From b3f74614a1ecbac509a84f291c17884866765317 Mon Sep 17 00:00:00 2001 From: Vincent Untz Date: Thu, 7 Jan 2016 22:07:27 +0100 Subject: [PATCH 1/8] fence_compute: Add --insecure command line argument This makes it possible to have fence_compute work with OpenStack deployments with SSL certificates that can't be verified (can be the case in test systems). --- fence/agents/compute/fence_compute.py | 12 +++++++++++- tests/data/metadata/fence_compute.xml | 5 +++++ 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/fence/agents/compute/fence_compute.py b/fence/agents/compute/fence_compute.py index d9fe54a..ef066d4 100644 --- a/fence/agents/compute/fence_compute.py +++ b/fence/agents/compute/fence_compute.py @@ -242,6 +242,15 @@ def define_new_opts(): "default" : "", "order": 1, } + all_opt["insecure"] = { + "getopt" : "", + "longopt" : "insecure", + "help" : "--insecure Explicitly allow agent to perform \"insecure\" TLS (https) requests", + "required" : "0", + "shortdesc" : "Allow Insecure TLS Requests", + "default" : "False", + "order": 2, + } all_opt["domain"] = { "getopt" : "d:", "longopt" : "domain", @@ -286,7 +295,7 @@ def main(): device_opt = ["login", "passwd", "tenant-name", "auth-url", "fabric_fencing", "on_target", "no_login", "no_password", "port", "domain", "no-shared-storage", "endpoint-type", - "record-only", "instance-filtering"] + "record-only", "instance-filtering", "insecure"] define_new_opts() all_opt["shell_timeout"]["default"] = "180" @@ -331,6 +340,7 @@ def main(): options["--password"], options["--tenant-name"], options["--auth-url"], + insecure=options["--insecure"], endpoint_type=options["--endpoint-type"]) if options["--action"] in ["off", "reboot"]: diff --git a/tests/data/metadata/fence_compute.xml b/tests/data/metadata/fence_compute.xml index 290a2eb..5aeae40 100644 --- a/tests/data/metadata/fence_compute.xml +++ b/tests/data/metadata/fence_compute.xml @@ -43,6 +43,11 @@ Keystone Admin Tenant + + + + Allow Insecure TLS Requests + -- 2.6.2