From 66332ac5d43a5c0f7fdff277371d023a0d6a4aa2 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Apr 28 2020 09:32:29 +0000 Subject: import fence-agents-4.2.1-41.el8 --- diff --git a/SOURCES/bz1732766-fence_aliyun-1-add-RAM-role.patch b/SOURCES/bz1732766-fence_aliyun-1-add-RAM-role.patch new file mode 100644 index 0000000..fd636fa --- /dev/null +++ b/SOURCES/bz1732766-fence_aliyun-1-add-RAM-role.patch @@ -0,0 +1,152 @@ +From 31548d184c977521dad5e6320c7a74ed732c19bb Mon Sep 17 00:00:00 2001 +From: dongchen126 <51401223+dongchen126@users.noreply.github.com> +Date: Thu, 11 Jul 2019 14:05:58 +0800 +Subject: [PATCH 1/4] Update fence_aliyun.py + +1.Import region provider to enable Alibaba cloud private zone functionality which support API endpoint access from intranet +2.Add ram role functionality to improve security which disable AccessKey ID and Access Key Secret +--- + agents/aliyun/fence_aliyun.py | 28 +++++++++++++++++++++------- + 1 file changed, 21 insertions(+), 7 deletions(-) + +diff --git a/agents/aliyun/fence_aliyun.py b/agents/aliyun/fence_aliyun.py +index d780e2ab..aea1ea8f 100644 +--- a/agents/aliyun/fence_aliyun.py ++++ b/agents/aliyun/fence_aliyun.py +@@ -15,6 +15,7 @@ + from aliyunsdkecs.request.v20140526.StartInstanceRequest import StartInstanceRequest + from aliyunsdkecs.request.v20140526.StopInstanceRequest import StopInstanceRequest + from aliyunsdkecs.request.v20140526.RebootInstanceRequest import RebootInstanceRequest ++ from aliyunsdkcore.profile import region_provider + except ImportError: + pass + +@@ -121,12 +122,20 @@ def define_new_opts(): + "required" : "0", + "order" : 4 + } ++ all_opt["ram_role"] = { ++ "getopt": "m:", ++ "longopt": "ram-role", ++ "help": "-m, --ram-role=[name] Ram Role", ++ "shortdesc": "Ram Role.", ++ "required": "0", ++ "order": 5 ++ } + + # Main agent method + def main(): + conn = None + +- device_opt = ["port", "no_password", "region", "access_key", "secret_key"] ++ device_opt = ["port", "no_password", "region", "access_key", "secret_key", "ram_role"] + + atexit.register(atexit_handler) + +@@ -144,13 +153,18 @@ def main(): + + run_delay(options) + +- if "--region" in options and "--access-key" in options and "--secret-key" in options: ++ if "--region" in options: + region = options["--region"] +- access_key = options["--access-key"] +- secret_key = options["--secret-key"] +- conn = client.AcsClient(access_key, secret_key, region) +- +- ++ if "--access-key" in options and "--secret-key" in options: ++ access_key = options["--access-key"] ++ secret_key = options["--secret-key"] ++ conn = client.AcsClient(access_key, secret_key, region) ++ elif "--ram-role" in options: ++ ram_role = options["--ram-role"] ++ role = EcsRamRoleCredential(ram_role) ++ conn = client.AcsClient(region_id=region, credential=role) ++ region_provider.modify_point('Ecs', region, 'ecs.%s.aliyuncs.com' % region) ++ + # Operate the fencing device + result = fence_action(conn, options, set_power_status, get_power_status, get_nodes_list) + sys.exit(result) + +From 285d29d398bbf8f87da7acfde3f89f83b32fa586 Mon Sep 17 00:00:00 2001 +From: chen dong <51401223+dongchen126@users.noreply.github.com> +Date: Thu, 11 Jul 2019 15:30:10 +0800 +Subject: [PATCH 2/4] Update fence_aliyun.xml + +Add ram role for security +Add region provider for private zone functionality +--- + tests/data/metadata/fence_aliyun.xml | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/tests/data/metadata/fence_aliyun.xml b/tests/data/metadata/fence_aliyun.xml +index b41d82bf..eecd6f4e 100644 +--- a/tests/data/metadata/fence_aliyun.xml ++++ b/tests/data/metadata/fence_aliyun.xml +@@ -33,6 +33,11 @@ + + Secret Key. + ++ ++ ++ ++ Ram Role. ++ + + + + +From d4de57fdb94eeee483988584086c5690c8967f76 Mon Sep 17 00:00:00 2001 +From: chen dong <51401223+dongchen126@users.noreply.github.com> +Date: Wed, 24 Jul 2019 17:23:48 +0800 +Subject: [PATCH 3/4] Update fence_aliyun.py +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +delet paramater “m” +--- + agents/aliyun/fence_aliyun.py | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/agents/aliyun/fence_aliyun.py b/agents/aliyun/fence_aliyun.py +index aea1ea8f..3bc825fe 100644 +--- a/agents/aliyun/fence_aliyun.py ++++ b/agents/aliyun/fence_aliyun.py +@@ -123,9 +123,9 @@ def define_new_opts(): + "order" : 4 + } + all_opt["ram_role"] = { +- "getopt": "m:", ++ "getopt": ":", + "longopt": "ram-role", +- "help": "-m, --ram-role=[name] Ram Role", ++ "help": "--ram-role=[name] Ram Role", + "shortdesc": "Ram Role.", + "required": "0", + "order": 5 + +From 367c17ef4f44b6cce2d10f0a220b55b02d0d631e Mon Sep 17 00:00:00 2001 +From: chen dong <51401223+dongchen126@users.noreply.github.com> +Date: Wed, 24 Jul 2019 17:25:39 +0800 +Subject: [PATCH 4/4] Update fence_aliyun.xml + +delete "m" parameter +--- + tests/data/metadata/fence_aliyun.xml | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/tests/data/metadata/fence_aliyun.xml b/tests/data/metadata/fence_aliyun.xml +index eecd6f4e..2de3a8aa 100644 +--- a/tests/data/metadata/fence_aliyun.xml ++++ b/tests/data/metadata/fence_aliyun.xml +@@ -34,7 +34,7 @@ + Secret Key. + + +- ++ + + Ram Role. + diff --git a/SOURCES/bz1732766-fence_aliyun-2-import-EcsRamRoleCredential.patch b/SOURCES/bz1732766-fence_aliyun-2-import-EcsRamRoleCredential.patch new file mode 100644 index 0000000..db4416d --- /dev/null +++ b/SOURCES/bz1732766-fence_aliyun-2-import-EcsRamRoleCredential.patch @@ -0,0 +1,39 @@ +From b5f1bd2a257ce868b6845d77abdfc741c19d4d3e Mon Sep 17 00:00:00 2001 +From: chen dong <51401223+dongchen126@users.noreply.github.com> +Date: Thu, 11 Jul 2019 15:30:10 +0800 +Subject: [PATCH] Update fence_aliyun.xml +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Add ram role for security +Add region provider for private zone functionality + +Update fence_aliyun.py + +delet paramater “m” + +Update fence_aliyun.xml + +delete "m" parameter + +Update fence_aliyun.py + +add "EcsRamRoleCredential" class from aliyun SDK +--- + agents/aliyun/fence_aliyun.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/agents/aliyun/fence_aliyun.py b/agents/aliyun/fence_aliyun.py +index 3bc825fe..aa0b741d 100644 +--- a/agents/aliyun/fence_aliyun.py ++++ b/agents/aliyun/fence_aliyun.py +@@ -10,7 +10,7 @@ + + try: + from aliyunsdkcore import client +- ++ from aliyunsdkcore.auth.credentials import EcsRamRoleCredential + from aliyunsdkecs.request.v20140526.DescribeInstancesRequest import DescribeInstancesRequest + from aliyunsdkecs.request.v20140526.StartInstanceRequest import StartInstanceRequest + from aliyunsdkecs.request.v20140526.StopInstanceRequest import StopInstanceRequest diff --git a/SOURCES/bz1734811-fence_iloX_ssh-monitor-timeout-warning.patch b/SOURCES/bz1734811-fence_iloX_ssh-monitor-timeout-warning.patch new file mode 100644 index 0000000..ba26ed3 --- /dev/null +++ b/SOURCES/bz1734811-fence_iloX_ssh-monitor-timeout-warning.patch @@ -0,0 +1,25 @@ +From 7c1348d53aa8080f2fcfc344a2f4a2372739a62c Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Tue, 6 Aug 2019 13:06:13 +0200 +Subject: [PATCH] fence_ilo_ssh*: add timeout warning in metadata/manpage + +--- + agents/ilo_ssh/fence_ilo_ssh.py | 5 ++++- + 5 files changed, 16 insertions(+), 5 deletions(-) + +diff --git a/agents/ilo_ssh/fence_ilo_ssh.py b/agents/ilo_ssh/fence_ilo_ssh.py +index 88f13d17..a27e3418 100644 +--- a/agents/ilo_ssh/fence_ilo_ssh.py ++++ b/agents/ilo_ssh/fence_ilo_ssh.py +@@ -51,7 +51,10 @@ def main(): + docs = {} + docs["shortdesc"] = "Fence agent for HP iLO over SSH" + docs["longdesc"] = "fence_ilo_ssh is a fence agent that connects to iLO device. It logs into \ +-device via ssh and reboot a specified outlet. " ++device via ssh and reboot a specified outlet.\ ++\n.P\n\ ++WARNING: The monitor-action is prone to timeouts. Use the fence_ilo-equivalent \ ++to avoid this issue." + docs["vendorurl"] = "http://www.hp.com" + docs["symlink"] = [("fence_ilo3_ssh", "Fence agent for HP iLO3 over SSH"), + ("fence_ilo4_ssh", "Fence agent for HP iLO4 over SSH"), diff --git a/SOURCES/bz1751704-fence_mpath-fix-watchdog-trigger-multipath-disconnect.patch b/SOURCES/bz1751704-fence_mpath-fix-watchdog-trigger-multipath-disconnect.patch new file mode 100644 index 0000000..8c804c2 --- /dev/null +++ b/SOURCES/bz1751704-fence_mpath-fix-watchdog-trigger-multipath-disconnect.patch @@ -0,0 +1,40 @@ +From 2df8abf25eddc8da71c193ca29f6be51e66b02f0 Mon Sep 17 00:00:00 2001 +From: Hideo Yamauchi +Date: Thu, 12 Sep 2019 08:44:49 +0900 +Subject: [PATCH] High: mpath: Correction of failure detection behavior from + watchdog service. + +--- + agents/mpath/fence_mpath.py | 8 +++++--- + 1 file changed, 5 insertions(+), 3 deletions(-) + +diff --git a/agents/mpath/fence_mpath.py b/agents/mpath/fence_mpath.py +index e4f59836..b17388eb 100644 +--- a/agents/mpath/fence_mpath.py ++++ b/agents/mpath/fence_mpath.py +@@ -117,12 +117,14 @@ def get_reservation_key(options, dev): + match = re.search(r"\s+key\s*=\s*0x(\S+)\s+", out["out"], re.IGNORECASE) + return match.group(1) if match else None + +-def get_registration_keys(options, dev): ++def get_registration_keys(options, dev, fail=True): + keys = [] + cmd = options["--mpathpersist-path"] + " -i -k -d " + dev + out = run_cmd(options, cmd) + if out["err"]: +- fail_usage("Cannot get registration keys") ++ fail_usage("Cannot get registration keys", fail) ++ if not fail: ++ return [] + for line in out["out"].split("\n"): + match = re.search(r"\s+0x(\S+)\s*", line) + if match: +@@ -183,7 +185,7 @@ def mpath_check(hardreboot=False): + logging.error("No devices found") + return 0 + for dev, key in list(devs.items()): +- if key in get_registration_keys(options, dev): ++ if key in get_registration_keys(options, dev, fail=False): + logging.debug("key " + key + " registered with device " + dev) + return 0 + else: diff --git a/SOURCES/bz1753228-fence_mpath-1-add-plug-parameter-support.patch b/SOURCES/bz1753228-fence_mpath-1-add-plug-parameter-support.patch new file mode 100644 index 0000000..216f48c --- /dev/null +++ b/SOURCES/bz1753228-fence_mpath-1-add-plug-parameter-support.patch @@ -0,0 +1,197 @@ +From d866e11213ebeab8da280b41371a968ae12410bd Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Fri, 13 Sep 2019 12:48:46 +0200 +Subject: [PATCH] fence_mpath: use -n/--plug/port parameter to be able to use + pcmk_host_map + +--- + agents/mpath/fence_mpath.py | 63 +++++++++++++++++------------ + tests/data/metadata/fence_mpath.xml | 12 +++++- + 2 files changed, 49 insertions(+), 26 deletions(-) + +diff --git a/agents/mpath/fence_mpath.py b/agents/mpath/fence_mpath.py +index e4f59836..dfc5657b 100644 +--- a/agents/mpath/fence_mpath.py ++++ b/agents/mpath/fence_mpath.py +@@ -16,11 +16,11 @@ def get_status(conn, options): + status = "off" + for dev in options["devices"]: + is_block_device(dev) +- if options["--key"] in get_registration_keys(options, dev): ++ if options["--plug"] in get_registration_keys(options, dev): + status = "on" + else: + logging.debug("No registration for key "\ +- + options["--key"] + " on device " + dev + "\n") ++ + options["--plug"] + " on device " + dev + "\n") + + if options["--action"] == "monitor": + dev_read(options) +@@ -36,10 +36,10 @@ def set_status(conn, options): + is_block_device(dev) + + register_dev(options, dev) +- if options["--key"] not in get_registration_keys(options, dev): ++ if options["--plug"] not in get_registration_keys(options, dev): + count += 1 + logging.debug("Failed to register key "\ +- + options["--key"] + "on device " + dev + "\n") ++ + options["--plug"] + "on device " + dev + "\n") + continue + dev_write(options, dev) + +@@ -48,7 +48,7 @@ def set_status(conn, options): + and get_reservation_key(options, dev) is None: + count += 1 + logging.debug("Failed to create reservation (key="\ +- + options["--key"] + ", device=" + dev + ")\n") ++ + options["--plug"] + ", device=" + dev + ")\n") + + else: + dev_keys = dev_read(options) +@@ -56,14 +56,14 @@ def set_status(conn, options): + for dev in options["devices"]: + is_block_device(dev) + +- if options["--key"] in get_registration_keys(options, dev): ++ if options["--plug"] in get_registration_keys(options, dev): + preempt_abort(options, dev_keys[dev], dev) + + for dev in options["devices"]: +- if options["--key"] in get_registration_keys(options, dev): ++ if options["--plug"] in get_registration_keys(options, dev): + count += 1 + logging.debug("Failed to remove key "\ +- + options["--key"] + " on device " + dev + "\n") ++ + options["--plug"] + " on device " + dev + "\n") + continue + + if not get_reservation_key(options, dev): +@@ -97,16 +97,16 @@ def is_block_device(dev): + + # cancel registration + def preempt_abort(options, host, dev): +- cmd = options["--mpathpersist-path"] + " -o --preempt-abort --prout-type=5 --param-rk=" + host +" --param-sark=" + options["--key"] +" -d " + dev ++ cmd = options["--mpathpersist-path"] + " -o --preempt-abort --prout-type=5 --param-rk=" + host +" --param-sark=" + options["--plug"] +" -d " + dev + return not bool(run_cmd(options, cmd)["err"]) + + def register_dev(options, dev): +- cmd = options["--mpathpersist-path"] + " -o --register --param-sark=" + options["--key"] + " -d " + dev ++ cmd = options["--mpathpersist-path"] + " -o --register --param-sark=" + options["--plug"] + " -d " + dev + #cmd return code != 0 but registration can be successful + return not bool(run_cmd(options, cmd)["err"]) + + def reserve_dev(options, dev): +- cmd = options["--mpathpersist-path"] + " -o --reserv --prout-type=5 --param-rk=" + options["--key"] + " -d " + dev ++ cmd = options["--mpathpersist-path"] + " -o --reserv --prout-type=5 --param-rk=" + options["--plug"] + " -d " + dev + return not bool(run_cmd(options, cmd)["err"]) + + def get_reservation_key(options, dev): +@@ -141,7 +141,7 @@ def dev_write(options, dev): + fail_usage("Failed: Cannot open file \""+ file_path + "\"") + out = store_fh.read() + if not re.search(r"^" + dev + r"\s+", out): +- store_fh.write(dev + "\t" + options["--key"] + "\n") ++ store_fh.write(dev + "\t" + options["--plug"] + "\n") + store_fh.close() + + def dev_read(options, fail=True): +@@ -209,12 +209,9 @@ def define_new_opts(): + all_opt["key"] = { + "getopt" : "k:", + "longopt" : "key", +- "help" : "-k, --key=[key] Key to use for the current operation", +- "required" : "1", +- "shortdesc" : "Key to use for the current operation. This key should be \ +-unique to a node and have to be written in /etc/multipath.conf. For the \"on\" action, the key specifies the key use to \ +-register the local node. For the \"off\" action, this key specifies the key to \ +-be removed from the device(s).", ++ "help" : "-k, --key=[key] Replaced by -n, --plug", ++ "required" : "0", ++ "shortdesc" : "Replaced by -n, --plug", + "order": 1 + } + all_opt["mpathpersist_path"] = { +@@ -240,10 +237,18 @@ def main(): + atexit.register(atexit_handler) + + device_opt = ["no_login", "no_password", "devices", "key", "sudo", \ +- "fabric_fencing", "on_target", "store_path", "mpathpersist_path", "force_on"] ++ "fabric_fencing", "on_target", "store_path", \ ++ "mpathpersist_path", "force_on", "port", "no_port"] + + define_new_opts() + ++ all_opt["port"]["help"] = "Key to use for the current operation" ++ all_opt["port"]["shortdesc"] = "Key to use for the current operation. \ ++This key should be unique to a node and have to be written in \ ++/etc/multipath.conf. For the \"on\" action, the key specifies the key use to \ ++register the local node. For the \"off\" action, this key specifies the key to \ ++be removed from the device(s)." ++ + # fence_mpath_check + if os.path.basename(sys.argv[0]) == "fence_mpath_check": + sys.exit(mpath_check()) +@@ -252,6 +257,17 @@ def main(): + + options = check_input(device_opt, process_input(device_opt), other_conditions=True) + ++ # hack to remove list/list-status actions which are not supported ++ options["device_opt"] = [ o for o in options["device_opt"] if o != "separator" ] ++ ++ # workaround to avoid regressions ++ if "--key" in options: ++ options["--plug"] = options["--key"] ++ del options["--key"] ++ elif options["--action"] in ["off", "on", "reboot", "status"] \ ++ and "--plug" not in options: ++ fail_usage("Failed: You have to enter plug number or machine identification", stop) ++ + docs = {} + docs["shortdesc"] = "Fence agent for multipath persistent reservation" + docs["longdesc"] = "fence_mpath is an I/O fencing agent that uses SCSI-3 \ +@@ -271,16 +287,13 @@ def main(): + run_delay(options) + + # Input control BEGIN +- if not "--key" in options: +- fail_usage("Failed: key is required") +- + if options["--action"] == "validate-all": + sys.exit(0) + +- options["devices"] = options["--devices"].split(",") +- +- if not options["devices"]: ++ if not ("--devices" in options and options["--devices"]): + fail_usage("Failed: No devices found") ++ ++ options["devices"] = options["--devices"].split(",") + # Input control END + + result = fence_action(None, options, set_status, get_status) +diff --git a/tests/data/metadata/fence_mpath.xml b/tests/data/metadata/fence_mpath.xml +index bbe9ad2b..fe9378df 100644 +--- a/tests/data/metadata/fence_mpath.xml ++++ b/tests/data/metadata/fence_mpath.xml +@@ -14,9 +14,19 @@ The fence_mpath agent works by having a unique key for each node that has to be + + List of devices to use for current operation. Devices can be comma-separated list of device-mapper multipath devices (eg. /dev/mapper/3600508b400105df70000e00000ac0000 or /dev/mapper/mpath1). Each device must support SCSI-3 persistent reservations. + +- ++ + + ++ Replaced by -n, --plug ++ ++ ++ ++ ++ Key to use for the current operation. This key should be unique to a node and have to be written in /etc/multipath.conf. For the "on" action, the key specifies the key use to register the local node. For the "off" action, this key specifies the key to be removed from the device(s). ++ ++ ++ ++ + Key to use for the current operation. This key should be unique to a node and have to be written in /etc/multipath.conf. For the "on" action, the key specifies the key use to register the local node. For the "off" action, this key specifies the key to be removed from the device(s). + + diff --git a/SOURCES/bz1753228-fence_mpath-2-fix-plug-parameter-issues.patch b/SOURCES/bz1753228-fence_mpath-2-fix-plug-parameter-issues.patch new file mode 100644 index 0000000..d668e27 --- /dev/null +++ b/SOURCES/bz1753228-fence_mpath-2-fix-plug-parameter-issues.patch @@ -0,0 +1,73 @@ +From 868c494d17952eecc6736683c6df04aa9d3a3199 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Fri, 20 Sep 2019 12:06:55 +0200 +Subject: [PATCH] fence_mpath: fix fail_usage() issue and a couple of other + minor issues w/the newly added plug/port parameter + +--- + agents/mpath/fence_mpath.py | 12 +++++++----- + tests/data/metadata/fence_mpath.xml | 10 +++++----- + 2 files changed, 12 insertions(+), 10 deletions(-) + +diff --git a/agents/mpath/fence_mpath.py b/agents/mpath/fence_mpath.py +index 25aeb052..73517851 100644 +--- a/agents/mpath/fence_mpath.py ++++ b/agents/mpath/fence_mpath.py +@@ -213,7 +213,7 @@ def define_new_opts(): + "longopt" : "key", + "help" : "-k, --key=[key] Replaced by -n, --plug", + "required" : "0", +- "shortdesc" : "Replaced by -n, --plug", ++ "shortdesc" : "Replaced by port/-n/--plug", + "order": 1 + } + all_opt["mpathpersist_path"] = { +@@ -244,7 +244,8 @@ def main(): + + define_new_opts() + +- all_opt["port"]["help"] = "Key to use for the current operation" ++ all_opt["port"]["required"] = "0" ++ all_opt["port"]["help"] = "-n, --plug=[key] Key to use for the current operation" + all_opt["port"]["shortdesc"] = "Key to use for the current operation. \ + This key should be unique to a node and have to be written in \ + /etc/multipath.conf. For the \"on\" action, the key specifies the key use to \ +@@ -266,9 +267,10 @@ def main(): + if "--key" in options: + options["--plug"] = options["--key"] + del options["--key"] +- elif options["--action"] in ["off", "on", "reboot", "status"] \ +- and "--plug" not in options: +- fail_usage("Failed: You have to enter plug number or machine identification", stop) ++ elif "--help" not in options and options["--action"] in ["off", "on", \ ++ "reboot", "status", "validate-all"] and "--plug" not in options: ++ stop_after_error = False if options["--action"] == "validate-all" else True ++ fail_usage("Failed: You have to enter plug number or machine identification", stop_after_error) + + docs = {} + docs["shortdesc"] = "Fence agent for multipath persistent reservation" +diff --git a/tests/data/metadata/fence_mpath.xml b/tests/data/metadata/fence_mpath.xml +index fe9378df..f5e60823 100644 +--- a/tests/data/metadata/fence_mpath.xml ++++ b/tests/data/metadata/fence_mpath.xml +@@ -17,15 +17,15 @@ The fence_mpath agent works by having a unique key for each node that has to be + + + +- Replaced by -n, --plug ++ Replaced by port/-n/--plug + +- +- ++ ++ + + Key to use for the current operation. This key should be unique to a node and have to be written in /etc/multipath.conf. For the "on" action, the key specifies the key use to register the local node. For the "off" action, this key specifies the key to be removed from the device(s). + +- +- ++ ++ + + Key to use for the current operation. This key should be unique to a node and have to be written in /etc/multipath.conf. For the "on" action, the key specifies the key use to register the local node. For the "off" action, this key specifies the key to be removed from the device(s). + diff --git a/SOURCES/bz1760201-fence_compute-fence_evacuate-1-fix-region_name-type.patch b/SOURCES/bz1760201-fence_compute-fence_evacuate-1-fix-region_name-type.patch new file mode 100644 index 0000000..2d8ba1c --- /dev/null +++ b/SOURCES/bz1760201-fence_compute-fence_evacuate-1-fix-region_name-type.patch @@ -0,0 +1,66 @@ +From 32d2aa2cea22bb38fc3eeded1f6682daad097908 Mon Sep 17 00:00:00 2001 +From: Gauvain Pocentek +Date: Tue, 13 Aug 2019 20:11:21 +0200 +Subject: [PATCH] Fix argument parsing for region_name + +The region_name attribute for fence_compute and fence_evacuate is not a boolean +and should expect a string argument. +--- + agents/compute/fence_compute.py | 2 +- + agents/evacuate/fence_evacuate.py | 2 +- + tests/data/metadata/fence_compute.xml | 2 +- + tests/data/metadata/fence_evacuate.xml | 2 +- + 4 files changed, 4 insertions(+), 4 deletions(-) + +diff --git a/agents/compute/fence_compute.py b/agents/compute/fence_compute.py +index 0e6c8044..a94bdc46 100644 +--- a/agents/compute/fence_compute.py ++++ b/agents/compute/fence_compute.py +@@ -381,7 +381,7 @@ def define_new_opts(): + "order": 1, + } + all_opt["region_name"] = { +- "getopt" : "", ++ "getopt" : ":", + "longopt" : "region-name", + "help" : "--region-name=[region] Region Name", + "required" : "0", +diff --git a/agents/evacuate/fence_evacuate.py b/agents/evacuate/fence_evacuate.py +index 2b9af273..76e78b87 100644 +--- a/agents/evacuate/fence_evacuate.py ++++ b/agents/evacuate/fence_evacuate.py +@@ -318,7 +318,7 @@ def define_new_opts(): + "order": 1, + } + all_opt["region_name"] = { +- "getopt" : "", ++ "getopt" : ":", + "longopt" : "region-name", + "help" : "--region-name=[region] Region Name", + "required" : "0", +diff --git a/tests/data/metadata/fence_compute.xml b/tests/data/metadata/fence_compute.xml +index 1dcbfc54..abc276ca 100644 +--- a/tests/data/metadata/fence_compute.xml ++++ b/tests/data/metadata/fence_compute.xml +@@ -55,7 +55,7 @@ + + + +- ++ + Region Name + + +diff --git a/tests/data/metadata/fence_evacuate.xml b/tests/data/metadata/fence_evacuate.xml +index 4f1f6a58..7decb05c 100644 +--- a/tests/data/metadata/fence_evacuate.xml ++++ b/tests/data/metadata/fence_evacuate.xml +@@ -55,7 +55,7 @@ + + + +- ++ + Region Name + + diff --git a/SOURCES/bz1760201-fence_compute-fence_evacuate-2-fix-project-shortopt.patch b/SOURCES/bz1760201-fence_compute-fence_evacuate-2-fix-project-shortopt.patch new file mode 100644 index 0000000..1458956 --- /dev/null +++ b/SOURCES/bz1760201-fence_compute-fence_evacuate-2-fix-project-shortopt.patch @@ -0,0 +1,77 @@ +From 708d0a8e4e45d4f4a6bee67f0a9ebc0ff573e1ff Mon Sep 17 00:00:00 2001 +From: Kumabuchi Kenji +Date: Fri, 25 Oct 2019 16:34:40 +0900 +Subject: [PATCH] fix shortopt in fence-compute / fence_evacuate help messages + +Signed-off-by: Kumabuchi Kenji +--- + agents/compute/fence_compute.py | 2 +- + agents/evacuate/fence_evacuate.py | 2 +- + tests/data/metadata/fence_compute.xml | 4 ++-- + tests/data/metadata/fence_evacuate.xml | 4 ++-- + 4 files changed, 6 insertions(+), 6 deletions(-) + +diff --git a/agents/compute/fence_compute.py b/agents/compute/fence_compute.py +index c08a9dbe..d0e012e6 100644 +--- a/agents/compute/fence_compute.py ++++ b/agents/compute/fence_compute.py +@@ -365,7 +365,7 @@ def define_new_opts(): + all_opt["project-domain"] = { + "getopt" : "P:", + "longopt" : "project-domain", +- "help" : "-d, --project-domain=[name] Keystone v3 Project Domain", ++ "help" : "-P, --project-domain=[name] Keystone v3 Project Domain", + "required" : "0", + "shortdesc" : "Keystone v3 Project Domain", + "default" : "Default", +diff --git a/agents/evacuate/fence_evacuate.py b/agents/evacuate/fence_evacuate.py +index 76e78b87..60bb130e 100644 +--- a/agents/evacuate/fence_evacuate.py ++++ b/agents/evacuate/fence_evacuate.py +@@ -302,7 +302,7 @@ def define_new_opts(): + all_opt["project-domain"] = { + "getopt" : "P:", + "longopt" : "project-domain", +- "help" : "-d, --project-domain=[name] Keystone v3 Project Domain", ++ "help" : "-P, --project-domain=[name] Keystone v3 Project Domain", + "required" : "0", + "shortdesc" : "Keystone v3 Project Domain", + "default" : "Default", +diff --git a/tests/data/metadata/fence_compute.xml b/tests/data/metadata/fence_compute.xml +index abc276ca..99d56af0 100644 +--- a/tests/data/metadata/fence_compute.xml ++++ b/tests/data/metadata/fence_compute.xml +@@ -74,12 +74,12 @@ + Allow Insecure TLS Requests + + +- ++ + + Keystone v3 Project Domain + + +- ++ + + Keystone v3 Project Domain + +diff --git a/tests/data/metadata/fence_evacuate.xml b/tests/data/metadata/fence_evacuate.xml +index 7decb05c..8c720b80 100644 +--- a/tests/data/metadata/fence_evacuate.xml ++++ b/tests/data/metadata/fence_evacuate.xml +@@ -74,12 +74,12 @@ + Allow Insecure TLS Requests + + +- ++ + + Keystone v3 Project Domain + + +- ++ + + Keystone v3 Project Domain + diff --git a/SOURCES/bz1760213-fence_compute-disable-service-after-force-down.patch b/SOURCES/bz1760213-fence_compute-disable-service-after-force-down.patch new file mode 100644 index 0000000..a8161d1 --- /dev/null +++ b/SOURCES/bz1760213-fence_compute-disable-service-after-force-down.patch @@ -0,0 +1,42 @@ +From 099758a41bbb153c4a13a89de57cdcb72e1f1ea7 Mon Sep 17 00:00:00 2001 +From: Michele Baldessari +Date: Fri, 11 Oct 2019 10:39:53 +0200 +Subject: [PATCH] fence_compute: Invert the force-down/service disable order + +In OpenStack Train we first observed that IHA was not working via +https://bugzilla.redhat.com/show_bug.cgi?id=1760213 + +The reason for this is that nova has made the disabling of the compute +service depend on the compute node being up via: +https://review.opendev.org/#/c/654596/ + +By first calling force-down, the subsequence service-disable API +call won't wait for the reachability of the compute node any +longer and the whole operation has the same outcome. + +Tested this on an OSP Train environment and we correctly +got Instance HA working again and we observed the VMs being +restarted on the available compute nodes. + +Co-Authored-By: Luca Miccini +--- + agents/compute/fence_compute.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/agents/compute/fence_compute.py b/agents/compute/fence_compute.py +index a94bdc46..c08a9dbe 100644 +--- a/agents/compute/fence_compute.py ++++ b/agents/compute/fence_compute.py +@@ -117,11 +117,11 @@ def set_power_status_off(connection, options): + if status in [ "off" ]: + return + +- connection.services.disable(options["--plug"], 'nova-compute') + try: + # Until 2.53 + connection.services.force_down( + options["--plug"], "nova-compute", force_down=True) ++ connection.services.disable(options["--plug"], 'nova-compute') + except Exception as e: + # Something went wrong when we tried to force the host down. + # That could come from either an incompatible API version diff --git a/SOURCES/bz1760224-fence_vmware_rest-improve-logging.patch b/SOURCES/bz1760224-fence_vmware_rest-improve-logging.patch new file mode 100644 index 0000000..9b39fa6 --- /dev/null +++ b/SOURCES/bz1760224-fence_vmware_rest-improve-logging.patch @@ -0,0 +1,61 @@ +From a128c296c18faa1b58c3f067370bde64e7c49dae Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Wed, 9 Oct 2019 14:35:48 +0200 +Subject: [PATCH] fence_vmware_rest: improve logging + +--- + agents/vmware_rest/fence_vmware_rest.py | 23 +++++++++++++++++++---- + 1 file changed, 19 insertions(+), 4 deletions(-) + +diff --git a/agents/vmware_rest/fence_vmware_rest.py b/agents/vmware_rest/fence_vmware_rest.py +index 53b4066d..cd99b4ac 100644 +--- a/agents/vmware_rest/fence_vmware_rest.py ++++ b/agents/vmware_rest/fence_vmware_rest.py +@@ -11,7 +11,11 @@ + state = {"POWERED_ON": "on", 'POWERED_OFF': "off", 'SUSPENDED': "off"} + + def get_power_status(conn, options): +- res = send_command(conn, "vcenter/vm?filter.names={}".format(options["--plug"]))["value"] ++ try: ++ res = send_command(conn, "vcenter/vm?filter.names={}".format(options["--plug"]))["value"] ++ except Exception as e: ++ logging.debug("Failed: {}".format(e)) ++ fail(EC_STATUS) + + if len(res) == 0: + fail(EC_STATUS) +@@ -28,12 +32,20 @@ def set_power_status(conn, options): + "off" : "stop" + }[options["--action"]] + +- send_command(conn, "vcenter/vm/{}/power/{}".format(options["id"], action), "POST") ++ try: ++ send_command(conn, "vcenter/vm/{}/power/{}".format(options["id"], action), "POST") ++ except Exception as e: ++ logging.debug("Failed: {}".format(e)) ++ fail(EC_STATUS) + + def get_list(conn, options): + outlets = {} + +- res = send_command(conn, "vcenter/vm") ++ try: ++ res = send_command(conn, "vcenter/vm") ++ except: ++ logging.debug("Failed: {}".format(e)) ++ fail(EC_STATUS) + + for r in res["value"]: + outlets[r["name"]] = ("", state[r["power_state"]]) +@@ -87,7 +99,10 @@ def connect(opt): + return conn + + def disconnect(conn): +- send_command(conn, "com/vmware/cis/session", "DELETE") ++ try: ++ send_command(conn, "com/vmware/cis/session", "DELETE") ++ except Exception as e: ++ logging.debug("Failed: {}".format(e)) + conn.close() + + def send_command(conn, command, method="GET"): diff --git a/SOURCES/bz1762432-fence_compute-disable-service-after-force-down.patch b/SOURCES/bz1762432-fence_compute-disable-service-after-force-down.patch deleted file mode 100644 index a8161d1..0000000 --- a/SOURCES/bz1762432-fence_compute-disable-service-after-force-down.patch +++ /dev/null @@ -1,42 +0,0 @@ -From 099758a41bbb153c4a13a89de57cdcb72e1f1ea7 Mon Sep 17 00:00:00 2001 -From: Michele Baldessari -Date: Fri, 11 Oct 2019 10:39:53 +0200 -Subject: [PATCH] fence_compute: Invert the force-down/service disable order - -In OpenStack Train we first observed that IHA was not working via -https://bugzilla.redhat.com/show_bug.cgi?id=1760213 - -The reason for this is that nova has made the disabling of the compute -service depend on the compute node being up via: -https://review.opendev.org/#/c/654596/ - -By first calling force-down, the subsequence service-disable API -call won't wait for the reachability of the compute node any -longer and the whole operation has the same outcome. - -Tested this on an OSP Train environment and we correctly -got Instance HA working again and we observed the VMs being -restarted on the available compute nodes. - -Co-Authored-By: Luca Miccini ---- - agents/compute/fence_compute.py | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/agents/compute/fence_compute.py b/agents/compute/fence_compute.py -index a94bdc46..c08a9dbe 100644 ---- a/agents/compute/fence_compute.py -+++ b/agents/compute/fence_compute.py -@@ -117,11 +117,11 @@ def set_power_status_off(connection, options): - if status in [ "off" ]: - return - -- connection.services.disable(options["--plug"], 'nova-compute') - try: - # Until 2.53 - connection.services.force_down( - options["--plug"], "nova-compute", force_down=True) -+ connection.services.disable(options["--plug"], 'nova-compute') - except Exception as e: - # Something went wrong when we tried to force the host down. - # That could come from either an incompatible API version diff --git a/SOURCES/bz1763674-fence_rhevm-add-cookie-support.patch b/SOURCES/bz1763674-fence_rhevm-add-cookie-support.patch new file mode 100644 index 0000000..d4f7be9 --- /dev/null +++ b/SOURCES/bz1763674-fence_rhevm-add-cookie-support.patch @@ -0,0 +1,109 @@ +From b885e0f65af626154096a49554e9765e18bfbbd9 Mon Sep 17 00:00:00 2001 +From: Frank Toth +Date: Wed, 16 Oct 2019 13:58:50 +0800 +Subject: [PATCH 1/3] Added cookie file management to properly reuse session + and do not create new one every time. + +--- + agents/rhevm/fence_rhevm.py | 15 ++++++++++++++- + 1 file changed, 14 insertions(+), 1 deletion(-) + +diff --git a/agents/rhevm/fence_rhevm.py b/agents/rhevm/fence_rhevm.py +index 9e4650cd..defa35e6 100644 +--- a/agents/rhevm/fence_rhevm.py ++++ b/agents/rhevm/fence_rhevm.py +@@ -117,7 +117,12 @@ def send_command(opt, command, method="GET"): + conn.setopt(pycurl.HTTPAUTH, pycurl.HTTPAUTH_BASIC) + conn.setopt(pycurl.USERPWD, opt["--username"] + ":" + opt["--password"]) + if "--use-cookies" in opt: +- conn.setopt(pycurl.COOKIEFILE, "") ++ if "--cookie-file" in opt: ++ cookie_file = opt["--cookie-file"] ++ else: ++ cookie_file = "/tmp/fence_rhevm_" + opt["--ip"] + "_" + opt["--username"] + "_cookie.dat" ++ conn.setopt(pycurl.COOKIEFILE, cookie_file) ++ conn.setopt(pycurl.COOKIEJAR, cookie_file) + + conn.setopt(pycurl.TIMEOUT, int(opt["--shell-timeout"])) + if "--ssl" in opt or "--ssl-secure" in opt: +@@ -166,6 +171,14 @@ def define_new_opts(): + "required" : "0", + "shortdesc" : "Reuse cookies for authentication", + "order" : 1} ++ all_opt["cookie_file"] = { ++ "getopt" : ":", ++ "longopt" : "cookie-file", ++ "help" : "--cookie-file Path to cookie file for authentication\n" ++ "\t\t\t\t (Default: /tmp/fence_rhevm_ip_username_cookie.dat)", ++ "required" : "0", ++ "shortdesc" : "Path to cookie file for authentication", ++ "order" : 2} + all_opt["api_version"] = { + "getopt" : ":", + "longopt" : "api-version", + +From 874344acbfee5f774b320e384a46e1ce953a34ce Mon Sep 17 00:00:00 2001 +From: Frank Toth +Date: Wed, 16 Oct 2019 23:41:50 +0800 +Subject: [PATCH 2/3] Added cookie_file to device_opt array. Use + tempfile.gettempdir() to get the TMP dir instead of hardcoded /tmp + +--- + agents/rhevm/fence_rhevm.py | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/agents/rhevm/fence_rhevm.py b/agents/rhevm/fence_rhevm.py +index defa35e6..25aecbe5 100644 +--- a/agents/rhevm/fence_rhevm.py ++++ b/agents/rhevm/fence_rhevm.py +@@ -4,6 +4,7 @@ + import pycurl, io + import logging + import atexit ++import tempfile + sys.path.append("@FENCEAGENTSLIBDIR@") + from fencing import * + from fencing import fail, EC_FETCH_VM_UUID, run_delay +@@ -120,7 +121,7 @@ def send_command(opt, command, method="GET"): + if "--cookie-file" in opt: + cookie_file = opt["--cookie-file"] + else: +- cookie_file = "/tmp/fence_rhevm_" + opt["--ip"] + "_" + opt["--username"] + "_cookie.dat" ++ cookie_file = tempfile.gettempdir() + "/fence_rhevm_" + opt["--ip"] + "_" + opt["--username"] + "_cookie.dat" + conn.setopt(pycurl.COOKIEFILE, cookie_file) + conn.setopt(pycurl.COOKIEJAR, cookie_file) + +@@ -215,6 +216,7 @@ def main(): + "web", + "port", + "use_cookies", ++ "cookie_file", + "api_version", + "api_path", + "disable_http_filter", + +From 196513cfc0edfd28f483a00b4adfa230b666a47d Mon Sep 17 00:00:00 2001 +From: Frank Toth +Date: Fri, 18 Oct 2019 05:16:18 +0200 +Subject: [PATCH 3/3] After 'make xml-upload' + +--- + tests/data/metadata/fence_rhevm.xml | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/tests/data/metadata/fence_rhevm.xml b/tests/data/metadata/fence_rhevm.xml +index c56cf64b..2b6b02b2 100644 +--- a/tests/data/metadata/fence_rhevm.xml ++++ b/tests/data/metadata/fence_rhevm.xml +@@ -103,6 +103,11 @@ + + Version of RHEV API (default: auto) + ++ ++ ++ ++ Path to cookie file for authentication ++ + + + The path part of the API URL diff --git a/SOURCES/bz1769783-fencing-improve-stdin-quote-parsing.patch b/SOURCES/bz1769783-fencing-improve-stdin-quote-parsing.patch new file mode 100644 index 0000000..adf0754 --- /dev/null +++ b/SOURCES/bz1769783-fencing-improve-stdin-quote-parsing.patch @@ -0,0 +1,23 @@ +From 82626dbdb12519e95a5df70ae6ae21bc17112f43 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Wed, 13 Feb 2019 13:28:25 +0100 +Subject: [PATCH] fencing: improve stdin parse function + +- Remove quotes around stdin parameters for consistency with CLI +parameters and to be able to quote number and time parameters +--- + lib/fencing.py.py | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/lib/fencing.py.py b/lib/fencing.py.py +index 287cd01f..8cd0a813 100644 +--- a/lib/fencing.py.py ++++ b/lib/fencing.py.py +@@ -1389,6 +1389,7 @@ def _parse_input_stdin(avail_opt): + + (name, value) = (line + "=").split("=", 1) + value = value[:-1] ++ value = re.sub("^\"(.*)\"$", "\\1", value) + + if name.replace("-", "_") in mapping_longopt_names: + name = mapping_longopt_names[name.replace("-", "_")] diff --git a/SOURCES/bz1771594-1-fencing-inetX_only-SSH-fence_zvmip.patch b/SOURCES/bz1771594-1-fencing-inetX_only-SSH-fence_zvmip.patch new file mode 100644 index 0000000..6ee722d --- /dev/null +++ b/SOURCES/bz1771594-1-fencing-inetX_only-SSH-fence_zvmip.patch @@ -0,0 +1,756 @@ +From cecf3b3edeccbac6293b95073b0c0ad4f02a8652 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Tue, 12 Nov 2019 17:25:57 +0100 +Subject: [PATCH] fencing: only use inetX_only parameters for SSH based agents + and fence_zvmip, and fixed syntax issue for Gawk v5+ + +--- + agents/zvm/fence_zvmip.py | 2 +- + lib/fencing.py.py | 4 ++-- + make/agentpycheck.mk | 2 +- + tests/data/metadata/fence_amt.xml | 10 ---------- + tests/data/metadata/fence_amt_ws.xml | 10 ---------- + tests/data/metadata/fence_apc_snmp.xml | 10 ---------- + tests/data/metadata/fence_cisco_mds.xml | 10 ---------- + tests/data/metadata/fence_cisco_ucs.xml | 10 ---------- + tests/data/metadata/fence_docker.xml | 10 ---------- + tests/data/metadata/fence_drac.xml | 10 ---------- + tests/data/metadata/fence_eaton_snmp.xml | 10 ---------- + tests/data/metadata/fence_emerson.xml | 10 ---------- + tests/data/metadata/fence_eps.xml | 10 ---------- + tests/data/metadata/fence_ibmblade.xml | 10 ---------- + tests/data/metadata/fence_idrac.xml | 10 ---------- + tests/data/metadata/fence_ifmib.xml | 10 ---------- + tests/data/metadata/fence_ilo.xml | 10 ---------- + tests/data/metadata/fence_ilo2.xml | 10 ---------- + tests/data/metadata/fence_ilo3.xml | 10 ---------- + tests/data/metadata/fence_ilo4.xml | 10 ---------- + tests/data/metadata/fence_imm.xml | 10 ---------- + tests/data/metadata/fence_intelmodular.xml | 10 ---------- + tests/data/metadata/fence_ipdu.xml | 10 ---------- + tests/data/metadata/fence_ipmilan.xml | 10 ---------- + tests/data/metadata/fence_netio.xml | 10 ---------- + tests/data/metadata/fence_powerman.xml | 10 ---------- + tests/data/metadata/fence_pve.xml | 10 ---------- + tests/data/metadata/fence_raritan.xml | 10 ---------- + tests/data/metadata/fence_redfish.xml | 10 ---------- + tests/data/metadata/fence_rhevm.xml | 10 ---------- + tests/data/metadata/fence_sanbox2.xml | 10 ---------- + tests/data/metadata/fence_tripplite_snmp.xml | 10 ---------- + tests/data/metadata/fence_vmware_rest.xml | 10 ---------- + tests/data/metadata/fence_vmware_soap.xml | 10 ---------- + tests/data/metadata/fence_vmware_vcloud.xml | 10 ---------- + 36 files changed, 4 insertions(+), 334 deletions(-) + +diff --git a/agents/zvm/fence_zvmip.py b/agents/zvm/fence_zvmip.py +index e6bb01d1..5b272bb9 100644 +--- a/agents/zvm/fence_zvmip.py ++++ b/agents/zvm/fence_zvmip.py +@@ -146,7 +146,7 @@ def get_list_of_images(options, command, data_as_plug): + return (return_code, reason_code, images) + + def main(): +- device_opt = ["ipaddr", "login", "passwd", "port", "method", "missing_as_off"] ++ device_opt = ["ipaddr", "login", "passwd", "port", "method", "missing_as_off", "inet4_only", "inet6_only"] + + atexit.register(atexit_handler) + +diff --git a/lib/fencing.py.py b/lib/fencing.py.py +index 2a0b0b91..4b54aa7c 100644 +--- a/lib/fencing.py.py ++++ b/lib/fencing.py.py +@@ -459,9 +459,9 @@ + "delay", "quiet"], + "passwd" : ["passwd_script"], + "sudo" : ["sudo_path"], +- "secure" : ["identity_file", "ssh_options", "ssh_path"], ++ "secure" : ["identity_file", "ssh_options", "ssh_path", "inet4_only", "inet6_only"], + "telnet" : ["telnet_path"], +- "ipaddr" : ["ipport", "inet4_only", "inet6_only"], ++ "ipaddr" : ["ipport"], + "port" : ["separator"], + "ssl" : ["ssl_secure", "ssl_insecure", "gnutlscli_path"], + "snmp" : ["snmp_auth_prot", "snmp_sec_level", "snmp_priv_prot", \ +diff --git a/make/agentpycheck.mk b/make/agentpycheck.mk +index 58122c65..13482bf2 100644 +--- a/make/agentpycheck.mk ++++ b/make/agentpycheck.mk +@@ -1,5 +1,5 @@ + DATADIR:=$(abs_top_srcdir)/tests/data/metadata +-AWK_VAL='BEGIN {store=-1} /name=\".*_path\"/ {store=2} {if (store!=0) {print}; store--}' ++AWK_VAL='BEGIN {store=-1} /name=".*_path"/ {store=2} {if (store!=0) {print}; store--}' + + TEST_TARGET=$(filter-out $(TEST_TARGET_SKIP),$(TARGET)) + +diff --git a/tests/data/metadata/fence_amt.xml b/tests/data/metadata/fence_amt.xml +index c1e24db9..5f0adc98 100644 +--- a/tests/data/metadata/fence_amt.xml ++++ b/tests/data/metadata/fence_amt.xml +@@ -19,16 +19,6 @@ + + Change the default boot behavior of the machine. + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_amt_ws.xml b/tests/data/metadata/fence_amt_ws.xml +index 07c22db3..86f36f6c 100644 +--- a/tests/data/metadata/fence_amt_ws.xml ++++ b/tests/data/metadata/fence_amt_ws.xml +@@ -19,16 +19,6 @@ + + Change the default boot behavior of the machine. + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_apc_snmp.xml b/tests/data/metadata/fence_apc_snmp.xml +index 26661d6a..7f1c616c 100644 +--- a/tests/data/metadata/fence_apc_snmp.xml ++++ b/tests/data/metadata/fence_apc_snmp.xml +@@ -14,16 +14,6 @@ + + Set the community string + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_cisco_mds.xml b/tests/data/metadata/fence_cisco_mds.xml +index 1917595e..15d7798c 100644 +--- a/tests/data/metadata/fence_cisco_mds.xml ++++ b/tests/data/metadata/fence_cisco_mds.xml +@@ -13,16 +13,6 @@ + + Set the community string + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_cisco_ucs.xml b/tests/data/metadata/fence_cisco_ucs.xml +index 40581da7..848e72f8 100644 +--- a/tests/data/metadata/fence_cisco_ucs.xml ++++ b/tests/data/metadata/fence_cisco_ucs.xml +@@ -8,16 +8,6 @@ + + Fencing action + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_docker.xml b/tests/data/metadata/fence_docker.xml +index fdd6324c..3285314c 100644 +--- a/tests/data/metadata/fence_docker.xml ++++ b/tests/data/metadata/fence_docker.xml +@@ -8,16 +8,6 @@ + + Fencing action + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_drac.xml b/tests/data/metadata/fence_drac.xml +index 405d660a..2184ee0c 100644 +--- a/tests/data/metadata/fence_drac.xml ++++ b/tests/data/metadata/fence_drac.xml +@@ -18,16 +18,6 @@ + + Force Python regex for command prompt + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_eaton_snmp.xml b/tests/data/metadata/fence_eaton_snmp.xml +index 33957ed1..3dd92dd2 100644 +--- a/tests/data/metadata/fence_eaton_snmp.xml ++++ b/tests/data/metadata/fence_eaton_snmp.xml +@@ -13,16 +13,6 @@ + + Set the community string + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_emerson.xml b/tests/data/metadata/fence_emerson.xml +index 87205c1b..f6886469 100644 +--- a/tests/data/metadata/fence_emerson.xml ++++ b/tests/data/metadata/fence_emerson.xml +@@ -13,16 +13,6 @@ + + Set the community string + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_eps.xml b/tests/data/metadata/fence_eps.xml +index 68d8fb69..26e75477 100644 +--- a/tests/data/metadata/fence_eps.xml ++++ b/tests/data/metadata/fence_eps.xml +@@ -15,16 +15,6 @@ Agent basically works by connecting to hidden page and pass appropriate argument + + Name of hidden page + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_ibmblade.xml b/tests/data/metadata/fence_ibmblade.xml +index eff551f6..5084b3a0 100644 +--- a/tests/data/metadata/fence_ibmblade.xml ++++ b/tests/data/metadata/fence_ibmblade.xml +@@ -13,16 +13,6 @@ + + Set the community string + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_idrac.xml b/tests/data/metadata/fence_idrac.xml +index f4588b35..55d9ced3 100644 +--- a/tests/data/metadata/fence_idrac.xml ++++ b/tests/data/metadata/fence_idrac.xml +@@ -32,16 +32,6 @@ + + Hexadecimal-encoded Kg key for IPMIv2 authentication + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_ifmib.xml b/tests/data/metadata/fence_ifmib.xml +index b5f3b1d4..c07a6e1f 100644 +--- a/tests/data/metadata/fence_ifmib.xml ++++ b/tests/data/metadata/fence_ifmib.xml +@@ -15,16 +15,6 @@ It was written with managed ethernet switches in mind, in order to fence iSCSI S + + Set the community string + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_ilo.xml b/tests/data/metadata/fence_ilo.xml +index eb2e7a72..44b3c43a 100644 +--- a/tests/data/metadata/fence_ilo.xml ++++ b/tests/data/metadata/fence_ilo.xml +@@ -9,16 +9,6 @@ + + Fencing action + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_ilo2.xml b/tests/data/metadata/fence_ilo2.xml +index b14aa2fb..e9cae6d2 100644 +--- a/tests/data/metadata/fence_ilo2.xml ++++ b/tests/data/metadata/fence_ilo2.xml +@@ -9,16 +9,6 @@ + + Fencing action + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_ilo3.xml b/tests/data/metadata/fence_ilo3.xml +index deaeaaf0..2a99e0a4 100644 +--- a/tests/data/metadata/fence_ilo3.xml ++++ b/tests/data/metadata/fence_ilo3.xml +@@ -32,16 +32,6 @@ + + Hexadecimal-encoded Kg key for IPMIv2 authentication + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_ilo4.xml b/tests/data/metadata/fence_ilo4.xml +index bbf0833b..68790266 100644 +--- a/tests/data/metadata/fence_ilo4.xml ++++ b/tests/data/metadata/fence_ilo4.xml +@@ -32,16 +32,6 @@ + + Hexadecimal-encoded Kg key for IPMIv2 authentication + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_imm.xml b/tests/data/metadata/fence_imm.xml +index 22cb54e7..e22e4723 100644 +--- a/tests/data/metadata/fence_imm.xml ++++ b/tests/data/metadata/fence_imm.xml +@@ -32,16 +32,6 @@ + + Hexadecimal-encoded Kg key for IPMIv2 authentication + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_intelmodular.xml b/tests/data/metadata/fence_intelmodular.xml +index 4f2e8c49..5e0d3b19 100644 +--- a/tests/data/metadata/fence_intelmodular.xml ++++ b/tests/data/metadata/fence_intelmodular.xml +@@ -15,16 +15,6 @@ Note: Since firmware update version 2.7, SNMP v2 write support is removed, and r + + Set the community string + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_ipdu.xml b/tests/data/metadata/fence_ipdu.xml +index 0b615852..546e372c 100644 +--- a/tests/data/metadata/fence_ipdu.xml ++++ b/tests/data/metadata/fence_ipdu.xml +@@ -13,16 +13,6 @@ + + Set the community string + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_ipmilan.xml b/tests/data/metadata/fence_ipmilan.xml +index b9ce66f8..3e13d288 100644 +--- a/tests/data/metadata/fence_ipmilan.xml ++++ b/tests/data/metadata/fence_ipmilan.xml +@@ -32,16 +32,6 @@ + + Hexadecimal-encoded Kg key for IPMIv2 authentication + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_netio.xml b/tests/data/metadata/fence_netio.xml +index e6350ed4..79d27af3 100644 +--- a/tests/data/metadata/fence_netio.xml ++++ b/tests/data/metadata/fence_netio.xml +@@ -8,16 +8,6 @@ + + Fencing action + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_powerman.xml b/tests/data/metadata/fence_powerman.xml +index f0499d86..ce72e002 100644 +--- a/tests/data/metadata/fence_powerman.xml ++++ b/tests/data/metadata/fence_powerman.xml +@@ -8,16 +8,6 @@ + + Fencing action + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_pve.xml b/tests/data/metadata/fence_pve.xml +index b727a7e8..5d744903 100644 +--- a/tests/data/metadata/fence_pve.xml ++++ b/tests/data/metadata/fence_pve.xml +@@ -8,16 +8,6 @@ + + Fencing action + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_raritan.xml b/tests/data/metadata/fence_raritan.xml +index c75783fd..565eebc7 100644 +--- a/tests/data/metadata/fence_raritan.xml ++++ b/tests/data/metadata/fence_raritan.xml +@@ -8,16 +8,6 @@ + + Fencing action + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_redfish.xml b/tests/data/metadata/fence_redfish.xml +index e1c18584..91b483b7 100644 +--- a/tests/data/metadata/fence_redfish.xml ++++ b/tests/data/metadata/fence_redfish.xml +@@ -8,16 +8,6 @@ + + Fencing action + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_rhevm.xml b/tests/data/metadata/fence_rhevm.xml +index 2b6b02b2..73c9906f 100644 +--- a/tests/data/metadata/fence_rhevm.xml ++++ b/tests/data/metadata/fence_rhevm.xml +@@ -8,16 +8,6 @@ + + Fencing action + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_sanbox2.xml b/tests/data/metadata/fence_sanbox2.xml +index 9832841e..7e20c8ce 100644 +--- a/tests/data/metadata/fence_sanbox2.xml ++++ b/tests/data/metadata/fence_sanbox2.xml +@@ -18,16 +18,6 @@ + + Force Python regex for command prompt + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_tripplite_snmp.xml b/tests/data/metadata/fence_tripplite_snmp.xml +index 22d3db5d..d3769133 100644 +--- a/tests/data/metadata/fence_tripplite_snmp.xml ++++ b/tests/data/metadata/fence_tripplite_snmp.xml +@@ -14,16 +14,6 @@ + + Set the community string + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_vmware_rest.xml b/tests/data/metadata/fence_vmware_rest.xml +index 1e1f790f..5b497a6a 100644 +--- a/tests/data/metadata/fence_vmware_rest.xml ++++ b/tests/data/metadata/fence_vmware_rest.xml +@@ -8,16 +8,6 @@ + + Fencing action + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_vmware_soap.xml b/tests/data/metadata/fence_vmware_soap.xml +index 46d29116..da6a1002 100644 +--- a/tests/data/metadata/fence_vmware_soap.xml ++++ b/tests/data/metadata/fence_vmware_soap.xml +@@ -10,16 +10,6 @@ Name of virtual machine (-n / port) has to be used in inventory path format (e.g + + Fencing action + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + +diff --git a/tests/data/metadata/fence_vmware_vcloud.xml b/tests/data/metadata/fence_vmware_vcloud.xml +index 69269a2d..505eaf2b 100644 +--- a/tests/data/metadata/fence_vmware_vcloud.xml ++++ b/tests/data/metadata/fence_vmware_vcloud.xml +@@ -8,16 +8,6 @@ + + Fencing action + +- +- +- +- Forces agent to use IPv4 addresses only +- +- +- +- +- Forces agent to use IPv6 addresses only +- + + + diff --git a/SOURCES/bz1771594-2-fence_redfish-fence_vmware_soap-suppress-warning.patch b/SOURCES/bz1771594-2-fence_redfish-fence_vmware_soap-suppress-warning.patch new file mode 100644 index 0000000..889c6f9 --- /dev/null +++ b/SOURCES/bz1771594-2-fence_redfish-fence_vmware_soap-suppress-warning.patch @@ -0,0 +1,51 @@ +From 559771f2c5a638f7e14ec9c0ef1068c86ee9d40e Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Tue, 26 Nov 2019 14:09:14 +0100 +Subject: [PATCH] fence_redfish/fence_vmware_soap: suppress warnings correctly + with new python-requests + +python-requests doesnt suppress warnings anymore, so it needs to be done in urllib3: https://stackoverflow.com/questions/27981545/suppress-insecurerequestwarning-unverified-https-request-is-being-made-in-pytho/28002687#28002687 +--- + agents/redfish/fence_redfish.py | 4 ++-- + agents/vmware_soap/fence_vmware_soap.py | 4 ++-- + 2 files changed, 4 insertions(+), 4 deletions(-) + +diff --git a/agents/redfish/fence_redfish.py b/agents/redfish/fence_redfish.py +index 390a4827..c7c6492c 100644 +--- a/agents/redfish/fence_redfish.py ++++ b/agents/redfish/fence_redfish.py +@@ -12,7 +12,6 @@ + import atexit + sys.path.append("@FENCEAGENTSLIBDIR@") + +-from requests.packages.urllib3.exceptions import InsecureRequestWarning + from fencing import * + from fencing import fail_usage, run_delay + +@@ -143,7 +142,8 @@ def main(): + + # Disable insecure-certificate-warning message + if "--ssl-insecure" in opt: +- requests.packages.urllib3.disable_warnings(InsecureRequestWarning) ++ import urllib3 ++ urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) + + # backwards compatibility for : + if options["--ip"].count(":") == 1: +diff --git a/agents/vmware_soap/fence_vmware_soap.py b/agents/vmware_soap/fence_vmware_soap.py +index dd1a4ed6..53e8d8f4 100644 +--- a/agents/vmware_soap/fence_vmware_soap.py ++++ b/agents/vmware_soap/fence_vmware_soap.py +@@ -37,10 +37,10 @@ def soap_login(options): + if "--ssl" in options or "--ssl-secure" in options or "--ssl-insecure" in options: + if "--ssl-insecure" in options: + import ssl +- from requests.packages.urllib3.exceptions import InsecureRequestWarning ++ import urllib3 + if hasattr(ssl, '_create_unverified_context'): + ssl._create_default_https_context = ssl._create_unverified_context +- requests.packages.urllib3.disable_warnings(InsecureRequestWarning) ++ urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) + verify = False + else: + verify = True diff --git a/SOURCES/bz1773890-fence_scsi-add-hash-key-value-support.patch b/SOURCES/bz1773890-fence_scsi-add-hash-key-value-support.patch new file mode 100644 index 0000000..b8cf248 --- /dev/null +++ b/SOURCES/bz1773890-fence_scsi-add-hash-key-value-support.patch @@ -0,0 +1,237 @@ +From baf8d524e89d7f6c716e8241a12d8135debadfcc Mon Sep 17 00:00:00 2001 +From: Ondrej Famera +Date: Sun, 20 Oct 2019 20:13:40 +0900 +Subject: [PATCH 1/4] add new method for autogenerating SCSI key + +this methos generates second part of SCSI key based on hash of cluster +node name instead of currently used ID based approach which can brake if +the nodes get removed from cluster but whole cluster is not restarted +because the IDs changes. With hash approach hashes stays same. +Note that there is theoretical risk that hashes could colide. +--- + agents/scsi/fence_scsi.py | 32 ++++++++++++++++++++++++++++-- + tests/data/metadata/fence_scsi.xml | 5 +++++ + 2 files changed, 35 insertions(+), 2 deletions(-) + +diff --git a/agents/scsi/fence_scsi.py b/agents/scsi/fence_scsi.py +index 5580e08b..4cc9b66c 100644 +--- a/agents/scsi/fence_scsi.py ++++ b/agents/scsi/fence_scsi.py +@@ -202,9 +202,20 @@ def get_node_id(options): + + return match.group(1) if match else fail_usage("Failed: unable to parse output of corosync-cmapctl or node does not exist") + ++def get_node_hash(options): ++ try: ++ return hashlib.md5(options["--plug"].encode('ascii')).hexdigest() ++ except ValueError: ++ # FIPS requires usedforsecurity=False and might not be ++ # available on all distros: https://bugs.python.org/issue9216 ++ return hashlib.md5(options["--plug"].encode('ascii'), usedforsecurity=False).hexdigest() ++ + + def generate_key(options): +- return "%.4s%.4d" % (get_cluster_id(options), int(get_node_id(options))) ++ if options["--key_value"] == "hash": ++ return "%.4s%.4s" % (get_cluster_id(options), get_node_hash(options)) ++ else: ++ return "%.4s%.4d" % (get_cluster_id(options), int(get_node_id(options))) + + + # save node key to file +@@ -375,6 +386,19 @@ def define_new_opts(): + "default" : "@VGS_PATH@", + "order": 300 + } ++ all_opt["key_value"] = { ++ "getopt" : ":", ++ "longopt" : "key_value", ++ "help" : "--key_value= SCSI key node generation method", ++ "required" : "0", ++ "shortdesc" : "Method used to generate the SCSI key. \"id\" (default) \ ++uses the positional ID from \"corosync-cmactl nodelist\" output which can get inconsistent \ ++when nodes are removed from cluster without full cluster restart. \"hash\" uses part of hash \ ++made out of node names which is not affected over time but there is theoretical chance that \ ++hashes can collide as size of SCSI key is quite limited.", ++ "default" : "id", ++ "order": 300 ++ } + + + def scsi_check_get_options(options): +@@ -440,7 +464,7 @@ def main(): + + device_opt = ["no_login", "no_password", "devices", "nodename", "port",\ + "no_port", "key", "aptpl", "fabric_fencing", "on_target", "corosync_cmap_path",\ +- "sg_persist_path", "sg_turs_path", "logfile", "vgs_path", "force_on"] ++ "sg_persist_path", "sg_turs_path", "logfile", "vgs_path", "force_on", "key_value"] + + define_new_opts() + +@@ -517,6 +541,10 @@ def main(): + if options["--key"] == "0" or not options["--key"]: + fail_usage("Failed: key cannot be 0", stop_after_error) + ++ if "--key_value" in options\ ++ and (options["--key_value"] != "id" and options["--key_value"] != "hash"): ++ fail_usage("Failed: key_value has to be 'id' or 'hash'", stop_after_error) ++ + if options["--action"] == "validate-all": + sys.exit(0) + +diff --git a/tests/data/metadata/fence_scsi.xml b/tests/data/metadata/fence_scsi.xml +index b8cdabd1..56c6224d 100644 +--- a/tests/data/metadata/fence_scsi.xml ++++ b/tests/data/metadata/fence_scsi.xml +@@ -105,6 +105,11 @@ When used as a watchdog device you can define e.g. retry=1, retry-sleep=2 and ve + + Path to corosync-cmapctl binary + ++ ++ ++ ++ Method used to generate the SCSI key. "id" (default) uses the positional ID from "corosync-cmactl nodelist" output which can get inconsistent when nodes are removed from cluster without full cluster restart. "hash" uses part of hash made out of node names which is not affected over time but there is theoretical chance that hashes can collide as size of SCSI key is quite limited. ++ + + + Path to sg_persist binary + +From ee7a5ea238b4b3312384e4cfd9edd392c311d17a Mon Sep 17 00:00:00 2001 +From: Ondrej Famera +Date: Fri, 1 Nov 2019 13:16:58 +0900 +Subject: [PATCH 2/4] rename 'key_value' to 'key-value' for manual invokation + +--- + agents/scsi/fence_scsi.py | 12 ++++++------ + tests/data/metadata/fence_scsi.xml | 2 +- + 2 files changed, 7 insertions(+), 7 deletions(-) + +diff --git a/agents/scsi/fence_scsi.py b/agents/scsi/fence_scsi.py +index 4cc9b66c..7d515e16 100644 +--- a/agents/scsi/fence_scsi.py ++++ b/agents/scsi/fence_scsi.py +@@ -212,7 +212,7 @@ def get_node_hash(options): + + + def generate_key(options): +- if options["--key_value"] == "hash": ++ if options["--key-value"] == "hash": + return "%.4s%.4s" % (get_cluster_id(options), get_node_hash(options)) + else: + return "%.4s%.4d" % (get_cluster_id(options), int(get_node_id(options))) +@@ -388,8 +388,8 @@ def define_new_opts(): + } + all_opt["key_value"] = { + "getopt" : ":", +- "longopt" : "key_value", +- "help" : "--key_value= SCSI key node generation method", ++ "longopt" : "key-value", ++ "help" : "--key-value= SCSI key node generation method", + "required" : "0", + "shortdesc" : "Method used to generate the SCSI key. \"id\" (default) \ + uses the positional ID from \"corosync-cmactl nodelist\" output which can get inconsistent \ +@@ -541,9 +541,9 @@ def main(): + if options["--key"] == "0" or not options["--key"]: + fail_usage("Failed: key cannot be 0", stop_after_error) + +- if "--key_value" in options\ +- and (options["--key_value"] != "id" and options["--key_value"] != "hash"): +- fail_usage("Failed: key_value has to be 'id' or 'hash'", stop_after_error) ++ if "--key-value" in options\ ++ and (options["--key-value"] != "id" and options["--key-value"] != "hash"): ++ fail_usage("Failed: key-value has to be 'id' or 'hash'", stop_after_error) + + if options["--action"] == "validate-all": + sys.exit(0) +diff --git a/tests/data/metadata/fence_scsi.xml b/tests/data/metadata/fence_scsi.xml +index 56c6224d..72800688 100644 +--- a/tests/data/metadata/fence_scsi.xml ++++ b/tests/data/metadata/fence_scsi.xml +@@ -106,7 +106,7 @@ When used as a watchdog device you can define e.g. retry=1, retry-sleep=2 and ve + Path to corosync-cmapctl binary + + +- ++ + + Method used to generate the SCSI key. "id" (default) uses the positional ID from "corosync-cmactl nodelist" output which can get inconsistent when nodes are removed from cluster without full cluster restart. "hash" uses part of hash made out of node names which is not affected over time but there is theoretical chance that hashes can collide as size of SCSI key is quite limited. + + +From 58105710876bd6a2220f92ea37d621991d68bf4b Mon Sep 17 00:00:00 2001 +From: Ondrej Famera +Date: Fri, 1 Nov 2019 13:20:17 +0900 +Subject: [PATCH 3/4] expand longdesc of fence_scsi to describe the impact of + key_value option + +--- + agents/scsi/fence_scsi.py | 6 +++++- + tests/data/metadata/fence_scsi.xml | 2 +- + 2 files changed, 6 insertions(+), 2 deletions(-) + +diff --git a/agents/scsi/fence_scsi.py b/agents/scsi/fence_scsi.py +index 7d515e16..4b2bfe20 100644 +--- a/agents/scsi/fence_scsi.py ++++ b/agents/scsi/fence_scsi.py +@@ -493,7 +493,11 @@ def main(): + devices must support SCSI-3 persistent reservations (SPC-3 or greater) as \ + well as the \"preempt-and-abort\" subcommand.\nThe fence_scsi agent works by \ + having each node in the cluster register a unique key with the SCSI \ +-device(s). Once registered, a single node will become the reservation holder \ ++device(s). Reservation key is generated from \"node id\" (default) or from \ ++\"node name hash\" (recommended) by adjusting \"key_value\" option. \ ++Using hash is recommended to prevent issues when removing nodes \ ++from cluster without full cluster restart. \ ++Once registered, a single node will become the reservation holder \ + by creating a \"write exclusive, registrants only\" reservation on the \ + device(s). The result is that only registered nodes may write to the \ + device(s). When a node failure occurs, the fence_scsi agent will remove the \ +diff --git a/tests/data/metadata/fence_scsi.xml b/tests/data/metadata/fence_scsi.xml +index 72800688..6f914823 100644 +--- a/tests/data/metadata/fence_scsi.xml ++++ b/tests/data/metadata/fence_scsi.xml +@@ -1,7 +1,7 @@ + + + fence_scsi is an I/O fencing agent that uses SCSI-3 persistent reservations to control access to shared storage devices. These devices must support SCSI-3 persistent reservations (SPC-3 or greater) as well as the "preempt-and-abort" subcommand. +-The fence_scsi agent works by having each node in the cluster register a unique key with the SCSI device(s). Once registered, a single node will become the reservation holder by creating a "write exclusive, registrants only" reservation on the device(s). The result is that only registered nodes may write to the device(s). When a node failure occurs, the fence_scsi agent will remove the key belonging to the failed node from the device(s). The failed node will no longer be able to write to the device(s). A manual reboot is required. ++The fence_scsi agent works by having each node in the cluster register a unique key with the SCSI device(s). Reservation key is generated from "node id" (default) or from "node name hash" (recommended) by adjusting "key_value" option. Using hash is recommended to prevent issues when removing nodes from cluster without full cluster restart. Once registered, a single node will become the reservation holder by creating a "write exclusive, registrants only" reservation on the device(s). The result is that only registered nodes may write to the device(s). When a node failure occurs, the fence_scsi agent will remove the key belonging to the failed node from the device(s). The failed node will no longer be able to write to the device(s). A manual reboot is required. + + When used as a watchdog device you can define e.g. retry=1, retry-sleep=2 and verbose=yes parameters in /etc/sysconfig/stonith if you have issues with it failing. + + +From 6a73919ab70d76fcf4ce19b4fd00e182e41f33b5 Mon Sep 17 00:00:00 2001 +From: Ondrej Famera +Date: Sat, 16 Nov 2019 17:03:42 +0900 +Subject: [PATCH 4/4] emphasize the recommendation to use 'hash' over 'id' + +--- + agents/scsi/fence_scsi.py | 2 +- + tests/data/metadata/fence_scsi.xml | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/agents/scsi/fence_scsi.py b/agents/scsi/fence_scsi.py +index 4b2bfe20..9b6af556 100644 +--- a/agents/scsi/fence_scsi.py ++++ b/agents/scsi/fence_scsi.py +@@ -494,7 +494,7 @@ def main(): + well as the \"preempt-and-abort\" subcommand.\nThe fence_scsi agent works by \ + having each node in the cluster register a unique key with the SCSI \ + device(s). Reservation key is generated from \"node id\" (default) or from \ +-\"node name hash\" (recommended) by adjusting \"key_value\" option. \ ++\"node name hash\" (RECOMMENDED) by adjusting \"key_value\" option. \ + Using hash is recommended to prevent issues when removing nodes \ + from cluster without full cluster restart. \ + Once registered, a single node will become the reservation holder \ +diff --git a/tests/data/metadata/fence_scsi.xml b/tests/data/metadata/fence_scsi.xml +index 6f914823..b840f3cf 100644 +--- a/tests/data/metadata/fence_scsi.xml ++++ b/tests/data/metadata/fence_scsi.xml +@@ -1,7 +1,7 @@ + + + fence_scsi is an I/O fencing agent that uses SCSI-3 persistent reservations to control access to shared storage devices. These devices must support SCSI-3 persistent reservations (SPC-3 or greater) as well as the "preempt-and-abort" subcommand. +-The fence_scsi agent works by having each node in the cluster register a unique key with the SCSI device(s). Reservation key is generated from "node id" (default) or from "node name hash" (recommended) by adjusting "key_value" option. Using hash is recommended to prevent issues when removing nodes from cluster without full cluster restart. Once registered, a single node will become the reservation holder by creating a "write exclusive, registrants only" reservation on the device(s). The result is that only registered nodes may write to the device(s). When a node failure occurs, the fence_scsi agent will remove the key belonging to the failed node from the device(s). The failed node will no longer be able to write to the device(s). A manual reboot is required. ++The fence_scsi agent works by having each node in the cluster register a unique key with the SCSI device(s). Reservation key is generated from "node id" (default) or from "node name hash" (RECOMMENDED) by adjusting "key_value" option. Using hash is recommended to prevent issues when removing nodes from cluster without full cluster restart. Once registered, a single node will become the reservation holder by creating a "write exclusive, registrants only" reservation on the device(s). The result is that only registered nodes may write to the device(s). When a node failure occurs, the fence_scsi agent will remove the key belonging to the failed node from the device(s). The failed node will no longer be able to write to the device(s). A manual reboot is required. + + When used as a watchdog device you can define e.g. retry=1, retry-sleep=2 and verbose=yes parameters in /etc/sysconfig/stonith if you have issues with it failing. + diff --git a/SOURCES/bz1774458-fence_sbd-stderr-support.patch b/SOURCES/bz1774458-fence_sbd-stderr-support.patch new file mode 100644 index 0000000..59a6794 --- /dev/null +++ b/SOURCES/bz1774458-fence_sbd-stderr-support.patch @@ -0,0 +1,39 @@ +From f37e5ba0b6c8dab527f947bfc602d50b953a7d08 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Tue, 17 Sep 2019 15:15:06 +0200 +Subject: [PATCH] fence_sbd: support errors on stderr + +--- + agents/sbd/fence_sbd.py | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/agents/sbd/fence_sbd.py b/agents/sbd/fence_sbd.py +index b1df70ac..3ae8df6e 100644 +--- a/agents/sbd/fence_sbd.py ++++ b/agents/sbd/fence_sbd.py +@@ -8,6 +8,7 @@ + from fencing import fail_usage, run_command, fence_action, all_opt + from fencing import atexit_handler, check_input, process_input, show_docs + from fencing import run_delay ++import itertools + + DEVICE_INIT = 1 + DEVICE_NOT_INIT = -3 +@@ -82,7 +83,7 @@ def check_sbd_device(options, device_path): + + (return_code, out, err) = run_command(options, cmd) + +- for line in out.split("\n"): ++ for line in itertools.chain(out.split("\n"), err.split("\n")): + if len(line) == 0: + continue + +@@ -148,7 +149,7 @@ def get_msg_timeout(options): + + (return_code, out, err) = run_command(options, cmd) + +- for line in out.split("\n"): ++ for line in itertools.chain(out.split("\n"), err.split("\n")): + if len(line) == 0: + continue + diff --git a/SOURCES/bz1781357-fence_aws-improve-logging-and-metadata-usage-text.patch b/SOURCES/bz1781357-fence_aws-improve-logging-and-metadata-usage-text.patch new file mode 100644 index 0000000..e81dce6 --- /dev/null +++ b/SOURCES/bz1781357-fence_aws-improve-logging-and-metadata-usage-text.patch @@ -0,0 +1,130 @@ +From 7ac16fb281fa8cfc51a31f672014c614c81aec82 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Fri, 31 Jan 2020 15:53:47 +0100 +Subject: [PATCH] fence_aws: improve logging and metadata/usage text + +--- + agents/aws/fence_aws.py | 36 +++++++++++++++++++------------ + tests/data/metadata/fence_aws.xml | 6 +++--- + 2 files changed, 25 insertions(+), 17 deletions(-) + +diff --git a/agents/aws/fence_aws.py b/agents/aws/fence_aws.py +index 647b66fc..74321e8e 100644 +--- a/agents/aws/fence_aws.py ++++ b/agents/aws/fence_aws.py +@@ -5,7 +5,7 @@ + import atexit + sys.path.append("@FENCEAGENTSLIBDIR@") + from fencing import * +-from fencing import fail, fail_usage, EC_TIMED_OUT, run_delay ++from fencing import fail, fail_usage, run_delay, EC_STATUS + + import boto3 + from botocore.exceptions import ClientError, EndpointConnectionError, NoRegionError +@@ -19,6 +19,8 @@ def get_nodes_list(conn, options): + fail_usage("Failed: Incorrect Access Key or Secret Key.") + except EndpointConnectionError: + fail_usage("Failed: Incorrect Region.") ++ except Exception as e: ++ logging.error("Failed to get node list: %s", e) + + return result + +@@ -38,20 +40,26 @@ def get_power_status(conn, options): + except EndpointConnectionError: + fail_usage("Failed: Incorrect Region.") + except IndexError: +- return "fail" ++ fail(EC_STATUS) ++ except Exception as e: ++ logging.error("Failed to get power status: %s", e) ++ fail(EC_STATUS) + + def set_power_status(conn, options): +- if (options["--action"]=="off"): +- conn.instances.filter(InstanceIds=[options["--plug"]]).stop(Force=True) +- elif (options["--action"]=="on"): +- conn.instances.filter(InstanceIds=[options["--plug"]]).start() +- ++ try: ++ if (options["--action"]=="off"): ++ conn.instances.filter(InstanceIds=[options["--plug"]]).stop(Force=True) ++ elif (options["--action"]=="on"): ++ conn.instances.filter(InstanceIds=[options["--plug"]]).start() ++ except Exception as e: ++ logging.error("Failed to power %s %s: %s", \ ++ options["--action"], options["--plug"], e) + + def define_new_opts(): + all_opt["region"] = { + "getopt" : "r:", + "longopt" : "region", +- "help" : "-r, --region=[name] Region, e.g. us-east-1", ++ "help" : "-r, --region=[region] Region, e.g. us-east-1", + "shortdesc" : "Region.", + "required" : "0", + "order" : 2 +@@ -59,7 +67,7 @@ def define_new_opts(): + all_opt["access_key"] = { + "getopt" : "a:", + "longopt" : "access-key", +- "help" : "-a, --access-key=[name] Access Key", ++ "help" : "-a, --access-key=[key] Access Key", + "shortdesc" : "Access Key.", + "required" : "0", + "order" : 3 +@@ -67,7 +75,7 @@ def define_new_opts(): + all_opt["secret_key"] = { + "getopt" : "s:", + "longopt" : "secret-key", +- "help" : "-s, --secret-key=[name] Secret Key", ++ "help" : "-s, --secret-key=[key] Secret Key", + "shortdesc" : "Secret Key.", + "required" : "0", + "order" : 4 +@@ -107,16 +115,16 @@ def main(): + conn = boto3.resource('ec2', region_name=region, + aws_access_key_id=access_key, + aws_secret_access_key=secret_key) +- except: +- fail_usage("Failed: Unable to connect to AWS. Check your configuration.") ++ except Exception as e: ++ fail_usage("Failed: Unable to connect to AWS: " + str(e)) + else: + # If setup with "aws configure" or manually in + # ~/.aws/credentials + try: + conn = boto3.resource('ec2') +- except: ++ except Exception as e: + # If any of region/access/secret are missing +- fail_usage("Failed: Unable to connect to AWS. Check your configuration.") ++ fail_usage("Failed: Unable to connect to AWS: " + str(e)) + + # Operate the fencing device + result = fence_action(conn, options, set_power_status, get_power_status, get_nodes_list) +diff --git a/tests/data/metadata/fence_aws.xml b/tests/data/metadata/fence_aws.xml +index 4dea4418..5e5d5d99 100644 +--- a/tests/data/metadata/fence_aws.xml ++++ b/tests/data/metadata/fence_aws.xml +@@ -22,17 +22,17 @@ For instructions see: https://boto3.readthedocs.io/en/latest/guide/quickstart.ht + Physical plug number on device, UUID or identification of machine + + +- ++ + + Region. + + +- ++ + + Access Key. + + +- ++ + + Secret Key. + diff --git a/SOURCES/bz1798641-fence_mpath-fix-reserve-parameter-typo.patch b/SOURCES/bz1798641-fence_mpath-fix-reserve-parameter-typo.patch new file mode 100644 index 0000000..03d7c5e --- /dev/null +++ b/SOURCES/bz1798641-fence_mpath-fix-reserve-parameter-typo.patch @@ -0,0 +1,22 @@ +From 0d3ff341c5dcff7ded0274ae20460895f35c13d6 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Thu, 13 Feb 2020 15:40:24 +0100 +Subject: [PATCH] fence_mpath: fix --reserve parameter typo + +--- + agents/mpath/fence_mpath.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/agents/mpath/fence_mpath.py b/agents/mpath/fence_mpath.py +index 73517851..a3d9fe23 100644 +--- a/agents/mpath/fence_mpath.py ++++ b/agents/mpath/fence_mpath.py +@@ -106,7 +106,7 @@ def register_dev(options, dev): + return not bool(run_cmd(options, cmd)["err"]) + + def reserve_dev(options, dev): +- cmd = options["--mpathpersist-path"] + " -o --reserv --prout-type=5 --param-rk=" + options["--plug"] + " -d " + dev ++ cmd = options["--mpathpersist-path"] + " -o --reserve --prout-type=5 --param-rk=" + options["--plug"] + " -d " + dev + return not bool(run_cmd(options, cmd)["err"]) + + def get_reservation_key(options, dev): diff --git a/SPECS/fence-agents.spec b/SPECS/fence-agents.spec index cc08638..bfb236a 100644 --- a/SPECS/fence-agents.spec +++ b/SPECS/fence-agents.spec @@ -29,7 +29,7 @@ Name: fence-agents Summary: Set of unified programs capable of host isolation ("fencing") Version: 4.2.1 -Release: 30%{?alphatag:.%{alphatag}}%{?dist}.1 +Release: 41%{?alphatag:.%{alphatag}}%{?dist} License: GPLv2+ and LGPLv2+ Group: System Environment/Base URL: https://github.com/ClusterLabs/fence-agents @@ -77,7 +77,24 @@ Patch35: bz1714458-fence_scsi-node-id-new-format.patch Patch36: bz1720198-fence_scsi-watchdog-fix-retry-failing-on-first-try.patch Patch37: bz1732773-fence_vmware_rest-fix-keyerror-suspended-vms.patch Patch38: bz1748443-fence_zvmip-python3-fixes.patch -Patch39: bz1762432-fence_compute-disable-service-after-force-down.patch +Patch39: bz1732766-fence_aliyun-1-add-RAM-role.patch +Patch40: bz1732766-fence_aliyun-2-import-EcsRamRoleCredential.patch +Patch41: bz1734811-fence_iloX_ssh-monitor-timeout-warning.patch +Patch42: bz1751704-fence_mpath-fix-watchdog-trigger-multipath-disconnect.patch +Patch43: bz1760213-fence_compute-disable-service-after-force-down.patch +Patch44: bz1760201-fence_compute-fence_evacuate-1-fix-region_name-type.patch +Patch45: bz1760224-fence_vmware_rest-improve-logging.patch +Patch46: bz1760201-fence_compute-fence_evacuate-2-fix-project-shortopt.patch +Patch47: bz1769783-fencing-improve-stdin-quote-parsing.patch +Patch48: bz1763674-fence_rhevm-add-cookie-support.patch +Patch49: bz1773890-fence_scsi-add-hash-key-value-support.patch +Patch50: bz1774458-fence_sbd-stderr-support.patch +Patch51: bz1771594-1-fencing-inetX_only-SSH-fence_zvmip.patch +Patch52: bz1771594-2-fence_redfish-fence_vmware_soap-suppress-warning.patch +Patch53: bz1781357-fence_aws-improve-logging-and-metadata-usage-text.patch +Patch54: bz1753228-fence_mpath-1-add-plug-parameter-support.patch +Patch55: bz1753228-fence_mpath-2-fix-plug-parameter-issues.patch +Patch56: bz1798641-fence_mpath-fix-reserve-parameter-typo.patch %if 0%{?fedora} || 0%{?rhel} > 7 %global supportedagents amt_ws apc apc_snmp bladecenter brocade cisco_mds cisco_ucs compute drac5 eaton_snmp emerson eps evacuate hpblade ibmblade ifmib ilo ilo_moonshot ilo_mp ilo_ssh intelmodular ipdu ipmilan mpath kdump redfish rhevm rsa rsb sbd scsi vmware_rest vmware_soap wti @@ -195,6 +212,23 @@ BuildRequires: python3-google-api-client %patch37 -p1 %patch38 -p1 %patch39 -p1 +%patch40 -p1 -F2 +%patch41 -p1 +%patch42 -p1 +%patch43 -p1 +%patch44 -p1 +%patch45 -p1 +%patch46 -p1 +%patch47 -p1 +%patch48 -p1 -F1 +%patch49 -p1 +%patch50 -p1 +%patch51 -p1 +%patch52 -p1 +%patch53 -p1 +%patch54 -p1 +%patch55 -p1 +%patch56 -p1 # prevent compilation of something that won't get used anyway sed -i.orig 's|FENCE_ZVM=1|FENCE_ZVM=0|' configure.ac @@ -334,8 +368,8 @@ Requires: fence-agents-lpar >= %{version}-%{release} %ifarch s390x Requires: fence-agents-zvm >= %{version}-%{release} %endif -Provides: fence-agents >= %{version}-%{release} -Obsoletes: fence-agents < 3.1.13 +Provides: %{name} >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} %description all A collection of executables to handle isolation ("fencing") of possibly misbehaving hosts by the means of remote power management, blocking @@ -359,7 +393,7 @@ Provides: bundled(python-aliyun-sdk-core) = %{aliyunsdkcore_version} Provides: bundled(python-aliyun-sdk-ecs) = %{aliyunsdkecs_version} # python-aliyun-sdk-vpc bundle Provides: bundled(python-aliyun-sdk-vpc) = %{aliyunsdkvpc_version} -Obsoletes: fence-agents +Obsoletes: %{name} < %{version}-%{release} %description aliyun The fence-agents-aliyun package contains a fence agent for Alibaba Cloud (Aliyun) instances. %files aliyun @@ -379,6 +413,7 @@ Group: System Environment/Base Summary: Fence agent for Intel AMT (WS-Man) devices Requires: fence-agents-common >= %{version}-%{release} Requires: openwsman-python3 +Obsoletes: %{name} < %{version}-%{release} BuildArch: noarch %description amt-ws The fence-agents-amt-ws package contains a fence agent for AMT (WS-Man) devices. @@ -393,6 +428,7 @@ Group: System Environment/Base Summary: Fence agent for APC devices Requires: telnet openssh-clients Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} BuildArch: noarch %description apc Fence agent for APC devices that are accessed via telnet or SSH. @@ -406,6 +442,7 @@ Group: System Environment/Base Summary: Fence agents for APC devices (SNMP) Requires: net-snmp-utils Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} BuildArch: noarch %description apc-snmp Fence agents for APC devices that are accessed via the SNMP protocol. @@ -420,8 +457,8 @@ Group: System Environment/Base Summary: Fence agent for Amazon AWS Requires: fence-agents-common >= %{version}-%{release} Requires: python3-boto3 +Obsoletes: %{name} < %{version}-%{release} BuildArch: noarch -Obsoletes: fence-agents %description aws Fence agent for Amazon AWS instances. %files aws @@ -436,8 +473,8 @@ Group: System Environment/Base Summary: Fence agent for Azure Resource Manager Requires: fence-agents-common >= %{version}-%{release} Requires: python3-azure-sdk >= 4.0.0-9 +Obsoletes: %{name} < %{version}-%{release} BuildArch: noarch -Obsoletes: fence-agents %description azure-arm Fence agent for Azure Resource Manager instances. %files azure-arm @@ -453,6 +490,7 @@ Group: System Environment/Base Summary: Fence agent for IBM BladeCenter Requires: telnet openssh-clients Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} BuildArch: noarch %description bladecenter Fence agent for IBM BladeCenter devices that are accessed @@ -467,6 +505,7 @@ Group: System Environment/Base Summary: Fence agent for Brocade switches Requires: telnet openssh-clients Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} BuildArch: noarch %description brocade Fence agent for Brocade devices that are accessed via telnet or SSH. @@ -480,6 +519,7 @@ Group: System Environment/Base Summary: Fence agent for Cisco MDS 9000 series Requires: net-snmp-utils Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} BuildArch: noarch %description cisco-mds Fence agent for Cisco MDS 9000 series devices that are accessed @@ -494,6 +534,7 @@ Group: System Environment/Base Summary: Fence agent for Cisco UCS series Requires: python3-pycurl Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} BuildArch: noarch %description cisco-ucs Fence agent for Cisco UCS series devices that are accessed @@ -508,6 +549,7 @@ Group: System Environment/Base Summary: Fence agent for Nova compute nodes Requires: python3-requests Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} BuildArch: noarch %description compute Fence agent for Nova compute nodes. @@ -523,6 +565,7 @@ Group: System Environment/Base Summary: Fence agent for Dell DRAC 5 Requires: telnet openssh-clients Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} BuildArch: noarch %description drac5 Fence agent for Dell DRAC 5 series devices that are accessed @@ -537,6 +580,7 @@ Group: System Environment/Base Summary: Fence agent for Eaton network power switches Requires: net-snmp-utils Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} BuildArch: noarch %description eaton-snmp Fence agent for Eaton network power switches that are accessed @@ -550,6 +594,7 @@ License: GPLv2+ and LGPLv2+ Group: System Environment/Base Summary: Fence agent for Emerson devices (SNMP) Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} BuildArch: noarch %description emerson Fence agent for Emerson devices that are accessed via @@ -563,6 +608,7 @@ License: GPLv2+ and LGPLv2+ Group: System Environment/Base Summary: Fence agent for ePowerSwitch 8M+ power switches Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} BuildArch: noarch %description eps Fence agent for ePowerSwitch 8M+ power switches that are accessed @@ -578,8 +624,8 @@ Group: System Environment/Base Summary: Fence agent for GCE (Google Cloud Engine) Requires: fence-agents-common >= %{version}-%{release} Requires: python3-google-api-client +Obsoletes: %{name} < %{version}-%{release} BuildArch: noarch -Obsoletes: fence-agents %description gce Fence agent for GCE (Google Cloud Engine) instances. %files gce @@ -592,8 +638,8 @@ License: GPLv2+ and LGPLv2+ Group: System Environment/Base Summary: Pseudo fence agent to affect other agents based on ping-heuristics Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} BuildArch: noarch -Obsoletes: fence-agents %description heuristics-ping Fence pseudo agent used to affect other agents based on ping-heuristics. @@ -607,6 +653,7 @@ Group: System Environment/Base Summary: Fence agent for HP BladeSystem devices Requires: telnet openssh-clients Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} BuildArch: noarch %description hpblade Fence agent for HP BladeSystem devices that are accessed via telnet @@ -621,6 +668,7 @@ Group: System Environment/Base Summary: Fence agent for IBM BladeCenter Requires: net-snmp-utils Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} BuildArch: noarch %description ibmblade Fence agent for IBM BladeCenter devices that are accessed @@ -635,6 +683,7 @@ Group: System Environment/Base Summary: Fence agent for devices with IF-MIB interfaces Requires: net-snmp-utils Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} BuildArch: noarch %description ifmib Fence agent for IF-MIB interfaces that are accessed via @@ -649,6 +698,7 @@ Group: System Environment/Base Summary: Fence agents for HP iLO2 devices Requires: gnutls-utils Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} BuildArch: noarch %description ilo2 Fence agents for HP iLO2 devices that are accessed via @@ -665,6 +715,7 @@ Group: System Environment/Base Summary: Fence agent for HP iLO Moonshot devices Requires: telnet openssh-clients Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} BuildArch: noarch %description ilo-moonshot Fence agent for HP iLO Moonshot devices that are accessed @@ -679,6 +730,7 @@ Group: System Environment/Base Summary: Fence agent for HP iLO MP devices Requires: telnet openssh-clients Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} BuildArch: noarch %description ilo-mp Fence agent for HP iLO MP devices that are accessed via telnet or SSH. @@ -692,6 +744,7 @@ Group: System Environment/Base Summary: Fence agents for HP iLO devices over SSH Requires: openssh-clients Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} BuildArch: noarch %description ilo-ssh Fence agents for HP iLO devices that are accessed via telnet or SSH. @@ -711,6 +764,7 @@ Group: System Environment/Base Summary: Fence agent for devices with Intel Modular interfaces Requires: net-snmp-utils Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} BuildArch: noarch %description intelmodular Fence agent for Intel Modular interfaces that are accessed @@ -725,6 +779,7 @@ Group: System Environment/Base Summary: Fence agent for IBM iPDU network power switches Requires: net-snmp-utils Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} BuildArch: noarch %description ipdu Fence agent for IBM iPDU network power switches that are accessed @@ -739,6 +794,7 @@ Group: System Environment/Base Summary: Fence agents for devices with IPMI interface Requires: /usr/bin/ipmitool Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} BuildArch: noarch %description ipmilan Fence agents for devices with IPMI interface. @@ -761,6 +817,7 @@ License: GPLv2+ and LGPLv2+ Group: System Environment/Base Summary: Fence agent for use with kdump crash recovery service Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} # this cannot be noarch since it's compiled %description kdump Fence agent for use with kdump crash recovery service. @@ -777,6 +834,7 @@ Group: System Environment/Base Summary: Fence agent for IBM LPAR Requires: telnet openssh-clients Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} BuildArch: noarch %description lpar Fence agent for IBM LPAR devices that are accessed via telnet or SSH. @@ -791,6 +849,7 @@ Group: System Environment/Base Summary: Fence agent for reservations over Device Mapper Multipath Requires: device-mapper-multipath Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} BuildArch: noarch %description mpath Fence agent for SCSI persistent reservation over @@ -806,7 +865,7 @@ Group: System Environment/Base Summary: Fence agent for Redfish Requires: fence-agents-common >= %{version}-%{release} Requires: python3-requests -Obsoletes: fence-agents +Obsoletes: %{name} < %{version}-%{release} %description redfish The fence-agents-redfish package contains a fence agent for Redfish %files redfish @@ -819,6 +878,7 @@ License: GPLv2+ and LGPLv2+ Group: System Environment/Base Summary: Fence agent for RHEV-M Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} BuildArch: noarch %description rhevm Fence agent for RHEV-M via REST API. @@ -833,6 +893,7 @@ Group: System Environment/Base Summary: Fence agent for IBM RSA II Requires: telnet openssh-clients Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} BuildArch: noarch %description rsa Fence agent for IBM RSA II devices that are accessed @@ -848,6 +909,7 @@ Group: System Environment/Base Summary: Fence agent for Fujitsu RSB Requires: telnet openssh-clients Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} BuildArch: noarch %description rsb Fence agent for Fujitsu RSB devices that are accessed @@ -863,6 +925,7 @@ Group: System Environment/Base Summary: Fence agent for SBD (storage-based death) Requires: sbd Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} BuildArch: noarch %description sbd Fence agent for SBD (storage-based death). @@ -877,6 +940,7 @@ Group: System Environment/Base Summary: Fence agent for SCSI persistent reservations Requires: sg3_utils Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} BuildArch: noarch %description scsi Fence agent for SCSI persistent reservations. @@ -892,6 +956,7 @@ Group: System Environment/Base Summary: Fence agent for virtual machines based on libvirt Requires: openssh-clients /usr/bin/virsh Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} BuildArch: noarch %description virsh Fence agent for virtual machines that are accessed via SSH. @@ -904,8 +969,8 @@ License: GPLv2+ and LGPLv2+ Group: System Environment/Base Summary: Fence agent for VMWare with REST API Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} BuildArch: noarch -Obsoletes: fence-agents %description vmware-rest Fence agent for VMWare with REST API. %files vmware-rest @@ -918,6 +983,7 @@ Group: System Environment/Base Summary: Fence agent for VMWare with SOAP API v4.1+ Requires: python3-suds python3-requests Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} BuildArch: noarch %description vmware-soap Fence agent for VMWare with SOAP API v4.1+. @@ -931,6 +997,7 @@ Group: System Environment/Base Summary: Fence agent for WTI Network power switches Requires: telnet openssh-clients Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} BuildArch: noarch %description wti Fence agent for WTI network power switches that are accessed @@ -945,6 +1012,7 @@ License: GPLv2+ and LGPLv2+ Group: System Environment/Base Summary: Fence agent for IBM z/VM over IP Requires: fence-agents-common >= %{version}-%{release} +Obsoletes: %{name} < %{version}-%{release} BuildArch: noarch %description zvm Fence agent for IBM z/VM over IP. @@ -954,9 +1022,56 @@ Fence agent for IBM z/VM over IP. %endif %changelog -* Thu Oct 17 2019 Oyvind Albrigtsen - 4.2.1-30.1 +* Thu Feb 13 2020 Oyvind Albrigtsen - 4.2.1-41 +- fence_mpath: add plug parameter support to be able to use pcmk_host_map + Resolves: rhbz#1753228 +- fence_mpath: fix --reserve parameter typo + Resolves: rhbz#1798641 + +* Fri Jan 31 2020 Oyvind Albrigtsen - 4.2.1-40 +- fence_aws: improve logging and metadata/usage text + Resolves: rhbz#1781357 + +* Tue Nov 26 2019 Oyvind Albrigtsen - 4.2.1-39 +- fencing: only use inetX_only parameters for SSH based agents and + fence_zvmip + Resolves: rhbz#1771594 + +* Wed Nov 20 2019 Oyvind Albrigtsen - 4.2.1-38 +- fence_sbd: add stderr support + Resolves: rhbz#1774458 + +* Tue Nov 19 2019 Oyvind Albrigtsen - 4.2.1-37 +- fence_scsi: add hash key-value support + Resolves: rhbz#1773890 + +* Wed Nov 13 2019 Oyvind Albrigtsen - 4.2.1-35 +- fence_rhevm: add cookie support + Resolves: rhbz#1763674 + +* Thu Nov 7 2019 Oyvind Albrigtsen - 4.2.1-34 +- fence_compute/fence_evacuate: fix region_name content type and + project shortopt in usage text and project-domain shortopt + Resolves: rhbz#1760201 +- fencing: improve stdin quote parsing + Resolves: rhbz#1769783 + +* Fri Oct 18 2019 Oyvind Albrigtsen - 4.2.1-33 +- fence_vmware_rest: improve logging + Resolves: rhbz#1760224 + +* Wed Oct 16 2019 Oyvind Albrigtsen - 4.2.1-32 - fence_compute: disable service after force-down - Resolves: rhbz#1762432 + Resolves: rhbz#1760213 + +* Thu Oct 3 2019 Oyvind Albrigtsen - 4.2.1-31 +- fence_aliyun: add RAM role support + Resolves: rhbz#1732766 +- fence_ilo4_ssh/fence_ilo5_ssh: add monitor timeout warning + Resolves: rhbz#1734811 +- fence_mpath: fix watchdog reboot not triggered when multipath + disconnected + Resolves: rhbz#1751704 * Fri Sep 6 2019 Oyvind Albrigtsen - 4.2.1-30 - fence_zvmip: fix Python 3 issues