This repository has been archived by the owner on Jan 20, 2023. It is now read-only.
Merge branch 'dev' to 'uaa' #28
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…ests. Change-Id: I345ecb97906ab3fa3d01d2691c2a00117684f0e5
Change-Id: I3119129d84a33523b1faf96e7247574ffed4b834
This change allows the orgunit for a computer account to be
specified in DN format, for example:
OU=project,OU=tenant,OU=node
Note that this a partial DN within the OU=Computers container.
Change-Id: If99cc186794e6d8dbfb3a283c14cf0919073b722
…PR 1817458) Change-Id: If5ac4c277a258cde8208a130a49d8a57791bd360
Change-Id: Ie76ef5e11505a6b83853a1cce7b83073a0bfcc32
Change-Id: I12ef38f81d69733d69edaff4b41891ec7cc6149e
Change-Id: I8cf44c71de464e209ed09ac662b580f58615bfee
Change-Id: I59ba09a5cbe74f9f138b3dba60cde4afed0e6ff1
Change-Id: Ia39bb2abd5faeb4413b5c2ed063bc367d895a771
Change-Id: Ibc05b7584bc3aeaa8fa20a63d0374aced2ff393c
Change-Id: I6d0e046885c6ae3fe84fc6a5ff9f6006e3026b61
sample curl REST API test output - https://bugzilla.eng.vmware.com/show_bug.cgi?id=1883274#c1 Change-Id: I1b6d546cb0b2a5148273d9fd56ad8d58b99acca8
Change-Id: If34a0dc048a7871156503f1d05289084a4be12aa
Change-Id: I9c27aa66db59eb7bd9ca974c6ceb86a136c60e3b
Change-Id: I6a706e9e88ddb48e0cd1042f66af77fdeb62a7ff
Change-Id: Ib446baf2cb45e15227c5fb52ec905fc775132e3a
Change-Id: Ie98913985bb3aeafd615385af33c633fc1888ef5
Change-Id: I2f9ab9ab97859acb4442e2d1af8760309b9cbe4c
Change-Id: Ib5eafa8cc65a21298cc475ace2ab1c0e478b1b30
…rd is running (PR 1881585) Change-Id: If10001060650eecdce06b2447fa8201daaeffb73
…ird is running (PR 1881585) Change-Id: I8184cff3d4985d6c14d7ac6f87e75c9f00efdbd7
Change-Id: Ia4307efaa123b282522e5e6d27997395c5ab27ae
Change-Id: I82860039929cfa01d872d3ffc8bd88692dc71b20
…rtAvailability + add tcp_close in cleanup Change-Id: I8b9eb1a69a80ab4796ceefa46b27b0b195eebfed
Change-Id: I4fd968a1a213b73f34525a0f0bef0d3cac2beba8
This change fixes the top-level photon OS build. The directory vmidentity/ssoclients is now built prior to lwraft and vmdir projects to satisfy library dependencies when REST is enabled. Change-Id: I3214901cc1e20596cd539de775ad89f3bf96c58b
Change-Id: I7ac528417fdcc1367db82eb75d3a812eb4b7cfb7
…ing m4 files Change-Id: I4e0e65e67a259684001f4ec73350279139f2ed59
…tion tests Change-Id: I6cfb9c92ec7cc84969dccc9b7fa973d6803246d4
root@lw-t3 [ /home/admin/workspaces/LW-5 ]# /opt/vmware/bin/lwraft-cli help
Usage: lwraft-cli { arguments }
Arguments:
node list --server-name <host name>
node state --server-name <host name>
--login <user@domain>
--password <password>
node promote --password <password>
[--host-name <host name> preferred Lightwave Raft host name, can be FQDN or IP]
[--domain-name <domain name> | --partner-name <host of partner> ]
node demote --server-name <host name>
--login <user@domain>
--password <password>
--demote-host-name <host to demote>]
help
* Promote can specify any node in the cluster as partner. It will find the leader and does the join eventually.
* also, retire lwraftleavefed.
* will retire lwraftpromo later after.
* address comments from Kyoung
Change-Id: I9d0b62e24811b40946251da2a3204ab5fa972ac1
Change-Id: I19773564d8cdd01697fc1c9d1c4cbd1a134f46bb
When ic-join was used with the --machine-account-name
and --use-machine-account parameters, it should use
the machine account credentials to authenticate to
the server. This changes makes this work -- it was
trying to use the Administrator credentials.
Add an option "create-computer-account" to vamfd-cli
so that this can be tested.
Test:
/opt/vmware/bin/ic-join \
--domain lightwave.local \
--machine-account-name xyzzy.lightwave.local \
--password 'xxxxxxxxxxxxxxxxxxxx' \
--org-unit ou=MyOrgUnit \
--use-machine-account \
--prejoined \
--domain-controller 10.0.0.1
20170922170013:INFO:Joining system to domain [lightwave.local] using controller at [10.0.0.1]
20170922170013:INFO:Validating credentials to partner [10.0.0.1] at domain [lightwave.local]
20170922170043:INFO:Starting service [dcerpc]
20170922170043:INFO:Starting service [vmafd]
20170922170059:INFO:Setting various configuration values
20170922170059:INFO:Joining system to directory service at [10.0.0.1]
20170922170204:INFO:Refreshing root certificates from VMware Certificate Authority
20170922170219:INFO:Generating Machine SSL cert
20170922170239:INFO:Setting Machine SSL certificate
Domain Join was successful
Change-Id: Ibf33164bb4d58f2745e790c7e3e0a3331d7972ff
Change-Id: Ic75db7e296cfcbfdce317a9072695b65e21de832
Change-Id: I17663e86c49316ef65efd2baa317c7d57cfe3f76
Pre-requisites:
1. Running Docker on host where Hypermake is used to build
2. Installation of Hypermake
Usage:
1. Use "hmake build" to build the Lightwave components for PhotonOS
2. Use "hmake pack" to build the Lightwave RPMs for PhotonOS.
Context:
1. Builds a versioned lightwave-toolchain container based on PhotonOS that is used to build the Lightwave artifacts.
Change-Id: I199d4f18e2b4ecfc577c7f0fa0fa73c987f9546c
This change is to address the issue of firewall ports closing after every reboot. The firewall.service will now handle the ports for POST service as well Tests Performed: 1. Install server RPM and post RPM check the iptables rules. 2. Install server and post independantly check the rules. 3. Uninstall client check the service is unistalled. 4. Reboot the machine and check if rules are preserved. Change-Id: I792555cc00e658b436ccd814da729a9ce9c66fff
test output root@lw-t1 [ /home/admin/workspaces ]# ldapsearch -o ldif-wrap=no -x -h lw-t1 -p 389 -D cn=administrator,cn=users,dc=lw,dc=local -w 'xx' -b "dc=lw,dc=local" -s base ldap_bind: Server is unwilling to perform (53) additional info: Simple bind not allowed root@lw-t1 [ /home/admin/workspaces ]# ldapsearch -o ldif-wrap=no -x -h lw-t1 -p 38900 -D cn=administrator,cn=users,dc=post,dc=local -w 'xx' -b "dc=post,dc=local" -s one ldap_bind: Server is unwilling to perform (53) additional info: Simple bind not allowed Change-Id: I56bf2296a8bf607814e273c1f965bd22cb5cbe65
Change-Id: I9ba6f982049336e1543b4af05f82739c022ca91b
Change-Id: I04278f0a12830e3cf1797f0aae4970918d30138e
Change-Id: Ide914d91e8ba4c15280e352e84722597bc451c4f
Bug 1856190:
Change:
Enabled HTTP over REST and HTTPS over REST end points for POST
POST proxy support for HTTPS will be done in a separate check-in.
Testing:
1) Issued simple curl commands on the POST end to test the functionality
2) Verified that swagger file (post-rest.json) changes does not have any effect in cascade controller
3) created kubernetes cluster using new tenant with the changes
Change-Id: I10dcac1d66a2846451cd2c46e2406a98e5e8d6b2
Change-Id: I569f851485638e4ea49f69e49e9eb8799015e90f
Change-Id: Ica281ed6eebaadac90739c13f55341e64eea1c2e
Change-Id: I9d4193c8524f612ba6148035cf64b3658af3ca44
…trieving domain name from subject Change-Id: I29290f9c9b9fade978533c01c0daf8cc83328af1
Change-Id: I2e4cc56820ad3d8a74816609cabebff4d58d4e41
…1964831) Change-Id: Icdb41b4fcff943a6fffa47187c39e0d22ed8b2c8
- Add new functions which were added in http://code.pslabs.eng.vmware.com:8082/#/c/1003/ Change-Id: I2a5cd6a1c29da919500dcc6704729680093d0143
Approved By: Suresh Chellappan Reviewed By: Suresh Chellappan, Neel Shah Change-Id: I0f479a5cd689cd8e7f42c806fd813851e75c33be
Change-Id: I229c2350b3cf6cce9039707fdc22a8da5a1b24e3
1) Modified the histogram bucket ranges for ldap and dcerpc metrics.
2) Added new metrics tags for LDAP_BUSY and LDAP_OTHER.
3) Added inputs.disk to telegraf configuration.
Test:
1) Promoted a Lightwave instance
2) Ran command 'curl http://localhost:7477/v1/vmdir/metrics'
The response included the correct histogram bucket ranges:
vmdir_ldap_request_duration_bucket{le="1",operation="search"} 132
vmdir_ldap_request_duration_bucket{le="10",operation="search"} 133
vmdir_ldap_request_duration_bucket{le="100",operation="search"} 133
vmdir_ldap_request_duration_bucket{le="500",operation="search"} 133
vmdir_ldap_request_duration_bucket{le="1000",operation="search"} 133
vmdir_ldap_request_duration_bucket{le="+Inf",operation="search"} 133
Change-Id: I6d822382ea7d5697525988d7451c9982dafecb85
Bug: 1968938
Changes:
- Add HTTPS forward logic in POST proxy layer
Testing:
- Exercised basic curl commands with --insecure option
- created a k8s cluster with the changes to ensure existing logic is intact
Change-Id: I24e344ce89b42ea07e2024a905fde8a20197e444
…ay everything" case (PR 1971144) Change-Id: I62c77c67e5f1af35bf526b7e41d2e3188a572164
Deleting aws code deploy scripts as project is being moved to another repo. Change-Id: I484ff8b404ce253abd9a906893c74edcec81dd62
The active Lightwave build container is under support/toolchain/docker Change-Id: Ia3677aac1a1d61a4ed41a4ede632257283216407
Modified the histogram bucket ranges. Added 1s bucket and removed
5ms bucket.
Test:
Ran the command 'curl http://localhost:7677/v1/dns/metrics'
The response included the updated histogram bucket ranges:
vmdns_rpc_request_duration_bucket{le="1",operation="update"} 0
vmdns_rpc_request_duration_bucket{le="10",operation="update"} 0
vmdns_rpc_request_duration_bucket{le="100",operation="update"} 1
vmdns_rpc_request_duration_bucket{le="300",operation="update"} 1
vmdns_rpc_request_duration_bucket{le="1000",operation="update"} 1
vmdns_rpc_request_duration_bucket{le="+Inf",operation="update"} 1
Change-Id: I81c2c02e54fbcbd43d8d354014219bc5e5d3e4c0
Name the build container vmware/lightwave-toolchain-photon since this is based on PhotonOS. Change-Id: Ia5361b2bccc377e9f81efcbe8fbbe5aabe169c32
Bug 1969584
Change:
SSL init is being done in both c-rest-engine (for https) and vmdir (for ldaps)
During shutdown, calling VmDirRESTServerShutdown first, frees ssl related metrics
Simultaneously if replication thread is performing SASL bind results in accessing NULL values.
Disabling HTTPS end point in directory service for now, this is a temporary fix,
until ssl init logic is fixed in c-rest-engine (Bug 1962032)
Test:
Verified that with the changes, HTTPS end point is disabled
Change-Id: I0ab39cca675885b978704ebcfe02a4eb790b6fd1
This change is to address the locked state that POST nodes get into in the CI/CD pipeline. Changes made: 1. Added logging to log node the request is proxied to 2. Changed the read request for proxy. 3. Failure response handling for proxy. 4. Connection timeout for curl Tests done: 1. Set up a 3-node post cluster 2. Add users, get users, delete pointing to leader 3. Add users, get users, delete pointing to follower 4. Cause a leader change and repeat the steps 5. Check for failure scenario where leader is not present. Change-Id: I36f8f564fcf62786df194f4df3fc258e0afd3db4
Change-Id: I1d0ebdc5c1324bcd3841feca28c6565a0a7d204b
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Up to date merge of 'dev' to 'uaa' prior to merging back to dev.
This merge undoes some of the repo overrides in the Ant build scripts that were "necessary" for the Ubuntu build. Without the change, UAA is unable to find the local Maven repository where the vmidentity jars are located.