4 # Copyright (C) 2006, 2007, 2008, 2010 Google Inc.
6 # This program is free software; you can redistribute it and/or modify
7 # it under the terms of the GNU General Public License as published by
8 # the Free Software Foundation; either version 2 of the License, or
9 # (at your option) any later version.
11 # This program is distributed in the hope that it will be useful, but
12 # WITHOUT ANY WARRANTY; without even the implied warranty of
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 # General Public License for more details.
16 # You should have received a copy of the GNU General Public License
17 # along with this program; if not, write to the Free Software
18 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
22 """Functions to bootstrap a new cluster.
32 from ganeti import rpc
33 from ganeti import ssh
34 from ganeti import utils
35 from ganeti import errors
36 from ganeti import config
37 from ganeti import constants
38 from ganeti import objects
39 from ganeti import ssconf
40 from ganeti import serializer
41 from ganeti import hypervisor
42 from ganeti import bdev
43 from ganeti import netutils
44 from ganeti import backend
48 """Setup the SSH configuration for the cluster.
50 This generates a dsa keypair for root, adds the pub key to the
51 permitted hosts and adds the hostkey to its own known hosts.
54 priv_key, pub_key, auth_keys = ssh.GetUserFiles(constants.GANETI_RUNAS)
56 for name in priv_key, pub_key:
57 if os.path.exists(name):
58 utils.CreateBackup(name)
59 utils.RemoveFile(name)
61 result = utils.RunCmd(["ssh-keygen", "-t", "dsa",
65 raise errors.OpExecError("Could not generate ssh keypair, error %s" %
68 utils.AddAuthorizedKey(auth_keys, utils.ReadFile(pub_key))
71 def GenerateHmacKey(file_name):
72 """Writes a new HMAC key.
75 @param file_name: Path to output file
78 utils.WriteFile(file_name, data="%s\n" % utils.GenerateSecret(), mode=0400,
82 def GenerateClusterCrypto(new_cluster_cert, new_rapi_cert, new_confd_hmac_key,
83 new_cds, rapi_cert_pem=None, cds=None,
84 nodecert_file=constants.NODED_CERT_FILE,
85 rapicert_file=constants.RAPI_CERT_FILE,
86 hmackey_file=constants.CONFD_HMAC_KEY,
87 cds_file=constants.CLUSTER_DOMAIN_SECRET_FILE):
88 """Updates the cluster certificates, keys and secrets.
90 @type new_cluster_cert: bool
91 @param new_cluster_cert: Whether to generate a new cluster certificate
92 @type new_rapi_cert: bool
93 @param new_rapi_cert: Whether to generate a new RAPI certificate
94 @type new_confd_hmac_key: bool
95 @param new_confd_hmac_key: Whether to generate a new HMAC key
97 @param new_cds: Whether to generate a new cluster domain secret
98 @type rapi_cert_pem: string
99 @param rapi_cert_pem: New RAPI certificate in PEM format
101 @param cds: New cluster domain secret
102 @type nodecert_file: string
103 @param nodecert_file: optional override of the node cert file path
104 @type rapicert_file: string
105 @param rapicert_file: optional override of the rapi cert file path
106 @type hmackey_file: string
107 @param hmackey_file: optional override of the hmac key file path
110 # noded SSL certificate
111 cluster_cert_exists = os.path.exists(nodecert_file)
112 if new_cluster_cert or not cluster_cert_exists:
113 if cluster_cert_exists:
114 utils.CreateBackup(nodecert_file)
116 logging.debug("Generating new cluster certificate at %s", nodecert_file)
117 utils.GenerateSelfSignedSslCert(nodecert_file)
120 if new_confd_hmac_key or not os.path.exists(hmackey_file):
121 logging.debug("Writing new confd HMAC key to %s", hmackey_file)
122 GenerateHmacKey(hmackey_file)
125 rapi_cert_exists = os.path.exists(rapicert_file)
128 # Assume rapi_pem contains a valid PEM-formatted certificate and key
129 logging.debug("Writing RAPI certificate at %s", rapicert_file)
130 utils.WriteFile(rapicert_file, data=rapi_cert_pem, backup=True)
132 elif new_rapi_cert or not rapi_cert_exists:
134 utils.CreateBackup(rapicert_file)
136 logging.debug("Generating new RAPI certificate at %s", rapicert_file)
137 utils.GenerateSelfSignedSslCert(rapicert_file)
139 # Cluster domain secret
141 logging.debug("Writing cluster domain secret to %s", cds_file)
142 utils.WriteFile(cds_file, data=cds, backup=True)
144 elif new_cds or not os.path.exists(cds_file):
145 logging.debug("Generating new cluster domain secret at %s", cds_file)
146 GenerateHmacKey(cds_file)
149 def _InitGanetiServerSetup(master_name):
150 """Setup the necessary configuration for the initial node daemon.
152 This creates the nodepass file containing the shared password for
153 the cluster, generates the SSL certificate and starts the node daemon.
155 @type master_name: str
156 @param master_name: Name of the master node
159 # Generate cluster secrets
160 GenerateClusterCrypto(True, False, False, False)
162 result = utils.RunCmd([constants.DAEMON_UTIL, "start", constants.NODED])
164 raise errors.OpExecError("Could not start the node daemon, command %s"
165 " had exitcode %s and error %s" %
166 (result.cmd, result.exit_code, result.output))
168 _WaitForNodeDaemon(master_name)
171 def _WaitForNodeDaemon(node_name):
172 """Wait for node daemon to become responsive.
175 def _CheckNodeDaemon():
176 result = rpc.RpcRunner.call_version([node_name])[node_name]
178 raise utils.RetryAgain()
181 utils.Retry(_CheckNodeDaemon, 1.0, 10.0)
182 except utils.RetryTimeout:
183 raise errors.OpExecError("Node daemon on %s didn't answer queries within"
184 " 10 seconds" % node_name)
187 def _InitFileStorage(file_storage_dir):
188 """Initialize if needed the file storage.
190 @param file_storage_dir: the user-supplied value
191 @return: either empty string (if file storage was disabled at build
192 time) or the normalized path to the storage directory
195 if not constants.ENABLE_FILE_STORAGE:
198 file_storage_dir = os.path.normpath(file_storage_dir)
200 if not os.path.isabs(file_storage_dir):
201 raise errors.OpPrereqError("The file storage directory you passed is"
202 " not an absolute path.", errors.ECODE_INVAL)
204 if not os.path.exists(file_storage_dir):
206 os.makedirs(file_storage_dir, 0750)
208 raise errors.OpPrereqError("Cannot create file storage directory"
209 " '%s': %s" % (file_storage_dir, err),
210 errors.ECODE_ENVIRON)
212 if not os.path.isdir(file_storage_dir):
213 raise errors.OpPrereqError("The file storage directory '%s' is not"
214 " a directory." % file_storage_dir,
215 errors.ECODE_ENVIRON)
216 return file_storage_dir
219 #pylint: disable-msg=R0913
220 def InitCluster(cluster_name, mac_prefix,
221 master_netdev, file_storage_dir, candidate_pool_size,
222 secondary_ip=None, vg_name=None, beparams=None,
223 nicparams=None, hvparams=None, enabled_hypervisors=None,
224 modify_etc_hosts=True, modify_ssh_setup=True,
225 maintain_node_health=False, drbd_helper=None,
226 uid_pool=None, default_iallocator=None):
227 """Initialise the cluster.
229 @type candidate_pool_size: int
230 @param candidate_pool_size: master candidate pool size
233 # TODO: complete the docstring
234 if config.ConfigWriter.IsCluster():
235 raise errors.OpPrereqError("Cluster is already initialised",
238 if not enabled_hypervisors:
239 raise errors.OpPrereqError("Enabled hypervisors list must contain at"
240 " least one member", errors.ECODE_INVAL)
241 invalid_hvs = set(enabled_hypervisors) - constants.HYPER_TYPES
243 raise errors.OpPrereqError("Enabled hypervisors contains invalid"
244 " entries: %s" % invalid_hvs,
247 hostname = netutils.GetHostInfo()
249 if netutils.IP4Address.IsLoopback(hostname.ip):
250 raise errors.OpPrereqError("This host's IP (%s) resolves to a loopback"
251 " address. Please fix DNS or %s." %
252 (hostname.ip, constants.ETC_HOSTS),
253 errors.ECODE_ENVIRON)
255 if not netutils.IPAddress.Own(hostname.ip):
256 raise errors.OpPrereqError("Inconsistency: this host's name resolves"
257 " to %s,\nbut this ip address does not"
258 " belong to this host. Aborting." %
259 hostname.ip, errors.ECODE_ENVIRON)
262 netutils.GetHostInfo(netutils.HostInfo.NormalizeName(cluster_name))
264 if netutils.TcpPing(clustername.ip, constants.DEFAULT_NODED_PORT,
266 raise errors.OpPrereqError("Cluster IP already active. Aborting.",
267 errors.ECODE_NOTUNIQUE)
270 if not netutils.IP4Address.IsValid(secondary_ip):
271 raise errors.OpPrereqError("Invalid secondary ip given",
273 if (secondary_ip != hostname.ip and
274 not netutils.IPAddress.Own(secondary_ip)):
275 raise errors.OpPrereqError("You gave %s as secondary IP,"
276 " but it does not belong to this host." %
277 secondary_ip, errors.ECODE_ENVIRON)
279 secondary_ip = hostname.ip
281 if vg_name is not None:
282 # Check if volume group is valid
283 vgstatus = utils.CheckVolumeGroupSize(utils.ListVolumeGroups(), vg_name,
284 constants.MIN_VG_SIZE)
286 raise errors.OpPrereqError("Error: %s\nspecify --no-lvm-storage if"
287 " you are not using lvm" % vgstatus,
290 if drbd_helper is not None:
292 curr_helper = bdev.BaseDRBD.GetUsermodeHelper()
293 except errors.BlockDeviceError, err:
294 raise errors.OpPrereqError("Error while checking drbd helper"
295 " (specify --no-drbd-storage if you are not"
296 " using drbd): %s" % str(err),
297 errors.ECODE_ENVIRON)
298 if drbd_helper != curr_helper:
299 raise errors.OpPrereqError("Error: requiring %s as drbd helper but %s"
300 " is the current helper" % (drbd_helper,
304 file_storage_dir = _InitFileStorage(file_storage_dir)
306 if not re.match("^[0-9a-z]{2}:[0-9a-z]{2}:[0-9a-z]{2}$", mac_prefix):
307 raise errors.OpPrereqError("Invalid mac prefix given '%s'" % mac_prefix,
310 result = utils.RunCmd(["ip", "link", "show", "dev", master_netdev])
312 raise errors.OpPrereqError("Invalid master netdev given (%s): '%s'" %
314 result.output.strip()), errors.ECODE_INVAL)
316 dirs = [(constants.RUN_GANETI_DIR, constants.RUN_DIRS_MODE)]
317 utils.EnsureDirs(dirs)
319 utils.ForceDictType(beparams, constants.BES_PARAMETER_TYPES)
320 utils.ForceDictType(nicparams, constants.NICS_PARAMETER_TYPES)
321 objects.NIC.CheckParameterSyntax(nicparams)
323 # hvparams is a mapping of hypervisor->hvparams dict
324 for hv_name, hv_params in hvparams.iteritems():
325 utils.ForceDictType(hv_params, constants.HVS_PARAMETER_TYPES)
326 hv_class = hypervisor.GetHypervisor(hv_name)
327 hv_class.CheckParameterSyntax(hv_params)
329 # set up ssh config and /etc/hosts
330 sshline = utils.ReadFile(constants.SSH_HOST_RSA_PUB)
331 sshkey = sshline.split(" ")[1]
334 utils.AddHostToEtcHosts(hostname.name)
339 if default_iallocator is not None:
340 alloc_script = utils.FindFile(default_iallocator,
341 constants.IALLOCATOR_SEARCH_PATH,
343 if alloc_script is None:
344 raise errors.OpPrereqError("Invalid default iallocator script '%s'"
345 " specified" % default_iallocator,
350 # init of cluster config file
351 cluster_config = objects.Cluster(
353 rsahostkeypub=sshkey,
354 highest_used_port=(constants.FIRST_DRBD_PORT - 1),
355 mac_prefix=mac_prefix,
356 volume_group_name=vg_name,
357 tcpudp_port_pool=set(),
358 master_node=hostname.name,
359 master_ip=clustername.ip,
360 master_netdev=master_netdev,
361 cluster_name=clustername.name,
362 file_storage_dir=file_storage_dir,
363 enabled_hypervisors=enabled_hypervisors,
364 beparams={constants.PP_DEFAULT: beparams},
365 nicparams={constants.PP_DEFAULT: nicparams},
367 candidate_pool_size=candidate_pool_size,
368 modify_etc_hosts=modify_etc_hosts,
369 modify_ssh_setup=modify_ssh_setup,
373 uuid=utils.NewUUID(),
374 maintain_node_health=maintain_node_health,
375 drbd_usermode_helper=drbd_helper,
376 default_iallocator=default_iallocator,
378 master_node_config = objects.Node(name=hostname.name,
379 primary_ip=hostname.ip,
380 secondary_ip=secondary_ip,
382 master_candidate=True,
383 offline=False, drained=False,
385 InitConfig(constants.CONFIG_VERSION, cluster_config, master_node_config)
386 cfg = config.ConfigWriter(offline=True)
387 ssh.WriteKnownHostsFile(cfg, constants.SSH_KNOWN_HOSTS_FILE)
388 cfg.Update(cfg.GetClusterInfo(), logging.error)
389 backend.WriteSsconfFiles(cfg.GetSsconfValues())
392 # set up the inter-node password and certificate
393 _InitGanetiServerSetup(hostname.name)
395 # start the master ip
396 # TODO: Review rpc call from bootstrap
397 # TODO: Warn on failed start master
398 rpc.RpcRunner.call_node_start_master(hostname.name, True, False)
401 def InitConfig(version, cluster_config, master_node_config,
402 cfg_file=constants.CLUSTER_CONF_FILE):
403 """Create the initial cluster configuration.
405 It will contain the current node, which will also be the master
406 node, and no instances.
409 @param version: configuration version
410 @type cluster_config: L{objects.Cluster}
411 @param cluster_config: cluster configuration
412 @type master_node_config: L{objects.Node}
413 @param master_node_config: master node configuration
414 @type cfg_file: string
415 @param cfg_file: configuration file path
419 master_node_config.name: master_node_config,
423 config_data = objects.ConfigData(version=version,
424 cluster=cluster_config,
428 ctime=now, mtime=now)
429 utils.WriteFile(cfg_file,
430 data=serializer.Dump(config_data.ToDict()),
434 def FinalizeClusterDestroy(master):
435 """Execute the last steps of cluster destroy
437 This function shuts down all the daemons, completing the destroy
438 begun in cmdlib.LUDestroyOpcode.
441 cfg = config.ConfigWriter()
442 modify_ssh_setup = cfg.GetClusterInfo().modify_ssh_setup
443 result = rpc.RpcRunner.call_node_stop_master(master, True)
444 msg = result.fail_msg
446 logging.warning("Could not disable the master role: %s", msg)
447 result = rpc.RpcRunner.call_node_leave_cluster(master, modify_ssh_setup)
448 msg = result.fail_msg
450 logging.warning("Could not shutdown the node daemon and cleanup"
451 " the node: %s", msg)
454 def SetupNodeDaemon(cluster_name, node, ssh_key_check):
455 """Add a node to the cluster.
457 This function must be called before the actual opcode, and will ssh
458 to the remote node, copy the needed files, and start ganeti-noded,
459 allowing the master to do the rest via normal rpc calls.
461 @param cluster_name: the cluster name
462 @param node: the name of the new node
463 @param ssh_key_check: whether to do a strict key check
466 sshrunner = ssh.SshRunner(cluster_name)
468 noded_cert = utils.ReadFile(constants.NODED_CERT_FILE)
469 rapi_cert = utils.ReadFile(constants.RAPI_CERT_FILE)
470 confd_hmac_key = utils.ReadFile(constants.CONFD_HMAC_KEY)
472 # in the base64 pem encoding, neither '!' nor '.' are valid chars,
473 # so we use this to detect an invalid certificate; as long as the
474 # cert doesn't contain this, the here-document will be correctly
475 # parsed by the shell sequence below. HMAC keys are hexadecimal strings,
476 # so the same restrictions apply.
477 for content in (noded_cert, rapi_cert, confd_hmac_key):
478 if re.search('^!EOF\.', content, re.MULTILINE):
479 raise errors.OpExecError("invalid SSL certificate or HMAC key")
481 if not noded_cert.endswith("\n"):
483 if not rapi_cert.endswith("\n"):
485 if not confd_hmac_key.endswith("\n"):
486 confd_hmac_key += "\n"
488 # set up inter-node password and certificate and restarts the node daemon
489 # and then connect with ssh to set password and start ganeti-noded
490 # note that all the below variables are sanitized at this point,
491 # either by being constants or by the checks above
492 # TODO: Could this command exceed a shell's maximum command length?
493 mycommand = ("umask 077 && "
494 "cat > '%s' << '!EOF.' && \n"
496 "cat > '%s' << '!EOF.' && \n"
498 "cat > '%s' << '!EOF.' && \n"
500 "chmod 0400 %s %s %s && "
502 (constants.NODED_CERT_FILE, noded_cert,
503 constants.RAPI_CERT_FILE, rapi_cert,
504 constants.CONFD_HMAC_KEY, confd_hmac_key,
505 constants.NODED_CERT_FILE, constants.RAPI_CERT_FILE,
506 constants.CONFD_HMAC_KEY,
507 constants.DAEMON_UTIL, constants.NODED))
509 result = sshrunner.Run(node, 'root', mycommand, batch=False,
510 ask_key=ssh_key_check,
511 use_cluster_key=False,
512 strict_host_check=ssh_key_check)
514 raise errors.OpExecError("Remote command on node %s, error: %s,"
516 (node, result.fail_reason, result.output))
518 _WaitForNodeDaemon(node)
521 def MasterFailover(no_voting=False):
522 """Failover the master node.
524 This checks that we are not already the master, and will cause the
525 current master to cease being master, and the non-master to become
528 @type no_voting: boolean
529 @param no_voting: force the operation without remote nodes agreement
533 sstore = ssconf.SimpleStore()
535 old_master, new_master = ssconf.GetMasterAndMyself(sstore)
536 node_list = sstore.GetNodeList()
537 mc_list = sstore.GetMasterCandidates()
539 if old_master == new_master:
540 raise errors.OpPrereqError("This commands must be run on the node"
541 " where you want the new master to be."
542 " %s is already the master" %
543 old_master, errors.ECODE_INVAL)
545 if new_master not in mc_list:
546 mc_no_master = [name for name in mc_list if name != old_master]
547 raise errors.OpPrereqError("This node is not among the nodes marked"
548 " as master candidates. Only these nodes"
549 " can become masters. Current list of"
550 " master candidates is:\n"
551 "%s" % ('\n'.join(mc_no_master)),
555 vote_list = GatherMasterVotes(node_list)
558 voted_master = vote_list[0][0]
559 if voted_master is None:
560 raise errors.OpPrereqError("Cluster is inconsistent, most nodes did"
561 " not respond.", errors.ECODE_ENVIRON)
562 elif voted_master != old_master:
563 raise errors.OpPrereqError("I have a wrong configuration, I believe"
564 " the master is %s but the other nodes"
565 " voted %s. Please resync the configuration"
567 (old_master, voted_master),
573 logging.info("Setting master to %s, old master: %s", new_master, old_master)
575 result = rpc.RpcRunner.call_node_stop_master(old_master, True)
576 msg = result.fail_msg
578 logging.error("Could not disable the master role on the old master"
579 " %s, please disable manually: %s", old_master, msg)
581 master_ip = sstore.GetMasterIP()
583 # Here we have a phase where no master should be running
585 if netutils.TcpPing(master_ip, constants.DEFAULT_NODED_PORT):
586 raise utils.RetryAgain()
589 utils.Retry(_check_ip, (1, 1.5, 5), total_timeout)
590 except utils.RetryTimeout:
591 logging.warning("The master IP is still reachable after %s seconds,"
592 " continuing but activating the master on the current"
593 " node will probably fail", total_timeout)
595 # instantiate a real config writer, as we now know we have the
597 cfg = config.ConfigWriter()
599 cluster_info = cfg.GetClusterInfo()
600 cluster_info.master_node = new_master
601 # this will also regenerate the ssconf files, since we updated the
603 cfg.Update(cluster_info, logging.error)
605 result = rpc.RpcRunner.call_node_start_master(new_master, True, no_voting)
606 msg = result.fail_msg
608 logging.error("Could not start the master role on the new master"
609 " %s, please check: %s", new_master, msg)
616 """Returns the current master node.
618 This is a separate function in bootstrap since it's needed by
619 gnt-cluster, and instead of importing directly ssconf, it's better
620 to abstract it in bootstrap, where we do use ssconf in other
624 sstore = ssconf.SimpleStore()
626 old_master, _ = ssconf.GetMasterAndMyself(sstore)
631 def GatherMasterVotes(node_list):
632 """Check the agreement on who is the master.
634 This function will return a list of (node, number of votes), ordered
635 by the number of votes. Errors will be denoted by the key 'None'.
637 Note that the sum of votes is the number of nodes this machine
638 knows, whereas the number of entries in the list could be different
639 (if some nodes vote for another master).
641 We remove ourselves from the list since we know that (bugs aside)
642 since we use the same source for configuration information for both
643 backend and boostrap, we'll always vote for ourselves.
645 @type node_list: list
646 @param node_list: the list of nodes to query for master info; the current
647 node will be removed if it is in the list
649 @return: list of (node, votes)
652 myself = netutils.HostInfo().name
654 node_list.remove(myself)
658 # no nodes left (eventually after removing myself)
660 results = rpc.RpcRunner.call_master_info(node_list)
661 if not isinstance(results, dict):
662 # this should not happen (unless internal error in rpc)
663 logging.critical("Can't complete rpc call, aborting master startup")
664 return [(None, len(node_list))]
672 logging.warning("Error contacting node %s: %s", node, msg)
674 elif not isinstance(data, (tuple, list)) or len(data) < 3:
675 logging.warning("Invalid data received from node %s: %s", node, data)
678 if None not in votes:
682 master_node = data[2]
683 if master_node not in votes:
684 votes[master_node] = 0
685 votes[master_node] += 1
687 vote_list = [v for v in votes.items()]
688 # sort first on number of votes then on name, since we want None
689 # sorted later if we have the half of the nodes not responding, and
690 # half voting all for the same master
691 vote_list.sort(key=lambda x: (x[1], x[0]), reverse=True)