[pve-devel] [PATCH cluster 2/4] add get_remote_info

Thomas Lamprecht t.lamprecht at proxmox.com
Sun Apr 18 19:07:23 CEST 2021 

On 13.04.21 14:16, Fabian Grünbichler wrote:
> as a unified helper for talking to a remote node. if the requested node
> has an entry in the remote config, the information from that entry is
> used.  else, the first locally defined node of the requested cluster is
> used as proxy.
> 
> Signed-off-by: Fabian Grünbichler <f.gruenbichler at proxmox.com>
> ---
>  data/PVE/RemoteConfig.pm | 55 ++++++++++++++++++++++++++++++++++++++++
>  1 file changed, 55 insertions(+)
> 
> diff --git a/data/PVE/RemoteConfig.pm b/data/PVE/RemoteConfig.pm
> index 23274de..7c395ba 100644
> --- a/data/PVE/RemoteConfig.pm
> +++ b/data/PVE/RemoteConfig.pm
> @@ -3,6 +3,7 @@ package PVE::RemoteConfig;
>  use strict;
>  use warnings;
>  
> +use PVE::APIClient::LWP;
>  use PVE::Cluster qw(cfs_register_file cfs_read_file cfs_write_file cfs_lock_file);
>  use PVE::JSONSchema qw(get_standard_option);
>  use PVE::Tools;
> @@ -158,6 +159,60 @@ sub lock {
>      }
>  }
>  
> +# will attempt to connect with node's locally defined endpoint if possible
> +sub get_remote_info {
> +    my ($self, $cluster, $node, $network_cidr) = @_;
> +
> +    my $cluster_info = $self->{ids}->{$cluster};
> +    die "Remote cluster '$cluster' is not defined!\n"
> +	if !defined($cluster_info) || $cluster_info->{type} ne 'pvecluster';
> +
> +    my $host = $node;
> +
> +    # fallback to random node/endpoint if $node is not locally defined
> +    if (!$cluster_info->{nodes}->{$node}) {
> +	my @defined_nodes = keys %{$cluster_info->{nodes}};
> +	$host = $defined_nodes[0];
> +    }
> +
> +    my $api_node = $self->{ids}->{$host};
> +
> +    my $api_token = $cluster_info->{token} // $api_node->{token};
> +
> +    my $conn_args = {
> +	username => 'root at pam',
> +	protocol => 'https',
> +	host => $api_node->{endpoint},
> +	apitoken => $api_token,
> +	port => 8006,
> +    };
> +
> +    if (my $fp = $api_node->{fingerprint}) {
> +	$conn_args->{cached_fingerprints} = { uc($fp) => 1 };
> +    } else {
> +	# FIXME add proper parameter to APIClient

that should now work out of the box? I.e., if no FP is passed we default to
verify_hostname = 1, and if verify_hostname is true we trust what openssl thinks
about the validity of the connection.

> +	die "IMPLEMENT ME";
> +	my $ssl_opts = {
> +	    verify_hostname => 1,
> +#	    SSL_ca_path => '/etc/ssl/certs',
> +	    SSL_verify_callback => 1,
> +	};
> +    }
> +
> +    print "Establishing API connection with cluster '$cluster' node '$host'\n";
> +
> +    my $conn = PVE::APIClient::LWP->new(%$conn_args);
> +
> +
> +    my $args = {};
> +    $args->{cidr} = $network_cidr if $network_cidr;
> +
> +    print "Request IP information of node '$node'\n";
> +    my $res = $conn->get("/nodes/$node/addr", $args);
> +
> +    return ($res, $conn_args);
> +}
> +
>  package PVE::RemoteConfig::Cluster;
>  
>  use PVE::RemoteConfig;
>

More information about the pve-devel mailing list