Compare commits

..

No commits in common. "a9" and "c8" have entirely different histories.
a9 ... c8

185 changed files with 13591 additions and 4044 deletions

View File

@ -1,103 +1,37 @@
a9db54d91b53f76f546afa1414dd015c0574ebeb SOURCES/Jinja2-3.1.3.tar.gz 3297473a9d57e93ff378eab173990c1b64673c01 SOURCES/Jinja2-3.0.2.tar.gz
e1b766b2b1601fde67b3b19ed2f13b9746bb1cca SOURCES/MarkupSafe-2.0.1.tar.gz e1b766b2b1601fde67b3b19ed2f13b9746bb1cca SOURCES/MarkupSafe-2.0.1.tar.gz
e1fb5dc6f95a85e7d1f93c6701b331201e8b5479 SOURCES/PyJWT-2.1.0-py3-none-any.whl a8c40a3ae9d4c159382a58db3153d83e5521c51e SOURCES/PyYAML-6.0.tar.gz
53fc16036940089ceadd4127381e40fd6106a7ed SOURCES/PyYAML-5.1.tar.gz 0a56f6d9ed2014a363486d33b63eca094379be06 SOURCES/aliyun-python-sdk-core-2.13.1.tar.gz
b53cba68215f389dffaa51ee2afe10c943278646 SOURCES/adal-1.2.7-py2.py3-none-any.whl c2a98b9a1562d223a76514f05028488ca000c395 SOURCES/aliyun-python-sdk-ecs-4.9.3.tar.gz
f524069cc0d499c78034b66cf0e8e45344e89791 SOURCES/aliyun-cli-3.0.198.tar.gz f14647a4d37a9a254c4e711b95a7654fc418e41e SOURCES/aliyun-python-sdk-vpc-3.0.2.tar.gz
c6a6dd2c97adb5a22856ce78ad9e3fdc1cbb9760 SOURCES/aliyun-cli-go-vendor.tar.gz 2512ff4ef016cad0b916006f6acf2a309f908c4d SOURCES/botocore-1.23.46.tar.gz
87ad43ef7b7e1cbcba1d743541b3118cffda63f8 SOURCES/aliyun-openapi-meta-5cf98b660.tar.gz
bda476965c380701795849179ed91e9d8134ec7c SOURCES/aliyun-python-sdk-core-2.11.5.tar.gz
2a3e6ee5713a3cfb47e63a739cc9a05580d95dd6 SOURCES/aliyun_python_sdk_ecs-4.24.7-py2.py3-none-any.whl
459383a3bcb16956030e302008a0f140a5fec0fb SOURCES/awscli-2.2.15.tar.gz
a08c16f613cb0b9a9f8ce7cae782ea20c40ce2af SOURCES/awscrt-0.11.13-cp39-cp39-manylinux2014_x86_64.whl
46d2d17d958ae305ced32fdd6aa847b0cdf31989 SOURCES/azure-identity-1.10.0.zip
70a8e279429feaa0ed39bf2da123e5d53c37b0e6 SOURCES/azure_common-1.1.27-py2.py3-none-any.whl
63fee5e61283d1c972abd3786ed609da6fd7ea5b SOURCES/azure_core-1.15.0-py2.py3-none-any.whl
584ff1897b56673bee12e77aec07e68ebe9f789b SOURCES/azure_mgmt_compute-21.0.0-py2.py3-none-any.whl
e20df6c9635f1db9a3c891b9239b4319d88b1747 SOURCES/azure_mgmt_core-1.2.2-py2.py3-none-any.whl
3bb341e87329c7507863f0ec53f8cb6e16d698d6 SOURCES/azure_mgmt_network-19.0.0-py2.py3-none-any.whl
6591882be0937b2b900eab4ec70feadf34f71738 SOURCES/boto3-1.17.102-py2.py3-none-any.whl
22507f43314ccb2dd203337e87ffafb385ba3627 SOURCES/botocore-1.20.102-py2.py3-none-any.whl
6ef53a76455b377b02b4774c32a04e241cdb24eb SOURCES/botocore-2.0.0dev123.zip
c953dcd6e69587e5b182d77255ed836172fea70a SOURCES/cachetools-4.2.2-py3-none-any.whl
0d12f48faa727f0979e9ad5c4c80dfa32b73caff SOURCES/cachetools-4.2.4.tar.gz 0d12f48faa727f0979e9ad5c4c80dfa32b73caff SOURCES/cachetools-4.2.4.tar.gz
ec7e8dd8ef95edfdb83a1ea040b8b88507b47615 SOURCES/certifi-2023.7.22.tar.gz ec7e8dd8ef95edfdb83a1ea040b8b88507b47615 SOURCES/certifi-2023.7.22.tar.gz
17953cc85717e0f4501dbc7b5fb8e75d67dcdcd3 SOURCES/cffi-1.14.5-cp39-cp39-manylinux1_x86_64.whl 2384f6cfba4685d901262e073a4455d4cf76d102 SOURCES/chardet-4.0.0.tar.gz
96faab7de7e9a71b37f22adb64daf2898e967e3e SOURCES/chardet-3.0.4-py2.py3-none-any.whl
e9eb83c71c09b3c8249bd7d6d2619b65fff03874 SOURCES/chardet-4.0.0-py2.py3-none-any.whl
865df92e66e5dc7b940144cbad8115c07dc8784f SOURCES/charset-normalizer-2.0.7.tar.gz 865df92e66e5dc7b940144cbad8115c07dc8784f SOURCES/charset-normalizer-2.0.7.tar.gz
a8ee91adf4644bbdccfc73ead88f4cd0df7e3552 SOURCES/colorama-0.3.3.tar.gz e2561df8e7ff9113dab118a651371dd88dab0142 SOURCES/fence-agents-4.2.1.tar.gz
444d5ea320f95cd6205535a1be2805598847191b SOURCES/colorama-0.4.3-py2.py3-none-any.whl
536a57d70d505e4de8595650603d7e2ecc58b34b SOURCES/cryptography-3.3.2-cp36-abi3-manylinux2010_x86_64.whl
4b50bebad4c5036c030a78cbb869d039bc91c4ec SOURCES/distro-1.5.0-py2.py3-none-any.whl
aafeddc912b74557754b2aaece3f1364be8e9f6a SOURCES/docutils-0.15.2-py3-none-any.whl
1ec823f807b73a377cdd47d12e2e34f046bfc889 SOURCES/fence-agents-4.10.0.tar.gz
05d6d7a3df5bdbd9df1b37a65662e5dbe94f23fd SOURCES/flit_core-3.9.0.tar.gz
f4e578dc0ed68d6667d7b36cdfc2647d55e9858f SOURCES/google-auth-2.3.0.tar.gz f4e578dc0ed68d6667d7b36cdfc2647d55e9858f SOURCES/google-auth-2.3.0.tar.gz
ac160113ba8b78b0688edda9f9a088c0b4b5ded2 SOURCES/google_api_core-1.30.0-py2.py3-none-any.whl
4fd1eb2b927767158e91e369de441fd9221a82d9 SOURCES/google_api_python_client-1.12.8-py2.py3-none-any.whl
4a3a5ddc3d1ded24279b89d4ea0c8796f6c2598a SOURCES/google_auth-1.32.0-py2.py3-none-any.whl
9e513ce4e7b36b8e81c607be440e0d6e6afe9833 SOURCES/google_auth_httplib2-0.1.0-py2.py3-none-any.whl
dc553afa7a3f23b92ee9ecd27d0b15153c0e9f75 SOURCES/googleapis_common_protos-1.53.0-py2.py3-none-any.whl
74ec77d2e2ef6b2ef8503e6e398faa6f3ba298ae SOURCES/httplib2-0.19.1-py3-none-any.whl 74ec77d2e2ef6b2ef8503e6e398faa6f3ba298ae SOURCES/httplib2-0.19.1-py3-none-any.whl
999b6718b4d789d8ca0d2ddf7c07826154291825 SOURCES/idna-2.10-py2.py3-none-any.whl
08c0449533fc94462f78652dea209099754d9ee4 SOURCES/idna-3.3.tar.gz 08c0449533fc94462f78652dea209099754d9ee4 SOURCES/idna-3.3.tar.gz
240cc4206740fafacb74bbf0d0c4ff70e41c8a85 SOURCES/isodate-0.6.0-py2.py3-none-any.whl 356c48dfea2214dd9e7e2b222a99dddfe9c0d05c SOURCES/jmespath-0.10.0.tar.gz
68904717c48e95adb47d815178fff8d80f39b2ab SOURCES/jmespath-0.7.1-py2.py3-none-any.whl
d06a9547b1a87e9c51b0a7c708189d993f2e3d89 SOURCES/kubernetes-12.0.1.tar.gz d06a9547b1a87e9c51b0a7c708189d993f2e3d89 SOURCES/kubernetes-12.0.1.tar.gz
ecd73099139d222059443ad19dfeee3f715e1ab0 SOURCES/msal-1.18.0.tar.gz f6efa66f6106b069b5c0e0cf8cc677e4e96c91ca SOURCES/oauthlib-3.1.1.tar.gz
04e016bd1fa4ed6ddb852095a45d4f8c81a5b54a SOURCES/msal-extensions-1.0.0.tar.gz
ba59fbd147307e7ef92a1fad259e7dc0b07e79e0 SOURCES/msrest-0.6.21-py2.py3-none-any.whl
3d65a50b68e3aa506b6af42be485ed2710afa9da SOURCES/msrestazure-0.6.4-py2.py3-none-any.whl
7e2f8f4cebf309ef6aaf740ee9073276d6937802 SOURCES/oauthlib-3.2.2.tar.gz
570d69d8c108ebb8aee562389d13b07dfb61ce25 SOURCES/openshift-0.12.1.tar.gz 570d69d8c108ebb8aee562389d13b07dfb61ce25 SOURCES/openshift-0.12.1.tar.gz
2b10cb7681bc678ba4ff3be524b28d783e4095ce SOURCES/packaging-20.9-py2.py3-none-any.whl
bccbc1bf76a9db46998eb8e1ffa2f2a2baf9237a SOURCES/packaging-21.2-py3-none-any.whl bccbc1bf76a9db46998eb8e1ffa2f2a2baf9237a SOURCES/packaging-21.2-py3-none-any.whl
0c3fc83ca045abeec9ce82bb7ee3e77f0390bca4 SOURCES/pexpect-4.8.0-py2.py3-none-any.whl
18659a0dea5600df33eab90dec1b597e2437aebd SOURCES/poetry-core-1.0.7.tar.gz
8fd43e96c5d0ad701cf3e332fb80c7e92e9ab883 SOURCES/portalocker-2.5.1.tar.gz
b09c4655a4c8bd24c54a078e960750ec9e8688d6 SOURCES/prompt_toolkit-2.0.10-py3-none-any.whl
5a90b79a9630873c7f2db79544c46146bb6af5e8 SOURCES/protobuf-3.17.3-cp39-cp39-manylinux_2_5_x86_64.manylinux1_x86_64.whl
0827aaa6fdc3dc4256e06fa1c3991fb4ed20a693 SOURCES/ptyprocess-0.7.0-py2.py3-none-any.whl
c3c9f195dc89eb6d04828b881314743b548318d0 SOURCES/pyasn1-0.4.8-py2.py3-none-any.whl
e0fa19f8fda46a1fa2253477499b116b33f67175 SOURCES/pyasn1-0.4.8.tar.gz e0fa19f8fda46a1fa2253477499b116b33f67175 SOURCES/pyasn1-0.4.8.tar.gz
43b89feb6864fe359aae89120627165219de313b SOURCES/pyasn1-modules-0.2.8.tar.gz 43b89feb6864fe359aae89120627165219de313b SOURCES/pyasn1-modules-0.2.8.tar.gz
d77aa46abbcaccc4054a0777a191e427c785c65a SOURCES/pyasn1_modules-0.2.8-py2.py3-none-any.whl
a0df3ebc552b551f8e99a05cf0a29ce30bef62ee SOURCES/pycparser-2.20-py2.py3-none-any.whl
c55d177e9484d974c95078d4ae945f89ba2c7251 SOURCES/pycryptodome-3.20.0.tar.gz c55d177e9484d974c95078d4ae945f89ba2c7251 SOURCES/pycryptodome-3.20.0.tar.gz
c8307f47e3b75a2d02af72982a2dfefa3f56e407 SOURCES/pyparsing-2.4.7-py2.py3-none-any.whl c8307f47e3b75a2d02af72982a2dfefa3f56e407 SOURCES/pyparsing-2.4.7-py2.py3-none-any.whl
6082312a090f5be5e796e0854294da0738ec0379 SOURCES/pyparsing-3.0.1.tar.gz
770968018322c2b3fde684aebe964663c6f5d8c5 SOURCES/pyroute2-0.7.12.tar.gz
086fd01f5d989a69eeda46b8a41a53ced5bb402b SOURCES/pyroute2.core-0.6.13.tar.gz
9575a9b38119670705b0a6c2648455d97b22ddc6 SOURCES/pyroute2.ethtool-0.6.13.tar.gz
751cb7dc70e3c1780a670c26ca5721de7caef5e7 SOURCES/pyroute2.ipdb-0.6.13.tar.gz
c204fa61b905fe7b65e250e9204a642bbf3bb84c SOURCES/pyroute2.ipset-0.6.13.tar.gz
d5cba2a4501ffcaf7dcf3df9e9072c4fe343fc02 SOURCES/pyroute2.ndb-0.6.13.tar.gz
4939a1807c414682446d836307543928146bda25 SOURCES/pyroute2.nftables-0.6.13.tar.gz
9ea5167f48860ac18a969b8830925852830297cc SOURCES/pyroute2.nslink-0.6.13.tar.gz
c2ba10c775b7a52a4b57cac4d4110a0c0f812a82 SOURCES/python-dateutil-2.8.2.tar.gz c2ba10c775b7a52a4b57cac4d4110a0c0f812a82 SOURCES/python-dateutil-2.8.2.tar.gz
1dc2fa004aa6517f1620e55d8a7b8e68a9cf2a47 SOURCES/python-string-utils-1.0.0.tar.gz 1dc2fa004aa6517f1620e55d8a7b8e68a9cf2a47 SOURCES/python-string-utils-1.0.0.tar.gz
3005ff67df93ee276fb8631e17c677df852254ad SOURCES/python_dateutil-2.8.1-py2.py3-none-any.whl
b97c6966fb8fd273f0bc8533cf0dee4978b9f373 SOURCES/pytz-2021.1-py2.py3-none-any.whl
b1009d9fd6acadc64e1a3cecb6f0083fe047e753 SOURCES/requests-2.25.1-py2.py3-none-any.whl
8c7a89d183d3e9b70bf91ba5b75eccf7111b9d8d SOURCES/requests-2.26.0.tar.gz 8c7a89d183d3e9b70bf91ba5b75eccf7111b9d8d SOURCES/requests-2.26.0.tar.gz
f139aed770519b6a095b8fdc888d03955cbe9d8e SOURCES/requests-oauthlib-1.3.0.tar.gz f139aed770519b6a095b8fdc888d03955cbe9d8e SOURCES/requests-oauthlib-1.3.0.tar.gz
25d5667d7a61586f5ddaac7e08cc3053db3d8661 SOURCES/requests_oauthlib-1.3.0-py2.py3-none-any.whl
c0d5be2edf538122d35fe06c29d2d7a5f22f3117 SOURCES/rsa-4.7.2-py3-none-any.whl
e8a53067e03fe1b6682fd99a40a7359396a06daa SOURCES/rsa-4.7.2.tar.gz e8a53067e03fe1b6682fd99a40a7359396a06daa SOURCES/rsa-4.7.2.tar.gz
abf532a0cc31ea224e3895f60025e7466b16d7ae SOURCES/ruamel.yaml-0.15.100.tar.gz
d1011ff44cd5a045de0460c1b79ec65592e86860 SOURCES/ruamel.yaml-0.17.16.tar.gz d1011ff44cd5a045de0460c1b79ec65592e86860 SOURCES/ruamel.yaml-0.17.16.tar.gz
27de97227bbbde5a9f571f9fad223578d7bdf7cc SOURCES/ruamel.yaml.clib-0.2.6.tar.gz 27de97227bbbde5a9f571f9fad223578d7bdf7cc SOURCES/ruamel.yaml.clib-0.2.6.tar.gz
d7eb0ced8b9f12005ad6f13035689d5611f8a81a SOURCES/s3transfer-0.4.2-py2.py3-none-any.whl d5354718cb8c9330d3abc27445467ce8a5ed9d70 SOURCES/setuptools-58.3.0.tar.gz
54a0d57b77b6030aaca8992282189f4b7b627bc0 SOURCES/setuptools-71.1.0.tar.gz a4f02fddae697614e356cadfddb6241cc7737f38 SOURCES/setuptools_scm-6.3.2.tar.gz
749fa3bff5be78c80ac6d6d313c38c73d679542c SOURCES/setuptools_scm-8.1.0.tar.gz
79e6f2e4f9e24898f1896df379871b9c9922f147 SOURCES/six-1.16.0-py2.py3-none-any.whl
06fa0bb50f2a4e2917fd14c21e9d2d5508ce0163 SOURCES/six-1.16.0.tar.gz 06fa0bb50f2a4e2917fd14c21e9d2d5508ce0163 SOURCES/six-1.16.0.tar.gz
47a980b20875d1a1714e921552b5bb0eda190f37 SOURCES/suds_community-0.8.5-py3-none-any.whl b42b7960047441db7dc021cc20e14279bd836f8d SOURCES/tomli-1.0.1.tar.gz
3eae299137c59d6d6d30be01417366c57dd1adf5 SOURCES/tomli-2.0.1.tar.gz
1389615a3f0bd216e7db4440985d51fb3f2ea2c6 SOURCES/typing_extensions-4.12.2.tar.gz
83be56610e5f824bb05ff7a5618d6d4df9b6cc08 SOURCES/uritemplate-3.0.1-py2.py3-none-any.whl
84e2852d8da1655373f7ce5e7d5d3e256b62b4e4 SOURCES/urllib3-1.26.18.tar.gz 84e2852d8da1655373f7ce5e7d5d3e256b62b4e4 SOURCES/urllib3-1.26.18.tar.gz
7126323614cada181bc8b06436e80ef372ff8656 SOURCES/wcwidth-0.1.9-py2.py3-none-any.whl
540f083782c584989c1a0f69ffd69ba7aae07db6 SOURCES/websocket-client-1.2.1.tar.gz 540f083782c584989c1a0f69ffd69ba7aae07db6 SOURCES/websocket-client-1.2.1.tar.gz
b6c48d8714e043524be7a869d1db0adcd8441cd4 SOURCES/wheel-0.37.0-py2.py3-none-any.whl

94
.gitignore vendored
View File

@ -1,103 +1,37 @@
SOURCES/Jinja2-3.1.3.tar.gz SOURCES/Jinja2-3.0.2.tar.gz
SOURCES/MarkupSafe-2.0.1.tar.gz SOURCES/MarkupSafe-2.0.1.tar.gz
SOURCES/PyJWT-2.1.0-py3-none-any.whl SOURCES/PyYAML-6.0.tar.gz
SOURCES/PyYAML-5.1.tar.gz SOURCES/aliyun-python-sdk-core-2.13.1.tar.gz
SOURCES/adal-1.2.7-py2.py3-none-any.whl SOURCES/aliyun-python-sdk-ecs-4.9.3.tar.gz
SOURCES/aliyun-cli-3.0.198.tar.gz SOURCES/aliyun-python-sdk-vpc-3.0.2.tar.gz
SOURCES/aliyun-cli-go-vendor.tar.gz SOURCES/botocore-1.23.46.tar.gz
SOURCES/aliyun-openapi-meta-5cf98b660.tar.gz
SOURCES/aliyun-python-sdk-core-2.11.5.tar.gz
SOURCES/aliyun_python_sdk_ecs-4.24.7-py2.py3-none-any.whl
SOURCES/awscli-2.2.15.tar.gz
SOURCES/awscrt-0.11.13-cp39-cp39-manylinux2014_x86_64.whl
SOURCES/azure-identity-1.10.0.zip
SOURCES/azure_common-1.1.27-py2.py3-none-any.whl
SOURCES/azure_core-1.15.0-py2.py3-none-any.whl
SOURCES/azure_mgmt_compute-21.0.0-py2.py3-none-any.whl
SOURCES/azure_mgmt_core-1.2.2-py2.py3-none-any.whl
SOURCES/azure_mgmt_network-19.0.0-py2.py3-none-any.whl
SOURCES/boto3-1.17.102-py2.py3-none-any.whl
SOURCES/botocore-1.20.102-py2.py3-none-any.whl
SOURCES/botocore-2.0.0dev123.zip
SOURCES/cachetools-4.2.2-py3-none-any.whl
SOURCES/cachetools-4.2.4.tar.gz SOURCES/cachetools-4.2.4.tar.gz
SOURCES/certifi-2023.7.22.tar.gz SOURCES/certifi-2023.7.22.tar.gz
SOURCES/cffi-1.14.5-cp39-cp39-manylinux1_x86_64.whl SOURCES/chardet-4.0.0.tar.gz
SOURCES/chardet-3.0.4-py2.py3-none-any.whl
SOURCES/chardet-4.0.0-py2.py3-none-any.whl
SOURCES/charset-normalizer-2.0.7.tar.gz SOURCES/charset-normalizer-2.0.7.tar.gz
SOURCES/colorama-0.3.3.tar.gz SOURCES/fence-agents-4.2.1.tar.gz
SOURCES/colorama-0.4.3-py2.py3-none-any.whl
SOURCES/cryptography-3.3.2-cp36-abi3-manylinux2010_x86_64.whl
SOURCES/distro-1.5.0-py2.py3-none-any.whl
SOURCES/docutils-0.15.2-py3-none-any.whl
SOURCES/fence-agents-4.10.0.tar.gz
SOURCES/flit_core-3.9.0.tar.gz
SOURCES/google-auth-2.3.0.tar.gz SOURCES/google-auth-2.3.0.tar.gz
SOURCES/google_api_core-1.30.0-py2.py3-none-any.whl
SOURCES/google_api_python_client-1.12.8-py2.py3-none-any.whl
SOURCES/google_auth-1.32.0-py2.py3-none-any.whl
SOURCES/google_auth_httplib2-0.1.0-py2.py3-none-any.whl
SOURCES/googleapis_common_protos-1.53.0-py2.py3-none-any.whl
SOURCES/httplib2-0.19.1-py3-none-any.whl SOURCES/httplib2-0.19.1-py3-none-any.whl
SOURCES/idna-2.10-py2.py3-none-any.whl
SOURCES/idna-3.3.tar.gz SOURCES/idna-3.3.tar.gz
SOURCES/isodate-0.6.0-py2.py3-none-any.whl SOURCES/jmespath-0.10.0.tar.gz
SOURCES/jmespath-0.7.1-py2.py3-none-any.whl
SOURCES/kubernetes-12.0.1.tar.gz SOURCES/kubernetes-12.0.1.tar.gz
SOURCES/msal-1.18.0.tar.gz SOURCES/oauthlib-3.1.1.tar.gz
SOURCES/msal-extensions-1.0.0.tar.gz
SOURCES/msrest-0.6.21-py2.py3-none-any.whl
SOURCES/msrestazure-0.6.4-py2.py3-none-any.whl
SOURCES/oauthlib-3.2.2.tar.gz
SOURCES/openshift-0.12.1.tar.gz SOURCES/openshift-0.12.1.tar.gz
SOURCES/packaging-20.9-py2.py3-none-any.whl
SOURCES/packaging-21.2-py3-none-any.whl SOURCES/packaging-21.2-py3-none-any.whl
SOURCES/pexpect-4.8.0-py2.py3-none-any.whl
SOURCES/poetry-core-1.0.7.tar.gz
SOURCES/portalocker-2.5.1.tar.gz
SOURCES/prompt_toolkit-2.0.10-py3-none-any.whl
SOURCES/protobuf-3.17.3-cp39-cp39-manylinux_2_5_x86_64.manylinux1_x86_64.whl
SOURCES/ptyprocess-0.7.0-py2.py3-none-any.whl
SOURCES/pyasn1-0.4.8-py2.py3-none-any.whl
SOURCES/pyasn1-0.4.8.tar.gz SOURCES/pyasn1-0.4.8.tar.gz
SOURCES/pyasn1-modules-0.2.8.tar.gz SOURCES/pyasn1-modules-0.2.8.tar.gz
SOURCES/pyasn1_modules-0.2.8-py2.py3-none-any.whl
SOURCES/pycparser-2.20-py2.py3-none-any.whl
SOURCES/pycryptodome-3.20.0.tar.gz SOURCES/pycryptodome-3.20.0.tar.gz
SOURCES/pyparsing-2.4.7-py2.py3-none-any.whl SOURCES/pyparsing-2.4.7-py2.py3-none-any.whl
SOURCES/pyparsing-3.0.1.tar.gz
SOURCES/pyroute2-0.7.12.tar.gz
SOURCES/pyroute2.core-0.6.13.tar.gz
SOURCES/pyroute2.ethtool-0.6.13.tar.gz
SOURCES/pyroute2.ipdb-0.6.13.tar.gz
SOURCES/pyroute2.ipset-0.6.13.tar.gz
SOURCES/pyroute2.ndb-0.6.13.tar.gz
SOURCES/pyroute2.nftables-0.6.13.tar.gz
SOURCES/pyroute2.nslink-0.6.13.tar.gz
SOURCES/python-dateutil-2.8.2.tar.gz SOURCES/python-dateutil-2.8.2.tar.gz
SOURCES/python-string-utils-1.0.0.tar.gz SOURCES/python-string-utils-1.0.0.tar.gz
SOURCES/python_dateutil-2.8.1-py2.py3-none-any.whl
SOURCES/pytz-2021.1-py2.py3-none-any.whl
SOURCES/requests-2.25.1-py2.py3-none-any.whl
SOURCES/requests-2.26.0.tar.gz SOURCES/requests-2.26.0.tar.gz
SOURCES/requests-oauthlib-1.3.0.tar.gz SOURCES/requests-oauthlib-1.3.0.tar.gz
SOURCES/requests_oauthlib-1.3.0-py2.py3-none-any.whl
SOURCES/rsa-4.7.2-py3-none-any.whl
SOURCES/rsa-4.7.2.tar.gz SOURCES/rsa-4.7.2.tar.gz
SOURCES/ruamel.yaml-0.15.100.tar.gz
SOURCES/ruamel.yaml-0.17.16.tar.gz SOURCES/ruamel.yaml-0.17.16.tar.gz
SOURCES/ruamel.yaml.clib-0.2.6.tar.gz SOURCES/ruamel.yaml.clib-0.2.6.tar.gz
SOURCES/s3transfer-0.4.2-py2.py3-none-any.whl SOURCES/setuptools-58.3.0.tar.gz
SOURCES/setuptools-71.1.0.tar.gz SOURCES/setuptools_scm-6.3.2.tar.gz
SOURCES/setuptools_scm-8.1.0.tar.gz
SOURCES/six-1.16.0-py2.py3-none-any.whl
SOURCES/six-1.16.0.tar.gz SOURCES/six-1.16.0.tar.gz
SOURCES/suds_community-0.8.5-py3-none-any.whl SOURCES/tomli-1.0.1.tar.gz
SOURCES/tomli-2.0.1.tar.gz
SOURCES/typing_extensions-4.12.2.tar.gz
SOURCES/uritemplate-3.0.1-py2.py3-none-any.whl
SOURCES/urllib3-1.26.18.tar.gz SOURCES/urllib3-1.26.18.tar.gz
SOURCES/wcwidth-0.1.9-py2.py3-none-any.whl SOURCES/websocket-client-1.2.1.tar.gz
SOURCES/websocket-client-1.2.1.tar.gz
SOURCES/wheel-0.37.0-py2.py3-none-any.whl

View File

@ -281,19 +281,6 @@ index d670367f2..2f2c65fce 100644
which can be used with IBM Bladecenters with recent enough firmware that \ which can be used with IBM Bladecenters with recent enough firmware that \
includes telnet support. It logs into a Brocade chasis via telnet or ssh \ includes telnet support. It logs into a Brocade chasis via telnet or ssh \
and uses the command line interface to power on and off blades." and uses the command line interface to power on and off blades."
diff --git a/agents/cdu/fence_cdu.py b/agents/cdu/fence_cdu.py
index 483ac5128..ba76e6d76 100644
--- a/agents/cdu/fence_cdu.py
+++ b/agents/cdu/fence_cdu.py
@@ -136,7 +136,7 @@ def main():
docs = { }
docs["shortdesc"] = "Fence agent for a Sentry Switch CDU over telnet"
- docs["longdesc"] = "fence_cdu is an I/O Fencing agent \
+ docs["longdesc"] = "fence_cdu is a Power Fencing agent \
which can be used with the Sentry Switch CDU. It logs into the device \
via telnet and power's on/off an outlet."
docs["vendorurl"] = "http://www.servertech.com"
diff --git a/agents/cisco_mds/fence_cisco_mds.py b/agents/cisco_mds/fence_cisco_mds.py diff --git a/agents/cisco_mds/fence_cisco_mds.py b/agents/cisco_mds/fence_cisco_mds.py
index fbb876a94..04cd1f842 100644 index fbb876a94..04cd1f842 100644
--- a/agents/cisco_mds/fence_cisco_mds.py --- a/agents/cisco_mds/fence_cisco_mds.py
@ -480,19 +467,6 @@ index d623fff3d..ca6e21793 100644
which can be used with IBM BladeCenter chassis. It issues SNMP Set \ which can be used with IBM BladeCenter chassis. It issues SNMP Set \
request to BladeCenter chassis, rebooting, powering up or down \ request to BladeCenter chassis, rebooting, powering up or down \
the specified Blade Server." the specified Blade Server."
diff --git a/agents/ibmz/fence_ibmz.py b/agents/ibmz/fence_ibmz.py
index d477adeb9..a4cc12d5c 100644
--- a/agents/ibmz/fence_ibmz.py
+++ b/agents/ibmz/fence_ibmz.py
@@ -520,7 +520,7 @@ def main():
docs = {
"shortdesc": "Fence agent for IBM z LPARs",
"longdesc": (
- "fence_ibmz is a power fencing agent which uses the HMC Web "
+ "fence_ibmz is a Power Fencing agent which uses the HMC Web "
"Services API to fence IBM z LPARs."),
"vendorurl": "http://www.ibm.com"
}
diff --git a/agents/ilo/fence_ilo.py b/agents/ilo/fence_ilo.py diff --git a/agents/ilo/fence_ilo.py b/agents/ilo/fence_ilo.py
index 612450568..f30a1da28 100644 index 612450568..f30a1da28 100644
--- a/agents/ilo/fence_ilo.py --- a/agents/ilo/fence_ilo.py
@ -501,11 +475,11 @@ index 612450568..f30a1da28 100644
## iLO2 / firmware 1.50 / RIBCL 2.22 ## iLO2 / firmware 1.50 / RIBCL 2.22
##### #####
-import sys, re -import sys, re, pexpect
+import sys, os, re +import sys, os, re, pexpect
sys.path.insert(0, '/usr/lib/fence-agents/support/common') import atexit
try: from xml.sax.saxutils import quoteattr
import pexpect sys.path.append("@FENCEAGENTSLIBDIR@")
@@ -73,11 +73,11 @@ def main(): @@ -73,11 +73,11 @@ def main():
docs = {} docs = {}
@ -607,9 +581,9 @@ index 91e09ac7d..a47fbdd82 100644
docs = {} docs = {}
docs["shortdesc"] = "Fence agent for IPMI" docs["shortdesc"] = "Fence agent for IPMI"
- docs["longdesc"] = "fence_ipmilan is an I/O Fencing agent \ - docs["longdesc"] = "fence_ipmilan is an I/O Fencing agent\
+ docs["longdesc"] = "{} is a Power Fencing agent \ + docs["longdesc"] = "{} is a Power Fencing agent \
which can be used with machines controlled by IPMI. \ which can be used with machines controlled by IPMI.\
This agent calls support software ipmitool (http://ipmitool.sf.net/). \ This agent calls support software ipmitool (http://ipmitool.sf.net/). \
WARNING! This fence agent might report success before the node is powered off. \ WARNING! This fence agent might report success before the node is powered off. \
-You should use -m/method onoff if your fence device works correctly with that option." -You should use -m/method onoff if your fence device works correctly with that option."
@ -656,19 +630,6 @@ index 0cb3320b3..78edd2950 100644
which can be used with LDoms virtual machines. This agent works \ which can be used with LDoms virtual machines. This agent works \
so, that run ldm command on host machine. So ldm must be directly \ so, that run ldm command on host machine. So ldm must be directly \
runnable.\ runnable.\
diff --git a/agents/lindy_pdu/fence_lindypdu.py b/agents/lindy_pdu/fence_lindypdu.py
index 432b74151..f51288449 100644
--- a/agents/lindy_pdu/fence_lindypdu.py
+++ b/agents/lindy_pdu/fence_lindypdu.py
@@ -191,7 +191,7 @@ def main():
docs = {}
docs["shortdesc"] = "Fence agent for Lindy over SNMP"
- docs["longdesc"] = "fence_lindypdu is an I/O Fencing agent \
+ docs["longdesc"] = "fence_lindypdu is a Power Fencing agent \
which can be used with the Lindy PDU network power switch. It logs \
into a device via SNMP and reboots a specified outlet. It supports \
SNMP v1 with all combinations of authenticity/privacy settings."
diff --git a/agents/lpar/fence_lpar.py b/agents/lpar/fence_lpar.py diff --git a/agents/lpar/fence_lpar.py b/agents/lpar/fence_lpar.py
index 975971a57..a18e1c9ae 100644 index 975971a57..a18e1c9ae 100644
--- a/agents/lpar/fence_lpar.py --- a/agents/lpar/fence_lpar.py
@ -798,7 +759,7 @@ index 2614772ff..d14b4c661 100644
+network or moving parts. An example of the cable is available here: \ +network or moving parts. An example of the cable is available here: \
+https://smcleod.net/rcd-stonith/ and the circuit design is available in the \ +https://smcleod.net/rcd-stonith/ and the circuit design is available in the \
+fence-agents src as SVG" +fence-agents src as SVG"
docs["vendorurl"] = "https://github.com/sammcj/fence_rcd_serial" docs["vendorurl"] = "http://www.scl.co.uk/rcd_serial/"
show_docs(options, docs) show_docs(options, docs)
diff --git a/agents/redfish/fence_redfish.py b/agents/redfish/fence_redfish.py diff --git a/agents/redfish/fence_redfish.py b/agents/redfish/fence_redfish.py
@ -883,19 +844,6 @@ index 519319bf5..5cb5dbee9 100644
persistent reservations to control access to shared storage devices. These \ persistent reservations to control access to shared storage devices. These \
devices must support SCSI-3 persistent reservations (SPC-3 or greater) as \ devices must support SCSI-3 persistent reservations (SPC-3 or greater) as \
well as the \"preempt-and-abort\" subcommand.\nThe fence_scsi agent works by \ well as the \"preempt-and-abort\" subcommand.\nThe fence_scsi agent works by \
diff --git a/agents/skalar/fence_skalar.py b/agents/skalar/fence_skalar.py
index 0e11d83f9..c8589c1a4 100644
--- a/agents/skalar/fence_skalar.py
+++ b/agents/skalar/fence_skalar.py
@@ -192,7 +192,7 @@ def main():
docs = {}
docs["shortdesc"] = "Skala-R Fence agent"
- docs["longdesc"] = "A fence agent for Skala-R."
+ docs["longdesc"] = "fence_skalar is a Power Fencing agent for Skala-R."
docs["vendorurl"] = "https://www.skala-r.ru/"
show_docs(options, docs)
options["eol"] = "\r"
diff --git a/agents/vbox/fence_vbox.py b/agents/vbox/fence_vbox.py diff --git a/agents/vbox/fence_vbox.py b/agents/vbox/fence_vbox.py
index c2df28811..52f0a2a8a 100644 index c2df28811..52f0a2a8a 100644
--- a/agents/vbox/fence_vbox.py --- a/agents/vbox/fence_vbox.py
@ -922,19 +870,6 @@ index 88cee48de..bde189c2b 100644
which can be used with the virtual machines managed by libvirt. \ which can be used with the virtual machines managed by libvirt. \
It logs via ssh to a dom0 and there run virsh command, which does \ It logs via ssh to a dom0 and there run virsh command, which does \
all work. \ all work. \
diff --git a/agents/virt/client/options.c b/agents/virt/client/options.c
index ddd6bc4e0..ce7ba14da 100644
--- a/agents/virt/client/options.c
+++ b/agents/virt/client/options.c
@@ -765,7 +765,7 @@ args_metadata(char *progname, const char *optstr)
printf("<?xml version=\"1.0\" ?>\n");
printf("<resource-agent name=\"%s\" shortdesc=\"Fence agent for virtual machines\">\n", basename(progname));
- printf("<longdesc>%s is an I/O Fencing agent which can be used with "
+ printf("<longdesc>%s is a Power Fencing agent which can be used with "
"virtual machines.\n\nNOTE: reboot-action does not power on nodes that are powered off."
"</longdesc>\n", basename(progname));
printf("<vendor-url>https://libvirt.org</vendor-url>\n");
diff --git a/agents/vmware/fence_vmware.py b/agents/vmware/fence_vmware.py diff --git a/agents/vmware/fence_vmware.py b/agents/vmware/fence_vmware.py
index bc1785f4c..ccef92bb2 100644 index bc1785f4c..ccef92bb2 100644
--- a/agents/vmware/fence_vmware.py --- a/agents/vmware/fence_vmware.py
@ -1138,18 +1073,6 @@ index 3cc415355..e8468e336 100644
<vendor-url>http://www.ibm.com</vendor-url> <vendor-url>http://www.ibm.com</vendor-url>
<parameters> <parameters>
<parameter name="action" unique="0" required="1"> <parameter name="action" unique="0" required="1">
diff --git a/tests/data/metadata/fence_cdu.xml b/tests/data/metadata/fence_cdu.xml
index ef87d795d..b92e7a937 100644
--- a/tests/data/metadata/fence_cdu.xml
+++ b/tests/data/metadata/fence_cdu.xml
@@ -1,6 +1,6 @@
<?xml version="1.0" ?>
<resource-agent name="fence_cdu" shortdesc="Fence agent for a Sentry Switch CDU over telnet" >
-<longdesc>fence_cdu is an I/O Fencing agent which can be used with the Sentry Switch CDU. It logs into the device via telnet and power's on/off an outlet.</longdesc>
+<longdesc>fence_cdu is a Power Fencing agent which can be used with the Sentry Switch CDU. It logs into the device via telnet and power's on/off an outlet.</longdesc>
<vendor-url>http://www.servertech.com</vendor-url>
<parameters>
<parameter name="action" unique="0" required="1">
diff --git a/tests/data/metadata/fence_cisco_mds.xml b/tests/data/metadata/fence_cisco_mds.xml diff --git a/tests/data/metadata/fence_cisco_mds.xml b/tests/data/metadata/fence_cisco_mds.xml
index 829c9dcbe..2105ecccc 100644 index 829c9dcbe..2105ecccc 100644
--- a/tests/data/metadata/fence_cisco_mds.xml --- a/tests/data/metadata/fence_cisco_mds.xml
@ -1319,27 +1242,15 @@ index 3286ca6de..61366ca3c 100644
<vendor-url>http://www.ibm.com</vendor-url> <vendor-url>http://www.ibm.com</vendor-url>
<parameters> <parameters>
<parameter name="action" unique="0" required="1"> <parameter name="action" unique="0" required="1">
diff --git a/tests/data/metadata/fence_ibmz.xml b/tests/data/metadata/fence_ibmz.xml
index ba74fa6fe..7554d4d78 100644
--- a/tests/data/metadata/fence_ibmz.xml
+++ b/tests/data/metadata/fence_ibmz.xml
@@ -1,6 +1,6 @@
<?xml version="1.0" ?>
<resource-agent name="fence_ibmz" shortdesc="Fence agent for IBM z LPARs" >
-<longdesc>fence_ibmz is a power fencing agent which uses the HMC Web Services API to fence IBM z LPARs.</longdesc>
+<longdesc>fence_ibmz is a Power Fencing agent which uses the HMC Web Services API to fence IBM z LPARs.</longdesc>
<vendor-url>http://www.ibm.com</vendor-url>
<parameters>
<parameter name="action" unique="0" required="1">
diff --git a/tests/data/metadata/fence_idrac.xml b/tests/data/metadata/fence_idrac.xml diff --git a/tests/data/metadata/fence_idrac.xml b/tests/data/metadata/fence_idrac.xml
index d1f283e4a..aa291345a 100644 index d1f283e4a..aa291345a 100644
--- a/tests/data/metadata/fence_idrac.xml --- a/tests/data/metadata/fence_idrac.xml
+++ b/tests/data/metadata/fence_idrac.xml +++ b/tests/data/metadata/fence_idrac.xml
@@ -6,7 +6,7 @@ @@ -6,7 +6,7 @@
<symlink name="fence_ipmilanplus" shortdesc="Fence agent for IPMIv2 lanplus"/> <symlink name="fence_ilo4" shortdesc="Fence agent for HP iLO4"/>
<symlink name="fence_imm" shortdesc="Fence agent for IBM Integrated Management Module"/> <symlink name="fence_imm" shortdesc="Fence agent for IBM Integrated Management Module"/>
<symlink name="fence_idrac" shortdesc="Fence agent for Dell iDRAC"/> <symlink name="fence_idrac" shortdesc="Fence agent for Dell iDRAC"/>
-<longdesc>fence_ipmilan is an I/O Fencing agent which can be used with machines controlled by IPMI. This agent calls support software ipmitool (http://ipmitool.sf.net/). WARNING! This fence agent might report success before the node is powered off. You should use -m/method onoff if your fence device works correctly with that option.</longdesc> -<longdesc>fence_ipmilan is an I/O Fencing agentwhich can be used with machines controlled by IPMI.This agent calls support software ipmitool (http://ipmitool.sf.net/). WARNING! This fence agent might report success before the node is powered off. You should use -m/method onoff if your fence device works correctly with that option.</longdesc>
+<longdesc>fence_idrac is a Power Fencing agent which can be used with machines controlled by IPMI. This agent calls support software ipmitool (http://ipmitool.sf.net/). WARNING! This fence agent might report success before the node is powered off. You should use -m/method onoff if your fence device works correctly with that option.</longdesc> +<longdesc>fence_idrac is a Power Fencing agent which can be used with machines controlled by IPMI. This agent calls support software ipmitool (http://ipmitool.sf.net/). WARNING! This fence agent might report success before the node is powered off. You should use -m/method onoff if your fence device works correctly with that option.</longdesc>
<vendor-url></vendor-url> <vendor-url></vendor-url>
<parameters> <parameters>
@ -1375,79 +1286,27 @@ index 5aca0211b..90dc2f657 100644
--- a/tests/data/metadata/fence_ilo3.xml --- a/tests/data/metadata/fence_ilo3.xml
+++ b/tests/data/metadata/fence_ilo3.xml +++ b/tests/data/metadata/fence_ilo3.xml
@@ -6,7 +6,7 @@ @@ -6,7 +6,7 @@
<symlink name="fence_ipmilanplus" shortdesc="Fence agent for IPMIv2 lanplus"/> <symlink name="fence_ilo4" shortdesc="Fence agent for HP iLO4"/>
<symlink name="fence_imm" shortdesc="Fence agent for IBM Integrated Management Module"/> <symlink name="fence_imm" shortdesc="Fence agent for IBM Integrated Management Module"/>
<symlink name="fence_idrac" shortdesc="Fence agent for Dell iDRAC"/> <symlink name="fence_idrac" shortdesc="Fence agent for Dell iDRAC"/>
-<longdesc>fence_ipmilan is an I/O Fencing agent which can be used with machines controlled by IPMI. This agent calls support software ipmitool (http://ipmitool.sf.net/). WARNING! This fence agent might report success before the node is powered off. You should use -m/method onoff if your fence device works correctly with that option.</longdesc> -<longdesc>fence_ipmilan is an I/O Fencing agentwhich can be used with machines controlled by IPMI.This agent calls support software ipmitool (http://ipmitool.sf.net/). WARNING! This fence agent might report success before the node is powered off. You should use -m/method onoff if your fence device works correctly with that option.</longdesc>
+<longdesc>fence_ilo3 is a Power Fencing agent which can be used with machines controlled by IPMI. This agent calls support software ipmitool (http://ipmitool.sf.net/). WARNING! This fence agent might report success before the node is powered off. You should use -m/method onoff if your fence device works correctly with that option.</longdesc> +<longdesc>fence_ilo3 is a Power Fencing agent which can be used with machines controlled by IPMI. This agent calls support software ipmitool (http://ipmitool.sf.net/). WARNING! This fence agent might report success before the node is powered off. You should use -m/method onoff if your fence device works correctly with that option.</longdesc>
<vendor-url></vendor-url> <vendor-url></vendor-url>
<parameters> <parameters>
<parameter name="action" unique="0" required="1"> <parameter name="action" unique="0" required="1">
diff --git a/tests/data/metadata/fence_ilo3_ssh.xml b/tests/data/metadata/fence_ilo3_ssh.xml
index e2a25661d..f46ec7d13 100644
--- a/tests/data/metadata/fence_ilo3_ssh.xml
+++ b/tests/data/metadata/fence_ilo3_ssh.xml
@@ -3,7 +3,7 @@
<symlink name="fence_ilo3_ssh" shortdesc="Fence agent for HP iLO3 over SSH"/>
<symlink name="fence_ilo4_ssh" shortdesc="Fence agent for HP iLO4 over SSH"/>
<symlink name="fence_ilo5_ssh" shortdesc="Fence agent for HP iLO5 over SSH"/>
-<longdesc>fence_ilo_ssh is a fence agent that connects to iLO device. It logs into device via ssh and reboot a specified outlet.
+<longdesc>fence_ilo3_ssh is a Power Fencing agent that connects to iLO device. It logs into device via ssh and reboot a specified outlet.
WARNING: The monitor-action is prone to timeouts. Use the fence_ilo-equivalent to avoid this issue.</longdesc>
<vendor-url>http://www.hp.com</vendor-url>
diff --git a/tests/data/metadata/fence_ilo4.xml b/tests/data/metadata/fence_ilo4.xml diff --git a/tests/data/metadata/fence_ilo4.xml b/tests/data/metadata/fence_ilo4.xml
index 3aa001ad2..494ff0b3b 100644 index 3aa001ad2..494ff0b3b 100644
--- a/tests/data/metadata/fence_ilo4.xml --- a/tests/data/metadata/fence_ilo4.xml
+++ b/tests/data/metadata/fence_ilo4.xml +++ b/tests/data/metadata/fence_ilo4.xml
@@ -6,7 +6,7 @@ @@ -6,7 +6,7 @@
<symlink name="fence_ipmilanplus" shortdesc="Fence agent for IPMIv2 lanplus"/> <symlink name="fence_ilo4" shortdesc="Fence agent for HP iLO4"/>
<symlink name="fence_imm" shortdesc="Fence agent for IBM Integrated Management Module"/> <symlink name="fence_imm" shortdesc="Fence agent for IBM Integrated Management Module"/>
<symlink name="fence_idrac" shortdesc="Fence agent for Dell iDRAC"/> <symlink name="fence_idrac" shortdesc="Fence agent for Dell iDRAC"/>
-<longdesc>fence_ipmilan is an I/O Fencing agent which can be used with machines controlled by IPMI. This agent calls support software ipmitool (http://ipmitool.sf.net/). WARNING! This fence agent might report success before the node is powered off. You should use -m/method onoff if your fence device works correctly with that option.</longdesc> -<longdesc>fence_ipmilan is an I/O Fencing agentwhich can be used with machines controlled by IPMI.This agent calls support software ipmitool (http://ipmitool.sf.net/). WARNING! This fence agent might report success before the node is powered off. You should use -m/method onoff if your fence device works correctly with that option.</longdesc>
+<longdesc>fence_ilo4 is a Power Fencing agent which can be used with machines controlled by IPMI. This agent calls support software ipmitool (http://ipmitool.sf.net/). WARNING! This fence agent might report success before the node is powered off. You should use -m/method onoff if your fence device works correctly with that option.</longdesc> +<longdesc>fence_ilo4 is a Power Fencing agent which can be used with machines controlled by IPMI. This agent calls support software ipmitool (http://ipmitool.sf.net/). WARNING! This fence agent might report success before the node is powered off. You should use -m/method onoff if your fence device works correctly with that option.</longdesc>
<vendor-url></vendor-url> <vendor-url></vendor-url>
<parameters> <parameters>
<parameter name="action" unique="0" required="1"> <parameter name="action" unique="0" required="1">
diff --git a/tests/data/metadata/fence_ilo4_ssh.xml b/tests/data/metadata/fence_ilo4_ssh.xml
index 4fd6b2ef1..e2a5b7167 100644
--- a/tests/data/metadata/fence_ilo4_ssh.xml
+++ b/tests/data/metadata/fence_ilo4_ssh.xml
@@ -3,7 +3,7 @@
<symlink name="fence_ilo3_ssh" shortdesc="Fence agent for HP iLO3 over SSH"/>
<symlink name="fence_ilo4_ssh" shortdesc="Fence agent for HP iLO4 over SSH"/>
<symlink name="fence_ilo5_ssh" shortdesc="Fence agent for HP iLO5 over SSH"/>
-<longdesc>fence_ilo_ssh is a fence agent that connects to iLO device. It logs into device via ssh and reboot a specified outlet.
+<longdesc>fence_ilo4_ssh is a Power Fencing agent that connects to iLO device. It logs into device via ssh and reboot a specified outlet.
WARNING: The monitor-action is prone to timeouts. Use the fence_ilo-equivalent to avoid this issue.</longdesc>
<vendor-url>http://www.hp.com</vendor-url>
diff --git a/tests/data/metadata/fence_ilo5.xml b/tests/data/metadata/fence_ilo5.xml
index 262787905..25e7446b3 100644
--- a/tests/data/metadata/fence_ilo5.xml
+++ b/tests/data/metadata/fence_ilo5.xml
@@ -6,7 +6,7 @@
<symlink name="fence_ipmilanplus" shortdesc="Fence agent for IPMIv2 lanplus"/>
<symlink name="fence_imm" shortdesc="Fence agent for IBM Integrated Management Module"/>
<symlink name="fence_idrac" shortdesc="Fence agent for Dell iDRAC"/>
-<longdesc>fence_ipmilan is an I/O Fencing agent which can be used with machines controlled by IPMI. This agent calls support software ipmitool (http://ipmitool.sf.net/). WARNING! This fence agent might report success before the node is powered off. You should use -m/method onoff if your fence device works correctly with that option.</longdesc>
+<longdesc>fence_ilo5 is a Power Fencing agent which can be used with machines controlled by IPMI. This agent calls support software ipmitool (http://ipmitool.sf.net/). WARNING! This fence agent might report success before the node is powered off. You should use -m/method onoff if your fence device works correctly with that option.</longdesc>
<vendor-url></vendor-url>
<parameters>
<parameter name="action" unique="0" required="1">
diff --git a/tests/data/metadata/fence_ilo5_ssh.xml b/tests/data/metadata/fence_ilo5_ssh.xml
index 036aec5c6..f4bd8622b 100644
--- a/tests/data/metadata/fence_ilo5_ssh.xml
+++ b/tests/data/metadata/fence_ilo5_ssh.xml
@@ -3,7 +3,7 @@
<symlink name="fence_ilo3_ssh" shortdesc="Fence agent for HP iLO3 over SSH"/>
<symlink name="fence_ilo4_ssh" shortdesc="Fence agent for HP iLO4 over SSH"/>
<symlink name="fence_ilo5_ssh" shortdesc="Fence agent for HP iLO5 over SSH"/>
-<longdesc>fence_ilo_ssh is a fence agent that connects to iLO device. It logs into device via ssh and reboot a specified outlet.
+<longdesc>fence_ilo5_ssh is a Power Fencing agent that connects to iLO device. It logs into device via ssh and reboot a specified outlet.
WARNING: The monitor-action is prone to timeouts. Use the fence_ilo-equivalent to avoid this issue.</longdesc>
<vendor-url>http://www.hp.com</vendor-url>
diff --git a/tests/data/metadata/fence_ilo_mp.xml b/tests/data/metadata/fence_ilo_mp.xml diff --git a/tests/data/metadata/fence_ilo_mp.xml b/tests/data/metadata/fence_ilo_mp.xml
index 7d4fd22d5..4ac9484d6 100644 index 7d4fd22d5..4ac9484d6 100644
--- a/tests/data/metadata/fence_ilo_mp.xml --- a/tests/data/metadata/fence_ilo_mp.xml
@ -1460,28 +1319,15 @@ index 7d4fd22d5..4ac9484d6 100644
<vendor-url>http://www.hp.com</vendor-url> <vendor-url>http://www.hp.com</vendor-url>
<parameters> <parameters>
<parameter name="action" unique="0" required="1"> <parameter name="action" unique="0" required="1">
diff --git a/tests/data/metadata/fence_ilo_ssh.xml b/tests/data/metadata/fence_ilo_ssh.xml
index 2e1cb84b2..7564200da 100644
--- a/tests/data/metadata/fence_ilo_ssh.xml
+++ b/tests/data/metadata/fence_ilo_ssh.xml
@@ -3,7 +3,7 @@
<symlink name="fence_ilo3_ssh" shortdesc="Fence agent for HP iLO3 over SSH"/>
<symlink name="fence_ilo4_ssh" shortdesc="Fence agent for HP iLO4 over SSH"/>
<symlink name="fence_ilo5_ssh" shortdesc="Fence agent for HP iLO5 over SSH"/>
-<longdesc>fence_ilo_ssh is a fence agent that connects to iLO device. It logs into device via ssh and reboot a specified outlet.
+<longdesc>fence_ilo_ssh is a Power Fencing agent that connects to iLO device. It logs into device via ssh and reboot a specified outlet.
WARNING: The monitor-action is prone to timeouts. Use the fence_ilo-equivalent to avoid this issue.</longdesc>
<vendor-url>http://www.hp.com</vendor-url>
diff --git a/tests/data/metadata/fence_imm.xml b/tests/data/metadata/fence_imm.xml diff --git a/tests/data/metadata/fence_imm.xml b/tests/data/metadata/fence_imm.xml
index 26f9a76d3..943e9c3f2 100644 index 26f9a76d3..943e9c3f2 100644
--- a/tests/data/metadata/fence_imm.xml --- a/tests/data/metadata/fence_imm.xml
+++ b/tests/data/metadata/fence_imm.xml +++ b/tests/data/metadata/fence_imm.xml
@@ -6,7 +6,7 @@ @@ -6,7 +6,7 @@
<symlink name="fence_ipmilanplus" shortdesc="Fence agent for IPMIv2 lanplus"/> <symlink name="fence_ilo4" shortdesc="Fence agent for HP iLO4"/>
<symlink name="fence_imm" shortdesc="Fence agent for IBM Integrated Management Module"/> <symlink name="fence_imm" shortdesc="Fence agent for IBM Integrated Management Module"/>
<symlink name="fence_idrac" shortdesc="Fence agent for Dell iDRAC"/> <symlink name="fence_idrac" shortdesc="Fence agent for Dell iDRAC"/>
-<longdesc>fence_ipmilan is an I/O Fencing agent which can be used with machines controlled by IPMI. This agent calls support software ipmitool (http://ipmitool.sf.net/). WARNING! This fence agent might report success before the node is powered off. You should use -m/method onoff if your fence device works correctly with that option.</longdesc> -<longdesc>fence_ipmilan is an I/O Fencing agentwhich can be used with machines controlled by IPMI.This agent calls support software ipmitool (http://ipmitool.sf.net/). WARNING! This fence agent might report success before the node is powered off. You should use -m/method onoff if your fence device works correctly with that option.</longdesc>
+<longdesc>fence_imm is a Power Fencing agent which can be used with machines controlled by IPMI. This agent calls support software ipmitool (http://ipmitool.sf.net/). WARNING! This fence agent might report success before the node is powered off. You should use -m/method onoff if your fence device works correctly with that option.</longdesc> +<longdesc>fence_imm is a Power Fencing agent which can be used with machines controlled by IPMI. This agent calls support software ipmitool (http://ipmitool.sf.net/). WARNING! This fence agent might report success before the node is powered off. You should use -m/method onoff if your fence device works correctly with that option.</longdesc>
<vendor-url></vendor-url> <vendor-url></vendor-url>
<parameters> <parameters>
@ -1515,27 +1361,14 @@ index daad65a70..3107cad33 100644
--- a/tests/data/metadata/fence_ipmilan.xml --- a/tests/data/metadata/fence_ipmilan.xml
+++ b/tests/data/metadata/fence_ipmilan.xml +++ b/tests/data/metadata/fence_ipmilan.xml
@@ -6,7 +6,7 @@ @@ -6,7 +6,7 @@
<symlink name="fence_ipmilanplus" shortdesc="Fence agent for IPMIv2 lanplus"/> <symlink name="fence_ilo4" shortdesc="Fence agent for HP iLO4"/>
<symlink name="fence_imm" shortdesc="Fence agent for IBM Integrated Management Module"/> <symlink name="fence_imm" shortdesc="Fence agent for IBM Integrated Management Module"/>
<symlink name="fence_idrac" shortdesc="Fence agent for Dell iDRAC"/> <symlink name="fence_idrac" shortdesc="Fence agent for Dell iDRAC"/>
-<longdesc>fence_ipmilan is an I/O Fencing agent which can be used with machines controlled by IPMI. This agent calls support software ipmitool (http://ipmitool.sf.net/). WARNING! This fence agent might report success before the node is powered off. You should use -m/method onoff if your fence device works correctly with that option.</longdesc> -<longdesc>fence_ipmilan is an I/O Fencing agentwhich can be used with machines controlled by IPMI.This agent calls support software ipmitool (http://ipmitool.sf.net/). WARNING! This fence agent might report success before the node is powered off. You should use -m/method onoff if your fence device works correctly with that option.</longdesc>
+<longdesc>fence_ipmilan is a Power Fencing agent which can be used with machines controlled by IPMI. This agent calls support software ipmitool (http://ipmitool.sf.net/). WARNING! This fence agent might report success before the node is powered off. You should use -m/method onoff if your fence device works correctly with that option.</longdesc> +<longdesc>fence_ipmilan is a Power Fencing agent which can be used with machines controlled by IPMI. This agent calls support software ipmitool (http://ipmitool.sf.net/). WARNING! This fence agent might report success before the node is powered off. You should use -m/method onoff if your fence device works correctly with that option.</longdesc>
<vendor-url></vendor-url> <vendor-url></vendor-url>
<parameters> <parameters>
<parameter name="action" unique="0" required="1"> <parameter name="action" unique="0" required="1">
diff --git a/tests/data/metadata/fence_ipmilanplus.xml b/tests/data/metadata/fence_ipmilanplus.xml
index 7b678b245..146d05a70 100644
--- a/tests/data/metadata/fence_ipmilanplus.xml
+++ b/tests/data/metadata/fence_ipmilanplus.xml
@@ -6,7 +6,7 @@
<symlink name="fence_ipmilanplus" shortdesc="Fence agent for IPMIv2 lanplus"/>
<symlink name="fence_imm" shortdesc="Fence agent for IBM Integrated Management Module"/>
<symlink name="fence_idrac" shortdesc="Fence agent for Dell iDRAC"/>
-<longdesc>fence_ipmilan is an I/O Fencing agent which can be used with machines controlled by IPMI. This agent calls support software ipmitool (http://ipmitool.sf.net/). WARNING! This fence agent might report success before the node is powered off. You should use -m/method onoff if your fence device works correctly with that option.</longdesc>
+<longdesc>fence_ipmilanplus is a Power Fencing agent which can be used with machines controlled by IPMI. This agent calls support software ipmitool (http://ipmitool.sf.net/). WARNING! This fence agent might report success before the node is powered off. You should use -m/method onoff if your fence device works correctly with that option.</longdesc>
<vendor-url></vendor-url>
<parameters>
<parameter name="action" unique="0" required="1">
diff --git a/tests/data/metadata/fence_ironic.xml b/tests/data/metadata/fence_ironic.xml diff --git a/tests/data/metadata/fence_ironic.xml b/tests/data/metadata/fence_ironic.xml
index 813b03732..f9bec38da 100644 index 813b03732..f9bec38da 100644
--- a/tests/data/metadata/fence_ironic.xml --- a/tests/data/metadata/fence_ironic.xml
@ -1548,18 +1381,6 @@ index 813b03732..f9bec38da 100644
<vendor-url>https://wiki.openstack.org/wiki/Ironic</vendor-url> <vendor-url>https://wiki.openstack.org/wiki/Ironic</vendor-url>
<parameters> <parameters>
<parameter name="action" unique="0" required="1"> <parameter name="action" unique="0" required="1">
diff --git a/tests/data/metadata/fence_kubevirt.xml b/tests/data/metadata/fence_kubevirt.xml
index e6b42aa55..2850c3434 100644
--- a/tests/data/metadata/fence_kubevirt.xml
+++ b/tests/data/metadata/fence_kubevirt.xml
@@ -1,6 +1,6 @@
<?xml version="1.0" ?>
<resource-agent name="fence_kubevirt" shortdesc="Fence agent for KubeVirt" >
-<longdesc>fence_kubevirt is an I/O Fencing agent for KubeVirt.</longdesc>
+<longdesc>fence_kubevirt is a Power Fencing agent for KubeVirt.</longdesc>
<vendor-url>https://kubevirt.io/</vendor-url>
<parameters>
<parameter name="action" unique="0" required="1">
diff --git a/tests/data/metadata/fence_ldom.xml b/tests/data/metadata/fence_ldom.xml diff --git a/tests/data/metadata/fence_ldom.xml b/tests/data/metadata/fence_ldom.xml
index 59facad6f..aaa737015 100644 index 59facad6f..aaa737015 100644
--- a/tests/data/metadata/fence_ldom.xml --- a/tests/data/metadata/fence_ldom.xml
@ -1572,18 +1393,6 @@ index 59facad6f..aaa737015 100644
Very useful parameter is -c (or cmd_prompt in stdin mode). This must be set to something, what is displayed after successful login to host machine. Default string is space on end of string (default for root in bash). But (for example) csh use ], so in that case you must use parameter -c with argument ]. Very similar situation is, if you use bash and login to host machine with other user than root. Than prompt is $, so again, you must use parameter -c.</longdesc> Very useful parameter is -c (or cmd_prompt in stdin mode). This must be set to something, what is displayed after successful login to host machine. Default string is space on end of string (default for root in bash). But (for example) csh use ], so in that case you must use parameter -c with argument ]. Very similar situation is, if you use bash and login to host machine with other user than root. Than prompt is $, so again, you must use parameter -c.</longdesc>
<vendor-url>http://www.sun.com</vendor-url> <vendor-url>http://www.sun.com</vendor-url>
diff --git a/tests/data/metadata/fence_lindypdu.xml b/tests/data/metadata/fence_lindypdu.xml
index 56f81f4cb..79be15a8f 100644
--- a/tests/data/metadata/fence_lindypdu.xml
+++ b/tests/data/metadata/fence_lindypdu.xml
@@ -1,6 +1,6 @@
<?xml version="1.0" ?>
<resource-agent name="fence_lindypdu" shortdesc="Fence agent for Lindy over SNMP" >
-<longdesc>fence_lindypdu is an I/O Fencing agent which can be used with the Lindy PDU network power switch. It logs into a device via SNMP and reboots a specified outlet. It supports SNMP v1 with all combinations of authenticity/privacy settings.</longdesc>
+<longdesc>fence_lindypdu is a Power Fencing agent which can be used with the Lindy PDU network power switch. It logs into a device via SNMP and reboots a specified outlet. It supports SNMP v1 with all combinations of authenticity/privacy settings.</longdesc>
<vendor-url>http://www.lindy.co.uk</vendor-url>
<parameters>
<parameter name="action" unique="0" required="1">
diff --git a/tests/data/metadata/fence_lpar.xml b/tests/data/metadata/fence_lpar.xml diff --git a/tests/data/metadata/fence_lpar.xml b/tests/data/metadata/fence_lpar.xml
index 22f12dc23..018409e26 100644 index 22f12dc23..018409e26 100644
--- a/tests/data/metadata/fence_lpar.xml --- a/tests/data/metadata/fence_lpar.xml
@ -1691,7 +1500,7 @@ index c14d342f7..030696efe 100644
<resource-agent name="fence_rcd_serial" shortdesc="rcd_serial fence agent" > <resource-agent name="fence_rcd_serial" shortdesc="rcd_serial fence agent" >
-<longdesc>fence_rcd_serial operates a serial cable that toggles a reset of an opposing server using the reset switch on its motherboard. The cable itself is simple with no power, network or moving parts. An example of the cable is available here: https://smcleod.net/rcd-stonith/ and the circuit design is available in the fence-agents src as SVG</longdesc> -<longdesc>fence_rcd_serial operates a serial cable that toggles a reset of an opposing server using the reset switch on its motherboard. The cable itself is simple with no power, network or moving parts. An example of the cable is available here: https://smcleod.net/rcd-stonith/ and the circuit design is available in the fence-agents src as SVG</longdesc>
+<longdesc>fence_rcd_serial is a Power Fencing agent that operates a serial cable that toggles a reset of an opposing server using the reset switch on its motherboard. The cable itself is simple with no power, network or moving parts. An example of the cable is available here: https://smcleod.net/rcd-stonith/ and the circuit design is available in the fence-agents src as SVG</longdesc> +<longdesc>fence_rcd_serial is a Power Fencing agent that operates a serial cable that toggles a reset of an opposing server using the reset switch on its motherboard. The cable itself is simple with no power, network or moving parts. An example of the cable is available here: https://smcleod.net/rcd-stonith/ and the circuit design is available in the fence-agents src as SVG</longdesc>
<vendor-url>https://github.com/sammcj/fence_rcd_serial</vendor-url> <vendor-url>http://www.scl.co.uk/rcd_serial/</vendor-url>
<parameters> <parameters>
<parameter name="action" unique="0" required="1"> <parameter name="action" unique="0" required="1">
diff --git a/tests/data/metadata/fence_redfish.xml b/tests/data/metadata/fence_redfish.xml diff --git a/tests/data/metadata/fence_redfish.xml b/tests/data/metadata/fence_redfish.xml
@ -1768,18 +1577,6 @@ index facb2f52e..b963fd772 100644
The fence_scsi agent works by having each node in the cluster register a unique key with the SCSI device(s). Reservation key is generated from "node id" (default) or from "node name hash" (RECOMMENDED) by adjusting "key_value" option. Using hash is recommended to prevent issues when removing nodes from cluster without full cluster restart. Once registered, a single node will become the reservation holder by creating a "write exclusive, registrants only" reservation on the device(s). The result is that only registered nodes may write to the device(s). When a node failure occurs, the fence_scsi agent will remove the key belonging to the failed node from the device(s). The failed node will no longer be able to write to the device(s). A manual reboot is required. The fence_scsi agent works by having each node in the cluster register a unique key with the SCSI device(s). Reservation key is generated from "node id" (default) or from "node name hash" (RECOMMENDED) by adjusting "key_value" option. Using hash is recommended to prevent issues when removing nodes from cluster without full cluster restart. Once registered, a single node will become the reservation holder by creating a "write exclusive, registrants only" reservation on the device(s). The result is that only registered nodes may write to the device(s). When a node failure occurs, the fence_scsi agent will remove the key belonging to the failed node from the device(s). The failed node will no longer be able to write to the device(s). A manual reboot is required.
When used as a watchdog device you can define e.g. retry=1, retry-sleep=2 and verbose=yes parameters in /etc/sysconfig/stonith if you have issues with it failing.</longdesc> When used as a watchdog device you can define e.g. retry=1, retry-sleep=2 and verbose=yes parameters in /etc/sysconfig/stonith if you have issues with it failing.</longdesc>
diff --git a/tests/data/metadata/fence_skalar.xml b/tests/data/metadata/fence_skalar.xml
index 84f3f4ea6..5ce022b32 100644
--- a/tests/data/metadata/fence_skalar.xml
+++ b/tests/data/metadata/fence_skalar.xml
@@ -1,6 +1,6 @@
<?xml version="1.0" ?>
<resource-agent name="fence_skalar" shortdesc="Skala-R Fence agent" >
-<longdesc>A fence agent for Skala-R.</longdesc>
+<longdesc>fence_skalar is a Power Fencing agent for Skala-R.</longdesc>
<vendor-url>https://www.skala-r.ru/</vendor-url>
<parameters>
<parameter name="action" unique="0" required="1">
diff --git a/tests/data/metadata/fence_tripplite_snmp.xml b/tests/data/metadata/fence_tripplite_snmp.xml diff --git a/tests/data/metadata/fence_tripplite_snmp.xml b/tests/data/metadata/fence_tripplite_snmp.xml
index c5f66d56f..418832f9c 100644 index c5f66d56f..418832f9c 100644
--- a/tests/data/metadata/fence_tripplite_snmp.xml --- a/tests/data/metadata/fence_tripplite_snmp.xml
@ -1817,18 +1614,6 @@ index 82fe9b6d1..dc36693fc 100644
By default, virsh needs root account to do properly work. So you must allow ssh login in your sshd_config.</longdesc> By default, virsh needs root account to do properly work. So you must allow ssh login in your sshd_config.</longdesc>
<vendor-url>http://libvirt.org</vendor-url> <vendor-url>http://libvirt.org</vendor-url>
diff --git a/tests/data/metadata/fence_virt.xml b/tests/data/metadata/fence_virt.xml
index 612d4d3cb..eec67ad8c 100644
--- a/tests/data/metadata/fence_virt.xml
+++ b/tests/data/metadata/fence_virt.xml
@@ -1,6 +1,6 @@
<?xml version="1.0" ?>
<resource-agent name="fence_virt" shortdesc="Fence agent for virtual machines">
-<longdesc>fence_virt is an I/O Fencing agent which can be used with virtual machines.
+<longdesc>fence_virt is a Power Fencing agent which can be used with virtual machines.
NOTE: reboot-action does not power on nodes that are powered off.</longdesc>
<vendor-url>https://libvirt.org</vendor-url>
diff --git a/tests/data/metadata/fence_vmware.xml b/tests/data/metadata/fence_vmware.xml diff --git a/tests/data/metadata/fence_vmware.xml b/tests/data/metadata/fence_vmware.xml
index a46ffdb0f..a5fad2fd5 100644 index a46ffdb0f..a5fad2fd5 100644
--- a/tests/data/metadata/fence_vmware.xml --- a/tests/data/metadata/fence_vmware.xml

View File

@ -0,0 +1,63 @@
From 7dd3680e6eea0d77fde024763657aa4d884ddb23 Mon Sep 17 00:00:00 2001
From: Calum Hutton <calum.hutton@snyk.io>
Date: Thu, 26 Oct 2023 12:08:53 +0100
Subject: [PATCH] xmlattr filter disallows keys with spaces
---
CHANGES.rst | 1 +
src/jinja2/filters.py | 28 +++++++++++++++++++++-------
tests/test_filters.py | 6 ++++++
3 files changed, 28 insertions(+), 7 deletions(-)
diff --git a/src/jinja2/filters.py b/src/jinja2/filters.py
index ed07c4c0e..c7ecc9bb6 100644
--- a/kubevirt/jinja2/filters.py
+++ b/kubevirt/jinja2/filters.py
@@ -248,13 +248,17 @@ def do_items(value: t.Union[t.Mapping[K, V], Undefined]) -> t.Iterator[t.Tuple[K
yield from value.items()
+_space_re = re.compile(r"\s", flags=re.ASCII)
+
+
@pass_eval_context
def do_xmlattr(
eval_ctx: "EvalContext", d: t.Mapping[str, t.Any], autospace: bool = True
) -> str:
"""Create an SGML/XML attribute string based on the items in a dict.
- All values that are neither `none` nor `undefined` are automatically
- escaped:
+
+ If any key contains a space, this fails with a ``ValueError``. Values that
+ are neither ``none`` nor ``undefined`` are automatically escaped.
.. sourcecode:: html+jinja
@@ -273,12 +277,22 @@ def do_xmlattr(
As you can see it automatically prepends a space in front of the item
if the filter returned something unless the second parameter is false.
+
+ .. versionchanged:: 3.1.3
+ Keys with spaces are not allowed.
"""
- rv = " ".join(
- f'{escape(key)}="{escape(value)}"'
- for key, value in d.items()
- if value is not None and not isinstance(value, Undefined)
- )
+ items = []
+
+ for key, value in d.items():
+ if value is None or isinstance(value, Undefined):
+ continue
+
+ if _space_re.search(key) is not None:
+ raise ValueError(f"Spaces are not allowed in attributes: '{key}'")
+
+ items.append(f'{escape(key)}="{escape(value)}"')
+
+ rv = " ".join(items)
if autospace and rv:
rv = " " + rv

View File

@ -1,26 +0,0 @@
From fc7d7c4baef64f510bd3332c9f008d3e1128dc7b Mon Sep 17 00:00:00 2001
From: Peter Varkoly <varkoly@suse.com>
Date: Sun, 11 Feb 2024 09:13:51 +0100
Subject: [PATCH] fence_vmware_rest : monitoring is not detecting if the API
user has sufficient right to manage the fence device. The call
https://{api_host}/api/vcenter/vm is subject to permission checks. If the
delivered list is empty the user has no rights.
---
agents/vmware_rest/fence_vmware_rest.py | 3 +++
1 file changed, 3 insertions(+)
diff --git a/agents/vmware_rest/fence_vmware_rest.py b/agents/vmware_rest/fence_vmware_rest.py
index 378771863..9dc9a12f4 100644
--- a/agents/vmware_rest/fence_vmware_rest.py
+++ b/agents/vmware_rest/fence_vmware_rest.py
@@ -60,6 +60,9 @@ def get_list(conn, options):
else:
fail(EC_STATUS)
+ if options.get("--original-action") == "monitor" and not res["value"]:
+ logging.error("API user does not have sufficient rights to manage the power status.")
+ fail(EC_STATUS)
for r in res["value"]:
outlets[r["name"]] = ("", state[r["power_state"]])

View File

@ -1,209 +0,0 @@
--- a/agents/aliyun/fence_aliyun.py 2024-04-04 10:22:53.720906183 +0200
+++ b/agents/aliyun/fence_aliyun.py 2024-04-04 10:21:47.626425090 +0200
@@ -1,53 +1,67 @@
#!@PYTHON@ -tt
-import sys, re
+import sys
import logging
import atexit
import json
+
sys.path.append("@FENCEAGENTSLIBDIR@")
from fencing import *
-from fencing import fail, fail_usage, EC_TIMED_OUT, run_delay
+from fencing import fail_usage, run_delay
+
try:
sys.path.insert(0, '/usr/lib/fence-agents/support/aliyun')
from aliyunsdkcore import client
from aliyunsdkcore.auth.credentials import EcsRamRoleCredential
+ from aliyunsdkcore.profile import region_provider
+except ImportError as e:
+ logging.warn("The 'aliyunsdkcore' module has been not installed or is unavailable, try to execute the command 'pip install aliyun-python-sdk-core --upgrade' to solve. error: %s" % e)
+
+
+try:
from aliyunsdkecs.request.v20140526.DescribeInstancesRequest import DescribeInstancesRequest
from aliyunsdkecs.request.v20140526.StartInstanceRequest import StartInstanceRequest
from aliyunsdkecs.request.v20140526.StopInstanceRequest import StopInstanceRequest
from aliyunsdkecs.request.v20140526.RebootInstanceRequest import RebootInstanceRequest
- from aliyunsdkcore.profile import region_provider
-except ImportError:
- pass
+except ImportError as e:
+ logging.warn("The 'aliyunsdkecs' module has been not installed or is unavailable, try to execute the command 'pip install aliyun-python-sdk-ecs --upgrade' to solve. error: %s" % e)
+
def _send_request(conn, request):
+ logging.debug("send request action: %s" % request.get_action_name())
request.set_accept_format('json')
try:
response_str = conn.do_action_with_exception(request)
- response_detail = json.loads(response_str)
- logging.debug("_send_request reponse: %s" % response_detail)
- return response_detail
except Exception as e:
- fail_usage("Failed: _send_request failed: %s" % e)
+ fail_usage("Failed: send request failed: Error: %s" % e)
+
+ response_detail = json.loads(response_str)
+ logging.debug("reponse: %s" % response_detail)
+ return response_detail
def start_instance(conn, instance_id):
+ logging.debug("start instance %s" % instance_id)
request = StartInstanceRequest()
request.set_InstanceId(instance_id)
_send_request(conn, request)
def stop_instance(conn, instance_id):
+ logging.debug("stop instance %s" % instance_id)
request = StopInstanceRequest()
request.set_InstanceId(instance_id)
request.set_ForceStop('true')
_send_request(conn, request)
def reboot_instance(conn, instance_id):
+ logging.debug("reboot instance %s" % instance_id)
request = RebootInstanceRequest()
request.set_InstanceId(instance_id)
request.set_ForceStop('true')
_send_request(conn, request)
def get_status(conn, instance_id):
+ logging.debug("get instance %s status" % instance_id)
request = DescribeInstancesRequest()
request.set_InstanceIds(json.dumps([instance_id]))
response = _send_request(conn, request)
@@ -59,20 +73,30 @@
return instance_status
def get_nodes_list(conn, options):
+ logging.debug("start to get nodes list")
result = {}
request = DescribeInstancesRequest()
request.set_PageSize(100)
+
+ if "--filter" in options:
+ filter_key = options["--filter"].split("=")[0].strip()
+ filter_value = options["--filter"].split("=")[1].strip()
+ params = request.get_query_params()
+ params[filter_key] = filter_value
+ request.set_query_params(params)
+
response = _send_request(conn, request)
- instance_status = None
if response is not None:
instance_list = response.get('Instances').get('Instance')
for item in instance_list:
instance_id = item.get('InstanceId')
instance_name = item.get('InstanceName')
result[instance_id] = (instance_name, None)
+ logging.debug("get nodes list: %s" % result)
return result
def get_power_status(conn, options):
+ logging.debug("start to get power(%s) status" % options["--plug"])
state = get_status(conn, options["--plug"])
if state == "Running":
@@ -81,14 +105,11 @@
status = "off"
else:
status = "unknown"
-
- logging.info("get_power_status: %s" % status)
-
+ logging.debug("the power(%s) status is %s" % (options["--plug"], status))
return status
-
def set_power_status(conn, options):
- logging.info("set_power_status: %s" % options["--action"])
+ logging.info("start to set power(%s) status to %s" % (options["--plug"], options["--action"]))
if (options["--action"]=="off"):
stop_instance(conn, options["--plug"])
@@ -97,7 +118,6 @@
elif (options["--action"]=="reboot"):
reboot_instance(conn, options["--plug"])
-
def define_new_opts():
all_opt["region"] = {
"getopt" : "r:",
@@ -126,17 +146,42 @@
all_opt["ram_role"] = {
"getopt": ":",
"longopt": "ram-role",
- "help": "--ram-role=[name] Ram Role",
+ "help": "--ram-role=[name] Ram Role",
"shortdesc": "Ram Role.",
"required": "0",
"order": 5
}
+ all_opt["credentials_file"] = {
+ "getopt": ":",
+ "longopt": "credentials-file",
+ "help": "--credentials-file=[path] Path to aliyun-cli credentials file",
+ "shortdesc": "Path to credentials file",
+ "required": "0",
+ "order": 6
+ }
+ all_opt["credentials_file_profile"] = {
+ "getopt": ":",
+ "longopt": "credentials-file-profile",
+ "help": "--credentials-file-profile=[profile] Credentials file profile",
+ "shortdesc": "Credentials file profile",
+ "required": "0",
+ "default": "default",
+ "order": 7
+ }
+ all_opt["filter"] = {
+ "getopt": ":",
+ "longopt": "filter",
+ "help": "--filter=[key=value] Filter (e.g. InstanceIds=[\"i-XXYYZZAA1\",\"i-XXYYZZAA2\"]",
+ "shortdesc": "Filter for list-action.",
+ "required": "0",
+ "order": 8
+ }
# Main agent method
def main():
conn = None
- device_opt = ["port", "no_password", "region", "access_key", "secret_key", "ram_role"]
+ device_opt = ["port", "no_password", "region", "access_key", "secret_key", "ram_role", "credentials_file", "credentials_file_profile", "filter"]
atexit.register(atexit_handler)
@@ -164,8 +209,25 @@
ram_role = options["--ram-role"]
role = EcsRamRoleCredential(ram_role)
conn = client.AcsClient(region_id=region, credential=role)
- region_provider.modify_point('Ecs', region, 'ecs.%s.aliyuncs.com' % region)
-
+ elif "--credentials-file" in options and "--credentials-file-profile" in options:
+ import os, configparser
+ try:
+ config = configparser.ConfigParser()
+ config.read(os.path.expanduser(options["--credentials-file"]))
+ access_key = config.get(options["--credentials-file-profile"], "aliyun_access_key_id")
+ secret_key = config.get(options["--credentials-file-profile"], "aliyun_access_key_secret")
+ conn = client.AcsClient(access_key, secret_key, region)
+ except Exception as e:
+ fail_usage("Failed: failed to read credentials file: %s" % e)
+ else:
+ fail_usage("Failed: User credentials are not set. Please set the Access Key and the Secret Key, or configure the RAM role.")
+
+ # Use intranet endpoint to access ECS service
+ try:
+ region_provider.modify_point('Ecs', region, 'ecs.%s.aliyuncs.com' % region)
+ except Exception as e:
+ logging.warn("Failed: failed to modify endpoint to 'ecs.%s.aliyuncs.com': %s" % (region, e))
+
# Operate the fencing device
result = fence_action(conn, options, set_power_status, get_power_status, get_nodes_list)
sys.exit(result)

View File

@ -1,99 +0,0 @@
From a4502b3bf15a3be2ebd64b6829cd4f6641f2506b Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Fri, 14 Jun 2024 15:28:28 +0200
Subject: [PATCH 1/2] fencing: use formatted strings to avoid failing when plug
is int
---
lib/fencing.py.py | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/lib/fencing.py.py b/lib/fencing.py.py
index 66e2ff156..9c090100d 100644
--- a/lib/fencing.py.py
+++ b/lib/fencing.py.py
@@ -985,9 +985,9 @@
status = status.upper()
if options["--action"] == "list":
- print(outlet_id + options["--separator"] + alias)
+ print("{}{}{}".format(outlet_id, options["--separator"], alias))
elif options["--action"] == "list-status":
- print(outlet_id + options["--separator"] + alias + options["--separator"] + status)
+ print("{}{}{}{}{}".format(outlet_id, options["--separator"], alias, options["--separator"], status))
return
From f1ef26c885cdedb17eb366e4c8922ffb01aefc7c Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Fri, 14 Jun 2024 15:29:12 +0200
Subject: [PATCH 2/2] fence_aws: improve list, list-status and status actions
---
agents/aws/fence_aws.py | 31 +++++++++++++++++++------------
1 file changed, 19 insertions(+), 12 deletions(-)
diff --git a/agents/aws/fence_aws.py b/agents/aws/fence_aws.py
index a9308dd9c..b8d38462e 100644
--- a/agents/aws/fence_aws.py
+++ b/agents/aws/fence_aws.py
@@ -22,6 +22,15 @@
logger.addHandler(SyslogLibHandler())
logging.getLogger('botocore.vendored').propagate = False
+status = {
+ "running": "on",
+ "stopped": "off",
+ "pending": "unknown",
+ "stopping": "unknown",
+ "shutting-down": "unknown",
+ "terminated": "unknown"
+}
+
def get_instance_id(options):
try:
token = requests.put('http://169.254.169.254/latest/api/token', headers={"X-aws-ec2-metadata-token-ttl-seconds" : "21600"}).content.decode("UTF-8")
@@ -45,11 +54,14 @@ def get_nodes_list(conn, options):
filter_key = options["--filter"].split("=")[0].strip()
filter_value = options["--filter"].split("=")[1].strip()
filter = [{ "Name": filter_key, "Values": [filter_value] }]
- for instance in conn.instances.filter(Filters=filter):
- result[instance.id] = ("", None)
- else:
- for instance in conn.instances.all():
- result[instance.id] = ("", None)
+ logging.debug("Filter: {}".format(filter))
+
+ for instance in conn.instances.filter(Filters=filter if 'filter' in vars() else []):
+ instance_name = ""
+ for tag in instance.tags or []:
+ if tag.get("Key") == "Name":
+ instance_name = tag["Value"]
+ result[instance.id] = (instance_name, status[instance.state["Name"]])
except ClientError:
fail_usage("Failed: Incorrect Access Key or Secret Key.")
except EndpointConnectionError:
@@ -67,12 +79,7 @@ def get_power_status(conn, options):
instance = conn.instances.filter(Filters=[{"Name": "instance-id", "Values": [options["--plug"]]}])
state = list(instance)[0].state["Name"]
logger.debug("Status operation for EC2 instance %s returned state: %s",options["--plug"],state.upper())
- if state == "running":
- return "on"
- elif state == "stopped":
- return "off"
- else:
- return "unknown"
+ return status[state]
except ClientError:
fail_usage("Failed: Incorrect Access Key or Secret Key.")
@@ -146,7 +153,7 @@ def define_new_opts():
all_opt["filter"] = {
"getopt" : ":",
"longopt" : "filter",
- "help" : "--filter=[key=value] Filter (e.g. vpc-id=[vpc-XXYYZZAA]",
+ "help" : "--filter=[key=value] Filter (e.g. vpc-id=[vpc-XXYYZZAA])",
"shortdesc": "Filter for list-action",
"required": "0",
"order": 5

View File

@ -1,41 +0,0 @@
From c2753c1882b5892b8b7a0fd093baded4a359b2a5 Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Mon, 17 Jun 2024 11:19:12 +0200
Subject: [PATCH] fence_aws: log error if unknown state returned
---
agents/aws/fence_aws.py | 14 +++++++++++---
1 file changed, 11 insertions(+), 3 deletions(-)
diff --git a/agents/aws/fence_aws.py b/agents/aws/fence_aws.py
index b8d38462e..5459a06c4 100644
--- a/agents/aws/fence_aws.py
+++ b/agents/aws/fence_aws.py
@@ -61,7 +61,12 @@ def get_nodes_list(conn, options):
for tag in instance.tags or []:
if tag.get("Key") == "Name":
instance_name = tag["Value"]
- result[instance.id] = (instance_name, status[instance.state["Name"]])
+ try:
+ result[instance.id] = (instance_name, status[instance.state["Name"]])
+ except KeyError as e:
+ if options.get("--original-action") == "list-status":
+ logger.error("Unknown status \"{}\" returned for {} ({})".format(instance.state["Name"], instance.id, instance_name))
+ result[instance.id] = (instance_name, "unknown")
except ClientError:
fail_usage("Failed: Incorrect Access Key or Secret Key.")
except EndpointConnectionError:
@@ -79,8 +84,11 @@ def get_power_status(conn, options):
instance = conn.instances.filter(Filters=[{"Name": "instance-id", "Values": [options["--plug"]]}])
state = list(instance)[0].state["Name"]
logger.debug("Status operation for EC2 instance %s returned state: %s",options["--plug"],state.upper())
- return status[state]
-
+ try:
+ return status[state]
+ except KeyError as e:
+ logger.error("Unknown status \"{}\" returned".format(state))
+ return "unknown"
except ClientError:
fail_usage("Failed: Incorrect Access Key or Secret Key.")
except EndpointConnectionError:

View File

@ -1,96 +0,0 @@
From accff72ecc2f6cf5a76d9570198a93ac7c90270e Mon Sep 17 00:00:00 2001
From: Quentin Pradet <quentin.pradet@gmail.com>
Date: Mon, 17 Jun 2024 11:09:06 +0400
Subject: [PATCH] Merge pull request from GHSA-34jh-p97f-mpxf
* Strip Proxy-Authorization header on redirects
* Fix test_retry_default_remove_headers_on_redirect
* Set release date
---
CHANGES.rst | 5 +++++
src/urllib3/util/retry.py | 4 +++-
test/test_retry.py | 6 ++++-
test/with_dummyserver/test_poolmanager.py | 27 ++++++++++++++++++++---
4 files changed, 37 insertions(+), 5 deletions(-)
diff --git a/awscli/urllib3/util/retry.py b/awscli/urllib3/util/retry.py
index 7a76a4a6ad..0456cceba4 100644
--- a/awscli/urllib3/util/retry.py
+++ b/awscli/urllib3/util/retry.py
@@ -189,7 +189,9 @@ class Retry:
RETRY_AFTER_STATUS_CODES = frozenset([413, 429, 503])
#: Default headers to be used for ``remove_headers_on_redirect``
- DEFAULT_REMOVE_HEADERS_ON_REDIRECT = frozenset(["Cookie", "Authorization"])
+ DEFAULT_REMOVE_HEADERS_ON_REDIRECT = frozenset(
+ ["Cookie", "Authorization", "Proxy-Authorization"]
+ )
#: Default maximum backoff time.
DEFAULT_BACKOFF_MAX = 120
diff --git a/aws/urllib3/util/retry.py b/aws/urllib3/util/retry.py
index 7a76a4a6ad..0456cceba4 100644
--- a/aws/urllib3/util/retry.py
+++ b/aws/urllib3/util/retry.py
@@ -189,7 +189,9 @@ class Retry:
RETRY_AFTER_STATUS_CODES = frozenset([413, 429, 503])
#: Default headers to be used for ``remove_headers_on_redirect``
- DEFAULT_REMOVE_HEADERS_ON_REDIRECT = frozenset(["Cookie", "Authorization"])
+ DEFAULT_REMOVE_HEADERS_ON_REDIRECT = frozenset(
+ ["Cookie", "Authorization", "Proxy-Authorization"]
+ )
#: Default maximum backoff time.
DEFAULT_BACKOFF_MAX = 120
diff --git a/azure/urllib3/util/retry.py b/azure/urllib3/util/retry.py
index 7a76a4a6ad..0456cceba4 100644
--- a/azure/urllib3/util/retry.py
+++ b/azure/urllib3/util/retry.py
@@ -189,7 +189,9 @@ class Retry:
RETRY_AFTER_STATUS_CODES = frozenset([413, 429, 503])
#: Default headers to be used for ``remove_headers_on_redirect``
- DEFAULT_REMOVE_HEADERS_ON_REDIRECT = frozenset(["Cookie", "Authorization"])
+ DEFAULT_REMOVE_HEADERS_ON_REDIRECT = frozenset(
+ ["Cookie", "Authorization", "Proxy-Authorization"]
+ )
#: Default maximum backoff time.
DEFAULT_BACKOFF_MAX = 120
diff --git a/google/urllib3/util/retry.py b/google/urllib3/util/retry.py
index 7a76a4a6ad..0456cceba4 100644
--- a/google/urllib3/util/retry.py
+++ b/google/urllib3/util/retry.py
@@ -189,7 +189,9 @@ class Retry:
RETRY_AFTER_STATUS_CODES = frozenset([413, 429, 503])
#: Default headers to be used for ``remove_headers_on_redirect``
- DEFAULT_REMOVE_HEADERS_ON_REDIRECT = frozenset(["Cookie", "Authorization"])
+ DEFAULT_REMOVE_HEADERS_ON_REDIRECT = frozenset(
+ ["Cookie", "Authorization", "Proxy-Authorization"]
+ )
#: Default maximum backoff time.
DEFAULT_BACKOFF_MAX = 120
diff --git a/kubevirt/urllib3/util/retry.py b/kubevirt/urllib3/util/retry.py
index 7a76a4a6ad..0456cceba4 100644
--- a/kubevirt/urllib3/util/retry.py
+++ b/kubevirt/urllib3/util/retry.py
@@ -189,7 +189,9 @@ class Retry:
RETRY_AFTER_STATUS_CODES = frozenset([413, 429, 503])
#: Default headers to be used for ``remove_headers_on_redirect``
- DEFAULT_REMOVE_HEADERS_ON_REDIRECT = frozenset(["Cookie", "Authorization"])
+ DEFAULT_REMOVE_HEADERS_ON_REDIRECT = frozenset(
+ ["Cookie", "Authorization", "Proxy-Authorization"]
+ )
#: Default maximum backoff time.
DEFAULT_BACKOFF_MAX = 120

View File

@ -0,0 +1,32 @@
From accff72ecc2f6cf5a76d9570198a93ac7c90270e Mon Sep 17 00:00:00 2001
From: Quentin Pradet <quentin.pradet@gmail.com>
Date: Mon, 17 Jun 2024 11:09:06 +0400
Subject: [PATCH] Merge pull request from GHSA-34jh-p97f-mpxf
* Strip Proxy-Authorization header on redirects
* Fix test_retry_default_remove_headers_on_redirect
* Set release date
---
CHANGES.rst | 5 +++++
src/urllib3/util/retry.py | 4 +++-
test/test_retry.py | 6 ++++-
test/with_dummyserver/test_poolmanager.py | 27 ++++++++++++++++++++---
4 files changed, 37 insertions(+), 5 deletions(-)
diff --git a/kubevirt/urllib3/util/retry.py b/kubevirt/urllib3/util/retry.py
index 7a76a4a6ad..0456cceba4 100644
--- a/kubevirt/urllib3/util/retry.py
+++ b/kubevirt/urllib3/util/retry.py
@@ -189,7 +189,9 @@ class Retry:
RETRY_AFTER_STATUS_CODES = frozenset([413, 429, 503])
#: Default headers to be used for ``remove_headers_on_redirect``
- DEFAULT_REMOVE_HEADERS_ON_REDIRECT = frozenset(["Cookie", "Authorization"])
+ DEFAULT_REMOVE_HEADERS_ON_REDIRECT = frozenset(
+ ["Cookie", "Authorization", "Proxy-Authorization"]
+ )
#: Default maximum backoff time.
DEFAULT_BACKOFF_MAX = 120

View File

@ -0,0 +1,32 @@
From accff72ecc2f6cf5a76d9570198a93ac7c90270e Mon Sep 17 00:00:00 2001
From: Quentin Pradet <quentin.pradet@gmail.com>
Date: Mon, 17 Jun 2024 11:09:06 +0400
Subject: [PATCH] Merge pull request from GHSA-34jh-p97f-mpxf
* Strip Proxy-Authorization header on redirects
* Fix test_retry_default_remove_headers_on_redirect
* Set release date
---
CHANGES.rst | 5 +++++
src/urllib3/util/retry.py | 4 +++-
test/test_retry.py | 6 ++++-
test/with_dummyserver/test_poolmanager.py | 27 ++++++++++++++++++++---
4 files changed, 37 insertions(+), 5 deletions(-)
diff --git a/aws/urllib3/util/retry.py b/aws/urllib3/util/retry.py
index 7a76a4a6ad..0456cceba4 100644
--- a/aws/urllib3/util/retry.py
+++ b/aws/urllib3/util/retry.py
@@ -189,7 +189,9 @@ class Retry:
RETRY_AFTER_STATUS_CODES = frozenset([413, 429, 503])
#: Default headers to be used for ``remove_headers_on_redirect``
- DEFAULT_REMOVE_HEADERS_ON_REDIRECT = frozenset(["Cookie", "Authorization"])
+ DEFAULT_REMOVE_HEADERS_ON_REDIRECT = frozenset(
+ ["Cookie", "Authorization", "Proxy-Authorization"]
+ )
#: Default maximum backoff time.
DEFAULT_BACKOFF_MAX = 120

View File

@ -0,0 +1,203 @@
diff --color -uNr a/kubevirt/setuptools/package_index.py b/kubevirt/setuptools/package_index.py
--- a/kubevirt/setuptools/package_index.py 2021-10-22 22:55:51.000000000 +0200
+++ b/kubevirt/setuptools/package_index.py 2024-07-24 14:06:14.833852463 +0200
@@ -1,5 +1,6 @@
"""PyPI and direct package downloading"""
import sys
+import subprocess
import os
import re
import io
@@ -558,7 +559,7 @@
scheme = URL_SCHEME(spec)
if scheme:
# It's a url, download it to tmpdir
- found = self._download_url(scheme.group(1), spec, tmpdir)
+ found = self._download_url(spec, tmpdir)
base, fragment = egg_info_for_url(spec)
if base.endswith('.py'):
found = self.gen_setup(found, fragment, tmpdir)
@@ -777,7 +778,7 @@
raise DistutilsError("Download error for %s: %s"
% (url, v)) from v
- def _download_url(self, scheme, url, tmpdir):
+ def _download_url(self, url, tmpdir):
# Determine download filename
#
name, fragment = egg_info_for_url(url)
@@ -792,19 +793,59 @@
filename = os.path.join(tmpdir, name)
- # Download the file
- #
- if scheme == 'svn' or scheme.startswith('svn+'):
- return self._download_svn(url, filename)
- elif scheme == 'git' or scheme.startswith('git+'):
- return self._download_git(url, filename)
- elif scheme.startswith('hg+'):
- return self._download_hg(url, filename)
- elif scheme == 'file':
- return urllib.request.url2pathname(urllib.parse.urlparse(url)[2])
- else:
- self.url_ok(url, True) # raises error if not allowed
- return self._attempt_download(url, filename)
+ return self._download_vcs(url, filename) or self._download_other(url, filename)
+
+ @staticmethod
+ def _resolve_vcs(url):
+ """
+ >>> rvcs = PackageIndex._resolve_vcs
+ >>> rvcs('git+http://foo/bar')
+ 'git'
+ >>> rvcs('hg+https://foo/bar')
+ 'hg'
+ >>> rvcs('git:myhost')
+ 'git'
+ >>> rvcs('hg:myhost')
+ >>> rvcs('http://foo/bar')
+ """
+ scheme = urllib.parse.urlsplit(url).scheme
+ pre, sep, post = scheme.partition('+')
+ # svn and git have their own protocol; hg does not
+ allowed = set(['svn', 'git'] + ['hg'] * bool(sep))
+ return next(iter({pre} & allowed), None)
+
+ def _download_vcs(self, url, spec_filename):
+ vcs = self._resolve_vcs(url)
+ if not vcs:
+ return
+ if vcs == 'svn':
+ raise DistutilsError(
+ f"Invalid config, SVN download is not supported: {url}"
+ )
+
+ filename, _, _ = spec_filename.partition('#')
+ url, rev = self._vcs_split_rev_from_url(url)
+
+ self.info(f"Doing {vcs} clone from {url} to {filename}")
+ subprocess.check_call([vcs, 'clone', '--quiet', url, filename])
+
+ co_commands = dict(
+ git=[vcs, '-C', filename, 'checkout', '--quiet', rev],
+ hg=[vcs, '--cwd', filename, 'up', '-C', '-r', rev, '-q'],
+ )
+ if rev is not None:
+ self.info(f"Checking out {rev}")
+ subprocess.check_call(co_commands[vcs])
+
+ return filename
+
+ def _download_other(self, url, filename):
+ scheme = urllib.parse.urlsplit(url).scheme
+ if scheme == 'file': # pragma: no cover
+ return urllib.request.url2pathname(urllib.parse.urlparse(url).path)
+ # raise error if not allowed
+ self.url_ok(url, True)
+ return self._attempt_download(url, filename)
def scan_url(self, url):
self.process_url(url, True)
@@ -831,77 +872,37 @@
os.unlink(filename)
raise DistutilsError("Unexpected HTML page found at " + url)
- def _download_svn(self, url, filename):
- warnings.warn("SVN download support is deprecated", UserWarning)
- url = url.split('#', 1)[0] # remove any fragment for svn's sake
- creds = ''
- if url.lower().startswith('svn:') and '@' in url:
- scheme, netloc, path, p, q, f = urllib.parse.urlparse(url)
- if not netloc and path.startswith('//') and '/' in path[2:]:
- netloc, path = path[2:].split('/', 1)
- auth, host = _splituser(netloc)
- if auth:
- if ':' in auth:
- user, pw = auth.split(':', 1)
- creds = " --username=%s --password=%s" % (user, pw)
- else:
- creds = " --username=" + auth
- netloc = host
- parts = scheme, netloc, url, p, q, f
- url = urllib.parse.urlunparse(parts)
- self.info("Doing subversion checkout from %s to %s", url, filename)
- os.system("svn checkout%s -q %s %s" % (creds, url, filename))
- return filename
-
@staticmethod
- def _vcs_split_rev_from_url(url, pop_prefix=False):
- scheme, netloc, path, query, frag = urllib.parse.urlsplit(url)
-
- scheme = scheme.split('+', 1)[-1]
-
- # Some fragment identification fails
- path = path.split('#', 1)[0]
-
- rev = None
- if '@' in path:
- path, rev = path.rsplit('@', 1)
-
- # Also, discard fragment
- url = urllib.parse.urlunsplit((scheme, netloc, path, query, ''))
-
- return url, rev
-
- def _download_git(self, url, filename):
- filename = filename.split('#', 1)[0]
- url, rev = self._vcs_split_rev_from_url(url, pop_prefix=True)
-
- self.info("Doing git clone from %s to %s", url, filename)
- os.system("git clone --quiet %s %s" % (url, filename))
+ def _vcs_split_rev_from_url(url):
+ """
+ Given a possible VCS URL, return a clean URL and resolved revision if any.
- if rev is not None:
- self.info("Checking out %s", rev)
- os.system("git -C %s checkout --quiet %s" % (
- filename,
- rev,
- ))
+ >>> vsrfu = PackageIndex._vcs_split_rev_from_url
+ >>> vsrfu('git+https://github.com/pypa/setuptools@v69.0.0#egg-info=setuptools')
+ ('https://github.com/pypa/setuptools', 'v69.0.0')
+ >>> vsrfu('git+https://github.com/pypa/setuptools#egg-info=setuptools')
+ ('https://github.com/pypa/setuptools', None)
+ >>> vsrfu('http://foo/bar')
+ ('http://foo/bar', None)
+ """
+ parts = urllib.parse.urlsplit(url)
- return filename
+ clean_scheme = parts.scheme.split('+', 1)[-1]
- def _download_hg(self, url, filename):
- filename = filename.split('#', 1)[0]
- url, rev = self._vcs_split_rev_from_url(url, pop_prefix=True)
+ # Some fragment identification fails
+ no_fragment_path, _, _ = parts.path.partition('#')
- self.info("Doing hg clone from %s to %s", url, filename)
- os.system("hg clone --quiet %s %s" % (url, filename))
+ pre, sep, post = no_fragment_path.rpartition('@')
+ clean_path, rev = (pre, post) if sep else (post, None)
- if rev is not None:
- self.info("Updating to %s", rev)
- os.system("hg --cwd %s up -C -r %s -q" % (
- filename,
- rev,
- ))
+ resolved = parts._replace(
+ scheme=clean_scheme,
+ path=clean_path,
+ # discard the fragment
+ fragment='',
+ ).geturl()
- return filename
+ return resolved, rev
def debug(self, msg, *args):
log.debug(msg, *args)

View File

@ -0,0 +1,22 @@
--- a/agents/scsi/fence_scsi.py 2024-01-03 14:15:20.755284113 +0100
+++ b/agents/scsi/fence_scsi.py 2024-01-03 12:32:01.598598127 +0100
@@ -190,7 +190,8 @@
cmd = options["--sg_persist-path"] + " -n -i " + opts + "-r -d " + dev
out = run_cmd(options, cmd)
if out["rc"] and fail:
- fail_usage("Cannot get reservation key")
+ fail_usage('Cannot get reservation key on device "' + dev
+ + '": ' + out["err"])
match = re.search(r"\s+key=0x(\S+)\s+", out["out"], re.IGNORECASE)
return match.group(1) if match else None
@@ -204,7 +205,8 @@
cmd = options["--sg_persist-path"] + " -n -i " + opts + "-k -d " + dev
out = run_cmd(options, cmd)
if out["rc"]:
- fail_usage("Cannot get registration keys", fail)
+ fail_usage('Cannot get registration keys on device "' + dev
+ + '": ' + out["err"], fail)
if not fail:
return []
for line in out["out"].split("\n"):

View File

@ -63,6 +63,6 @@ index f9e6823b2..85e4f29e6 100644
cmd = options["--sg_persist-path"] + " -n -o -I -S " + options["--key"] + " -d " + dev cmd = options["--sg_persist-path"] + " -n -o -I -S " + options["--key"] + " -d " + dev
cmd += " -Z" if "--aptpl" in options else "" cmd += " -Z" if "--aptpl" in options else ""
- #cmd return code != 0 but registration can be successful - #cmd return code != 0 but registration can be successful
return not bool(run_cmd(options, cmd)["rc"]) return not bool(run_cmd(options, cmd)["err"])

View File

@ -0,0 +1,93 @@
--- fence-agents-4.2.1/agents/scsi/fence_scsi.py.old 2024-01-02 12:22:30.198853290 +0100
+++ fence-agents-4.2.1/agents/scsi/fence_scsi.py 2024-01-02 12:24:35.509549785 +0100
@@ -84,14 +84,14 @@
# check if host is ready to execute actions
def do_action_monitor(options):
# Check if required binaries are installed
- if bool(run_cmd(options, options["--sg_persist-path"] + " -V")["err"]):
+ if bool(run_cmd(options, options["--sg_persist-path"] + " -V")["rc"]):
logging.error("Unable to run " + options["--sg_persist-path"])
return 1
- elif bool(run_cmd(options, options["--sg_turs-path"] + " -V")["err"]):
+ elif bool(run_cmd(options, options["--sg_turs-path"] + " -V")["rc"]):
logging.error("Unable to run " + options["--sg_turs-path"])
return 1
elif ("--devices" not in options and
- bool(run_cmd(options, options["--vgs-path"] + " --version")["err"])):
+ bool(run_cmd(options, options["--vgs-path"] + " --version")["rc"])):
logging.error("Unable to run " + options["--vgs-path"])
return 1
@@ -102,11 +102,13 @@
return 0
-#run command, returns dict, ret["err"] = exit code; ret["out"] = output
+# run command, returns dict, ret["rc"] = exit code; ret["out"] = output;
+# ret["err"] = error
def run_cmd(options, cmd):
ret = {}
- (ret["err"], ret["out"], _) = run_command(options, cmd)
+ (ret["rc"], ret["out"], ret["err"]) = run_command(options, cmd)
ret["out"] = "".join([i for i in ret["out"] if i is not None])
+ ret["err"] = "".join([i for i in ret["err"] if i is not None])
return ret
@@ -122,11 +124,11 @@
def preempt_abort(options, host, dev):
reset_dev(options,dev)
cmd = options["--sg_persist-path"] + " -n -o -A -T 5 -K " + host + " -S " + options["--key"] + " -d " + dev
- return not bool(run_cmd(options, cmd)["err"])
+ return not bool(run_cmd(options, cmd)["rc"])
def reset_dev(options, dev):
- return run_cmd(options, options["--sg_turs-path"] + " " + dev)["err"]
+ return run_cmd(options, options["--sg_turs-path"] + " " + dev)["rc"]
def register_dev(options, dev, key):
@@ -171,13 +173,13 @@
reset_dev(options, dev)
cmd = options["--sg_persist-path"] + " -n -o -I -S " + key + " -d " + dev
cmd += " -Z" if "--aptpl" in options else ""
- return not bool(run_cmd(options, cmd)["err"])
+ return not bool(run_cmd(options, cmd)["rc"])
def reserve_dev(options, dev):
reset_dev(options,dev)
cmd = options["--sg_persist-path"] + " -n -o -R -T 5 -K " + options["--key"] + " -d " + dev
- return not bool(run_cmd(options, cmd)["err"])
+ return not bool(run_cmd(options, cmd)["rc"])
def get_reservation_key(options, dev, fail=True):
@@ -187,7 +189,7 @@
opts = "-y "
cmd = options["--sg_persist-path"] + " -n -i " + opts + "-r -d " + dev
out = run_cmd(options, cmd)
- if out["err"] and fail:
+ if out["rc"] and fail:
fail_usage("Cannot get reservation key")
match = re.search(r"\s+key=0x(\S+)\s+", out["out"], re.IGNORECASE)
return match.group(1) if match else None
@@ -201,7 +203,7 @@
opts = "-y "
cmd = options["--sg_persist-path"] + " -n -i " + opts + "-k -d " + dev
out = run_cmd(options, cmd)
- if out["err"]:
+ if out["rc"]:
fail_usage("Cannot get registration keys", fail)
if not fail:
return []
@@ -319,7 +321,7 @@
"--options vg_attr,pv_name "+\
"--config 'global { locking_type = 0 } devices { preferred_names = [ \"^/dev/dm\" ] }'"
out = run_cmd(options, cmd)
- if out["err"]:
+ if out["rc"]:
fail_usage("Failed: Cannot get shared devices")
for line in out["out"].splitlines():
vg_attr, pv_name = line.strip().split(":")

View File

@ -179,21 +179,6 @@ index 81e439533..1e6bda099 100644
result = fence_action(None, options, set_power_status, get_power_status, get_power_status) result = fence_action(None, options, set_power_status, get_power_status, get_power_status)
sys.exit(result) sys.exit(result)
diff --git a/fence-agents.spec.in b/fence-agents.spec.in
index e139e6da5..5b8066122 100644
--- a/fence-agents.spec.in
+++ b/fence-agents.spec.in
@@ -597,8 +597,8 @@ BuildArch: noarch
Fence agent for ePowerSwitch 8M+ power switches that are accessed
via the HTTP(s) protocol.
%files eps
-%{_sbindir}/fence_eps
-%{_mandir}/man8/fence_eps.8*
+%{_sbindir}/fence_eps*
+%{_mandir}/man8/fence_eps*.8*
%package gce
License: GPL-2.0-or-later AND LGPL-2.0-or-later
diff --git a/tests/data/metadata/fence_epsr2.xml b/tests/data/metadata/fence_epsr2.xml diff --git a/tests/data/metadata/fence_epsr2.xml b/tests/data/metadata/fence_epsr2.xml
new file mode 100644 new file mode 100644
index 000000000..37074e052 index 000000000..37074e052

View File

@ -1,358 +0,0 @@
diff --color -uNr a/agents/azure_arm/fence_azure_arm.py b/agents/azure_arm/fence_azure_arm.py
--- a/agents/azure_arm/fence_azure_arm.py 2020-06-30 11:26:43.000000000 +0200
+++ b/agents/azure_arm/fence_azure_arm.py 2021-06-03 13:16:16.547120822 +0200
@@ -1,6 +1,11 @@
#!@PYTHON@ -tt
-import sys, re, pexpect
+import sys, re
+sys.path.insert(0, '/usr/lib/fence-agents/support/common')
+try:
+ import pexpect
+except:
+ pass
import logging
import atexit
import xml.etree.ElementTree as ET
diff --color -uNr a/agents/hpblade/fence_hpblade.py b/agents/hpblade/fence_hpblade.py
--- a/agents/hpblade/fence_hpblade.py 2019-08-16 10:55:11.000000000 +0200
+++ b/agents/hpblade/fence_hpblade.py 2021-06-03 13:16:16.547120822 +0200
@@ -8,7 +8,11 @@
#####
import sys, re
-import pexpect
+sys.path.insert(0, '/usr/lib/fence-agents/support/common')
+try:
+ import pexpect
+except:
+ pass
import atexit
sys.path.append("@FENCEAGENTSLIBDIR@")
from fencing import *
diff --color -uNr a/agents/ilo/fence_ilo.py b/agents/ilo/fence_ilo.py
--- a/agents/ilo/fence_ilo.py 2019-02-04 09:45:05.000000000 +0100
+++ b/agents/ilo/fence_ilo.py 2021-06-03 13:16:16.547120822 +0200
@@ -11,7 +11,12 @@
## iLO2 / firmware 1.50 / RIBCL 2.22
#####
-import sys, re, pexpect
+import sys, re
+sys.path.insert(0, '/usr/lib/fence-agents/support/common')
+try:
+ import pexpect
+except:
+ pass
import atexit
from xml.sax.saxutils import quoteattr
sys.path.append("@FENCEAGENTSLIBDIR@")
diff --color -uNr a/agents/ldom/fence_ldom.py b/agents/ldom/fence_ldom.py
--- a/agents/ldom/fence_ldom.py 2019-02-04 09:45:05.000000000 +0100
+++ b/agents/ldom/fence_ldom.py 2021-06-03 13:16:16.547120822 +0200
@@ -7,7 +7,12 @@
##
#####
-import sys, re, pexpect
+import sys, re
+sys.path.insert(0, '/usr/lib/fence-agents/support/common')
+try:
+ import pexpect
+except:
+ pass
import atexit
sys.path.append("@FENCEAGENTSLIBDIR@")
from fencing import *
diff --color -uNr a/agents/Makefile.am b/agents/Makefile.am
--- a/agents/Makefile.am 2021-03-16 12:26:37.000000000 +0100
+++ b/agents/Makefile.am 2021-06-03 13:16:16.547120822 +0200
@@ -112,10 +112,10 @@
cisco_mds/fence_cisco_mds.delay-check: cisco_mds/fence_cisco_mds
$(eval INPUT=$(subst .delay-check,,$@))
FENCE_TEST_ARGS_CISCO_MDS=$$(printf '$(FENCE_TEST_ARGS)' | sed 's#port=1#port=fc1/1#'); \
- test `PYTHONPATH=$(abs_top_srcdir)/lib:$(abs_top_builddir)/lib /usr/bin/time -p \
+ test `PYTHONPATH=$(abs_top_srcdir)/lib:$(abs_top_builddir)/lib:$(abs_top_builddir)/support/common /usr/bin/time -p \
sh -c "printf 'delay=10\n $$FENCE_TEST_ARGS_CISCO_MDS' | $(PYTHON) ./$(INPUT)" 2>&1 |\
awk -F"[. ]" -vOFS= '/real/ {print $$2,$$3}'` -ge 1000 || ( \
- PYTHONPATH=$(abs_top_srcdir)/lib:$(abs_top_builddir)/lib /usr/bin/time -p \
+ PYTHONPATH=$(abs_top_srcdir)/lib:$(abs_top_builddir)/lib:$(abs_top_builddir)/support/common /usr/bin/time -p \
sh -c "printf "delay=0\n $$FENCE_TEST_ARGS_CISCO_MDS" | $(PYTHON) ./$(INPUT)"; false )
include $(top_srcdir)/make/fencebuild.mk
diff --color -uNr a/agents/netio/fence_netio.py b/agents/netio/fence_netio.py
--- a/agents/netio/fence_netio.py 2019-02-04 09:45:05.000000000 +0100
+++ b/agents/netio/fence_netio.py 2021-06-03 13:16:16.547120822 +0200
@@ -1,6 +1,11 @@
#!@PYTHON@ -tt
-import sys, re, pexpect
+import sys, re
+sys.path.insert(0, '/usr/lib/fence-agents/support/common')
+try:
+ import pexpect
+except:
+ pass
import atexit
sys.path.append("@FENCEAGENTSLIBDIR@")
from fencing import *
diff --color -uNr a/agents/raritan/fence_raritan.py b/agents/raritan/fence_raritan.py
--- a/agents/raritan/fence_raritan.py 2019-08-16 10:55:11.000000000 +0200
+++ b/agents/raritan/fence_raritan.py 2021-06-03 13:16:16.547120822 +0200
@@ -1,6 +1,11 @@
#!@PYTHON@ -tt
-import sys, re, pexpect
+import sys, re
+sys.path.insert(0, '/usr/lib/fence-agents/support/common')
+try:
+ import pexpect
+except:
+ pass
import atexit
sys.path.append("@FENCEAGENTSLIBDIR@")
from fencing import *
diff --color -uNr a/agents/sanbox2/fence_sanbox2.py b/agents/sanbox2/fence_sanbox2.py
--- a/agents/sanbox2/fence_sanbox2.py 2019-02-11 13:05:48.000000000 +0100
+++ b/agents/sanbox2/fence_sanbox2.py 2021-06-03 13:16:16.547120822 +0200
@@ -8,7 +8,12 @@
## +-----------------+---------------------------+
#####
-import sys, re, pexpect
+import sys, re
+sys.path.insert(0, '/usr/lib/fence-agents/support/common')
+try:
+ import pexpect
+except:
+ pass
import logging
import atexit
sys.path.append("@FENCEAGENTSLIBDIR@")
diff --color -uNr a/agents/vmware/fence_vmware.py b/agents/vmware/fence_vmware.py
--- a/agents/vmware/fence_vmware.py 2019-02-04 09:45:05.000000000 +0100
+++ b/agents/vmware/fence_vmware.py 2021-06-03 13:16:16.547120822 +0200
@@ -22,7 +22,12 @@
# VMware vCenter 4.0.0
#
-import sys, re, pexpect
+import sys, re
+sys.path.insert(0, '/usr/lib/fence-agents/support/common')
+try:
+ import pexpect
+except:
+ pass
import logging
import atexit
sys.path.append("@FENCEAGENTSLIBDIR@")
diff --color -uNr a/agents/wti/fence_wti.py b/agents/wti/fence_wti.py
--- a/agents/wti/fence_wti.py 2019-02-04 09:45:05.000000000 +0100
+++ b/agents/wti/fence_wti.py 2021-06-03 13:17:33.435380703 +0200
@@ -11,12 +11,21 @@
## WTI IPS-800-CE v1.40h (no username) ('list' tested)
#####
-import sys, re, pexpect
+import sys, re
+sys.path.insert(0, '/usr/lib/fence-agents/support/common')
+try:
+ import pexpect
+except:
+ pass
import atexit
import time
sys.path.append("@FENCEAGENTSLIBDIR@")
from fencing import *
-from fencing import fspawn, fail, fail_usage, EC_LOGIN_DENIED
+from fencing import fail, fail_usage, EC_LOGIN_DENIED
+try:
+ from fencing import fspawn
+except ImportError:
+ pass
def get_listing(conn, options, listing_command):
listing = ""
diff --color -uNr a/lib/fencing.py.py b/lib/fencing.py.py
--- a/lib/fencing.py.py 2021-06-03 10:34:00.000000000 +0200
+++ b/lib/fencing.py.py 2021-06-03 13:16:16.548120826 +0200
@@ -1,7 +1,12 @@
#!@PYTHON@ -tt
import sys, getopt, time, os, uuid, pycurl, stat
-import pexpect, re, syslog
+sys.path.insert(0, '/usr/lib/fence-agents/support/common')
+try:
+ import pexpect
+except:
+ pass
+import re, syslog
import logging
import subprocess
import threading
@@ -491,29 +496,32 @@
"snmpset_path", "snmpget_path", "snmpwalk_path"]
}
-class fspawn(pexpect.spawn):
- def __init__(self, options, command, **kwargs):
- if sys.version_info[0] > 2:
- kwargs.setdefault('encoding', 'utf-8')
- logging.info("Running command: %s", command)
- pexpect.spawn.__init__(self, command, **kwargs)
- self.opt = options
-
- def log_expect(self, pattern, timeout):
- result = self.expect(pattern, timeout if timeout != 0 else None)
- logging.debug("Received: %s", self.before + self.after)
- return result
-
- def read_nonblocking(self, size, timeout):
- return pexpect.spawn.read_nonblocking(self, size=100, timeout=timeout if timeout != 0 else None)
-
- def send(self, message):
- logging.debug("Sent: %s", message)
- return pexpect.spawn.send(self, message)
-
- # send EOL according to what was detected in login process (telnet)
- def send_eol(self, message):
- return self.send(message + self.opt["eol"])
+try:
+ class fspawn(pexpect.spawn):
+ def __init__(self, options, command, **kwargs):
+ if sys.version_info[0] > 2:
+ kwargs.setdefault('encoding', 'utf-8')
+ logging.info("Running command: %s", command)
+ pexpect.spawn.__init__(self, command, **kwargs)
+ self.opt = options
+
+ def log_expect(self, pattern, timeout):
+ result = self.expect(pattern, timeout if timeout != 0 else None)
+ logging.debug("Received: %s", self.before + self.after)
+ return result
+
+ def read_nonblocking(self, size, timeout):
+ return pexpect.spawn.read_nonblocking(self, size=100, timeout=timeout if timeout != 0 else None)
+
+ def send(self, message):
+ logging.debug("Sent: %s", message)
+ return pexpect.spawn.send(self, message)
+
+ # send EOL according to what was detected in login process (telnet)
+ def send_eol(self, message):
+ return self.send(message + self.opt["eol"])
+except:
+ pass
def frun(command, timeout=30, withexitstatus=False, events=None,
extra_args=None, logfile=None, cwd=None, env=None, **kwargs):
diff --color -uNr a/lib/fencing_snmp.py.py b/lib/fencing_snmp.py.py
--- a/lib/fencing_snmp.py.py 2019-02-04 09:45:05.000000000 +0100
+++ b/lib/fencing_snmp.py.py 2021-06-03 13:16:16.548120826 +0200
@@ -2,7 +2,13 @@
# For example of use please see fence_cisco_mds
-import re, pexpect
+import sys
+sys.path.insert(0, '/usr/lib/fence-agents/support/common')
+try:
+ import pexpect
+except:
+ pass
+import re
import logging
from fencing import *
from fencing import fail, fail_usage, EC_TIMED_OUT, run_delay, frun
diff --color -uNr a/make/agentpycheck.mk b/make/agentpycheck.mk
--- a/make/agentpycheck.mk 2020-06-30 11:26:43.000000000 +0200
+++ b/make/agentpycheck.mk 2021-06-03 13:16:16.548120826 +0200
@@ -9,34 +9,34 @@
%.xml-check: %.8
$(eval INPUT=$(subst .xml-check,,$(@F)))
- for x in $(INPUT) `PYTHONPATH=$(abs_top_srcdir)/lib:$(abs_top_builddir)/lib $(PYTHON) $(@D)/$(INPUT) -o metadata | grep symlink | sed -e "s/.*\(fence.*\)\" .*/\1/g"`; do \
+ for x in $(INPUT) `PYTHONPATH=$(abs_top_srcdir)/lib:$(abs_top_builddir)/lib:$(abs_top_builddir)/support/common $(PYTHON) $(@D)/$(INPUT) -o metadata | grep symlink | sed -e "s/.*\(fence.*\)\" .*/\1/g"`; do \
TEMPFILE=$$(mktemp); \
- PYTHONPATH=$(abs_top_srcdir)/lib:$(abs_top_builddir)/lib $(PYTHON) $(@D)/$$x -o metadata | $(AWK) $(AWK_VAL) > $$TEMPFILE && \
+ PYTHONPATH=$(abs_top_srcdir)/lib:$(abs_top_builddir)/lib:$(abs_top_builddir)/support/common $(PYTHON) $(@D)/$$x -o metadata | $(AWK) $(AWK_VAL) > $$TEMPFILE && \
diff $$TEMPFILE $(DATADIR)/$$x.xml || exit 1 && \
rm $$TEMPFILE; \
done
%.xml-upload: %.8
$(eval INPUT=$(subst .xml-upload,,$(@F)))
- for x in $(INPUT) `PYTHONPATH=$(abs_top_srcdir)/lib:$(abs_top_builddir)/lib $(PYTHON) $(@D)/$(INPUT) -o metadata | grep symlink | sed -e "s/.*\(fence.*\)\" .*/\1/g"`; do \
- PYTHONPATH=$(abs_top_srcdir)/lib:$(abs_top_builddir)/lib $(PYTHON) $(@D)/$$x -o metadata | $(AWK) $(AWK_VAL) > $(DATADIR)/$$x.xml; \
+ for x in $(INPUT) `PYTHONPATH=$(abs_top_srcdir)/lib:$(abs_top_builddir)/lib:$(abs_top_builddir)/support/common $(PYTHON) $(@D)/$(INPUT) -o metadata | grep symlink | sed -e "s/.*\(fence.*\)\" .*/\1/g"`; do \
+ PYTHONPATH=$(abs_top_srcdir)/lib:$(abs_top_builddir)/lib:$(abs_top_builddir)/support/common $(PYTHON) $(@D)/$$x -o metadata | $(AWK) $(AWK_VAL) > $(DATADIR)/$$x.xml; \
done
# If test will fail, rerun fence agents to show problems
%.delay-check: %
$(eval INPUT=$(subst .delay-check,,$(@F)))
- for x in $(INPUT) `PYTHONPATH=$(abs_top_srcdir)/lib:$(abs_top_builddir)/lib $(PYTHON) $(@D)/$(INPUT) -o metadata | grep symlink | sed -e "s/.*\(fence.*\)\" .*/\1/g"`; do \
- test `PYTHONPATH=$(abs_top_srcdir)/lib:$(abs_top_builddir)/lib /usr/bin/time -p \
+ for x in $(INPUT) `PYTHONPATH=$(abs_top_srcdir)/lib:$(abs_top_builddir)/lib:$(abs_top_builddir)/support/common $(PYTHON) $(@D)/$(INPUT) -o metadata | grep symlink | sed -e "s/.*\(fence.*\)\" .*/\1/g"`; do \
+ test `PYTHONPATH=$(abs_top_srcdir)/lib:$(abs_top_builddir)/lib:$(abs_top_builddir)/support/common /usr/bin/time -p \
sh -c "printf 'delay=10\n $(FENCE_TEST_ARGS)' | $(PYTHON) $(@D)/$$x" 2>&1 |\
awk -F"[. ]" -vOFS= '/real/ {print $$2,$$3}'` -ge 1000 || ( \
- PYTHONPATH=$(abs_top_srcdir)/lib:$(abs_top_builddir)/lib /usr/bin/time -p \
+ PYTHONPATH=$(abs_top_srcdir)/lib:$(abs_top_builddir)/lib:$(abs_top_builddir)/support/common /usr/bin/time -p \
sh -c "printf 'delay=0\n $(FENCE_TEST_ARGS)' | $(PYTHON) $(@D)/$$x"; false ); \
done
%.rng-check: %
$(eval INPUT=$(subst .rng-check,,$(@F)))
- for x in $(INPUT) `PYTHONPATH=$(abs_top_srcdir)/lib:$(abs_top_builddir)/lib $(PYTHON) $(@D)/$(INPUT) -o metadata | grep symlink | sed -e "s/.*\(fence.*\)\" .*/\1/g"`; do \
- PYTHONPATH=$(abs_top_srcdir)/lib:$(abs_top_builddir)/lib $(PYTHON) $(@D)/$$x -o metadata | \
+ for x in $(INPUT) `PYTHONPATH=$(abs_top_srcdir)/lib:$(abs_top_builddir)/lib:$(abs_top_builddir)/support/common $(PYTHON) $(@D)/$(INPUT) -o metadata | grep symlink | sed -e "s/.*\(fence.*\)\" .*/\1/g"`; do \
+ PYTHONPATH=$(abs_top_srcdir)/lib:$(abs_top_builddir)/lib:$(abs_top_builddir)/support/common $(PYTHON) $(@D)/$$x -o metadata | \
xsltproc ${abs_top_srcdir}/lib/fence2rng.xsl - | \
sed -e 's/ rha:description=/ description=/g' -e 's/ rha:name=/ name=/g' | \
xmllint --nsclean --noout -; \
diff --color -uNr a/make/fencebuild.mk b/make/fencebuild.mk
--- a/make/fencebuild.mk 2021-03-16 09:32:22.000000000 +0100
+++ b/make/fencebuild.mk 2021-06-03 13:16:16.548120826 +0200
@@ -34,10 +34,10 @@
> $@
if [ 0 -eq `echo "$(@)" | grep fence_ > /dev/null 2>&1; echo $$?` ]; then \
- PYTHONPATH=$(abs_top_srcdir)/lib:$(abs_top_builddir)/lib $(PYTHON) $(top_srcdir)/lib/check_used_options.py $@; \
+ PYTHONPATH=$(abs_top_srcdir)/lib:$(abs_top_builddir)/lib:$(abs_top_builddir)/support/common $(PYTHON) $(top_srcdir)/lib/check_used_options.py $@; \
else true ; fi
- for x in `PYTHONPATH=$(abs_top_srcdir)/lib:$(abs_top_builddir)/lib $(PYTHON) $(@) -o metadata | grep symlink | sed -e "s/.*\(fence.*\)\" .*/\1/g"`; do \
+for x in `PYTHONPATH=$(abs_top_srcdir)/lib:$(abs_top_builddir)/lib:$(abs_top_builddir)/support/common $(PYTHON) $(@) -o metadata | grep symlink | sed -e "s/.*\(fence.*\)\" .*/\1/g"`; do \
cp -f $(@) $(@D)/$$x; \
$(MAKE) $(@D)/$$x.8; \
done
@@ -64,7 +64,7 @@
fi
for p in $(TARGET); do \
dir=`dirname $$p`; \
- for x in `PYTHONPATH=$(abs_top_srcdir)/lib:$(abs_top_builddir)/lib $(PYTHON) $$p -o metadata | grep symlink | sed -e "s/.*\(fence.*\)\" .*/\1/g"`; do \
+ for x in `PYTHONPATH=$(abs_top_srcdir)/lib:$(abs_top_builddir)/lib:$(abs_top_builddir)/support/common $(PYTHON) $$p -o metadata | grep symlink | sed -e "s/.*\(fence.*\)\" .*/\1/g"`; do \
echo " $(INSTALL_SCRIPT) $$dir/$$x '$(DESTDIR)$(sbindir)'"; \
$(INSTALL_SCRIPT) $$dir/$$x "$(DESTDIR)$(sbindir)" || exit $$?; \
echo " $(INSTALL_DATA) '$$dir/$$x.8' '$(DESTDIR)$(man8dir)'"; \
@@ -74,7 +74,7 @@
uninstall-hook: $(TARGET)
files=`for p in $(TARGET); do \
- for x in \`PYTHONPATH=$(abs_top_srcdir)/lib:$(abs_top_builddir)/lib $(PYTHON) $$p -o metadata | grep symlink | sed -e "s/.*\(fence.*\)\" .*/\1/g"\`; do \
+ for x in \`PYTHONPATH=$(abs_top_srcdir)/lib:$(abs_top_builddir)/lib:$(abs_top_builddir)/support/common $(PYTHON) $$p -o metadata | grep symlink | sed -e "s/.*\(fence.*\)\" .*/\1/g"\`; do \
echo " rm -f '$(DESTDIR)$(sbindir)/$$x'"; \
rm -f "$(DESTDIR)$(sbindir)/$$x"; \
echo " rm -f '$(DESTDIR)$(man8dir)/$$x.8'"; \
diff --color -uNr a/make/fenceman.mk b/make/fenceman.mk
--- a/make/fenceman.mk 2021-03-11 16:10:15.000000000 +0100
+++ b/make/fenceman.mk 2021-06-03 13:16:16.548120826 +0200
@@ -1,6 +1,6 @@
%.8: % $(top_srcdir)/lib/fence2man.xsl
set -e && \
- PYTHONPATH=$(abs_srcdir)/lib:$(abs_builddir)/../lib:$(abs_builddir)/lib \
+ PYTHONPATH=$(abs_srcdir)/lib:$(abs_builddir)/../lib:$(abs_builddir)/lib:$(abs_top_builddir)/support/common \
$(PYTHON) $* -o manpage > $(@D)/.$(@F).tmp && \
xmllint --noout --relaxng $(top_srcdir)/lib/metadata.rng $(@D)/.$(@F).tmp && \
xsltproc $(top_srcdir)/lib/fence2man.xsl $(@D)/.$(@F).tmp > $@

View File

@ -1,10 +0,0 @@
--- a/agents/vmware_soap/fence_vmware_soap.py 2021-08-24 15:38:05.145039598 +0200
+++ b/agents/vmware_soap/fence_vmware_soap.py 2021-08-24 15:37:51.885003751 +0200
@@ -1,6 +1,7 @@
#!@PYTHON@ -tt
import sys
+sys.path.insert(0, '/usr/lib/fence-agents/support/common')
import shutil, tempfile, suds
import logging, requests
import atexit, signal

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,40 @@
From 4202a863b25e456b7e419cbfc33c45ae179eb760 Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Thu, 15 Oct 2020 10:34:03 +0200
Subject: [PATCH] fencing: fix power-timeout when using new disable-timeout
parameter
---
lib/fencing.py.py | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/lib/fencing.py.py b/lib/fencing.py.py
index 4a41af02..4639a9a5 100644
--- a/lib/fencing.py.py
+++ b/lib/fencing.py.py
@@ -10,6 +10,8 @@
import textwrap
import __main__
+import itertools
+
RELEASE_VERSION = "@RELEASE_VERSION@"
__all__ = ['atexit_handler', 'check_input', 'process_input', 'all_opt', 'show_docs',
@@ -821,11 +823,15 @@ def async_set_multi_power_fn(connection, options, set_power_fn, get_power_fn, re
set_power_fn(connection, options)
time.sleep(int(options["--power-wait"]))
- for _ in range(int(options["--power-timeout"])):
+ for _ in itertools.count(1):
if get_multi_power_fn(connection, options, get_power_fn) != options["--action"]:
time.sleep(1)
else:
return True
+
+ if int(options["--power-timeout"]) > 0 and _ >= int(options["--power-timeout"]):
+ break
+
return False
def sync_set_multi_power_fn(connection, options, sync_set_power_fn, retry_attempts):

View File

@ -0,0 +1,38 @@
From 4cf6887e98c712b99f741dbfe54932c60e93741b Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Tue, 3 Nov 2020 14:30:12 +0100
Subject: [PATCH] fencing: fix to make timeout(s)=0 be treated as forever for
agents using pexpect
---
lib/fencing.py.py | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/lib/fencing.py.py b/lib/fencing.py.py
index 4639a9a5..fa34f13a 100644
--- a/lib/fencing.py.py
+++ b/lib/fencing.py.py
@@ -500,10 +500,13 @@ def __init__(self, options, command, **kwargs):
self.opt = options
def log_expect(self, pattern, timeout):
- result = self.expect(pattern, timeout)
+ result = self.expect(pattern, timeout if timeout != 0 else None)
logging.debug("Received: %s", self.before + self.after)
return result
+ def read_nonblocking(self, size, timeout):
+ return pexpect.spawn.read_nonblocking(self, size=100, timeout=timeout if timeout != 0 else None)
+
def send(self, message):
logging.debug("Sent: %s", message)
return pexpect.spawn.send(self, message)
@@ -516,7 +519,7 @@ def frun(command, timeout=30, withexitstatus=False, events=None,
extra_args=None, logfile=None, cwd=None, env=None, **kwargs):
if sys.version_info[0] > 2:
kwargs.setdefault('encoding', 'utf-8')
- return pexpect.run(command, timeout=timeout,
+ return pexpect.run(command, timeout=timeout if timeout != 0 else None,
withexitstatus=withexitstatus, events=events,
extra_args=extra_args, logfile=logfile, cwd=cwd,
env=env, **kwargs)

View File

@ -0,0 +1,22 @@
From 083ecce0e7b6cd41eef026c8a1ba986f8814a7d9 Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Thu, 5 Nov 2020 11:53:55 +0100
Subject: [PATCH] fencing: fix run_command() to allow timeout=0 to mean forever
---
lib/fencing.py.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/fencing.py.py b/lib/fencing.py.py
index fa34f13a..9654f57b 100644
--- a/lib/fencing.py.py
+++ b/lib/fencing.py.py
@@ -1062,7 +1062,7 @@ def run_command(options, command, timeout=None, env=None, log_command=None):
thread = threading.Thread(target=process.wait)
thread.start()
- thread.join(timeout)
+ thread.join(timeout if timeout else None)
if thread.is_alive():
process.kill()
fail(EC_TIMED_OUT, stop=(int(options.get("retry", 0)) < 1))

View File

@ -0,0 +1,198 @@
From bf32059e26f6a7d019df0f7949ce66adf997bc21 Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Fri, 8 Feb 2019 14:16:31 +0100
Subject: [PATCH] log exceptions to be more detailed when failing
---
agents/apc/fence_apc.py | 6 ++++--
agents/cisco_ucs/fence_cisco_ucs.py | 3 ++-
agents/eps/fence_eps.py | 3 ++-
agents/ilo_moonshot/fence_ilo_moonshot.py | 3 ++-
agents/lpar/fence_lpar.py | 6 ++++--
agents/ovh/fence_ovh.py | 3 ++-
agents/sanbox2/fence_sanbox2.py | 12 ++++++++----
agents/vmware_soap/fence_vmware_soap.py | 9 ++++++---
8 files changed, 30 insertions(+), 15 deletions(-)
diff --git a/agents/apc/fence_apc.py b/agents/apc/fence_apc.py
index 24a5a4232..dd0287f83 100644
--- a/agents/apc/fence_apc.py
+++ b/agents/apc/fence_apc.py
@@ -90,7 +90,8 @@ def get_power_status(conn, options):
try:
(_, status) = outlets[options["--plug"]]
return status.lower().strip()
- except KeyError:
+ except KeyError as e:
+ logging.error("Failed: {}".format(str(e)))
fail(EC_STATUS)
def set_power_status(conn, options):
@@ -199,7 +200,8 @@ def get_power_status5(conn, options):
try:
(_, status) = outlets[options["--plug"]]
return status.lower().strip()
- except KeyError:
+ except KeyError as e:
+ logging.error("Failed: {}".format(str(e)))
fail(EC_STATUS)
def set_power_status5(conn, options):
diff --git a/agents/cisco_ucs/fence_cisco_ucs.py b/agents/cisco_ucs/fence_cisco_ucs.py
index ec3117548..2280dbbc7 100644
--- a/agents/cisco_ucs/fence_cisco_ucs.py
+++ b/agents/cisco_ucs/fence_cisco_ucs.py
@@ -174,7 +174,8 @@ def main():
if result == None:
## Cookie is absenting in response
fail(EC_LOGIN_DENIED)
- except Exception:
+ except Exception as e:
+ logging.error("Failed: {}".format(str(e)))
fail(EC_LOGIN_DENIED)
options_global["cookie"] = result.group(1)
diff --git a/agents/eps/fence_eps.py b/agents/eps/fence_eps.py
index 74c89b95b..f0df86231 100644
--- a/agents/eps/fence_eps.py
+++ b/agents/eps/fence_eps.py
@@ -56,7 +56,8 @@ def eps_run_command(options, params):
conn.close()
except socket.timeout:
fail(EC_TIMED_OUT)
- except socket.error:
+ except socket.error as e:
+ logging.error("Failed: {}".format(str(e)))
fail(EC_LOGIN_DENIED)
return result
diff --git a/agents/ilo_moonshot/fence_ilo_moonshot.py b/agents/ilo_moonshot/fence_ilo_moonshot.py
index a066a9c91..6f5cca320 100644
--- a/agents/ilo_moonshot/fence_ilo_moonshot.py
+++ b/agents/ilo_moonshot/fence_ilo_moonshot.py
@@ -21,7 +21,8 @@ def get_power_status(conn, options):
try:
(_, status) = nodes[options["--plug"]]
return status.lower()
- except KeyError:
+ except KeyError as e:
+ logging.error("Failed: {}".format(str(e)))
fail(EC_STATUS)
def set_power_status(conn, options):
diff --git a/agents/lpar/fence_lpar.py b/agents/lpar/fence_lpar.py
index a16103733..66cb65e41 100644
--- a/agents/lpar/fence_lpar.py
+++ b/agents/lpar/fence_lpar.py
@@ -37,7 +37,8 @@ def get_power_status(conn, options):
try:
status = re.compile("^" + options["--plug"] + ",(.*?),.*$",
re.IGNORECASE | re.MULTILINE).search(conn.before).group(1)
- except AttributeError:
+ except AttributeError as e:
+ logging.error("Failed: {}".format(str(e)))
fail(EC_STATUS_HMC)
elif options["--hmc-version"] in ["4", "IVM"]:
conn.send("lssyscfg -r lpar -m "+ options["--managed"] +
@@ -49,7 +50,8 @@ def get_power_status(conn, options):
try:
status = re.compile(",state=(.*?),", re.IGNORECASE).search(conn.before).group(1)
- except AttributeError:
+ except AttributeError as e:
+ logging.error("Failed: {}".format(str(e)))
fail(EC_STATUS_HMC)
return _normalize_status(status)
diff --git a/agents/ovh/fence_ovh.py b/agents/ovh/fence_ovh.py
index f5403c54d..2b7eb864f 100644
--- a/agents/ovh/fence_ovh.py
+++ b/agents/ovh/fence_ovh.py
@@ -66,7 +66,8 @@ def soap_login(options):
try:
soap = Client(url, doctor=d)
session = soap.service.login(options["--username"], options["--password"], 'en', 0)
- except Exception:
+ except Exception as e:
+ logging.error("Failed: {}".format(str(e)))
fail(EC_LOGIN_DENIED)
options["session"] = session
diff --git a/agents/sanbox2/fence_sanbox2.py b/agents/sanbox2/fence_sanbox2.py
index 679d1d983..179fe0e8b 100644
--- a/agents/sanbox2/fence_sanbox2.py
+++ b/agents/sanbox2/fence_sanbox2.py
@@ -28,7 +28,8 @@ def get_power_status(conn, options):
conn.send_eol("admin end")
conn.send_eol("exit")
conn.close()
- except Exception:
+ except Exception as e:
+ logging.error("Failed: {}".format(str(e)))
pass
fail(EC_TIMED_OUT)
@@ -54,7 +55,8 @@ def set_power_status(conn, options):
conn.send_eol("admin end")
conn.send_eol("exit")
conn.close()
- except Exception:
+ except Exception as e:
+ logging.error("Failed: {}".format(str(e)))
pass
fail(EC_TIMED_OUT)
@@ -66,7 +68,8 @@ def set_power_status(conn, options):
conn.send_eol("admin end")
conn.send_eol("exit")
conn.close()
- except Exception:
+ except Exception as e:
+ logging.error("Failed: {}".format(str(e)))
pass
fail(EC_TIMED_OUT)
@@ -91,7 +94,8 @@ def get_list_devices(conn, options):
conn.send_eol("admin end")
conn.send_eol("exit")
conn.close()
- except Exception:
+ except Exception as e:
+ logging.error("Failed: {}".format(str(e)))
pass
fail(EC_TIMED_OUT)
diff --git a/agents/vmware_soap/fence_vmware_soap.py b/agents/vmware_soap/fence_vmware_soap.py
index f2ab68b02..a7f08b3d6 100644
--- a/agents/vmware_soap/fence_vmware_soap.py
+++ b/agents/vmware_soap/fence_vmware_soap.py
@@ -68,7 +68,8 @@ def soap_login(options):
conn.service.Login(mo_SessionManager, options["--username"], options["--password"])
except requests.exceptions.SSLError as ex:
fail_usage("Server side certificate verification failed: %s" % ex)
- except Exception:
+ except Exception as e:
+ logging.error("Server side certificate verification failed: {}".format(str(e)))
fail(EC_LOGIN_DENIED)
options["ServiceContent"] = ServiceContent
@@ -126,7 +127,8 @@ def get_power_status(conn, options):
try:
raw_machines = conn.service.RetrievePropertiesEx(mo_PropertyCollector, propFilterSpec)
- except Exception:
+ except Exception as e:
+ logging.error("Failed: {}".format(str(e)))
fail(EC_STATUS)
(machines, uuid, mappingToUUID) = process_results(raw_machines, {}, {}, {})
@@ -135,7 +137,8 @@ def get_power_status(conn, options):
while hasattr(raw_machines, 'token'):
try:
raw_machines = conn.service.ContinueRetrievePropertiesEx(mo_PropertyCollector, raw_machines.token)
- except Exception:
+ except Exception as e:
+ logging.error("Failed: {}".format(str(e)))
fail(EC_STATUS)
(more_machines, more_uuid, more_mappingToUUID) = process_results(raw_machines, {}, {}, {})
machines.update(more_machines)

View File

@ -0,0 +1,12 @@
diff -uNr a/agents/azure_arm/fence_azure_arm.py b/agents/azure_arm/fence_azure_arm.py
--- a/agents/azure_arm/fence_azure_arm.py 2018-06-28 14:24:54.000000000 +0200
+++ b/agents/azure_arm/fence_azure_arm.py 2019-01-15 10:24:16.030092206 +0100
@@ -7,6 +7,8 @@
sys.path.append("@FENCEAGENTSLIBDIR@")
from fencing import *
from fencing import fail_usage, run_command, run_delay
+
+sys.path.insert(0, '/usr/lib/fence-agents/bundled/azure')
import azure_fence
def get_nodes_list(clients, options):

View File

@ -0,0 +1,50 @@
From 342570c5a5af4c277be283507ef7898a078e2df9 Mon Sep 17 00:00:00 2001
From: mmartinv <32071463+mmartinv@users.noreply.github.com>
Date: Fri, 16 Nov 2018 12:55:58 +0100
Subject: [PATCH] Fix 'log_expect' in fence_hpblade.py
Update the 'log_expect' call to the new method definition.
---
agents/hpblade/fence_hpblade.py | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/agents/hpblade/fence_hpblade.py b/agents/hpblade/fence_hpblade.py
index b2cc94a3..fbc89f61 100644
--- a/agents/hpblade/fence_hpblade.py
+++ b/agents/hpblade/fence_hpblade.py
@@ -16,7 +16,7 @@
def get_enclosure_type(conn, options):
conn.send_eol("show enclosure info")
- conn.log_expect(options, options["--command-prompt"], int(options["--shell-timeout"]))
+ conn.log_expect(options["--command-prompt"], int(options["--shell-timeout"]))
type_re=re.compile(r"^\s*Enclosure Type: (\w+)(.*?)\s*$")
enclosure="unknown"
@@ -39,7 +39,7 @@ def get_power_status(conn, options):
powrestr = "^\\s*Power: (.*?)\\s*$"
conn.send_eol(cmd_send)
- conn.log_expect(options, options["--command-prompt"], int(options["--shell-timeout"]))
+ conn.log_expect(options["--command-prompt"], int(options["--shell-timeout"]))
power_re = re.compile(powrestr)
status = "unknown"
@@ -72,7 +72,7 @@ def set_power_status(conn, options):
conn.send_eol("poweron " + dev + options["--plug"])
elif options["--action"] == "off":
conn.send_eol("poweroff " + dev + options["--plug"] + " force")
- conn.log_expect(options, options["--command-prompt"], int(options["--shell-timeout"]))
+ conn.log_expect(options["--command-prompt"], int(options["--shell-timeout"]))
def get_instances_list(conn, options):
outlets = {}
@@ -84,7 +84,7 @@ def get_instances_list(conn, options):
listrestr = "^\\s*(\\d+)\\s+(.*?)\\s+(.*?)\\s+OK\\s+(.*?)\\s+(.*?)\\s*$"
conn.send_eol(cmd_send)
- conn.log_expect(options, options["--command-prompt"], int(options["--shell-timeout"]))
+ conn.log_expect(options["--command-prompt"], int(options["--shell-timeout"]))
list_re = re.compile(listrestr)
for line in conn.before.splitlines():

View File

@ -0,0 +1,24 @@
From f77297b654586bf539e78957f26cae1d22c6f081 Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Fri, 2 Nov 2018 09:24:56 +0100
Subject: [PATCH] fence_scsi: fix incorrect SCSI key when node ID is 10 or
higher
The last four digits of the SCSI key will be zero padded digit between 0000-0009.
---
agents/scsi/fence_scsi.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/agents/scsi/fence_scsi.py b/agents/scsi/fence_scsi.py
index 2180d0c9..79ada4fa 100644
--- a/agents/scsi/fence_scsi.py
+++ b/agents/scsi/fence_scsi.py
@@ -191,7 +191,7 @@ def get_cluster_id(options):
def get_node_id(options):
cmd = options["--corosync-cmap-path"] + " nodelist"
- match = re.search(r".(\d).ring._addr \(str\) = " + options["--plug"] + "\n", run_cmd(options, cmd)["out"])
+ match = re.search(r".(\d+).ring._addr \(str\) = " + options["--plug"] + "\n", run_cmd(options, cmd)["out"])
return match.group(1) if match else fail_usage("Failed: unable to parse output of corosync-cmapctl or node does not exist")

View File

@ -0,0 +1,41 @@
From 116fb7d1253ac31a8f174187dfe9f4a0c6546ade Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Fri, 7 Sep 2018 15:56:56 +0200
Subject: [PATCH] fence_vmware_soap: cleanup when receiving SIGTERM
---
agents/vmware_soap/fence_vmware_soap.py | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/agents/vmware_soap/fence_vmware_soap.py b/agents/vmware_soap/fence_vmware_soap.py
index b90edc9b..dd1a4ed6 100644
--- a/agents/vmware_soap/fence_vmware_soap.py
+++ b/agents/vmware_soap/fence_vmware_soap.py
@@ -3,7 +3,7 @@
import sys
import shutil, tempfile, suds
import logging, requests
-import atexit
+import atexit, signal
sys.path.append("@FENCEAGENTSLIBDIR@")
from suds.client import Client
@@ -211,6 +211,9 @@ def logout():
except Exception:
pass
+def signal_handler(signum, frame):
+ raise Exception("Signal \"%d\" received which has triggered an exit of the process." % signum)
+
def main():
global options_global
global conn_global
@@ -219,6 +222,8 @@ def main():
atexit.register(atexit_handler)
atexit.register(logout)
+ signal.signal(signal.SIGTERM, signal_handler)
+
options_global = check_input(device_opt, process_input(device_opt))
##

View File

@ -0,0 +1,146 @@
From 11a63822fbdc0a9ebe1b668b26a59f1cc9649f6c Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Wed, 24 Oct 2018 14:51:27 +0200
Subject: [PATCH] fence_scsi: watchdog retries support
---
agents/scsi/fence_scsi.py | 60 ++++++++++++++++++++----------
tests/data/metadata/fence_scsi.xml | 4 +-
2 files changed, 43 insertions(+), 21 deletions(-)
diff --git a/agents/scsi/fence_scsi.py b/agents/scsi/fence_scsi.py
index 79ada4fa..8a1e4c77 100644
--- a/agents/scsi/fence_scsi.py
+++ b/agents/scsi/fence_scsi.py
@@ -158,13 +158,15 @@ def get_reservation_key(options, dev):
return match.group(1) if match else None
-def get_registration_keys(options, dev):
+def get_registration_keys(options, dev, fail=True):
reset_dev(options,dev)
keys = []
cmd = options["--sg_persist-path"] + " -n -i -k -d " + dev
out = run_cmd(options, cmd)
if out["err"]:
- fail_usage("Cannot get registration keys")
+ fail_usage("Cannot get registration keys", fail)
+ if not fail:
+ return []
for line in out["out"].split("\n"):
match = re.search(r"\s+0x(\S+)\s*", line)
if match:
@@ -218,9 +220,8 @@ def get_key(fail=True):
try:
f = open(file_path, "r")
except IOError:
- if fail:
- fail_usage("Failed: Cannot open file \""+ file_path + "\"")
- else:
+ fail_usage("Failed: Cannot open file \""+ file_path + "\"", fail)
+ if not fail:
return None
return f.readline().strip().lower()
@@ -244,9 +245,8 @@ def dev_read(fail=True):
try:
f = open(file_path, "r")
except IOError:
- if fail:
- fail_usage("Failed: Cannot open file \"" + file_path + "\"")
- else:
+ fail_usage("Failed: Cannot open file \"" + file_path + "\"", fail)
+ if not fail:
return None
# get not empty lines from file
devs = [line.strip() for line in f if line.strip()]
@@ -371,14 +371,20 @@ def define_new_opts():
}
-def scsi_check_get_verbose():
+def scsi_check_get_options(options):
try:
- f = open("/etc/sysconfig/watchdog", "r")
+ f = open("/etc/sysconfig/stonith", "r")
except IOError:
- return False
- match = re.search(r"^\s*verbose=yes", "".join(f.readlines()), re.MULTILINE)
+ return options
+
+ match = re.findall(r"^\s*(\S*)\s*=\s*(\S*)\s*", "".join(f.readlines()), re.MULTILINE)
+
+ for m in match:
+ options[m[0].lower()] = m[1].lower()
+
f.close()
- return bool(match)
+
+ return options
def scsi_check(hardreboot=False):
@@ -388,7 +394,10 @@ def scsi_check(hardreboot=False):
options["--sg_turs-path"] = "@SG_TURS_PATH@"
options["--sg_persist-path"] = "@SG_PERSIST_PATH@"
options["--power-timeout"] = "5"
- if scsi_check_get_verbose():
+ options["retry"] = "0"
+ options["retry-sleep"] = "1"
+ options = scsi_check_get_options(options)
+ if "verbose" in options and options["verbose"] == "yes":
logging.getLogger().setLevel(logging.DEBUG)
devs = dev_read(fail=False)
if not devs:
@@ -399,11 +408,18 @@ def scsi_check(hardreboot=False):
logging.error("Key not found")
return 0
for dev in devs:
- if key in get_registration_keys(options, dev):
- logging.debug("key " + key + " registered with device " + dev)
- return 0
- else:
- logging.debug("key " + key + " not registered with device " + dev)
+ for n in range(int(options["retry"]) + 1):
+ if n > 0:
+ logging.debug("retry: " + str(n) + " of " + options["retry"])
+ if key in get_registration_keys(options, dev, fail=False):
+ logging.debug("key " + key + " registered with device " + dev)
+ return 0
+ else:
+ logging.debug("key " + key + " not registered with device " + dev)
+
+ if n < int(options["retry"]):
+ time.sleep(float(options["retry-sleep"]))
+
logging.debug("key " + key + " registered with any devices")
if hardreboot == True:
@@ -452,7 +468,11 @@ def main():
device(s). The result is that only registered nodes may write to the \
device(s). When a node failure occurs, the fence_scsi agent will remove the \
key belonging to the failed node from the device(s). The failed node will no \
-longer be able to write to the device(s). A manual reboot is required."
+longer be able to write to the device(s). A manual reboot is required.\
+\n.P\n\
+When used as a watchdog device you can define e.g. retry=1, retry-sleep=2 and \
+verbose=yes parameters in /etc/sysconfig/stonith if you have issues with it \
+failing."
docs["vendorurl"] = ""
show_docs(options, docs)
diff --git a/tests/data/metadata/fence_scsi.xml b/tests/data/metadata/fence_scsi.xml
index 45a84168..b8cdabd1 100644
--- a/tests/data/metadata/fence_scsi.xml
+++ b/tests/data/metadata/fence_scsi.xml
@@ -1,7 +1,9 @@
<?xml version="1.0" ?>
<resource-agent name="fence_scsi" shortdesc="Fence agent for SCSI persistent reservation" >
<longdesc>fence_scsi is an I/O fencing agent that uses SCSI-3 persistent reservations to control access to shared storage devices. These devices must support SCSI-3 persistent reservations (SPC-3 or greater) as well as the "preempt-and-abort" subcommand.
-The fence_scsi agent works by having each node in the cluster register a unique key with the SCSI device(s). Once registered, a single node will become the reservation holder by creating a "write exclusive, registrants only" reservation on the device(s). The result is that only registered nodes may write to the device(s). When a node failure occurs, the fence_scsi agent will remove the key belonging to the failed node from the device(s). The failed node will no longer be able to write to the device(s). A manual reboot is required.</longdesc>
+The fence_scsi agent works by having each node in the cluster register a unique key with the SCSI device(s). Once registered, a single node will become the reservation holder by creating a "write exclusive, registrants only" reservation on the device(s). The result is that only registered nodes may write to the device(s). When a node failure occurs, the fence_scsi agent will remove the key belonging to the failed node from the device(s). The failed node will no longer be able to write to the device(s). A manual reboot is required.
+
+When used as a watchdog device you can define e.g. retry=1, retry-sleep=2 and verbose=yes parameters in /etc/sysconfig/stonith if you have issues with it failing.</longdesc>
<vendor-url></vendor-url>
<parameters>
<parameter name="action" unique="0" required="1">

View File

@ -0,0 +1,23 @@
From 267afc5caa0580cc483220e671cda094413a4e16 Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Wed, 28 Nov 2018 09:54:16 +0100
Subject: [PATCH] build: fix if-redirection to make check_used_options run for
the agents as intended
---
make/fencebuild.mk | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/make/fencebuild.mk b/make/fencebuild.mk
index 9e8bd692..143082f0 100644
--- a/make/fencebuild.mk
+++ b/make/fencebuild.mk
@@ -33,7 +33,7 @@ define gen_agent_from_py
-e 's#@''PING4_CMD@#${PING4_CMD}#g' \
> $@
- if [ 0 -eq `echo "$(@)" | grep fence_ 2>&1 /dev/null; echo $$?` ]; then \
+ if [ 0 -eq `echo "$(@)" | grep fence_ > /dev/null 2>&1; echo $$?` ]; then \
PYTHONPATH=$(abs_top_srcdir)/lib:$(abs_top_builddir)/lib $(PYTHON) $(top_srcdir)/lib/check_used_options.py $@; \
else true ; fi

View File

@ -0,0 +1,812 @@
From 64e3f3ef4d0abefd2836fe015c87173310b1e130 Mon Sep 17 00:00:00 2001
From: Jose Delarosa <jose.delarosa@dell.com>
Date: Mon, 3 Dec 2018 10:11:15 -0600
Subject: [PATCH 1/8] Add new fence agent for Redfish
- Agent works on all fence devices that implement the Redfish API specification
- Agent programatically finds the Systems Resouce URI if it's not provided
---
agents/redfish/fence_redfish.py | 151 +++++++++++++++++++++
tests/data/metadata/fence_redfish.xml | 181 ++++++++++++++++++++++++++
2 files changed, 332 insertions(+)
create mode 100644 agents/redfish/fence_redfish.py
create mode 100644 tests/data/metadata/fence_redfish.xml
diff --git a/agents/redfish/fence_redfish.py b/agents/redfish/fence_redfish.py
new file mode 100644
index 00000000..df7cf8c2
--- /dev/null
+++ b/agents/redfish/fence_redfish.py
@@ -0,0 +1,151 @@
+#!@PYTHON@ -tt
+
+# Copyright (c) 2018 Dell Inc. or its subsidiaries. All Rights Reserved.
+
+# Fence agent for devices that support the Redfish API Specification.
+
+import sys
+import re
+import json
+import requests
+import atexit
+sys.path.append("@FENCEAGENTSLIBDIR@")
+
+from requests.packages.urllib3.exceptions import InsecureRequestWarning
+from fencing import *
+from fencing import fail_usage
+
+def get_power_status(conn, options):
+ uri = options["--systems-uri"]
+ response = send_get_request(options, uri)
+ if response['ret'] is False:
+ fail_usage("Couldn't get power information")
+ data = response['data']
+ if data[u'PowerState'].strip() == "On":
+ return "on"
+ else:
+ return "off"
+
+def set_power_status(conn, options):
+ action = {
+ 'on' : "On",
+ 'off': "ForceOff",
+ 'reboot': "GracefulRestart"
+ }[options["--action"]]
+
+ payload = {'ResetType': action}
+ headers = {'content-type': 'application/json'}
+
+ # Search for 'Actions' key and extract URI from it
+ uri = options["--systems-uri"]
+ response = send_get_request(options, uri)
+ if response['ret'] is False:
+ return {'ret': False}
+ data = response['data']
+ uri = data["Actions"]["#ComputerSystem.Reset"]["target"]
+
+ response = send_post_request(options, uri, payload, headers)
+ if response['ret'] is False:
+ fail_usage("Error sending power command")
+ return
+
+def send_get_request(options, uri):
+ full_uri = "https://" + options["--ip"] + uri
+ try:
+ resp = requests.get(full_uri, verify=False,
+ auth=(options["--username"], options["--password"]))
+ data = resp.json()
+ except:
+ return {'ret': False}
+ return {'ret': True, 'data': data}
+
+def send_post_request(options, uri, payload, headers):
+ full_uri = "https://" + options["--ip"] + uri
+ try:
+ requests.post(full_uri, data=json.dumps(payload),
+ headers=headers, verify=False,
+ auth=(options["--username"], options["--password"]))
+ except:
+ return {'ret': False}
+ return {'ret': True}
+
+def find_systems_resource(options):
+ uri = options["--redfish-uri"]
+ response = send_get_request(options, uri)
+ if response['ret'] is False:
+ return {'ret': False}
+ data = response['data']
+
+ if 'Systems' not in data:
+ # Systems resource not found"
+ return {'ret': False}
+ else:
+ uri = data["Systems"]["@odata.id"]
+ response = send_get_request(options, uri)
+ if response['ret'] is False:
+ return {'ret': False}
+ data = response['data']
+
+ # need to be able to handle more than one entry
+ for member in data[u'Members']:
+ system_uri = member[u'@odata.id']
+ return {'ret': True, 'uri': system_uri}
+
+def define_new_opts():
+ all_opt["redfish-uri"] = {
+ "getopt" : ":",
+ "longopt" : "redfish-uri",
+ "help" : "--redfish-uri=[uri] Base or starting Redifsh URI",
+ "required" : "0",
+ "default" : "/redfish/v1",
+ "shortdesc" : "Base or starting Redfish URI",
+ "order": 1
+ }
+ all_opt["systems-uri"] = {
+ "getopt" : ":",
+ "longopt" : "systems-uri",
+ "help" : "--systems-uri=[uri] Redfish Systems resource URI",
+ "required" : "0",
+ "shortdesc" : "Redfish Systems resource URI, i.e. /redfish/v1/Systems/System.Embedded.1",
+ "order": 1
+ }
+
+def main():
+ atexit.register(atexit_handler)
+ device_opt = ["ipaddr", "login", "passwd", "redfish-uri", "systems-uri", "ssl"]
+ define_new_opts()
+
+ opt = process_input(device_opt)
+
+ all_opt["ipport"]["default"] = "443"
+ options = check_input(device_opt, opt)
+
+ docs = {}
+ docs["shortdesc"] = "I/O Fencing agent for Redfish"
+ docs["longdesc"] = "fence_redfish is an I/O Fencing agent which can be used with \
+Out-of-Band controllers that support Redfish APIs. These controllers provide remote \
+access to control power on a server."
+ docs["vendorurl"] = "http://www.dmtf.org"
+ show_docs(options, docs)
+
+ ##
+ ## Operate the fencing device
+ ####
+
+ # Disable insecure-certificate-warning message
+ if "--ssl-insecure" in opt:
+ requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
+
+ if "--systems-uri" not in opt:
+ # Systems URI not provided, find it
+ sysresult = find_systems_resource(options)
+ if sysresult['ret'] is False:
+ sys.exit(1)
+ else:
+ options["--systems-uri"] = sysresult["uri"]
+
+ result = fence_action(None, options, set_power_status, get_power_status, None)
+ sys.exit(result)
+
+if __name__ == "__main__":
+ main()
diff --git a/tests/data/metadata/fence_redfish.xml b/tests/data/metadata/fence_redfish.xml
new file mode 100644
index 00000000..43d447d0
--- /dev/null
+++ b/tests/data/metadata/fence_redfish.xml
@@ -0,0 +1,181 @@
+<?xml version="1.0" ?>
+<resource-agent name="fence_redfish" shortdesc="I/O Fencing agent for Redfish" >
+<longdesc>fence_redfish is an I/O Fencing agent which can be used with Out-of-Band controllers that support Redfish APIs. These controllers provide remote access to control power on a server.</longdesc>
+<vendor-url>http://www.dmtf.org</vendor-url>
+<parameters>
+ <parameter name="ipport" unique="0" required="0">
+ <getopt mixed="-u, --ipport=[port]" />
+ <content type="integer" default="443" />
+ <shortdesc lang="en">TCP/UDP port to use for connection with device</shortdesc>
+ </parameter>
+ <parameter name="ssl_secure" unique="0" required="0">
+ <getopt mixed="--ssl-secure" />
+ <content type="boolean" />
+ <shortdesc lang="en">SSL connection with verifying fence device's certificate</shortdesc>
+ </parameter>
+ <parameter name="systems-uri" unique="0" required="0" deprecated="1">
+ <getopt mixed="--systems-uri=[uri]" />
+ <content type="string" />
+ <shortdesc lang="en">Redfish Systems resource URI, i.e. /redfish/v1/Systems/System.Embedded.1</shortdesc>
+ </parameter>
+ <parameter name="action" unique="0" required="1">
+ <getopt mixed="-o, --action=[action]" />
+ <content type="string" default="reboot" />
+ <shortdesc lang="en">Fencing Action</shortdesc>
+ </parameter>
+ <parameter name="inet6_only" unique="0" required="0">
+ <getopt mixed="-6, --inet6-only" />
+ <content type="boolean" />
+ <shortdesc lang="en">Forces agent to use IPv6 addresses only</shortdesc>
+ </parameter>
+ <parameter name="ipaddr" unique="0" required="0" deprecated="1">
+ <getopt mixed="-a, --ip=[ip]" />
+ <content type="string" />
+ <shortdesc lang="en">IP Address or Hostname</shortdesc>
+ </parameter>
+ <parameter name="port" unique="0" required="0" deprecated="1">
+ <getopt mixed="-n, --plug=[ip]" />
+ <content type="string" />
+ <shortdesc lang="en">IP address or hostname of fencing device (together with --port-as-ip)</shortdesc>
+ </parameter>
+ <parameter name="passwd_script" unique="0" required="0" deprecated="1">
+ <getopt mixed="-S, --password-script=[script]" />
+ <content type="string" />
+ <shortdesc lang="en">Script to retrieve password</shortdesc>
+ </parameter>
+ <parameter name="inet4_only" unique="0" required="0">
+ <getopt mixed="-4, --inet4-only" />
+ <content type="boolean" />
+ <shortdesc lang="en">Forces agent to use IPv4 addresses only</shortdesc>
+ </parameter>
+ <parameter name="passwd" unique="0" required="0" deprecated="1">
+ <getopt mixed="-p, --password=[password]" />
+ <content type="string" />
+ <shortdesc lang="en">Login password or passphrase</shortdesc>
+ </parameter>
+ <parameter name="ssl" unique="0" required="0">
+ <getopt mixed="-z, --ssl" />
+ <content type="boolean" />
+ <shortdesc lang="en">SSL connection</shortdesc>
+ </parameter>
+ <parameter name="redfish-uri" unique="0" required="0" deprecated="1">
+ <getopt mixed="--redfish-uri=[uri]" />
+ <content type="string" default="/redfish/v1" />
+ <shortdesc lang="en">Base or starting Redfish URI</shortdesc>
+ </parameter>
+ <parameter name="ssl_insecure" unique="0" required="0">
+ <getopt mixed="--ssl-insecure" />
+ <content type="boolean" />
+ <shortdesc lang="en">SSL connection without verifying fence device's certificate</shortdesc>
+ </parameter>
+ <parameter name="login" unique="0" required="1" deprecated="1">
+ <getopt mixed="-l, --username=[name]" />
+ <content type="string" />
+ <shortdesc lang="en">Login Name</shortdesc>
+ </parameter>
+ <parameter name="plug" unique="0" required="0" obsoletes="port">
+ <getopt mixed="-n, --plug=[ip]" />
+ <content type="string" />
+ <shortdesc lang="en">IP address or hostname of fencing device (together with --port-as-ip)</shortdesc>
+ </parameter>
+ <parameter name="username" unique="0" required="1" obsoletes="login">
+ <getopt mixed="-l, --username=[name]" />
+ <content type="string" />
+ <shortdesc lang="en">Login Name</shortdesc>
+ </parameter>
+ <parameter name="redfish_uri" unique="0" required="0" obsoletes="redfish-uri">
+ <getopt mixed="--redfish-uri=[uri]" />
+ <content type="string" default="/redfish/v1" />
+ <shortdesc lang="en">Base or starting Redfish URI</shortdesc>
+ </parameter>
+ <parameter name="ip" unique="0" required="0" obsoletes="ipaddr">
+ <getopt mixed="-a, --ip=[ip]" />
+ <content type="string" />
+ <shortdesc lang="en">IP Address or Hostname</shortdesc>
+ </parameter>
+ <parameter name="systems_uri" unique="0" required="0" obsoletes="systems-uri">
+ <getopt mixed="--systems-uri=[uri]" />
+ <content type="string" />
+ <shortdesc lang="en">Redfish Systems resource URI, i.e. /redfish/v1/Systems/System.Embedded.1</shortdesc>
+ </parameter>
+ <parameter name="password" unique="0" required="0" obsoletes="passwd">
+ <getopt mixed="-p, --password=[password]" />
+ <content type="string" />
+ <shortdesc lang="en">Login password or passphrase</shortdesc>
+ </parameter>
+ <parameter name="password_script" unique="0" required="0" obsoletes="passwd_script">
+ <getopt mixed="-S, --password-script=[script]" />
+ <content type="string" />
+ <shortdesc lang="en">Script to retrieve password</shortdesc>
+ </parameter>
+ <parameter name="verbose" unique="0" required="0">
+ <getopt mixed="-v, --verbose" />
+ <content type="boolean" />
+ <shortdesc lang="en">Verbose mode</shortdesc>
+ </parameter>
+ <parameter name="debug" unique="0" required="0" deprecated="1">
+ <getopt mixed="-D, --debug-file=[debugfile]" />
+ <content type="string" />
+ <shortdesc lang="en">Write debug information to given file</shortdesc>
+ </parameter>
+ <parameter name="debug_file" unique="0" required="0" obsoletes="debug">
+ <getopt mixed="-D, --debug-file=[debugfile]" />
+ <content type="string" />
+ <shortdesc lang="en">Write debug information to given file</shortdesc>
+ </parameter>
+ <parameter name="version" unique="0" required="0">
+ <getopt mixed="-V, --version" />
+ <content type="boolean" />
+ <shortdesc lang="en">Display version information and exit</shortdesc>
+ </parameter>
+ <parameter name="help" unique="0" required="0">
+ <getopt mixed="-h, --help" />
+ <content type="boolean" />
+ <shortdesc lang="en">Display help and exit</shortdesc>
+ </parameter>
+ <parameter name="power_wait" unique="0" required="0">
+ <getopt mixed="--power-wait=[seconds]" />
+ <content type="second" default="0" />
+ <shortdesc lang="en">Wait X seconds after issuing ON/OFF</shortdesc>
+ </parameter>
+ <parameter name="login_timeout" unique="0" required="0">
+ <getopt mixed="--login-timeout=[seconds]" />
+ <content type="second" default="5" />
+ <shortdesc lang="en">Wait X seconds for cmd prompt after login</shortdesc>
+ </parameter>
+ <parameter name="power_timeout" unique="0" required="0">
+ <getopt mixed="--power-timeout=[seconds]" />
+ <content type="second" default="20" />
+ <shortdesc lang="en">Test X seconds for status change after ON/OFF</shortdesc>
+ </parameter>
+ <parameter name="delay" unique="0" required="0">
+ <getopt mixed="--delay=[seconds]" />
+ <content type="second" default="0" />
+ <shortdesc lang="en">Wait X seconds before fencing is started</shortdesc>
+ </parameter>
+ <parameter name="shell_timeout" unique="0" required="0">
+ <getopt mixed="--shell-timeout=[seconds]" />
+ <content type="second" default="3" />
+ <shortdesc lang="en">Wait X seconds for cmd prompt after issuing command</shortdesc>
+ </parameter>
+ <parameter name="port_as_ip" unique="0" required="0">
+ <getopt mixed="--port-as-ip" />
+ <content type="boolean" />
+ <shortdesc lang="en">Make "port/plug" to be an alias to IP address</shortdesc>
+ </parameter>
+ <parameter name="retry_on" unique="0" required="0">
+ <getopt mixed="--retry-on=[attempts]" />
+ <content type="integer" default="1" />
+ <shortdesc lang="en">Count of attempts to retry power on</shortdesc>
+ </parameter>
+</parameters>
+<actions>
+ <action name="on" automatic="0"/>
+ <action name="off" />
+ <action name="reboot" />
+ <action name="status" />
+ <action name="monitor" />
+ <action name="metadata" />
+ <action name="validate-all" />
+</actions>
+</resource-agent>
From 6921a34d64d098a7b1f32205e0be434438c36898 Mon Sep 17 00:00:00 2001
From: Jose Delarosa <jose.delarosa@dell.com>
Date: Mon, 3 Dec 2018 10:46:52 -0600
Subject: [PATCH 2/8] Updated fence_redfish.xml with make xml-upload
---
tests/data/metadata/fence_redfish.xml | 148 ++++++++++++++------------
1 file changed, 79 insertions(+), 69 deletions(-)
diff --git a/tests/data/metadata/fence_redfish.xml b/tests/data/metadata/fence_redfish.xml
index 43d447d0..a39541e6 100644
--- a/tests/data/metadata/fence_redfish.xml
+++ b/tests/data/metadata/fence_redfish.xml
@@ -3,110 +3,115 @@
<longdesc>fence_redfish is an I/O Fencing agent which can be used with Out-of-Band controllers that support Redfish APIs. These controllers provide remote access to control power on a server.</longdesc>
<vendor-url>http://www.dmtf.org</vendor-url>
<parameters>
- <parameter name="ipport" unique="0" required="0">
- <getopt mixed="-u, --ipport=[port]" />
- <content type="integer" default="443" />
- <shortdesc lang="en">TCP/UDP port to use for connection with device</shortdesc>
- </parameter>
- <parameter name="ssl_secure" unique="0" required="0">
- <getopt mixed="--ssl-secure" />
- <content type="boolean" />
- <shortdesc lang="en">SSL connection with verifying fence device's certificate</shortdesc>
- </parameter>
- <parameter name="systems-uri" unique="0" required="0" deprecated="1">
- <getopt mixed="--systems-uri=[uri]" />
- <content type="string" />
- <shortdesc lang="en">Redfish Systems resource URI, i.e. /redfish/v1/Systems/System.Embedded.1</shortdesc>
- </parameter>
<parameter name="action" unique="0" required="1">
<getopt mixed="-o, --action=[action]" />
<content type="string" default="reboot" />
- <shortdesc lang="en">Fencing Action</shortdesc>
+ <shortdesc lang="en">Fencing action</shortdesc>
+ </parameter>
+ <parameter name="inet4_only" unique="0" required="0">
+ <getopt mixed="-4, --inet4-only" />
+ <content type="boolean" />
+ <shortdesc lang="en">Forces agent to use IPv4 addresses only</shortdesc>
</parameter>
<parameter name="inet6_only" unique="0" required="0">
<getopt mixed="-6, --inet6-only" />
<content type="boolean" />
<shortdesc lang="en">Forces agent to use IPv6 addresses only</shortdesc>
</parameter>
- <parameter name="ipaddr" unique="0" required="0" deprecated="1">
+ <parameter name="ip" unique="0" required="0" obsoletes="ipaddr">
<getopt mixed="-a, --ip=[ip]" />
<content type="string" />
- <shortdesc lang="en">IP Address or Hostname</shortdesc>
+ <shortdesc lang="en">IP address or hostname of fencing device</shortdesc>
</parameter>
- <parameter name="port" unique="0" required="0" deprecated="1">
- <getopt mixed="-n, --plug=[ip]" />
+ <parameter name="ipaddr" unique="0" required="0" deprecated="1">
+ <getopt mixed="-a, --ip=[ip]" />
<content type="string" />
- <shortdesc lang="en">IP address or hostname of fencing device (together with --port-as-ip)</shortdesc>
+ <shortdesc lang="en">IP address or hostname of fencing device</shortdesc>
</parameter>
- <parameter name="passwd_script" unique="0" required="0" deprecated="1">
- <getopt mixed="-S, --password-script=[script]" />
- <content type="string" />
- <shortdesc lang="en">Script to retrieve password</shortdesc>
+ <parameter name="ipport" unique="0" required="0">
+ <getopt mixed="-u, --ipport=[port]" />
+ <content type="integer" default="443" />
+ <shortdesc lang="en">TCP/UDP port to use for connection with device</shortdesc>
</parameter>
- <parameter name="inet4_only" unique="0" required="0">
- <getopt mixed="-4, --inet4-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv4 addresses only</shortdesc>
+ <parameter name="login" unique="0" required="1" deprecated="1">
+ <getopt mixed="-l, --username=[name]" />
+ <content type="string" />
+ <shortdesc lang="en">Login name</shortdesc>
</parameter>
<parameter name="passwd" unique="0" required="0" deprecated="1">
<getopt mixed="-p, --password=[password]" />
<content type="string" />
<shortdesc lang="en">Login password or passphrase</shortdesc>
</parameter>
- <parameter name="ssl" unique="0" required="0">
- <getopt mixed="-z, --ssl" />
- <content type="boolean" />
- <shortdesc lang="en">SSL connection</shortdesc>
- </parameter>
- <parameter name="redfish-uri" unique="0" required="0" deprecated="1">
- <getopt mixed="--redfish-uri=[uri]" />
- <content type="string" default="/redfish/v1" />
- <shortdesc lang="en">Base or starting Redfish URI</shortdesc>
+ <parameter name="passwd_script" unique="0" required="0" deprecated="1">
+ <getopt mixed="-S, --password-script=[script]" />
+ <content type="string" />
+ <shortdesc lang="en">Script to run to retrieve password</shortdesc>
</parameter>
- <parameter name="ssl_insecure" unique="0" required="0">
- <getopt mixed="--ssl-insecure" />
- <content type="boolean" />
- <shortdesc lang="en">SSL connection without verifying fence device's certificate</shortdesc>
+ <parameter name="password" unique="0" required="0" obsoletes="passwd">
+ <getopt mixed="-p, --password=[password]" />
+ <content type="string" />
+ <shortdesc lang="en">Login password or passphrase</shortdesc>
</parameter>
- <parameter name="login" unique="0" required="1" deprecated="1">
- <getopt mixed="-l, --username=[name]" />
+ <parameter name="password_script" unique="0" required="0" obsoletes="passwd_script">
+ <getopt mixed="-S, --password-script=[script]" />
<content type="string" />
- <shortdesc lang="en">Login Name</shortdesc>
+ <shortdesc lang="en">Script to run to retrieve password</shortdesc>
</parameter>
<parameter name="plug" unique="0" required="0" obsoletes="port">
<getopt mixed="-n, --plug=[ip]" />
<content type="string" />
<shortdesc lang="en">IP address or hostname of fencing device (together with --port-as-ip)</shortdesc>
</parameter>
- <parameter name="username" unique="0" required="1" obsoletes="login">
- <getopt mixed="-l, --username=[name]" />
+ <parameter name="port" unique="0" required="0" deprecated="1">
+ <getopt mixed="-n, --plug=[ip]" />
<content type="string" />
- <shortdesc lang="en">Login Name</shortdesc>
+ <shortdesc lang="en">IP address or hostname of fencing device (together with --port-as-ip)</shortdesc>
+ </parameter>
+ <parameter name="redfish-uri" unique="0" required="0" deprecated="1">
+ <getopt mixed="--redfish-uri=[uri]" />
+ <content type="string" default="/redfish/v1" />
+ <shortdesc lang="en">Base or starting Redfish URI</shortdesc>
</parameter>
<parameter name="redfish_uri" unique="0" required="0" obsoletes="redfish-uri">
<getopt mixed="--redfish-uri=[uri]" />
<content type="string" default="/redfish/v1" />
<shortdesc lang="en">Base or starting Redfish URI</shortdesc>
</parameter>
- <parameter name="ip" unique="0" required="0" obsoletes="ipaddr">
- <getopt mixed="-a, --ip=[ip]" />
+ <parameter name="ssl" unique="0" required="0">
+ <getopt mixed="-z, --ssl" />
+ <content type="boolean" />
+ <shortdesc lang="en">Use SSL connection with verifying certificate</shortdesc>
+ </parameter>
+ <parameter name="ssl_insecure" unique="0" required="0">
+ <getopt mixed="--ssl-insecure" />
+ <content type="boolean" />
+ <shortdesc lang="en">Use SSL connection without verifying certificate</shortdesc>
+ </parameter>
+ <parameter name="ssl_secure" unique="0" required="0">
+ <getopt mixed="--ssl-secure" />
+ <content type="boolean" />
+ <shortdesc lang="en">Use SSL connection with verifying certificate</shortdesc>
+ </parameter>
+ <parameter name="systems-uri" unique="0" required="0" deprecated="1">
+ <getopt mixed="--systems-uri=[uri]" />
<content type="string" />
- <shortdesc lang="en">IP Address or Hostname</shortdesc>
+ <shortdesc lang="en">Redfish Systems resource URI, i.e. /redfish/v1/Systems/System.Embedded.1</shortdesc>
</parameter>
<parameter name="systems_uri" unique="0" required="0" obsoletes="systems-uri">
<getopt mixed="--systems-uri=[uri]" />
<content type="string" />
<shortdesc lang="en">Redfish Systems resource URI, i.e. /redfish/v1/Systems/System.Embedded.1</shortdesc>
</parameter>
- <parameter name="password" unique="0" required="0" obsoletes="passwd">
- <getopt mixed="-p, --password=[password]" />
+ <parameter name="username" unique="0" required="1" obsoletes="login">
+ <getopt mixed="-l, --username=[name]" />
<content type="string" />
- <shortdesc lang="en">Login password or passphrase</shortdesc>
+ <shortdesc lang="en">Login name</shortdesc>
</parameter>
- <parameter name="password_script" unique="0" required="0" obsoletes="passwd_script">
- <getopt mixed="-S, --password-script=[script]" />
- <content type="string" />
- <shortdesc lang="en">Script to retrieve password</shortdesc>
+ <parameter name="quiet" unique="0" required="0">
+ <getopt mixed="-q, --quiet" />
+ <content type="boolean" />
+ <shortdesc lang="en">Disable logging to stderr. Does not affect --verbose or --debug-file or logging to syslog.</shortdesc>
</parameter>
<parameter name="verbose" unique="0" required="0">
<getopt mixed="-v, --verbose" />
@@ -133,41 +138,45 @@
<content type="boolean" />
<shortdesc lang="en">Display help and exit</shortdesc>
</parameter>
- <parameter name="power_wait" unique="0" required="0">
- <getopt mixed="--power-wait=[seconds]" />
+ <parameter name="delay" unique="0" required="0">
+ <getopt mixed="--delay=[seconds]" />
<content type="second" default="0" />
- <shortdesc lang="en">Wait X seconds after issuing ON/OFF</shortdesc>
+ <shortdesc lang="en">Wait X seconds before fencing is started</shortdesc>
</parameter>
<parameter name="login_timeout" unique="0" required="0">
<getopt mixed="--login-timeout=[seconds]" />
<content type="second" default="5" />
<shortdesc lang="en">Wait X seconds for cmd prompt after login</shortdesc>
</parameter>
+ <parameter name="port_as_ip" unique="0" required="0">
+ <getopt mixed="--port-as-ip" />
+ <content type="boolean" />
+ <shortdesc lang="en">Make "port/plug" to be an alias to IP address</shortdesc>
+ </parameter>
<parameter name="power_timeout" unique="0" required="0">
<getopt mixed="--power-timeout=[seconds]" />
<content type="second" default="20" />
<shortdesc lang="en">Test X seconds for status change after ON/OFF</shortdesc>
</parameter>
- <parameter name="delay" unique="0" required="0">
- <getopt mixed="--delay=[seconds]" />
+ <parameter name="power_wait" unique="0" required="0">
+ <getopt mixed="--power-wait=[seconds]" />
<content type="second" default="0" />
- <shortdesc lang="en">Wait X seconds before fencing is started</shortdesc>
+ <shortdesc lang="en">Wait X seconds after issuing ON/OFF</shortdesc>
</parameter>
<parameter name="shell_timeout" unique="0" required="0">
<getopt mixed="--shell-timeout=[seconds]" />
<content type="second" default="3" />
<shortdesc lang="en">Wait X seconds for cmd prompt after issuing command</shortdesc>
</parameter>
- <parameter name="port_as_ip" unique="0" required="0">
- <getopt mixed="--port-as-ip" />
- <content type="boolean" />
- <shortdesc lang="en">Make "port/plug" to be an alias to IP address</shortdesc>
- </parameter>
<parameter name="retry_on" unique="0" required="0">
<getopt mixed="--retry-on=[attempts]" />
<content type="integer" default="1" />
<shortdesc lang="en">Count of attempts to retry power on</shortdesc>
</parameter>
+ <parameter name="gnutlscli_path" unique="0" required="0">
+ <getopt mixed="--gnutlscli-path=[path]" />
+ <shortdesc lang="en">Path to gnutls-cli binary</shortdesc>
+ </parameter>
</parameters>
<actions>
<action name="on" automatic="0"/>
@@ -176,6 +185,7 @@
<action name="status" />
<action name="monitor" />
<action name="metadata" />
+ <action name="manpage" />
<action name="validate-all" />
</actions>
</resource-agent>
From 755627fadd711848ea256d72f5e75f36f83b4d31 Mon Sep 17 00:00:00 2001
From: Jose Delarosa <jose.delarosa@dell.com>
Date: Mon, 3 Dec 2018 11:55:23 -0600
Subject: [PATCH 3/8] Added run_delay()
---
agents/redfish/fence_redfish.py | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/agents/redfish/fence_redfish.py b/agents/redfish/fence_redfish.py
index df7cf8c2..0e4a4f68 100644
--- a/agents/redfish/fence_redfish.py
+++ b/agents/redfish/fence_redfish.py
@@ -13,7 +13,7 @@
from requests.packages.urllib3.exceptions import InsecureRequestWarning
from fencing import *
-from fencing import fail_usage
+from fencing import fail_usage, run_delay
def get_power_status(conn, options):
uri = options["--systems-uri"]
@@ -127,6 +127,7 @@ def main():
access to control power on a server."
docs["vendorurl"] = "http://www.dmtf.org"
show_docs(options, docs)
+ run_delay(options)
##
## Operate the fencing device
From 15fef4c47f391a3f03c714d86c9670ea209dec99 Mon Sep 17 00:00:00 2001
From: Jose Delarosa <jose.delarosa@dell.com>
Date: Tue, 4 Dec 2018 10:56:58 -0600
Subject: [PATCH 4/8] Modify power status check
- Only returns off if PowerState = Off
- Otherwise returns on
---
agents/redfish/fence_redfish.py | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/agents/redfish/fence_redfish.py b/agents/redfish/fence_redfish.py
index 0e4a4f68..7998fb1c 100644
--- a/agents/redfish/fence_redfish.py
+++ b/agents/redfish/fence_redfish.py
@@ -21,10 +21,10 @@ def get_power_status(conn, options):
if response['ret'] is False:
fail_usage("Couldn't get power information")
data = response['data']
- if data[u'PowerState'].strip() == "On":
- return "on"
- else:
+ if data[u'PowerState'].strip() == "Off":
return "off"
+ else:
+ return "on"
def set_power_status(conn, options):
action = {
From acf70f4672be65562841227ab0b4cacb87965f44 Mon Sep 17 00:00:00 2001
From: Jose Delarosa <jose.delarosa@dell.com>
Date: Wed, 5 Dec 2018 10:39:32 -0600
Subject: [PATCH 5/8] Changed reboot type to ForceRestart
---
agents/redfish/fence_redfish.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/agents/redfish/fence_redfish.py b/agents/redfish/fence_redfish.py
index 7998fb1c..3fe2bfc0 100644
--- a/agents/redfish/fence_redfish.py
+++ b/agents/redfish/fence_redfish.py
@@ -30,7 +30,7 @@ def set_power_status(conn, options):
action = {
'on' : "On",
'off': "ForceOff",
- 'reboot': "GracefulRestart"
+ 'reboot': "ForceRestart"
}[options["--action"]]
payload = {'ResetType': action}
From 56e3358d45050ac669c099c56873feefa1ecda38 Mon Sep 17 00:00:00 2001
From: Jose Delarosa <jose.delarosa@dell.com>
Date: Wed, 5 Dec 2018 10:54:44 -0600
Subject: [PATCH 6/8] Replaced default port 443 with default ssl enabled option
---
agents/redfish/fence_redfish.py | 2 +-
tests/data/metadata/fence_redfish.xml | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/agents/redfish/fence_redfish.py b/agents/redfish/fence_redfish.py
index 3fe2bfc0..6a2dbb76 100644
--- a/agents/redfish/fence_redfish.py
+++ b/agents/redfish/fence_redfish.py
@@ -117,7 +117,7 @@ def main():
opt = process_input(device_opt)
- all_opt["ipport"]["default"] = "443"
+ all_opt["ssl"]["default"] = "1"
options = check_input(device_opt, opt)
docs = {}
diff --git a/tests/data/metadata/fence_redfish.xml b/tests/data/metadata/fence_redfish.xml
index a39541e6..e1c18584 100644
--- a/tests/data/metadata/fence_redfish.xml
+++ b/tests/data/metadata/fence_redfish.xml
@@ -80,7 +80,7 @@
</parameter>
<parameter name="ssl" unique="0" required="0">
<getopt mixed="-z, --ssl" />
- <content type="boolean" />
+ <content type="boolean" default="1" />
<shortdesc lang="en">Use SSL connection with verifying certificate</shortdesc>
</parameter>
<parameter name="ssl_insecure" unique="0" required="0">
From 5c25a85b22a17d6bbc3dcb47c99b76e3a99a5857 Mon Sep 17 00:00:00 2001
From: Jose Delarosa <jose.delarosa@dell.com>
Date: Wed, 5 Dec 2018 13:29:42 -0600
Subject: [PATCH 7/8] Renamed variable to avoid reusing variable name
---
agents/redfish/fence_redfish.py | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/agents/redfish/fence_redfish.py b/agents/redfish/fence_redfish.py
index 6a2dbb76..1ea25cd8 100644
--- a/agents/redfish/fence_redfish.py
+++ b/agents/redfish/fence_redfish.py
@@ -42,9 +42,9 @@ def set_power_status(conn, options):
if response['ret'] is False:
return {'ret': False}
data = response['data']
- uri = data["Actions"]["#ComputerSystem.Reset"]["target"]
+ action_uri = data["Actions"]["#ComputerSystem.Reset"]["target"]
- response = send_post_request(options, uri, payload, headers)
+ response = send_post_request(options, action_uri, payload, headers)
if response['ret'] is False:
fail_usage("Error sending power command")
return
From 7dce8b1e22d57fec0d34e91a99fab9d8a06f1303 Mon Sep 17 00:00:00 2001
From: Jose Delarosa <jose.delarosa@dell.com>
Date: Thu, 6 Dec 2018 10:33:06 -0600
Subject: [PATCH 8/8] Removed unnecessary variable assignments to simplify code
---
agents/redfish/fence_redfish.py | 12 ++++--------
1 file changed, 4 insertions(+), 8 deletions(-)
diff --git a/agents/redfish/fence_redfish.py b/agents/redfish/fence_redfish.py
index 1ea25cd8..67ef67ab 100644
--- a/agents/redfish/fence_redfish.py
+++ b/agents/redfish/fence_redfish.py
@@ -16,8 +16,7 @@
from fencing import fail_usage, run_delay
def get_power_status(conn, options):
- uri = options["--systems-uri"]
- response = send_get_request(options, uri)
+ response = send_get_request(options, options["--systems-uri"])
if response['ret'] is False:
fail_usage("Couldn't get power information")
data = response['data']
@@ -37,8 +36,7 @@ def set_power_status(conn, options):
headers = {'content-type': 'application/json'}
# Search for 'Actions' key and extract URI from it
- uri = options["--systems-uri"]
- response = send_get_request(options, uri)
+ response = send_get_request(options, options["--systems-uri"])
if response['ret'] is False:
return {'ret': False}
data = response['data']
@@ -70,8 +68,7 @@ def send_post_request(options, uri, payload, headers):
return {'ret': True}
def find_systems_resource(options):
- uri = options["--redfish-uri"]
- response = send_get_request(options, uri)
+ response = send_get_request(options, options["--redfish-uri"])
if response['ret'] is False:
return {'ret': False}
data = response['data']
@@ -80,8 +77,7 @@ def find_systems_resource(options):
# Systems resource not found"
return {'ret': False}
else:
- uri = data["Systems"]["@odata.id"]
- response = send_get_request(options, uri)
+ response = send_get_request(options, data["Systems"]["@odata.id"])
if response['ret'] is False:
return {'ret': False}
data = response['data']

View File

@ -0,0 +1,60 @@
From 7aa3c50d1d02dd26bdeac99c49ada72f842d88e8 Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Thu, 17 Jan 2019 16:52:52 +0100
Subject: [PATCH] fence_redfish: fail when using invalid cert without
--ssl-insecure
---
agents/redfish/fence_redfish.py | 16 ++++++++++------
1 file changed, 10 insertions(+), 6 deletions(-)
diff --git a/agents/redfish/fence_redfish.py b/agents/redfish/fence_redfish.py
index 67ef67ab..5b719d4b 100644
--- a/agents/redfish/fence_redfish.py
+++ b/agents/redfish/fence_redfish.py
@@ -6,6 +6,7 @@
import sys
import re
+import logging
import json
import requests
import atexit
@@ -20,6 +21,9 @@ def get_power_status(conn, options):
if response['ret'] is False:
fail_usage("Couldn't get power information")
data = response['data']
+
+ logging.debug("PowerState is: " + data[u'PowerState'])
+
if data[u'PowerState'].strip() == "Off":
return "off"
else:
@@ -50,21 +54,21 @@ def set_power_status(conn, options):
def send_get_request(options, uri):
full_uri = "https://" + options["--ip"] + uri
try:
- resp = requests.get(full_uri, verify=False,
+ resp = requests.get(full_uri, verify=not "--ssl-insecure" in options,
auth=(options["--username"], options["--password"]))
data = resp.json()
- except:
- return {'ret': False}
+ except Exception as e:
+ fail_usage("Failed: send_get_request: " + str(e))
return {'ret': True, 'data': data}
def send_post_request(options, uri, payload, headers):
full_uri = "https://" + options["--ip"] + uri
try:
requests.post(full_uri, data=json.dumps(payload),
- headers=headers, verify=False,
+ headers=headers, verify=not "--ssl-insecure" in options,
auth=(options["--username"], options["--password"]))
- except:
- return {'ret': False}
+ except Exception as e:
+ fail_usage("Failed: send_post_request: " + str(e))
return {'ret': True}
def find_systems_resource(options):

View File

@ -0,0 +1,43 @@
From 9ebd2e2e36ae0de5c9164f4ac3fd29bdac0cab61 Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Thu, 14 Feb 2019 10:03:33 +0100
Subject: [PATCH] fence_redfish: use "ipport" parameter and improve logging
---
agents/redfish/fence_redfish.py | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/agents/redfish/fence_redfish.py b/agents/redfish/fence_redfish.py
index 5b719d4b..28840058 100644
--- a/agents/redfish/fence_redfish.py
+++ b/agents/redfish/fence_redfish.py
@@ -22,7 +22,10 @@ def get_power_status(conn, options):
fail_usage("Couldn't get power information")
data = response['data']
- logging.debug("PowerState is: " + data[u'PowerState'])
+ try:
+ logging.debug("PowerState is: " + data[u'PowerState'])
+ except Exception:
+ fail_usage("Unable to get PowerState: " + "https://" + options["--ip"] + ":" + str(options["--ipport"]) + options["--systems-uri"])
if data[u'PowerState'].strip() == "Off":
return "off"
@@ -52,7 +55,7 @@ def set_power_status(conn, options):
return
def send_get_request(options, uri):
- full_uri = "https://" + options["--ip"] + uri
+ full_uri = "https://" + options["--ip"] + ":" + str(options["--ipport"]) + uri
try:
resp = requests.get(full_uri, verify=not "--ssl-insecure" in options,
auth=(options["--username"], options["--password"]))
@@ -62,7 +65,7 @@ def send_get_request(options, uri):
return {'ret': True, 'data': data}
def send_post_request(options, uri, payload, headers):
- full_uri = "https://" + options["--ip"] + uri
+ full_uri = "https://" + options["--ip"] + ":" + str(options["--ipport"]) + uri
try:
requests.post(full_uri, data=json.dumps(payload),
headers=headers, verify=not "--ssl-insecure" in options,

View File

@ -0,0 +1,24 @@
From 21898e45ca2624546de99086a27a14dd1ff86a2b Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Thu, 21 Feb 2019 09:08:03 +0100
Subject: [PATCH] fence_redfish: backwards compatibility for <ip>:<port>
---
agents/redfish/fence_redfish.py | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/agents/redfish/fence_redfish.py b/agents/redfish/fence_redfish.py
index 28840058..f1424232 100644
--- a/agents/redfish/fence_redfish.py
+++ b/agents/redfish/fence_redfish.py
@@ -140,6 +140,10 @@ def main():
if "--ssl-insecure" in opt:
requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
+ # backwards compatibility for <ip>:<port>
+ if options["--ip"].count(":") == 1:
+ (options["--ip"], options["--ipport"]) = options["--ip"].split(":")
+
if "--systems-uri" not in opt:
# Systems URI not provided, find it
sysresult = find_systems_resource(options)

View File

@ -0,0 +1,73 @@
diff --color -uNr a/agents/gce/fence_gce.py b/agents/gce/fence_gce.py
--- a/agents/gce/fence_gce.py 2021-06-11 14:28:37.751959830 +0200
+++ b/agents/gce/fence_gce.py 2021-06-11 14:54:03.638926494 +0200
@@ -15,9 +15,15 @@
import urllib2 as urlrequest
sys.path.append("@FENCEAGENTSLIBDIR@")
-import googleapiclient.discovery
from fencing import fail_usage, run_delay, all_opt, atexit_handler, check_input, process_input, show_docs, fence_action
-
+try:
+ import googleapiclient.discovery
+ try:
+ from google.oauth2.credentials import Credentials as GoogleCredentials
+ except:
+ from oauth2client.client import GoogleCredentials
+except:
+ pass
METADATA_SERVER = 'http://metadata.google.internal/computeMetadata/v1/'
METADATA_HEADERS = {'Metadata-Flavor': 'Google'}
@@ -175,12 +181,21 @@
"required" : "0",
"order" : 4
}
+ all_opt["serviceaccount"] = {
+ "getopt" : ":",
+ "longopt" : "serviceaccount",
+ "help" : "--serviceaccount=[filename] Service account json file location e.g. serviceaccount=/somedir/service_account.json",
+ "shortdesc" : "Service Account to use for authentication to the google cloud APIs.",
+ "required" : "0",
+ "order" : 9
+ }
def main():
conn = None
- device_opt = ["port", "no_password", "zone", "project", "stackdriver-logging", "method"]
+ device_opt = ["port", "no_password", "zone", "project", "stackdriver-logging",
+ "method", "serviceaccount"]
atexit.register(atexit_handler)
@@ -226,10 +241,24 @@
# Prepare cli
try:
- credentials = None
- if tuple(googleapiclient.__version__) < tuple("1.6.0"):
- import oauth2client.client
- credentials = oauth2client.client.GoogleCredentials.get_application_default()
+ serviceaccount = options.get("--serviceaccount")
+ if serviceaccount:
+ scope = ['https://www.googleapis.com/auth/cloud-platform']
+ logging.debug("using credentials from service account")
+ try:
+ from google.oauth2.service_account import Credentials as ServiceAccountCredentials
+ credentials = ServiceAccountCredentials.from_service_account_file(filename=serviceaccount, scopes=scope)
+ except ImportError:
+ from oauth2client.service_account import ServiceAccountCredentials
+ credentials = ServiceAccountCredentials.from_json_keyfile_name(serviceaccount, scope)
+ else:
+ try:
+ from googleapiclient import _auth
+ credentials = _auth.default_credentials();
+ except:
+ credentials = GoogleCredentials.get_application_default()
+ logging.debug("using application default credentials")
+
conn = googleapiclient.discovery.build('compute', 'v1', credentials=credentials)
except Exception as err:
fail_usage("Failed: Create GCE compute v1 connection: {}".format(str(err)))

View File

@ -0,0 +1,22 @@
From 64ac6207152508392690b7c1dfcac3fe0a76adfd Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Fri, 5 Apr 2019 09:48:52 +0200
Subject: [PATCH] fence_gce: fix Python 3 encoding issue
---
agents/gce/fence_gce.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/agents/gce/fence_gce.py b/agents/gce/fence_gce.py
index 93cd11801..b171710d9 100644
--- a/agents/gce/fence_gce.py
+++ b/agents/gce/fence_gce.py
@@ -146,7 +146,7 @@ def get_metadata(metadata_key, params=None, timeout=None):
url = '%s?%s' % (metadata_url, params)
request = urlrequest.Request(url, headers=METADATA_HEADERS)
request_opener = urlrequest.build_opener(urlrequest.ProxyHandler({}))
- return request_opener.open(request, timeout=timeout * 1.1).read()
+ return request_opener.open(request, timeout=timeout * 1.1).read().decode("utf-8")
def define_new_opts():

View File

@ -0,0 +1,48 @@
From 1b3e548fcc0bd427dade178fa260567047ff3a0e Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Mon, 6 May 2019 13:24:18 +0200
Subject: [PATCH] fence_azure_arm: use skip_shutdown feature when available
The "skip_shutdown" parameter is ignored in older Azure SDK, so there's
no need for a fallback option.
---
agents/azure_arm/fence_azure_arm.py | 6 +++---
tests/data/metadata/fence_azure_arm.xml | 2 +-
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/agents/azure_arm/fence_azure_arm.py b/agents/azure_arm/fence_azure_arm.py
index 58b9eeb13..be0d40345 100755
--- a/agents/azure_arm/fence_azure_arm.py
+++ b/agents/azure_arm/fence_azure_arm.py
@@ -114,8 +114,8 @@ def set_power_status(clients, options):
azure_fence.set_network_state(compute_client, network_client, rgName, vmName, "unblock")
if (options["--action"]=="off"):
- logging.info("Deallocating " + vmName + " in resource group " + rgName)
- compute_client.virtual_machines.deallocate(rgName, vmName)
+ logging.info("Poweroff " + vmName + " in resource group " + rgName)
+ compute_client.virtual_machines.power_off(rgName, vmName, skip_shutdown=True)
elif (options["--action"]=="on"):
logging.info("Starting " + vmName + " in resource group " + rgName)
compute_client.virtual_machines.start(rgName, vmName)
@@ -199,7 +199,7 @@ def main():
docs = {}
docs["shortdesc"] = "Fence agent for Azure Resource Manager"
- docs["longdesc"] = "Used to deallocate virtual machines and to report power state of virtual machines running in Azure. It uses Azure SDK for Python to connect to Azure.\
+ docs["longdesc"] = "fence_azure_arm is an I/O Fencing agent for Azure Resource Manager. It uses Azure SDK for Python to connect to Azure.\
\n.P\n\
For instructions to setup credentials see: https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal\
\n.P\n\
diff --git a/tests/data/metadata/fence_azure_arm.xml b/tests/data/metadata/fence_azure_arm.xml
index 1c0b6cc6b..97ecfdba4 100644
--- a/tests/data/metadata/fence_azure_arm.xml
+++ b/tests/data/metadata/fence_azure_arm.xml
@@ -1,6 +1,6 @@
<?xml version="1.0" ?>
<resource-agent name="fence_azure_arm" shortdesc="Fence agent for Azure Resource Manager" >
-<longdesc>Used to deallocate virtual machines and to report power state of virtual machines running in Azure. It uses Azure SDK for Python to connect to Azure.
+<longdesc>fence_azure_arm is an I/O Fencing agent for Azure Resource Manager. It uses Azure SDK for Python to connect to Azure.
For instructions to setup credentials see: https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal

View File

@ -0,0 +1,65 @@
From 75a74debba2205547d8eefae221221c2c71d99ce Mon Sep 17 00:00:00 2001
From: Jose Delarosa <jose.delarosa@dell.com>
Date: Mon, 15 Apr 2019 12:46:42 -0500
Subject: [PATCH] fence_redfish: add headers to HTTP methods
* Needed for full compliance with Redfish spec.
* May cause errors in some devices if not sent.
---
agents/redfish/fence_redfish.py | 13 +++++++++----
1 file changed, 9 insertions(+), 4 deletions(-)
diff --git a/agents/redfish/fence_redfish.py b/agents/redfish/fence_redfish.py
index f1424232..390a4827 100644
--- a/agents/redfish/fence_redfish.py
+++ b/agents/redfish/fence_redfish.py
@@ -16,6 +16,11 @@
from fencing import *
from fencing import fail_usage, run_delay
+GET_HEADERS = {'accept': 'application/json', 'OData-Version': '4.0'}
+POST_HEADERS = {'content-type': 'application/json', 'accept': 'application/json',
+ 'OData-Version': '4.0'}
+
+
def get_power_status(conn, options):
response = send_get_request(options, options["--systems-uri"])
if response['ret'] is False:
@@ -40,7 +45,6 @@ def set_power_status(conn, options):
}[options["--action"]]
payload = {'ResetType': action}
- headers = {'content-type': 'application/json'}
# Search for 'Actions' key and extract URI from it
response = send_get_request(options, options["--systems-uri"])
@@ -49,7 +53,7 @@ def set_power_status(conn, options):
data = response['data']
action_uri = data["Actions"]["#ComputerSystem.Reset"]["target"]
- response = send_post_request(options, action_uri, payload, headers)
+ response = send_post_request(options, action_uri, payload)
if response['ret'] is False:
fail_usage("Error sending power command")
return
@@ -58,17 +62,18 @@ def send_get_request(options, uri):
full_uri = "https://" + options["--ip"] + ":" + str(options["--ipport"]) + uri
try:
resp = requests.get(full_uri, verify=not "--ssl-insecure" in options,
+ headers=GET_HEADERS,
auth=(options["--username"], options["--password"]))
data = resp.json()
except Exception as e:
fail_usage("Failed: send_get_request: " + str(e))
return {'ret': True, 'data': data}
-def send_post_request(options, uri, payload, headers):
+def send_post_request(options, uri, payload):
full_uri = "https://" + options["--ip"] + ":" + str(options["--ipport"]) + uri
try:
requests.post(full_uri, data=json.dumps(payload),
- headers=headers, verify=not "--ssl-insecure" in options,
+ headers=POST_HEADERS, verify=not "--ssl-insecure" in options,
auth=(options["--username"], options["--password"]))
except Exception as e:
fail_usage("Failed: send_post_request: " + str(e))

View File

@ -0,0 +1,164 @@
From a4e8b77ac51a0e4a6de489823ee1be47cbc7eb18 Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Thu, 9 May 2019 12:09:48 +0200
Subject: [PATCH] fence_rhevm: add RHEV v4 API support and auto-detection
---
agents/rhevm/fence_rhevm.py | 44 +++++++++++++++++++++++------
tests/data/metadata/fence_rhevm.xml | 7 ++++-
2 files changed, 41 insertions(+), 10 deletions(-)
diff --git a/agents/rhevm/fence_rhevm.py b/agents/rhevm/fence_rhevm.py
index a1cdaf605..6012c4239 100644
--- a/agents/rhevm/fence_rhevm.py
+++ b/agents/rhevm/fence_rhevm.py
@@ -9,7 +9,8 @@
from fencing import fail, EC_FETCH_VM_UUID, run_delay
RE_GET_ID = re.compile("<vm( .*)? id=\"(.*?)\"", re.IGNORECASE)
-RE_STATUS = re.compile("<state>(.*?)</state>", re.IGNORECASE)
+RE_STATUS = re.compile("<status>(.*?)</status>", re.IGNORECASE)
+RE_STATE = re.compile("<state>(.*?)</state>", re.IGNORECASE)
RE_GET_NAME = re.compile("<name>(.*?)</name>", re.IGNORECASE)
def get_power_status(conn, options):
@@ -25,7 +26,10 @@ def get_power_status(conn, options):
options["id"] = result.group(2)
- result = RE_STATUS.search(res)
+ if tuple(map(int, options["--api-version"].split(".")))[0] > 3:
+ result = RE_STATUS.search(res)
+ else:
+ result = RE_STATE.search(res)
if result == None:
# We were able to parse ID so output is correct
# in some cases it is possible that RHEV-M output does not
@@ -59,7 +63,10 @@ def get_list(conn, options):
lines = res.split("<vm ")
for i in range(1, len(lines)):
name = RE_GET_NAME.search(lines[i]).group(1)
- status = RE_STATUS.search(lines[i]).group(1)
+ if tuple(map(int, options["--api-version"].split(".")))[0] > 3:
+ status = RE_STATUS.search(lines[i]).group(1)
+ else:
+ status = RE_STATE.search(lines[i]).group(1)
outlets[name] = ("", status)
except AttributeError:
return {}
@@ -69,6 +76,13 @@ def get_list(conn, options):
return outlets
def send_command(opt, command, method="GET"):
+ if opt["--api-version"] == "auto":
+ opt["--api-version"] = "4"
+ res = send_command(opt, "")
+ if re.search("<title>Error</title>", res):
+ opt["--api-version"] = "3"
+ logging.debug("auto-detected API version: " + opt["--api-version"])
+
## setup correct URL
if "--ssl" in opt or "--ssl-secure" in opt or "--ssl-insecure" in opt:
url = "https:"
@@ -90,7 +104,7 @@ def send_command(opt, command, method="GET"):
web_buffer = io.BytesIO()
conn.setopt(pycurl.URL, url.encode("UTF-8"))
conn.setopt(pycurl.HTTPHEADER, [
- "Version: 3",
+ "Version: {}".format(opt["--api-version"]),
"Content-type: application/xml",
"Accept: application/xml",
"Prefer: persistent-auth",
@@ -130,8 +144,9 @@ def send_command(opt, command, method="GET"):
result = web_buffer.getvalue().decode("UTF-8")
- logging.debug("%s\n", command)
- logging.debug("%s\n", result)
+ logging.debug("url: %s\n", url)
+ logging.debug("command: %s\n", command)
+ logging.debug("result: %s\n", result)
return result
@@ -151,6 +166,15 @@ def define_new_opts():
"required" : "0",
"shortdesc" : "Reuse cookies for authentication",
"order" : 1}
+ all_opt["api_version"] = {
+ "getopt" : ":",
+ "longopt" : "api-version",
+ "help" : "--api-version "
+ "Version of RHEV API (default: auto)",
+ "required" : "0",
+ "order" : 2,
+ "default" : "auto",
+ }
all_opt["api_path"] = {
"getopt" : ":",
"longopt" : "api-path",
@@ -158,20 +182,19 @@ def define_new_opts():
"default" : "/ovirt-engine/api",
"required" : "0",
"shortdesc" : "The path part of the API URL",
- "order" : 2}
+ "order" : 3}
all_opt["disable_http_filter"] = {
"getopt" : "",
"longopt" : "disable-http-filter",
"help" : "--disable-http-filter Set HTTP Filter header to false",
"required" : "0",
"shortdesc" : "Set HTTP Filter header to false",
- "order" : 3}
+ "order" : 4}
def main():
device_opt = [
"ipaddr",
- "api_path",
"login",
"passwd",
"ssl",
@@ -179,6 +202,8 @@ def main():
"web",
"port",
"use_cookies",
+ "api_version",
+ "api_path",
"disable_http_filter",
]
@@ -186,6 +211,7 @@ def main():
define_new_opts()
all_opt["power_wait"]["default"] = "1"
+ all_opt["shell_timeout"]["default"] = "5"
options = check_input(device_opt, process_input(device_opt))
diff --git a/tests/data/metadata/fence_rhevm.xml b/tests/data/metadata/fence_rhevm.xml
index 6344db79f..c56cf64b6 100644
--- a/tests/data/metadata/fence_rhevm.xml
+++ b/tests/data/metadata/fence_rhevm.xml
@@ -98,6 +98,11 @@
<content type="string" />
<shortdesc lang="en">Login name</shortdesc>
</parameter>
+ <parameter name="api_version" unique="0" required="0">
+ <getopt mixed="--api-version" />
+ <content type="string" default="auto" />
+ <shortdesc lang="en">Version of RHEV API (default: auto)</shortdesc>
+ </parameter>
<parameter name="api_path" unique="0" required="0">
<getopt mixed="--api-path=[path]" />
<shortdesc lang="en">The path part of the API URL</shortdesc>
@@ -164,7 +169,7 @@
</parameter>
<parameter name="shell_timeout" unique="0" required="0">
<getopt mixed="--shell-timeout=[seconds]" />
- <content type="second" default="3" />
+ <content type="second" default="5" />
<shortdesc lang="en">Wait X seconds for cmd prompt after issuing command</shortdesc>
</parameter>
<parameter name="retry_on" unique="0" required="0">

View File

@ -0,0 +1,21 @@
From e5c6c2e134fd397ffe3319adc7afb8b633a251b2 Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Tue, 14 May 2019 16:44:59 +0200
Subject: [PATCH] fence_mpath: import ctypes to fix watchdog hardreboot
---
agents/mpath/fence_mpath.py | 1 +
1 file changed, 1 insertion(+)
diff --git a/agents/mpath/fence_mpath.py b/agents/mpath/fence_mpath.py
index d9ac2ef54..e4f598361 100644
--- a/agents/mpath/fence_mpath.py
+++ b/agents/mpath/fence_mpath.py
@@ -6,6 +6,7 @@
import os
import logging
import atexit
+import ctypes
sys.path.append("@FENCEAGENTSLIBDIR@")
from fencing import fail_usage, run_command, atexit_handler, check_input, process_input, show_docs
from fencing import fence_action, all_opt, run_delay

View File

@ -0,0 +1,32 @@
From a77165d7c8caadf514462d359c6d564048c2c33a Mon Sep 17 00:00:00 2001
From: Sandro <42254081+Numblesix@users.noreply.github.com>
Date: Tue, 29 Jan 2019 13:29:52 +0100
Subject: [PATCH] Changed Encoding to UTF-8
Starting from RHV/Ovirt 4.2 we saw issues with the agent(unable to fence) after switching to UTF-8 all worked again.
---
agents/rhevm/fence_rhevm.py | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/agents/rhevm/fence_rhevm.py b/agents/rhevm/fence_rhevm.py
index 2a5107cc6..a1cdaf605 100644
--- a/agents/rhevm/fence_rhevm.py
+++ b/agents/rhevm/fence_rhevm.py
@@ -88,7 +88,7 @@ def send_command(opt, command, method="GET"):
## send command through pycurl
conn = pycurl.Curl()
web_buffer = io.BytesIO()
- conn.setopt(pycurl.URL, url.encode("ascii"))
+ conn.setopt(pycurl.URL, url.encode("UTF-8"))
conn.setopt(pycurl.HTTPHEADER, [
"Version: 3",
"Content-type: application/xml",
@@ -128,7 +128,7 @@ def send_command(opt, command, method="GET"):
opt["cookie"] = cookie
- result = web_buffer.getvalue().decode()
+ result = web_buffer.getvalue().decode("UTF-8")
logging.debug("%s\n", command)
logging.debug("%s\n", result)

View File

@ -0,0 +1,31 @@
From 965924fe8bf7dcd0bc15fb0e9265ab49bb8a5dd8 Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Mon, 20 May 2019 15:49:39 +0200
Subject: [PATCH] fence_rhevm: fix debug encoding issues
Tested with UTF-8 encoded comment in result, which caused this issue,
and added to command and url in case they are in UTF-8 decoded state.
---
agents/rhevm/fence_rhevm.py | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/agents/rhevm/fence_rhevm.py b/agents/rhevm/fence_rhevm.py
index 6012c423..9e4650cd 100644
--- a/agents/rhevm/fence_rhevm.py
+++ b/agents/rhevm/fence_rhevm.py
@@ -144,9 +144,9 @@ def send_command(opt, command, method="GET"):
result = web_buffer.getvalue().decode("UTF-8")
- logging.debug("url: %s\n", url)
- logging.debug("command: %s\n", command)
- logging.debug("result: %s\n", result)
+ logging.debug("url: %s\n", url.encode("UTF-8"))
+ logging.debug("command: %s\n", command.encode("UTF-8"))
+ logging.debug("result: %s\n", result.encode("UTF-8"))
return result
--
2.21.0

View File

@ -0,0 +1,30 @@
From 1c4a64ca803831b44c96c75022abe5bb8713cd1a Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Wed, 22 May 2019 10:13:34 +0200
Subject: [PATCH] fence_scsi: detect node ID using new format, and fallback to
old format before failing
---
agents/scsi/fence_scsi.py | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/agents/scsi/fence_scsi.py b/agents/scsi/fence_scsi.py
index 8a1e4c77..5580e08b 100644
--- a/agents/scsi/fence_scsi.py
+++ b/agents/scsi/fence_scsi.py
@@ -192,8 +192,14 @@ def get_cluster_id(options):
def get_node_id(options):
cmd = options["--corosync-cmap-path"] + " nodelist"
+ out = run_cmd(options, cmd)["out"]
+
+ match = re.search(r".(\d+).name \(str\) = " + options["--plug"] + "\n", out)
+
+ # try old format before failing
+ if not match:
+ match = re.search(r".(\d+).ring._addr \(str\) = " + options["--plug"] + "\n", out)
- match = re.search(r".(\d+).ring._addr \(str\) = " + options["--plug"] + "\n", run_cmd(options, cmd)["out"])
return match.group(1) if match else fail_usage("Failed: unable to parse output of corosync-cmapctl or node does not exist")

View File

@ -0,0 +1,42 @@
From 418b3a36c8a7de0e984a0cd4707f2b90f279c4ce Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Thu, 13 Jun 2019 11:29:25 +0200
Subject: [PATCH] fence_scsi watchdog: dont exit when command fails using retry
parameter
---
lib/fencing.py.py | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/lib/fencing.py.py b/lib/fencing.py.py
index 8cd0a813..6f2526a9 100644
--- a/lib/fencing.py.py
+++ b/lib/fencing.py.py
@@ -530,7 +530,7 @@ def fail_usage(message="", stop=True):
logging.error("Please use '-h' for usage\n")
sys.exit(EC_GENERIC_ERROR)
-def fail(error_code):
+def fail(error_code, stop=True):
message = {
EC_LOGIN_DENIED : "Unable to connect/login to fencing device",
EC_CONNECTION_LOST : "Connection lost",
@@ -546,7 +546,8 @@ def fail(error_code):
}[error_code] + "\n"
logging.error("%s\n", message)
- sys.exit(EC_GENERIC_ERROR)
+ if stop:
+ sys.exit(EC_GENERIC_ERROR)
def usage(avail_opt):
print("Usage:")
@@ -1009,7 +1010,7 @@ def run_command(options, command, timeout=None, env=None, log_command=None):
thread.join(timeout)
if thread.is_alive():
process.kill()
- fail(EC_TIMED_OUT)
+ fail(EC_TIMED_OUT, stop=(int(options.get("retry", 0)) < 1))
status = process.wait()

View File

@ -0,0 +1,152 @@
From 31548d184c977521dad5e6320c7a74ed732c19bb Mon Sep 17 00:00:00 2001
From: dongchen126 <51401223+dongchen126@users.noreply.github.com>
Date: Thu, 11 Jul 2019 14:05:58 +0800
Subject: [PATCH 1/4] Update fence_aliyun.py
1.Import region provider to enable Alibaba cloud private zone functionality which support API endpoint access from intranet
2.Add ram role functionality to improve security which disable AccessKey ID and Access Key Secret
---
agents/aliyun/fence_aliyun.py | 28 +++++++++++++++++++++-------
1 file changed, 21 insertions(+), 7 deletions(-)
diff --git a/agents/aliyun/fence_aliyun.py b/agents/aliyun/fence_aliyun.py
index d780e2ab..aea1ea8f 100644
--- a/agents/aliyun/fence_aliyun.py
+++ b/agents/aliyun/fence_aliyun.py
@@ -15,6 +15,7 @@
from aliyunsdkecs.request.v20140526.StartInstanceRequest import StartInstanceRequest
from aliyunsdkecs.request.v20140526.StopInstanceRequest import StopInstanceRequest
from aliyunsdkecs.request.v20140526.RebootInstanceRequest import RebootInstanceRequest
+ from aliyunsdkcore.profile import region_provider
except ImportError:
pass
@@ -121,12 +122,20 @@ def define_new_opts():
"required" : "0",
"order" : 4
}
+ all_opt["ram_role"] = {
+ "getopt": "m:",
+ "longopt": "ram-role",
+ "help": "-m, --ram-role=[name] Ram Role",
+ "shortdesc": "Ram Role.",
+ "required": "0",
+ "order": 5
+ }
# Main agent method
def main():
conn = None
- device_opt = ["port", "no_password", "region", "access_key", "secret_key"]
+ device_opt = ["port", "no_password", "region", "access_key", "secret_key", "ram_role"]
atexit.register(atexit_handler)
@@ -144,13 +153,18 @@ def main():
run_delay(options)
- if "--region" in options and "--access-key" in options and "--secret-key" in options:
+ if "--region" in options:
region = options["--region"]
- access_key = options["--access-key"]
- secret_key = options["--secret-key"]
- conn = client.AcsClient(access_key, secret_key, region)
-
-
+ if "--access-key" in options and "--secret-key" in options:
+ access_key = options["--access-key"]
+ secret_key = options["--secret-key"]
+ conn = client.AcsClient(access_key, secret_key, region)
+ elif "--ram-role" in options:
+ ram_role = options["--ram-role"]
+ role = EcsRamRoleCredential(ram_role)
+ conn = client.AcsClient(region_id=region, credential=role)
+ region_provider.modify_point('Ecs', region, 'ecs.%s.aliyuncs.com' % region)
+
# Operate the fencing device
result = fence_action(conn, options, set_power_status, get_power_status, get_nodes_list)
sys.exit(result)
From 285d29d398bbf8f87da7acfde3f89f83b32fa586 Mon Sep 17 00:00:00 2001
From: chen dong <51401223+dongchen126@users.noreply.github.com>
Date: Thu, 11 Jul 2019 15:30:10 +0800
Subject: [PATCH 2/4] Update fence_aliyun.xml
Add ram role for security
Add region provider for private zone functionality
---
tests/data/metadata/fence_aliyun.xml | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/tests/data/metadata/fence_aliyun.xml b/tests/data/metadata/fence_aliyun.xml
index b41d82bf..eecd6f4e 100644
--- a/tests/data/metadata/fence_aliyun.xml
+++ b/tests/data/metadata/fence_aliyun.xml
@@ -33,6 +33,11 @@
<content type="string" />
<shortdesc lang="en">Secret Key.</shortdesc>
</parameter>
+ <parameter name="ram_role" unique="0" required="0">
+ <getopt mixed="-m, --ram-role=[name]" />
+ <content type="string" />
+ <shortdesc lang="en">Ram Role.</shortdesc>
+ </parameter>
<parameter name="quiet" unique="0" required="0">
<getopt mixed="-q, --quiet" />
<content type="boolean" />
From d4de57fdb94eeee483988584086c5690c8967f76 Mon Sep 17 00:00:00 2001
From: chen dong <51401223+dongchen126@users.noreply.github.com>
Date: Wed, 24 Jul 2019 17:23:48 +0800
Subject: [PATCH 3/4] Update fence_aliyun.py
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
delet paramater “m”
---
agents/aliyun/fence_aliyun.py | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/agents/aliyun/fence_aliyun.py b/agents/aliyun/fence_aliyun.py
index aea1ea8f..3bc825fe 100644
--- a/agents/aliyun/fence_aliyun.py
+++ b/agents/aliyun/fence_aliyun.py
@@ -123,9 +123,9 @@ def define_new_opts():
"order" : 4
}
all_opt["ram_role"] = {
- "getopt": "m:",
+ "getopt": ":",
"longopt": "ram-role",
- "help": "-m, --ram-role=[name] Ram Role",
+ "help": "--ram-role=[name] Ram Role",
"shortdesc": "Ram Role.",
"required": "0",
"order": 5
From 367c17ef4f44b6cce2d10f0a220b55b02d0d631e Mon Sep 17 00:00:00 2001
From: chen dong <51401223+dongchen126@users.noreply.github.com>
Date: Wed, 24 Jul 2019 17:25:39 +0800
Subject: [PATCH 4/4] Update fence_aliyun.xml
delete "m" parameter
---
tests/data/metadata/fence_aliyun.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tests/data/metadata/fence_aliyun.xml b/tests/data/metadata/fence_aliyun.xml
index eecd6f4e..2de3a8aa 100644
--- a/tests/data/metadata/fence_aliyun.xml
+++ b/tests/data/metadata/fence_aliyun.xml
@@ -34,7 +34,7 @@
<shortdesc lang="en">Secret Key.</shortdesc>
</parameter>
<parameter name="ram_role" unique="0" required="0">
- <getopt mixed="-m, --ram-role=[name]" />
+ <getopt mixed="--ram-role=[name]" />
<content type="string" />
<shortdesc lang="en">Ram Role.</shortdesc>
</parameter>

View File

@ -0,0 +1,39 @@
From b5f1bd2a257ce868b6845d77abdfc741c19d4d3e Mon Sep 17 00:00:00 2001
From: chen dong <51401223+dongchen126@users.noreply.github.com>
Date: Thu, 11 Jul 2019 15:30:10 +0800
Subject: [PATCH] Update fence_aliyun.xml
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Add ram role for security
Add region provider for private zone functionality
Update fence_aliyun.py
delet paramater “m”
Update fence_aliyun.xml
delete "m" parameter
Update fence_aliyun.py
add "EcsRamRoleCredential" class from aliyun SDK
---
agents/aliyun/fence_aliyun.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/agents/aliyun/fence_aliyun.py b/agents/aliyun/fence_aliyun.py
index 3bc825fe..aa0b741d 100644
--- a/agents/aliyun/fence_aliyun.py
+++ b/agents/aliyun/fence_aliyun.py
@@ -10,7 +10,7 @@
try:
from aliyunsdkcore import client
-
+ from aliyunsdkcore.auth.credentials import EcsRamRoleCredential
from aliyunsdkecs.request.v20140526.DescribeInstancesRequest import DescribeInstancesRequest
from aliyunsdkecs.request.v20140526.StartInstanceRequest import StartInstanceRequest
from aliyunsdkecs.request.v20140526.StopInstanceRequest import StopInstanceRequest

View File

@ -0,0 +1,23 @@
From 33a638ff624839d7fa2d409479c348abee57763e Mon Sep 17 00:00:00 2001
From: dwannamaker-onr <dwannamaker@onr.com>
Date: Tue, 25 Jun 2019 15:28:00 -0400
Subject: [PATCH] Fixed issue with SUSPENDED VMs
If any VMs in the vCenter are suspended, you get a KeyError because that state is not expected. This breaks list and monitor actions.
---
agents/vmware_rest/fence_vmware_rest.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/agents/vmware_rest/fence_vmware_rest.py b/agents/vmware_rest/fence_vmware_rest.py
index b544d385..53b4066d 100644
--- a/agents/vmware_rest/fence_vmware_rest.py
+++ b/agents/vmware_rest/fence_vmware_rest.py
@@ -8,7 +8,7 @@
from fencing import *
from fencing import fail, run_delay, EC_LOGIN_DENIED, EC_STATUS
-state = {"POWERED_ON": "on", 'POWERED_OFF': "off"}
+state = {"POWERED_ON": "on", 'POWERED_OFF': "off", 'SUSPENDED': "off"}
def get_power_status(conn, options):
res = send_command(conn, "vcenter/vm?filter.names={}".format(options["--plug"]))["value"]

View File

@ -0,0 +1,25 @@
From 7c1348d53aa8080f2fcfc344a2f4a2372739a62c Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Tue, 6 Aug 2019 13:06:13 +0200
Subject: [PATCH] fence_ilo_ssh*: add timeout warning in metadata/manpage
---
agents/ilo_ssh/fence_ilo_ssh.py | 5 ++++-
5 files changed, 16 insertions(+), 5 deletions(-)
diff --git a/agents/ilo_ssh/fence_ilo_ssh.py b/agents/ilo_ssh/fence_ilo_ssh.py
index 88f13d17..a27e3418 100644
--- a/agents/ilo_ssh/fence_ilo_ssh.py
+++ b/agents/ilo_ssh/fence_ilo_ssh.py
@@ -51,7 +51,10 @@ def main():
docs = {}
docs["shortdesc"] = "Fence agent for HP iLO over SSH"
docs["longdesc"] = "fence_ilo_ssh is a fence agent that connects to iLO device. It logs into \
-device via ssh and reboot a specified outlet. "
+device via ssh and reboot a specified outlet.\
+\n.P\n\
+WARNING: The monitor-action is prone to timeouts. Use the fence_ilo-equivalent \
+to avoid this issue."
docs["vendorurl"] = "http://www.hp.com"
docs["symlink"] = [("fence_ilo3_ssh", "Fence agent for HP iLO3 over SSH"),
("fence_ilo4_ssh", "Fence agent for HP iLO4 over SSH"),

View File

@ -0,0 +1,43 @@
From 2735a4ee096f87fda2e94029db7f059d7be28464 Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Thu, 5 Sep 2019 10:28:18 +0200
Subject: [PATCH] fence_zvmip: fix Python 3 issues
---
agents/zvm/fence_zvmip.py | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/agents/zvm/fence_zvmip.py b/agents/zvm/fence_zvmip.py
index 5fbe53e4..e6bb01d1 100644
--- a/agents/zvm/fence_zvmip.py
+++ b/agents/zvm/fence_zvmip.py
@@ -37,7 +37,7 @@ def open_socket(options):
return conn
def smapi_pack_string(string):
- return struct.pack("!i%ds" % (len(string)), len(string), string)
+ return struct.pack("!i%ds" % (len(string)), len(string), string.encode("UTF-8"))
def prepare_smapi_command(options, smapi_function, additional_args):
packet_size = 3*INT4 + len(smapi_function) + len(options["--username"]) + len(options["--password"])
@@ -126,7 +126,7 @@ def get_list_of_images(options, command, data_as_plug):
data = ""
while True:
- read_data = conn.recv(1024, socket.MSG_WAITALL)
+ read_data = conn.recv(1024, socket.MSG_WAITALL).decode("UTF-8")
data += read_data
if array_len == len(data):
break
@@ -136,9 +136,9 @@ def get_list_of_images(options, command, data_as_plug):
parsed_len = 0
while parsed_len < array_len:
- string_len = struct.unpack("!i", data[parsed_len:parsed_len+INT4])[0]
+ string_len = struct.unpack("!i", data[parsed_len:parsed_len+INT4].encode("UTF-8"))[0]
parsed_len += INT4
- image_name = struct.unpack("!%ds" % (string_len), data[parsed_len:parsed_len+string_len])[0]
+ image_name = struct.unpack("!%ds" % (string_len), data[parsed_len:parsed_len+string_len].encode("UTF-8"))[0].decode("UTF-8")
parsed_len += string_len
images.add(image_name)

View File

@ -0,0 +1,79 @@
From f1f8fe7791d0bf439f7caf1365c371153f9819ff Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Thu, 14 May 2020 15:41:52 +0200
Subject: [PATCH] fence_scsi: add readonly parameter
---
agents/scsi/fence_scsi.py | 21 ++++++++++++++++++---
tests/data/metadata/fence_scsi.xml | 5 +++++
2 files changed, 23 insertions(+), 3 deletions(-)
diff --git a/agents/scsi/fence_scsi.py b/agents/scsi/fence_scsi.py
index 9b6af556..77817f35 100644
--- a/agents/scsi/fence_scsi.py
+++ b/agents/scsi/fence_scsi.py
@@ -150,7 +150,10 @@ def reserve_dev(options, dev):
def get_reservation_key(options, dev):
reset_dev(options,dev)
- cmd = options["--sg_persist-path"] + " -n -i -r -d " + dev
+ opts = ""
+ if "--readonly" in options:
+ opts = "-y "
+ cmd = options["--sg_persist-path"] + " -n -i " + opts + "-r -d " + dev
out = run_cmd(options, cmd)
if out["err"]:
fail_usage("Cannot get reservation key")
@@ -161,7 +164,10 @@ def get_reservation_key(options, dev):
def get_registration_keys(options, dev, fail=True):
reset_dev(options,dev)
keys = []
- cmd = options["--sg_persist-path"] + " -n -i -k -d " + dev
+ opts = ""
+ if "--readonly" in options:
+ opts = "-y "
+ cmd = options["--sg_persist-path"] + " -n -i " + opts + "-k -d " + dev
out = run_cmd(options, cmd)
if out["err"]:
fail_usage("Cannot get registration keys", fail)
@@ -342,6 +348,14 @@ def define_new_opts():
"shortdesc" : "Use the APTPL flag for registrations. This option is only used for the 'on' action.",
"order": 1
}
+ all_opt["readonly"] = {
+ "getopt" : "",
+ "longopt" : "readonly",
+ "help" : "--readonly Open DEVICE read-only. May be useful with PRIN commands if there are unwanted side effects with the default read-write open.",
+ "required" : "0",
+ "shortdesc" : "Open DEVICE read-only.",
+ "order": 4
+ }
all_opt["logfile"] = {
"getopt" : ":",
"longopt" : "logfile",
@@ -464,7 +478,8 @@ def main():
device_opt = ["no_login", "no_password", "devices", "nodename", "port",\
"no_port", "key", "aptpl", "fabric_fencing", "on_target", "corosync_cmap_path",\
- "sg_persist_path", "sg_turs_path", "logfile", "vgs_path", "force_on", "key_value"]
+ "sg_persist_path", "sg_turs_path", "readonly", "logfile", "vgs_path",\
+ "force_on", "key_value"]
define_new_opts()
diff --git a/tests/data/metadata/fence_scsi.xml b/tests/data/metadata/fence_scsi.xml
index b840f3cf..d0818b0d 100644
--- a/tests/data/metadata/fence_scsi.xml
+++ b/tests/data/metadata/fence_scsi.xml
@@ -36,6 +36,11 @@ When used as a watchdog device you can define e.g. retry=1, retry-sleep=2 and ve
<content type="string" />
<shortdesc lang="en">Name of the node to be fenced. The node name is used to generate the key value used for the current operation. This option will be ignored when used with the -k option.</shortdesc>
</parameter>
+ <parameter name="readonly" unique="0" required="0">
+ <getopt mixed="--readonly" />
+ <content type="boolean" />
+ <shortdesc lang="en">Open DEVICE read-only.</shortdesc>
+ </parameter>
<parameter name="logfile" unique="0" required="0">
<getopt mixed="-f, --logfile" />
<content type="string" />

View File

@ -0,0 +1,40 @@
From 2df8abf25eddc8da71c193ca29f6be51e66b02f0 Mon Sep 17 00:00:00 2001
From: Hideo Yamauchi <renayama19661014@ybb.ne.jp>
Date: Thu, 12 Sep 2019 08:44:49 +0900
Subject: [PATCH] High: mpath: Correction of failure detection behavior from
watchdog service.
---
agents/mpath/fence_mpath.py | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/agents/mpath/fence_mpath.py b/agents/mpath/fence_mpath.py
index e4f59836..b17388eb 100644
--- a/agents/mpath/fence_mpath.py
+++ b/agents/mpath/fence_mpath.py
@@ -117,12 +117,14 @@ def get_reservation_key(options, dev):
match = re.search(r"\s+key\s*=\s*0x(\S+)\s+", out["out"], re.IGNORECASE)
return match.group(1) if match else None
-def get_registration_keys(options, dev):
+def get_registration_keys(options, dev, fail=True):
keys = []
cmd = options["--mpathpersist-path"] + " -i -k -d " + dev
out = run_cmd(options, cmd)
if out["err"]:
- fail_usage("Cannot get registration keys")
+ fail_usage("Cannot get registration keys", fail)
+ if not fail:
+ return []
for line in out["out"].split("\n"):
match = re.search(r"\s+0x(\S+)\s*", line)
if match:
@@ -183,7 +185,7 @@ def mpath_check(hardreboot=False):
logging.error("No devices found")
return 0
for dev, key in list(devs.items()):
- if key in get_registration_keys(options, dev):
+ if key in get_registration_keys(options, dev, fail=False):
logging.debug("key " + key + " registered with device " + dev)
return 0
else:

View File

@ -0,0 +1,197 @@
From d866e11213ebeab8da280b41371a968ae12410bd Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Fri, 13 Sep 2019 12:48:46 +0200
Subject: [PATCH] fence_mpath: use -n/--plug/port parameter to be able to use
pcmk_host_map
---
agents/mpath/fence_mpath.py | 63 +++++++++++++++++------------
tests/data/metadata/fence_mpath.xml | 12 +++++-
2 files changed, 49 insertions(+), 26 deletions(-)
diff --git a/agents/mpath/fence_mpath.py b/agents/mpath/fence_mpath.py
index e4f59836..dfc5657b 100644
--- a/agents/mpath/fence_mpath.py
+++ b/agents/mpath/fence_mpath.py
@@ -16,11 +16,11 @@ def get_status(conn, options):
status = "off"
for dev in options["devices"]:
is_block_device(dev)
- if options["--key"] in get_registration_keys(options, dev):
+ if options["--plug"] in get_registration_keys(options, dev):
status = "on"
else:
logging.debug("No registration for key "\
- + options["--key"] + " on device " + dev + "\n")
+ + options["--plug"] + " on device " + dev + "\n")
if options["--action"] == "monitor":
dev_read(options)
@@ -36,10 +36,10 @@ def set_status(conn, options):
is_block_device(dev)
register_dev(options, dev)
- if options["--key"] not in get_registration_keys(options, dev):
+ if options["--plug"] not in get_registration_keys(options, dev):
count += 1
logging.debug("Failed to register key "\
- + options["--key"] + "on device " + dev + "\n")
+ + options["--plug"] + "on device " + dev + "\n")
continue
dev_write(options, dev)
@@ -48,7 +48,7 @@ def set_status(conn, options):
and get_reservation_key(options, dev) is None:
count += 1
logging.debug("Failed to create reservation (key="\
- + options["--key"] + ", device=" + dev + ")\n")
+ + options["--plug"] + ", device=" + dev + ")\n")
else:
dev_keys = dev_read(options)
@@ -56,14 +56,14 @@ def set_status(conn, options):
for dev in options["devices"]:
is_block_device(dev)
- if options["--key"] in get_registration_keys(options, dev):
+ if options["--plug"] in get_registration_keys(options, dev):
preempt_abort(options, dev_keys[dev], dev)
for dev in options["devices"]:
- if options["--key"] in get_registration_keys(options, dev):
+ if options["--plug"] in get_registration_keys(options, dev):
count += 1
logging.debug("Failed to remove key "\
- + options["--key"] + " on device " + dev + "\n")
+ + options["--plug"] + " on device " + dev + "\n")
continue
if not get_reservation_key(options, dev):
@@ -97,16 +97,16 @@ def is_block_device(dev):
# cancel registration
def preempt_abort(options, host, dev):
- cmd = options["--mpathpersist-path"] + " -o --preempt-abort --prout-type=5 --param-rk=" + host +" --param-sark=" + options["--key"] +" -d " + dev
+ cmd = options["--mpathpersist-path"] + " -o --preempt-abort --prout-type=5 --param-rk=" + host +" --param-sark=" + options["--plug"] +" -d " + dev
return not bool(run_cmd(options, cmd)["err"])
def register_dev(options, dev):
- cmd = options["--mpathpersist-path"] + " -o --register --param-sark=" + options["--key"] + " -d " + dev
+ cmd = options["--mpathpersist-path"] + " -o --register --param-sark=" + options["--plug"] + " -d " + dev
#cmd return code != 0 but registration can be successful
return not bool(run_cmd(options, cmd)["err"])
def reserve_dev(options, dev):
- cmd = options["--mpathpersist-path"] + " -o --reserv --prout-type=5 --param-rk=" + options["--key"] + " -d " + dev
+ cmd = options["--mpathpersist-path"] + " -o --reserv --prout-type=5 --param-rk=" + options["--plug"] + " -d " + dev
return not bool(run_cmd(options, cmd)["err"])
def get_reservation_key(options, dev):
@@ -141,7 +141,7 @@ def dev_write(options, dev):
fail_usage("Failed: Cannot open file \""+ file_path + "\"")
out = store_fh.read()
if not re.search(r"^" + dev + r"\s+", out):
- store_fh.write(dev + "\t" + options["--key"] + "\n")
+ store_fh.write(dev + "\t" + options["--plug"] + "\n")
store_fh.close()
def dev_read(options, fail=True):
@@ -209,12 +209,9 @@ def define_new_opts():
all_opt["key"] = {
"getopt" : "k:",
"longopt" : "key",
- "help" : "-k, --key=[key] Key to use for the current operation",
- "required" : "1",
- "shortdesc" : "Key to use for the current operation. This key should be \
-unique to a node and have to be written in /etc/multipath.conf. For the \"on\" action, the key specifies the key use to \
-register the local node. For the \"off\" action, this key specifies the key to \
-be removed from the device(s).",
+ "help" : "-k, --key=[key] Replaced by -n, --plug",
+ "required" : "0",
+ "shortdesc" : "Replaced by -n, --plug",
"order": 1
}
all_opt["mpathpersist_path"] = {
@@ -240,10 +237,18 @@ def main():
atexit.register(atexit_handler)
device_opt = ["no_login", "no_password", "devices", "key", "sudo", \
- "fabric_fencing", "on_target", "store_path", "mpathpersist_path", "force_on"]
+ "fabric_fencing", "on_target", "store_path", \
+ "mpathpersist_path", "force_on", "port", "no_port"]
define_new_opts()
+ all_opt["port"]["help"] = "Key to use for the current operation"
+ all_opt["port"]["shortdesc"] = "Key to use for the current operation. \
+This key should be unique to a node and have to be written in \
+/etc/multipath.conf. For the \"on\" action, the key specifies the key use to \
+register the local node. For the \"off\" action, this key specifies the key to \
+be removed from the device(s)."
+
# fence_mpath_check
if os.path.basename(sys.argv[0]) == "fence_mpath_check":
sys.exit(mpath_check())
@@ -252,6 +257,17 @@ def main():
options = check_input(device_opt, process_input(device_opt), other_conditions=True)
+ # hack to remove list/list-status actions which are not supported
+ options["device_opt"] = [ o for o in options["device_opt"] if o != "separator" ]
+
+ # workaround to avoid regressions
+ if "--key" in options:
+ options["--plug"] = options["--key"]
+ del options["--key"]
+ elif options["--action"] in ["off", "on", "reboot", "status"] \
+ and "--plug" not in options:
+ fail_usage("Failed: You have to enter plug number or machine identification", stop)
+
docs = {}
docs["shortdesc"] = "Fence agent for multipath persistent reservation"
docs["longdesc"] = "fence_mpath is an I/O fencing agent that uses SCSI-3 \
@@ -271,16 +287,13 @@ def main():
run_delay(options)
# Input control BEGIN
- if not "--key" in options:
- fail_usage("Failed: key is required")
-
if options["--action"] == "validate-all":
sys.exit(0)
- options["devices"] = options["--devices"].split(",")
-
- if not options["devices"]:
+ if not ("--devices" in options and options["--devices"]):
fail_usage("Failed: No devices found")
+
+ options["devices"] = options["--devices"].split(",")
# Input control END
result = fence_action(None, options, set_status, get_status)
diff --git a/tests/data/metadata/fence_mpath.xml b/tests/data/metadata/fence_mpath.xml
index bbe9ad2b..fe9378df 100644
--- a/tests/data/metadata/fence_mpath.xml
+++ b/tests/data/metadata/fence_mpath.xml
@@ -14,9 +14,19 @@ The fence_mpath agent works by having a unique key for each node that has to be
<content type="string" />
<shortdesc lang="en">List of devices to use for current operation. Devices can be comma-separated list of device-mapper multipath devices (eg. /dev/mapper/3600508b400105df70000e00000ac0000 or /dev/mapper/mpath1). Each device must support SCSI-3 persistent reservations.</shortdesc>
</parameter>
- <parameter name="key" unique="0" required="1">
+ <parameter name="key" unique="0" required="0">
<getopt mixed="-k, --key=[key]" />
<content type="string" />
+ <shortdesc lang="en">Replaced by -n, --plug</shortdesc>
+ </parameter>
+ <parameter name="plug" unique="0" required="1" obsoletes="port">
+ <getopt mixed="Key to use for the current operation" />
+ <content type="string" />
+ <shortdesc lang="en">Key to use for the current operation. This key should be unique to a node and have to be written in /etc/multipath.conf. For the "on" action, the key specifies the key use to register the local node. For the "off" action, this key specifies the key to be removed from the device(s).</shortdesc>
+ </parameter>
+ <parameter name="port" unique="0" required="1" deprecated="1">
+ <getopt mixed="Key to use for the current operation" />
+ <content type="string" />
<shortdesc lang="en">Key to use for the current operation. This key should be unique to a node and have to be written in /etc/multipath.conf. For the "on" action, the key specifies the key use to register the local node. For the "off" action, this key specifies the key to be removed from the device(s).</shortdesc>
</parameter>
<parameter name="quiet" unique="0" required="0">

View File

@ -0,0 +1,73 @@
From 868c494d17952eecc6736683c6df04aa9d3a3199 Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Fri, 20 Sep 2019 12:06:55 +0200
Subject: [PATCH] fence_mpath: fix fail_usage() issue and a couple of other
minor issues w/the newly added plug/port parameter
---
agents/mpath/fence_mpath.py | 12 +++++++-----
tests/data/metadata/fence_mpath.xml | 10 +++++-----
2 files changed, 12 insertions(+), 10 deletions(-)
diff --git a/agents/mpath/fence_mpath.py b/agents/mpath/fence_mpath.py
index 25aeb052..73517851 100644
--- a/agents/mpath/fence_mpath.py
+++ b/agents/mpath/fence_mpath.py
@@ -213,7 +213,7 @@ def define_new_opts():
"longopt" : "key",
"help" : "-k, --key=[key] Replaced by -n, --plug",
"required" : "0",
- "shortdesc" : "Replaced by -n, --plug",
+ "shortdesc" : "Replaced by port/-n/--plug",
"order": 1
}
all_opt["mpathpersist_path"] = {
@@ -244,7 +244,8 @@ def main():
define_new_opts()
- all_opt["port"]["help"] = "Key to use for the current operation"
+ all_opt["port"]["required"] = "0"
+ all_opt["port"]["help"] = "-n, --plug=[key] Key to use for the current operation"
all_opt["port"]["shortdesc"] = "Key to use for the current operation. \
This key should be unique to a node and have to be written in \
/etc/multipath.conf. For the \"on\" action, the key specifies the key use to \
@@ -266,9 +267,10 @@ def main():
if "--key" in options:
options["--plug"] = options["--key"]
del options["--key"]
- elif options["--action"] in ["off", "on", "reboot", "status"] \
- and "--plug" not in options:
- fail_usage("Failed: You have to enter plug number or machine identification", stop)
+ elif "--help" not in options and options["--action"] in ["off", "on", \
+ "reboot", "status", "validate-all"] and "--plug" not in options:
+ stop_after_error = False if options["--action"] == "validate-all" else True
+ fail_usage("Failed: You have to enter plug number or machine identification", stop_after_error)
docs = {}
docs["shortdesc"] = "Fence agent for multipath persistent reservation"
diff --git a/tests/data/metadata/fence_mpath.xml b/tests/data/metadata/fence_mpath.xml
index fe9378df..f5e60823 100644
--- a/tests/data/metadata/fence_mpath.xml
+++ b/tests/data/metadata/fence_mpath.xml
@@ -17,15 +17,15 @@ The fence_mpath agent works by having a unique key for each node that has to be
<parameter name="key" unique="0" required="0">
<getopt mixed="-k, --key=[key]" />
<content type="string" />
- <shortdesc lang="en">Replaced by -n, --plug</shortdesc>
+ <shortdesc lang="en">Replaced by port/-n/--plug</shortdesc>
</parameter>
- <parameter name="plug" unique="0" required="1" obsoletes="port">
- <getopt mixed="Key to use for the current operation" />
+ <parameter name="plug" unique="0" required="0" obsoletes="port">
+ <getopt mixed="-n, --plug=[key]" />
<content type="string" />
<shortdesc lang="en">Key to use for the current operation. This key should be unique to a node and have to be written in /etc/multipath.conf. For the "on" action, the key specifies the key use to register the local node. For the "off" action, this key specifies the key to be removed from the device(s).</shortdesc>
</parameter>
- <parameter name="port" unique="0" required="1" deprecated="1">
- <getopt mixed="Key to use for the current operation" />
+ <parameter name="port" unique="0" required="0" deprecated="1">
+ <getopt mixed="-n, --plug=[key]" />
<content type="string" />
<shortdesc lang="en">Key to use for the current operation. This key should be unique to a node and have to be written in /etc/multipath.conf. For the "on" action, the key specifies the key use to register the local node. For the "off" action, this key specifies the key to be removed from the device(s).</shortdesc>
</parameter>

View File

@ -0,0 +1,66 @@
From 32d2aa2cea22bb38fc3eeded1f6682daad097908 Mon Sep 17 00:00:00 2001
From: Gauvain Pocentek <gauvainpocentek@gmail.com>
Date: Tue, 13 Aug 2019 20:11:21 +0200
Subject: [PATCH] Fix argument parsing for region_name
The region_name attribute for fence_compute and fence_evacuate is not a boolean
and should expect a string argument.
---
agents/compute/fence_compute.py | 2 +-
agents/evacuate/fence_evacuate.py | 2 +-
tests/data/metadata/fence_compute.xml | 2 +-
tests/data/metadata/fence_evacuate.xml | 2 +-
4 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/agents/compute/fence_compute.py b/agents/compute/fence_compute.py
index 0e6c8044..a94bdc46 100644
--- a/agents/compute/fence_compute.py
+++ b/agents/compute/fence_compute.py
@@ -381,7 +381,7 @@ def define_new_opts():
"order": 1,
}
all_opt["region_name"] = {
- "getopt" : "",
+ "getopt" : ":",
"longopt" : "region-name",
"help" : "--region-name=[region] Region Name",
"required" : "0",
diff --git a/agents/evacuate/fence_evacuate.py b/agents/evacuate/fence_evacuate.py
index 2b9af273..76e78b87 100644
--- a/agents/evacuate/fence_evacuate.py
+++ b/agents/evacuate/fence_evacuate.py
@@ -318,7 +318,7 @@ def define_new_opts():
"order": 1,
}
all_opt["region_name"] = {
- "getopt" : "",
+ "getopt" : ":",
"longopt" : "region-name",
"help" : "--region-name=[region] Region Name",
"required" : "0",
diff --git a/tests/data/metadata/fence_compute.xml b/tests/data/metadata/fence_compute.xml
index 1dcbfc54..abc276ca 100644
--- a/tests/data/metadata/fence_compute.xml
+++ b/tests/data/metadata/fence_compute.xml
@@ -55,7 +55,7 @@
</parameter>
<parameter name="region_name" unique="0" required="0">
<getopt mixed="--region-name=[region]" />
- <content type="boolean" default="" />
+ <content type="string" default="" />
<shortdesc lang="en">Region Name</shortdesc>
</parameter>
<parameter name="tenant_name" unique="0" required="0">
diff --git a/tests/data/metadata/fence_evacuate.xml b/tests/data/metadata/fence_evacuate.xml
index 4f1f6a58..7decb05c 100644
--- a/tests/data/metadata/fence_evacuate.xml
+++ b/tests/data/metadata/fence_evacuate.xml
@@ -55,7 +55,7 @@
</parameter>
<parameter name="region_name" unique="0" required="0">
<getopt mixed="--region-name=[region]" />
- <content type="boolean" default="" />
+ <content type="string" default="" />
<shortdesc lang="en">Region Name</shortdesc>
</parameter>
<parameter name="tenant_name" unique="0" required="0">

View File

@ -0,0 +1,77 @@
From 708d0a8e4e45d4f4a6bee67f0a9ebc0ff573e1ff Mon Sep 17 00:00:00 2001
From: Kumabuchi Kenji <k.kumabuchi+curvygrin@gmail.com>
Date: Fri, 25 Oct 2019 16:34:40 +0900
Subject: [PATCH] fix shortopt in fence-compute / fence_evacuate help messages
Signed-off-by: Kumabuchi Kenji <k.kumabuchi+curvygrin@gmail.com>
---
agents/compute/fence_compute.py | 2 +-
agents/evacuate/fence_evacuate.py | 2 +-
tests/data/metadata/fence_compute.xml | 4 ++--
tests/data/metadata/fence_evacuate.xml | 4 ++--
4 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/agents/compute/fence_compute.py b/agents/compute/fence_compute.py
index c08a9dbe..d0e012e6 100644
--- a/agents/compute/fence_compute.py
+++ b/agents/compute/fence_compute.py
@@ -365,7 +365,7 @@ def define_new_opts():
all_opt["project-domain"] = {
"getopt" : "P:",
"longopt" : "project-domain",
- "help" : "-d, --project-domain=[name] Keystone v3 Project Domain",
+ "help" : "-P, --project-domain=[name] Keystone v3 Project Domain",
"required" : "0",
"shortdesc" : "Keystone v3 Project Domain",
"default" : "Default",
diff --git a/agents/evacuate/fence_evacuate.py b/agents/evacuate/fence_evacuate.py
index 76e78b87..60bb130e 100644
--- a/agents/evacuate/fence_evacuate.py
+++ b/agents/evacuate/fence_evacuate.py
@@ -302,7 +302,7 @@ def define_new_opts():
all_opt["project-domain"] = {
"getopt" : "P:",
"longopt" : "project-domain",
- "help" : "-d, --project-domain=[name] Keystone v3 Project Domain",
+ "help" : "-P, --project-domain=[name] Keystone v3 Project Domain",
"required" : "0",
"shortdesc" : "Keystone v3 Project Domain",
"default" : "Default",
diff --git a/tests/data/metadata/fence_compute.xml b/tests/data/metadata/fence_compute.xml
index abc276ca..99d56af0 100644
--- a/tests/data/metadata/fence_compute.xml
+++ b/tests/data/metadata/fence_compute.xml
@@ -74,12 +74,12 @@
<shortdesc lang="en">Allow Insecure TLS Requests</shortdesc>
</parameter>
<parameter name="project-domain" unique="0" required="0" deprecated="1">
- <getopt mixed="-d, --project-domain=[name]" />
+ <getopt mixed="-P, --project-domain=[name]" />
<content type="string" default="Default" />
<shortdesc lang="en">Keystone v3 Project Domain</shortdesc>
</parameter>
<parameter name="project_domain" unique="0" required="0" obsoletes="project-domain">
- <getopt mixed="-d, --project-domain=[name]" />
+ <getopt mixed="-P, --project-domain=[name]" />
<content type="string" default="Default" />
<shortdesc lang="en">Keystone v3 Project Domain</shortdesc>
</parameter>
diff --git a/tests/data/metadata/fence_evacuate.xml b/tests/data/metadata/fence_evacuate.xml
index 7decb05c..8c720b80 100644
--- a/tests/data/metadata/fence_evacuate.xml
+++ b/tests/data/metadata/fence_evacuate.xml
@@ -74,12 +74,12 @@
<shortdesc lang="en">Allow Insecure TLS Requests</shortdesc>
</parameter>
<parameter name="project-domain" unique="0" required="0" deprecated="1">
- <getopt mixed="-d, --project-domain=[name]" />
+ <getopt mixed="-P, --project-domain=[name]" />
<content type="string" default="Default" />
<shortdesc lang="en">Keystone v3 Project Domain</shortdesc>
</parameter>
<parameter name="project_domain" unique="0" required="0" obsoletes="project-domain">
- <getopt mixed="-d, --project-domain=[name]" />
+ <getopt mixed="-P, --project-domain=[name]" />
<content type="string" default="Default" />
<shortdesc lang="en">Keystone v3 Project Domain</shortdesc>
</parameter>

View File

@ -0,0 +1,42 @@
From 099758a41bbb153c4a13a89de57cdcb72e1f1ea7 Mon Sep 17 00:00:00 2001
From: Michele Baldessari <michele@acksyn.org>
Date: Fri, 11 Oct 2019 10:39:53 +0200
Subject: [PATCH] fence_compute: Invert the force-down/service disable order
In OpenStack Train we first observed that IHA was not working via
https://bugzilla.redhat.com/show_bug.cgi?id=1760213
The reason for this is that nova has made the disabling of the compute
service depend on the compute node being up via:
https://review.opendev.org/#/c/654596/
By first calling force-down, the subsequence service-disable API
call won't wait for the reachability of the compute node any
longer and the whole operation has the same outcome.
Tested this on an OSP Train environment and we correctly
got Instance HA working again and we observed the VMs being
restarted on the available compute nodes.
Co-Authored-By: Luca Miccini <lmiccini@redhat.com>
---
agents/compute/fence_compute.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/agents/compute/fence_compute.py b/agents/compute/fence_compute.py
index a94bdc46..c08a9dbe 100644
--- a/agents/compute/fence_compute.py
+++ b/agents/compute/fence_compute.py
@@ -117,11 +117,11 @@ def set_power_status_off(connection, options):
if status in [ "off" ]:
return
- connection.services.disable(options["--plug"], 'nova-compute')
try:
# Until 2.53
connection.services.force_down(
options["--plug"], "nova-compute", force_down=True)
+ connection.services.disable(options["--plug"], 'nova-compute')
except Exception as e:
# Something went wrong when we tried to force the host down.
# That could come from either an incompatible API version

View File

@ -0,0 +1,61 @@
From a128c296c18faa1b58c3f067370bde64e7c49dae Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Wed, 9 Oct 2019 14:35:48 +0200
Subject: [PATCH] fence_vmware_rest: improve logging
---
agents/vmware_rest/fence_vmware_rest.py | 23 +++++++++++++++++++----
1 file changed, 19 insertions(+), 4 deletions(-)
diff --git a/agents/vmware_rest/fence_vmware_rest.py b/agents/vmware_rest/fence_vmware_rest.py
index 53b4066d..cd99b4ac 100644
--- a/agents/vmware_rest/fence_vmware_rest.py
+++ b/agents/vmware_rest/fence_vmware_rest.py
@@ -11,7 +11,11 @@
state = {"POWERED_ON": "on", 'POWERED_OFF': "off", 'SUSPENDED': "off"}
def get_power_status(conn, options):
- res = send_command(conn, "vcenter/vm?filter.names={}".format(options["--plug"]))["value"]
+ try:
+ res = send_command(conn, "vcenter/vm?filter.names={}".format(options["--plug"]))["value"]
+ except Exception as e:
+ logging.debug("Failed: {}".format(e))
+ fail(EC_STATUS)
if len(res) == 0:
fail(EC_STATUS)
@@ -28,12 +32,20 @@ def set_power_status(conn, options):
"off" : "stop"
}[options["--action"]]
- send_command(conn, "vcenter/vm/{}/power/{}".format(options["id"], action), "POST")
+ try:
+ send_command(conn, "vcenter/vm/{}/power/{}".format(options["id"], action), "POST")
+ except Exception as e:
+ logging.debug("Failed: {}".format(e))
+ fail(EC_STATUS)
def get_list(conn, options):
outlets = {}
- res = send_command(conn, "vcenter/vm")
+ try:
+ res = send_command(conn, "vcenter/vm")
+ except:
+ logging.debug("Failed: {}".format(e))
+ fail(EC_STATUS)
for r in res["value"]:
outlets[r["name"]] = ("", state[r["power_state"]])
@@ -87,7 +99,10 @@ def connect(opt):
return conn
def disconnect(conn):
- send_command(conn, "com/vmware/cis/session", "DELETE")
+ try:
+ send_command(conn, "com/vmware/cis/session", "DELETE")
+ except Exception as e:
+ logging.debug("Failed: {}".format(e))
conn.close()
def send_command(conn, command, method="GET"):

View File

@ -0,0 +1,109 @@
From b885e0f65af626154096a49554e9765e18bfbbd9 Mon Sep 17 00:00:00 2001
From: Frank Toth <ftoth1@bloomberg.net>
Date: Wed, 16 Oct 2019 13:58:50 +0800
Subject: [PATCH 1/3] Added cookie file management to properly reuse session
and do not create new one every time.
---
agents/rhevm/fence_rhevm.py | 15 ++++++++++++++-
1 file changed, 14 insertions(+), 1 deletion(-)
diff --git a/agents/rhevm/fence_rhevm.py b/agents/rhevm/fence_rhevm.py
index 9e4650cd..defa35e6 100644
--- a/agents/rhevm/fence_rhevm.py
+++ b/agents/rhevm/fence_rhevm.py
@@ -117,7 +117,12 @@ def send_command(opt, command, method="GET"):
conn.setopt(pycurl.HTTPAUTH, pycurl.HTTPAUTH_BASIC)
conn.setopt(pycurl.USERPWD, opt["--username"] + ":" + opt["--password"])
if "--use-cookies" in opt:
- conn.setopt(pycurl.COOKIEFILE, "")
+ if "--cookie-file" in opt:
+ cookie_file = opt["--cookie-file"]
+ else:
+ cookie_file = "/tmp/fence_rhevm_" + opt["--ip"] + "_" + opt["--username"] + "_cookie.dat"
+ conn.setopt(pycurl.COOKIEFILE, cookie_file)
+ conn.setopt(pycurl.COOKIEJAR, cookie_file)
conn.setopt(pycurl.TIMEOUT, int(opt["--shell-timeout"]))
if "--ssl" in opt or "--ssl-secure" in opt:
@@ -166,6 +171,14 @@ def define_new_opts():
"required" : "0",
"shortdesc" : "Reuse cookies for authentication",
"order" : 1}
+ all_opt["cookie_file"] = {
+ "getopt" : ":",
+ "longopt" : "cookie-file",
+ "help" : "--cookie-file Path to cookie file for authentication\n"
+ "\t\t\t\t (Default: /tmp/fence_rhevm_ip_username_cookie.dat)",
+ "required" : "0",
+ "shortdesc" : "Path to cookie file for authentication",
+ "order" : 2}
all_opt["api_version"] = {
"getopt" : ":",
"longopt" : "api-version",
From 874344acbfee5f774b320e384a46e1ce953a34ce Mon Sep 17 00:00:00 2001
From: Frank Toth <ftoth1@bloomberg.net>
Date: Wed, 16 Oct 2019 23:41:50 +0800
Subject: [PATCH 2/3] Added cookie_file to device_opt array. Use
tempfile.gettempdir() to get the TMP dir instead of hardcoded /tmp
---
agents/rhevm/fence_rhevm.py | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/agents/rhevm/fence_rhevm.py b/agents/rhevm/fence_rhevm.py
index defa35e6..25aecbe5 100644
--- a/agents/rhevm/fence_rhevm.py
+++ b/agents/rhevm/fence_rhevm.py
@@ -4,6 +4,7 @@
import pycurl, io
import logging
import atexit
+import tempfile
sys.path.append("@FENCEAGENTSLIBDIR@")
from fencing import *
from fencing import fail, EC_FETCH_VM_UUID, run_delay
@@ -120,7 +121,7 @@ def send_command(opt, command, method="GET"):
if "--cookie-file" in opt:
cookie_file = opt["--cookie-file"]
else:
- cookie_file = "/tmp/fence_rhevm_" + opt["--ip"] + "_" + opt["--username"] + "_cookie.dat"
+ cookie_file = tempfile.gettempdir() + "/fence_rhevm_" + opt["--ip"] + "_" + opt["--username"] + "_cookie.dat"
conn.setopt(pycurl.COOKIEFILE, cookie_file)
conn.setopt(pycurl.COOKIEJAR, cookie_file)
@@ -215,6 +216,7 @@ def main():
"web",
"port",
"use_cookies",
+ "cookie_file",
"api_version",
"api_path",
"disable_http_filter",
From 196513cfc0edfd28f483a00b4adfa230b666a47d Mon Sep 17 00:00:00 2001
From: Frank Toth <ftoth1@bloomberg.net>
Date: Fri, 18 Oct 2019 05:16:18 +0200
Subject: [PATCH 3/3] After 'make xml-upload'
---
tests/data/metadata/fence_rhevm.xml | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/tests/data/metadata/fence_rhevm.xml b/tests/data/metadata/fence_rhevm.xml
index c56cf64b..2b6b02b2 100644
--- a/tests/data/metadata/fence_rhevm.xml
+++ b/tests/data/metadata/fence_rhevm.xml
@@ -103,6 +103,11 @@
<content type="string" default="auto" />
<shortdesc lang="en">Version of RHEV API (default: auto)</shortdesc>
</parameter>
+ <parameter name="cookie_file" unique="0" required="0">
+ <getopt mixed="--cookie-file" />
+ <content type="string" />
+ <shortdesc lang="en">Path to cookie file for authentication</shortdesc>
+ </parameter>
<parameter name="api_path" unique="0" required="0">
<getopt mixed="--api-path=[path]" />
<shortdesc lang="en">The path part of the API URL</shortdesc>

View File

@ -0,0 +1,23 @@
From 82626dbdb12519e95a5df70ae6ae21bc17112f43 Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Wed, 13 Feb 2019 13:28:25 +0100
Subject: [PATCH] fencing: improve stdin parse function
- Remove quotes around stdin parameters for consistency with CLI
parameters and to be able to quote number and time parameters
---
lib/fencing.py.py | 1 +
1 file changed, 1 insertion(+)
diff --git a/lib/fencing.py.py b/lib/fencing.py.py
index 287cd01f..8cd0a813 100644
--- a/lib/fencing.py.py
+++ b/lib/fencing.py.py
@@ -1389,6 +1389,7 @@ def _parse_input_stdin(avail_opt):
(name, value) = (line + "=").split("=", 1)
value = value[:-1]
+ value = re.sub("^\"(.*)\"$", "\\1", value)
if name.replace("-", "_") in mapping_longopt_names:
name = mapping_longopt_names[name.replace("-", "_")]

View File

@ -0,0 +1,756 @@
From cecf3b3edeccbac6293b95073b0c0ad4f02a8652 Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Tue, 12 Nov 2019 17:25:57 +0100
Subject: [PATCH] fencing: only use inetX_only parameters for SSH based agents
and fence_zvmip, and fixed syntax issue for Gawk v5+
---
agents/zvm/fence_zvmip.py | 2 +-
lib/fencing.py.py | 4 ++--
make/agentpycheck.mk | 2 +-
tests/data/metadata/fence_amt.xml | 10 ----------
tests/data/metadata/fence_amt_ws.xml | 10 ----------
tests/data/metadata/fence_apc_snmp.xml | 10 ----------
tests/data/metadata/fence_cisco_mds.xml | 10 ----------
tests/data/metadata/fence_cisco_ucs.xml | 10 ----------
tests/data/metadata/fence_docker.xml | 10 ----------
tests/data/metadata/fence_drac.xml | 10 ----------
tests/data/metadata/fence_eaton_snmp.xml | 10 ----------
tests/data/metadata/fence_emerson.xml | 10 ----------
tests/data/metadata/fence_eps.xml | 10 ----------
tests/data/metadata/fence_ibmblade.xml | 10 ----------
tests/data/metadata/fence_idrac.xml | 10 ----------
tests/data/metadata/fence_ifmib.xml | 10 ----------
tests/data/metadata/fence_ilo.xml | 10 ----------
tests/data/metadata/fence_ilo2.xml | 10 ----------
tests/data/metadata/fence_ilo3.xml | 10 ----------
tests/data/metadata/fence_ilo4.xml | 10 ----------
tests/data/metadata/fence_imm.xml | 10 ----------
tests/data/metadata/fence_intelmodular.xml | 10 ----------
tests/data/metadata/fence_ipdu.xml | 10 ----------
tests/data/metadata/fence_ipmilan.xml | 10 ----------
tests/data/metadata/fence_netio.xml | 10 ----------
tests/data/metadata/fence_powerman.xml | 10 ----------
tests/data/metadata/fence_pve.xml | 10 ----------
tests/data/metadata/fence_raritan.xml | 10 ----------
tests/data/metadata/fence_redfish.xml | 10 ----------
tests/data/metadata/fence_rhevm.xml | 10 ----------
tests/data/metadata/fence_sanbox2.xml | 10 ----------
tests/data/metadata/fence_tripplite_snmp.xml | 10 ----------
tests/data/metadata/fence_vmware_rest.xml | 10 ----------
tests/data/metadata/fence_vmware_soap.xml | 10 ----------
tests/data/metadata/fence_vmware_vcloud.xml | 10 ----------
36 files changed, 4 insertions(+), 334 deletions(-)
diff --git a/agents/zvm/fence_zvmip.py b/agents/zvm/fence_zvmip.py
index e6bb01d1..5b272bb9 100644
--- a/agents/zvm/fence_zvmip.py
+++ b/agents/zvm/fence_zvmip.py
@@ -146,7 +146,7 @@ def get_list_of_images(options, command, data_as_plug):
return (return_code, reason_code, images)
def main():
- device_opt = ["ipaddr", "login", "passwd", "port", "method", "missing_as_off"]
+ device_opt = ["ipaddr", "login", "passwd", "port", "method", "missing_as_off", "inet4_only", "inet6_only"]
atexit.register(atexit_handler)
diff --git a/lib/fencing.py.py b/lib/fencing.py.py
index 2a0b0b91..4b54aa7c 100644
--- a/lib/fencing.py.py
+++ b/lib/fencing.py.py
@@ -459,9 +459,9 @@
"delay", "quiet"],
"passwd" : ["passwd_script"],
"sudo" : ["sudo_path"],
- "secure" : ["identity_file", "ssh_options", "ssh_path"],
+ "secure" : ["identity_file", "ssh_options", "ssh_path", "inet4_only", "inet6_only"],
"telnet" : ["telnet_path"],
- "ipaddr" : ["ipport", "inet4_only", "inet6_only"],
+ "ipaddr" : ["ipport"],
"port" : ["separator"],
"ssl" : ["ssl_secure", "ssl_insecure", "gnutlscli_path"],
"snmp" : ["snmp_auth_prot", "snmp_sec_level", "snmp_priv_prot", \
diff --git a/make/agentpycheck.mk b/make/agentpycheck.mk
index 58122c65..13482bf2 100644
--- a/make/agentpycheck.mk
+++ b/make/agentpycheck.mk
@@ -1,5 +1,5 @@
DATADIR:=$(abs_top_srcdir)/tests/data/metadata
-AWK_VAL='BEGIN {store=-1} /name=\".*_path\"/ {store=2} {if (store!=0) {print}; store--}'
+AWK_VAL='BEGIN {store=-1} /name=".*_path"/ {store=2} {if (store!=0) {print}; store--}'
TEST_TARGET=$(filter-out $(TEST_TARGET_SKIP),$(TARGET))
diff --git a/tests/data/metadata/fence_amt.xml b/tests/data/metadata/fence_amt.xml
index c1e24db9..5f0adc98 100644
--- a/tests/data/metadata/fence_amt.xml
+++ b/tests/data/metadata/fence_amt.xml
@@ -19,16 +19,6 @@
</content>
<shortdesc lang="en">Change the default boot behavior of the machine.</shortdesc>
</parameter>
- <parameter name="inet4_only" unique="0" required="0">
- <getopt mixed="-4, --inet4-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv4 addresses only</shortdesc>
- </parameter>
- <parameter name="inet6_only" unique="0" required="0">
- <getopt mixed="-6, --inet6-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv6 addresses only</shortdesc>
- </parameter>
<parameter name="ip" unique="0" required="0" obsoletes="ipaddr">
<getopt mixed="-a, --ip=[ip]" />
<content type="string" />
diff --git a/tests/data/metadata/fence_amt_ws.xml b/tests/data/metadata/fence_amt_ws.xml
index 07c22db3..86f36f6c 100644
--- a/tests/data/metadata/fence_amt_ws.xml
+++ b/tests/data/metadata/fence_amt_ws.xml
@@ -19,16 +19,6 @@
</content>
<shortdesc lang="en">Change the default boot behavior of the machine.</shortdesc>
</parameter>
- <parameter name="inet4_only" unique="0" required="0">
- <getopt mixed="-4, --inet4-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv4 addresses only</shortdesc>
- </parameter>
- <parameter name="inet6_only" unique="0" required="0">
- <getopt mixed="-6, --inet6-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv6 addresses only</shortdesc>
- </parameter>
<parameter name="ip" unique="0" required="0" obsoletes="ipaddr">
<getopt mixed="-a, --ip=[ip]" />
<content type="string" />
diff --git a/tests/data/metadata/fence_apc_snmp.xml b/tests/data/metadata/fence_apc_snmp.xml
index 26661d6a..7f1c616c 100644
--- a/tests/data/metadata/fence_apc_snmp.xml
+++ b/tests/data/metadata/fence_apc_snmp.xml
@@ -14,16 +14,6 @@
<content type="string" default="private" />
<shortdesc lang="en">Set the community string</shortdesc>
</parameter>
- <parameter name="inet4_only" unique="0" required="0">
- <getopt mixed="-4, --inet4-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv4 addresses only</shortdesc>
- </parameter>
- <parameter name="inet6_only" unique="0" required="0">
- <getopt mixed="-6, --inet6-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv6 addresses only</shortdesc>
- </parameter>
<parameter name="ip" unique="0" required="1" obsoletes="ipaddr">
<getopt mixed="-a, --ip=[ip]" />
<content type="string" />
diff --git a/tests/data/metadata/fence_cisco_mds.xml b/tests/data/metadata/fence_cisco_mds.xml
index 1917595e..15d7798c 100644
--- a/tests/data/metadata/fence_cisco_mds.xml
+++ b/tests/data/metadata/fence_cisco_mds.xml
@@ -13,16 +13,6 @@
<content type="string" />
<shortdesc lang="en">Set the community string</shortdesc>
</parameter>
- <parameter name="inet4_only" unique="0" required="0">
- <getopt mixed="-4, --inet4-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv4 addresses only</shortdesc>
- </parameter>
- <parameter name="inet6_only" unique="0" required="0">
- <getopt mixed="-6, --inet6-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv6 addresses only</shortdesc>
- </parameter>
<parameter name="ip" unique="0" required="1" obsoletes="ipaddr">
<getopt mixed="-a, --ip=[ip]" />
<content type="string" />
diff --git a/tests/data/metadata/fence_cisco_ucs.xml b/tests/data/metadata/fence_cisco_ucs.xml
index 40581da7..848e72f8 100644
--- a/tests/data/metadata/fence_cisco_ucs.xml
+++ b/tests/data/metadata/fence_cisco_ucs.xml
@@ -8,16 +8,6 @@
<content type="string" default="reboot" />
<shortdesc lang="en">Fencing action</shortdesc>
</parameter>
- <parameter name="inet4_only" unique="0" required="0">
- <getopt mixed="-4, --inet4-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv4 addresses only</shortdesc>
- </parameter>
- <parameter name="inet6_only" unique="0" required="0">
- <getopt mixed="-6, --inet6-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv6 addresses only</shortdesc>
- </parameter>
<parameter name="ip" unique="0" required="1" obsoletes="ipaddr">
<getopt mixed="-a, --ip=[ip]" />
<content type="string" />
diff --git a/tests/data/metadata/fence_docker.xml b/tests/data/metadata/fence_docker.xml
index fdd6324c..3285314c 100644
--- a/tests/data/metadata/fence_docker.xml
+++ b/tests/data/metadata/fence_docker.xml
@@ -8,16 +8,6 @@
<content type="string" default="reboot" />
<shortdesc lang="en">Fencing action</shortdesc>
</parameter>
- <parameter name="inet4_only" unique="0" required="0">
- <getopt mixed="-4, --inet4-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv4 addresses only</shortdesc>
- </parameter>
- <parameter name="inet6_only" unique="0" required="0">
- <getopt mixed="-6, --inet6-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv6 addresses only</shortdesc>
- </parameter>
<parameter name="ip" unique="0" required="1" obsoletes="ipaddr">
<getopt mixed="-a, --ip=[ip]" />
<content type="string" />
diff --git a/tests/data/metadata/fence_drac.xml b/tests/data/metadata/fence_drac.xml
index 405d660a..2184ee0c 100644
--- a/tests/data/metadata/fence_drac.xml
+++ b/tests/data/metadata/fence_drac.xml
@@ -18,16 +18,6 @@
<content type="string" default="[&apos;\\[username\\]# &apos;]" />
<shortdesc lang="en">Force Python regex for command prompt</shortdesc>
</parameter>
- <parameter name="inet4_only" unique="0" required="0">
- <getopt mixed="-4, --inet4-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv4 addresses only</shortdesc>
- </parameter>
- <parameter name="inet6_only" unique="0" required="0">
- <getopt mixed="-6, --inet6-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv6 addresses only</shortdesc>
- </parameter>
<parameter name="ip" unique="0" required="0" obsoletes="ipaddr">
<getopt mixed="-a, --ip=[ip]" />
<content type="string" />
diff --git a/tests/data/metadata/fence_eaton_snmp.xml b/tests/data/metadata/fence_eaton_snmp.xml
index 33957ed1..3dd92dd2 100644
--- a/tests/data/metadata/fence_eaton_snmp.xml
+++ b/tests/data/metadata/fence_eaton_snmp.xml
@@ -13,16 +13,6 @@
<content type="string" default="private" />
<shortdesc lang="en">Set the community string</shortdesc>
</parameter>
- <parameter name="inet4_only" unique="0" required="0">
- <getopt mixed="-4, --inet4-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv4 addresses only</shortdesc>
- </parameter>
- <parameter name="inet6_only" unique="0" required="0">
- <getopt mixed="-6, --inet6-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv6 addresses only</shortdesc>
- </parameter>
<parameter name="ip" unique="0" required="1" obsoletes="ipaddr">
<getopt mixed="-a, --ip=[ip]" />
<content type="string" />
diff --git a/tests/data/metadata/fence_emerson.xml b/tests/data/metadata/fence_emerson.xml
index 87205c1b..f6886469 100644
--- a/tests/data/metadata/fence_emerson.xml
+++ b/tests/data/metadata/fence_emerson.xml
@@ -13,16 +13,6 @@
<content type="string" />
<shortdesc lang="en">Set the community string</shortdesc>
</parameter>
- <parameter name="inet4_only" unique="0" required="0">
- <getopt mixed="-4, --inet4-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv4 addresses only</shortdesc>
- </parameter>
- <parameter name="inet6_only" unique="0" required="0">
- <getopt mixed="-6, --inet6-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv6 addresses only</shortdesc>
- </parameter>
<parameter name="ip" unique="0" required="1" obsoletes="ipaddr">
<getopt mixed="-a, --ip=[ip]" />
<content type="string" />
diff --git a/tests/data/metadata/fence_eps.xml b/tests/data/metadata/fence_eps.xml
index 68d8fb69..26e75477 100644
--- a/tests/data/metadata/fence_eps.xml
+++ b/tests/data/metadata/fence_eps.xml
@@ -15,16 +15,6 @@ Agent basically works by connecting to hidden page and pass appropriate argument
<content type="string" default="hidden.htm" />
<shortdesc lang="en">Name of hidden page</shortdesc>
</parameter>
- <parameter name="inet4_only" unique="0" required="0">
- <getopt mixed="-4, --inet4-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv4 addresses only</shortdesc>
- </parameter>
- <parameter name="inet6_only" unique="0" required="0">
- <getopt mixed="-6, --inet6-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv6 addresses only</shortdesc>
- </parameter>
<parameter name="ip" unique="0" required="1" obsoletes="ipaddr">
<getopt mixed="-a, --ip=[ip]" />
<content type="string" />
diff --git a/tests/data/metadata/fence_ibmblade.xml b/tests/data/metadata/fence_ibmblade.xml
index eff551f6..5084b3a0 100644
--- a/tests/data/metadata/fence_ibmblade.xml
+++ b/tests/data/metadata/fence_ibmblade.xml
@@ -13,16 +13,6 @@
<content type="string" />
<shortdesc lang="en">Set the community string</shortdesc>
</parameter>
- <parameter name="inet4_only" unique="0" required="0">
- <getopt mixed="-4, --inet4-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv4 addresses only</shortdesc>
- </parameter>
- <parameter name="inet6_only" unique="0" required="0">
- <getopt mixed="-6, --inet6-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv6 addresses only</shortdesc>
- </parameter>
<parameter name="ip" unique="0" required="1" obsoletes="ipaddr">
<getopt mixed="-a, --ip=[ip]" />
<content type="string" />
diff --git a/tests/data/metadata/fence_idrac.xml b/tests/data/metadata/fence_idrac.xml
index f4588b35..55d9ced3 100644
--- a/tests/data/metadata/fence_idrac.xml
+++ b/tests/data/metadata/fence_idrac.xml
@@ -32,16 +32,6 @@
<content type="string" />
<shortdesc lang="en">Hexadecimal-encoded Kg key for IPMIv2 authentication</shortdesc>
</parameter>
- <parameter name="inet4_only" unique="0" required="0">
- <getopt mixed="-4, --inet4-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv4 addresses only</shortdesc>
- </parameter>
- <parameter name="inet6_only" unique="0" required="0">
- <getopt mixed="-6, --inet6-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv6 addresses only</shortdesc>
- </parameter>
<parameter name="ip" unique="0" required="0" obsoletes="ipaddr">
<getopt mixed="-a, --ip=[ip]" />
<content type="string" />
diff --git a/tests/data/metadata/fence_ifmib.xml b/tests/data/metadata/fence_ifmib.xml
index b5f3b1d4..c07a6e1f 100644
--- a/tests/data/metadata/fence_ifmib.xml
+++ b/tests/data/metadata/fence_ifmib.xml
@@ -15,16 +15,6 @@ It was written with managed ethernet switches in mind, in order to fence iSCSI S
<content type="string" />
<shortdesc lang="en">Set the community string</shortdesc>
</parameter>
- <parameter name="inet4_only" unique="0" required="0">
- <getopt mixed="-4, --inet4-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv4 addresses only</shortdesc>
- </parameter>
- <parameter name="inet6_only" unique="0" required="0">
- <getopt mixed="-6, --inet6-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv6 addresses only</shortdesc>
- </parameter>
<parameter name="ip" unique="0" required="1" obsoletes="ipaddr">
<getopt mixed="-a, --ip=[ip]" />
<content type="string" />
diff --git a/tests/data/metadata/fence_ilo.xml b/tests/data/metadata/fence_ilo.xml
index eb2e7a72..44b3c43a 100644
--- a/tests/data/metadata/fence_ilo.xml
+++ b/tests/data/metadata/fence_ilo.xml
@@ -9,16 +9,6 @@
<content type="string" default="reboot" />
<shortdesc lang="en">Fencing action</shortdesc>
</parameter>
- <parameter name="inet4_only" unique="0" required="0">
- <getopt mixed="-4, --inet4-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv4 addresses only</shortdesc>
- </parameter>
- <parameter name="inet6_only" unique="0" required="0">
- <getopt mixed="-6, --inet6-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv6 addresses only</shortdesc>
- </parameter>
<parameter name="ip" unique="0" required="0" obsoletes="ipaddr">
<getopt mixed="-a, --ip=[ip]" />
<content type="string" />
diff --git a/tests/data/metadata/fence_ilo2.xml b/tests/data/metadata/fence_ilo2.xml
index b14aa2fb..e9cae6d2 100644
--- a/tests/data/metadata/fence_ilo2.xml
+++ b/tests/data/metadata/fence_ilo2.xml
@@ -9,16 +9,6 @@
<content type="string" default="reboot" />
<shortdesc lang="en">Fencing action</shortdesc>
</parameter>
- <parameter name="inet4_only" unique="0" required="0">
- <getopt mixed="-4, --inet4-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv4 addresses only</shortdesc>
- </parameter>
- <parameter name="inet6_only" unique="0" required="0">
- <getopt mixed="-6, --inet6-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv6 addresses only</shortdesc>
- </parameter>
<parameter name="ip" unique="0" required="0" obsoletes="ipaddr">
<getopt mixed="-a, --ip=[ip]" />
<content type="string" />
diff --git a/tests/data/metadata/fence_ilo3.xml b/tests/data/metadata/fence_ilo3.xml
index deaeaaf0..2a99e0a4 100644
--- a/tests/data/metadata/fence_ilo3.xml
+++ b/tests/data/metadata/fence_ilo3.xml
@@ -32,16 +32,6 @@
<content type="string" />
<shortdesc lang="en">Hexadecimal-encoded Kg key for IPMIv2 authentication</shortdesc>
</parameter>
- <parameter name="inet4_only" unique="0" required="0">
- <getopt mixed="-4, --inet4-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv4 addresses only</shortdesc>
- </parameter>
- <parameter name="inet6_only" unique="0" required="0">
- <getopt mixed="-6, --inet6-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv6 addresses only</shortdesc>
- </parameter>
<parameter name="ip" unique="0" required="0" obsoletes="ipaddr">
<getopt mixed="-a, --ip=[ip]" />
<content type="string" />
diff --git a/tests/data/metadata/fence_ilo4.xml b/tests/data/metadata/fence_ilo4.xml
index bbf0833b..68790266 100644
--- a/tests/data/metadata/fence_ilo4.xml
+++ b/tests/data/metadata/fence_ilo4.xml
@@ -32,16 +32,6 @@
<content type="string" />
<shortdesc lang="en">Hexadecimal-encoded Kg key for IPMIv2 authentication</shortdesc>
</parameter>
- <parameter name="inet4_only" unique="0" required="0">
- <getopt mixed="-4, --inet4-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv4 addresses only</shortdesc>
- </parameter>
- <parameter name="inet6_only" unique="0" required="0">
- <getopt mixed="-6, --inet6-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv6 addresses only</shortdesc>
- </parameter>
<parameter name="ip" unique="0" required="0" obsoletes="ipaddr">
<getopt mixed="-a, --ip=[ip]" />
<content type="string" />
diff --git a/tests/data/metadata/fence_imm.xml b/tests/data/metadata/fence_imm.xml
index 22cb54e7..e22e4723 100644
--- a/tests/data/metadata/fence_imm.xml
+++ b/tests/data/metadata/fence_imm.xml
@@ -32,16 +32,6 @@
<content type="string" />
<shortdesc lang="en">Hexadecimal-encoded Kg key for IPMIv2 authentication</shortdesc>
</parameter>
- <parameter name="inet4_only" unique="0" required="0">
- <getopt mixed="-4, --inet4-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv4 addresses only</shortdesc>
- </parameter>
- <parameter name="inet6_only" unique="0" required="0">
- <getopt mixed="-6, --inet6-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv6 addresses only</shortdesc>
- </parameter>
<parameter name="ip" unique="0" required="0" obsoletes="ipaddr">
<getopt mixed="-a, --ip=[ip]" />
<content type="string" />
diff --git a/tests/data/metadata/fence_intelmodular.xml b/tests/data/metadata/fence_intelmodular.xml
index 4f2e8c49..5e0d3b19 100644
--- a/tests/data/metadata/fence_intelmodular.xml
+++ b/tests/data/metadata/fence_intelmodular.xml
@@ -15,16 +15,6 @@ Note: Since firmware update version 2.7, SNMP v2 write support is removed, and r
<content type="string" />
<shortdesc lang="en">Set the community string</shortdesc>
</parameter>
- <parameter name="inet4_only" unique="0" required="0">
- <getopt mixed="-4, --inet4-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv4 addresses only</shortdesc>
- </parameter>
- <parameter name="inet6_only" unique="0" required="0">
- <getopt mixed="-6, --inet6-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv6 addresses only</shortdesc>
- </parameter>
<parameter name="ip" unique="0" required="1" obsoletes="ipaddr">
<getopt mixed="-a, --ip=[ip]" />
<content type="string" />
diff --git a/tests/data/metadata/fence_ipdu.xml b/tests/data/metadata/fence_ipdu.xml
index 0b615852..546e372c 100644
--- a/tests/data/metadata/fence_ipdu.xml
+++ b/tests/data/metadata/fence_ipdu.xml
@@ -13,16 +13,6 @@
<content type="string" default="private" />
<shortdesc lang="en">Set the community string</shortdesc>
</parameter>
- <parameter name="inet4_only" unique="0" required="0">
- <getopt mixed="-4, --inet4-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv4 addresses only</shortdesc>
- </parameter>
- <parameter name="inet6_only" unique="0" required="0">
- <getopt mixed="-6, --inet6-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv6 addresses only</shortdesc>
- </parameter>
<parameter name="ip" unique="0" required="1" obsoletes="ipaddr">
<getopt mixed="-a, --ip=[ip]" />
<content type="string" />
diff --git a/tests/data/metadata/fence_ipmilan.xml b/tests/data/metadata/fence_ipmilan.xml
index b9ce66f8..3e13d288 100644
--- a/tests/data/metadata/fence_ipmilan.xml
+++ b/tests/data/metadata/fence_ipmilan.xml
@@ -32,16 +32,6 @@
<content type="string" />
<shortdesc lang="en">Hexadecimal-encoded Kg key for IPMIv2 authentication</shortdesc>
</parameter>
- <parameter name="inet4_only" unique="0" required="0">
- <getopt mixed="-4, --inet4-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv4 addresses only</shortdesc>
- </parameter>
- <parameter name="inet6_only" unique="0" required="0">
- <getopt mixed="-6, --inet6-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv6 addresses only</shortdesc>
- </parameter>
<parameter name="ip" unique="0" required="0" obsoletes="ipaddr">
<getopt mixed="-a, --ip=[ip]" />
<content type="string" />
diff --git a/tests/data/metadata/fence_netio.xml b/tests/data/metadata/fence_netio.xml
index e6350ed4..79d27af3 100644
--- a/tests/data/metadata/fence_netio.xml
+++ b/tests/data/metadata/fence_netio.xml
@@ -8,16 +8,6 @@
<content type="string" default="reboot" />
<shortdesc lang="en">Fencing action</shortdesc>
</parameter>
- <parameter name="inet4_only" unique="0" required="0">
- <getopt mixed="-4, --inet4-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv4 addresses only</shortdesc>
- </parameter>
- <parameter name="inet6_only" unique="0" required="0">
- <getopt mixed="-6, --inet6-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv6 addresses only</shortdesc>
- </parameter>
<parameter name="ip" unique="0" required="1" obsoletes="ipaddr">
<getopt mixed="-a, --ip=[ip]" />
<content type="string" />
diff --git a/tests/data/metadata/fence_powerman.xml b/tests/data/metadata/fence_powerman.xml
index f0499d86..ce72e002 100644
--- a/tests/data/metadata/fence_powerman.xml
+++ b/tests/data/metadata/fence_powerman.xml
@@ -8,16 +8,6 @@
<content type="string" default="reboot" />
<shortdesc lang="en">Fencing action</shortdesc>
</parameter>
- <parameter name="inet4_only" unique="0" required="0">
- <getopt mixed="-4, --inet4-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv4 addresses only</shortdesc>
- </parameter>
- <parameter name="inet6_only" unique="0" required="0">
- <getopt mixed="-6, --inet6-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv6 addresses only</shortdesc>
- </parameter>
<parameter name="ip" unique="0" required="0" obsoletes="ipaddr">
<getopt mixed="-a, --ip=[ip]" />
<content type="string" />
diff --git a/tests/data/metadata/fence_pve.xml b/tests/data/metadata/fence_pve.xml
index b727a7e8..5d744903 100644
--- a/tests/data/metadata/fence_pve.xml
+++ b/tests/data/metadata/fence_pve.xml
@@ -8,16 +8,6 @@
<content type="string" default="reboot" />
<shortdesc lang="en">Fencing action</shortdesc>
</parameter>
- <parameter name="inet4_only" unique="0" required="0">
- <getopt mixed="-4, --inet4-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv4 addresses only</shortdesc>
- </parameter>
- <parameter name="inet6_only" unique="0" required="0">
- <getopt mixed="-6, --inet6-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv6 addresses only</shortdesc>
- </parameter>
<parameter name="ip" unique="0" required="1" obsoletes="ipaddr">
<getopt mixed="-a, --ip=[ip]" />
<content type="string" />
diff --git a/tests/data/metadata/fence_raritan.xml b/tests/data/metadata/fence_raritan.xml
index c75783fd..565eebc7 100644
--- a/tests/data/metadata/fence_raritan.xml
+++ b/tests/data/metadata/fence_raritan.xml
@@ -8,16 +8,6 @@
<content type="string" default="reboot" />
<shortdesc lang="en">Fencing action</shortdesc>
</parameter>
- <parameter name="inet4_only" unique="0" required="0">
- <getopt mixed="-4, --inet4-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv4 addresses only</shortdesc>
- </parameter>
- <parameter name="inet6_only" unique="0" required="0">
- <getopt mixed="-6, --inet6-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv6 addresses only</shortdesc>
- </parameter>
<parameter name="ip" unique="0" required="1" obsoletes="ipaddr">
<getopt mixed="-a, --ip=[ip]" />
<content type="string" />
diff --git a/tests/data/metadata/fence_redfish.xml b/tests/data/metadata/fence_redfish.xml
index e1c18584..91b483b7 100644
--- a/tests/data/metadata/fence_redfish.xml
+++ b/tests/data/metadata/fence_redfish.xml
@@ -8,16 +8,6 @@
<content type="string" default="reboot" />
<shortdesc lang="en">Fencing action</shortdesc>
</parameter>
- <parameter name="inet4_only" unique="0" required="0">
- <getopt mixed="-4, --inet4-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv4 addresses only</shortdesc>
- </parameter>
- <parameter name="inet6_only" unique="0" required="0">
- <getopt mixed="-6, --inet6-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv6 addresses only</shortdesc>
- </parameter>
<parameter name="ip" unique="0" required="0" obsoletes="ipaddr">
<getopt mixed="-a, --ip=[ip]" />
<content type="string" />
diff --git a/tests/data/metadata/fence_rhevm.xml b/tests/data/metadata/fence_rhevm.xml
index 2b6b02b2..73c9906f 100644
--- a/tests/data/metadata/fence_rhevm.xml
+++ b/tests/data/metadata/fence_rhevm.xml
@@ -8,16 +8,6 @@
<content type="string" default="reboot" />
<shortdesc lang="en">Fencing action</shortdesc>
</parameter>
- <parameter name="inet4_only" unique="0" required="0">
- <getopt mixed="-4, --inet4-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv4 addresses only</shortdesc>
- </parameter>
- <parameter name="inet6_only" unique="0" required="0">
- <getopt mixed="-6, --inet6-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv6 addresses only</shortdesc>
- </parameter>
<parameter name="ip" unique="0" required="1" obsoletes="ipaddr">
<getopt mixed="-a, --ip=[ip]" />
<content type="string" />
diff --git a/tests/data/metadata/fence_sanbox2.xml b/tests/data/metadata/fence_sanbox2.xml
index 9832841e..7e20c8ce 100644
--- a/tests/data/metadata/fence_sanbox2.xml
+++ b/tests/data/metadata/fence_sanbox2.xml
@@ -18,16 +18,6 @@
<content type="string" default="[&apos; #&gt; &apos;]" />
<shortdesc lang="en">Force Python regex for command prompt</shortdesc>
</parameter>
- <parameter name="inet4_only" unique="0" required="0">
- <getopt mixed="-4, --inet4-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv4 addresses only</shortdesc>
- </parameter>
- <parameter name="inet6_only" unique="0" required="0">
- <getopt mixed="-6, --inet6-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv6 addresses only</shortdesc>
- </parameter>
<parameter name="ip" unique="0" required="1" obsoletes="ipaddr">
<getopt mixed="-a, --ip=[ip]" />
<content type="string" />
diff --git a/tests/data/metadata/fence_tripplite_snmp.xml b/tests/data/metadata/fence_tripplite_snmp.xml
index 22d3db5d..d3769133 100644
--- a/tests/data/metadata/fence_tripplite_snmp.xml
+++ b/tests/data/metadata/fence_tripplite_snmp.xml
@@ -14,16 +14,6 @@
<content type="string" default="private" />
<shortdesc lang="en">Set the community string</shortdesc>
</parameter>
- <parameter name="inet4_only" unique="0" required="0">
- <getopt mixed="-4, --inet4-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv4 addresses only</shortdesc>
- </parameter>
- <parameter name="inet6_only" unique="0" required="0">
- <getopt mixed="-6, --inet6-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv6 addresses only</shortdesc>
- </parameter>
<parameter name="ip" unique="0" required="1" obsoletes="ipaddr">
<getopt mixed="-a, --ip=[ip]" />
<content type="string" />
diff --git a/tests/data/metadata/fence_vmware_rest.xml b/tests/data/metadata/fence_vmware_rest.xml
index 1e1f790f..5b497a6a 100644
--- a/tests/data/metadata/fence_vmware_rest.xml
+++ b/tests/data/metadata/fence_vmware_rest.xml
@@ -8,16 +8,6 @@
<content type="string" default="reboot" />
<shortdesc lang="en">Fencing action</shortdesc>
</parameter>
- <parameter name="inet4_only" unique="0" required="0">
- <getopt mixed="-4, --inet4-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv4 addresses only</shortdesc>
- </parameter>
- <parameter name="inet6_only" unique="0" required="0">
- <getopt mixed="-6, --inet6-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv6 addresses only</shortdesc>
- </parameter>
<parameter name="ip" unique="0" required="1" obsoletes="ipaddr">
<getopt mixed="-a, --ip=[ip]" />
<content type="string" />
diff --git a/tests/data/metadata/fence_vmware_soap.xml b/tests/data/metadata/fence_vmware_soap.xml
index 46d29116..da6a1002 100644
--- a/tests/data/metadata/fence_vmware_soap.xml
+++ b/tests/data/metadata/fence_vmware_soap.xml
@@ -10,16 +10,6 @@ Name of virtual machine (-n / port) has to be used in inventory path format (e.g
<content type="string" default="reboot" />
<shortdesc lang="en">Fencing action</shortdesc>
</parameter>
- <parameter name="inet4_only" unique="0" required="0">
- <getopt mixed="-4, --inet4-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv4 addresses only</shortdesc>
- </parameter>
- <parameter name="inet6_only" unique="0" required="0">
- <getopt mixed="-6, --inet6-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv6 addresses only</shortdesc>
- </parameter>
<parameter name="ip" unique="0" required="1" obsoletes="ipaddr">
<getopt mixed="-a, --ip=[ip]" />
<content type="string" />
diff --git a/tests/data/metadata/fence_vmware_vcloud.xml b/tests/data/metadata/fence_vmware_vcloud.xml
index 69269a2d..505eaf2b 100644
--- a/tests/data/metadata/fence_vmware_vcloud.xml
+++ b/tests/data/metadata/fence_vmware_vcloud.xml
@@ -8,16 +8,6 @@
<content type="string" default="reboot" />
<shortdesc lang="en">Fencing action</shortdesc>
</parameter>
- <parameter name="inet4_only" unique="0" required="0">
- <getopt mixed="-4, --inet4-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv4 addresses only</shortdesc>
- </parameter>
- <parameter name="inet6_only" unique="0" required="0">
- <getopt mixed="-6, --inet6-only" />
- <content type="boolean" />
- <shortdesc lang="en">Forces agent to use IPv6 addresses only</shortdesc>
- </parameter>
<parameter name="ip" unique="0" required="1" obsoletes="ipaddr">
<getopt mixed="-a, --ip=[ip]" />
<content type="string" />

View File

@ -0,0 +1,51 @@
From 559771f2c5a638f7e14ec9c0ef1068c86ee9d40e Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Tue, 26 Nov 2019 14:09:14 +0100
Subject: [PATCH] fence_redfish/fence_vmware_soap: suppress warnings correctly
with new python-requests
python-requests doesnt suppress warnings anymore, so it needs to be done in urllib3: https://stackoverflow.com/questions/27981545/suppress-insecurerequestwarning-unverified-https-request-is-being-made-in-pytho/28002687#28002687
---
agents/redfish/fence_redfish.py | 4 ++--
agents/vmware_soap/fence_vmware_soap.py | 4 ++--
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/agents/redfish/fence_redfish.py b/agents/redfish/fence_redfish.py
index 390a4827..c7c6492c 100644
--- a/agents/redfish/fence_redfish.py
+++ b/agents/redfish/fence_redfish.py
@@ -12,7 +12,6 @@
import atexit
sys.path.append("@FENCEAGENTSLIBDIR@")
-from requests.packages.urllib3.exceptions import InsecureRequestWarning
from fencing import *
from fencing import fail_usage, run_delay
@@ -143,7 +142,8 @@ def main():
# Disable insecure-certificate-warning message
if "--ssl-insecure" in opt:
- requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
+ import urllib3
+ urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
# backwards compatibility for <ip>:<port>
if options["--ip"].count(":") == 1:
diff --git a/agents/vmware_soap/fence_vmware_soap.py b/agents/vmware_soap/fence_vmware_soap.py
index dd1a4ed6..53e8d8f4 100644
--- a/agents/vmware_soap/fence_vmware_soap.py
+++ b/agents/vmware_soap/fence_vmware_soap.py
@@ -37,10 +37,10 @@ def soap_login(options):
if "--ssl" in options or "--ssl-secure" in options or "--ssl-insecure" in options:
if "--ssl-insecure" in options:
import ssl
- from requests.packages.urllib3.exceptions import InsecureRequestWarning
+ import urllib3
if hasattr(ssl, '_create_unverified_context'):
ssl._create_default_https_context = ssl._create_unverified_context
- requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
+ urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
verify = False
else:
verify = True

View File

@ -0,0 +1,237 @@
From baf8d524e89d7f6c716e8241a12d8135debadfcc Mon Sep 17 00:00:00 2001
From: Ondrej Famera <ondrej@famera.cz>
Date: Sun, 20 Oct 2019 20:13:40 +0900
Subject: [PATCH 1/4] add new method for autogenerating SCSI key
this methos generates second part of SCSI key based on hash of cluster
node name instead of currently used ID based approach which can brake if
the nodes get removed from cluster but whole cluster is not restarted
because the IDs changes. With hash approach hashes stays same.
Note that there is theoretical risk that hashes could colide.
---
agents/scsi/fence_scsi.py | 32 ++++++++++++++++++++++++++++--
tests/data/metadata/fence_scsi.xml | 5 +++++
2 files changed, 35 insertions(+), 2 deletions(-)
diff --git a/agents/scsi/fence_scsi.py b/agents/scsi/fence_scsi.py
index 5580e08b..4cc9b66c 100644
--- a/agents/scsi/fence_scsi.py
+++ b/agents/scsi/fence_scsi.py
@@ -202,9 +202,20 @@ def get_node_id(options):
return match.group(1) if match else fail_usage("Failed: unable to parse output of corosync-cmapctl or node does not exist")
+def get_node_hash(options):
+ try:
+ return hashlib.md5(options["--plug"].encode('ascii')).hexdigest()
+ except ValueError:
+ # FIPS requires usedforsecurity=False and might not be
+ # available on all distros: https://bugs.python.org/issue9216
+ return hashlib.md5(options["--plug"].encode('ascii'), usedforsecurity=False).hexdigest()
+
def generate_key(options):
- return "%.4s%.4d" % (get_cluster_id(options), int(get_node_id(options)))
+ if options["--key_value"] == "hash":
+ return "%.4s%.4s" % (get_cluster_id(options), get_node_hash(options))
+ else:
+ return "%.4s%.4d" % (get_cluster_id(options), int(get_node_id(options)))
# save node key to file
@@ -375,6 +386,19 @@ def define_new_opts():
"default" : "@VGS_PATH@",
"order": 300
}
+ all_opt["key_value"] = {
+ "getopt" : ":",
+ "longopt" : "key_value",
+ "help" : "--key_value=<id|hash> SCSI key node generation method",
+ "required" : "0",
+ "shortdesc" : "Method used to generate the SCSI key. \"id\" (default) \
+uses the positional ID from \"corosync-cmactl nodelist\" output which can get inconsistent \
+when nodes are removed from cluster without full cluster restart. \"hash\" uses part of hash \
+made out of node names which is not affected over time but there is theoretical chance that \
+hashes can collide as size of SCSI key is quite limited.",
+ "default" : "id",
+ "order": 300
+ }
def scsi_check_get_options(options):
@@ -440,7 +464,7 @@ def main():
device_opt = ["no_login", "no_password", "devices", "nodename", "port",\
"no_port", "key", "aptpl", "fabric_fencing", "on_target", "corosync_cmap_path",\
- "sg_persist_path", "sg_turs_path", "logfile", "vgs_path", "force_on"]
+ "sg_persist_path", "sg_turs_path", "logfile", "vgs_path", "force_on", "key_value"]
define_new_opts()
@@ -517,6 +541,10 @@ def main():
if options["--key"] == "0" or not options["--key"]:
fail_usage("Failed: key cannot be 0", stop_after_error)
+ if "--key_value" in options\
+ and (options["--key_value"] != "id" and options["--key_value"] != "hash"):
+ fail_usage("Failed: key_value has to be 'id' or 'hash'", stop_after_error)
+
if options["--action"] == "validate-all":
sys.exit(0)
diff --git a/tests/data/metadata/fence_scsi.xml b/tests/data/metadata/fence_scsi.xml
index b8cdabd1..56c6224d 100644
--- a/tests/data/metadata/fence_scsi.xml
+++ b/tests/data/metadata/fence_scsi.xml
@@ -105,6 +105,11 @@ When used as a watchdog device you can define e.g. retry=1, retry-sleep=2 and ve
<getopt mixed="--corosync-cmap-path=[path]" />
<shortdesc lang="en">Path to corosync-cmapctl binary</shortdesc>
</parameter>
+ <parameter name="key_value" unique="0" required="0">
+ <getopt mixed="--key_value=&lt;id|hash&gt;" />
+ <content type="string" default="id" />
+ <shortdesc lang="en">Method used to generate the SCSI key. "id" (default) uses the positional ID from "corosync-cmactl nodelist" output which can get inconsistent when nodes are removed from cluster without full cluster restart. "hash" uses part of hash made out of node names which is not affected over time but there is theoretical chance that hashes can collide as size of SCSI key is quite limited.</shortdesc>
+ </parameter>
<parameter name="sg_persist_path" unique="0" required="0">
<getopt mixed="--sg_persist-path=[path]" />
<shortdesc lang="en">Path to sg_persist binary</shortdesc>
From ee7a5ea238b4b3312384e4cfd9edd392c311d17a Mon Sep 17 00:00:00 2001
From: Ondrej Famera <ondrej@famera.cz>
Date: Fri, 1 Nov 2019 13:16:58 +0900
Subject: [PATCH 2/4] rename 'key_value' to 'key-value' for manual invokation
---
agents/scsi/fence_scsi.py | 12 ++++++------
tests/data/metadata/fence_scsi.xml | 2 +-
2 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/agents/scsi/fence_scsi.py b/agents/scsi/fence_scsi.py
index 4cc9b66c..7d515e16 100644
--- a/agents/scsi/fence_scsi.py
+++ b/agents/scsi/fence_scsi.py
@@ -212,7 +212,7 @@ def get_node_hash(options):
def generate_key(options):
- if options["--key_value"] == "hash":
+ if options["--key-value"] == "hash":
return "%.4s%.4s" % (get_cluster_id(options), get_node_hash(options))
else:
return "%.4s%.4d" % (get_cluster_id(options), int(get_node_id(options)))
@@ -388,8 +388,8 @@ def define_new_opts():
}
all_opt["key_value"] = {
"getopt" : ":",
- "longopt" : "key_value",
- "help" : "--key_value=<id|hash> SCSI key node generation method",
+ "longopt" : "key-value",
+ "help" : "--key-value=<id|hash> SCSI key node generation method",
"required" : "0",
"shortdesc" : "Method used to generate the SCSI key. \"id\" (default) \
uses the positional ID from \"corosync-cmactl nodelist\" output which can get inconsistent \
@@ -541,9 +541,9 @@ def main():
if options["--key"] == "0" or not options["--key"]:
fail_usage("Failed: key cannot be 0", stop_after_error)
- if "--key_value" in options\
- and (options["--key_value"] != "id" and options["--key_value"] != "hash"):
- fail_usage("Failed: key_value has to be 'id' or 'hash'", stop_after_error)
+ if "--key-value" in options\
+ and (options["--key-value"] != "id" and options["--key-value"] != "hash"):
+ fail_usage("Failed: key-value has to be 'id' or 'hash'", stop_after_error)
if options["--action"] == "validate-all":
sys.exit(0)
diff --git a/tests/data/metadata/fence_scsi.xml b/tests/data/metadata/fence_scsi.xml
index 56c6224d..72800688 100644
--- a/tests/data/metadata/fence_scsi.xml
+++ b/tests/data/metadata/fence_scsi.xml
@@ -106,7 +106,7 @@ When used as a watchdog device you can define e.g. retry=1, retry-sleep=2 and ve
<shortdesc lang="en">Path to corosync-cmapctl binary</shortdesc>
</parameter>
<parameter name="key_value" unique="0" required="0">
- <getopt mixed="--key_value=&lt;id|hash&gt;" />
+ <getopt mixed="--key-value=&lt;id|hash&gt;" />
<content type="string" default="id" />
<shortdesc lang="en">Method used to generate the SCSI key. "id" (default) uses the positional ID from "corosync-cmactl nodelist" output which can get inconsistent when nodes are removed from cluster without full cluster restart. "hash" uses part of hash made out of node names which is not affected over time but there is theoretical chance that hashes can collide as size of SCSI key is quite limited.</shortdesc>
</parameter>
From 58105710876bd6a2220f92ea37d621991d68bf4b Mon Sep 17 00:00:00 2001
From: Ondrej Famera <ondrej@famera.cz>
Date: Fri, 1 Nov 2019 13:20:17 +0900
Subject: [PATCH 3/4] expand longdesc of fence_scsi to describe the impact of
key_value option
---
agents/scsi/fence_scsi.py | 6 +++++-
tests/data/metadata/fence_scsi.xml | 2 +-
2 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/agents/scsi/fence_scsi.py b/agents/scsi/fence_scsi.py
index 7d515e16..4b2bfe20 100644
--- a/agents/scsi/fence_scsi.py
+++ b/agents/scsi/fence_scsi.py
@@ -493,7 +493,11 @@ def main():
devices must support SCSI-3 persistent reservations (SPC-3 or greater) as \
well as the \"preempt-and-abort\" subcommand.\nThe fence_scsi agent works by \
having each node in the cluster register a unique key with the SCSI \
-device(s). Once registered, a single node will become the reservation holder \
+device(s). Reservation key is generated from \"node id\" (default) or from \
+\"node name hash\" (recommended) by adjusting \"key_value\" option. \
+Using hash is recommended to prevent issues when removing nodes \
+from cluster without full cluster restart. \
+Once registered, a single node will become the reservation holder \
by creating a \"write exclusive, registrants only\" reservation on the \
device(s). The result is that only registered nodes may write to the \
device(s). When a node failure occurs, the fence_scsi agent will remove the \
diff --git a/tests/data/metadata/fence_scsi.xml b/tests/data/metadata/fence_scsi.xml
index 72800688..6f914823 100644
--- a/tests/data/metadata/fence_scsi.xml
+++ b/tests/data/metadata/fence_scsi.xml
@@ -1,7 +1,7 @@
<?xml version="1.0" ?>
<resource-agent name="fence_scsi" shortdesc="Fence agent for SCSI persistent reservation" >
<longdesc>fence_scsi is an I/O fencing agent that uses SCSI-3 persistent reservations to control access to shared storage devices. These devices must support SCSI-3 persistent reservations (SPC-3 or greater) as well as the "preempt-and-abort" subcommand.
-The fence_scsi agent works by having each node in the cluster register a unique key with the SCSI device(s). Once registered, a single node will become the reservation holder by creating a "write exclusive, registrants only" reservation on the device(s). The result is that only registered nodes may write to the device(s). When a node failure occurs, the fence_scsi agent will remove the key belonging to the failed node from the device(s). The failed node will no longer be able to write to the device(s). A manual reboot is required.
+The fence_scsi agent works by having each node in the cluster register a unique key with the SCSI device(s). Reservation key is generated from "node id" (default) or from "node name hash" (recommended) by adjusting "key_value" option. Using hash is recommended to prevent issues when removing nodes from cluster without full cluster restart. Once registered, a single node will become the reservation holder by creating a "write exclusive, registrants only" reservation on the device(s). The result is that only registered nodes may write to the device(s). When a node failure occurs, the fence_scsi agent will remove the key belonging to the failed node from the device(s). The failed node will no longer be able to write to the device(s). A manual reboot is required.
When used as a watchdog device you can define e.g. retry=1, retry-sleep=2 and verbose=yes parameters in /etc/sysconfig/stonith if you have issues with it failing.</longdesc>
<vendor-url></vendor-url>
From 6a73919ab70d76fcf4ce19b4fd00e182e41f33b5 Mon Sep 17 00:00:00 2001
From: Ondrej Famera <ondrej@famera.cz>
Date: Sat, 16 Nov 2019 17:03:42 +0900
Subject: [PATCH 4/4] emphasize the recommendation to use 'hash' over 'id'
---
agents/scsi/fence_scsi.py | 2 +-
tests/data/metadata/fence_scsi.xml | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/agents/scsi/fence_scsi.py b/agents/scsi/fence_scsi.py
index 4b2bfe20..9b6af556 100644
--- a/agents/scsi/fence_scsi.py
+++ b/agents/scsi/fence_scsi.py
@@ -494,7 +494,7 @@ def main():
well as the \"preempt-and-abort\" subcommand.\nThe fence_scsi agent works by \
having each node in the cluster register a unique key with the SCSI \
device(s). Reservation key is generated from \"node id\" (default) or from \
-\"node name hash\" (recommended) by adjusting \"key_value\" option. \
+\"node name hash\" (RECOMMENDED) by adjusting \"key_value\" option. \
Using hash is recommended to prevent issues when removing nodes \
from cluster without full cluster restart. \
Once registered, a single node will become the reservation holder \
diff --git a/tests/data/metadata/fence_scsi.xml b/tests/data/metadata/fence_scsi.xml
index 6f914823..b840f3cf 100644
--- a/tests/data/metadata/fence_scsi.xml
+++ b/tests/data/metadata/fence_scsi.xml
@@ -1,7 +1,7 @@
<?xml version="1.0" ?>
<resource-agent name="fence_scsi" shortdesc="Fence agent for SCSI persistent reservation" >
<longdesc>fence_scsi is an I/O fencing agent that uses SCSI-3 persistent reservations to control access to shared storage devices. These devices must support SCSI-3 persistent reservations (SPC-3 or greater) as well as the "preempt-and-abort" subcommand.
-The fence_scsi agent works by having each node in the cluster register a unique key with the SCSI device(s). Reservation key is generated from "node id" (default) or from "node name hash" (recommended) by adjusting "key_value" option. Using hash is recommended to prevent issues when removing nodes from cluster without full cluster restart. Once registered, a single node will become the reservation holder by creating a "write exclusive, registrants only" reservation on the device(s). The result is that only registered nodes may write to the device(s). When a node failure occurs, the fence_scsi agent will remove the key belonging to the failed node from the device(s). The failed node will no longer be able to write to the device(s). A manual reboot is required.
+The fence_scsi agent works by having each node in the cluster register a unique key with the SCSI device(s). Reservation key is generated from "node id" (default) or from "node name hash" (RECOMMENDED) by adjusting "key_value" option. Using hash is recommended to prevent issues when removing nodes from cluster without full cluster restart. Once registered, a single node will become the reservation holder by creating a "write exclusive, registrants only" reservation on the device(s). The result is that only registered nodes may write to the device(s). When a node failure occurs, the fence_scsi agent will remove the key belonging to the failed node from the device(s). The failed node will no longer be able to write to the device(s). A manual reboot is required.
When used as a watchdog device you can define e.g. retry=1, retry-sleep=2 and verbose=yes parameters in /etc/sysconfig/stonith if you have issues with it failing.</longdesc>
<vendor-url></vendor-url>

View File

@ -0,0 +1,39 @@
From f37e5ba0b6c8dab527f947bfc602d50b953a7d08 Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Tue, 17 Sep 2019 15:15:06 +0200
Subject: [PATCH] fence_sbd: support errors on stderr
---
agents/sbd/fence_sbd.py | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/agents/sbd/fence_sbd.py b/agents/sbd/fence_sbd.py
index b1df70ac..3ae8df6e 100644
--- a/agents/sbd/fence_sbd.py
+++ b/agents/sbd/fence_sbd.py
@@ -8,6 +8,7 @@
from fencing import fail_usage, run_command, fence_action, all_opt
from fencing import atexit_handler, check_input, process_input, show_docs
from fencing import run_delay
+import itertools
DEVICE_INIT = 1
DEVICE_NOT_INIT = -3
@@ -82,7 +83,7 @@ def check_sbd_device(options, device_path):
(return_code, out, err) = run_command(options, cmd)
- for line in out.split("\n"):
+ for line in itertools.chain(out.split("\n"), err.split("\n")):
if len(line) == 0:
continue
@@ -148,7 +149,7 @@ def get_msg_timeout(options):
(return_code, out, err) = run_command(options, cmd)
- for line in out.split("\n"):
+ for line in itertools.chain(out.split("\n"), err.split("\n")):
if len(line) == 0:
continue

View File

@ -0,0 +1,47 @@
From b322891e91649d47656d63c73a0e08e9627f0b38 Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Wed, 28 Apr 2021 12:20:07 +0200
Subject: [PATCH] fencing: add stonith_status_sleep parameter for sleep between
status calls during a STONITH action
---
lib/fencing.py.py | 13 +++++++++++--
76 files changed, 386 insertions(+), 2 deletions(-)
diff --git a/lib/fencing.py.py b/lib/fencing.py.py
index 9654f57be..bd7f529f7 100644
--- a/lib/fencing.py.py
+++ b/lib/fencing.py.py
@@ -367,6 +367,14 @@
"default" : "0",
"required" : "0",
"order" : 200},
+ "stonith_status_sleep" : {
+ "getopt" : ":",
+ "longopt" : "stonith-status-sleep",
+ "type" : "second",
+ "help" : "--stonith-status-sleep=[seconds] Sleep X seconds between status calls during a STONITH action",
+ "default" : "1",
+ "required" : "0",
+ "order" : 200},
"missing_as_off" : {
"getopt" : "",
"longopt" : "missing-as-off",
@@ -478,7 +486,8 @@
"default" : ["help", "debug", "verbose", "verbose_level",
"version", "action", "agent", "power_timeout",
"shell_timeout", "login_timeout", "disable_timeout",
- "power_wait", "retry_on", "delay", "quiet"],
+ "power_wait", "stonith_status_sleep", "retry_on", "delay",
+ "quiet"],
"passwd" : ["passwd_script"],
"sudo" : ["sudo_path"],
"secure" : ["identity_file", "ssh_options", "ssh_path", "inet4_only", "inet6_only"],
@@ -828,7 +837,7 @@ def async_set_multi_power_fn(connection, options, set_power_fn, get_power_fn, re
for _ in itertools.count(1):
if get_multi_power_fn(connection, options, get_power_fn) != options["--action"]:
- time.sleep(1)
+ time.sleep(int(options["--stonith-status-sleep"]))
else:
return True

View File

@ -0,0 +1,22 @@
From 199b5e8a63d8b3457262751b7fbe187f92b38e73 Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Tue, 4 May 2021 09:33:34 +0200
Subject: [PATCH] fencing: fix issue with hardcoded help text length for
metadata
---
lib/fencing.py.py | 2 +-
77 files changed, 153 insertions(+), 153 deletions(-)
diff --git a/lib/fencing.py.py b/lib/fencing.py.py
index bd7f529f7..b0ddde850 100644
--- a/lib/fencing.py.py
+++ b/lib/fencing.py.py
@@ -641,7 +641,7 @@ def metadata(options, avail_opt, docs):
mixed = _encode_html_entities(mixed)
if not "shortdesc" in opt:
- shortdesc = re.sub("\s\s+", " ", opt["help"][31:])
+ shortdesc = re.sub(".*\s\s+", "", opt["help"][31:])
else:
shortdesc = opt["shortdesc"]

View File

@ -0,0 +1,130 @@
From 7ac16fb281fa8cfc51a31f672014c614c81aec82 Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Fri, 31 Jan 2020 15:53:47 +0100
Subject: [PATCH] fence_aws: improve logging and metadata/usage text
---
agents/aws/fence_aws.py | 36 +++++++++++++++++++------------
tests/data/metadata/fence_aws.xml | 6 +++---
2 files changed, 25 insertions(+), 17 deletions(-)
diff --git a/agents/aws/fence_aws.py b/agents/aws/fence_aws.py
index 647b66fc..74321e8e 100644
--- a/agents/aws/fence_aws.py
+++ b/agents/aws/fence_aws.py
@@ -5,7 +5,7 @@
import atexit
sys.path.append("@FENCEAGENTSLIBDIR@")
from fencing import *
-from fencing import fail, fail_usage, EC_TIMED_OUT, run_delay
+from fencing import fail, fail_usage, run_delay, EC_STATUS
import boto3
from botocore.exceptions import ClientError, EndpointConnectionError, NoRegionError
@@ -19,6 +19,8 @@ def get_nodes_list(conn, options):
fail_usage("Failed: Incorrect Access Key or Secret Key.")
except EndpointConnectionError:
fail_usage("Failed: Incorrect Region.")
+ except Exception as e:
+ logging.error("Failed to get node list: %s", e)
return result
@@ -38,20 +40,26 @@ def get_power_status(conn, options):
except EndpointConnectionError:
fail_usage("Failed: Incorrect Region.")
except IndexError:
- return "fail"
+ fail(EC_STATUS)
+ except Exception as e:
+ logging.error("Failed to get power status: %s", e)
+ fail(EC_STATUS)
def set_power_status(conn, options):
- if (options["--action"]=="off"):
- conn.instances.filter(InstanceIds=[options["--plug"]]).stop(Force=True)
- elif (options["--action"]=="on"):
- conn.instances.filter(InstanceIds=[options["--plug"]]).start()
-
+ try:
+ if (options["--action"]=="off"):
+ conn.instances.filter(InstanceIds=[options["--plug"]]).stop(Force=True)
+ elif (options["--action"]=="on"):
+ conn.instances.filter(InstanceIds=[options["--plug"]]).start()
+ except Exception as e:
+ logging.error("Failed to power %s %s: %s", \
+ options["--action"], options["--plug"], e)
def define_new_opts():
all_opt["region"] = {
"getopt" : "r:",
"longopt" : "region",
- "help" : "-r, --region=[name] Region, e.g. us-east-1",
+ "help" : "-r, --region=[region] Region, e.g. us-east-1",
"shortdesc" : "Region.",
"required" : "0",
"order" : 2
@@ -59,7 +67,7 @@ def define_new_opts():
all_opt["access_key"] = {
"getopt" : "a:",
"longopt" : "access-key",
- "help" : "-a, --access-key=[name] Access Key",
+ "help" : "-a, --access-key=[key] Access Key",
"shortdesc" : "Access Key.",
"required" : "0",
"order" : 3
@@ -67,7 +75,7 @@ def define_new_opts():
all_opt["secret_key"] = {
"getopt" : "s:",
"longopt" : "secret-key",
- "help" : "-s, --secret-key=[name] Secret Key",
+ "help" : "-s, --secret-key=[key] Secret Key",
"shortdesc" : "Secret Key.",
"required" : "0",
"order" : 4
@@ -107,16 +115,16 @@ def main():
conn = boto3.resource('ec2', region_name=region,
aws_access_key_id=access_key,
aws_secret_access_key=secret_key)
- except:
- fail_usage("Failed: Unable to connect to AWS. Check your configuration.")
+ except Exception as e:
+ fail_usage("Failed: Unable to connect to AWS: " + str(e))
else:
# If setup with "aws configure" or manually in
# ~/.aws/credentials
try:
conn = boto3.resource('ec2')
- except:
+ except Exception as e:
# If any of region/access/secret are missing
- fail_usage("Failed: Unable to connect to AWS. Check your configuration.")
+ fail_usage("Failed: Unable to connect to AWS: " + str(e))
# Operate the fencing device
result = fence_action(conn, options, set_power_status, get_power_status, get_nodes_list)
diff --git a/tests/data/metadata/fence_aws.xml b/tests/data/metadata/fence_aws.xml
index 4dea4418..5e5d5d99 100644
--- a/tests/data/metadata/fence_aws.xml
+++ b/tests/data/metadata/fence_aws.xml
@@ -22,17 +22,17 @@ For instructions see: https://boto3.readthedocs.io/en/latest/guide/quickstart.ht
<shortdesc lang="en">Physical plug number on device, UUID or identification of machine</shortdesc>
</parameter>
<parameter name="region" unique="0" required="0">
- <getopt mixed="-r, --region=[name]" />
+ <getopt mixed="-r, --region=[region]" />
<content type="string" />
<shortdesc lang="en">Region.</shortdesc>
</parameter>
<parameter name="access_key" unique="0" required="0">
- <getopt mixed="-a, --access-key=[name]" />
+ <getopt mixed="-a, --access-key=[key]" />
<content type="string" />
<shortdesc lang="en">Access Key.</shortdesc>
</parameter>
<parameter name="secret_key" unique="0" required="0">
- <getopt mixed="-s, --secret-key=[name]" />
+ <getopt mixed="-s, --secret-key=[key]" />
<content type="string" />
<shortdesc lang="en">Secret Key.</shortdesc>
</parameter>

View File

@ -0,0 +1,23 @@
From 06cba4aa30322f410b0b2fec5785be39d0953433 Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Wed, 12 Feb 2020 14:21:54 +0100
Subject: [PATCH] fence_vmware_rest: fix encoding to avoid issues with UTF-8
encoded comments
---
agents/vmware_rest/fence_vmware_rest.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/agents/vmware_rest/fence_vmware_rest.py b/agents/vmware_rest/fence_vmware_rest.py
index cd99b4ac..d07bc10d 100644
--- a/agents/vmware_rest/fence_vmware_rest.py
+++ b/agents/vmware_rest/fence_vmware_rest.py
@@ -127,7 +127,7 @@ def send_command(conn, command, method="GET"):
raise Exception(e[1])
rc = conn.getinfo(pycurl.HTTP_CODE)
- result = web_buffer.getvalue().decode()
+ result = web_buffer.getvalue().decode("UTF-8")
web_buffer.close()

View File

@ -0,0 +1,38 @@
From 80aea3942aaca881349230a32b5dcc06c57de98a Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Tue, 19 May 2020 15:10:16 +0200
Subject: [PATCH] fence_vmware_rest: support UTF-8 VM names
---
agents/vmware_rest/fence_vmware_rest.py | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/agents/vmware_rest/fence_vmware_rest.py b/agents/vmware_rest/fence_vmware_rest.py
index 675de246..a038a096 100644
--- a/agents/vmware_rest/fence_vmware_rest.py
+++ b/agents/vmware_rest/fence_vmware_rest.py
@@ -8,11 +8,14 @@
from fencing import *
from fencing import fail, run_delay, EC_LOGIN_DENIED, EC_STATUS
+if sys.version_info[0] > 2: import urllib.parse as urllib
+else: import urllib
+
state = {"POWERED_ON": "on", 'POWERED_OFF': "off", 'SUSPENDED': "off"}
def get_power_status(conn, options):
try:
- res = send_command(conn, "vcenter/vm?filter.names={}".format(options["--plug"]))["value"]
+ res = send_command(conn, "vcenter/vm?filter.names={}".format(urllib.quote(options["--plug"])))["value"]
except Exception as e:
logging.debug("Failed: {}".format(e))
fail(EC_STATUS)
@@ -58,7 +61,7 @@ def get_list(conn, options):
fail(EC_STATUS)
for r in res["value"]:
- outlets[r["name"]] = ("", state[r["power_state"]])
+ outlets[r["name"].encode("UTF-8")] = ("", state[r["power_state"]])
return outlets

View File

@ -0,0 +1,23 @@
From 2ac3b05200477f3f04ce73de439e84c10a269552 Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Thu, 2 Jul 2020 12:05:33 +0200
Subject: [PATCH] fence_vmware_rest: remove .encode() that made the list action
fail on Python 3. It works fine with/without this on Python 2.x
---
agents/vmware_rest/fence_vmware_rest.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/agents/vmware_rest/fence_vmware_rest.py b/agents/vmware_rest/fence_vmware_rest.py
index a038a096..e49fd566 100644
--- a/agents/vmware_rest/fence_vmware_rest.py
+++ b/agents/vmware_rest/fence_vmware_rest.py
@@ -61,7 +61,7 @@ def get_list(conn, options):
fail(EC_STATUS)
for r in res["value"]:
- outlets[r["name"].encode("UTF-8")] = ("", state[r["power_state"]])
+ outlets[r["name"]] = ("", state[r["power_state"]])
return outlets

View File

@ -0,0 +1,23 @@
From 39e96371ab9ab1318db004c0ddbb1049d1c0f474 Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Thu, 11 Jun 2020 10:25:34 +0200
Subject: [PATCH] fence_vmware_soap: log exception message for SSLError
exception
---
agents/vmware_soap/fence_vmware_soap.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/agents/vmware_soap/fence_vmware_soap.py b/agents/vmware_soap/fence_vmware_soap.py
index 53e8d8f4..f2ab68b0 100644
--- a/agents/vmware_soap/fence_vmware_soap.py
+++ b/agents/vmware_soap/fence_vmware_soap.py
@@ -67,7 +67,7 @@ def soap_login(options):
conn.service.Login(mo_SessionManager, options["--username"], options["--password"])
except requests.exceptions.SSLError as ex:
- fail_usage("Server side certificate verification failed")
+ fail_usage("Server side certificate verification failed: %s" % ex)
except Exception:
fail(EC_LOGIN_DENIED)

View File

@ -0,0 +1,22 @@
From 0d3ff341c5dcff7ded0274ae20460895f35c13d6 Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Thu, 13 Feb 2020 15:40:24 +0100
Subject: [PATCH] fence_mpath: fix --reserve parameter typo
---
agents/mpath/fence_mpath.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/agents/mpath/fence_mpath.py b/agents/mpath/fence_mpath.py
index 73517851..a3d9fe23 100644
--- a/agents/mpath/fence_mpath.py
+++ b/agents/mpath/fence_mpath.py
@@ -106,7 +106,7 @@ def register_dev(options, dev):
return not bool(run_cmd(options, cmd)["err"])
def reserve_dev(options, dev):
- cmd = options["--mpathpersist-path"] + " -o --reserv --prout-type=5 --param-rk=" + options["--plug"] + " -d " + dev
+ cmd = options["--mpathpersist-path"] + " -o --reserve --prout-type=5 --param-rk=" + options["--plug"] + " -d " + dev
return not bool(run_cmd(options, cmd)["err"])
def get_reservation_key(options, dev):

View File

@ -0,0 +1,48 @@
From 1c2f791b6b2be13bcceaa096df52654164b1f6cb Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Thu, 5 Mar 2020 14:10:29 +0100
Subject: [PATCH] fence_aws: improve connect parameter logic, so region can be
specified as parameter, while using role or keys from ~/.aws/config
---
agents/aws/fence_aws.py | 27 +++++++++------------------
1 file changed, 9 insertions(+), 18 deletions(-)
diff --git a/agents/aws/fence_aws.py b/agents/aws/fence_aws.py
index 74321e8e..4a4d9de2 100644
--- a/agents/aws/fence_aws.py
+++ b/agents/aws/fence_aws.py
@@ -107,24 +107,15 @@ def main():
run_delay(options)
- if "--region" in options and "--access-key" in options and "--secret-key" in options:
- region = options["--region"]
- access_key = options["--access-key"]
- secret_key = options["--secret-key"]
- try:
- conn = boto3.resource('ec2', region_name=region,
- aws_access_key_id=access_key,
- aws_secret_access_key=secret_key)
- except Exception as e:
- fail_usage("Failed: Unable to connect to AWS: " + str(e))
- else:
- # If setup with "aws configure" or manually in
- # ~/.aws/credentials
- try:
- conn = boto3.resource('ec2')
- except Exception as e:
- # If any of region/access/secret are missing
- fail_usage("Failed: Unable to connect to AWS: " + str(e))
+ region = options.get("--region")
+ access_key = options.get("--access-key")
+ secret_key = options.get("--secret-key")
+ try:
+ conn = boto3.resource('ec2', region_name=region,
+ aws_access_key_id=access_key,
+ aws_secret_access_key=secret_key)
+ except Exception as e:
+ fail_usage("Failed: Unable to connect to AWS: " + str(e))
# Operate the fencing device
result = fence_action(conn, options, set_power_status, get_power_status, get_nodes_list)

View File

@ -0,0 +1,421 @@
From 1742baf17954c58a84b9c668a617bac78303ce95 Mon Sep 17 00:00:00 2001
From: Guilherme Felix <fguilher@amazon.com>
Date: Tue, 17 Mar 2020 13:18:38 +0000
Subject: [PATCH 1/9] fence_aws: Fix fence race condition by checking local
instance status
---
agents/aws/fence_aws.py | 37 ++++++++++++++++++++++++++++++++++++-
1 file changed, 36 insertions(+), 1 deletion(-)
diff --git a/agents/aws/fence_aws.py b/agents/aws/fence_aws.py
index 4a4d9de2..f37f68d6 100644
--- a/agents/aws/fence_aws.py
+++ b/agents/aws/fence_aws.py
@@ -3,6 +3,7 @@
import sys, re
import logging
import atexit
+import requests
sys.path.append("@FENCEAGENTSLIBDIR@")
from fencing import *
from fencing import fail, fail_usage, run_delay, EC_STATUS
@@ -10,6 +11,17 @@
import boto3
from botocore.exceptions import ClientError, EndpointConnectionError, NoRegionError
+def get_instance_id():
+ try:
+ r = requests.get('http://169.254.169.254/latest/meta-data/instance-id')
+ return r.content
+ except HTTPError as http_err:
+ logging.error('HTTP error occurred while trying to access EC2 metadata server: %s', http_err)
+ except Exception as err:
+ logging.error('A fatal error occurred while trying to access EC2 metadata server: %s', err)
+ return None
+
+
def get_nodes_list(conn, options):
result = {}
try:
@@ -45,10 +57,33 @@ def get_power_status(conn, options):
logging.error("Failed to get power status: %s", e)
fail(EC_STATUS)
+def get_self_power_status(conn, options):
+ try:
+ instance = conn.instances.filter(Filters=[{"Name": "instance-id", "Values": [instance_id]}])
+ state = list(instance)[0].state["Name"]
+ if state == "running":
+ logging.debug("Captured my (%s) state and it %s - returning OK - Proceeding with fencing",instance_id,state.upper())
+ return "ok"
+ else:
+ logging.debug("Captured my (%s) state it is %s - returning Alert - Unable to fence other nodes",instance_id,state.upper())
+ return "alert"
+
+ except ClientError:
+ fail_usage("Failed: Incorrect Access Key or Secret Key.")
+ except EndpointConnectionError:
+ fail_usage("Failed: Incorrect Region.")
+ except IndexError:
+ return "fail"
+
def set_power_status(conn, options):
+ my_instance = get_instance_id()
try:
if (options["--action"]=="off"):
- conn.instances.filter(InstanceIds=[options["--plug"]]).stop(Force=True)
+ if (get_self_power_status(conn,myinstance) == "ok"):
+ logging.info("Called StopInstance API call for %s", options["--plug"])
+ conn.instances.filter(InstanceIds=[options["--plug"]]).stop(Force=True)
+ else:
+ logging.info("Skipping fencing as instance is not in running status")
elif (options["--action"]=="on"):
conn.instances.filter(InstanceIds=[options["--plug"]]).start()
except Exception as e:
From 45e429b3132ebc9e78121c3fbb15f0bf46845a59 Mon Sep 17 00:00:00 2001
From: Guilherme Felix <fguilher@amazon.com>
Date: Tue, 17 Mar 2020 13:28:34 +0000
Subject: [PATCH 2/9] fence_aws: Use local logger and improve logging
experience
---
agents/aws/fence_aws.py | 34 ++++++++++++++++++++++++++--------
1 file changed, 26 insertions(+), 8 deletions(-)
diff --git a/agents/aws/fence_aws.py b/agents/aws/fence_aws.py
index f37f68d6..b0b6685a 100644
--- a/agents/aws/fence_aws.py
+++ b/agents/aws/fence_aws.py
@@ -6,7 +6,7 @@
import requests
sys.path.append("@FENCEAGENTSLIBDIR@")
from fencing import *
-from fencing import fail, fail_usage, run_delay, EC_STATUS
+from fencing import fail, fail_usage, run_delay, EC_STATUS, SyslogLibHandler
import boto3
from botocore.exceptions import ClientError, EndpointConnectionError, NoRegionError
@@ -16,13 +16,14 @@ def get_instance_id():
r = requests.get('http://169.254.169.254/latest/meta-data/instance-id')
return r.content
except HTTPError as http_err:
- logging.error('HTTP error occurred while trying to access EC2 metadata server: %s', http_err)
+ logger.error('HTTP error occurred while trying to access EC2 metadata server: %s', http_err)
except Exception as err:
- logging.error('A fatal error occurred while trying to access EC2 metadata server: %s', err)
+ logger.error('A fatal error occurred while trying to access EC2 metadata server: %s', err)
return None
def get_nodes_list(conn, options):
+ logger.info("Starting monitor operation")
result = {}
try:
for instance in conn.instances.all():
@@ -32,14 +33,16 @@ def get_nodes_list(conn, options):
except EndpointConnectionError:
fail_usage("Failed: Incorrect Region.")
except Exception as e:
- logging.error("Failed to get node list: %s", e)
-
+ logger.error("Failed to get node list: %s", e)
+ logger.debug("Monitor operation OK: %s",result)
return result
def get_power_status(conn, options):
+ logger.debug("Starting status operation")
try:
instance = conn.instances.filter(Filters=[{"Name": "instance-id", "Values": [options["--plug"]]}])
state = list(instance)[0].state["Name"]
+ logger.info("Status operation for EC2 instance %s returned state: %s",options["--plug"],state.upper())
if state == "running":
return "on"
elif state == "stopped":
@@ -80,14 +83,14 @@ def set_power_status(conn, options):
try:
if (options["--action"]=="off"):
if (get_self_power_status(conn,myinstance) == "ok"):
- logging.info("Called StopInstance API call for %s", options["--plug"])
conn.instances.filter(InstanceIds=[options["--plug"]]).stop(Force=True)
+ logger.info("Called StopInstance API call for %s", options["--plug"])
else:
- logging.info("Skipping fencing as instance is not in running status")
+ logger.info("Skipping fencing as instance is not in running status")
elif (options["--action"]=="on"):
conn.instances.filter(InstanceIds=[options["--plug"]]).start()
except Exception as e:
- logging.error("Failed to power %s %s: %s", \
+ logger.error("Failed to power %s %s: %s", \
options["--action"], options["--plug"], e)
def define_new_opts():
@@ -142,6 +145,13 @@ def main():
run_delay(options)
+ if options.get("--verbose") is not None:
+ lh = logging.FileHandler('/var/log/fence_aws_debug.log')
+ logger.addHandler(lh)
+ lhf = logging.Formatter('%(asctime)s - %(name)s - %(levelname)s - %(message)s')
+ lh.setFormatter(lhf)
+ logger.setLevel(logging.DEBUG)
+
region = options.get("--region")
access_key = options.get("--access-key")
secret_key = options.get("--secret-key")
@@ -157,4 +167,12 @@ def main():
sys.exit(result)
if __name__ == "__main__":
+
+ logger = logging.getLogger("fence_aws")
+ logger.propagate = False
+ logger.setLevel(logging.INFO)
+ logger.addHandler(SyslogLibHandler())
+ logger.getLogger('botocore.vendored').propagate = False
+
+
main()
From 00569921597b8007c67296ab8332747baf1e6fae Mon Sep 17 00:00:00 2001
From: Guilherme Felix <fguilher@amazon.com>
Date: Tue, 17 Mar 2020 13:33:02 +0000
Subject: [PATCH 3/9] fence_aws: Decouple boto3 and botocore debug logging from
local logging
---
agents/aws/fence_aws.py | 26 +++++++++++++++++++++++++-
1 file changed, 25 insertions(+), 1 deletion(-)
diff --git a/agents/aws/fence_aws.py b/agents/aws/fence_aws.py
index b0b6685a..11714315 100644
--- a/agents/aws/fence_aws.py
+++ b/agents/aws/fence_aws.py
@@ -118,18 +118,27 @@ def define_new_opts():
"required" : "0",
"order" : 4
}
+ all_opt["boto3_debug"] = {
+ "getopt" : "b:",
+ "longopt" : "boto3_debug",
+ "help" : "-b, --boto3_debug=on|off Boto3 and Botocore library debug logging",
+ "shortdesc": "Boto Lib debug",
+ "required": "0",
+ "order": 5
+ }
# Main agent method
def main():
conn = None
- device_opt = ["port", "no_password", "region", "access_key", "secret_key"]
+ device_opt = ["port", "no_password", "region", "access_key", "secret_key", "boto3_debug"]
atexit.register(atexit_handler)
define_new_opts()
all_opt["power_timeout"]["default"] = "60"
+ all_opt["boto3_debug"]["default"] = "off"
options = check_input(device_opt, process_input(device_opt))
@@ -151,6 +160,21 @@ def main():
lhf = logging.Formatter('%(asctime)s - %(name)s - %(levelname)s - %(message)s')
lh.setFormatter(lhf)
logger.setLevel(logging.DEBUG)
+
+ if options["--boto3_debug"] != "on":
+ boto3.set_stream_logger('boto3',logging.INFO)
+ boto3.set_stream_logger('botocore',logging.INFO)
+ logging.getLogger('botocore').propagate = False
+ logging.getLogger('boto3').propagate = False
+ else:
+ log_format = logging.Formatter('%(asctime)s %(name)-12s %(levelname)-8s %(message)s')
+ logging.getLogger('botocore').propagate = False
+ logging.getLogger('boto3').propagate = False
+ fdh = logging.FileHandler('/var/log/fence_aws_boto3.log')
+ fdh.setFormatter(log_format)
+ logging.getLogger('boto3').addHandler(fdh)
+ logging.getLogger('botocore').addHandler(fdh)
+ logging.debug("Boto debug level is %s and sending debug info to /var/log/fence_aws_boto3.log", options["--boto3_debug"])
region = options.get("--region")
access_key = options.get("--access-key")
From ed309bd51dfd5e0fed30156e7a312d5b5a8f4bd4 Mon Sep 17 00:00:00 2001
From: Guilherme Felix <fguilher@amazon.com>
Date: Thu, 19 Mar 2020 16:02:47 +0000
Subject: [PATCH 4/9] fence_aws: Fix typos and variable names
---
agents/aws/fence_aws.py | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/agents/aws/fence_aws.py b/agents/aws/fence_aws.py
index 11714315..207631e8 100644
--- a/agents/aws/fence_aws.py
+++ b/agents/aws/fence_aws.py
@@ -60,7 +60,7 @@ def get_power_status(conn, options):
logging.error("Failed to get power status: %s", e)
fail(EC_STATUS)
-def get_self_power_status(conn, options):
+def get_self_power_status(conn, instance_id):
try:
instance = conn.instances.filter(Filters=[{"Name": "instance-id", "Values": [instance_id]}])
state = list(instance)[0].state["Name"]
@@ -82,7 +82,7 @@ def set_power_status(conn, options):
my_instance = get_instance_id()
try:
if (options["--action"]=="off"):
- if (get_self_power_status(conn,myinstance) == "ok"):
+ if (get_self_power_status(conn,my_instance) == "ok"):
conn.instances.filter(InstanceIds=[options["--plug"]]).stop(Force=True)
logger.info("Called StopInstance API call for %s", options["--plug"])
else:
@@ -196,7 +196,7 @@ def main():
logger.propagate = False
logger.setLevel(logging.INFO)
logger.addHandler(SyslogLibHandler())
- logger.getLogger('botocore.vendored').propagate = False
+ logging.getLogger('botocore.vendored').propagate = False
main()
From 624c652a95a676286af408898186186b7d7fcf55 Mon Sep 17 00:00:00 2001
From: Guilherme Felix <fguilher@amazon.com>
Date: Thu, 19 Mar 2020 16:58:45 +0000
Subject: [PATCH 5/9] fence_aws: Missing brackets on boto3_debug metadata
---
agents/aws/fence_aws.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/agents/aws/fence_aws.py b/agents/aws/fence_aws.py
index 207631e8..8916f4a0 100644
--- a/agents/aws/fence_aws.py
+++ b/agents/aws/fence_aws.py
@@ -121,7 +121,7 @@ def define_new_opts():
all_opt["boto3_debug"] = {
"getopt" : "b:",
"longopt" : "boto3_debug",
- "help" : "-b, --boto3_debug=on|off Boto3 and Botocore library debug logging",
+ "help" : "-b, --boto3_debug=[on|off] Boto3 and Botocore library debug logging",
"shortdesc": "Boto Lib debug",
"required": "0",
"order": 5
From 7c641a6885c4ab67b7739a43892d92d95a6f566c Mon Sep 17 00:00:00 2001
From: Guilherme Felix <fguilher@amazon.com>
Date: Thu, 19 Mar 2020 17:04:31 +0000
Subject: [PATCH 6/9] fence_aws: Fix travis build #1
---
agents/aws/fence_aws.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/agents/aws/fence_aws.py b/agents/aws/fence_aws.py
index 8916f4a0..f41a47e4 100644
--- a/agents/aws/fence_aws.py
+++ b/agents/aws/fence_aws.py
@@ -121,7 +121,7 @@ def define_new_opts():
all_opt["boto3_debug"] = {
"getopt" : "b:",
"longopt" : "boto3_debug",
- "help" : "-b, --boto3_debug=[on|off] Boto3 and Botocore library debug logging",
+ "help" : "-b, --boto3_debug=[option] Boto3 and Botocore library debug logging",
"shortdesc": "Boto Lib debug",
"required": "0",
"order": 5
From 257af7ccc9789646adc7abf1e7dbac744b756071 Mon Sep 17 00:00:00 2001
From: Guilherme Felix <fguilher@amazon.com>
Date: Fri, 20 Mar 2020 10:59:56 +0000
Subject: [PATCH 7/9] fence_aws: Updated metadata XML file
---
tests/data/metadata/fence_aws.xml | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/tests/data/metadata/fence_aws.xml b/tests/data/metadata/fence_aws.xml
index 5e5d5d99..acfebb61 100644
--- a/tests/data/metadata/fence_aws.xml
+++ b/tests/data/metadata/fence_aws.xml
@@ -36,6 +36,11 @@ For instructions see: https://boto3.readthedocs.io/en/latest/guide/quickstart.ht
<content type="string" />
<shortdesc lang="en">Secret Key.</shortdesc>
</parameter>
+ <parameter name="boto3_debug" unique="0" required="0">
+ <getopt mixed="-b, --boto3_debug=[option]" />
+ <content type="string" default="off" />
+ <shortdesc lang="en">Boto Lib debug</shortdesc>
+ </parameter>
<parameter name="quiet" unique="0" required="0">
<getopt mixed="-q, --quiet" />
<content type="boolean" />
From 8f78bc19356b5e07d0021aaf7da3fc4e712e00f0 Mon Sep 17 00:00:00 2001
From: Guilherme Felix <fguilher@amazon.com>
Date: Fri, 20 Mar 2020 12:13:16 +0000
Subject: [PATCH 8/9] fence_aws: Moving logger config next to import statements
for visibility
---
agents/aws/fence_aws.py | 13 ++++++-------
1 file changed, 6 insertions(+), 7 deletions(-)
diff --git a/agents/aws/fence_aws.py b/agents/aws/fence_aws.py
index f41a47e4..72fb8843 100644
--- a/agents/aws/fence_aws.py
+++ b/agents/aws/fence_aws.py
@@ -11,6 +11,12 @@
import boto3
from botocore.exceptions import ClientError, EndpointConnectionError, NoRegionError
+logger = logging.getLogger("fence_aws")
+logger.propagate = False
+logger.setLevel(logging.INFO)
+logger.addHandler(SyslogLibHandler())
+logging.getLogger('botocore.vendored').propagate = False
+
def get_instance_id():
try:
r = requests.get('http://169.254.169.254/latest/meta-data/instance-id')
@@ -192,11 +198,4 @@ def main():
if __name__ == "__main__":
- logger = logging.getLogger("fence_aws")
- logger.propagate = False
- logger.setLevel(logging.INFO)
- logger.addHandler(SyslogLibHandler())
- logging.getLogger('botocore.vendored').propagate = False
-
-
main()
From 570a05c425fe55008c8892ebaad8a73d36143909 Mon Sep 17 00:00:00 2001
From: Guilherme Felix <fguilher@amazon.com>
Date: Fri, 20 Mar 2020 14:17:55 +0000
Subject: [PATCH 9/9] fence_aws: Remove empty line
---
agents/aws/fence_aws.py | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/agents/aws/fence_aws.py b/agents/aws/fence_aws.py
index 72fb8843..ed55f390 100644
--- a/agents/aws/fence_aws.py
+++ b/agents/aws/fence_aws.py
@@ -197,5 +197,4 @@ def main():
sys.exit(result)
if __name__ == "__main__":
-
- main()
+ main()
\ No newline at end of file

View File

@ -0,0 +1,22 @@
From 9758f8c83c44ad6949d4411042c59bcf9365f67e Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Tue, 24 Mar 2020 15:31:13 +0100
Subject: [PATCH] fence_aws: fix Python 3 encoding issue
---
agents/aws/fence_aws.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/agents/aws/fence_aws.py b/agents/aws/fence_aws.py
index ed55f390..17c2fedb 100644
--- a/agents/aws/fence_aws.py
+++ b/agents/aws/fence_aws.py
@@ -20,7 +20,7 @@
def get_instance_id():
try:
r = requests.get('http://169.254.169.254/latest/meta-data/instance-id')
- return r.content
+ return r.content.decode("UTF-8")
except HTTPError as http_err:
logger.error('HTTP error occurred while trying to access EC2 metadata server: %s', http_err)
except Exception as err:

View File

@ -0,0 +1,75 @@
From 2c9ee29d1e28dbdd5e305156ae70451e31d976c0 Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Thu, 4 Jun 2020 14:43:15 +0200
Subject: [PATCH 1/2] fence_azure_arm: log metadata when debugging
---
lib/azure_fence.py.py | 1 +
1 file changed, 1 insertion(+)
diff --git a/lib/azure_fence.py.py b/lib/azure_fence.py.py
index 7bb43adc..4e44ca9d 100644
--- a/lib/azure_fence.py.py
+++ b/lib/azure_fence.py.py
@@ -41,6 +41,7 @@ def get_from_metadata(parameter):
import requests
try:
r = requests.get('http://169.254.169.254/metadata/instance?api-version=2017-08-01', headers = {"Metadata":"true"})
+ logging.debug("metadata: " + str(r.json()))
return str(r.json()["compute"][parameter])
except:
logging.warning("Not able to use metadata service. Am I running in Azure?")
From e3e3199cbf35855c6ab512ac06d7249df94eb3e7 Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Thu, 4 Jun 2020 14:43:52 +0200
Subject: [PATCH 2/2] fence_azure_arm: fixes to make MSI support work
---
agents/azure_arm/fence_azure_arm.py | 3 ++-
tests/data/metadata/fence_azure_arm.xml | 4 ++--
2 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/agents/azure_arm/fence_azure_arm.py b/agents/azure_arm/fence_azure_arm.py
index be0d4034..6b1a3770 100755
--- a/agents/azure_arm/fence_azure_arm.py
+++ b/agents/azure_arm/fence_azure_arm.py
@@ -184,7 +184,7 @@ def main():
compute_client = None
network_client = None
- device_opt = ["login", "passwd", "port", "resourceGroup", "tenantId", "subscriptionId", "network-fencing", "msi", "cloud"]
+ device_opt = ["login", "no_login", "no_password", "passwd", "port", "resourceGroup", "tenantId", "subscriptionId", "network-fencing", "msi", "cloud"]
atexit.register(atexit_handler)
@@ -222,6 +222,7 @@ def main():
try:
config = azure_fence.get_azure_config(options)
+ options["--resourceGroup"] = config.RGName
compute_client = azure_fence.get_azure_compute_client(config)
if "--network-fencing" in options:
network_client = azure_fence.get_azure_network_client(config)
diff --git a/tests/data/metadata/fence_azure_arm.xml b/tests/data/metadata/fence_azure_arm.xml
index 97ecfdba..7ea672af 100644
--- a/tests/data/metadata/fence_azure_arm.xml
+++ b/tests/data/metadata/fence_azure_arm.xml
@@ -23,7 +23,7 @@ When using network fencing the reboot-action will cause a quick-return once the
<content type="string" default="reboot" />
<shortdesc lang="en">Fencing action</shortdesc>
</parameter>
- <parameter name="login" unique="0" required="1" deprecated="1">
+ <parameter name="login" unique="0" required="0" deprecated="1">
<getopt mixed="-l, --username=[appid]" />
<content type="string" />
<shortdesc lang="en">Application ID</shortdesc>
@@ -58,7 +58,7 @@ When using network fencing the reboot-action will cause a quick-return once the
<content type="string" />
<shortdesc lang="en">Physical plug number on device, UUID or identification of machine</shortdesc>
</parameter>
- <parameter name="username" unique="0" required="1" obsoletes="login">
+ <parameter name="username" unique="0" required="0" obsoletes="login">
<getopt mixed="-l, --username=[appid]" />
<content type="string" />
<shortdesc lang="en">Application ID</shortdesc>

View File

@ -0,0 +1,44 @@
From 020f48a309bcad659dc493960d2b39e8e1243085 Mon Sep 17 00:00:00 2001
From: Thomas Abraham <tabraham@suse.com>
Date: Mon, 20 Apr 2020 20:28:43 -0400
Subject: [PATCH] fence_vmware_rest: improve exception handling in
send_command()
If an exception occurs, simply raise it. pycurl's perform() method can
generate a pycurl.error object, which does not support indexing and
attempting to do so will generate an exception that hides the original
exception.
Also, don't assume that the remote will return a JSON formatted response.
If it doesn't, a exception will occur accessing result which will not
raise the intended exception.
---
agents/vmware_rest/fence_vmware_rest.py | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/agents/vmware_rest/fence_vmware_rest.py b/agents/vmware_rest/fence_vmware_rest.py
index d07bc10d..1505ffe6 100644
--- a/agents/vmware_rest/fence_vmware_rest.py
+++ b/agents/vmware_rest/fence_vmware_rest.py
@@ -124,7 +124,7 @@ def send_command(conn, command, method="GET"):
try:
conn.perform()
except Exception as e:
- raise Exception(e[1])
+ raise(e)
rc = conn.getinfo(pycurl.HTTP_CODE)
result = web_buffer.getvalue().decode("UTF-8")
@@ -135,7 +135,11 @@ def send_command(conn, command, method="GET"):
result = json.loads(result)
if rc != 200:
- raise Exception("{}: {}".format(rc, result["value"]["messages"][0]["default_message"]))
+ if len(result) > 0:
+ raise Exception("{}: {}".format(rc,
+ result["value"]["messages"][0]["default_message"]))
+ else:
+ raise Exception("Remote returned {} for request to {}".format(rc, url))
logging.debug("url: {}".format(url))
logging.debug("method: {}".format(method))

View File

@ -0,0 +1,92 @@
From ab193580dcdd810b7bef69cc04cebef315f4781d Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Thu, 23 Apr 2020 15:55:11 +0200
Subject: [PATCH] fence_vmware_rest: add filter parameter
---
agents/vmware_rest/fence_vmware_rest.py | 24 ++++++++++++++++++++---
tests/data/metadata/fence_vmware_rest.xml | 9 ++++++++-
2 files changed, 29 insertions(+), 4 deletions(-)
diff --git a/agents/vmware_rest/fence_vmware_rest.py b/agents/vmware_rest/fence_vmware_rest.py
index 1505ffe6..6daff121 100644
--- a/agents/vmware_rest/fence_vmware_rest.py
+++ b/agents/vmware_rest/fence_vmware_rest.py
@@ -42,7 +42,10 @@ def get_list(conn, options):
outlets = {}
try:
- res = send_command(conn, "vcenter/vm")
+ command = "vcenter/vm"
+ if "--filter" in options:
+ command = command + "?" + options["--filter"]
+ res = send_command(conn, command)
except:
logging.debug("Failed: {}".format(e))
fail(EC_STATUS)
@@ -157,6 +160,16 @@ def define_new_opts():
"required" : "0",
"shortdesc" : "The path part of the API URL",
"order" : 2}
+ all_opt["filter"] = {
+ "getopt" : ":",
+ "longopt" : "filter",
+ "help" : "--filter=[filter] Filter to only return relevant VMs"
+ " (e.g. \"filter.names=node1&filter.names=node2\").",
+ "default" : "",
+ "required" : "0",
+ "shortdesc" : "Filter to only return relevant VMs. It can be used to avoid "
+ "the agent failing when more than 1000 VMs should be returned.",
+ "order" : 2}
def main():
@@ -169,6 +182,7 @@ def main():
"notls",
"web",
"port",
+ "filter",
]
atexit.register(atexit_handler)
@@ -181,8 +195,12 @@ def main():
docs = {}
docs["shortdesc"] = "Fence agent for VMware REST API"
- docs["longdesc"] = "fence_vmware_rest is an I/O Fencing agent which can be \
-used with VMware API to fence virtual machines."
+ docs["longdesc"] = """fence_vmware_rest is an I/O Fencing agent which can be \
+used with VMware API to fence virtual machines.
+
+NOTE: If there's more than 1000 VMs there is a filter parameter to work around \
+the API limit. See https://code.vmware.com/apis/62/vcenter-management#/VM%20/get_vcenter_vm \
+for full list of filters."""
docs["vendorurl"] = "https://www.vmware.com"
show_docs(options, docs)
diff --git a/tests/data/metadata/fence_vmware_rest.xml b/tests/data/metadata/fence_vmware_rest.xml
index 5b497a6a..d60c8775 100644
--- a/tests/data/metadata/fence_vmware_rest.xml
+++ b/tests/data/metadata/fence_vmware_rest.xml
@@ -1,6 +1,8 @@
<?xml version="1.0" ?>
<resource-agent name="fence_vmware_rest" shortdesc="Fence agent for VMware REST API" >
-<longdesc>fence_vmware_rest is an I/O Fencing agent which can be used with VMware API to fence virtual machines.</longdesc>
+<longdesc>fence_vmware_rest is an I/O Fencing agent which can be used with VMware API to fence virtual machines.
+
+NOTE: If there's more than 1000 VMs there is a filter parameter to work around the API limit. See https://code.vmware.com/apis/62/vcenter-management#/VM%20/get_vcenter_vm for full list of filters.</longdesc>
<vendor-url>https://www.vmware.com</vendor-url>
<parameters>
<parameter name="action" unique="0" required="1">
@@ -87,6 +89,11 @@
<getopt mixed="--api-path=[path]" />
<shortdesc lang="en">The path part of the API URL</shortdesc>
</parameter>
+ <parameter name="filter" unique="0" required="0">
+ <getopt mixed="--filter=[filter]" />
+ <content type="string" default="" />
+ <shortdesc lang="en">Filter to only return relevant VMs. It can be used to avoid the agent failing when more than 1000 VMs should be returned.</shortdesc>
+ </parameter>
<parameter name="quiet" unique="0" required="0">
<getopt mixed="-q, --quiet" />
<content type="boolean" />

View File

@ -0,0 +1,76 @@
From 0296bc8512e37b8b935bc342b6493ed4fa8aa001 Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Thu, 14 May 2020 13:17:04 +0200
Subject: [PATCH 1/2] fence_vmware_rest: fix exception and remove default value
for filter parameter (which was shown in the manpage)
---
agents/vmware_rest/fence_vmware_rest.py | 3 +--
tests/data/metadata/fence_vmware_rest.xml | 2 +-
2 files changed, 2 insertions(+), 3 deletions(-)
diff --git a/agents/vmware_rest/fence_vmware_rest.py b/agents/vmware_rest/fence_vmware_rest.py
index 6daff121..2635ae07 100644
--- a/agents/vmware_rest/fence_vmware_rest.py
+++ b/agents/vmware_rest/fence_vmware_rest.py
@@ -46,7 +46,7 @@ def get_list(conn, options):
if "--filter" in options:
command = command + "?" + options["--filter"]
res = send_command(conn, command)
- except:
+ except Exception as e:
logging.debug("Failed: {}".format(e))
fail(EC_STATUS)
@@ -165,7 +165,6 @@ def define_new_opts():
"longopt" : "filter",
"help" : "--filter=[filter] Filter to only return relevant VMs"
" (e.g. \"filter.names=node1&filter.names=node2\").",
- "default" : "",
"required" : "0",
"shortdesc" : "Filter to only return relevant VMs. It can be used to avoid "
"the agent failing when more than 1000 VMs should be returned.",
diff --git a/tests/data/metadata/fence_vmware_rest.xml b/tests/data/metadata/fence_vmware_rest.xml
index d60c8775..830b6a21 100644
--- a/tests/data/metadata/fence_vmware_rest.xml
+++ b/tests/data/metadata/fence_vmware_rest.xml
@@ -91,7 +91,7 @@ NOTE: If there's more than 1000 VMs there is a filter parameter to work around t
</parameter>
<parameter name="filter" unique="0" required="0">
<getopt mixed="--filter=[filter]" />
- <content type="string" default="" />
+ <content type="string" />
<shortdesc lang="en">Filter to only return relevant VMs. It can be used to avoid the agent failing when more than 1000 VMs should be returned.</shortdesc>
</parameter>
<parameter name="quiet" unique="0" required="0">
From 7420cf9f11568be7239956bed4631cdbaa6fb87c Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Thu, 14 May 2020 14:17:03 +0200
Subject: [PATCH 2/2] fence_vmware_rest: dont fail when receiving more than
1000 VM error during monitor-action
---
agents/vmware_rest/fence_vmware_rest.py | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/agents/vmware_rest/fence_vmware_rest.py b/agents/vmware_rest/fence_vmware_rest.py
index 2635ae07..675de246 100644
--- a/agents/vmware_rest/fence_vmware_rest.py
+++ b/agents/vmware_rest/fence_vmware_rest.py
@@ -48,7 +48,14 @@ def get_list(conn, options):
res = send_command(conn, command)
except Exception as e:
logging.debug("Failed: {}".format(e))
- fail(EC_STATUS)
+ if str(e).startswith("400"):
+ if options.get("--original-action") == "monitor":
+ return outlets
+ else:
+ logging.error("More than 1000 VMs returned. Use --filter parameter to limit which VMs to list.")
+ fail(EC_STATUS)
+ else:
+ fail(EC_STATUS)
for r in res["value"]:
outlets[r["name"]] = ("", state[r["power_state"]])

View File

@ -0,0 +1,122 @@
From 8920d2fc7993453e7ad05f807f6ec51745b408a5 Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Mon, 4 May 2020 16:53:55 +0200
Subject: [PATCH] fence_compute/fence_evacuate: fix --insecure parameter
---
agents/compute/fence_compute.py | 10 +++++++---
agents/evacuate/fence_evacuate.py | 10 +++++++---
tests/data/metadata/fence_compute.xml | 2 +-
tests/data/metadata/fence_evacuate.xml | 2 +-
4 files changed, 16 insertions(+), 8 deletions(-)
diff --git a/agents/compute/fence_compute.py b/agents/compute/fence_compute.py
index d0e012e6..f53b97da 100644
--- a/agents/compute/fence_compute.py
+++ b/agents/compute/fence_compute.py
@@ -281,7 +281,7 @@ def create_nova_connection(options):
loader = loading.get_plugin_loader('password')
keystone_auth = loader.load_from_options(**kwargs)
- keystone_session = session.Session(auth=keystone_auth, verify=(not options["--insecure"]))
+ keystone_session = session.Session(auth=keystone_auth, verify=not "--insecure" in options)
nova_versions = [ "2.11", "2" ]
for version in nova_versions:
@@ -307,7 +307,7 @@ def create_nova_connection(options):
None, # Password
None, # Tenant
None, # Auth URL
- insecure=options["--insecure"],
+ insecure="--insecure" in options,
region_name=options["--region-name"],
endpoint_type=options["--endpoint-type"],
session=keystone_session, auth=keystone_auth,
@@ -395,7 +395,6 @@ def define_new_opts():
"help" : "--insecure Explicitly allow agent to perform \"insecure\" TLS (https) requests",
"required" : "0",
"shortdesc" : "Allow Insecure TLS Requests",
- "default" : "False",
"order": 2,
}
all_opt["domain"] = {
@@ -484,6 +483,11 @@ def main():
options["--domain"] = options["--compute-domain"]
del options["--domain"]
+ # Disable insecure-certificate-warning message
+ if "--insecure" in options:
+ import urllib3
+ urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
+
logging.debug("Running "+options["--action"])
connection = create_nova_connection(options)
diff --git a/agents/evacuate/fence_evacuate.py b/agents/evacuate/fence_evacuate.py
index 60bb130e..88837dd8 100644
--- a/agents/evacuate/fence_evacuate.py
+++ b/agents/evacuate/fence_evacuate.py
@@ -217,7 +217,7 @@ def create_nova_connection(options):
loader = loading.get_plugin_loader('password')
keystone_auth = loader.load_from_options(**kwargs)
- keystone_session = session.Session(auth=keystone_auth, verify=(not options["--insecure"]))
+ keystone_session = session.Session(auth=keystone_auth, verify=not "--insecure" in options)
versions = [ "2.11", "2" ]
for version in versions:
@@ -244,7 +244,7 @@ def create_nova_connection(options):
None, # Password
None, # Tenant
None, # Auth URL
- insecure=options["--insecure"],
+ insecure="--insecure" in options,
region_name=options["--region-name"],
endpoint_type=options["--endpoint-type"],
session=keystone_session, auth=keystone_auth,
@@ -332,7 +332,6 @@ def define_new_opts():
"help" : "--insecure Explicitly allow agent to perform \"insecure\" TLS (https) requests",
"required" : "0",
"shortdesc" : "Allow Insecure TLS Requests",
- "default" : "False",
"order": 2,
}
all_opt["domain"] = {
@@ -397,6 +396,11 @@ def main():
del options["--domain"]
+ # Disable insecure-certificate-warning message
+ if "--insecure" in options:
+ import urllib3
+ urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
+
connection = create_nova_connection(options)
# Un-evacuating a server doesn't make sense
diff --git a/tests/data/metadata/fence_compute.xml b/tests/data/metadata/fence_compute.xml
index 99d56af0..2f183268 100644
--- a/tests/data/metadata/fence_compute.xml
+++ b/tests/data/metadata/fence_compute.xml
@@ -70,7 +70,7 @@
</parameter>
<parameter name="insecure" unique="0" required="0">
<getopt mixed="--insecure" />
- <content type="boolean" default="False" />
+ <content type="boolean" />
<shortdesc lang="en">Allow Insecure TLS Requests</shortdesc>
</parameter>
<parameter name="project-domain" unique="0" required="0" deprecated="1">
diff --git a/tests/data/metadata/fence_evacuate.xml b/tests/data/metadata/fence_evacuate.xml
index 8c720b80..95da0e1b 100644
--- a/tests/data/metadata/fence_evacuate.xml
+++ b/tests/data/metadata/fence_evacuate.xml
@@ -70,7 +70,7 @@
</parameter>
<parameter name="insecure" unique="0" required="0">
<getopt mixed="--insecure" />
- <content type="boolean" default="False" />
+ <content type="boolean" />
<shortdesc lang="en">Allow Insecure TLS Requests</shortdesc>
</parameter>
<parameter name="project-domain" unique="0" required="0" deprecated="1">

View File

@ -0,0 +1,95 @@
From be20615859c518b3161b08ee63f5da5213eba91d Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Mon, 25 May 2020 14:03:53 +0200
Subject: [PATCH 1/2] fence_aws: catch ConnectionError and suppress traceback
for caught exceptions
---
agents/aws/fence_aws.py | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/agents/aws/fence_aws.py b/agents/aws/fence_aws.py
index 17c2fedb..191f5de1 100644
--- a/agents/aws/fence_aws.py
+++ b/agents/aws/fence_aws.py
@@ -9,14 +9,14 @@
from fencing import fail, fail_usage, run_delay, EC_STATUS, SyslogLibHandler
import boto3
-from botocore.exceptions import ClientError, EndpointConnectionError, NoRegionError
+from botocore.exceptions import ConnectionError, ClientError, EndpointConnectionError, NoRegionError
logger = logging.getLogger("fence_aws")
logger.propagate = False
logger.setLevel(logging.INFO)
logger.addHandler(SyslogLibHandler())
logging.getLogger('botocore.vendored').propagate = False
-
+
def get_instance_id():
try:
r = requests.get('http://169.254.169.254/latest/meta-data/instance-id')
@@ -38,6 +38,8 @@ def get_nodes_list(conn, options):
fail_usage("Failed: Incorrect Access Key or Secret Key.")
except EndpointConnectionError:
fail_usage("Failed: Incorrect Region.")
+ except ConnectionError as e:
+ fail_usage("Failed: Unable to connect to AWS: " + str(e))
except Exception as e:
logger.error("Failed to get node list: %s", e)
logger.debug("Monitor operation OK: %s",result)
@@ -169,7 +171,7 @@ def main():
if options["--boto3_debug"] != "on":
boto3.set_stream_logger('boto3',logging.INFO)
- boto3.set_stream_logger('botocore',logging.INFO)
+ boto3.set_stream_logger('botocore',logging.CRITICAL)
logging.getLogger('botocore').propagate = False
logging.getLogger('boto3').propagate = False
else:
@@ -197,4 +199,4 @@ def main():
sys.exit(result)
if __name__ == "__main__":
- main()
\ No newline at end of file
+ main()
From 50772024cffa60d05938d328bbd5cffd930f6b42 Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Mon, 25 May 2020 14:07:14 +0200
Subject: [PATCH 2/2] fence_aws: improve boto3_debug boolean handling
---
agents/aws/fence_aws.py | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/agents/aws/fence_aws.py b/agents/aws/fence_aws.py
index 191f5de1..483a2991 100644
--- a/agents/aws/fence_aws.py
+++ b/agents/aws/fence_aws.py
@@ -132,6 +132,7 @@ def define_new_opts():
"help" : "-b, --boto3_debug=[option] Boto3 and Botocore library debug logging",
"shortdesc": "Boto Lib debug",
"required": "0",
+ "default": "False",
"order": 5
}
@@ -146,7 +147,6 @@ def main():
define_new_opts()
all_opt["power_timeout"]["default"] = "60"
- all_opt["boto3_debug"]["default"] = "off"
options = check_input(device_opt, process_input(device_opt))
@@ -169,7 +169,7 @@ def main():
lh.setFormatter(lhf)
logger.setLevel(logging.DEBUG)
- if options["--boto3_debug"] != "on":
+ if options["--boto3_debug"].lower() not in ["1", "yes", "on", "true"]:
boto3.set_stream_logger('boto3',logging.INFO)
boto3.set_stream_logger('botocore',logging.CRITICAL)
logging.getLogger('botocore').propagate = False

View File

@ -0,0 +1,60 @@
From 431e8bc40288d97d80f07ec195c0a07c5f8c065a Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Tue, 10 Nov 2020 12:46:50 +0100
Subject: [PATCH] fence_scsi: dont write key to device if it's already
registered, and open file correctly to avoid using regex against end-of-file
---
agents/scsi/fence_scsi.py | 12 +++++-------
1 file changed, 5 insertions(+), 7 deletions(-)
diff --git a/agents/scsi/fence_scsi.py b/agents/scsi/fence_scsi.py
index 77817f35..9a86689d 100644
--- a/agents/scsi/fence_scsi.py
+++ b/agents/scsi/fence_scsi.py
@@ -135,6 +135,8 @@ def register_dev(options, dev):
for slave in get_mpath_slaves(dev):
register_dev(options, slave)
return True
+ if get_reservation_key(options, dev, False) == options["--key"]:
+ return True
reset_dev(options, dev)
cmd = options["--sg_persist-path"] + " -n -o -I -S " + options["--key"] + " -d " + dev
cmd += " -Z" if "--aptpl" in options else ""
@@ -148,14 +150,14 @@ def reserve_dev(options, dev):
return not bool(run_cmd(options, cmd)["err"])
-def get_reservation_key(options, dev):
+def get_reservation_key(options, dev, fail=True):
reset_dev(options,dev)
opts = ""
if "--readonly" in options:
opts = "-y "
cmd = options["--sg_persist-path"] + " -n -i " + opts + "-r -d " + dev
out = run_cmd(options, cmd)
- if out["err"]:
+ if out["err"] and fail:
fail_usage("Cannot get reservation key")
match = re.search(r"\s+key=0x(\S+)\s+", out["out"], re.IGNORECASE)
return match.group(1) if match else None
@@ -257,6 +259,7 @@ def dev_write(dev, options):
f = open(file_path, "a+")
except IOError:
fail_usage("Failed: Cannot open file \""+ file_path + "\"")
+ f.seek(0)
out = f.read()
if not re.search(r"^" + dev + "\s+", out, flags=re.MULTILINE):
f.write(dev + "\n")
@@ -277,11 +280,6 @@ def dev_read(fail=True):
return devs
-def dev_delete(options):
- file_path = options["store_path"] + ".dev"
- os.remove(file_path) if os.path.exists(file_path) else None
-
-
def get_clvm_devices(options):
devs = []
cmd = options["--vgs-path"] + " " +\

View File

@ -0,0 +1,23 @@
From 2d0057dabae0b4cd4394fec5a60a3f649c8e3d2b Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Wed, 1 Jul 2020 13:18:26 +0200
Subject: [PATCH] fence_mpath: allow spaces for comma-separated devices and add
support for space-separated devices
---
agents/mpath/fence_mpath.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/agents/mpath/fence_mpath.py b/agents/mpath/fence_mpath.py
index a3d9fe23..bc15aae2 100644
--- a/agents/mpath/fence_mpath.py
+++ b/agents/mpath/fence_mpath.py
@@ -297,7 +297,7 @@ def main():
if not ("--devices" in options and options["--devices"]):
fail_usage("Failed: No devices found")
- options["devices"] = options["--devices"].split(",")
+ options["devices"] = [d for d in re.split("\s*,\s*|\s+", options["--devices"].strip()) if d]
# Input control END
result = fence_action(None, options, set_status, get_status)

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,26 @@
From 18ef1622475db947aef70042523f4a176c4155bd Mon Sep 17 00:00:00 2001
From: Luca Miccini <lmiccini@redhat.com>
Date: Thu, 23 Jul 2020 14:33:38 +0200
Subject: [PATCH] [fence_evacuate] Enable evacuation of instances using private
flavors
This commit extends the flavor.list() api call in the fence_evacuate
agent to fetch private flavors that could be tagged with the 'evacuable'
attribute, allowing instance-ha to be enabled on a per tenant basis.
---
agents/evacuate/fence_evacuate.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/agents/evacuate/fence_evacuate.py b/agents/evacuate/fence_evacuate.py
index 88837dd8..53d6fd15 100644
--- a/agents/evacuate/fence_evacuate.py
+++ b/agents/evacuate/fence_evacuate.py
@@ -87,7 +87,7 @@ def _is_server_evacuable(server, evac_flavors, evac_images):
def _get_evacuable_flavors(connection):
result = []
- flavors = connection.flavors.list()
+ flavors = connection.flavors.list(is_public=None)
# Since the detailed view for all flavors doesn't provide the extra specs,
# we need to call each of the flavor to get them.
for flavor in flavors:

View File

@ -0,0 +1,127 @@
From 3424464d3e447308f171399302cf76eb573a618f Mon Sep 17 00:00:00 2001
From: Reid wahl <nrwahl@protonmail.com>
Date: Fri, 24 Jul 2020 18:22:24 -0700
Subject: [PATCH] fence_lpar: Fix parse error from long command line
When Pacemaker executes `fence_lpar` and the HMC command line is greater
than 80 characters, a parse error causes agent failure. This can happen
with a long user name and/or long managed system name. It happens only
when Pacemaker spawns the `fence_lpar` process; it does not happen when
`fence_lpar` is run from the CLI.
A long command line gets a carriage return ('\r') added at the 80
character mark and wraps back to the beginning of the line with no line
feed ('\n'), overwriting the displayed characters. `fence_lpar`'s regex
matches handle this fine when it's run from the command line.
The problem is that when Pacemaker spawns fence_lpar, **for some
reason** there are backspace characters in the buffer when we hit the
'\r' character. This seems to overwrite some of the `conn.before`
string. As a result, the regex doesn't match `conn.before`, and the
agent fails.
This patch works around the `conn.before` weirdness by reading and
discarding the first received line **before** any regex processing.
Resolves: RHBZ#1860544
Resolves: RHBZ#1860545
Signed-off-by: Reid Wahl <nrwahl@protonmail.com>
---
agents/lpar/fence_lpar.py | 33 +++++++++++++++++++++++++++------
1 file changed, 27 insertions(+), 6 deletions(-)
diff --git a/agents/lpar/fence_lpar.py b/agents/lpar/fence_lpar.py
index 270bbe3b..9dfabc43 100644
--- a/agents/lpar/fence_lpar.py
+++ b/agents/lpar/fence_lpar.py
@@ -19,6 +19,9 @@
def get_power_status(conn, options):
if options["--hmc-version"] == "3":
conn.send("lssyscfg -r lpar -m " + options["--managed"] + " -n " + options["--plug"] + " -F name,state\n")
+
+ # First line (command) may cause parsing issues if long
+ conn.readline()
conn.log_expect(options["--command-prompt"], int(options["--power-timeout"]))
try:
@@ -29,6 +32,9 @@ def get_power_status(conn, options):
elif options["--hmc-version"] in ["4", "IVM"]:
conn.send("lssyscfg -r lpar -m "+ options["--managed"] +
" --filter 'lpar_names=" + options["--plug"] + "'\n")
+
+ # First line (command) may cause parsing issues if long
+ conn.readline()
conn.log_expect(options["--command-prompt"], int(options["--power-timeout"]))
try:
@@ -49,6 +55,9 @@ def set_power_status(conn, options):
if options["--hmc-version"] == "3":
conn.send("chsysstate -o " + options["--action"] + " -r lpar -m " + options["--managed"]
+ " -n " + options["--plug"] + "\n")
+
+ # First line (command) may cause parsing issues if long
+ conn.readline()
conn.log_expect(options["--command-prompt"], int(options["--power-timeout"]))
elif options["--hmc-version"] in ["4", "IVM"]:
if options["--action"] == "on":
@@ -60,17 +69,23 @@ def set_power_status(conn, options):
else:
conn.send("chsysstate -o shutdown -r lpar --immed" +
" -m " + options["--managed"] + " -n " + options["--plug"] + "\n")
+
+ # First line (command) may cause parsing issues if long
+ conn.readline()
conn.log_expect(options["--command-prompt"], int(options["--power-timeout"]))
def get_lpar_list(conn, options):
outlets = {}
if options["--hmc-version"] == "3":
conn.send("query_partition_names -m " + options["--managed"] + "\n")
+
+ ## We have to remove first line (command)
+ conn.readline()
conn.log_expect(options["--command-prompt"], int(options["--power-timeout"]))
- ## We have to remove first 3 lines (command + header) and last line (part of new prompt)
+ ## We have to remove next 2 lines (header) and last line (part of new prompt)
####
- res = re.search("^.+?\n(.+?\n){2}(.*)\n.*$", conn.before, re.S)
+ res = re.search("^(.+?\n){2}(.*)\n.*$", conn.before, re.S)
if res == None:
fail_usage("Unable to parse output of list command")
@@ -81,11 +96,14 @@ def get_lpar_list(conn, options):
elif options["--hmc-version"] == "4":
conn.send("lssyscfg -r lpar -m " + options["--managed"] +
" -F name:state\n")
+
+ ## We have to remove first line (command)
+ conn.readline()
conn.log_expect(options["--command-prompt"], int(options["--power-timeout"]))
- ## We have to remove first line (command) and last line (part of new prompt)
+ ## We have to remove last line (part of new prompt)
####
- res = re.search("^.+?\n(.*)\n.*$", conn.before, re.S)
+ res = re.search("^(.*)\n.*$", conn.before, re.S)
if res == None:
fail_usage("Unable to parse output of list command")
@@ -100,11 +118,14 @@ def get_lpar_list(conn, options):
elif options["--hmc-version"] == "IVM":
conn.send("lssyscfg -r lpar -m " + options["--managed"] +
" -F name,state\n")
+
+ ## We have to remove first line (command)
+ conn.readline()
conn.log_expect(options["--command-prompt"], int(options["--power-timeout"]))
- ## We have to remove first line (command) and last line (part of new prompt)
+ ## We have to remove last line (part of new prompt)
####
- res = re.search("^.+?\n(.*)\n.*$", conn.before, re.S)
+ res = re.search("^(.*)\n.*$", conn.before, re.S)
if res == None:
fail_usage("Unable to parse output of list command")

View File

@ -0,0 +1,145 @@
From 6d0b2cb598135b697ee583e3514aa427fc0e4cf8 Mon Sep 17 00:00:00 2001
From: Reid Wahl <nrwahl@protonmail.com>
Date: Wed, 29 Jul 2020 18:33:17 -0700
Subject: [PATCH 1/2] fence_lpar: Fix list-status action
The `list-status` action prints "UNKNOWN" status for all LPARs when
`--hmc-version` is `"4"` or `"IVM"`.
This commit fixes that by mapping the statuses returned by the HMC
(e.g., "Running") to the statuses that the fencing library expects
(e.g., "on").
Resolves: RHBZ#1861926
Signed-off-by: Reid Wahl <nrwahl@protonmail.com>
---
agents/lpar/fence_lpar.py | 27 +++++++++++++++------------
1 file changed, 15 insertions(+), 12 deletions(-)
diff --git a/agents/lpar/fence_lpar.py b/agents/lpar/fence_lpar.py
index 9dfabc43..03068466 100644
--- a/agents/lpar/fence_lpar.py
+++ b/agents/lpar/fence_lpar.py
@@ -16,6 +16,16 @@
from fencing import *
from fencing import fail, fail_usage, EC_STATUS_HMC
+##
+## Transformation to standard ON/OFF status if possible
+def _normalize_status(status):
+ if status in ["Running", "Open Firmware", "Shutting Down", "Starting"]:
+ status = "on"
+ else:
+ status = "off"
+
+ return status
+
def get_power_status(conn, options):
if options["--hmc-version"] == "3":
conn.send("lssyscfg -r lpar -m " + options["--managed"] + " -n " + options["--plug"] + " -F name,state\n")
@@ -42,14 +52,7 @@ def get_power_status(conn, options):
except AttributeError:
fail(EC_STATUS_HMC)
- ##
- ## Transformation to standard ON/OFF status if possible
- if status in ["Running", "Open Firmware", "Shutting Down", "Starting"]:
- status = "on"
- else:
- status = "off"
-
- return status
+ return _normalize_status(status)
def set_power_status(conn, options):
if options["--hmc-version"] == "3":
@@ -111,10 +114,10 @@ def get_lpar_list(conn, options):
lines = res.group(1).split("\n")
for outlet_line in lines:
try:
- (port, status) = outlet_line.split(":")
+ (port, status) = outlet_line.rstrip().split(":")
except ValueError:
fail_usage('Output does not match expected HMC version, try different one');
- outlets[port] = ("", status)
+ outlets[port] = ("", _normalize_status(status))
elif options["--hmc-version"] == "IVM":
conn.send("lssyscfg -r lpar -m " + options["--managed"] +
" -F name,state\n")
@@ -133,10 +136,10 @@ def get_lpar_list(conn, options):
lines = res.group(1).split("\n")
for outlet_line in lines:
try:
- (port, status) = outlet_line.split(",")
+ (port, status) = outlet_line.rstrip().split(",")
except ValueError:
fail_usage('Output does not match expected HMC version, try different one');
- outlets[port] = ("", status)
+ outlets[port] = ("", _normalize_status(status))
return outlets
From 4f7b40c0cde896f2f5b09e796ba34450e90aee6c Mon Sep 17 00:00:00 2001
From: Reid Wahl <nrwahl@protonmail.com>
Date: Wed, 29 Jul 2020 18:43:47 -0700
Subject: [PATCH 2/2] fence_lpar: Reduce code duplication in get_lpar_list
The logic for HMC version 4 and HMC version IVM are the same except for
the use of a different separator character. This commit condenses them
into one block.
Signed-off-by: Reid Wahl <nrwahl@protonmail.com>
---
agents/lpar/fence_lpar.py | 28 ++++------------------------
1 file changed, 4 insertions(+), 24 deletions(-)
diff --git a/agents/lpar/fence_lpar.py b/agents/lpar/fence_lpar.py
index 03068466..7560a82c 100644
--- a/agents/lpar/fence_lpar.py
+++ b/agents/lpar/fence_lpar.py
@@ -96,31 +96,11 @@ def get_lpar_list(conn, options):
lines = res.group(2).split("\n")
for outlet_line in lines:
outlets[outlet_line.rstrip()] = ("", "")
- elif options["--hmc-version"] == "4":
- conn.send("lssyscfg -r lpar -m " + options["--managed"] +
- " -F name:state\n")
-
- ## We have to remove first line (command)
- conn.readline()
- conn.log_expect(options["--command-prompt"], int(options["--power-timeout"]))
-
- ## We have to remove last line (part of new prompt)
- ####
- res = re.search("^(.*)\n.*$", conn.before, re.S)
-
- if res == None:
- fail_usage("Unable to parse output of list command")
+ elif options["--hmc-version"] in ["4", "IVM"]:
+ sep = ":" if options["--hmc-version"] == "4" else ","
- lines = res.group(1).split("\n")
- for outlet_line in lines:
- try:
- (port, status) = outlet_line.rstrip().split(":")
- except ValueError:
- fail_usage('Output does not match expected HMC version, try different one');
- outlets[port] = ("", _normalize_status(status))
- elif options["--hmc-version"] == "IVM":
conn.send("lssyscfg -r lpar -m " + options["--managed"] +
- " -F name,state\n")
+ " -F name" + sep + "state\n")
## We have to remove first line (command)
conn.readline()
@@ -136,7 +116,7 @@ def get_lpar_list(conn, options):
lines = res.group(1).split("\n")
for outlet_line in lines:
try:
- (port, status) = outlet_line.rstrip().split(",")
+ (port, status) = outlet_line.rstrip().split(sep)
except ValueError:
fail_usage('Output does not match expected HMC version, try different one');
outlets[port] = ("", _normalize_status(status))

View File

@ -0,0 +1,17 @@
--- a/lib/fencing.py.py 2022-04-22 10:25:59.347139685 +0200
+++ b/lib/fencing.py.py 2022-04-22 10:26:05.127169492 +0200
@@ -1115,6 +1115,14 @@
except pexpect.ExceptionPexpect:
pass
+def source_env(env_file):
+ # POSIX: name shall not contain '=', value doesn't contain '\0'
+ output = subprocess.check_output("source {} && env -0".format(env_file), shell=True,
+ executable="/bin/sh")
+ # replace env
+ os.environ.clear()
+ os.environ.update(line.partition('=')[::2] for line in output.decode("utf-8").split('\0'))
+
# Convert array of format [[key1, value1], [key2, value2], ... [keyN, valueN]] to dict, where key is
# in format a.b.c.d...z and returned dict has key only z
def array_to_dict(array):

View File

@ -0,0 +1,460 @@
--- a/agents/openstack/fence_openstack.py 2018-06-28 14:24:54.000000000 +0200
+++ b/agents/openstack/fence_openstack.py 2022-04-22 10:15:28.069884360 +0200
@@ -2,110 +2,303 @@
import atexit
import logging
-import os
-import re
import sys
-from pipes import quote
-sys.path.append("/usr/share/fence")
+import os
+
+import urllib3
+
+sys.path.append("@FENCEAGENTSLIBDIR@")
from fencing import *
-from fencing import fail_usage, is_executable, run_command, run_delay
-from keystoneclient.v3 import client as ksclient
-from novaclient import client as novaclient
-from keystoneclient import session as ksc_session
-from keystoneclient.auth.identity import v3
-
-def get_name_or_uuid(options):
- return options["--uuid"] if "--uuid" in options else options["--plug"]
-
-def get_power_status(_, options):
- output = nova_run_command(options, "status")
- if (output == 'ACTIVE'):
- return 'on'
- else:
- return 'off'
+from fencing import fail_usage, run_delay, source_env
+
+try:
+ from novaclient import client
+ from novaclient.exceptions import Conflict, NotFound
+except ImportError:
+ pass
+
+urllib3.disable_warnings(urllib3.exceptions.SecurityWarning)
+
+
+def translate_status(instance_status):
+ if instance_status == "ACTIVE":
+ return "on"
+ elif instance_status == "SHUTOFF":
+ return "off"
+ return "unknown"
+
+def get_cloud(options):
+ import yaml
+
+ clouds_yaml = "~/.config/openstack/clouds.yaml"
+ if not os.path.exists(os.path.expanduser(clouds_yaml)):
+ clouds_yaml = "/etc/openstack/clouds.yaml"
+ if not os.path.exists(os.path.expanduser(clouds_yaml)):
+ fail_usage("Failed: ~/.config/openstack/clouds.yaml and /etc/openstack/clouds.yaml does not exist")
+
+ clouds_yaml = os.path.expanduser(clouds_yaml)
+ if os.path.exists(clouds_yaml):
+ with open(clouds_yaml, "r") as yaml_stream:
+ try:
+ clouds = yaml.safe_load(yaml_stream)
+ except yaml.YAMLError as exc:
+ fail_usage("Failed: Unable to read: " + clouds_yaml)
+
+ cloud = clouds.get("clouds").get(options["--cloud"])
+ if not cloud:
+ fail_usage("Cloud: {} not found.".format(options["--cloud"]))
+
+ return cloud
+
+
+def get_nodes_list(conn, options):
+ logging.info("Running %s action", options["--action"])
+ result = {}
+ response = conn.servers.list(detailed=True)
+ if response is not None:
+ for item in response:
+ instance_id = item.id
+ instance_name = item.name
+ instance_status = item.status
+ result[instance_id] = (instance_name, translate_status(instance_status))
+ return result
+
+
+def get_power_status(conn, options):
+ logging.info("Running %s action on %s", options["--action"], options["--plug"])
+ server = None
+ try:
+ server = conn.servers.get(options["--plug"])
+ except NotFound as e:
+ fail_usage("Failed: Not Found: " + str(e))
+ if server is None:
+ fail_usage("Server %s not found", options["--plug"])
+ state = server.status
+ status = translate_status(state)
+ logging.info("get_power_status: %s (state: %s)" % (status, state))
+ return status
+
+
+def set_power_status(conn, options):
+ logging.info("Running %s action on %s", options["--action"], options["--plug"])
+ action = options["--action"]
+ server = None
+ try:
+ server = conn.servers.get(options["--plug"])
+ except NotFound as e:
+ fail_usage("Failed: Not Found: " + str(e))
+ if server is None:
+ fail_usage("Server %s not found", options["--plug"])
+ if action == "on":
+ logging.info("Starting instance " + server.name)
+ try:
+ server.start()
+ except Conflict as e:
+ fail_usage(e)
+ logging.info("Called start API call for " + server.id)
+ if action == "off":
+ logging.info("Stopping instance " + server.name)
+ try:
+ server.stop()
+ except Conflict as e:
+ fail_usage(e)
+ logging.info("Called stop API call for " + server.id)
+ if action == "reboot":
+ logging.info("Rebooting instance " + server.name)
+ try:
+ server.reboot("HARD")
+ except Conflict as e:
+ fail_usage(e)
+ logging.info("Called reboot hard API call for " + server.id)
+
+
+def nova_login(username, password, projectname, auth_url, user_domain_name,
+ project_domain_name, ssl_insecure, cacert, apitimeout):
+ legacy_import = False
+
+ try:
+ from keystoneauth1 import loading
+ from keystoneauth1 import session as ksc_session
+ from keystoneauth1.exceptions.discovery import DiscoveryFailure
+ from keystoneauth1.exceptions.http import Unauthorized
+ except ImportError:
+ try:
+ from keystoneclient import session as ksc_session
+ from keystoneclient.auth.identity import v3
+
+ legacy_import = True
+ except ImportError:
+ fail_usage("Failed: Keystone client not found or not accessible")
+
+ if not legacy_import:
+ loader = loading.get_plugin_loader("password")
+ auth = loader.load_from_options(
+ auth_url=auth_url,
+ username=username,
+ password=password,
+ project_name=projectname,
+ user_domain_name=user_domain_name,
+ project_domain_name=project_domain_name,
+ )
+ else:
+ auth = v3.Password(
+ auth_url=auth_url,
+ username=username,
+ password=password,
+ project_name=projectname,
+ user_domain_name=user_domain_name,
+ project_domain_name=project_domain_name,
+ cacert=cacert,
+ )
+
+ caverify=True
+ if ssl_insecure:
+ caverify=False
+ elif cacert:
+ caverify=cacert
+
+ session = ksc_session.Session(auth=auth, verify=caverify, timeout=apitimeout)
+ nova = client.Client("2", session=session, timeout=apitimeout)
+ apiversion = None
+ try:
+ apiversion = nova.versions.get_current()
+ except DiscoveryFailure as e:
+ fail_usage("Failed: Discovery Failure: " + str(e))
+ except Unauthorized as e:
+ fail_usage("Failed: Unauthorized: " + str(e))
+ except Exception as e:
+ logging.error(e)
+ logging.debug("Nova version: %s", apiversion)
+ return nova
-def set_power_status(_, options):
- nova_run_command(options, options["--action"])
- return
-
-def nova_login(username,password,projectname,auth_url,user_domain_name,project_domain_name):
- auth=v3.Password(username=username,password=password,project_name=projectname,user_domain_name=user_domain_name,project_domain_name=project_domain_name,auth_url=auth_url)
- session = ksc_session.Session(auth=auth)
- keystone = ksclient.Client(session=session)
- nova = novaclient.Client(session=session)
- return nova
-
-def nova_run_command(options,action,timeout=None):
- username=options["--username"]
- password=options["--password"]
- projectname=options["--project-name"]
- auth_url=options["--auth-url"]
- user_domain_name=options["--user-domain-name"]
- project_domain_name=options["--project-domain-name"]
- novaclient=nova_login(username,password,projectname,auth_url,user_domain_name,project_domain_name)
- server = novaclient.servers.get(options["--uuid"])
- if action == "status":
- return server.status
- if action == "on":
- server.start()
- if action == "off":
- server.stop()
- if action == "reboot":
- server.reboot('REBOOT_HARD')
def define_new_opts():
all_opt["auth-url"] = {
- "getopt" : ":",
- "longopt" : "auth-url",
- "help" : "--auth-url=[authurl] Keystone Auth URL",
- "required" : "1",
- "shortdesc" : "Keystone Auth URL",
- "order": 1
+ "getopt": ":",
+ "longopt": "auth-url",
+ "help": "--auth-url=[authurl] Keystone Auth URL",
+ "required": "0",
+ "shortdesc": "Keystone Auth URL",
+ "order": 2,
}
all_opt["project-name"] = {
- "getopt" : ":",
- "longopt" : "project-name",
- "help" : "--project-name=[project] Tenant Or Project Name",
- "required" : "1",
- "shortdesc" : "Keystone Project",
+ "getopt": ":",
+ "longopt": "project-name",
+ "help": "--project-name=[project] Tenant Or Project Name",
+ "required": "0",
+ "shortdesc": "Keystone Project",
"default": "admin",
- "order": 1
+ "order": 3,
}
all_opt["user-domain-name"] = {
- "getopt" : ":",
- "longopt" : "user-domain-name",
- "help" : "--user-domain-name=[user-domain] Keystone User Domain Name",
- "required" : "0",
- "shortdesc" : "Keystone User Domain Name",
+ "getopt": ":",
+ "longopt": "user-domain-name",
+ "help": "--user-domain-name=[domain] Keystone User Domain Name",
+ "required": "0",
+ "shortdesc": "Keystone User Domain Name",
"default": "Default",
- "order": 1
+ "order": 4,
}
all_opt["project-domain-name"] = {
- "getopt" : ":",
- "longopt" : "project-domain-name",
- "help" : "--project-domain-name=[project-domain] Keystone Project Domain Name",
- "required" : "0",
- "shortdesc" : "Keystone Project Domain Name",
+ "getopt": ":",
+ "longopt": "project-domain-name",
+ "help": "--project-domain-name=[domain] Keystone Project Domain Name",
+ "required": "0",
+ "shortdesc": "Keystone Project Domain Name",
"default": "Default",
- "order": 1
+ "order": 5,
+ }
+ all_opt["cloud"] = {
+ "getopt": ":",
+ "longopt": "cloud",
+ "help": "--cloud=[cloud] Openstack cloud (from ~/.config/openstack/clouds.yaml or /etc/openstack/clouds.yaml).",
+ "required": "0",
+ "shortdesc": "Cloud from clouds.yaml",
+ "order": 6,
+ }
+ all_opt["openrc"] = {
+ "getopt": ":",
+ "longopt": "openrc",
+ "help": "--openrc=[openrc] Path to the openrc config file",
+ "required": "0",
+ "shortdesc": "openrc config file",
+ "order": 7,
}
all_opt["uuid"] = {
- "getopt" : ":",
- "longopt" : "uuid",
- "help" : "--uuid=[uuid] UUID of the nova instance",
- "required" : "1",
- "shortdesc" : "UUID of the nova instance",
- "order": 1
+ "getopt": ":",
+ "longopt": "uuid",
+ "help": "--uuid=[uuid] Replaced by -n, --plug",
+ "required": "0",
+ "shortdesc": "Replaced by port/-n/--plug",
+ "order": 8,
+ }
+ all_opt["cacert"] = {
+ "getopt": ":",
+ "longopt": "cacert",
+ "help": "--cacert=[cacert] Path to the PEM file with trusted authority certificates (override global CA trust)",
+ "required": "0",
+ "shortdesc": "SSL X.509 certificates file",
+ "default": "",
+ "order": 9,
+ }
+ all_opt["apitimeout"] = {
+ "getopt": ":",
+ "type": "second",
+ "longopt": "apitimeout",
+ "help": "--apitimeout=[seconds] Timeout to use for API calls",
+ "shortdesc": "Timeout in seconds to use for API calls, default is 60.",
+ "required": "0",
+ "default": 60,
+ "order": 10,
}
+
def main():
+ conn = None
+
+ device_opt = [
+ "login",
+ "no_login",
+ "passwd",
+ "no_password",
+ "auth-url",
+ "project-name",
+ "user-domain-name",
+ "project-domain-name",
+ "cloud",
+ "openrc",
+ "port",
+ "no_port",
+ "uuid",
+ "ssl_insecure",
+ "cacert",
+ "apitimeout",
+ ]
+
atexit.register(atexit_handler)
- device_opt = ["login", "passwd", "auth-url", "project-name", "user-domain-name", "project-domain-name", "uuid"]
define_new_opts()
+ all_opt["port"]["required"] = "0"
+ all_opt["port"]["help"] = "-n, --plug=[UUID] UUID of the node to be fenced"
+ all_opt["port"]["shortdesc"] = "UUID of the node to be fenced."
+ all_opt["power_timeout"]["default"] = "60"
+
options = check_input(device_opt, process_input(device_opt))
+ # workaround to avoid regressions
+ if "--uuid" in options:
+ options["--plug"] = options["--uuid"]
+ del options["--uuid"]
+ elif ("--help" not in options
+ and options["--action"] in ["off", "on", "reboot", "status", "validate-all"]
+ and "--plug" not in options):
+ stop_after_error = False if options["--action"] == "validate-all" else True
+ fail_usage(
+ "Failed: You have to enter plug number or machine identification",
+ stop_after_error,
+ )
+
docs = {}
docs["shortdesc"] = "Fence agent for OpenStack's Nova service"
docs["longdesc"] = "fence_openstack is a Fencing agent \
@@ -116,9 +309,73 @@
run_delay(options)
- result = fence_action(None, options, set_power_status, get_power_status,None)
+ if options.get("--cloud"):
+ cloud = get_cloud(options)
+ username = cloud.get("auth").get("username")
+ password = cloud.get("auth").get("password")
+ projectname = cloud.get("auth").get("project_name")
+ auth_url = None
+ try:
+ auth_url = cloud.get("auth").get("auth_url")
+ except KeyError:
+ fail_usage("Failed: You have to set the Keystone service endpoint for authorization")
+ user_domain_name = cloud.get("auth").get("user_domain_name")
+ project_domain_name = cloud.get("auth").get("project_domain_name")
+ caverify = cloud.get("verify")
+ if caverify in [True, False]:
+ options["--ssl-insecure"] = caverify
+ else:
+ options["--cacert"] = caverify
+ elif options.get("--openrc"):
+ if not os.path.exists(os.path.expanduser(options["--openrc"])):
+ fail_usage("Failed: {} does not exist".format(options.get("--openrc")))
+ source_env(options["--openrc"])
+ env = os.environ
+ username = env.get("OS_USERNAME")
+ password = env.get("OS_PASSWORD")
+ projectname = env.get("OS_PROJECT_NAME")
+ auth_url = None
+ try:
+ auth_url = env["OS_AUTH_URL"]
+ except KeyError:
+ fail_usage("Failed: You have to set the Keystone service endpoint for authorization")
+ user_domain_name = env.get("OS_USER_DOMAIN_NAME")
+ project_domain_name = env.get("OS_PROJECT_DOMAIN_NAME")
+ else:
+ username = options["--username"]
+ password = options["--password"]
+ projectname = options["--project-name"]
+ auth_url = None
+ try:
+ auth_url = options["--auth-url"]
+ except KeyError:
+ fail_usage("Failed: You have to set the Keystone service endpoint for authorization")
+ user_domain_name = options["--user-domain-name"]
+ project_domain_name = options["--project-domain-name"]
+
+ ssl_insecure = "--ssl-insecure" in options
+ cacert = options["--cacert"]
+ apitimeout = options["--apitimeout"]
+
+ try:
+ conn = nova_login(
+ username,
+ password,
+ projectname,
+ auth_url,
+ user_domain_name,
+ project_domain_name,
+ ssl_insecure,
+ cacert,
+ apitimeout,
+ )
+ except Exception as e:
+ fail_usage("Failed: Unable to connect to Nova: " + str(e))
+
+ # Operate the fencing device
+ result = fence_action(conn, options, set_power_status, get_power_status, get_nodes_list)
sys.exit(result)
+
if __name__ == "__main__":
main()
-

View File

@ -0,0 +1,40 @@
From c9f8890264e0257197b31124dbb26c1046475314 Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Fri, 13 Nov 2020 14:30:43 +0100
Subject: [PATCH] fence_aws: add support for IMDSv2
---
agents/aws/fence_aws.py | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/agents/aws/fence_aws.py b/agents/aws/fence_aws.py
index 483a2991..e2a2391f 100644
--- a/agents/aws/fence_aws.py
+++ b/agents/aws/fence_aws.py
@@ -3,12 +3,13 @@
import sys, re
import logging
import atexit
-import requests
sys.path.append("@FENCEAGENTSLIBDIR@")
from fencing import *
from fencing import fail, fail_usage, run_delay, EC_STATUS, SyslogLibHandler
+import requests
import boto3
+from requests import HTTPError
from botocore.exceptions import ConnectionError, ClientError, EndpointConnectionError, NoRegionError
logger = logging.getLogger("fence_aws")
@@ -19,8 +20,9 @@
def get_instance_id():
try:
- r = requests.get('http://169.254.169.254/latest/meta-data/instance-id')
- return r.content.decode("UTF-8")
+ token = requests.put('http://169.254.169.254/latest/api/token', headers={"X-aws-ec2-metadata-token-ttl-seconds" : "21600"}).content.decode("UTF-8")
+ r = requests.get('http://169.254.169.254/latest/meta-data/instance-id', headers={"X-aws-ec2-metadata-token" : token}).content.decode("UTF-8")
+ return r
except HTTPError as http_err:
logger.error('HTTP error occurred while trying to access EC2 metadata server: %s', http_err)
except Exception as err:

View File

@ -0,0 +1,36 @@
From 6f1743a7c34b00b0d1602675598ae22a2a3de6b4 Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Thu, 14 Jan 2021 15:11:14 +0100
Subject: [PATCH] fence_gce: default to onoff
---
agents/gce/fence_gce.py | 2 --
tests/data/metadata/fence_gce.xml | 2 +-
2 files changed, 1 insertion(+), 3 deletions(-)
diff --git a/agents/gce/fence_gce.py b/agents/gce/fence_gce.py
index bf5f5693..84cf3634 100644
--- a/agents/gce/fence_gce.py
+++ b/agents/gce/fence_gce.py
@@ -334,8 +334,6 @@ def main():
define_new_opts()
all_opt["power_timeout"]["default"] = "60"
- all_opt["method"]["default"] = "cycle"
- all_opt["method"]["help"] = "-m, --method=[method] Method to fence (onoff|cycle) (Default: cycle)"
options = check_input(device_opt, process_input(device_opt))
diff --git a/tests/data/metadata/fence_gce.xml b/tests/data/metadata/fence_gce.xml
index 33478721..77812ffb 100644
--- a/tests/data/metadata/fence_gce.xml
+++ b/tests/data/metadata/fence_gce.xml
@@ -12,7 +12,7 @@ For instructions see: https://cloud.google.com/compute/docs/tutorials/python-gui
</parameter>
<parameter name="method" unique="0" required="0">
<getopt mixed="-m, --method=[method]" />
- <content type="select" default="cycle" >
+ <content type="select" default="onoff" >
<option value="onoff" />
<option value="cycle" />
</content>

View File

@ -0,0 +1,23 @@
From 900afe24edf0f400e9f1ed9b4df66e62cfee380e Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Fri, 8 Jan 2021 16:16:59 +0100
Subject: [PATCH] fence_zvmip: fix shell-timeout when using new disable-timeout
parameter
---
agents/zvm/fence_zvmip.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/agents/zvm/fence_zvmip.py b/agents/zvm/fence_zvmip.py
index 5b272bb9..001106a4 100644
--- a/agents/zvm/fence_zvmip.py
+++ b/agents/zvm/fence_zvmip.py
@@ -28,7 +28,7 @@ def open_socket(options):
conn = socket.socket()
conn.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
- conn.settimeout(float(options["--shell-timeout"]))
+ conn.settimeout(float(options["--shell-timeout"]) or None)
try:
conn.connect(addr)
except socket.error:

Some files were not shown because too many files have changed in this diff Show More