some templates need to produce yaml output
(ie. copy entire portions of config.yml), which
supported with this change, ie.
[% Utils.to_yaml(element_from_configyml) %]
there is libtemplate-plugin-yaml-perl, which is
avoided to not (re-) introduce deps other than
YAML::XS.
(cherry picked from commit fda5db9456)
(cherry picked from commit d13cc99fb4)
Change-Id: Ieaeb7eb1dd0347466c9184b6f7cff05c556f6de0
* instead of dying on non-existing function procedure only a warning
is logged (similar to non-existing table occurrence). This is to
enable correct invokation of the script on proxy nodes 3308 instance
where not all table/procedures might be available.
Change-Id: Ied5e6300c4dcc8c2e08e2152d56298bd2729c611
After some experimentation it was found to best to keep these platforms
independent, and integrate them externally as usual, instead of trying
to merge them into a single platform.
Change-Id: I19d721dece38d104b73cae573332571c4bef0fbf
* $NGCP_TYPE is unset on SPCE by default, add checks for $NGCP_TYPE
being unset and load it manually for such cases as it should be
present on all NGCP platforms.
Change-Id: I5a8fafd1a376fadb2e15aa96db8d473d65b212d7
* on carrier proxy nodes ngcp-sync-db-grants and ngcp-sync-db-creds
are now also invoked for 127.0.0.1:3308 instance because
table grants and user credentials are not replicated by default
* change "Synchronizing MySQL grants/credentials" log string to
"Synchronizing MariaDB grants/credentials" to better reflect that
MariaDB is used as the database
Change-Id: Ie4e77147621df34fc4e7f0e333183fb3b313f260
We move some of the OpenPGP support into this file, which we will extend
once we switch to use the OpenPGP Stateless OpenPGP support.
Change-Id: I56acd993cb394dd8bc12a8da3cf4c78088adb61b
We can simply feed the encrypted or unencrypted tarfile both when
decrypting and encrypting it, so that we do not have to leave one
around with the additional disk space, and danger of it not getting
removed.
Change-Id: If8c9fba36fd14c58cccacc789a0e4f8e474aac3f
Rename gpg to pgp or OpenPGP and remove crypted from filenames.
The standard is called OpenPGP, GnuPG (or GPG, gpg) is one of many
implementations (although depending on the context the prevalent one)
so we use that when referring to the specification.
For the encrypted tarball we remove the «-crypted» term which is an
odd wording use for encryted content and it is unnecessary and confusing
when using layered containers (as when the tarball is decrypted the
name becomes invalid); and make it use «.pgp» instead of «.gpg» as
extension, while trying the old filename on decryption for backwards
compatibility.
Change-Id: If5e0349ff0c3d8e3b47ced361e9e77d7d4d2defc
These functions were previously in the main functions file, which we
could not use as it depends on configuration files we do not have
available while decrypting these same configurations. But these got
split up for performance reasons into its own functions file. We can
thus now switch to use that instead of having to keep the same functions
in sync in multiple places.
Change-Id: I3860d747e575146d4ffc1a6fc8160d7aa16925ed
Usage of IP addresses like 1.2.3.4 + 2.3.4.5 is not recommended, as they
might point to actually used and non-reserved IPs.
Quoting from RFC 5737 AKA "IPv4 Address Blocks Reserved for
Documentation" (see https://datatracker.ietf.org/doc/html/rfc5737):
| The blocks 192.0.2.0/24 (TEST-NET-1), 198.51.100.0/24 (TEST-NET-2), and
| 203.0.113.0/24 (TEST-NET-3) are provided for use in documentation.
So use 203.0.113.0/24 in our docs/code/testsuite instead.
Change-Id: Ic786a12c006a1fe11b67b788e01cca377f08771f
When doing an «ngcpcfg apply» we are required to pass a reason for it
which might be included in a «git commit», but not in the etckeeper
commit. Modify the wording for the latter, and include that reason so
that the git history makes more sense and is more traceable.
So when executing:
# ngcpcfg apply "Fix array in component B"
The git commit message looked before like:
ngcpcfg apply
And now it will look like
Fix array in component B via "ngcpcfg apply"
Change-Id: Ib7b4ce986366ca51a487a087cb327b0d0dfe1ccd
The date is already tracked as part of the commit metadata, and we use
the current day which will always match the author date for the commit,
so no information is lost.
This makes the commit message more clear and removes redundant and
distracting information from it.
For «ngcpcfg log» we include the date from the commit metadata explicitly
in the output, which will be duplicated for old entries but gets it from
where it belongs for new ones. (Even though the date is also printed in
relative terms on the front of the line.) We now get this output for old
and new entries:
* b3767f6 (10 hours ago) new [2024-02-02 14:28:11 +0100] (HEAD -> master)
* dc0a310 (3 days ago) old [2024-01-30 23:10:32.674452749+01:00] [2024-01-30 23:10:32 +0100]
Change-Id: I4eb4faed433db52e6755bc7782ec34545741d452
We are prepending an extra / to the pathnames passed to tar, and
calling tar from a directory other than the root directory while
not telling it to use absolute names so it complains about these
two things with the following messages:
,---
tar: Removing leading `/' from member names
tar: Removing leading `/' from hard link targets
tar: Removing leading `//' from member names
tar: Removing leading `//' from hard link targets
`---
which is something the user cannot do much about, and it's rather
annoying.
Change-Id: I9e9c853f26363e451b8883d3c74c5508ba3049dc
* only 'sip_ext' interfaces are included into the automatic
lb outbound_socket selection as 'sip_int' does not provide
with the external traffic.
Change-Id: Id35fcfdb69ff9ffc2caefd2fb588d0bb4f61f31e
* $extra_sockets_config can be undef, a check for undef
and that the value is a HASH ref is added to prevent
unexpected behaviour
Change-Id: I6914a8d4eddc7f35ba69fe92c7acc130c0475aca
* sync_extra_sockets() renamed into sync_lb_and_extra_sockets()
* extra_sockets_sync() renamed into lb_and_extra_sockets_sync()
* $config now also contains merged $NETWORK_CONFIG (network.yml)
* lb_and_extra_sockets_sync does the following and then calls
generic_enum_sync() to provide with the gathered data:
* all shared ips from interfaces that
- host have 'lb' role
- host status 'online'
- interface has type '^sip_'
are added into the outbound sockets list of protos (udp, tcp, tls)
as: 'host:interface:proto' = 'proto:shared_ip:port'
(port is taken from config.kamailio.lb.port in case of ('udp', 'tcp')
and config.kamailio.tls.port in case of 'tls'
)
- if an interface has multiple shared IPs,
the key becomes 'host:interface:shared_ip:proto'
- $config->{kamailio}{lb}{extra_sockets} keys are merged
with the gathered config
* generic_enum_sync() - processes hash keys are now sorted
to have consistent output/processing
Change-Id: I218f1ae584e2dc9dfeb3a51c43d9f3fc950e829b
Debian/bookworm is the current stable release and this
is also what we're supporting, so switch GitHub actions
accordingly from bullseye to bookworm.
Change-Id: I427ede88cec3ba2ef26c1351807b06d75ed4a37a
We need to get the network information for the remote site. So we add
a new library file, and extend the get_all_shared_ips* ones to support
specifying a site name, defaulting to 'current'.
Change-Id: Id133ba1fc62b758c0779ac5951075c10cdf5736c
We check whether we have both a sites.yml and a sites/ directory.
If so, and multi-sites support is enabled, then we proceed to load
all the multi-sites configurations, by placing each of them under
«sites.<site-name>.<config>». Adding a «sites.current» link to the
current site, and filling the root tree config with the current site
as well for backwards compatibility.
Change-Id: Ia810f57e8e976eef6a7582bddda46c1701456ed6
This will replace the geo_cluster.enable knob from config.yml, as it
needs to be a out-of-band option and not one from within the site
specific configuration YAML files.
Change-Id: I1c062091bb3bc1c7e52311c09524dabec5a00e97
This variable has been deprecated for a long time (since mr10.5), and it
is not used anywhere in our entire NGCP code base.
Change-Id: Ic142a347fcef0405f8cf8304728b076af3369e0d
For multi-site support we need to pass all the possible files to load,
and these might be different between sites, so we need to check for
their existence from within tt2-process, instead of from the outside as
that would restrict them to only the current site.
Change-Id: I0965506832aa2f0a1ba67b19511c509bec60922e
The script got supported added for the maintenance file, but missed a
spot where the actual selection is performed.
Fixes: commit 948f940975
Change-Id: I9d092fd99a821f6f8ce72b0f7b8c05e5ab1c25e6
This variable has been deprecated for a long time (since mr10.5), and it
is not used anywhere in our entire NGCP code base.
Change-Id: I83b3f00c519c8e152fcb166b4ebeb635246b1915
In the deployment of our lab carrier, we are heavily using ngcpcfg set
command for example to change the IP addresses of all proxies. The issue is that
execution of a command takes around 1,5 seconds and this seems because every time
"set" is used, we call the check-permissions script, which has some time
penalty to be executed. Most likely nobody uses set quite often, so that is why
the problem was not so visible for a long time.
Change-Id: I47c6c3b88b0f108aadf9d8d9a2b131e0cb76b498
Add a library to return the full list of ping nodes to use for HA
verification. This makes it possible to print an identical list of ping
nodes in several places without code duplication.
The code is taken from templates/pacemaker/cluster.crm
Change-Id: Ie121a6062a15c09bf15af1761a22c5f4bcc3199e
* sync_timezone_version() checks the current olson database
version from DateTime::TimeZone vs ngcp.timezone.version
and updates billing.contacts.timezone field with the new
names following the "links" (aliases)
Change-Id: Iacb552a9151ffb8eaaa40a16b530cbde0cc4b718
We currently only fix up owner and permissions for known local files,
including the stock config.yml and any variant affecting the current
host (which include role selectors, pair or host specific files).
The problem is that when pushing these to the remotes where the files
are local there, then their permissions will be fixed up, and that will
happen independently for different files on different nodes. Which
results in git conflicts when trying to merge back these files.
Instead add a new variable that contains the glob for all such
customized files which we will fix up in the current node.
Change-Id: Ib2a7317a92733ad5b4d2fa8106759b00049edb68
This new library code will fetch a list of instances for a given service
name with a specific status.
Change-Id: I161af48d777e8478a8f1358ffd40c996cee9b4a5
We need to pass the host lists to the check remote code, and we should
not be passing any host lists to the check shared storage code, as that
takes an action instead.
Change-Id: I7292cf56f110df81f5a3b83da911742bae2af1b2
Sipwise Jenkins Builder
Rene Krenn
Kirill Solomko
Guillem Jover
Michael Prokop
Volodymyr Fedorov
Mykola Malkov
Richard Fuchs
Marco Capetta