[Cluster-devel] Cluster Project branch, master, updated. cluster-2.99.05-39-g9e40fc5

mgrac at sourceware.org mgrac at sourceware.org
Wed Jul 2 15:03:19 UTC 2008 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "Cluster Project".

http://sources.redhat.com/git/gitweb.cgi?p=cluster.git;a=commitdiff;h=9e40fc5f3e25a47eb469fd8e89874d28f755cd86

The branch, master has been updated
       via  9e40fc5f3e25a47eb469fd8e89874d28f755cd86 (commit)
      from  09ebbf80661e441b3bf9c8e9ac613dd2b136831a (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 9e40fc5f3e25a47eb469fd8e89874d28f755cd86
Author: Marek 'marx' Grac <mgrac at redhat.com>
Date:   Wed Jul 2 15:55:48 2008 +0200

    [FENCE] Bug #448822: fence_ilo doesn't work with iLO
    
    New fencing agent for iLO used ssh/telnet to connect, but unfortutely
    there is a problem with power off. This is why we need to use SSL connection
    and RIBCL commands. As there is no (?) telnet with ssl connection in RHEL we
    need one to be able to use same infrastructure as in other agents. This agent
    was not tested with RIBCL version < 2.0 (these part where just ported from the
    old perl fencing agent)
    
    @todo: we have to put telnet_ssl.py somewhere, I'm not sure where

-----------------------------------------------------------------------

Summary of changes:
 fence/agents/ilo/fence_ilo.py  |   99 +++++++++++++++++++++++++---------------
 fence/agents/lib/fencing.py.py |   10 ++++-
 fence/agents/lib/telnet_ssl.py |   66 ++++++++++++++++++++++++++
 3 files changed, 137 insertions(+), 38 deletions(-)
 mode change 100644 => 100755 fence/agents/ilo/fence_ilo.py
 create mode 100755 fence/agents/lib/telnet_ssl.py

diff --git a/fence/agents/ilo/fence_ilo.py b/fence/agents/ilo/fence_ilo.py
old mode 100644
new mode 100755
index 60c4f56..e050ea8
--- a/fence/agents/ilo/fence_ilo.py
+++ b/fence/agents/ilo/fence_ilo.py
@@ -4,16 +4,17 @@
 ##
 ## The Following Agent Has Been Tested On:
 ##
-##  iLO Version       
+##  iLO Version
 ## +---------------------------------------------+
-##  iLO Advanced 1.91 
-##
-## @note: We can't use conn.sendline because we need to send CR/LF
+##  iLO  / firmware 1.91 / RIBCL 2.22
+##  iLO2 / firmware 1.22 / RIBCL 2.22 
+##  iLO2 / firmware 1.50 / RIBCL 2.22
 #####
 
-import sys, re, pexpect
+import sys, re, pexpect, socket
 sys.path.append("@FENCEAGENTSLIBDIR@")
 from fencing import *
+from OpenSSL import SSL
 
 #BEGIN_VERSION_GENERATION
 RELEASE_VERSION="New ILO Agent - test release on steroids"
@@ -22,55 +23,79 @@ BUILD_DATE="March, 2008"
 #END_VERSION_GENERATION
 
 def get_power_status(conn, options):
-	try:
-		conn.send("POWER\r\n")
-		conn.log_expect(options, options["-c"], SHELL_TIMEOUT)
-	except pexpect.EOF:
-		fail(EC_CONNECTION_LOST)
-	except pexpect.TIMEOUT:
-		fail(EC_TIMED_OUT)
-				
-	status = re.compile("server power is currently: (.*)", re.IGNORECASE).search(conn.before).group(1)
+	conn.send("<LOGIN USER_LOGIN = \"" + options["-l"] + "\"" + \
+		" PASSWORD = \"" + options["-p"] + "\">\r\n")
+	conn.send("<SERVER_INFO MODE = \"read\"><GET_HOST_POWER_STATUS/>\r\n")
+	conn.send("</SERVER_INFO></LOGIN>\r\n")
+	conn.log_expect(options, "HOST_POWER=\"(.*?)\"", POWER_TIMEOUT)
+
+	status = conn.match.group(1)
 	return status.lower().strip()
 
 def set_power_status(conn, options):
-	action = {
-		'on' : "powerup",
-		'off': "powerdown"
-	}[options["-o"]]
+	conn.send("<LOGIN USER_LOGIN = \"" + options["-l"] + "\"" + \
+		" PASSWORD = \"" + options["-p"] + "\">\r\n")
+	conn.send("<SERVER_INFO MODE = \"write\">")
 
-	try:
-		conn.send("power " + options["-o"] + "\r\n")
-		conn.log_expect(options, options["-c"], POWER_TIMEOUT)
-	except pexpect.EOF:
-		fail(EC_CONNECTION_LOST)
-	except pexpect.TIMEOUT:
-		fail(EC_TIMED_OUT)
+	if options.has_key("fw_processor") and options["fw_processor"] == "iLO2":
+		if options["fw_version"] > 1.29:
+			conn.send("<HOLD_PWR_BTN TOGGLE=\"yes\" />\r\n")
+		else:
+			conn.send("<HOLD_PWR_BTN />\r\n")
+	elif options["-r"] < 2.21:
+		conn.send("<SET_HOST_POWER HOST_POWER = \"" + options["-o"] + "\" />\r\n")
+	else:
+		if options["-o"] == "off":
+			conn.send("<HOLD_PWR_BTN/>\r\n")
+		else:
+			conn.send("<PRESS_PWR_BTN/>\r\n")
+	conn.send("</SERVER_INFO></LOGIN>\r\n")
+
+	return
 
 def main():
 	device_opt = [  "help", "version", "agent", "quiet", "verbose", "debug",
 			"action", "ipaddr", "login", "passwd", "passwd_script",
-			"secure", "ribcl" ]
+			"ssl", "ribcl" ]
 
 	options = check_input(device_opt, process_input(device_opt))
 
-	## 
-	## Fence agent specific defaults
-	#####
-	if 0 == options.has_key("-c"):
-		options["-c"] = "</>hpiLO->"
+	options["-z"] = 1
+	LOGIN_TIMEOUT = 10
 
 	##
-	## Operate the fencing device
+	## Login and get version number
 	####
 	conn = fence_login(options)
-	fence_action(conn, options, set_power_status, get_power_status)
+	try:
+		conn.send("<?xml version=\"1.0\"?>\r\n")
+		conn.log_expect(options, [ "</RIBCL>", "<END_RIBCL/>" ], LOGIN_TIMEOUT)
+		version = re.compile("<RIBCL VERSION=\"(.*?)\"", re.IGNORECASE).search(conn.before).group(1)
+		if options.has_key("-r") == 0:
+			options["-r"] = float(version)
+
+		if options["-r"] >= 2:
+			conn.send("<RIBCL VERSION=\"2.0\">\r\n")
+		else:
+			conn.send("<RIBCL VERSION=\"1.2\">\r\n")
+
+		conn.send("<LOGIN USER_LOGIN = \"" + options["-l"] + "\"" + \
+			" PASSWORD = \"" + options["-p"] + "\">\r\n")
+		if options["-r"] >= 2:
+			conn.send("<RIB_INFO MODE=\"read\"><GET_FW_VERSION />\r\n")
+			conn.send("</RIB_INFO>\r\n")
+			conn.log_expect(options, "<GET_FW_VERSION\s*\n", SHELL_TIMEOUT)
+			conn.log_expect(options, "/>", SHELL_TIMEOUT)
+			options["fw_version"] = float(re.compile("FIRMWARE_VERSION\s*=\s*\"(.*?)\"", re.IGNORECASE).search(conn.before).group(1))
+			options["fw_processor"] = re.compile("MANAGEMENT_PROCESSOR\s*=\s*\"(.*?)\"", re.IGNORECASE).search(conn.before).group(1)
+		conn.send("</LOGIN>\r\n")
+	except pexpect.TIMEOUT:
+		fail(EC_LOGIN_DENIED)
 
 	##
-	## Logout from system
-	######
-	conn.send("quit\r\n")
-	conn.close()
+	## Fence operations
+	####
+	fence_action(conn, options, set_power_status, get_power_status)
 
 if __name__ == "__main__":
 	main()
diff --git a/fence/agents/lib/fencing.py.py b/fence/agents/lib/fencing.py.py
index 581134b..0b4918c 100644
--- a/fence/agents/lib/fencing.py.py
+++ b/fence/agents/lib/fencing.py.py
@@ -27,6 +27,7 @@ EC_WAITING_OFF     = 7
 
 TELNET_PATH = "/usr/bin/telnet"
 SSH_PATH    = "/usr/bin/ssh"
+SSL_PATH    = "/sbin/telnet_ssl.py"
 
 all_opt = {
 	"help"    : {
@@ -101,6 +102,10 @@ all_opt = {
 		"getopt" : "x",
 		"help" : "-x             Use ssh connection",
 		"order" : 1 },
+	"ssl" : {
+		"getopt" : "z",
+		"help" : "-z             Use ssl connection",
+		"order" : 1 },
 	"port" : {
 		"getopt" : "n:",
 		"help" : "-n <id>        Physical plug number on device",
@@ -350,7 +355,10 @@ def fence_login(options):
 		re_login = re.compile("(login: )|(Login Name:  )|(username: )|(User Name :)", re.IGNORECASE)
 		re_pass  = re.compile("password", re.IGNORECASE)
 
-		if options.has_key("-x") and 0 == options.has_key("-k"):
+		if options.has_key("-z"):
+			command = '%s %s %s' % (SSL_PATH, options["-a"], "443")
+			conn = fspawn(command)
+		elif options.has_key("-x") and 0 == options.has_key("-k"):
 			command = '%s %s@%s' % (SSH_PATH, options["-l"], options["-a"])
 			if options.has_key("ssh_options"):
 				command += ' ' + options["ssh_options"]
diff --git a/fence/agents/lib/telnet_ssl.py b/fence/agents/lib/telnet_ssl.py
new file mode 100755
index 0000000..8c0c008
--- /dev/null
+++ b/fence/agents/lib/telnet_ssl.py
@@ -0,0 +1,66 @@
+#!/usr/bin/python
+
+#####
+## simple telnet client with SSL support 
+##
+## ./telnet_ssl.py host port
+#####
+
+import sys, socket, string, fcntl, os , time
+from OpenSSL import SSL
+
+def main():
+	hostname = None
+	port = None
+
+	if (len(sys.argv) != 3):
+		print "Error: You have to enter hostname and port number\n"
+		sys.exit(-1)
+
+	hostname = sys.argv[1]
+	port = int(sys.argv[2])
+
+	try:
+		s = socket.socket (socket.AF_INET, socket.SOCK_STREAM)
+		s.connect((hostname,port))
+		ctx = SSL.Context(SSL.SSLv23_METHOD)
+		conn = SSL.Connection(ctx, s)
+		conn.set_connect_state()
+	except socket.error, e:
+		print "Error: Unable to connect to %s:%s %s" % (hostname, port, str(e))
+		sys.exit(-1)
+
+	fcntl.fcntl(sys.stdin, fcntl.F_SETFL, os.O_NONBLOCK) 
+	s.settimeout(0)
+
+	while 1:
+		try:
+			write_buff = sys.stdin.readline()
+			if (len(write_buff) > 0):
+				write_buff = string.rstrip(write_buff)
+				i = 10
+				while i > 0:
+					i = i-1
+					try:
+						conn.send(write_buff + "\r\n")
+						i = -1
+					except SSL.WantReadError:
+						## We have to wait for connect, mostly just for first time
+						time.sleep(1)
+				if i == 0:
+					sys.exit(-2)
+		except IOError:
+			1
+
+		try:
+			read_buff = conn.recv(4096)
+			print read_buff
+			sys.stdout.flush()
+		except SSL.WantReadError:
+			1
+		except SSL.ZeroReturnError:
+			break
+
+
+if __name__ == "__main__":
+	main()


hooks/post-receive
--
Cluster Project

More information about the Cluster-devel mailing list