* Added multiple new private methods to Network that help in managing the firewall.
* Updated Server->boot_server to manage the firewall after the server boots. Updated ->migrate_server to create a job, if a database connection exists, for the migration target to update it's firewall as soon after the server appears as possible.
* Updated ocf:server:alteeve to manage the firewall when called post-migration, in case there was no DB connection and the job above didn't run. Fixed a bug where the disk state wasn't being evaluated properly.
* Updated scan-server to check that the firewall is managed when a server state has changed.
* Updated anvil-daemon to run Network->manage_firewall on startup.
* Heavily reworked 'anvil-manage-server' to either just run 'Network->manage_firewall', or if passed '--server X', to wait for the server to appear for up to 1 minute, then to check that the firewall is managed (to capture servers being migrated to the host.)
* Removed firewall management from striker-prep-database.
Signed-off-by: Digimer <digimer@alteeve.ca>
* Created 'Cluster->which_node' that returns 'node1' or 'node2' to indicate which node a host is.
* Continued working on scan_cluster; decided to make it not host-dependent.
Signed-off-by: Digimer <digimer@alteeve.ca>
* Updated 'variables' -> 'variable_source_uuid' to type 'uuid' and removed the 'not null' constraint.
* Updated Database->insert_or_update_variables() to check/update 'variables_source_table' and 'variables_source_uuid'.
* Created the 'trusts' database table which will, when done, tell anvil-daemon which users@machines to trust (setup passwordkess SSH).
* Created (but not finished) System->manage_authorized_keys() and moved the logic over to it from anvil-daemon.
* Changed the host types "dashboard" to "striker".
* Moved the following methods from 'System' to 'Get';
** System->get_host_type to Get->host_type
** System->get_bridges to Get->bridges
** System->get_free_memory to Get->free_memory
** System->get_os_type to Get->os_type
** System->get_uptime to Get->uptime
* Updated striker to include the host_uuid for the 'node1', 'node2' and (if chosen) 'dr1' when running a job manifest.
Signed-off-by: Digimer <digimer@alteeve.ca>
* Created System->disable_daemon.
* Fixed a bug in Database->insert_or_update_bonds() where the bridge_uuid was an empty string instead of NULL.
Signed-off-by: Digimer <digimer@alteeve.ca>
* Created Tools->refresh to reload anvil.conf in one call.
* Created Anvil::Tools::Network to hold network-related tasks.
** Created Network->is_remote() that tests to see if a string (containing a target) refers to the remote machine (versus a local machine). Updated all previous checks to use this new method.
** Moved Get->network_details() and Get->network() to the new Network module. Renamed Get->network() to Network->get_network().
** Made Network->get_ips() work locally and remotely.
** Created Network->find_matches() that compares two scanned machines IPs (via two previous calls to Network->get_ips())
* Created Database->manage_anvil_conf() that will add, update or remove a given database connection in a local or remote anvil.conf file.
* Fixed bugs in Storage->backup() where the bash calls were quite broken. I'm not sure how it ever worked before... x_x
* Updated anvil-daemon to not initialize a database unless it's running on dashboard. Also added a check at the startup of anvil-daemon where it will go into a loop waiting for a database to become available, re-reading anvil.conf each loop.
Signed-off-by: Digimer <digimer@alteeve.ca>
* Switched the icons for prep'ing a node or DR host and building an Anvil!.
* Started work on the node/dr host initial setup webUI.
Signed-off-by: Digimer <digimer@alteeve.ca>
* Moved firewall.txt out of the templates directory and into the tools directory so that it is accessible on nodes and DR hosts (which don't get the apache files).
Signed-off-by: Digimer <digimer@alteeve.ca>
* Disabled deletion of unneeded zones.
* Updated the default BCN/SN IPs generated in striker to follow the new schema.
Firewall work continues.
Signed-off-by: Digimer <digimer@alteeve.ca>
* Added a 'test' parameter to Log->entry, Storage->make_directory and Words->key to help debug in places that Log->x may not be usable.
* Converted many $anvil->Log->x calls to print if $test to help prevent recursive loops, but not all fixed yet.
* Added the new 'host_keys' database table to the schema for a possible new feature of removing passwords in favour if machines adding peers' public keys to their authorized_hosts file.
* Cleaned up the opening calls to $anvil->Tools->new() in most tools.
* Cleaned up some variables in tools/anvil-update-states after reading their values from files (clean trailing newlines).
Signed-off-by: Digimer <digimer@alteeve.ca>
* Fixed a bug in the PXE default config path to install.img.
* Added tftp to the BCN firewall template.
* Fixed a bug in anvil-daemon / striker-manage-install-target where config files weren't being updated regularly (only when repo updates happened).
* Removed an RPM from striker-manage-install-target that is no longer available on F28.
Signed-off-by: Digimer <digimer@alteeve.ca>
* Updated Log->entry() to accept 'print => [0|1]' to send a log message to STDOUT (minus prefix) to avoid tools that were repeatedly calling print and Log->entry back to back.
Signed-off-by: Digimer <digimer@alteeve.ca>
* Updated System->get_ips() to read and parse the interface config file and ignore 'lo'.
* Started working on striker-manage-install-target again.
Signed-off-by: Digimer <digimer@alteeve.ca>
* Added 'sys::database::failed_connection_log_level' to allow silencing of log messages when a Striker peer database is not available.
* Started updating the .spec for the new release to add supported packages needed for PXE/dhcp/tftpboot.
* Added to repo tftpboot files as pulling them out of the packages and moving them into the right place relative to the modest size of adding them directly to our source wasn't justified.
* Created the still very very early 'tools/anvil-manage-firewall' tool.
Signed-off-by: Digimer <digimer@alteeve.ca>
