Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix FIPS handling #255

Merged
merged 5 commits into from
Apr 11, 2022
Merged

fix FIPS handling #255

merged 5 commits into from
Apr 11, 2022

Commits on Apr 11, 2022

  1. core: remove IVdsEventListener#handleVdsFips 

    The idea behind using VdsEventListener is to propagate events at the
vdsbroker layer to the bll layer. Now that the trigger to initiate
HandleVdsFips is InitVdsOnUp, we no longer need it.

Signed-off-by: Arik Hadas <ahadas@redhat.com>
    @ahadas
    ahadas committed Apr 11, 2022
    Configuration menu
    Copy the full SHA
    3a3d08b View commit details
    Browse the repository at this point in the history

  2. core: refactoring in HandleVdsFips 

    Signed-off-by: Arik Hadas <ahadas@redhat.com>
    @ahadas
    ahadas committed Apr 11, 2022
    Configuration menu
    Copy the full SHA
    f6082b3 View commit details
    Browse the repository at this point in the history

  3. core: inline HandleVdsFipsCommand into InitVdsOnUp 

    Now that we check the host FIPS mode (compared to the cluster's mode) in
InitVdsOnUp, we need to take special care about the VDS object we check
since InitVdsOnUp is called before persisting the data that is received
by the host monitoring. So instead of passing the reported data to
HandleVdsFips, it would be simpler to inline HandleVdsFips into
InitVdsOnUp - we have everything accessible there and we can reuse some
existing code to set the non-operational mode, if needed.

Bug-Url: https://bugzilla.redhat.com/2065543
Signed-off-by: Arik Hadas <ahadas@redhat.com>
    @ahadas
    ahadas committed Apr 11, 2022
    Configuration menu
    Copy the full SHA
    a51b4d4 View commit details
    Browse the repository at this point in the history

  4. core: fail initVdsOnUp when fips is incompatible 

    Also do that before initialize the storage domains as checking the FIPS
mode compared to the cluster's mode is much simpler.

Signed-off-by: Arik Hadas <ahadas@redhat.com>
    @ahadas
    ahadas committed Apr 11, 2022
    Configuration menu
    Copy the full SHA
    5f159ce View commit details
    Browse the repository at this point in the history

  5. core: check host FIPS mode also in gluster-only envs

    @ahadas
    ahadas committed Apr 11, 2022
    Configuration menu
    Copy the full SHA
    d14f737 View commit details
    Browse the repository at this point in the history