#
#
-# Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012 Google Inc.
+# Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013 Google Inc.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
from ganeti import compat
from ganeti import pathutils
from ganeti import vcluster
+from ganeti import ht
_BOOT_ID_PATH = "/proc/sys/kernel/random/boot_id"
-_ALLOWED_CLEAN_DIRS = frozenset([
+_ALLOWED_CLEAN_DIRS = compat.UniqueFrozenset([
pathutils.DATA_DIR,
pathutils.JOB_QUEUE_ARCHIVE_DIR,
pathutils.QUEUE_DIR,
_MASTER_START = "start"
_MASTER_STOP = "stop"
-#: Maximum file permissions for remote command directory and executables
+#: Maximum file permissions for restricted command directory and executables
_RCMD_MAX_MODE = (stat.S_IRWXU |
stat.S_IRGRP | stat.S_IXGRP |
stat.S_IROTH | stat.S_IXOTH)
-#: Delay before returning an error for remote commands
+#: Delay before returning an error for restricted commands
_RCMD_INVALID_DELAY = 10
-#: How long to wait to acquire lock for remote commands (shorter than
+#: How long to wait to acquire lock for restricted commands (shorter than
#: L{_RCMD_INVALID_DELAY}) to reduce blockage of noded forks when many
#: command requests arrive
_RCMD_LOCK_TIMEOUT = _RCMD_INVALID_DELAY * 0.8
"""
+def _GetInstReasonFilename(instance_name):
+ """Path of the file containing the reason of the instance status change.
+
+ @type instance_name: string
+ @param instance_name: The name of the instance
+ @rtype: string
+ @return: The path of the file
+
+ """
+ return utils.PathJoin(pathutils.INSTANCE_REASON_DIR, instance_name)
+
+
+def _StoreInstReasonTrail(instance_name, trail):
+ """Serialize a reason trail related to an instance change of state to file.
+
+ The exact location of the file depends on the name of the instance and on
+ the configuration of the Ganeti cluster defined at deploy time.
+
+ @type instance_name: string
+ @param instance_name: The name of the instance
+ @rtype: None
+
+ """
+ json = serializer.DumpJson(trail)
+ filename = _GetInstReasonFilename(instance_name)
+ utils.WriteFile(filename, data=json)
+
+
def _Fail(msg, *args, **kwargs):
"""Log an error and the raise an RPCFail exception.
result = utils.RunCmd([setup_script, action], env=env, reset_env=True)
if result.failed:
- _Fail("Failed to %s the master IP. Script return value: %s" %
- (action, result.exit_code), log=True)
+ _Fail("Failed to %s the master IP. Script return value: %s, output: '%s'" %
+ (action, result.exit_code, result.output), log=True)
@RunLocalHooks(constants.FAKE_OP_MASTER_TURNUP, "master-ip-turnup",
raise errors.QuitGanetiException(True, "Shutdown scheduled")
-def _GetVgInfo(name):
+def _GetVgInfo(name, excl_stor):
"""Retrieves information about a LVM volume group.
"""
# TODO: GetVGInfo supports returning information for multiple VGs at once
- vginfo = bdev.LogicalVolume.GetVGInfo([name])
+ vginfo = bdev.LogicalVolume.GetVGInfo([name], excl_stor)
if vginfo:
vg_free = int(round(vginfo[0][0], 0))
vg_size = int(round(vginfo[0][1], 0))
return map(fn, names)
-def GetNodeInfo(vg_names, hv_names):
+def GetNodeInfo(vg_names, hv_names, excl_stor):
"""Gives back a hash with different information about the node.
@type vg_names: list of string
@param vg_names: Names of the volume groups to ask for disk space information
@type hv_names: list of string
@param hv_names: Names of the hypervisors to ask for node information
+ @type excl_stor: boolean
+ @param excl_stor: Whether exclusive_storage is active
@rtype: tuple; (string, None/dict, None/dict)
@return: Tuple containing boot ID, volume group information and hypervisor
information
"""
bootid = utils.ReadFile(_BOOT_ID_PATH, size=128).rstrip("\n")
- vg_info = _GetNamedNodeInfo(vg_names, _GetVgInfo)
+ vg_info = _GetNamedNodeInfo(vg_names, (lambda vg: _GetVgInfo(vg, excl_stor)))
hv_info = _GetNamedNodeInfo(hv_names, _GetHvInfo)
return (bootid, vg_info, hv_info)
+def _CheckExclusivePvs(pvi_list):
+ """Check that PVs are not shared among LVs
+
+ @type pvi_list: list of L{objects.LvmPvInfo} objects
+ @param pvi_list: information about the PVs
+
+ @rtype: list of tuples (string, list of strings)
+ @return: offending volumes, as tuples: (pv_name, [lv1_name, lv2_name...])
+
+ """
+ res = []
+ for pvi in pvi_list:
+ if len(pvi.lv_list) > 1:
+ res.append((pvi.name, pvi.lv_list))
+ return res
+
+
def VerifyNode(what, cluster_name):
"""Verify the status of the local node.
result[constants.NV_VGLIST] = utils.ListVolumeGroups()
if constants.NV_PVLIST in what and vm_capable:
- result[constants.NV_PVLIST] = \
- bdev.LogicalVolume.GetPVInfo(what[constants.NV_PVLIST],
- filter_allocatable=False)
+ check_exclusive_pvs = constants.NV_EXCLUSIVEPVS in what
+ val = bdev.LogicalVolume.GetPVInfo(what[constants.NV_PVLIST],
+ filter_allocatable=False,
+ include_lvs=check_exclusive_pvs)
+ if check_exclusive_pvs:
+ result[constants.NV_EXCLUSIVEPVS] = _CheckExclusivePvs(val)
+ for pvi in val:
+ # Avoid sending useless data on the wire
+ pvi.lv_list = []
+ result[constants.NV_PVLIST] = map(objects.LvmPvInfo.ToDict, val)
if constants.NV_VERSION in what:
result[constants.NV_VERSION] = (constants.PROTOCOL_VERSION,
" log file:\n%s", result.fail_reason, "\n".join(lines), log=False)
-def _GetBlockDevSymlinkPath(instance_name, idx):
- return utils.PathJoin(pathutils.DISK_LINKS_DIR, "%s%s%d" %
- (instance_name, constants.DISK_SEPARATOR, idx))
+def _GetBlockDevSymlinkPath(instance_name, idx, _dir=None):
+ """Returns symlink path for block device.
+
+ """
+ if _dir is None:
+ _dir = pathutils.DISK_LINKS_DIR
+
+ return utils.PathJoin(_dir,
+ ("%s%s%s" %
+ (instance_name, constants.DISK_SEPARATOR, idx)))
def _SymlinkBlockDev(instance_name, device_path, idx):
elif reboot_type == constants.INSTANCE_REBOOT_HARD:
try:
InstanceShutdown(instance, shutdown_timeout)
- return StartInstance(instance, False)
+ result = StartInstance(instance, False)
+ return result
except errors.HypervisorError, err:
_Fail("Failed to hard reboot instance %s: %s", instance.name, err)
else:
_Fail("Failed to get migration status: %s", err, exc=True)
-def BlockdevCreate(disk, size, owner, on_primary, info):
+def BlockdevCreate(disk, size, owner, on_primary, info, excl_stor):
"""Creates a block device for an instance.
@type disk: L{objects.Disk}
@type info: string
@param info: string that will be sent to the physical device
creation, used for example to set (LVM) tags on LVs
+ @type excl_stor: boolean
+ @param excl_stor: Whether exclusive_storage is active
@return: the new unique_id of the device (this can sometime be
computed only after creation), or None. On secondary nodes,
clist.append(crdev)
try:
- device = bdev.Create(disk, clist)
+ device = bdev.Create(disk, clist, excl_stor)
except errors.BlockDeviceError, err:
_Fail("Can't create block device: %s", err)
result["NIC_%d_BRIDGE" % idx] = nic.nicparams[constants.NIC_LINK]
if nic.nicparams[constants.NIC_LINK]:
result["NIC_%d_LINK" % idx] = nic.nicparams[constants.NIC_LINK]
- if nic.network:
- result["NIC_%d_NETWORK" % idx] = nic.network
+ if nic.netinfo:
+ nobj = objects.Network.FromDict(nic.netinfo)
+ result.update(nobj.HooksDict("NIC_%d_" % idx))
if constants.HV_NIC_TYPE in instance.hvparams:
result["NIC_%d_FRONTEND_TYPE" % idx] = \
instance.hvparams[constants.HV_NIC_TYPE]
return result
+def DiagnoseExtStorage(top_dirs=None):
+ """Compute the validity for all ExtStorage Providers.
+
+ @type top_dirs: list
+ @param top_dirs: the list of directories in which to
+ search (if not given defaults to
+ L{pathutils.ES_SEARCH_PATH})
+ @rtype: list of L{objects.ExtStorage}
+ @return: a list of tuples (name, path, status, diagnose, parameters)
+ for all (potential) ExtStorage Providers under all
+ search paths, where:
+ - name is the (potential) ExtStorage Provider
+ - path is the full path to the ExtStorage Provider
+ - status True/False is the validity of the ExtStorage Provider
+ - diagnose is the error message for an invalid ExtStorage Provider,
+ otherwise empty
+ - parameters is a list of (name, help) parameters, if any
+
+ """
+ if top_dirs is None:
+ top_dirs = pathutils.ES_SEARCH_PATH
+
+ result = []
+ for dir_name in top_dirs:
+ if os.path.isdir(dir_name):
+ try:
+ f_names = utils.ListVisibleFiles(dir_name)
+ except EnvironmentError, err:
+ logging.exception("Can't list the ExtStorage directory %s: %s",
+ dir_name, err)
+ break
+ for name in f_names:
+ es_path = utils.PathJoin(dir_name, name)
+ status, es_inst = bdev.ExtStorageFromDisk(name, base_dir=dir_name)
+ if status:
+ diagnose = ""
+ parameters = es_inst.supported_parameters
+ else:
+ diagnose = es_inst
+ parameters = []
+ result.append((name, es_path, status, diagnose, parameters))
+
+ return result
+
+
def BlockdevGrow(disk, amount, dryrun, backingstore):
"""Grow a stack of block devices.
config.set(constants.INISECT_INS, "nic%d_mac" %
nic_count, "%s" % nic.mac)
config.set(constants.INISECT_INS, "nic%d_ip" % nic_count, "%s" % nic.ip)
+ config.set(constants.INISECT_INS, "nic%d_network" % nic_count,
+ "%s" % nic.network)
for param in constants.NICS_PARAMETER_TYPES:
config.set(constants.INISECT_INS, "nic%d_%s" % (nic_count, param),
"%s" % nic.nicparams.get(param, None))
# Write and replace the file atomically
utils.WriteFile(file_name, data=_Decompress(content), uid=getents.masterd_uid,
- gid=getents.masterd_gid)
+ gid=getents.daemons_gid, mode=constants.JOB_QUEUE_FILES_PERMS)
def JobQueueRename(old, new):
getents = runtime.GetEnts()
- utils.RenameFile(old, new, mkdir=True, mkdir_mode=0700,
- dir_uid=getents.masterd_uid, dir_gid=getents.masterd_gid)
+ utils.RenameFile(old, new, mkdir=True, mkdir_mode=0750,
+ dir_uid=getents.masterd_uid, dir_gid=getents.daemons_gid)
def BlockdevClose(instance_name, disks):
hyper.PowercycleNode()
-def _VerifyRemoteCommandName(cmd):
- """Verifies a remote command name.
+def _VerifyRestrictedCmdName(cmd):
+ """Verifies a restricted command name.
@type cmd: string
@param cmd: Command name
return (True, None)
-def _CommonRemoteCommandCheck(path, owner):
- """Common checks for remote command file system directories and files.
+def _CommonRestrictedCmdCheck(path, owner):
+ """Common checks for restricted command file system directories and files.
@type path: string
@param path: Path to check
return (True, st)
-def _VerifyRemoteCommandDirectory(path, _owner=None):
- """Verifies remote command directory.
+def _VerifyRestrictedCmdDirectory(path, _owner=None):
+ """Verifies restricted command directory.
@type path: string
@param path: Path to check
element is an error message string, otherwise it's C{None}
"""
- (status, value) = _CommonRemoteCommandCheck(path, _owner)
+ (status, value) = _CommonRestrictedCmdCheck(path, _owner)
if not status:
return (False, value)
return (True, None)
-def _VerifyRemoteCommand(path, cmd, _owner=None):
- """Verifies a whole remote command and returns its executable filename.
+def _VerifyRestrictedCmd(path, cmd, _owner=None):
+ """Verifies a whole restricted command and returns its executable filename.
@type path: string
- @param path: Directory containing remote commands
+ @param path: Directory containing restricted commands
@type cmd: string
@param cmd: Command name
@rtype: tuple; (boolean, string)
"""
executable = utils.PathJoin(path, cmd)
- (status, msg) = _CommonRemoteCommandCheck(executable, _owner)
+ (status, msg) = _CommonRestrictedCmdCheck(executable, _owner)
if not status:
return (False, msg)
return (True, executable)
-def _PrepareRemoteCommand(path, cmd,
- _verify_dir=_VerifyRemoteCommandDirectory,
- _verify_name=_VerifyRemoteCommandName,
- _verify_cmd=_VerifyRemoteCommand):
- """Performs a number of tests on a remote command.
+def _PrepareRestrictedCmd(path, cmd,
+ _verify_dir=_VerifyRestrictedCmdDirectory,
+ _verify_name=_VerifyRestrictedCmdName,
+ _verify_cmd=_VerifyRestrictedCmd):
+ """Performs a number of tests on a restricted command.
@type path: string
- @param path: Directory containing remote commands
+ @param path: Directory containing restricted commands
@type cmd: string
@param cmd: Command name
- @return: Same as L{_VerifyRemoteCommand}
+ @return: Same as L{_VerifyRestrictedCmd}
"""
# Verify the directory first
return _verify_cmd(path, cmd)
-def RunRemoteCommand(cmd,
+def RunRestrictedCmd(cmd,
_lock_timeout=_RCMD_LOCK_TIMEOUT,
- _lock_file=pathutils.REMOTE_COMMANDS_LOCK_FILE,
- _path=pathutils.REMOTE_COMMANDS_DIR,
+ _lock_file=pathutils.RESTRICTED_COMMANDS_LOCK_FILE,
+ _path=pathutils.RESTRICTED_COMMANDS_DIR,
_sleep_fn=time.sleep,
- _prepare_fn=_PrepareRemoteCommand,
+ _prepare_fn=_PrepareRestrictedCmd,
_runcmd_fn=utils.RunCmd,
_enabled=constants.ENABLE_RESTRICTED_COMMANDS):
- """Executes a remote command after performing strict tests.
+ """Executes a restricted command after performing strict tests.
@type cmd: string
@param cmd: Command name
@raise RPCFail: In case of an error
"""
- logging.info("Preparing to run remote command '%s'", cmd)
+ logging.info("Preparing to run restricted command '%s'", cmd)
if not _enabled:
- _Fail("Remote commands disabled at configure time")
+ _Fail("Restricted commands disabled at configure time")
lock = None
try:
# Do not include original error message in returned error
_Fail("Executing command '%s' failed" % cmd)
elif cmdresult.failed or cmdresult.fail_reason:
- _Fail("Remote command '%s' failed: %s; output: %s",
+ _Fail("Restricted command '%s' failed: %s; output: %s",
cmd, cmdresult.fail_reason, cmdresult.output)
else:
return cmdresult.output
lock = None
+def SetWatcherPause(until, _filename=pathutils.WATCHER_PAUSEFILE):
+ """Creates or removes the watcher pause file.
+
+ @type until: None or number
+ @param until: Unix timestamp saying until when the watcher shouldn't run
+
+ """
+ if until is None:
+ logging.info("Received request to no longer pause watcher")
+ utils.RemoveFile(_filename)
+ else:
+ logging.info("Received request to pause watcher until %s", until)
+
+ if not ht.TNumber(until):
+ _Fail("Duration must be numeric")
+
+ utils.WriteFile(_filename, data="%d\n" % (until, ), mode=0644)
+
+
class HooksRunner(object):
"""Hook runner.