diff --git a/SOURCES/bz1750596-fence_scsi-add-readonly-parameter.patch b/SOURCES/bz1750596-fence_scsi-add-readonly-parameter.patch new file mode 100644 index 0000000..dea7876 --- /dev/null +++ b/SOURCES/bz1750596-fence_scsi-add-readonly-parameter.patch @@ -0,0 +1,79 @@ +From f1f8fe7791d0bf439f7caf1365c371153f9819ff Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Thu, 14 May 2020 15:41:52 +0200 +Subject: [PATCH] fence_scsi: add readonly parameter + +--- + agents/scsi/fence_scsi.py | 21 ++++++++++++++++++--- + tests/data/metadata/fence_scsi.xml | 5 +++++ + 2 files changed, 23 insertions(+), 3 deletions(-) + +diff --git a/agents/scsi/fence_scsi.py b/agents/scsi/fence_scsi.py +index 9b6af556..77817f35 100644 +--- a/agents/scsi/fence_scsi.py ++++ b/agents/scsi/fence_scsi.py +@@ -150,7 +150,10 @@ def reserve_dev(options, dev): + + def get_reservation_key(options, dev): + reset_dev(options,dev) +- cmd = options["--sg_persist-path"] + " -n -i -r -d " + dev ++ opts = "" ++ if "--readonly" in options: ++ opts = "-y " ++ cmd = options["--sg_persist-path"] + " -n -i " + opts + "-r -d " + dev + out = run_cmd(options, cmd) + if out["err"]: + fail_usage("Cannot get reservation key") +@@ -161,7 +164,10 @@ def get_reservation_key(options, dev): + def get_registration_keys(options, dev, fail=True): + reset_dev(options,dev) + keys = [] +- cmd = options["--sg_persist-path"] + " -n -i -k -d " + dev ++ opts = "" ++ if "--readonly" in options: ++ opts = "-y " ++ cmd = options["--sg_persist-path"] + " -n -i " + opts + "-k -d " + dev + out = run_cmd(options, cmd) + if out["err"]: + fail_usage("Cannot get registration keys", fail) +@@ -342,6 +348,14 @@ def define_new_opts(): + "shortdesc" : "Use the APTPL flag for registrations. This option is only used for the 'on' action.", + "order": 1 + } ++ all_opt["readonly"] = { ++ "getopt" : "", ++ "longopt" : "readonly", ++ "help" : "--readonly Open DEVICE read-only. May be useful with PRIN commands if there are unwanted side effects with the default read-write open.", ++ "required" : "0", ++ "shortdesc" : "Open DEVICE read-only.", ++ "order": 4 ++ } + all_opt["logfile"] = { + "getopt" : ":", + "longopt" : "logfile", +@@ -464,7 +478,8 @@ def main(): + + device_opt = ["no_login", "no_password", "devices", "nodename", "port",\ + "no_port", "key", "aptpl", "fabric_fencing", "on_target", "corosync_cmap_path",\ +- "sg_persist_path", "sg_turs_path", "logfile", "vgs_path", "force_on", "key_value"] ++ "sg_persist_path", "sg_turs_path", "readonly", "logfile", "vgs_path",\ ++ "force_on", "key_value"] + + define_new_opts() + +diff --git a/tests/data/metadata/fence_scsi.xml b/tests/data/metadata/fence_scsi.xml +index b840f3cf..d0818b0d 100644 +--- a/tests/data/metadata/fence_scsi.xml ++++ b/tests/data/metadata/fence_scsi.xml +@@ -36,6 +36,11 @@ When used as a watchdog device you can define e.g. retry=1, retry-sleep=2 and ve + + Name of the node to be fenced. The node name is used to generate the key value used for the current operation. This option will be ignored when used with the -k option. + ++ ++ ++ ++ Open DEVICE read-only. ++ + + + diff --git a/SOURCES/bz1793739-fence_vmware_rest-1-fix-encoding.patch b/SOURCES/bz1793739-fence_vmware_rest-1-fix-encoding.patch new file mode 100644 index 0000000..c215ab1 --- /dev/null +++ b/SOURCES/bz1793739-fence_vmware_rest-1-fix-encoding.patch @@ -0,0 +1,23 @@ +From 06cba4aa30322f410b0b2fec5785be39d0953433 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Wed, 12 Feb 2020 14:21:54 +0100 +Subject: [PATCH] fence_vmware_rest: fix encoding to avoid issues with UTF-8 + encoded comments + +--- + agents/vmware_rest/fence_vmware_rest.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/agents/vmware_rest/fence_vmware_rest.py b/agents/vmware_rest/fence_vmware_rest.py +index cd99b4ac..d07bc10d 100644 +--- a/agents/vmware_rest/fence_vmware_rest.py ++++ b/agents/vmware_rest/fence_vmware_rest.py +@@ -127,7 +127,7 @@ def send_command(conn, command, method="GET"): + raise Exception(e[1]) + + rc = conn.getinfo(pycurl.HTTP_CODE) +- result = web_buffer.getvalue().decode() ++ result = web_buffer.getvalue().decode("UTF-8") + + web_buffer.close() + diff --git a/SOURCES/bz1793739-fence_vmware_rest-2-support-utf-8-vm-names.patch b/SOURCES/bz1793739-fence_vmware_rest-2-support-utf-8-vm-names.patch new file mode 100644 index 0000000..ce113af --- /dev/null +++ b/SOURCES/bz1793739-fence_vmware_rest-2-support-utf-8-vm-names.patch @@ -0,0 +1,38 @@ +From 80aea3942aaca881349230a32b5dcc06c57de98a Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Tue, 19 May 2020 15:10:16 +0200 +Subject: [PATCH] fence_vmware_rest: support UTF-8 VM names + +--- + agents/vmware_rest/fence_vmware_rest.py | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +diff --git a/agents/vmware_rest/fence_vmware_rest.py b/agents/vmware_rest/fence_vmware_rest.py +index 675de246..a038a096 100644 +--- a/agents/vmware_rest/fence_vmware_rest.py ++++ b/agents/vmware_rest/fence_vmware_rest.py +@@ -8,11 +8,14 @@ + from fencing import * + from fencing import fail, run_delay, EC_LOGIN_DENIED, EC_STATUS + ++if sys.version_info[0] > 2: import urllib.parse as urllib ++else: import urllib ++ + state = {"POWERED_ON": "on", 'POWERED_OFF': "off", 'SUSPENDED': "off"} + + def get_power_status(conn, options): + try: +- res = send_command(conn, "vcenter/vm?filter.names={}".format(options["--plug"]))["value"] ++ res = send_command(conn, "vcenter/vm?filter.names={}".format(urllib.quote(options["--plug"])))["value"] + except Exception as e: + logging.debug("Failed: {}".format(e)) + fail(EC_STATUS) +@@ -58,7 +61,7 @@ def get_list(conn, options): + fail(EC_STATUS) + + for r in res["value"]: +- outlets[r["name"]] = ("", state[r["power_state"]]) ++ outlets[r["name"].encode("UTF-8")] = ("", state[r["power_state"]]) + + return outlets + diff --git a/SOURCES/bz1827652-fence_vmware_rest-1-add-filter-parameter.patch b/SOURCES/bz1827652-fence_vmware_rest-1-add-filter-parameter.patch new file mode 100644 index 0000000..2e17f7f --- /dev/null +++ b/SOURCES/bz1827652-fence_vmware_rest-1-add-filter-parameter.patch @@ -0,0 +1,92 @@ +From ab193580dcdd810b7bef69cc04cebef315f4781d Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Thu, 23 Apr 2020 15:55:11 +0200 +Subject: [PATCH] fence_vmware_rest: add filter parameter + +--- + agents/vmware_rest/fence_vmware_rest.py | 24 ++++++++++++++++++++--- + tests/data/metadata/fence_vmware_rest.xml | 9 ++++++++- + 2 files changed, 29 insertions(+), 4 deletions(-) + +diff --git a/agents/vmware_rest/fence_vmware_rest.py b/agents/vmware_rest/fence_vmware_rest.py +index 1505ffe6..6daff121 100644 +--- a/agents/vmware_rest/fence_vmware_rest.py ++++ b/agents/vmware_rest/fence_vmware_rest.py +@@ -42,7 +42,10 @@ def get_list(conn, options): + outlets = {} + + try: +- res = send_command(conn, "vcenter/vm") ++ command = "vcenter/vm" ++ if "--filter" in options: ++ command = command + "?" + options["--filter"] ++ res = send_command(conn, command) + except: + logging.debug("Failed: {}".format(e)) + fail(EC_STATUS) +@@ -157,6 +160,16 @@ def define_new_opts(): + "required" : "0", + "shortdesc" : "The path part of the API URL", + "order" : 2} ++ all_opt["filter"] = { ++ "getopt" : ":", ++ "longopt" : "filter", ++ "help" : "--filter=[filter] Filter to only return relevant VMs" ++ " (e.g. \"filter.names=node1&filter.names=node2\").", ++ "default" : "", ++ "required" : "0", ++ "shortdesc" : "Filter to only return relevant VMs. It can be used to avoid " ++ "the agent failing when more than 1000 VMs should be returned.", ++ "order" : 2} + + + def main(): +@@ -169,6 +182,7 @@ def main(): + "notls", + "web", + "port", ++ "filter", + ] + + atexit.register(atexit_handler) +@@ -181,8 +195,12 @@ def main(): + + docs = {} + docs["shortdesc"] = "Fence agent for VMware REST API" +- docs["longdesc"] = "fence_vmware_rest is an I/O Fencing agent which can be \ +-used with VMware API to fence virtual machines." ++ docs["longdesc"] = """fence_vmware_rest is an I/O Fencing agent which can be \ ++used with VMware API to fence virtual machines. ++ ++NOTE: If there's more than 1000 VMs there is a filter parameter to work around \ ++the API limit. See https://code.vmware.com/apis/62/vcenter-management#/VM%20/get_vcenter_vm \ ++for full list of filters.""" + docs["vendorurl"] = "https://www.vmware.com" + show_docs(options, docs) + +diff --git a/tests/data/metadata/fence_vmware_rest.xml b/tests/data/metadata/fence_vmware_rest.xml +index 5b497a6a..d60c8775 100644 +--- a/tests/data/metadata/fence_vmware_rest.xml ++++ b/tests/data/metadata/fence_vmware_rest.xml +@@ -1,6 +1,8 @@ + + +-fence_vmware_rest is an I/O Fencing agent which can be used with VMware API to fence virtual machines. ++fence_vmware_rest is an I/O Fencing agent which can be used with VMware API to fence virtual machines. ++ ++NOTE: If there's more than 1000 VMs there is a filter parameter to work around the API limit. See https://code.vmware.com/apis/62/vcenter-management#/VM%20/get_vcenter_vm for full list of filters. + https://www.vmware.com + + +@@ -87,6 +89,11 @@ + + The path part of the API URL + ++ ++ ++ ++ Filter to only return relevant VMs. It can be used to avoid the agent failing when more than 1000 VMs should be returned. ++ + + + diff --git a/SOURCES/bz1827652-fence_vmware_rest-2-fix-1000-VM-monitor-error.patch b/SOURCES/bz1827652-fence_vmware_rest-2-fix-1000-VM-monitor-error.patch new file mode 100644 index 0000000..0f83fa7 --- /dev/null +++ b/SOURCES/bz1827652-fence_vmware_rest-2-fix-1000-VM-monitor-error.patch @@ -0,0 +1,76 @@ +From 0296bc8512e37b8b935bc342b6493ed4fa8aa001 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Thu, 14 May 2020 13:17:04 +0200 +Subject: [PATCH 1/2] fence_vmware_rest: fix exception and remove default value + for filter parameter (which was shown in the manpage) + +--- + agents/vmware_rest/fence_vmware_rest.py | 3 +-- + tests/data/metadata/fence_vmware_rest.xml | 2 +- + 2 files changed, 2 insertions(+), 3 deletions(-) + +diff --git a/agents/vmware_rest/fence_vmware_rest.py b/agents/vmware_rest/fence_vmware_rest.py +index 6daff121..2635ae07 100644 +--- a/agents/vmware_rest/fence_vmware_rest.py ++++ b/agents/vmware_rest/fence_vmware_rest.py +@@ -46,7 +46,7 @@ def get_list(conn, options): + if "--filter" in options: + command = command + "?" + options["--filter"] + res = send_command(conn, command) +- except: ++ except Exception as e: + logging.debug("Failed: {}".format(e)) + fail(EC_STATUS) + +@@ -165,7 +165,6 @@ def define_new_opts(): + "longopt" : "filter", + "help" : "--filter=[filter] Filter to only return relevant VMs" + " (e.g. \"filter.names=node1&filter.names=node2\").", +- "default" : "", + "required" : "0", + "shortdesc" : "Filter to only return relevant VMs. It can be used to avoid " + "the agent failing when more than 1000 VMs should be returned.", +diff --git a/tests/data/metadata/fence_vmware_rest.xml b/tests/data/metadata/fence_vmware_rest.xml +index d60c8775..830b6a21 100644 +--- a/tests/data/metadata/fence_vmware_rest.xml ++++ b/tests/data/metadata/fence_vmware_rest.xml +@@ -91,7 +91,7 @@ NOTE: If there's more than 1000 VMs there is a filter parameter to work around t + + + +- ++ + Filter to only return relevant VMs. It can be used to avoid the agent failing when more than 1000 VMs should be returned. + + + +From 7420cf9f11568be7239956bed4631cdbaa6fb87c Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Thu, 14 May 2020 14:17:03 +0200 +Subject: [PATCH 2/2] fence_vmware_rest: dont fail when receiving more than + 1000 VM error during monitor-action + +--- + agents/vmware_rest/fence_vmware_rest.py | 9 ++++++++- + 1 file changed, 8 insertions(+), 1 deletion(-) + +diff --git a/agents/vmware_rest/fence_vmware_rest.py b/agents/vmware_rest/fence_vmware_rest.py +index 2635ae07..675de246 100644 +--- a/agents/vmware_rest/fence_vmware_rest.py ++++ b/agents/vmware_rest/fence_vmware_rest.py +@@ -48,7 +48,14 @@ def get_list(conn, options): + res = send_command(conn, command) + except Exception as e: + logging.debug("Failed: {}".format(e)) +- fail(EC_STATUS) ++ if str(e).startswith("400"): ++ if options.get("--original-action") == "monitor": ++ return outlets ++ else: ++ logging.error("More than 1000 VMs returned. Use --filter parameter to limit which VMs to list.") ++ fail(EC_STATUS) ++ else: ++ fail(EC_STATUS) + + for r in res["value"]: + outlets[r["name"]] = ("", state[r["power_state"]]) diff --git a/SOURCES/bz1827652-fence_vmware_rest-add-filter-parameter.patch b/SOURCES/bz1827652-fence_vmware_rest-add-filter-parameter.patch deleted file mode 100644 index 2e17f7f..0000000 --- a/SOURCES/bz1827652-fence_vmware_rest-add-filter-parameter.patch +++ /dev/null @@ -1,92 +0,0 @@ -From ab193580dcdd810b7bef69cc04cebef315f4781d Mon Sep 17 00:00:00 2001 -From: Oyvind Albrigtsen -Date: Thu, 23 Apr 2020 15:55:11 +0200 -Subject: [PATCH] fence_vmware_rest: add filter parameter - ---- - agents/vmware_rest/fence_vmware_rest.py | 24 ++++++++++++++++++++--- - tests/data/metadata/fence_vmware_rest.xml | 9 ++++++++- - 2 files changed, 29 insertions(+), 4 deletions(-) - -diff --git a/agents/vmware_rest/fence_vmware_rest.py b/agents/vmware_rest/fence_vmware_rest.py -index 1505ffe6..6daff121 100644 ---- a/agents/vmware_rest/fence_vmware_rest.py -+++ b/agents/vmware_rest/fence_vmware_rest.py -@@ -42,7 +42,10 @@ def get_list(conn, options): - outlets = {} - - try: -- res = send_command(conn, "vcenter/vm") -+ command = "vcenter/vm" -+ if "--filter" in options: -+ command = command + "?" + options["--filter"] -+ res = send_command(conn, command) - except: - logging.debug("Failed: {}".format(e)) - fail(EC_STATUS) -@@ -157,6 +160,16 @@ def define_new_opts(): - "required" : "0", - "shortdesc" : "The path part of the API URL", - "order" : 2} -+ all_opt["filter"] = { -+ "getopt" : ":", -+ "longopt" : "filter", -+ "help" : "--filter=[filter] Filter to only return relevant VMs" -+ " (e.g. \"filter.names=node1&filter.names=node2\").", -+ "default" : "", -+ "required" : "0", -+ "shortdesc" : "Filter to only return relevant VMs. It can be used to avoid " -+ "the agent failing when more than 1000 VMs should be returned.", -+ "order" : 2} - - - def main(): -@@ -169,6 +182,7 @@ def main(): - "notls", - "web", - "port", -+ "filter", - ] - - atexit.register(atexit_handler) -@@ -181,8 +195,12 @@ def main(): - - docs = {} - docs["shortdesc"] = "Fence agent for VMware REST API" -- docs["longdesc"] = "fence_vmware_rest is an I/O Fencing agent which can be \ --used with VMware API to fence virtual machines." -+ docs["longdesc"] = """fence_vmware_rest is an I/O Fencing agent which can be \ -+used with VMware API to fence virtual machines. -+ -+NOTE: If there's more than 1000 VMs there is a filter parameter to work around \ -+the API limit. See https://code.vmware.com/apis/62/vcenter-management#/VM%20/get_vcenter_vm \ -+for full list of filters.""" - docs["vendorurl"] = "https://www.vmware.com" - show_docs(options, docs) - -diff --git a/tests/data/metadata/fence_vmware_rest.xml b/tests/data/metadata/fence_vmware_rest.xml -index 5b497a6a..d60c8775 100644 ---- a/tests/data/metadata/fence_vmware_rest.xml -+++ b/tests/data/metadata/fence_vmware_rest.xml -@@ -1,6 +1,8 @@ - - --fence_vmware_rest is an I/O Fencing agent which can be used with VMware API to fence virtual machines. -+fence_vmware_rest is an I/O Fencing agent which can be used with VMware API to fence virtual machines. -+ -+NOTE: If there's more than 1000 VMs there is a filter parameter to work around the API limit. See https://code.vmware.com/apis/62/vcenter-management#/VM%20/get_vcenter_vm for full list of filters. - https://www.vmware.com - - -@@ -87,6 +89,11 @@ - - The path part of the API URL - -+ -+ -+ -+ Filter to only return relevant VMs. It can be used to avoid the agent failing when more than 1000 VMs should be returned. -+ - - - diff --git a/SOURCES/bz1830776-fence_compute-fence_evacuate-fix-insecure-parameter.patch b/SOURCES/bz1830776-fence_compute-fence_evacuate-fix-insecure-parameter.patch new file mode 100644 index 0000000..914b7e3 --- /dev/null +++ b/SOURCES/bz1830776-fence_compute-fence_evacuate-fix-insecure-parameter.patch @@ -0,0 +1,122 @@ +From 8920d2fc7993453e7ad05f807f6ec51745b408a5 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Mon, 4 May 2020 16:53:55 +0200 +Subject: [PATCH] fence_compute/fence_evacuate: fix --insecure parameter + +--- + agents/compute/fence_compute.py | 10 +++++++--- + agents/evacuate/fence_evacuate.py | 10 +++++++--- + tests/data/metadata/fence_compute.xml | 2 +- + tests/data/metadata/fence_evacuate.xml | 2 +- + 4 files changed, 16 insertions(+), 8 deletions(-) + +diff --git a/agents/compute/fence_compute.py b/agents/compute/fence_compute.py +index d0e012e6..f53b97da 100644 +--- a/agents/compute/fence_compute.py ++++ b/agents/compute/fence_compute.py +@@ -281,7 +281,7 @@ def create_nova_connection(options): + + loader = loading.get_plugin_loader('password') + keystone_auth = loader.load_from_options(**kwargs) +- keystone_session = session.Session(auth=keystone_auth, verify=(not options["--insecure"])) ++ keystone_session = session.Session(auth=keystone_auth, verify=not "--insecure" in options) + + nova_versions = [ "2.11", "2" ] + for version in nova_versions: +@@ -307,7 +307,7 @@ def create_nova_connection(options): + None, # Password + None, # Tenant + None, # Auth URL +- insecure=options["--insecure"], ++ insecure="--insecure" in options, + region_name=options["--region-name"], + endpoint_type=options["--endpoint-type"], + session=keystone_session, auth=keystone_auth, +@@ -395,7 +395,6 @@ def define_new_opts(): + "help" : "--insecure Explicitly allow agent to perform \"insecure\" TLS (https) requests", + "required" : "0", + "shortdesc" : "Allow Insecure TLS Requests", +- "default" : "False", + "order": 2, + } + all_opt["domain"] = { +@@ -484,6 +483,11 @@ def main(): + options["--domain"] = options["--compute-domain"] + del options["--domain"] + ++ # Disable insecure-certificate-warning message ++ if "--insecure" in options: ++ import urllib3 ++ urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) ++ + logging.debug("Running "+options["--action"]) + connection = create_nova_connection(options) + +diff --git a/agents/evacuate/fence_evacuate.py b/agents/evacuate/fence_evacuate.py +index 60bb130e..88837dd8 100644 +--- a/agents/evacuate/fence_evacuate.py ++++ b/agents/evacuate/fence_evacuate.py +@@ -217,7 +217,7 @@ def create_nova_connection(options): + + loader = loading.get_plugin_loader('password') + keystone_auth = loader.load_from_options(**kwargs) +- keystone_session = session.Session(auth=keystone_auth, verify=(not options["--insecure"])) ++ keystone_session = session.Session(auth=keystone_auth, verify=not "--insecure" in options) + + versions = [ "2.11", "2" ] + for version in versions: +@@ -244,7 +244,7 @@ def create_nova_connection(options): + None, # Password + None, # Tenant + None, # Auth URL +- insecure=options["--insecure"], ++ insecure="--insecure" in options, + region_name=options["--region-name"], + endpoint_type=options["--endpoint-type"], + session=keystone_session, auth=keystone_auth, +@@ -332,7 +332,6 @@ def define_new_opts(): + "help" : "--insecure Explicitly allow agent to perform \"insecure\" TLS (https) requests", + "required" : "0", + "shortdesc" : "Allow Insecure TLS Requests", +- "default" : "False", + "order": 2, + } + all_opt["domain"] = { +@@ -397,6 +396,11 @@ def main(): + del options["--domain"] + + ++ # Disable insecure-certificate-warning message ++ if "--insecure" in options: ++ import urllib3 ++ urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) ++ + connection = create_nova_connection(options) + + # Un-evacuating a server doesn't make sense +diff --git a/tests/data/metadata/fence_compute.xml b/tests/data/metadata/fence_compute.xml +index 99d56af0..2f183268 100644 +--- a/tests/data/metadata/fence_compute.xml ++++ b/tests/data/metadata/fence_compute.xml +@@ -70,7 +70,7 @@ + + + +- ++ + Allow Insecure TLS Requests + + +diff --git a/tests/data/metadata/fence_evacuate.xml b/tests/data/metadata/fence_evacuate.xml +index 8c720b80..95da0e1b 100644 +--- a/tests/data/metadata/fence_evacuate.xml ++++ b/tests/data/metadata/fence_evacuate.xml +@@ -70,7 +70,7 @@ + + + +- ++ + Allow Insecure TLS Requests + + diff --git a/SOURCES/bz1839776-fence_aws-catch-connectionerror.patch b/SOURCES/bz1839776-fence_aws-catch-connectionerror.patch new file mode 100644 index 0000000..674586e --- /dev/null +++ b/SOURCES/bz1839776-fence_aws-catch-connectionerror.patch @@ -0,0 +1,95 @@ +From be20615859c518b3161b08ee63f5da5213eba91d Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Mon, 25 May 2020 14:03:53 +0200 +Subject: [PATCH 1/2] fence_aws: catch ConnectionError and suppress traceback + for caught exceptions + +--- + agents/aws/fence_aws.py | 10 ++++++---- + 1 file changed, 6 insertions(+), 4 deletions(-) + +diff --git a/agents/aws/fence_aws.py b/agents/aws/fence_aws.py +index 17c2fedb..191f5de1 100644 +--- a/agents/aws/fence_aws.py ++++ b/agents/aws/fence_aws.py +@@ -9,14 +9,14 @@ + from fencing import fail, fail_usage, run_delay, EC_STATUS, SyslogLibHandler + + import boto3 +-from botocore.exceptions import ClientError, EndpointConnectionError, NoRegionError ++from botocore.exceptions import ConnectionError, ClientError, EndpointConnectionError, NoRegionError + + logger = logging.getLogger("fence_aws") + logger.propagate = False + logger.setLevel(logging.INFO) + logger.addHandler(SyslogLibHandler()) + logging.getLogger('botocore.vendored').propagate = False +- ++ + def get_instance_id(): + try: + r = requests.get('http://169.254.169.254/latest/meta-data/instance-id') +@@ -38,6 +38,8 @@ def get_nodes_list(conn, options): + fail_usage("Failed: Incorrect Access Key or Secret Key.") + except EndpointConnectionError: + fail_usage("Failed: Incorrect Region.") ++ except ConnectionError as e: ++ fail_usage("Failed: Unable to connect to AWS: " + str(e)) + except Exception as e: + logger.error("Failed to get node list: %s", e) + logger.debug("Monitor operation OK: %s",result) +@@ -169,7 +171,7 @@ def main(): + + if options["--boto3_debug"] != "on": + boto3.set_stream_logger('boto3',logging.INFO) +- boto3.set_stream_logger('botocore',logging.INFO) ++ boto3.set_stream_logger('botocore',logging.CRITICAL) + logging.getLogger('botocore').propagate = False + logging.getLogger('boto3').propagate = False + else: +@@ -197,4 +199,4 @@ def main(): + sys.exit(result) + + if __name__ == "__main__": +- main() +\ No newline at end of file ++ main() + +From 50772024cffa60d05938d328bbd5cffd930f6b42 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Mon, 25 May 2020 14:07:14 +0200 +Subject: [PATCH 2/2] fence_aws: improve boto3_debug boolean handling + +--- + agents/aws/fence_aws.py | 4 ++-- + 2 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/agents/aws/fence_aws.py b/agents/aws/fence_aws.py +index 191f5de1..483a2991 100644 +--- a/agents/aws/fence_aws.py ++++ b/agents/aws/fence_aws.py +@@ -132,6 +132,7 @@ def define_new_opts(): + "help" : "-b, --boto3_debug=[option] Boto3 and Botocore library debug logging", + "shortdesc": "Boto Lib debug", + "required": "0", ++ "default": "False", + "order": 5 + } + +@@ -146,7 +147,6 @@ def main(): + define_new_opts() + + all_opt["power_timeout"]["default"] = "60" +- all_opt["boto3_debug"]["default"] = "off" + + options = check_input(device_opt, process_input(device_opt)) + +@@ -169,7 +169,7 @@ def main(): + lh.setFormatter(lhf) + logger.setLevel(logging.DEBUG) + +- if options["--boto3_debug"] != "on": ++ if options["--boto3_debug"].lower() not in ["1", "yes", "on", "true"]: + boto3.set_stream_logger('boto3',logging.INFO) + boto3.set_stream_logger('botocore',logging.CRITICAL) + logging.getLogger('botocore').propagate = False diff --git a/SPECS/fence-agents.spec b/SPECS/fence-agents.spec index 06a18a8..9f98cc1 100644 --- a/SPECS/fence-agents.spec +++ b/SPECS/fence-agents.spec @@ -29,7 +29,7 @@ Name: fence-agents Summary: Set of unified programs capable of host isolation ("fencing") Version: 4.2.1 -Release: 45%{?alphatag:.%{alphatag}}%{?dist} +Release: 49%{?alphatag:.%{alphatag}}%{?dist} License: GPLv2+ and LGPLv2+ Group: System Environment/Base URL: https://github.com/ClusterLabs/fence-agents @@ -99,7 +99,13 @@ Patch57: bz1810457-fence_aws-improve-parameter-logic.patch Patch58: bz1816203-fence_aws-1-fix-race-condition.patch Patch59: bz1816203-fence_aws-2-fix-python3-encoding.patch Patch60: bz1827559-fence_vmware_rest-improve-exception-handling.patch -Patch61: bz1827652-fence_vmware_rest-add-filter-parameter.patch +Patch61: bz1827652-fence_vmware_rest-1-add-filter-parameter.patch +Patch62: bz1827652-fence_vmware_rest-2-fix-1000-VM-monitor-error.patch +Patch63: bz1830776-fence_compute-fence_evacuate-fix-insecure-parameter.patch +Patch64: bz1750596-fence_scsi-add-readonly-parameter.patch +Patch65: bz1793739-fence_vmware_rest-1-fix-encoding.patch +Patch66: bz1793739-fence_vmware_rest-2-support-utf-8-vm-names.patch +Patch67: bz1839776-fence_aws-catch-connectionerror.patch %if 0%{?fedora} || 0%{?rhel} > 7 %global supportedagents amt_ws apc apc_snmp bladecenter brocade cisco_mds cisco_ucs compute drac5 eaton_snmp emerson eps evacuate hpblade ibmblade ifmib ilo ilo_moonshot ilo_mp ilo_ssh intelmodular ipdu ipmilan kdump lpar mpath redfish rhevm rsa rsb sbd scsi vmware_rest vmware_soap wti @@ -239,6 +245,12 @@ BuildRequires: python3-google-api-client %patch59 -p1 %patch60 -p1 -F1 %patch61 -p1 +%patch62 -p1 +%patch63 -p1 +%patch64 -p1 +%patch65 -p1 -F1 +%patch66 -p1 +%patch67 -p1 # prevent compilation of something that won't get used anyway sed -i.orig 's|FENCE_ZVM=1|FENCE_ZVM=0|' configure.ac @@ -1030,11 +1042,26 @@ Fence agent for IBM z/VM over IP. %endif %changelog +* Wed May 27 2020 Oyvind Albrigtsen - 4.2.1-49 +- fence_aws: improve logging by catching ConnectionError exception + Resolves: rhbz#1839776 + +* Wed May 20 2020 Oyvind Albrigtsen - 4.2.1-48 +- fence_vmware_rest: fix encoding issues + Resolves: rhbz#1793739 + +* Fri May 15 2020 Oyvind Albrigtsen - 4.2.1-47 +- fence_vmware_rest: add filter parameter to avoid 1000 VM API limit + and avoid failing when hitting it during the monitor-action + Resolves: rhbz#1827652 +- fence_compute/fence_evacuate: fix --insecure parameter + Resolves: rhbz#1830776 +- fence_scsi: add readonly parameter + Resolves: rhbz#1750596 + * Tue Apr 28 2020 Oyvind Albrigtsen - 4.2.1-45 - fence_vmware_rest: improve exception handling Resolves: rhbz#1827559 -- fence_vmware_rest: add filter parameter to avoid 1000 VM API limit - Resolves: rhbz#1827652 * Tue Mar 24 2020 Oyvind Albrigtsen - 4.2.1-44 - fence_aws: fix possible race condition