seasharp
/
anvil
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Local modifications to ClusterLabs/Anvil by Alteeve
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2083 Commits
2 Branches
0 Tags
21 MiB
Tag: Branch: Tree: a3143ce172
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'a3143ce172'
${ noResults }
anvil/Anvil/Tools/Remote.pm

1186 lines
43 KiB
Raw Normal View History Unescape

* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
package Anvil::Tools::Remote;
#
# This module contains methods used to handle storage related tasks
#
use strict;
use warnings;
use Data::Dumper;
use Scalar::Util qw(weaken isweak);
* Finished Convert->time (needs testing). * Started reworking Remote->call to use Net::OpenSSH instead of Net::SSH2. Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
use Net::SSH2; ### TODO: Phase out.
use Net::OpenSSH;
use Capture::Tiny ':all';
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
our $VERSION = "3.0.0";
my $THIS_FILE = "Remote.pm";
### Methods;
# add_target_to_known_hosts
# call
* Moved Database->check_condition_age to Alert. * Created (but not finished) scan-apc-pdu * Added support to tracking maintenance-mode for nodes in Cluster->parse_cib * Created Remote->read_snmp_oid(). * Created Server->get_definition. * Updated Server->get_status() to write-out server XML files on-demand. * Finished scan-cluster. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
# read_snmp_oid
* Got 'migrate_to' working in ocf:alteeve:server. 'migrate_from' still needs work. * Created DRBD->allow_two_primaries() and ->reload_defaults() that enables (and resets/disables) dual-primary operation (allow-two-primaries=yes), used to enable live migration. * Created Remote->test_access() that simply verifies that a remote target can be accessed (as a given user). * Created Server->migrate() that actually migrates a server. It can push already, and pull will be added next. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
# test_access
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
# _call_ssh_keyscan
# _check_known_hosts_for_target
=pod
=encoding utf8
=head1 NAME
Anvil::Tools::Remote
Provides all methods related to accessing a remote system. Currently, all methods use SSH for remote access
=head1 SYNOPSIS
use Anvil::Tools;
# Get a common object handle on all Anvil::Tools modules.
my $anvil = Anvil::Tools->new();
# Access to methods using '$anvil->Storage->X'.
#
# Example using 'find()';
my $foo_path = $anvil->Storage->find({file => "foo"});
=head1 METHODS
Methods in this module;
=cut
sub new
{
my $class = shift;
my $self = {
};
bless $self, $class;
return ($self);
}
# Get a handle on the Anvil::Tools object. I know that technically that is a sibling module, but it makes more
# sense in this case to think of it as a parent.
sub parent
{
my $self = shift;
my $parent = shift;
$self->{HANDLE}{TOOLS} = $parent if $parent;
# Defend against memory leads. See Scalar::Util'.
if (not isweak($self->{HANDLE}{TOOLS}))
{
* Updated DRBD->get_devices() to properly identify the peer node, when run on an actual node in the cluster (not DR or Striker). * Created System->active_lv() that, surprise, activates an inactive logical volume. Also created ->check_storage() that parses out the LVM data. * Fixed a bug in tools/fence_pacemaker that was preventing it from compiling and running. * Updated ocf:alteeve:server to validate the target server's storage. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
weaken($self->{HANDLE}{TOOLS});
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
}
return ($self->{HANDLE}{TOOLS});
}
#############################################################################################################
# Public methods #
#############################################################################################################
=head2 add_target_to_known_hosts
This checks the C<< user >>'s C<< ~/.ssh/known_hosts >> file for the presence of the C<< target >>'s SSH RSA fingerprint. If it isn't found, it uses C<< ssh-keyscan >> to add the host. Optionally, it can delete any existing fingerprints (useful for handling a rebuilt machine).
Returns C<< 0 >> on success, C<< 1 >> on failure.
Parameters;
=head3 delete_if_found (optional, default 0)
If set, and if a previous fingerprint was found for the C<< target >>, the old fingerprint will be removed.
B<< NOTE >>: Obviously, this introduces a possible security issue. Care needs to be taken that the key being removed is, in fact, no longer needed.
=head3 port (optional, default 22)
This is the TCP port to use when connecting to the C<< target >> over SSH.
=head3 target (required)
This is the IP address or (resolvable) host name of the machine who's key we're recording.
=head3 user (optional, defaults to user running this method)
This is the user who we're recording the key for.
=cut
sub add_target_to_known_hosts
{
my $self = shift;
my $parameter = shift;
my $anvil = $self->parent;
my $debug = defined $parameter->{debug} ? $parameter->{debug} : 3;
* Updated all methods to add (or fix) logging the method entry. * More work done on Email->send_email() to, well, actually send email (which it isn't doing yet, but it's close). * Updated Words->key() to include the bad key name when no entry for the requested key exists in the words.xml file. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => $debug, key => "log_0125", variables => { method => "Remote->add_target_to_known_hosts()" }});
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
my $delete_if_found = defined $parameter->{delete_if_found} ? $parameter->{delete_if_found} : 0;
my $port = defined $parameter->{port} ? $parameter->{port} : 22;
my $target = defined $parameter->{target} ? $parameter->{target} : "";
* Got 'migrate_to' working in ocf:alteeve:server. 'migrate_from' still needs work. * Created DRBD->allow_two_primaries() and ->reload_defaults() that enables (and resets/disables) dual-primary operation (allow-two-primaries=yes), used to enable live migration. * Created Remote->test_access() that simply verifies that a remote target can be accessed (as a given user). * Created Server->migrate() that actually migrates a server. It can push already, and pull will be added next. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
my $user = defined $parameter->{user} ? $parameter->{user} : getpwuid($<);
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, secure => 0, list => {
delete_if_found => $delete_if_found,
port => $port,
target => $target,
user => $user,
}});
# Get the local user's home
* Updated Log->entry() to prefix log lines with the short 'job-uuid', when the log entry is coming from a program running as a job. This is meant to make it easier to break up what log lines belong to what jobs, if multiple jobs are running at the same time (ie: when initializing multiple nodes / dr hosts in parallel). * Updated Remote->call() to return ('!!error!!', '!!error!!', 9999) when an error hits. Made Remote->test_access() explicitely check for '1' to be returned in order to confirm access, fixing a bug where bad target value caused false positives. Updated ->_check_known_hosts_for_target() to no longer explicitely check for 'ssh-rsa' so that machine keys using different cyphers are detected as being in known_hosts properly. * Updated striker-auto-initialize-all to initialize nodes and DR hosts networks before trying to form them into an Anvil!. Fixed several other bugs as well. More testing is needed, but it works now. * Updated striker-initialize-host to check for the alteeve repo and, it not found, check for accress to alteeve.com. If access, it will install our repo now. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
my $users_home = $anvil->Get->users_home({debug => ($debug + 1), user => $user});
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, secure => 0, list => { users_home => $users_home }});
if (not $users_home)
{
# No sense proceeding... An error will already have been recorded.
return(1);
}
# I'll need to make sure I've seen the fingerprint before.
my $known_hosts = $users_home."/.ssh/known_hosts";
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, secure => 0, list => { known_hosts => $known_hosts }});
# OK, now do we have a 'known_hosts' at all?
my $known_machine = 0;
if (-e $known_hosts)
{
# Yup, see if the target is there already,
$known_machine = $anvil->Remote->_check_known_hosts_for_target({
* Updated Log->entry() to prefix log lines with the short 'job-uuid', when the log entry is coming from a program running as a job. This is meant to make it easier to break up what log lines belong to what jobs, if multiple jobs are running at the same time (ie: when initializing multiple nodes / dr hosts in parallel). * Updated Remote->call() to return ('!!error!!', '!!error!!', 9999) when an error hits. Made Remote->test_access() explicitely check for '1' to be returned in order to confirm access, fixing a bug where bad target value caused false positives. Updated ->_check_known_hosts_for_target() to no longer explicitely check for 'ssh-rsa' so that machine keys using different cyphers are detected as being in known_hosts properly. * Updated striker-auto-initialize-all to initialize nodes and DR hosts networks before trying to form them into an Anvil!. Fixed several other bugs as well. More testing is needed, but it works now. * Updated striker-initialize-host to check for the alteeve repo and, it not found, check for accress to alteeve.com. If access, it will install our repo now. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
debug => ($debug + 1),
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
target => $target,
port => $port,
known_hosts => $known_hosts,
user => $user,
delete_if_found => $delete_if_found,
});
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, secure => 0, list => { known_machine => $known_machine }});
}
# If either known_hosts didn't contain this target or simply didn't exist, add it.
if (not $known_machine)
{
# We don't know about this machine yet, so scan it.
my $added = $anvil->Remote->_call_ssh_keyscan({
* Updated Log->entry() to prefix log lines with the short 'job-uuid', when the log entry is coming from a program running as a job. This is meant to make it easier to break up what log lines belong to what jobs, if multiple jobs are running at the same time (ie: when initializing multiple nodes / dr hosts in parallel). * Updated Remote->call() to return ('!!error!!', '!!error!!', 9999) when an error hits. Made Remote->test_access() explicitely check for '1' to be returned in order to confirm access, fixing a bug where bad target value caused false positives. Updated ->_check_known_hosts_for_target() to no longer explicitely check for 'ssh-rsa' so that machine keys using different cyphers are detected as being in known_hosts properly. * Updated striker-auto-initialize-all to initialize nodes and DR hosts networks before trying to form them into an Anvil!. Fixed several other bugs as well. More testing is needed, but it works now. * Updated striker-initialize-host to check for the alteeve repo and, it not found, check for accress to alteeve.com. If access, it will install our repo now. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
debug => ($debug + 1),
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
target => $target,
port => $port,
user => $user,
known_hosts => $known_hosts});
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, secure => 0, list => { added => $added }});
if (not $added)
{
# Failed to add. :(
* Made more progress on tools/striker-auto-initialize-all, now to the point where it loads the variables needed to initialize Striker dashboard. * Cleaned up / added some logging in various locations. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
* Updated anvil-daemon (and Database->insert_or_update_jobs) to now recognize jobs with the job_status of 'scancore_startup' to run only when ScanCore starts. * Finished initial Striker setup in tools/striker-auto-initialize-all. Started working on peering. * Cleaned up the handling of converting UIDs to user names in Remote->add_target_to_known_hosts() and ->_call_ssh_keyscan(). * Did a bunch of white-space/alignment cleanup. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
my $say_user = $user;
if (($say_user =~ /^\d+$/) && (getpwuid($user)))
{
$say_user = getpwuid($user);
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => { say_user => $say_user }});
}
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => 0, priority => "err", key => "error_0009", variables => {
target => $target,
port => $port,
* Updated anvil-daemon (and Database->insert_or_update_jobs) to now recognize jobs with the job_status of 'scancore_startup' to run only when ScanCore starts. * Finished initial Striker setup in tools/striker-auto-initialize-all. Started working on peering. * Cleaned up the handling of converting UIDs to user names in Remote->add_target_to_known_hosts() and ->_call_ssh_keyscan(). * Did a bunch of white-space/alignment cleanup. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
user => $say_user,
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
}});
return(1);
}
}
return(0);
}
=head2 call
* Finished converting Remote->call() to use Net::OpenSSH. Also updated all calls to this method to expect the output as a single (sometimes multi-line) string instead of an array reference. Also updated all calles to expect 'output' first, 'error' second. * Added a 'timeout' parameter to Remote->call() to limit the time that a command on a remote host can run, with a default of '10' (seconds). Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
This does a remote call over SSH. The connection is held open and the file handle for the target is cached and re-used unless a C<< close >> is set to C<< 1 >>.
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
Example;
* Fixed tools/striker-initialize-host so that it set the hostname on the target, not locally. * Updated System->host_name to work locally and on remote targets. * Renamed all 'hostname' instances to 'host_name' to standardize on a spelling throughout the program. * Removed use of and dependency on 'hostname'. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
# Call 'hostnamectl' on a node.
* Added automatic 'echo return_code:$?' to System->call and Remote->call which is parsed out and returned automatically on all calls. * Started porting ocf:alteeve:server to use the Anvil::Tools module and updating it for RHEL 8. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
my ($output, $error, $return_code) = $anvil->Remote->call({
* Changed the Storage->copy() 'target' parameter to 'target_file' to avoid confusion with the often-used 'target' parameter for connecting to remote machines. * Changed 'database::x::...' so that 'x' is now the database host's UUID instead of a simple integer. This will simplify sync'ing configs. Also removed default entries, and made it so that anvil-prep-database injects the local config during first setup. Renamed Database->get_local_id to get_local_uuid and changed the 'id' parameter to 'uuid'. Changed Database->initialize's 'id' parameter to 'host_uuid'. The Database->query, Database->write, Database->_mark_database_as_behind and Database->_find_behind_databases methods had their 'id' parameter changed to 'uuid'. * Added the 'remote_user' parameter to Get->anvil_version, System->ping and System->change_shell_user_password for conencting to remote targets. * Added the 'remote_user' parameter to all internal Remote->call uses. * Updated Storage->backup, Storage->copy_file, Storage->make_directory, Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
target => "an-a01n01.alteeve.com",
password => "super secret password",
remote_user => "admin",
* Fixed tools/striker-initialize-host so that it set the hostname on the target, not locally. * Updated System->host_name to work locally and on remote targets. * Renamed all 'hostname' instances to 'host_name' to standardize on a spelling throughout the program. * Removed use of and dependency on 'hostname'. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
shell_call => "/usr/bin/hostnamectl",
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
});
# Make a call with sensitive data that you want logged only if $anvil->Log->secure is set and close the
# connection when done.
* Added automatic 'echo return_code:$?' to System->call and Remote->call which is parsed out and returned automatically on all calls. * Started porting ocf:alteeve:server to use the Anvil::Tools module and updating it for RHEL 8. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
my ($output, $error, $return_code) = $anvil->Remote->call({
* Changed the Storage->copy() 'target' parameter to 'target_file' to avoid confusion with the often-used 'target' parameter for connecting to remote machines. * Changed 'database::x::...' so that 'x' is now the database host's UUID instead of a simple integer. This will simplify sync'ing configs. Also removed default entries, and made it so that anvil-prep-database injects the local config during first setup. Renamed Database->get_local_id to get_local_uuid and changed the 'id' parameter to 'uuid'. Changed Database->initialize's 'id' parameter to 'host_uuid'. The Database->query, Database->write, Database->_mark_database_as_behind and Database->_find_behind_databases methods had their 'id' parameter changed to 'uuid'. * Added the 'remote_user' parameter to Get->anvil_version, System->ping and System->change_shell_user_password for conencting to remote targets. * Added the 'remote_user' parameter to all internal Remote->call uses. * Updated Storage->backup, Storage->copy_file, Storage->make_directory, Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
target => "an-a01n01.alteeve.com",
password => "super secret password",
remote_user => "root",
shell_call => "/usr/sbin/fence_ipmilan -a an-a01n02.ipmi -l admin -p \"super secret password\" -o status",
secure => 1,
'close' => 1,
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
});
If there is any problem connecting to the target, C<< $error >> will contain a translated string explaining what went wrong. Checking if this is B<< false >> is a good way to verify that the call succeeded.
* Finished converting Remote->call() to use Net::OpenSSH. Also updated all calls to this method to expect the output as a single (sometimes multi-line) string instead of an array reference. Also updated all calles to expect 'output' first, 'error' second. * Added a 'timeout' parameter to Remote->call() to limit the time that a command on a remote host can run, with a default of '10' (seconds). Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
Any output from the call will be stored in C<< $output >>. STDERR and STDOUT are merged into the C<< $output >> array reference.
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
B<NOTE>: By default, a connection to a target will be held open and cached to increase performance for future connections.
Parameters;
=head3 close (optional, default '0')
If set, the connection to the target will be closed at the end of the call.
=head3 log_level (optional, default C<< 3 >>)
If set, the method will use the given log level. Valid values are integers between C<< 0 >> and C<< 4 >>.
=head3 no_cache (optional, default C<< 0 >>)
If set, and if an existing cached connection is open, it will be closed and a new connection to the target will be established.
=head3 password (optional)
This is the password used to connect to the remote target as the given user.
B<NOTE>: Passwordless SSH is supported. If you can ssh to the target as the given user without a password, then no password needs to be given here.
=head3 port (optional, default C<< 22 >>)
This is the TCP port to use when connecting to the C<< target >>. The default is port 22.
B<NOTE>: See C<< target >> for optional port definition.
* Changed the Storage->copy() 'target' parameter to 'target_file' to avoid confusion with the often-used 'target' parameter for connecting to remote machines. * Changed 'database::x::...' so that 'x' is now the database host's UUID instead of a simple integer. This will simplify sync'ing configs. Also removed default entries, and made it so that anvil-prep-database injects the local config during first setup. Renamed Database->get_local_id to get_local_uuid and changed the 'id' parameter to 'uuid'. Changed Database->initialize's 'id' parameter to 'host_uuid'. The Database->query, Database->write, Database->_mark_database_as_behind and Database->_find_behind_databases methods had their 'id' parameter changed to 'uuid'. * Added the 'remote_user' parameter to Get->anvil_version, System->ping and System->change_shell_user_password for conencting to remote targets. * Added the 'remote_user' parameter to all internal Remote->call uses. * Updated Storage->backup, Storage->copy_file, Storage->make_directory, Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
=head3 remote_user (optional, default root)
This is the user account on the C<< target >> to connect as and to run the C<< shell_call >> as. The C<< password >> if so this user's account on the C<< target >>.
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
=head3 secure (optional, default C<< 0 >>)
If set, the C<< shell_call >> is treated as containing sensitive data and will not be logged unless C<< $anvil->Log->secure >> is enabled.
=head3 shell_call (required)
This is the command to run on the target machine as the target user.
=head3 target (required)
This is the host name or IP address of the target machine that the C<< shell_call >> will be run on.
B<NOTE>: If the target matches an entry in '/etc/ssh/ssh_config', the port defined there is used. If the port is set as part of the target name, the port in 'ssh_config' is ignored.
B<NOTE>: If the C<< target >> is presented in the format C<< target:port >>, the port will be separated from the target and used as the TCP port. If the C<< port >> parameter is set, however, the port split off the C<< target >> will be ignored.
* Finished converting Remote->call() to use Net::OpenSSH. Also updated all calls to this method to expect the output as a single (sometimes multi-line) string instead of an array reference. Also updated all calles to expect 'output' first, 'error' second. * Added a 'timeout' parameter to Remote->call() to limit the time that a command on a remote host can run, with a default of '10' (seconds). Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
=head3 timeout (optional, default '10')
* Made a fair bit more progress on tools/striker-manage-install-target. It now registers a system with Red Hat and attaches appropriate subscriptions, updates the OS and (tries) to install anvil-{node,dr}. * Fixed a bug in Remote->call where a shell call that ended in a newline would work, but throw an error and not get the return code. * Created Database->get_job_details() which takes a job_uuid and returns the job details, if found. * Fixed a bug in Jobs->update_progress() where 'clear' wasn't removing the old job_progress data. * Added the parameters 'no_files' to skip stat'ing/recording non-directories, and 'search_for' which will set the parent directory in 'scan::searched' and stop scanning if found. This allows this method to act as a directory tree scanner and as a search engine. * Created Striker->get_local_repo() that builds a repo file body suitable for adding to peers, nodes and DR hosts. * Fixed bugs in the Striker WebUI related to initializing a target node / DR host. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
B<NOTE>: This is the timeout for the command to return, in seconds. This is NOT the connection timeout!
* Finished converting Remote->call() to use Net::OpenSSH. Also updated all calls to this method to expect the output as a single (sometimes multi-line) string instead of an array reference. Also updated all calles to expect 'output' first, 'error' second. * Added a 'timeout' parameter to Remote->call() to limit the time that a command on a remote host can run, with a default of '10' (seconds). Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
If this is set to a numeric whole number, then the called shell command will have the set number of seconds to complete. If this is set to C<< 0 >>, then no timeout will be used.
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
=cut
sub call
{
my $self = shift;
my $parameter = shift;
my $anvil = $self->parent;
my $debug = defined $parameter->{debug} ? $parameter->{debug} : 3;
* Updated all methods to add (or fix) logging the method entry. * More work done on Email->send_email() to, well, actually send email (which it isn't doing yet, but it's close). * Updated Words->key() to include the bad key name when no entry for the requested key exists in the words.xml file. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => $debug, key => "log_0125", variables => { method => "Remote->call()" }});
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
# Get the target and port so that we can create the ssh_fh key
* Added a flag that tells anvil-daemon when a node is having it's network mapped. When this happens, open ssh connections are closed each loop and only tasks related to mapping the network run. This improves responsiveness in Striker when reporting which network links have come up or gone down. * Fixed a bug in Database->insert_or_update_variables() where, if 'update_value_only' was set but not variable_uuid was passed or could be found, an (incomplete) INSERT would be attempted. * Added support for generating module metadata when setting up local repos on Striker. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
my $port = $parameter->{port} ? $parameter->{port} : 22;
* Updated Storage->backup to append a short UUID to the timestamp to prevent issues if the same file is backed up twice in the same clock second. Also fixed a bug with remote_user parameter not having a default. * Finished the detection of and handling of initialization of a host when the host has no Internet access. * Disabled (for now) anvil-daemon's check_ssh_keys function. * Fixed a couple small bugs elsewhere. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
my $target = defined $parameter->{target} ? $parameter->{target} : "";
* Finished converting Remote->call() to use Net::OpenSSH. Also updated all calls to this method to expect the output as a single (sometimes multi-line) string instead of an array reference. Also updated all calles to expect 'output' first, 'error' second. * Added a 'timeout' parameter to Remote->call() to limit the time that a command on a remote host can run, with a default of '10' (seconds). Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
my $remote_user = defined $parameter->{remote_user} ? $parameter->{remote_user} : "root";
my $ssh_fh_key = $remote_user."\@".$target.":".$port;
* Decided to move development to Fedora 28 to prepare for the leap to RHEL 8. So this commit is the first where the Anvil! Striker can be installed. * Updated Get->users_home() to default to return the hore directory for the user running the program. * Updated Remote->call() to start working on handling timeouts. * Updated Storage->change_owner(), ->make_directory() and ->write_file() to default the the user and group running the program. * Fixed a bug in home reporting the MAC address of NICs when confirming configuration of Striker. Also changed showing the domain to the hostname. * Got more work done on sync peers. * Updated the RPM spec file to install on Fedora 28. Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => {
* Finished converting Remote->call() to use Net::OpenSSH. Also updated all calls to this method to expect the output as a single (sometimes multi-line) string instead of an array reference. Also updated all calles to expect 'output' first, 'error' second. * Added a 'timeout' parameter to Remote->call() to limit the time that a command on a remote host can run, with a default of '10' (seconds). Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
's1:remote_user' => $remote_user,
's2:target' => $target,
's3:port' => $port,
's4:ssh_fh_key' => $ssh_fh_key,
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
}});
# This will store the SSH file handle for the given target after the initial connection.
* Finished Convert->time (needs testing). * Started reworking Remote->call to use Net::OpenSSH instead of Net::SSH2. Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
$anvil->data->{cache}{ssh_fh}{$ssh_fh_key} = defined $anvil->data->{cache}{ssh_fh}{$ssh_fh_key} ? $anvil->data->{cache}{ssh_fh}{$ssh_fh_key} : "";
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => { "cache::ssh_fh::${ssh_fh_key}" => $anvil->data->{cache}{ssh_fh}{$ssh_fh_key} }});
# Now pick up the rest of the variables.
* Got 'migrate_to' working in ocf:alteeve:server. 'migrate_from' still needs work. * Created DRBD->allow_two_primaries() and ->reload_defaults() that enables (and resets/disables) dual-primary operation (allow-two-primaries=yes), used to enable live migration. * Created Remote->test_access() that simply verifies that a remote target can be accessed (as a given user). * Created Server->migrate() that actually migrates a server. It can push already, and pull will be added next. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
my $close = defined $parameter->{'close'} ? $parameter->{'close'} : 0;
my $no_cache = defined $parameter->{no_cache} ? $parameter->{no_cache} : 0;
my $password = defined $parameter->{password} ? $parameter->{password} : $anvil->data->{sys}{root_password};
my $secure = defined $parameter->{secure} ? $parameter->{secure} : 0;
my $shell_call = defined $parameter->{shell_call} ? $parameter->{shell_call} : "";
my $timeout = defined $parameter->{timeout} ? $parameter->{timeout} : 10;
* Finished Convert->time (needs testing). * Started reworking Remote->call to use Net::OpenSSH instead of Net::SSH2. Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
my $start_time = time;
my $ssh_fh = $anvil->data->{cache}{ssh_fh}{$ssh_fh_key};
# NOTE: The shell call might contain sensitive data, so we show '--' if 'secure' is set and $anvil->Log->secure is not.
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => {
* Finished converting Remote->call() to use Net::OpenSSH. Also updated all calls to this method to expect the output as a single (sometimes multi-line) string instead of an array reference. Also updated all calles to expect 'output' first, 'error' second. * Added a 'timeout' parameter to Remote->call() to limit the time that a command on a remote host can run, with a default of '10' (seconds). Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
'close' => $close,
* Created Log->is_secure() to more cleanly handle conditional logging of strings with passwords or passwords directly. Updated log entries that could benefit from this method to use it. * Cleaned up the striker->add_sync_peer() function to more clearly differentiate the ssh port from the pgsql port. * Improved the HTML form to not have the browser treat host login fields as credentials to autofill or save. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
password => $anvil->Log->is_secure($password),
* Finished converting Remote->call() to use Net::OpenSSH. Also updated all calls to this method to expect the output as a single (sometimes multi-line) string instead of an array reference. Also updated all calles to expect 'output' first, 'error' second. * Added a 'timeout' parameter to Remote->call() to limit the time that a command on a remote host can run, with a default of '10' (seconds). Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
secure => $secure,
* Created Log->is_secure() to more cleanly handle conditional logging of strings with passwords or passwords directly. Updated log entries that could benefit from this method to use it. * Cleaned up the striker->add_sync_peer() function to more clearly differentiate the ssh port from the pgsql port. * Improved the HTML form to not have the browser treat host login fields as credentials to autofill or save. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
shell_call => (not $secure) ? $shell_call : $anvil->Log->is_secure($shell_call),
* Finished converting Remote->call() to use Net::OpenSSH. Also updated all calls to this method to expect the output as a single (sometimes multi-line) string instead of an array reference. Also updated all calles to expect 'output' first, 'error' second. * Added a 'timeout' parameter to Remote->call() to limit the time that a command on a remote host can run, with a default of '10' (seconds). Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
ssh_fh => $ssh_fh,
start_time => $start_time,
port => $port,
target => $target,
* Fixed a bug where $anvil->nice_exit() was being passed 'exit' instead of 'exit_code' as a parameter. * Update striker manifest run to add an entry into the 'anvils' table, and pass the anvil_uuid to the jobs rather than the various host_uuid's. * Fixed a bug in the 'anvils' SQL procedure that copied data into the history schema (a few columns were missing). * Updated anvil-configure-host to reboot when finished to be certain network changes have taken effect. Also updated the handling of virsh bridges to delete the autostart symlinks if libvirtd daemon isn't running. * Added some logic to anvil-daemon to call 'anvil-update-states' with the -v{1,3} flag depending on the active debug level. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
ssh_fh_key => $ssh_fh_key,
* Finished Convert->time (needs testing). * Started reworking Remote->call to use Net::OpenSSH instead of Net::SSH2. Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
}});
* Switched all hash 'local' keys to be the host's short user name. Untested, likely bugs to be fixed in the next commit. Signed-off-by: Madison Kelly <mkelly@alteeve.ca>
4 years ago
# In case 'target' is our short host name, change it to ''.
* Moved the '_host_name', '_short_host_name', and '_domain_name' private methods in Tools.pm over to Get.pm (removing the leading '_' in the method names). * Created 'Cluster->which_node' that returns 'node1' or 'node2' to indicate which node a host is. * Continued working on scan_cluster; decided to make it not host-dependent. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
if ($target eq $anvil->Get->short_host_name())
* Removed Network->is_remote, standardized on Network->is_local, and flipped calls to it to be more sensible (is_local -> local call -> else remote call). Also fixed a deep recursion issue with ->is_local where, given that it logs (which calls Storage methods which have local/remote invocations), would loop. * Fixed a bug where '$target' being preset to 'local' was causing bad calls to 'Remote->call'. * Updated Storage->change_mode and -> change_owner to work locally and on remote hosts. * Barely started work on striker->process_anvil_menu(). Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
{
$target = "";
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => { target => $target }});
}
* Finished Convert->time (needs testing). * Started reworking Remote->call to use Net::OpenSSH instead of Net::SSH2. Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
if (not $shell_call)
{
# No shell call
$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => 0, priority => "err", key => "log_0020", variables => { method => "Remote->call()", parameter => "shell_call" }});
* Updated Log->entry() to prefix log lines with the short 'job-uuid', when the log entry is coming from a program running as a job. This is meant to make it easier to break up what log lines belong to what jobs, if multiple jobs are running at the same time (ie: when initializing multiple nodes / dr hosts in parallel). * Updated Remote->call() to return ('!!error!!', '!!error!!', 9999) when an error hits. Made Remote->test_access() explicitely check for '1' to be returned in order to confirm access, fixing a bug where bad target value caused false positives. Updated ->_check_known_hosts_for_target() to no longer explicitely check for 'ssh-rsa' so that machine keys using different cyphers are detected as being in known_hosts properly. * Updated striker-auto-initialize-all to initialize nodes and DR hosts networks before trying to form them into an Anvil!. Fixed several other bugs as well. More testing is needed, but it works now. * Updated striker-initialize-host to check for the alteeve repo and, it not found, check for accress to alteeve.com. If access, it will install our repo now. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
return("!!error!!", "!!error!!", 9999);
* Finished Convert->time (needs testing). * Started reworking Remote->call to use Net::OpenSSH instead of Net::SSH2. Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
}
if (not $target)
{
* Fixed a bug introduced in the last commit that made Get->os_type() fail when called locally. * Made the error reported by Remote->call() more verbose when called without 'target' being set. * Updated anvil-daemon to not call jobs more that once per minute. * Started work on striker-auto-initialize-all, still very far from complete. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
# No target, this should not happen...
$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => 0, priority => "err", key => "error_0239", variables => {
remote_user => $remote_user,
port => $port,
'close' => $close,
secure => $secure,
shell_call => (not $secure) ? $shell_call : $anvil->Log->is_secure($shell_call),
}});
* Updated Log->entry() to prefix log lines with the short 'job-uuid', when the log entry is coming from a program running as a job. This is meant to make it easier to break up what log lines belong to what jobs, if multiple jobs are running at the same time (ie: when initializing multiple nodes / dr hosts in parallel). * Updated Remote->call() to return ('!!error!!', '!!error!!', 9999) when an error hits. Made Remote->test_access() explicitely check for '1' to be returned in order to confirm access, fixing a bug where bad target value caused false positives. Updated ->_check_known_hosts_for_target() to no longer explicitely check for 'ssh-rsa' so that machine keys using different cyphers are detected as being in known_hosts properly. * Updated striker-auto-initialize-all to initialize nodes and DR hosts networks before trying to form them into an Anvil!. Fixed several other bugs as well. More testing is needed, but it works now. * Updated striker-initialize-host to check for the alteeve repo and, it not found, check for accress to alteeve.com. If access, it will install our repo now. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
return("!!error!!", "!!error!!", 9999);
* Finished Convert->time (needs testing). * Started reworking Remote->call to use Net::OpenSSH instead of Net::SSH2. Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
}
if (not $remote_user)
{
$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => 0, priority => "err", key => "log_0020", variables => { method => "Remote->call()", parameter => "remote_user" }});
* Updated Log->entry() to prefix log lines with the short 'job-uuid', when the log entry is coming from a program running as a job. This is meant to make it easier to break up what log lines belong to what jobs, if multiple jobs are running at the same time (ie: when initializing multiple nodes / dr hosts in parallel). * Updated Remote->call() to return ('!!error!!', '!!error!!', 9999) when an error hits. Made Remote->test_access() explicitely check for '1' to be returned in order to confirm access, fixing a bug where bad target value caused false positives. Updated ->_check_known_hosts_for_target() to no longer explicitely check for 'ssh-rsa' so that machine keys using different cyphers are detected as being in known_hosts properly. * Updated striker-auto-initialize-all to initialize nodes and DR hosts networks before trying to form them into an Anvil!. Fixed several other bugs as well. More testing is needed, but it works now. * Updated striker-initialize-host to check for the alteeve repo and, it not found, check for accress to alteeve.com. If access, it will install our repo now. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
return("!!error!!", "!!error!!", 9999);
* Finished Convert->time (needs testing). * Started reworking Remote->call to use Net::OpenSSH instead of Net::SSH2. Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
}
* Finished converting Remote->call() to use Net::OpenSSH. Also updated all calls to this method to expect the output as a single (sometimes multi-line) string instead of an array reference. Also updated all calles to expect 'output' first, 'error' second. * Added a 'timeout' parameter to Remote->call() to limit the time that a command on a remote host can run, with a default of '10' (seconds). Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
if (($timeout) && ($timeout =~ /\D/))
{
# Bad value, should only be digits. Warn and reset to default.
$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => 0, priority => "alert", key => "log_0295", variables => { timeout => $timeout }});
$timeout = 10;
}
* Finished Convert->time (needs testing). * Started reworking Remote->call to use Net::OpenSSH instead of Net::SSH2. Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
# If the user didn't pass a port, but there is an entry in 'hosts::<host>::port', use it.
if ((not $parameter->{port}) && ($anvil->data->{hosts}{$target}{port}))
{
$port = $anvil->data->{hosts}{$target}{port};
}
# Break out the port, if needed.
if ($target =~ /^(.*):(\d+)$/)
{
$target = $1;
$port = $2;
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => {
port => $port,
target => $target,
}});
# If the user passed a port, override this.
if ($parameter->{port} =~ /^\d+$/)
{
$port = $parameter->{port};
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => { port => $port }});
}
}
else
{
# In case the user is using ports in /etc/ssh/ssh_config, we'll want to check for an entry.
* Fixed a bug where Tools.pm->_anvil_version() and Get->host_uuid() were storing values in the wrong $anvil hash. * Fixed a bug where Get->host_uuid() wasn't reading from the host.uuid file. * Updated Remote->call() to record a target's fingerprint when needed. * The ocf:alteeve:server resource agent now properly stopps a server and the corresponding DRBD resource. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
$anvil->System->read_ssh_config({deubg => $debug});
* Finished Convert->time (needs testing). * Started reworking Remote->call to use Net::OpenSSH instead of Net::SSH2. Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
* Finished getting tools/striker-auto-initialize-all to merge the built Strikers. * Fixed a bug in Remote->call() where the output of the call not ending in a newline wasn't having the return code parsed off properly. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
$anvil->data->{hosts}{$target}{port} = 22 if not defined $anvil->data->{hosts}{$target}{port};
* Finished Convert->time (needs testing). * Started reworking Remote->call to use Net::OpenSSH instead of Net::SSH2. Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => { "hosts::${target}::port" => $anvil->data->{hosts}{$target}{port} }});
if ($anvil->data->{hosts}{$target}{port} =~ /^\d+$/)
{
$port = $anvil->data->{hosts}{$target}{port};
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => { port => $port }});
}
}
# Make sure the port is valid.
if ($port eq "")
{
$port = 22;
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => { port => $port }});
}
elsif ($port !~ /^\d+$/)
{
$port = getservbyname($port, 'tcp');
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => { port => $port }});
}
if ((not defined $port) or (($port !~ /^\d+$/) or ($port < 0) or ($port > 65536)))
{
$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => 0, priority => "err", key => "log_0058", variables => { port => $port }});
* Updated Log->entry() to prefix log lines with the short 'job-uuid', when the log entry is coming from a program running as a job. This is meant to make it easier to break up what log lines belong to what jobs, if multiple jobs are running at the same time (ie: when initializing multiple nodes / dr hosts in parallel). * Updated Remote->call() to return ('!!error!!', '!!error!!', 9999) when an error hits. Made Remote->test_access() explicitely check for '1' to be returned in order to confirm access, fixing a bug where bad target value caused false positives. Updated ->_check_known_hosts_for_target() to no longer explicitely check for 'ssh-rsa' so that machine keys using different cyphers are detected as being in known_hosts properly. * Updated striker-auto-initialize-all to initialize nodes and DR hosts networks before trying to form them into an Anvil!. Fixed several other bugs as well. More testing is needed, but it works now. * Updated striker-initialize-host to check for the alteeve repo and, it not found, check for accress to alteeve.com. If access, it will install our repo now. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
return("!!error!!", "!!error!!", 9999);
* Finished Convert->time (needs testing). * Started reworking Remote->call to use Net::OpenSSH instead of Net::SSH2. Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
}
# If the target is a host name, convert it to an IP.
* Renamed all Validate->is_X to Validate->X. Also created Validate->ipv6() to validate IPv6 addresses using Data::Validate::IP (and added it as a requirement to the .spec base RPM). * Added the fix from the last commit for System->call to handle returned data without an ending newline to Remote->call. * Got more work done on System->update_hosts(). It's able to add new hosts, but misses the short and FQDN host names. Need to fix that and the verify existing / manual entries aren't molested. Signed-off-by: digimer <digimer@pulsar.alteeve.com>
4 years ago
if (not $anvil->Validate->ipv4({ip => $target}))
* Finished Convert->time (needs testing). * Started reworking Remote->call to use Net::OpenSSH instead of Net::SSH2. Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
{
* Fixed tools/striker-initialize-host so that it set the hostname on the target, not locally. * Updated System->host_name to work locally and on remote targets. * Renamed all 'hostname' instances to 'host_name' to standardize on a spelling throughout the program. * Removed use of and dependency on 'hostname'. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
my $new_target = $anvil->Convert->host_name_to_ip({host_name => $target});
* Finished Convert->time (needs testing). * Started reworking Remote->call to use Net::OpenSSH instead of Net::SSH2. Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => { new_target => $new_target }});
if ($new_target)
{
$target = $new_target;
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => { target => $target }});
}
}
# If the user set 'no_cache', don't use any existing 'ssh_fh'.
if (($no_cache) && ($ssh_fh))
{
# Close the connection.
$ssh_fh->disconnect();
$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => $debug, key => "message_0010", variables => { target => $target }});
# For good measure, blank both variables.
$anvil->data->{cache}{ssh_fh}{$ssh_fh_key} = "";
$ssh_fh = "";
}
# This will store the output
* Added automatic 'echo return_code:$?' to System->call and Remote->call which is parsed out and returned automatically on all calls. * Started porting ocf:alteeve:server to use the Anvil::Tools module and updating it for RHEL 8. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
my $output = "";
my $state = "";
my $error = "";
* Finished Convert->time (needs testing). * Started reworking Remote->call to use Net::OpenSSH instead of Net::SSH2. Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
my $connect_output = "";
* Added automatic 'echo return_code:$?' to System->call and Remote->call which is parsed out and returned automatically on all calls. * Started porting ocf:alteeve:server to use the Anvil::Tools module and updating it for RHEL 8. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
my $return_code = 9999;
* Finished Convert->time (needs testing). * Started reworking Remote->call to use Net::OpenSSH instead of Net::SSH2. Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
# If I don't already have an active SSH file handle, connect now.
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => { ssh_fh => $ssh_fh }});
* Finished converting Remote->call() to use Net::OpenSSH. Also updated all calls to this method to expect the output as a single (sometimes multi-line) string instead of an array reference. Also updated all calles to expect 'output' first, 'error' second. * Added a 'timeout' parameter to Remote->call() to limit the time that a command on a remote host can run, with a default of '10' (seconds). Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
if ($ssh_fh =~ /^Net::OpenSSH/)
{
# We have an open connection, reusing it.
$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => $debug, key => "log_0296", variables => { connection => $ssh_fh_key }});
}
else
* Finished Convert->time (needs testing). * Started reworking Remote->call to use Net::OpenSSH instead of Net::SSH2. Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
{
* Finished converting Remote->call() to use Net::OpenSSH. Also updated all calls to this method to expect the output as a single (sometimes multi-line) string instead of an array reference. Also updated all calles to expect 'output' first, 'error' second. * Added a 'timeout' parameter to Remote->call() to limit the time that a command on a remote host can run, with a default of '10' (seconds). Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
# We're going to try up to 3 times, as sometimes there are transient issues that cause
# connection errors.
my $connected = 0;
my $message_key = "message_0005";
my $last_loop = 2;
* Updated kickstart to write the basic tools/anvil-update-issue to a freshly installed machine and run it from cron. * Updated Remote->call() to detect when a connection fails because the target's known_hosts entry has changed. Still need to add the function to report this to the user. * Fixed a bug where new-lines in Words->parse_banged_string() where a double-banged word string's variable value would cause an infinite loop. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
my $bad_file = "";
my $bad_line = "";
* Finished converting Remote->call() to use Net::OpenSSH. Also updated all calls to this method to expect the output as a single (sometimes multi-line) string instead of an array reference. Also updated all calles to expect 'output' first, 'error' second. * Added a 'timeout' parameter to Remote->call() to limit the time that a command on a remote host can run, with a default of '10' (seconds). Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
foreach (my $i = 0; $i <= $last_loop; $i++)
* Finished Convert->time (needs testing). * Started reworking Remote->call to use Net::OpenSSH instead of Net::SSH2. Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
{
* Finished converting Remote->call() to use Net::OpenSSH. Also updated all calls to this method to expect the output as a single (sometimes multi-line) string instead of an array reference. Also updated all calles to expect 'output' first, 'error' second. * Added a 'timeout' parameter to Remote->call() to limit the time that a command on a remote host can run, with a default of '10' (seconds). Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
last if $connected;
* Finished Convert->time (needs testing). * Started reworking Remote->call to use Net::OpenSSH instead of Net::SSH2. Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
($connect_output) = capture_merged {
$ssh_fh = Net::OpenSSH->new($target,
user => $remote_user,
port => $port,
batch_mode => 1,
);
};
* Updated kickstart to write the basic tools/anvil-update-issue to a freshly installed machine and run it from cron. * Updated Remote->call() to detect when a connection fails because the target's known_hosts entry has changed. Still need to add the function to report this to the user. * Fixed a bug where new-lines in Words->parse_banged_string() where a double-banged word string's variable value would cause an infinite loop. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
$connect_output =~ s/\r//gs;
* Finished Convert->time (needs testing). * Started reworking Remote->call to use Net::OpenSSH instead of Net::SSH2. Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
$connect_output =~ s/\n$//;
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => {
* Finished converting Remote->call() to use Net::OpenSSH. Also updated all calls to this method to expect the output as a single (sometimes multi-line) string instead of an array reference. Also updated all calles to expect 'output' first, 'error' second. * Added a 'timeout' parameter to Remote->call() to limit the time that a command on a remote host can run, with a default of '10' (seconds). Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
's1:i' => $i,
's2:target' => $target,
's3:port' => $port,
's4:ssh_fh' => $ssh_fh,
's5:ssh_fh->error' => $ssh_fh->error,
's6:connect_output' => $connect_output,
* Finished Convert->time (needs testing). * Started reworking Remote->call to use Net::OpenSSH instead of Net::SSH2. Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
}});
* Finished converting Remote->call() to use Net::OpenSSH. Also updated all calls to this method to expect the output as a single (sometimes multi-line) string instead of an array reference. Also updated all calles to expect 'output' first, 'error' second. * Added a 'timeout' parameter to Remote->call() to limit the time that a command on a remote host can run, with a default of '10' (seconds). Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
# Any fatal issues reaching the target?
if ($connect_output =~ /Could not resolve hostname/i)
{
$i = $last_loop;
$message_key = "message_0001";
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => { i => $i, message_key => $message_key }});
}
elsif ($connect_output =~ /No route to host/i)
{
$i = $last_loop;
$message_key = "message_0003";
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => { i => $i, message_key => $message_key }});
}
* Updated kickstart to write the basic tools/anvil-update-issue to a freshly installed machine and run it from cron. * Updated Remote->call() to detect when a connection fails because the target's known_hosts entry has changed. Still need to add the function to report this to the user. * Fixed a bug where new-lines in Words->parse_banged_string() where a double-banged word string's variable value would cause an infinite loop. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
elsif ($connect_output =~ /IDENTIFICATION HAS CHANGED/i)
{
# Host's ID has changed, rebuilt? Find the line and file to tell the user.
* Created tools/anvil-manage-keys to handle user requests to remove bad keys from known_hosts files for target machines that have been rebuilt or replaced. * Added a check to Remote->call() where, when a connect attempt fails because of a changed/bad key, it is reported as such to the user/logs and an entry is recorded in the state file. * Started adding a Striker menu function showing users a list of bad keys in known_hosts files and the ability to remove old keys. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
my $user = getpwuid($<);
* Updated kickstart to write the basic tools/anvil-update-issue to a freshly installed machine and run it from cron. * Updated Remote->call() to detect when a connection fails because the target's known_hosts entry has changed. Still need to add the function to report this to the user. * Fixed a bug where new-lines in Words->parse_banged_string() where a double-banged word string's variable value would cause an infinite loop. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
foreach my $line (split/\n/, $connect_output)
{
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => { line => $line }});
if ($line =~ /Offending .*? key in (\/.*?known_hosts):(\d+)$/)
{
* Updated how bad keys are removed. No longer are speciifc lines removed by number, but now all entries for the given target in the known_hosts file is removed. * Updated the pxe.txt file to now write a caller for anvil-update-issue in /etc/NetworkManager/dispatcher.d/ifup-local to have the /etc/issue file is updated as soon as the network is brought up, before the GDM login prompt is shown. * Fixed a couple bugs in tools/anvil-manage-keys, including to ensure that the permissions are retained when a file is updated. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
# NOTE: We don't use the line now, but we're recording it
# anyway in case it happens to be useful in the future.
* Updated kickstart to write the basic tools/anvil-update-issue to a freshly installed machine and run it from cron. * Updated Remote->call() to detect when a connection fails because the target's known_hosts entry has changed. Still need to add the function to report this to the user. * Fixed a bug where new-lines in Words->parse_banged_string() where a double-banged word string's variable value would cause an infinite loop. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
$bad_file = $1;
$bad_line = $2;
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => {
bad_file => $bad_file,
bad_line => $bad_line,
}});
}
}
$message_key = "message_0149";
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => { i => $i, message_key => $message_key }});
* Created tools/anvil-manage-keys to handle user requests to remove bad keys from known_hosts files for target machines that have been rebuilt or replaced. * Added a check to Remote->call() where, when a connect attempt fails because of a changed/bad key, it is reported as such to the user/logs and an entry is recorded in the state file. * Started adding a Striker menu function showing users a list of bad keys in known_hosts files and the ability to remove old keys. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
# If I have a database connection, record this bad entry in 'states'.
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => { 'sys::database::connections' => $anvil->data->{sys}{database}{connections} }});
if (not $anvil->data->{sys}{database}{connections})
{
# Try to connect
$anvil->Database->connect();
$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => 3, secure => 0, key => "log_0132"});
}
if ($anvil->data->{sys}{database}{connections})
{
my ($state_uuid) = $anvil->Database->insert_or_update_states({
debug => 2,
* Created Network->check_internet() that, well, checks to see if a machine has access to the Internet or not. * Moved System->is_local to Network->is_local, and System->ping to Network->ping. * Added a check to tools/striker-get-peer-data that will report if the target has Internet access or not. * Cleaned up the form that prompts the user to enter their Red Hat credentials. * Updated tools/anvil-manage-keys (and related code) to no longer distinguish by user. If a target is flagged as changed, it is removed from the root and all user's known_hosts files. * Updated Storage->write_file() and ->update_file() to accept the 'backup' parameter to control if an file that exists is backed up before being updated/replaced. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
state_name => "host_key_changed::".$target,
* Created tools/anvil-manage-keys to handle user requests to remove bad keys from known_hosts files for target machines that have been rebuilt or replaced. * Added a check to Remote->call() where, when a connect attempt fails because of a changed/bad key, it is reported as such to the user/logs and an entry is recorded in the state file. * Started adding a Striker menu function showing users a list of bad keys in known_hosts files and the ability to remove old keys. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
state_note => "file=".$bad_file.",line=".$bad_line,
});
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => { state_uuid => $state_uuid }});
}
* Updated kickstart to write the basic tools/anvil-update-issue to a freshly installed machine and run it from cron. * Updated Remote->call() to detect when a connection fails because the target's known_hosts entry has changed. Still need to add the function to report this to the user. * Fixed a bug where new-lines in Words->parse_banged_string() where a double-banged word string's variable value would cause an infinite loop. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
}
* Fixed a bug where Tools.pm->_anvil_version() and Get->host_uuid() were storing values in the wrong $anvil hash. * Fixed a bug where Get->host_uuid() wasn't reading from the host.uuid file. * Updated Remote->call() to record a target's fingerprint when needed. * The ocf:alteeve:server resource agent now properly stopps a server and the corresponding DRBD resource. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
elsif ($connect_output =~ /Host key verification failed/i)
{
# Need to accept the fingerprint
$message_key = "message_0135";
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => { i => $i, message_key => $message_key }});
# Make sure we know the fingerprint of the remote machine
* Got 'migrate_to' working in ocf:alteeve:server. 'migrate_from' still needs work. * Created DRBD->allow_two_primaries() and ->reload_defaults() that enables (and resets/disables) dual-primary operation (allow-two-primaries=yes), used to enable live migration. * Created Remote->test_access() that simply verifies that a remote target can be accessed (as a given user). * Created Server->migrate() that actually migrates a server. It can push already, and pull will be added next. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => $debug, secure => 0, key => "log_0158", variables => { target => $target, user => getpwuid($<) }});
* Fixed a bug where Tools.pm->_anvil_version() and Get->host_uuid() were storing values in the wrong $anvil hash. * Fixed a bug where Get->host_uuid() wasn't reading from the host.uuid file. * Updated Remote->call() to record a target's fingerprint when needed. * The ocf:alteeve:server resource agent now properly stopps a server and the corresponding DRBD resource. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
$anvil->Remote->add_target_to_known_hosts({
debug => $debug,
target => $target,
* Got 'migrate_to' working in ocf:alteeve:server. 'migrate_from' still needs work. * Created DRBD->allow_two_primaries() and ->reload_defaults() that enables (and resets/disables) dual-primary operation (allow-two-primaries=yes), used to enable live migration. * Created Remote->test_access() that simply verifies that a remote target can be accessed (as a given user). * Created Server->migrate() that actually migrates a server. It can push already, and pull will be added next. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
user => getpwuid($<),
* Fixed a bug where Tools.pm->_anvil_version() and Get->host_uuid() were storing values in the wrong $anvil hash. * Fixed a bug where Get->host_uuid() wasn't reading from the host.uuid file. * Updated Remote->call() to record a target's fingerprint when needed. * The ocf:alteeve:server resource agent now properly stopps a server and the corresponding DRBD resource. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
});
}
* Finished converting Remote->call() to use Net::OpenSSH. Also updated all calls to this method to expect the output as a single (sometimes multi-line) string instead of an array reference. Also updated all calles to expect 'output' first, 'error' second. * Added a 'timeout' parameter to Remote->call() to limit the time that a command on a remote host can run, with a default of '10' (seconds). Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
elsif ($connect_output =~ /Connection refused/i)
{
$i = $last_loop;
$message_key = "message_0002";
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => { i => $i, message_key => $message_key }});
} # If I didn't connect, try again if I have a password.
elsif (($ssh_fh->error) && ($password) && ($connect_output =~ /Permission denied/i))
* Finished Convert->time (needs testing). * Started reworking Remote->call to use Net::OpenSSH instead of Net::SSH2. Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
{
# Try again.
#print "Connection without a password failed, trying again with the password.\n";
$connect_output = "";
($connect_output) = capture_merged {
$ssh_fh = Net::OpenSSH->new($target,
user => $remote_user,
port => $port,
passwd => $password,
batch_mode => 1,
);
};
$connect_output =~ s/\n$//;
$connect_output =~ s/\r$//;
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => {
* Finished converting Remote->call() to use Net::OpenSSH. Also updated all calls to this method to expect the output as a single (sometimes multi-line) string instead of an array reference. Also updated all calles to expect 'output' first, 'error' second. * Added a 'timeout' parameter to Remote->call() to limit the time that a command on a remote host can run, with a default of '10' (seconds). Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
's1:i' => $i,
's2:target' => $target,
's3:port' => $port,
's4:ssh_fh' => $ssh_fh,
's5:ssh_fh->error' => $ssh_fh->error,
's6:connect_output' => $connect_output,
* Finished Convert->time (needs testing). * Started reworking Remote->call to use Net::OpenSSH instead of Net::SSH2. Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
}});
* Finished converting Remote->call() to use Net::OpenSSH. Also updated all calls to this method to expect the output as a single (sometimes multi-line) string instead of an array reference. Also updated all calles to expect 'output' first, 'error' second. * Added a 'timeout' parameter to Remote->call() to limit the time that a command on a remote host can run, with a default of '10' (seconds). Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
# If the password is bad, exit the loop.
if ($ssh_fh->error =~ /bad password/i)
{
$i = $last_loop;
$message_key = "message_0006";
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => {
i => $i,
message_key => $message_key,
}});
}
* Finished Convert->time (needs testing). * Started reworking Remote->call to use Net::OpenSSH instead of Net::SSH2. Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
}
if (not $ssh_fh->error)
{
# Connected!
$connected = 1;
* Finished converting Remote->call() to use Net::OpenSSH. Also updated all calls to this method to expect the output as a single (sometimes multi-line) string instead of an array reference. Also updated all calles to expect 'output' first, 'error' second. * Added a 'timeout' parameter to Remote->call() to limit the time that a command on a remote host can run, with a default of '10' (seconds). Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
$anvil->data->{cache}{ssh_fh}{$ssh_fh_key} = $ssh_fh;
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => {
"s1:connected" => $connected,
"s2:cache::ssh_fh::${ssh_fh_key}" => $anvil->data->{cache}{ssh_fh}{$ssh_fh_key},
}});
* Finished Convert->time (needs testing). * Started reworking Remote->call to use Net::OpenSSH instead of Net::SSH2. Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
last;
}
* Finished converting Remote->call() to use Net::OpenSSH. Also updated all calls to this method to expect the output as a single (sometimes multi-line) string instead of an array reference. Also updated all calles to expect 'output' first, 'error' second. * Added a 'timeout' parameter to Remote->call() to limit the time that a command on a remote host can run, with a default of '10' (seconds). Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
elsif ($i < $last_loop)
* Finished Convert->time (needs testing). * Started reworking Remote->call to use Net::OpenSSH instead of Net::SSH2. Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
{
# Sleep and then try again.
$connect_output = "";
sleep 1;
}
}
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => {
's1:connected' => $connected,
's2:ssh_fh->error' => $ssh_fh->error,
}});
* Finished converting Remote->call() to use Net::OpenSSH. Also updated all calls to this method to expect the output as a single (sometimes multi-line) string instead of an array reference. Also updated all calles to expect 'output' first, 'error' second. * Added a 'timeout' parameter to Remote->call() to limit the time that a command on a remote host can run, with a default of '10' (seconds). Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
my $variables = {
* Created Cluster->add_server() which, well, adds a server to a pacemaker cluster, including sorting out location constraints to favour the node the server is running on, if it's running. * Removed the exit-if-no-DB check in ocf:alteeve:server so that (hopefully, needs testing), running servers won't be impacted if the nodes lost contact with both/all strikers. * Updated scan-server to make an explicit check for missing XML definition files on startup and write them if needed. * Very beginning work on anvil-delete-server has been started. * Updated anvil-provision-server to wait when it's running in peer mode until the new XML definition is in the DB and then write it out to disk before exiting. Also updated it to add the new server to pacemaker before exiting. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
remote_user => $remote_user,
target => $target.":".$port,
user => getpwuid($<),
error => $ssh_fh->error,
connection => $ssh_fh_key,
file => $bad_file,
line => $bad_line,
* Finished converting Remote->call() to use Net::OpenSSH. Also updated all calls to this method to expect the output as a single (sometimes multi-line) string instead of an array reference. Also updated all calles to expect 'output' first, 'error' second. * Added a 'timeout' parameter to Remote->call() to limit the time that a command on a remote host can run, with a default of '10' (seconds). Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
};
if (not $connected)
* Finished Convert->time (needs testing). * Started reworking Remote->call to use Net::OpenSSH instead of Net::SSH2. Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
{
$error = $anvil->Words->string({key => $message_key, variables => $variables});
$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => 1, priority => "alert", key => $message_key, variables => $variables});
}
}
* Finished converting Remote->call() to use Net::OpenSSH. Also updated all calls to this method to expect the output as a single (sometimes multi-line) string instead of an array reference. Also updated all calles to expect 'output' first, 'error' second. * Added a 'timeout' parameter to Remote->call() to limit the time that a command on a remote host can run, with a default of '10' (seconds). Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
# If I have a valid handle, try to call our command now. Note that if we're using a cached connection
# that has died, we might fail.
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, secure => $secure, list => { ssh_fh => $ssh_fh }});
if ($ssh_fh =~ /^Net::OpenSSH/)
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
{
* Made a fair bit more progress on tools/striker-manage-install-target. It now registers a system with Red Hat and attaches appropriate subscriptions, updates the OS and (tries) to install anvil-{node,dr}. * Fixed a bug in Remote->call where a shell call that ended in a newline would work, but throw an error and not get the return code. * Created Database->get_job_details() which takes a job_uuid and returns the job details, if found. * Fixed a bug in Jobs->update_progress() where 'clear' wasn't removing the old job_progress data. * Added the parameters 'no_files' to skip stat'ing/recording non-directories, and 'search_for' which will set the parent directory in 'scan::searched' and stop scanning if found. This allows this method to act as a directory tree scanner and as a search engine. * Created Striker->get_local_repo() that builds a repo file body suitable for adding to peers, nodes and DR hosts. * Fixed bugs in the Striker WebUI related to initializing a target node / DR host. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
# The shell_call can't end is a newline. Conveniently, we want the return code. By adding
# this, we ensure it doesn't end in a new-line (and we can't blindly strip off the last
# new-line because of 'EOF' type cat's).
$shell_call .= "\n".$anvil->data->{path}{exe}{echo}." return_code:\$?";
* Finished converting Remote->call() to use Net::OpenSSH. Also updated all calls to this method to expect the output as a single (sometimes multi-line) string instead of an array reference. Also updated all calles to expect 'output' first, 'error' second. * Added a 'timeout' parameter to Remote->call() to limit the time that a command on a remote host can run, with a default of '10' (seconds). Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
# Make sure the output variables are clean and then make the call.
$output = "";
$error = "";
if ($timeout)
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
{
* Finished converting Remote->call() to use Net::OpenSSH. Also updated all calls to this method to expect the output as a single (sometimes multi-line) string instead of an array reference. Also updated all calles to expect 'output' first, 'error' second. * Added a 'timeout' parameter to Remote->call() to limit the time that a command on a remote host can run, with a default of '10' (seconds). Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
# Call with a timeout
* Made a fair bit more progress on tools/striker-manage-install-target. It now registers a system with Red Hat and attaches appropriate subscriptions, updates the OS and (tries) to install anvil-{node,dr}. * Fixed a bug in Remote->call where a shell call that ended in a newline would work, but throw an error and not get the return code. * Created Database->get_job_details() which takes a job_uuid and returns the job details, if found. * Fixed a bug in Jobs->update_progress() where 'clear' wasn't removing the old job_progress data. * Added the parameters 'no_files' to skip stat'ing/recording non-directories, and 'search_for' which will set the parent directory in 'scan::searched' and stop scanning if found. This allows this method to act as a directory tree scanner and as a search engine. * Created Striker->get_local_repo() that builds a repo file body suitable for adding to peers, nodes and DR hosts. * Fixed bugs in the Striker WebUI related to initializing a target node / DR host. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
($output, $error) = $ssh_fh->capture2({timeout => $timeout}, $shell_call);
* Created tools/striker-get-peer-data that will query a target's host UUID and host name. It's meant to be called by apache, avoiding apache itself needing to call ssh against a target machine. * Fixed a bug in Storage->read_file() where a remote read, where the remote user wasn't specified, would cause the call to hange. * Cleaned up striker->add_sync_peer() to use more clear variable names. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
$output = "" if not defined $output;
* Finished converting Remote->call() to use Net::OpenSSH. Also updated all calls to this method to expect the output as a single (sometimes multi-line) string instead of an array reference. Also updated all calles to expect 'output' first, 'error' second. * Added a 'timeout' parameter to Remote->call() to limit the time that a command on a remote host can run, with a default of '10' (seconds). Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, secure => $secure, list => { 'ssh_fh->error' => $ssh_fh->error }});
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
}
* Finished converting Remote->call() to use Net::OpenSSH. Also updated all calls to this method to expect the output as a single (sometimes multi-line) string instead of an array reference. Also updated all calles to expect 'output' first, 'error' second. * Added a 'timeout' parameter to Remote->call() to limit the time that a command on a remote host can run, with a default of '10' (seconds). Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
else
* Improved handling of failed connection attempts to remote machines in Remote->call(); * Started work of "Files" (replacement for the media library), including database tables, planned sync flow and web UI. * Added a check for the /mnt/shared directories and create them as needed in the periodic anvil-daemon checks. Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
{
* Finished converting Remote->call() to use Net::OpenSSH. Also updated all calls to this method to expect the output as a single (sometimes multi-line) string instead of an array reference. Also updated all calles to expect 'output' first, 'error' second. * Added a 'timeout' parameter to Remote->call() to limit the time that a command on a remote host can run, with a default of '10' (seconds). Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
# Call without a timeout.
($output, $error) = $ssh_fh->capture2($shell_call);
* Created tools/striker-get-peer-data that will query a target's host UUID and host name. It's meant to be called by apache, avoiding apache itself needing to call ssh against a target machine. * Fixed a bug in Storage->read_file() where a remote read, where the remote user wasn't specified, would cause the call to hange. * Cleaned up striker->add_sync_peer() to use more clear variable names. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
$output = "" if not defined $output;
* Finished converting Remote->call() to use Net::OpenSSH. Also updated all calls to this method to expect the output as a single (sometimes multi-line) string instead of an array reference. Also updated all calles to expect 'output' first, 'error' second. * Added a 'timeout' parameter to Remote->call() to limit the time that a command on a remote host can run, with a default of '10' (seconds). Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, secure => $secure, list => { 'ssh_fh->error' => $ssh_fh->error }});
* Improved handling of failed connection attempts to remote machines in Remote->call(); * Started work of "Files" (replacement for the media library), including database tables, planned sync flow and web UI. * Added a check for the /mnt/shared directories and create them as needed in the periodic anvil-daemon checks. Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
}
* Made a fair bit more progress on tools/striker-manage-install-target. It now registers a system with Red Hat and attaches appropriate subscriptions, updates the OS and (tries) to install anvil-{node,dr}. * Fixed a bug in Remote->call where a shell call that ended in a newline would work, but throw an error and not get the return code. * Created Database->get_job_details() which takes a job_uuid and returns the job details, if found. * Fixed a bug in Jobs->update_progress() where 'clear' wasn't removing the old job_progress data. * Added the parameters 'no_files' to skip stat'ing/recording non-directories, and 'search_for' which will set the parent directory in 'scan::searched' and stop scanning if found. This allows this method to act as a directory tree scanner and as a search engine. * Created Striker->get_local_repo() that builds a repo file body suitable for adding to peers, nodes and DR hosts. * Fixed bugs in the Striker WebUI related to initializing a target node / DR host. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
* Finished converting Remote->call() to use Net::OpenSSH. Also updated all calls to this method to expect the output as a single (sometimes multi-line) string instead of an array reference. Also updated all calles to expect 'output' first, 'error' second. * Added a 'timeout' parameter to Remote->call() to limit the time that a command on a remote host can run, with a default of '10' (seconds). Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
# Was there a problem?
if ($ssh_fh->error)
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
{
* Finished converting Remote->call() to use Net::OpenSSH. Also updated all calls to this method to expect the output as a single (sometimes multi-line) string instead of an array reference. Also updated all calles to expect 'output' first, 'error' second. * Added a 'timeout' parameter to Remote->call() to limit the time that a command on a remote host can run, with a default of '10' (seconds). Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
# Something went wrong.
$error = $anvil->Words->string({key => "message_0008", variables => {
shell_call => $shell_call,
connection => $ssh_fh_key,
error => $ssh_fh->error,
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
}});
* Made a fair bit more progress on tools/striker-manage-install-target. It now registers a system with Red Hat and attaches appropriate subscriptions, updates the OS and (tries) to install anvil-{node,dr}. * Fixed a bug in Remote->call where a shell call that ended in a newline would work, but throw an error and not get the return code. * Created Database->get_job_details() which takes a job_uuid and returns the job details, if found. * Fixed a bug in Jobs->update_progress() where 'clear' wasn't removing the old job_progress data. * Added the parameters 'no_files' to skip stat'ing/recording non-directories, and 'search_for' which will set the parent directory in 'scan::searched' and stop scanning if found. This allows this method to act as a directory tree scanner and as a search engine. * Created Striker->get_local_repo() that builds a repo file body suitable for adding to peers, nodes and DR hosts. * Fixed bugs in the Striker WebUI related to initializing a target node / DR host. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, secure => $secure, list => { error => $error }});
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
}
* Finished converting Remote->call() to use Net::OpenSSH. Also updated all calls to this method to expect the output as a single (sometimes multi-line) string instead of an array reference. Also updated all calles to expect 'output' first, 'error' second. * Added a 'timeout' parameter to Remote->call() to limit the time that a command on a remote host can run, with a default of '10' (seconds). Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
# Take the last new line off.
* Updated kickstart to write the basic tools/anvil-update-issue to a freshly installed machine and run it from cron. * Updated Remote->call() to detect when a connection fails because the target's known_hosts entry has changed. Still need to add the function to report this to the user. * Fixed a bug where new-lines in Words->parse_banged_string() where a double-banged word string's variable value would cause an infinite loop. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
$output =~ s/\n$//; $output =~ s/\r//g;
$error =~ s/\n$//; $error =~ s/\r//g;
* Finished converting Remote->call() to use Net::OpenSSH. Also updated all calls to this method to expect the output as a single (sometimes multi-line) string instead of an array reference. Also updated all calles to expect 'output' first, 'error' second. * Added a 'timeout' parameter to Remote->call() to limit the time that a command on a remote host can run, with a default of '10' (seconds). Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, secure => $secure, list => {
error => $error,
output => $output,
'close' => $close,
}});
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
* Added automatic 'echo return_code:$?' to System->call and Remote->call which is parsed out and returned automatically on all calls. * Started porting ocf:alteeve:server to use the Anvil::Tools module and updating it for RHEL 8. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
# Pull the return code out.
my $clean_output = "";
foreach my $line (split/\n/, $output)
{
* Created Cluster->check_node_status() that checks the status of a node (in pacemaker). * Created Cluster->get_peers() that figures out who the peer node (and DR host, if applicable) are. * Updated Cluster->parse_cib() to dig out more information. * Created Cluster->start_cluster() to start pacemaker (via pcsd) locally or on all (both) nodes. * Started working on ocf:alteeve:server to start/stop the libvirtd/drbd daemons as needed, instead of having pacemaker do it. * Got more work done on anvil-join-anvil. Node 2 now waits for the cluster to start, and node 1 will do setup as needed, then wait for the cluster to start as well. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, secure => $secure, list => { line => $line }});
* Added automatic 'echo return_code:$?' to System->call and Remote->call which is parsed out and returned automatically on all calls. * Started porting ocf:alteeve:server to use the Anvil::Tools module and updating it for RHEL 8. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
if ($line =~ /^return_code:(\d+)$/)
{
$return_code = $1;
* Created Cluster->check_node_status() that checks the status of a node (in pacemaker). * Created Cluster->get_peers() that figures out who the peer node (and DR host, if applicable) are. * Updated Cluster->parse_cib() to dig out more information. * Created Cluster->start_cluster() to start pacemaker (via pcsd) locally or on all (both) nodes. * Started working on ocf:alteeve:server to start/stop the libvirtd/drbd daemons as needed, instead of having pacemaker do it. * Got more work done on anvil-join-anvil. Node 2 now waits for the cluster to start, and node 1 will do setup as needed, then wait for the cluster to start as well. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, secure => $secure, list => { return_code => $return_code }});
* Added automatic 'echo return_code:$?' to System->call and Remote->call which is parsed out and returned automatically on all calls. * Started porting ocf:alteeve:server to use the Anvil::Tools module and updating it for RHEL 8. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
}
* Renamed all Validate->is_X to Validate->X. Also created Validate->ipv6() to validate IPv6 addresses using Data::Validate::IP (and added it as a requirement to the .spec base RPM). * Added the fix from the last commit for System->call to handle returned data without an ending newline to Remote->call. * Got more work done on System->update_hosts(). It's able to add new hosts, but misses the short and FQDN host names. Need to fix that and the verify existing / manual entries aren't molested. Signed-off-by: digimer <digimer@pulsar.alteeve.com>
4 years ago
elsif ($line =~ /return_code:(\d+)$/)
{
### NOTE: This should never happen given we have a newline before the echo,
### but it's here just in case.
# If the output of the shell call doesn't end in a newline, the return_code:X
# could be appended. This catches those cases and removes it.
* Finished getting tools/striker-auto-initialize-all to merge the built Strikers. * Fixed a bug in Remote->call() where the output of the call not ending in a newline wasn't having the return code parsed off properly. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
$return_code = $1;
$line =~ s/return_code:\d+$//;
$clean_output .= $line."\n";
* Created Cluster->check_node_status() that checks the status of a node (in pacemaker). * Created Cluster->get_peers() that figures out who the peer node (and DR host, if applicable) are. * Updated Cluster->parse_cib() to dig out more information. * Created Cluster->start_cluster() to start pacemaker (via pcsd) locally or on all (both) nodes. * Started working on ocf:alteeve:server to start/stop the libvirtd/drbd daemons as needed, instead of having pacemaker do it. * Got more work done on anvil-join-anvil. Node 2 now waits for the cluster to start, and node 1 will do setup as needed, then wait for the cluster to start as well. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => {
* Renamed all Validate->is_X to Validate->X. Also created Validate->ipv6() to validate IPv6 addresses using Data::Validate::IP (and added it as a requirement to the .spec base RPM). * Added the fix from the last commit for System->call to handle returned data without an ending newline to Remote->call. * Got more work done on System->update_hosts(). It's able to add new hosts, but misses the short and FQDN host names. Need to fix that and the verify existing / manual entries aren't molested. Signed-off-by: digimer <digimer@pulsar.alteeve.com>
4 years ago
line => $line,
output => $output,
return_code => $return_code,
}});
}
* Added automatic 'echo return_code:$?' to System->call and Remote->call which is parsed out and returned automatically on all calls. * Started porting ocf:alteeve:server to use the Anvil::Tools module and updating it for RHEL 8. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
else
{
$clean_output .= $line."\n";
}
}
$clean_output =~ s/\n$//;
$output = $clean_output;
* Finished getting tools/striker-auto-initialize-all to merge the built Strikers. * Fixed a bug in Remote->call() where the output of the call not ending in a newline wasn't having the return code parsed off properly. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => { output => $output }});
* Added automatic 'echo return_code:$?' to System->call and Remote->call which is parsed out and returned automatically on all calls. * Started porting ocf:alteeve:server to use the Anvil::Tools module and updating it for RHEL 8. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
* Finished converting Remote->call() to use Net::OpenSSH. Also updated all calls to this method to expect the output as a single (sometimes multi-line) string instead of an array reference. Also updated all calles to expect 'output' first, 'error' second. * Added a 'timeout' parameter to Remote->call() to limit the time that a command on a remote host can run, with a default of '10' (seconds). Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
# Have we been asked to close the connection?
if ($close)
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
{
# Close it.
$ssh_fh->disconnect();
* Decided to move development to Fedora 28 to prepare for the leap to RHEL 8. So this commit is the first where the Anvil! Striker can be installed. * Updated Get->users_home() to default to return the hore directory for the user running the program. * Updated Remote->call() to start working on handling timeouts. * Updated Storage->change_owner(), ->make_directory() and ->write_file() to default the the user and group running the program. * Fixed a bug in home reporting the MAC address of NICs when confirming configuration of Striker. Also changed showing the domain to the hostname. * Got more work done on sync peers. * Updated the RPM spec file to install on Fedora 28. Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => $debug, key => "message_0009", variables => { target => $target }});
* Finished converting Remote->call() to use Net::OpenSSH. Also updated all calls to this method to expect the output as a single (sometimes multi-line) string instead of an array reference. Also updated all calles to expect 'output' first, 'error' second. * Added a 'timeout' parameter to Remote->call() to limit the time that a command on a remote host can run, with a default of '10' (seconds). Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
# For good measure, blank both variables.
$anvil->data->{cache}{ssh_fh}{$ssh_fh_key} = "";
$ssh_fh = "";
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => { "cache::ssh_fh::${ssh_fh_key}" => $anvil->data->{cache}{ssh_fh}{$ssh_fh_key} }});
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
}
}
* Decided to move development to Fedora 28 to prepare for the leap to RHEL 8. So this commit is the first where the Anvil! Striker can be installed. * Updated Get->users_home() to default to return the hore directory for the user running the program. * Updated Remote->call() to start working on handling timeouts. * Updated Storage->change_owner(), ->make_directory() and ->write_file() to default the the user and group running the program. * Fixed a bug in home reporting the MAC address of NICs when confirming configuration of Striker. Also changed showing the domain to the hostname. * Got more work done on sync peers. * Updated the RPM spec file to install on Fedora 28. Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, secure => $secure, list => {
* Added automatic 'echo return_code:$?' to System->call and Remote->call which is parsed out and returned automatically on all calls. * Started porting ocf:alteeve:server to use the Anvil::Tools module and updating it for RHEL 8. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
error => $error,
output => $output,
return_code => $return_code,
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
}});
* Added automatic 'echo return_code:$?' to System->call and Remote->call which is parsed out and returned automatically on all calls. * Started porting ocf:alteeve:server to use the Anvil::Tools module and updating it for RHEL 8. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
return($output, $error, $return_code);
* Finished converting Remote->call() to use Net::OpenSSH. Also updated all calls to this method to expect the output as a single (sometimes multi-line) string instead of an array reference. Also updated all calles to expect 'output' first, 'error' second. * Added a 'timeout' parameter to Remote->call() to limit the time that a command on a remote host can run, with a default of '10' (seconds). Signed-off-by: Digimer <digimer@alteeve.ca>
6 years ago
}
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
* Moved Database->check_condition_age to Alert. * Created (but not finished) scan-apc-pdu * Added support to tracking maintenance-mode for nodes in Cluster->parse_cib * Created Remote->read_snmp_oid(). * Created Server->get_definition. * Updated Server->get_status() to write-out server XML files on-demand. * Finished scan-cluster. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
=head2 read_snmp_oid
This connects to a remote machine using SNMP and reads (if possible) the OID specified. If unable to reach the target device, C<< !!no_connection!! >> is returned. If there is a problem with the call made to this method, C<< !!error!! >> is returned.
Otherwise, two values are returned; first the data and second the data type.
Parameters;
=head3 community (optional)
This is the SNMP community used to connect to.
=head3 mib (optional)
If set to a path to a file, the file is treated as a custom MIB to be fed into C<< snmpget >>
=head3 oid (required)
This is the OID string to query.
=head3 target (required)
This is the IP or (resolvable) host name to query.
=head3 version (optional, default '2c')
This is the SNMP protocol version to use when connecting to the target.
=cut
sub read_snmp_oid
{
my $self = shift;
my $parameter = shift;
my $anvil = $self->parent;
my $debug = defined $parameter->{debug} ? $parameter->{debug} : 3;
$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => $debug, key => "log_0125", variables => { method => "Remote->read_snmp_oid()" }});
my $community = defined $parameter->{community} ? $parameter->{community} : "";
my $mib = defined $parameter->{mib} ? $parameter->{mib} : "";
my $oid = defined $parameter->{oid} ? $parameter->{oid} : "";
my $target = defined $parameter->{target} ? $parameter->{target} : "";
my $version = defined $parameter->{version} ? $parameter->{version} : "2c";
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, secure => 0, list => {
community => $community,
mib => $mib,
oid => $oid,
target => $target,
version => $version,
}});
if (not $oid)
{
# Um, what are we supposed to read?
$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => 0, priority => "err", key => "log_0020", variables => { method => "Remote->read_snmp_oid()", parameter => "oid" }});
* Cleaned up some old 'die' calls with better nice_exit() calls to help avoid dangling db_in_use flags. * Reworked Network->bridge_info() to use 'ip' to get the list of bridges, and 'bridge' to find interfaces connected to the bridge. * Added 'test' messages to Words->string(). * Fixed a bug in scan-lvm where mdadm based PVs didn't read the sector size properly. Signed-off-by: Digimer <digimer@alteeve.ca>
2 years ago
$anvil->nice_exit({exit_code => 1});
* Moved Database->check_condition_age to Alert. * Created (but not finished) scan-apc-pdu * Added support to tracking maintenance-mode for nodes in Cluster->parse_cib * Created Remote->read_snmp_oid(). * Created Server->get_definition. * Updated Server->get_status() to write-out server XML files on-demand. * Finished scan-cluster. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
return("!!error!!");
}
if (not $target)
{
# Who ya gonna call? No, seriously, I have no idea...
$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => 0, priority => "err", key => "log_0020", variables => { method => "Remote->read_snmp_oid()", parameter => "target" }});
* Cleaned up some old 'die' calls with better nice_exit() calls to help avoid dangling db_in_use flags. * Reworked Network->bridge_info() to use 'ip' to get the list of bridges, and 'bridge' to find interfaces connected to the bridge. * Added 'test' messages to Words->string(). * Fixed a bug in scan-lvm where mdadm based PVs didn't read the sector size properly. Signed-off-by: Digimer <digimer@alteeve.ca>
2 years ago
$anvil->nice_exit({exit_code => 1});
* Moved Database->check_condition_age to Alert. * Created (but not finished) scan-apc-pdu * Added support to tracking maintenance-mode for nodes in Cluster->parse_cib * Created Remote->read_snmp_oid(). * Created Server->get_definition. * Updated Server->get_status() to write-out server XML files on-demand. * Finished scan-cluster. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
return("!!error!!");
}
if (($mib) && (not -r $mib))
{
# Bad MIB path
$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => 0, priority => "err", key => "error_0163", variables => { mib => $mib }});
* Cleaned up some old 'die' calls with better nice_exit() calls to help avoid dangling db_in_use flags. * Reworked Network->bridge_info() to use 'ip' to get the list of bridges, and 'bridge' to find interfaces connected to the bridge. * Added 'test' messages to Words->string(). * Fixed a bug in scan-lvm where mdadm based PVs didn't read the sector size properly. Signed-off-by: Digimer <digimer@alteeve.ca>
2 years ago
$anvil->nice_exit({exit_code => 1});
* Moved Database->check_condition_age to Alert. * Created (but not finished) scan-apc-pdu * Added support to tracking maintenance-mode for nodes in Cluster->parse_cib * Created Remote->read_snmp_oid(). * Created Server->get_definition. * Updated Server->get_status() to write-out server XML files on-demand. * Finished scan-cluster. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
return("!!error!!");
}
my $data_type = "unknown";
my $shell_call = $anvil->data->{path}{exe}{snmpget}." -On";
if ($community)
{
$shell_call .= " -c ".$community;
}
if ($mib)
{
$shell_call .= " -m ".$mib;
}
$shell_call .= " -v ".$version." ".$target." ".$oid;
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, secure => 0, list => { shell_call => $shell_call }});
my ($output, $return_code) = $anvil->System->call({debug => $debug, shell_call => $shell_call});
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => {
output => $output,
return_code => $return_code,
}});
my $value = "#!no_value!#";
foreach my $line (split/\n/, $output)
{
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => { line => $line }});
if ($line =~ /No Response/i)
{
$value = "#!no_connection!#";
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => { value => $value }});
}
elsif (($line =~ /STRING: "(.*)"$/i) or ($line =~ /STRING: (.*)$/i))
{
$value = $1;
$data_type = "string";
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => {
value => $value,
data_type => $data_type,
}});
}
elsif ($line =~ /INTEGER: (\d+)$/i)
{
$value = $1;
$data_type = "integer";
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => {
value => $value,
data_type => $data_type,
}});
}
elsif ($line =~ /Hex-STRING: (.*)$/i)
{
$value = $1;
$data_type = "hex-string";
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => {
value => $value,
data_type => $data_type,
}});
}
elsif ($line =~ /Gauge32: (.*)$/i)
{
$value = $1;
$data_type = "guage32";
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => {
value => $value,
data_type => $data_type,
}});
}
elsif ($line =~ /Timeticks: \((\d+)\) /i)
{
$value = $1;
$data_type = "timeticks";
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => {
value => $value,
data_type => $data_type,
}});
}
elsif ($line =~ /No Such Instance/i)
{
$value = "--";
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => { value => $value }});
}
elsif ($line =~ /^(.*?): (.*$)/i)
{
$data_type = $1;
$value = $2;
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => {
value => $value,
data_type => $data_type,
}});
}
}
return($value, $data_type);
}
* Got 'migrate_to' working in ocf:alteeve:server. 'migrate_from' still needs work. * Created DRBD->allow_two_primaries() and ->reload_defaults() that enables (and resets/disables) dual-primary operation (allow-two-primaries=yes), used to enable live migration. * Created Remote->test_access() that simply verifies that a remote target can be accessed (as a given user). * Created Server->migrate() that actually migrates a server. It can push already, and pull will be added next. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
=head2 test_access
This attempts to log into the target to verify that the target is up and reachable. It returns C<< 1 >> on access, C<< 0 >> otherwise.
* Got the code in scan-server to the point where it _should_ now gracefully and automatically detect changes to a server's definition originatin from the database (via Striker), directly editing the on-disk definition file, or editing via libvirt tools (like virt-manager). Still needs to be tested though. * Updated Server->migrate_virsh() to set 'servers' -> 'server_state' to 'migrating' and clear it again once the migation completes. Also added support for cold (frozen) versus live migrations. * Updated Cluster->parse_cib() to check if a server with the server_state set to 'migrating' isn't actually migrating anymore and, if not, to clear that state. This is needed as scan-server will blindly ignore/skip any migrating server, and if a migration call is interrupted, the state could get stuck. * Updated the 'servers' database table (and associated Database methods) to add columns for; ** server_ram_in_use - tracking RAM used by a running server ** server_configured_ram - RAM allocated to a running server (used with the above to alert a user and track _currently_ available RAM) ** server_updated_by_user - To be set by Striker tools to indicate when the user made a change that needs to push out to nodes / running server. ** server_boot_time - Tracks the unixtime when the server booted (to track uptime even if the server migrates across nodes). * Created Get->anvil_name_from_uuid() to easily convert an Anvil! UUID into a name. Also created ->host_uuid_from_name() to translate a host name into a host UUID. * Created Server->get_runtime() that translates a server name into a process ID and then uses that to determine how long (in seconds) it has been running. This is used when a server transitions from 'shut off' to 'running' to determine exactly when the server booted (current time - runtime). * Renamed all 'Server->parse_definition' calls that used 'from_memory' to 'from_virsh' to clarify the data source. * Made scan-hardware smarter about RAM change alerts. * Updated scancore to load agent strings on startup so that processing pending alerts works properly. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
my $access = $anvil->Remote->test_access({
target => "remote_host",
password => "secret",
});
* Got 'migrate_to' working in ocf:alteeve:server. 'migrate_from' still needs work. * Created DRBD->allow_two_primaries() and ->reload_defaults() that enables (and resets/disables) dual-primary operation (allow-two-primaries=yes), used to enable live migration. * Created Remote->test_access() that simply verifies that a remote target can be accessed (as a given user). * Created Server->migrate() that actually migrates a server. It can push already, and pull will be added next. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
Parameters;
=head3 password (optional)
This is the password used to connect to the remote target as the given user.
B<NOTE>: Passwordless SSH is supported. If you can ssh to the target as the given user without a password, then no password needs to be given here.
=head3 port (optional, default '22')
This is the TCP port to use when connecting to the C<< target >> over SSH.
=head3 target (required)
This is the IP address or (resolvable) host name of the machine who's key we're recording.
=head3 user (optional, defaults to user running this method)
This is the user who we're recording the key for.
=cut
sub test_access
{
my $self = shift;
my $parameter = shift;
my $anvil = $self->parent;
my $debug = defined $parameter->{debug} ? $parameter->{debug} : 3;
* Updated all methods to add (or fix) logging the method entry. * More work done on Email->send_email() to, well, actually send email (which it isn't doing yet, but it's close). * Updated Words->key() to include the bad key name when no entry for the requested key exists in the words.xml file. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => $debug, key => "log_0125", variables => { method => "Remote->test_access()" }});
* Got 'migrate_to' working in ocf:alteeve:server. 'migrate_from' still needs work. * Created DRBD->allow_two_primaries() and ->reload_defaults() that enables (and resets/disables) dual-primary operation (allow-two-primaries=yes), used to enable live migration. * Created Remote->test_access() that simply verifies that a remote target can be accessed (as a given user). * Created Server->migrate() that actually migrates a server. It can push already, and pull will be added next. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
* Fixed an issue with ocf:alteeve:server where, after a migration, the target host would invoke the RA as if it was trying to migrate, instead of verifying the server (resource) was OK post migration. * Fixed a bug in Server->get_status() where the call to Storage->rsync's returned output checked for '!!errer!!' instead of '!!error!!'. * Fixed a bug in Storage->rsync where, when no port was passed in, it would try to specify an empty port and fail. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
my $password = defined $parameter->{password} ? $parameter->{password} : "";
* Got 'migrate_to' working in ocf:alteeve:server. 'migrate_from' still needs work. * Created DRBD->allow_two_primaries() and ->reload_defaults() that enables (and resets/disables) dual-primary operation (allow-two-primaries=yes), used to enable live migration. * Created Remote->test_access() that simply verifies that a remote target can be accessed (as a given user). * Created Server->migrate() that actually migrates a server. It can push already, and pull will be added next. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
my $port = defined $parameter->{port} ? $parameter->{port} : 22;
my $target = defined $parameter->{target} ? $parameter->{target} : "";
my $user = defined $parameter->{user} ? $parameter->{user} : getpwuid($<);
my $access = 0;
* Moved Database->check_condition_age to Alert. * Created (but not finished) scan-apc-pdu * Added support to tracking maintenance-mode for nodes in Cluster->parse_cib * Created Remote->read_snmp_oid(). * Created Server->get_definition. * Updated Server->get_status() to write-out server XML files on-demand. * Finished scan-cluster. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, secure => 0, list => {
* Created Log->is_secure() to more cleanly handle conditional logging of strings with passwords or passwords directly. Updated log entries that could benefit from this method to use it. * Cleaned up the striker->add_sync_peer() function to more clearly differentiate the ssh port from the pgsql port. * Improved the HTML form to not have the browser treat host login fields as credentials to autofill or save. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
password => $anvil->Log->is_secure($password),
* Got 'migrate_to' working in ocf:alteeve:server. 'migrate_from' still needs work. * Created DRBD->allow_two_primaries() and ->reload_defaults() that enables (and resets/disables) dual-primary operation (allow-two-primaries=yes), used to enable live migration. * Created Remote->test_access() that simply verifies that a remote target can be accessed (as a given user). * Created Server->migrate() that actually migrates a server. It can push already, and pull will be added next. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
port => $port,
target => $target,
user => $user,
}});
# Call the target
my ($output, $error, $return_code) = $anvil->Remote->call({
debug => $debug,
password => $password,
shell_call => $anvil->data->{path}{exe}{echo}." 1",
target => $target,
remote_user => $user,
* Added a check to Database->get_ip_addresses() to check is a hash is set before using it, to help avoid unitialized variable messages. * Updated Remote->test_access() to not used cached SSH access. * Updated anvil-configure-host to abort if the host is in a cluster. * Updated anvil-join-anvil to clean up some variable checks to help avoid unitialized variable messages. * Updated striker-initialize-host to check if an anvil RPM is installed and, if so, not install the Anvil! repo. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
'close' => 1,
no_cache => 1,
* Got 'migrate_to' working in ocf:alteeve:server. 'migrate_from' still needs work. * Created DRBD->allow_two_primaries() and ->reload_defaults() that enables (and resets/disables) dual-primary operation (allow-two-primaries=yes), used to enable live migration. * Created Remote->test_access() that simply verifies that a remote target can be accessed (as a given user). * Created Server->migrate() that actually migrates a server. It can push already, and pull will be added next. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
});
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => {
output => $output,
error => $error,
return_code => $return_code,
}});
* Updated Log->entry() to prefix log lines with the short 'job-uuid', when the log entry is coming from a program running as a job. This is meant to make it easier to break up what log lines belong to what jobs, if multiple jobs are running at the same time (ie: when initializing multiple nodes / dr hosts in parallel). * Updated Remote->call() to return ('!!error!!', '!!error!!', 9999) when an error hits. Made Remote->test_access() explicitely check for '1' to be returned in order to confirm access, fixing a bug where bad target value caused false positives. Updated ->_check_known_hosts_for_target() to no longer explicitely check for 'ssh-rsa' so that machine keys using different cyphers are detected as being in known_hosts properly. * Updated striker-auto-initialize-all to initialize nodes and DR hosts networks before trying to form them into an Anvil!. Fixed several other bugs as well. More testing is needed, but it works now. * Updated striker-initialize-host to check for the alteeve repo and, it not found, check for accress to alteeve.com. If access, it will install our repo now. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
if ($output eq "1")
* Got 'migrate_to' working in ocf:alteeve:server. 'migrate_from' still needs work. * Created DRBD->allow_two_primaries() and ->reload_defaults() that enables (and resets/disables) dual-primary operation (allow-two-primaries=yes), used to enable live migration. * Created Remote->test_access() that simply verifies that a remote target can be accessed (as a given user). * Created Server->migrate() that actually migrates a server. It can push already, and pull will be added next. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
{
$access = 1;
}
* Moved Database->check_condition_age to Alert. * Created (but not finished) scan-apc-pdu * Added support to tracking maintenance-mode for nodes in Cluster->parse_cib * Created Remote->read_snmp_oid(). * Created Server->get_definition. * Updated Server->get_status() to write-out server XML files on-demand. * Finished scan-cluster. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => { access => $access }});
* Got 'migrate_to' working in ocf:alteeve:server. 'migrate_from' still needs work. * Created DRBD->allow_two_primaries() and ->reload_defaults() that enables (and resets/disables) dual-primary operation (allow-two-primaries=yes), used to enable live migration. * Created Remote->test_access() that simply verifies that a remote target can be accessed (as a given user). * Created Server->migrate() that actually migrates a server. It can push already, and pull will be added next. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
return($access);
}
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
# =head3
#
# Private Functions;
#
# =cut
#############################################################################################################
# Private functions #
#############################################################################################################
=head2 _call_ssh_keyscan
This calls C<< ssh-keyscan >> to add a remote machine's fingerprint to the C<< user >>'s C<< known_hosts >> file.
Returns C<< 0 >> if the addition failed, returns C<< 1 >> if it was successful.
Parameters;
=head3 known_hosts (required)
This is the specific C<< known_hosts >> file we're checking.
=head3 port (optional, default 22)
This is the SSH TCP port used to connect to C<< target >>.
=head3 target (required)
This is the IP or (resolvable) host name of the machine who's RSA fingerprint we're checking.
=head3 user (optional, default to user running this method)
This is the user who's C<< known_hosts >> we're checking.
=cut
sub _call_ssh_keyscan
{
my $self = shift;
my $parameter = shift;
my $anvil = $self->parent;
my $debug = defined $parameter->{debug} ? $parameter->{debug} : 3;
* Updated all methods to add (or fix) logging the method entry. * More work done on Email->send_email() to, well, actually send email (which it isn't doing yet, but it's close). * Updated Words->key() to include the bad key name when no entry for the requested key exists in the words.xml file. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => $debug, key => "log_0125", variables => { method => "Remote->_call_ssh_keyscan()" }});
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
my $known_hosts = defined $parameter->{known_hosts} ? $parameter->{known_hosts} : "";
my $port = defined $parameter->{port} ? $parameter->{port} : "";
my $target = defined $parameter->{target} ? $parameter->{target} : "";
* Got 'migrate_to' working in ocf:alteeve:server. 'migrate_from' still needs work. * Created DRBD->allow_two_primaries() and ->reload_defaults() that enables (and resets/disables) dual-primary operation (allow-two-primaries=yes), used to enable live migration. * Created Remote->test_access() that simply verifies that a remote target can be accessed (as a given user). * Created Server->migrate() that actually migrates a server. It can push already, and pull will be added next. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
my $user = defined $parameter->{user} ? $parameter->{user} : getpwuid($<);
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, secure => 0, list => {
known_hosts => $known_hosts,
port => $port,
target => $target,
user => $user,
}});
# Log what we're doing
* Updated anvil-daemon (and Database->insert_or_update_jobs) to now recognize jobs with the job_status of 'scancore_startup' to run only when ScanCore starts. * Finished initial Striker setup in tools/striker-auto-initialize-all. Started working on peering. * Cleaned up the handling of converting UIDs to user names in Remote->add_target_to_known_hosts() and ->_call_ssh_keyscan(). * Did a bunch of white-space/alignment cleanup. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
my $say_user = $user;
if (($say_user =~ /^\d+$/) && (getpwuid($user)))
{
$say_user = getpwuid($user);
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => { say_user => $say_user }});
}
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => 1, priority => "alert", key => "log_0159", variables => {
target => $target,
port => $port,
* Updated anvil-daemon (and Database->insert_or_update_jobs) to now recognize jobs with the job_status of 'scancore_startup' to run only when ScanCore starts. * Finished initial Striker setup in tools/striker-auto-initialize-all. Started working on peering. * Cleaned up the handling of converting UIDs to user names in Remote->add_target_to_known_hosts() and ->_call_ssh_keyscan(). * Did a bunch of white-space/alignment cleanup. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
user => $say_user,
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
}});
* Fixed a few bugs with how rsync is handled, specifically in the rsync wrapper script. * Fixed a bug with handling ssh fingerprints (and removed comments going to the known_hosts file). * Added more nested debug parameter passing when methods call other methods (though more work is needed to catch up) Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
# Redirect STDERR to STDOUT and grep off the comments.
* Updated Tools->_anvil_version() and Get->anvil_version() to now pick up a SchemaVersion from anvil.sql. This will change only when the schema changes and is used when Database->connect() is checking compatibility with other anvil database hosts. This will make it only break connection when there is a reason to do so. The anvil_version still remains as an informational version that will help when supporting users later. * Updated Cluster->add_server() to now set failure timeouts to actual numbers instead of INFINITY after discovering that INFINITY doesn't work in those cases. * Updated Databsae->get_hosts to now check if other entries have the same host name, and if so, to set their host_key to 'DELETED'. This should make it easier to handle when a hardware machine is replaced by new hardware but uses the same host_name. * Updated Email->check_queue() to start and enable postfix.service if it's found to not be running. * Updated Get->available_resources() to return '!!no_data!!' when a given host hasn't got any data in scan_lvm_vgs. Now use this in anvil-provision-server to exit if a node or dr host hasn't run scancore yet. * Fixed a bug in scan-lvm where the pvs_uuid wasn't being loaded properly, preventing lost PVs, VGs and LVs from being flagged as deleted. * Started work on anvil-migate-server, though it's far from complete. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
my $shell_call = $anvil->data->{path}{exe}{'ssh-keyscan'}." -4 -t ecdsa-sha2-nistp256 ".$target." 2>&1 | ".$anvil->data->{path}{exe}{'grep'}." -v ^# >> ".$known_hosts;
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
if (($port) && ($port ne "22"))
{
* Updated Tools->_anvil_version() and Get->anvil_version() to now pick up a SchemaVersion from anvil.sql. This will change only when the schema changes and is used when Database->connect() is checking compatibility with other anvil database hosts. This will make it only break connection when there is a reason to do so. The anvil_version still remains as an informational version that will help when supporting users later. * Updated Cluster->add_server() to now set failure timeouts to actual numbers instead of INFINITY after discovering that INFINITY doesn't work in those cases. * Updated Databsae->get_hosts to now check if other entries have the same host name, and if so, to set their host_key to 'DELETED'. This should make it easier to handle when a hardware machine is replaced by new hardware but uses the same host_name. * Updated Email->check_queue() to start and enable postfix.service if it's found to not be running. * Updated Get->available_resources() to return '!!no_data!!' when a given host hasn't got any data in scan_lvm_vgs. Now use this in anvil-provision-server to exit if a node or dr host hasn't run scancore yet. * Fixed a bug in scan-lvm where the pvs_uuid wasn't being loaded properly, preventing lost PVs, VGs and LVs from being flagged as deleted. * Started work on anvil-migate-server, though it's far from complete. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
$shell_call = $anvil->data->{path}{exe}{'ssh-keyscan'}." -4 -t ecdsa-sha2-nistp256 -p ".$port." ".$target." 2>&1 | ".$anvil->data->{path}{exe}{'grep'}." -v ^# >> ".$known_hosts;
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
}
* Fixed a few bugs with how rsync is handled, specifically in the rsync wrapper script. * Fixed a bug with handling ssh fingerprints (and removed comments going to the known_hosts file). * Added more nested debug parameter passing when methods call other methods (though more work is needed to catch up) Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
my $output = $anvil->System->call({debug => $debug, shell_call => $shell_call});
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => { output => $output }});
foreach my $line (split/\n/, $output)
{
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => { line => $line }});
}
# Set the ownership
$output = "";
$shell_call = $anvil->data->{path}{exe}{'chown'}." ".$user.":".$user." ".$known_hosts;
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => { output => $output }});
foreach my $line (split/\n/, $output)
{
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => { line => $line }});
}
# Verify that it's now there.
my $known_machine = $anvil->Remote->_check_known_hosts_for_target({
* Updated Log->entry() to prefix log lines with the short 'job-uuid', when the log entry is coming from a program running as a job. This is meant to make it easier to break up what log lines belong to what jobs, if multiple jobs are running at the same time (ie: when initializing multiple nodes / dr hosts in parallel). * Updated Remote->call() to return ('!!error!!', '!!error!!', 9999) when an error hits. Made Remote->test_access() explicitely check for '1' to be returned in order to confirm access, fixing a bug where bad target value caused false positives. Updated ->_check_known_hosts_for_target() to no longer explicitely check for 'ssh-rsa' so that machine keys using different cyphers are detected as being in known_hosts properly. * Updated striker-auto-initialize-all to initialize nodes and DR hosts networks before trying to form them into an Anvil!. Fixed several other bugs as well. More testing is needed, but it works now. * Updated striker-initialize-host to check for the alteeve repo and, it not found, check for accress to alteeve.com. If access, it will install our repo now. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
debug => $debug,
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
target => $target,
port => $port,
known_hosts => $known_hosts,
user => $user,
});
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, secure => 0, list => { known_machine => $known_machine }});
return($known_machine);
}
=head3 _check_known_hosts_for_target
This checks to see if a given C<< target >> machine is in the C<< user >>'s C<< known_hosts >> file.
Returns C<< 0 >> if the target is not in the C<< known_hosts >> file, C<< 1 >> if it was found.
Parameters;
=head3 delete_if_found (optional, default 0)
Deletes the existing RSA fingerprint if one is found for the C<< target >>.
=head3 known_hosts (required)
This is the specific C<< known_hosts >> file we're checking.
=head3 port (optional, default 22)
This is the SSH TCP port used to connect to C<< target >>.
=head3 target (required)
This is the IP or (resolvable) host name of the machine who's RSA fingerprint we're checking.
=head3 user (optional, default to user running this method)
This is the user who's C<< known_hosts >> we're checking.
=cut
sub _check_known_hosts_for_target
{
my $self = shift;
my $parameter = shift;
my $anvil = $self->parent;
my $debug = defined $parameter->{debug} ? $parameter->{debug} : 3;
* Updated all methods to add (or fix) logging the method entry. * More work done on Email->send_email() to, well, actually send email (which it isn't doing yet, but it's close). * Updated Words->key() to include the bad key name when no entry for the requested key exists in the words.xml file. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => $debug, key => "log_0125", variables => { method => "Remote->_check_known_hosts_for_target()" }});
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
my $delete_if_found = defined $parameter->{delete_if_found} ? $parameter->{delete_if_found} : 0;
my $known_hosts = defined $parameter->{known_hosts} ? $parameter->{known_hosts} : "";
my $port = defined $parameter->{port} ? $parameter->{port} : "";
my $target = defined $parameter->{target} ? $parameter->{target} : "";
* Got 'migrate_to' working in ocf:alteeve:server. 'migrate_from' still needs work. * Created DRBD->allow_two_primaries() and ->reload_defaults() that enables (and resets/disables) dual-primary operation (allow-two-primaries=yes), used to enable live migration. * Created Remote->test_access() that simply verifies that a remote target can be accessed (as a given user). * Created Server->migrate() that actually migrates a server. It can push already, and pull will be added next. Signed-off-by: Digimer <digimer@alteeve.ca>
5 years ago
my $user = defined $parameter->{user} ? $parameter->{user} : getpwuid($<);
* Fixed a few bugs with how rsync is handled, specifically in the rsync wrapper script. * Fixed a bug with handling ssh fingerprints (and removed comments going to the known_hosts file). * Added more nested debug parameter passing when methods call other methods (though more work is needed to catch up) Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
my $known_machine = 0;
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, secure => 0, list => {
delete_if_found => $delete_if_found,
known_hosts => $known_hosts,
port => $port,
target => $target,
user => $user,
}});
* Fixed a few bugs with how rsync is handled, specifically in the rsync wrapper script. * Fixed a bug with handling ssh fingerprints (and removed comments going to the known_hosts file). * Added more nested debug parameter passing when methods call other methods (though more work is needed to catch up) Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
# Is there a known_hosts file at all?
if (not $known_hosts)
{
# Nope.
$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => $debug, secure => 0, key => "log_0163", variables => { file => $$known_hosts }});
return($known_machine)
}
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
# read it in and search.
* Fixed a few bugs with how rsync is handled, specifically in the rsync wrapper script. * Fixed a bug with handling ssh fingerprints (and removed comments going to the known_hosts file). * Added more nested debug parameter passing when methods call other methods (though more work is needed to catch up) Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
my $body = $anvil->Storage->read_file({debug => $debug, file => $known_hosts});
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, secure => 0, list => { body => $body }});
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
foreach my $line (split/\n/, $body)
{
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, secure => 0, list => { line => $line }});
* Updated Log->entry() to prefix log lines with the short 'job-uuid', when the log entry is coming from a program running as a job. This is meant to make it easier to break up what log lines belong to what jobs, if multiple jobs are running at the same time (ie: when initializing multiple nodes / dr hosts in parallel). * Updated Remote->call() to return ('!!error!!', '!!error!!', 9999) when an error hits. Made Remote->test_access() explicitely check for '1' to be returned in order to confirm access, fixing a bug where bad target value caused false positives. Updated ->_check_known_hosts_for_target() to no longer explicitely check for 'ssh-rsa' so that machine keys using different cyphers are detected as being in known_hosts properly. * Updated striker-auto-initialize-all to initialize nodes and DR hosts networks before trying to form them into an Anvil!. Fixed several other bugs as well. More testing is needed, but it works now. * Updated striker-initialize-host to check for the alteeve repo and, it not found, check for accress to alteeve.com. If access, it will install our repo now. Signed-off-by: Digimer <digimer@alteeve.ca>
4 years ago
# This is wider scope now to catch hosts using other hashes than 'ssh-rsa'
if (($line =~ /$target /) or ($line =~ /\[$target\]:$port /))
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
{
# We already know this machine (or rather, we already have a fingerprint for
# this machine).
$known_machine = 1;
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, secure => 0, list => { known_machine => $known_machine }});
}
}
# If we know of this machine and we've been asked to remove it, do so.
if (($delete_if_found) && ($known_machine))
{
### NOTE: It appears the port is not needed.
# If we have a non-digit user, run this through 'su.
my $shell_call = $anvil->data->{path}{exe}{'ssh-keygen'}." -R ".$target;
if (($user) && ($user =~ /\D/))
{
$shell_call = $anvil->data->{path}{exe}{su}." - ".$user." -c '".$anvil->data->{path}{exe}{'ssh-keygen'}." -R ".$target."'";
}
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, secure => 0, list => { shell_call => $shell_call }});
* Fixed a few bugs with how rsync is handled, specifically in the rsync wrapper script. * Fixed a bug with handling ssh fingerprints (and removed comments going to the known_hosts file). * Added more nested debug parameter passing when methods call other methods (though more work is needed to catch up) Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
my $output = $anvil->System->call({debug => $debug, shell_call => $shell_call});
* Created the new Remote module, and in it, moved System->remote_call to Remote->call() and created the new add_target_to_known_hosts() method (and two private helper methods). These are adapted from the m2 code. * Updated Storage->read_file and Storage->write_file to support reading and writing on remote systems (untested though) * Created System->change_shell_user_password() that changes a shell user's password by manually generating an sha512 salted hash of the given password and uses the resulting hash to modify the target user's password, so the password should never be visible in the process list. Works on both local and remote systems, though it still needs testing. * Created Storage->rsync() to handle moving files between the local and a remote system. Signed-off-by: Digimer <digimer@alteeve.ca>
7 years ago
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => { output => $output }});
foreach my $line (split/\n/, $output)
{
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => { line => $line }});
}
# Mark the machine as no longer known.
$known_machine = 0;
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, secure => 0, list => { known_machine => $known_machine }});
}
return($known_machine);
}
1;