From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id E5A7D72A85 for ; Tue, 13 Apr 2021 14:16:50 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id D54D52A6C6 for ; Tue, 13 Apr 2021 14:16:50 +0200 (CEST) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [212.186.127.180]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS id 571F82A6B2 for ; Tue, 13 Apr 2021 14:16:49 +0200 (CEST) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 21F0E45A73 for ; Tue, 13 Apr 2021 14:16:49 +0200 (CEST) From: =?UTF-8?q?Fabian=20Gr=C3=BCnbichler?= To: pve-devel@lists.proxmox.com Date: Tue, 13 Apr 2021 14:16:26 +0200 Message-Id: <20210413121640.3602975-9-f.gruenbichler@proxmox.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20210413121640.3602975-1-f.gruenbichler@proxmox.com> References: <20210413121640.3602975-1-f.gruenbichler@proxmox.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL 0.027 Adjusted score from AWL reputation of From: address KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment RCVD_IN_DNSWL_MED -2.3 Sender listed at https://www.dnswl.org/, medium trust SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [remoteconfig.pm] Subject: [pve-devel] [PATCH cluster 2/4] add get_remote_info X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Apr 2021 12:16:50 -0000 as a unified helper for talking to a remote node. if the requested node has an entry in the remote config, the information from that entry is used. else, the first locally defined node of the requested cluster is used as proxy. Signed-off-by: Fabian Grünbichler --- data/PVE/RemoteConfig.pm | 55 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 55 insertions(+) diff --git a/data/PVE/RemoteConfig.pm b/data/PVE/RemoteConfig.pm index 23274de..7c395ba 100644 --- a/data/PVE/RemoteConfig.pm +++ b/data/PVE/RemoteConfig.pm @@ -3,6 +3,7 @@ package PVE::RemoteConfig; use strict; use warnings; +use PVE::APIClient::LWP; use PVE::Cluster qw(cfs_register_file cfs_read_file cfs_write_file cfs_lock_file); use PVE::JSONSchema qw(get_standard_option); use PVE::Tools; @@ -158,6 +159,60 @@ sub lock { } } +# will attempt to connect with node's locally defined endpoint if possible +sub get_remote_info { + my ($self, $cluster, $node, $network_cidr) = @_; + + my $cluster_info = $self->{ids}->{$cluster}; + die "Remote cluster '$cluster' is not defined!\n" + if !defined($cluster_info) || $cluster_info->{type} ne 'pvecluster'; + + my $host = $node; + + # fallback to random node/endpoint if $node is not locally defined + if (!$cluster_info->{nodes}->{$node}) { + my @defined_nodes = keys %{$cluster_info->{nodes}}; + $host = $defined_nodes[0]; + } + + my $api_node = $self->{ids}->{$host}; + + my $api_token = $cluster_info->{token} // $api_node->{token}; + + my $conn_args = { + username => 'root@pam', + protocol => 'https', + host => $api_node->{endpoint}, + apitoken => $api_token, + port => 8006, + }; + + if (my $fp = $api_node->{fingerprint}) { + $conn_args->{cached_fingerprints} = { uc($fp) => 1 }; + } else { + # FIXME add proper parameter to APIClient + die "IMPLEMENT ME"; + my $ssl_opts = { + verify_hostname => 1, +# SSL_ca_path => '/etc/ssl/certs', + SSL_verify_callback => 1, + }; + } + + print "Establishing API connection with cluster '$cluster' node '$host'\n"; + + my $conn = PVE::APIClient::LWP->new(%$conn_args); + + + my $args = {}; + $args->{cidr} = $network_cidr if $network_cidr; + + print "Request IP information of node '$node'\n"; + my $res = $conn->get("/nodes/$node/addr", $args); + + return ($res, $conn_args); +} + package PVE::RemoteConfig::Cluster; use PVE::RemoteConfig; -- 2.20.1