diff --git a/README.md b/README.md index 63dc742..fa21333 100644 --- a/README.md +++ b/README.md @@ -6,15 +6,15 @@ The way it works is by running a set of scripts that interact with the hardware using vendor tools/other methods while exposing a fake RedFish API that Metal3 can query. -The [app/](./app/) directory contains the FakeFish application. Inside the `app` directory we can find the [custom_scripts](./app/custom_scripts/) folder where we need to create scripts: +The [app/](./app/) directory contains the FakeFish application. Inside the [custom_scripts](./app/custom_scripts/) folder we need to create the following scripts: -|Script|What should it do?| -|------|----------------| -|`poweron.sh`|Power on the server| -|`poweroff.sh`|Power off the server| -|`bootfromcdonce.sh`|Set server to boot from virtual CD once| -|`mountcd.sh`|Mount the iso received in the server's virtual CD| -|`unmountcd.sh`|Unmount the iso from the server's virtual CD| +|Script|What should it do?|Script parameters| +|------|------------------|-----------------| +|`poweron.sh`|Power on the server|`$1` BMC IP, `$2` USERNAME, `$3` PASSWORD| +|`poweroff.sh`|Power off the server|`$1` BMC IP, `$2` USERNAME, `$3` PASSWORD| +|`bootfromcdonce.sh`|Set server to boot from virtual CD once|`$1` BMC IP, `$2` USERNAME, `$3` PASSWORD| +|`mountcd.sh`|Mount the iso received in the server's virtual CD|`$1` BMC IP, `$2` USERNAME, `$3` PASSWORD, `$4` ISO FILE URL| +|`unmountcd.sh`|Unmount the iso from the server's virtual CD|`$1` BMC IP, `$2` USERNAME, `$3` PASSWORD| The script names must match above naming, you can check the [dell_scripts](./dell_scripts/) folder to find example scripts with the correct naming. @@ -39,23 +39,23 @@ A [Containerfile](./custom_scripts/Containerfile) is included, so users can buil You need a FakeFish process for each server you plan to install. Think of FakeFish like if it was a custom implementation of a BMC for that specific server. -Since you will be potentially running multiple FakeFish instances, you will make use of an environment variable to configure in which port a given FakeFish instance listens on. On top of that, you need to do a bind mount for the folder containing the scripts for managing that specific server. +Since you will be potentially running multiple FakeFish instances, you will make use of an environment variable to configure in which port a given FakeFish instance listens on and another one to configure which BMC IP it provides service to. On top of that, you can do a bind mount for the folder containing the scripts for managing that specific server or use the scripts inside the container image. An example can be found below: > **NOTE**: Every container is mapped to a single BMC, but if more hosts are required, different ports can be used (9001, 9002,...) -```sh -podman run -p 9000:9000 -e PORT=9000 -v $PWD/dell_scripts:/opt/fakefish/custom_scripts:z quay.io/mavazque/fakefish:v0 +~~~sh +podman run -p 9000:9000 -e PORT=9000 -e BMC_IP=172.20.10.10 -v $PWD/dell_scripts:/opt/fakefish/custom_scripts:z quay.io/mavazque/fakefish:v0 sudo firewall-cmd --add-port=9000/tcp -``` +~~~ Then, in the `install-config.yaml` file, it is required to specify the IP where the container is running instead of the 'real' BMC: -```yaml +~~~yaml bmcAddress: redfish-virtualmedia://192.168.1.10:9000/redfish/v1/Systems/1 -``` +~~~ ## Logs @@ -63,8 +63,8 @@ In a successful execution you should see something like this in the logs: - Starting FakeFish - ```sh - $ podman run -p 9000:9000 -e PORT=9000 -v $PWD/dell_scripts:/opt/fakefish/custom_scripts:z quay.io/mavazque/fakefish:v0 + ~~~sh + $ podman run -p 9000:9000 -e PORT=9000 -e BMC_IP=172.20.10.10 -v $PWD/dell_scripts:/opt/fakefish/custom_scripts:z quay.io/mavazque/fakefish:v0 * Serving Flask app 'fakefish' (lazy loading) * Environment: production @@ -74,11 +74,11 @@ In a successful execution you should see something like this in the logs: * Running on all addresses. WARNING: This is a development server. Do not use it in a production deployment. * Running on https://10.19.3.25:9000/ (Press CTRL+C to quit) - ``` + ~~~ - Provisioning Logs - ```sh + ~~~sh 10.19.3.23 - - [20/Apr/2022 13:17:09] "GET /redfish/v1/Systems/1 HTTP/1.1" 200 - 10.19.3.23 - - [20/Apr/2022 13:17:09] "GET /redfish/v1/Systems/1 HTTP/1.1" 200 - 10.19.3.23 - - [20/Apr/2022 13:17:09] "GET /redfish/v1/Systems/1/BIOS HTTP/1.1" 404 - @@ -140,11 +140,11 @@ In a successful execution you should see something like this in the logs: 10.19.3.23 - - [20/Apr/2022 13:19:04] "POST /redfish/v1/Systems/1/Actions/ComputerSystem.Reset HTTP/1.1" 204 - 10.19.3.23 - - [20/Apr/2022 13:19:05] "GET /redfish/v1/Systems/1 HTTP/1.1" 200 - - ``` + ~~~ - Deprovisioning Logs - ```sh + ~~~sh 10.19.3.23 - - [20/Apr/2022 13:23:29] "GET /redfish/v1/Systems/1 HTTP/1.1" 200 - 10.19.3.23 - - [20/Apr/2022 13:23:29] "GET /redfish/v1/Managers/1 HTTP/1.1" 200 - 10.19.3.23 - - [20/Apr/2022 13:23:29] "GET /redfish/v1/Managers/1/VirtualMedia HTTP/1.1" 200 - @@ -167,5 +167,4 @@ In a successful execution you should see something like this in the logs: 10.19.3.23 - - [20/Apr/2022 13:24:09] "POST /redfish/v1/Systems/1/Actions/ComputerSystem.Reset HTTP/1.1" 204 - 10.19.3.23 - - [20/Apr/2022 13:24:10] "GET /redfish/v1/Systems/1 HTTP/1.1" 200 - - - ``` + ~~~ \ No newline at end of file diff --git a/app/fakefish.py b/app/fakefish.py index 714c73f..18cffe7 100755 --- a/app/fakefish.py +++ b/app/fakefish.py @@ -7,6 +7,7 @@ import requests import subprocess from datetime import datetime +from werkzeug.http import parse_authorization_header from requests.packages.urllib3.exceptions import InsecureRequestWarning requests.packages.urllib3.disable_warnings(InsecureRequestWarning) @@ -18,7 +19,7 @@ except ImportError: config = {'PORT': os.environ.get('PORT', 9000)} -debug = config['DEBUG'] if 'DEBUG' in list(config) else True +debug = bool(config['DEBUG']) if 'DEBUG' in list(config) else False port = int(config['PORT']) if 'PORT' in list(config) else 9000 @app.route('/redfish/v1/') @@ -35,6 +36,8 @@ def system_collection_resource(): @app.route('/redfish/v1/Systems/1', methods=['GET', 'PATCH']) def system_resource(): + username, password = get_credentials(flask.request) + global bmc_ip if flask.request.method == 'GET': return flask.render_template( 'fake_system.json', @@ -54,7 +57,7 @@ def system_resource(): else: app.logger.info('Running script that sets boot from VirtualCD once') try: - subprocess.check_call(['custom_scripts/bootfromcdonce.sh']) + subprocess.check_call(['custom_scripts/bootfromcdonce.sh', bmc_ip, username, password]) except subprocess.CalledProcessError as e: return ('Failed to set boot from virtualcd once', 400) @@ -74,19 +77,21 @@ def manager_resource(): @app.route('/redfish/v1/Systems/1/Actions/ComputerSystem.Reset', methods=['POST']) def system_reset_action(): + global bmc_ip + username, password = get_credentials(flask.request) reset_type = flask.request.json.get('ResetType') global power_state if reset_type == 'On': app.logger.info('Running script that powers on the server') try: - subprocess.check_call(['custom_scripts/poweron.sh']) + subprocess.check_call(['custom_scripts/poweron.sh', bmc_ip, username, password]) except subprocess.CalledProcessError as e: return ('Failed to poweron the server', 400) power_state = 'On' else: app.logger.info('Running script that powers off the server') try: - subprocess.check_call(['custom_scripts/poweroff.sh']) + subprocess.check_call(['custom_scripts/poweroff.sh', bmc_ip, username, password]) except subprocess.CalledProcessError as e: return ('Failed to poweroff the server', 400) power_state = 'Off' @@ -109,6 +114,8 @@ def virtualmedia_cd_resource(): @app.route('/redfish/v1/Managers/1/VirtualMedia/Cd/Actions/VirtualMedia.InsertMedia', methods=['POST']) def virtualmedia_insert(): + global bmc_ip + username, password = get_credentials(flask.request) image = flask.request.json.get('Image') if not image: return('POST only works for Image'), 400 @@ -119,7 +126,7 @@ def virtualmedia_insert(): image_url = image app.logger.info('Running script that mounts cd with iso %s', image) try: - subprocess.check_call(['custom_scripts/mountcd.sh', image_url]) + subprocess.check_call(['custom_scripts/mountcd.sh', bmc_ip, username, password, image_url]) except subprocess.CalledProcessError as e: return ('Failed to mount virtualcd', 400) return '', 204 @@ -127,23 +134,37 @@ def virtualmedia_insert(): @app.route('/redfish/v1/Managers/1/VirtualMedia/Cd/Actions/VirtualMedia.EjectMedia', methods=['POST']) def virtualmedia_eject(): + global bmc_ip + username, password = get_credentials(flask.request) global inserted global image_url inserted = False image_url = '' app.logger.info('Running script that unmounts cd') try: - subprocess.check_call(['custom_scripts/unmountcd.sh']) + subprocess.check_call(['custom_scripts/unmountcd.sh', bmc_ip, username, password]) except subprocess.CalledProcessError as e: return ('Failed to unmount virtualcd', 400) return '', 204 +def get_credentials(flask_request): + auth = flask_request.headers.get('Authorization', None) + username = '' + password = '' + if auth is not None: + creds = parse_authorization_header(auth) + username = creds.username + password = creds.password + app.logger.debug('Returning credentials') + app.logger.debug('Username: ' + username + ', password: ' + password) + return username, password + def run(): """ """ - app.run(host='0.0.0.0', port=port, debug=False, ssl_context='adhoc') + app.run(host='0.0.0.0', port=port, debug=debug, ssl_context='adhoc') if __name__ == '__main__': @@ -151,4 +172,10 @@ def run(): inserted = False image_url = '' power_state = 'On' + bmc_ip = os.environ.get('BMC_IP', None) + if bmc_ip is not None: + app.logger.info(bmc_ip) + else: + app.logger.error('Configure the BMC IP using the environment variable BMC_IP') + exit() run() diff --git a/dell_scripts/bootfromcdonce.sh b/dell_scripts/bootfromcdonce.sh index f614d04..ee0111f 100755 --- a/dell_scripts/bootfromcdonce.sh +++ b/dell_scripts/bootfromcdonce.sh @@ -2,10 +2,13 @@ #### IMPORTANT: This script is only meant to show how to implement required scripts to make custom hardware compatible with FakeFish. Dell hardware is supported by the `idrac-virtualmedia` provider in Metal3. #### This script has to set the server's boot to once from cd and return 0 if operation succeeded, 1 otherwise +BMC_ENDPOINT=${1} +USERNAME=${2} +PASSWORD=${3} -/opt/dell/srvadmin/bin/idracadm7 -r 192.168.1.10 -u root -p calvin set iDRAC.VirtualMedia.BootOnce 1 +/opt/dell/srvadmin/bin/idracadm7 -r ${BMC_ENDPOINT} -u ${USERNAME} -p ${PASSWORD} set iDRAC.VirtualMedia.BootOnce 1 if [ $? -eq 0 ]; then - /opt/dell/srvadmin/bin/idracadm7 -r 192.168.1.10 -u root -p calvin set iDRAC.ServerBoot.FirstBootDevice VCD-DVD + /opt/dell/srvadmin/bin/idracadm7 -r ${BMC_ENDPOINT} -u ${USERNAME} -p ${PASSWORD} set iDRAC.ServerBoot.FirstBootDevice VCD-DVD if [ $? -eq 0 ]; then exit 0 else diff --git a/dell_scripts/mountcd.sh b/dell_scripts/mountcd.sh index 9cbc733..e581c4b 100755 --- a/dell_scripts/mountcd.sh +++ b/dell_scripts/mountcd.sh @@ -4,15 +4,18 @@ #### This script has to mount the iso in the server's virtualmedia and return 0 if operation succeeded, 1 otherwise #### Note: Iso image to mount will be received as the first argument ($1) -ISO=${1} +BMC_ENDPOINT=${1} +USERNAME=${2} +PASSWORD=${3} +ISO=${4} # Disconnect image just in case -/opt/dell/srvadmin/bin/idracadm7 -r 192.168.1.10 -u root -p calvin remoteimage -d +/opt/dell/srvadmin/bin/idracadm7 -r ${BMC_ENDPOINT} -u ${USERNAME} -p ${PASSWORD} remoteimage -d # Connect image -/opt/dell/srvadmin/bin/idracadm7 -r 192.168.1.10 -u root -p calvin remoteimage -c -l ${ISO} +/opt/dell/srvadmin/bin/idracadm7 -r ${BMC_ENDPOINT} -u ${USERNAME} -p ${PASSWORD} remoteimage -c -l ${ISO} -if ! /opt/dell/srvadmin/bin/idracadm7 -r 192.168.1.10 -u root -p calvin remoteimage -s | grep ${ISO}; then +if ! /opt/dell/srvadmin/bin/idracadm7 -r ${BMC_ENDPOINT} -u ${USERNAME} -p ${PASSWORD} remoteimage -s | grep ${ISO}; then exit 1 fi diff --git a/dell_scripts/poweroff.sh b/dell_scripts/poweroff.sh index 4112a05..e4f60de 100755 --- a/dell_scripts/poweroff.sh +++ b/dell_scripts/poweroff.sh @@ -2,8 +2,11 @@ #### IMPORTANT: This script is only meant to show how to implement required scripts to make custom hardware compatible with FakeFish. Dell hardware is supported by the `idrac-virtualmedia` provider in Metal3. #### This script has to poweroff the server and return 0 if operation succeeded, 1 otherwise +BMC_ENDPOINT=${1} +USERNAME=${2} +PASSWORD=${3} -/opt/dell/srvadmin/bin/idracadm7 -r 192.168.1.10 -u root -p calvin serveraction powerdown +/opt/dell/srvadmin/bin/idracadm7 -r ${BMC_ENDPOINT} -u ${USERNAME} -p ${PASSWORD} serveraction powerdown if [ $? -eq 0 ]; then exit 0 else diff --git a/dell_scripts/poweron.sh b/dell_scripts/poweron.sh index c46816b..96c5c5b 100755 --- a/dell_scripts/poweron.sh +++ b/dell_scripts/poweron.sh @@ -2,8 +2,11 @@ #### IMPORTANT: This script is only meant to show how to implement required scripts to make custom hardware compatible with FakeFish. Dell hardware is supported by the `idrac-virtualmedia` provider in Metal3. #### This script has to poweron the server and return 0 if operation succeeded, 1 otherwise +BMC_ENDPOINT=${1} +USERNAME=${2} +PASSWORD=${3} -/opt/dell/srvadmin/bin/idracadm7 -r 192.168.1.10 -u root -p calvin serveraction powerup +/opt/dell/srvadmin/bin/idracadm7 -r ${BMC_ENDPOINT} -u ${USERNAME} -p ${PASSWORD} serveraction powerup if [ $? -eq 0 ]; then exit 0 else diff --git a/dell_scripts/unmountcd.sh b/dell_scripts/unmountcd.sh index 7e6f12c..9619e65 100755 --- a/dell_scripts/unmountcd.sh +++ b/dell_scripts/unmountcd.sh @@ -2,9 +2,12 @@ #### IMPORTANT: This script is only meant to show how to implement required scripts to make custom hardware compatible with FakeFish. Dell hardware is supported by the `idrac-virtualmedia` provider in Metal3. #### This script has to unmount the iso from the server's virtualmedia and return 0 if operation succeeded, 1 otherwise +BMC_ENDPOINT=${1} +USERNAME=${2} +PASSWORD=${3} # Disconnect image -/opt/dell/srvadmin/bin/idracadm7 -r 192.168.1.10 -u root -p calvin remoteimage -d +/opt/dell/srvadmin/bin/idracadm7 -r ${BMC_ENDPOINT} -u ${USERNAME} -p ${PASSWORD} remoteimage -d if [ $? -eq 0 ]; then exit 0 else