from ganeti import bootstrap
from ganeti import ssh
from ganeti import objects
+from ganeti import uidpool
+from ganeti import compat
@UsesRPC
if opts.mac_prefix is None:
opts.mac_prefix = constants.DEFAULT_MAC_PREFIX
+ uid_pool = opts.uid_pool
+ if uid_pool is not None:
+ uid_pool = uidpool.ParseUidPool(uid_pool)
+
bootstrap.InitCluster(cluster_name=args[0],
secondary_ip=opts.secondary_ip,
vg_name=vg_name,
modify_etc_hosts=opts.modify_etc_hosts,
modify_ssh_setup=opts.modify_ssh_setup,
maintain_node_health=opts.maintain_node_health,
+ uid_pool=uid_pool,
)
op = opcodes.OpPostInitCluster()
SubmitOpCode(op, opts=opts)
return 0
-def _PrintGroupedParams(paramsdict, level=1):
+def _PrintGroupedParams(paramsdict, level=1, roman=False):
"""Print Grouped parameters (be, nic, disk) by group.
@type paramsdict: dict of dicts
"""
indent = " " * level
- for item, val in paramsdict.items():
+ for item, val in sorted(paramsdict.items()):
if isinstance(val, dict):
ToStdout("%s- %s:", indent, item)
- _PrintGroupedParams(val, level=level + 1)
+ _PrintGroupedParams(val, level=level + 1, roman=roman)
+ elif roman and isinstance(val, int):
+ ToStdout("%s %s: %s", indent, item, compat.TryToRoman(val))
else:
ToStdout("%s %s: %s", indent, item, val)
ToStdout("Hypervisor parameters:")
_PrintGroupedParams(result["hvparams"])
- ToStdout("OS specific hypervisor parameters:")
+ ToStdout("OS-specific hypervisor parameters:")
_PrintGroupedParams(result["os_hvp"])
+ ToStdout("OS parameters:")
+ _PrintGroupedParams(result["osparams"])
+
ToStdout("Cluster parameters:")
- ToStdout(" - candidate pool size: %s", result["candidate_pool_size"])
+ ToStdout(" - candidate pool size: %s",
+ compat.TryToRoman(result["candidate_pool_size"],
+ convert=opts.roman_integers))
ToStdout(" - master netdev: %s", result["master_netdev"])
ToStdout(" - lvm volume group: %s", result["volume_group_name"])
ToStdout(" - file storage path: %s", result["file_storage_dir"])
ToStdout(" - maintenance of node health: %s",
result["maintain_node_health"])
+ ToStdout(" - uid pool: %s",
+ uidpool.FormatUidPool(result["uid_pool"],
+ roman=opts.roman_integers))
ToStdout("Default instance parameters:")
- _PrintGroupedParams(result["beparams"])
+ _PrintGroupedParams(result["beparams"], roman=opts.roman_integers)
ToStdout("Default nic parameters:")
- _PrintGroupedParams(result["nicparams"])
+ _PrintGroupedParams(result["nicparams"], roman=opts.roman_integers)
return 0
if missing:
for iname, ival in missing.iteritems():
- all_missing = utils.all(ival, lambda x: x[0] in bad_nodes)
+ all_missing = compat.all(x[0] in bad_nodes for x in ival)
if all_missing:
ToStdout("Instance %s cannot be verified as it lives on"
" broken nodes", iname)
def _RenewCrypto(new_cluster_cert, new_rapi_cert, rapi_cert_filename,
- new_confd_hmac_key, force):
+ new_confd_hmac_key, new_cds, cds_filename,
+ force):
"""Renews cluster certificates, keys and secrets.
@type new_cluster_cert: bool
@param rapi_cert_filename: Path to file containing new RAPI certificate
@type new_confd_hmac_key: bool
@param new_confd_hmac_key: Whether to generate a new HMAC key
+ @type new_cds: bool
+ @param new_cds: Whether to generate a new cluster domain secret
+ @type cds_filename: string
+ @param cds_filename: Path to file containing new cluster domain secret
@type force: bool
@param force: Whether to ask user for confirmation
" options can be specified at the same time.")
return 1
+ if new_cds and cds_filename:
+ ToStderr("Only one of the --new-cluster-domain-secret and"
+ " --cluster-domain-secret options can be specified at"
+ " the same time.")
+ return 1
+
if rapi_cert_filename:
# Read and verify new certificate
try:
else:
rapi_cert_pem = None
+ if cds_filename:
+ try:
+ cds = utils.ReadFile(cds_filename)
+ except Exception, err: # pylint: disable-msg=W0703
+ ToStderr("Can't load new cluster domain secret from %s: %s" %
+ (cds_filename, str(err)))
+ return 1
+ else:
+ cds = None
+
if not force:
usertext = ("This requires all daemons on all nodes to be restarted and"
" may take some time. Continue?")
ctx.feedback_fn("Updating certificates and keys")
bootstrap.GenerateClusterCrypto(new_cluster_cert, new_rapi_cert,
new_confd_hmac_key,
- rapi_cert_pem=rapi_cert_pem)
+ new_cds,
+ rapi_cert_pem=rapi_cert_pem,
+ cds=cds)
files_to_copy = []
if new_confd_hmac_key:
files_to_copy.append(constants.CONFD_HMAC_KEY)
+ if new_cds or cds:
+ files_to_copy.append(constants.CLUSTER_DOMAIN_SECRET_FILE)
+
if files_to_copy:
for node_name in ctx.nonmaster_nodes:
ctx.feedback_fn("Copying %s to %s" %
opts.new_rapi_cert,
opts.rapi_cert,
opts.new_confd_hmac_key,
+ opts.new_cluster_domain_secret,
+ opts.cluster_domain_secret,
opts.force)
opts.enabled_hypervisors or opts.hvparams or
opts.beparams or opts.nicparams or
opts.candidate_pool_size is not None or
- opts.maintain_node_health is not None):
+ opts.uid_pool is not None or
+ opts.maintain_node_health is not None or
+ opts.add_uids is not None or
+ opts.remove_uids is not None):
ToStderr("Please give at least one of the parameters.")
return 1
nicparams = opts.nicparams
utils.ForceDictType(nicparams, constants.NICS_PARAMETER_TYPES)
+
mnh = opts.maintain_node_health
+ uid_pool = opts.uid_pool
+ if uid_pool is not None:
+ uid_pool = uidpool.ParseUidPool(uid_pool)
+
+ add_uids = opts.add_uids
+ if add_uids is not None:
+ add_uids = uidpool.ParseUidPool(add_uids)
+
+ remove_uids = opts.remove_uids
+ if remove_uids is not None:
+ remove_uids = uidpool.ParseUidPool(remove_uids)
+
op = opcodes.OpSetClusterParams(vg_name=vg_name,
enabled_hypervisors=hvlist,
hvparams=hvparams,
beparams=beparams,
nicparams=nicparams,
candidate_pool_size=opts.candidate_pool_size,
- maintain_node_health=mnh)
+ maintain_node_health=mnh,
+ uid_pool=uid_pool,
+ add_uids=add_uids,
+ remove_uids=remove_uids)
SubmitOpCode(op, opts=opts)
return 0
[BACKEND_OPT, CP_SIZE_OPT, ENABLED_HV_OPT, GLOBAL_FILEDIR_OPT,
HVLIST_OPT, MAC_PREFIX_OPT, MASTER_NETDEV_OPT, NIC_PARAMS_OPT,
NOLVM_STORAGE_OPT, NOMODIFY_ETCHOSTS_OPT, NOMODIFY_SSH_SETUP_OPT,
- SECONDARY_IP_OPT, VG_NAME_OPT, MAINTAIN_NODE_HEALTH_OPT],
+ SECONDARY_IP_OPT, VG_NAME_OPT, MAINTAIN_NODE_HEALTH_OPT,
+ UIDPOOL_OPT],
"[opts...] <cluster_name>", "Initialises a new cluster configuration"),
'destroy': (
DestroyCluster, ARGS_NONE, [YES_DOIT_OPT],
[NODE_LIST_OPT],
"[-n node...] <command>", "Runs a command on all (or only some) nodes"),
'info': (
- ShowClusterConfig, ARGS_NONE, [],
- "", "Show cluster configuration"),
+ ShowClusterConfig, ARGS_NONE, [ROMAN_OPT],
+ "[--roman]", "Show cluster configuration"),
'list-tags': (
ListTags, ARGS_NONE, [], "", "List the tags of the cluster"),
'add-tags': (
'modify': (
SetClusterParams, ARGS_NONE,
[BACKEND_OPT, CP_SIZE_OPT, ENABLED_HV_OPT, HVLIST_OPT,
- NIC_PARAMS_OPT, NOLVM_STORAGE_OPT, VG_NAME_OPT, MAINTAIN_NODE_HEALTH_OPT],
+ NIC_PARAMS_OPT, NOLVM_STORAGE_OPT, VG_NAME_OPT, MAINTAIN_NODE_HEALTH_OPT,
+ UIDPOOL_OPT, ADD_UIDS_OPT, REMOVE_UIDS_OPT],
"[opts...]",
"Alters the parameters of the cluster"),
"renew-crypto": (
RenewCrypto, ARGS_NONE,
[NEW_CLUSTER_CERT_OPT, NEW_RAPI_CERT_OPT, RAPI_CERT_OPT,
- NEW_CONFD_HMAC_KEY_OPT, FORCE_OPT],
+ NEW_CONFD_HMAC_KEY_OPT, FORCE_OPT,
+ NEW_CLUSTER_DOMAIN_SECRET_OPT, CLUSTER_DOMAIN_SECRET_OPT],
"[opts...]",
"Renews cluster certificates, keys and secrets"),
}
projects / ganeti-local / blobdiff