public inbox for cluster-cvs@sourceware.org help / color / mirror / Atom feed
From: mgrac@sourceware.org To: cluster-cvs@sources.redhat.com, cluster-devel@redhat.com Subject: Cluster Project branch, master, updated. cluster-2.99.05-39-g9e40fc5 Date: Wed, 02 Jul 2008 15:03:00 -0000 [thread overview] Message-ID: <20080702150319.31162.qmail@sourceware.org> (raw) This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "Cluster Project". http://sources.redhat.com/git/gitweb.cgi?p=cluster.git;a=commitdiff;h=9e40fc5f3e25a47eb469fd8e89874d28f755cd86 The branch, master has been updated via 9e40fc5f3e25a47eb469fd8e89874d28f755cd86 (commit) from 09ebbf80661e441b3bf9c8e9ac613dd2b136831a (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 9e40fc5f3e25a47eb469fd8e89874d28f755cd86 Author: Marek 'marx' Grac <mgrac@redhat.com> Date: Wed Jul 2 15:55:48 2008 +0200 [FENCE] Bug #448822: fence_ilo doesn't work with iLO New fencing agent for iLO used ssh/telnet to connect, but unfortutely there is a problem with power off. This is why we need to use SSL connection and RIBCL commands. As there is no (?) telnet with ssl connection in RHEL we need one to be able to use same infrastructure as in other agents. This agent was not tested with RIBCL version < 2.0 (these part where just ported from the old perl fencing agent) @todo: we have to put telnet_ssl.py somewhere, I'm not sure where ----------------------------------------------------------------------- Summary of changes: fence/agents/ilo/fence_ilo.py | 99 +++++++++++++++++++++++++--------------- fence/agents/lib/fencing.py.py | 10 ++++- fence/agents/lib/telnet_ssl.py | 66 ++++++++++++++++++++++++++ 3 files changed, 137 insertions(+), 38 deletions(-) mode change 100644 => 100755 fence/agents/ilo/fence_ilo.py create mode 100755 fence/agents/lib/telnet_ssl.py diff --git a/fence/agents/ilo/fence_ilo.py b/fence/agents/ilo/fence_ilo.py old mode 100644 new mode 100755 index 60c4f56..e050ea8 --- a/fence/agents/ilo/fence_ilo.py +++ b/fence/agents/ilo/fence_ilo.py @@ -4,16 +4,17 @@ ## ## The Following Agent Has Been Tested On: ## -## iLO Version +## iLO Version ## +---------------------------------------------+ -## iLO Advanced 1.91 -## -## @note: We can't use conn.sendline because we need to send CR/LF +## iLO / firmware 1.91 / RIBCL 2.22 +## iLO2 / firmware 1.22 / RIBCL 2.22 +## iLO2 / firmware 1.50 / RIBCL 2.22 ##### -import sys, re, pexpect +import sys, re, pexpect, socket sys.path.append("@FENCEAGENTSLIBDIR@") from fencing import * +from OpenSSL import SSL #BEGIN_VERSION_GENERATION RELEASE_VERSION="New ILO Agent - test release on steroids" @@ -22,55 +23,79 @@ BUILD_DATE="March, 2008" #END_VERSION_GENERATION def get_power_status(conn, options): - try: - conn.send("POWER\r\n") - conn.log_expect(options, options["-c"], SHELL_TIMEOUT) - except pexpect.EOF: - fail(EC_CONNECTION_LOST) - except pexpect.TIMEOUT: - fail(EC_TIMED_OUT) - - status = re.compile("server power is currently: (.*)", re.IGNORECASE).search(conn.before).group(1) + conn.send("<LOGIN USER_LOGIN = \"" + options["-l"] + "\"" + \ + " PASSWORD = \"" + options["-p"] + "\">\r\n") + conn.send("<SERVER_INFO MODE = \"read\"><GET_HOST_POWER_STATUS/>\r\n") + conn.send("</SERVER_INFO></LOGIN>\r\n") + conn.log_expect(options, "HOST_POWER=\"(.*?)\"", POWER_TIMEOUT) + + status = conn.match.group(1) return status.lower().strip() def set_power_status(conn, options): - action = { - 'on' : "powerup", - 'off': "powerdown" - }[options["-o"]] + conn.send("<LOGIN USER_LOGIN = \"" + options["-l"] + "\"" + \ + " PASSWORD = \"" + options["-p"] + "\">\r\n") + conn.send("<SERVER_INFO MODE = \"write\">") - try: - conn.send("power " + options["-o"] + "\r\n") - conn.log_expect(options, options["-c"], POWER_TIMEOUT) - except pexpect.EOF: - fail(EC_CONNECTION_LOST) - except pexpect.TIMEOUT: - fail(EC_TIMED_OUT) + if options.has_key("fw_processor") and options["fw_processor"] == "iLO2": + if options["fw_version"] > 1.29: + conn.send("<HOLD_PWR_BTN TOGGLE=\"yes\" />\r\n") + else: + conn.send("<HOLD_PWR_BTN />\r\n") + elif options["-r"] < 2.21: + conn.send("<SET_HOST_POWER HOST_POWER = \"" + options["-o"] + "\" />\r\n") + else: + if options["-o"] == "off": + conn.send("<HOLD_PWR_BTN/>\r\n") + else: + conn.send("<PRESS_PWR_BTN/>\r\n") + conn.send("</SERVER_INFO></LOGIN>\r\n") + + return def main(): device_opt = [ "help", "version", "agent", "quiet", "verbose", "debug", "action", "ipaddr", "login", "passwd", "passwd_script", - "secure", "ribcl" ] + "ssl", "ribcl" ] options = check_input(device_opt, process_input(device_opt)) - ## - ## Fence agent specific defaults - ##### - if 0 == options.has_key("-c"): - options["-c"] = "</>hpiLO->" + options["-z"] = 1 + LOGIN_TIMEOUT = 10 ## - ## Operate the fencing device + ## Login and get version number #### conn = fence_login(options) - fence_action(conn, options, set_power_status, get_power_status) + try: + conn.send("<?xml version=\"1.0\"?>\r\n") + conn.log_expect(options, [ "</RIBCL>", "<END_RIBCL/>" ], LOGIN_TIMEOUT) + version = re.compile("<RIBCL VERSION=\"(.*?)\"", re.IGNORECASE).search(conn.before).group(1) + if options.has_key("-r") == 0: + options["-r"] = float(version) + + if options["-r"] >= 2: + conn.send("<RIBCL VERSION=\"2.0\">\r\n") + else: + conn.send("<RIBCL VERSION=\"1.2\">\r\n") + + conn.send("<LOGIN USER_LOGIN = \"" + options["-l"] + "\"" + \ + " PASSWORD = \"" + options["-p"] + "\">\r\n") + if options["-r"] >= 2: + conn.send("<RIB_INFO MODE=\"read\"><GET_FW_VERSION />\r\n") + conn.send("</RIB_INFO>\r\n") + conn.log_expect(options, "<GET_FW_VERSION\s*\n", SHELL_TIMEOUT) + conn.log_expect(options, "/>", SHELL_TIMEOUT) + options["fw_version"] = float(re.compile("FIRMWARE_VERSION\s*=\s*\"(.*?)\"", re.IGNORECASE).search(conn.before).group(1)) + options["fw_processor"] = re.compile("MANAGEMENT_PROCESSOR\s*=\s*\"(.*?)\"", re.IGNORECASE).search(conn.before).group(1) + conn.send("</LOGIN>\r\n") + except pexpect.TIMEOUT: + fail(EC_LOGIN_DENIED) ## - ## Logout from system - ###### - conn.send("quit\r\n") - conn.close() + ## Fence operations + #### + fence_action(conn, options, set_power_status, get_power_status) if __name__ == "__main__": main() diff --git a/fence/agents/lib/fencing.py.py b/fence/agents/lib/fencing.py.py index 581134b..0b4918c 100644 --- a/fence/agents/lib/fencing.py.py +++ b/fence/agents/lib/fencing.py.py @@ -27,6 +27,7 @@ EC_WAITING_OFF = 7 TELNET_PATH = "/usr/bin/telnet" SSH_PATH = "/usr/bin/ssh" +SSL_PATH = "/sbin/telnet_ssl.py" all_opt = { "help" : { @@ -101,6 +102,10 @@ all_opt = { "getopt" : "x", "help" : "-x Use ssh connection", "order" : 1 }, + "ssl" : { + "getopt" : "z", + "help" : "-z Use ssl connection", + "order" : 1 }, "port" : { "getopt" : "n:", "help" : "-n <id> Physical plug number on device", @@ -350,7 +355,10 @@ def fence_login(options): re_login = re.compile("(login: )|(Login Name: )|(username: )|(User Name :)", re.IGNORECASE) re_pass = re.compile("password", re.IGNORECASE) - if options.has_key("-x") and 0 == options.has_key("-k"): + if options.has_key("-z"): + command = '%s %s %s' % (SSL_PATH, options["-a"], "443") + conn = fspawn(command) + elif options.has_key("-x") and 0 == options.has_key("-k"): command = '%s %s@%s' % (SSH_PATH, options["-l"], options["-a"]) if options.has_key("ssh_options"): command += ' ' + options["ssh_options"] diff --git a/fence/agents/lib/telnet_ssl.py b/fence/agents/lib/telnet_ssl.py new file mode 100755 index 0000000..8c0c008 --- /dev/null +++ b/fence/agents/lib/telnet_ssl.py @@ -0,0 +1,66 @@ +#!/usr/bin/python + +##### +## simple telnet client with SSL support +## +## ./telnet_ssl.py host port +##### + +import sys, socket, string, fcntl, os , time +from OpenSSL import SSL + +def main(): + hostname = None + port = None + + if (len(sys.argv) != 3): + print "Error: You have to enter hostname and port number\n" + sys.exit(-1) + + hostname = sys.argv[1] + port = int(sys.argv[2]) + + try: + s = socket.socket (socket.AF_INET, socket.SOCK_STREAM) + s.connect((hostname,port)) + ctx = SSL.Context(SSL.SSLv23_METHOD) + conn = SSL.Connection(ctx, s) + conn.set_connect_state() + except socket.error, e: + print "Error: Unable to connect to %s:%s %s" % (hostname, port, str(e)) + sys.exit(-1) + + fcntl.fcntl(sys.stdin, fcntl.F_SETFL, os.O_NONBLOCK) + s.settimeout(0) + + while 1: + try: + write_buff = sys.stdin.readline() + if (len(write_buff) > 0): + write_buff = string.rstrip(write_buff) + i = 10 + while i > 0: + i = i-1 + try: + conn.send(write_buff + "\r\n") + i = -1 + except SSL.WantReadError: + ## We have to wait for connect, mostly just for first time + time.sleep(1) + if i == 0: + sys.exit(-2) + except IOError: + 1 + + try: + read_buff = conn.recv(4096) + print read_buff + sys.stdout.flush() + except SSL.WantReadError: + 1 + except SSL.ZeroReturnError: + break + + +if __name__ == "__main__": + main() hooks/post-receive -- Cluster Project
reply other threads:[~2008-07-02 15:03 UTC|newest] Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20080702150319.31162.qmail@sourceware.org \ --to=mgrac@sourceware.org \ --cc=cluster-cvs@sources.redhat.com \ --cc=cluster-devel@redhat.com \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).