,63 @@ def dev_write(options, dev): + store_fh.write(dev + "\t" + options["--key"] + "\n") + store_fh.close() + +-def dev_read(options): ++def dev_read(options, fail=True): + dev_key = {} + file_path = options["--store-path"] + "/mpath.devices" + try: + store_fh = open(file_path, "r") + except IOError: +- fail_usage("Failed: Cannot open file \"" + file_path + "\"") ++ if fail: ++ fail_usage("Failed: Cannot open file \"" + file_path + "\"") ++ else: ++ return None + # get not empty lines from file + for (device, key) in [line.strip().split() for line in store_fh if line.strip()]: + dev_key[device] = key + store_fh.close() + return dev_key + ++def mpath_check_get_verbose(): ++ try: ++ f = open("/etc/sysconfig/watchdog", "r") ++ except IOError: ++ return False ++ match = re.search(r"^\s*verbose=yes", "".join(f.readlines()), re.MULTILINE) ++ f.close() ++ return bool(match) ++ ++def mpath_check(hardreboot=False): ++ if len(sys.argv) >= 3 and sys.argv[1] == "repair": ++ return int(sys.argv[2]) ++ options = {} ++ options["--mpathpersist-path"] = "/usr/sbin/mpathpersist" ++ options["--store-path"] = "/var/run/cluster" ++ options["--power-timeout"] = "5" ++ if mpath_check_get_verbose(): ++ logging.getLogger().setLevel(logging.DEBUG) ++ devs = dev_read(options, fail=False) ++ if not devs: ++ logging.error("No devices found") ++ return 0 ++ for dev, key in list(devs.items()): ++ if key in get_registration_keys(options, dev): ++ logging.debug("key " + key + " registered with device " + dev) ++ return 0 ++ else: ++ logging.debug("key " + key + " not registered with device " + dev) ++ logging.debug("key " + key + " registered with any devices") ++ ++ if hardreboot == True: ++ libc = ctypes.cdll['libc.so.6'] ++ libc.reboot(0x1234567) ++ return 2 ++ + def define_new_opts(): + all_opt["devices"] = { + "getopt" : "d:", + "longopt" : "devices", + "help" : "-d, --devices=[devices] List of devices to use for current operation", +- "required" : "1", ++ "required" : "0", + "shortdesc" : "List of devices to use for current operation. Devices can \ + be comma-separated list of device-mapper multipath devices (eg. /dev/mapper/3600508b400105df70000e00000ac0000 or /dev/mapper/mpath1). \ + Each device must support SCSI-3 persistent reservations.", +@@ -205,6 +243,12 @@ def main(): + + define_new_opts() + ++ # fence_mpath_check ++ if os.path.basename(sys.argv[0]) == "fence_mpath_check": ++ sys.exit(mpath_check()) ++ elif os.path.basename(sys.argv[0]) == "fence_mpath_check_hardreboot": ++ sys.exit(mpath_check(hardreboot=True)) ++ + options = check_input(device_opt, process_input(device_opt), other_conditions=True) + + docs = {} +diff --git a/configure.ac b/configure.ac +index e8b24211..24b857b3 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -148,6 +148,11 @@ if echo "$AGENTS_LIST" | grep -q -E "all|manual"; then + AGENTS_LIST=$(echo "$AGENTS_LIST" | sed -E "s/manual( |$)//") + fi + ++FENCE_MPATH=0 ++if echo "$AGENTS_LIST" | grep -q -E "all|mpath"; then ++ FENCE_MPATH=1 ++fi ++ + FENCE_SCSI=0 + if echo "$AGENTS_LIST" | grep -q -E "all|scsi"; then + FENCE_SCSI=1 +@@ -312,6 +317,7 @@ AC_SUBST([SNMPBIN]) + AC_SUBST([AGENTS_LIST]) + AM_CONDITIONAL(BUILD_FENCE_KDUMP, test $FENCE_KDUMP -eq 1) + AM_CONDITIONAL(BUILD_FENCE_MANUAL, test $FENCE_MANUAL -eq 1) ++AM_CONDITIONAL(BUILD_FENCE_MPATH, test $FENCE_MPATH -eq 1) + AM_CONDITIONAL(BUILD_FENCE_SCSI, test $FENCE_SCSI -eq 1) + AM_CONDITIONAL(BUILD_FENCE_ZVM, test $FENCE_ZVM -eq 1) + AM_CONDITIONAL(BUILD_XENAPILIB, test $XENAPILIB -eq 1) +diff --git a/make/fencebuild.mk b/make/fencebuild.mk +index e08d5200..6a7c6f63 100644 +--- a/make/fencebuild.mk ++++ b/make/fencebuild.mk +@@ -51,7 +51,7 @@ $(TARGET): + $(call gen_agent_from_py) + + clean: clean-man +- rm -f $(CLEAN_TARGET:%.8=%) $(CLEAN_TARGET_ADDITIONAL) $(scsidata_SCRIPTS) */*.pyc *.pyc */*.wiki ++ rm -f $(CLEAN_TARGET:%.8=%) $(CLEAN_TARGET_ADDITIONAL) $(mpathdata_SCRIPTS) $(scsidata_SCRIPTS) */*.pyc */*.wiki + + if [ "$(abs_builddir)" = "$(abs_top_builddir)/lib" ]; then \ + rm -f $(TARGET); \ +diff --git a/tests/data/metadata/fence_mpath.xml b/tests/data/metadata/fence_mpath.xml +index f384e50b..bbe9ad2b 100644 +--- a/tests/data/metadata/fence_mpath.xml ++++ b/tests/data/metadata/fence_mpath.xml +@@ -9,7 +9,7 @@ The fence_mpath agent works by having a unique key for each node that has to be + + Fencing action + +- ++ + + + List of devices to use for current operation. Devices can be comma-separated list of device-mapper multipath devices (eg. /dev/mapper/3600508b400105df70000e00000ac0000 or /dev/mapper/mpath1). Each device must support SCSI-3 persistent reservations. diff --git a/fix-version.patch b/fix-version.patch new file mode 100644 index 0000000..dbb2fc2 --- /dev/null +++ b/fix-version.patch @@ -0,0 +1,10 @@ +diff -uNr a/.tarball-version b/.tarball-version +--- a/.tarball-version 1970-01-01 01:00:00.000000000 +0100 ++++ b/.tarball-version 2018-08-20 10:42:03.876068353 +0200 +@@ -0,0 +1 @@ ++4.2.1 +diff -uNr a/.version b/.version +--- a/.version 1970-01-01 01:00:00.000000000 +0100 ++++ b/.version 2018-08-20 10:52:35.712060731 +0200 +@@ -0,0 +1 @@ ++4.2.1 diff --git a/python3-has_key-fixes.patch b/python3-has_key-fixes.patch new file mode 100644 index 0000000..9252cb1 --- /dev/null +++ b/python3-has_key-fixes.patch @@ -0,0 +1,74 @@ +From 29f93ed6f7f79cad801bf08ad9172c8a62183435 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Tue, 14 Aug 2018 12:33:41 +0200 +Subject: [PATCH] fence_compute/fence_evacuate/fence_rhevm: dont use has_key + (not supported in Python 3) + +--- + agents/compute/fence_compute.py | 4 ++-- + agents/evacuate/fence_evacuate.py | 4 ++-- + agents/rhevm/fence_rhevm.py | 4 ++-- + 3 files changed, 6 insertions(+), 6 deletions(-) + +diff --git a/agents/compute/fence_compute.py b/agents/compute/fence_compute.py +index ec2d093c..254e2670 100644 +--- a/agents/compute/fence_compute.py ++++ b/agents/compute/fence_compute.py +@@ -311,7 +311,7 @@ def create_nova_connection(options): + region_name=options["--region-name"], + endpoint_type=options["--endpoint-type"], + session=keystone_session, auth=keystone_auth, +- http_log_debug=options.has_key("--verbose")) ++ http_log_debug="--verbose" in options) + else: + # OSP >= 11 + # ArgSpec(args=['version'], varargs='args', keywords='kwargs', defaults=None) +@@ -319,7 +319,7 @@ def create_nova_connection(options): + region_name=options["--region-name"], + endpoint_type=options["--endpoint-type"], + session=keystone_session, auth=keystone_auth, +- http_log_debug=options.has_key("--verbose")) ++ http_log_debug="--verbose" in options) + + try: + nova.hypervisors.list() +diff --git a/agents/evacuate/fence_evacuate.py b/agents/evacuate/fence_evacuate.py +index 615dede7..6818c44f 100644 +--- a/agents/evacuate/fence_evacuate.py ++++ b/agents/evacuate/fence_evacuate.py +@@ -245,7 +245,7 @@ def create_nova_connection(options): + region_name=options["--region-name"], + endpoint_type=options["--endpoint-type"], + session=keystone_session, auth=keystone_auth, +- http_log_debug=options.has_key("--verbose")) ++ http_log_debug="--verbose" in options) + else: + # OSP >= 11 + # ArgSpec(args=['version'], varargs='args', keywords='kwargs', defaults=None) +@@ -253,7 +253,7 @@ def create_nova_connection(options): + region_name=options["--region-name"], + endpoint_type=options["--endpoint-type"], + session=keystone_session, auth=keystone_auth, +- http_log_debug=options.has_key("--verbose")) ++ http_log_debug="--verbose" in options) + + try: + nova.hypervisors.list() +diff --git a/agents/rhevm/fence_rhevm.py b/agents/rhevm/fence_rhevm.py +index 0594e66b..c06b7c39 100644 +--- a/agents/rhevm/fence_rhevm.py ++++ b/agents/rhevm/fence_rhevm.py +@@ -74,11 +74,11 @@ def send_command(opt, command, method="GET"): + url = "https:" + else: + url = "http:" +- if opt.has_key("--api-path"): ++ if "--api-path" in opt: + api_path = opt["--api-path"] + else: + api_path = "/ovirt-engine/api" +- if opt.has_key("--disable-http-filter"): ++ if "--disable-http-filter" in opt: + http_filter = 'false' + else: + http_filter = 'true' diff --git a/sources b/sources new file mode 100644 index 0000000..ef377b4 --- /dev/null +++ b/sources @@ -0,0 +1,38 @@ +SHA512 (Jinja2-3.0.2.tar.gz) = cea7d24656bbc9117785886caee4eb28bc417bd7529152493ac2dd5041d798a1e30c0c5c619327817a708b1af8d08f13ae9125bbc7cb7d440045cb54d7bfbd9e +SHA512 (MarkupSafe-2.0.1.tar.gz) = 77249bda784111ece15d59eb3de1cbb37a58fb9f22902fe6b73fea9eb0f23857ccbe53dc55463278e3b91f78dc35e2b027fd823ca50d88d8985d5a98ce2327f1 +SHA512 (PyYAML-6.0.tar.gz) = b402993073282e7f4202823b051d364b91929362edd5b3aebe93b56833956ec9279c1ba82b97f8bc8a2b82d20e1060e4ec9fc90400a6ed902adce3e4f83a6e0e +SHA512 (aliyun-python-sdk-core-2.13.1.tar.gz) = c9eaccf3ed06ff2f5edc89d605511223650816ae3b192e6149f1b113d1d04c05c5220bdd588dc83024486748354436fec65fa59f5858befaa7cf9524dbb6da19 +SHA512 (aliyun-python-sdk-ecs-4.9.3.tar.gz) = 83b35b7e774fa8892106f771731cc11ca823fe3d6f3e2f5bc5f075e475623573b9123e5ecb2a750d13ebcda9bc76242485636d2d3284c3eec89afcb4ec3070a4 +SHA512 (aliyun-python-sdk-vpc-3.0.2.tar.gz) = e9e4f8224f828a0e0737e4515799e62e4d3808ef2985ae733c8dbe88961daae2d7524000d1ec09e6a5d7ec9491f1e29365e61a4bcfa4b6dbf5a4ec338386e209 +SHA512 (botocore-1.23.46.tar.gz) = 241d44bb509847e97744a0d4b8e38f44eba1f0e0b11d36b3194cd85b06b5a841dd5bee91b4602ddf3bc36c6945638104f22ca0083150fb5331f4c62a9e22c947 +SHA512 (cachetools-4.2.4.tar.gz) = 29a6bb3a064e5603cd3e3882d8e5a6a6ef95ba3029716692c9a82d7186a0befcfb8ed4a0ee3ecb591fdff93a46836d5b25acca7ba5eab1ba837e86404aea8fcf +SHA512 (certifi-2021.10.8.tar.gz) = 06dc41a471f16f6c52751854e82fb42011c9388651cff55761298b86ba437d431e6325ab039ef330f2b2c5f69f5ba43dc468e7ca3df205a8bb31468f43711fbe +SHA512 (chardet-4.0.0.tar.gz) = ebd7f420e1094445270db993f6373ffe7370419e002b0bb13299dc6c9b0f7c4e77b0f44f871fba6371e6869e7c86728514367db377e3137487a3acf50cb81e96 +SHA512 (charset-normalizer-2.0.7.tar.gz) = 7096fa23fade52c8eee2577b87aa574deffe6f66e8986f71172f3b9212bd6c6fb17901cceab90144c9d07de8bc6f5e320497daa3d3f749f436788232d4cba088 +SHA512 (fence-agents-4.2.1.tar.gz) = f9e2f8315120efdad4772b466caab38fb1d1fdb101baac28fb560fba279594ab2220c6470e8cda855eb6458e01841fc1c5664483ce3104986dc54b4e875d299f +SHA512 (google-auth-2.3.0.tar.gz) = cf0040d238880ea4bbad64f0a47311f2ed3922a7301a0d5287319b39ea8e76dca66dc78fd860cc12386b078bd2147a1cba01de97381420ef94cc44fca0c90ad1 +SHA512 (httplib2-0.19.1-py3-none-any.whl) = 83b9b36fe27e6ac5b931f0889bd63f6f9e952cfb87baa09ccb0f8eeed9cae1932b002109832d21f54c5c0a204bd4e3d218e86a8f8104c8df9e29b76d9e0cf3d1 +SHA512 (idna-3.3.tar.gz) = 70b7cc8718e7d7899c75cfe476f044eae5a2fa03801fc9c12e3a092627ca943ffc4a578f9b8a55e181a11564835e125cfaaa577c02a6461dbb97366e620e53ad +SHA512 (jmespath-0.10.0.tar.gz) = 9e229b5809d2dd74eb7dbf518953f848175743fb0ee91ffc901777be2f4809cc0c4f4ba40890746533e344f64e900ec189d6a8c847c864fa47fbf67e5106a7bc +SHA512 (kubernetes-12.0.1.tar.gz) = ff4739dc185dbf46050e53382b9260a0a69c55b43820ccb1df498718c78d1bf42842f4ab1b6d0c3520c5edab45d9c9c9527aea9ccb0b6347f34e18202f9155a2 +SHA512 (oauthlib-3.1.1.tar.gz) = 1c18f265a6017a6f2bf77507f5de095b439be36f309316993b547ded0f306461b058dcb85dc245bf26f65a9c77be44ca38f9053f3300a9b5cb92332b61a7f307 +SHA512 (openshift-0.12.1.tar.gz) = 35a0ecfbc12d657f5f79d4c752a7c023a2a5e3fc5e7b377d9f11ce4a7d5f666ca5c6296f31adb44b7680d051af42d3638ced1092fb7e9146d2cc998f2c3a7b80 +SHA512 (packaging-21.2-py3-none-any.whl) = 620a077783da21db677eda413c7cfcd9a9112afd573deda853615fad5b7f79b0ddfae4a7ee5d69834ba45e2299ebf343c6398b8eb60bb04569883520ada4a381 +SHA512 (pyasn1-0.4.8.tar.gz) = e64e70b325c8067f87ace7c0673149e82fe564aa4b0fa146d29b43cb588ecd6e81b1b82803b8cfa7a17d3d0489b6d88b4af5afb3aa0052bf92e8a1769fe8f7b0 +SHA512 (pyasn1-modules-0.2.8.tar.gz) = fdfcaa065deffdd732deaa1fa30dec2fc4a90ffe15bd12de40636ce0212f447611096d2f4e652ed786b5c47544439e6a93721fabe121f3320f13965692a1ca5b +SHA512 (pycryptodome-3.6.4.tar.gz) = b565acf2d4dad80842a677dac2e69719dedb870d93d35948f3ef04da120c89fdf80f5b08864c182e2537ff60bbce8487cec6bfe8bb9acc1833194a667932a5c6 +SHA512 (pyparsing-2.4.7-py2.py3-none-any.whl) = acb6b4ff90254d73804621d302926deb69bc99ffde16d7aa16cba7d0af7a53c25b7197d422309d9e82a766704fd7ea4c8b078a48d2e7d8658a8b237266fe24f5 +SHA512 (pyparsing-3.0.1.tar.gz) = 4a91daaf962a4d689ac26a712a83e8c4fbebc33270b6e46f0ae34fe247f6858d6334fbb59bdbbafa448703d24763fe1c86ce164e095de5003c7f1390960ba520 +SHA512 (python-dateutil-2.8.2.tar.gz) = 6538858e4a3e2d1de1bf25b6d8b25e3a8d20bf60fb85e32d07ac491c90ce193e268bb5641371b8a79fb0f033a184bac9896b3bc643c1aca9ee9c6478286ac20c +SHA512 (python-string-utils-1.0.0.tar.gz) = 23ee48053848edd74915a985ee9edec48bbba468e228745f7d27b6a855c67f6b7ddf1cf71049458bf0b1c6c4d4f905ebacfac960597cbadbbe2daa1fe9472280 +SHA512 (requests-2.26.0.tar.gz) = c3397d77f0d2f1afb05661c4b98adad6c1ddaf360906254150b33ab0d9479fd306905bd6d61b8cf8becd9a40bdcf9b03542e8267c644ef19f03f44bfca0bc461 +SHA512 (requests-oauthlib-1.3.0.tar.gz) = 7ef206aaf50cd3289f04175ff3a08022d00aeaaba57a6580912f37c30880322ec71ae9f6af7edc99efe6043fc6c19ba2c9f6fc0f29c126be28cde22bb885510d +SHA512 (rsa-4.7.2.tar.gz) = 63f561774dbaa10511167cba31e0f852e32b3250f2803edaa2729dc2b28baa2c42cb79dfbd49e38eb42ce82f665ed4c3d9dcc810c37380401e2c62202b1c7948 +SHA512 (ruamel.yaml-0.17.16.tar.gz) = 61780127c23a2fa20c6ce29b27790b72538b5ea0370906d38f4cfe760c30a3756022a385d3f241dd88199358ff152d624dc372fbe7e1fd6d2959f873daf1263d +SHA512 (ruamel.yaml.clib-0.2.6.tar.gz) = 12307a3c3bae09cf65d9672894c9a869a7ed5483ca3afb9ee39d8bcbf1948b012a0dbf570e315cc8b9a8b55184de9e10324953ec4819d214379e01522ee13b20 +SHA512 (setuptools-58.3.0.tar.gz) = 5a38231c2ce361ad45befbd0de34dd7dde9d15f25e7fe2b8cf595d43eeee86fb3c2400e5b2676b547a025217aad85e63b1db6d9778baa412eefb25b22170c587 +SHA512 (setuptools_scm-6.3.2.tar.gz) = 9a16552803ef92367ad71007cf322737b5baa58b924083f04c860875bf6cb2e2bb4f43a7f89778b040c2eb55c5d32de479a918056519339820c6d0f1a6a386f0 +SHA512 (six-1.16.0.tar.gz) = 076fe31c8f03b0b52ff44346759c7dc8317da0972403b84dfe5898179f55acdba6c78827e0f8a53ff20afe8b76432c6fe0d655a75c24259d9acbaa4d9e8015c0 +SHA512 (tomli-1.0.1.tar.gz) = 2731ff827bda17471bf75a44b445062bd4c43adfc9f0fdab4f8953e559f60708bc3e3500b424bf914c5e472fc9afbab72316c5a3b47c3a7654b2eb5343e62d21 +SHA512 (urllib3-1.26.7.tar.gz) = 6f5a5e6dd5ff99950fcc051495e0a698153b57e20b6c83d869b54c7fece9616909bcf2fe99efc40815f8722996ad93e430bf765ce5c629b912690c286014b86f +SHA512 (websocket-client-1.2.1.tar.gz) = fdbeb7ac2add27478a17b388ac62e9378094a368f29749d8b63c274ee41836506369dddd083956f42f1f2d74948392b3ddd59b801c98f9e028c126bdb54c636b