Import from AlmaLinux stable repository
This commit is contained in:
parent
192328a6ac
commit
03e4bf727d
@ -1,12 +0,0 @@
|
|||||||
dfc65f4cac3f95026b2f5674019814a527333004 SOURCES/ClusterLabs-resource-agents-55a4e2c9.tar.gz
|
|
||||||
306e131d8908ca794276bfe3a0b55ccc3bbd482f SOURCES/aliyun-cli-2.1.10.tar.gz
|
|
||||||
0a56f6d9ed2014a363486d33b63eca094379be06 SOURCES/aliyun-python-sdk-core-2.13.1.tar.gz
|
|
||||||
c2a98b9a1562d223a76514f05028488ca000c395 SOURCES/aliyun-python-sdk-ecs-4.9.3.tar.gz
|
|
||||||
f14647a4d37a9a254c4e711b95a7654fc418e41e SOURCES/aliyun-python-sdk-vpc-3.0.2.tar.gz
|
|
||||||
0fe5bd8bca54dd71223778a1e0bcca9af324abb1 SOURCES/colorama-0.3.3.tar.gz
|
|
||||||
81f039cf075e9c8b70d5af99c189296a9e031de3 SOURCES/google-cloud-sdk-360.0.0-linux-x86_64.tar.gz
|
|
||||||
7caf4412d9473bf17352316249a8133fa70b7e37 SOURCES/httplib2-0.20.4.tar.gz
|
|
||||||
c55d177e9484d974c95078d4ae945f89ba2c7251 SOURCES/pycryptodome-3.20.0.tar.gz
|
|
||||||
c8307f47e3b75a2d02af72982a2dfefa3f56e407 SOURCES/pyparsing-2.4.7-py2.py3-none-any.whl
|
|
||||||
147149db11104c06d405fd077dcd2aa1c345f109 SOURCES/pyroute2-0.4.13.tar.gz
|
|
||||||
84e2852d8da1655373f7ce5e7d5d3e256b62b4e4 SOURCES/urllib3-1.26.18.tar.gz
|
|
75
SOURCES/RHEL-15302-1-exportfs-make-fsid-optional.patch
Normal file
75
SOURCES/RHEL-15302-1-exportfs-make-fsid-optional.patch
Normal file
@ -0,0 +1,75 @@
|
|||||||
|
From b806487ca758fce838c988767556007ecf66a6e3 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Roger Zhou <zzhou@suse.com>
|
||||||
|
Date: Mon, 10 Apr 2023 18:08:56 +0800
|
||||||
|
Subject: [PATCH] exportfs: make the "fsid=" parameter optional
|
||||||
|
|
||||||
|
Based on feedback [1] from the kernel developer @neilbrown regarding the
|
||||||
|
NFS clustering use case, it has been determined that the fsid= parameter
|
||||||
|
is now considered optional and safe to omit.
|
||||||
|
|
||||||
|
[1] https://bugzilla.suse.com/show_bug.cgi?id=1201271#c49
|
||||||
|
"""
|
||||||
|
Since some time in 2007 NFS has used the UUID of a filesystem as the
|
||||||
|
primary identifier for that filesystem, rather than using the device
|
||||||
|
number. So from that time there should have been reduced need for the
|
||||||
|
"fsid=" option. Probably there are some filesystems that this didn't
|
||||||
|
work for. btrfs has been problematic at time, particularly when subvols
|
||||||
|
are exported. But for quite some years this has all "just worked" at
|
||||||
|
least for the major filesystems (ext4 xfs btrfs). [...] I would suggest
|
||||||
|
getting rid of the use of fsid= altogether. [...] I'm confident that it
|
||||||
|
was no longer an issue in SLE-12 and similarly not in SLE-15.
|
||||||
|
"""
|
||||||
|
---
|
||||||
|
heartbeat/exportfs | 12 +++++++-----
|
||||||
|
1 file changed, 7 insertions(+), 5 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/heartbeat/exportfs b/heartbeat/exportfs
|
||||||
|
index 2307a9e67b..435a19646b 100755
|
||||||
|
--- a/heartbeat/exportfs
|
||||||
|
+++ b/heartbeat/exportfs
|
||||||
|
@@ -82,7 +82,7 @@ The directory or directories to export.
|
||||||
|
<content type="string" />
|
||||||
|
</parameter>
|
||||||
|
|
||||||
|
-<parameter name="fsid" unique="0" required="1">
|
||||||
|
+<parameter name="fsid" unique="0" required="0">
|
||||||
|
<longdesc lang="en">
|
||||||
|
The fsid option to pass to exportfs. This can be a unique positive
|
||||||
|
integer, a UUID (assuredly sans comma characters), or the special string
|
||||||
|
@@ -185,6 +185,8 @@ exportfs_methods() {
|
||||||
|
|
||||||
|
reset_fsid() {
|
||||||
|
CURRENT_FSID=$OCF_RESKEY_fsid
|
||||||
|
+ [ -z "$CURRENT_FSID" ] && CURRENT_FSID=`echo "$OCF_RESKEY_options" | sed -n 's/.*fsid=\([^,]*\).*/\1/p'`
|
||||||
|
+ echo $CURRENT_FSID
|
||||||
|
}
|
||||||
|
bump_fsid() {
|
||||||
|
CURRENT_FSID=$((CURRENT_FSID+1))
|
||||||
|
@@ -322,7 +324,7 @@ export_one() {
|
||||||
|
if echo "$opts" | grep fsid >/dev/null; then
|
||||||
|
#replace fsid in options list
|
||||||
|
opts=`echo "$opts" | sed "s,fsid=[^,]*,fsid=$(get_fsid),g"`
|
||||||
|
- else
|
||||||
|
+ elif [ -n "$OCF_RESKEY_fsid" ]; then
|
||||||
|
#tack the fsid option onto our options list.
|
||||||
|
opts="${opts}${sep}fsid=$(get_fsid)"
|
||||||
|
fi
|
||||||
|
@@ -448,8 +450,8 @@ exportfs_validate_all ()
|
||||||
|
ocf_exit_reason "$OCF_RESKEY_fsid cannot contain a comma"
|
||||||
|
return $OCF_ERR_CONFIGURED
|
||||||
|
fi
|
||||||
|
- if [ $NUMDIRS -gt 1 ] &&
|
||||||
|
- ! ocf_is_decimal "$OCF_RESKEY_fsid"; then
|
||||||
|
+ if [ $NUMDIRS -gt 1 ] && [ -n "$(reset_fsid)" ] &&
|
||||||
|
+ ! ocf_is_decimal "$(reset_fsid)"; then
|
||||||
|
ocf_exit_reason "use integer fsid when exporting multiple directories"
|
||||||
|
return $OCF_ERR_CONFIGURED
|
||||||
|
fi
|
||||||
|
@@ -485,6 +487,6 @@ done
|
||||||
|
OCF_RESKEY_directory="${directories%% }"
|
||||||
|
|
||||||
|
NUMDIRS=`echo "$OCF_RESKEY_directory" | wc -w`
|
||||||
|
-OCF_REQUIRED_PARAMS="directory fsid clientspec"
|
||||||
|
+OCF_REQUIRED_PARAMS="directory clientspec"
|
||||||
|
OCF_REQUIRED_BINARIES="exportfs"
|
||||||
|
ocf_rarun $*
|
@ -0,0 +1,43 @@
|
|||||||
|
From 1d1481aa6d848efab4d398ad6e74d80b5b32549f Mon Sep 17 00:00:00 2001
|
||||||
|
From: Valentin Vidic <vvidic@debian.org>
|
||||||
|
Date: Wed, 1 Nov 2023 18:25:45 +0100
|
||||||
|
Subject: [PATCH] exportfs: remove test for "fsid=" parameter
|
||||||
|
|
||||||
|
fsid parameter is now considered optional.
|
||||||
|
---
|
||||||
|
tools/ocft/exportfs | 5 -----
|
||||||
|
tools/ocft/exportfs-multidir | 5 -----
|
||||||
|
2 files changed, 10 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/tools/ocft/exportfs b/tools/ocft/exportfs
|
||||||
|
index 285a4b8ea0..1ec3d4c364 100644
|
||||||
|
--- a/tools/ocft/exportfs
|
||||||
|
+++ b/tools/ocft/exportfs
|
||||||
|
@@ -28,11 +28,6 @@ CASE "check base env"
|
||||||
|
Include prepare
|
||||||
|
AgentRun start OCF_SUCCESS
|
||||||
|
|
||||||
|
-CASE "check base env: no 'OCF_RESKEY_fsid'"
|
||||||
|
- Include prepare
|
||||||
|
- Env OCF_RESKEY_fsid=
|
||||||
|
- AgentRun start OCF_ERR_CONFIGURED
|
||||||
|
-
|
||||||
|
CASE "check base env: invalid 'OCF_RESKEY_directory'"
|
||||||
|
Include prepare
|
||||||
|
Env OCF_RESKEY_directory=/no_such
|
||||||
|
diff --git a/tools/ocft/exportfs-multidir b/tools/ocft/exportfs-multidir
|
||||||
|
index 00e41f0859..ac6d5c7f6a 100644
|
||||||
|
--- a/tools/ocft/exportfs-multidir
|
||||||
|
+++ b/tools/ocft/exportfs-multidir
|
||||||
|
@@ -28,11 +28,6 @@ CASE "check base env"
|
||||||
|
Include prepare
|
||||||
|
AgentRun start OCF_SUCCESS
|
||||||
|
|
||||||
|
-CASE "check base env: no 'OCF_RESKEY_fsid'"
|
||||||
|
- Include prepare
|
||||||
|
- Env OCF_RESKEY_fsid=
|
||||||
|
- AgentRun start OCF_ERR_CONFIGURED
|
||||||
|
-
|
||||||
|
CASE "check base env: invalid 'OCF_RESKEY_directory'"
|
||||||
|
Include prepare
|
||||||
|
Env OCF_RESKEY_directory=/no_such
|
45
SOURCES/RHEL-15305-1-findif.sh-fix-loopback-handling.patch
Normal file
45
SOURCES/RHEL-15305-1-findif.sh-fix-loopback-handling.patch
Normal file
@ -0,0 +1,45 @@
|
|||||||
|
From e4f84ae185b6943d1ff461d53c7f1b5295783086 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Valentin Vidic <vvidic@valentin-vidic.from.hr>
|
||||||
|
Date: Wed, 1 Nov 2023 19:35:21 +0100
|
||||||
|
Subject: [PATCH] findif.sh: fix loopback handling
|
||||||
|
|
||||||
|
tools/ocft/IPaddr2 fails the loopback test because of the missing
|
||||||
|
table local parameter:
|
||||||
|
|
||||||
|
$ ip -o -f inet route list match 127.0.0.3 scope host
|
||||||
|
|
||||||
|
$ ip -o -f inet route list match 127.0.0.3 table local scope host
|
||||||
|
local 127.0.0.0/8 dev lo proto kernel src 127.0.0.1
|
||||||
|
|
||||||
|
Also rename the function because it is called only in for the special
|
||||||
|
loopback address case.
|
||||||
|
---
|
||||||
|
heartbeat/findif.sh | 6 +++---
|
||||||
|
1 file changed, 3 insertions(+), 3 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/heartbeat/findif.sh b/heartbeat/findif.sh
|
||||||
|
index 5f1c19ec3..7c766e6e0 100644
|
||||||
|
--- a/heartbeat/findif.sh
|
||||||
|
+++ b/heartbeat/findif.sh
|
||||||
|
@@ -29,10 +29,10 @@ prefixcheck() {
|
||||||
|
fi
|
||||||
|
return 0
|
||||||
|
}
|
||||||
|
-getnetworkinfo()
|
||||||
|
+getloopbackinfo()
|
||||||
|
{
|
||||||
|
local line netinfo
|
||||||
|
- ip -o -f inet route list match $OCF_RESKEY_ip table "${OCF_RESKEY_table:=main}" scope host | (while read line;
|
||||||
|
+ ip -o -f inet route list match $OCF_RESKEY_ip table local scope host | (while read line;
|
||||||
|
do
|
||||||
|
netinfo=`echo $line | awk '{print $2}'`
|
||||||
|
case $netinfo in
|
||||||
|
@@ -222,7 +222,7 @@ findif()
|
||||||
|
if [ $# = 0 ] ; then
|
||||||
|
case $OCF_RESKEY_ip in
|
||||||
|
127.*)
|
||||||
|
- set -- `getnetworkinfo`
|
||||||
|
+ set -- `getloopbackinfo`
|
||||||
|
shift;;
|
||||||
|
esac
|
||||||
|
fi
|
@ -0,0 +1,20 @@
|
|||||||
|
--- a/heartbeat/findif.sh 2024-02-08 11:31:53.414257686 +0100
|
||||||
|
+++ b/heartbeat/findif.sh 2023-11-02 10:20:12.150853167 +0100
|
||||||
|
@@ -210,14 +210,14 @@
|
||||||
|
fi
|
||||||
|
findif_check_params $family || return $?
|
||||||
|
|
||||||
|
- if [ -n "$netmask" ] ; then
|
||||||
|
+ if [ -n "$netmask" ]; then
|
||||||
|
match=$match/$netmask
|
||||||
|
fi
|
||||||
|
if [ -n "$nic" ] ; then
|
||||||
|
# NIC supports more than two.
|
||||||
|
- set -- $(ip -o -f $family route list match $match $scope table "${OCF_RESKEY_table:=main}" | grep "dev $nic " | awk 'BEGIN{best=0} /\// { mask=$1; sub(".*/", "", mask); if( int(mask)>=best ) { best=int(mask); best_ln=$0; } } END{print best_ln}')
|
||||||
|
+ set -- $(ip -o -f $family route list match $match $scope | grep "dev $nic " | awk 'BEGIN{best=0} /\// { mask=$1; sub(".*/", "", mask); if( int(mask)>=best ) { best=int(mask); best_ln=$0; } } END{print best_ln}')
|
||||||
|
else
|
||||||
|
- set -- $(ip -o -f $family route list match $match $scope table "${OCF_RESKEY_table:=main}" | awk 'BEGIN{best=0} /\// { mask=$1; sub(".*/", "", mask); if( int(mask)>=best ) { best=int(mask); best_ln=$0; } } END{print best_ln}')
|
||||||
|
+ set -- $(ip -o -f $family route list match $match $scope | awk 'BEGIN{best=0} /\// { mask=$1; sub(".*/", "", mask); if( int(mask)>=best ) { best=int(mask); best_ln=$0; } } END{print best_ln}')
|
||||||
|
fi
|
||||||
|
if [ $# = 0 ] ; then
|
||||||
|
case $OCF_RESKEY_ip in
|
@ -0,0 +1,555 @@
|
|||||||
|
From f45f76600a7e02c860566db7d1350dc3b09449c2 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
|
||||||
|
Date: Mon, 6 Nov 2023 15:49:44 +0100
|
||||||
|
Subject: [PATCH] aws-vpc-move-ip/aws-vpc-route53/awseip/awsvip: add auth_type
|
||||||
|
parameter and AWS Policy based authentication type
|
||||||
|
|
||||||
|
---
|
||||||
|
heartbeat/aws-vpc-move-ip | 43 +++++++++++++++++++----
|
||||||
|
heartbeat/aws-vpc-route53.in | 47 ++++++++++++++++++++-----
|
||||||
|
heartbeat/awseip | 68 +++++++++++++++++++++++++++---------
|
||||||
|
heartbeat/awsvip | 60 ++++++++++++++++++++++++-------
|
||||||
|
4 files changed, 173 insertions(+), 45 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/heartbeat/aws-vpc-move-ip b/heartbeat/aws-vpc-move-ip
|
||||||
|
index dee040300f..54806f6eaa 100755
|
||||||
|
--- a/heartbeat/aws-vpc-move-ip
|
||||||
|
+++ b/heartbeat/aws-vpc-move-ip
|
||||||
|
@@ -36,6 +36,7 @@
|
||||||
|
|
||||||
|
# Defaults
|
||||||
|
OCF_RESKEY_awscli_default="/usr/bin/aws"
|
||||||
|
+OCF_RESKEY_auth_type_default="key"
|
||||||
|
OCF_RESKEY_profile_default="default"
|
||||||
|
OCF_RESKEY_region_default=""
|
||||||
|
OCF_RESKEY_ip_default=""
|
||||||
|
@@ -48,6 +49,7 @@ OCF_RESKEY_monapi_default="false"
|
||||||
|
OCF_RESKEY_lookup_type_default="InstanceId"
|
||||||
|
|
||||||
|
: ${OCF_RESKEY_awscli=${OCF_RESKEY_awscli_default}}
|
||||||
|
+: ${OCF_RESKEY_auth_type=${OCF_RESKEY_auth_type_default}}
|
||||||
|
: ${OCF_RESKEY_profile=${OCF_RESKEY_profile_default}}
|
||||||
|
: ${OCF_RESKEY_region=${OCF_RESKEY_region_default}}
|
||||||
|
: ${OCF_RESKEY_ip=${OCF_RESKEY_ip_default}}
|
||||||
|
@@ -58,8 +60,6 @@ OCF_RESKEY_lookup_type_default="InstanceId"
|
||||||
|
: ${OCF_RESKEY_iflabel=${OCF_RESKEY_iflabel_default}}
|
||||||
|
: ${OCF_RESKEY_monapi=${OCF_RESKEY_monapi_default}}
|
||||||
|
: ${OCF_RESKEY_lookup_type=${OCF_RESKEY_lookup_type_default}}
|
||||||
|
-
|
||||||
|
-[ -n "$OCF_RESKEY_region" ] && region_opt="--region $OCF_RESKEY_region"
|
||||||
|
#######################################################################
|
||||||
|
|
||||||
|
|
||||||
|
@@ -83,6 +83,10 @@ cat <<END
|
||||||
|
<longdesc lang="en">
|
||||||
|
Resource Agent to move IP addresses within a VPC of the Amazon Webservices EC2
|
||||||
|
by changing an entry in an specific routing table
|
||||||
|
+
|
||||||
|
+Credentials needs to be setup by running "aws configure", or by using AWS Policies.
|
||||||
|
+
|
||||||
|
+See https://aws.amazon.com/cli/ for more information about awscli.
|
||||||
|
</longdesc>
|
||||||
|
<shortdesc lang="en">Move IP within a VPC of the AWS EC2</shortdesc>
|
||||||
|
|
||||||
|
@@ -95,6 +99,15 @@ Path to command line tools for AWS
|
||||||
|
<content type="string" default="${OCF_RESKEY_awscli_default}" />
|
||||||
|
</parameter>
|
||||||
|
|
||||||
|
+<parameter name="auth_type">
|
||||||
|
+<longdesc lang="en">
|
||||||
|
+Authentication type "key" for AccessKey and SecretAccessKey set via "aws configure",
|
||||||
|
+or "role" to use AWS Policies.
|
||||||
|
+</longdesc>
|
||||||
|
+<shortdesc lang="en">Authentication type</shortdesc>
|
||||||
|
+<content type="string" default="${OCF_RESKEY_auth_type_default}" />
|
||||||
|
+</parameter>
|
||||||
|
+
|
||||||
|
<parameter name="profile">
|
||||||
|
<longdesc lang="en">
|
||||||
|
Valid AWS CLI profile name (see ~/.aws/config and 'aws configure')
|
||||||
|
@@ -198,7 +211,7 @@ END
|
||||||
|
execute_cmd_as_role(){
|
||||||
|
cmd=$1
|
||||||
|
role=$2
|
||||||
|
- output="$($OCF_RESKEY_awscli sts assume-role --role-arn $role --role-session-name AWSCLI-RouteTableUpdate --profile $OCF_RESKEY_profile $region_opt --output=text)"
|
||||||
|
+ output="$($AWSCLI_CMD sts assume-role --role-arn $role --role-session-name AWSCLI-RouteTableUpdate --output=text)"
|
||||||
|
export AWS_ACCESS_KEY_ID="$(echo $output | awk -F" " '$4=="CREDENTIALS" {print $5}')"
|
||||||
|
export AWS_SECRET_ACCESS_KEY="$(echo $output | awk -F" " '$4=="CREDENTIALS" {print $7}')"
|
||||||
|
export AWS_SESSION_TOKEN="$(echo $output | awk -F" " '$4=="CREDENTIALS" {print $8}')"
|
||||||
|
@@ -220,11 +233,11 @@ ec2ip_set_address_param_compat(){
|
||||||
|
}
|
||||||
|
|
||||||
|
ec2ip_validate() {
|
||||||
|
- for cmd in $OCF_RESKEY_awscli ip curl; do
|
||||||
|
+ for cmd in "$OCF_RESKEY_awscli" ip curl; do
|
||||||
|
check_binary "$cmd"
|
||||||
|
done
|
||||||
|
|
||||||
|
- if [ -z "$OCF_RESKEY_profile" ]; then
|
||||||
|
+ if [ "x${OCF_RESKEY_auth_type}" = "xkey" ] && [ -z "$OCF_RESKEY_profile" ]; then
|
||||||
|
ocf_exit_reason "profile parameter not set"
|
||||||
|
return $OCF_ERR_CONFIGURED
|
||||||
|
fi
|
||||||
|
@@ -262,7 +275,7 @@ ec2ip_monitor() {
|
||||||
|
for rtb in $(echo $OCF_RESKEY_routing_table | sed -e 's/,/ /g'); do
|
||||||
|
ocf_log info "monitor: check routing table (API call) - $rtb"
|
||||||
|
if [ -z "${OCF_RESKEY_routing_table_role}" ]; then
|
||||||
|
- cmd="$OCF_RESKEY_awscli --profile $OCF_RESKEY_profile $region_opt --output text ec2 describe-route-tables --route-table-ids $rtb --query RouteTables[*].Routes[?DestinationCidrBlock=='$OCF_RESKEY_ip/32'].$OCF_RESKEY_lookup_type"
|
||||||
|
+ cmd="$AWSCLI_CMD --output text ec2 describe-route-tables --route-table-ids $rtb --query RouteTables[*].Routes[?DestinationCidrBlock=='$OCF_RESKEY_ip/32'].$OCF_RESKEY_lookup_type"
|
||||||
|
ocf_log debug "executing command: $cmd"
|
||||||
|
ROUTE_TO_INSTANCE="$($cmd)"
|
||||||
|
else
|
||||||
|
@@ -368,7 +381,7 @@ ec2ip_get_and_configure() {
|
||||||
|
EC2_NETWORK_INTERFACE_ID="$(ec2ip_get_instance_eni)"
|
||||||
|
for rtb in $(echo $OCF_RESKEY_routing_table | sed -e 's/,/ /g'); do
|
||||||
|
if [ -z "${OCF_RESKEY_routing_table_role}" ]; then
|
||||||
|
- cmd="$OCF_RESKEY_awscli --profile $OCF_RESKEY_profile $region_opt --output text ec2 replace-route --route-table-id $rtb --destination-cidr-block ${OCF_RESKEY_ip}/32 --network-interface-id $EC2_NETWORK_INTERFACE_ID"
|
||||||
|
+ cmd="$AWSCLI_CMD --output text ec2 replace-route --route-table-id $rtb --destination-cidr-block ${OCF_RESKEY_ip}/32 --network-interface-id $EC2_NETWORK_INTERFACE_ID"
|
||||||
|
ocf_log debug "executing command: $cmd"
|
||||||
|
$cmd
|
||||||
|
else
|
||||||
|
@@ -475,6 +488,22 @@ if ! ocf_is_root; then
|
||||||
|
exit $OCF_ERR_PERM
|
||||||
|
fi
|
||||||
|
|
||||||
|
+AWSCLI_CMD="${OCF_RESKEY_awscli}"
|
||||||
|
+if [ "x${OCF_RESKEY_auth_type}" = "xkey" ]; then
|
||||||
|
+ AWSCLI_CMD="$AWSCLI_CMD --profile ${OCF_RESKEY_profile}"
|
||||||
|
+elif [ "x${OCF_RESKEY_auth_type}" = "xrole" ]; then
|
||||||
|
+ if [ -z "${OCF_RESKEY_region}" ]; then
|
||||||
|
+ ocf_exit_reason "region needs to be set when using role-based authentication"
|
||||||
|
+ exit $OCF_ERR_CONFIGURED
|
||||||
|
+ fi
|
||||||
|
+else
|
||||||
|
+ ocf_exit_reason "Incorrect auth_type: ${OCF_RESKEY_auth_type}"
|
||||||
|
+ exit $OCF_ERR_CONFIGURED
|
||||||
|
+fi
|
||||||
|
+if [ -n "${OCF_RESKEY_region}" ]; then
|
||||||
|
+ AWSCLI_CMD="$AWSCLI_CMD --region ${OCF_RESKEY_region}"
|
||||||
|
+fi
|
||||||
|
+
|
||||||
|
ec2ip_set_address_param_compat
|
||||||
|
|
||||||
|
ec2ip_validate
|
||||||
|
diff --git a/heartbeat/aws-vpc-route53.in b/heartbeat/aws-vpc-route53.in
|
||||||
|
index 22cbb35833..18ab157e8a 100644
|
||||||
|
--- a/heartbeat/aws-vpc-route53.in
|
||||||
|
+++ b/heartbeat/aws-vpc-route53.in
|
||||||
|
@@ -46,24 +46,22 @@
|
||||||
|
|
||||||
|
# Defaults
|
||||||
|
OCF_RESKEY_awscli_default="/usr/bin/aws"
|
||||||
|
+OCF_RESKEY_auth_type_default="key"
|
||||||
|
OCF_RESKEY_profile_default="default"
|
||||||
|
+OCF_RESKEY_region_default=""
|
||||||
|
OCF_RESKEY_hostedzoneid_default=""
|
||||||
|
OCF_RESKEY_fullname_default=""
|
||||||
|
OCF_RESKEY_ip_default="local"
|
||||||
|
OCF_RESKEY_ttl_default=10
|
||||||
|
|
||||||
|
: ${OCF_RESKEY_awscli=${OCF_RESKEY_awscli_default}}
|
||||||
|
+: ${OCF_RESKEY_auth_type=${OCF_RESKEY_auth_type_default}}
|
||||||
|
: ${OCF_RESKEY_profile=${OCF_RESKEY_profile_default}}
|
||||||
|
+: ${OCF_RESKEY_region=${OCF_RESKEY_region_default}}
|
||||||
|
: ${OCF_RESKEY_hostedzoneid:=${OCF_RESKEY_hostedzoneid_default}}
|
||||||
|
: ${OCF_RESKEY_fullname:=${OCF_RESKEY_fullname_default}}
|
||||||
|
: ${OCF_RESKEY_ip:=${OCF_RESKEY_ip_default}}
|
||||||
|
: ${OCF_RESKEY_ttl:=${OCF_RESKEY_ttl_default}}
|
||||||
|
-#######################################################################
|
||||||
|
-
|
||||||
|
-
|
||||||
|
-AWS_PROFILE_OPT="--profile $OCF_RESKEY_profile --cli-connect-timeout 10"
|
||||||
|
-#######################################################################
|
||||||
|
-
|
||||||
|
|
||||||
|
usage() {
|
||||||
|
cat <<-EOT
|
||||||
|
@@ -123,6 +121,15 @@ Path to command line tools for AWS
|
||||||
|
<content type="string" default="${OCF_RESKEY_awscli_default}" />
|
||||||
|
</parameter>
|
||||||
|
|
||||||
|
+<parameter name="auth_type">
|
||||||
|
+<longdesc lang="en">
|
||||||
|
+Authentication type "key" for AccessKey and SecretAccessKey set via "aws configure",
|
||||||
|
+or "role" to use AWS Policies.
|
||||||
|
+</longdesc>
|
||||||
|
+<shortdesc lang="en">Authentication type</shortdesc>
|
||||||
|
+<content type="string" default="${OCF_RESKEY_auth_type_default}" />
|
||||||
|
+</parameter>
|
||||||
|
+
|
||||||
|
<parameter name="profile">
|
||||||
|
<longdesc lang="en">
|
||||||
|
The name of the AWS CLI profile of the root account. This
|
||||||
|
@@ -196,7 +203,7 @@ r53_validate() {
|
||||||
|
|
||||||
|
# Check for required binaries
|
||||||
|
ocf_log debug "Checking for required binaries"
|
||||||
|
- for command in curl dig; do
|
||||||
|
+ for command in "${OCF_RESKEY_awscli}" curl dig; do
|
||||||
|
check_binary "$command"
|
||||||
|
done
|
||||||
|
|
||||||
|
@@ -216,7 +223,10 @@ r53_validate() {
|
||||||
|
esac
|
||||||
|
|
||||||
|
# profile
|
||||||
|
- [[ -z "$OCF_RESKEY_profile" ]] && ocf_log error "AWS CLI profile not set $OCF_RESKEY_profile!" && exit $OCF_ERR_CONFIGURED
|
||||||
|
+ if [ "x${OCF_RESKEY_auth_type}" = "xkey" ] && [ -z "$OCF_RESKEY_profile" ]; then
|
||||||
|
+ ocf_exit_reason "profile parameter not set"
|
||||||
|
+ return $OCF_ERR_CONFIGURED
|
||||||
|
+ fi
|
||||||
|
|
||||||
|
# TTL
|
||||||
|
[[ -z "$OCF_RESKEY_ttl" ]] && ocf_log error "TTL not set $OCF_RESKEY_ttl!" && exit $OCF_ERR_CONFIGURED
|
||||||
|
@@ -417,7 +427,6 @@ _update_record() {
|
||||||
|
}
|
||||||
|
|
||||||
|
###############################################################################
|
||||||
|
-
|
||||||
|
case $__OCF_ACTION in
|
||||||
|
usage|help)
|
||||||
|
usage
|
||||||
|
@@ -427,6 +436,26 @@ case $__OCF_ACTION in
|
||||||
|
metadata
|
||||||
|
exit $OCF_SUCCESS
|
||||||
|
;;
|
||||||
|
+esac
|
||||||
|
+
|
||||||
|
+AWSCLI_CMD="${OCF_RESKEY_awscli}"
|
||||||
|
+if [ "x${OCF_RESKEY_auth_type}" = "xkey" ]; then
|
||||||
|
+ AWSCLI_CMD="$AWSCLI_CMD --profile ${OCF_RESKEY_profile}"
|
||||||
|
+elif [ "x${OCF_RESKEY_auth_type}" = "xrole" ]; then
|
||||||
|
+ if [ -z "${OCF_RESKEY_region}" ]; then
|
||||||
|
+ ocf_exit_reason "region needs to be set when using role-based authentication"
|
||||||
|
+ exit $OCF_ERR_CONFIGURED
|
||||||
|
+ fi
|
||||||
|
+else
|
||||||
|
+ ocf_exit_reason "Incorrect auth_type: ${OCF_RESKEY_auth_type}"
|
||||||
|
+ exit $OCF_ERR_CONFIGURED
|
||||||
|
+fi
|
||||||
|
+if [ -n "${OCF_RESKEY_region}" ]; then
|
||||||
|
+ AWSCLI_CMD="$AWSCLI_CMD --region ${OCF_RESKEY_region}"
|
||||||
|
+fi
|
||||||
|
+AWSCLI_CMD="$AWSCLI_CMD --cli-connect-timeout 10"
|
||||||
|
+
|
||||||
|
+case $__OCF_ACTION in
|
||||||
|
start)
|
||||||
|
r53_validate || exit $?
|
||||||
|
r53_start
|
||||||
|
diff --git a/heartbeat/awseip b/heartbeat/awseip
|
||||||
|
index dc48460c85..49b0ca6155 100755
|
||||||
|
--- a/heartbeat/awseip
|
||||||
|
+++ b/heartbeat/awseip
|
||||||
|
@@ -23,7 +23,8 @@
|
||||||
|
#
|
||||||
|
# Prerequisites:
|
||||||
|
#
|
||||||
|
-# - preconfigured AWS CLI running environment (AccessKey, SecretAccessKey, etc.)
|
||||||
|
+# - preconfigured AWS CLI running environment (AccessKey, SecretAccessKey, etc.) or
|
||||||
|
+# (AWSRole) Setup up relevant AWS Policies to allow agent related functions to be executed.
|
||||||
|
# - a reserved secondary private IP address for EC2 instances high availability
|
||||||
|
# - IAM user role with the following permissions:
|
||||||
|
# * DescribeInstances
|
||||||
|
@@ -44,11 +45,15 @@
|
||||||
|
# Defaults
|
||||||
|
#
|
||||||
|
OCF_RESKEY_awscli_default="/usr/bin/aws"
|
||||||
|
+OCF_RESKEY_auth_type_default="key"
|
||||||
|
OCF_RESKEY_profile_default="default"
|
||||||
|
+OCF_RESKEY_region_default=""
|
||||||
|
OCF_RESKEY_api_delay_default="3"
|
||||||
|
|
||||||
|
: ${OCF_RESKEY_awscli=${OCF_RESKEY_awscli_default}}
|
||||||
|
+: ${OCF_RESKEY_auth_type=${OCF_RESKEY_auth_type_default}}
|
||||||
|
: ${OCF_RESKEY_profile=${OCF_RESKEY_profile_default}}
|
||||||
|
+: ${OCF_RESKEY_region=${OCF_RESKEY_region_default}}
|
||||||
|
: ${OCF_RESKEY_api_delay=${OCF_RESKEY_api_delay_default}}
|
||||||
|
|
||||||
|
meta_data() {
|
||||||
|
@@ -63,7 +68,7 @@ Resource Agent for Amazon AWS Elastic IP Addresses.
|
||||||
|
|
||||||
|
It manages AWS Elastic IP Addresses with awscli.
|
||||||
|
|
||||||
|
-Credentials needs to be setup by running "aws configure".
|
||||||
|
+Credentials needs to be setup by running "aws configure", or by using AWS Policies.
|
||||||
|
|
||||||
|
See https://aws.amazon.com/cli/ for more information about awscli.
|
||||||
|
</longdesc>
|
||||||
|
@@ -79,6 +84,15 @@ command line tools for aws services
|
||||||
|
<content type="string" default="${OCF_RESKEY_awscli_default}" />
|
||||||
|
</parameter>
|
||||||
|
|
||||||
|
+<parameter name="auth_type">
|
||||||
|
+<longdesc lang="en">
|
||||||
|
+Authentication type "key" for AccessKey and SecretAccessKey set via "aws configure",
|
||||||
|
+or "role" to use AWS Policies.
|
||||||
|
+</longdesc>
|
||||||
|
+<shortdesc lang="en">Authentication type</shortdesc>
|
||||||
|
+<content type="string" default="${OCF_RESKEY_auth_type_default}" />
|
||||||
|
+</parameter>
|
||||||
|
+
|
||||||
|
<parameter name="profile">
|
||||||
|
<longdesc lang="en">
|
||||||
|
Valid AWS CLI profile name (see ~/.aws/config and 'aws configure')
|
||||||
|
@@ -111,6 +125,14 @@ predefined private ip address for ec2 instance
|
||||||
|
<content type="string" default="" />
|
||||||
|
</parameter>
|
||||||
|
|
||||||
|
+<parameter name="region" required="0">
|
||||||
|
+<longdesc lang="en">
|
||||||
|
+Region for AWS resource (required for role-based authentication)
|
||||||
|
+</longdesc>
|
||||||
|
+<shortdesc lang="en">Region</shortdesc>
|
||||||
|
+<content type="string" default="${OCF_RESKEY_region_default}" />
|
||||||
|
+</parameter>
|
||||||
|
+
|
||||||
|
<parameter name="api_delay" unique="0">
|
||||||
|
<longdesc lang="en">
|
||||||
|
a short delay between API calls, to avoid sending API too quick
|
||||||
|
@@ -157,13 +179,13 @@ awseip_start() {
|
||||||
|
NETWORK_ID=$(curl -s http://169.254.169.254/latest/meta-data/network/interfaces/macs/${MAC}/interface-id -H "X-aws-ec2-metadata-token: $TOKEN")
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
- $AWSCLI --profile $OCF_RESKEY_profile ec2 associate-address \
|
||||||
|
+ $AWSCLI_CMD ec2 associate-address \
|
||||||
|
--network-interface-id ${NETWORK_ID} \
|
||||||
|
--allocation-id ${ALLOCATION_ID} \
|
||||||
|
--private-ip-address ${PRIVATE_IP_ADDRESS}
|
||||||
|
RET=$?
|
||||||
|
else
|
||||||
|
- $AWSCLI --profile $OCF_RESKEY_profile ec2 associate-address \
|
||||||
|
+ $AWSCLI_CMD ec2 associate-address \
|
||||||
|
--instance-id ${INSTANCE_ID} \
|
||||||
|
--allocation-id ${ALLOCATION_ID}
|
||||||
|
RET=$?
|
||||||
|
@@ -183,7 +205,7 @@ awseip_start() {
|
||||||
|
awseip_stop() {
|
||||||
|
awseip_monitor || return $OCF_SUCCESS
|
||||||
|
|
||||||
|
- ASSOCIATION_ID=$($AWSCLI --profile $OCF_RESKEY_profile --output json ec2 describe-addresses \
|
||||||
|
+ ASSOCIATION_ID=$($AWSCLI_CMD --output json ec2 describe-addresses \
|
||||||
|
--allocation-id ${ALLOCATION_ID} | grep -m 1 "AssociationId" | awk -F'"' '{print$4}')
|
||||||
|
|
||||||
|
if [ -z "${ASSOCIATION_ID}" ]; then
|
||||||
|
@@ -191,9 +213,7 @@ awseip_stop() {
|
||||||
|
return $OCF_NOT_RUNNING
|
||||||
|
fi
|
||||||
|
|
||||||
|
- $AWSCLI --profile ${OCF_RESKEY_profile} \
|
||||||
|
- ec2 disassociate-address \
|
||||||
|
- --association-id ${ASSOCIATION_ID}
|
||||||
|
+ $AWSCLI_CMD ec2 disassociate-address --association-id ${ASSOCIATION_ID}
|
||||||
|
RET=$?
|
||||||
|
|
||||||
|
# delay to avoid sending request too fast
|
||||||
|
@@ -208,7 +228,7 @@ awseip_stop() {
|
||||||
|
}
|
||||||
|
|
||||||
|
awseip_monitor() {
|
||||||
|
- $AWSCLI --profile $OCF_RESKEY_profile ec2 describe-instances --instance-id "${INSTANCE_ID}" | grep -q "${ELASTIC_IP}"
|
||||||
|
+ $AWSCLI_CMD ec2 describe-instances --instance-id "${INSTANCE_ID}" | grep -q "${ELASTIC_IP}"
|
||||||
|
RET=$?
|
||||||
|
|
||||||
|
if [ $RET -ne 0 ]; then
|
||||||
|
@@ -218,9 +238,9 @@ awseip_monitor() {
|
||||||
|
}
|
||||||
|
|
||||||
|
awseip_validate() {
|
||||||
|
- check_binary ${AWSCLI}
|
||||||
|
+ check_binary "${OCF_RESKEY_awscli}"
|
||||||
|
|
||||||
|
- if [ -z "$OCF_RESKEY_profile" ]; then
|
||||||
|
+ if [ "x${OCF_RESKEY_auth_type}" = "xkey" ] && [ -z "$OCF_RESKEY_profile" ]; then
|
||||||
|
ocf_exit_reason "profile parameter not set"
|
||||||
|
return $OCF_ERR_CONFIGURED
|
||||||
|
fi
|
||||||
|
@@ -238,9 +258,27 @@ case $__OCF_ACTION in
|
||||||
|
meta_data
|
||||||
|
exit $OCF_SUCCESS
|
||||||
|
;;
|
||||||
|
-esac
|
||||||
|
+ usage|help)
|
||||||
|
+ awseip_usage
|
||||||
|
+ exit $OCF_SUCCESS
|
||||||
|
+ ;;
|
||||||
|
+esac
|
||||||
|
|
||||||
|
-AWSCLI="${OCF_RESKEY_awscli}"
|
||||||
|
+AWSCLI_CMD="${OCF_RESKEY_awscli}"
|
||||||
|
+if [ "x${OCF_RESKEY_auth_type}" = "xkey" ]; then
|
||||||
|
+ AWSCLI_CMD="$AWSCLI_CMD --profile ${OCF_RESKEY_profile}"
|
||||||
|
+elif [ "x${OCF_RESKEY_auth_type}" = "xrole" ]; then
|
||||||
|
+ if [ -z "${OCF_RESKEY_region}" ]; then
|
||||||
|
+ ocf_exit_reason "region needs to be set when using role-based authentication"
|
||||||
|
+ exit $OCF_ERR_CONFIGURED
|
||||||
|
+ fi
|
||||||
|
+else
|
||||||
|
+ ocf_exit_reason "Incorrect auth_type: ${OCF_RESKEY_auth_type}"
|
||||||
|
+ exit $OCF_ERR_CONFIGURED
|
||||||
|
+fi
|
||||||
|
+if [ -n "${OCF_RESKEY_region}" ]; then
|
||||||
|
+ AWSCLI_CMD="$AWSCLI_CMD --region ${OCF_RESKEY_region}"
|
||||||
|
+fi
|
||||||
|
ELASTIC_IP="${OCF_RESKEY_elastic_ip}"
|
||||||
|
ALLOCATION_ID="${OCF_RESKEY_allocation_id}"
|
||||||
|
PRIVATE_IP_ADDRESS="${OCF_RESKEY_private_ip_address}"
|
||||||
|
@@ -272,10 +310,6 @@ case $__OCF_ACTION in
|
||||||
|
validate|validate-all)
|
||||||
|
awseip_validate
|
||||||
|
;;
|
||||||
|
- usage|help)
|
||||||
|
- awseip_usage
|
||||||
|
- exit $OCF_SUCCESS
|
||||||
|
- ;;
|
||||||
|
*)
|
||||||
|
awseip_usage
|
||||||
|
exit $OCF_ERR_UNIMPLEMENTED
|
||||||
|
diff --git a/heartbeat/awsvip b/heartbeat/awsvip
|
||||||
|
index 037278e296..bdb4d68dd0 100755
|
||||||
|
--- a/heartbeat/awsvip
|
||||||
|
+++ b/heartbeat/awsvip
|
||||||
|
@@ -23,7 +23,8 @@
|
||||||
|
#
|
||||||
|
# Prerequisites:
|
||||||
|
#
|
||||||
|
-# - preconfigured AWS CLI running environment (AccessKey, SecretAccessKey, etc.)
|
||||||
|
+# - preconfigured AWS CLI running environment (AccessKey, SecretAccessKey, etc.) or
|
||||||
|
+# (AWSRole) Setup up relevant AWS Policies to allow agent related functions to be executed.
|
||||||
|
# - a reserved secondary private IP address for EC2 instances high availablity
|
||||||
|
# - IAM user role with the following permissions:
|
||||||
|
# * DescribeInstances
|
||||||
|
@@ -43,11 +44,15 @@
|
||||||
|
# Defaults
|
||||||
|
#
|
||||||
|
OCF_RESKEY_awscli_default="/usr/bin/aws"
|
||||||
|
+OCF_RESKEY_auth_type_default="key"
|
||||||
|
OCF_RESKEY_profile_default="default"
|
||||||
|
+OCF_RESKEY_region_default=""
|
||||||
|
OCF_RESKEY_api_delay_default="3"
|
||||||
|
|
||||||
|
: ${OCF_RESKEY_awscli=${OCF_RESKEY_awscli_default}}
|
||||||
|
+: ${OCF_RESKEY_auth_type=${OCF_RESKEY_auth_type_default}}
|
||||||
|
: ${OCF_RESKEY_profile=${OCF_RESKEY_profile_default}}
|
||||||
|
+: ${OCF_RESKEY_region=${OCF_RESKEY_region_default}}
|
||||||
|
: ${OCF_RESKEY_api_delay=${OCF_RESKEY_api_delay_default}}
|
||||||
|
|
||||||
|
meta_data() {
|
||||||
|
@@ -62,7 +67,7 @@ Resource Agent for Amazon AWS Secondary Private IP Addresses.
|
||||||
|
|
||||||
|
It manages AWS Secondary Private IP Addresses with awscli.
|
||||||
|
|
||||||
|
-Credentials needs to be setup by running "aws configure".
|
||||||
|
+Credentials needs to be setup by running "aws configure", or by using AWS Policies.
|
||||||
|
|
||||||
|
See https://aws.amazon.com/cli/ for more information about awscli.
|
||||||
|
</longdesc>
|
||||||
|
@@ -78,6 +83,15 @@ command line tools for aws services
|
||||||
|
<content type="string" default="${OCF_RESKEY_awscli_default}" />
|
||||||
|
</parameter>
|
||||||
|
|
||||||
|
+<parameter name="auth_type">
|
||||||
|
+<longdesc lang="en">
|
||||||
|
+Authentication type "key" for AccessKey and SecretAccessKey set via "aws configure",
|
||||||
|
+or "role" to use AWS Policies.
|
||||||
|
+</longdesc>
|
||||||
|
+<shortdesc lang="en">Authentication type</shortdesc>
|
||||||
|
+<content type="string" default="${OCF_RESKEY_auth_type_default}" />
|
||||||
|
+</parameter>
|
||||||
|
+
|
||||||
|
<parameter name="profile">
|
||||||
|
<longdesc lang="en">
|
||||||
|
Valid AWS CLI profile name (see ~/.aws/config and 'aws configure')
|
||||||
|
@@ -94,6 +108,14 @@ reserved secondary private ip for ec2 instance
|
||||||
|
<content type="string" default="" />
|
||||||
|
</parameter>
|
||||||
|
|
||||||
|
+<parameter name="region" required="0">
|
||||||
|
+<longdesc lang="en">
|
||||||
|
+Region for AWS resource (required for role-based authentication)
|
||||||
|
+</longdesc>
|
||||||
|
+<shortdesc lang="en">Region</shortdesc>
|
||||||
|
+<content type="string" default="${OCF_RESKEY_region_default}" />
|
||||||
|
+</parameter>
|
||||||
|
+
|
||||||
|
<parameter name="api_delay" unique="0">
|
||||||
|
<longdesc lang="en">
|
||||||
|
a short delay between API calls, to avoid sending API too quick
|
||||||
|
@@ -131,7 +153,7 @@ END
|
||||||
|
awsvip_start() {
|
||||||
|
awsvip_monitor && return $OCF_SUCCESS
|
||||||
|
|
||||||
|
- $AWSCLI --profile $OCF_RESKEY_profile ec2 assign-private-ip-addresses \
|
||||||
|
+ $AWSCLI_CMD ec2 assign-private-ip-addresses \
|
||||||
|
--network-interface-id ${NETWORK_ID} \
|
||||||
|
--private-ip-addresses ${SECONDARY_PRIVATE_IP} \
|
||||||
|
--allow-reassignment
|
||||||
|
@@ -151,7 +173,7 @@ awsvip_start() {
|
||||||
|
awsvip_stop() {
|
||||||
|
awsvip_monitor || return $OCF_SUCCESS
|
||||||
|
|
||||||
|
- $AWSCLI --profile $OCF_RESKEY_profile ec2 unassign-private-ip-addresses \
|
||||||
|
+ $AWSCLI_CMD ec2 unassign-private-ip-addresses \
|
||||||
|
--network-interface-id ${NETWORK_ID} \
|
||||||
|
--private-ip-addresses ${SECONDARY_PRIVATE_IP}
|
||||||
|
RET=$?
|
||||||
|
@@ -168,7 +190,7 @@ awsvip_stop() {
|
||||||
|
}
|
||||||
|
|
||||||
|
awsvip_monitor() {
|
||||||
|
- $AWSCLI --profile ${OCF_RESKEY_profile} ec2 describe-instances \
|
||||||
|
+ $AWSCLI_CMD ec2 describe-instances \
|
||||||
|
--instance-id "${INSTANCE_ID}" \
|
||||||
|
--query 'Reservations[].Instances[].NetworkInterfaces[].PrivateIpAddresses[].PrivateIpAddress[]' \
|
||||||
|
--output text | \
|
||||||
|
@@ -182,9 +204,9 @@ awsvip_monitor() {
|
||||||
|
}
|
||||||
|
|
||||||
|
awsvip_validate() {
|
||||||
|
- check_binary ${AWSCLI}
|
||||||
|
+ check_binary "${OCF_RESKEY_awscli}"
|
||||||
|
|
||||||
|
- if [ -z "$OCF_RESKEY_profile" ]; then
|
||||||
|
+ if [ "x${OCF_RESKEY_auth_type}" = "xkey" ] && [ -z "$OCF_RESKEY_profile" ]; then
|
||||||
|
ocf_exit_reason "profile parameter not set"
|
||||||
|
return $OCF_ERR_CONFIGURED
|
||||||
|
fi
|
||||||
|
@@ -202,9 +224,27 @@ case $__OCF_ACTION in
|
||||||
|
meta_data
|
||||||
|
exit $OCF_SUCCESS
|
||||||
|
;;
|
||||||
|
+ usage|help)
|
||||||
|
+ awsvip_usage
|
||||||
|
+ exit $OCF_SUCCESS
|
||||||
|
+ ;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
-AWSCLI="${OCF_RESKEY_awscli}"
|
||||||
|
+AWSCLI_CMD="${OCF_RESKEY_awscli}"
|
||||||
|
+if [ "x${OCF_RESKEY_auth_type}" = "xkey" ]; then
|
||||||
|
+ AWSCLI_CMD="$AWSCLI_CMD --profile ${OCF_RESKEY_profile}"
|
||||||
|
+elif [ "x${OCF_RESKEY_auth_type}" = "xrole" ]; then
|
||||||
|
+ if [ -z "${OCF_RESKEY_region}" ]; then
|
||||||
|
+ ocf_exit_reason "region needs to be set when using role-based authentication"
|
||||||
|
+ exit $OCF_ERR_CONFIGURED
|
||||||
|
+ fi
|
||||||
|
+else
|
||||||
|
+ ocf_exit_reason "Incorrect auth_type: ${OCF_RESKEY_auth_type}"
|
||||||
|
+ exit $OCF_ERR_CONFIGURED
|
||||||
|
+fi
|
||||||
|
+if [ -n "${OCF_RESKEY_region}" ]; then
|
||||||
|
+ AWSCLI_CMD="$AWSCLI_CMD --region ${OCF_RESKEY_region}"
|
||||||
|
+fi
|
||||||
|
SECONDARY_PRIVATE_IP="${OCF_RESKEY_secondary_private_ip}"
|
||||||
|
TOKEN=$(curl -sX PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 21600")
|
||||||
|
INSTANCE_ID=$(curl -s http://169.254.169.254/latest/meta-data/instance-id -H "X-aws-ec2-metadata-token: $TOKEN")
|
||||||
|
@@ -236,10 +276,6 @@ case $__OCF_ACTION in
|
||||||
|
validate|validate-all)
|
||||||
|
awsvip_validate
|
||||||
|
;;
|
||||||
|
- usage|help)
|
||||||
|
- awsvip_usage
|
||||||
|
- exit $OCF_SUCCESS
|
||||||
|
- ;;
|
||||||
|
*)
|
||||||
|
awsvip_usage
|
||||||
|
exit $OCF_ERR_UNIMPLEMENTED
|
22
SOURCES/RHEL-17083-findif-EOS-fix.patch
Normal file
22
SOURCES/RHEL-17083-findif-EOS-fix.patch
Normal file
@ -0,0 +1,22 @@
|
|||||||
|
From b23ba4eaefb500199c4845751f4c5545c81f42f1 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
|
||||||
|
Date: Mon, 20 Nov 2023 16:37:37 +0100
|
||||||
|
Subject: [PATCH 2/2] findif: also check that netmaskbits != EOS
|
||||||
|
|
||||||
|
---
|
||||||
|
tools/findif.c | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/tools/findif.c b/tools/findif.c
|
||||||
|
index a25395fec..ab108a3c4 100644
|
||||||
|
--- a/tools/findif.c
|
||||||
|
+++ b/tools/findif.c
|
||||||
|
@@ -669,7 +669,7 @@ main(int argc, char ** argv) {
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
- if (netmaskbits) {
|
||||||
|
+ if (netmaskbits != NULL && *netmaskbits != EOS) {
|
||||||
|
best_netmask = netmask;
|
||||||
|
}else if (best_netmask == 0L) {
|
||||||
|
/*
|
68
SOURCES/bz1904465-mysql-common-improve-error-message.patch
Normal file
68
SOURCES/bz1904465-mysql-common-improve-error-message.patch
Normal file
@ -0,0 +1,68 @@
|
|||||||
|
From fcceb714085836de9db4493b527e94d85dd72626 Mon Sep 17 00:00:00 2001
|
||||||
|
From: ut002970 <liuxingwei@uniontech.com>
|
||||||
|
Date: Wed, 6 Sep 2023 15:27:05 +0800
|
||||||
|
Subject: [PATCH 1/3] modify error message
|
||||||
|
|
||||||
|
---
|
||||||
|
heartbeat/mysql-common.sh | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/heartbeat/mysql-common.sh b/heartbeat/mysql-common.sh
|
||||||
|
index 8104019b03..a93acc4c60 100755
|
||||||
|
--- a/heartbeat/mysql-common.sh
|
||||||
|
+++ b/heartbeat/mysql-common.sh
|
||||||
|
@@ -254,7 +254,7 @@ mysql_common_start()
|
||||||
|
while [ $start_wait = 1 ]; do
|
||||||
|
if ! ps $pid > /dev/null 2>&1; then
|
||||||
|
wait $pid
|
||||||
|
- ocf_exit_reason "MySQL server failed to start (pid=$pid) (rc=$?), please check your installation"
|
||||||
|
+ ocf_exit_reason "MySQL server failed to start (pid=$pid) (rc=$?), please check your installation, log message you can check $OCF_RESKEY_log"
|
||||||
|
return $OCF_ERR_GENERIC
|
||||||
|
fi
|
||||||
|
mysql_common_status info
|
||||||
|
|
||||||
|
From 8f9b344cd5b3cb96ea0f94b7ab0306da2234ac00 Mon Sep 17 00:00:00 2001
|
||||||
|
From: ut002970 <liuxingwei@uniontech.com>
|
||||||
|
Date: Wed, 6 Sep 2023 15:56:24 +0800
|
||||||
|
Subject: [PATCH 2/3] modify error message
|
||||||
|
|
||||||
|
---
|
||||||
|
heartbeat/mysql-common.sh | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/heartbeat/mysql-common.sh b/heartbeat/mysql-common.sh
|
||||||
|
index a93acc4c60..d5b2286737 100755
|
||||||
|
--- a/heartbeat/mysql-common.sh
|
||||||
|
+++ b/heartbeat/mysql-common.sh
|
||||||
|
@@ -254,7 +254,7 @@ mysql_common_start()
|
||||||
|
while [ $start_wait = 1 ]; do
|
||||||
|
if ! ps $pid > /dev/null 2>&1; then
|
||||||
|
wait $pid
|
||||||
|
- ocf_exit_reason "MySQL server failed to start (pid=$pid) (rc=$?), please check your installation, log message you can check $OCF_RESKEY_log"
|
||||||
|
+ ocf_exit_reason "MySQL server failed to start (pid=$pid) (rc=$?), Check $OCF_RESKEY_log for details"
|
||||||
|
return $OCF_ERR_GENERIC
|
||||||
|
fi
|
||||||
|
mysql_common_status info
|
||||||
|
|
||||||
|
From a292b3c552bf3f2beea5f73e0d171546c0a1273c Mon Sep 17 00:00:00 2001
|
||||||
|
From: ut002970 <liuxingwei@uniontech.com>
|
||||||
|
Date: Wed, 6 Sep 2023 16:10:48 +0800
|
||||||
|
Subject: [PATCH 3/3] modify error message
|
||||||
|
|
||||||
|
---
|
||||||
|
heartbeat/mysql-common.sh | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/heartbeat/mysql-common.sh b/heartbeat/mysql-common.sh
|
||||||
|
index d5b2286737..d6b4e3cdf4 100755
|
||||||
|
--- a/heartbeat/mysql-common.sh
|
||||||
|
+++ b/heartbeat/mysql-common.sh
|
||||||
|
@@ -254,7 +254,7 @@ mysql_common_start()
|
||||||
|
while [ $start_wait = 1 ]; do
|
||||||
|
if ! ps $pid > /dev/null 2>&1; then
|
||||||
|
wait $pid
|
||||||
|
- ocf_exit_reason "MySQL server failed to start (pid=$pid) (rc=$?), Check $OCF_RESKEY_log for details"
|
||||||
|
+ ocf_exit_reason "MySQL server failed to start (pid=$pid) (rc=$?). Check $OCF_RESKEY_log for details"
|
||||||
|
return $OCF_ERR_GENERIC
|
||||||
|
fi
|
||||||
|
mysql_common_status info
|
@ -1,79 +0,0 @@
|
|||||||
From cf2fd2a9cf06dc2e915f2fb5dbcc5e09e907a6df Mon Sep 17 00:00:00 2001
|
|
||||||
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
|
|
||||||
Date: Thu, 5 Oct 2023 11:53:18 +0200
|
|
||||||
Subject: [PATCH] findif.sh: dont use table parameter as it returns no netmask
|
|
||||||
(tested with main/local/custom tables)
|
|
||||||
|
|
||||||
---
|
|
||||||
heartbeat/IPaddr2 | 12 ------------
|
|
||||||
heartbeat/findif.sh | 8 ++++----
|
|
||||||
2 files changed, 4 insertions(+), 16 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/heartbeat/IPaddr2 b/heartbeat/IPaddr2
|
|
||||||
index e8384c5866..97a7431a24 100755
|
|
||||||
--- a/heartbeat/IPaddr2
|
|
||||||
+++ b/heartbeat/IPaddr2
|
|
||||||
@@ -73,7 +73,6 @@ OCF_RESKEY_ip_default=""
|
|
||||||
OCF_RESKEY_cidr_netmask_default=""
|
|
||||||
OCF_RESKEY_broadcast_default=""
|
|
||||||
OCF_RESKEY_iflabel_default=""
|
|
||||||
-OCF_RESKEY_table_default=""
|
|
||||||
OCF_RESKEY_cidr_netmask_default=""
|
|
||||||
OCF_RESKEY_lvs_support_default=false
|
|
||||||
OCF_RESKEY_lvs_ipv6_addrlabel_default=false
|
|
||||||
@@ -98,7 +97,6 @@ OCF_RESKEY_network_namespace_default=""
|
|
||||||
: ${OCF_RESKEY_cidr_netmask=${OCF_RESKEY_cidr_netmask_default}}
|
|
||||||
: ${OCF_RESKEY_broadcast=${OCF_RESKEY_broadcast_default}}
|
|
||||||
: ${OCF_RESKEY_iflabel=${OCF_RESKEY_iflabel_default}}
|
|
||||||
-: ${OCF_RESKEY_table=${OCF_RESKEY_table_default}}
|
|
||||||
: ${OCF_RESKEY_lvs_support=${OCF_RESKEY_lvs_support_default}}
|
|
||||||
: ${OCF_RESKEY_lvs_ipv6_addrlabel=${OCF_RESKEY_lvs_ipv6_addrlabel_default}}
|
|
||||||
: ${OCF_RESKEY_lvs_ipv6_addrlabel_value=${OCF_RESKEY_lvs_ipv6_addrlabel_value_default}}
|
|
||||||
@@ -241,16 +239,6 @@ If a label is specified in nic name, this parameter has no effect.
|
|
||||||
<content type="string" default="${OCF_RESKEY_iflabel_default}"/>
|
|
||||||
</parameter>
|
|
||||||
|
|
||||||
-<parameter name="table">
|
|
||||||
-<longdesc lang="en">
|
|
||||||
-Table to use to lookup which interface to use for the IP.
|
|
||||||
-
|
|
||||||
-This can be used for policy based routing. See man ip-rule(8).
|
|
||||||
-</longdesc>
|
|
||||||
-<shortdesc lang="en">Table</shortdesc>
|
|
||||||
-<content type="string" default="${OCF_RESKEY_table_default}" />
|
|
||||||
-</parameter>
|
|
||||||
-
|
|
||||||
<parameter name="lvs_support">
|
|
||||||
<longdesc lang="en">
|
|
||||||
Enable support for LVS Direct Routing configurations. In case a IP
|
|
||||||
diff --git a/heartbeat/findif.sh b/heartbeat/findif.sh
|
|
||||||
index 6c04c98c19..5f1c19ec3c 100644
|
|
||||||
--- a/heartbeat/findif.sh
|
|
||||||
+++ b/heartbeat/findif.sh
|
|
||||||
@@ -32,7 +32,7 @@ prefixcheck() {
|
|
||||||
getnetworkinfo()
|
|
||||||
{
|
|
||||||
local line netinfo
|
|
||||||
- ip -o -f inet route list match $OCF_RESKEY_ip table "${OCF_RESKEY_table:=main}" scope host | (while read line;
|
|
||||||
+ ip -o -f inet route list match $OCF_RESKEY_ip scope host | (while read line;
|
|
||||||
do
|
|
||||||
netinfo=`echo $line | awk '{print $2}'`
|
|
||||||
case $netinfo in
|
|
||||||
@@ -210,14 +210,14 @@ findif()
|
|
||||||
fi
|
|
||||||
findif_check_params $family || return $?
|
|
||||||
|
|
||||||
- if [ -n "$netmask" ] ; then
|
|
||||||
+ if [ -n "$netmask" ]; then
|
|
||||||
match=$match/$netmask
|
|
||||||
fi
|
|
||||||
if [ -n "$nic" ] ; then
|
|
||||||
# NIC supports more than two.
|
|
||||||
- set -- $(ip -o -f $family route list match $match $scope table "${OCF_RESKEY_table:=main}" | grep "dev $nic " | awk 'BEGIN{best=0} /\// { mask=$1; sub(".*/", "", mask); if( int(mask)>=best ) { best=int(mask); best_ln=$0; } } END{print best_ln}')
|
|
||||||
+ set -- $(ip -o -f $family route list match $match $scope | grep "dev $nic " | awk 'BEGIN{best=0} /\// { mask=$1; sub(".*/", "", mask); if( int(mask)>=best ) { best=int(mask); best_ln=$0; } } END{print best_ln}')
|
|
||||||
else
|
|
||||||
- set -- $(ip -o -f $family route list match $match $scope table "${OCF_RESKEY_table:=main}" | awk 'BEGIN{best=0} /\// { mask=$1; sub(".*/", "", mask); if( int(mask)>=best ) { best=int(mask); best_ln=$0; } } END{print best_ln}')
|
|
||||||
+ set -- $(ip -o -f $family route list match $match $scope | awk 'BEGIN{best=0} /\// { mask=$1; sub(".*/", "", mask); if( int(mask)>=best ) { best=int(mask); best_ln=$0; } } END{print best_ln}')
|
|
||||||
fi
|
|
||||||
if [ $# = 0 ] ; then
|
|
||||||
case $OCF_RESKEY_ip in
|
|
@ -73,7 +73,7 @@
|
|||||||
Name: resource-agents
|
Name: resource-agents
|
||||||
Summary: Open Source HA Reusable Cluster Resource Scripts
|
Summary: Open Source HA Reusable Cluster Resource Scripts
|
||||||
Version: 4.9.0
|
Version: 4.9.0
|
||||||
Release: 48%{?rcver:%{rcver}}%{?numcomm:.%{numcomm}}%{?alphatag:.%{alphatag}}%{?dirty:.%{dirty}}%{?dist}.1
|
Release: 54%{?rcver:%{rcver}}%{?numcomm:.%{numcomm}}%{?alphatag:.%{alphatag}}%{?dirty:.%{dirty}}%{?dist}
|
||||||
License: GPLv2+ and LGPLv2+
|
License: GPLv2+ and LGPLv2+
|
||||||
URL: https://github.com/ClusterLabs/resource-agents
|
URL: https://github.com/ClusterLabs/resource-agents
|
||||||
%if 0%{?fedora} || 0%{?centos_version} || 0%{?rhel}
|
%if 0%{?fedora} || 0%{?centos_version} || 0%{?rhel}
|
||||||
@ -153,7 +153,13 @@ Patch56: bz2040110-IPaddr2-IPsrcaddr-2-fix-table-parameter.patch
|
|||||||
Patch57: bz2189243-Filesystem-1-improve-stop-action.patch
|
Patch57: bz2189243-Filesystem-1-improve-stop-action.patch
|
||||||
Patch58: bz2189243-Filesystem-2-fix-incorrect-parameter-types.patch
|
Patch58: bz2189243-Filesystem-2-fix-incorrect-parameter-types.patch
|
||||||
Patch59: bz2189243-Filesystem-3-fix-signal_delay-default-value.patch
|
Patch59: bz2189243-Filesystem-3-fix-signal_delay-default-value.patch
|
||||||
Patch60: bz2040110-IPaddr2-IPsrcaddr-3-dont-use-table-parameter.patch
|
Patch60: bz1904465-mysql-common-improve-error-message.patch
|
||||||
|
Patch61: RHEL-15302-1-exportfs-make-fsid-optional.patch
|
||||||
|
Patch62: RHEL-15302-2-ocft-exportfs-remove-fsid-required-test.patch
|
||||||
|
Patch63: RHEL-15305-1-findif.sh-fix-loopback-handling.patch
|
||||||
|
Patch64: RHEL-16248-aws-vpc-move-ip-aws-vpc-route53-awseip-awsvip-auth_type-role.patch
|
||||||
|
Patch65: RHEL-17083-findif-EOS-fix.patch
|
||||||
|
Patch66: RHEL-15305-2-findif.sh-dont-use-table-parameter.patch
|
||||||
|
|
||||||
# bundle patches
|
# bundle patches
|
||||||
Patch1000: 7-gcp-bundled.patch
|
Patch1000: 7-gcp-bundled.patch
|
||||||
@ -335,67 +341,73 @@ databases to be managed in a cluster environment.
|
|||||||
exit 1
|
exit 1
|
||||||
%endif
|
%endif
|
||||||
%setup -q -n %{upstream_prefix}-%{upstream_version}
|
%setup -q -n %{upstream_prefix}-%{upstream_version}
|
||||||
%patch0 -p1
|
%patch -p1 -P 0
|
||||||
%patch1 -p1
|
%patch -p1 -P 1
|
||||||
%patch2 -p1
|
%patch -p1 -P 2
|
||||||
%patch3 -p1
|
%patch -p1 -P 3
|
||||||
%patch4 -p1
|
%patch -p1 -P 4
|
||||||
%patch5 -p1
|
%patch -p1 -P 5
|
||||||
%patch6 -p1
|
%patch -p1 -P 6
|
||||||
%patch7 -p1
|
%patch -p1 -P 7
|
||||||
%patch8 -p1
|
%patch -p1 -P 8
|
||||||
%patch9 -p1
|
%patch -p1 -P 9
|
||||||
%patch10 -p1
|
%patch -p1 -P 10
|
||||||
%patch11 -p1
|
%patch -p1 -P 11
|
||||||
%patch12 -p1
|
%patch -p1 -P 12
|
||||||
%patch13 -p1
|
%patch -p1 -P 13
|
||||||
%patch14 -p1
|
%patch -p1 -P 14
|
||||||
%patch15 -p1
|
%patch -p1 -P 15
|
||||||
%patch16 -p1
|
%patch -p1 -P 16
|
||||||
%patch17 -p1
|
%patch -p1 -P 17
|
||||||
%patch18 -p1
|
%patch -p1 -P 18
|
||||||
%patch19 -p1
|
%patch -p1 -P 19
|
||||||
%patch20 -p1
|
%patch -p1 -P 20
|
||||||
%patch21 -p1
|
%patch -p1 -P 21
|
||||||
%patch22 -p1
|
%patch -p1 -P 22
|
||||||
%patch23 -p1
|
%patch -p1 -P 23
|
||||||
%patch24 -p1
|
%patch -p1 -P 24
|
||||||
%patch25 -p1
|
%patch -p1 -P 25
|
||||||
%patch26 -p1
|
%patch -p1 -P 26
|
||||||
%patch27 -p1
|
%patch -p1 -P 27
|
||||||
%patch28 -p1
|
%patch -p1 -P 28
|
||||||
%patch29 -p1
|
%patch -p1 -P 29
|
||||||
%patch30 -p1
|
%patch -p1 -P 30
|
||||||
%patch31 -p1
|
%patch -p1 -P 31
|
||||||
%patch32 -p1
|
%patch -p1 -P 32
|
||||||
%patch33 -p1
|
%patch -p1 -P 33
|
||||||
%patch34 -p1
|
%patch -p1 -P 34
|
||||||
%patch35 -p1
|
%patch -p1 -P 35
|
||||||
%patch36 -p1
|
%patch -p1 -P 36
|
||||||
%patch37 -p1
|
%patch -p1 -P 37
|
||||||
%patch38 -p1
|
%patch -p1 -P 38
|
||||||
%patch39 -p1
|
%patch -p1 -P 39
|
||||||
%patch40 -p1
|
%patch -p1 -P 40
|
||||||
%patch41 -p1
|
%patch -p1 -P 41
|
||||||
%patch42 -p1
|
%patch -p1 -P 42
|
||||||
%patch43 -p1
|
%patch -p1 -P 43
|
||||||
%patch44 -p1
|
%patch -p1 -P 44
|
||||||
%patch45 -p1
|
%patch -p1 -P 45
|
||||||
%patch46 -p1
|
%patch -p1 -P 46
|
||||||
%patch47 -p1
|
%patch -p1 -P 47
|
||||||
%patch48 -p1
|
%patch -p1 -P 48
|
||||||
%patch49 -p1
|
%patch -p1 -P 49
|
||||||
%patch50 -p1
|
%patch -p1 -P 50
|
||||||
%patch51 -p1
|
%patch -p1 -P 51
|
||||||
%patch52 -p1
|
%patch -p1 -P 52
|
||||||
%patch53 -p1
|
%patch -p1 -P 53
|
||||||
%patch54 -p1
|
%patch -p1 -P 54
|
||||||
%patch55 -p1
|
%patch -p1 -P 55
|
||||||
%patch56 -p1
|
%patch -p1 -P 56
|
||||||
%patch57 -p1
|
%patch -p1 -P 57
|
||||||
%patch58 -p1
|
%patch -p1 -P 58
|
||||||
%patch59 -p1
|
%patch -p1 -P 59
|
||||||
%patch60 -p1
|
%patch -p1 -P 60
|
||||||
|
%patch -p1 -P 61
|
||||||
|
%patch -p1 -P 62
|
||||||
|
%patch -p1 -P 63
|
||||||
|
%patch -p1 -P 64
|
||||||
|
%patch -p1 -P 65
|
||||||
|
%patch -p1 -P 66
|
||||||
|
|
||||||
chmod 755 heartbeat/nova-compute-wait
|
chmod 755 heartbeat/nova-compute-wait
|
||||||
chmod 755 heartbeat/NovaEvacuate
|
chmod 755 heartbeat/NovaEvacuate
|
||||||
@ -409,15 +421,15 @@ mkdir -p %{bundled_lib_dir}/aliyun
|
|||||||
%ifarch x86_64
|
%ifarch x86_64
|
||||||
tar -xzf %SOURCE1 -C %{bundled_lib_dir}/gcp
|
tar -xzf %SOURCE1 -C %{bundled_lib_dir}/gcp
|
||||||
# gcp*: append bundled-directory to search path, gcloud-ra
|
# gcp*: append bundled-directory to search path, gcloud-ra
|
||||||
%patch1000 -p1
|
%patch -p1 -P 1000
|
||||||
# replace python-rsa with python-cryptography
|
# replace python-rsa with python-cryptography
|
||||||
%patch1001 -p1
|
%patch -p1 -P 1001
|
||||||
# gcloud support info
|
# gcloud support info
|
||||||
%patch1002 -p1
|
%patch -p1 -P 1002
|
||||||
# configure: skip bundled gcp lib checks
|
# configure: skip bundled gcp lib checks
|
||||||
%patch1003 -p1 -F1
|
%patch -p1 -P 1003 -F1
|
||||||
# gcloud remove python 2 detection
|
# gcloud remove python 2 detection
|
||||||
%patch1004 -p1
|
%patch -p1 -P 1004
|
||||||
# rename gcloud
|
# rename gcloud
|
||||||
mv %{googlecloudsdk_dir}/bin/gcloud %{googlecloudsdk_dir}/bin/gcloud-ra
|
mv %{googlecloudsdk_dir}/bin/gcloud %{googlecloudsdk_dir}/bin/gcloud-ra
|
||||||
# keep googleapiclient
|
# keep googleapiclient
|
||||||
@ -524,16 +536,16 @@ mv %{bundled_lib_dir}/aliyun/%{aliyuncli}-%{aliyuncli_version} %{aliyuncli_dir}
|
|||||||
cp %{aliyuncli_dir}/README.rst %{aliyuncli}_README.rst
|
cp %{aliyuncli_dir}/README.rst %{aliyuncli}_README.rst
|
||||||
cp %{aliyuncli_dir}/LICENSE %{aliyuncli}_LICENSE
|
cp %{aliyuncli_dir}/LICENSE %{aliyuncli}_LICENSE
|
||||||
# aliyun*: use bundled libraries
|
# aliyun*: use bundled libraries
|
||||||
%patch1005 -p1
|
%patch -p1 -P 1005
|
||||||
|
|
||||||
# aliyun Python 3 fixes
|
# aliyun Python 3 fixes
|
||||||
%patch1006 -p1
|
%patch -p1 -P 1006
|
||||||
%patch1007 -p1
|
%patch -p1 -P 1007
|
||||||
|
|
||||||
# fix CVE's in python-pygments
|
# fix CVE's in python-pygments
|
||||||
pushd %{googlecloudsdk_dir}/lib/third_party
|
pushd %{googlecloudsdk_dir}/lib/third_party
|
||||||
%patch1008 -p1 -F2
|
%patch -p1 -P 1008 -F2
|
||||||
%patch1009 -p1 -F2
|
%patch -p1 -P 1009 -F2
|
||||||
popd
|
popd
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
@ -977,15 +989,37 @@ ccs_update_schema > /dev/null 2>&1 ||:
|
|||||||
%{_usr}/lib/ocf/lib/heartbeat/OCF_*.pm
|
%{_usr}/lib/ocf/lib/heartbeat/OCF_*.pm
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
* Wed Feb 21 2024 Craig Guiller <craig.guiller@oracle.com> - 4.9.0-48.1
|
* Thu Feb 8 2024 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.9.0-54
|
||||||
|
- findif.sh: fix loopback IP handling
|
||||||
|
|
||||||
|
Resolves: RHEL-15305
|
||||||
|
|
||||||
|
* Wed Jan 24 2024 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.9.0-53
|
||||||
- bundled urllib3: fix CVE-2023-45803
|
- bundled urllib3: fix CVE-2023-45803
|
||||||
- bundled pycryptodome: fix CVE-2023-52323
|
- bundled pycryptodome: fix CVE-2023-52323
|
||||||
|
|
||||||
Resolves: RHEL-22431, RHEL-20916
|
Resolves: RHEL-22431, RHEL-20916
|
||||||
* Thu Oct 5 2023 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.9.0-48
|
|
||||||
- IPaddr2/IPsrcaddr: support policy-based routing
|
|
||||||
|
|
||||||
Resolves: rhbz#2040110
|
* Tue Nov 21 2023 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.9.0-52
|
||||||
|
- findif: also check that netmaskbits != EOS
|
||||||
|
|
||||||
|
Resolves: RHEL-17083
|
||||||
|
|
||||||
|
* Fri Nov 17 2023 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.9.0-51
|
||||||
|
- aws-vpc-move-ip/aws-vpc-route53/awseip/awsvip: add auth_type parameter
|
||||||
|
and AWS Policy based authentication type
|
||||||
|
|
||||||
|
Resolves: RHEL-16248
|
||||||
|
|
||||||
|
* Thu Nov 2 2023 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.9.0-49
|
||||||
|
- exportfs: make "fsid" parameter optional
|
||||||
|
|
||||||
|
Resolves: RHEL-15302
|
||||||
|
|
||||||
|
* Wed Sep 6 2023 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.9.0-48
|
||||||
|
- mysql-common: improve error message
|
||||||
|
|
||||||
|
Resolves: rhbz#1904465
|
||||||
|
|
||||||
* Thu Jul 20 2023 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.9.0-47
|
* Thu Jul 20 2023 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.9.0-47
|
||||||
- Filesystem: improve stop-action and allow setting term/kill signals
|
- Filesystem: improve stop-action and allow setting term/kill signals
|
||||||
@ -993,6 +1027,11 @@ ccs_update_schema > /dev/null 2>&1 ||:
|
|||||||
|
|
||||||
Resolves: rhbz#2189243
|
Resolves: rhbz#2189243
|
||||||
|
|
||||||
|
* Wed Jun 21 2023 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.9.0-44
|
||||||
|
- IPaddr2/IPsrcaddr: support policy-based routing
|
||||||
|
|
||||||
|
Resolves: rhbz#2040110
|
||||||
|
|
||||||
* Wed Jun 14 2023 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.9.0-43
|
* Wed Jun 14 2023 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.9.0-43
|
||||||
- mysql: fix replication issues
|
- mysql: fix replication issues
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user