LUBackupRemove: Use node allocation lock

[ganeti-local] / lib / cmdlib.py
diff --git a/lib/cmdlib.py b/lib/cmdlib.py

index 5af426c..7b6d571 100644 (file)
--- a/lib/cmdlib.py
+++ b/lib/cmdlib.py
@@ -21,18 +21,17 @@
  
  """Module implementing the master-side code."""
  
  
  """Module implementing the master-side code."""
  
-# pylint: disable-msg=W0201,C0302
+# pylint: disable=W0201,C0302
  
  # W0201 since most LU attributes are defined in CheckPrereq or similar
  # functions
  
  
  # W0201 since most LU attributes are defined in CheckPrereq or similar
  # functions
  
-# C0302: since we have waaaay to many lines in this module
+# C0302: since we have waaaay too many lines in this module
  
  import os
  import os.path
  import time
  import re
  
  import os
  import os.path
  import time
  import re
-import platform
  import logging
  import copy
  import OpenSSL
  import logging
  import copy
  import OpenSSL
@@ -49,7 +48,6 @@ from ganeti import hypervisor
  from ganeti import locking
  from ganeti import constants
  from ganeti import objects
  from ganeti import locking
  from ganeti import constants
  from ganeti import objects
-from ganeti import serializer
  from ganeti import ssconf
  from ganeti import uidpool
  from ganeti import compat
  from ganeti import ssconf
  from ganeti import uidpool
  from ganeti import compat
@@ -58,24 +56,50 @@ from ganeti import netutils
  from ganeti import query
  from ganeti import qlang
  from ganeti import opcodes
  from ganeti import query
  from ganeti import qlang
  from ganeti import opcodes
+from ganeti import ht
+from ganeti import rpc
+from ganeti import runtime
+from ganeti import pathutils
+from ganeti import vcluster
+from ganeti import network
+from ganeti.masterd import iallocator
  
  
-import ganeti.masterd.instance # pylint: disable-msg=W0611
+import ganeti.masterd.instance # pylint: disable=W0611
  
  
  
  
-def _SupportsOob(cfg, node):
-  """Tells if node supports OOB.
+# States of instance
+INSTANCE_DOWN = [constants.ADMINST_DOWN]
+INSTANCE_ONLINE = [constants.ADMINST_DOWN, constants.ADMINST_UP]
+INSTANCE_NOT_RUNNING = [constants.ADMINST_DOWN, constants.ADMINST_OFFLINE]
+
+#: Instance status in which an instance can be marked as offline/online
+CAN_CHANGE_INSTANCE_OFFLINE = (frozenset(INSTANCE_DOWN) | frozenset([
+  constants.ADMINST_OFFLINE,
+  ]))
  
  
-  @type cfg: L{config.ConfigWriter}
-  @param cfg: The cluster configuration
-  @type node: L{objects.Node}
-  @param node: The node
-  @return: The OOB script if supported or an empty string otherwise
+
+class ResultWithJobs:
+  """Data container for LU results with jobs.
+
+  Instances of this class returned from L{LogicalUnit.Exec} will be recognized
+  by L{mcpu._ProcessResult}. The latter will then submit the jobs
+  contained in the C{jobs} attribute and include the job IDs in the opcode
+  result.
  
    """
  
    """
-  return cfg.GetNdParams(node)[constants.ND_OOB_PROGRAM]
+  def __init__(self, jobs, **kwargs):
+    """Initializes this class.
+
+    Additional return values can be specified as keyword arguments.
+
+    @type jobs: list of lists of L{opcode.OpCode}
+    @param jobs: A list of lists of opcode objects
+
+    """
+    self.jobs = jobs
+    self.other = kwargs
  
  
  
  
-# End types
  class LogicalUnit(object):
    """Logical Unit base class.
  
  class LogicalUnit(object):
    """Logical Unit base class.
  
@@ -84,6 +108,7 @@ class LogicalUnit(object):
      - implement CheckPrereq (except when tasklets are used)
      - implement Exec (except when tasklets are used)
      - implement BuildHooksEnv
      - implement CheckPrereq (except when tasklets are used)
      - implement Exec (except when tasklets are used)
      - implement BuildHooksEnv
+    - implement BuildHooksNodes
      - redefine HPATH and HTYPE
      - optionally redefine their run requirements:
          REQ_BGL: the LU needs to hold the Big Ganeti Lock exclusively
      - redefine HPATH and HTYPE
      - optionally redefine their run requirements:
          REQ_BGL: the LU needs to hold the Big Ganeti Lock exclusively
@@ -98,7 +123,7 @@ class LogicalUnit(object):
    HTYPE = None
    REQ_BGL = True
  
    HTYPE = None
    REQ_BGL = True
  
-  def __init__(self, processor, op, context, rpc):
+  def __init__(self, processor, op, context, rpc_runner):
      """Constructor for LogicalUnit.
  
      This needs to be overridden in derived classes in order to check op
      """Constructor for LogicalUnit.
  
      This needs to be overridden in derived classes in order to check op
@@ -108,22 +133,28 @@ class LogicalUnit(object):
      self.proc = processor
      self.op = op
      self.cfg = context.cfg
      self.proc = processor
      self.op = op
      self.cfg = context.cfg
+    self.glm = context.glm
+    # readability alias
+    self.owned_locks = context.glm.list_owned
      self.context = context
      self.context = context
-    self.rpc = rpc
-    # Dicts used to declare locking needs to mcpu
+    self.rpc = rpc_runner
+
+    # Dictionaries used to declare locking needs to mcpu
      self.needed_locks = None
      self.needed_locks = None
-    self.acquired_locks = {}
      self.share_locks = dict.fromkeys(locking.LEVELS, 0)
      self.share_locks = dict.fromkeys(locking.LEVELS, 0)
+    self.opportunistic_locks = dict.fromkeys(locking.LEVELS, False)
+
      self.add_locks = {}
      self.remove_locks = {}
      self.add_locks = {}
      self.remove_locks = {}
+
      # Used to force good behavior when calling helper functions
      self.recalculate_locks = {}
      # Used to force good behavior when calling helper functions
      self.recalculate_locks = {}
-    self.__ssh = None
+
      # logging
      # logging
-    self.Log = processor.Log # pylint: disable-msg=C0103
-    self.LogWarning = processor.LogWarning # pylint: disable-msg=C0103
-    self.LogInfo = processor.LogInfo # pylint: disable-msg=C0103
-    self.LogStep = processor.LogStep # pylint: disable-msg=C0103
+    self.Log = processor.Log # pylint: disable=C0103
+    self.LogWarning = processor.LogWarning # pylint: disable=C0103
+    self.LogInfo = processor.LogInfo # pylint: disable=C0103
+    self.LogStep = processor.LogStep # pylint: disable=C0103
      # support for dry-run
      self.dry_run_result = None
      # support for generic debug attribute
      # support for dry-run
      self.dry_run_result = None
      # support for generic debug attribute
@@ -139,16 +170,6 @@ class LogicalUnit(object):
  
      self.CheckArguments()
  
  
      self.CheckArguments()
  
-  def __GetSSH(self):
-    """Returns the SshRunner object
-
-    """
-    if not self.__ssh:
-      self.__ssh = ssh.SshRunner(self.cfg.GetClusterName())
-    return self.__ssh
-
-  ssh = property(fget=__GetSSH)
-
    def CheckArguments(self):
      """Check syntactic validity for the opcode arguments.
  
    def CheckArguments(self):
      """Check syntactic validity for the opcode arguments.
  
@@ -180,9 +201,15 @@ class LogicalUnit(object):
      as values. Rules:
  
        - use an empty dict if you don't need any lock
      as values. Rules:
  
        - use an empty dict if you don't need any lock
-      - if you don't need any lock at a particular level omit that level
+      - if you don't need any lock at a particular level omit that
+        level (note that in this case C{DeclareLocks} won't be called
+        at all for that level)
+      - if you need locks at a level, but you can't calculate it in
+        this function, initialise that level with an empty list and do
+        further processing in L{LogicalUnit.DeclareLocks} (see that
+        function's docstring)
        - don't put anything for the BGL level
        - don't put anything for the BGL level
-      - if you want all locks at a level use locking.ALL_SET as a value
+      - if you want all locks at a level use L{locking.ALL_SET} as a value
  
      If you need to share locks (rather than acquire them exclusively) at one
      level you can modify self.share_locks, setting a true value (usually 1) for
  
      If you need to share locks (rather than acquire them exclusively) at one
      level you can modify self.share_locks, setting a true value (usually 1) for
@@ -229,7 +256,7 @@ class LogicalUnit(object):
      self.needed_locks for the level.
  
      @param level: Locking level which is going to be locked
      self.needed_locks for the level.
  
      @param level: Locking level which is going to be locked
-    @type level: member of ganeti.locking.LEVELS
+    @type level: member of L{ganeti.locking.LEVELS}
  
      """
  
  
      """
  
@@ -274,21 +301,28 @@ class LogicalUnit(object):
    def BuildHooksEnv(self):
      """Build hooks environment for this LU.
  
    def BuildHooksEnv(self):
      """Build hooks environment for this LU.
  
-    This method should return a three-node tuple consisting of: a dict
-    containing the environment that will be used for running the
-    specific hook for this LU, a list of node names on which the hook
-    should run before the execution, and a list of node names on which
-    the hook should run after the execution.
+    @rtype: dict
+    @return: Dictionary containing the environment that will be used for
+      running the hooks for this LU. The keys of the dict must not be prefixed
+      with "GANETI_"--that'll be added by the hooks runner. The hooks runner
+      will extend the environment with additional variables. If no environment
+      should be defined, an empty dictionary should be returned (not C{None}).
+    @note: If the C{HPATH} attribute of the LU class is C{None}, this function
+      will not be called.
  
  
-    The keys of the dict must not have 'GANETI_' prefixed as this will
-    be handled in the hooks runner. Also note additional keys will be
-    added by the hooks runner. If the LU doesn't define any
-    environment, an empty dict (and not None) should be returned.
+    """
+    raise NotImplementedError
  
  
-    No nodes should be returned as an empty list (and not None).
+  def BuildHooksNodes(self):
+    """Build list of nodes to run LU's hooks.
  
  
-    Note that if the HPATH for a LU class is None, this function will
-    not be called.
+    @rtype: tuple; (list, list)
+    @return: Tuple containing a list of node names on which the hook
+      should run before the execution and a list of node names on which the
+      hook should run after the execution. No nodes should be returned as an
+      empty list (and not None).
+    @note: If the C{HPATH} attribute of the LU class is C{None}, this function
+      will not be called.
  
      """
      raise NotImplementedError
  
      """
      raise NotImplementedError
@@ -314,7 +348,7 @@ class LogicalUnit(object):
      """
      # API must be kept, thus we ignore the unused argument and could
      # be a function warnings
      """
      # API must be kept, thus we ignore the unused argument and could
      # be a function warnings
-    # pylint: disable-msg=W0613,R0201
+    # pylint: disable=W0613,R0201
      return lu_result
  
    def _ExpandAndLockInstance(self):
      return lu_result
  
    def _ExpandAndLockInstance(self):
@@ -336,7 +370,8 @@ class LogicalUnit(object):
                                                  self.op.instance_name)
      self.needed_locks[locking.LEVEL_INSTANCE] = self.op.instance_name
  
                                                  self.op.instance_name)
      self.needed_locks[locking.LEVEL_INSTANCE] = self.op.instance_name
  
-  def _LockInstancesNodes(self, primary_only=False):
+  def _LockInstancesNodes(self, primary_only=False,
+                          level=locking.LEVEL_NODE):
      """Helper function to declare instances' nodes for locking.
  
      This function should be called after locking one or more instances to lock
      """Helper function to declare instances' nodes for locking.
  
      This function should be called after locking one or more instances to lock
@@ -357,9 +392,10 @@ class LogicalUnit(object):
  
      @type primary_only: boolean
      @param primary_only: only lock primary nodes of locked instances
  
      @type primary_only: boolean
      @param primary_only: only lock primary nodes of locked instances
+    @param level: Which lock level to use for locking nodes
  
      """
  
      """
-    assert locking.LEVEL_NODE in self.recalculate_locks, \
+    assert level in self.recalculate_locks, \
        "_LockInstancesNodes helper function called with no nodes to recalculate"
  
      # TODO: check if we're really been called with the instance locks held
        "_LockInstancesNodes helper function called with no nodes to recalculate"
  
      # TODO: check if we're really been called with the instance locks held
@@ -368,21 +404,23 @@ class LogicalUnit(object):
      # future we might want to have different behaviors depending on the value
      # of self.recalculate_locks[locking.LEVEL_NODE]
      wanted_nodes = []
      # future we might want to have different behaviors depending on the value
      # of self.recalculate_locks[locking.LEVEL_NODE]
      wanted_nodes = []
-    for instance_name in self.acquired_locks[locking.LEVEL_INSTANCE]:
-      instance = self.context.cfg.GetInstanceInfo(instance_name)
+    locked_i = self.owned_locks(locking.LEVEL_INSTANCE)
+    for _, instance in self.cfg.GetMultiInstanceInfo(locked_i):
        wanted_nodes.append(instance.primary_node)
        if not primary_only:
          wanted_nodes.extend(instance.secondary_nodes)
  
        wanted_nodes.append(instance.primary_node)
        if not primary_only:
          wanted_nodes.extend(instance.secondary_nodes)
  
-    if self.recalculate_locks[locking.LEVEL_NODE] == constants.LOCKS_REPLACE:
-      self.needed_locks[locking.LEVEL_NODE] = wanted_nodes
-    elif self.recalculate_locks[locking.LEVEL_NODE] == constants.LOCKS_APPEND:
-      self.needed_locks[locking.LEVEL_NODE].extend(wanted_nodes)
+    if self.recalculate_locks[level] == constants.LOCKS_REPLACE:
+      self.needed_locks[level] = wanted_nodes
+    elif self.recalculate_locks[level] == constants.LOCKS_APPEND:
+      self.needed_locks[level].extend(wanted_nodes)
+    else:
+      raise errors.ProgrammerError("Unknown recalculation mode")
  
  
-    del self.recalculate_locks[locking.LEVEL_NODE]
+    del self.recalculate_locks[level]
  
  
  
  
-class NoHooksLU(LogicalUnit): # pylint: disable-msg=W0223
+class NoHooksLU(LogicalUnit): # pylint: disable=W0223
    """Simple LU which runs no hooks.
  
    This LU is intended as a parent for other LogicalUnits which will
    """Simple LU which runs no hooks.
  
    This LU is intended as a parent for other LogicalUnits which will
@@ -398,7 +436,13 @@ class NoHooksLU(LogicalUnit): # pylint: disable-msg=W0223
      This just raises an error.
  
      """
      This just raises an error.
  
      """
-    assert False, "BuildHooksEnv called for NoHooksLUs"
+    raise AssertionError("BuildHooksEnv called for NoHooksLUs")
+
+  def BuildHooksNodes(self):
+    """Empty BuildHooksNodes for NoHooksLU.
+
+    """
+    raise AssertionError("BuildHooksNodes called for NoHooksLU")
  
  
  class Tasklet:
  
  
  class Tasklet:
@@ -454,15 +498,22 @@ class _QueryBase:
    #: Attribute holding field definitions
    FIELDS = None
  
    #: Attribute holding field definitions
    FIELDS = None
  
-  def __init__(self, names, fields, use_locking):
+  #: Field to sort by
+  SORT_FIELD = "name"
+
+  def __init__(self, qfilter, fields, use_locking):
      """Initializes this class.
  
      """
      """Initializes this class.
  
      """
-    self.names = names
      self.use_locking = use_locking
  
      self.use_locking = use_locking
  
-    self.query = query.Query(self.FIELDS, fields)
+    self.query = query.Query(self.FIELDS, fields, qfilter=qfilter,
+                             namefield=self.SORT_FIELD)
      self.requested_data = self.query.RequestedData()
      self.requested_data = self.query.RequestedData()
+    self.names = self.query.RequestedNames()
+
+    # Sort only if no names were requested
+    self.sort_by_name = not self.names
  
      self.do_locking = None
      self.wanted = None
  
      self.do_locking = None
      self.wanted = None
@@ -472,7 +523,7 @@ class _QueryBase:
  
      """
      if self.do_locking:
  
      """
      if self.do_locking:
-      names = lu.acquired_locks[lock_level]
+      names = lu.owned_locks(lock_level)
      else:
        names = all_names
  
      else:
        names = all_names
  
@@ -483,7 +534,7 @@ class _QueryBase:
  
      # caller specified names and we must keep the same order
      assert self.names
  
      # caller specified names and we must keep the same order
      assert self.names
-    assert not self.do_locking or lu.acquired_locks[lock_level]
+    assert not self.do_locking or lu.glm.is_owned(lock_level)
  
      missing = set(self.wanted).difference(names)
      if missing:
  
      missing = set(self.wanted).difference(names)
      if missing:
@@ -493,15 +544,6 @@ class _QueryBase:
      # Return expanded names
      return self.wanted
  
      # Return expanded names
      return self.wanted
  
-  @classmethod
-  def FieldsQuery(cls, fields):
-    """Returns list of available fields.
-
-    @return: List of L{objects.QueryFieldDefinition}
-
-    """
-    return query.QueryFields(cls.FIELDS, fields)
-
    def ExpandNames(self, lu):
      """Expand names for this query.
  
    def ExpandNames(self, lu):
      """Expand names for this query.
  
@@ -530,13 +572,141 @@ class _QueryBase:
      """Collect data and execute query.
  
      """
      """Collect data and execute query.
  
      """
-    return query.GetQueryResponse(self.query, self._GetQueryData(lu))
+    return query.GetQueryResponse(self.query, self._GetQueryData(lu),
+                                  sort_by_name=self.sort_by_name)
  
    def OldStyleQuery(self, lu):
      """Collect data and execute query.
  
      """
  
    def OldStyleQuery(self, lu):
      """Collect data and execute query.
  
      """
-    return self.query.OldStyleQuery(self._GetQueryData(lu))
+    return self.query.OldStyleQuery(self._GetQueryData(lu),
+                                    sort_by_name=self.sort_by_name)
+
+
+def _ShareAll():
+  """Returns a dict declaring all lock levels shared.
+
+  """
+  return dict.fromkeys(locking.LEVELS, 1)
+
+
+def _AnnotateDiskParams(instance, devs, cfg):
+  """Little helper wrapper to the rpc annotation method.
+
+  @param instance: The instance object
+  @type devs: List of L{objects.Disk}
+  @param devs: The root devices (not any of its children!)
+  @param cfg: The config object
+  @returns The annotated disk copies
+  @see L{rpc.AnnotateDiskParams}
+
+  """
+  return rpc.AnnotateDiskParams(instance.disk_template, devs,
+                                cfg.GetInstanceDiskParams(instance))
+
+
+def _CheckInstancesNodeGroups(cfg, instances, owned_groups, owned_nodes,
+                              cur_group_uuid):
+  """Checks if node groups for locked instances are still correct.
+
+  @type cfg: L{config.ConfigWriter}
+  @param cfg: Cluster configuration
+  @type instances: dict; string as key, L{objects.Instance} as value
+  @param instances: Dictionary, instance name as key, instance object as value
+  @type owned_groups: iterable of string
+  @param owned_groups: List of owned groups
+  @type owned_nodes: iterable of string
+  @param owned_nodes: List of owned nodes
+  @type cur_group_uuid: string or None
+  @param cur_group_uuid: Optional group UUID to check against instance's groups
+
+  """
+  for (name, inst) in instances.items():
+    assert owned_nodes.issuperset(inst.all_nodes), \
+      "Instance %s's nodes changed while we kept the lock" % name
+
+    inst_groups = _CheckInstanceNodeGroups(cfg, name, owned_groups)
+
+    assert cur_group_uuid is None or cur_group_uuid in inst_groups, \
+      "Instance %s has no node in group %s" % (name, cur_group_uuid)
+
+
+def _CheckInstanceNodeGroups(cfg, instance_name, owned_groups,
+                             primary_only=False):
+  """Checks if the owned node groups are still correct for an instance.
+
+  @type cfg: L{config.ConfigWriter}
+  @param cfg: The cluster configuration
+  @type instance_name: string
+  @param instance_name: Instance name
+  @type owned_groups: set or frozenset
+  @param owned_groups: List of currently owned node groups
+  @type primary_only: boolean
+  @param primary_only: Whether to check node groups for only the primary node
+
+  """
+  inst_groups = cfg.GetInstanceNodeGroups(instance_name, primary_only)
+
+  if not owned_groups.issuperset(inst_groups):
+    raise errors.OpPrereqError("Instance %s's node groups changed since"
+                               " locks were acquired, current groups are"
+                               " are '%s', owning groups '%s'; retry the"
+                               " operation" %
+                               (instance_name,
+                                utils.CommaJoin(inst_groups),
+                                utils.CommaJoin(owned_groups)),
+                               errors.ECODE_STATE)
+
+  return inst_groups
+
+
+def _CheckNodeGroupInstances(cfg, group_uuid, owned_instances):
+  """Checks if the instances in a node group are still correct.
+
+  @type cfg: L{config.ConfigWriter}
+  @param cfg: The cluster configuration
+  @type group_uuid: string
+  @param group_uuid: Node group UUID
+  @type owned_instances: set or frozenset
+  @param owned_instances: List of currently owned instances
+
+  """
+  wanted_instances = cfg.GetNodeGroupInstances(group_uuid)
+  if owned_instances != wanted_instances:
+    raise errors.OpPrereqError("Instances in node group '%s' changed since"
+                               " locks were acquired, wanted '%s', have '%s';"
+                               " retry the operation" %
+                               (group_uuid,
+                                utils.CommaJoin(wanted_instances),
+                                utils.CommaJoin(owned_instances)),
+                               errors.ECODE_STATE)
+
+  return wanted_instances
+
+
+def _SupportsOob(cfg, node):
+  """Tells if node supports OOB.
+
+  @type cfg: L{config.ConfigWriter}
+  @param cfg: The cluster configuration
+  @type node: L{objects.Node}
+  @param node: The node
+  @return: The OOB script if supported or an empty string otherwise
+
+  """
+  return cfg.GetNdParams(node)[constants.ND_OOB_PROGRAM]
+
+
+def _CopyLockList(names):
+  """Makes a copy of a list of lock names.
+
+  Handles L{locking.ALL_SET} correctly.
+
+  """
+  if names == locking.ALL_SET:
+    return locking.ALL_SET
+  else:
+    return names[:]
  
  
  def _GetWantedNodes(lu, nodes):
  
  
  def _GetWantedNodes(lu, nodes):
@@ -610,6 +780,194 @@ def _GetUpdatedParams(old_params, update_dict,
    return params_copy
  
  
    return params_copy
  
  
+def _GetUpdatedIPolicy(old_ipolicy, new_ipolicy, group_policy=False):
+  """Return the new version of a instance policy.
+
+  @param group_policy: whether this policy applies to a group and thus
+    we should support removal of policy entries
+
+  """
+  use_none = use_default = group_policy
+  ipolicy = copy.deepcopy(old_ipolicy)
+  for key, value in new_ipolicy.items():
+    if key not in constants.IPOLICY_ALL_KEYS:
+      raise errors.OpPrereqError("Invalid key in new ipolicy: %s" % key,
+                                 errors.ECODE_INVAL)
+    if key in constants.IPOLICY_ISPECS:
+      utils.ForceDictType(value, constants.ISPECS_PARAMETER_TYPES)
+      ipolicy[key] = _GetUpdatedParams(old_ipolicy.get(key, {}), value,
+                                       use_none=use_none,
+                                       use_default=use_default)
+    else:
+      if (not value or value == [constants.VALUE_DEFAULT] or
+          value == constants.VALUE_DEFAULT):
+        if group_policy:
+          del ipolicy[key]
+        else:
+          raise errors.OpPrereqError("Can't unset ipolicy attribute '%s'"
+                                     " on the cluster'" % key,
+                                     errors.ECODE_INVAL)
+      else:
+        if key in constants.IPOLICY_PARAMETERS:
+          # FIXME: we assume all such values are float
+          try:
+            ipolicy[key] = float(value)
+          except (TypeError, ValueError), err:
+            raise errors.OpPrereqError("Invalid value for attribute"
+                                       " '%s': '%s', error: %s" %
+                                       (key, value, err), errors.ECODE_INVAL)
+        else:
+          # FIXME: we assume all others are lists; this should be redone
+          # in a nicer way
+          ipolicy[key] = list(value)
+  try:
+    objects.InstancePolicy.CheckParameterSyntax(ipolicy, not group_policy)
+  except errors.ConfigurationError, err:
+    raise errors.OpPrereqError("Invalid instance policy: %s" % err,
+                               errors.ECODE_INVAL)
+  return ipolicy
+
+
+def _UpdateAndVerifySubDict(base, updates, type_check):
+  """Updates and verifies a dict with sub dicts of the same type.
+
+  @param base: The dict with the old data
+  @param updates: The dict with the new data
+  @param type_check: Dict suitable to ForceDictType to verify correct types
+  @returns: A new dict with updated and verified values
+
+  """
+  def fn(old, value):
+    new = _GetUpdatedParams(old, value)
+    utils.ForceDictType(new, type_check)
+    return new
+
+  ret = copy.deepcopy(base)
+  ret.update(dict((key, fn(base.get(key, {}), value))
+                  for key, value in updates.items()))
+  return ret
+
+
+def _MergeAndVerifyHvState(op_input, obj_input):
+  """Combines the hv state from an opcode with the one of the object
+
+  @param op_input: The input dict from the opcode
+  @param obj_input: The input dict from the objects
+  @return: The verified and updated dict
+
+  """
+  if op_input:
+    invalid_hvs = set(op_input) - constants.HYPER_TYPES
+    if invalid_hvs:
+      raise errors.OpPrereqError("Invalid hypervisor(s) in hypervisor state:"
+                                 " %s" % utils.CommaJoin(invalid_hvs),
+                                 errors.ECODE_INVAL)
+    if obj_input is None:
+      obj_input = {}
+    type_check = constants.HVSTS_PARAMETER_TYPES
+    return _UpdateAndVerifySubDict(obj_input, op_input, type_check)
+
+  return None
+
+
+def _MergeAndVerifyDiskState(op_input, obj_input):
+  """Combines the disk state from an opcode with the one of the object
+
+  @param op_input: The input dict from the opcode
+  @param obj_input: The input dict from the objects
+  @return: The verified and updated dict
+  """
+  if op_input:
+    invalid_dst = set(op_input) - constants.DS_VALID_TYPES
+    if invalid_dst:
+      raise errors.OpPrereqError("Invalid storage type(s) in disk state: %s" %
+                                 utils.CommaJoin(invalid_dst),
+                                 errors.ECODE_INVAL)
+    type_check = constants.DSS_PARAMETER_TYPES
+    if obj_input is None:
+      obj_input = {}
+    return dict((key, _UpdateAndVerifySubDict(obj_input.get(key, {}), value,
+                                              type_check))
+                for key, value in op_input.items())
+
+  return None
+
+
+def _ReleaseLocks(lu, level, names=None, keep=None):
+  """Releases locks owned by an LU.
+
+  @type lu: L{LogicalUnit}
+  @param level: Lock level
+  @type names: list or None
+  @param names: Names of locks to release
+  @type keep: list or None
+  @param keep: Names of locks to retain
+
+  """
+  assert not (keep is not None and names is not None), \
+         "Only one of the 'names' and the 'keep' parameters can be given"
+
+  if names is not None:
+    should_release = names.__contains__
+  elif keep:
+    should_release = lambda name: name not in keep
+  else:
+    should_release = None
+
+  owned = lu.owned_locks(level)
+  if not owned:
+    # Not owning any lock at this level, do nothing
+    pass
+
+  elif should_release:
+    retain = []
+    release = []
+
+    # Determine which locks to release
+    for name in owned:
+      if should_release(name):
+        release.append(name)
+      else:
+        retain.append(name)
+
+    assert len(lu.owned_locks(level)) == (len(retain) + len(release))
+
+    # Release just some locks
+    lu.glm.release(level, names=release)
+
+    assert frozenset(lu.owned_locks(level)) == frozenset(retain)
+  else:
+    # Release everything
+    lu.glm.release(level)
+
+    assert not lu.glm.is_owned(level), "No locks should be owned"
+
+
+def _MapInstanceDisksToNodes(instances):
+  """Creates a map from (node, volume) to instance name.
+
+  @type instances: list of L{objects.Instance}
+  @rtype: dict; tuple of (node name, volume name) as key, instance name as value
+
+  """
+  return dict(((node, vol), inst.name)
+              for inst in instances
+              for (node, vols) in inst.MapLVsByNode().items()
+              for vol in vols)
+
+
+def _RunPostHook(lu, node_name):
+  """Runs the post-hook for an opcode on a single node.
+
+  """
+  hm = lu.proc.BuildHooksManager(lu)
+  try:
+    hm.RunPhase(constants.HOOKS_PHASE_POST, nodes=[node_name])
+  except Exception, err: # pylint: disable=W0703
+    lu.LogWarning("Errors occurred running hooks on %s: %s",
+                  node_name, err)
+
+
  def _CheckOutputFields(static, dynamic, selected):
    """Checks whether all selected fields are valid.
  
  def _CheckOutputFields(static, dynamic, selected):
    """Checks whether all selected fields are valid.
  
@@ -734,24 +1092,207 @@ def _GetClusterDomainSecret():
    """Reads the cluster domain secret.
  
    """
    """Reads the cluster domain secret.
  
    """
-  return utils.ReadOneLineFile(constants.CLUSTER_DOMAIN_SECRET_FILE,
+  return utils.ReadOneLineFile(pathutils.CLUSTER_DOMAIN_SECRET_FILE,
                                 strict=True)
  
  
                                 strict=True)
  
  
-def _CheckInstanceDown(lu, instance, reason):
-  """Ensure that an instance is not running."""
-  if instance.admin_up:
-    raise errors.OpPrereqError("Instance %s is marked to be up, %s" %
-                               (instance.name, reason), errors.ECODE_STATE)
+def _CheckInstanceState(lu, instance, req_states, msg=None):
+  """Ensure that an instance is in one of the required states.
+
+  @param lu: the LU on behalf of which we make the check
+  @param instance: the instance to check
+  @param msg: if passed, should be a message to replace the default one
+  @raise errors.OpPrereqError: if the instance is not in the required state
+
+  """
+  if msg is None:
+    msg = ("can't use instance from outside %s states" %
+           utils.CommaJoin(req_states))
+  if instance.admin_state not in req_states:
+    raise errors.OpPrereqError("Instance '%s' is marked to be %s, %s" %
+                               (instance.name, instance.admin_state, msg),
+                               errors.ECODE_STATE)
+
+  if constants.ADMINST_UP not in req_states:
+    pnode = instance.primary_node
+    if not lu.cfg.GetNodeInfo(pnode).offline:
+      ins_l = lu.rpc.call_instance_list([pnode], [instance.hypervisor])[pnode]
+      ins_l.Raise("Can't contact node %s for instance information" % pnode,
+                  prereq=True, ecode=errors.ECODE_ENVIRON)
+      if instance.name in ins_l.payload:
+        raise errors.OpPrereqError("Instance %s is running, %s" %
+                                   (instance.name, msg), errors.ECODE_STATE)
+    else:
+      lu.LogWarning("Primary node offline, ignoring check that instance"
+                     " is down")
+
+
+def _ComputeMinMaxSpec(name, qualifier, ipolicy, value):
+  """Computes if value is in the desired range.
+
+  @param name: name of the parameter for which we perform the check
+  @param qualifier: a qualifier used in the error message (e.g. 'disk/1',
+      not just 'disk')
+  @param ipolicy: dictionary containing min, max and std values
+  @param value: actual value that we want to use
+  @return: None or element not meeting the criteria
+
+
+  """
+  if value in [None, constants.VALUE_AUTO]:
+    return None
+  max_v = ipolicy[constants.ISPECS_MAX].get(name, value)
+  min_v = ipolicy[constants.ISPECS_MIN].get(name, value)
+  if value > max_v or min_v > value:
+    if qualifier:
+      fqn = "%s/%s" % (name, qualifier)
+    else:
+      fqn = name
+    return ("%s value %s is not in range [%s, %s]" %
+            (fqn, value, min_v, max_v))
+  return None
+
+
+def _ComputeIPolicySpecViolation(ipolicy, mem_size, cpu_count, disk_count,
+                                 nic_count, disk_sizes, spindle_use,
+                                 _compute_fn=_ComputeMinMaxSpec):
+  """Verifies ipolicy against provided specs.
+
+  @type ipolicy: dict
+  @param ipolicy: The ipolicy
+  @type mem_size: int
+  @param mem_size: The memory size
+  @type cpu_count: int
+  @param cpu_count: Used cpu cores
+  @type disk_count: int
+  @param disk_count: Number of disks used
+  @type nic_count: int
+  @param nic_count: Number of nics used
+  @type disk_sizes: list of ints
+  @param disk_sizes: Disk sizes of used disk (len must match C{disk_count})
+  @type spindle_use: int
+  @param spindle_use: The number of spindles this instance uses
+  @param _compute_fn: The compute function (unittest only)
+  @return: A list of violations, or an empty list of no violations are found
+
+  """
+  assert disk_count == len(disk_sizes)
+
+  test_settings = [
+    (constants.ISPEC_MEM_SIZE, "", mem_size),
+    (constants.ISPEC_CPU_COUNT, "", cpu_count),
+    (constants.ISPEC_DISK_COUNT, "", disk_count),
+    (constants.ISPEC_NIC_COUNT, "", nic_count),
+    (constants.ISPEC_SPINDLE_USE, "", spindle_use),
+    ] + [(constants.ISPEC_DISK_SIZE, str(idx), d)
+         for idx, d in enumerate(disk_sizes)]
+
+  return filter(None,
+                (_compute_fn(name, qualifier, ipolicy, value)
+                 for (name, qualifier, value) in test_settings))
+
+
+def _ComputeIPolicyInstanceViolation(ipolicy, instance,
+                                     _compute_fn=_ComputeIPolicySpecViolation):
+  """Compute if instance meets the specs of ipolicy.
+
+  @type ipolicy: dict
+  @param ipolicy: The ipolicy to verify against
+  @type instance: L{objects.Instance}
+  @param instance: The instance to verify
+  @param _compute_fn: The function to verify ipolicy (unittest only)
+  @see: L{_ComputeIPolicySpecViolation}
+
+  """
+  mem_size = instance.beparams.get(constants.BE_MAXMEM, None)
+  cpu_count = instance.beparams.get(constants.BE_VCPUS, None)
+  spindle_use = instance.beparams.get(constants.BE_SPINDLE_USE, None)
+  disk_count = len(instance.disks)
+  disk_sizes = [disk.size for disk in instance.disks]
+  nic_count = len(instance.nics)
+
+  return _compute_fn(ipolicy, mem_size, cpu_count, disk_count, nic_count,
+                     disk_sizes, spindle_use)
+
+
+def _ComputeIPolicyInstanceSpecViolation(
+  ipolicy, instance_spec, _compute_fn=_ComputeIPolicySpecViolation):
+  """Compute if instance specs meets the specs of ipolicy.
+
+  @type ipolicy: dict
+  @param ipolicy: The ipolicy to verify against
+  @param instance_spec: dict
+  @param instance_spec: The instance spec to verify
+  @param _compute_fn: The function to verify ipolicy (unittest only)
+  @see: L{_ComputeIPolicySpecViolation}
+
+  """
+  mem_size = instance_spec.get(constants.ISPEC_MEM_SIZE, None)
+  cpu_count = instance_spec.get(constants.ISPEC_CPU_COUNT, None)
+  disk_count = instance_spec.get(constants.ISPEC_DISK_COUNT, 0)
+  disk_sizes = instance_spec.get(constants.ISPEC_DISK_SIZE, [])
+  nic_count = instance_spec.get(constants.ISPEC_NIC_COUNT, 0)
+  spindle_use = instance_spec.get(constants.ISPEC_SPINDLE_USE, None)
+
+  return _compute_fn(ipolicy, mem_size, cpu_count, disk_count, nic_count,
+                     disk_sizes, spindle_use)
+
+
+def _ComputeIPolicyNodeViolation(ipolicy, instance, current_group,
+                                 target_group,
+                                 _compute_fn=_ComputeIPolicyInstanceViolation):
+  """Compute if instance meets the specs of the new target group.
+
+  @param ipolicy: The ipolicy to verify
+  @param instance: The instance object to verify
+  @param current_group: The current group of the instance
+  @param target_group: The new group of the instance
+  @param _compute_fn: The function to verify ipolicy (unittest only)
+  @see: L{_ComputeIPolicySpecViolation}
+
+  """
+  if current_group == target_group:
+    return []
+  else:
+    return _compute_fn(ipolicy, instance)
+
+
+def _CheckTargetNodeIPolicy(lu, ipolicy, instance, node, ignore=False,
+                            _compute_fn=_ComputeIPolicyNodeViolation):
+  """Checks that the target node is correct in terms of instance policy.
+
+  @param ipolicy: The ipolicy to verify
+  @param instance: The instance object to verify
+  @param node: The new node to relocate
+  @param ignore: Ignore violations of the ipolicy
+  @param _compute_fn: The function to verify ipolicy (unittest only)
+  @see: L{_ComputeIPolicySpecViolation}
+
+  """
+  primary_node = lu.cfg.GetNodeInfo(instance.primary_node)
+  res = _compute_fn(ipolicy, instance, primary_node.group, node.group)
+
+  if res:
+    msg = ("Instance does not meet target node group's (%s) instance"
+           " policy: %s") % (node.group, utils.CommaJoin(res))
+    if ignore:
+      lu.LogWarning(msg)
+    else:
+      raise errors.OpPrereqError(msg, errors.ECODE_INVAL)
  
  
-  pnode = instance.primary_node
-  ins_l = lu.rpc.call_instance_list([pnode], [instance.hypervisor])[pnode]
-  ins_l.Raise("Can't contact node %s for instance information" % pnode,
-              prereq=True, ecode=errors.ECODE_ENVIRON)
  
  
-  if instance.name in ins_l.payload:
-    raise errors.OpPrereqError("Instance %s is running, %s" %
-                               (instance.name, reason), errors.ECODE_STATE)
+def _ComputeNewInstanceViolations(old_ipolicy, new_ipolicy, instances):
+  """Computes a set of any instances that would violate the new ipolicy.
+
+  @param old_ipolicy: The current (still in-place) ipolicy
+  @param new_ipolicy: The new (to become) ipolicy
+  @param instances: List of instances to verify
+  @return: A list of instances which violates the new ipolicy but
+      did not before
+
+  """
+  return (_ComputeViolatingInstances(new_ipolicy, instances) -
+          _ComputeViolatingInstances(old_ipolicy, instances))
  
  
  def _ExpandItemName(fn, name, kind):
  
  
  def _ExpandItemName(fn, name, kind):
@@ -781,9 +1322,75 @@ def _ExpandInstanceName(cfg, name):
    return _ExpandItemName(cfg.ExpandInstanceName, name, "Instance")
  
  
    return _ExpandItemName(cfg.ExpandInstanceName, name, "Instance")
  
  
+def _BuildNetworkHookEnv(name, subnet, gateway, network6, gateway6,
+                         network_type, mac_prefix, tags):
+  """Builds network related env variables for hooks
+
+  This builds the hook environment from individual variables.
+
+  @type name: string
+  @param name: the name of the network
+  @type subnet: string
+  @param subnet: the ipv4 subnet
+  @type gateway: string
+  @param gateway: the ipv4 gateway
+  @type network6: string
+  @param network6: the ipv6 subnet
+  @type gateway6: string
+  @param gateway6: the ipv6 gateway
+  @type network_type: string
+  @param network_type: the type of the network
+  @type mac_prefix: string
+  @param mac_prefix: the mac_prefix
+  @type tags: list
+  @param tags: the tags of the network
+
+  """
+  env = {}
+  if name:
+    env["NETWORK_NAME"] = name
+  if subnet:
+    env["NETWORK_SUBNET"] = subnet
+  if gateway:
+    env["NETWORK_GATEWAY"] = gateway
+  if network6:
+    env["NETWORK_SUBNET6"] = network6
+  if gateway6:
+    env["NETWORK_GATEWAY6"] = gateway6
+  if mac_prefix:
+    env["NETWORK_MAC_PREFIX"] = mac_prefix
+  if network_type:
+    env["NETWORK_TYPE"] = network_type
+  if tags:
+    env["NETWORK_TAGS"] = " ".join(tags)
+
+  return env
+
+
+def _BuildNetworkHookEnvByObject(net):
+  """Builds network related env varliables for hooks
+
+  @type net: L{objects.Network}
+  @param net: the network object
+
+  """
+  args = {
+    "name": net.name,
+    "subnet": net.network,
+    "gateway": net.gateway,
+    "network6": net.network6,
+    "gateway6": net.gateway6,
+    "network_type": net.network_type,
+    "mac_prefix": net.mac_prefix,
+    "tags": net.tags,
+  }
+
+  return _BuildNetworkHookEnv(**args) # pylint: disable=W0142
+
+
  def _BuildInstanceHookEnv(name, primary_node, secondary_nodes, os_type, status,
  def _BuildInstanceHookEnv(name, primary_node, secondary_nodes, os_type, status,
-                          memory, vcpus, nics, disk_template, disks,
-                          bep, hvp, hypervisor_name):
+                          minmem, maxmem, vcpus, nics, disk_template, disks,
+                          bep, hvp, hypervisor_name, tags):
    """Builds instance related env variables for hooks
  
    This builds the hook environment from individual variables.
    """Builds instance related env variables for hooks
  
    This builds the hook environment from individual variables.
@@ -796,14 +1403,16 @@ def _BuildInstanceHookEnv(name, primary_node, secondary_nodes, os_type, status,
    @param secondary_nodes: list of secondary nodes as strings
    @type os_type: string
    @param os_type: the name of the instance's OS
    @param secondary_nodes: list of secondary nodes as strings
    @type os_type: string
    @param os_type: the name of the instance's OS
-  @type status: boolean
-  @param status: the should_run status of the instance
-  @type memory: string
-  @param memory: the memory size of the instance
+  @type status: string
+  @param status: the desired status of the instance
+  @type minmem: string
+  @param minmem: the minimum memory size of the instance
+  @type maxmem: string
+  @param maxmem: the maximum memory size of the instance
    @type vcpus: string
    @param vcpus: the count of VCPUs the instance has
    @type nics: list
    @type vcpus: string
    @param vcpus: the count of VCPUs the instance has
    @type nics: list
-  @param nics: list of tuples (ip, mac, mode, link) representing
+  @param nics: list of tuples (ip, mac, mode, link, network) representing
        the NICs the instance has
    @type disk_template: string
    @param disk_template: the disk template of the instance
        the NICs the instance has
    @type disk_template: string
    @param disk_template: the disk template of the instance
@@ -815,36 +1424,54 @@ def _BuildInstanceHookEnv(name, primary_node, secondary_nodes, os_type, status,
    @param hvp: the hypervisor parameters for the instance
    @type hypervisor_name: string
    @param hypervisor_name: the hypervisor for the instance
    @param hvp: the hypervisor parameters for the instance
    @type hypervisor_name: string
    @param hypervisor_name: the hypervisor for the instance
+  @type tags: list
+  @param tags: list of instance tags as strings
    @rtype: dict
    @return: the hook environment for this instance
  
    """
    @rtype: dict
    @return: the hook environment for this instance
  
    """
-  if status:
-    str_status = "up"
-  else:
-    str_status = "down"
    env = {
      "OP_TARGET": name,
      "INSTANCE_NAME": name,
      "INSTANCE_PRIMARY": primary_node,
      "INSTANCE_SECONDARIES": " ".join(secondary_nodes),
      "INSTANCE_OS_TYPE": os_type,
    env = {
      "OP_TARGET": name,
      "INSTANCE_NAME": name,
      "INSTANCE_PRIMARY": primary_node,
      "INSTANCE_SECONDARIES": " ".join(secondary_nodes),
      "INSTANCE_OS_TYPE": os_type,
-    "INSTANCE_STATUS": str_status,
-    "INSTANCE_MEMORY": memory,
+    "INSTANCE_STATUS": status,
+    "INSTANCE_MINMEM": minmem,
+    "INSTANCE_MAXMEM": maxmem,
+    # TODO(2.7) remove deprecated "memory" value
+    "INSTANCE_MEMORY": maxmem,
      "INSTANCE_VCPUS": vcpus,
      "INSTANCE_DISK_TEMPLATE": disk_template,
      "INSTANCE_HYPERVISOR": hypervisor_name,
    }
      "INSTANCE_VCPUS": vcpus,
      "INSTANCE_DISK_TEMPLATE": disk_template,
      "INSTANCE_HYPERVISOR": hypervisor_name,
    }
-
    if nics:
      nic_count = len(nics)
    if nics:
      nic_count = len(nics)
-    for idx, (ip, mac, mode, link) in enumerate(nics):
+    for idx, (ip, mac, mode, link, net, netinfo) in enumerate(nics):
        if ip is None:
          ip = ""
        env["INSTANCE_NIC%d_IP" % idx] = ip
        env["INSTANCE_NIC%d_MAC" % idx] = mac
        env["INSTANCE_NIC%d_MODE" % idx] = mode
        env["INSTANCE_NIC%d_LINK" % idx] = link
        if ip is None:
          ip = ""
        env["INSTANCE_NIC%d_IP" % idx] = ip
        env["INSTANCE_NIC%d_MAC" % idx] = mac
        env["INSTANCE_NIC%d_MODE" % idx] = mode
        env["INSTANCE_NIC%d_LINK" % idx] = link
+      if network:
+        env["INSTANCE_NIC%d_NETWORK" % idx] = net
+        if netinfo:
+          nobj = objects.Network.FromDict(netinfo)
+          if nobj.network:
+            env["INSTANCE_NIC%d_NETWORK_SUBNET" % idx] = nobj.network
+          if nobj.gateway:
+            env["INSTANCE_NIC%d_NETWORK_GATEWAY" % idx] = nobj.gateway
+          if nobj.network6:
+            env["INSTANCE_NIC%d_NETWORK_SUBNET6" % idx] = nobj.network6
+          if nobj.gateway6:
+            env["INSTANCE_NIC%d_NETWORK_GATEWAY6" % idx] = nobj.gateway6
+          if nobj.mac_prefix:
+            env["INSTANCE_NIC%d_NETWORK_MAC_PREFIX" % idx] = nobj.mac_prefix
+          if nobj.network_type:
+            env["INSTANCE_NIC%d_NETWORK_TYPE" % idx] = nobj.network_type
+          if nobj.tags:
+            env["INSTANCE_NIC%d_NETWORK_TAGS" % idx] = " ".join(nobj.tags)
        if mode == constants.NIC_MODE_BRIDGED:
          env["INSTANCE_NIC%d_BRIDGE" % idx] = link
    else:
        if mode == constants.NIC_MODE_BRIDGED:
          env["INSTANCE_NIC%d_BRIDGE" % idx] = link
    else:
@@ -862,6 +1489,11 @@ def _BuildInstanceHookEnv(name, primary_node, secondary_nodes, os_type, status,
  
    env["INSTANCE_DISK_COUNT"] = disk_count
  
  
    env["INSTANCE_DISK_COUNT"] = disk_count
  
+  if not tags:
+    tags = []
+
+  env["INSTANCE_TAGS"] = " ".join(tags)
+
    for source, kind in [(bep, "BE"), (hvp, "HV")]:
      for key, value in source.items():
        env["INSTANCE_%s_%s" % (kind, key)] = value
    for source, kind in [(bep, "BE"), (hvp, "HV")]:
      for key, value in source.items():
        env["INSTANCE_%s_%s" % (kind, key)] = value
@@ -869,6 +1501,31 @@ def _BuildInstanceHookEnv(name, primary_node, secondary_nodes, os_type, status,
    return env
  
  
    return env
  
  
+def _NICToTuple(lu, nic):
+  """Build a tupple of nic information.
+
+  @type lu:  L{LogicalUnit}
+  @param lu: the logical unit on whose behalf we execute
+  @type nic: L{objects.NIC}
+  @param nic: nic to convert to hooks tuple
+
+  """
+  ip = nic.ip
+  mac = nic.mac
+  cluster = lu.cfg.GetClusterInfo()
+  filled_params = cluster.SimpleFillNIC(nic.nicparams)
+  mode = filled_params[constants.NIC_MODE]
+  link = filled_params[constants.NIC_LINK]
+  net = nic.network
+  netinfo = None
+  if net:
+    net_uuid = lu.cfg.LookupNetwork(net)
+    if net_uuid:
+      nobj = lu.cfg.GetNetwork(net_uuid)
+      netinfo = objects.Network.ToDict(nobj)
+  return (ip, mac, mode, link, net, netinfo)
+
+
  def _NICListToTuple(lu, nics):
    """Build a list of nic information tuples.
  
  def _NICListToTuple(lu, nics):
    """Build a list of nic information tuples.
  
@@ -882,14 +1539,8 @@ def _NICListToTuple(lu, nics):
  
    """
    hooks_nics = []
  
    """
    hooks_nics = []
-  cluster = lu.cfg.GetClusterInfo()
    for nic in nics:
    for nic in nics:
-    ip = nic.ip
-    mac = nic.mac
-    filled_params = cluster.SimpleFillNIC(nic.nicparams)
-    mode = filled_params[constants.NIC_MODE]
-    link = filled_params[constants.NIC_LINK]
-    hooks_nics.append((ip, mac, mode, link))
+    hooks_nics.append(_NICToTuple(lu, nic))
    return hooks_nics
  
  
    return hooks_nics
  
  
@@ -912,23 +1563,25 @@ def _BuildInstanceHookEnvByObject(lu, instance, override=None):
    bep = cluster.FillBE(instance)
    hvp = cluster.FillHV(instance)
    args = {
    bep = cluster.FillBE(instance)
    hvp = cluster.FillHV(instance)
    args = {
-    'name': instance.name,
-    'primary_node': instance.primary_node,
-    'secondary_nodes': instance.secondary_nodes,
-    'os_type': instance.os,
-    'status': instance.admin_up,
-    'memory': bep[constants.BE_MEMORY],
-    'vcpus': bep[constants.BE_VCPUS],
-    'nics': _NICListToTuple(lu, instance.nics),
-    'disk_template': instance.disk_template,
-    'disks': [(disk.size, disk.mode) for disk in instance.disks],
-    'bep': bep,
-    'hvp': hvp,
-    'hypervisor_name': instance.hypervisor,
+    "name": instance.name,
+    "primary_node": instance.primary_node,
+    "secondary_nodes": instance.secondary_nodes,
+    "os_type": instance.os,
+    "status": instance.admin_state,
+    "maxmem": bep[constants.BE_MAXMEM],
+    "minmem": bep[constants.BE_MINMEM],
+    "vcpus": bep[constants.BE_VCPUS],
+    "nics": _NICListToTuple(lu, instance.nics),
+    "disk_template": instance.disk_template,
+    "disks": [(disk.size, disk.mode) for disk in instance.disks],
+    "bep": bep,
+    "hvp": hvp,
+    "hypervisor_name": instance.hypervisor,
+    "tags": instance.tags,
    }
    if override:
      args.update(override)
    }
    if override:
      args.update(override)
-  return _BuildInstanceHookEnv(**args) # pylint: disable-msg=W0142
+  return _BuildInstanceHookEnv(**args) # pylint: disable=W0142
  
  
  def _AdjustCandidatePool(lu, exceptions):
  
  
  def _AdjustCandidatePool(lu, exceptions):
@@ -958,6 +1611,19 @@ def _DecideSelfPromotion(lu, exceptions=None):
    return mc_now < mc_should
  
  
    return mc_now < mc_should
  
  
+def _ComputeViolatingInstances(ipolicy, instances):
+  """Computes a set of instances who violates given ipolicy.
+
+  @param ipolicy: The ipolicy to verify
+  @type instances: object.Instance
+  @param instances: List of instances to verify
+  @return: A frozenset of instance names violating the ipolicy
+
+  """
+  return frozenset([inst.name for inst in instances
+                    if _ComputeIPolicyInstanceViolation(ipolicy, inst)])
+
+
  def _CheckNicsBridgesExist(lu, target_nics, target_node):
    """Check that the brigdes needed by a list of nics exist.
  
  def _CheckNicsBridgesExist(lu, target_nics, target_node):
    """Check that the brigdes needed by a list of nics exist.
  
@@ -990,9 +1656,13 @@ def _CheckOSVariant(os_obj, name):
    @param name: OS name passed by the user, to check for validity
  
    """
    @param name: OS name passed by the user, to check for validity
  
    """
+  variant = objects.OS.GetVariant(name)
    if not os_obj.supported_variants:
    if not os_obj.supported_variants:
+    if variant:
+      raise errors.OpPrereqError("OS '%s' doesn't support variants ('%s'"
+                                 " passed)" % (os_obj.name, variant),
+                                 errors.ECODE_INVAL)
      return
      return
-  variant = objects.OS.GetVariant(name)
    if not variant:
      raise errors.OpPrereqError("OS name must include a variant",
                                 errors.ECODE_INVAL)
    if not variant:
      raise errors.OpPrereqError("OS name must include a variant",
                                 errors.ECODE_INVAL)
@@ -1036,18 +1706,19 @@ def _GetStorageTypeArgs(cfg, storage_type):
    # Special case for file storage
    if storage_type == constants.ST_FILE:
      # storage.FileStorage wants a list of storage directories
    # Special case for file storage
    if storage_type == constants.ST_FILE:
      # storage.FileStorage wants a list of storage directories
-    return [[cfg.GetFileStorageDir()]]
+    return [[cfg.GetFileStorageDir(), cfg.GetSharedFileStorageDir()]]
  
    return []
  
  
  
    return []
  
  
-def _FindFaultyInstanceDisks(cfg, rpc, instance, node_name, prereq):
+def _FindFaultyInstanceDisks(cfg, rpc_runner, instance, node_name, prereq):
    faulty = []
  
    for dev in instance.disks:
      cfg.SetDiskID(dev, node_name)
  
    faulty = []
  
    for dev in instance.disks:
      cfg.SetDiskID(dev, node_name)
  
-  result = rpc.call_blockdev_getmirrorstatus(node_name, instance.disks)
+  result = rpc_runner.call_blockdev_getmirrorstatus(node_name, (instance.disks,
+                                                                instance))
    result.Raise("Failed to get disk status from node %s" % node_name,
                 prereq=prereq, ecode=errors.ECODE_ENVIRON)
  
    result.Raise("Failed to get disk status from node %s" % node_name,
                 prereq=prereq, ecode=errors.ECODE_ENVIRON)
  
@@ -1063,8 +1734,9 @@ def _CheckIAllocatorOrNode(lu, iallocator_slot, node_slot):
    cluster-wide iallocator if appropriate.
  
    Check that at most one of (iallocator, node) is specified. If none is
    cluster-wide iallocator if appropriate.
  
    Check that at most one of (iallocator, node) is specified. If none is
-  specified, then the LU's opcode's iallocator slot is filled with the
-  cluster-wide default iallocator.
+  specified, or the iallocator is L{constants.DEFAULT_IALLOCATOR_SHORTCUT},
+  then the LU's opcode's iallocator slot is filled with the cluster-wide
+  default iallocator.
  
    @type iallocator_slot: string
    @param iallocator_slot: the name of the opcode iallocator slot
  
    @type iallocator_slot: string
    @param iallocator_slot: the name of the opcode iallocator slot
@@ -1073,42 +1745,95 @@ def _CheckIAllocatorOrNode(lu, iallocator_slot, node_slot):
  
    """
    node = getattr(lu.op, node_slot, None)
  
    """
    node = getattr(lu.op, node_slot, None)
-  iallocator = getattr(lu.op, iallocator_slot, None)
+  ialloc = getattr(lu.op, iallocator_slot, None)
+  if node == []:
+    node = None
  
  
-  if node is not None and iallocator is not None:
-    raise errors.OpPrereqError("Do not specify both, iallocator and node.",
+  if node is not None and ialloc is not None:
+    raise errors.OpPrereqError("Do not specify both, iallocator and node",
                                 errors.ECODE_INVAL)
                                 errors.ECODE_INVAL)
-  elif node is None and iallocator is None:
+  elif ((node is None and ialloc is None) or
+        ialloc == constants.DEFAULT_IALLOCATOR_SHORTCUT):
      default_iallocator = lu.cfg.GetDefaultIAllocator()
      if default_iallocator:
        setattr(lu.op, iallocator_slot, default_iallocator)
      else:
        raise errors.OpPrereqError("No iallocator or node given and no"
      default_iallocator = lu.cfg.GetDefaultIAllocator()
      if default_iallocator:
        setattr(lu.op, iallocator_slot, default_iallocator)
      else:
        raise errors.OpPrereqError("No iallocator or node given and no"
-                                 " cluster-wide default iallocator found."
-                                 " Please specify either an iallocator or a"
+                                 " cluster-wide default iallocator found;"
+                                 " please specify either an iallocator or a"
                                   " node, or set a cluster-wide default"
                                   " node, or set a cluster-wide default"
-                                 " iallocator.")
+                                 " iallocator", errors.ECODE_INVAL)
  
  
  
  
-class LUClusterPostInit(LogicalUnit):
-  """Logical unit for running hooks after cluster initialization.
+def _GetDefaultIAllocator(cfg, ialloc):
+  """Decides on which iallocator to use.
+
+  @type cfg: L{config.ConfigWriter}
+  @param cfg: Cluster configuration object
+  @type ialloc: string or None
+  @param ialloc: Iallocator specified in opcode
+  @rtype: string
+  @return: Iallocator name
  
    """
  
    """
-  HPATH = "cluster-init"
-  HTYPE = constants.HTYPE_CLUSTER
+  if not ialloc:
+    # Use default iallocator
+    ialloc = cfg.GetDefaultIAllocator()
  
  
-  def BuildHooksEnv(self):
-    """Build hooks env.
+  if not ialloc:
+    raise errors.OpPrereqError("No iallocator was specified, neither in the"
+                               " opcode nor as a cluster-wide default",
+                               errors.ECODE_INVAL)
  
  
-    """
-    env = {"OP_TARGET": self.cfg.GetClusterName()}
-    mn = self.cfg.GetMasterNode()
-    return env, [], [mn]
+  return ialloc
  
  
-  def Exec(self, feedback_fn):
-    """Nothing to do.
  
  
-    """
+def _CheckHostnameSane(lu, name):
+  """Ensures that a given hostname resolves to a 'sane' name.
+
+  The given name is required to be a prefix of the resolved hostname,
+  to prevent accidental mismatches.
+
+  @param lu: the logical unit on behalf of which we're checking
+  @param name: the name we should resolve and check
+  @return: the resolved hostname object
+
+  """
+  hostname = netutils.GetHostname(name=name)
+  if hostname.name != name:
+    lu.LogInfo("Resolved given name '%s' to '%s'", name, hostname.name)
+  if not utils.MatchNameComponent(name, [hostname.name]):
+    raise errors.OpPrereqError(("Resolved hostname '%s' does not look the"
+                                " same as given hostname '%s'") %
+                                (hostname.name, name), errors.ECODE_INVAL)
+  return hostname
+
+
+class LUClusterPostInit(LogicalUnit):
+  """Logical unit for running hooks after cluster initialization.
+
+  """
+  HPATH = "cluster-init"
+  HTYPE = constants.HTYPE_CLUSTER
+
+  def BuildHooksEnv(self):
+    """Build hooks env.
+
+    """
+    return {
+      "OP_TARGET": self.cfg.GetClusterName(),
+      }
+
+  def BuildHooksNodes(self):
+    """Build hooks nodes.
+
+    """
+    return ([], [self.cfg.GetMasterNode()])
+
+  def Exec(self, feedback_fn):
+    """Nothing to do.
+
+    """
      return True
  
  
      return True
  
  
@@ -1123,8 +1848,15 @@ class LUClusterDestroy(LogicalUnit):
      """Build hooks env.
  
      """
      """Build hooks env.
  
      """
-    env = {"OP_TARGET": self.cfg.GetClusterName()}
-    return env, [], []
+    return {
+      "OP_TARGET": self.cfg.GetClusterName(),
+      }
+
+  def BuildHooksNodes(self):
+    """Build hooks nodes.
+
+    """
+    return ([], [])
  
    def CheckPrereq(self):
      """Check prerequisites.
  
    def CheckPrereq(self):
      """Check prerequisites.
@@ -1151,24 +1883,23 @@ class LUClusterDestroy(LogicalUnit):
      """Destroys the cluster.
  
      """
      """Destroys the cluster.
  
      """
-    master = self.cfg.GetMasterNode()
+    master_params = self.cfg.GetMasterNetworkParameters()
  
      # Run post hooks on master node before it's removed
  
      # Run post hooks on master node before it's removed
-    hm = self.proc.hmclass(self.rpc.call_hooks_runner, self)
-    try:
-      hm.RunPhase(constants.HOOKS_PHASE_POST, [master])
-    except:
-      # pylint: disable-msg=W0702
-      self.LogWarning("Errors occurred running hooks on %s" % master)
+    _RunPostHook(self, master_params.name)
  
  
-    result = self.rpc.call_node_stop_master(master, False)
-    result.Raise("Could not disable the master role")
+    ems = self.cfg.GetUseExternalMipScript()
+    result = self.rpc.call_node_deactivate_master_ip(master_params.name,
+                                                     master_params, ems)
+    if result.fail_msg:
+      self.LogWarning("Error disabling the master IP address: %s",
+                      result.fail_msg)
  
  
-    return master
+    return master_params.name
  
  
  def _VerifyCertificate(filename):
  
  
  def _VerifyCertificate(filename):
-  """Verifies a certificate for LUClusterVerify.
+  """Verifies a certificate for L{LUClusterVerifyConfig}.
  
    @type filename: string
    @param filename: Path to PEM file
  
    @type filename: string
    @param filename: Path to PEM file
@@ -1177,8 +1908,8 @@ def _VerifyCertificate(filename):
    try:
      cert = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM,
                                             utils.ReadFile(filename))
    try:
      cert = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM,
                                             utils.ReadFile(filename))
-  except Exception, err: # pylint: disable-msg=W0703
-    return (LUClusterVerify.ETYPE_ERROR,
+  except Exception, err: # pylint: disable=W0703
+    return (LUClusterVerifyConfig.ETYPE_ERROR,
              "Failed to load X509 certificate %s: %s" % (filename, err))
  
    (errcode, msg) = \
              "Failed to load X509 certificate %s: %s" % (filename, err))
  
    (errcode, msg) = \
@@ -1193,56 +1924,251 @@ def _VerifyCertificate(filename):
    if errcode is None:
      return (None, fnamemsg)
    elif errcode == utils.CERT_WARNING:
    if errcode is None:
      return (None, fnamemsg)
    elif errcode == utils.CERT_WARNING:
-    return (LUClusterVerify.ETYPE_WARNING, fnamemsg)
+    return (LUClusterVerifyConfig.ETYPE_WARNING, fnamemsg)
    elif errcode == utils.CERT_ERROR:
    elif errcode == utils.CERT_ERROR:
-    return (LUClusterVerify.ETYPE_ERROR, fnamemsg)
+    return (LUClusterVerifyConfig.ETYPE_ERROR, fnamemsg)
  
    raise errors.ProgrammerError("Unhandled certificate error code %r" % errcode)
  
  
  
    raise errors.ProgrammerError("Unhandled certificate error code %r" % errcode)
  
  
-class LUClusterVerify(LogicalUnit):
-  """Verifies the cluster status.
+def _GetAllHypervisorParameters(cluster, instances):
+  """Compute the set of all hypervisor parameters.
+
+  @type cluster: L{objects.Cluster}
+  @param cluster: the cluster object
+  @param instances: list of L{objects.Instance}
+  @param instances: additional instances from which to obtain parameters
+  @rtype: list of (origin, hypervisor, parameters)
+  @return: a list with all parameters found, indicating the hypervisor they
+       apply to, and the origin (can be "cluster", "os X", or "instance Y")
  
    """
  
    """
-  HPATH = "cluster-verify"
-  HTYPE = constants.HTYPE_CLUSTER
-  REQ_BGL = False
+  hvp_data = []
+
+  for hv_name in cluster.enabled_hypervisors:
+    hvp_data.append(("cluster", hv_name, cluster.GetHVDefaults(hv_name)))
+
+  for os_name, os_hvp in cluster.os_hvp.items():
+    for hv_name, hv_params in os_hvp.items():
+      if hv_params:
+        full_params = cluster.GetHVDefaults(hv_name, os_name=os_name)
+        hvp_data.append(("os %s" % os_name, hv_name, full_params))
+
+  # TODO: collapse identical parameter values in a single one
+  for instance in instances:
+    if instance.hvparams:
+      hvp_data.append(("instance %s" % instance.name, instance.hypervisor,
+                       cluster.FillHV(instance)))
+
+  return hvp_data
+
  
  
-  TCLUSTER = "cluster"
-  TNODE = "node"
-  TINSTANCE = "instance"
-
-  ECLUSTERCFG = (TCLUSTER, "ECLUSTERCFG")
-  ECLUSTERCERT = (TCLUSTER, "ECLUSTERCERT")
-  EINSTANCEBADNODE = (TINSTANCE, "EINSTANCEBADNODE")
-  EINSTANCEDOWN = (TINSTANCE, "EINSTANCEDOWN")
-  EINSTANCELAYOUT = (TINSTANCE, "EINSTANCELAYOUT")
-  EINSTANCEMISSINGDISK = (TINSTANCE, "EINSTANCEMISSINGDISK")
-  EINSTANCEFAULTYDISK = (TINSTANCE, "EINSTANCEFAULTYDISK")
-  EINSTANCEWRONGNODE = (TINSTANCE, "EINSTANCEWRONGNODE")
-  EINSTANCESPLITGROUPS = (TINSTANCE, "EINSTANCESPLITGROUPS")
-  ENODEDRBD = (TNODE, "ENODEDRBD")
-  ENODEDRBDHELPER = (TNODE, "ENODEDRBDHELPER")
-  ENODEFILECHECK = (TNODE, "ENODEFILECHECK")
-  ENODEHOOKS = (TNODE, "ENODEHOOKS")
-  ENODEHV = (TNODE, "ENODEHV")
-  ENODELVM = (TNODE, "ENODELVM")
-  ENODEN1 = (TNODE, "ENODEN1")
-  ENODENET = (TNODE, "ENODENET")
-  ENODEOS = (TNODE, "ENODEOS")
-  ENODEORPHANINSTANCE = (TNODE, "ENODEORPHANINSTANCE")
-  ENODEORPHANLV = (TNODE, "ENODEORPHANLV")
-  ENODERPC = (TNODE, "ENODERPC")
-  ENODESSH = (TNODE, "ENODESSH")
-  ENODEVERSION = (TNODE, "ENODEVERSION")
-  ENODESETUP = (TNODE, "ENODESETUP")
-  ENODETIME = (TNODE, "ENODETIME")
-  ENODEOOBPATH = (TNODE, "ENODEOOBPATH")
+class _VerifyErrors(object):
+  """Mix-in for cluster/group verify LUs.
+
+  It provides _Error and _ErrorIf, and updates the self.bad boolean. (Expects
+  self.op and self._feedback_fn to be available.)
+
+  """
  
    ETYPE_FIELD = "code"
    ETYPE_ERROR = "ERROR"
    ETYPE_WARNING = "WARNING"
  
  
    ETYPE_FIELD = "code"
    ETYPE_ERROR = "ERROR"
    ETYPE_WARNING = "WARNING"
  
+  def _Error(self, ecode, item, msg, *args, **kwargs):
+    """Format an error message.
+
+    Based on the opcode's error_codes parameter, either format a
+    parseable error code, or a simpler error string.
+
+    This must be called only from Exec and functions called from Exec.
+
+    """
+    ltype = kwargs.get(self.ETYPE_FIELD, self.ETYPE_ERROR)
+    itype, etxt, _ = ecode
+    # first complete the msg
+    if args:
+      msg = msg % args
+    # then format the whole message
+    if self.op.error_codes: # This is a mix-in. pylint: disable=E1101
+      msg = "%s:%s:%s:%s:%s" % (ltype, etxt, itype, item, msg)
+    else:
+      if item:
+        item = " " + item
+      else:
+        item = ""
+      msg = "%s: %s%s: %s" % (ltype, itype, item, msg)
+    # and finally report it via the feedback_fn
+    self._feedback_fn("  - %s" % msg) # Mix-in. pylint: disable=E1101
+
+  def _ErrorIf(self, cond, ecode, *args, **kwargs):
+    """Log an error message if the passed condition is True.
+
+    """
+    cond = (bool(cond)
+            or self.op.debug_simulate_errors) # pylint: disable=E1101
+
+    # If the error code is in the list of ignored errors, demote the error to a
+    # warning
+    (_, etxt, _) = ecode
+    if etxt in self.op.ignore_errors:     # pylint: disable=E1101
+      kwargs[self.ETYPE_FIELD] = self.ETYPE_WARNING
+
+    if cond:
+      self._Error(ecode, *args, **kwargs)
+
+    # do not mark the operation as failed for WARN cases only
+    if kwargs.get(self.ETYPE_FIELD, self.ETYPE_ERROR) == self.ETYPE_ERROR:
+      self.bad = self.bad or cond
+
+
+class LUClusterVerify(NoHooksLU):
+  """Submits all jobs necessary to verify the cluster.
+
+  """
+  REQ_BGL = False
+
+  def ExpandNames(self):
+    self.needed_locks = {}
+
+  def Exec(self, feedback_fn):
+    jobs = []
+
+    if self.op.group_name:
+      groups = [self.op.group_name]
+      depends_fn = lambda: None
+    else:
+      groups = self.cfg.GetNodeGroupList()
+
+      # Verify global configuration
+      jobs.append([
+        opcodes.OpClusterVerifyConfig(ignore_errors=self.op.ignore_errors),
+        ])
+
+      # Always depend on global verification
+      depends_fn = lambda: [(-len(jobs), [])]
+
+    jobs.extend(
+      [opcodes.OpClusterVerifyGroup(group_name=group,
+                                    ignore_errors=self.op.ignore_errors,
+                                    depends=depends_fn())]
+      for group in groups)
+
+    # Fix up all parameters
+    for op in itertools.chain(*jobs): # pylint: disable=W0142
+      op.debug_simulate_errors = self.op.debug_simulate_errors
+      op.verbose = self.op.verbose
+      op.error_codes = self.op.error_codes
+      try:
+        op.skip_checks = self.op.skip_checks
+      except AttributeError:
+        assert not isinstance(op, opcodes.OpClusterVerifyGroup)
+
+    return ResultWithJobs(jobs)
+
+
+class LUClusterVerifyConfig(NoHooksLU, _VerifyErrors):
+  """Verifies the cluster config.
+
+  """
+  REQ_BGL = False
+
+  def _VerifyHVP(self, hvp_data):
+    """Verifies locally the syntax of the hypervisor parameters.
+
+    """
+    for item, hv_name, hv_params in hvp_data:
+      msg = ("hypervisor %s parameters syntax check (source %s): %%s" %
+             (item, hv_name))
+      try:
+        hv_class = hypervisor.GetHypervisor(hv_name)
+        utils.ForceDictType(hv_params, constants.HVS_PARAMETER_TYPES)
+        hv_class.CheckParameterSyntax(hv_params)
+      except errors.GenericError, err:
+        self._ErrorIf(True, constants.CV_ECLUSTERCFG, None, msg % str(err))
+
+  def ExpandNames(self):
+    self.needed_locks = dict.fromkeys(locking.LEVELS, locking.ALL_SET)
+    self.share_locks = _ShareAll()
+
+  def CheckPrereq(self):
+    """Check prerequisites.
+
+    """
+    # Retrieve all information
+    self.all_group_info = self.cfg.GetAllNodeGroupsInfo()
+    self.all_node_info = self.cfg.GetAllNodesInfo()
+    self.all_inst_info = self.cfg.GetAllInstancesInfo()
+
+  def Exec(self, feedback_fn):
+    """Verify integrity of cluster, performing various test on nodes.
+
+    """
+    self.bad = False
+    self._feedback_fn = feedback_fn
+
+    feedback_fn("* Verifying cluster config")
+
+    for msg in self.cfg.VerifyConfig():
+      self._ErrorIf(True, constants.CV_ECLUSTERCFG, None, msg)
+
+    feedback_fn("* Verifying cluster certificate files")
+
+    for cert_filename in pathutils.ALL_CERT_FILES:
+      (errcode, msg) = _VerifyCertificate(cert_filename)
+      self._ErrorIf(errcode, constants.CV_ECLUSTERCERT, None, msg, code=errcode)
+
+    feedback_fn("* Verifying hypervisor parameters")
+
+    self._VerifyHVP(_GetAllHypervisorParameters(self.cfg.GetClusterInfo(),
+                                                self.all_inst_info.values()))
+
+    feedback_fn("* Verifying all nodes belong to an existing group")
+
+    # We do this verification here because, should this bogus circumstance
+    # occur, it would never be caught by VerifyGroup, which only acts on
+    # nodes/instances reachable from existing node groups.
+
+    dangling_nodes = set(node.name for node in self.all_node_info.values()
+                         if node.group not in self.all_group_info)
+
+    dangling_instances = {}
+    no_node_instances = []
+
+    for inst in self.all_inst_info.values():
+      if inst.primary_node in dangling_nodes:
+        dangling_instances.setdefault(inst.primary_node, []).append(inst.name)
+      elif inst.primary_node not in self.all_node_info:
+        no_node_instances.append(inst.name)
+
+    pretty_dangling = [
+        "%s (%s)" %
+        (node.name,
+         utils.CommaJoin(dangling_instances.get(node.name,
+                                                ["no instances"])))
+        for node in dangling_nodes]
+
+    self._ErrorIf(bool(dangling_nodes), constants.CV_ECLUSTERDANGLINGNODES,
+                  None,
+                  "the following nodes (and their instances) belong to a non"
+                  " existing group: %s", utils.CommaJoin(pretty_dangling))
+
+    self._ErrorIf(bool(no_node_instances), constants.CV_ECLUSTERDANGLINGINST,
+                  None,
+                  "the following instances have a non-existing primary-node:"
+                  " %s", utils.CommaJoin(no_node_instances))
+
+    return not self.bad
+
+
+class LUClusterVerifyGroup(LogicalUnit, _VerifyErrors):
+  """Verifies the status of a node group.
+
+  """
+  HPATH = "cluster-verify"
+  HTYPE = constants.HTYPE_CLUSTER
+  REQ_BGL = False
+
    _HOOKS_INDENT_RE = re.compile("^", re.M)
  
    class NodeImage(object):
    _HOOKS_INDENT_RE = re.compile("^", re.M)
  
    class NodeImage(object):
@@ -1255,8 +2181,8 @@ class LUClusterVerify(LogicalUnit):
      @ivar instances: a list of running instances (runtime)
      @ivar pinst: list of configured primary instances (config)
      @ivar sinst: list of configured secondary instances (config)
      @ivar instances: a list of running instances (runtime)
      @ivar pinst: list of configured primary instances (config)
      @ivar sinst: list of configured secondary instances (config)
-    @ivar sbp: diction of {secondary-node: list of instances} of all peers
-        of this node (config)
+    @ivar sbp: dictionary of {primary-node: list of instances} for all
+        instances for which this node is secondary (config)
      @ivar mfree: free memory, as reported by hypervisor (runtime)
      @ivar dfree: free disk, as reported by the node (runtime)
      @ivar offline: the offline status (config)
      @ivar mfree: free memory, as reported by hypervisor (runtime)
      @ivar dfree: free disk, as reported by the node (runtime)
      @ivar offline: the offline status (config)
@@ -1296,48 +2222,99 @@ class LUClusterVerify(LogicalUnit):
        self.oslist = {}
  
    def ExpandNames(self):
        self.oslist = {}
  
    def ExpandNames(self):
+    # This raises errors.OpPrereqError on its own:
+    self.group_uuid = self.cfg.LookupNodeGroup(self.op.group_name)
+
+    # Get instances in node group; this is unsafe and needs verification later
+    inst_names = \
+      self.cfg.GetNodeGroupInstances(self.group_uuid, primary_only=True)
+
      self.needed_locks = {
      self.needed_locks = {
-      locking.LEVEL_NODE: locking.ALL_SET,
-      locking.LEVEL_INSTANCE: locking.ALL_SET,
-    }
-    self.share_locks = dict.fromkeys(locking.LEVELS, 1)
+      locking.LEVEL_INSTANCE: inst_names,
+      locking.LEVEL_NODEGROUP: [self.group_uuid],
+      locking.LEVEL_NODE: [],
  
  
-  def _Error(self, ecode, item, msg, *args, **kwargs):
-    """Format an error message.
+      # This opcode is run by watcher every five minutes and acquires all nodes
+      # for a group. It doesn't run for a long time, so it's better to acquire
+      # the node allocation lock as well.
+      locking.LEVEL_NODE_ALLOC: locking.ALL_SET,
+      }
  
  
-    Based on the opcode's error_codes parameter, either format a
-    parseable error code, or a simpler error string.
+    self.share_locks = _ShareAll()
  
  
-    This must be called only from Exec and functions called from Exec.
+  def DeclareLocks(self, level):
+    if level == locking.LEVEL_NODE:
+      # Get members of node group; this is unsafe and needs verification later
+      nodes = set(self.cfg.GetNodeGroup(self.group_uuid).members)
  
  
-    """
-    ltype = kwargs.get(self.ETYPE_FIELD, self.ETYPE_ERROR)
-    itype, etxt = ecode
-    # first complete the msg
-    if args:
-      msg = msg % args
-    # then format the whole message
-    if self.op.error_codes:
-      msg = "%s:%s:%s:%s:%s" % (ltype, etxt, itype, item, msg)
-    else:
-      if item:
-        item = " " + item
-      else:
-        item = ""
-      msg = "%s: %s%s: %s" % (ltype, itype, item, msg)
-    # and finally report it via the feedback_fn
-    self._feedback_fn("  - %s" % msg)
+      all_inst_info = self.cfg.GetAllInstancesInfo()
  
  
-  def _ErrorIf(self, cond, *args, **kwargs):
-    """Log an error message if the passed condition is True.
+      # In Exec(), we warn about mirrored instances that have primary and
+      # secondary living in separate node groups. To fully verify that
+      # volumes for these instances are healthy, we will need to do an
+      # extra call to their secondaries. We ensure here those nodes will
+      # be locked.
+      for inst in self.owned_locks(locking.LEVEL_INSTANCE):
+        # Important: access only the instances whose lock is owned
+        if all_inst_info[inst].disk_template in constants.DTS_INT_MIRROR:
+          nodes.update(all_inst_info[inst].secondary_nodes)
  
  
-    """
-    cond = bool(cond) or self.op.debug_simulate_errors
-    if cond:
-      self._Error(*args, **kwargs)
-    # do not mark the operation as failed for WARN cases only
-    if kwargs.get(self.ETYPE_FIELD, self.ETYPE_ERROR) == self.ETYPE_ERROR:
-      self.bad = self.bad or cond
+      self.needed_locks[locking.LEVEL_NODE] = nodes
+
+  def CheckPrereq(self):
+    assert self.group_uuid in self.owned_locks(locking.LEVEL_NODEGROUP)
+    self.group_info = self.cfg.GetNodeGroup(self.group_uuid)
+
+    group_nodes = set(self.group_info.members)
+    group_instances = \
+      self.cfg.GetNodeGroupInstances(self.group_uuid, primary_only=True)
+
+    unlocked_nodes = \
+        group_nodes.difference(self.owned_locks(locking.LEVEL_NODE))
+
+    unlocked_instances = \
+        group_instances.difference(self.owned_locks(locking.LEVEL_INSTANCE))
+
+    if unlocked_nodes:
+      raise errors.OpPrereqError("Missing lock for nodes: %s" %
+                                 utils.CommaJoin(unlocked_nodes),
+                                 errors.ECODE_STATE)
+
+    if unlocked_instances:
+      raise errors.OpPrereqError("Missing lock for instances: %s" %
+                                 utils.CommaJoin(unlocked_instances),
+                                 errors.ECODE_STATE)
+
+    self.all_node_info = self.cfg.GetAllNodesInfo()
+    self.all_inst_info = self.cfg.GetAllInstancesInfo()
+
+    self.my_node_names = utils.NiceSort(group_nodes)
+    self.my_inst_names = utils.NiceSort(group_instances)
+
+    self.my_node_info = dict((name, self.all_node_info[name])
+                             for name in self.my_node_names)
+
+    self.my_inst_info = dict((name, self.all_inst_info[name])
+                             for name in self.my_inst_names)
+
+    # We detect here the nodes that will need the extra RPC calls for verifying
+    # split LV volumes; they should be locked.
+    extra_lv_nodes = set()
+
+    for inst in self.my_inst_info.values():
+      if inst.disk_template in constants.DTS_INT_MIRROR:
+        for nname in inst.all_nodes:
+          if self.all_node_info[nname].group != self.group_uuid:
+            extra_lv_nodes.add(nname)
+
+    unlocked_lv_nodes = \
+        extra_lv_nodes.difference(self.owned_locks(locking.LEVEL_NODE))
+
+    if unlocked_lv_nodes:
+      raise errors.OpPrereqError("Missing node locks for LV check: %s" %
+                                 utils.CommaJoin(unlocked_lv_nodes),
+                                 errors.ECODE_STATE)
+    self.extra_lv_nodes = list(extra_lv_nodes)
  
    def _VerifyNode(self, ninfo, nresult):
      """Perform some basic validation on data returned from a node.
  
    def _VerifyNode(self, ninfo, nresult):
      """Perform some basic validation on data returned from a node.
@@ -1355,11 +2332,11 @@ class LUClusterVerify(LogicalUnit):
  
      """
      node = ninfo.name
  
      """
      node = ninfo.name
-    _ErrorIf = self._ErrorIf # pylint: disable-msg=C0103
+    _ErrorIf = self._ErrorIf # pylint: disable=C0103
  
      # main result, nresult should be a non-empty dict
      test = not nresult or not isinstance(nresult, dict)
  
      # main result, nresult should be a non-empty dict
      test = not nresult or not isinstance(nresult, dict)
-    _ErrorIf(test, self.ENODERPC, node,
+    _ErrorIf(test, constants.CV_ENODERPC, node,
                    "unable to verify node: no data returned")
      if test:
        return False
                    "unable to verify node: no data returned")
      if test:
        return False
@@ -1370,13 +2347,13 @@ class LUClusterVerify(LogicalUnit):
      test = not (remote_version and
                  isinstance(remote_version, (list, tuple)) and
                  len(remote_version) == 2)
      test = not (remote_version and
                  isinstance(remote_version, (list, tuple)) and
                  len(remote_version) == 2)
-    _ErrorIf(test, self.ENODERPC, node,
+    _ErrorIf(test, constants.CV_ENODERPC, node,
               "connection to node returned invalid data")
      if test:
        return False
  
      test = local_version != remote_version[0]
               "connection to node returned invalid data")
      if test:
        return False
  
      test = local_version != remote_version[0]
-    _ErrorIf(test, self.ENODEVERSION, node,
+    _ErrorIf(test, constants.CV_ENODEVERSION, node,
               "incompatible protocol versions: master %s,"
               " node %s", local_version, remote_version[0])
      if test:
               "incompatible protocol versions: master %s,"
               " node %s", local_version, remote_version[0])
      if test:
@@ -1386,7 +2363,7 @@ class LUClusterVerify(LogicalUnit):
  
      # full package version
      self._ErrorIf(constants.RELEASE_VERSION != remote_version[1],
  
      # full package version
      self._ErrorIf(constants.RELEASE_VERSION != remote_version[1],
-                  self.ENODEVERSION, node,
+                  constants.CV_ENODEVERSION, node,
                    "software version mismatch: master %s, node %s",
                    constants.RELEASE_VERSION, remote_version[1],
                    code=self.ETYPE_WARNING)
                    "software version mismatch: master %s, node %s",
                    constants.RELEASE_VERSION, remote_version[1],
                    code=self.ETYPE_WARNING)
@@ -1395,19 +2372,19 @@ class LUClusterVerify(LogicalUnit):
      if ninfo.vm_capable and isinstance(hyp_result, dict):
        for hv_name, hv_result in hyp_result.iteritems():
          test = hv_result is not None
      if ninfo.vm_capable and isinstance(hyp_result, dict):
        for hv_name, hv_result in hyp_result.iteritems():
          test = hv_result is not None
-        _ErrorIf(test, self.ENODEHV, node,
+        _ErrorIf(test, constants.CV_ENODEHV, node,
                   "hypervisor %s verify failure: '%s'", hv_name, hv_result)
  
      hvp_result = nresult.get(constants.NV_HVPARAMS, None)
      if ninfo.vm_capable and isinstance(hvp_result, list):
        for item, hv_name, hv_result in hvp_result:
                   "hypervisor %s verify failure: '%s'", hv_name, hv_result)
  
      hvp_result = nresult.get(constants.NV_HVPARAMS, None)
      if ninfo.vm_capable and isinstance(hvp_result, list):
        for item, hv_name, hv_result in hvp_result:
-        _ErrorIf(True, self.ENODEHV, node,
+        _ErrorIf(True, constants.CV_ENODEHV, node,
                   "hypervisor %s parameter verify failure (source %s): %s",
                   hv_name, item, hv_result)
  
      test = nresult.get(constants.NV_NODESETUP,
                   "hypervisor %s parameter verify failure (source %s): %s",
                   hv_name, item, hv_result)
  
      test = nresult.get(constants.NV_NODESETUP,
-                           ["Missing NODESETUP results"])
-    _ErrorIf(test, self.ENODESETUP, node, "node setup error: %s",
+                       ["Missing NODESETUP results"])
+    _ErrorIf(test, constants.CV_ENODESETUP, node, "node setup error: %s",
               "; ".join(test))
  
      return True
               "; ".join(test))
  
      return True
@@ -1424,13 +2401,13 @@ class LUClusterVerify(LogicalUnit):
  
      """
      node = ninfo.name
  
      """
      node = ninfo.name
-    _ErrorIf = self._ErrorIf # pylint: disable-msg=C0103
+    _ErrorIf = self._ErrorIf # pylint: disable=C0103
  
      ntime = nresult.get(constants.NV_TIME, None)
      try:
        ntime_merged = utils.MergeTime(ntime)
      except (ValueError, TypeError):
  
      ntime = nresult.get(constants.NV_TIME, None)
      try:
        ntime_merged = utils.MergeTime(ntime)
      except (ValueError, TypeError):
-      _ErrorIf(True, self.ENODETIME, node, "Node returned invalid time")
+      _ErrorIf(True, constants.CV_ENODETIME, node, "Node returned invalid time")
        return
  
      if ntime_merged < (nvinfo_starttime - constants.NODE_MAX_CLOCK_SKEW):
        return
  
      if ntime_merged < (nvinfo_starttime - constants.NODE_MAX_CLOCK_SKEW):
@@ -1440,7 +2417,7 @@ class LUClusterVerify(LogicalUnit):
      else:
        ntime_diff = None
  
      else:
        ntime_diff = None
  
-    _ErrorIf(ntime_diff is not None, self.ENODETIME, node,
+    _ErrorIf(ntime_diff is not None, constants.CV_ENODETIME, node,
               "Node time diverges by at least %s from master node time",
               ntime_diff)
  
               "Node time diverges by at least %s from master node time",
               ntime_diff)
  
@@ -1457,29 +2434,30 @@ class LUClusterVerify(LogicalUnit):
        return
  
      node = ninfo.name
        return
  
      node = ninfo.name
-    _ErrorIf = self._ErrorIf # pylint: disable-msg=C0103
+    _ErrorIf = self._ErrorIf # pylint: disable=C0103
  
      # checks vg existence and size > 20G
      vglist = nresult.get(constants.NV_VGLIST, None)
      test = not vglist
  
      # checks vg existence and size > 20G
      vglist = nresult.get(constants.NV_VGLIST, None)
      test = not vglist
-    _ErrorIf(test, self.ENODELVM, node, "unable to check volume groups")
+    _ErrorIf(test, constants.CV_ENODELVM, node, "unable to check volume groups")
      if not test:
        vgstatus = utils.CheckVolumeGroupSize(vglist, vg_name,
                                              constants.MIN_VG_SIZE)
      if not test:
        vgstatus = utils.CheckVolumeGroupSize(vglist, vg_name,
                                              constants.MIN_VG_SIZE)
-      _ErrorIf(vgstatus, self.ENODELVM, node, vgstatus)
+      _ErrorIf(vgstatus, constants.CV_ENODELVM, node, vgstatus)
  
      # check pv names
      pvlist = nresult.get(constants.NV_PVLIST, None)
      test = pvlist is None
  
      # check pv names
      pvlist = nresult.get(constants.NV_PVLIST, None)
      test = pvlist is None
-    _ErrorIf(test, self.ENODELVM, node, "Can't get PV list from node")
+    _ErrorIf(test, constants.CV_ENODELVM, node, "Can't get PV list from node")
      if not test:
        # check that ':' is not present in PV names, since it's a
        # special character for lvcreate (denotes the range of PEs to
        # use on the PV)
        for _, pvname, owner_vg in pvlist:
          test = ":" in pvname
      if not test:
        # check that ':' is not present in PV names, since it's a
        # special character for lvcreate (denotes the range of PEs to
        # use on the PV)
        for _, pvname, owner_vg in pvlist:
          test = ":" in pvname
-        _ErrorIf(test, self.ENODELVM, node, "Invalid character ':' in PV"
-                 " '%s' of VG '%s'", pvname, owner_vg)
+        _ErrorIf(test, constants.CV_ENODELVM, node,
+                 "Invalid character ':' in PV '%s' of VG '%s'",
+                 pvname, owner_vg)
  
    def _VerifyNodeBridges(self, ninfo, nresult, bridges):
      """Check the node bridges.
  
    def _VerifyNodeBridges(self, ninfo, nresult, bridges):
      """Check the node bridges.
@@ -1494,15 +2472,35 @@ class LUClusterVerify(LogicalUnit):
        return
  
      node = ninfo.name
        return
  
      node = ninfo.name
-    _ErrorIf = self._ErrorIf # pylint: disable-msg=C0103
+    _ErrorIf = self._ErrorIf # pylint: disable=C0103
  
      missing = nresult.get(constants.NV_BRIDGES, None)
      test = not isinstance(missing, list)
  
      missing = nresult.get(constants.NV_BRIDGES, None)
      test = not isinstance(missing, list)
-    _ErrorIf(test, self.ENODENET, node,
+    _ErrorIf(test, constants.CV_ENODENET, node,
               "did not return valid bridge information")
      if not test:
               "did not return valid bridge information")
      if not test:
-      _ErrorIf(bool(missing), self.ENODENET, node, "missing bridges: %s" %
-               utils.CommaJoin(sorted(missing)))
+      _ErrorIf(bool(missing), constants.CV_ENODENET, node,
+               "missing bridges: %s" % utils.CommaJoin(sorted(missing)))
+
+  def _VerifyNodeUserScripts(self, ninfo, nresult):
+    """Check the results of user scripts presence and executability on the node
+
+    @type ninfo: L{objects.Node}
+    @param ninfo: the node to check
+    @param nresult: the remote results for the node
+
+    """
+    node = ninfo.name
+
+    test = not constants.NV_USERSCRIPTS in nresult
+    self._ErrorIf(test, constants.CV_ENODEUSERSCRIPTS, node,
+                  "did not return user scripts information")
+
+    broken_scripts = nresult.get(constants.NV_USERSCRIPTS, None)
+    if not test:
+      self._ErrorIf(broken_scripts, constants.CV_ENODEUSERSCRIPTS, node,
+                    "user scripts not present or not executable: %s" %
+                    utils.CommaJoin(sorted(broken_scripts)))
  
    def _VerifyNodeNetwork(self, ninfo, nresult):
      """Check the node network connectivity results.
  
    def _VerifyNodeNetwork(self, ninfo, nresult):
      """Check the node network connectivity results.
@@ -1513,30 +2511,30 @@ class LUClusterVerify(LogicalUnit):
  
      """
      node = ninfo.name
  
      """
      node = ninfo.name
-    _ErrorIf = self._ErrorIf # pylint: disable-msg=C0103
+    _ErrorIf = self._ErrorIf # pylint: disable=C0103
  
      test = constants.NV_NODELIST not in nresult
  
      test = constants.NV_NODELIST not in nresult
-    _ErrorIf(test, self.ENODESSH, node,
+    _ErrorIf(test, constants.CV_ENODESSH, node,
               "node hasn't returned node ssh connectivity data")
      if not test:
        if nresult[constants.NV_NODELIST]:
          for a_node, a_msg in nresult[constants.NV_NODELIST].items():
               "node hasn't returned node ssh connectivity data")
      if not test:
        if nresult[constants.NV_NODELIST]:
          for a_node, a_msg in nresult[constants.NV_NODELIST].items():
-          _ErrorIf(True, self.ENODESSH, node,
+          _ErrorIf(True, constants.CV_ENODESSH, node,
                     "ssh communication with node '%s': %s", a_node, a_msg)
  
      test = constants.NV_NODENETTEST not in nresult
                     "ssh communication with node '%s': %s", a_node, a_msg)
  
      test = constants.NV_NODENETTEST not in nresult
-    _ErrorIf(test, self.ENODENET, node,
+    _ErrorIf(test, constants.CV_ENODENET, node,
               "node hasn't returned node tcp connectivity data")
      if not test:
        if nresult[constants.NV_NODENETTEST]:
          nlist = utils.NiceSort(nresult[constants.NV_NODENETTEST].keys())
          for anode in nlist:
               "node hasn't returned node tcp connectivity data")
      if not test:
        if nresult[constants.NV_NODENETTEST]:
          nlist = utils.NiceSort(nresult[constants.NV_NODENETTEST].keys())
          for anode in nlist:
-          _ErrorIf(True, self.ENODENET, node,
+          _ErrorIf(True, constants.CV_ENODENET, node,
                     "tcp communication with node '%s': %s",
                     anode, nresult[constants.NV_NODENETTEST][anode])
  
      test = constants.NV_MASTERIP not in nresult
                     "tcp communication with node '%s': %s",
                     anode, nresult[constants.NV_NODENETTEST][anode])
  
      test = constants.NV_MASTERIP not in nresult
-    _ErrorIf(test, self.ENODENET, node,
+    _ErrorIf(test, constants.CV_ENODENET, node,
               "node hasn't returned node master IP reachability data")
      if not test:
        if not nresult[constants.NV_MASTERIP]:
               "node hasn't returned node master IP reachability data")
      if not test:
        if not nresult[constants.NV_MASTERIP]:
@@ -1544,7 +2542,7 @@ class LUClusterVerify(LogicalUnit):
            msg = "the master node cannot reach the master IP (not configured?)"
          else:
            msg = "cannot reach the master IP"
            msg = "the master node cannot reach the master IP (not configured?)"
          else:
            msg = "cannot reach the master IP"
-        _ErrorIf(True, self.ENODENET, node, msg)
+        _ErrorIf(True, constants.CV_ENODENET, node, msg)
  
    def _VerifyInstance(self, instance, instanceconfig, node_image,
                        diskstatus):
  
    def _VerifyInstance(self, instance, instanceconfig, node_image,
                        diskstatus):
@@ -1554,12 +2552,19 @@ class LUClusterVerify(LogicalUnit):
      available on the instance's node.
  
      """
      available on the instance's node.
  
      """
-    _ErrorIf = self._ErrorIf # pylint: disable-msg=C0103
+    _ErrorIf = self._ErrorIf # pylint: disable=C0103
      node_current = instanceconfig.primary_node
  
      node_vol_should = {}
      instanceconfig.MapLVsByNode(node_vol_should)
  
      node_current = instanceconfig.primary_node
  
      node_vol_should = {}
      instanceconfig.MapLVsByNode(node_vol_should)
  
+    cluster = self.cfg.GetClusterInfo()
+    ipolicy = ganeti.masterd.instance.CalculateGroupIPolicy(cluster,
+                                                            self.group_info)
+    err = _ComputeIPolicyInstanceViolation(ipolicy, instanceconfig)
+    _ErrorIf(err, constants.CV_EINSTANCEPOLICY, instance, utils.CommaJoin(err),
+             code=self.ETYPE_WARNING)
+
      for node in node_vol_should:
        n_img = node_image[node]
        if n_img.offline or n_img.rpc_fail or n_img.lvm_fail:
      for node in node_vol_should:
        n_img = node_image[node]
        if n_img.offline or n_img.rpc_fail or n_img.lvm_fail:
@@ -1567,22 +2572,16 @@ class LUClusterVerify(LogicalUnit):
          continue
        for volume in node_vol_should[node]:
          test = volume not in n_img.volumes
          continue
        for volume in node_vol_should[node]:
          test = volume not in n_img.volumes
-        _ErrorIf(test, self.EINSTANCEMISSINGDISK, instance,
+        _ErrorIf(test, constants.CV_EINSTANCEMISSINGDISK, instance,
                   "volume %s missing on node %s", volume, node)
  
                   "volume %s missing on node %s", volume, node)
  
-    if instanceconfig.admin_up:
+    if instanceconfig.admin_state == constants.ADMINST_UP:
        pri_img = node_image[node_current]
        test = instance not in pri_img.instances and not pri_img.offline
        pri_img = node_image[node_current]
        test = instance not in pri_img.instances and not pri_img.offline
-      _ErrorIf(test, self.EINSTANCEDOWN, instance,
+      _ErrorIf(test, constants.CV_EINSTANCEDOWN, instance,
                 "instance not running on its primary node %s",
                 node_current)
  
                 "instance not running on its primary node %s",
                 node_current)
  
-    for node, n_img in node_image.items():
-      if node != node_current:
-        test = instance in n_img.instances
-        _ErrorIf(test, self.EINSTANCEWRONGNODE, instance,
-                 "instance should not run on node %s", node)
-
      diskdata = [(nname, success, status, idx)
                  for (nname, disks) in diskstatus.items()
                  for idx, (success, status) in enumerate(disks)]
      diskdata = [(nname, success, status, idx)
                  for (nname, disks) in diskstatus.items()
                  for idx, (success, status) in enumerate(disks)]
@@ -1592,13 +2591,14 @@ class LUClusterVerify(LogicalUnit):
        # node here
        snode = node_image[nname]
        bad_snode = snode.ghost or snode.offline
        # node here
        snode = node_image[nname]
        bad_snode = snode.ghost or snode.offline
-      _ErrorIf(instanceconfig.admin_up and not success and not bad_snode,
-               self.EINSTANCEFAULTYDISK, instance,
+      _ErrorIf(instanceconfig.admin_state == constants.ADMINST_UP and
+               not success and not bad_snode,
+               constants.CV_EINSTANCEFAULTYDISK, instance,
                 "couldn't retrieve status for disk/%s on %s: %s",
                 idx, nname, bdev_status)
                 "couldn't retrieve status for disk/%s on %s: %s",
                 idx, nname, bdev_status)
-      _ErrorIf((instanceconfig.admin_up and success and
-                bdev_status.ldisk_status == constants.LDS_FAULTY),
-               self.EINSTANCEFAULTYDISK, instance,
+      _ErrorIf((instanceconfig.admin_state == constants.ADMINST_UP and
+                success and bdev_status.ldisk_status == constants.LDS_FAULTY),
+               constants.CV_EINSTANCEFAULTYDISK, instance,
                 "disk/%s on %s is faulty", idx, nname)
  
    def _VerifyOrphanVolumes(self, node_vol_should, node_image, reserved):
                 "disk/%s on %s is faulty", idx, nname)
  
    def _VerifyOrphanVolumes(self, node_vol_should, node_image, reserved):
@@ -1612,28 +2612,17 @@ class LUClusterVerify(LogicalUnit):
  
      """
      for node, n_img in node_image.items():
  
      """
      for node, n_img in node_image.items():
-      if n_img.offline or n_img.rpc_fail or n_img.lvm_fail:
+      if (n_img.offline or n_img.rpc_fail or n_img.lvm_fail or
+          self.all_node_info[node].group != self.group_uuid):
          # skip non-healthy nodes
          continue
        for volume in n_img.volumes:
          test = ((node not in node_vol_should or
                  volume not in node_vol_should[node]) and
                  not reserved.Matches(volume))
          # skip non-healthy nodes
          continue
        for volume in n_img.volumes:
          test = ((node not in node_vol_should or
                  volume not in node_vol_should[node]) and
                  not reserved.Matches(volume))
-        self._ErrorIf(test, self.ENODEORPHANLV, node,
+        self._ErrorIf(test, constants.CV_ENODEORPHANLV, node,
                        "volume %s is unknown", volume)
  
                        "volume %s is unknown", volume)
  
-  def _VerifyOrphanInstances(self, instancelist, node_image):
-    """Verify the list of running instances.
-
-    This checks what instances are running but unknown to the cluster.
-
-    """
-    for node, n_img in node_image.items():
-      for o_inst in n_img.instances:
-        test = o_inst not in instancelist
-        self._ErrorIf(test, self.ENODEORPHANINSTANCE, node,
-                      "instance %s on node %s should not exist", o_inst, node)
-
    def _VerifyNPlusOneMemory(self, node_image, instance_cfg):
      """Verify N+1 Memory Resilience.
  
    def _VerifyNPlusOneMemory(self, node_image, instance_cfg):
      """Verify N+1 Memory Resilience.
  
@@ -1641,6 +2630,7 @@ class LUClusterVerify(LogicalUnit):
      instances it was primary for.
  
      """
      instances it was primary for.
  
      """
+    cluster_info = self.cfg.GetClusterInfo()
      for node, n_img in node_image.items():
        # This code checks that every node which is now listed as
        # secondary has enough memory to host all instances it is
      for node, n_img in node_image.items():
        # This code checks that every node which is now listed as
        # secondary has enough memory to host all instances it is
@@ -1650,103 +2640,168 @@ class LUClusterVerify(LogicalUnit):
        # WARNING: we currently take into account down instances as well
        # as up ones, considering that even if they're down someone
        # might want to start them even in the event of a node failure.
        # WARNING: we currently take into account down instances as well
        # as up ones, considering that even if they're down someone
        # might want to start them even in the event of a node failure.
-      if n_img.offline:
-        # we're skipping offline nodes from the N+1 warning, since
-        # most likely we don't have good memory infromation from them;
-        # we already list instances living on such nodes, and that's
-        # enough warning
+      if n_img.offline or self.all_node_info[node].group != self.group_uuid:
+        # we're skipping nodes marked offline and nodes in other groups from
+        # the N+1 warning, since most likely we don't have good memory
+        # infromation from them; we already list instances living on such
+        # nodes, and that's enough warning
          continue
          continue
+      #TODO(dynmem): also consider ballooning out other instances
        for prinode, instances in n_img.sbp.items():
          needed_mem = 0
          for instance in instances:
        for prinode, instances in n_img.sbp.items():
          needed_mem = 0
          for instance in instances:
-          bep = self.cfg.GetClusterInfo().FillBE(instance_cfg[instance])
+          bep = cluster_info.FillBE(instance_cfg[instance])
            if bep[constants.BE_AUTO_BALANCE]:
            if bep[constants.BE_AUTO_BALANCE]:
-            needed_mem += bep[constants.BE_MEMORY]
+            needed_mem += bep[constants.BE_MINMEM]
          test = n_img.mfree < needed_mem
          test = n_img.mfree < needed_mem
-        self._ErrorIf(test, self.ENODEN1, node,
+        self._ErrorIf(test, constants.CV_ENODEN1, node,
                        "not enough memory to accomodate instance failovers"
                        " should node %s fail (%dMiB needed, %dMiB available)",
                        prinode, needed_mem, n_img.mfree)
  
                        "not enough memory to accomodate instance failovers"
                        " should node %s fail (%dMiB needed, %dMiB available)",
                        prinode, needed_mem, n_img.mfree)
  
-  def _VerifyNodeFiles(self, ninfo, nresult, file_list, local_cksum,
-                       master_files):
-    """Verifies and computes the node required file checksums.
+  @classmethod
+  def _VerifyFiles(cls, errorif, nodeinfo, master_node, all_nvinfo,
+                   (files_all, files_opt, files_mc, files_vm)):
+    """Verifies file checksums collected from all nodes.
  
  
-    @type ninfo: L{objects.Node}
-    @param ninfo: the node to check
-    @param nresult: the remote results for the node
-    @param file_list: required list of files
-    @param local_cksum: dictionary of local files and their checksums
-    @param master_files: list of files that only masters should have
+    @param errorif: Callback for reporting errors
+    @param nodeinfo: List of L{objects.Node} objects
+    @param master_node: Name of master node
+    @param all_nvinfo: RPC results
  
      """
  
      """
-    node = ninfo.name
-    _ErrorIf = self._ErrorIf # pylint: disable-msg=C0103
-
-    remote_cksum = nresult.get(constants.NV_FILELIST, None)
-    test = not isinstance(remote_cksum, dict)
-    _ErrorIf(test, self.ENODEFILECHECK, node,
-             "node hasn't returned file checksum data")
-    if test:
-      return
+    # Define functions determining which nodes to consider for a file
+    files2nodefn = [
+      (files_all, None),
+      (files_mc, lambda node: (node.master_candidate or
+                               node.name == master_node)),
+      (files_vm, lambda node: node.vm_capable),
+      ]
  
  
-    for file_name in file_list:
-      node_is_mc = ninfo.master_candidate
-      must_have = (file_name not in master_files) or node_is_mc
-      # missing
-      test1 = file_name not in remote_cksum
-      # invalid checksum
-      test2 = not test1 and remote_cksum[file_name] != local_cksum[file_name]
-      # existing and good
-      test3 = not test1 and remote_cksum[file_name] == local_cksum[file_name]
-      _ErrorIf(test1 and must_have, self.ENODEFILECHECK, node,
-               "file '%s' missing", file_name)
-      _ErrorIf(test2 and must_have, self.ENODEFILECHECK, node,
-               "file '%s' has wrong checksum", file_name)
-      # not candidate and this is not a must-have file
-      _ErrorIf(test2 and not must_have, self.ENODEFILECHECK, node,
-               "file '%s' should not exist on non master"
-               " candidates (and the file is outdated)", file_name)
-      # all good, except non-master/non-must have combination
-      _ErrorIf(test3 and not must_have, self.ENODEFILECHECK, node,
-               "file '%s' should not exist"
-               " on non master candidates", file_name)
+    # Build mapping from filename to list of nodes which should have the file
+    nodefiles = {}
+    for (files, fn) in files2nodefn:
+      if fn is None:
+        filenodes = nodeinfo
+      else:
+        filenodes = filter(fn, nodeinfo)
+      nodefiles.update((filename,
+                        frozenset(map(operator.attrgetter("name"), filenodes)))
+                       for filename in files)
  
  
-  def _VerifyNodeDrbd(self, ninfo, nresult, instanceinfo, drbd_helper,
-                      drbd_map):
-    """Verifies and the node DRBD status.
+    assert set(nodefiles) == (files_all | files_mc | files_vm)
  
  
-    @type ninfo: L{objects.Node}
-    @param ninfo: the node to check
-    @param nresult: the remote results for the node
-    @param instanceinfo: the dict of instances
-    @param drbd_helper: the configured DRBD usermode helper
-    @param drbd_map: the DRBD map as returned by
-        L{ganeti.config.ConfigWriter.ComputeDRBDMap}
+    fileinfo = dict((filename, {}) for filename in nodefiles)
+    ignore_nodes = set()
  
  
-    """
+    for node in nodeinfo:
+      if node.offline:
+        ignore_nodes.add(node.name)
+        continue
+
+      nresult = all_nvinfo[node.name]
+
+      if nresult.fail_msg or not nresult.payload:
+        node_files = None
+      else:
+        fingerprints = nresult.payload.get(constants.NV_FILELIST, None)
+        node_files = dict((vcluster.LocalizeVirtualPath(key), value)
+                          for (key, value) in fingerprints.items())
+        del fingerprints
+
+      test = not (node_files and isinstance(node_files, dict))
+      errorif(test, constants.CV_ENODEFILECHECK, node.name,
+              "Node did not return file checksum data")
+      if test:
+        ignore_nodes.add(node.name)
+        continue
+
+      # Build per-checksum mapping from filename to nodes having it
+      for (filename, checksum) in node_files.items():
+        assert filename in nodefiles
+        fileinfo[filename].setdefault(checksum, set()).add(node.name)
+
+    for (filename, checksums) in fileinfo.items():
+      assert compat.all(len(i) > 10 for i in checksums), "Invalid checksum"
+
+      # Nodes having the file
+      with_file = frozenset(node_name
+                            for nodes in fileinfo[filename].values()
+                            for node_name in nodes) - ignore_nodes
+
+      expected_nodes = nodefiles[filename] - ignore_nodes
+
+      # Nodes missing file
+      missing_file = expected_nodes - with_file
+
+      if filename in files_opt:
+        # All or no nodes
+        errorif(missing_file and missing_file != expected_nodes,
+                constants.CV_ECLUSTERFILECHECK, None,
+                "File %s is optional, but it must exist on all or no"
+                " nodes (not found on %s)",
+                filename, utils.CommaJoin(utils.NiceSort(missing_file)))
+      else:
+        errorif(missing_file, constants.CV_ECLUSTERFILECHECK, None,
+                "File %s is missing from node(s) %s", filename,
+                utils.CommaJoin(utils.NiceSort(missing_file)))
+
+        # Warn if a node has a file it shouldn't
+        unexpected = with_file - expected_nodes
+        errorif(unexpected,
+                constants.CV_ECLUSTERFILECHECK, None,
+                "File %s should not exist on node(s) %s",
+                filename, utils.CommaJoin(utils.NiceSort(unexpected)))
+
+      # See if there are multiple versions of the file
+      test = len(checksums) > 1
+      if test:
+        variants = ["variant %s on %s" %
+                    (idx + 1, utils.CommaJoin(utils.NiceSort(nodes)))
+                    for (idx, (checksum, nodes)) in
+                      enumerate(sorted(checksums.items()))]
+      else:
+        variants = []
+
+      errorif(test, constants.CV_ECLUSTERFILECHECK, None,
+              "File %s found with %s different checksums (%s)",
+              filename, len(checksums), "; ".join(variants))
+
+  def _VerifyNodeDrbd(self, ninfo, nresult, instanceinfo, drbd_helper,
+                      drbd_map):
+    """Verifies and the node DRBD status.
+
+    @type ninfo: L{objects.Node}
+    @param ninfo: the node to check
+    @param nresult: the remote results for the node
+    @param instanceinfo: the dict of instances
+    @param drbd_helper: the configured DRBD usermode helper
+    @param drbd_map: the DRBD map as returned by
+        L{ganeti.config.ConfigWriter.ComputeDRBDMap}
+
+    """
      node = ninfo.name
      node = ninfo.name
-    _ErrorIf = self._ErrorIf # pylint: disable-msg=C0103
+    _ErrorIf = self._ErrorIf # pylint: disable=C0103
  
      if drbd_helper:
        helper_result = nresult.get(constants.NV_DRBDHELPER, None)
  
      if drbd_helper:
        helper_result = nresult.get(constants.NV_DRBDHELPER, None)
-      test = (helper_result == None)
-      _ErrorIf(test, self.ENODEDRBDHELPER, node,
+      test = (helper_result is None)
+      _ErrorIf(test, constants.CV_ENODEDRBDHELPER, node,
                 "no drbd usermode helper returned")
        if helper_result:
          status, payload = helper_result
          test = not status
                 "no drbd usermode helper returned")
        if helper_result:
          status, payload = helper_result
          test = not status
-        _ErrorIf(test, self.ENODEDRBDHELPER, node,
+        _ErrorIf(test, constants.CV_ENODEDRBDHELPER, node,
                   "drbd usermode helper check unsuccessful: %s", payload)
          test = status and (payload != drbd_helper)
                   "drbd usermode helper check unsuccessful: %s", payload)
          test = status and (payload != drbd_helper)
-        _ErrorIf(test, self.ENODEDRBDHELPER, node,
+        _ErrorIf(test, constants.CV_ENODEDRBDHELPER, node,
                   "wrong drbd usermode helper: %s", payload)
  
      # compute the DRBD minors
      node_drbd = {}
      for minor, instance in drbd_map[node].items():
        test = instance not in instanceinfo
                   "wrong drbd usermode helper: %s", payload)
  
      # compute the DRBD minors
      node_drbd = {}
      for minor, instance in drbd_map[node].items():
        test = instance not in instanceinfo
-      _ErrorIf(test, self.ECLUSTERCFG, None,
+      _ErrorIf(test, constants.CV_ECLUSTERCFG, None,
                 "ghost instance '%s' in temporary DRBD map", instance)
          # ghost instance should not be running, but otherwise we
          # don't give double warnings (both ghost instance and
                 "ghost instance '%s' in temporary DRBD map", instance)
          # ghost instance should not be running, but otherwise we
          # don't give double warnings (both ghost instance and
@@ -1755,12 +2810,13 @@ class LUClusterVerify(LogicalUnit):
          node_drbd[minor] = (instance, False)
        else:
          instance = instanceinfo[instance]
          node_drbd[minor] = (instance, False)
        else:
          instance = instanceinfo[instance]
-        node_drbd[minor] = (instance.name, instance.admin_up)
+        node_drbd[minor] = (instance.name,
+                            instance.admin_state == constants.ADMINST_UP)
  
      # and now check them
      used_minors = nresult.get(constants.NV_DRBDLIST, [])
      test = not isinstance(used_minors, (tuple, list))
  
      # and now check them
      used_minors = nresult.get(constants.NV_DRBDLIST, [])
      test = not isinstance(used_minors, (tuple, list))
-    _ErrorIf(test, self.ENODEDRBD, node,
+    _ErrorIf(test, constants.CV_ENODEDRBD, node,
               "cannot parse drbd status file: %s", str(used_minors))
      if test:
        # we cannot check drbd status
               "cannot parse drbd status file: %s", str(used_minors))
      if test:
        # we cannot check drbd status
@@ -1768,11 +2824,11 @@ class LUClusterVerify(LogicalUnit):
  
      for minor, (iname, must_exist) in node_drbd.items():
        test = minor not in used_minors and must_exist
  
      for minor, (iname, must_exist) in node_drbd.items():
        test = minor not in used_minors and must_exist
-      _ErrorIf(test, self.ENODEDRBD, node,
+      _ErrorIf(test, constants.CV_ENODEDRBD, node,
                 "drbd minor %d of instance %s is not active", minor, iname)
      for minor in used_minors:
        test = minor not in node_drbd
                 "drbd minor %d of instance %s is not active", minor, iname)
      for minor in used_minors:
        test = minor not in node_drbd
-      _ErrorIf(test, self.ENODEDRBD, node,
+      _ErrorIf(test, constants.CV_ENODEDRBD, node,
                 "unallocated drbd minor %d is in use", minor)
  
    def _UpdateNodeOS(self, ninfo, nresult, nimg):
                 "unallocated drbd minor %d is in use", minor)
  
    def _UpdateNodeOS(self, ninfo, nresult, nimg):
@@ -1785,14 +2841,14 @@ class LUClusterVerify(LogicalUnit):
  
      """
      node = ninfo.name
  
      """
      node = ninfo.name
-    _ErrorIf = self._ErrorIf # pylint: disable-msg=C0103
+    _ErrorIf = self._ErrorIf # pylint: disable=C0103
  
      remote_os = nresult.get(constants.NV_OSLIST, None)
      test = (not isinstance(remote_os, list) or
              not compat.all(isinstance(v, list) and len(v) == 7
                             for v in remote_os))
  
  
      remote_os = nresult.get(constants.NV_OSLIST, None)
      test = (not isinstance(remote_os, list) or
              not compat.all(isinstance(v, list) and len(v) == 7
                             for v in remote_os))
  
-    _ErrorIf(test, self.ENODEOS, node,
+    _ErrorIf(test, constants.CV_ENODEOS, node,
               "node hasn't returned valid OS data")
  
      nimg.os_fail = test
               "node hasn't returned valid OS data")
  
      nimg.os_fail = test
@@ -1826,7 +2882,7 @@ class LUClusterVerify(LogicalUnit):
  
      """
      node = ninfo.name
  
      """
      node = ninfo.name
-    _ErrorIf = self._ErrorIf # pylint: disable-msg=C0103
+    _ErrorIf = self._ErrorIf # pylint: disable=C0103
  
      assert not nimg.os_fail, "Entered _VerifyNodeOS with failed OS rpc?"
  
  
      assert not nimg.os_fail, "Entered _VerifyNodeOS with failed OS rpc?"
  
@@ -1834,19 +2890,14 @@ class LUClusterVerify(LogicalUnit):
      for os_name, os_data in nimg.oslist.items():
        assert os_data, "Empty OS status for OS %s?!" % os_name
        f_path, f_status, f_diag, f_var, f_param, f_api = os_data[0]
      for os_name, os_data in nimg.oslist.items():
        assert os_data, "Empty OS status for OS %s?!" % os_name
        f_path, f_status, f_diag, f_var, f_param, f_api = os_data[0]
-      _ErrorIf(not f_status, self.ENODEOS, node,
+      _ErrorIf(not f_status, constants.CV_ENODEOS, node,
                 "Invalid OS %s (located at %s): %s", os_name, f_path, f_diag)
                 "Invalid OS %s (located at %s): %s", os_name, f_path, f_diag)
-      _ErrorIf(len(os_data) > 1, self.ENODEOS, node,
+      _ErrorIf(len(os_data) > 1, constants.CV_ENODEOS, node,
                 "OS '%s' has multiple entries (first one shadows the rest): %s",
                 os_name, utils.CommaJoin([v[0] for v in os_data]))
                 "OS '%s' has multiple entries (first one shadows the rest): %s",
                 os_name, utils.CommaJoin([v[0] for v in os_data]))
-      # this will catched in backend too
-      _ErrorIf(compat.any(v >= constants.OS_API_V15 for v in f_api)
-               and not f_var, self.ENODEOS, node,
-               "OS %s with API at least %d does not declare any variant",
-               os_name, constants.OS_API_V15)
        # comparisons with the 'base' image
        test = os_name not in base.oslist
        # comparisons with the 'base' image
        test = os_name not in base.oslist
-      _ErrorIf(test, self.ENODEOS, node,
+      _ErrorIf(test, constants.CV_ENODEOS, node,
                 "Extra OS %s not present on reference node (%s)",
                 os_name, base.name)
        if test:
                 "Extra OS %s not present on reference node (%s)",
                 os_name, base.name)
        if test:
@@ -1860,17 +2911,48 @@ class LUClusterVerify(LogicalUnit):
                           ("variants list", f_var, b_var),
                           ("parameters", beautify_params(f_param),
                            beautify_params(b_param))]:
                           ("variants list", f_var, b_var),
                           ("parameters", beautify_params(f_param),
                            beautify_params(b_param))]:
-        _ErrorIf(a != b, self.ENODEOS, node,
+        _ErrorIf(a != b, constants.CV_ENODEOS, node,
                   "OS %s for %s differs from reference node %s: [%s] vs. [%s]",
                   kind, os_name, base.name,
                   utils.CommaJoin(sorted(a)), utils.CommaJoin(sorted(b)))
  
      # check any missing OSes
      missing = set(base.oslist.keys()).difference(nimg.oslist.keys())
                   "OS %s for %s differs from reference node %s: [%s] vs. [%s]",
                   kind, os_name, base.name,
                   utils.CommaJoin(sorted(a)), utils.CommaJoin(sorted(b)))
  
      # check any missing OSes
      missing = set(base.oslist.keys()).difference(nimg.oslist.keys())
-    _ErrorIf(missing, self.ENODEOS, node,
+    _ErrorIf(missing, constants.CV_ENODEOS, node,
               "OSes present on reference node %s but missing on this node: %s",
               base.name, utils.CommaJoin(missing))
  
               "OSes present on reference node %s but missing on this node: %s",
               base.name, utils.CommaJoin(missing))
  
+  def _VerifyFileStoragePaths(self, ninfo, nresult, is_master):
+    """Verifies paths in L{pathutils.FILE_STORAGE_PATHS_FILE}.
+
+    @type ninfo: L{objects.Node}
+    @param ninfo: the node to check
+    @param nresult: the remote results for the node
+    @type is_master: bool
+    @param is_master: Whether node is the master node
+
+    """
+    node = ninfo.name
+
+    if (is_master and
+        (constants.ENABLE_FILE_STORAGE or
+         constants.ENABLE_SHARED_FILE_STORAGE)):
+      try:
+        fspaths = nresult[constants.NV_FILE_STORAGE_PATHS]
+      except KeyError:
+        # This should never happen
+        self._ErrorIf(True, constants.CV_ENODEFILESTORAGEPATHS, node,
+                      "Node did not return forbidden file storage paths")
+      else:
+        self._ErrorIf(fspaths, constants.CV_ENODEFILESTORAGEPATHS, node,
+                      "Found forbidden file storage paths: %s",
+                      utils.CommaJoin(fspaths))
+    else:
+      self._ErrorIf(constants.NV_FILE_STORAGE_PATHS in nresult,
+                    constants.CV_ENODEFILESTORAGEPATHS, node,
+                    "Node should not have returned forbidden file storage"
+                    " paths")
+
    def _VerifyOob(self, ninfo, nresult):
      """Verifies out of band functionality of a node.
  
    def _VerifyOob(self, ninfo, nresult):
      """Verifies out of band functionality of a node.
  
@@ -1885,7 +2967,7 @@ class LUClusterVerify(LogicalUnit):
      if ((ninfo.master_candidate or ninfo.master_capable) and
          constants.NV_OOB_PATHS in nresult):
        for path_result in nresult[constants.NV_OOB_PATHS]:
      if ((ninfo.master_candidate or ninfo.master_capable) and
          constants.NV_OOB_PATHS in nresult):
        for path_result in nresult[constants.NV_OOB_PATHS]:
-        self._ErrorIf(path_result, self.ENODEOOBPATH, node, path_result)
+        self._ErrorIf(path_result, constants.CV_ENODEOOBPATH, node, path_result)
  
    def _UpdateNodeVolumes(self, ninfo, nresult, nimg, vg_name):
      """Verifies and updates the node volume data.
  
    def _UpdateNodeVolumes(self, ninfo, nresult, nimg, vg_name):
      """Verifies and updates the node volume data.
@@ -1901,17 +2983,18 @@ class LUClusterVerify(LogicalUnit):
  
      """
      node = ninfo.name
  
      """
      node = ninfo.name
-    _ErrorIf = self._ErrorIf # pylint: disable-msg=C0103
+    _ErrorIf = self._ErrorIf # pylint: disable=C0103
  
      nimg.lvm_fail = True
      lvdata = nresult.get(constants.NV_LVLIST, "Missing LV data")
      if vg_name is None:
        pass
      elif isinstance(lvdata, basestring):
  
      nimg.lvm_fail = True
      lvdata = nresult.get(constants.NV_LVLIST, "Missing LV data")
      if vg_name is None:
        pass
      elif isinstance(lvdata, basestring):
-      _ErrorIf(True, self.ENODELVM, node, "LVM problem on node: %s",
+      _ErrorIf(True, constants.CV_ENODELVM, node, "LVM problem on node: %s",
                 utils.SafeEncode(lvdata))
      elif not isinstance(lvdata, dict):
                 utils.SafeEncode(lvdata))
      elif not isinstance(lvdata, dict):
-      _ErrorIf(True, self.ENODELVM, node, "rpc call to node failed (lvlist)")
+      _ErrorIf(True, constants.CV_ENODELVM, node,
+               "rpc call to node failed (lvlist)")
      else:
        nimg.volumes = lvdata
        nimg.lvm_fail = False
      else:
        nimg.volumes = lvdata
        nimg.lvm_fail = False
@@ -1931,8 +3014,9 @@ class LUClusterVerify(LogicalUnit):
      """
      idata = nresult.get(constants.NV_INSTANCELIST, None)
      test = not isinstance(idata, list)
      """
      idata = nresult.get(constants.NV_INSTANCELIST, None)
      test = not isinstance(idata, list)
-    self._ErrorIf(test, self.ENODEHV, ninfo.name, "rpc call to node failed"
-                  " (instancelist): %s", utils.SafeEncode(str(idata)))
+    self._ErrorIf(test, constants.CV_ENODEHV, ninfo.name,
+                  "rpc call to node failed (instancelist): %s",
+                  utils.SafeEncode(str(idata)))
      if test:
        nimg.hyp_fail = True
      else:
      if test:
        nimg.hyp_fail = True
      else:
@@ -1949,31 +3033,32 @@ class LUClusterVerify(LogicalUnit):
  
      """
      node = ninfo.name
  
      """
      node = ninfo.name
-    _ErrorIf = self._ErrorIf # pylint: disable-msg=C0103
+    _ErrorIf = self._ErrorIf # pylint: disable=C0103
  
      # try to read free memory (from the hypervisor)
      hv_info = nresult.get(constants.NV_HVINFO, None)
      test = not isinstance(hv_info, dict) or "memory_free" not in hv_info
  
      # try to read free memory (from the hypervisor)
      hv_info = nresult.get(constants.NV_HVINFO, None)
      test = not isinstance(hv_info, dict) or "memory_free" not in hv_info
-    _ErrorIf(test, self.ENODEHV, node, "rpc call to node failed (hvinfo)")
+    _ErrorIf(test, constants.CV_ENODEHV, node,
+             "rpc call to node failed (hvinfo)")
      if not test:
        try:
          nimg.mfree = int(hv_info["memory_free"])
        except (ValueError, TypeError):
      if not test:
        try:
          nimg.mfree = int(hv_info["memory_free"])
        except (ValueError, TypeError):
-        _ErrorIf(True, self.ENODERPC, node,
+        _ErrorIf(True, constants.CV_ENODERPC, node,
                   "node returned invalid nodeinfo, check hypervisor")
  
      # FIXME: devise a free space model for file based instances as well
      if vg_name is not None:
        test = (constants.NV_VGLIST not in nresult or
                vg_name not in nresult[constants.NV_VGLIST])
                   "node returned invalid nodeinfo, check hypervisor")
  
      # FIXME: devise a free space model for file based instances as well
      if vg_name is not None:
        test = (constants.NV_VGLIST not in nresult or
                vg_name not in nresult[constants.NV_VGLIST])
-      _ErrorIf(test, self.ENODELVM, node,
+      _ErrorIf(test, constants.CV_ENODELVM, node,
                 "node didn't return data for the volume group '%s'"
                 " - it is either missing or broken", vg_name)
        if not test:
          try:
            nimg.dfree = int(nresult[constants.NV_VGLIST][vg_name])
          except (ValueError, TypeError):
                 "node didn't return data for the volume group '%s'"
                 " - it is either missing or broken", vg_name)
        if not test:
          try:
            nimg.dfree = int(nresult[constants.NV_VGLIST][vg_name])
          except (ValueError, TypeError):
-          _ErrorIf(True, self.ENODERPC, node,
+          _ErrorIf(True, constants.CV_ENODERPC, node,
                     "node returned invalid LVM info, check LVM status")
  
    def _CollectDiskInfo(self, nodelist, node_image, instanceinfo):
                     "node returned invalid LVM info, check LVM status")
  
    def _CollectDiskInfo(self, nodelist, node_image, instanceinfo):
@@ -1991,7 +3076,7 @@ class LUClusterVerify(LogicalUnit):
          list of tuples (success, payload)
  
      """
          list of tuples (success, payload)
  
      """
-    _ErrorIf = self._ErrorIf # pylint: disable-msg=C0103
+    _ErrorIf = self._ErrorIf # pylint: disable=C0103
  
      node_disks = {}
      node_disks_devonly = {}
  
      node_disks = {}
      node_disks_devonly = {}
@@ -2013,12 +3098,12 @@ class LUClusterVerify(LogicalUnit):
  
        node_disks[nname] = disks
  
  
        node_disks[nname] = disks
  
-      # Creating copies as SetDiskID below will modify the objects and that can
-      # lead to incorrect data returned from nodes
-      devonly = [dev.Copy() for (_, dev) in disks]
-
-      for dev in devonly:
-        self.cfg.SetDiskID(dev, nname)
+      # _AnnotateDiskParams makes already copies of the disks
+      devonly = []
+      for (inst, dev) in disks:
+        (anno_disk,) = _AnnotateDiskParams(instanceinfo[inst], [dev], self.cfg)
+        self.cfg.SetDiskID(anno_disk, nname)
+        devonly.append(anno_disk)
  
        node_disks_devonly[nname] = devonly
  
  
        node_disks_devonly[nname] = devonly
  
@@ -2040,7 +3125,7 @@ class LUClusterVerify(LogicalUnit):
          data = len(disks) * [(False, "node offline")]
        else:
          msg = nres.fail_msg
          data = len(disks) * [(False, "node offline")]
        else:
          msg = nres.fail_msg
-        _ErrorIf(msg, self.ENODERPC, nname,
+        _ErrorIf(msg, constants.CV_ENODERPC, nname,
                   "while getting disk information: %s", msg)
          if msg:
            # No data from this node
                   "while getting disk information: %s", msg)
          if msg:
            # No data from this node
@@ -2073,20 +3158,39 @@ class LUClusterVerify(LogicalUnit):
  
      return instdisk
  
  
      return instdisk
  
-  def _VerifyHVP(self, hvp_data):
-    """Verifies locally the syntax of the hypervisor parameters.
+  @staticmethod
+  def _SshNodeSelector(group_uuid, all_nodes):
+    """Create endless iterators for all potential SSH check hosts.
  
      """
  
      """
-    for item, hv_name, hv_params in hvp_data:
-      msg = ("hypervisor %s parameters syntax check (source %s): %%s" %
-             (item, hv_name))
-      try:
-        hv_class = hypervisor.GetHypervisor(hv_name)
-        utils.ForceDictType(hv_params, constants.HVS_PARAMETER_TYPES)
-        hv_class.CheckParameterSyntax(hv_params)
-      except errors.GenericError, err:
-        self._ErrorIf(True, self.ECLUSTERCFG, None, msg % str(err))
+    nodes = [node for node in all_nodes
+             if (node.group != group_uuid and
+                 not node.offline)]
+    keyfunc = operator.attrgetter("group")
+
+    return map(itertools.cycle,
+               [sorted(map(operator.attrgetter("name"), names))
+                for _, names in itertools.groupby(sorted(nodes, key=keyfunc),
+                                                  keyfunc)])
+
+  @classmethod
+  def _SelectSshCheckNodes(cls, group_nodes, group_uuid, all_nodes):
+    """Choose which nodes should talk to which other nodes.
+
+    We will make nodes contact all nodes in their group, and one node from
+    every other group.
+
+    @warning: This algorithm has a known issue if one node group is much
+      smaller than others (e.g. just one node). In such a case all other
+      nodes will talk to the single node.
+
+    """
+    online_nodes = sorted(node.name for node in group_nodes if not node.offline)
+    sel = cls._SshNodeSelector(group_uuid, all_nodes)
  
  
+    return (online_nodes,
+            dict((name, sorted([i.next() for i in sel]))
+                 for name in online_nodes))
  
    def BuildHooksEnv(self):
      """Build hooks env.
  
    def BuildHooksEnv(self):
      """Build hooks env.
@@ -2095,91 +3199,81 @@ class LUClusterVerify(LogicalUnit):
      the output be logged in the verify output and the verification to fail.
  
      """
      the output be logged in the verify output and the verification to fail.
  
      """
-    all_nodes = self.cfg.GetNodeList()
      env = {
      env = {
-      "CLUSTER_TAGS": " ".join(self.cfg.GetClusterInfo().GetTags())
+      "CLUSTER_TAGS": " ".join(self.cfg.GetClusterInfo().GetTags()),
        }
        }
-    for node in self.cfg.GetAllNodesInfo().values():
-      env["NODE_TAGS_%s" % node.name] = " ".join(node.GetTags())
  
  
-    return env, [], all_nodes
+    env.update(("NODE_TAGS_%s" % node.name, " ".join(node.GetTags()))
+               for node in self.my_node_info.values())
+
+    return env
+
+  def BuildHooksNodes(self):
+    """Build hooks nodes.
+
+    """
+    return ([], self.my_node_names)
  
    def Exec(self, feedback_fn):
  
    def Exec(self, feedback_fn):
-    """Verify integrity of cluster, performing various test on nodes.
+    """Verify integrity of the node group, performing various test on nodes.
  
      """
  
      """
-    # This method has too many local variables. pylint: disable-msg=R0914
+    # This method has too many local variables. pylint: disable=R0914
+    feedback_fn("* Verifying group '%s'" % self.group_info.name)
+
+    if not self.my_node_names:
+      # empty node group
+      feedback_fn("* Empty node group, skipping verification")
+      return True
+
      self.bad = False
      self.bad = False
-    _ErrorIf = self._ErrorIf # pylint: disable-msg=C0103
+    _ErrorIf = self._ErrorIf # pylint: disable=C0103
      verbose = self.op.verbose
      self._feedback_fn = feedback_fn
      verbose = self.op.verbose
      self._feedback_fn = feedback_fn
-    feedback_fn("* Verifying global settings")
-    for msg in self.cfg.VerifyConfig():
-      _ErrorIf(True, self.ECLUSTERCFG, None, msg)
-
-    # Check the cluster certificates
-    for cert_filename in constants.ALL_CERT_FILES:
-      (errcode, msg) = _VerifyCertificate(cert_filename)
-      _ErrorIf(errcode, self.ECLUSTERCERT, None, msg, code=errcode)
  
      vg_name = self.cfg.GetVGName()
      drbd_helper = self.cfg.GetDRBDHelper()
  
      vg_name = self.cfg.GetVGName()
      drbd_helper = self.cfg.GetDRBDHelper()
-    hypervisors = self.cfg.GetClusterInfo().enabled_hypervisors
      cluster = self.cfg.GetClusterInfo()
      cluster = self.cfg.GetClusterInfo()
-    nodeinfo_byname = self.cfg.GetAllNodesInfo()
-    nodelist = utils.NiceSort(nodeinfo_byname.keys())
-    nodeinfo = [nodeinfo_byname[nname] for nname in nodelist]
-    instanceinfo = self.cfg.GetAllInstancesInfo()
-    instancelist = utils.NiceSort(instanceinfo.keys())
      groupinfo = self.cfg.GetAllNodeGroupsInfo()
      groupinfo = self.cfg.GetAllNodeGroupsInfo()
+    hypervisors = cluster.enabled_hypervisors
+    node_data_list = [self.my_node_info[name] for name in self.my_node_names]
+
      i_non_redundant = [] # Non redundant instances
      i_non_a_balanced = [] # Non auto-balanced instances
      i_non_redundant = [] # Non redundant instances
      i_non_a_balanced = [] # Non auto-balanced instances
+    i_offline = 0 # Count of offline instances
      n_offline = 0 # Count of offline nodes
      n_drained = 0 # Count of nodes being drained
      node_vol_should = {}
  
      # FIXME: verify OS list
      n_offline = 0 # Count of offline nodes
      n_drained = 0 # Count of nodes being drained
      node_vol_should = {}
  
      # FIXME: verify OS list
+
+    # File verification
+    filemap = _ComputeAncillaryFiles(cluster, False)
+
      # do local checksums
      # do local checksums
-    master_files = [constants.CLUSTER_CONF_FILE]
      master_node = self.master_node = self.cfg.GetMasterNode()
      master_ip = self.cfg.GetMasterIP()
  
      master_node = self.master_node = self.cfg.GetMasterNode()
      master_ip = self.cfg.GetMasterIP()
  
-    file_names = ssconf.SimpleStore().GetFileList()
-    file_names.extend(constants.ALL_CERT_FILES)
-    file_names.extend(master_files)
-    if cluster.modify_etc_hosts:
-      file_names.append(constants.ETC_HOSTS)
-
-    local_checksums = utils.FingerprintFiles(file_names)
-
-    # Compute the set of hypervisor parameters
-    hvp_data = []
-    for hv_name in hypervisors:
-      hvp_data.append(("cluster", hv_name, cluster.GetHVDefaults(hv_name)))
-    for os_name, os_hvp in cluster.os_hvp.items():
-      for hv_name, hv_params in os_hvp.items():
-        if not hv_params:
-          continue
-        full_params = cluster.GetHVDefaults(hv_name, os_name=os_name)
-        hvp_data.append(("os %s" % os_name, hv_name, full_params))
-    # TODO: collapse identical parameter values in a single one
-    for instance in instanceinfo.values():
-      if not instance.hvparams:
-        continue
-      hvp_data.append(("instance %s" % instance.name, instance.hypervisor,
-                       cluster.FillHV(instance)))
-    # and verify them locally
-    self._VerifyHVP(hvp_data)
+    feedback_fn("* Gathering data (%d nodes)" % len(self.my_node_names))
+
+    user_scripts = []
+    if self.cfg.GetUseExternalMipScript():
+      user_scripts.append(pathutils.EXTERNAL_MASTER_SETUP_SCRIPT)
  
  
-    feedback_fn("* Gathering data (%d nodes)" % len(nodelist))
      node_verify_param = {
      node_verify_param = {
-      constants.NV_FILELIST: file_names,
-      constants.NV_NODELIST: [node.name for node in nodeinfo
-                              if not node.offline],
+      constants.NV_FILELIST:
+        map(vcluster.MakeVirtualPath,
+            utils.UniqueSequence(filename
+                                 for files in filemap
+                                 for filename in files)),
+      constants.NV_NODELIST:
+        self._SelectSshCheckNodes(node_data_list, self.group_uuid,
+                                  self.all_node_info.values()),
        constants.NV_HYPERVISOR: hypervisors,
        constants.NV_HYPERVISOR: hypervisors,
-      constants.NV_HVPARAMS: hvp_data,
-      constants.NV_NODENETTEST: [(node.name, node.primary_ip,
-                                  node.secondary_ip) for node in nodeinfo
+      constants.NV_HVPARAMS:
+        _GetAllHypervisorParameters(cluster, self.all_inst_info.values()),
+      constants.NV_NODENETTEST: [(node.name, node.primary_ip, node.secondary_ip)
+                                 for node in node_data_list
                                   if not node.offline],
        constants.NV_INSTANCELIST: hypervisors,
        constants.NV_VERSION: None,
                                   if not node.offline],
        constants.NV_INSTANCELIST: hypervisors,
        constants.NV_VERSION: None,
@@ -2189,24 +3283,29 @@ class LUClusterVerify(LogicalUnit):
        constants.NV_MASTERIP: (master_node, master_ip),
        constants.NV_OSLIST: None,
        constants.NV_VMNODES: self.cfg.GetNonVmCapableNodeList(),
        constants.NV_MASTERIP: (master_node, master_ip),
        constants.NV_OSLIST: None,
        constants.NV_VMNODES: self.cfg.GetNonVmCapableNodeList(),
+      constants.NV_USERSCRIPTS: user_scripts,
        }
  
      if vg_name is not None:
        node_verify_param[constants.NV_VGLIST] = None
        node_verify_param[constants.NV_LVLIST] = vg_name
        node_verify_param[constants.NV_PVLIST] = [vg_name]
        }
  
      if vg_name is not None:
        node_verify_param[constants.NV_VGLIST] = None
        node_verify_param[constants.NV_LVLIST] = vg_name
        node_verify_param[constants.NV_PVLIST] = [vg_name]
-      node_verify_param[constants.NV_DRBDLIST] = None
  
      if drbd_helper:
  
      if drbd_helper:
+      node_verify_param[constants.NV_DRBDLIST] = None
        node_verify_param[constants.NV_DRBDHELPER] = drbd_helper
  
        node_verify_param[constants.NV_DRBDHELPER] = drbd_helper
  
+    if constants.ENABLE_FILE_STORAGE or constants.ENABLE_SHARED_FILE_STORAGE:
+      # Load file storage paths only from master node
+      node_verify_param[constants.NV_FILE_STORAGE_PATHS] = master_node
+
      # bridge checks
      # FIXME: this needs to be changed per node-group, not cluster-wide
      bridges = set()
      default_nicpp = cluster.nicparams[constants.PP_DEFAULT]
      if default_nicpp[constants.NIC_MODE] == constants.NIC_MODE_BRIDGED:
        bridges.add(default_nicpp[constants.NIC_LINK])
      # bridge checks
      # FIXME: this needs to be changed per node-group, not cluster-wide
      bridges = set()
      default_nicpp = cluster.nicparams[constants.PP_DEFAULT]
      if default_nicpp[constants.NIC_MODE] == constants.NIC_MODE_BRIDGED:
        bridges.add(default_nicpp[constants.NIC_LINK])
-    for instance in instanceinfo.values():
+    for instance in self.my_inst_info.values():
        for nic in instance.nics:
          full_nic = cluster.SimpleFillNIC(nic.nicparams)
          if full_nic[constants.NIC_MODE] == constants.NIC_MODE_BRIDGED:
        for nic in instance.nics:
          full_nic = cluster.SimpleFillNIC(nic.nicparams)
          if full_nic[constants.NIC_MODE] == constants.NIC_MODE_BRIDGED:
@@ -2219,11 +3318,11 @@ class LUClusterVerify(LogicalUnit):
      node_image = dict((node.name, self.NodeImage(offline=node.offline,
                                                   name=node.name,
                                                   vm_capable=node.vm_capable))
      node_image = dict((node.name, self.NodeImage(offline=node.offline,
                                                   name=node.name,
                                                   vm_capable=node.vm_capable))
-                      for node in nodeinfo)
+                      for node in node_data_list)
  
      # Gather OOB paths
      oob_paths = []
  
      # Gather OOB paths
      oob_paths = []
-    for node in nodeinfo:
+    for node in self.all_node_info.values():
        path = _SupportsOob(self.cfg, node)
        if path and path not in oob_paths:
          oob_paths.append(path)
        path = _SupportsOob(self.cfg, node)
        if path and path not in oob_paths:
          oob_paths.append(path)
@@ -2231,14 +3330,15 @@ class LUClusterVerify(LogicalUnit):
      if oob_paths:
        node_verify_param[constants.NV_OOB_PATHS] = oob_paths
  
      if oob_paths:
        node_verify_param[constants.NV_OOB_PATHS] = oob_paths
  
-    for instance in instancelist:
-      inst_config = instanceinfo[instance]
+    for instance in self.my_inst_names:
+      inst_config = self.my_inst_info[instance]
+      if inst_config.admin_state == constants.ADMINST_OFFLINE:
+        i_offline += 1
  
        for nname in inst_config.all_nodes:
          if nname not in node_image:
  
        for nname in inst_config.all_nodes:
          if nname not in node_image:
-          # ghost node
            gnode = self.NodeImage(name=nname)
            gnode = self.NodeImage(name=nname)
-          gnode.ghost = True
+          gnode.ghost = (nname not in self.all_node_info)
            node_image[nname] = gnode
  
        inst_config.MapLVsByNode(node_vol_should)
            node_image[nname] = gnode
  
        inst_config.MapLVsByNode(node_vol_should)
@@ -2261,20 +3361,62 @@ class LUClusterVerify(LogicalUnit):
      # time before and after executing the request, we can at least have a time
      # window.
      nvinfo_starttime = time.time()
      # time before and after executing the request, we can at least have a time
      # window.
      nvinfo_starttime = time.time()
-    all_nvinfo = self.rpc.call_node_verify(nodelist, node_verify_param,
+    all_nvinfo = self.rpc.call_node_verify(self.my_node_names,
+                                           node_verify_param,
                                             self.cfg.GetClusterName())
      nvinfo_endtime = time.time()
  
                                             self.cfg.GetClusterName())
      nvinfo_endtime = time.time()
  
+    if self.extra_lv_nodes and vg_name is not None:
+      extra_lv_nvinfo = \
+          self.rpc.call_node_verify(self.extra_lv_nodes,
+                                    {constants.NV_LVLIST: vg_name},
+                                    self.cfg.GetClusterName())
+    else:
+      extra_lv_nvinfo = {}
+
      all_drbd_map = self.cfg.ComputeDRBDMap()
  
      all_drbd_map = self.cfg.ComputeDRBDMap()
  
-    feedback_fn("* Gathering disk information (%s nodes)" % len(nodelist))
-    instdisk = self._CollectDiskInfo(nodelist, node_image, instanceinfo)
+    feedback_fn("* Gathering disk information (%s nodes)" %
+                len(self.my_node_names))
+    instdisk = self._CollectDiskInfo(self.my_node_names, node_image,
+                                     self.my_inst_info)
+
+    feedback_fn("* Verifying configuration file consistency")
+
+    # If not all nodes are being checked, we need to make sure the master node
+    # and a non-checked vm_capable node are in the list.
+    absent_nodes = set(self.all_node_info).difference(self.my_node_info)
+    if absent_nodes:
+      vf_nvinfo = all_nvinfo.copy()
+      vf_node_info = list(self.my_node_info.values())
+      additional_nodes = []
+      if master_node not in self.my_node_info:
+        additional_nodes.append(master_node)
+        vf_node_info.append(self.all_node_info[master_node])
+      # Add the first vm_capable node we find which is not included,
+      # excluding the master node (which we already have)
+      for node in absent_nodes:
+        nodeinfo = self.all_node_info[node]
+        if (nodeinfo.vm_capable and not nodeinfo.offline and
+            node != master_node):
+          additional_nodes.append(node)
+          vf_node_info.append(self.all_node_info[node])
+          break
+      key = constants.NV_FILELIST
+      vf_nvinfo.update(self.rpc.call_node_verify(additional_nodes,
+                                                 {key: node_verify_param[key]},
+                                                 self.cfg.GetClusterName()))
+    else:
+      vf_nvinfo = all_nvinfo
+      vf_node_info = self.my_node_info.values()
+
+    self._VerifyFiles(_ErrorIf, vf_node_info, master_node, vf_nvinfo, filemap)
  
      feedback_fn("* Verifying node status")
  
      refos_img = None
  
  
      feedback_fn("* Verifying node status")
  
      refos_img = None
  
-    for node_i in nodeinfo:
+    for node_i in node_data_list:
        node = node_i.name
        nimg = node_image[node]
  
        node = node_i.name
        nimg = node_image[node]
  
@@ -2297,7 +3439,8 @@ class LUClusterVerify(LogicalUnit):
          feedback_fn("* Verifying node %s (%s)" % (node, ntype))
  
        msg = all_nvinfo[node].fail_msg
          feedback_fn("* Verifying node %s (%s)" % (node, ntype))
  
        msg = all_nvinfo[node].fail_msg
-      _ErrorIf(msg, self.ENODERPC, node, "while contacting node: %s", msg)
+      _ErrorIf(msg, constants.CV_ENODERPC, node, "while contacting node: %s",
+               msg)
        if msg:
          nimg.rpc_fail = True
          continue
        if msg:
          nimg.rpc_fail = True
          continue
@@ -2307,31 +3450,48 @@ class LUClusterVerify(LogicalUnit):
        nimg.call_ok = self._VerifyNode(node_i, nresult)
        self._VerifyNodeTime(node_i, nresult, nvinfo_starttime, nvinfo_endtime)
        self._VerifyNodeNetwork(node_i, nresult)
        nimg.call_ok = self._VerifyNode(node_i, nresult)
        self._VerifyNodeTime(node_i, nresult, nvinfo_starttime, nvinfo_endtime)
        self._VerifyNodeNetwork(node_i, nresult)
-      self._VerifyNodeFiles(node_i, nresult, file_names, local_checksums,
-                            master_files)
-
+      self._VerifyNodeUserScripts(node_i, nresult)
        self._VerifyOob(node_i, nresult)
        self._VerifyOob(node_i, nresult)
+      self._VerifyFileStoragePaths(node_i, nresult,
+                                   node == master_node)
  
        if nimg.vm_capable:
          self._VerifyNodeLVM(node_i, nresult, vg_name)
  
        if nimg.vm_capable:
          self._VerifyNodeLVM(node_i, nresult, vg_name)
-        self._VerifyNodeDrbd(node_i, nresult, instanceinfo, drbd_helper,
+        self._VerifyNodeDrbd(node_i, nresult, self.all_inst_info, drbd_helper,
                               all_drbd_map)
  
          self._UpdateNodeVolumes(node_i, nresult, nimg, vg_name)
          self._UpdateNodeInstances(node_i, nresult, nimg)
          self._UpdateNodeInfo(node_i, nresult, nimg, vg_name)
          self._UpdateNodeOS(node_i, nresult, nimg)
                               all_drbd_map)
  
          self._UpdateNodeVolumes(node_i, nresult, nimg, vg_name)
          self._UpdateNodeInstances(node_i, nresult, nimg)
          self._UpdateNodeInfo(node_i, nresult, nimg, vg_name)
          self._UpdateNodeOS(node_i, nresult, nimg)
+
          if not nimg.os_fail:
            if refos_img is None:
              refos_img = nimg
            self._VerifyNodeOS(node_i, nimg, refos_img)
          self._VerifyNodeBridges(node_i, nresult, bridges)
  
          if not nimg.os_fail:
            if refos_img is None:
              refos_img = nimg
            self._VerifyNodeOS(node_i, nimg, refos_img)
          self._VerifyNodeBridges(node_i, nresult, bridges)
  
+        # Check whether all running instancies are primary for the node. (This
+        # can no longer be done from _VerifyInstance below, since some of the
+        # wrong instances could be from other node groups.)
+        non_primary_inst = set(nimg.instances).difference(nimg.pinst)
+
+        for inst in non_primary_inst:
+          test = inst in self.all_inst_info
+          _ErrorIf(test, constants.CV_EINSTANCEWRONGNODE, inst,
+                   "instance should not run on node %s", node_i.name)
+          _ErrorIf(not test, constants.CV_ENODEORPHANINSTANCE, node_i.name,
+                   "node is running unknown instance %s", inst)
+
+    for node, result in extra_lv_nvinfo.items():
+      self._UpdateNodeVolumes(self.all_node_info[node], result.payload,
+                              node_image[node], vg_name)
+
      feedback_fn("* Verifying instance status")
      feedback_fn("* Verifying instance status")
-    for instance in instancelist:
+    for instance in self.my_inst_names:
        if verbose:
          feedback_fn("* Verifying instance %s" % instance)
        if verbose:
          feedback_fn("* Verifying instance %s" % instance)
-      inst_config = instanceinfo[instance]
+      inst_config = self.my_inst_info[instance]
        self._VerifyInstance(instance, inst_config, node_image,
                             instdisk[instance])
        inst_nodes_offline = []
        self._VerifyInstance(instance, inst_config, node_image,
                             instdisk[instance])
        inst_nodes_offline = []
@@ -2339,32 +3499,33 @@ class LUClusterVerify(LogicalUnit):
        pnode = inst_config.primary_node
        pnode_img = node_image[pnode]
        _ErrorIf(pnode_img.rpc_fail and not pnode_img.offline,
        pnode = inst_config.primary_node
        pnode_img = node_image[pnode]
        _ErrorIf(pnode_img.rpc_fail and not pnode_img.offline,
-               self.ENODERPC, pnode, "instance %s, connection to"
+               constants.CV_ENODERPC, pnode, "instance %s, connection to"
                 " primary node failed", instance)
  
                 " primary node failed", instance)
  
-      _ErrorIf(pnode_img.offline, self.EINSTANCEBADNODE, instance,
-               "instance lives on offline node %s", inst_config.primary_node)
+      _ErrorIf(inst_config.admin_state == constants.ADMINST_UP and
+               pnode_img.offline,
+               constants.CV_EINSTANCEBADNODE, instance,
+               "instance is marked as running and lives on offline node %s",
+               inst_config.primary_node)
  
        # If the instance is non-redundant we cannot survive losing its primary
  
        # If the instance is non-redundant we cannot survive losing its primary
-      # node, so we are not N+1 compliant. On the other hand we have no disk
-      # templates with more than one secondary so that situation is not well
-      # supported either.
-      # FIXME: does not support file-backed instances
-      if not inst_config.secondary_nodes:
+      # node, so we are not N+1 compliant.
+      if inst_config.disk_template not in constants.DTS_MIRRORED:
          i_non_redundant.append(instance)
  
          i_non_redundant.append(instance)
  
-      _ErrorIf(len(inst_config.secondary_nodes) > 1, self.EINSTANCELAYOUT,
+      _ErrorIf(len(inst_config.secondary_nodes) > 1,
+               constants.CV_EINSTANCELAYOUT,
                 instance, "instance has multiple secondary nodes: %s",
                 utils.CommaJoin(inst_config.secondary_nodes),
                 code=self.ETYPE_WARNING)
  
                 instance, "instance has multiple secondary nodes: %s",
                 utils.CommaJoin(inst_config.secondary_nodes),
                 code=self.ETYPE_WARNING)
  
-      if inst_config.disk_template in constants.DTS_NET_MIRROR:
+      if inst_config.disk_template in constants.DTS_INT_MIRROR:
          pnode = inst_config.primary_node
          instance_nodes = utils.NiceSort(inst_config.all_nodes)
          instance_groups = {}
  
          for node in instance_nodes:
          pnode = inst_config.primary_node
          instance_nodes = utils.NiceSort(inst_config.all_nodes)
          instance_groups = {}
  
          for node in instance_nodes:
-          instance_groups.setdefault(nodeinfo_byname[node].group,
+          instance_groups.setdefault(self.all_node_info[node].group,
                                       []).append(node)
  
          pretty_list = [
                                       []).append(node)
  
          pretty_list = [
@@ -2374,7 +3535,8 @@ class LUClusterVerify(LogicalUnit):
                                       key=lambda (_, nodes): pnode in nodes,
                                       reverse=True)]
  
                                       key=lambda (_, nodes): pnode in nodes,
                                       reverse=True)]
  
-        self._ErrorIf(len(instance_groups) > 1, self.EINSTANCESPLITGROUPS,
+        self._ErrorIf(len(instance_groups) > 1,
+                      constants.CV_EINSTANCESPLITGROUPS,
                        instance, "instance has primary and secondary nodes in"
                        " different groups: %s", utils.CommaJoin(pretty_list),
                        code=self.ETYPE_WARNING)
                        instance, "instance has primary and secondary nodes in"
                        " different groups: %s", utils.CommaJoin(pretty_list),
                        code=self.ETYPE_WARNING)
@@ -2384,33 +3546,42 @@ class LUClusterVerify(LogicalUnit):
  
        for snode in inst_config.secondary_nodes:
          s_img = node_image[snode]
  
        for snode in inst_config.secondary_nodes:
          s_img = node_image[snode]
-        _ErrorIf(s_img.rpc_fail and not s_img.offline, self.ENODERPC, snode,
-                 "instance %s, connection to secondary node failed", instance)
+        _ErrorIf(s_img.rpc_fail and not s_img.offline, constants.CV_ENODERPC,
+                 snode, "instance %s, connection to secondary node failed",
+                 instance)
  
          if s_img.offline:
            inst_nodes_offline.append(snode)
  
        # warn that the instance lives on offline nodes
  
          if s_img.offline:
            inst_nodes_offline.append(snode)
  
        # warn that the instance lives on offline nodes
-      _ErrorIf(inst_nodes_offline, self.EINSTANCEBADNODE, instance,
+      _ErrorIf(inst_nodes_offline, constants.CV_EINSTANCEBADNODE, instance,
                 "instance has offline secondary node(s) %s",
                 utils.CommaJoin(inst_nodes_offline))
        # ... or ghost/non-vm_capable nodes
        for node in inst_config.all_nodes:
                 "instance has offline secondary node(s) %s",
                 utils.CommaJoin(inst_nodes_offline))
        # ... or ghost/non-vm_capable nodes
        for node in inst_config.all_nodes:
-        _ErrorIf(node_image[node].ghost, self.EINSTANCEBADNODE, instance,
-                 "instance lives on ghost node %s", node)
-        _ErrorIf(not node_image[node].vm_capable, self.EINSTANCEBADNODE,
+        _ErrorIf(node_image[node].ghost, constants.CV_EINSTANCEBADNODE,
+                 instance, "instance lives on ghost node %s", node)
+        _ErrorIf(not node_image[node].vm_capable, constants.CV_EINSTANCEBADNODE,
                   instance, "instance lives on non-vm_capable node %s", node)
  
      feedback_fn("* Verifying orphan volumes")
      reserved = utils.FieldSet(*cluster.reserved_lvs)
                   instance, "instance lives on non-vm_capable node %s", node)
  
      feedback_fn("* Verifying orphan volumes")
      reserved = utils.FieldSet(*cluster.reserved_lvs)
-    self._VerifyOrphanVolumes(node_vol_should, node_image, reserved)
  
  
-    feedback_fn("* Verifying orphan instances")
-    self._VerifyOrphanInstances(instancelist, node_image)
+    # We will get spurious "unknown volume" warnings if any node of this group
+    # is secondary for an instance whose primary is in another group. To avoid
+    # them, we find these instances and add their volumes to node_vol_should.
+    for inst in self.all_inst_info.values():
+      for secondary in inst.secondary_nodes:
+        if (secondary in self.my_node_info
+            and inst.name not in self.my_inst_info):
+          inst.MapLVsByNode(node_vol_should)
+          break
+
+    self._VerifyOrphanVolumes(node_vol_should, node_image, reserved)
  
      if constants.VERIFY_NPLUSONE_MEM not in self.op.skip_checks:
        feedback_fn("* Verifying N+1 Memory redundancy")
  
      if constants.VERIFY_NPLUSONE_MEM not in self.op.skip_checks:
        feedback_fn("* Verifying N+1 Memory redundancy")
-      self._VerifyNPlusOneMemory(node_image, instanceinfo)
+      self._VerifyNPlusOneMemory(node_image, self.my_inst_info)
  
      feedback_fn("* Other Notes")
      if i_non_redundant:
  
      feedback_fn("* Other Notes")
      if i_non_redundant:
@@ -2421,6 +3592,9 @@ class LUClusterVerify(LogicalUnit):
        feedback_fn("  - NOTICE: %d non-auto-balanced instance(s) found."
                    % len(i_non_a_balanced))
  
        feedback_fn("  - NOTICE: %d non-auto-balanced instance(s) found."
                    % len(i_non_a_balanced))
  
+    if i_offline:
+      feedback_fn("  - NOTICE: %d offline instance(s) found." % i_offline)
+
      if n_offline:
        feedback_fn("  - NOTICE: %d offline node(s) found." % n_offline)
  
      if n_offline:
        feedback_fn("  - NOTICE: %d offline node(s) found." % n_offline)
  
@@ -2444,9 +3618,12 @@ class LUClusterVerify(LogicalUnit):
          and hook results
  
      """
          and hook results
  
      """
-    # We only really run POST phase hooks, and are only interested in
-    # their results
-    if phase == constants.HOOKS_PHASE_POST:
+    # We only really run POST phase hooks, only for non-empty groups,
+    # and are only interested in their results
+    if not self.my_node_names:
+      # empty node group
+      pass
+    elif phase == constants.HOOKS_PHASE_POST:
        # Used to change hooks' output to proper indentation
        feedback_fn("* Hooks Results")
        assert hooks_results, "invalid result from hooks"
        # Used to change hooks' output to proper indentation
        feedback_fn("* Hooks Results")
        assert hooks_results, "invalid result from hooks"
@@ -2455,24 +3632,22 @@ class LUClusterVerify(LogicalUnit):
          res = hooks_results[node_name]
          msg = res.fail_msg
          test = msg and not res.offline
          res = hooks_results[node_name]
          msg = res.fail_msg
          test = msg and not res.offline
-        self._ErrorIf(test, self.ENODEHOOKS, node_name,
+        self._ErrorIf(test, constants.CV_ENODEHOOKS, node_name,
                        "Communication failure in hooks execution: %s", msg)
          if res.offline or msg:
                        "Communication failure in hooks execution: %s", msg)
          if res.offline or msg:
-          # No need to investigate payload if node is offline or gave an error.
-          # override manually lu_result here as _ErrorIf only
-          # overrides self.bad
-          lu_result = 1
+          # No need to investigate payload if node is offline or gave
+          # an error.
            continue
          for script, hkr, output in res.payload:
            test = hkr == constants.HKR_FAIL
            continue
          for script, hkr, output in res.payload:
            test = hkr == constants.HKR_FAIL
-          self._ErrorIf(test, self.ENODEHOOKS, node_name,
+          self._ErrorIf(test, constants.CV_ENODEHOOKS, node_name,
                          "Script %s failed, output:", script)
            if test:
                          "Script %s failed, output:", script)
            if test:
-            output = self._HOOKS_INDENT_RE.sub('      ', output)
+            output = self._HOOKS_INDENT_RE.sub("      ", output)
              feedback_fn("%s" % output)
              feedback_fn("%s" % output)
-            lu_result = 0
+            lu_result = False
  
  
-      return lu_result
+    return lu_result
  
  
  class LUClusterVerifyDisks(NoHooksLU):
  
  
  class LUClusterVerifyDisks(NoHooksLU):
@@ -2482,11 +3657,90 @@ class LUClusterVerifyDisks(NoHooksLU):
    REQ_BGL = False
  
    def ExpandNames(self):
    REQ_BGL = False
  
    def ExpandNames(self):
+    self.share_locks = _ShareAll()
      self.needed_locks = {
      self.needed_locks = {
-      locking.LEVEL_NODE: locking.ALL_SET,
-      locking.LEVEL_INSTANCE: locking.ALL_SET,
-    }
-    self.share_locks = dict.fromkeys(locking.LEVELS, 1)
+      locking.LEVEL_NODEGROUP: locking.ALL_SET,
+      }
+
+  def Exec(self, feedback_fn):
+    group_names = self.owned_locks(locking.LEVEL_NODEGROUP)
+
+    # Submit one instance of L{opcodes.OpGroupVerifyDisks} per node group
+    return ResultWithJobs([[opcodes.OpGroupVerifyDisks(group_name=group)]
+                           for group in group_names])
+
+
+class LUGroupVerifyDisks(NoHooksLU):
+  """Verifies the status of all disks in a node group.
+
+  """
+  REQ_BGL = False
+
+  def ExpandNames(self):
+    # Raises errors.OpPrereqError on its own if group can't be found
+    self.group_uuid = self.cfg.LookupNodeGroup(self.op.group_name)
+
+    self.share_locks = _ShareAll()
+    self.needed_locks = {
+      locking.LEVEL_INSTANCE: [],
+      locking.LEVEL_NODEGROUP: [],
+      locking.LEVEL_NODE: [],
+
+      # This opcode is acquires all node locks in a group. LUClusterVerifyDisks
+      # starts one instance of this opcode for every group, which means all
+      # nodes will be locked for a short amount of time, so it's better to
+      # acquire the node allocation lock as well.
+      locking.LEVEL_NODE_ALLOC: locking.ALL_SET,
+      }
+
+  def DeclareLocks(self, level):
+    if level == locking.LEVEL_INSTANCE:
+      assert not self.needed_locks[locking.LEVEL_INSTANCE]
+
+      # Lock instances optimistically, needs verification once node and group
+      # locks have been acquired
+      self.needed_locks[locking.LEVEL_INSTANCE] = \
+        self.cfg.GetNodeGroupInstances(self.group_uuid)
+
+    elif level == locking.LEVEL_NODEGROUP:
+      assert not self.needed_locks[locking.LEVEL_NODEGROUP]
+
+      self.needed_locks[locking.LEVEL_NODEGROUP] = \
+        set([self.group_uuid] +
+            # Lock all groups used by instances optimistically; this requires
+            # going via the node before it's locked, requiring verification
+            # later on
+            [group_uuid
+             for instance_name in self.owned_locks(locking.LEVEL_INSTANCE)
+             for group_uuid in self.cfg.GetInstanceNodeGroups(instance_name)])
+
+    elif level == locking.LEVEL_NODE:
+      # This will only lock the nodes in the group to be verified which contain
+      # actual instances
+      self.recalculate_locks[locking.LEVEL_NODE] = constants.LOCKS_APPEND
+      self._LockInstancesNodes()
+
+      # Lock all nodes in group to be verified
+      assert self.group_uuid in self.owned_locks(locking.LEVEL_NODEGROUP)
+      member_nodes = self.cfg.GetNodeGroup(self.group_uuid).members
+      self.needed_locks[locking.LEVEL_NODE].extend(member_nodes)
+
+  def CheckPrereq(self):
+    owned_instances = frozenset(self.owned_locks(locking.LEVEL_INSTANCE))
+    owned_groups = frozenset(self.owned_locks(locking.LEVEL_NODEGROUP))
+    owned_nodes = frozenset(self.owned_locks(locking.LEVEL_NODE))
+
+    assert self.group_uuid in owned_groups
+
+    # Check if locked instances are still correct
+    _CheckNodeGroupInstances(self.cfg, self.group_uuid, owned_instances)
+
+    # Get instance information
+    self.instances = dict(self.cfg.GetMultiInstanceInfo(owned_instances))
+
+    # Check if node groups for locked instances are still correct
+    _CheckInstancesNodeGroups(self.cfg, self.instances,
+                              owned_groups, owned_nodes, self.group_uuid)
  
    def Exec(self, feedback_fn):
      """Verify integrity of cluster disks.
  
    def Exec(self, feedback_fn):
      """Verify integrity of cluster disks.
@@ -2497,50 +3751,41 @@ class LUClusterVerifyDisks(NoHooksLU):
          missing volumes
  
      """
          missing volumes
  
      """
-    result = res_nodes, res_instances, res_missing = {}, [], {}
+    res_nodes = {}
+    res_instances = set()
+    res_missing = {}
  
  
-    nodes = utils.NiceSort(self.cfg.GetVmCapableNodeList())
-    instances = self.cfg.GetAllInstancesInfo().values()
+    nv_dict = _MapInstanceDisksToNodes(
+      [inst for inst in self.instances.values()
+       if inst.admin_state == constants.ADMINST_UP])
  
  
-    nv_dict = {}
-    for inst in instances:
-      inst_lvs = {}
-      if not inst.admin_up:
-        continue
-      inst.MapLVsByNode(inst_lvs)
-      # transform { iname: {node: [vol,],},} to {(node, vol): iname}
-      for node, vol_list in inst_lvs.iteritems():
-        for vol in vol_list:
-          nv_dict[(node, vol)] = inst
-
-    if not nv_dict:
-      return result
-
-    node_lvs = self.rpc.call_lv_list(nodes, [])
-    for node, node_res in node_lvs.items():
-      if node_res.offline:
-        continue
-      msg = node_res.fail_msg
-      if msg:
-        logging.warning("Error enumerating LVs on node %s: %s", node, msg)
-        res_nodes[node] = msg
-        continue
+    if nv_dict:
+      nodes = utils.NiceSort(set(self.owned_locks(locking.LEVEL_NODE)) &
+                             set(self.cfg.GetVmCapableNodeList()))
  
  
-      lvs = node_res.payload
-      for lv_name, (_, _, lv_online) in lvs.items():
-        inst = nv_dict.pop((node, lv_name), None)
-        if (not lv_online and inst is not None
-            and inst.name not in res_instances):
-          res_instances.append(inst.name)
+      node_lvs = self.rpc.call_lv_list(nodes, [])
  
  
-    # any leftover items in nv_dict are missing LVs, let's arrange the
-    # data better
-    for key, inst in nv_dict.iteritems():
-      if inst.name not in res_missing:
-        res_missing[inst.name] = []
-      res_missing[inst.name].append(key)
+      for (node, node_res) in node_lvs.items():
+        if node_res.offline:
+          continue
  
  
-    return result
+        msg = node_res.fail_msg
+        if msg:
+          logging.warning("Error enumerating LVs on node %s: %s", node, msg)
+          res_nodes[node] = msg
+          continue
+
+        for lv_name, (_, _, lv_online) in node_res.payload.items():
+          inst = nv_dict.pop((node, lv_name), None)
+          if not (lv_online or inst is None):
+            res_instances.add(inst)
+
+      # any leftover items in nv_dict are missing LVs, let's arrange the data
+      # better
+      for key, inst in nv_dict.iteritems():
+        res_missing.setdefault(inst, []).append(list(key))
+
+    return (res_nodes, list(res_instances), res_missing)
  
  
  class LUClusterRepairDiskSizes(NoHooksLU):
  
  
  class LUClusterRepairDiskSizes(NoHooksLU):
@@ -2551,26 +3796,33 @@ class LUClusterRepairDiskSizes(NoHooksLU):
  
    def ExpandNames(self):
      if self.op.instances:
  
    def ExpandNames(self):
      if self.op.instances:
-      self.wanted_names = []
-      for name in self.op.instances:
-        full_name = _ExpandInstanceName(self.cfg, name)
-        self.wanted_names.append(full_name)
+      self.wanted_names = _GetWantedInstances(self, self.op.instances)
+      # Not getting the node allocation lock as only a specific set of
+      # instances (and their nodes) is going to be acquired
        self.needed_locks = {
        self.needed_locks = {
-        locking.LEVEL_NODE: [],
+        locking.LEVEL_NODE_RES: [],
          locking.LEVEL_INSTANCE: self.wanted_names,
          }
          locking.LEVEL_INSTANCE: self.wanted_names,
          }
-      self.recalculate_locks[locking.LEVEL_NODE] = constants.LOCKS_REPLACE
+      self.recalculate_locks[locking.LEVEL_NODE_RES] = constants.LOCKS_REPLACE
      else:
        self.wanted_names = None
        self.needed_locks = {
      else:
        self.wanted_names = None
        self.needed_locks = {
-        locking.LEVEL_NODE: locking.ALL_SET,
+        locking.LEVEL_NODE_RES: locking.ALL_SET,
          locking.LEVEL_INSTANCE: locking.ALL_SET,
          locking.LEVEL_INSTANCE: locking.ALL_SET,
+
+        # This opcode is acquires the node locks for all instances
+        locking.LEVEL_NODE_ALLOC: locking.ALL_SET,
          }
          }
-    self.share_locks = dict(((i, 1) for i in locking.LEVELS))
+
+    self.share_locks = {
+      locking.LEVEL_NODE_RES: 1,
+      locking.LEVEL_INSTANCE: 0,
+      locking.LEVEL_NODE_ALLOC: 1,
+      }
  
    def DeclareLocks(self, level):
  
    def DeclareLocks(self, level):
-    if level == locking.LEVEL_NODE and self.wanted_names is not None:
-      self._LockInstancesNodes(primary_only=True)
+    if level == locking.LEVEL_NODE_RES and self.wanted_names is not None:
+      self._LockInstancesNodes(primary_only=True, level=level)
  
    def CheckPrereq(self):
      """Check prerequisites.
  
    def CheckPrereq(self):
      """Check prerequisites.
@@ -2579,10 +3831,10 @@ class LUClusterRepairDiskSizes(NoHooksLU):
  
      """
      if self.wanted_names is None:
  
      """
      if self.wanted_names is None:
-      self.wanted_names = self.acquired_locks[locking.LEVEL_INSTANCE]
+      self.wanted_names = self.owned_locks(locking.LEVEL_INSTANCE)
  
  
-    self.wanted_instances = [self.cfg.GetInstanceInfo(name) for name
-                             in self.wanted_names]
+    self.wanted_instances = \
+        map(compat.snd, self.cfg.GetMultiInstanceInfo(self.wanted_names))
  
    def _EnsureChildSizes(self, disk):
      """Ensure children of the disk have the needed disk size.
  
    def _EnsureChildSizes(self, disk):
      """Ensure children of the disk have the needed disk size.
@@ -2621,6 +3873,11 @@ class LUClusterRepairDiskSizes(NoHooksLU):
        for idx, disk in enumerate(instance.disks):
          per_node_disks[pnode].append((instance, idx, disk))
  
        for idx, disk in enumerate(instance.disks):
          per_node_disks[pnode].append((instance, idx, disk))
  
+    assert not (frozenset(per_node_disks.keys()) -
+                self.owned_locks(locking.LEVEL_NODE_RES)), \
+      "Not owning correct locks"
+    assert not self.owned_locks(locking.LEVEL_NODE)
+
      changed = []
      for node, dskl in per_node_disks.items():
        newl = [v[2].Copy() for v in dskl]
      changed = []
      for node, dskl in per_node_disks.items():
        newl = [v[2].Copy() for v in dskl]
@@ -2671,13 +3928,16 @@ class LUClusterRename(LogicalUnit):
      """Build hooks env.
  
      """
      """Build hooks env.
  
      """
-    env = {
+    return {
        "OP_TARGET": self.cfg.GetClusterName(),
        "NEW_NAME": self.op.name,
        }
        "OP_TARGET": self.cfg.GetClusterName(),
        "NEW_NAME": self.op.name,
        }
-    mn = self.cfg.GetMasterNode()
-    all_nodes = self.cfg.GetNodeList()
-    return env, [mn], all_nodes
+
+  def BuildHooksNodes(self):
+    """Build hooks nodes.
+
+    """
+    return ([self.cfg.GetMasterNode()], self.cfg.GetNodeList())
  
    def CheckPrereq(self):
      """Verify that the passed name is a valid one.
  
    def CheckPrereq(self):
      """Verify that the passed name is a valid one.
@@ -2707,29 +3967,33 @@ class LUClusterRename(LogicalUnit):
  
      """
      clustername = self.op.name
  
      """
      clustername = self.op.name
-    ip = self.ip
+    new_ip = self.ip
  
      # shutdown the master IP
  
      # shutdown the master IP
-    master = self.cfg.GetMasterNode()
-    result = self.rpc.call_node_stop_master(master, False)
+    master_params = self.cfg.GetMasterNetworkParameters()
+    ems = self.cfg.GetUseExternalMipScript()
+    result = self.rpc.call_node_deactivate_master_ip(master_params.name,
+                                                     master_params, ems)
      result.Raise("Could not disable the master role")
  
      try:
        cluster = self.cfg.GetClusterInfo()
        cluster.cluster_name = clustername
      result.Raise("Could not disable the master role")
  
      try:
        cluster = self.cfg.GetClusterInfo()
        cluster.cluster_name = clustername
-      cluster.master_ip = ip
+      cluster.master_ip = new_ip
        self.cfg.Update(cluster, feedback_fn)
  
        # update the known hosts file
        self.cfg.Update(cluster, feedback_fn)
  
        # update the known hosts file
-      ssh.WriteKnownHostsFile(self.cfg, constants.SSH_KNOWN_HOSTS_FILE)
+      ssh.WriteKnownHostsFile(self.cfg, pathutils.SSH_KNOWN_HOSTS_FILE)
        node_list = self.cfg.GetOnlineNodeList()
        try:
        node_list = self.cfg.GetOnlineNodeList()
        try:
-        node_list.remove(master)
+        node_list.remove(master_params.name)
        except ValueError:
          pass
        except ValueError:
          pass
-      _UploadHelper(self, node_list, constants.SSH_KNOWN_HOSTS_FILE)
+      _UploadHelper(self, node_list, pathutils.SSH_KNOWN_HOSTS_FILE)
      finally:
      finally:
-      result = self.rpc.call_node_start_master(master, False, False)
+      master_params.ip = new_ip
+      result = self.rpc.call_node_activate_master_ip(master_params.name,
+                                                     master_params, ems)
        msg = result.fail_msg
        if msg:
          self.LogWarning("Could not re-enable the master role on"
        msg = result.fail_msg
        if msg:
          self.LogWarning("Could not re-enable the master role on"
@@ -2738,6 +4002,27 @@ class LUClusterRename(LogicalUnit):
      return clustername
  
  
      return clustername
  
  
+def _ValidateNetmask(cfg, netmask):
+  """Checks if a netmask is valid.
+
+  @type cfg: L{config.ConfigWriter}
+  @param cfg: The cluster configuration
+  @type netmask: int
+  @param netmask: the netmask to be verified
+  @raise errors.OpPrereqError: if the validation fails
+
+  """
+  ip_family = cfg.GetPrimaryIPFamily()
+  try:
+    ipcls = netutils.IPAddress.GetClassFromIpFamily(ip_family)
+  except errors.ProgrammerError:
+    raise errors.OpPrereqError("Invalid primary ip family: %s." %
+                               ip_family, errors.ECODE_INVAL)
+  if not ipcls.ValidateNetmask(netmask):
+    raise errors.OpPrereqError("CIDR netmask (%s) not valid" %
+                                (netmask), errors.ECODE_INVAL)
+
+
  class LUClusterSetParams(LogicalUnit):
    """Change the parameters of the cluster.
  
  class LUClusterSetParams(LogicalUnit):
    """Change the parameters of the cluster.
  
@@ -2759,24 +4044,46 @@ class LUClusterSetParams(LogicalUnit):
      if self.op.remove_uids:
        uidpool.CheckUidPool(self.op.remove_uids)
  
      if self.op.remove_uids:
        uidpool.CheckUidPool(self.op.remove_uids)
  
+    if self.op.master_netmask is not None:
+      _ValidateNetmask(self.cfg, self.op.master_netmask)
+
+    if self.op.diskparams:
+      for dt_params in self.op.diskparams.values():
+        utils.ForceDictType(dt_params, constants.DISK_DT_TYPES)
+      try:
+        utils.VerifyDictOptions(self.op.diskparams, constants.DISK_DT_DEFAULTS)
+      except errors.OpPrereqError, err:
+        raise errors.OpPrereqError("While verify diskparams options: %s" % err,
+                                   errors.ECODE_INVAL)
+
    def ExpandNames(self):
      # FIXME: in the future maybe other cluster params won't require checking on
      # all nodes to be modified.
    def ExpandNames(self):
      # FIXME: in the future maybe other cluster params won't require checking on
      # all nodes to be modified.
+    # FIXME: This opcode changes cluster-wide settings. Is acquiring all
+    # resource locks the right thing, shouldn't it be the BGL instead?
      self.needed_locks = {
        locking.LEVEL_NODE: locking.ALL_SET,
      self.needed_locks = {
        locking.LEVEL_NODE: locking.ALL_SET,
+      locking.LEVEL_INSTANCE: locking.ALL_SET,
+      locking.LEVEL_NODEGROUP: locking.ALL_SET,
+      locking.LEVEL_NODE_ALLOC: locking.ALL_SET,
      }
      }
-    self.share_locks[locking.LEVEL_NODE] = 1
+    self.share_locks = _ShareAll()
  
    def BuildHooksEnv(self):
      """Build hooks env.
  
      """
  
    def BuildHooksEnv(self):
      """Build hooks env.
  
      """
-    env = {
+    return {
        "OP_TARGET": self.cfg.GetClusterName(),
        "NEW_VG_NAME": self.op.vg_name,
        }
        "OP_TARGET": self.cfg.GetClusterName(),
        "NEW_VG_NAME": self.op.vg_name,
        }
+
+  def BuildHooksNodes(self):
+    """Build hooks nodes.
+
+    """
      mn = self.cfg.GetMasterNode()
      mn = self.cfg.GetMasterNode()
-    return env, [mn], [mn]
+    return ([mn], [mn])
  
    def CheckPrereq(self):
      """Check prerequisites.
  
    def CheckPrereq(self):
      """Check prerequisites.
@@ -2796,7 +4103,7 @@ class LUClusterSetParams(LogicalUnit):
                                     " drbd-based instances exist",
                                     errors.ECODE_INVAL)
  
                                     " drbd-based instances exist",
                                     errors.ECODE_INVAL)
  
-    node_list = self.acquired_locks[locking.LEVEL_NODE]
+    node_list = self.owned_locks(locking.LEVEL_NODE)
  
      # if vg_name not None, checks given volume group on all nodes
      if self.op.vg_name:
  
      # if vg_name not None, checks given volume group on all nodes
      if self.op.vg_name:
@@ -2818,8 +4125,7 @@ class LUClusterSetParams(LogicalUnit):
      if self.op.drbd_helper:
        # checks given drbd helper on all nodes
        helpers = self.rpc.call_drbd_helper(node_list)
      if self.op.drbd_helper:
        # checks given drbd helper on all nodes
        helpers = self.rpc.call_drbd_helper(node_list)
-      for node in node_list:
-        ninfo = self.cfg.GetNodeInfo(node)
+      for (node, ninfo) in self.cfg.GetMultiNodeInfo(node_list):
          if ninfo.offline:
            self.LogInfo("Not checking drbd helper on offline node %s", node)
            continue
          if ninfo.offline:
            self.LogInfo("Not checking drbd helper on offline node %s", node)
            continue
@@ -2836,6 +4142,7 @@ class LUClusterSetParams(LogicalUnit):
      self.cluster = cluster = self.cfg.GetClusterInfo()
      # validate params changes
      if self.op.beparams:
      self.cluster = cluster = self.cfg.GetClusterInfo()
      # validate params changes
      if self.op.beparams:
+      objects.UpgradeBeParams(self.op.beparams)
        utils.ForceDictType(self.op.beparams, constants.BES_PARAMETER_TYPES)
        self.new_beparams = cluster.SimpleFillBE(self.op.beparams)
  
        utils.ForceDictType(self.op.beparams, constants.BES_PARAMETER_TYPES)
        self.new_beparams = cluster.SimpleFillBE(self.op.beparams)
  
@@ -2849,6 +4156,42 @@ class LUClusterSetParams(LogicalUnit):
          self.new_ndparams["oob_program"] = \
              constants.NDC_DEFAULTS[constants.ND_OOB_PROGRAM]
  
          self.new_ndparams["oob_program"] = \
              constants.NDC_DEFAULTS[constants.ND_OOB_PROGRAM]
  
+    if self.op.hv_state:
+      new_hv_state = _MergeAndVerifyHvState(self.op.hv_state,
+                                            self.cluster.hv_state_static)
+      self.new_hv_state = dict((hv, cluster.SimpleFillHvState(values))
+                               for hv, values in new_hv_state.items())
+
+    if self.op.disk_state:
+      new_disk_state = _MergeAndVerifyDiskState(self.op.disk_state,
+                                                self.cluster.disk_state_static)
+      self.new_disk_state = \
+        dict((storage, dict((name, cluster.SimpleFillDiskState(values))
+                            for name, values in svalues.items()))
+             for storage, svalues in new_disk_state.items())
+
+    if self.op.ipolicy:
+      self.new_ipolicy = _GetUpdatedIPolicy(cluster.ipolicy, self.op.ipolicy,
+                                            group_policy=False)
+
+      all_instances = self.cfg.GetAllInstancesInfo().values()
+      violations = set()
+      for group in self.cfg.GetAllNodeGroupsInfo().values():
+        instances = frozenset([inst for inst in all_instances
+                               if compat.any(node in group.members
+                                             for node in inst.all_nodes)])
+        new_ipolicy = objects.FillIPolicy(self.new_ipolicy, group.ipolicy)
+        ipol = ganeti.masterd.instance.CalculateGroupIPolicy(cluster, group)
+        new = _ComputeNewInstanceViolations(ipol,
+                                            new_ipolicy, instances)
+        if new:
+          violations.update(new)
+
+      if violations:
+        self.LogWarning("After the ipolicy change the following instances"
+                        " violate them: %s",
+                        utils.CommaJoin(utils.NiceSort(violations)))
+
      if self.op.nicparams:
        utils.ForceDictType(self.op.nicparams, constants.NICS_PARAMETER_TYPES)
        self.new_nicparams = cluster.SimpleFillNIC(self.op.nicparams)
      if self.op.nicparams:
        utils.ForceDictType(self.op.nicparams, constants.NICS_PARAMETER_TYPES)
        self.new_nicparams = cluster.SimpleFillNIC(self.op.nicparams)
@@ -2875,7 +4218,7 @@ class LUClusterSetParams(LogicalUnit):
                                " address" % (instance.name, nic_idx))
        if nic_errors:
          raise errors.OpPrereqError("Cannot apply the change, errors:\n%s" %
                                " address" % (instance.name, nic_idx))
        if nic_errors:
          raise errors.OpPrereqError("Cannot apply the change, errors:\n%s" %
-                                   "\n".join(nic_errors))
+                                   "\n".join(nic_errors), errors.ECODE_INVAL)
  
      # hypervisor list/parameters
      self.new_hvparams = new_hvp = objects.FillDict(cluster.hvparams, {})
  
      # hypervisor list/parameters
      self.new_hvparams = new_hvp = objects.FillDict(cluster.hvparams, {})
@@ -2886,6 +4229,15 @@ class LUClusterSetParams(LogicalUnit):
          else:
            self.new_hvparams[hv_name].update(hv_dict)
  
          else:
            self.new_hvparams[hv_name].update(hv_dict)
  
+    # disk template parameters
+    self.new_diskparams = objects.FillDict(cluster.diskparams, {})
+    if self.op.diskparams:
+      for dt_name, dt_params in self.op.diskparams.items():
+        if dt_name not in self.op.diskparams:
+          self.new_diskparams[dt_name] = dt_params
+        else:
+          self.new_diskparams[dt_name].update(dt_params)
+
      # os hypervisor parameters
      self.new_os_hvp = objects.FillDict(cluster.os_hvp, {})
      if self.op.os_hvp:
      # os hypervisor parameters
      self.new_os_hvp = objects.FillDict(cluster.os_hvp, {})
      if self.op.os_hvp:
@@ -3000,10 +4352,18 @@ class LUClusterSetParams(LogicalUnit):
        self.cluster.beparams[constants.PP_DEFAULT] = self.new_beparams
      if self.op.nicparams:
        self.cluster.nicparams[constants.PP_DEFAULT] = self.new_nicparams
        self.cluster.beparams[constants.PP_DEFAULT] = self.new_beparams
      if self.op.nicparams:
        self.cluster.nicparams[constants.PP_DEFAULT] = self.new_nicparams
+    if self.op.ipolicy:
+      self.cluster.ipolicy = self.new_ipolicy
      if self.op.osparams:
        self.cluster.osparams = self.new_osp
      if self.op.ndparams:
        self.cluster.ndparams = self.new_ndparams
      if self.op.osparams:
        self.cluster.osparams = self.new_osp
      if self.op.ndparams:
        self.cluster.ndparams = self.new_ndparams
+    if self.op.diskparams:
+      self.cluster.diskparams = self.new_diskparams
+    if self.op.hv_state:
+      self.cluster.hv_state_static = self.new_hv_state
+    if self.op.disk_state:
+      self.cluster.disk_state_static = self.new_disk_state
  
      if self.op.candidate_pool_size is not None:
        self.cluster.candidate_pool_size = self.op.candidate_pool_size
  
      if self.op.candidate_pool_size is not None:
        self.cluster.candidate_pool_size = self.op.candidate_pool_size
@@ -3011,6 +4371,9 @@ class LUClusterSetParams(LogicalUnit):
        _AdjustCandidatePool(self, [])
  
      if self.op.maintain_node_health is not None:
        _AdjustCandidatePool(self, [])
  
      if self.op.maintain_node_health is not None:
+      if self.op.maintain_node_health and not constants.ENABLE_CONFD:
+        feedback_fn("Note: CONFD was disabled at build time, node health"
+                    " maintenance is not useful (still enabling it)")
        self.cluster.maintain_node_health = self.op.maintain_node_health
  
      if self.op.prealloc_wipe_disks is not None:
        self.cluster.maintain_node_health = self.op.maintain_node_health
  
      if self.op.prealloc_wipe_disks is not None:
@@ -3031,6 +4394,9 @@ class LUClusterSetParams(LogicalUnit):
      if self.op.reserved_lvs is not None:
        self.cluster.reserved_lvs = self.op.reserved_lvs
  
      if self.op.reserved_lvs is not None:
        self.cluster.reserved_lvs = self.op.reserved_lvs
  
+    if self.op.use_external_mip_script is not None:
+      self.cluster.use_external_mip_script = self.op.use_external_mip_script
+
      def helper_os(aname, mods, desc):
        desc += " OS list"
        lst = getattr(self.cluster, aname)
      def helper_os(aname, mods, desc):
        desc += " OS list"
        lst = getattr(self.cluster, aname)
@@ -3055,21 +4421,40 @@ class LUClusterSetParams(LogicalUnit):
        helper_os("blacklisted_os", self.op.blacklisted_os, "blacklisted")
  
      if self.op.master_netdev:
        helper_os("blacklisted_os", self.op.blacklisted_os, "blacklisted")
  
      if self.op.master_netdev:
-      master = self.cfg.GetMasterNode()
+      master_params = self.cfg.GetMasterNetworkParameters()
+      ems = self.cfg.GetUseExternalMipScript()
        feedback_fn("Shutting down master ip on the current netdev (%s)" %
                    self.cluster.master_netdev)
        feedback_fn("Shutting down master ip on the current netdev (%s)" %
                    self.cluster.master_netdev)
-      result = self.rpc.call_node_stop_master(master, False)
+      result = self.rpc.call_node_deactivate_master_ip(master_params.name,
+                                                       master_params, ems)
        result.Raise("Could not disable the master ip")
        feedback_fn("Changing master_netdev from %s to %s" %
        result.Raise("Could not disable the master ip")
        feedback_fn("Changing master_netdev from %s to %s" %
-                  (self.cluster.master_netdev, self.op.master_netdev))
+                  (master_params.netdev, self.op.master_netdev))
        self.cluster.master_netdev = self.op.master_netdev
  
        self.cluster.master_netdev = self.op.master_netdev
  
+    if self.op.master_netmask:
+      master_params = self.cfg.GetMasterNetworkParameters()
+      feedback_fn("Changing master IP netmask to %s" % self.op.master_netmask)
+      result = self.rpc.call_node_change_master_netmask(master_params.name,
+                                                        master_params.netmask,
+                                                        self.op.master_netmask,
+                                                        master_params.ip,
+                                                        master_params.netdev)
+      if result.fail_msg:
+        msg = "Could not change the master IP netmask: %s" % result.fail_msg
+        feedback_fn(msg)
+
+      self.cluster.master_netmask = self.op.master_netmask
+
      self.cfg.Update(self.cluster, feedback_fn)
  
      if self.op.master_netdev:
      self.cfg.Update(self.cluster, feedback_fn)
  
      if self.op.master_netdev:
+      master_params = self.cfg.GetMasterNetworkParameters()
        feedback_fn("Starting the master ip on the new master netdev (%s)" %
                    self.op.master_netdev)
        feedback_fn("Starting the master ip on the new master netdev (%s)" %
                    self.op.master_netdev)
-      result = self.rpc.call_node_start_master(master, False, False)
+      ems = self.cfg.GetUseExternalMipScript()
+      result = self.rpc.call_node_activate_master_ip(master_params.name,
+                                                     master_params, ems)
        if result.fail_msg:
          self.LogWarning("Could not re-enable the master ip on"
                          " the master, please restart manually: %s",
        if result.fail_msg:
          self.LogWarning("Could not re-enable the master ip on"
                          " the master, please restart manually: %s",
@@ -3087,7 +4472,84 @@ def _UploadHelper(lu, nodes, fname):
        if msg:
          msg = ("Copy of file %s to node %s failed: %s" %
                 (fname, to_node, msg))
        if msg:
          msg = ("Copy of file %s to node %s failed: %s" %
                 (fname, to_node, msg))
-        lu.proc.LogWarning(msg)
+        lu.LogWarning(msg)
+
+
+def _ComputeAncillaryFiles(cluster, redist):
+  """Compute files external to Ganeti which need to be consistent.
+
+  @type redist: boolean
+  @param redist: Whether to include files which need to be redistributed
+
+  """
+  # Compute files for all nodes
+  files_all = set([
+    pathutils.SSH_KNOWN_HOSTS_FILE,
+    pathutils.CONFD_HMAC_KEY,
+    pathutils.CLUSTER_DOMAIN_SECRET_FILE,
+    pathutils.SPICE_CERT_FILE,
+    pathutils.SPICE_CACERT_FILE,
+    pathutils.RAPI_USERS_FILE,
+    ])
+
+  if redist:
+    # we need to ship at least the RAPI certificate
+    files_all.add(pathutils.RAPI_CERT_FILE)
+  else:
+    files_all.update(pathutils.ALL_CERT_FILES)
+    files_all.update(ssconf.SimpleStore().GetFileList())
+
+  if cluster.modify_etc_hosts:
+    files_all.add(pathutils.ETC_HOSTS)
+
+  if cluster.use_external_mip_script:
+    files_all.add(pathutils.EXTERNAL_MASTER_SETUP_SCRIPT)
+
+  # Files which are optional, these must:
+  # - be present in one other category as well
+  # - either exist or not exist on all nodes of that category (mc, vm all)
+  files_opt = set([
+    pathutils.RAPI_USERS_FILE,
+    ])
+
+  # Files which should only be on master candidates
+  files_mc = set()
+
+  if not redist:
+    files_mc.add(pathutils.CLUSTER_CONF_FILE)
+
+  # File storage
+  if (not redist and
+      (constants.ENABLE_FILE_STORAGE or constants.ENABLE_SHARED_FILE_STORAGE)):
+    files_all.add(pathutils.FILE_STORAGE_PATHS_FILE)
+    files_opt.add(pathutils.FILE_STORAGE_PATHS_FILE)
+
+  # Files which should only be on VM-capable nodes
+  files_vm = set(
+    filename
+    for hv_name in cluster.enabled_hypervisors
+    for filename in hypervisor.GetHypervisor(hv_name).GetAncillaryFiles()[0])
+
+  files_opt |= set(
+    filename
+    for hv_name in cluster.enabled_hypervisors
+    for filename in hypervisor.GetHypervisor(hv_name).GetAncillaryFiles()[1])
+
+  # Filenames in each category must be unique
+  all_files_set = files_all | files_mc | files_vm
+  assert (len(all_files_set) ==
+          sum(map(len, [files_all, files_mc, files_vm]))), \
+         "Found file listed in more than one file list"
+
+  # Optional files must be present in one other category
+  assert all_files_set.issuperset(files_opt), \
+         "Optional file not in a different required list"
+
+  # This one file should never ever be re-distributed via RPC
+  assert not (redist and
+              pathutils.FILE_STORAGE_PATHS_FILE in all_files_set)
+
+  return (files_all, files_opt, files_mc, files_vm)
  
  
  def _RedistributeAncillaryFiles(lu, additional_nodes=None, additional_vm=True):
  
  
  def _RedistributeAncillaryFiles(lu, additional_nodes=None, additional_vm=True):
@@ -3103,40 +4565,42 @@ def _RedistributeAncillaryFiles(lu, additional_nodes=None, additional_vm=True):
    @param additional_vm: whether the additional nodes are vm-capable or not
  
    """
    @param additional_vm: whether the additional nodes are vm-capable or not
  
    """
-  # 1. Gather target nodes
-  myself = lu.cfg.GetNodeInfo(lu.cfg.GetMasterNode())
-  dist_nodes = lu.cfg.GetOnlineNodeList()
-  nvm_nodes = lu.cfg.GetNonVmCapableNodeList()
-  vm_nodes = [name for name in dist_nodes if name not in nvm_nodes]
+  # Gather target nodes
+  cluster = lu.cfg.GetClusterInfo()
+  master_info = lu.cfg.GetNodeInfo(lu.cfg.GetMasterNode())
+
+  online_nodes = lu.cfg.GetOnlineNodeList()
+  online_set = frozenset(online_nodes)
+  vm_nodes = list(online_set.intersection(lu.cfg.GetVmCapableNodeList()))
+
    if additional_nodes is not None:
    if additional_nodes is not None:
-    dist_nodes.extend(additional_nodes)
+    online_nodes.extend(additional_nodes)
      if additional_vm:
        vm_nodes.extend(additional_nodes)
      if additional_vm:
        vm_nodes.extend(additional_nodes)
-  if myself.name in dist_nodes:
-    dist_nodes.remove(myself.name)
-  if myself.name in vm_nodes:
-    vm_nodes.remove(myself.name)
-
-  # 2. Gather files to distribute
-  dist_files = set([constants.ETC_HOSTS,
-                    constants.SSH_KNOWN_HOSTS_FILE,
-                    constants.RAPI_CERT_FILE,
-                    constants.RAPI_USERS_FILE,
-                    constants.CONFD_HMAC_KEY,
-                    constants.CLUSTER_DOMAIN_SECRET_FILE,
-                   ])
-
-  vm_files = set()
-  enabled_hypervisors = lu.cfg.GetClusterInfo().enabled_hypervisors
-  for hv_name in enabled_hypervisors:
-    hv_class = hypervisor.GetHypervisor(hv_name)
-    vm_files.update(hv_class.GetAncillaryFiles())
-
-  # 3. Perform the files upload
-  for fname in dist_files:
-    _UploadHelper(lu, dist_nodes, fname)
-  for fname in vm_files:
-    _UploadHelper(lu, vm_nodes, fname)
+
+  # Never distribute to master node
+  for nodelist in [online_nodes, vm_nodes]:
+    if master_info.name in nodelist:
+      nodelist.remove(master_info.name)
+
+  # Gather file lists
+  (files_all, _, files_mc, files_vm) = \
+    _ComputeAncillaryFiles(cluster, True)
+
+  # Never re-distribute configuration file from here
+  assert not (pathutils.CLUSTER_CONF_FILE in files_all or
+              pathutils.CLUSTER_CONF_FILE in files_vm)
+  assert not files_mc, "Master candidates not handled in this function"
+
+  filemap = [
+    (online_nodes, files_all),
+    (vm_nodes, files_vm),
+    ]
+
+  # Upload the files
+  for (node_list, files) in filemap:
+    for fname in files:
+      _UploadHelper(lu, node_list, fname)
  
  
  class LUClusterRedistConf(NoHooksLU):
  
  
  class LUClusterRedistConf(NoHooksLU):
@@ -3150,8 +4614,9 @@ class LUClusterRedistConf(NoHooksLU):
    def ExpandNames(self):
      self.needed_locks = {
        locking.LEVEL_NODE: locking.ALL_SET,
    def ExpandNames(self):
      self.needed_locks = {
        locking.LEVEL_NODE: locking.ALL_SET,
+      locking.LEVEL_NODE_ALLOC: locking.ALL_SET,
      }
      }
-    self.share_locks[locking.LEVEL_NODE] = 1
+    self.share_locks = _ShareAll()
  
    def Exec(self, feedback_fn):
      """Redistribute the configuration.
  
    def Exec(self, feedback_fn):
      """Redistribute the configuration.
@@ -3161,6 +4626,36 @@ class LUClusterRedistConf(NoHooksLU):
      _RedistributeAncillaryFiles(self)
  
  
      _RedistributeAncillaryFiles(self)
  
  
+class LUClusterActivateMasterIp(NoHooksLU):
+  """Activate the master IP on the master node.
+
+  """
+  def Exec(self, feedback_fn):
+    """Activate the master IP.
+
+    """
+    master_params = self.cfg.GetMasterNetworkParameters()
+    ems = self.cfg.GetUseExternalMipScript()
+    result = self.rpc.call_node_activate_master_ip(master_params.name,
+                                                   master_params, ems)
+    result.Raise("Could not activate the master IP")
+
+
+class LUClusterDeactivateMasterIp(NoHooksLU):
+  """Deactivate the master IP on the master node.
+
+  """
+  def Exec(self, feedback_fn):
+    """Deactivate the master IP.
+
+    """
+    master_params = self.cfg.GetMasterNetworkParameters()
+    ems = self.cfg.GetUseExternalMipScript()
+    result = self.rpc.call_node_deactivate_master_ip(master_params.name,
+                                                     master_params, ems)
+    result.Raise("Could not deactivate the master IP")
+
+
  def _WaitForSync(lu, instance, disks=None, oneshot=False):
    """Sleep and poll for an instance's disk to sync.
  
  def _WaitForSync(lu, instance, disks=None, oneshot=False):
    """Sleep and poll for an instance's disk to sync.
  
@@ -3171,7 +4666,7 @@ def _WaitForSync(lu, instance, disks=None, oneshot=False):
    disks = _ExpandCheckDisks(instance, disks)
  
    if not oneshot:
    disks = _ExpandCheckDisks(instance, disks)
  
    if not oneshot:
-    lu.proc.LogInfo("Waiting for instance %s to sync disks." % instance.name)
+    lu.LogInfo("Waiting for instance %s to sync disks", instance.name)
  
    node = instance.primary_node
  
  
    node = instance.primary_node
  
@@ -3186,7 +4681,7 @@ def _WaitForSync(lu, instance, disks=None, oneshot=False):
      max_time = 0
      done = True
      cumul_degraded = False
      max_time = 0
      done = True
      cumul_degraded = False
-    rstats = lu.rpc.call_blockdev_getmirrorstatus(node, disks)
+    rstats = lu.rpc.call_blockdev_getmirrorstatus(node, (disks, instance))
      msg = rstats.fail_msg
      if msg:
        lu.LogWarning("Can't get any data from node %s: %s", node, msg)
      msg = rstats.fail_msg
      if msg:
        lu.LogWarning("Can't get any data from node %s: %s", node, msg)
@@ -3214,8 +4709,8 @@ def _WaitForSync(lu, instance, disks=None, oneshot=False):
            max_time = mstat.estimated_time
          else:
            rem_time = "no time estimate"
            max_time = mstat.estimated_time
          else:
            rem_time = "no time estimate"
-        lu.proc.LogInfo("- device %s: %5.2f%% done, %s" %
-                        (disks[i].iv_name, mstat.sync_percent, rem_time))
+        lu.LogInfo("- device %s: %5.2f%% done, %s",
+                   disks[i].iv_name, mstat.sync_percent, rem_time)
  
      # if we're done but degraded, let's do a few small retries, to
      # make sure we see a stable and not transient situation; therefore
  
      # if we're done but degraded, let's do a few small retries, to
      # make sure we see a stable and not transient situation; therefore
@@ -3232,13 +4727,40 @@ def _WaitForSync(lu, instance, disks=None, oneshot=False):
      time.sleep(min(60, max_time))
  
    if done:
      time.sleep(min(60, max_time))
  
    if done:
-    lu.proc.LogInfo("Instance %s's disks are in sync." % instance.name)
+    lu.LogInfo("Instance %s's disks are in sync", instance.name)
+
    return not cumul_degraded
  
  
    return not cumul_degraded
  
  
-def _CheckDiskConsistency(lu, dev, node, on_primary, ldisk=False):
+def _BlockdevFind(lu, node, dev, instance):
+  """Wrapper around call_blockdev_find to annotate diskparams.
+
+  @param lu: A reference to the lu object
+  @param node: The node to call out
+  @param dev: The device to find
+  @param instance: The instance object the device belongs to
+  @returns The result of the rpc call
+
+  """
+  (disk,) = _AnnotateDiskParams(instance, [dev], lu.cfg)
+  return lu.rpc.call_blockdev_find(node, disk)
+
+
+def _CheckDiskConsistency(lu, instance, dev, node, on_primary, ldisk=False):
+  """Wrapper around L{_CheckDiskConsistencyInner}.
+
+  """
+  (disk,) = _AnnotateDiskParams(instance, [dev], lu.cfg)
+  return _CheckDiskConsistencyInner(lu, instance, disk, node, on_primary,
+                                    ldisk=ldisk)
+
+
+def _CheckDiskConsistencyInner(lu, instance, dev, node, on_primary,
+                               ldisk=False):
    """Check that mirrors are not degraded.
  
    """Check that mirrors are not degraded.
  
+  @attention: The device has to be annotated already.
+
    The ldisk parameter, if True, will change the test from the
    is_degraded attribute (which represents overall non-ok status for
    the device(s)) to the ldisk (representing the local storage status).
    The ldisk parameter, if True, will change the test from the
    is_degraded attribute (which represents overall non-ok status for
    the device(s)) to the ldisk (representing the local storage status).
@@ -3265,7 +4787,8 @@ def _CheckDiskConsistency(lu, dev, node, on_primary, ldisk=False):
  
    if dev.children:
      for child in dev.children:
  
    if dev.children:
      for child in dev.children:
-      result = result and _CheckDiskConsistency(lu, child, node, on_primary)
+      result = result and _CheckDiskConsistencyInner(lu, instance, child, node,
+                                                     on_primary)
  
    return result
  
  
    return result
  
@@ -3274,7 +4797,27 @@ class LUOobCommand(NoHooksLU):
    """Logical unit for OOB handling.
  
    """
    """Logical unit for OOB handling.
  
    """
-  REG_BGL = False
+  REQ_BGL = False
+  _SKIP_MASTER = (constants.OOB_POWER_OFF, constants.OOB_POWER_CYCLE)
+
+  def ExpandNames(self):
+    """Gather locks we need.
+
+    """
+    if self.op.node_names:
+      self.op.node_names = _GetWantedNodes(self, self.op.node_names)
+      lock_names = self.op.node_names
+    else:
+      lock_names = locking.ALL_SET
+
+    self.needed_locks = {
+      locking.LEVEL_NODE: lock_names,
+      }
+
+    if not self.op.node_names:
+      # Acquire node allocation lock only if all nodes are affected
+      self.needed_locks[locking.LEVEL_NODE_ALLOC] = locking.ALL_SET
+      self.share_locks[locking.LEVEL_NODE_ALLOC] = 1
  
    def CheckPrereq(self):
      """Check prerequisites.
  
    def CheckPrereq(self):
      """Check prerequisites.
@@ -3287,42 +4830,58 @@ class LUOobCommand(NoHooksLU):
  
      """
      self.nodes = []
  
      """
      self.nodes = []
-    for node_name in self.op.node_names:
-      node = self.cfg.GetNodeInfo(node_name)
+    self.master_node = self.cfg.GetMasterNode()
  
  
-      if node is None:
-        raise errors.OpPrereqError("Node %s not found" % node_name,
-                                   errors.ECODE_NOENT)
+    assert self.op.power_delay >= 0.0
+
+    if self.op.node_names:
+      if (self.op.command in self._SKIP_MASTER and
+          self.master_node in self.op.node_names):
+        master_node_obj = self.cfg.GetNodeInfo(self.master_node)
+        master_oob_handler = _SupportsOob(self.cfg, master_node_obj)
+
+        if master_oob_handler:
+          additional_text = ("run '%s %s %s' if you want to operate on the"
+                             " master regardless") % (master_oob_handler,
+                                                      self.op.command,
+                                                      self.master_node)
+        else:
+          additional_text = "it does not support out-of-band operations"
+
+        raise errors.OpPrereqError(("Operating on the master node %s is not"
+                                    " allowed for %s; %s") %
+                                   (self.master_node, self.op.command,
+                                    additional_text), errors.ECODE_INVAL)
+    else:
+      self.op.node_names = self.cfg.GetNodeList()
+      if self.op.command in self._SKIP_MASTER:
+        self.op.node_names.remove(self.master_node)
+
+    if self.op.command in self._SKIP_MASTER:
+      assert self.master_node not in self.op.node_names
+
+    for (node_name, node) in self.cfg.GetMultiNodeInfo(self.op.node_names):
+      if node is None:
+        raise errors.OpPrereqError("Node %s not found" % node_name,
+                                   errors.ECODE_NOENT)
        else:
          self.nodes.append(node)
  
        else:
          self.nodes.append(node)
  
-      if (self.op.command == constants.OOB_POWER_OFF and not node.offline):
+      if (not self.op.ignore_status and
+          (self.op.command == constants.OOB_POWER_OFF and not node.offline)):
          raise errors.OpPrereqError(("Cannot power off node %s because it is"
                                      " not marked offline") % node_name,
                                     errors.ECODE_STATE)
  
          raise errors.OpPrereqError(("Cannot power off node %s because it is"
                                      " not marked offline") % node_name,
                                     errors.ECODE_STATE)
  
-  def ExpandNames(self):
-    """Gather locks we need.
-
-    """
-    if self.op.node_names:
-      self.op.node_names = [_ExpandNodeName(self.cfg, name)
-                            for name in self.op.node_names]
-    else:
-      self.op.node_names = self.cfg.GetNodeList()
-
-    self.needed_locks = {
-      locking.LEVEL_NODE: self.op.node_names,
-      }
-
    def Exec(self, feedback_fn):
      """Execute OOB and return result if we expect any.
  
      """
    def Exec(self, feedback_fn):
      """Execute OOB and return result if we expect any.
  
      """
-    master_node = self.cfg.GetMasterNode()
+    master_node = self.master_node
      ret = []
  
      ret = []
  
-    for node in self.nodes:
+    for idx, node in enumerate(utils.NiceSort(self.nodes,
+                                              key=lambda node: node.name)):
        node_entry = [(constants.RS_NORMAL, node.name)]
        ret.append(node_entry)
  
        node_entry = [(constants.RS_NORMAL, node.name)]
        ret.append(node_entry)
  
@@ -3339,14 +4898,14 @@ class LUOobCommand(NoHooksLU):
                                       self.op.timeout)
  
        if result.fail_msg:
                                       self.op.timeout)
  
        if result.fail_msg:
-        self.LogWarning("On node '%s' out-of-band RPC failed with: %s",
+        self.LogWarning("Out-of-band RPC failed on node '%s': %s",
                          node.name, result.fail_msg)
          node_entry.append((constants.RS_NODATA, None))
        else:
          try:
            self._CheckPayload(result)
          except errors.OpExecError, err:
                          node.name, result.fail_msg)
          node_entry.append((constants.RS_NODATA, None))
        else:
          try:
            self._CheckPayload(result)
          except errors.OpExecError, err:
-          self.LogWarning("The payload returned by '%s' is not valid: %s",
+          self.LogWarning("Payload returned by node '%s' is not valid: %s",
                            node.name, err)
            node_entry.append((constants.RS_NODATA, None))
          else:
                            node.name, err)
            node_entry.append((constants.RS_NODATA, None))
          else:
@@ -3355,8 +4914,8 @@ class LUOobCommand(NoHooksLU):
              for item, status in result.payload:
                if status in [constants.OOB_STATUS_WARNING,
                              constants.OOB_STATUS_CRITICAL]:
              for item, status in result.payload:
                if status in [constants.OOB_STATUS_WARNING,
                              constants.OOB_STATUS_CRITICAL]:
-                self.LogWarning("On node '%s' item '%s' has status '%s'",
-                                node.name, item, status)
+                self.LogWarning("Item '%s' on node '%s' has status '%s'",
+                                item, node.name, status)
  
            if self.op.command == constants.OOB_POWER_ON:
              node.powered = True
  
            if self.op.command == constants.OOB_POWER_ON:
              node.powered = True
@@ -3376,6 +4935,10 @@ class LUOobCommand(NoHooksLU):
  
            node_entry.append((constants.RS_NORMAL, result.payload))
  
  
            node_entry.append((constants.RS_NORMAL, result.payload))
  
+          if (self.op.command == constants.OOB_POWER_ON and
+              idx < len(self.nodes) - 1):
+            time.sleep(self.op.power_delay)
+
      return ret
  
    def _CheckPayload(self, result):
      return ret
  
    def _CheckPayload(self, result):
@@ -3402,10 +4965,10 @@ class LUOobCommand(NoHooksLU):
                      type(result.payload))
  
      if self.op.command in [
                      type(result.payload))
  
      if self.op.command in [
-        constants.OOB_POWER_ON,
-        constants.OOB_POWER_OFF,
-        constants.OOB_POWER_CYCLE,
-        ]:
+      constants.OOB_POWER_ON,
+      constants.OOB_POWER_OFF,
+      constants.OOB_POWER_CYCLE,
+      ]:
        if result.payload is not None:
          errs.append("%s is expected to not return payload but got '%s'" %
                      (self.op.command, result.payload))
        if result.payload is not None:
          errs.append("%s is expected to not return payload but got '%s'" %
                      (self.op.command, result.payload))
@@ -3415,36 +4978,28 @@ class LUOobCommand(NoHooksLU):
                                 utils.CommaJoin(errs))
  
  
                                 utils.CommaJoin(errs))
  
  
+class _OsQuery(_QueryBase):
+  FIELDS = query.OS_FIELDS
  
  
-class LUOsDiagnose(NoHooksLU):
-  """Logical unit for OS diagnose/query.
-
-  """
-  REQ_BGL = False
-  _HID = "hidden"
-  _BLK = "blacklisted"
-  _VLD = "valid"
-  _FIELDS_STATIC = utils.FieldSet()
-  _FIELDS_DYNAMIC = utils.FieldSet("name", _VLD, "node_status", "variants",
-                                   "parameters", "api_versions", _HID, _BLK)
-
-  def CheckArguments(self):
-    if self.op.names:
-      raise errors.OpPrereqError("Selective OS query not supported",
-                                 errors.ECODE_INVAL)
-
-    _CheckOutputFields(static=self._FIELDS_STATIC,
-                       dynamic=self._FIELDS_DYNAMIC,
-                       selected=self.op.output_fields)
-
-  def ExpandNames(self):
-    # Lock all nodes, in shared mode
+  def ExpandNames(self, lu):
+    # Lock all nodes in shared mode
      # Temporary removal of locks, should be reverted later
      # TODO: reintroduce locks when they are lighter-weight
      # Temporary removal of locks, should be reverted later
      # TODO: reintroduce locks when they are lighter-weight
-    self.needed_locks = {}
+    lu.needed_locks = {}
      #self.share_locks[locking.LEVEL_NODE] = 1
      #self.needed_locks[locking.LEVEL_NODE] = locking.ALL_SET
  
      #self.share_locks[locking.LEVEL_NODE] = 1
      #self.needed_locks[locking.LEVEL_NODE] = locking.ALL_SET
  
+    # The following variables interact with _QueryBase._GetNames
+    if self.names:
+      self.wanted = self.names
+    else:
+      self.wanted = locking.ALL_SET
+
+    self.do_locking = self.use_locking
+
+  def DeclareLocks(self, lu, level):
+    pass
+
    @staticmethod
    def _DiagnoseByOS(rlist):
      """Remaps a per-node return list into an a per-os per-node dictionary
    @staticmethod
    def _DiagnoseByOS(rlist):
      """Remaps a per-node return list into an a per-os per-node dictionary
@@ -3485,71 +5040,103 @@ class LUOsDiagnose(NoHooksLU):
                                          variants, params, api_versions))
      return all_os
  
                                          variants, params, api_versions))
      return all_os
  
-  def Exec(self, feedback_fn):
-    """Compute the list of OSes.
+  def _GetQueryData(self, lu):
+    """Computes the list of nodes and their attributes.
  
      """
  
      """
+    # Locking is not used
+    assert not (compat.any(lu.glm.is_owned(level)
+                           for level in locking.LEVELS
+                           if level != locking.LEVEL_CLUSTER) or
+                self.do_locking or self.use_locking)
+
      valid_nodes = [node.name
      valid_nodes = [node.name
-                   for node in self.cfg.GetAllNodesInfo().values()
+                   for node in lu.cfg.GetAllNodesInfo().values()
                     if not node.offline and node.vm_capable]
                     if not node.offline and node.vm_capable]
-    node_data = self.rpc.call_os_diagnose(valid_nodes)
-    pol = self._DiagnoseByOS(node_data)
-    output = []
-    cluster = self.cfg.GetClusterInfo()
+    pol = self._DiagnoseByOS(lu.rpc.call_os_diagnose(valid_nodes))
+    cluster = lu.cfg.GetClusterInfo()
+
+    data = {}
+
+    for (os_name, os_data) in pol.items():
+      info = query.OsInfo(name=os_name, valid=True, node_status=os_data,
+                          hidden=(os_name in cluster.hidden_os),
+                          blacklisted=(os_name in cluster.blacklisted_os))
+
+      variants = set()
+      parameters = set()
+      api_versions = set()
  
  
-    for os_name in utils.NiceSort(pol.keys()):
-      os_data = pol[os_name]
-      row = []
-      valid = True
-      (variants, params, api_versions) = null_state = (set(), set(), set())
        for idx, osl in enumerate(os_data.values()):
        for idx, osl in enumerate(os_data.values()):
-        valid = bool(valid and osl and osl[0][1])
-        if not valid:
-          (variants, params, api_versions) = null_state
+        info.valid = bool(info.valid and osl and osl[0][1])
+        if not info.valid:
            break
            break
-        node_variants, node_params, node_api = osl[0][3:6]
-        if idx == 0: # first entry
-          variants = set(node_variants)
-          params = set(node_params)
-          api_versions = set(node_api)
-        else: # keep consistency
+
+        (node_variants, node_params, node_api) = osl[0][3:6]
+        if idx == 0:
+          # First entry
+          variants.update(node_variants)
+          parameters.update(node_params)
+          api_versions.update(node_api)
+        else:
+          # Filter out inconsistent values
            variants.intersection_update(node_variants)
            variants.intersection_update(node_variants)
-          params.intersection_update(node_params)
+          parameters.intersection_update(node_params)
            api_versions.intersection_update(node_api)
  
            api_versions.intersection_update(node_api)
  
-      is_hid = os_name in cluster.hidden_os
-      is_blk = os_name in cluster.blacklisted_os
-      if ((self._HID not in self.op.output_fields and is_hid) or
-          (self._BLK not in self.op.output_fields and is_blk) or
-          (self._VLD not in self.op.output_fields and not valid)):
-        continue
+      info.variants = list(variants)
+      info.parameters = list(parameters)
+      info.api_versions = list(api_versions)
  
  
-      for field in self.op.output_fields:
-        if field == "name":
-          val = os_name
-        elif field == self._VLD:
-          val = valid
-        elif field == "node_status":
-          # this is just a copy of the dict
-          val = {}
-          for node_name, nos_list in os_data.items():
-            val[node_name] = nos_list
-        elif field == "variants":
-          val = utils.NiceSort(list(variants))
-        elif field == "parameters":
-          val = list(params)
-        elif field == "api_versions":
-          val = list(api_versions)
-        elif field == self._HID:
-          val = is_hid
-        elif field == self._BLK:
-          val = is_blk
-        else:
-          raise errors.ParameterError(field)
-        row.append(val)
-      output.append(row)
+      data[os_name] = info
  
  
-    return output
+    # Prepare data in requested order
+    return [data[name] for name in self._GetNames(lu, pol.keys(), None)
+            if name in data]
+
+
+class LUOsDiagnose(NoHooksLU):
+  """Logical unit for OS diagnose/query.
+
+  """
+  REQ_BGL = False
+
+  @staticmethod
+  def _BuildFilter(fields, names):
+    """Builds a filter for querying OSes.
+
+    """
+    name_filter = qlang.MakeSimpleFilter("name", names)
+
+    # Legacy behaviour: Hide hidden, blacklisted or invalid OSes if the
+    # respective field is not requested
+    status_filter = [[qlang.OP_NOT, [qlang.OP_TRUE, fname]]
+                     for fname in ["hidden", "blacklisted"]
+                     if fname not in fields]
+    if "valid" not in fields:
+      status_filter.append([qlang.OP_TRUE, "valid"])
+
+    if status_filter:
+      status_filter.insert(0, qlang.OP_AND)
+    else:
+      status_filter = None
+
+    if name_filter and status_filter:
+      return [qlang.OP_AND, name_filter, status_filter]
+    elif name_filter:
+      return name_filter
+    else:
+      return status_filter
+
+  def CheckArguments(self):
+    self.oq = _OsQuery(self._BuildFilter(self.op.output_fields, self.op.names),
+                       self.op.output_fields, False)
+
+  def ExpandNames(self):
+    self.oq.ExpandNames(self)
+
+  def Exec(self, feedback_fn):
+    return self.oq.OldStyleQuery(self)
  
  
  class LUNodeRemove(LogicalUnit):
  
  
  class LUNodeRemove(LogicalUnit):
@@ -3562,21 +5149,25 @@ class LUNodeRemove(LogicalUnit):
    def BuildHooksEnv(self):
      """Build hooks env.
  
    def BuildHooksEnv(self):
      """Build hooks env.
  
-    This doesn't run on the target node in the pre phase as a failed
-    node would then be impossible to remove.
-
      """
      """
-    env = {
+    return {
        "OP_TARGET": self.op.node_name,
        "NODE_NAME": self.op.node_name,
        }
        "OP_TARGET": self.op.node_name,
        "NODE_NAME": self.op.node_name,
        }
+
+  def BuildHooksNodes(self):
+    """Build hooks nodes.
+
+    This doesn't run on the target node in the pre phase as a failed
+    node would then be impossible to remove.
+
+    """
      all_nodes = self.cfg.GetNodeList()
      try:
        all_nodes.remove(self.op.node_name)
      except ValueError:
      all_nodes = self.cfg.GetNodeList()
      try:
        all_nodes.remove(self.op.node_name)
      except ValueError:
-      logging.warning("Node %s which is about to be removed not found"
-                      " in the all nodes list", self.op.node_name)
-    return env, all_nodes, all_nodes
+      pass
+    return (all_nodes, all_nodes)
  
    def CheckPrereq(self):
      """Check prerequisites.
  
    def CheckPrereq(self):
      """Check prerequisites.
@@ -3593,19 +5184,15 @@ class LUNodeRemove(LogicalUnit):
      node = self.cfg.GetNodeInfo(self.op.node_name)
      assert node is not None
  
      node = self.cfg.GetNodeInfo(self.op.node_name)
      assert node is not None
  
-    instance_list = self.cfg.GetInstanceList()
-
      masternode = self.cfg.GetMasterNode()
      if node.name == masternode:
      masternode = self.cfg.GetMasterNode()
      if node.name == masternode:
-      raise errors.OpPrereqError("Node is the master node,"
-                                 " you need to failover first.",
-                                 errors.ECODE_INVAL)
+      raise errors.OpPrereqError("Node is the master node, failover to another"
+                                 " node is required", errors.ECODE_INVAL)
  
  
-    for instance_name in instance_list:
-      instance = self.cfg.GetInstanceInfo(instance_name)
+    for instance_name, instance in self.cfg.GetAllInstancesInfo().items():
        if node.name in instance.all_nodes:
          raise errors.OpPrereqError("Instance %s is still running on the node,"
        if node.name in instance.all_nodes:
          raise errors.OpPrereqError("Instance %s is still running on the node,"
-                                   " please remove first." % instance_name,
+                                   " please remove first" % instance_name,
                                     errors.ECODE_INVAL)
      self.op.node_name = node.name
      self.node = node
                                     errors.ECODE_INVAL)
      self.op.node_name = node.name
      self.node = node
@@ -3620,17 +5207,15 @@ class LUNodeRemove(LogicalUnit):
  
      modify_ssh_setup = self.cfg.GetClusterInfo().modify_ssh_setup
  
  
      modify_ssh_setup = self.cfg.GetClusterInfo().modify_ssh_setup
  
+    assert locking.BGL in self.owned_locks(locking.LEVEL_CLUSTER), \
+      "Not owning BGL"
+
      # Promote nodes to master candidate as needed
      _AdjustCandidatePool(self, exceptions=[node.name])
      self.context.RemoveNode(node.name)
  
      # Run post hooks on the node before it's removed
      # Promote nodes to master candidate as needed
      _AdjustCandidatePool(self, exceptions=[node.name])
      self.context.RemoveNode(node.name)
  
      # Run post hooks on the node before it's removed
-    hm = self.proc.hmclass(self.rpc.call_hooks_runner, self)
-    try:
-      hm.RunPhase(constants.HOOKS_PHASE_POST, [node.name])
-    except:
-      # pylint: disable-msg=W0702
-      self.LogWarning("Errors occurred running hooks on %s" % node.name)
+    _RunPostHook(self, node.name)
  
      result = self.rpc.call_node_leave_cluster(node.name, modify_ssh_setup)
      msg = result.fail_msg
  
      result = self.rpc.call_node_leave_cluster(node.name, modify_ssh_setup)
      msg = result.fail_msg
@@ -3653,7 +5238,7 @@ class _NodeQuery(_QueryBase):
  
    def ExpandNames(self, lu):
      lu.needed_locks = {}
  
    def ExpandNames(self, lu):
      lu.needed_locks = {}
-    lu.share_locks[locking.LEVEL_NODE] = 1
+    lu.share_locks = _ShareAll()
  
      if self.names:
        self.wanted = _GetWantedNodes(lu, self.names)
  
      if self.names:
        self.wanted = _GetWantedNodes(lu, self.names)
@@ -3664,8 +5249,9 @@ class _NodeQuery(_QueryBase):
                         query.NQ_LIVE in self.requested_data)
  
      if self.do_locking:
                         query.NQ_LIVE in self.requested_data)
  
      if self.do_locking:
-      # if we don't request only static fields, we need to lock the nodes
+      # If any non-static field is requested we need to lock the nodes
        lu.needed_locks[locking.LEVEL_NODE] = self.wanted
        lu.needed_locks[locking.LEVEL_NODE] = self.wanted
+      lu.needed_locks[locking.LEVEL_NODE_ALLOC] = locking.ALL_SET
  
    def DeclareLocks(self, lu, level):
      pass
  
    def DeclareLocks(self, lu, level):
      pass
@@ -3683,9 +5269,9 @@ class _NodeQuery(_QueryBase):
        # filter out non-vm_capable nodes
        toquery_nodes = [name for name in nodenames if all_info[name].vm_capable]
  
        # filter out non-vm_capable nodes
        toquery_nodes = [name for name in nodenames if all_info[name].vm_capable]
  
-      node_data = lu.rpc.call_node_info(toquery_nodes, lu.cfg.GetVGName(),
-                                        lu.cfg.GetHypervisorType())
-      live_data = dict((name, nresult.payload)
+      node_data = lu.rpc.call_node_info(toquery_nodes, [lu.cfg.GetVGName()],
+                                        [lu.cfg.GetHypervisorType()])
+      live_data = dict((name, rpc.MakeLegacyNodeInfo(nresult.payload))
                         for (name, nresult) in node_data.items()
                         if not nresult.fail_msg and nresult.payload)
      else:
                         for (name, nresult) in node_data.items()
                         if not nresult.fail_msg and nresult.payload)
      else:
@@ -3728,16 +5314,19 @@ class LUNodeQuery(NoHooksLU):
    """Logical unit for querying nodes.
  
    """
    """Logical unit for querying nodes.
  
    """
-  # pylint: disable-msg=W0142
+  # pylint: disable=W0142
    REQ_BGL = False
  
    def CheckArguments(self):
    REQ_BGL = False
  
    def CheckArguments(self):
-    self.nq = _NodeQuery(self.op.names, self.op.output_fields,
-                         self.op.use_locking)
+    self.nq = _NodeQuery(qlang.MakeSimpleFilter("name", self.op.names),
+                         self.op.output_fields, self.op.use_locking)
  
    def ExpandNames(self):
      self.nq.ExpandNames(self)
  
  
    def ExpandNames(self):
      self.nq.ExpandNames(self)
  
+  def DeclareLocks(self, level):
+    self.nq.DeclareLocks(self, level)
+
    def Exec(self, feedback_fn):
      return self.nq.OldStyleQuery(self)
  
    def Exec(self, feedback_fn):
      return self.nq.OldStyleQuery(self)
  
@@ -3756,27 +5345,27 @@ class LUNodeQueryvols(NoHooksLU):
                         selected=self.op.output_fields)
  
    def ExpandNames(self):
                         selected=self.op.output_fields)
  
    def ExpandNames(self):
-    self.needed_locks = {}
-    self.share_locks[locking.LEVEL_NODE] = 1
-    if not self.op.nodes:
-      self.needed_locks[locking.LEVEL_NODE] = locking.ALL_SET
+    self.share_locks = _ShareAll()
+
+    if self.op.nodes:
+      self.needed_locks = {
+        locking.LEVEL_NODE: _GetWantedNodes(self, self.op.nodes),
+        }
      else:
      else:
-      self.needed_locks[locking.LEVEL_NODE] = \
-        _GetWantedNodes(self, self.op.nodes)
+      self.needed_locks = {
+        locking.LEVEL_NODE: locking.ALL_SET,
+        locking.LEVEL_NODE_ALLOC: locking.ALL_SET,
+        }
  
    def Exec(self, feedback_fn):
      """Computes the list of nodes and their attributes.
  
      """
  
    def Exec(self, feedback_fn):
      """Computes the list of nodes and their attributes.
  
      """
-    nodenames = self.acquired_locks[locking.LEVEL_NODE]
+    nodenames = self.owned_locks(locking.LEVEL_NODE)
      volumes = self.rpc.call_node_volumes(nodenames)
  
      ilist = self.cfg.GetAllInstancesInfo()
      volumes = self.rpc.call_node_volumes(nodenames)
  
      ilist = self.cfg.GetAllInstancesInfo()
-
-    vol2inst = dict(((node, vol), inst.name)
-                    for inst in ilist.values()
-                    for (node, vols) in inst.MapLVsByNode().items()
-                    for vol in vols)
+    vol2inst = _MapInstanceDisksToNodes(ilist.values())
  
      output = []
      for node in nodenames:
  
      output = []
      for node in nodenames:
@@ -3797,13 +5386,13 @@ class LUNodeQueryvols(NoHooksLU):
            if field == "node":
              val = node
            elif field == "phys":
            if field == "node":
              val = node
            elif field == "phys":
-            val = vol['dev']
+            val = vol["dev"]
            elif field == "vg":
            elif field == "vg":
-            val = vol['vg']
+            val = vol["vg"]
            elif field == "name":
            elif field == "name":
-            val = vol['name']
+            val = vol["name"]
            elif field == "size":
            elif field == "size":
-            val = int(float(vol['size']))
+            val = int(float(vol["size"]))
            elif field == "instance":
              val = vol2inst.get((node, vol["vg"] + "/" + vol["name"]), "-")
            else:
            elif field == "instance":
              val = vol2inst.get((node, vol["vg"] + "/" + vol["name"]), "-")
            else:
@@ -3828,20 +5417,23 @@ class LUNodeQueryStorage(NoHooksLU):
                         selected=self.op.output_fields)
  
    def ExpandNames(self):
                         selected=self.op.output_fields)
  
    def ExpandNames(self):
-    self.needed_locks = {}
-    self.share_locks[locking.LEVEL_NODE] = 1
+    self.share_locks = _ShareAll()
  
      if self.op.nodes:
  
      if self.op.nodes:
-      self.needed_locks[locking.LEVEL_NODE] = \
-        _GetWantedNodes(self, self.op.nodes)
+      self.needed_locks = {
+        locking.LEVEL_NODE: _GetWantedNodes(self, self.op.nodes),
+        }
      else:
      else:
-      self.needed_locks[locking.LEVEL_NODE] = locking.ALL_SET
+      self.needed_locks = {
+        locking.LEVEL_NODE: locking.ALL_SET,
+        locking.LEVEL_NODE_ALLOC: locking.ALL_SET,
+        }
  
    def Exec(self, feedback_fn):
      """Computes the list of nodes and their attributes.
  
      """
  
    def Exec(self, feedback_fn):
      """Computes the list of nodes and their attributes.
  
      """
-    self.nodes = self.acquired_locks[locking.LEVEL_NODE]
+    self.nodes = self.owned_locks(locking.LEVEL_NODE)
  
      # Always get name to sort by
      if constants.SF_NAME in self.op.output_fields:
  
      # Always get name to sort by
      if constants.SF_NAME in self.op.output_fields:
@@ -3903,8 +5495,7 @@ class _InstanceQuery(_QueryBase):
  
    def ExpandNames(self, lu):
      lu.needed_locks = {}
  
    def ExpandNames(self, lu):
      lu.needed_locks = {}
-    lu.share_locks[locking.LEVEL_INSTANCE] = 1
-    lu.share_locks[locking.LEVEL_NODE] = 1
+    lu.share_locks = _ShareAll()
  
      if self.names:
        self.wanted = _GetWantedInstances(lu, self.names)
  
      if self.names:
        self.wanted = _GetWantedInstances(lu, self.names)
@@ -3915,17 +5506,43 @@ class _InstanceQuery(_QueryBase):
                         query.IQ_LIVE in self.requested_data)
      if self.do_locking:
        lu.needed_locks[locking.LEVEL_INSTANCE] = self.wanted
                         query.IQ_LIVE in self.requested_data)
      if self.do_locking:
        lu.needed_locks[locking.LEVEL_INSTANCE] = self.wanted
+      lu.needed_locks[locking.LEVEL_NODEGROUP] = []
        lu.needed_locks[locking.LEVEL_NODE] = []
        lu.recalculate_locks[locking.LEVEL_NODE] = constants.LOCKS_REPLACE
  
        lu.needed_locks[locking.LEVEL_NODE] = []
        lu.recalculate_locks[locking.LEVEL_NODE] = constants.LOCKS_REPLACE
  
+    self.do_grouplocks = (self.do_locking and
+                          query.IQ_NODES in self.requested_data)
+
    def DeclareLocks(self, lu, level):
    def DeclareLocks(self, lu, level):
-    if level == locking.LEVEL_NODE and self.do_locking:
-      lu._LockInstancesNodes() # pylint: disable-msg=W0212
+    if self.do_locking:
+      if level == locking.LEVEL_NODEGROUP and self.do_grouplocks:
+        assert not lu.needed_locks[locking.LEVEL_NODEGROUP]
+
+        # Lock all groups used by instances optimistically; this requires going
+        # via the node before it's locked, requiring verification later on
+        lu.needed_locks[locking.LEVEL_NODEGROUP] = \
+          set(group_uuid
+              for instance_name in lu.owned_locks(locking.LEVEL_INSTANCE)
+              for group_uuid in lu.cfg.GetInstanceNodeGroups(instance_name))
+      elif level == locking.LEVEL_NODE:
+        lu._LockInstancesNodes() # pylint: disable=W0212
+
+  @staticmethod
+  def _CheckGroupLocks(lu):
+    owned_instances = frozenset(lu.owned_locks(locking.LEVEL_INSTANCE))
+    owned_groups = frozenset(lu.owned_locks(locking.LEVEL_NODEGROUP))
+
+    # Check if node groups for locked instances are still correct
+    for instance_name in owned_instances:
+      _CheckInstanceNodeGroups(lu.cfg, instance_name, owned_groups)
  
    def _GetQueryData(self, lu):
      """Computes the list of instances and their attributes.
  
      """
  
    def _GetQueryData(self, lu):
      """Computes the list of instances and their attributes.
  
      """
+    if self.do_grouplocks:
+      self._CheckGroupLocks(lu)
+
      cluster = lu.cfg.GetClusterInfo()
      all_info = lu.cfg.GetAllInstancesInfo()
  
      cluster = lu.cfg.GetClusterInfo()
      all_info = lu.cfg.GetAllInstancesInfo()
  
@@ -3968,10 +5585,11 @@ class _InstanceQuery(_QueryBase):
        live_data = {}
  
      if query.IQ_DISKUSAGE in self.requested_data:
        live_data = {}
  
      if query.IQ_DISKUSAGE in self.requested_data:
+      gmi = ganeti.masterd.instance
        disk_usage = dict((inst.name,
        disk_usage = dict((inst.name,
-                         _ComputeDiskSize(inst.disk_template,
-                                          [{"size": disk.size}
-                                           for disk in inst.disks]))
+                         gmi.ComputeDiskSize(inst.disk_template,
+                                             [{constants.IDISK_SIZE: disk.size}
+                                              for disk in inst.disks]))
                          for inst in instance_list)
      else:
        disk_usage = None
                          for inst in instance_list)
      else:
        disk_usage = None
@@ -3988,23 +5606,34 @@ class _InstanceQuery(_QueryBase):
      else:
        consinfo = None
  
      else:
        consinfo = None
  
+    if query.IQ_NODES in self.requested_data:
+      node_names = set(itertools.chain(*map(operator.attrgetter("all_nodes"),
+                                            instance_list)))
+      nodes = dict(lu.cfg.GetMultiNodeInfo(node_names))
+      groups = dict((uuid, lu.cfg.GetNodeGroup(uuid))
+                    for uuid in set(map(operator.attrgetter("group"),
+                                        nodes.values())))
+    else:
+      nodes = None
+      groups = None
+
      return query.InstanceQueryData(instance_list, lu.cfg.GetClusterInfo(),
                                     disk_usage, offline_nodes, bad_nodes,
      return query.InstanceQueryData(instance_list, lu.cfg.GetClusterInfo(),
                                     disk_usage, offline_nodes, bad_nodes,
-                                   live_data, wrongnode_inst, consinfo)
+                                   live_data, wrongnode_inst, consinfo,
+                                   nodes, groups)
  
  
  class LUQuery(NoHooksLU):
    """Query for resources/items of a certain kind.
  
    """
  
  
  class LUQuery(NoHooksLU):
    """Query for resources/items of a certain kind.
  
    """
-  # pylint: disable-msg=W0142
+  # pylint: disable=W0142
    REQ_BGL = False
  
    def CheckArguments(self):
      qcls = _GetQueryImplementation(self.op.what)
    REQ_BGL = False
  
    def CheckArguments(self):
      qcls = _GetQueryImplementation(self.op.what)
-    names = qlang.ReadSimpleFilter("name", self.op.filter)
  
  
-    self.impl = qcls(names, self.op.fields, False)
+    self.impl = qcls(self.op.qfilter, self.op.fields, self.op.use_locking)
  
    def ExpandNames(self):
      self.impl.ExpandNames(self)
  
    def ExpandNames(self):
      self.impl.ExpandNames(self)
@@ -4020,7 +5649,7 @@ class LUQueryFields(NoHooksLU):
    """Query for resources/items of a certain kind.
  
    """
    """Query for resources/items of a certain kind.
  
    """
-  # pylint: disable-msg=W0142
+  # pylint: disable=W0142
    REQ_BGL = False
  
    def CheckArguments(self):
    REQ_BGL = False
  
    def CheckArguments(self):
@@ -4030,7 +5659,7 @@ class LUQueryFields(NoHooksLU):
      self.needed_locks = {}
  
    def Exec(self, feedback_fn):
      self.needed_locks = {}
  
    def Exec(self, feedback_fn):
-    return self.qcls.FieldsQuery(self.op.fields)
+    return query.QueryFields(self.qcls.FIELDS, self.op.fields)
  
  
  class LUNodeModifyStorage(NoHooksLU):
  
  
  class LUNodeModifyStorage(NoHooksLU):
@@ -4104,7 +5733,7 @@ class LUNodeAdd(LogicalUnit):
      This will run on all nodes before, and on all nodes + the new node after.
  
      """
      This will run on all nodes before, and on all nodes + the new node after.
  
      """
-    env = {
+    return {
        "OP_TARGET": self.op.node_name,
        "NODE_NAME": self.op.node_name,
        "NODE_PIP": self.op.primary_ip,
        "OP_TARGET": self.op.node_name,
        "NODE_NAME": self.op.node_name,
        "NODE_PIP": self.op.primary_ip,
@@ -4112,9 +5741,16 @@ class LUNodeAdd(LogicalUnit):
        "MASTER_CAPABLE": str(self.op.master_capable),
        "VM_CAPABLE": str(self.op.vm_capable),
        }
        "MASTER_CAPABLE": str(self.op.master_capable),
        "VM_CAPABLE": str(self.op.vm_capable),
        }
-    nodes_0 = self.cfg.GetNodeList()
-    nodes_1 = nodes_0 + [self.op.node_name, ]
-    return env, nodes_0, nodes_1
+
+  def BuildHooksNodes(self):
+    """Build hooks nodes.
+
+    """
+    # Exclude added node
+    pre_nodes = list(set(self.cfg.GetNodeList()) - set([self.op.node_name]))
+    post_nodes = pre_nodes + [self.op.node_name, ]
+
+    return (pre_nodes, post_nodes)
  
    def CheckPrereq(self):
      """Check prerequisites.
  
    def CheckPrereq(self):
      """Check prerequisites.
@@ -4153,9 +5789,7 @@ class LUNodeAdd(LogicalUnit):
  
      self.changed_primary_ip = False
  
  
      self.changed_primary_ip = False
  
-    for existing_node_name in node_list:
-      existing_node = cfg.GetNodeInfo(existing_node_name)
-
+    for existing_node_name, existing_node in cfg.GetMultiNodeInfo(node_list):
        if self.op.readd and node == existing_node_name:
          if existing_node.secondary_ip != secondary_ip:
            raise errors.OpPrereqError("Readded node doesn't have the same IP"
        if self.op.readd and node == existing_node_name:
          if existing_node.secondary_ip != secondary_ip:
            raise errors.OpPrereqError("Readded node doesn't have the same IP"
@@ -4218,7 +5852,7 @@ class LUNodeAdd(LogicalUnit):
      if not newbie_singlehomed:
        # check reachability from my secondary ip to newbie's secondary ip
        if not netutils.TcpPing(secondary_ip, constants.DEFAULT_NODED_PORT,
      if not newbie_singlehomed:
        # check reachability from my secondary ip to newbie's secondary ip
        if not netutils.TcpPing(secondary_ip, constants.DEFAULT_NODED_PORT,
-                           source=myself.secondary_ip):
+                              source=myself.secondary_ip):
          raise errors.OpPrereqError("Node secondary ip not reachable by TCP"
                                     " based ping to node daemon port",
                                     errors.ECODE_ENVIRON)
          raise errors.OpPrereqError("Node secondary ip not reachable by TCP"
                                     " based ping to node daemon port",
                                     errors.ECODE_ENVIRON)
@@ -4247,6 +5881,25 @@ class LUNodeAdd(LogicalUnit):
      if self.op.ndparams:
        utils.ForceDictType(self.op.ndparams, constants.NDS_PARAMETER_TYPES)
  
      if self.op.ndparams:
        utils.ForceDictType(self.op.ndparams, constants.NDS_PARAMETER_TYPES)
  
+    if self.op.hv_state:
+      self.new_hv_state = _MergeAndVerifyHvState(self.op.hv_state, None)
+
+    if self.op.disk_state:
+      self.new_disk_state = _MergeAndVerifyDiskState(self.op.disk_state, None)
+
+    # TODO: If we need to have multiple DnsOnlyRunner we probably should make
+    #       it a property on the base class.
+    result = rpc.DnsOnlyRunner().call_version([node])[node]
+    result.Raise("Can't get version information from node %s" % node)
+    if constants.PROTOCOL_VERSION == result.payload:
+      logging.info("Communication to node %s fine, sw version %s match",
+                   node, result.payload)
+    else:
+      raise errors.OpPrereqError("Version mismatch master version %s,"
+                                 " node version %s" %
+                                 (constants.PROTOCOL_VERSION, result.payload),
+                                 errors.ECODE_ENVIRON)
+
    def Exec(self, feedback_fn):
      """Adds the new node to the cluster.
  
    def Exec(self, feedback_fn):
      """Adds the new node to the cluster.
  
@@ -4254,6 +5907,9 @@ class LUNodeAdd(LogicalUnit):
      new_node = self.new_node
      node = new_node.name
  
      new_node = self.new_node
      node = new_node.name
  
+    assert locking.BGL in self.owned_locks(locking.LEVEL_CLUSTER), \
+      "Not owning BGL"
+
      # We adding a new node so we assume it's powered
      new_node.powered = True
  
      # We adding a new node so we assume it's powered
      new_node.powered = True
  
@@ -4262,7 +5918,7 @@ class LUNodeAdd(LogicalUnit):
      # later in the procedure; this also means that if the re-add
      # fails, we are left with a non-offlined, broken node
      if self.op.readd:
      # later in the procedure; this also means that if the re-add
      # fails, we are left with a non-offlined, broken node
      if self.op.readd:
-      new_node.drained = new_node.offline = False # pylint: disable-msg=W0201
+      new_node.drained = new_node.offline = False # pylint: disable=W0201
        self.LogInfo("Readding a node, the offline/drained flags were reset")
        # if we demote the node, we do cleanup later in the procedure
        new_node.master_candidate = self.master_candidate
        self.LogInfo("Readding a node, the offline/drained flags were reset")
        # if we demote the node, we do cleanup later in the procedure
        new_node.master_candidate = self.master_candidate
@@ -4282,16 +5938,11 @@ class LUNodeAdd(LogicalUnit):
      else:
        new_node.ndparams = {}
  
      else:
        new_node.ndparams = {}
  
-    # check connectivity
-    result = self.rpc.call_version([node])[node]
-    result.Raise("Can't get version information from node %s" % node)
-    if constants.PROTOCOL_VERSION == result.payload:
-      logging.info("Communication to node %s fine, sw version %s match",
-                   node, result.payload)
-    else:
-      raise errors.OpExecError("Version mismatch master version %s,"
-                               " node version %s" %
-                               (constants.PROTOCOL_VERSION, result.payload))
+    if self.op.hv_state:
+      new_node.hv_state_static = self.new_hv_state
+
+    if self.op.disk_state:
+      new_node.disk_state_static = self.new_disk_state
  
      # Add node to our /etc/hosts, and add key to known_hosts
      if self.cfg.GetClusterInfo().modify_etc_hosts:
  
      # Add node to our /etc/hosts, and add key to known_hosts
      if self.cfg.GetClusterInfo().modify_etc_hosts:
@@ -4308,7 +5959,7 @@ class LUNodeAdd(LogicalUnit):
  
      node_verify_list = [self.cfg.GetMasterNode()]
      node_verify_param = {
  
      node_verify_list = [self.cfg.GetMasterNode()]
      node_verify_param = {
-      constants.NV_NODELIST: [node],
+      constants.NV_NODELIST: ([node], {}),
        # TODO: do a node-net-test as well?
      }
  
        # TODO: do a node-net-test as well?
      }
  
@@ -4368,7 +6019,8 @@ class LUNodeSetParams(LogicalUnit):
      self.op.node_name = _ExpandNodeName(self.cfg, self.op.node_name)
      all_mods = [self.op.offline, self.op.master_candidate, self.op.drained,
                  self.op.master_capable, self.op.vm_capable,
      self.op.node_name = _ExpandNodeName(self.cfg, self.op.node_name)
      all_mods = [self.op.offline, self.op.master_candidate, self.op.drained,
                  self.op.master_capable, self.op.vm_capable,
-                self.op.secondary_ip, self.op.ndparams]
+                self.op.secondary_ip, self.op.ndparams, self.op.hv_state,
+                self.op.disk_state]
      if all_mods.count(None) == len(all_mods):
        raise errors.OpPrereqError("Please pass at least one modification",
                                   errors.ECODE_INVAL)
      if all_mods.count(None) == len(all_mods):
        raise errors.OpPrereqError("Please pass at least one modification",
                                   errors.ECODE_INVAL)
@@ -4378,10 +6030,10 @@ class LUNodeSetParams(LogicalUnit):
                                   errors.ECODE_INVAL)
  
      # Boolean value that tells us whether we might be demoting from MC
                                   errors.ECODE_INVAL)
  
      # Boolean value that tells us whether we might be demoting from MC
-    self.might_demote = (self.op.master_candidate == False or
-                         self.op.offline == True or
-                         self.op.drained == True or
-                         self.op.master_capable == False)
+    self.might_demote = (self.op.master_candidate is False or
+                         self.op.offline is True or
+                         self.op.drained is True or
+                         self.op.master_capable is False)
  
      if self.op.secondary_ip:
        if not netutils.IP4Address.IsValid(self.op.secondary_ip):
  
      if self.op.secondary_ip:
        if not netutils.IP4Address.IsValid(self.op.secondary_ip):
@@ -4392,34 +6044,41 @@ class LUNodeSetParams(LogicalUnit):
      self.lock_all = self.op.auto_promote and self.might_demote
      self.lock_instances = self.op.secondary_ip is not None
  
      self.lock_all = self.op.auto_promote and self.might_demote
      self.lock_instances = self.op.secondary_ip is not None
  
+  def _InstanceFilter(self, instance):
+    """Filter for getting affected instances.
+
+    """
+    return (instance.disk_template in constants.DTS_INT_MIRROR and
+            self.op.node_name in instance.all_nodes)
+
    def ExpandNames(self):
      if self.lock_all:
    def ExpandNames(self):
      if self.lock_all:
-      self.needed_locks = {locking.LEVEL_NODE: locking.ALL_SET}
+      self.needed_locks = {
+        locking.LEVEL_NODE: locking.ALL_SET,
+
+        # Block allocations when all nodes are locked
+        locking.LEVEL_NODE_ALLOC: locking.ALL_SET,
+        }
      else:
      else:
-      self.needed_locks = {locking.LEVEL_NODE: self.op.node_name}
+      self.needed_locks = {
+        locking.LEVEL_NODE: self.op.node_name,
+        }
  
  
-    if self.lock_instances:
-      self.needed_locks[locking.LEVEL_INSTANCE] = locking.ALL_SET
+    # Since modifying a node can have severe effects on currently running
+    # operations the resource lock is at least acquired in shared mode
+    self.needed_locks[locking.LEVEL_NODE_RES] = \
+      self.needed_locks[locking.LEVEL_NODE]
  
  
-  def DeclareLocks(self, level):
-    # If we have locked all instances, before waiting to lock nodes, release
-    # all the ones living on nodes unrelated to the current operation.
-    if level == locking.LEVEL_NODE and self.lock_instances:
-      instances_release = []
-      instances_keep = []
-      self.affected_instances = []
-      if self.needed_locks[locking.LEVEL_NODE] is not locking.ALL_SET:
-        for instance_name in self.acquired_locks[locking.LEVEL_INSTANCE]:
-          instance = self.context.cfg.GetInstanceInfo(instance_name)
-          i_mirrored = instance.disk_template in constants.DTS_NET_MIRROR
-          if i_mirrored and self.op.node_name in instance.all_nodes:
-            instances_keep.append(instance_name)
-            self.affected_instances.append(instance)
-          else:
-            instances_release.append(instance_name)
-        if instances_release:
-          self.context.glm.release(locking.LEVEL_INSTANCE, instances_release)
-          self.acquired_locks[locking.LEVEL_INSTANCE] = instances_keep
+    # Get all locks except nodes in shared mode; they are not used for anything
+    # but read-only access
+    self.share_locks = _ShareAll()
+    self.share_locks[locking.LEVEL_NODE] = 0
+    self.share_locks[locking.LEVEL_NODE_RES] = 0
+    self.share_locks[locking.LEVEL_NODE_ALLOC] = 0
+
+    if self.lock_instances:
+      self.needed_locks[locking.LEVEL_INSTANCE] = \
+        frozenset(self.cfg.GetInstancesInfoByFilter(self._InstanceFilter))
  
    def BuildHooksEnv(self):
      """Build hooks env.
  
    def BuildHooksEnv(self):
      """Build hooks env.
@@ -4427,7 +6086,7 @@ class LUNodeSetParams(LogicalUnit):
      This runs on the master node.
  
      """
      This runs on the master node.
  
      """
-    env = {
+    return {
        "OP_TARGET": self.op.node_name,
        "MASTER_CANDIDATE": str(self.op.master_candidate),
        "OFFLINE": str(self.op.offline),
        "OP_TARGET": self.op.node_name,
        "MASTER_CANDIDATE": str(self.op.master_candidate),
        "OFFLINE": str(self.op.offline),
@@ -4435,9 +6094,13 @@ class LUNodeSetParams(LogicalUnit):
        "MASTER_CAPABLE": str(self.op.master_capable),
        "VM_CAPABLE": str(self.op.vm_capable),
        }
        "MASTER_CAPABLE": str(self.op.master_capable),
        "VM_CAPABLE": str(self.op.vm_capable),
        }
-    nl = [self.cfg.GetMasterNode(),
-          self.op.node_name]
-    return env, nl, nl
+
+  def BuildHooksNodes(self):
+    """Build hooks nodes.
+
+    """
+    nl = [self.cfg.GetMasterNode(), self.op.node_name]
+    return (nl, nl)
  
    def CheckPrereq(self):
      """Check prerequisites.
  
    def CheckPrereq(self):
      """Check prerequisites.
@@ -4447,6 +6110,25 @@ class LUNodeSetParams(LogicalUnit):
      """
      node = self.node = self.cfg.GetNodeInfo(self.op.node_name)
  
      """
      node = self.node = self.cfg.GetNodeInfo(self.op.node_name)
  
+    if self.lock_instances:
+      affected_instances = \
+        self.cfg.GetInstancesInfoByFilter(self._InstanceFilter)
+
+      # Verify instance locks
+      owned_instances = self.owned_locks(locking.LEVEL_INSTANCE)
+      wanted_instances = frozenset(affected_instances.keys())
+      if wanted_instances - owned_instances:
+        raise errors.OpPrereqError("Instances affected by changing node %s's"
+                                   " secondary IP address have changed since"
+                                   " locks were acquired, wanted '%s', have"
+                                   " '%s'; retry the operation" %
+                                   (self.op.node_name,
+                                    utils.CommaJoin(wanted_instances),
+                                    utils.CommaJoin(owned_instances)),
+                                   errors.ECODE_STATE)
+    else:
+      affected_instances = None
+
      if (self.op.master_candidate is not None or
          self.op.drained is not None or
          self.op.offline is not None):
      if (self.op.master_candidate is not None or
          self.op.drained is not None or
          self.op.offline is not None):
@@ -4461,7 +6143,7 @@ class LUNodeSetParams(LogicalUnit):
                                   " it a master candidate" % node.name,
                                   errors.ECODE_STATE)
  
                                   " it a master candidate" % node.name,
                                   errors.ECODE_STATE)
  
-    if self.op.vm_capable == False:
+    if self.op.vm_capable is False:
        (ipri, isec) = self.cfg.GetNodeInstances(self.op.node_name)
        if ipri or isec:
          raise errors.OpPrereqError("Node %s hosts instances, cannot unset"
        (ipri, isec) = self.cfg.GetNodeInstances(self.op.node_name)
        if ipri or isec:
          raise errors.OpPrereqError("Node %s hosts instances, cannot unset"
@@ -4477,16 +6159,17 @@ class LUNodeSetParams(LogicalUnit):
        if mc_remaining < mc_should:
          raise errors.OpPrereqError("Not enough master candidates, please"
                                     " pass auto promote option to allow"
        if mc_remaining < mc_should:
          raise errors.OpPrereqError("Not enough master candidates, please"
                                     " pass auto promote option to allow"
-                                   " promotion", errors.ECODE_STATE)
+                                   " promotion (--auto-promote or RAPI"
+                                   " auto_promote=True)", errors.ECODE_STATE)
  
      self.old_flags = old_flags = (node.master_candidate,
                                    node.drained, node.offline)
  
      self.old_flags = old_flags = (node.master_candidate,
                                    node.drained, node.offline)
-    assert old_flags in self._F2R, "Un-handled old flags  %s" % str(old_flags)
+    assert old_flags in self._F2R, "Un-handled old flags %s" % str(old_flags)
      self.old_role = old_role = self._F2R[old_flags]
  
      # Check for ineffective changes
      for attr in self._FLAGS:
      self.old_role = old_role = self._F2R[old_flags]
  
      # Check for ineffective changes
      for attr in self._FLAGS:
-      if (getattr(self.op, attr) == False and getattr(node, attr) == False):
+      if (getattr(self.op, attr) is False and getattr(node, attr) is False):
          self.LogInfo("Ignoring request to unset flag %s, already unset", attr)
          setattr(self.op, attr, None)
  
          self.LogInfo("Ignoring request to unset flag %s, already unset", attr)
          setattr(self.op, attr, None)
  
@@ -4496,24 +6179,25 @@ class LUNodeSetParams(LogicalUnit):
      # TODO: We might query the real power state if it supports OOB
      if _SupportsOob(self.cfg, node):
        if self.op.offline is False and not (node.powered or
      # TODO: We might query the real power state if it supports OOB
      if _SupportsOob(self.cfg, node):
        if self.op.offline is False and not (node.powered or
-                                           self.op.powered == True):
-        raise errors.OpPrereqError(("Please power on node %s first before you"
-                                    " can reset offline state") %
-                                   self.op.node_name)
+                                           self.op.powered is True):
+        raise errors.OpPrereqError(("Node %s needs to be turned on before its"
+                                    " offline status can be reset") %
+                                   self.op.node_name, errors.ECODE_STATE)
      elif self.op.powered is not None:
        raise errors.OpPrereqError(("Unable to change powered state for node %s"
      elif self.op.powered is not None:
        raise errors.OpPrereqError(("Unable to change powered state for node %s"
-                                  " which does not support out-of-band"
-                                  " handling") % self.op.node_name)
+                                  " as it does not support out-of-band"
+                                  " handling") % self.op.node_name,
+                                 errors.ECODE_STATE)
  
      # If we're being deofflined/drained, we'll MC ourself if needed
  
      # If we're being deofflined/drained, we'll MC ourself if needed
-    if (self.op.drained == False or self.op.offline == False or
+    if (self.op.drained is False or self.op.offline is False or
          (self.op.master_capable and not node.master_capable)):
        if _DecideSelfPromotion(self):
          self.op.master_candidate = True
          self.LogInfo("Auto-promoting node to master candidate")
  
      # If we're no longer master capable, we'll demote ourselves from MC
          (self.op.master_capable and not node.master_capable)):
        if _DecideSelfPromotion(self):
          self.op.master_candidate = True
          self.LogInfo("Auto-promoting node to master candidate")
  
      # If we're no longer master capable, we'll demote ourselves from MC
-    if self.op.master_capable == False and node.master_candidate:
+    if self.op.master_capable is False and node.master_candidate:
        self.LogInfo("Demoting from master candidate")
        self.op.master_candidate = False
  
        self.LogInfo("Demoting from master candidate")
        self.op.master_candidate = False
  
@@ -4547,24 +6231,51 @@ class LUNodeSetParams(LogicalUnit):
                          " without using re-add. Please make sure the node"
                          " is healthy!")
  
                          " without using re-add. Please make sure the node"
                          " is healthy!")
  
+    # When changing the secondary ip, verify if this is a single-homed to
+    # multi-homed transition or vice versa, and apply the relevant
+    # restrictions.
      if self.op.secondary_ip:
        # Ok even without locking, because this can't be changed by any LU
        master = self.cfg.GetNodeInfo(self.cfg.GetMasterNode())
        master_singlehomed = master.secondary_ip == master.primary_ip
      if self.op.secondary_ip:
        # Ok even without locking, because this can't be changed by any LU
        master = self.cfg.GetNodeInfo(self.cfg.GetMasterNode())
        master_singlehomed = master.secondary_ip == master.primary_ip
-      if master_singlehomed and self.op.secondary_ip:
-        raise errors.OpPrereqError("Cannot change the secondary ip on a single"
-                                   " homed cluster", errors.ECODE_INVAL)
+      if master_singlehomed and self.op.secondary_ip != node.primary_ip:
+        if self.op.force and node.name == master.name:
+          self.LogWarning("Transitioning from single-homed to multi-homed"
+                          " cluster; all nodes will require a secondary IP"
+                          " address")
+        else:
+          raise errors.OpPrereqError("Changing the secondary ip on a"
+                                     " single-homed cluster requires the"
+                                     " --force option to be passed, and the"
+                                     " target node to be the master",
+                                     errors.ECODE_INVAL)
+      elif not master_singlehomed and self.op.secondary_ip == node.primary_ip:
+        if self.op.force and node.name == master.name:
+          self.LogWarning("Transitioning from multi-homed to single-homed"
+                          " cluster; secondary IP addresses will have to be"
+                          " removed")
+        else:
+          raise errors.OpPrereqError("Cannot set the secondary IP to be the"
+                                     " same as the primary IP on a multi-homed"
+                                     " cluster, unless the --force option is"
+                                     " passed, and the target node is the"
+                                     " master", errors.ECODE_INVAL)
+
+      assert not (frozenset(affected_instances) -
+                  self.owned_locks(locking.LEVEL_INSTANCE))
  
        if node.offline:
  
        if node.offline:
-        if self.affected_instances:
-          raise errors.OpPrereqError("Cannot change secondary ip: offline"
-                                     " node has instances (%s) configured"
-                                     " to use it" % self.affected_instances)
+        if affected_instances:
+          msg = ("Cannot change secondary IP address: offline node has"
+                 " instances (%s) configured to use it" %
+                 utils.CommaJoin(affected_instances.keys()))
+          raise errors.OpPrereqError(msg, errors.ECODE_STATE)
        else:
          # On online nodes, check that no instances are running, and that
          # the node has the new ip and we can reach it.
        else:
          # On online nodes, check that no instances are running, and that
          # the node has the new ip and we can reach it.
-        for instance in self.affected_instances:
-          _CheckInstanceDown(self, instance, "cannot change secondary ip")
+        for instance in affected_instances.values():
+          _CheckInstanceState(self, instance, INSTANCE_DOWN,
+                              msg="cannot change secondary ip")
  
          _CheckNodeHasSecondaryIP(self, node.name, self.op.secondary_ip, True)
          if master.name != node.name:
  
          _CheckNodeHasSecondaryIP(self, node.name, self.op.secondary_ip, True)
          if master.name != node.name:
@@ -4581,6 +6292,15 @@ class LUNodeSetParams(LogicalUnit):
        utils.ForceDictType(new_ndparams, constants.NDS_PARAMETER_TYPES)
        self.new_ndparams = new_ndparams
  
        utils.ForceDictType(new_ndparams, constants.NDS_PARAMETER_TYPES)
        self.new_ndparams = new_ndparams
  
+    if self.op.hv_state:
+      self.new_hv_state = _MergeAndVerifyHvState(self.op.hv_state,
+                                                 self.node.hv_state_static)
+
+    if self.op.disk_state:
+      self.new_disk_state = \
+        _MergeAndVerifyDiskState(self.op.disk_state,
+                                 self.node.disk_state_static)
+
    def Exec(self, feedback_fn):
      """Modifies a node.
  
    def Exec(self, feedback_fn):
      """Modifies a node.
  
@@ -4597,6 +6317,12 @@ class LUNodeSetParams(LogicalUnit):
      if self.op.powered is not None:
        node.powered = self.op.powered
  
      if self.op.powered is not None:
        node.powered = self.op.powered
  
+    if self.op.hv_state:
+      node.hv_state_static = self.new_hv_state
+
+    if self.op.disk_state:
+      node.disk_state_static = self.new_disk_state
+
      for attr in ["master_capable", "vm_capable"]:
        val = getattr(self.op, attr)
        if val is not None:
      for attr in ["master_capable", "vm_capable"]:
        val = getattr(self.op, attr)
        if val is not None:
@@ -4701,23 +6427,28 @@ class LUClusterQuery(NoHooksLU):
        "config_version": constants.CONFIG_VERSION,
        "os_api_version": max(constants.OS_API_VERSIONS),
        "export_version": constants.EXPORT_VERSION,
        "config_version": constants.CONFIG_VERSION,
        "os_api_version": max(constants.OS_API_VERSIONS),
        "export_version": constants.EXPORT_VERSION,
-      "architecture": (platform.architecture()[0], platform.machine()),
+      "architecture": runtime.GetArchInfo(),
        "name": cluster.cluster_name,
        "master": cluster.master_node,
        "name": cluster.cluster_name,
        "master": cluster.master_node,
-      "default_hypervisor": cluster.enabled_hypervisors[0],
+      "default_hypervisor": cluster.primary_hypervisor,
        "enabled_hypervisors": cluster.enabled_hypervisors,
        "hvparams": dict([(hypervisor_name, cluster.hvparams[hypervisor_name])
                          for hypervisor_name in cluster.enabled_hypervisors]),
        "os_hvp": os_hvp,
        "beparams": cluster.beparams,
        "osparams": cluster.osparams,
        "enabled_hypervisors": cluster.enabled_hypervisors,
        "hvparams": dict([(hypervisor_name, cluster.hvparams[hypervisor_name])
                          for hypervisor_name in cluster.enabled_hypervisors]),
        "os_hvp": os_hvp,
        "beparams": cluster.beparams,
        "osparams": cluster.osparams,
+      "ipolicy": cluster.ipolicy,
        "nicparams": cluster.nicparams,
        "ndparams": cluster.ndparams,
        "nicparams": cluster.nicparams,
        "ndparams": cluster.ndparams,
+      "diskparams": cluster.diskparams,
        "candidate_pool_size": cluster.candidate_pool_size,
        "master_netdev": cluster.master_netdev,
        "candidate_pool_size": cluster.candidate_pool_size,
        "master_netdev": cluster.master_netdev,
+      "master_netmask": cluster.master_netmask,
+      "use_external_mip_script": cluster.use_external_mip_script,
        "volume_group_name": cluster.volume_group_name,
        "drbd_usermode_helper": cluster.drbd_usermode_helper,
        "file_storage_dir": cluster.file_storage_dir,
        "volume_group_name": cluster.volume_group_name,
        "drbd_usermode_helper": cluster.drbd_usermode_helper,
        "file_storage_dir": cluster.file_storage_dir,
+      "shared_file_storage_dir": cluster.shared_file_storage_dir,
        "maintain_node_health": cluster.maintain_node_health,
        "ctime": cluster.ctime,
        "mtime": cluster.mtime,
        "maintain_node_health": cluster.maintain_node_health,
        "ctime": cluster.ctime,
        "mtime": cluster.mtime,
@@ -4740,38 +6471,70 @@ class LUClusterConfigQuery(NoHooksLU):
  
    """
    REQ_BGL = False
  
    """
    REQ_BGL = False
-  _FIELDS_DYNAMIC = utils.FieldSet()
-  _FIELDS_STATIC = utils.FieldSet("cluster_name", "master_node", "drain_flag",
-                                  "watcher_pause", "volume_group_name")
  
    def CheckArguments(self):
  
    def CheckArguments(self):
-    _CheckOutputFields(static=self._FIELDS_STATIC,
-                       dynamic=self._FIELDS_DYNAMIC,
-                       selected=self.op.output_fields)
+    self.cq = _ClusterQuery(None, self.op.output_fields, False)
  
    def ExpandNames(self):
  
    def ExpandNames(self):
-    self.needed_locks = {}
+    self.cq.ExpandNames(self)
+
+  def DeclareLocks(self, level):
+    self.cq.DeclareLocks(self, level)
  
    def Exec(self, feedback_fn):
  
    def Exec(self, feedback_fn):
-    """Dump a representation of the cluster config to the standard output.
-
-    """
-    values = []
-    for field in self.op.output_fields:
-      if field == "cluster_name":
-        entry = self.cfg.GetClusterName()
-      elif field == "master_node":
-        entry = self.cfg.GetMasterNode()
-      elif field == "drain_flag":
-        entry = os.path.exists(constants.JOB_QUEUE_DRAIN_FILE)
-      elif field == "watcher_pause":
-        entry = utils.ReadWatcherPauseFile(constants.WATCHER_PAUSEFILE)
-      elif field == "volume_group_name":
-        entry = self.cfg.GetVGName()
-      else:
-        raise errors.ParameterError(field)
-      values.append(entry)
-    return values
+    result = self.cq.OldStyleQuery(self)
+
+    assert len(result) == 1
+
+    return result[0]
+
+
+class _ClusterQuery(_QueryBase):
+  FIELDS = query.CLUSTER_FIELDS
+
+  #: Do not sort (there is only one item)
+  SORT_FIELD = None
+
+  def ExpandNames(self, lu):
+    lu.needed_locks = {}
+
+    # The following variables interact with _QueryBase._GetNames
+    self.wanted = locking.ALL_SET
+    self.do_locking = self.use_locking
+
+    if self.do_locking:
+      raise errors.OpPrereqError("Can not use locking for cluster queries",
+                                 errors.ECODE_INVAL)
+
+  def DeclareLocks(self, lu, level):
+    pass
+
+  def _GetQueryData(self, lu):
+    """Computes the list of nodes and their attributes.
+
+    """
+    # Locking is not used
+    assert not (compat.any(lu.glm.is_owned(level)
+                           for level in locking.LEVELS
+                           if level != locking.LEVEL_CLUSTER) or
+                self.do_locking or self.use_locking)
+
+    if query.CQ_CONFIG in self.requested_data:
+      cluster = lu.cfg.GetClusterInfo()
+    else:
+      cluster = NotImplemented
+
+    if query.CQ_QUEUE_DRAINED in self.requested_data:
+      drain_flag = os.path.exists(pathutils.JOB_QUEUE_DRAIN_FILE)
+    else:
+      drain_flag = NotImplemented
+
+    if query.CQ_WATCHER_PAUSE in self.requested_data:
+      watcher_pause = utils.ReadWatcherPauseFile(pathutils.WATCHER_PAUSEFILE)
+    else:
+      watcher_pause = NotImplemented
+
+    return query.ClusterQueryData(cluster, drain_flag, watcher_pause)
  
  
  class LUInstanceActivateDisks(NoHooksLU):
  
  
  class LUInstanceActivateDisks(NoHooksLU):
@@ -4810,6 +6573,10 @@ class LUInstanceActivateDisks(NoHooksLU):
      if not disks_ok:
        raise errors.OpExecError("Cannot activate block devices")
  
      if not disks_ok:
        raise errors.OpExecError("Cannot activate block devices")
  
+    if self.op.wait_for_sync:
+      if not _WaitForSync(self, self.instance):
+        raise errors.OpExecError("Some disks of the instance are degraded!")
+
      return disks_info
  
  
      return disks_info
  
  
@@ -4858,13 +6625,16 @@ def _AssembleInstanceDisks(lu, instance, disks=None, ignore_secondaries=False,
          node_disk = node_disk.Copy()
          node_disk.UnsetSize()
        lu.cfg.SetDiskID(node_disk, node)
          node_disk = node_disk.Copy()
          node_disk.UnsetSize()
        lu.cfg.SetDiskID(node_disk, node)
-      result = lu.rpc.call_blockdev_assemble(node, node_disk, iname, False, idx)
+      result = lu.rpc.call_blockdev_assemble(node, (node_disk, instance), iname,
+                                             False, idx)
        msg = result.fail_msg
        if msg:
        msg = result.fail_msg
        if msg:
-        lu.proc.LogWarning("Could not prepare block device %s on node %s"
-                           " (is_primary=False, pass=1): %s",
-                           inst_disk.iv_name, node, msg)
-        if not ignore_secondaries:
+        is_offline_secondary = (node in instance.secondary_nodes and
+                                result.offline)
+        lu.LogWarning("Could not prepare block device %s on node %s"
+                      " (is_primary=False, pass=1): %s",
+                      inst_disk.iv_name, node, msg)
+        if not (ignore_secondaries or is_offline_secondary):
            disks_ok = False
  
    # FIXME: race condition on drbd migration to primary
            disks_ok = False
  
    # FIXME: race condition on drbd migration to primary
@@ -4880,12 +6650,13 @@ def _AssembleInstanceDisks(lu, instance, disks=None, ignore_secondaries=False,
          node_disk = node_disk.Copy()
          node_disk.UnsetSize()
        lu.cfg.SetDiskID(node_disk, node)
          node_disk = node_disk.Copy()
          node_disk.UnsetSize()
        lu.cfg.SetDiskID(node_disk, node)
-      result = lu.rpc.call_blockdev_assemble(node, node_disk, iname, True, idx)
+      result = lu.rpc.call_blockdev_assemble(node, (node_disk, instance), iname,
+                                             True, idx)
        msg = result.fail_msg
        if msg:
        msg = result.fail_msg
        if msg:
-        lu.proc.LogWarning("Could not prepare block device %s on node %s"
-                           " (is_primary=True, pass=2): %s",
-                           inst_disk.iv_name, node, msg)
+        lu.LogWarning("Could not prepare block device %s on node %s"
+                      " (is_primary=True, pass=2): %s",
+                      inst_disk.iv_name, node, msg)
          disks_ok = False
        else:
          dev_path = result.payload
          disks_ok = False
        else:
          dev_path = result.payload
@@ -4910,9 +6681,9 @@ def _StartInstanceDisks(lu, instance, force):
    if not disks_ok:
      _ShutdownInstanceDisks(lu, instance)
      if force is not None and not force:
    if not disks_ok:
      _ShutdownInstanceDisks(lu, instance)
      if force is not None and not force:
-      lu.proc.LogWarning("", hint="If the message above refers to a"
-                         " secondary node,"
-                         " you can retry the operation using '--force'.")
+      lu.LogWarning("",
+                    hint=("If the message above refers to a secondary node,"
+                          " you can retry the operation using '--force'"))
      raise errors.OpExecError("Disk consistency error")
  
  
      raise errors.OpExecError("Disk consistency error")
  
  
@@ -4959,7 +6730,7 @@ def _SafeShutdownInstanceDisks(lu, instance, disks=None):
    _ShutdownInstanceDisks.
  
    """
    _ShutdownInstanceDisks.
  
    """
-  _CheckInstanceDown(lu, instance, "cannot shutdown disks")
+  _CheckInstanceState(lu, instance, INSTANCE_DOWN, msg="cannot shutdown disks")
    _ShutdownInstanceDisks(lu, instance, disks=disks)
  
  
    _ShutdownInstanceDisks(lu, instance, disks=disks)
  
  
@@ -4996,7 +6767,7 @@ def _ShutdownInstanceDisks(lu, instance, disks=None, ignore_primary=False):
    for disk in disks:
      for node, top_disk in disk.ComputeNodeTree(instance.primary_node):
        lu.cfg.SetDiskID(top_disk, node)
    for disk in disks:
      for node, top_disk in disk.ComputeNodeTree(instance.primary_node):
        lu.cfg.SetDiskID(top_disk, node)
-      result = lu.rpc.call_blockdev_shutdown(node, top_disk)
+      result = lu.rpc.call_blockdev_shutdown(node, (top_disk, instance))
        msg = result.fail_msg
        if msg:
          lu.LogWarning("Could not shutdown block device %s on node %s: %s",
        msg = result.fail_msg
        if msg:
          lu.LogWarning("Could not shutdown block device %s on node %s: %s",
@@ -5025,14 +6796,18 @@ def _CheckNodeFreeMemory(lu, node, reason, requested, hypervisor_name):
    @param requested: the amount of memory in MiB to check for
    @type hypervisor_name: C{str}
    @param hypervisor_name: the hypervisor to ask for memory stats
    @param requested: the amount of memory in MiB to check for
    @type hypervisor_name: C{str}
    @param hypervisor_name: the hypervisor to ask for memory stats
+  @rtype: integer
+  @return: node current free memory
    @raise errors.OpPrereqError: if the node doesn't have enough memory, or
        we cannot check the node
  
    """
    @raise errors.OpPrereqError: if the node doesn't have enough memory, or
        we cannot check the node
  
    """
-  nodeinfo = lu.rpc.call_node_info([node], None, hypervisor_name)
+  nodeinfo = lu.rpc.call_node_info([node], None, [hypervisor_name])
    nodeinfo[node].Raise("Can't get data from node %s" % node,
                         prereq=True, ecode=errors.ECODE_ENVIRON)
    nodeinfo[node].Raise("Can't get data from node %s" % node,
                         prereq=True, ecode=errors.ECODE_ENVIRON)
-  free_mem = nodeinfo[node].payload.get('memory_free', None)
+  (_, _, (hv_info, )) = nodeinfo[node].payload
+
+  free_mem = hv_info.get("memory_free", None)
    if not isinstance(free_mem, int):
      raise errors.OpPrereqError("Can't compute free memory on node %s, result"
                                 " was '%s'" % (node, free_mem),
    if not isinstance(free_mem, int):
      raise errors.OpPrereqError("Can't compute free memory on node %s, result"
                                 " was '%s'" % (node, free_mem),
@@ -5042,6 +6817,7 @@ def _CheckNodeFreeMemory(lu, node, reason, requested, hypervisor_name):
                                 " needed %s MiB, available %s MiB" %
                                 (node, reason, requested, free_mem),
                                 errors.ECODE_NORES)
                                 " needed %s MiB, available %s MiB" %
                                 (node, reason, requested, free_mem),
                                 errors.ECODE_NORES)
+  return free_mem
  
  
  def _CheckNodesFreeDiskPerVG(lu, nodenames, req_sizes):
  
  
  def _CheckNodesFreeDiskPerVG(lu, nodenames, req_sizes):
@@ -5087,12 +6863,13 @@ def _CheckNodesFreeDiskOnVG(lu, nodenames, vg, requested):
        or we cannot check the node
  
    """
        or we cannot check the node
  
    """
-  nodeinfo = lu.rpc.call_node_info(nodenames, vg, None)
+  nodeinfo = lu.rpc.call_node_info(nodenames, [vg], None)
    for node in nodenames:
      info = nodeinfo[node]
      info.Raise("Cannot get current information from node %s" % node,
                 prereq=True, ecode=errors.ECODE_ENVIRON)
    for node in nodenames:
      info = nodeinfo[node]
      info.Raise("Cannot get current information from node %s" % node,
                 prereq=True, ecode=errors.ECODE_ENVIRON)
-    vg_free = info.payload.get("vg_free", None)
+    (_, (vg_info, ), _) = info.payload
+    vg_free = vg_info.get("vg_free", None)
      if not isinstance(vg_free, int):
        raise errors.OpPrereqError("Can't compute free disk space on node"
                                   " %s for vg %s, result was '%s'" %
      if not isinstance(vg_free, int):
        raise errors.OpPrereqError("Can't compute free disk space on node"
                                   " %s for vg %s, result was '%s'" %
@@ -5104,6 +6881,41 @@ def _CheckNodesFreeDiskOnVG(lu, nodenames, vg, requested):
                                   errors.ECODE_NORES)
  
  
                                   errors.ECODE_NORES)
  
  
+def _CheckNodesPhysicalCPUs(lu, nodenames, requested, hypervisor_name):
+  """Checks if nodes have enough physical CPUs
+
+  This function checks if all given nodes have the needed number of
+  physical CPUs. In case any node has less CPUs or we cannot get the
+  information from the node, this function raises an OpPrereqError
+  exception.
+
+  @type lu: C{LogicalUnit}
+  @param lu: a logical unit from which we get configuration data
+  @type nodenames: C{list}
+  @param nodenames: the list of node names to check
+  @type requested: C{int}
+  @param requested: the minimum acceptable number of physical CPUs
+  @raise errors.OpPrereqError: if the node doesn't have enough CPUs,
+      or we cannot check the node
+
+  """
+  nodeinfo = lu.rpc.call_node_info(nodenames, None, [hypervisor_name])
+  for node in nodenames:
+    info = nodeinfo[node]
+    info.Raise("Cannot get current information from node %s" % node,
+               prereq=True, ecode=errors.ECODE_ENVIRON)
+    (_, _, (hv_info, )) = info.payload
+    num_cpus = hv_info.get("cpu_total", None)
+    if not isinstance(num_cpus, int):
+      raise errors.OpPrereqError("Can't compute the number of physical CPUs"
+                                 " on node %s, result was '%s'" %
+                                 (node, num_cpus), errors.ECODE_ENVIRON)
+    if requested > num_cpus:
+      raise errors.OpPrereqError("Node %s has %s physical CPUs, but %s are "
+                                 "required" % (node, num_cpus, requested),
+                                 errors.ECODE_NORES)
+
+
  class LUInstanceStartup(LogicalUnit):
    """Starts an instance.
  
  class LUInstanceStartup(LogicalUnit):
    """Starts an instance.
  
@@ -5116,10 +6928,16 @@ class LUInstanceStartup(LogicalUnit):
      # extra beparams
      if self.op.beparams:
        # fill the beparams dict
      # extra beparams
      if self.op.beparams:
        # fill the beparams dict
+      objects.UpgradeBeParams(self.op.beparams)
        utils.ForceDictType(self.op.beparams, constants.BES_PARAMETER_TYPES)
  
    def ExpandNames(self):
      self._ExpandAndLockInstance()
        utils.ForceDictType(self.op.beparams, constants.BES_PARAMETER_TYPES)
  
    def ExpandNames(self):
      self._ExpandAndLockInstance()
+    self.recalculate_locks[locking.LEVEL_NODE_RES] = constants.LOCKS_REPLACE
+
+  def DeclareLocks(self, level):
+    if level == locking.LEVEL_NODE_RES:
+      self._LockInstancesNodes(primary_only=True, level=locking.LEVEL_NODE_RES)
  
    def BuildHooksEnv(self):
      """Build hooks env.
  
    def BuildHooksEnv(self):
      """Build hooks env.
@@ -5130,9 +6948,17 @@ class LUInstanceStartup(LogicalUnit):
      env = {
        "FORCE": self.op.force,
        }
      env = {
        "FORCE": self.op.force,
        }
+
      env.update(_BuildInstanceHookEnvByObject(self, self.instance))
      env.update(_BuildInstanceHookEnvByObject(self, self.instance))
+
+    return env
+
+  def BuildHooksNodes(self):
+    """Build hooks nodes.
+
+    """
      nl = [self.cfg.GetMasterNode()] + list(self.instance.all_nodes)
      nl = [self.cfg.GetMasterNode()] + list(self.instance.all_nodes)
-    return env, nl, nl
+    return (nl, nl)
  
    def CheckPrereq(self):
      """Check prerequisites.
  
    def CheckPrereq(self):
      """Check prerequisites.
@@ -5155,17 +6981,20 @@ class LUInstanceStartup(LogicalUnit):
        hv_type.CheckParameterSyntax(filled_hvp)
        _CheckHVParams(self, instance.all_nodes, instance.hypervisor, filled_hvp)
  
        hv_type.CheckParameterSyntax(filled_hvp)
        _CheckHVParams(self, instance.all_nodes, instance.hypervisor, filled_hvp)
  
+    _CheckInstanceState(self, instance, INSTANCE_ONLINE)
+
      self.primary_offline = self.cfg.GetNodeInfo(instance.primary_node).offline
  
      if self.primary_offline and self.op.ignore_offline_nodes:
      self.primary_offline = self.cfg.GetNodeInfo(instance.primary_node).offline
  
      if self.primary_offline and self.op.ignore_offline_nodes:
-      self.proc.LogWarning("Ignoring offline primary node")
+      self.LogWarning("Ignoring offline primary node")
  
        if self.op.hvparams or self.op.beparams:
  
        if self.op.hvparams or self.op.beparams:
-        self.proc.LogWarning("Overridden parameters are ignored")
+        self.LogWarning("Overridden parameters are ignored")
      else:
        _CheckNodeOnline(self, instance.primary_node)
  
        bep = self.cfg.GetClusterInfo().FillBE(instance)
      else:
        _CheckNodeOnline(self, instance.primary_node)
  
        bep = self.cfg.GetClusterInfo().FillBE(instance)
+      bep.update(self.op.beparams)
  
        # check bridges existence
        _CheckInstanceBridgesExist(self, instance)
  
        # check bridges existence
        _CheckInstanceBridgesExist(self, instance)
@@ -5178,7 +7007,7 @@ class LUInstanceStartup(LogicalUnit):
        if not remote_info.payload: # not running already
          _CheckNodeFreeMemory(self, instance.primary_node,
                               "starting instance %s" % instance.name,
        if not remote_info.payload: # not running already
          _CheckNodeFreeMemory(self, instance.primary_node,
                               "starting instance %s" % instance.name,
-                             bep[constants.BE_MEMORY], instance.hypervisor)
+                             bep[constants.BE_MINMEM], instance.hypervisor)
  
    def Exec(self, feedback_fn):
      """Start the instance.
  
    def Exec(self, feedback_fn):
      """Start the instance.
@@ -5192,14 +7021,17 @@ class LUInstanceStartup(LogicalUnit):
  
      if self.primary_offline:
        assert self.op.ignore_offline_nodes
  
      if self.primary_offline:
        assert self.op.ignore_offline_nodes
-      self.proc.LogInfo("Primary node offline, marked instance as started")
+      self.LogInfo("Primary node offline, marked instance as started")
      else:
        node_current = instance.primary_node
  
        _StartInstanceDisks(self, instance, force)
  
      else:
        node_current = instance.primary_node
  
        _StartInstanceDisks(self, instance, force)
  
-      result = self.rpc.call_instance_start(node_current, instance,
-                                            self.op.hvparams, self.op.beparams)
+      result = \
+        self.rpc.call_instance_start(node_current,
+                                     (instance, self.op.hvparams,
+                                      self.op.beparams),
+                                     self.op.startup_paused)
        msg = result.fail_msg
        if msg:
          _ShutdownInstanceDisks(self, instance)
        msg = result.fail_msg
        if msg:
          _ShutdownInstanceDisks(self, instance)
@@ -5228,9 +7060,17 @@ class LUInstanceReboot(LogicalUnit):
        "REBOOT_TYPE": self.op.reboot_type,
        "SHUTDOWN_TIMEOUT": self.op.shutdown_timeout,
        }
        "REBOOT_TYPE": self.op.reboot_type,
        "SHUTDOWN_TIMEOUT": self.op.shutdown_timeout,
        }
+
      env.update(_BuildInstanceHookEnvByObject(self, self.instance))
      env.update(_BuildInstanceHookEnvByObject(self, self.instance))
+
+    return env
+
+  def BuildHooksNodes(self):
+    """Build hooks nodes.
+
+    """
      nl = [self.cfg.GetMasterNode()] + list(self.instance.all_nodes)
      nl = [self.cfg.GetMasterNode()] + list(self.instance.all_nodes)
-    return env, nl, nl
+    return (nl, nl)
  
    def CheckPrereq(self):
      """Check prerequisites.
  
    def CheckPrereq(self):
      """Check prerequisites.
@@ -5241,7 +7081,7 @@ class LUInstanceReboot(LogicalUnit):
      self.instance = instance = self.cfg.GetInstanceInfo(self.op.instance_name)
      assert self.instance is not None, \
        "Cannot retrieve locked instance %s" % self.op.instance_name
      self.instance = instance = self.cfg.GetInstanceInfo(self.op.instance_name)
      assert self.instance is not None, \
        "Cannot retrieve locked instance %s" % self.op.instance_name
-
+    _CheckInstanceState(self, instance, INSTANCE_ONLINE)
      _CheckNodeOnline(self, instance.primary_node)
  
      # check bridges existence
      _CheckNodeOnline(self, instance.primary_node)
  
      # check bridges existence
@@ -5255,10 +7095,16 @@ class LUInstanceReboot(LogicalUnit):
      ignore_secondaries = self.op.ignore_secondaries
      reboot_type = self.op.reboot_type
  
      ignore_secondaries = self.op.ignore_secondaries
      reboot_type = self.op.reboot_type
  
+    remote_info = self.rpc.call_instance_info(instance.primary_node,
+                                              instance.name,
+                                              instance.hypervisor)
+    remote_info.Raise("Error checking node %s" % instance.primary_node)
+    instance_running = bool(remote_info.payload)
+
      node_current = instance.primary_node
  
      node_current = instance.primary_node
  
-    if reboot_type in [constants.INSTANCE_REBOOT_SOFT,
-                       constants.INSTANCE_REBOOT_HARD]:
+    if instance_running and reboot_type in [constants.INSTANCE_REBOOT_SOFT,
+                                            constants.INSTANCE_REBOOT_HARD]:
        for disk in instance.disks:
          self.cfg.SetDiskID(disk, node_current)
        result = self.rpc.call_instance_reboot(node_current, instance,
        for disk in instance.disks:
          self.cfg.SetDiskID(disk, node_current)
        result = self.rpc.call_instance_reboot(node_current, instance,
@@ -5266,12 +7112,17 @@ class LUInstanceReboot(LogicalUnit):
                                               self.op.shutdown_timeout)
        result.Raise("Could not reboot instance")
      else:
                                               self.op.shutdown_timeout)
        result.Raise("Could not reboot instance")
      else:
-      result = self.rpc.call_instance_shutdown(node_current, instance,
-                                               self.op.shutdown_timeout)
-      result.Raise("Could not shutdown instance for full reboot")
-      _ShutdownInstanceDisks(self, instance)
+      if instance_running:
+        result = self.rpc.call_instance_shutdown(node_current, instance,
+                                                 self.op.shutdown_timeout)
+        result.Raise("Could not shutdown instance for full reboot")
+        _ShutdownInstanceDisks(self, instance)
+      else:
+        self.LogInfo("Instance %s was already stopped, starting now",
+                     instance.name)
        _StartInstanceDisks(self, instance, ignore_secondaries)
        _StartInstanceDisks(self, instance, ignore_secondaries)
-      result = self.rpc.call_instance_start(node_current, instance, None, None)
+      result = self.rpc.call_instance_start(node_current,
+                                            (instance, None, None), False)
        msg = result.fail_msg
        if msg:
          _ShutdownInstanceDisks(self, instance)
        msg = result.fail_msg
        if msg:
          _ShutdownInstanceDisks(self, instance)
@@ -5300,8 +7151,14 @@ class LUInstanceShutdown(LogicalUnit):
      """
      env = _BuildInstanceHookEnvByObject(self, self.instance)
      env["TIMEOUT"] = self.op.timeout
      """
      env = _BuildInstanceHookEnvByObject(self, self.instance)
      env["TIMEOUT"] = self.op.timeout
+    return env
+
+  def BuildHooksNodes(self):
+    """Build hooks nodes.
+
+    """
      nl = [self.cfg.GetMasterNode()] + list(self.instance.all_nodes)
      nl = [self.cfg.GetMasterNode()] + list(self.instance.all_nodes)
-    return env, nl, nl
+    return (nl, nl)
  
    def CheckPrereq(self):
      """Check prerequisites.
  
    def CheckPrereq(self):
      """Check prerequisites.
@@ -5313,11 +7170,13 @@ class LUInstanceShutdown(LogicalUnit):
      assert self.instance is not None, \
        "Cannot retrieve locked instance %s" % self.op.instance_name
  
      assert self.instance is not None, \
        "Cannot retrieve locked instance %s" % self.op.instance_name
  
+    _CheckInstanceState(self, self.instance, INSTANCE_ONLINE)
+
      self.primary_offline = \
        self.cfg.GetNodeInfo(self.instance.primary_node).offline
  
      if self.primary_offline and self.op.ignore_offline_nodes:
      self.primary_offline = \
        self.cfg.GetNodeInfo(self.instance.primary_node).offline
  
      if self.primary_offline and self.op.ignore_offline_nodes:
-      self.proc.LogWarning("Ignoring offline primary node")
+      self.LogWarning("Ignoring offline primary node")
      else:
        _CheckNodeOnline(self, self.instance.primary_node)
  
      else:
        _CheckNodeOnline(self, self.instance.primary_node)
  
@@ -5334,12 +7193,12 @@ class LUInstanceShutdown(LogicalUnit):
  
      if self.primary_offline:
        assert self.op.ignore_offline_nodes
  
      if self.primary_offline:
        assert self.op.ignore_offline_nodes
-      self.proc.LogInfo("Primary node offline, marked instance as stopped")
+      self.LogInfo("Primary node offline, marked instance as stopped")
      else:
        result = self.rpc.call_instance_shutdown(node_current, instance, timeout)
        msg = result.fail_msg
        if msg:
      else:
        result = self.rpc.call_instance_shutdown(node_current, instance, timeout)
        msg = result.fail_msg
        if msg:
-        self.proc.LogWarning("Could not shutdown instance: %s" % msg)
+        self.LogWarning("Could not shutdown instance: %s", msg)
  
        _ShutdownInstanceDisks(self, instance)
  
  
        _ShutdownInstanceDisks(self, instance)
  
@@ -5361,9 +7220,14 @@ class LUInstanceReinstall(LogicalUnit):
      This runs on master, primary and secondary nodes of the instance.
  
      """
      This runs on master, primary and secondary nodes of the instance.
  
      """
-    env = _BuildInstanceHookEnvByObject(self, self.instance)
+    return _BuildInstanceHookEnvByObject(self, self.instance)
+
+  def BuildHooksNodes(self):
+    """Build hooks nodes.
+
+    """
      nl = [self.cfg.GetMasterNode()] + list(self.instance.all_nodes)
      nl = [self.cfg.GetMasterNode()] + list(self.instance.all_nodes)
-    return env, nl, nl
+    return (nl, nl)
  
    def CheckPrereq(self):
      """Check prerequisites.
  
    def CheckPrereq(self):
      """Check prerequisites.
@@ -5376,15 +7240,12 @@ class LUInstanceReinstall(LogicalUnit):
        "Cannot retrieve locked instance %s" % self.op.instance_name
      _CheckNodeOnline(self, instance.primary_node, "Instance primary node"
                       " offline, cannot reinstall")
        "Cannot retrieve locked instance %s" % self.op.instance_name
      _CheckNodeOnline(self, instance.primary_node, "Instance primary node"
                       " offline, cannot reinstall")
-    for node in instance.secondary_nodes:
-      _CheckNodeOnline(self, node, "Instance secondary node offline,"
-                       " cannot reinstall")
  
      if instance.disk_template == constants.DT_DISKLESS:
        raise errors.OpPrereqError("Instance '%s' has no disks" %
                                   self.op.instance_name,
                                   errors.ECODE_INVAL)
  
      if instance.disk_template == constants.DT_DISKLESS:
        raise errors.OpPrereqError("Instance '%s' has no disks" %
                                   self.op.instance_name,
                                   errors.ECODE_INVAL)
-    _CheckInstanceDown(self, instance, "cannot reinstall")
+    _CheckInstanceState(self, instance, INSTANCE_DOWN, msg="cannot reinstall")
  
      if self.op.os_type is not None:
        # OS verification
  
      if self.op.os_type is not None:
        # OS verification
@@ -5421,9 +7282,9 @@ class LUInstanceReinstall(LogicalUnit):
      try:
        feedback_fn("Running the instance OS create scripts...")
        # FIXME: pass debug option from opcode to backend
      try:
        feedback_fn("Running the instance OS create scripts...")
        # FIXME: pass debug option from opcode to backend
-      result = self.rpc.call_instance_os_add(inst.primary_node, inst, True,
-                                             self.op.debug_level,
-                                             osparams=self.os_inst)
+      result = self.rpc.call_instance_os_add(inst.primary_node,
+                                             (inst, self.os_inst), True,
+                                             self.op.debug_level)
        result.Raise("Could not install OS for instance %s on node %s" %
                     (inst.name, inst.primary_node))
      finally:
        result.Raise("Could not install OS for instance %s on node %s" %
                     (inst.name, inst.primary_node))
      finally:
@@ -5438,25 +7299,149 @@ class LUInstanceRecreateDisks(LogicalUnit):
    HTYPE = constants.HTYPE_INSTANCE
    REQ_BGL = False
  
    HTYPE = constants.HTYPE_INSTANCE
    REQ_BGL = False
  
+  _MODIFYABLE = frozenset([
+    constants.IDISK_SIZE,
+    constants.IDISK_MODE,
+    ])
+
+  # New or changed disk parameters may have different semantics
+  assert constants.IDISK_PARAMS == (_MODIFYABLE | frozenset([
+    constants.IDISK_ADOPT,
+
+    # TODO: Implement support changing VG while recreating
+    constants.IDISK_VG,
+    constants.IDISK_METAVG,
+    ]))
+
+  def _RunAllocator(self):
+    """Run the allocator based on input opcode.
+
+    """
+    be_full = self.cfg.GetClusterInfo().FillBE(self.instance)
+
+    # FIXME
+    # The allocator should actually run in "relocate" mode, but current
+    # allocators don't support relocating all the nodes of an instance at
+    # the same time. As a workaround we use "allocate" mode, but this is
+    # suboptimal for two reasons:
+    # - The instance name passed to the allocator is present in the list of
+    #   existing instances, so there could be a conflict within the
+    #   internal structures of the allocator. This doesn't happen with the
+    #   current allocators, but it's a liability.
+    # - The allocator counts the resources used by the instance twice: once
+    #   because the instance exists already, and once because it tries to
+    #   allocate a new instance.
+    # The allocator could choose some of the nodes on which the instance is
+    # running, but that's not a problem. If the instance nodes are broken,
+    # they should be already be marked as drained or offline, and hence
+    # skipped by the allocator. If instance disks have been lost for other
+    # reasons, then recreating the disks on the same nodes should be fine.
+    disk_template = self.instance.disk_template
+    spindle_use = be_full[constants.BE_SPINDLE_USE]
+    req = iallocator.IAReqInstanceAlloc(name=self.op.instance_name,
+                                        disk_template=disk_template,
+                                        tags=list(self.instance.GetTags()),
+                                        os=self.instance.os,
+                                        nics=[{}],
+                                        vcpus=be_full[constants.BE_VCPUS],
+                                        memory=be_full[constants.BE_MAXMEM],
+                                        spindle_use=spindle_use,
+                                        disks=[{constants.IDISK_SIZE: d.size,
+                                                constants.IDISK_MODE: d.mode}
+                                                for d in self.instance.disks],
+                                        hypervisor=self.instance.hypervisor)
+    ial = iallocator.IAllocator(self.cfg, self.rpc, req)
+
+    ial.Run(self.op.iallocator)
+
+    assert req.RequiredNodes() == len(self.instance.all_nodes)
+
+    if not ial.success:
+      raise errors.OpPrereqError("Can't compute nodes using iallocator '%s':"
+                                 " %s" % (self.op.iallocator, ial.info),
+                                 errors.ECODE_NORES)
+
+    self.op.nodes = ial.result
+    self.LogInfo("Selected nodes for instance %s via iallocator %s: %s",
+                 self.op.instance_name, self.op.iallocator,
+                 utils.CommaJoin(ial.result))
+
    def CheckArguments(self):
    def CheckArguments(self):
-    # normalise the disk list
-    self.op.disks = sorted(frozenset(self.op.disks))
+    if self.op.disks and ht.TNonNegativeInt(self.op.disks[0]):
+      # Normalize and convert deprecated list of disk indices
+      self.op.disks = [(idx, {}) for idx in sorted(frozenset(self.op.disks))]
+
+    duplicates = utils.FindDuplicates(map(compat.fst, self.op.disks))
+    if duplicates:
+      raise errors.OpPrereqError("Some disks have been specified more than"
+                                 " once: %s" % utils.CommaJoin(duplicates),
+                                 errors.ECODE_INVAL)
+
+    # We don't want _CheckIAllocatorOrNode selecting the default iallocator
+    # when neither iallocator nor nodes are specified
+    if self.op.iallocator or self.op.nodes:
+      _CheckIAllocatorOrNode(self, "iallocator", "nodes")
+
+    for (idx, params) in self.op.disks:
+      utils.ForceDictType(params, constants.IDISK_PARAMS_TYPES)
+      unsupported = frozenset(params.keys()) - self._MODIFYABLE
+      if unsupported:
+        raise errors.OpPrereqError("Parameters for disk %s try to change"
+                                   " unmodifyable parameter(s): %s" %
+                                   (idx, utils.CommaJoin(unsupported)),
+                                   errors.ECODE_INVAL)
  
    def ExpandNames(self):
      self._ExpandAndLockInstance()
      self.recalculate_locks[locking.LEVEL_NODE] = constants.LOCKS_APPEND
  
    def ExpandNames(self):
      self._ExpandAndLockInstance()
      self.recalculate_locks[locking.LEVEL_NODE] = constants.LOCKS_APPEND
+
      if self.op.nodes:
        self.op.nodes = [_ExpandNodeName(self.cfg, n) for n in self.op.nodes]
        self.needed_locks[locking.LEVEL_NODE] = list(self.op.nodes)
      else:
        self.needed_locks[locking.LEVEL_NODE] = []
      if self.op.nodes:
        self.op.nodes = [_ExpandNodeName(self.cfg, n) for n in self.op.nodes]
        self.needed_locks[locking.LEVEL_NODE] = list(self.op.nodes)
      else:
        self.needed_locks[locking.LEVEL_NODE] = []
+      if self.op.iallocator:
+        # iallocator will select a new node in the same group
+        self.needed_locks[locking.LEVEL_NODEGROUP] = []
+        self.needed_locks[locking.LEVEL_NODE_ALLOC] = locking.ALL_SET
+
+    self.needed_locks[locking.LEVEL_NODE_RES] = []
  
    def DeclareLocks(self, level):
  
    def DeclareLocks(self, level):
-    if level == locking.LEVEL_NODE:
-      # if we replace the nodes, we only need to lock the old primary,
-      # otherwise we need to lock all nodes for disk re-creation
-      primary_only = bool(self.op.nodes)
-      self._LockInstancesNodes(primary_only=primary_only)
+    if level == locking.LEVEL_NODEGROUP:
+      assert self.op.iallocator is not None
+      assert not self.op.nodes
+      assert not self.needed_locks[locking.LEVEL_NODEGROUP]
+      self.share_locks[locking.LEVEL_NODEGROUP] = 1
+      # Lock the primary group used by the instance optimistically; this
+      # requires going via the node before it's locked, requiring
+      # verification later on
+      self.needed_locks[locking.LEVEL_NODEGROUP] = \
+        self.cfg.GetInstanceNodeGroups(self.op.instance_name, primary_only=True)
+
+    elif level == locking.LEVEL_NODE:
+      # If an allocator is used, then we lock all the nodes in the current
+      # instance group, as we don't know yet which ones will be selected;
+      # if we replace the nodes without using an allocator, locks are
+      # already declared in ExpandNames; otherwise, we need to lock all the
+      # instance nodes for disk re-creation
+      if self.op.iallocator:
+        assert not self.op.nodes
+        assert not self.needed_locks[locking.LEVEL_NODE]
+        assert len(self.owned_locks(locking.LEVEL_NODEGROUP)) == 1
+
+        # Lock member nodes of the group of the primary node
+        for group_uuid in self.owned_locks(locking.LEVEL_NODEGROUP):
+          self.needed_locks[locking.LEVEL_NODE].extend(
+            self.cfg.GetNodeGroup(group_uuid).members)
+
+        assert locking.NAL in self.owned_locks(locking.LEVEL_NODE_ALLOC)
+      elif not self.op.nodes:
+        self._LockInstancesNodes(primary_only=False)
+    elif level == locking.LEVEL_NODE_RES:
+      # Copy node locks
+      self.needed_locks[locking.LEVEL_NODE_RES] = \
+        _CopyLockList(self.needed_locks[locking.LEVEL_NODE])
  
    def BuildHooksEnv(self):
      """Build hooks env.
  
    def BuildHooksEnv(self):
      """Build hooks env.
@@ -5464,9 +7449,14 @@ class LUInstanceRecreateDisks(LogicalUnit):
      This runs on master, primary and secondary nodes of the instance.
  
      """
      This runs on master, primary and secondary nodes of the instance.
  
      """
-    env = _BuildInstanceHookEnvByObject(self, self.instance)
+    return _BuildInstanceHookEnvByObject(self, self.instance)
+
+  def BuildHooksNodes(self):
+    """Build hooks nodes.
+
+    """
      nl = [self.cfg.GetMasterNode()] + list(self.instance.all_nodes)
      nl = [self.cfg.GetMasterNode()] + list(self.instance.all_nodes)
-    return env, nl, nl
+    return (nl, nl)
  
    def CheckPrereq(self):
      """Check prerequisites.
  
    def CheckPrereq(self):
      """Check prerequisites.
@@ -5491,62 +7481,101 @@ class LUInstanceRecreateDisks(LogicalUnit):
        primary_node = self.op.nodes[0]
      else:
        primary_node = instance.primary_node
        primary_node = self.op.nodes[0]
      else:
        primary_node = instance.primary_node
-    _CheckNodeOnline(self, primary_node)
+    if not self.op.iallocator:
+      _CheckNodeOnline(self, primary_node)
  
      if instance.disk_template == constants.DT_DISKLESS:
        raise errors.OpPrereqError("Instance '%s' has no disks" %
                                   self.op.instance_name, errors.ECODE_INVAL)
  
      if instance.disk_template == constants.DT_DISKLESS:
        raise errors.OpPrereqError("Instance '%s' has no disks" %
                                   self.op.instance_name, errors.ECODE_INVAL)
+
+    # Verify if node group locks are still correct
+    owned_groups = self.owned_locks(locking.LEVEL_NODEGROUP)
+    if owned_groups:
+      # Node group locks are acquired only for the primary node (and only
+      # when the allocator is used)
+      _CheckInstanceNodeGroups(self.cfg, self.op.instance_name, owned_groups,
+                               primary_only=True)
+
      # if we replace nodes *and* the old primary is offline, we don't
      # if we replace nodes *and* the old primary is offline, we don't
-    # check
-    assert instance.primary_node in self.needed_locks[locking.LEVEL_NODE]
+    # check the instance state
      old_pnode = self.cfg.GetNodeInfo(instance.primary_node)
      old_pnode = self.cfg.GetNodeInfo(instance.primary_node)
-    if not (self.op.nodes and old_pnode.offline):
-      _CheckInstanceDown(self, instance, "cannot recreate disks")
+    if not ((self.op.iallocator or self.op.nodes) and old_pnode.offline):
+      _CheckInstanceState(self, instance, INSTANCE_NOT_RUNNING,
+                          msg="cannot recreate disks")
  
  
-    if not self.op.disks:
-      self.op.disks = range(len(instance.disks))
+    if self.op.disks:
+      self.disks = dict(self.op.disks)
      else:
      else:
-      for idx in self.op.disks:
-        if idx >= len(instance.disks):
-          raise errors.OpPrereqError("Invalid disk index passed '%s'" % idx,
-                                     errors.ECODE_INVAL)
-    if self.op.disks != range(len(instance.disks)) and self.op.nodes:
+      self.disks = dict((idx, {}) for idx in range(len(instance.disks)))
+
+    maxidx = max(self.disks.keys())
+    if maxidx >= len(instance.disks):
+      raise errors.OpPrereqError("Invalid disk index '%s'" % maxidx,
+                                 errors.ECODE_INVAL)
+
+    if ((self.op.nodes or self.op.iallocator) and
+        sorted(self.disks.keys()) != range(len(instance.disks))):
        raise errors.OpPrereqError("Can't recreate disks partially and"
                                   " change the nodes at the same time",
                                   errors.ECODE_INVAL)
        raise errors.OpPrereqError("Can't recreate disks partially and"
                                   " change the nodes at the same time",
                                   errors.ECODE_INVAL)
+
      self.instance = instance
  
      self.instance = instance
  
+    if self.op.iallocator:
+      self._RunAllocator()
+      # Release unneeded node and node resource locks
+      _ReleaseLocks(self, locking.LEVEL_NODE, keep=self.op.nodes)
+      _ReleaseLocks(self, locking.LEVEL_NODE_RES, keep=self.op.nodes)
+      _ReleaseLocks(self, locking.LEVEL_NODE_ALLOC)
+
+    assert not self.glm.is_owned(locking.LEVEL_NODE_ALLOC)
+
    def Exec(self, feedback_fn):
      """Recreate the disks.
  
      """
      instance = self.instance
  
    def Exec(self, feedback_fn):
      """Recreate the disks.
  
      """
      instance = self.instance
  
+    assert (self.owned_locks(locking.LEVEL_NODE) ==
+            self.owned_locks(locking.LEVEL_NODE_RES))
+
      to_skip = []
      to_skip = []
-    mods = [] # keeps track of needed logical_id changes
+    mods = [] # keeps track of needed changes
  
      for idx, disk in enumerate(instance.disks):
  
      for idx, disk in enumerate(instance.disks):
-      if idx not in self.op.disks: # disk idx has not been passed in
+      try:
+        changes = self.disks[idx]
+      except KeyError:
+        # Disk should not be recreated
          to_skip.append(idx)
          continue
          to_skip.append(idx)
          continue
+
        # update secondaries for disks, if needed
        # update secondaries for disks, if needed
-      if self.op.nodes:
-        if disk.dev_type == constants.LD_DRBD8:
-          # need to update the nodes and minors
-          assert len(self.op.nodes) == 2
-          assert len(disk.logical_id) == 6 # otherwise disk internals
-                                           # have changed
-          (_, _, old_port, _, _, old_secret) = disk.logical_id
-          new_minors = self.cfg.AllocateDRBDMinor(self.op.nodes, instance.name)
-          new_id = (self.op.nodes[0], self.op.nodes[1], old_port,
-                    new_minors[0], new_minors[1], old_secret)
-          assert len(disk.logical_id) == len(new_id)
-          mods.append((idx, new_id))
+      if self.op.nodes and disk.dev_type == constants.LD_DRBD8:
+        # need to update the nodes and minors
+        assert len(self.op.nodes) == 2
+        assert len(disk.logical_id) == 6 # otherwise disk internals
+                                         # have changed
+        (_, _, old_port, _, _, old_secret) = disk.logical_id
+        new_minors = self.cfg.AllocateDRBDMinor(self.op.nodes, instance.name)
+        new_id = (self.op.nodes[0], self.op.nodes[1], old_port,
+                  new_minors[0], new_minors[1], old_secret)
+        assert len(disk.logical_id) == len(new_id)
+      else:
+        new_id = None
+
+      mods.append((idx, new_id, changes))
  
      # now that we have passed all asserts above, we can apply the mods
      # in a single run (to avoid partial changes)
  
      # now that we have passed all asserts above, we can apply the mods
      # in a single run (to avoid partial changes)
-    for idx, new_id in mods:
-      instance.disks[idx].logical_id = new_id
+    for idx, new_id, changes in mods:
+      disk = instance.disks[idx]
+      if new_id is not None:
+        assert disk.dev_type == constants.LD_DRBD8
+        disk.logical_id = new_id
+      if changes:
+        disk.Update(size=changes.get(constants.IDISK_SIZE, None),
+                    mode=changes.get(constants.IDISK_MODE, None))
  
      # change primary node, if needed
      if self.op.nodes:
  
      # change primary node, if needed
      if self.op.nodes:
@@ -5557,6 +7586,9 @@ class LUInstanceRecreateDisks(LogicalUnit):
      if self.op.nodes:
        self.cfg.Update(instance, feedback_fn)
  
      if self.op.nodes:
        self.cfg.Update(instance, feedback_fn)
  
+    # All touched nodes must be locked
+    mylocks = self.owned_locks(locking.LEVEL_NODE)
+    assert mylocks.issuperset(frozenset(instance.all_nodes))
      _CreateDisks(self, instance, to_skip=to_skip)
  
  
      _CreateDisks(self, instance, to_skip=to_skip)
  
  
@@ -5573,7 +7605,7 @@ class LUInstanceRename(LogicalUnit):
      """
      if self.op.ip_check and not self.op.name_check:
        # TODO: make the ip check more flexible and not depend on the name check
      """
      if self.op.ip_check and not self.op.name_check:
        # TODO: make the ip check more flexible and not depend on the name check
-      raise errors.OpPrereqError("Cannot do ip check without a name check",
+      raise errors.OpPrereqError("IP address check requires a name check",
                                   errors.ECODE_INVAL)
  
    def BuildHooksEnv(self):
                                   errors.ECODE_INVAL)
  
    def BuildHooksEnv(self):
@@ -5584,8 +7616,14 @@ class LUInstanceRename(LogicalUnit):
      """
      env = _BuildInstanceHookEnvByObject(self, self.instance)
      env["INSTANCE_NEW_NAME"] = self.op.new_name
      """
      env = _BuildInstanceHookEnvByObject(self, self.instance)
      env["INSTANCE_NEW_NAME"] = self.op.new_name
+    return env
+
+  def BuildHooksNodes(self):
+    """Build hooks nodes.
+
+    """
      nl = [self.cfg.GetMasterNode()] + list(self.instance.all_nodes)
      nl = [self.cfg.GetMasterNode()] + list(self.instance.all_nodes)
-    return env, nl, nl
+    return (nl, nl)
  
    def CheckPrereq(self):
      """Check prerequisites.
  
    def CheckPrereq(self):
      """Check prerequisites.
@@ -5598,15 +7636,13 @@ class LUInstanceRename(LogicalUnit):
      instance = self.cfg.GetInstanceInfo(self.op.instance_name)
      assert instance is not None
      _CheckNodeOnline(self, instance.primary_node)
      instance = self.cfg.GetInstanceInfo(self.op.instance_name)
      assert instance is not None
      _CheckNodeOnline(self, instance.primary_node)
-    _CheckInstanceDown(self, instance, "cannot rename")
+    _CheckInstanceState(self, instance, INSTANCE_NOT_RUNNING,
+                        msg="cannot rename")
      self.instance = instance
  
      new_name = self.op.new_name
      if self.op.name_check:
      self.instance = instance
  
      new_name = self.op.new_name
      if self.op.name_check:
-      hostname = netutils.GetHostname(name=new_name)
-      if hostname != new_name:
-        self.LogInfo("Resolved given name '%s' to '%s'", new_name,
-                     hostname.name)
+      hostname = _CheckHostnameSane(self, new_name)
        new_name = self.op.new_name = hostname.name
        if (self.op.ip_check and
            netutils.TcpPing(hostname.ip, constants.DEFAULT_NODED_PORT)):
        new_name = self.op.new_name = hostname.name
        if (self.op.ip_check and
            netutils.TcpPing(hostname.ip, constants.DEFAULT_NODED_PORT)):
@@ -5627,15 +7663,18 @@ class LUInstanceRename(LogicalUnit):
      old_name = inst.name
  
      rename_file_storage = False
      old_name = inst.name
  
      rename_file_storage = False
-    if (inst.disk_template == constants.DT_FILE and
+    if (inst.disk_template in constants.DTS_FILEBASED and
          self.op.new_name != inst.name):
        old_file_storage_dir = os.path.dirname(inst.disks[0].logical_id[1])
        rename_file_storage = True
  
      self.cfg.RenameInstance(inst.name, self.op.new_name)
          self.op.new_name != inst.name):
        old_file_storage_dir = os.path.dirname(inst.disks[0].logical_id[1])
        rename_file_storage = True
  
      self.cfg.RenameInstance(inst.name, self.op.new_name)
-    # Change the instance lock. This is definitely safe while we hold the BGL
-    self.context.glm.remove(locking.LEVEL_INSTANCE, old_name)
-    self.context.glm.add(locking.LEVEL_INSTANCE, self.op.new_name)
+    # Change the instance lock. This is definitely safe while we hold the BGL.
+    # Otherwise the new lock would have to be added in acquired mode.
+    assert self.REQ_BGL
+    assert locking.BGL in self.owned_locks(locking.LEVEL_CLUSTER)
+    self.glm.remove(locking.LEVEL_INSTANCE, old_name)
+    self.glm.add(locking.LEVEL_INSTANCE, self.op.new_name)
  
      # re-read the instance from the configuration after rename
      inst = self.cfg.GetInstanceInfo(self.op.new_name)
  
      # re-read the instance from the configuration after rename
      inst = self.cfg.GetInstanceInfo(self.op.new_name)
@@ -5651,6 +7690,15 @@ class LUInstanceRename(LogicalUnit):
                      new_file_storage_dir))
  
      _StartInstanceDisks(self, inst, None)
                      new_file_storage_dir))
  
      _StartInstanceDisks(self, inst, None)
+    # update info on disks
+    info = _GetInstanceInfoText(inst)
+    for (idx, disk) in enumerate(inst.disks):
+      for node in inst.all_nodes:
+        self.cfg.SetDiskID(disk, node)
+        result = self.rpc.call_blockdev_setinfo(node, disk, info)
+        if result.fail_msg:
+          self.LogWarning("Error setting info on node %s for disk %s: %s",
+                          node, idx, result.fail_msg)
      try:
        result = self.rpc.call_instance_run_rename(inst.primary_node, inst,
                                                   old_name, self.op.debug_level)
      try:
        result = self.rpc.call_instance_run_rename(inst.primary_node, inst,
                                                   old_name, self.op.debug_level)
@@ -5659,7 +7707,7 @@ class LUInstanceRename(LogicalUnit):
          msg = ("Could not run OS rename script for instance %s on node %s"
                 " (but the instance has been renamed in Ganeti): %s" %
                 (inst.name, inst.primary_node, msg))
          msg = ("Could not run OS rename script for instance %s on node %s"
                 " (but the instance has been renamed in Ganeti): %s" %
                 (inst.name, inst.primary_node, msg))
-        self.proc.LogWarning(msg)
+        self.LogWarning(msg)
      finally:
        _ShutdownInstanceDisks(self, inst)
  
      finally:
        _ShutdownInstanceDisks(self, inst)
  
@@ -5677,11 +7725,16 @@ class LUInstanceRemove(LogicalUnit):
    def ExpandNames(self):
      self._ExpandAndLockInstance()
      self.needed_locks[locking.LEVEL_NODE] = []
    def ExpandNames(self):
      self._ExpandAndLockInstance()
      self.needed_locks[locking.LEVEL_NODE] = []
+    self.needed_locks[locking.LEVEL_NODE_RES] = []
      self.recalculate_locks[locking.LEVEL_NODE] = constants.LOCKS_REPLACE
  
    def DeclareLocks(self, level):
      if level == locking.LEVEL_NODE:
        self._LockInstancesNodes()
      self.recalculate_locks[locking.LEVEL_NODE] = constants.LOCKS_REPLACE
  
    def DeclareLocks(self, level):
      if level == locking.LEVEL_NODE:
        self._LockInstancesNodes()
+    elif level == locking.LEVEL_NODE_RES:
+      # Copy node locks
+      self.needed_locks[locking.LEVEL_NODE_RES] = \
+        _CopyLockList(self.needed_locks[locking.LEVEL_NODE])
  
    def BuildHooksEnv(self):
      """Build hooks env.
  
    def BuildHooksEnv(self):
      """Build hooks env.
@@ -5691,9 +7744,15 @@ class LUInstanceRemove(LogicalUnit):
      """
      env = _BuildInstanceHookEnvByObject(self, self.instance)
      env["SHUTDOWN_TIMEOUT"] = self.op.shutdown_timeout
      """
      env = _BuildInstanceHookEnvByObject(self, self.instance)
      env["SHUTDOWN_TIMEOUT"] = self.op.shutdown_timeout
+    return env
+
+  def BuildHooksNodes(self):
+    """Build hooks nodes.
+
+    """
      nl = [self.cfg.GetMasterNode()]
      nl_post = list(self.instance.all_nodes) + nl
      nl = [self.cfg.GetMasterNode()]
      nl_post = list(self.instance.all_nodes) + nl
-    return env, nl, nl_post
+    return (nl, nl_post)
  
    def CheckPrereq(self):
      """Check prerequisites.
  
    def CheckPrereq(self):
      """Check prerequisites.
@@ -5724,6 +7783,12 @@ class LUInstanceRemove(LogicalUnit):
                                   " node %s: %s" %
                                   (instance.name, instance.primary_node, msg))
  
                                   " node %s: %s" %
                                   (instance.name, instance.primary_node, msg))
  
+    assert (self.owned_locks(locking.LEVEL_NODE) ==
+            self.owned_locks(locking.LEVEL_NODE_RES))
+    assert not (set(instance.all_nodes) -
+                self.owned_locks(locking.LEVEL_NODE)), \
+      "Not owning correct locks"
+
      _RemoveInstance(self, feedback_fn, instance, self.op.ignore_failures)
  
  
      _RemoveInstance(self, feedback_fn, instance, self.op.ignore_failures)
  
  
@@ -5753,12 +7818,12 @@ class LUInstanceQuery(NoHooksLU):
    """Logical unit for querying instances.
  
    """
    """Logical unit for querying instances.
  
    """
-  # pylint: disable-msg=W0142
+  # pylint: disable=W0142
    REQ_BGL = False
  
    def CheckArguments(self):
    REQ_BGL = False
  
    def CheckArguments(self):
-    self.iq = _InstanceQuery(self.op.names, self.op.output_fields,
-                             self.op.use_locking)
+    self.iq = _InstanceQuery(qlang.MakeSimpleFilter("name", self.op.names),
+                             self.op.output_fields, self.op.use_locking)
  
    def ExpandNames(self):
      self.iq.ExpandNames(self)
  
    def ExpandNames(self):
      self.iq.ExpandNames(self)
@@ -5770,6 +7835,59 @@ class LUInstanceQuery(NoHooksLU):
      return self.iq.OldStyleQuery(self)
  
  
      return self.iq.OldStyleQuery(self)
  
  
+def _ExpandNamesForMigration(lu):
+  """Expands names for use with L{TLMigrateInstance}.
+
+  @type lu: L{LogicalUnit}
+
+  """
+  if lu.op.target_node is not None:
+    lu.op.target_node = _ExpandNodeName(lu.cfg, lu.op.target_node)
+
+  lu.needed_locks[locking.LEVEL_NODE] = []
+  lu.recalculate_locks[locking.LEVEL_NODE] = constants.LOCKS_REPLACE
+
+  lu.needed_locks[locking.LEVEL_NODE_RES] = []
+  lu.recalculate_locks[locking.LEVEL_NODE_RES] = constants.LOCKS_REPLACE
+
+  # The node allocation lock is actually only needed for replicated instances
+  # (e.g. DRBD8) and if an iallocator is used.
+  lu.needed_locks[locking.LEVEL_NODE_ALLOC] = []
+
+
+def _DeclareLocksForMigration(lu, level):
+  """Declares locks for L{TLMigrateInstance}.
+
+  @type lu: L{LogicalUnit}
+  @param level: Lock level
+
+  """
+  if level == locking.LEVEL_NODE_ALLOC:
+    assert lu.op.instance_name in lu.owned_locks(locking.LEVEL_INSTANCE)
+
+    instance = lu.cfg.GetInstanceInfo(lu.op.instance_name)
+
+    if instance.disk_template in constants.DTS_EXT_MIRROR:
+      if lu.op.target_node is None:
+        lu.needed_locks[locking.LEVEL_NODE] = locking.ALL_SET
+        lu.needed_locks[locking.LEVEL_NODE_ALLOC] = locking.ALL_SET
+      else:
+        lu.needed_locks[locking.LEVEL_NODE] = [instance.primary_node,
+                                               lu.op.target_node]
+      del lu.recalculate_locks[locking.LEVEL_NODE]
+    else:
+      lu._LockInstancesNodes() # pylint: disable=W0212
+
+  elif level == locking.LEVEL_NODE:
+    # Node locks are declared together with the node allocation lock
+    assert lu.needed_locks[locking.LEVEL_NODE]
+
+  elif level == locking.LEVEL_NODE_RES:
+    # Copy node locks
+    lu.needed_locks[locking.LEVEL_NODE_RES] = \
+      _CopyLockList(lu.needed_locks[locking.LEVEL_NODE])
+
+
  class LUInstanceFailover(LogicalUnit):
    """Failover an instance.
  
  class LUInstanceFailover(LogicalUnit):
    """Failover an instance.
  
@@ -5778,14 +7896,26 @@ class LUInstanceFailover(LogicalUnit):
    HTYPE = constants.HTYPE_INSTANCE
    REQ_BGL = False
  
    HTYPE = constants.HTYPE_INSTANCE
    REQ_BGL = False
  
+  def CheckArguments(self):
+    """Check the arguments.
+
+    """
+    self.iallocator = getattr(self.op, "iallocator", None)
+    self.target_node = getattr(self.op, "target_node", None)
+
    def ExpandNames(self):
      self._ExpandAndLockInstance()
    def ExpandNames(self):
      self._ExpandAndLockInstance()
-    self.needed_locks[locking.LEVEL_NODE] = []
-    self.recalculate_locks[locking.LEVEL_NODE] = constants.LOCKS_REPLACE
+    _ExpandNamesForMigration(self)
+
+    self._migrater = \
+      TLMigrateInstance(self, self.op.instance_name, False, True, False,
+                        self.op.ignore_consistency, True,
+                        self.op.shutdown_timeout, self.op.ignore_ipolicy)
+
+    self.tasklets = [self._migrater]
  
    def DeclareLocks(self, level):
  
    def DeclareLocks(self, level):
-    if level == locking.LEVEL_NODE:
-      self._LockInstancesNodes()
+    _DeclareLocksForMigration(self, level)
  
    def BuildHooksEnv(self):
      """Build hooks env.
  
    def BuildHooksEnv(self):
      """Build hooks env.
@@ -5793,128 +7923,33 @@ class LUInstanceFailover(LogicalUnit):
      This runs on master, primary and secondary nodes of the instance.
  
      """
      This runs on master, primary and secondary nodes of the instance.
  
      """
-    instance = self.instance
+    instance = self._migrater.instance
      source_node = instance.primary_node
      source_node = instance.primary_node
-    target_node = instance.secondary_nodes[0]
+    target_node = self.op.target_node
      env = {
        "IGNORE_CONSISTENCY": self.op.ignore_consistency,
        "SHUTDOWN_TIMEOUT": self.op.shutdown_timeout,
        "OLD_PRIMARY": source_node,
      env = {
        "IGNORE_CONSISTENCY": self.op.ignore_consistency,
        "SHUTDOWN_TIMEOUT": self.op.shutdown_timeout,
        "OLD_PRIMARY": source_node,
-      "OLD_SECONDARY": target_node,
        "NEW_PRIMARY": target_node,
        "NEW_PRIMARY": target_node,
-      "NEW_SECONDARY": source_node,
        }
        }
-    env.update(_BuildInstanceHookEnvByObject(self, instance))
-    nl = [self.cfg.GetMasterNode()] + list(instance.secondary_nodes)
-    nl_post = list(nl)
-    nl_post.append(source_node)
-    return env, nl, nl_post
-
-  def CheckPrereq(self):
-    """Check prerequisites.
-
-    This checks that the instance is in the cluster.
-
-    """
-    self.instance = instance = self.cfg.GetInstanceInfo(self.op.instance_name)
-    assert self.instance is not None, \
-      "Cannot retrieve locked instance %s" % self.op.instance_name
-
-    bep = self.cfg.GetClusterInfo().FillBE(instance)
-    if instance.disk_template not in constants.DTS_NET_MIRROR:
-      raise errors.OpPrereqError("Instance's disk layout is not"
-                                 " network mirrored, cannot failover.",
-                                 errors.ECODE_STATE)
  
  
-    secondary_nodes = instance.secondary_nodes
-    if not secondary_nodes:
-      raise errors.ProgrammerError("no secondary node but using "
-                                   "a mirrored disk template")
-
-    target_node = secondary_nodes[0]
-    _CheckNodeOnline(self, target_node)
-    _CheckNodeNotDrained(self, target_node)
-    if instance.admin_up:
-      # check memory requirements on the secondary node
-      _CheckNodeFreeMemory(self, target_node, "failing over instance %s" %
-                           instance.name, bep[constants.BE_MEMORY],
-                           instance.hypervisor)
+    if instance.disk_template in constants.DTS_INT_MIRROR:
+      env["OLD_SECONDARY"] = instance.secondary_nodes[0]
+      env["NEW_SECONDARY"] = source_node
      else:
      else:
-      self.LogInfo("Not checking memory on the secondary node as"
-                   " instance will not be started")
+      env["OLD_SECONDARY"] = env["NEW_SECONDARY"] = ""
  
  
-    # check bridge existance
-    _CheckInstanceBridgesExist(self, instance, node=target_node)
+    env.update(_BuildInstanceHookEnvByObject(self, instance))
  
  
-  def Exec(self, feedback_fn):
-    """Failover an instance.
+    return env
  
  
-    The failover is done by shutting it down on its present node and
-    starting it on the secondary.
+  def BuildHooksNodes(self):
+    """Build hooks nodes.
  
      """
  
      """
-    instance = self.instance
-    primary_node = self.cfg.GetNodeInfo(instance.primary_node)
-
-    source_node = instance.primary_node
-    target_node = instance.secondary_nodes[0]
-
-    if instance.admin_up:
-      feedback_fn("* checking disk consistency between source and target")
-      for dev in instance.disks:
-        # for drbd, these are drbd over lvm
-        if not _CheckDiskConsistency(self, dev, target_node, False):
-          if not self.op.ignore_consistency:
-            raise errors.OpExecError("Disk %s is degraded on target node,"
-                                     " aborting failover." % dev.iv_name)
-    else:
-      feedback_fn("* not checking disk consistency as instance is not running")
-
-    feedback_fn("* shutting down instance on source node")
-    logging.info("Shutting down instance %s on node %s",
-                 instance.name, source_node)
-
-    result = self.rpc.call_instance_shutdown(source_node, instance,
-                                             self.op.shutdown_timeout)
-    msg = result.fail_msg
-    if msg:
-      if self.op.ignore_consistency or primary_node.offline:
-        self.proc.LogWarning("Could not shutdown instance %s on node %s."
-                             " Proceeding anyway. Please make sure node"
-                             " %s is down. Error details: %s",
-                             instance.name, source_node, source_node, msg)
-      else:
-        raise errors.OpExecError("Could not shutdown instance %s on"
-                                 " node %s: %s" %
-                                 (instance.name, source_node, msg))
-
-    feedback_fn("* deactivating the instance's disks on source node")
-    if not _ShutdownInstanceDisks(self, instance, ignore_primary=True):
-      raise errors.OpExecError("Can't shut down the instance's disks.")
-
-    instance.primary_node = target_node
-    # distribute new instance config to the other nodes
-    self.cfg.Update(instance, feedback_fn)
-
-    # Only start the instance if it's marked as up
-    if instance.admin_up:
-      feedback_fn("* activating the instance's disks on target node")
-      logging.info("Starting instance %s on node %s",
-                   instance.name, target_node)
-
-      disks_ok, _ = _AssembleInstanceDisks(self, instance,
-                                           ignore_secondaries=True)
-      if not disks_ok:
-        _ShutdownInstanceDisks(self, instance)
-        raise errors.OpExecError("Can't activate the instance's disks")
-
-      feedback_fn("* starting the instance on the target node")
-      result = self.rpc.call_instance_start(target_node, instance, None, None)
-      msg = result.fail_msg
-      if msg:
-        _ShutdownInstanceDisks(self, instance)
-        raise errors.OpExecError("Could not start instance %s on node %s: %s" %
-                                 (instance.name, target_node, msg))
+    instance = self._migrater.instance
+    nl = [self.cfg.GetMasterNode()] + list(instance.secondary_nodes)
+    return (nl, nl + [instance.primary_node])
  
  
  class LUInstanceMigrate(LogicalUnit):
  
  
  class LUInstanceMigrate(LogicalUnit):
@@ -5930,17 +7965,19 @@ class LUInstanceMigrate(LogicalUnit):
  
    def ExpandNames(self):
      self._ExpandAndLockInstance()
  
    def ExpandNames(self):
      self._ExpandAndLockInstance()
+    _ExpandNamesForMigration(self)
  
  
-    self.needed_locks[locking.LEVEL_NODE] = []
-    self.recalculate_locks[locking.LEVEL_NODE] = constants.LOCKS_REPLACE
+    self._migrater = \
+      TLMigrateInstance(self, self.op.instance_name, self.op.cleanup,
+                        False, self.op.allow_failover, False,
+                        self.op.allow_runtime_changes,
+                        constants.DEFAULT_SHUTDOWN_TIMEOUT,
+                        self.op.ignore_ipolicy)
  
  
-    self._migrater = TLMigrateInstance(self, self.op.instance_name,
-                                       self.op.cleanup)
      self.tasklets = [self._migrater]
  
    def DeclareLocks(self, level):
      self.tasklets = [self._migrater]
  
    def DeclareLocks(self, level):
-    if level == locking.LEVEL_NODE:
-      self._LockInstancesNodes()
+    _DeclareLocksForMigration(self, level)
  
    def BuildHooksEnv(self):
      """Build hooks env.
  
    def BuildHooksEnv(self):
      """Build hooks env.
@@ -5950,20 +7987,31 @@ class LUInstanceMigrate(LogicalUnit):
      """
      instance = self._migrater.instance
      source_node = instance.primary_node
      """
      instance = self._migrater.instance
      source_node = instance.primary_node
-    target_node = instance.secondary_nodes[0]
+    target_node = self.op.target_node
      env = _BuildInstanceHookEnvByObject(self, instance)
      env = _BuildInstanceHookEnvByObject(self, instance)
-    env["MIGRATE_LIVE"] = self._migrater.live
-    env["MIGRATE_CLEANUP"] = self.op.cleanup
      env.update({
      env.update({
-        "OLD_PRIMARY": source_node,
-        "OLD_SECONDARY": target_node,
-        "NEW_PRIMARY": target_node,
-        "NEW_SECONDARY": source_node,
-        })
+      "MIGRATE_LIVE": self._migrater.live,
+      "MIGRATE_CLEANUP": self.op.cleanup,
+      "OLD_PRIMARY": source_node,
+      "NEW_PRIMARY": target_node,
+      "ALLOW_RUNTIME_CHANGES": self.op.allow_runtime_changes,
+      })
+
+    if instance.disk_template in constants.DTS_INT_MIRROR:
+      env["OLD_SECONDARY"] = target_node
+      env["NEW_SECONDARY"] = source_node
+    else:
+      env["OLD_SECONDARY"] = env["NEW_SECONDARY"] = None
+
+    return env
+
+  def BuildHooksNodes(self):
+    """Build hooks nodes.
+
+    """
+    instance = self._migrater.instance
      nl = [self.cfg.GetMasterNode()] + list(instance.secondary_nodes)
      nl = [self.cfg.GetMasterNode()] + list(instance.secondary_nodes)
-    nl_post = list(nl)
-    nl_post.append(source_node)
-    return env, nl, nl_post
+    return (nl, nl + [instance.primary_node])
  
  
  class LUInstanceMove(LogicalUnit):
  
  
  class LUInstanceMove(LogicalUnit):
@@ -5979,11 +8027,16 @@ class LUInstanceMove(LogicalUnit):
      target_node = _ExpandNodeName(self.cfg, self.op.target_node)
      self.op.target_node = target_node
      self.needed_locks[locking.LEVEL_NODE] = [target_node]
      target_node = _ExpandNodeName(self.cfg, self.op.target_node)
      self.op.target_node = target_node
      self.needed_locks[locking.LEVEL_NODE] = [target_node]
+    self.needed_locks[locking.LEVEL_NODE_RES] = []
      self.recalculate_locks[locking.LEVEL_NODE] = constants.LOCKS_APPEND
  
    def DeclareLocks(self, level):
      if level == locking.LEVEL_NODE:
        self._LockInstancesNodes(primary_only=True)
      self.recalculate_locks[locking.LEVEL_NODE] = constants.LOCKS_APPEND
  
    def DeclareLocks(self, level):
      if level == locking.LEVEL_NODE:
        self._LockInstancesNodes(primary_only=True)
+    elif level == locking.LEVEL_NODE_RES:
+      # Copy node locks
+      self.needed_locks[locking.LEVEL_NODE_RES] = \
+        _CopyLockList(self.needed_locks[locking.LEVEL_NODE])
  
    def BuildHooksEnv(self):
      """Build hooks env.
  
    def BuildHooksEnv(self):
      """Build hooks env.
@@ -5996,9 +8049,18 @@ class LUInstanceMove(LogicalUnit):
        "SHUTDOWN_TIMEOUT": self.op.shutdown_timeout,
        }
      env.update(_BuildInstanceHookEnvByObject(self, self.instance))
        "SHUTDOWN_TIMEOUT": self.op.shutdown_timeout,
        }
      env.update(_BuildInstanceHookEnvByObject(self, self.instance))
-    nl = [self.cfg.GetMasterNode()] + [self.instance.primary_node,
-                                       self.op.target_node]
-    return env, nl, nl
+    return env
+
+  def BuildHooksNodes(self):
+    """Build hooks nodes.
+
+    """
+    nl = [
+      self.cfg.GetMasterNode(),
+      self.instance.primary_node,
+      self.op.target_node,
+      ]
+    return (nl, nl)
  
    def CheckPrereq(self):
      """Check prerequisites.
  
    def CheckPrereq(self):
      """Check prerequisites.
@@ -6031,11 +8093,16 @@ class LUInstanceMove(LogicalUnit):
      _CheckNodeOnline(self, target_node)
      _CheckNodeNotDrained(self, target_node)
      _CheckNodeVmCapable(self, target_node)
      _CheckNodeOnline(self, target_node)
      _CheckNodeNotDrained(self, target_node)
      _CheckNodeVmCapable(self, target_node)
+    cluster = self.cfg.GetClusterInfo()
+    group_info = self.cfg.GetNodeGroup(node.group)
+    ipolicy = ganeti.masterd.instance.CalculateGroupIPolicy(cluster, group_info)
+    _CheckTargetNodeIPolicy(self, ipolicy, instance, node,
+                            ignore=self.op.ignore_ipolicy)
  
  
-    if instance.admin_up:
+    if instance.admin_state == constants.ADMINST_UP:
        # check memory requirements on the secondary node
        _CheckNodeFreeMemory(self, target_node, "failing over instance %s" %
        # check memory requirements on the secondary node
        _CheckNodeFreeMemory(self, target_node, "failing over instance %s" %
-                           instance.name, bep[constants.BE_MEMORY],
+                           instance.name, bep[constants.BE_MAXMEM],
                             instance.hypervisor)
      else:
        self.LogInfo("Not checking memory on the secondary node as"
                             instance.hypervisor)
      else:
        self.LogInfo("Not checking memory on the secondary node as"
@@ -6059,15 +8126,18 @@ class LUInstanceMove(LogicalUnit):
      self.LogInfo("Shutting down instance %s on source node %s",
                   instance.name, source_node)
  
      self.LogInfo("Shutting down instance %s on source node %s",
                   instance.name, source_node)
  
+    assert (self.owned_locks(locking.LEVEL_NODE) ==
+            self.owned_locks(locking.LEVEL_NODE_RES))
+
      result = self.rpc.call_instance_shutdown(source_node, instance,
                                               self.op.shutdown_timeout)
      msg = result.fail_msg
      if msg:
        if self.op.ignore_consistency:
      result = self.rpc.call_instance_shutdown(source_node, instance,
                                               self.op.shutdown_timeout)
      msg = result.fail_msg
      if msg:
        if self.op.ignore_consistency:
-        self.proc.LogWarning("Could not shutdown instance %s on node %s."
-                             " Proceeding anyway. Please make sure node"
-                             " %s is down. Error details: %s",
-                             instance.name, source_node, source_node, msg)
+        self.LogWarning("Could not shutdown instance %s on node %s."
+                        " Proceeding anyway. Please make sure node"
+                        " %s is down. Error details: %s",
+                        instance.name, source_node, source_node, msg)
        else:
          raise errors.OpExecError("Could not shutdown instance %s on"
                                   " node %s: %s" %
        else:
          raise errors.OpExecError("Could not shutdown instance %s on"
                                   " node %s: %s" %
@@ -6090,7 +8160,7 @@ class LUInstanceMove(LogicalUnit):
      # activate, get path, copy the data over
      for idx, disk in enumerate(instance.disks):
        self.LogInfo("Copying data for disk %d", idx)
      # activate, get path, copy the data over
      for idx, disk in enumerate(instance.disks):
        self.LogInfo("Copying data for disk %d", idx)
-      result = self.rpc.call_blockdev_assemble(target_node, disk,
+      result = self.rpc.call_blockdev_assemble(target_node, (disk, instance),
                                                 instance.name, True, idx)
        if result.fail_msg:
          self.LogWarning("Can't assemble newly created disk %d: %s",
                                                 instance.name, True, idx)
        if result.fail_msg:
          self.LogWarning("Can't assemble newly created disk %d: %s",
@@ -6098,7 +8168,7 @@ class LUInstanceMove(LogicalUnit):
          errs.append(result.fail_msg)
          break
        dev_path = result.payload
          errs.append(result.fail_msg)
          break
        dev_path = result.payload
-      result = self.rpc.call_blockdev_export(source_node, disk,
+      result = self.rpc.call_blockdev_export(source_node, (disk, instance),
                                               target_node, dev_path,
                                               cluster_name)
        if result.fail_msg:
                                               target_node, dev_path,
                                               cluster_name)
        if result.fail_msg:
@@ -6123,7 +8193,7 @@ class LUInstanceMove(LogicalUnit):
      _RemoveDisks(self, instance, target_node=source_node)
  
      # Only start the instance if it's marked as up
      _RemoveDisks(self, instance, target_node=source_node)
  
      # Only start the instance if it's marked as up
-    if instance.admin_up:
+    if instance.admin_state == constants.ADMINST_UP:
        self.LogInfo("Starting instance %s on node %s",
                     instance.name, target_node)
  
        self.LogInfo("Starting instance %s on node %s",
                     instance.name, target_node)
  
@@ -6133,7 +8203,8 @@ class LUInstanceMove(LogicalUnit):
          _ShutdownInstanceDisks(self, instance)
          raise errors.OpExecError("Can't activate the instance's disks")
  
          _ShutdownInstanceDisks(self, instance)
          raise errors.OpExecError("Can't activate the instance's disks")
  
-      result = self.rpc.call_instance_start(target_node, instance, None, None)
+      result = self.rpc.call_instance_start(target_node,
+                                            (instance, None, None), False)
        msg = result.fail_msg
        if msg:
          _ShutdownInstanceDisks(self, instance)
        msg = result.fail_msg
        if msg:
          _ShutdownInstanceDisks(self, instance)
@@ -6149,47 +8220,60 @@ class LUNodeMigrate(LogicalUnit):
    HTYPE = constants.HTYPE_NODE
    REQ_BGL = False
  
    HTYPE = constants.HTYPE_NODE
    REQ_BGL = False
  
+  def CheckArguments(self):
+    pass
+
    def ExpandNames(self):
      self.op.node_name = _ExpandNodeName(self.cfg, self.op.node_name)
  
    def ExpandNames(self):
      self.op.node_name = _ExpandNodeName(self.cfg, self.op.node_name)
  
+    self.share_locks = _ShareAll()
      self.needed_locks = {
        locking.LEVEL_NODE: [self.op.node_name],
        }
  
      self.needed_locks = {
        locking.LEVEL_NODE: [self.op.node_name],
        }
  
-    self.recalculate_locks[locking.LEVEL_NODE] = constants.LOCKS_APPEND
-
-    # Create tasklets for migrating instances for all instances on this node
-    names = []
-    tasklets = []
-
-    for inst in _GetNodePrimaryInstances(self.cfg, self.op.node_name):
-      logging.debug("Migrating instance %s", inst.name)
-      names.append(inst.name)
-
-      tasklets.append(TLMigrateInstance(self, inst.name, False))
-
-    self.tasklets = tasklets
-
-    # Declare instance locks
-    self.needed_locks[locking.LEVEL_INSTANCE] = names
-
-  def DeclareLocks(self, level):
-    if level == locking.LEVEL_NODE:
-      self._LockInstancesNodes()
-
    def BuildHooksEnv(self):
      """Build hooks env.
  
      This runs on the master, the primary and all the secondaries.
  
      """
    def BuildHooksEnv(self):
      """Build hooks env.
  
      This runs on the master, the primary and all the secondaries.
  
      """
-    env = {
+    return {
        "NODE_NAME": self.op.node_name,
        "NODE_NAME": self.op.node_name,
+      "ALLOW_RUNTIME_CHANGES": self.op.allow_runtime_changes,
        }
  
        }
  
+  def BuildHooksNodes(self):
+    """Build hooks nodes.
+
+    """
      nl = [self.cfg.GetMasterNode()]
      nl = [self.cfg.GetMasterNode()]
+    return (nl, nl)
+
+  def CheckPrereq(self):
+    pass
  
  
-    return (env, nl, nl)
+  def Exec(self, feedback_fn):
+    # Prepare jobs for migration instances
+    allow_runtime_changes = self.op.allow_runtime_changes
+    jobs = [
+      [opcodes.OpInstanceMigrate(instance_name=inst.name,
+                                 mode=self.op.mode,
+                                 live=self.op.live,
+                                 iallocator=self.op.iallocator,
+                                 target_node=self.op.target_node,
+                                 allow_runtime_changes=allow_runtime_changes,
+                                 ignore_ipolicy=self.op.ignore_ipolicy)]
+      for inst in _GetNodePrimaryInstances(self.cfg, self.op.node_name)]
+
+    # TODO: Run iallocator in this opcode and pass correct placement options to
+    # OpInstanceMigrate. Since other jobs can modify the cluster between
+    # running the iallocator and the actual migration, a good consistency model
+    # will have to be found.
+
+    assert (frozenset(self.owned_locks(locking.LEVEL_NODE)) ==
+            frozenset([self.op.node_name]))
+
+    return ResultWithJobs(jobs)
  
  
  class TLMigrateInstance(Tasklet):
  
  
  class TLMigrateInstance(Tasklet):
@@ -6198,9 +8282,34 @@ class TLMigrateInstance(Tasklet):
    @type live: boolean
    @ivar live: whether the migration will be done live or non-live;
        this variable is initalized only after CheckPrereq has run
    @type live: boolean
    @ivar live: whether the migration will be done live or non-live;
        this variable is initalized only after CheckPrereq has run
+  @type cleanup: boolean
+  @ivar cleanup: Wheater we cleanup from a failed migration
+  @type iallocator: string
+  @ivar iallocator: The iallocator used to determine target_node
+  @type target_node: string
+  @ivar target_node: If given, the target_node to reallocate the instance to
+  @type failover: boolean
+  @ivar failover: Whether operation results in failover or migration
+  @type fallback: boolean
+  @ivar fallback: Whether fallback to failover is allowed if migration not
+                  possible
+  @type ignore_consistency: boolean
+  @ivar ignore_consistency: Wheter we should ignore consistency between source
+                            and target node
+  @type shutdown_timeout: int
+  @ivar shutdown_timeout: In case of failover timeout of the shutdown
+  @type ignore_ipolicy: bool
+  @ivar ignore_ipolicy: If true, we can ignore instance policy when migrating
  
    """
  
    """
-  def __init__(self, lu, instance_name, cleanup):
+
+  # Constants
+  _MIGRATION_POLL_INTERVAL = 1      # seconds
+  _MIGRATION_FEEDBACK_INTERVAL = 10 # seconds
+
+  def __init__(self, lu, instance_name, cleanup, failover, fallback,
+               ignore_consistency, allow_runtime_changes, shutdown_timeout,
+               ignore_ipolicy):
      """Initializes this class.
  
      """
      """Initializes this class.
  
      """
@@ -6210,6 +8319,12 @@ class TLMigrateInstance(Tasklet):
      self.instance_name = instance_name
      self.cleanup = cleanup
      self.live = False # will be overridden later
      self.instance_name = instance_name
      self.cleanup = cleanup
      self.live = False # will be overridden later
+    self.failover = failover
+    self.fallback = fallback
+    self.ignore_consistency = ignore_consistency
+    self.shutdown_timeout = shutdown_timeout
+    self.ignore_ipolicy = ignore_ipolicy
+    self.allow_runtime_changes = allow_runtime_changes
  
    def CheckPrereq(self):
      """Check prerequisites.
  
    def CheckPrereq(self):
      """Check prerequisites.
@@ -6220,59 +8335,188 @@ class TLMigrateInstance(Tasklet):
      instance_name = _ExpandInstanceName(self.lu.cfg, self.instance_name)
      instance = self.cfg.GetInstanceInfo(instance_name)
      assert instance is not None
      instance_name = _ExpandInstanceName(self.lu.cfg, self.instance_name)
      instance = self.cfg.GetInstanceInfo(instance_name)
      assert instance is not None
+    self.instance = instance
+    cluster = self.cfg.GetClusterInfo()
  
  
-    if instance.disk_template != constants.DT_DRBD8:
-      raise errors.OpPrereqError("Instance's disk layout is not"
-                                 " drbd8, cannot migrate.", errors.ECODE_STATE)
+    if (not self.cleanup and
+        not instance.admin_state == constants.ADMINST_UP and
+        not self.failover and self.fallback):
+      self.lu.LogInfo("Instance is marked down or offline, fallback allowed,"
+                      " switching to failover")
+      self.failover = True
+
+    if instance.disk_template not in constants.DTS_MIRRORED:
+      if self.failover:
+        text = "failovers"
+      else:
+        text = "migrations"
+      raise errors.OpPrereqError("Instance's disk layout '%s' does not allow"
+                                 " %s" % (instance.disk_template, text),
+                                 errors.ECODE_STATE)
+
+    if instance.disk_template in constants.DTS_EXT_MIRROR:
+      assert locking.NAL in self.lu.owned_locks(locking.LEVEL_NODE_ALLOC)
+
+      _CheckIAllocatorOrNode(self.lu, "iallocator", "target_node")
+
+      if self.lu.op.iallocator:
+        self._RunAllocator()
+      else:
+        # We set set self.target_node as it is required by
+        # BuildHooksEnv
+        self.target_node = self.lu.op.target_node
+
+      # Check that the target node is correct in terms of instance policy
+      nodeinfo = self.cfg.GetNodeInfo(self.target_node)
+      group_info = self.cfg.GetNodeGroup(nodeinfo.group)
+      ipolicy = ganeti.masterd.instance.CalculateGroupIPolicy(cluster,
+                                                              group_info)
+      _CheckTargetNodeIPolicy(self.lu, ipolicy, instance, nodeinfo,
+                              ignore=self.ignore_ipolicy)
+
+      # self.target_node is already populated, either directly or by the
+      # iallocator run
+      target_node = self.target_node
+      if self.target_node == instance.primary_node:
+        raise errors.OpPrereqError("Cannot migrate instance %s"
+                                   " to its primary (%s)" %
+                                   (instance.name, instance.primary_node),
+                                   errors.ECODE_STATE)
  
  
-    secondary_nodes = instance.secondary_nodes
-    if not secondary_nodes:
-      raise errors.ConfigurationError("No secondary node but using"
-                                      " drbd8 disk template")
+      if len(self.lu.tasklets) == 1:
+        # It is safe to release locks only when we're the only tasklet
+        # in the LU
+        _ReleaseLocks(self.lu, locking.LEVEL_NODE,
+                      keep=[instance.primary_node, self.target_node])
+        _ReleaseLocks(self.lu, locking.LEVEL_NODE_ALLOC)
+
+    else:
+      assert not self.lu.glm.is_owned(locking.LEVEL_NODE_ALLOC)
+
+      secondary_nodes = instance.secondary_nodes
+      if not secondary_nodes:
+        raise errors.ConfigurationError("No secondary node but using"
+                                        " %s disk template" %
+                                        instance.disk_template)
+      target_node = secondary_nodes[0]
+      if self.lu.op.iallocator or (self.lu.op.target_node and
+                                   self.lu.op.target_node != target_node):
+        if self.failover:
+          text = "failed over"
+        else:
+          text = "migrated"
+        raise errors.OpPrereqError("Instances with disk template %s cannot"
+                                   " be %s to arbitrary nodes"
+                                   " (neither an iallocator nor a target"
+                                   " node can be passed)" %
+                                   (instance.disk_template, text),
+                                   errors.ECODE_INVAL)
+      nodeinfo = self.cfg.GetNodeInfo(target_node)
+      group_info = self.cfg.GetNodeGroup(nodeinfo.group)
+      ipolicy = ganeti.masterd.instance.CalculateGroupIPolicy(cluster,
+                                                              group_info)
+      _CheckTargetNodeIPolicy(self.lu, ipolicy, instance, nodeinfo,
+                              ignore=self.ignore_ipolicy)
  
  
-    i_be = self.cfg.GetClusterInfo().FillBE(instance)
+    i_be = cluster.FillBE(instance)
  
  
-    target_node = secondary_nodes[0]
      # check memory requirements on the secondary node
      # check memory requirements on the secondary node
-    _CheckNodeFreeMemory(self.lu, target_node, "migrating instance %s" %
-                         instance.name, i_be[constants.BE_MEMORY],
-                         instance.hypervisor)
+    if (not self.cleanup and
+         (not self.failover or instance.admin_state == constants.ADMINST_UP)):
+      self.tgt_free_mem = _CheckNodeFreeMemory(self.lu, target_node,
+                                               "migrating instance %s" %
+                                               instance.name,
+                                               i_be[constants.BE_MINMEM],
+                                               instance.hypervisor)
+    else:
+      self.lu.LogInfo("Not checking memory on the secondary node as"
+                      " instance will not be started")
+
+    # check if failover must be forced instead of migration
+    if (not self.cleanup and not self.failover and
+        i_be[constants.BE_ALWAYS_FAILOVER]):
+      self.lu.LogInfo("Instance configured to always failover; fallback"
+                      " to failover")
+      self.failover = True
  
      # check bridge existance
      _CheckInstanceBridgesExist(self.lu, instance, node=target_node)
  
      if not self.cleanup:
        _CheckNodeNotDrained(self.lu, target_node)
  
      # check bridge existance
      _CheckInstanceBridgesExist(self.lu, instance, node=target_node)
  
      if not self.cleanup:
        _CheckNodeNotDrained(self.lu, target_node)
-      result = self.rpc.call_instance_migratable(instance.primary_node,
-                                                 instance)
-      result.Raise("Can't migrate, please use failover",
-                   prereq=True, ecode=errors.ECODE_STATE)
-
-    self.instance = instance
+      if not self.failover:
+        result = self.rpc.call_instance_migratable(instance.primary_node,
+                                                   instance)
+        if result.fail_msg and self.fallback:
+          self.lu.LogInfo("Can't migrate, instance offline, fallback to"
+                          " failover")
+          self.failover = True
+        else:
+          result.Raise("Can't migrate, please use failover",
+                       prereq=True, ecode=errors.ECODE_STATE)
  
  
-    if self.lu.op.live is not None and self.lu.op.mode is not None:
-      raise errors.OpPrereqError("Only one of the 'live' and 'mode'"
-                                 " parameters are accepted",
-                                 errors.ECODE_INVAL)
-    if self.lu.op.live is not None:
-      if self.lu.op.live:
-        self.lu.op.mode = constants.HT_MIGRATION_LIVE
-      else:
-        self.lu.op.mode = constants.HT_MIGRATION_NONLIVE
-      # reset the 'live' parameter to None so that repeated
-      # invocations of CheckPrereq do not raise an exception
-      self.lu.op.live = None
-    elif self.lu.op.mode is None:
-      # read the default value from the hypervisor
-      i_hv = self.cfg.GetClusterInfo().FillHV(instance, skip_globals=False)
-      self.lu.op.mode = i_hv[constants.HV_MIGRATION_MODE]
+    assert not (self.failover and self.cleanup)
  
  
-    self.live = self.lu.op.mode == constants.HT_MIGRATION_LIVE
+    if not self.failover:
+      if self.lu.op.live is not None and self.lu.op.mode is not None:
+        raise errors.OpPrereqError("Only one of the 'live' and 'mode'"
+                                   " parameters are accepted",
+                                   errors.ECODE_INVAL)
+      if self.lu.op.live is not None:
+        if self.lu.op.live:
+          self.lu.op.mode = constants.HT_MIGRATION_LIVE
+        else:
+          self.lu.op.mode = constants.HT_MIGRATION_NONLIVE
+        # reset the 'live' parameter to None so that repeated
+        # invocations of CheckPrereq do not raise an exception
+        self.lu.op.live = None
+      elif self.lu.op.mode is None:
+        # read the default value from the hypervisor
+        i_hv = cluster.FillHV(self.instance, skip_globals=False)
+        self.lu.op.mode = i_hv[constants.HV_MIGRATION_MODE]
+
+      self.live = self.lu.op.mode == constants.HT_MIGRATION_LIVE
+    else:
+      # Failover is never live
+      self.live = False
  
  
-  def _WaitUntilSync(self):
-    """Poll with custom rpc for disk sync.
+    if not (self.failover or self.cleanup):
+      remote_info = self.rpc.call_instance_info(instance.primary_node,
+                                                instance.name,
+                                                instance.hypervisor)
+      remote_info.Raise("Error checking instance on node %s" %
+                        instance.primary_node)
+      instance_running = bool(remote_info.payload)
+      if instance_running:
+        self.current_mem = int(remote_info.payload["memory"])
  
  
-    This uses our own step-based rpc call.
+  def _RunAllocator(self):
+    """Run the allocator based on input opcode.
+
+    """
+    assert locking.NAL in self.lu.owned_locks(locking.LEVEL_NODE_ALLOC)
+
+    # FIXME: add a self.ignore_ipolicy option
+    req = iallocator.IAReqRelocate(name=self.instance_name,
+                                   relocate_from=[self.instance.primary_node])
+    ial = iallocator.IAllocator(self.cfg, self.rpc, req)
+
+    ial.Run(self.lu.op.iallocator)
+
+    if not ial.success:
+      raise errors.OpPrereqError("Can't compute nodes using"
+                                 " iallocator '%s': %s" %
+                                 (self.lu.op.iallocator, ial.info),
+                                 errors.ECODE_NORES)
+    self.target_node = ial.result[0]
+    self.lu.LogInfo("Selected nodes for instance %s via iallocator %s: %s",
+                    self.instance_name, self.lu.op.iallocator,
+                    utils.CommaJoin(ial.result))
+
+  def _WaitUntilSync(self):
+    """Poll with custom rpc for disk sync.
+
+    This uses our own step-based rpc call.
  
      """
      self.feedback_fn("* wait until resync is done")
  
      """
      self.feedback_fn("* wait until resync is done")
@@ -6281,7 +8525,8 @@ class TLMigrateInstance(Tasklet):
        all_done = True
        result = self.rpc.call_drbd_wait_sync(self.all_nodes,
                                              self.nodes_ip,
        all_done = True
        result = self.rpc.call_drbd_wait_sync(self.all_nodes,
                                              self.nodes_ip,
-                                            self.instance.disks)
+                                            (self.instance.disks,
+                                             self.instance))
        min_percent = 100
        for node, nres in result.items():
          nres.Raise("Cannot resync disks on node %s" % node)
        min_percent = 100
        for node, nres in result.items():
          nres.Raise("Cannot resync disks on node %s" % node)
@@ -6327,7 +8572,7 @@ class TLMigrateInstance(Tasklet):
        msg = "single-master"
      self.feedback_fn("* changing disks into %s mode" % msg)
      result = self.rpc.call_drbd_attach_net(self.all_nodes, self.nodes_ip,
        msg = "single-master"
      self.feedback_fn("* changing disks into %s mode" % msg)
      result = self.rpc.call_drbd_attach_net(self.all_nodes, self.nodes_ip,
-                                           self.instance.disks,
+                                           (self.instance.disks, self.instance),
                                             self.instance.name, multimaster)
      for node, nres in result.items():
        nres.Raise("Cannot change disks config on node %s" % node)
                                             self.instance.name, multimaster)
      for node, nres in result.items():
        nres.Raise("Cannot change disks config on node %s" % node)
@@ -6362,15 +8607,15 @@ class TLMigrateInstance(Tasklet):
  
      if runningon_source and runningon_target:
        raise errors.OpExecError("Instance seems to be running on two nodes,"
  
      if runningon_source and runningon_target:
        raise errors.OpExecError("Instance seems to be running on two nodes,"
-                               " or the hypervisor is confused. You will have"
+                               " or the hypervisor is confused; you will have"
                                 " to ensure manually that it runs only on one"
                                 " to ensure manually that it runs only on one"
-                               " and restart this operation.")
+                               " and restart this operation")
  
      if not (runningon_source or runningon_target):
  
      if not (runningon_source or runningon_target):
-      raise errors.OpExecError("Instance does not seem to be running at all."
-                               " In this case, it's safer to repair by"
+      raise errors.OpExecError("Instance does not seem to be running at all;"
+                               " in this case it's safer to repair by"
                                 " running 'gnt-instance stop' to ensure disk"
                                 " running 'gnt-instance stop' to ensure disk"
-                               " shutdown, and then restarting it.")
+                               " shutdown, and then restarting it")
  
      if runningon_target:
        # the migration has actually succeeded, we need to update the config
  
      if runningon_target:
        # the migration has actually succeeded, we need to update the config
@@ -6384,16 +8629,17 @@ class TLMigrateInstance(Tasklet):
                         " primary node (%s)" % source_node)
        demoted_node = target_node
  
                         " primary node (%s)" % source_node)
        demoted_node = target_node
  
-    self._EnsureSecondary(demoted_node)
-    try:
+    if instance.disk_template in constants.DTS_INT_MIRROR:
+      self._EnsureSecondary(demoted_node)
+      try:
+        self._WaitUntilSync()
+      except errors.OpExecError:
+        # we ignore here errors, since if the device is standalone, it
+        # won't be able to sync
+        pass
+      self._GoStandalone()
+      self._GoReconnect(False)
        self._WaitUntilSync()
        self._WaitUntilSync()
-    except errors.OpExecError:
-      # we ignore here errors, since if the device is standalone, it
-      # won't be able to sync
-      pass
-    self._GoStandalone()
-    self._GoReconnect(False)
-    self._WaitUntilSync()
  
      self.feedback_fn("* done")
  
  
      self.feedback_fn("* done")
  
@@ -6402,16 +8648,18 @@ class TLMigrateInstance(Tasklet):
  
      """
      target_node = self.target_node
  
      """
      target_node = self.target_node
+    if self.instance.disk_template in constants.DTS_EXT_MIRROR:
+      return
+
      try:
        self._EnsureSecondary(target_node)
        self._GoStandalone()
        self._GoReconnect(False)
        self._WaitUntilSync()
      except errors.OpExecError, err:
      try:
        self._EnsureSecondary(target_node)
        self._GoStandalone()
        self._GoReconnect(False)
        self._WaitUntilSync()
      except errors.OpExecError, err:
-      self.lu.LogWarning("Migration failed and I can't reconnect the"
-                         " drives: error '%s'\n"
-                         "Please look and recover the instance status" %
-                         str(err))
+      self.lu.LogWarning("Migration failed and I can't reconnect the drives,"
+                         " please try to recover the instance manually;"
+                         " error '%s'" % str(err))
  
    def _AbortMigration(self):
      """Call the hypervisor code to abort a started migration.
  
    def _AbortMigration(self):
      """Call the hypervisor code to abort a started migration.
@@ -6419,12 +8667,13 @@ class TLMigrateInstance(Tasklet):
      """
      instance = self.instance
      target_node = self.target_node
      """
      instance = self.instance
      target_node = self.target_node
+    source_node = self.source_node
      migration_info = self.migration_info
  
      migration_info = self.migration_info
  
-    abort_result = self.rpc.call_finalize_migration(target_node,
-                                                    instance,
-                                                    migration_info,
-                                                    False)
+    abort_result = self.rpc.call_instance_finalize_migration_dst(target_node,
+                                                                 instance,
+                                                                 migration_info,
+                                                                 False)
      abort_msg = abort_result.fail_msg
      if abort_msg:
        logging.error("Aborting migration failed on target node %s: %s",
      abort_msg = abort_result.fail_msg
      if abort_msg:
        logging.error("Aborting migration failed on target node %s: %s",
@@ -6432,6 +8681,13 @@ class TLMigrateInstance(Tasklet):
        # Don't raise an exception here, as we stil have to try to revert the
        # disk status, even if this step failed.
  
        # Don't raise an exception here, as we stil have to try to revert the
        # disk status, even if this step failed.
  
+    abort_result = self.rpc.call_instance_finalize_migration_src(
+      source_node, instance, False, self.live)
+    abort_msg = abort_result.fail_msg
+    if abort_msg:
+      logging.error("Aborting migration failed on source node %s: %s",
+                    source_node, abort_msg)
+
    def _ExecMigration(self):
      """Migrate an instance.
  
    def _ExecMigration(self):
      """Migrate an instance.
  
@@ -6448,12 +8704,43 @@ class TLMigrateInstance(Tasklet):
      target_node = self.target_node
      source_node = self.source_node
  
      target_node = self.target_node
      source_node = self.source_node
  
+    # Check for hypervisor version mismatch and warn the user.
+    nodeinfo = self.rpc.call_node_info([source_node, target_node],
+                                       None, [self.instance.hypervisor])
+    for ninfo in nodeinfo.values():
+      ninfo.Raise("Unable to retrieve node information from node '%s'" %
+                  ninfo.node)
+    (_, _, (src_info, )) = nodeinfo[source_node].payload
+    (_, _, (dst_info, )) = nodeinfo[target_node].payload
+
+    if ((constants.HV_NODEINFO_KEY_VERSION in src_info) and
+        (constants.HV_NODEINFO_KEY_VERSION in dst_info)):
+      src_version = src_info[constants.HV_NODEINFO_KEY_VERSION]
+      dst_version = dst_info[constants.HV_NODEINFO_KEY_VERSION]
+      if src_version != dst_version:
+        self.feedback_fn("* warning: hypervisor version mismatch between"
+                         " source (%s) and target (%s) node" %
+                         (src_version, dst_version))
+
      self.feedback_fn("* checking disk consistency between source and target")
      self.feedback_fn("* checking disk consistency between source and target")
-    for dev in instance.disks:
-      if not _CheckDiskConsistency(self.lu, dev, target_node, False):
+    for (idx, dev) in enumerate(instance.disks):
+      if not _CheckDiskConsistency(self.lu, instance, dev, target_node, False):
          raise errors.OpExecError("Disk %s is degraded or not fully"
                                   " synchronized on target node,"
          raise errors.OpExecError("Disk %s is degraded or not fully"
                                   " synchronized on target node,"
-                                 " aborting migrate." % dev.iv_name)
+                                 " aborting migration" % idx)
+
+    if self.current_mem > self.tgt_free_mem:
+      if not self.allow_runtime_changes:
+        raise errors.OpExecError("Memory ballooning not allowed and not enough"
+                                 " free memory to fit instance %s on target"
+                                 " node %s (have %dMB, need %dMB)" %
+                                 (instance.name, target_node,
+                                  self.tgt_free_mem, self.current_mem))
+      self.feedback_fn("* setting instance memory to %s" % self.tgt_free_mem)
+      rpcres = self.rpc.call_instance_balloon_memory(instance.primary_node,
+                                                     instance,
+                                                     self.tgt_free_mem)
+      rpcres.Raise("Cannot modify instance runtime memory")
  
      # First get the migration information from the remote node
      result = self.rpc.call_migration_info(source_node, instance)
  
      # First get the migration information from the remote node
      result = self.rpc.call_migration_info(source_node, instance)
@@ -6466,11 +8753,12 @@ class TLMigrateInstance(Tasklet):
  
      self.migration_info = migration_info = result.payload
  
  
      self.migration_info = migration_info = result.payload
  
-    # Then switch the disks to master/master mode
-    self._EnsureSecondary(target_node)
-    self._GoStandalone()
-    self._GoReconnect(True)
-    self._WaitUntilSync()
+    if self.instance.disk_template not in constants.DTS_EXT_MIRROR:
+      # Then switch the disks to master/master mode
+      self._EnsureSecondary(target_node)
+      self._GoStandalone()
+      self._GoReconnect(True)
+      self._WaitUntilSync()
  
      self.feedback_fn("* preparing %s to accept the instance" % target_node)
      result = self.rpc.call_accept_instance(target_node,
  
      self.feedback_fn("* preparing %s to accept the instance" % target_node)
      result = self.rpc.call_accept_instance(target_node,
@@ -6489,7 +8777,6 @@ class TLMigrateInstance(Tasklet):
                                 (instance.name, msg))
  
      self.feedback_fn("* migrating instance to %s" % target_node)
                                 (instance.name, msg))
  
      self.feedback_fn("* migrating instance to %s" % target_node)
-    time.sleep(10)
      result = self.rpc.call_instance_migrate(source_node, instance,
                                              self.nodes_ip[target_node],
                                              self.live)
      result = self.rpc.call_instance_migrate(source_node, instance,
                                              self.nodes_ip[target_node],
                                              self.live)
@@ -6502,55 +8789,211 @@ class TLMigrateInstance(Tasklet):
        self._RevertDiskStatus()
        raise errors.OpExecError("Could not migrate instance %s: %s" %
                                 (instance.name, msg))
        self._RevertDiskStatus()
        raise errors.OpExecError("Could not migrate instance %s: %s" %
                                 (instance.name, msg))
-    time.sleep(10)
+
+    self.feedback_fn("* starting memory transfer")
+    last_feedback = time.time()
+    while True:
+      result = self.rpc.call_instance_get_migration_status(source_node,
+                                                           instance)
+      msg = result.fail_msg
+      ms = result.payload   # MigrationStatus instance
+      if msg or (ms.status in constants.HV_MIGRATION_FAILED_STATUSES):
+        logging.error("Instance migration failed, trying to revert"
+                      " disk status: %s", msg)
+        self.feedback_fn("Migration failed, aborting")
+        self._AbortMigration()
+        self._RevertDiskStatus()
+        if not msg:
+          msg = "hypervisor returned failure"
+        raise errors.OpExecError("Could not migrate instance %s: %s" %
+                                 (instance.name, msg))
+
+      if result.payload.status != constants.HV_MIGRATION_ACTIVE:
+        self.feedback_fn("* memory transfer complete")
+        break
+
+      if (utils.TimeoutExpired(last_feedback,
+                               self._MIGRATION_FEEDBACK_INTERVAL) and
+          ms.transferred_ram is not None):
+        mem_progress = 100 * float(ms.transferred_ram) / float(ms.total_ram)
+        self.feedback_fn("* memory transfer progress: %.2f %%" % mem_progress)
+        last_feedback = time.time()
+
+      time.sleep(self._MIGRATION_POLL_INTERVAL)
+
+    result = self.rpc.call_instance_finalize_migration_src(source_node,
+                                                           instance,
+                                                           True,
+                                                           self.live)
+    msg = result.fail_msg
+    if msg:
+      logging.error("Instance migration succeeded, but finalization failed"
+                    " on the source node: %s", msg)
+      raise errors.OpExecError("Could not finalize instance migration: %s" %
+                               msg)
  
      instance.primary_node = target_node
  
      instance.primary_node = target_node
+
      # distribute new instance config to the other nodes
      self.cfg.Update(instance, self.feedback_fn)
  
      # distribute new instance config to the other nodes
      self.cfg.Update(instance, self.feedback_fn)
  
-    result = self.rpc.call_finalize_migration(target_node,
-                                              instance,
-                                              migration_info,
-                                              True)
+    result = self.rpc.call_instance_finalize_migration_dst(target_node,
+                                                           instance,
+                                                           migration_info,
+                                                           True)
      msg = result.fail_msg
      if msg:
      msg = result.fail_msg
      if msg:
-      logging.error("Instance migration succeeded, but finalization failed:"
-                    " %s", msg)
+      logging.error("Instance migration succeeded, but finalization failed"
+                    " on the target node: %s", msg)
        raise errors.OpExecError("Could not finalize instance migration: %s" %
                                 msg)
  
        raise errors.OpExecError("Could not finalize instance migration: %s" %
                                 msg)
  
-    self._EnsureSecondary(source_node)
-    self._WaitUntilSync()
-    self._GoStandalone()
-    self._GoReconnect(False)
-    self._WaitUntilSync()
+    if self.instance.disk_template not in constants.DTS_EXT_MIRROR:
+      self._EnsureSecondary(source_node)
+      self._WaitUntilSync()
+      self._GoStandalone()
+      self._GoReconnect(False)
+      self._WaitUntilSync()
+
+    # If the instance's disk template is `rbd' and there was a successful
+    # migration, unmap the device from the source node.
+    if self.instance.disk_template == constants.DT_RBD:
+      disks = _ExpandCheckDisks(instance, instance.disks)
+      self.feedback_fn("* unmapping instance's disks from %s" % source_node)
+      for disk in disks:
+        result = self.rpc.call_blockdev_shutdown(source_node, (disk, instance))
+        msg = result.fail_msg
+        if msg:
+          logging.error("Migration was successful, but couldn't unmap the"
+                        " block device %s on source node %s: %s",
+                        disk.iv_name, source_node, msg)
+          logging.error("You need to unmap the device %s manually on %s",
+                        disk.iv_name, source_node)
  
      self.feedback_fn("* done")
  
  
      self.feedback_fn("* done")
  
+  def _ExecFailover(self):
+    """Failover an instance.
+
+    The failover is done by shutting it down on its present node and
+    starting it on the secondary.
+
+    """
+    instance = self.instance
+    primary_node = self.cfg.GetNodeInfo(instance.primary_node)
+
+    source_node = instance.primary_node
+    target_node = self.target_node
+
+    if instance.admin_state == constants.ADMINST_UP:
+      self.feedback_fn("* checking disk consistency between source and target")
+      for (idx, dev) in enumerate(instance.disks):
+        # for drbd, these are drbd over lvm
+        if not _CheckDiskConsistency(self.lu, instance, dev, target_node,
+                                     False):
+          if primary_node.offline:
+            self.feedback_fn("Node %s is offline, ignoring degraded disk %s on"
+                             " target node %s" %
+                             (primary_node.name, idx, target_node))
+          elif not self.ignore_consistency:
+            raise errors.OpExecError("Disk %s is degraded on target node,"
+                                     " aborting failover" % idx)
+    else:
+      self.feedback_fn("* not checking disk consistency as instance is not"
+                       " running")
+
+    self.feedback_fn("* shutting down instance on source node")
+    logging.info("Shutting down instance %s on node %s",
+                 instance.name, source_node)
+
+    result = self.rpc.call_instance_shutdown(source_node, instance,
+                                             self.shutdown_timeout)
+    msg = result.fail_msg
+    if msg:
+      if self.ignore_consistency or primary_node.offline:
+        self.lu.LogWarning("Could not shutdown instance %s on node %s,"
+                           " proceeding anyway; please make sure node"
+                           " %s is down; error details: %s",
+                           instance.name, source_node, source_node, msg)
+      else:
+        raise errors.OpExecError("Could not shutdown instance %s on"
+                                 " node %s: %s" %
+                                 (instance.name, source_node, msg))
+
+    self.feedback_fn("* deactivating the instance's disks on source node")
+    if not _ShutdownInstanceDisks(self.lu, instance, ignore_primary=True):
+      raise errors.OpExecError("Can't shut down the instance's disks")
+
+    instance.primary_node = target_node
+    # distribute new instance config to the other nodes
+    self.cfg.Update(instance, self.feedback_fn)
+
+    # Only start the instance if it's marked as up
+    if instance.admin_state == constants.ADMINST_UP:
+      self.feedback_fn("* activating the instance's disks on target node %s" %
+                       target_node)
+      logging.info("Starting instance %s on node %s",
+                   instance.name, target_node)
+
+      disks_ok, _ = _AssembleInstanceDisks(self.lu, instance,
+                                           ignore_secondaries=True)
+      if not disks_ok:
+        _ShutdownInstanceDisks(self.lu, instance)
+        raise errors.OpExecError("Can't activate the instance's disks")
+
+      self.feedback_fn("* starting the instance on the target node %s" %
+                       target_node)
+      result = self.rpc.call_instance_start(target_node, (instance, None, None),
+                                            False)
+      msg = result.fail_msg
+      if msg:
+        _ShutdownInstanceDisks(self.lu, instance)
+        raise errors.OpExecError("Could not start instance %s on node %s: %s" %
+                                 (instance.name, target_node, msg))
+
    def Exec(self, feedback_fn):
      """Perform the migration.
  
      """
    def Exec(self, feedback_fn):
      """Perform the migration.
  
      """
-    feedback_fn("Migrating instance %s" % self.instance.name)
-
      self.feedback_fn = feedback_fn
      self.feedback_fn = feedback_fn
-
      self.source_node = self.instance.primary_node
      self.source_node = self.instance.primary_node
-    self.target_node = self.instance.secondary_nodes[0]
+
+    # FIXME: if we implement migrate-to-any in DRBD, this needs fixing
+    if self.instance.disk_template in constants.DTS_INT_MIRROR:
+      self.target_node = self.instance.secondary_nodes[0]
+      # Otherwise self.target_node has been populated either
+      # directly, or through an iallocator.
+
      self.all_nodes = [self.source_node, self.target_node]
      self.all_nodes = [self.source_node, self.target_node]
-    self.nodes_ip = {
-      self.source_node: self.cfg.GetNodeInfo(self.source_node).secondary_ip,
-      self.target_node: self.cfg.GetNodeInfo(self.target_node).secondary_ip,
-      }
+    self.nodes_ip = dict((name, node.secondary_ip) for (name, node)
+                         in self.cfg.GetMultiNodeInfo(self.all_nodes))
  
  
-    if self.cleanup:
-      return self._ExecCleanup()
+    if self.failover:
+      feedback_fn("Failover instance %s" % self.instance.name)
+      self._ExecFailover()
      else:
      else:
-      return self._ExecMigration()
+      feedback_fn("Migrating instance %s" % self.instance.name)
+
+      if self.cleanup:
+        return self._ExecCleanup()
+      else:
+        return self._ExecMigration()
+
+
+def _CreateBlockDev(lu, node, instance, device, force_create, info,
+                    force_open):
+  """Wrapper around L{_CreateBlockDevInner}.
+
+  This method annotates the root device first.
+
+  """
+  (disk,) = _AnnotateDiskParams(instance, [device], lu.cfg)
+  return _CreateBlockDevInner(lu, node, instance, disk, force_create, info,
+                              force_open)
  
  
  
  
-def _CreateBlockDev(lu, node, instance, device, force_create,
-                    info, force_open):
+def _CreateBlockDevInner(lu, node, instance, device, force_create,
+                         info, force_open):
    """Create a tree of block devices on a given node.
  
    If this device type has to be created on secondaries, create it and
    """Create a tree of block devices on a given node.
  
    If this device type has to be created on secondaries, create it and
@@ -6558,6 +9001,8 @@ def _CreateBlockDev(lu, node, instance, device, force_create,
  
    If not, just recurse to children keeping the same 'force' value.
  
  
    If not, just recurse to children keeping the same 'force' value.
  
+  @attention: The device has to be annotated already.
+
    @param lu: the lu on whose behalf we execute
    @param node: the node on which to create the device
    @type instance: L{objects.Instance}
    @param lu: the lu on whose behalf we execute
    @param node: the node on which to create the device
    @type instance: L{objects.Instance}
@@ -6582,8 +9027,8 @@ def _CreateBlockDev(lu, node, instance, device, force_create,
  
    if device.children:
      for child in device.children:
  
    if device.children:
      for child in device.children:
-      _CreateBlockDev(lu, node, instance, child, force_create,
-                      info, force_open)
+      _CreateBlockDevInner(lu, node, instance, child, force_create,
+                           info, force_open)
  
    if not force_create:
      return
  
    if not force_create:
      return
@@ -6642,24 +9087,43 @@ def _GenerateDRBD8Branch(lu, primary, secondary, size, vgnames, names,
    assert len(vgnames) == len(names) == 2
    port = lu.cfg.AllocatePort()
    shared_secret = lu.cfg.GenerateDRBDSecret(lu.proc.GetECId())
    assert len(vgnames) == len(names) == 2
    port = lu.cfg.AllocatePort()
    shared_secret = lu.cfg.GenerateDRBDSecret(lu.proc.GetECId())
+
    dev_data = objects.Disk(dev_type=constants.LD_LV, size=size,
    dev_data = objects.Disk(dev_type=constants.LD_LV, size=size,
-                          logical_id=(vgnames[0], names[0]))
-  dev_meta = objects.Disk(dev_type=constants.LD_LV, size=128,
-                          logical_id=(vgnames[1], names[1]))
+                          logical_id=(vgnames[0], names[0]),
+                          params={})
+  dev_meta = objects.Disk(dev_type=constants.LD_LV,
+                          size=constants.DRBD_META_SIZE,
+                          logical_id=(vgnames[1], names[1]),
+                          params={})
    drbd_dev = objects.Disk(dev_type=constants.LD_DRBD8, size=size,
                            logical_id=(primary, secondary, port,
                                        p_minor, s_minor,
                                        shared_secret),
                            children=[dev_data, dev_meta],
    drbd_dev = objects.Disk(dev_type=constants.LD_DRBD8, size=size,
                            logical_id=(primary, secondary, port,
                                        p_minor, s_minor,
                                        shared_secret),
                            children=[dev_data, dev_meta],
-                          iv_name=iv_name)
+                          iv_name=iv_name, params={})
    return drbd_dev
  
  
    return drbd_dev
  
  
-def _GenerateDiskTemplate(lu, template_name,
-                          instance_name, primary_node,
-                          secondary_nodes, disk_info,
-                          file_storage_dir, file_driver,
-                          base_index, feedback_fn):
+_DISK_TEMPLATE_NAME_PREFIX = {
+  constants.DT_PLAIN: "",
+  constants.DT_RBD: ".rbd",
+  }
+
+
+_DISK_TEMPLATE_DEVICE_TYPE = {
+  constants.DT_PLAIN: constants.LD_LV,
+  constants.DT_FILE: constants.LD_FILE,
+  constants.DT_SHARED_FILE: constants.LD_FILE,
+  constants.DT_BLOCK: constants.LD_BLOCKDEV,
+  constants.DT_RBD: constants.LD_RBD,
+  }
+
+
+def _GenerateDiskTemplate(
+  lu, template_name, instance_name, primary_node, secondary_nodes,
+  disk_info, file_storage_dir, file_driver, base_index,
+  feedback_fn, full_disk_params, _req_file_storage=opcodes.RequireFileStorage,
+  _req_shr_file_storage=opcodes.RequireSharedFileStorage):
    """Generate the entire disk layout for a given template type.
  
    """
    """Generate the entire disk layout for a given template type.
  
    """
@@ -6668,23 +9132,9 @@ def _GenerateDiskTemplate(lu, template_name,
    vgname = lu.cfg.GetVGName()
    disk_count = len(disk_info)
    disks = []
    vgname = lu.cfg.GetVGName()
    disk_count = len(disk_info)
    disks = []
+
    if template_name == constants.DT_DISKLESS:
      pass
    if template_name == constants.DT_DISKLESS:
      pass
-  elif template_name == constants.DT_PLAIN:
-    if len(secondary_nodes) != 0:
-      raise errors.ProgrammerError("Wrong template configuration")
-
-    names = _GenerateUniqueNames(lu, [".disk%d" % (base_index + i)
-                                      for i in range(disk_count)])
-    for idx, disk in enumerate(disk_info):
-      disk_index = idx + base_index
-      vg = disk.get("vg", vgname)
-      feedback_fn("* disk %i, vg %s, name %s" % (idx, vg, names[idx]))
-      disk_dev = objects.Disk(dev_type=constants.LD_LV, size=disk["size"],
-                              logical_id=(vg, names[idx]),
-                              iv_name="disk/%d" % disk_index,
-                              mode=disk["mode"])
-      disks.append(disk_dev)
    elif template_name == constants.DT_DRBD8:
      if len(secondary_nodes) != 1:
        raise errors.ProgrammerError("Wrong template configuration")
    elif template_name == constants.DT_DRBD8:
      if len(secondary_nodes) != 1:
        raise errors.ProgrammerError("Wrong template configuration")
@@ -6692,6 +9142,10 @@ def _GenerateDiskTemplate(lu, template_name,
      minors = lu.cfg.AllocateDRBDMinor(
        [primary_node, remote_node] * len(disk_info), instance_name)
  
      minors = lu.cfg.AllocateDRBDMinor(
        [primary_node, remote_node] * len(disk_info), instance_name)
  
+    (drbd_params, _, _) = objects.Disk.ComputeLDParams(template_name,
+                                                       full_disk_params)
+    drbd_default_metavg = drbd_params[constants.LDP_DEFAULT_METAVG]
+
      names = []
      for lv_prefix in _GenerateUniqueNames(lu, [".disk%d" % (base_index + i)
                                                 for i in range(disk_count)]):
      names = []
      for lv_prefix in _GenerateUniqueNames(lu, [".disk%d" % (base_index + i)
                                                 for i in range(disk_count)]):
@@ -6699,32 +9153,66 @@ def _GenerateDiskTemplate(lu, template_name,
        names.append(lv_prefix + "_meta")
      for idx, disk in enumerate(disk_info):
        disk_index = idx + base_index
        names.append(lv_prefix + "_meta")
      for idx, disk in enumerate(disk_info):
        disk_index = idx + base_index
-      data_vg = disk.get("vg", vgname)
-      meta_vg = disk.get("metavg", data_vg)
+      data_vg = disk.get(constants.IDISK_VG, vgname)
+      meta_vg = disk.get(constants.IDISK_METAVG, drbd_default_metavg)
        disk_dev = _GenerateDRBD8Branch(lu, primary_node, remote_node,
        disk_dev = _GenerateDRBD8Branch(lu, primary_node, remote_node,
-                                      disk["size"], [data_vg, meta_vg],
-                                      names[idx*2:idx*2+2],
+                                      disk[constants.IDISK_SIZE],
+                                      [data_vg, meta_vg],
+                                      names[idx * 2:idx * 2 + 2],
                                        "disk/%d" % disk_index,
                                        "disk/%d" % disk_index,
-                                      minors[idx*2], minors[idx*2+1])
-      disk_dev.mode = disk["mode"]
+                                      minors[idx * 2], minors[idx * 2 + 1])
+      disk_dev.mode = disk[constants.IDISK_MODE]
        disks.append(disk_dev)
        disks.append(disk_dev)
-  elif template_name == constants.DT_FILE:
-    if len(secondary_nodes) != 0:
+  else:
+    if secondary_nodes:
        raise errors.ProgrammerError("Wrong template configuration")
  
        raise errors.ProgrammerError("Wrong template configuration")
  
-    opcodes.RequireFileStorage()
+    if template_name == constants.DT_FILE:
+      _req_file_storage()
+    elif template_name == constants.DT_SHARED_FILE:
+      _req_shr_file_storage()
+
+    name_prefix = _DISK_TEMPLATE_NAME_PREFIX.get(template_name, None)
+    if name_prefix is None:
+      names = None
+    else:
+      names = _GenerateUniqueNames(lu, ["%s.disk%s" %
+                                        (name_prefix, base_index + i)
+                                        for i in range(disk_count)])
+
+    if template_name == constants.DT_PLAIN:
+
+      def logical_id_fn(idx, _, disk):
+        vg = disk.get(constants.IDISK_VG, vgname)
+        return (vg, names[idx])
+
+    elif template_name in (constants.DT_FILE, constants.DT_SHARED_FILE):
+      logical_id_fn = \
+        lambda _, disk_index, disk: (file_driver,
+                                     "%s/disk%d" % (file_storage_dir,
+                                                    disk_index))
+    elif template_name == constants.DT_BLOCK:
+      logical_id_fn = \
+        lambda idx, disk_index, disk: (constants.BLOCKDEV_DRIVER_MANUAL,
+                                       disk[constants.IDISK_ADOPT])
+    elif template_name == constants.DT_RBD:
+      logical_id_fn = lambda idx, _, disk: ("rbd", names[idx])
+    else:
+      raise errors.ProgrammerError("Unknown disk template '%s'" % template_name)
+
+    dev_type = _DISK_TEMPLATE_DEVICE_TYPE[template_name]
  
      for idx, disk in enumerate(disk_info):
        disk_index = idx + base_index
  
      for idx, disk in enumerate(disk_info):
        disk_index = idx + base_index
-      disk_dev = objects.Disk(dev_type=constants.LD_FILE, size=disk["size"],
-                              iv_name="disk/%d" % disk_index,
-                              logical_id=(file_driver,
-                                          "%s/disk%d" % (file_storage_dir,
-                                                         disk_index)),
-                              mode=disk["mode"])
-      disks.append(disk_dev)
-  else:
-    raise errors.ProgrammerError("Invalid disk template '%s'" % template_name)
+      size = disk[constants.IDISK_SIZE]
+      feedback_fn("* disk %s, size %s" %
+                  (disk_index, utils.FormatUnit(size, "h")))
+      disks.append(objects.Disk(dev_type=dev_type, size=size,
+                                logical_id=logical_id_fn(idx, disk_index, disk),
+                                iv_name="disk/%d" % disk_index,
+                                mode=disk[constants.IDISK_MODE],
+                                params={}))
+
    return disks
  
  
    return disks
  
  
@@ -6748,7 +9236,7 @@ def _CalcEta(time_taken, written, total_size):
    return (total_size - written) * avg_time
  
  
    return (total_size - written) * avg_time
  
  
-def _WipeDisks(lu, instance):
+def _WipeDisks(lu, instance, disks=None):
    """Wipes instance disks.
  
    @type lu: L{LogicalUnit}
    """Wipes instance disks.
  
    @type lu: L{LogicalUnit}
@@ -6760,61 +9248,85 @@ def _WipeDisks(lu, instance):
    """
    node = instance.primary_node
  
    """
    node = instance.primary_node
  
-  for device in instance.disks:
+  if disks is None:
+    disks = [(idx, disk, 0)
+             for (idx, disk) in enumerate(instance.disks)]
+
+  for (_, device, _) in disks:
      lu.cfg.SetDiskID(device, node)
  
      lu.cfg.SetDiskID(device, node)
  
-  logging.info("Pause sync of instance %s disks", instance.name)
-  result = lu.rpc.call_blockdev_pause_resume_sync(node, instance.disks, True)
+  logging.info("Pausing synchronization of disks of instance '%s'",
+               instance.name)
+  result = lu.rpc.call_blockdev_pause_resume_sync(node,
+                                                  (map(compat.snd, disks),
+                                                   instance),
+                                                  True)
+  result.Raise("Failed to pause disk synchronization on node '%s'" % node)
  
    for idx, success in enumerate(result.payload):
      if not success:
  
    for idx, success in enumerate(result.payload):
      if not success:
-      logging.warn("pause-sync of instance %s for disks %d failed",
-                   instance.name, idx)
+      logging.warn("Pausing synchronization of disk %s of instance '%s'"
+                   " failed", idx, instance.name)
  
    try:
  
    try:
-    for idx, device in enumerate(instance.disks):
+    for (idx, device, offset) in disks:
        # The wipe size is MIN_WIPE_CHUNK_PERCENT % of the instance disk but
        # The wipe size is MIN_WIPE_CHUNK_PERCENT % of the instance disk but
-      # MAX_WIPE_CHUNK at max
-      wipe_chunk_size = min(constants.MAX_WIPE_CHUNK, device.size / 100.0 *
-                            constants.MIN_WIPE_CHUNK_PERCENT)
-      # we _must_ make this an int, otherwise rounding errors will
-      # occur
-      wipe_chunk_size = int(wipe_chunk_size)
-
-      lu.LogInfo("* Wiping disk %d", idx)
-      logging.info("Wiping disk %d for instance %s, node %s using"
-                   " chunk size %s", idx, instance.name, node, wipe_chunk_size)
+      # MAX_WIPE_CHUNK at max. Truncating to integer to avoid rounding errors.
+      wipe_chunk_size = \
+        int(min(constants.MAX_WIPE_CHUNK,
+                device.size / 100.0 * constants.MIN_WIPE_CHUNK_PERCENT))
  
  
-      offset = 0
        size = device.size
        last_output = 0
        start_time = time.time()
  
        size = device.size
        last_output = 0
        start_time = time.time()
  
+      if offset == 0:
+        info_text = ""
+      else:
+        info_text = (" (from %s to %s)" %
+                     (utils.FormatUnit(offset, "h"),
+                      utils.FormatUnit(size, "h")))
+
+      lu.LogInfo("* Wiping disk %s%s", idx, info_text)
+
+      logging.info("Wiping disk %d for instance %s on node %s using"
+                   " chunk size %s", idx, instance.name, node, wipe_chunk_size)
+
        while offset < size:
          wipe_size = min(wipe_chunk_size, size - offset)
        while offset < size:
          wipe_size = min(wipe_chunk_size, size - offset)
+
          logging.debug("Wiping disk %d, offset %s, chunk %s",
                        idx, offset, wipe_size)
          logging.debug("Wiping disk %d, offset %s, chunk %s",
                        idx, offset, wipe_size)
-        result = lu.rpc.call_blockdev_wipe(node, device, offset, wipe_size)
+
+        result = lu.rpc.call_blockdev_wipe(node, (device, instance), offset,
+                                           wipe_size)
          result.Raise("Could not wipe disk %d at offset %d for size %d" %
                       (idx, offset, wipe_size))
          result.Raise("Could not wipe disk %d at offset %d for size %d" %
                       (idx, offset, wipe_size))
+
          now = time.time()
          offset += wipe_size
          if now - last_output >= 60:
            eta = _CalcEta(now - start_time, offset, size)
          now = time.time()
          offset += wipe_size
          if now - last_output >= 60:
            eta = _CalcEta(now - start_time, offset, size)
-          lu.LogInfo(" - done: %.1f%% ETA: %s" %
-                     (offset / float(size) * 100, utils.FormatSeconds(eta)))
+          lu.LogInfo(" - done: %.1f%% ETA: %s",
+                     offset / float(size) * 100, utils.FormatSeconds(eta))
            last_output = now
    finally:
            last_output = now
    finally:
-    logging.info("Resume sync of instance %s disks", instance.name)
+    logging.info("Resuming synchronization of disks for instance '%s'",
+                 instance.name)
  
  
-    result = lu.rpc.call_blockdev_pause_resume_sync(node, instance.disks, False)
+    result = lu.rpc.call_blockdev_pause_resume_sync(node,
+                                                    (map(compat.snd, disks),
+                                                     instance),
+                                                    False)
  
  
-    for idx, success in enumerate(result.payload):
-      if not success:
-        lu.LogWarning("Warning: Resume sync of disk %d failed. Please have a"
-                      " look at the status and troubleshoot the issue.", idx)
-        logging.warn("resume-sync of instance %s for disks %d failed",
-                     instance.name, idx)
+    if result.fail_msg:
+      lu.LogWarning("Failed to resume disk synchronization on node '%s': %s",
+                    node, result.fail_msg)
+    else:
+      for idx, success in enumerate(result.payload):
+        if not success:
+          lu.LogWarning("Resuming synchronization of disk %s of instance '%s'"
+                        " failed", idx, instance.name)
  
  
  def _CreateDisks(lu, instance, to_skip=None, target_node=None):
  
  
  def _CreateDisks(lu, instance, to_skip=None, target_node=None):
@@ -6842,7 +9354,7 @@ def _CreateDisks(lu, instance, to_skip=None, target_node=None):
      pnode = target_node
      all_nodes = [pnode]
  
      pnode = target_node
      all_nodes = [pnode]
  
-  if instance.disk_template == constants.DT_FILE:
+  if instance.disk_template in constants.DTS_FILEBASED:
      file_storage_dir = os.path.dirname(instance.disks[0].logical_id[1])
      result = lu.rpc.call_file_storage_dir_create(pnode, file_storage_dir)
  
      file_storage_dir = os.path.dirname(instance.disks[0].logical_id[1])
      result = lu.rpc.call_file_storage_dir_create(pnode, file_storage_dir)
  
@@ -6854,8 +9366,7 @@ def _CreateDisks(lu, instance, to_skip=None, target_node=None):
    for idx, device in enumerate(instance.disks):
      if to_skip and idx in to_skip:
        continue
    for idx, device in enumerate(instance.disks):
      if to_skip and idx in to_skip:
        continue
-    logging.info("Creating volume %s for instance %s",
-                 device.iv_name, instance.name)
+    logging.info("Creating disk %s for instance '%s'", idx, instance.name)
      #HARDCODE
      for node in all_nodes:
        f_create = node == pnode
      #HARDCODE
      for node in all_nodes:
        f_create = node == pnode
@@ -6884,18 +9395,20 @@ def _RemoveDisks(lu, instance, target_node=None, ignore_failures=False):
  
    all_result = True
    ports_to_release = set()
  
    all_result = True
    ports_to_release = set()
-  for device in instance.disks:
+  anno_disks = _AnnotateDiskParams(instance, instance.disks, lu.cfg)
+  for (idx, device) in enumerate(anno_disks):
      if target_node:
        edata = [(target_node, device)]
      else:
        edata = device.ComputeNodeTree(instance.primary_node)
      for node, disk in edata:
        lu.cfg.SetDiskID(disk, node)
      if target_node:
        edata = [(target_node, device)]
      else:
        edata = device.ComputeNodeTree(instance.primary_node)
      for node, disk in edata:
        lu.cfg.SetDiskID(disk, node)
-      msg = lu.rpc.call_blockdev_remove(node, disk).fail_msg
-      if msg:
-        lu.LogWarning("Could not remove block device %s on node %s,"
-                      " continuing anyway: %s", device.iv_name, node, msg)
-        all_result = False
+      result = lu.rpc.call_blockdev_remove(node, disk)
+      if result.fail_msg:
+        lu.LogWarning("Could not remove disk %s on node %s,"
+                      " continuing anyway: %s", idx, node, result.fail_msg)
+        if not (result.offline and node != instance.primary_node):
+          all_result = False
  
      # if this is a DRBD disk, return its port to the pool
      if device.dev_type in constants.LDS_DRBD:
  
      # if this is a DRBD disk, return its port to the pool
      if device.dev_type in constants.LDS_DRBD:
@@ -6905,7 +9418,7 @@ def _RemoveDisks(lu, instance, target_node=None, ignore_failures=False):
      for port in ports_to_release:
        lu.cfg.AddTcpUdpPort(port)
  
      for port in ports_to_release:
        lu.cfg.AddTcpUdpPort(port)
  
-  if instance.disk_template == constants.DT_FILE:
+  if instance.disk_template in constants.DTS_FILEBASED:
      file_storage_dir = os.path.dirname(instance.disks[0].logical_id[1])
      if target_node:
        tgt = target_node
      file_storage_dir = os.path.dirname(instance.disks[0].logical_id[1])
      if target_node:
        tgt = target_node
@@ -6925,12 +9438,13 @@ def _ComputeDiskSizePerVG(disk_template, disks):
  
    """
    def _compute(disks, payload):
  
    """
    def _compute(disks, payload):
-    """Universal algorithm
+    """Universal algorithm.
  
      """
      vgs = {}
      for disk in disks:
  
      """
      vgs = {}
      for disk in disks:
-      vgs[disk["vg"]] = vgs.get("vg", 0) + disk["size"] + payload
+      vgs[disk[constants.IDISK_VG]] = \
+        vgs.get(constants.IDISK_VG, 0) + disk[constants.IDISK_SIZE] + payload
  
      return vgs
  
  
      return vgs
  
@@ -6939,33 +9453,14 @@ def _ComputeDiskSizePerVG(disk_template, disks):
      constants.DT_DISKLESS: {},
      constants.DT_PLAIN: _compute(disks, 0),
      # 128 MB are added for drbd metadata for each disk
      constants.DT_DISKLESS: {},
      constants.DT_PLAIN: _compute(disks, 0),
      # 128 MB are added for drbd metadata for each disk
-    constants.DT_DRBD8: _compute(disks, 128),
+    constants.DT_DRBD8: _compute(disks, constants.DRBD_META_SIZE),
      constants.DT_FILE: {},
      constants.DT_FILE: {},
+    constants.DT_SHARED_FILE: {},
    }
  
    if disk_template not in req_size_dict:
      raise errors.ProgrammerError("Disk template '%s' size requirement"
    }
  
    if disk_template not in req_size_dict:
      raise errors.ProgrammerError("Disk template '%s' size requirement"
-                                 " is unknown" %  disk_template)
-
-  return req_size_dict[disk_template]
-
-
-def _ComputeDiskSize(disk_template, disks):
-  """Compute disk size requirements in the volume group
-
-  """
-  # Required free disk space as a function of disk and swap space
-  req_size_dict = {
-    constants.DT_DISKLESS: None,
-    constants.DT_PLAIN: sum(d["size"] for d in disks),
-    # 128 MB are added for drbd metadata for each disk
-    constants.DT_DRBD8: sum(d["size"] + 128 for d in disks),
-    constants.DT_FILE: None,
-  }
-
-  if disk_template not in req_size_dict:
-    raise errors.ProgrammerError("Disk template '%s' size requirement"
-                                 " is unknown" %  disk_template)
+                                 " is unknown" % disk_template)
  
    return req_size_dict[disk_template]
  
  
    return req_size_dict[disk_template]
  
@@ -7003,9 +9498,11 @@ def _CheckHVParams(lu, nodenames, hvname, hvparams):
  
    """
    nodenames = _FilterVmNodes(lu, nodenames)
  
    """
    nodenames = _FilterVmNodes(lu, nodenames)
-  hvinfo = lu.rpc.call_hypervisor_validate_params(nodenames,
-                                                  hvname,
-                                                  hvparams)
+
+  cluster = lu.cfg.GetClusterInfo()
+  hvfull = objects.FillDict(cluster.hvparams.get(hvname, {}), hvparams)
+
+  hvinfo = lu.rpc.call_hypervisor_validate_params(nodenames, hvname, hvfull)
    for node in nodenames:
      info = hvinfo[node]
      if info.offline:
    for node in nodenames:
      info = hvinfo[node]
      if info.offline:
@@ -7031,7 +9528,7 @@ def _CheckOSParams(lu, required, nodenames, osname, osparams):
  
    """
    nodenames = _FilterVmNodes(lu, nodenames)
  
    """
    nodenames = _FilterVmNodes(lu, nodenames)
-  result = lu.rpc.call_os_validate(required, nodenames, osname,
+  result = lu.rpc.call_os_validate(nodenames, required, osname,
                                     [constants.OS_VALIDATE_PARAMETERS],
                                     osparams)
    for node, nres in result.items():
                                     [constants.OS_VALIDATE_PARAMETERS],
                                     osparams)
    for node, nres in result.items():
@@ -7043,6 +9540,175 @@ def _CheckOSParams(lu, required, nodenames, osname, osparams):
                   osname, node)
  
  
                   osname, node)
  
  
+def _CreateInstanceAllocRequest(op, disks, nics, beparams):
+  """Wrapper around IAReqInstanceAlloc.
+
+  @param op: The instance opcode
+  @param disks: The computed disks
+  @param nics: The computed nics
+  @param beparams: The full filled beparams
+
+  @returns: A filled L{iallocator.IAReqInstanceAlloc}
+
+  """
+  spindle_use = beparams[constants.BE_SPINDLE_USE]
+  return iallocator.IAReqInstanceAlloc(name=op.instance_name,
+                                       disk_template=op.disk_template,
+                                       tags=op.tags,
+                                       os=op.os_type,
+                                       vcpus=beparams[constants.BE_VCPUS],
+                                       memory=beparams[constants.BE_MAXMEM],
+                                       spindle_use=spindle_use,
+                                       disks=disks,
+                                       nics=[n.ToDict() for n in nics],
+                                       hypervisor=op.hypervisor)
+
+
+def _ComputeNics(op, cluster, default_ip, cfg, ec_id):
+  """Computes the nics.
+
+  @param op: The instance opcode
+  @param cluster: Cluster configuration object
+  @param default_ip: The default ip to assign
+  @param cfg: An instance of the configuration object
+  @param ec_id: Execution context ID
+
+  @returns: The build up nics
+
+  """
+  nics = []
+  for nic in op.nics:
+    nic_mode_req = nic.get(constants.INIC_MODE, None)
+    nic_mode = nic_mode_req
+    if nic_mode is None or nic_mode == constants.VALUE_AUTO:
+      nic_mode = cluster.nicparams[constants.PP_DEFAULT][constants.NIC_MODE]
+
+    net = nic.get(constants.INIC_NETWORK, None)
+    link = nic.get(constants.NIC_LINK, None)
+    ip = nic.get(constants.INIC_IP, None)
+
+    if net is None or net.lower() == constants.VALUE_NONE:
+      net = None
+    else:
+      if nic_mode_req is not None or link is not None:
+        raise errors.OpPrereqError("If network is given, no mode or link"
+                                   " is allowed to be passed",
+                                   errors.ECODE_INVAL)
+
+    # ip validity checks
+    if ip is None or ip.lower() == constants.VALUE_NONE:
+      nic_ip = None
+    elif ip.lower() == constants.VALUE_AUTO:
+      if not op.name_check:
+        raise errors.OpPrereqError("IP address set to auto but name checks"
+                                   " have been skipped",
+                                   errors.ECODE_INVAL)
+      nic_ip = default_ip
+    else:
+      # We defer pool operations until later, so that the iallocator has
+      # filled in the instance's node(s) dimara
+      if ip.lower() == constants.NIC_IP_POOL:
+        if net is None:
+          raise errors.OpPrereqError("if ip=pool, parameter network"
+                                     " must be passed too",
+                                     errors.ECODE_INVAL)
+
+      elif not netutils.IPAddress.IsValid(ip):
+        raise errors.OpPrereqError("Invalid IP address '%s'" % ip,
+                                   errors.ECODE_INVAL)
+
+      nic_ip = ip
+
+    # TODO: check the ip address for uniqueness
+    if nic_mode == constants.NIC_MODE_ROUTED and not nic_ip:
+      raise errors.OpPrereqError("Routed nic mode requires an ip address",
+                                 errors.ECODE_INVAL)
+
+    # MAC address verification
+    mac = nic.get(constants.INIC_MAC, constants.VALUE_AUTO)
+    if mac not in (constants.VALUE_AUTO, constants.VALUE_GENERATE):
+      mac = utils.NormalizeAndValidateMac(mac)
+
+      try:
+        # TODO: We need to factor this out
+        cfg.ReserveMAC(mac, ec_id)
+      except errors.ReservationError:
+        raise errors.OpPrereqError("MAC address %s already in use"
+                                   " in cluster" % mac,
+                                   errors.ECODE_NOTUNIQUE)
+
+    #  Build nic parameters
+    nicparams = {}
+    if nic_mode_req:
+      nicparams[constants.NIC_MODE] = nic_mode
+    if link:
+      nicparams[constants.NIC_LINK] = link
+
+    check_params = cluster.SimpleFillNIC(nicparams)
+    objects.NIC.CheckParameterSyntax(check_params)
+    nics.append(objects.NIC(mac=mac, ip=nic_ip,
+                            network=net, nicparams=nicparams))
+
+  return nics
+
+
+def _ComputeDisks(op, default_vg):
+  """Computes the instance disks.
+
+  @param op: The instance opcode
+  @param default_vg: The default_vg to assume
+
+  @return: The computer disks
+
+  """
+  disks = []
+  for disk in op.disks:
+    mode = disk.get(constants.IDISK_MODE, constants.DISK_RDWR)
+    if mode not in constants.DISK_ACCESS_SET:
+      raise errors.OpPrereqError("Invalid disk access mode '%s'" %
+                                 mode, errors.ECODE_INVAL)
+    size = disk.get(constants.IDISK_SIZE, None)
+    if size is None:
+      raise errors.OpPrereqError("Missing disk size", errors.ECODE_INVAL)
+    try:
+      size = int(size)
+    except (TypeError, ValueError):
+      raise errors.OpPrereqError("Invalid disk size '%s'" % size,
+                                 errors.ECODE_INVAL)
+
+    data_vg = disk.get(constants.IDISK_VG, default_vg)
+    new_disk = {
+      constants.IDISK_SIZE: size,
+      constants.IDISK_MODE: mode,
+      constants.IDISK_VG: data_vg,
+      }
+    if constants.IDISK_METAVG in disk:
+      new_disk[constants.IDISK_METAVG] = disk[constants.IDISK_METAVG]
+    if constants.IDISK_ADOPT in disk:
+      new_disk[constants.IDISK_ADOPT] = disk[constants.IDISK_ADOPT]
+    disks.append(new_disk)
+
+  return disks
+
+
+def _ComputeFullBeParams(op, cluster):
+  """Computes the full beparams.
+
+  @param op: The instance opcode
+  @param cluster: The cluster config object
+
+  @return: The fully filled beparams
+
+  """
+  default_beparams = cluster.beparams[constants.PP_DEFAULT]
+  for param, value in op.beparams.iteritems():
+    if value == constants.VALUE_AUTO:
+      op.beparams[param] = default_beparams[param]
+  objects.UpgradeBeParams(op.beparams)
+  utils.ForceDictType(op.beparams, constants.BES_PARAMETER_TYPES)
+  return cluster.SimpleFillBE(op.beparams)
+
+
  class LUInstanceCreate(LogicalUnit):
    """Create an instance.
  
  class LUInstanceCreate(LogicalUnit):
    """Create an instance.
  
@@ -7066,8 +9732,8 @@ class LUInstanceCreate(LogicalUnit):
  
      if self.op.ip_check and not self.op.name_check:
        # TODO: make the ip check more flexible and not depend on the name check
  
      if self.op.ip_check and not self.op.name_check:
        # TODO: make the ip check more flexible and not depend on the name check
-      raise errors.OpPrereqError("Cannot do ip check without a name check",
-                                 errors.ECODE_INVAL)
+      raise errors.OpPrereqError("Cannot do IP address check without a name"
+                                 " check", errors.ECODE_INVAL)
  
      # check nics' parameter names
      for nic in self.op.nics:
  
      # check nics' parameter names
      for nic in self.op.nics:
@@ -7077,7 +9743,7 @@ class LUInstanceCreate(LogicalUnit):
      has_adopt = has_no_adopt = False
      for disk in self.op.disks:
        utils.ForceDictType(disk, constants.IDISK_PARAMS_TYPES)
      has_adopt = has_no_adopt = False
      for disk in self.op.disks:
        utils.ForceDictType(disk, constants.IDISK_PARAMS_TYPES)
-      if "adopt" in disk:
+      if constants.IDISK_ADOPT in disk:
          has_adopt = True
        else:
          has_no_adopt = True
          has_adopt = True
        else:
          has_no_adopt = True
@@ -7096,12 +9762,18 @@ class LUInstanceCreate(LogicalUnit):
        if self.op.mode == constants.INSTANCE_IMPORT:
          raise errors.OpPrereqError("Disk adoption not allowed for"
                                     " instance import", errors.ECODE_INVAL)
        if self.op.mode == constants.INSTANCE_IMPORT:
          raise errors.OpPrereqError("Disk adoption not allowed for"
                                     " instance import", errors.ECODE_INVAL)
+    else:
+      if self.op.disk_template in constants.DTS_MUST_ADOPT:
+        raise errors.OpPrereqError("Disk template %s requires disk adoption,"
+                                   " but no 'adopt' parameter given" %
+                                   self.op.disk_template,
+                                   errors.ECODE_INVAL)
  
      self.adopt_disks = has_adopt
  
      # instance name verification
      if self.op.name_check:
  
      self.adopt_disks = has_adopt
  
      # instance name verification
      if self.op.name_check:
-      self.hostname1 = netutils.GetHostname(name=self.op.instance_name)
+      self.hostname1 = _CheckHostnameSane(self, self.op.instance_name)
        self.op.instance_name = self.hostname1.name
        # used in CheckPrereq for ip ping check
        self.check_ip = self.hostname1.ip
        self.op.instance_name = self.hostname1.name
        # used in CheckPrereq for ip ping check
        self.check_ip = self.hostname1.ip
@@ -7116,12 +9788,14 @@ class LUInstanceCreate(LogicalUnit):
  
      if self.op.disk_template == constants.DT_FILE:
        opcodes.RequireFileStorage()
  
      if self.op.disk_template == constants.DT_FILE:
        opcodes.RequireFileStorage()
+    elif self.op.disk_template == constants.DT_SHARED_FILE:
+      opcodes.RequireSharedFileStorage()
  
      ### Node/iallocator related checks
      _CheckIAllocatorOrNode(self, "iallocator", "pnode")
  
      if self.op.pnode is not None:
  
      ### Node/iallocator related checks
      _CheckIAllocatorOrNode(self, "iallocator", "pnode")
  
      if self.op.pnode is not None:
-      if self.op.disk_template in constants.DTS_NET_MIRROR:
+      if self.op.disk_template in constants.DTS_INT_MIRROR:
          if self.op.snode is None:
            raise errors.OpPrereqError("The networked disk templates need"
                                       " a mirror node", errors.ECODE_INVAL)
          if self.op.snode is None:
            raise errors.OpPrereqError("The networked disk templates need"
                                       " a mirror node", errors.ECODE_INVAL)
@@ -7216,7 +9890,11 @@ class LUInstanceCreate(LogicalUnit):
      self.add_locks[locking.LEVEL_INSTANCE] = instance_name
  
      if self.op.iallocator:
      self.add_locks[locking.LEVEL_INSTANCE] = instance_name
  
      if self.op.iallocator:
+      # TODO: Find a solution to not lock all nodes in the cluster, e.g. by
+      # specifying a group on instance creation and then selecting nodes from
+      # that group
        self.needed_locks[locking.LEVEL_NODE] = locking.ALL_SET
        self.needed_locks[locking.LEVEL_NODE] = locking.ALL_SET
+      self.needed_locks[locking.LEVEL_NODE_ALLOC] = locking.ALL_SET
      else:
        self.op.pnode = _ExpandNodeName(self.cfg, self.op.pnode)
        nodelist = [self.op.pnode]
      else:
        self.op.pnode = _ExpandNodeName(self.cfg, self.op.pnode)
        nodelist = [self.op.pnode]
@@ -7235,6 +9913,7 @@ class LUInstanceCreate(LogicalUnit):
  
        if src_node is None:
          self.needed_locks[locking.LEVEL_NODE] = locking.ALL_SET
  
        if src_node is None:
          self.needed_locks[locking.LEVEL_NODE] = locking.ALL_SET
+        self.needed_locks[locking.LEVEL_NODE_ALLOC] = locking.ALL_SET
          self.op.src_node = None
          if os.path.isabs(src_path):
            raise errors.OpPrereqError("Importing an instance from a path"
          self.op.src_node = None
          if os.path.isabs(src_path):
            raise errors.OpPrereqError("Importing an instance from a path"
@@ -7246,25 +9925,20 @@ class LUInstanceCreate(LogicalUnit):
            self.needed_locks[locking.LEVEL_NODE].append(src_node)
          if not os.path.isabs(src_path):
            self.op.src_path = src_path = \
            self.needed_locks[locking.LEVEL_NODE].append(src_node)
          if not os.path.isabs(src_path):
            self.op.src_path = src_path = \
-            utils.PathJoin(constants.EXPORT_DIR, src_path)
+            utils.PathJoin(pathutils.EXPORT_DIR, src_path)
+
+    self.needed_locks[locking.LEVEL_NODE_RES] = \
+      _CopyLockList(self.needed_locks[locking.LEVEL_NODE])
  
    def _RunAllocator(self):
      """Run the allocator based on input opcode.
  
      """
  
    def _RunAllocator(self):
      """Run the allocator based on input opcode.
  
      """
-    nics = [n.ToDict() for n in self.nics]
-    ial = IAllocator(self.cfg, self.rpc,
-                     mode=constants.IALLOCATOR_MODE_ALLOC,
-                     name=self.op.instance_name,
-                     disk_template=self.op.disk_template,
-                     tags=[],
-                     os=self.op.os_type,
-                     vcpus=self.be_full[constants.BE_VCPUS],
-                     mem_size=self.be_full[constants.BE_MEMORY],
-                     disks=self.disks,
-                     nics=nics,
-                     hypervisor=self.op.hypervisor,
-                     )
+    #TODO Export network to iallocator so that it chooses a pnode
+    #     in a nodegroup that has the desired network connected to
+    req = _CreateInstanceAllocRequest(self.op, self.disks,
+                                      self.nics, self.be_full)
+    ial = iallocator.IAllocator(self.cfg, self.rpc, req)
  
      ial.Run(self.op.iallocator)
  
  
      ial.Run(self.op.iallocator)
  
@@ -7273,16 +9947,14 @@ class LUInstanceCreate(LogicalUnit):
                                   " iallocator '%s': %s" %
                                   (self.op.iallocator, ial.info),
                                   errors.ECODE_NORES)
                                   " iallocator '%s': %s" %
                                   (self.op.iallocator, ial.info),
                                   errors.ECODE_NORES)
-    if len(ial.result) != ial.required_nodes:
-      raise errors.OpPrereqError("iallocator '%s' returned invalid number"
-                                 " of nodes (%s), required %s" %
-                                 (self.op.iallocator, len(ial.result),
-                                  ial.required_nodes), errors.ECODE_FAULT)
      self.op.pnode = ial.result[0]
      self.LogInfo("Selected nodes for instance %s via iallocator %s: %s",
                   self.op.instance_name, self.op.iallocator,
                   utils.CommaJoin(ial.result))
      self.op.pnode = ial.result[0]
      self.LogInfo("Selected nodes for instance %s via iallocator %s: %s",
                   self.op.instance_name, self.op.iallocator,
                   utils.CommaJoin(ial.result))
-    if ial.required_nodes == 2:
+
+    assert req.RequiredNodes() in (1, 2), "Wrong node count from iallocator"
+
+    if req.RequiredNodes() == 2:
        self.op.snode = ial.result[1]
  
    def BuildHooksEnv(self):
        self.op.snode = ial.result[1]
  
    def BuildHooksEnv(self):
@@ -7305,19 +9977,27 @@ class LUInstanceCreate(LogicalUnit):
        secondary_nodes=self.secondaries,
        status=self.op.start,
        os_type=self.op.os_type,
        secondary_nodes=self.secondaries,
        status=self.op.start,
        os_type=self.op.os_type,
-      memory=self.be_full[constants.BE_MEMORY],
+      minmem=self.be_full[constants.BE_MINMEM],
+      maxmem=self.be_full[constants.BE_MAXMEM],
        vcpus=self.be_full[constants.BE_VCPUS],
        nics=_NICListToTuple(self, self.nics),
        disk_template=self.op.disk_template,
        vcpus=self.be_full[constants.BE_VCPUS],
        nics=_NICListToTuple(self, self.nics),
        disk_template=self.op.disk_template,
-      disks=[(d["size"], d["mode"]) for d in self.disks],
+      disks=[(d[constants.IDISK_SIZE], d[constants.IDISK_MODE])
+             for d in self.disks],
        bep=self.be_full,
        hvp=self.hv_full,
        hypervisor_name=self.op.hypervisor,
        bep=self.be_full,
        hvp=self.hv_full,
        hypervisor_name=self.op.hypervisor,
+      tags=self.op.tags,
      ))
  
      ))
  
-    nl = ([self.cfg.GetMasterNode(), self.op.pnode] +
-          self.secondaries)
-    return env, nl, nl
+    return env
+
+  def BuildHooksNodes(self):
+    """Build hooks nodes.
+
+    """
+    nl = [self.cfg.GetMasterNode(), self.op.pnode] + self.secondaries
+    return nl, nl
  
    def _ReadExportInfo(self):
      """Reads the export information from disk.
  
    def _ReadExportInfo(self):
      """Reads the export information from disk.
@@ -7334,7 +10014,7 @@ class LUInstanceCreate(LogicalUnit):
      src_path = self.op.src_path
  
      if src_node is None:
      src_path = self.op.src_path
  
      if src_node is None:
-      locked_nodes = self.acquired_locks[locking.LEVEL_NODE]
+      locked_nodes = self.owned_locks(locking.LEVEL_NODE)
        exp_list = self.rpc.call_export_list(locked_nodes)
        found = False
        for node in exp_list:
        exp_list = self.rpc.call_export_list(locked_nodes)
        found = False
        for node in exp_list:
@@ -7343,7 +10023,7 @@ class LUInstanceCreate(LogicalUnit):
          if src_path in exp_list[node].payload:
            found = True
            self.op.src_node = src_node = node
          if src_path in exp_list[node].payload:
            found = True
            self.op.src_node = src_node = node
-          self.op.src_path = src_path = utils.PathJoin(constants.EXPORT_DIR,
+          self.op.src_path = src_path = utils.PathJoin(pathutils.EXPORT_DIR,
                                                         src_path)
            break
        if not found:
                                                         src_path)
            break
        if not found:
@@ -7380,38 +10060,50 @@ class LUInstanceCreate(LogicalUnit):
        if einfo.has_option(constants.INISECT_INS, "disk_template"):
          self.op.disk_template = einfo.get(constants.INISECT_INS,
                                            "disk_template")
        if einfo.has_option(constants.INISECT_INS, "disk_template"):
          self.op.disk_template = einfo.get(constants.INISECT_INS,
                                            "disk_template")
+        if self.op.disk_template not in constants.DISK_TEMPLATES:
+          raise errors.OpPrereqError("Disk template specified in configuration"
+                                     " file is not one of the allowed values:"
+                                     " %s" %
+                                     " ".join(constants.DISK_TEMPLATES),
+                                     errors.ECODE_INVAL)
        else:
          raise errors.OpPrereqError("No disk template specified and the export"
                                     " is missing the disk_template information",
                                     errors.ECODE_INVAL)
  
      if not self.op.disks:
        else:
          raise errors.OpPrereqError("No disk template specified and the export"
                                     " is missing the disk_template information",
                                     errors.ECODE_INVAL)
  
      if not self.op.disks:
-      if einfo.has_option(constants.INISECT_INS, "disk_count"):
-        disks = []
-        # TODO: import the disk iv_name too
-        for idx in range(einfo.getint(constants.INISECT_INS, "disk_count")):
+      disks = []
+      # TODO: import the disk iv_name too
+      for idx in range(constants.MAX_DISKS):
+        if einfo.has_option(constants.INISECT_INS, "disk%d_size" % idx):
            disk_sz = einfo.getint(constants.INISECT_INS, "disk%d_size" % idx)
            disk_sz = einfo.getint(constants.INISECT_INS, "disk%d_size" % idx)
-          disks.append({"size": disk_sz})
-        self.op.disks = disks
-      else:
+          disks.append({constants.IDISK_SIZE: disk_sz})
+      self.op.disks = disks
+      if not disks and self.op.disk_template != constants.DT_DISKLESS:
          raise errors.OpPrereqError("No disk info specified and the export"
                                     " is missing the disk information",
                                     errors.ECODE_INVAL)
  
          raise errors.OpPrereqError("No disk info specified and the export"
                                     " is missing the disk information",
                                     errors.ECODE_INVAL)
  
-    if (not self.op.nics and
-        einfo.has_option(constants.INISECT_INS, "nic_count")):
+    if not self.op.nics:
        nics = []
        nics = []
-      for idx in range(einfo.getint(constants.INISECT_INS, "nic_count")):
-        ndict = {}
-        for name in list(constants.NICS_PARAMETERS) + ["ip", "mac"]:
-          v = einfo.get(constants.INISECT_INS, "nic%d_%s" % (idx, name))
-          ndict[name] = v
-        nics.append(ndict)
+      for idx in range(constants.MAX_NICS):
+        if einfo.has_option(constants.INISECT_INS, "nic%d_mac" % idx):
+          ndict = {}
+          for name in list(constants.NICS_PARAMETERS) + ["ip", "mac"]:
+            v = einfo.get(constants.INISECT_INS, "nic%d_%s" % (idx, name))
+            ndict[name] = v
+          nics.append(ndict)
+        else:
+          break
        self.op.nics = nics
  
        self.op.nics = nics
  
+    if not self.op.tags and einfo.has_option(constants.INISECT_INS, "tags"):
+      self.op.tags = einfo.get(constants.INISECT_INS, "tags").split()
+
      if (self.op.hypervisor is None and
          einfo.has_option(constants.INISECT_INS, "hypervisor")):
        self.op.hypervisor = einfo.get(constants.INISECT_INS, "hypervisor")
      if (self.op.hypervisor is None and
          einfo.has_option(constants.INISECT_INS, "hypervisor")):
        self.op.hypervisor = einfo.get(constants.INISECT_INS, "hypervisor")
+
      if einfo.has_section(constants.INISECT_HYP):
        # use the export parameters but do not override the ones
        # specified by the user
      if einfo.has_section(constants.INISECT_HYP):
        # use the export parameters but do not override the ones
        # specified by the user
@@ -7424,6 +10116,12 @@ class LUInstanceCreate(LogicalUnit):
        for name, value in einfo.items(constants.INISECT_BEP):
          if name not in self.op.beparams:
            self.op.beparams[name] = value
        for name, value in einfo.items(constants.INISECT_BEP):
          if name not in self.op.beparams:
            self.op.beparams[name] = value
+        # Compatibility for the old "memory" be param
+        if name == constants.BE_MEMORY:
+          if constants.BE_MAXMEM not in self.op.beparams:
+            self.op.beparams[constants.BE_MAXMEM] = value
+          if constants.BE_MINMEM not in self.op.beparams:
+            self.op.beparams[constants.BE_MINMEM] = value
      else:
        # try to read the parameters old style, from the main section
        for name in constants.BES_PARAMETERS:
      else:
        # try to read the parameters old style, from the main section
        for name in constants.BES_PARAMETERS:
@@ -7469,13 +10167,19 @@ class LUInstanceCreate(LogicalUnit):
      """
      # file storage dir calculation/check
      self.instance_file_storage_dir = None
      """
      # file storage dir calculation/check
      self.instance_file_storage_dir = None
-    if self.op.disk_template == constants.DT_FILE:
+    if self.op.disk_template in constants.DTS_FILEBASED:
        # build the full file storage dir path
        joinargs = []
  
        # build the full file storage dir path
        joinargs = []
  
-      cfg_storagedir = self.cfg.GetFileStorageDir()
+      if self.op.disk_template == constants.DT_SHARED_FILE:
+        get_fsd_fn = self.cfg.GetSharedFileStorageDir
+      else:
+        get_fsd_fn = self.cfg.GetFileStorageDir
+
+      cfg_storagedir = get_fsd_fn()
        if not cfg_storagedir:
        if not cfg_storagedir:
-        raise errors.OpPrereqError("Cluster file storage dir not defined")
+        raise errors.OpPrereqError("Cluster file storage dir not defined",
+                                   errors.ECODE_STATE)
        joinargs.append(cfg_storagedir)
  
        if self.op.file_storage_dir is not None:
        joinargs.append(cfg_storagedir)
  
        if self.op.file_storage_dir is not None:
@@ -7483,10 +10187,10 @@ class LUInstanceCreate(LogicalUnit):
  
        joinargs.append(self.op.instance_name)
  
  
        joinargs.append(self.op.instance_name)
  
-      # pylint: disable-msg=W0142
+      # pylint: disable=W0142
        self.instance_file_storage_dir = utils.PathJoin(*joinargs)
  
        self.instance_file_storage_dir = utils.PathJoin(*joinargs)
  
-  def CheckPrereq(self):
+  def CheckPrereq(self): # pylint: disable=R0914
      """Check prerequisites.
  
      """
      """Check prerequisites.
  
      """
@@ -7495,23 +10199,31 @@ class LUInstanceCreate(LogicalUnit):
      if self.op.mode == constants.INSTANCE_IMPORT:
        export_info = self._ReadExportInfo()
        self._ReadExportParams(export_info)
      if self.op.mode == constants.INSTANCE_IMPORT:
        export_info = self._ReadExportInfo()
        self._ReadExportParams(export_info)
+      self._old_instance_name = export_info.get(constants.INISECT_INS, "name")
+    else:
+      self._old_instance_name = None
  
      if (not self.cfg.GetVGName() and
          self.op.disk_template not in constants.DTS_NOT_LVM):
        raise errors.OpPrereqError("Cluster does not support lvm-based"
                                   " instances", errors.ECODE_STATE)
  
  
      if (not self.cfg.GetVGName() and
          self.op.disk_template not in constants.DTS_NOT_LVM):
        raise errors.OpPrereqError("Cluster does not support lvm-based"
                                   " instances", errors.ECODE_STATE)
  
-    if self.op.hypervisor is None:
+    if (self.op.hypervisor is None or
+        self.op.hypervisor == constants.VALUE_AUTO):
        self.op.hypervisor = self.cfg.GetHypervisorType()
  
      cluster = self.cfg.GetClusterInfo()
      enabled_hvs = cluster.enabled_hypervisors
      if self.op.hypervisor not in enabled_hvs:
        raise errors.OpPrereqError("Selected hypervisor (%s) not enabled in the"
        self.op.hypervisor = self.cfg.GetHypervisorType()
  
      cluster = self.cfg.GetClusterInfo()
      enabled_hvs = cluster.enabled_hypervisors
      if self.op.hypervisor not in enabled_hvs:
        raise errors.OpPrereqError("Selected hypervisor (%s) not enabled in the"
-                                 " cluster (%s)" % (self.op.hypervisor,
-                                  ",".join(enabled_hvs)),
+                                 " cluster (%s)" %
+                                 (self.op.hypervisor, ",".join(enabled_hvs)),
                                   errors.ECODE_STATE)
  
                                   errors.ECODE_STATE)
  
+    # Check tag validity
+    for tag in self.op.tags:
+      objects.TaggableObject.ValidateTag(tag)
+
      # check hypervisor parameter syntax (locally)
      utils.ForceDictType(self.op.hvparams, constants.HVS_PARAMETER_TYPES)
      filled_hvp = cluster.SimpleFillHV(self.op.hypervisor, self.op.os_type,
      # check hypervisor parameter syntax (locally)
      utils.ForceDictType(self.op.hvparams, constants.HVS_PARAMETER_TYPES)
      filled_hvp = cluster.SimpleFillHV(self.op.hypervisor, self.op.os_type,
@@ -7523,8 +10235,7 @@ class LUInstanceCreate(LogicalUnit):
      _CheckGlobalHvParams(self.op.hvparams)
  
      # fill and remember the beparams dict
      _CheckGlobalHvParams(self.op.hvparams)
  
      # fill and remember the beparams dict
-    utils.ForceDictType(self.op.beparams, constants.BES_PARAMETER_TYPES)
-    self.be_full = cluster.SimpleFillBE(self.op.beparams)
+    self.be_full = _ComputeFullBeParams(self.op, cluster)
  
      # build os parameters
      self.os_full = cluster.SimpleFillOS(self.op.os_type, self.op.osparams)
  
      # build os parameters
      self.os_full = cluster.SimpleFillOS(self.op.os_type, self.op.osparams)
@@ -7535,131 +10246,31 @@ class LUInstanceCreate(LogicalUnit):
        self._RevertToDefaults(cluster)
  
      # NIC buildup
        self._RevertToDefaults(cluster)
  
      # NIC buildup
-    self.nics = []
-    for idx, nic in enumerate(self.op.nics):
-      nic_mode_req = nic.get("mode", None)
-      nic_mode = nic_mode_req
-      if nic_mode is None:
-        nic_mode = cluster.nicparams[constants.PP_DEFAULT][constants.NIC_MODE]
-
-      # in routed mode, for the first nic, the default ip is 'auto'
-      if nic_mode == constants.NIC_MODE_ROUTED and idx == 0:
-        default_ip_mode = constants.VALUE_AUTO
-      else:
-        default_ip_mode = constants.VALUE_NONE
-
-      # ip validity checks
-      ip = nic.get("ip", default_ip_mode)
-      if ip is None or ip.lower() == constants.VALUE_NONE:
-        nic_ip = None
-      elif ip.lower() == constants.VALUE_AUTO:
-        if not self.op.name_check:
-          raise errors.OpPrereqError("IP address set to auto but name checks"
-                                     " have been skipped",
-                                     errors.ECODE_INVAL)
-        nic_ip = self.hostname1.ip
-      else:
-        if not netutils.IPAddress.IsValid(ip):
-          raise errors.OpPrereqError("Invalid IP address '%s'" % ip,
-                                     errors.ECODE_INVAL)
-        nic_ip = ip
+    self.nics = _ComputeNics(self.op, cluster, self.hostname1.ip, self.cfg,
+                             self.proc.GetECId())
  
  
-      # TODO: check the ip address for uniqueness
-      if nic_mode == constants.NIC_MODE_ROUTED and not nic_ip:
-        raise errors.OpPrereqError("Routed nic mode requires an ip address",
-                                   errors.ECODE_INVAL)
+    # disk checks/pre-build
+    default_vg = self.cfg.GetVGName()
+    self.disks = _ComputeDisks(self.op, default_vg)
  
  
-      # MAC address verification
-      mac = nic.get("mac", constants.VALUE_AUTO)
-      if mac not in (constants.VALUE_AUTO, constants.VALUE_GENERATE):
-        mac = utils.NormalizeAndValidateMac(mac)
-
-        try:
-          self.cfg.ReserveMAC(mac, self.proc.GetECId())
-        except errors.ReservationError:
-          raise errors.OpPrereqError("MAC address %s already in use"
-                                     " in cluster" % mac,
-                                     errors.ECODE_NOTUNIQUE)
-
-      # bridge verification
-      bridge = nic.get("bridge", None)
-      link = nic.get("link", None)
-      if bridge and link:
-        raise errors.OpPrereqError("Cannot pass 'bridge' and 'link'"
-                                   " at the same time", errors.ECODE_INVAL)
-      elif bridge and nic_mode == constants.NIC_MODE_ROUTED:
-        raise errors.OpPrereqError("Cannot pass 'bridge' on a routed nic",
-                                   errors.ECODE_INVAL)
-      elif bridge:
-        link = bridge
-
-      nicparams = {}
-      if nic_mode_req:
-        nicparams[constants.NIC_MODE] = nic_mode_req
-      if link:
-        nicparams[constants.NIC_LINK] = link
-
-      check_params = cluster.SimpleFillNIC(nicparams)
-      objects.NIC.CheckParameterSyntax(check_params)
-      self.nics.append(objects.NIC(mac=mac, ip=nic_ip, nicparams=nicparams))
-
-    # disk checks/pre-build
-    self.disks = []
-    for disk in self.op.disks:
-      mode = disk.get("mode", constants.DISK_RDWR)
-      if mode not in constants.DISK_ACCESS_SET:
-        raise errors.OpPrereqError("Invalid disk access mode '%s'" %
-                                   mode, errors.ECODE_INVAL)
-      size = disk.get("size", None)
-      if size is None:
-        raise errors.OpPrereqError("Missing disk size", errors.ECODE_INVAL)
-      try:
-        size = int(size)
-      except (TypeError, ValueError):
-        raise errors.OpPrereqError("Invalid disk size '%s'" % size,
-                                   errors.ECODE_INVAL)
-      data_vg = disk.get("vg", self.cfg.GetVGName())
-      meta_vg = disk.get("metavg", data_vg)
-      new_disk = {"size": size, "mode": mode, "vg": data_vg, "metavg": meta_vg}
-      if "adopt" in disk:
-        new_disk["adopt"] = disk["adopt"]
-      self.disks.append(new_disk)
-
-    if self.op.mode == constants.INSTANCE_IMPORT:
-
-      # Check that the new instance doesn't have less disks than the export
-      instance_disks = len(self.disks)
-      export_disks = export_info.getint(constants.INISECT_INS, 'disk_count')
-      if instance_disks < export_disks:
-        raise errors.OpPrereqError("Not enough disks to import."
-                                   " (instance: %d, export: %d)" %
-                                   (instance_disks, export_disks),
-                                   errors.ECODE_INVAL)
-
-      disk_images = []
-      for idx in range(export_disks):
-        option = 'disk%d_dump' % idx
-        if export_info.has_option(constants.INISECT_INS, option):
-          # FIXME: are the old os-es, disk sizes, etc. useful?
-          export_name = export_info.get(constants.INISECT_INS, option)
-          image = utils.PathJoin(self.op.src_path, export_name)
-          disk_images.append(image)
-        else:
-          disk_images.append(False)
+    if self.op.mode == constants.INSTANCE_IMPORT:
+      disk_images = []
+      for idx in range(len(self.disks)):
+        option = "disk%d_dump" % idx
+        if export_info.has_option(constants.INISECT_INS, option):
+          # FIXME: are the old os-es, disk sizes, etc. useful?
+          export_name = export_info.get(constants.INISECT_INS, option)
+          image = utils.PathJoin(self.op.src_path, export_name)
+          disk_images.append(image)
+        else:
+          disk_images.append(False)
  
        self.src_images = disk_images
  
  
        self.src_images = disk_images
  
-      old_name = export_info.get(constants.INISECT_INS, 'name')
-      try:
-        exp_nic_count = export_info.getint(constants.INISECT_INS, 'nic_count')
-      except (TypeError, ValueError), err:
-        raise errors.OpPrereqError("Invalid export file, nic_count is not"
-                                   " an integer: %s" % str(err),
-                                   errors.ECODE_STATE)
-      if self.op.instance_name == old_name:
+      if self.op.instance_name == self._old_instance_name:
          for idx, nic in enumerate(self.nics):
          for idx, nic in enumerate(self.nics):
-          if nic.mac == constants.VALUE_AUTO and exp_nic_count >= idx:
-            nic_mac_ini = 'nic%d_mac' % idx
+          if nic.mac == constants.VALUE_AUTO:
+            nic_mac_ini = "nic%d_mac" % idx
              nic.mac = export_info.get(constants.INISECT_INS, nic_mac_ini)
  
      # ENDIF: self.op.mode == constants.INSTANCE_IMPORT
              nic.mac = export_info.get(constants.INISECT_INS, nic_mac_ini)
  
      # ENDIF: self.op.mode == constants.INSTANCE_IMPORT
@@ -7681,13 +10292,23 @@ class LUInstanceCreate(LogicalUnit):
      # creation job will fail.
      for nic in self.nics:
        if nic.mac in (constants.VALUE_AUTO, constants.VALUE_GENERATE):
      # creation job will fail.
      for nic in self.nics:
        if nic.mac in (constants.VALUE_AUTO, constants.VALUE_GENERATE):
-        nic.mac = self.cfg.GenerateMAC(self.proc.GetECId())
+        nic.mac = self.cfg.GenerateMAC(nic.network, self.proc.GetECId())
  
      #### allocator run
  
      if self.op.iallocator is not None:
        self._RunAllocator()
  
  
      #### allocator run
  
      if self.op.iallocator is not None:
        self._RunAllocator()
  
+    # Release all unneeded node locks
+    keep_locks = filter(None, [self.op.pnode, self.op.snode, self.op.src_node])
+    _ReleaseLocks(self, locking.LEVEL_NODE, keep=keep_locks)
+    _ReleaseLocks(self, locking.LEVEL_NODE_RES, keep=keep_locks)
+    _ReleaseLocks(self, locking.LEVEL_NODE_ALLOC)
+
+    assert (self.owned_locks(locking.LEVEL_NODE) ==
+            self.owned_locks(locking.LEVEL_NODE_RES)), \
+      "Node locks differ from node resource locks"
+
      #### node related checks
  
      # check primary node
      #### node related checks
  
      # check primary node
@@ -7706,25 +10327,96 @@ class LUInstanceCreate(LogicalUnit):
  
      self.secondaries = []
  
  
      self.secondaries = []
  
+    # Fill in any IPs from IP pools. This must happen here, because we need to
+    # know the nic's primary node, as specified by the iallocator
+    for idx, nic in enumerate(self.nics):
+      net = nic.network
+      if net is not None:
+        netparams = self.cfg.GetGroupNetParams(net, self.pnode.name)
+        if netparams is None:
+          raise errors.OpPrereqError("No netparams found for network"
+                                     " %s. Propably not connected to"
+                                     " node's %s nodegroup" %
+                                     (net, self.pnode.name),
+                                     errors.ECODE_INVAL)
+        self.LogInfo("NIC/%d inherits netparams %s" %
+                     (idx, netparams.values()))
+        nic.nicparams = dict(netparams)
+        if nic.ip is not None:
+          if nic.ip.lower() == constants.NIC_IP_POOL:
+            try:
+              nic.ip = self.cfg.GenerateIp(net, self.proc.GetECId())
+            except errors.ReservationError:
+              raise errors.OpPrereqError("Unable to get a free IP for NIC %d"
+                                         " from the address pool" % idx,
+                                         errors.ECODE_STATE)
+            self.LogInfo("Chose IP %s from network %s", nic.ip, net)
+          else:
+            try:
+              self.cfg.ReserveIp(net, nic.ip, self.proc.GetECId())
+            except errors.ReservationError:
+              raise errors.OpPrereqError("IP address %s already in use"
+                                         " or does not belong to network %s" %
+                                         (nic.ip, net),
+                                         errors.ECODE_NOTUNIQUE)
+      else:
+        # net is None, ip None or given
+        if self.op.conflicts_check:
+          _CheckForConflictingIp(self, nic.ip, self.pnode.name)
+
      # mirror node verification
      # mirror node verification
-    if self.op.disk_template in constants.DTS_NET_MIRROR:
+    if self.op.disk_template in constants.DTS_INT_MIRROR:
        if self.op.snode == pnode.name:
          raise errors.OpPrereqError("The secondary node cannot be the"
        if self.op.snode == pnode.name:
          raise errors.OpPrereqError("The secondary node cannot be the"
-                                   " primary node.", errors.ECODE_INVAL)
+                                   " primary node", errors.ECODE_INVAL)
        _CheckNodeOnline(self, self.op.snode)
        _CheckNodeNotDrained(self, self.op.snode)
        _CheckNodeVmCapable(self, self.op.snode)
        self.secondaries.append(self.op.snode)
  
        _CheckNodeOnline(self, self.op.snode)
        _CheckNodeNotDrained(self, self.op.snode)
        _CheckNodeVmCapable(self, self.op.snode)
        self.secondaries.append(self.op.snode)
  
+      snode = self.cfg.GetNodeInfo(self.op.snode)
+      if pnode.group != snode.group:
+        self.LogWarning("The primary and secondary nodes are in two"
+                        " different node groups; the disk parameters"
+                        " from the first disk's node group will be"
+                        " used")
+
      nodenames = [pnode.name] + self.secondaries
  
      nodenames = [pnode.name] + self.secondaries
  
-    if not self.adopt_disks:
-      # Check lv size requirements, if not adopting
-      req_sizes = _ComputeDiskSizePerVG(self.op.disk_template, self.disks)
-      _CheckNodesFreeDiskPerVG(self, nodenames, req_sizes)
+    # Verify instance specs
+    spindle_use = self.be_full.get(constants.BE_SPINDLE_USE, None)
+    ispec = {
+      constants.ISPEC_MEM_SIZE: self.be_full.get(constants.BE_MAXMEM, None),
+      constants.ISPEC_CPU_COUNT: self.be_full.get(constants.BE_VCPUS, None),
+      constants.ISPEC_DISK_COUNT: len(self.disks),
+      constants.ISPEC_DISK_SIZE: [disk["size"] for disk in self.disks],
+      constants.ISPEC_NIC_COUNT: len(self.nics),
+      constants.ISPEC_SPINDLE_USE: spindle_use,
+      }
  
  
-    else: # instead, we must check the adoption data
-      all_lvs = set([i["vg"] + "/" + i["adopt"] for i in self.disks])
+    group_info = self.cfg.GetNodeGroup(pnode.group)
+    ipolicy = ganeti.masterd.instance.CalculateGroupIPolicy(cluster, group_info)
+    res = _ComputeIPolicyInstanceSpecViolation(ipolicy, ispec)
+    if not self.op.ignore_ipolicy and res:
+      msg = ("Instance allocation to group %s (%s) violates policy: %s" %
+             (pnode.group, group_info.name, utils.CommaJoin(res)))
+      raise errors.OpPrereqError(msg, errors.ECODE_INVAL)
+
+    if not self.adopt_disks:
+      if self.op.disk_template == constants.DT_RBD:
+        # _CheckRADOSFreeSpace() is just a placeholder.
+        # Any function that checks prerequisites can be placed here.
+        # Check if there is enough space on the RADOS cluster.
+        _CheckRADOSFreeSpace()
+      else:
+        # Check lv size requirements, if not adopting
+        req_sizes = _ComputeDiskSizePerVG(self.op.disk_template, self.disks)
+        _CheckNodesFreeDiskPerVG(self, nodenames, req_sizes)
+
+    elif self.op.disk_template == constants.DT_PLAIN: # Check the adoption data
+      all_lvs = set(["%s/%s" % (disk[constants.IDISK_VG],
+                                disk[constants.IDISK_ADOPT])
+                     for disk in self.disks])
        if len(all_lvs) != len(self.disks):
          raise errors.OpPrereqError("Duplicate volume names given for adoption",
                                     errors.ECODE_INVAL)
        if len(all_lvs) != len(self.disks):
          raise errors.OpPrereqError("Duplicate volume names given for adoption",
                                     errors.ECODE_INVAL)
@@ -7757,7 +10449,60 @@ class LUInstanceCreate(LogicalUnit):
                                     errors.ECODE_STATE)
        # update the size of disk based on what is found
        for dsk in self.disks:
                                     errors.ECODE_STATE)
        # update the size of disk based on what is found
        for dsk in self.disks:
-        dsk["size"] = int(float(node_lvs[dsk["vg"] + "/" + dsk["adopt"]][0]))
+        dsk[constants.IDISK_SIZE] = \
+          int(float(node_lvs["%s/%s" % (dsk[constants.IDISK_VG],
+                                        dsk[constants.IDISK_ADOPT])][0]))
+
+    elif self.op.disk_template == constants.DT_BLOCK:
+      # Normalize and de-duplicate device paths
+      all_disks = set([os.path.abspath(disk[constants.IDISK_ADOPT])
+                       for disk in self.disks])
+      if len(all_disks) != len(self.disks):
+        raise errors.OpPrereqError("Duplicate disk names given for adoption",
+                                   errors.ECODE_INVAL)
+      baddisks = [d for d in all_disks
+                  if not d.startswith(constants.ADOPTABLE_BLOCKDEV_ROOT)]
+      if baddisks:
+        raise errors.OpPrereqError("Device node(s) %s lie outside %s and"
+                                   " cannot be adopted" %
+                                   (utils.CommaJoin(baddisks),
+                                    constants.ADOPTABLE_BLOCKDEV_ROOT),
+                                   errors.ECODE_INVAL)
+
+      node_disks = self.rpc.call_bdev_sizes([pnode.name],
+                                            list(all_disks))[pnode.name]
+      node_disks.Raise("Cannot get block device information from node %s" %
+                       pnode.name)
+      node_disks = node_disks.payload
+      delta = all_disks.difference(node_disks.keys())
+      if delta:
+        raise errors.OpPrereqError("Missing block device(s): %s" %
+                                   utils.CommaJoin(delta),
+                                   errors.ECODE_INVAL)
+      for dsk in self.disks:
+        dsk[constants.IDISK_SIZE] = \
+          int(float(node_disks[dsk[constants.IDISK_ADOPT]]))
+
+    # Verify instance specs
+    spindle_use = self.be_full.get(constants.BE_SPINDLE_USE, None)
+    ispec = {
+      constants.ISPEC_MEM_SIZE: self.be_full.get(constants.BE_MAXMEM, None),
+      constants.ISPEC_CPU_COUNT: self.be_full.get(constants.BE_VCPUS, None),
+      constants.ISPEC_DISK_COUNT: len(self.disks),
+      constants.ISPEC_DISK_SIZE: [disk[constants.IDISK_SIZE]
+                                  for disk in self.disks],
+      constants.ISPEC_NIC_COUNT: len(self.nics),
+      constants.ISPEC_SPINDLE_USE: spindle_use,
+      }
+
+    group_info = self.cfg.GetNodeGroup(pnode.group)
+    ipolicy = ganeti.masterd.instance.CalculateGroupIPolicy(cluster, group_info)
+    res = _ComputeIPolicyInstanceSpecViolation(ipolicy, ispec)
+    if not self.op.ignore_ipolicy and res:
+      raise errors.OpPrereqError(("Instance allocation to group %s violates"
+                                  " policy: %s") % (pnode.group,
+                                                    utils.CommaJoin(res)),
+                                  errors.ECODE_INVAL)
  
      _CheckHVParams(self, nodenames, self.op.hypervisor, self.op.hvparams)
  
  
      _CheckHVParams(self, nodenames, self.op.hypervisor, self.op.hvparams)
  
@@ -7768,10 +10513,11 @@ class LUInstanceCreate(LogicalUnit):
      _CheckNicsBridgesExist(self, self.nics, self.pnode.name)
  
      # memory check on primary node
      _CheckNicsBridgesExist(self, self.nics, self.pnode.name)
  
      # memory check on primary node
+    #TODO(dynmem): use MINMEM for checking
      if self.op.start:
        _CheckNodeFreeMemory(self, self.pnode.name,
                             "creating instance %s" % self.op.instance_name,
      if self.op.start:
        _CheckNodeFreeMemory(self, self.pnode.name,
                             "creating instance %s" % self.op.instance_name,
-                           self.be_full[constants.BE_MEMORY],
+                           self.be_full[constants.BE_MAXMEM],
                             self.op.hypervisor)
  
      self.dry_run_result = list(nodenames)
                             self.op.hypervisor)
  
      self.dry_run_result = list(nodenames)
@@ -7783,12 +10529,22 @@ class LUInstanceCreate(LogicalUnit):
      instance = self.op.instance_name
      pnode_name = self.pnode.name
  
      instance = self.op.instance_name
      pnode_name = self.pnode.name
  
+    assert not (self.owned_locks(locking.LEVEL_NODE_RES) -
+                self.owned_locks(locking.LEVEL_NODE)), \
+      "Node locks differ from node resource locks"
+    assert not self.glm.is_owned(locking.LEVEL_NODE_ALLOC)
+
      ht_kind = self.op.hypervisor
      if ht_kind in constants.HTS_REQ_PORT:
        network_port = self.cfg.AllocatePort()
      else:
        network_port = None
  
      ht_kind = self.op.hypervisor
      if ht_kind in constants.HTS_REQ_PORT:
        network_port = self.cfg.AllocatePort()
      else:
        network_port = None
  
+    # This is ugly but we got a chicken-egg problem here
+    # We can only take the group disk parameters, as the instance
+    # has no disks yet (we are generating them right here).
+    node = self.cfg.GetNodeInfo(pnode_name)
+    nodegroup = self.cfg.GetNodeGroup(node.group)
      disks = _GenerateDiskTemplate(self,
                                    self.op.disk_template,
                                    instance, pnode_name,
      disks = _GenerateDiskTemplate(self,
                                    self.op.disk_template,
                                    instance, pnode_name,
@@ -7797,13 +10553,14 @@ class LUInstanceCreate(LogicalUnit):
                                    self.instance_file_storage_dir,
                                    self.op.file_driver,
                                    0,
                                    self.instance_file_storage_dir,
                                    self.op.file_driver,
                                    0,
-                                  feedback_fn)
+                                  feedback_fn,
+                                  self.cfg.GetGroupDiskParams(nodegroup))
  
      iobj = objects.Instance(name=instance, os=self.op.os_type,
                              primary_node=pnode_name,
                              nics=self.nics, disks=disks,
                              disk_template=self.op.disk_template,
  
      iobj = objects.Instance(name=instance, os=self.op.os_type,
                              primary_node=pnode_name,
                              nics=self.nics, disks=disks,
                              disk_template=self.op.disk_template,
-                            admin_up=False,
+                            admin_state=constants.ADMINST_DOWN,
                              network_port=network_port,
                              beparams=self.op.beparams,
                              hvparams=self.op.hvparams,
                              network_port=network_port,
                              beparams=self.op.beparams,
                              hvparams=self.op.hvparams,
@@ -7811,18 +10568,23 @@ class LUInstanceCreate(LogicalUnit):
                              osparams=self.op.osparams,
                              )
  
                              osparams=self.op.osparams,
                              )
  
+    if self.op.tags:
+      for tag in self.op.tags:
+        iobj.AddTag(tag)
+
      if self.adopt_disks:
      if self.adopt_disks:
-      # rename LVs to the newly-generated names; we need to construct
-      # 'fake' LV disks with the old data, plus the new unique_id
-      tmp_disks = [objects.Disk.FromDict(v.ToDict()) for v in disks]
-      rename_to = []
-      for t_dsk, a_dsk in zip (tmp_disks, self.disks):
-        rename_to.append(t_dsk.logical_id)
-        t_dsk.logical_id = (t_dsk.logical_id[0], a_dsk["adopt"])
-        self.cfg.SetDiskID(t_dsk, pnode_name)
-      result = self.rpc.call_blockdev_rename(pnode_name,
-                                             zip(tmp_disks, rename_to))
-      result.Raise("Failed to rename adoped LVs")
+      if self.op.disk_template == constants.DT_PLAIN:
+        # rename LVs to the newly-generated names; we need to construct
+        # 'fake' LV disks with the old data, plus the new unique_id
+        tmp_disks = [objects.Disk.FromDict(v.ToDict()) for v in disks]
+        rename_to = []
+        for t_dsk, a_dsk in zip(tmp_disks, self.disks):
+          rename_to.append(t_dsk.logical_id)
+          t_dsk.logical_id = (t_dsk.logical_id[0], a_dsk[constants.IDISK_ADOPT])
+          self.cfg.SetDiskID(t_dsk, pnode_name)
+        result = self.rpc.call_blockdev_rename(pnode_name,
+                                               zip(tmp_disks, rename_to))
+        result.Raise("Failed to rename adoped LVs")
      else:
        feedback_fn("* creating instance disks...")
        try:
      else:
        feedback_fn("* creating instance disks...")
        try:
@@ -7842,16 +10604,13 @@ class LUInstanceCreate(LogicalUnit):
      # Declare that we don't want to remove the instance lock anymore, as we've
      # added the instance to the config
      del self.remove_locks[locking.LEVEL_INSTANCE]
      # Declare that we don't want to remove the instance lock anymore, as we've
      # added the instance to the config
      del self.remove_locks[locking.LEVEL_INSTANCE]
-    # Unlock all the nodes
+
      if self.op.mode == constants.INSTANCE_IMPORT:
      if self.op.mode == constants.INSTANCE_IMPORT:
-      nodes_keep = [self.op.src_node]
-      nodes_release = [node for node in self.acquired_locks[locking.LEVEL_NODE]
-                       if node != self.op.src_node]
-      self.context.glm.release(locking.LEVEL_NODE, nodes_release)
-      self.acquired_locks[locking.LEVEL_NODE] = nodes_keep
+      # Release unused nodes
+      _ReleaseLocks(self, locking.LEVEL_NODE, keep=[self.op.src_node])
      else:
      else:
-      self.context.glm.release(locking.LEVEL_NODE)
-      del self.acquired_locks[locking.LEVEL_NODE]
+      # Release all nodes
+      _ReleaseLocks(self, locking.LEVEL_NODE)
  
      disk_abort = False
      if not self.adopt_disks and self.cfg.GetClusterInfo().prealloc_wipe_disks:
  
      disk_abort = False
      if not self.adopt_disks and self.cfg.GetClusterInfo().prealloc_wipe_disks:
@@ -7868,9 +10627,8 @@ class LUInstanceCreate(LogicalUnit):
        pass
      elif self.op.wait_for_sync:
        disk_abort = not _WaitForSync(self, iobj)
        pass
      elif self.op.wait_for_sync:
        disk_abort = not _WaitForSync(self, iobj)
-    elif iobj.disk_template in constants.DTS_NET_MIRROR:
+    elif iobj.disk_template in constants.DTS_INT_MIRROR:
        # make sure the disks are not degraded (still sync-ing is ok)
        # make sure the disks are not degraded (still sync-ing is ok)
-      time.sleep(15)
        feedback_fn("* checking mirrors status")
        disk_abort = not _WaitForSync(self, iobj, oneshot=True)
      else:
        feedback_fn("* checking mirrors status")
        disk_abort = not _WaitForSync(self, iobj, oneshot=True)
      else:
@@ -7884,88 +10642,274 @@ class LUInstanceCreate(LogicalUnit):
        raise errors.OpExecError("There are some degraded disks for"
                                 " this instance")
  
        raise errors.OpExecError("There are some degraded disks for"
                                 " this instance")
  
+    # Release all node resource locks
+    _ReleaseLocks(self, locking.LEVEL_NODE_RES)
+
      if iobj.disk_template != constants.DT_DISKLESS and not self.adopt_disks:
      if iobj.disk_template != constants.DT_DISKLESS and not self.adopt_disks:
+      # we need to set the disks ID to the primary node, since the
+      # preceding code might or might have not done it, depending on
+      # disk template and other options
+      for disk in iobj.disks:
+        self.cfg.SetDiskID(disk, pnode_name)
        if self.op.mode == constants.INSTANCE_CREATE:
          if not self.op.no_install:
        if self.op.mode == constants.INSTANCE_CREATE:
          if not self.op.no_install:
+          pause_sync = (iobj.disk_template in constants.DTS_INT_MIRROR and
+                        not self.op.wait_for_sync)
+          if pause_sync:
+            feedback_fn("* pausing disk sync to install instance OS")
+            result = self.rpc.call_blockdev_pause_resume_sync(pnode_name,
+                                                              (iobj.disks,
+                                                               iobj), True)
+            for idx, success in enumerate(result.payload):
+              if not success:
+                logging.warn("pause-sync of instance %s for disk %d failed",
+                             instance, idx)
+
            feedback_fn("* running the instance OS create scripts...")
            # FIXME: pass debug option from opcode to backend
            feedback_fn("* running the instance OS create scripts...")
            # FIXME: pass debug option from opcode to backend
-          result = self.rpc.call_instance_os_add(pnode_name, iobj, False,
-                                                 self.op.debug_level)
-          result.Raise("Could not add os for instance %s"
-                       " on node %s" % (instance, pnode_name))
+          os_add_result = \
+            self.rpc.call_instance_os_add(pnode_name, (iobj, None), False,
+                                          self.op.debug_level)
+          if pause_sync:
+            feedback_fn("* resuming disk sync")
+            result = self.rpc.call_blockdev_pause_resume_sync(pnode_name,
+                                                              (iobj.disks,
+                                                               iobj), False)
+            for idx, success in enumerate(result.payload):
+              if not success:
+                logging.warn("resume-sync of instance %s for disk %d failed",
+                             instance, idx)
+
+          os_add_result.Raise("Could not add os for instance %s"
+                              " on node %s" % (instance, pnode_name))
  
  
-      elif self.op.mode == constants.INSTANCE_IMPORT:
-        feedback_fn("* running the instance OS import scripts...")
+      else:
+        if self.op.mode == constants.INSTANCE_IMPORT:
+          feedback_fn("* running the instance OS import scripts...")
+
+          transfers = []
+
+          for idx, image in enumerate(self.src_images):
+            if not image:
+              continue
+
+            # FIXME: pass debug option from opcode to backend
+            dt = masterd.instance.DiskTransfer("disk/%s" % idx,
+                                               constants.IEIO_FILE, (image, ),
+                                               constants.IEIO_SCRIPT,
+                                               (iobj.disks[idx], idx),
+                                               None)
+            transfers.append(dt)
+
+          import_result = \
+            masterd.instance.TransferInstanceData(self, feedback_fn,
+                                                  self.op.src_node, pnode_name,
+                                                  self.pnode.secondary_ip,
+                                                  iobj, transfers)
+          if not compat.all(import_result):
+            self.LogWarning("Some disks for instance %s on node %s were not"
+                            " imported successfully" % (instance, pnode_name))
+
+          rename_from = self._old_instance_name
+
+        elif self.op.mode == constants.INSTANCE_REMOTE_IMPORT:
+          feedback_fn("* preparing remote import...")
+          # The source cluster will stop the instance before attempting to make
+          # a connection. In some cases stopping an instance can take a long
+          # time, hence the shutdown timeout is added to the connection
+          # timeout.
+          connect_timeout = (constants.RIE_CONNECT_TIMEOUT +
+                             self.op.source_shutdown_timeout)
+          timeouts = masterd.instance.ImportExportTimeouts(connect_timeout)
  
  
-        transfers = []
+          assert iobj.primary_node == self.pnode.name
+          disk_results = \
+            masterd.instance.RemoteImport(self, feedback_fn, iobj, self.pnode,
+                                          self.source_x509_ca,
+                                          self._cds, timeouts)
+          if not compat.all(disk_results):
+            # TODO: Should the instance still be started, even if some disks
+            # failed to import (valid for local imports, too)?
+            self.LogWarning("Some disks for instance %s on node %s were not"
+                            " imported successfully" % (instance, pnode_name))
  
  
-        for idx, image in enumerate(self.src_images):
-          if not image:
-            continue
+          rename_from = self.source_instance_name
  
  
-          # FIXME: pass debug option from opcode to backend
-          dt = masterd.instance.DiskTransfer("disk/%s" % idx,
-                                             constants.IEIO_FILE, (image, ),
-                                             constants.IEIO_SCRIPT,
-                                             (iobj.disks[idx], idx),
-                                             None)
-          transfers.append(dt)
-
-        import_result = \
-          masterd.instance.TransferInstanceData(self, feedback_fn,
-                                                self.op.src_node, pnode_name,
-                                                self.pnode.secondary_ip,
-                                                iobj, transfers)
-        if not compat.all(import_result):
-          self.LogWarning("Some disks for instance %s on node %s were not"
-                          " imported successfully" % (instance, pnode_name))
-
-      elif self.op.mode == constants.INSTANCE_REMOTE_IMPORT:
-        feedback_fn("* preparing remote import...")
-        # The source cluster will stop the instance before attempting to make a
-        # connection. In some cases stopping an instance can take a long time,
-        # hence the shutdown timeout is added to the connection timeout.
-        connect_timeout = (constants.RIE_CONNECT_TIMEOUT +
-                           self.op.source_shutdown_timeout)
-        timeouts = masterd.instance.ImportExportTimeouts(connect_timeout)
-
-        assert iobj.primary_node == self.pnode.name
-        disk_results = \
-          masterd.instance.RemoteImport(self, feedback_fn, iobj, self.pnode,
-                                        self.source_x509_ca,
-                                        self._cds, timeouts)
-        if not compat.all(disk_results):
-          # TODO: Should the instance still be started, even if some disks
-          # failed to import (valid for local imports, too)?
-          self.LogWarning("Some disks for instance %s on node %s were not"
-                          " imported successfully" % (instance, pnode_name))
+        else:
+          # also checked in the prereq part
+          raise errors.ProgrammerError("Unknown OS initialization mode '%s'"
+                                       % self.op.mode)
  
          # Run rename script on newly imported instance
          assert iobj.name == instance
          feedback_fn("Running rename script for %s" % instance)
          result = self.rpc.call_instance_run_rename(pnode_name, iobj,
  
          # Run rename script on newly imported instance
          assert iobj.name == instance
          feedback_fn("Running rename script for %s" % instance)
          result = self.rpc.call_instance_run_rename(pnode_name, iobj,
-                                                   self.source_instance_name,
+                                                   rename_from,
                                                     self.op.debug_level)
          if result.fail_msg:
            self.LogWarning("Failed to run rename script for %s on node"
                            " %s: %s" % (instance, pnode_name, result.fail_msg))
  
                                                     self.op.debug_level)
          if result.fail_msg:
            self.LogWarning("Failed to run rename script for %s on node"
                            " %s: %s" % (instance, pnode_name, result.fail_msg))
  
-      else:
-        # also checked in the prereq part
-        raise errors.ProgrammerError("Unknown OS initialization mode '%s'"
-                                     % self.op.mode)
+    assert not self.owned_locks(locking.LEVEL_NODE_RES)
  
      if self.op.start:
  
      if self.op.start:
-      iobj.admin_up = True
+      iobj.admin_state = constants.ADMINST_UP
        self.cfg.Update(iobj, feedback_fn)
        logging.info("Starting instance %s on node %s", instance, pnode_name)
        feedback_fn("* starting instance...")
        self.cfg.Update(iobj, feedback_fn)
        logging.info("Starting instance %s on node %s", instance, pnode_name)
        feedback_fn("* starting instance...")
-      result = self.rpc.call_instance_start(pnode_name, iobj, None, None)
+      result = self.rpc.call_instance_start(pnode_name, (iobj, None, None),
+                                            False)
        result.Raise("Could not start instance")
  
      return list(iobj.all_nodes)
  
  
        result.Raise("Could not start instance")
  
      return list(iobj.all_nodes)
  
  
+class LUInstanceMultiAlloc(NoHooksLU):
+  """Allocates multiple instances at the same time.
+
+  """
+  REQ_BGL = False
+
+  def CheckArguments(self):
+    """Check arguments.
+
+    """
+    nodes = []
+    for inst in self.op.instances:
+      if inst.iallocator is not None:
+        raise errors.OpPrereqError("iallocator are not allowed to be set on"
+                                   " instance objects", errors.ECODE_INVAL)
+      nodes.append(bool(inst.pnode))
+      if inst.disk_template in constants.DTS_INT_MIRROR:
+        nodes.append(bool(inst.snode))
+
+    has_nodes = compat.any(nodes)
+    if compat.all(nodes) ^ has_nodes:
+      raise errors.OpPrereqError("There are instance objects providing"
+                                 " pnode/snode while others do not",
+                                 errors.ECODE_INVAL)
+
+    if self.op.iallocator is None:
+      default_iallocator = self.cfg.GetDefaultIAllocator()
+      if default_iallocator and has_nodes:
+        self.op.iallocator = default_iallocator
+      else:
+        raise errors.OpPrereqError("No iallocator or nodes on the instances"
+                                   " given and no cluster-wide default"
+                                   " iallocator found; please specify either"
+                                   " an iallocator or nodes on the instances"
+                                   " or set a cluster-wide default iallocator",
+                                   errors.ECODE_INVAL)
+
+    dups = utils.FindDuplicates([op.instance_name for op in self.op.instances])
+    if dups:
+      raise errors.OpPrereqError("There are duplicate instance names: %s" %
+                                 utils.CommaJoin(dups), errors.ECODE_INVAL)
+
+  def ExpandNames(self):
+    """Calculate the locks.
+
+    """
+    self.share_locks = _ShareAll()
+    self.needed_locks = {
+      # iallocator will select nodes and even if no iallocator is used,
+      # collisions with LUInstanceCreate should be avoided
+      locking.LEVEL_NODE_ALLOC: locking.ALL_SET,
+      }
+
+    if self.op.iallocator:
+      self.needed_locks[locking.LEVEL_NODE] = locking.ALL_SET
+      self.needed_locks[locking.LEVEL_NODE_RES] = locking.ALL_SET
+    else:
+      nodeslist = []
+      for inst in self.op.instances:
+        inst.pnode = _ExpandNodeName(self.cfg, inst.pnode)
+        nodeslist.append(inst.pnode)
+        if inst.snode is not None:
+          inst.snode = _ExpandNodeName(self.cfg, inst.snode)
+          nodeslist.append(inst.snode)
+
+      self.needed_locks[locking.LEVEL_NODE] = nodeslist
+      # Lock resources of instance's primary and secondary nodes (copy to
+      # prevent accidential modification)
+      self.needed_locks[locking.LEVEL_NODE_RES] = list(nodeslist)
+
+  def CheckPrereq(self):
+    """Check prerequisite.
+
+    """
+    cluster = self.cfg.GetClusterInfo()
+    default_vg = self.cfg.GetVGName()
+    ec_id = self.proc.GetECId()
+
+    insts = [_CreateInstanceAllocRequest(op, _ComputeDisks(op, default_vg),
+                                         _ComputeNics(op, cluster, None,
+                                                      self.cfg, ec_id),
+                                         _ComputeFullBeParams(op, cluster))
+             for op in self.op.instances]
+
+    req = iallocator.IAReqMultiInstanceAlloc(instances=insts)
+    ial = iallocator.IAllocator(self.cfg, self.rpc, req)
+
+    ial.Run(self.op.iallocator)
+
+    if not ial.success:
+      raise errors.OpPrereqError("Can't compute nodes using"
+                                 " iallocator '%s': %s" %
+                                 (self.op.iallocator, ial.info),
+                                 errors.ECODE_NORES)
+
+    self.ia_result = ial.result
+
+    if self.op.dry_run:
+      self.dry_run_rsult = objects.FillDict(self._ConstructPartialResult(), {
+        constants.JOB_IDS_KEY: [],
+        })
+
+  def _ConstructPartialResult(self):
+    """Contructs the partial result.
+
+    """
+    (allocatable, failed) = self.ia_result
+    return {
+      opcodes.OpInstanceMultiAlloc.ALLOCATABLE_KEY:
+        map(compat.fst, allocatable),
+      opcodes.OpInstanceMultiAlloc.FAILED_KEY: failed,
+      }
+
+  def Exec(self, feedback_fn):
+    """Executes the opcode.
+
+    """
+    op2inst = dict((op.instance_name, op) for op in self.op.instances)
+    (allocatable, failed) = self.ia_result
+
+    jobs = []
+    for (name, nodes) in allocatable:
+      op = op2inst.pop(name)
+
+      if len(nodes) > 1:
+        (op.pnode, op.snode) = nodes
+      else:
+        (op.pnode,) = nodes
+
+      jobs.append([op])
+
+    missing = set(op2inst.keys()) - set(failed)
+    assert not missing, \
+      "Iallocator did return incomplete result: %s" % utils.CommaJoin(missing)
+
+    return ResultWithJobs(jobs, **self._ConstructPartialResult())
+
+
+def _CheckRADOSFreeSpace():
+  """Compute disk size requirements inside the RADOS cluster.
+
+  """
+  # For the RADOS cluster we assume there is always enough space.
+  pass
+
+
  class LUInstanceConsole(NoHooksLU):
    """Connect to an instance's console.
  
  class LUInstanceConsole(NoHooksLU):
    """Connect to an instance's console.
  
@@ -7977,6 +10921,7 @@ class LUInstanceConsole(NoHooksLU):
    REQ_BGL = False
  
    def ExpandNames(self):
    REQ_BGL = False
  
    def ExpandNames(self):
+    self.share_locks = _ShareAll()
      self._ExpandAndLockInstance()
  
    def CheckPrereq(self):
      self._ExpandAndLockInstance()
  
    def CheckPrereq(self):
@@ -8002,10 +10947,12 @@ class LUInstanceConsole(NoHooksLU):
      node_insts.Raise("Can't get node information from %s" % node)
  
      if instance.name not in node_insts.payload:
      node_insts.Raise("Can't get node information from %s" % node)
  
      if instance.name not in node_insts.payload:
-      if instance.admin_up:
-        state = "ERROR_down"
+      if instance.admin_state == constants.ADMINST_UP:
+        state = constants.INSTST_ERRORDOWN
+      elif instance.admin_state == constants.ADMINST_DOWN:
+        state = constants.INSTST_ADMINDOWN
        else:
        else:
-        state = "ADMIN_down"
+        state = constants.INSTST_ADMINOFFLINE
        raise errors.OpExecError("Instance %s is not running (state %s)" %
                                 (instance.name, state))
  
        raise errors.OpExecError("Instance %s is not running (state %s)" %
                                 (instance.name, state))
  
@@ -8044,42 +10991,94 @@ class LUInstanceReplaceDisks(LogicalUnit):
    REQ_BGL = False
  
    def CheckArguments(self):
    REQ_BGL = False
  
    def CheckArguments(self):
-    TLReplaceDisks.CheckArguments(self.op.mode, self.op.remote_node,
-                                  self.op.iallocator)
+    """Check arguments.
+
+    """
+    remote_node = self.op.remote_node
+    ialloc = self.op.iallocator
+    if self.op.mode == constants.REPLACE_DISK_CHG:
+      if remote_node is None and ialloc is None:
+        raise errors.OpPrereqError("When changing the secondary either an"
+                                   " iallocator script must be used or the"
+                                   " new node given", errors.ECODE_INVAL)
+      else:
+        _CheckIAllocatorOrNode(self, "iallocator", "remote_node")
+
+    elif remote_node is not None or ialloc is not None:
+      # Not replacing the secondary
+      raise errors.OpPrereqError("The iallocator and new node options can"
+                                 " only be used when changing the"
+                                 " secondary node", errors.ECODE_INVAL)
  
    def ExpandNames(self):
      self._ExpandAndLockInstance()
  
  
    def ExpandNames(self):
      self._ExpandAndLockInstance()
  
-    if self.op.iallocator is not None:
-      self.needed_locks[locking.LEVEL_NODE] = locking.ALL_SET
+    assert locking.LEVEL_NODE not in self.needed_locks
+    assert locking.LEVEL_NODE_RES not in self.needed_locks
+    assert locking.LEVEL_NODEGROUP not in self.needed_locks
  
  
-    elif self.op.remote_node is not None:
-      remote_node = _ExpandNodeName(self.cfg, self.op.remote_node)
-      self.op.remote_node = remote_node
+    assert self.op.iallocator is None or self.op.remote_node is None, \
+      "Conflicting options"
+
+    if self.op.remote_node is not None:
+      self.op.remote_node = _ExpandNodeName(self.cfg, self.op.remote_node)
  
        # Warning: do not remove the locking of the new secondary here
        # unless DRBD8.AddChildren is changed to work in parallel;
        # currently it doesn't since parallel invocations of
        # FindUnusedMinor will conflict
  
        # Warning: do not remove the locking of the new secondary here
        # unless DRBD8.AddChildren is changed to work in parallel;
        # currently it doesn't since parallel invocations of
        # FindUnusedMinor will conflict
-      self.needed_locks[locking.LEVEL_NODE] = [remote_node]
+      self.needed_locks[locking.LEVEL_NODE] = [self.op.remote_node]
        self.recalculate_locks[locking.LEVEL_NODE] = constants.LOCKS_APPEND
        self.recalculate_locks[locking.LEVEL_NODE] = constants.LOCKS_APPEND
-
      else:
        self.needed_locks[locking.LEVEL_NODE] = []
        self.recalculate_locks[locking.LEVEL_NODE] = constants.LOCKS_REPLACE
  
      else:
        self.needed_locks[locking.LEVEL_NODE] = []
        self.recalculate_locks[locking.LEVEL_NODE] = constants.LOCKS_REPLACE
  
+      if self.op.iallocator is not None:
+        # iallocator will select a new node in the same group
+        self.needed_locks[locking.LEVEL_NODEGROUP] = []
+        self.needed_locks[locking.LEVEL_NODE_ALLOC] = locking.ALL_SET
+
+    self.needed_locks[locking.LEVEL_NODE_RES] = []
+
      self.replacer = TLReplaceDisks(self, self.op.instance_name, self.op.mode,
                                     self.op.iallocator, self.op.remote_node,
      self.replacer = TLReplaceDisks(self, self.op.instance_name, self.op.mode,
                                     self.op.iallocator, self.op.remote_node,
-                                   self.op.disks, False, self.op.early_release)
+                                   self.op.disks, self.op.early_release,
+                                   self.op.ignore_ipolicy)
  
      self.tasklets = [self.replacer]
  
    def DeclareLocks(self, level):
  
      self.tasklets = [self.replacer]
  
    def DeclareLocks(self, level):
-    # If we're not already locking all nodes in the set we have to declare the
-    # instance's primary/secondary nodes.
-    if (level == locking.LEVEL_NODE and
-        self.needed_locks[locking.LEVEL_NODE] is not locking.ALL_SET):
-      self._LockInstancesNodes()
+    if level == locking.LEVEL_NODEGROUP:
+      assert self.op.remote_node is None
+      assert self.op.iallocator is not None
+      assert not self.needed_locks[locking.LEVEL_NODEGROUP]
+
+      self.share_locks[locking.LEVEL_NODEGROUP] = 1
+      # Lock all groups used by instance optimistically; this requires going
+      # via the node before it's locked, requiring verification later on
+      self.needed_locks[locking.LEVEL_NODEGROUP] = \
+        self.cfg.GetInstanceNodeGroups(self.op.instance_name)
+
+    elif level == locking.LEVEL_NODE:
+      if self.op.iallocator is not None:
+        assert self.op.remote_node is None
+        assert not self.needed_locks[locking.LEVEL_NODE]
+        assert locking.NAL in self.owned_locks(locking.LEVEL_NODE_ALLOC)
+
+        # Lock member nodes of all locked groups
+        self.needed_locks[locking.LEVEL_NODE] = \
+            [node_name
+             for group_uuid in self.owned_locks(locking.LEVEL_NODEGROUP)
+             for node_name in self.cfg.GetNodeGroup(group_uuid).members]
+      else:
+        assert not self.glm.is_owned(locking.LEVEL_NODE_ALLOC)
+
+        self._LockInstancesNodes()
+
+    elif level == locking.LEVEL_NODE_RES:
+      # Reuse node locks
+      self.needed_locks[locking.LEVEL_NODE_RES] = \
+        self.needed_locks[locking.LEVEL_NODE]
  
    def BuildHooksEnv(self):
      """Build hooks env.
  
    def BuildHooksEnv(self):
      """Build hooks env.
@@ -8094,13 +11093,34 @@ class LUInstanceReplaceDisks(LogicalUnit):
        "OLD_SECONDARY": instance.secondary_nodes[0],
        }
      env.update(_BuildInstanceHookEnvByObject(self, instance))
        "OLD_SECONDARY": instance.secondary_nodes[0],
        }
      env.update(_BuildInstanceHookEnvByObject(self, instance))
+    return env
+
+  def BuildHooksNodes(self):
+    """Build hooks nodes.
+
+    """
+    instance = self.replacer.instance
      nl = [
        self.cfg.GetMasterNode(),
        instance.primary_node,
        ]
      if self.op.remote_node is not None:
        nl.append(self.op.remote_node)
      nl = [
        self.cfg.GetMasterNode(),
        instance.primary_node,
        ]
      if self.op.remote_node is not None:
        nl.append(self.op.remote_node)
-    return env, nl, nl
+    return nl, nl
+
+  def CheckPrereq(self):
+    """Check prerequisites.
+
+    """
+    assert (self.glm.is_owned(locking.LEVEL_NODEGROUP) or
+            self.op.iallocator is None)
+
+    # Verify if node group locks are still correct
+    owned_groups = self.owned_locks(locking.LEVEL_NODEGROUP)
+    if owned_groups:
+      _CheckInstanceNodeGroups(self.cfg, self.op.instance_name, owned_groups)
+
+    return LogicalUnit.CheckPrereq(self)
  
  
  class TLReplaceDisks(Tasklet):
  
  
  class TLReplaceDisks(Tasklet):
@@ -8110,7 +11130,7 @@ class TLReplaceDisks(Tasklet):
  
    """
    def __init__(self, lu, instance_name, mode, iallocator_name, remote_node,
  
    """
    def __init__(self, lu, instance_name, mode, iallocator_name, remote_node,
-               disks, delay_iallocator, early_release):
+               disks, early_release, ignore_ipolicy):
      """Initializes this class.
  
      """
      """Initializes this class.
  
      """
@@ -8122,8 +11142,8 @@ class TLReplaceDisks(Tasklet):
      self.iallocator_name = iallocator_name
      self.remote_node = remote_node
      self.disks = disks
      self.iallocator_name = iallocator_name
      self.remote_node = remote_node
      self.disks = disks
-    self.delay_iallocator = delay_iallocator
      self.early_release = early_release
      self.early_release = early_release
+    self.ignore_ipolicy = ignore_ipolicy
  
      # Runtime data
      self.instance = None
  
      # Runtime data
      self.instance = None
@@ -8134,36 +11154,13 @@ class TLReplaceDisks(Tasklet):
      self.node_secondary_ip = None
  
    @staticmethod
      self.node_secondary_ip = None
  
    @staticmethod
-  def CheckArguments(mode, remote_node, iallocator):
-    """Helper function for users of this class.
-
-    """
-    # check for valid parameter combination
-    if mode == constants.REPLACE_DISK_CHG:
-      if remote_node is None and iallocator is None:
-        raise errors.OpPrereqError("When changing the secondary either an"
-                                   " iallocator script must be used or the"
-                                   " new node given", errors.ECODE_INVAL)
-
-      if remote_node is not None and iallocator is not None:
-        raise errors.OpPrereqError("Give either the iallocator or the new"
-                                   " secondary, not both", errors.ECODE_INVAL)
-
-    elif remote_node is not None or iallocator is not None:
-      # Not replacing the secondary
-      raise errors.OpPrereqError("The iallocator and new node options can"
-                                 " only be used when changing the"
-                                 " secondary node", errors.ECODE_INVAL)
-
-  @staticmethod
    def _RunAllocator(lu, iallocator_name, instance_name, relocate_from):
      """Compute a new secondary node using an IAllocator.
  
      """
    def _RunAllocator(lu, iallocator_name, instance_name, relocate_from):
      """Compute a new secondary node using an IAllocator.
  
      """
-    ial = IAllocator(lu.cfg, lu.rpc,
-                     mode=constants.IALLOCATOR_MODE_RELOC,
-                     name=instance_name,
-                     relocate_from=relocate_from)
+    req = iallocator.IAReqRelocate(name=instance_name,
+                                   relocate_from=list(relocate_from))
+    ial = iallocator.IAllocator(lu.cfg, lu.rpc, req)
  
      ial.Run(iallocator_name)
  
  
      ial.Run(iallocator_name)
  
@@ -8172,13 +11169,6 @@ class TLReplaceDisks(Tasklet):
                                   " %s" % (iallocator_name, ial.info),
                                   errors.ECODE_NORES)
  
                                   " %s" % (iallocator_name, ial.info),
                                   errors.ECODE_NORES)
  
-    if len(ial.result) != ial.required_nodes:
-      raise errors.OpPrereqError("iallocator '%s' returned invalid number"
-                                 " of nodes (%s), required %s" %
-                                 (iallocator_name,
-                                  len(ial.result), ial.required_nodes),
-                                 errors.ECODE_FAULT)
-
      remote_node_name = ial.result[0]
  
      lu.LogInfo("Selected new secondary for instance '%s': %s",
      remote_node_name = ial.result[0]
  
      lu.LogInfo("Selected new secondary for instance '%s': %s",
@@ -8187,9 +11177,35 @@ class TLReplaceDisks(Tasklet):
      return remote_node_name
  
    def _FindFaultyDisks(self, node_name):
      return remote_node_name
  
    def _FindFaultyDisks(self, node_name):
+    """Wrapper for L{_FindFaultyInstanceDisks}.
+
+    """
      return _FindFaultyInstanceDisks(self.cfg, self.rpc, self.instance,
                                      node_name, True)
  
      return _FindFaultyInstanceDisks(self.cfg, self.rpc, self.instance,
                                      node_name, True)
  
+  def _CheckDisksActivated(self, instance):
+    """Checks if the instance disks are activated.
+
+    @param instance: The instance to check disks
+    @return: True if they are activated, False otherwise
+
+    """
+    nodes = instance.all_nodes
+
+    for idx, dev in enumerate(instance.disks):
+      for node in nodes:
+        self.lu.LogInfo("Checking disk/%d on %s", idx, node)
+        self.cfg.SetDiskID(dev, node)
+
+        result = _BlockdevFind(self, node, dev, instance)
+
+        if result.offline:
+          continue
+        elif result.fail_msg or not result.payload:
+          return False
+
+    return True
+
    def CheckPrereq(self):
      """Check prerequisites.
  
    def CheckPrereq(self):
      """Check prerequisites.
  
@@ -8210,18 +11226,6 @@ class TLReplaceDisks(Tasklet):
                                   len(instance.secondary_nodes),
                                   errors.ECODE_FAULT)
  
                                   len(instance.secondary_nodes),
                                   errors.ECODE_FAULT)
  
-    if not self.delay_iallocator:
-      self._CheckPrereq2()
-
-  def _CheckPrereq2(self):
-    """Check prerequisites, second part.
-
-    This function should always be part of CheckPrereq. It was separated and is
-    now called from Exec because during node evacuation iallocator was only
-    called with an unmodified cluster model, not taking planned changes into
-    account.
-
-    """
      instance = self.instance
      secondary_node = instance.secondary_nodes[0]
  
      instance = self.instance
      secondary_node = instance.secondary_nodes[0]
  
@@ -8231,20 +11235,23 @@ class TLReplaceDisks(Tasklet):
        remote_node = self._RunAllocator(self.lu, self.iallocator_name,
                                         instance.name, instance.secondary_nodes)
  
        remote_node = self._RunAllocator(self.lu, self.iallocator_name,
                                         instance.name, instance.secondary_nodes)
  
-    if remote_node is not None:
+    if remote_node is None:
+      self.remote_node_info = None
+    else:
+      assert remote_node in self.lu.owned_locks(locking.LEVEL_NODE), \
+             "Remote node '%s' is not locked" % remote_node
+
        self.remote_node_info = self.cfg.GetNodeInfo(remote_node)
        assert self.remote_node_info is not None, \
          "Cannot retrieve locked node %s" % remote_node
        self.remote_node_info = self.cfg.GetNodeInfo(remote_node)
        assert self.remote_node_info is not None, \
          "Cannot retrieve locked node %s" % remote_node
-    else:
-      self.remote_node_info = None
  
      if remote_node == self.instance.primary_node:
        raise errors.OpPrereqError("The specified node is the primary node of"
  
      if remote_node == self.instance.primary_node:
        raise errors.OpPrereqError("The specified node is the primary node of"
-                                 " the instance.", errors.ECODE_INVAL)
+                                 " the instance", errors.ECODE_INVAL)
  
      if remote_node == secondary_node:
        raise errors.OpPrereqError("The specified node is already the"
  
      if remote_node == secondary_node:
        raise errors.OpPrereqError("The specified node is already the"
-                                 " secondary node of the instance.",
+                                 " secondary node of the instance",
                                   errors.ECODE_INVAL)
  
      if self.disks and self.mode in (constants.REPLACE_DISK_AUTO,
                                   errors.ECODE_INVAL)
  
      if self.disks and self.mode in (constants.REPLACE_DISK_AUTO,
@@ -8253,6 +11260,10 @@ class TLReplaceDisks(Tasklet):
                                   errors.ECODE_INVAL)
  
      if self.mode == constants.REPLACE_DISK_AUTO:
                                   errors.ECODE_INVAL)
  
      if self.mode == constants.REPLACE_DISK_AUTO:
+      if not self._CheckDisksActivated(instance):
+        raise errors.OpPrereqError("Please run activate-disks on instance %s"
+                                   " first" % self.instance_name,
+                                   errors.ECODE_STATE)
        faulty_primary = self._FindFaultyDisks(instance.primary_node)
        faulty_secondary = self._FindFaultyDisks(secondary_node)
  
        faulty_primary = self._FindFaultyDisks(instance.primary_node)
        faulty_secondary = self._FindFaultyDisks(secondary_node)
  
@@ -8313,27 +11324,40 @@ class TLReplaceDisks(Tasklet):
        if not self.disks:
          self.disks = range(len(self.instance.disks))
  
        if not self.disks:
          self.disks = range(len(self.instance.disks))
  
+    # TODO: This is ugly, but right now we can't distinguish between internal
+    # submitted opcode and external one. We should fix that.
+    if self.remote_node_info:
+      # We change the node, lets verify it still meets instance policy
+      new_group_info = self.cfg.GetNodeGroup(self.remote_node_info.group)
+      cluster = self.cfg.GetClusterInfo()
+      ipolicy = ganeti.masterd.instance.CalculateGroupIPolicy(cluster,
+                                                              new_group_info)
+      _CheckTargetNodeIPolicy(self, ipolicy, instance, self.remote_node_info,
+                              ignore=self.ignore_ipolicy)
+
      for node in check_nodes:
        _CheckNodeOnline(self.lu, node)
  
      for node in check_nodes:
        _CheckNodeOnline(self.lu, node)
  
-    touched_nodes = frozenset([self.new_node, self.other_node,
-                               self.target_node])
+    touched_nodes = frozenset(node_name for node_name in [self.new_node,
+                                                          self.other_node,
+                                                          self.target_node]
+                              if node_name is not None)
  
  
-    if self.lu.needed_locks[locking.LEVEL_NODE] == locking.ALL_SET:
-      # Release unneeded node locks
-      for name in self.lu.acquired_locks[locking.LEVEL_NODE]:
-        if name not in touched_nodes:
-          self._ReleaseNodeLock(name)
+    # Release unneeded node and node resource locks
+    _ReleaseLocks(self.lu, locking.LEVEL_NODE, keep=touched_nodes)
+    _ReleaseLocks(self.lu, locking.LEVEL_NODE_RES, keep=touched_nodes)
+    _ReleaseLocks(self.lu, locking.LEVEL_NODE_ALLOC)
+
+    # Release any owned node group
+    _ReleaseLocks(self.lu, locking.LEVEL_NODEGROUP)
  
      # Check whether disks are valid
      for disk_idx in self.disks:
        instance.FindDisk(disk_idx)
  
      # Get secondary node IP addresses
  
      # Check whether disks are valid
      for disk_idx in self.disks:
        instance.FindDisk(disk_idx)
  
      # Get secondary node IP addresses
-    self.node_secondary_ip = \
-      dict((node_name, self.cfg.GetNodeInfo(node_name).secondary_ip)
-           for node_name in touched_nodes
-           if node_name is not None)
+    self.node_secondary_ip = dict((name, node.secondary_ip) for (name, node)
+                                  in self.cfg.GetMultiNodeInfo(touched_nodes))
  
    def Exec(self, feedback_fn):
      """Execute disk replacement.
  
    def Exec(self, feedback_fn):
      """Execute disk replacement.
@@ -8341,24 +11365,35 @@ class TLReplaceDisks(Tasklet):
      This dispatches the disk replacement to the appropriate handler.
  
      """
      This dispatches the disk replacement to the appropriate handler.
  
      """
-    if self.delay_iallocator:
-      self._CheckPrereq2()
-
-    if (self.lu.needed_locks[locking.LEVEL_NODE] == locking.ALL_SET and
-        __debug__):
+    if __debug__:
        # Verify owned locks before starting operation
        # Verify owned locks before starting operation
-      owned_locks = self.lu.context.glm.list_owned(locking.LEVEL_NODE)
-      assert set(owned_locks) == set(self.node_secondary_ip), \
-          "Not owning the correct locks: %s" % (owned_locks, )
+      owned_nodes = self.lu.owned_locks(locking.LEVEL_NODE)
+      assert set(owned_nodes) == set(self.node_secondary_ip), \
+          ("Incorrect node locks, owning %s, expected %s" %
+           (owned_nodes, self.node_secondary_ip.keys()))
+      assert (self.lu.owned_locks(locking.LEVEL_NODE) ==
+              self.lu.owned_locks(locking.LEVEL_NODE_RES))
+      assert not self.lu.glm.is_owned(locking.LEVEL_NODE_ALLOC)
+
+      owned_instances = self.lu.owned_locks(locking.LEVEL_INSTANCE)
+      assert list(owned_instances) == [self.instance_name], \
+          "Instance '%s' not locked" % self.instance_name
+
+      assert not self.lu.glm.is_owned(locking.LEVEL_NODEGROUP), \
+          "Should not own any node group lock at this point"
  
      if not self.disks:
  
      if not self.disks:
-      feedback_fn("No disks need replacement")
+      feedback_fn("No disks need replacement for instance '%s'" %
+                  self.instance.name)
        return
  
        return
  
-    feedback_fn("Replacing disk(s) %s for %s" %
+    feedback_fn("Replacing disk(s) %s for instance '%s'" %
                  (utils.CommaJoin(self.disks), self.instance.name))
                  (utils.CommaJoin(self.disks), self.instance.name))
+    feedback_fn("Current primary node: %s", self.instance.primary_node)
+    feedback_fn("Current seconary node: %s",
+                utils.CommaJoin(self.instance.secondary_nodes))
  
  
-    activate_disks = (not self.instance.admin_up)
+    activate_disks = (self.instance.admin_state != constants.ADMINST_UP)
  
      # Activate the instance disks if we're replacing them on a down instance
      if activate_disks:
  
      # Activate the instance disks if we're replacing them on a down instance
      if activate_disks:
@@ -8378,14 +11413,16 @@ class TLReplaceDisks(Tasklet):
        if activate_disks:
          _SafeShutdownInstanceDisks(self.lu, self.instance)
  
        if activate_disks:
          _SafeShutdownInstanceDisks(self.lu, self.instance)
  
+    assert not self.lu.owned_locks(locking.LEVEL_NODE)
+
      if __debug__:
        # Verify owned locks
      if __debug__:
        # Verify owned locks
-      owned_locks = self.lu.context.glm.list_owned(locking.LEVEL_NODE)
-      assert ((self.early_release and not owned_locks) or
-              (not self.early_release and
-               set(owned_locks) == set(self.node_secondary_ip))), \
-        ("Not owning the correct locks, early_release=%s, owned=%r" %
-         (self.early_release, owned_locks))
+      owned_nodes = self.lu.owned_locks(locking.LEVEL_NODE_RES)
+      nodes = frozenset(self.node_secondary_ip)
+      assert ((self.early_release and not owned_nodes) or
+              (not self.early_release and not (set(owned_nodes) - nodes))), \
+        ("Not owning the correct locks, early_release=%s, owned=%r,"
+         " nodes=%r" % (self.early_release, owned_nodes, nodes))
  
      return result
  
  
      return result
  
@@ -8413,10 +11450,10 @@ class TLReplaceDisks(Tasklet):
          continue
  
        for node in nodes:
          continue
  
        for node in nodes:
-        self.lu.LogInfo("Checking disk/%d on %s" % (idx, node))
+        self.lu.LogInfo("Checking disk/%d on %s", idx, node)
          self.cfg.SetDiskID(dev, node)
  
          self.cfg.SetDiskID(dev, node)
  
-        result = self.rpc.call_blockdev_find(node, dev)
+        result = _BlockdevFind(self, node, dev, self.instance)
  
          msg = result.fail_msg
          if msg or not result.payload:
  
          msg = result.fail_msg
          if msg or not result.payload:
@@ -8433,8 +11470,8 @@ class TLReplaceDisks(Tasklet):
        self.lu.LogInfo("Checking disk/%d consistency on node %s" %
                        (idx, node_name))
  
        self.lu.LogInfo("Checking disk/%d consistency on node %s" %
                        (idx, node_name))
  
-      if not _CheckDiskConsistency(self.lu, dev, node_name, on_primary,
-                                   ldisk=ldisk):
+      if not _CheckDiskConsistency(self.lu, self.instance, dev, node_name,
+                                   on_primary, ldisk=ldisk):
          raise errors.OpExecError("Node %s has degraded storage, unsafe to"
                                   " replace disks for instance %s" %
                                   (node_name, self.instance.name))
          raise errors.OpExecError("Node %s has degraded storage, unsafe to"
                                   " replace disks for instance %s" %
                                   (node_name, self.instance.name))
@@ -8448,23 +11485,28 @@ class TLReplaceDisks(Tasklet):
      """
      iv_names = {}
  
      """
      iv_names = {}
  
-    for idx, dev in enumerate(self.instance.disks):
+    disks = _AnnotateDiskParams(self.instance, self.instance.disks, self.cfg)
+    for idx, dev in enumerate(disks):
        if idx not in self.disks:
          continue
  
        if idx not in self.disks:
          continue
  
-      self.lu.LogInfo("Adding storage on %s for disk/%d" % (node_name, idx))
+      self.lu.LogInfo("Adding storage on %s for disk/%d", node_name, idx)
  
        self.cfg.SetDiskID(dev, node_name)
  
        lv_names = [".disk%d_%s" % (idx, suffix) for suffix in ["data", "meta"]]
        names = _GenerateUniqueNames(self.lu, lv_names)
  
  
        self.cfg.SetDiskID(dev, node_name)
  
        lv_names = [".disk%d_%s" % (idx, suffix) for suffix in ["data", "meta"]]
        names = _GenerateUniqueNames(self.lu, lv_names)
  
-      vg_data = dev.children[0].logical_id[0]
+      (data_disk, meta_disk) = dev.children
+      vg_data = data_disk.logical_id[0]
        lv_data = objects.Disk(dev_type=constants.LD_LV, size=dev.size,
        lv_data = objects.Disk(dev_type=constants.LD_LV, size=dev.size,
-                             logical_id=(vg_data, names[0]))
-      vg_meta = dev.children[1].logical_id[0]
-      lv_meta = objects.Disk(dev_type=constants.LD_LV, size=128,
-                             logical_id=(vg_meta, names[1]))
+                             logical_id=(vg_data, names[0]),
+                             params=data_disk.params)
+      vg_meta = meta_disk.logical_id[0]
+      lv_meta = objects.Disk(dev_type=constants.LD_LV,
+                             size=constants.DRBD_META_SIZE,
+                             logical_id=(vg_meta, names[1]),
+                             params=meta_disk.params)
  
        new_lvs = [lv_data, lv_meta]
        old_lvs = [child.Copy() for child in dev.children]
  
        new_lvs = [lv_data, lv_meta]
        old_lvs = [child.Copy() for child in dev.children]
@@ -8472,8 +11514,8 @@ class TLReplaceDisks(Tasklet):
  
        # we pass force_create=True to force the LVM creation
        for new_lv in new_lvs:
  
        # we pass force_create=True to force the LVM creation
        for new_lv in new_lvs:
-        _CreateBlockDev(self.lu, node_name, self.instance, new_lv, True,
-                        _GetInstanceInfoText(self.instance), False)
+        _CreateBlockDevInner(self.lu, node_name, self.instance, new_lv, True,
+                             _GetInstanceInfoText(self.instance), False)
  
      return iv_names
  
  
      return iv_names
  
@@ -8481,7 +11523,7 @@ class TLReplaceDisks(Tasklet):
      for name, (dev, _, _) in iv_names.iteritems():
        self.cfg.SetDiskID(dev, node_name)
  
      for name, (dev, _, _) in iv_names.iteritems():
        self.cfg.SetDiskID(dev, node_name)
  
-      result = self.rpc.call_blockdev_find(node_name, dev)
+      result = _BlockdevFind(self, node_name, dev, self.instance)
  
        msg = result.fail_msg
        if msg or not result.payload:
  
        msg = result.fail_msg
        if msg or not result.payload:
@@ -8495,21 +11537,17 @@ class TLReplaceDisks(Tasklet):
  
    def _RemoveOldStorage(self, node_name, iv_names):
      for name, (_, old_lvs, _) in iv_names.iteritems():
  
    def _RemoveOldStorage(self, node_name, iv_names):
      for name, (_, old_lvs, _) in iv_names.iteritems():
-      self.lu.LogInfo("Remove logical volumes for %s" % name)
+      self.lu.LogInfo("Remove logical volumes for %s", name)
  
        for lv in old_lvs:
          self.cfg.SetDiskID(lv, node_name)
  
          msg = self.rpc.call_blockdev_remove(node_name, lv).fail_msg
          if msg:
  
        for lv in old_lvs:
          self.cfg.SetDiskID(lv, node_name)
  
          msg = self.rpc.call_blockdev_remove(node_name, lv).fail_msg
          if msg:
-          self.lu.LogWarning("Can't remove old LV: %s" % msg,
+          self.lu.LogWarning("Can't remove old LV: %s", msg,
                               hint="remove unused LVs manually")
  
                               hint="remove unused LVs manually")
  
-  def _ReleaseNodeLock(self, node_name):
-    """Releases the lock for a given node."""
-    self.lu.context.glm.release(locking.LEVEL_NODE, node_name)
-
-  def _ExecDrbd8DiskOnly(self, feedback_fn): # pylint: disable-msg=W0613
+  def _ExecDrbd8DiskOnly(self, feedback_fn): # pylint: disable=W0613
      """Replace a disk on the primary or secondary for DRBD 8.
  
      The algorithm for replace is quite complicated:
      """Replace a disk on the primary or secondary for DRBD 8.
  
      The algorithm for replace is quite complicated:
@@ -8551,7 +11589,7 @@ class TLReplaceDisks(Tasklet):
      # Step: for each lv, detach+rename*2+attach
      self.lu.LogStep(4, steps_total, "Changing drbd configuration")
      for dev, old_lvs, new_lvs in iv_names.itervalues():
      # Step: for each lv, detach+rename*2+attach
      self.lu.LogStep(4, steps_total, "Changing drbd configuration")
      for dev, old_lvs, new_lvs in iv_names.itervalues():
-      self.lu.LogInfo("Detaching %s drbd from local storage" % dev.iv_name)
+      self.lu.LogInfo("Detaching %s drbd from local storage", dev.iv_name)
  
        result = self.rpc.call_blockdev_removechildren(self.target_node, dev,
                                                       old_lvs)
  
        result = self.rpc.call_blockdev_removechildren(self.target_node, dev,
                                                       old_lvs)
@@ -8605,9 +11643,9 @@ class TLReplaceDisks(Tasklet):
          self.cfg.SetDiskID(disk, self.target_node)
  
        # Now that the new lvs have the old name, we can add them to the device
          self.cfg.SetDiskID(disk, self.target_node)
  
        # Now that the new lvs have the old name, we can add them to the device
-      self.lu.LogInfo("Adding new mirror component on %s" % self.target_node)
-      result = self.rpc.call_blockdev_addchildren(self.target_node, dev,
-                                                  new_lvs)
+      self.lu.LogInfo("Adding new mirror component on %s", self.target_node)
+      result = self.rpc.call_blockdev_addchildren(self.target_node,
+                                                  (dev, self.instance), new_lvs)
        msg = result.fail_msg
        if msg:
          for new_lv in new_lvs:
        msg = result.fail_msg
        if msg:
          for new_lv in new_lvs:
@@ -8619,20 +11657,28 @@ class TLReplaceDisks(Tasklet):
                                       "volumes"))
          raise errors.OpExecError("Can't add local storage to drbd: %s" % msg)
  
                                       "volumes"))
          raise errors.OpExecError("Can't add local storage to drbd: %s" % msg)
  
-    cstep = 5
+    cstep = itertools.count(5)
+
      if self.early_release:
      if self.early_release:
-      self.lu.LogStep(cstep, steps_total, "Removing old storage")
-      cstep += 1
+      self.lu.LogStep(cstep.next(), steps_total, "Removing old storage")
        self._RemoveOldStorage(self.target_node, iv_names)
        self._RemoveOldStorage(self.target_node, iv_names)
-      # WARNING: we release both node locks here, do not do other RPCs
-      # than WaitForSync to the primary node
-      self._ReleaseNodeLock([self.target_node, self.other_node])
+      # TODO: Check if releasing locks early still makes sense
+      _ReleaseLocks(self.lu, locking.LEVEL_NODE_RES)
+    else:
+      # Release all resource locks except those used by the instance
+      _ReleaseLocks(self.lu, locking.LEVEL_NODE_RES,
+                    keep=self.node_secondary_ip.keys())
+
+    # Release all node locks while waiting for sync
+    _ReleaseLocks(self.lu, locking.LEVEL_NODE)
+
+    # TODO: Can the instance lock be downgraded here? Take the optional disk
+    # shutdown in the caller into consideration.
  
      # Wait for sync
      # This can fail as the old devices are degraded and _WaitForSync
      # does a combined result over all disks, so we don't check its return value
  
      # Wait for sync
      # This can fail as the old devices are degraded and _WaitForSync
      # does a combined result over all disks, so we don't check its return value
-    self.lu.LogStep(cstep, steps_total, "Sync devices")
-    cstep += 1
+    self.lu.LogStep(cstep.next(), steps_total, "Sync devices")
      _WaitForSync(self.lu, self.instance)
  
      # Check all devices manually
      _WaitForSync(self.lu, self.instance)
  
      # Check all devices manually
@@ -8640,8 +11686,7 @@ class TLReplaceDisks(Tasklet):
  
      # Step: remove old storage
      if not self.early_release:
  
      # Step: remove old storage
      if not self.early_release:
-      self.lu.LogStep(cstep, steps_total, "Removing old storage")
-      cstep += 1
+      self.lu.LogStep(cstep.next(), steps_total, "Removing old storage")
        self._RemoveOldStorage(self.target_node, iv_names)
  
    def _ExecDrbd8Secondary(self, feedback_fn):
        self._RemoveOldStorage(self.target_node, iv_names)
  
    def _ExecDrbd8Secondary(self, feedback_fn):
@@ -8665,6 +11710,8 @@ class TLReplaceDisks(Tasklet):
      """
      steps_total = 6
  
      """
      steps_total = 6
  
+    pnode = self.instance.primary_node
+
      # Step: check device activation
      self.lu.LogStep(1, steps_total, "Check device existence")
      self._CheckDisksExistence([self.instance.primary_node])
      # Step: check device activation
      self.lu.LogStep(1, steps_total, "Check device existence")
      self._CheckDisksExistence([self.instance.primary_node])
@@ -8676,13 +11723,14 @@ class TLReplaceDisks(Tasklet):
  
      # Step: create new storage
      self.lu.LogStep(3, steps_total, "Allocate new storage")
  
      # Step: create new storage
      self.lu.LogStep(3, steps_total, "Allocate new storage")
-    for idx, dev in enumerate(self.instance.disks):
+    disks = _AnnotateDiskParams(self.instance, self.instance.disks, self.cfg)
+    for idx, dev in enumerate(disks):
        self.lu.LogInfo("Adding new local storage on %s for disk/%d" %
                        (self.new_node, idx))
        # we pass force_create=True to force LVM creation
        for new_lv in dev.children:
        self.lu.LogInfo("Adding new local storage on %s for disk/%d" %
                        (self.new_node, idx))
        # we pass force_create=True to force LVM creation
        for new_lv in dev.children:
-        _CreateBlockDev(self.lu, self.new_node, self.instance, new_lv, True,
-                        _GetInstanceInfoText(self.instance), False)
+        _CreateBlockDevInner(self.lu, self.new_node, self.instance, new_lv,
+                             True, _GetInstanceInfoText(self.instance), False)
  
      # Step 4: dbrd minors and drbd setups changes
      # after this, we must manually remove the drbd minors on both the
  
      # Step 4: dbrd minors and drbd setups changes
      # after this, we must manually remove the drbd minors on both the
@@ -8719,9 +11767,13 @@ class TLReplaceDisks(Tasklet):
        new_drbd = objects.Disk(dev_type=constants.LD_DRBD8,
                                logical_id=new_alone_id,
                                children=dev.children,
        new_drbd = objects.Disk(dev_type=constants.LD_DRBD8,
                                logical_id=new_alone_id,
                                children=dev.children,
-                              size=dev.size)
+                              size=dev.size,
+                              params={})
+      (anno_new_drbd,) = _AnnotateDiskParams(self.instance, [new_drbd],
+                                             self.cfg)
        try:
        try:
-        _CreateSingleBlockDev(self.lu, self.new_node, self.instance, new_drbd,
+        _CreateSingleBlockDev(self.lu, self.new_node, self.instance,
+                              anno_new_drbd,
                                _GetInstanceInfoText(self.instance), False)
        except errors.GenericError:
          self.cfg.ReleaseDRBDMinors(self.instance.name)
                                _GetInstanceInfoText(self.instance), False)
        except errors.GenericError:
          self.cfg.ReleaseDRBDMinors(self.instance.name)
@@ -8729,9 +11781,10 @@ class TLReplaceDisks(Tasklet):
  
      # We have new devices, shutdown the drbd on the old secondary
      for idx, dev in enumerate(self.instance.disks):
  
      # We have new devices, shutdown the drbd on the old secondary
      for idx, dev in enumerate(self.instance.disks):
-      self.lu.LogInfo("Shutting down drbd for disk/%d on old node" % idx)
+      self.lu.LogInfo("Shutting down drbd for disk/%d on old node", idx)
        self.cfg.SetDiskID(dev, self.target_node)
        self.cfg.SetDiskID(dev, self.target_node)
-      msg = self.rpc.call_blockdev_shutdown(self.target_node, dev).fail_msg
+      msg = self.rpc.call_blockdev_shutdown(self.target_node,
+                                            (dev, self.instance)).fail_msg
        if msg:
          self.lu.LogWarning("Failed to shutdown drbd for disk/%d on old"
                             "node: %s" % (idx, msg),
        if msg:
          self.lu.LogWarning("Failed to shutdown drbd for disk/%d on old"
                             "node: %s" % (idx, msg),
@@ -8739,10 +11792,8 @@ class TLReplaceDisks(Tasklet):
                                   " soon as possible"))
  
      self.lu.LogInfo("Detaching primary drbds from the network (=> standalone)")
                                   " soon as possible"))
  
      self.lu.LogInfo("Detaching primary drbds from the network (=> standalone)")
-    result = self.rpc.call_drbd_disconnect_net([self.instance.primary_node],
-                                               self.node_secondary_ip,
-                                               self.instance.disks)\
-                                              [self.instance.primary_node]
+    result = self.rpc.call_drbd_disconnect_net([pnode], self.node_secondary_ip,
+                                               self.instance.disks)[pnode]
  
      msg = result.fail_msg
      if msg:
  
      msg = result.fail_msg
      if msg:
@@ -8760,13 +11811,16 @@ class TLReplaceDisks(Tasklet):
  
      self.cfg.Update(self.instance, feedback_fn)
  
  
      self.cfg.Update(self.instance, feedback_fn)
  
+    # Release all node locks (the configuration has been updated)
+    _ReleaseLocks(self.lu, locking.LEVEL_NODE)
+
      # and now perform the drbd attach
      self.lu.LogInfo("Attaching primary drbds to new secondary"
                      " (standalone => connected)")
      result = self.rpc.call_drbd_attach_net([self.instance.primary_node,
                                              self.new_node],
                                             self.node_secondary_ip,
      # and now perform the drbd attach
      self.lu.LogInfo("Attaching primary drbds to new secondary"
                      " (standalone => connected)")
      result = self.rpc.call_drbd_attach_net([self.instance.primary_node,
                                              self.new_node],
                                             self.node_secondary_ip,
-                                           self.instance.disks,
+                                           (self.instance.disks, self.instance),
                                             self.instance.name,
                                             False)
      for to_node, to_result in result.items():
                                             self.instance.name,
                                             False)
      for to_node, to_result in result.items():
@@ -8776,22 +11830,26 @@ class TLReplaceDisks(Tasklet):
                             to_node, msg,
                             hint=("please do a gnt-instance info to see the"
                                   " status of disks"))
                             to_node, msg,
                             hint=("please do a gnt-instance info to see the"
                                   " status of disks"))
-    cstep = 5
+
+    cstep = itertools.count(5)
+
      if self.early_release:
      if self.early_release:
-      self.lu.LogStep(cstep, steps_total, "Removing old storage")
-      cstep += 1
+      self.lu.LogStep(cstep.next(), steps_total, "Removing old storage")
        self._RemoveOldStorage(self.target_node, iv_names)
        self._RemoveOldStorage(self.target_node, iv_names)
-      # WARNING: we release all node locks here, do not do other RPCs
-      # than WaitForSync to the primary node
-      self._ReleaseNodeLock([self.instance.primary_node,
-                             self.target_node,
-                             self.new_node])
+      # TODO: Check if releasing locks early still makes sense
+      _ReleaseLocks(self.lu, locking.LEVEL_NODE_RES)
+    else:
+      # Release all resource locks except those used by the instance
+      _ReleaseLocks(self.lu, locking.LEVEL_NODE_RES,
+                    keep=self.node_secondary_ip.keys())
+
+    # TODO: Can the instance lock be downgraded here? Take the optional disk
+    # shutdown in the caller into consideration.
  
      # Wait for sync
      # This can fail as the old devices are degraded and _WaitForSync
      # does a combined result over all disks, so we don't check its return value
  
      # Wait for sync
      # This can fail as the old devices are degraded and _WaitForSync
      # does a combined result over all disks, so we don't check its return value
-    self.lu.LogStep(cstep, steps_total, "Sync devices")
-    cstep += 1
+    self.lu.LogStep(cstep.next(), steps_total, "Sync devices")
      _WaitForSync(self.lu, self.instance)
  
      # Check all devices manually
      _WaitForSync(self.lu, self.instance)
  
      # Check all devices manually
@@ -8799,7 +11857,7 @@ class TLReplaceDisks(Tasklet):
  
      # Step: remove old storage
      if not self.early_release:
  
      # Step: remove old storage
      if not self.early_release:
-      self.lu.LogStep(cstep, steps_total, "Removing old storage")
+      self.lu.LogStep(cstep.next(), steps_total, "Removing old storage")
        self._RemoveOldStorage(self.target_node, iv_names)
  
  
        self._RemoveOldStorage(self.target_node, iv_names)
  
  
@@ -8835,7 +11893,7 @@ class LURepairNodeStorage(NoHooksLU):
                                     errors.ECODE_STATE)
      except errors.OpPrereqError, err:
        if self.op.ignore_consistency:
                                     errors.ECODE_STATE)
      except errors.OpPrereqError, err:
        if self.op.ignore_consistency:
-        self.proc.LogWarning(str(err.args[0]))
+        self.LogWarning(str(err.args[0]))
        else:
          raise
  
        else:
          raise
  
@@ -8845,7 +11903,7 @@ class LURepairNodeStorage(NoHooksLU):
      """
      # Check whether any instance on this node has faulty disks
      for inst in _GetNodeInstances(self.cfg, self.op.node_name):
      """
      # Check whether any instance on this node has faulty disks
      for inst in _GetNodeInstances(self.cfg, self.op.node_name):
-      if not inst.admin_up:
+      if inst.admin_state != constants.ADMINST_UP:
          continue
        check_nodes = set(inst.all_nodes)
        check_nodes.discard(self.op.node_name)
          continue
        check_nodes = set(inst.all_nodes)
        check_nodes.discard(self.op.node_name)
@@ -8865,57 +11923,283 @@ class LURepairNodeStorage(NoHooksLU):
                   (self.op.name, self.op.node_name))
  
  
                   (self.op.name, self.op.node_name))
  
  
-class LUNodeEvacStrategy(NoHooksLU):
-  """Computes the node evacuation strategy.
+class LUNodeEvacuate(NoHooksLU):
+  """Evacuates instances off a list of nodes.
  
    """
    REQ_BGL = False
  
  
    """
    REQ_BGL = False
  
+  _MODE2IALLOCATOR = {
+    constants.NODE_EVAC_PRI: constants.IALLOCATOR_NEVAC_PRI,
+    constants.NODE_EVAC_SEC: constants.IALLOCATOR_NEVAC_SEC,
+    constants.NODE_EVAC_ALL: constants.IALLOCATOR_NEVAC_ALL,
+    }
+  assert frozenset(_MODE2IALLOCATOR.keys()) == constants.NODE_EVAC_MODES
+  assert (frozenset(_MODE2IALLOCATOR.values()) ==
+          constants.IALLOCATOR_NEVAC_MODES)
+
    def CheckArguments(self):
      _CheckIAllocatorOrNode(self, "iallocator", "remote_node")
  
    def ExpandNames(self):
    def CheckArguments(self):
      _CheckIAllocatorOrNode(self, "iallocator", "remote_node")
  
    def ExpandNames(self):
-    self.op.nodes = _GetWantedNodes(self, self.op.nodes)
-    self.needed_locks = locks = {}
-    if self.op.remote_node is None:
-      locks[locking.LEVEL_NODE] = locking.ALL_SET
-    else:
+    self.op.node_name = _ExpandNodeName(self.cfg, self.op.node_name)
+
+    if self.op.remote_node is not None:
        self.op.remote_node = _ExpandNodeName(self.cfg, self.op.remote_node)
        self.op.remote_node = _ExpandNodeName(self.cfg, self.op.remote_node)
-      locks[locking.LEVEL_NODE] = self.op.nodes + [self.op.remote_node]
+      assert self.op.remote_node
  
  
-  def Exec(self, feedback_fn):
-    instances = []
-    for node in self.op.nodes:
-      instances.extend(_GetNodeSecondaryInstances(self.cfg, node))
-    if not instances:
-      return []
+      if self.op.remote_node == self.op.node_name:
+        raise errors.OpPrereqError("Can not use evacuated node as a new"
+                                   " secondary node", errors.ECODE_INVAL)
  
  
-    if self.op.remote_node is not None:
-      result = []
-      for i in instances:
-        if i.primary_node == self.op.remote_node:
-          raise errors.OpPrereqError("Node %s is the primary node of"
-                                     " instance %s, cannot use it as"
-                                     " secondary" %
-                                     (self.op.remote_node, i.name),
-                                     errors.ECODE_INVAL)
-        result.append([i.name, self.op.remote_node])
-    else:
-      ial = IAllocator(self.cfg, self.rpc,
-                       mode=constants.IALLOCATOR_MODE_MEVAC,
-                       evac_nodes=self.op.nodes)
-      ial.Run(self.op.iallocator, validate=True)
-      if not ial.success:
-        raise errors.OpExecError("No valid evacuation solution: %s" % ial.info,
-                                 errors.ECODE_NORES)
-      result = ial.result
-    return result
+      if self.op.mode != constants.NODE_EVAC_SEC:
+        raise errors.OpPrereqError("Without the use of an iallocator only"
+                                   " secondary instances can be evacuated",
+                                   errors.ECODE_INVAL)
  
  
+    # Declare locks
+    self.share_locks = _ShareAll()
+    self.needed_locks = {
+      locking.LEVEL_INSTANCE: [],
+      locking.LEVEL_NODEGROUP: [],
+      locking.LEVEL_NODE: [],
+      }
  
  
-class LUInstanceGrowDisk(LogicalUnit):
-  """Grow a disk of an instance.
+    # Determine nodes (via group) optimistically, needs verification once locks
+    # have been acquired
+    self.lock_nodes = self._DetermineNodes()
  
  
-  """
+  def _DetermineNodes(self):
+    """Gets the list of nodes to operate on.
+
+    """
+    if self.op.remote_node is None:
+      # Iallocator will choose any node(s) in the same group
+      group_nodes = self.cfg.GetNodeGroupMembersByNodes([self.op.node_name])
+    else:
+      group_nodes = frozenset([self.op.remote_node])
+
+    # Determine nodes to be locked
+    return set([self.op.node_name]) | group_nodes
+
+  def _DetermineInstances(self):
+    """Builds list of instances to operate on.
+
+    """
+    assert self.op.mode in constants.NODE_EVAC_MODES
+
+    if self.op.mode == constants.NODE_EVAC_PRI:
+      # Primary instances only
+      inst_fn = _GetNodePrimaryInstances
+      assert self.op.remote_node is None, \
+        "Evacuating primary instances requires iallocator"
+    elif self.op.mode == constants.NODE_EVAC_SEC:
+      # Secondary instances only
+      inst_fn = _GetNodeSecondaryInstances
+    else:
+      # All instances
+      assert self.op.mode == constants.NODE_EVAC_ALL
+      inst_fn = _GetNodeInstances
+      # TODO: In 2.6, change the iallocator interface to take an evacuation mode
+      # per instance
+      raise errors.OpPrereqError("Due to an issue with the iallocator"
+                                 " interface it is not possible to evacuate"
+                                 " all instances at once; specify explicitly"
+                                 " whether to evacuate primary or secondary"
+                                 " instances",
+                                 errors.ECODE_INVAL)
+
+    return inst_fn(self.cfg, self.op.node_name)
+
+  def DeclareLocks(self, level):
+    if level == locking.LEVEL_INSTANCE:
+      # Lock instances optimistically, needs verification once node and group
+      # locks have been acquired
+      self.needed_locks[locking.LEVEL_INSTANCE] = \
+        set(i.name for i in self._DetermineInstances())
+
+    elif level == locking.LEVEL_NODEGROUP:
+      # Lock node groups for all potential target nodes optimistically, needs
+      # verification once nodes have been acquired
+      self.needed_locks[locking.LEVEL_NODEGROUP] = \
+        self.cfg.GetNodeGroupsFromNodes(self.lock_nodes)
+
+    elif level == locking.LEVEL_NODE:
+      self.needed_locks[locking.LEVEL_NODE] = self.lock_nodes
+
+  def CheckPrereq(self):
+    # Verify locks
+    owned_instances = self.owned_locks(locking.LEVEL_INSTANCE)
+    owned_nodes = self.owned_locks(locking.LEVEL_NODE)
+    owned_groups = self.owned_locks(locking.LEVEL_NODEGROUP)
+
+    need_nodes = self._DetermineNodes()
+
+    if not owned_nodes.issuperset(need_nodes):
+      raise errors.OpPrereqError("Nodes in same group as '%s' changed since"
+                                 " locks were acquired, current nodes are"
+                                 " are '%s', used to be '%s'; retry the"
+                                 " operation" %
+                                 (self.op.node_name,
+                                  utils.CommaJoin(need_nodes),
+                                  utils.CommaJoin(owned_nodes)),
+                                 errors.ECODE_STATE)
+
+    wanted_groups = self.cfg.GetNodeGroupsFromNodes(owned_nodes)
+    if owned_groups != wanted_groups:
+      raise errors.OpExecError("Node groups changed since locks were acquired,"
+                               " current groups are '%s', used to be '%s';"
+                               " retry the operation" %
+                               (utils.CommaJoin(wanted_groups),
+                                utils.CommaJoin(owned_groups)))
+
+    # Determine affected instances
+    self.instances = self._DetermineInstances()
+    self.instance_names = [i.name for i in self.instances]
+
+    if set(self.instance_names) != owned_instances:
+      raise errors.OpExecError("Instances on node '%s' changed since locks"
+                               " were acquired, current instances are '%s',"
+                               " used to be '%s'; retry the operation" %
+                               (self.op.node_name,
+                                utils.CommaJoin(self.instance_names),
+                                utils.CommaJoin(owned_instances)))
+
+    if self.instance_names:
+      self.LogInfo("Evacuating instances from node '%s': %s",
+                   self.op.node_name,
+                   utils.CommaJoin(utils.NiceSort(self.instance_names)))
+    else:
+      self.LogInfo("No instances to evacuate from node '%s'",
+                   self.op.node_name)
+
+    if self.op.remote_node is not None:
+      for i in self.instances:
+        if i.primary_node == self.op.remote_node:
+          raise errors.OpPrereqError("Node %s is the primary node of"
+                                     " instance %s, cannot use it as"
+                                     " secondary" %
+                                     (self.op.remote_node, i.name),
+                                     errors.ECODE_INVAL)
+
+  def Exec(self, feedback_fn):
+    assert (self.op.iallocator is not None) ^ (self.op.remote_node is not None)
+
+    if not self.instance_names:
+      # No instances to evacuate
+      jobs = []
+
+    elif self.op.iallocator is not None:
+      # TODO: Implement relocation to other group
+      evac_mode = self._MODE2IALLOCATOR[self.op.mode]
+      req = iallocator.IAReqNodeEvac(evac_mode=evac_mode,
+                                     instances=list(self.instance_names))
+      ial = iallocator.IAllocator(self.cfg, self.rpc, req)
+
+      ial.Run(self.op.iallocator)
+
+      if not ial.success:
+        raise errors.OpPrereqError("Can't compute node evacuation using"
+                                   " iallocator '%s': %s" %
+                                   (self.op.iallocator, ial.info),
+                                   errors.ECODE_NORES)
+
+      jobs = _LoadNodeEvacResult(self, ial.result, self.op.early_release, True)
+
+    elif self.op.remote_node is not None:
+      assert self.op.mode == constants.NODE_EVAC_SEC
+      jobs = [
+        [opcodes.OpInstanceReplaceDisks(instance_name=instance_name,
+                                        remote_node=self.op.remote_node,
+                                        disks=[],
+                                        mode=constants.REPLACE_DISK_CHG,
+                                        early_release=self.op.early_release)]
+        for instance_name in self.instance_names]
+
+    else:
+      raise errors.ProgrammerError("No iallocator or remote node")
+
+    return ResultWithJobs(jobs)
+
+
+def _SetOpEarlyRelease(early_release, op):
+  """Sets C{early_release} flag on opcodes if available.
+
+  """
+  try:
+    op.early_release = early_release
+  except AttributeError:
+    assert not isinstance(op, opcodes.OpInstanceReplaceDisks)
+
+  return op
+
+
+def _NodeEvacDest(use_nodes, group, nodes):
+  """Returns group or nodes depending on caller's choice.
+
+  """
+  if use_nodes:
+    return utils.CommaJoin(nodes)
+  else:
+    return group
+
+
+def _LoadNodeEvacResult(lu, alloc_result, early_release, use_nodes):
+  """Unpacks the result of change-group and node-evacuate iallocator requests.
+
+  Iallocator modes L{constants.IALLOCATOR_MODE_NODE_EVAC} and
+  L{constants.IALLOCATOR_MODE_CHG_GROUP}.
+
+  @type lu: L{LogicalUnit}
+  @param lu: Logical unit instance
+  @type alloc_result: tuple/list
+  @param alloc_result: Result from iallocator
+  @type early_release: bool
+  @param early_release: Whether to release locks early if possible
+  @type use_nodes: bool
+  @param use_nodes: Whether to display node names instead of groups
+
+  """
+  (moved, failed, jobs) = alloc_result
+
+  if failed:
+    failreason = utils.CommaJoin("%s (%s)" % (name, reason)
+                                 for (name, reason) in failed)
+    lu.LogWarning("Unable to evacuate instances %s", failreason)
+    raise errors.OpExecError("Unable to evacuate instances %s" % failreason)
+
+  if moved:
+    lu.LogInfo("Instances to be moved: %s",
+               utils.CommaJoin("%s (to %s)" %
+                               (name, _NodeEvacDest(use_nodes, group, nodes))
+                               for (name, group, nodes) in moved))
+
+  return [map(compat.partial(_SetOpEarlyRelease, early_release),
+              map(opcodes.OpCode.LoadOpCode, ops))
+          for ops in jobs]
+
+
+def _DiskSizeInBytesToMebibytes(lu, size):
+  """Converts a disk size in bytes to mebibytes.
+
+  Warns and rounds up if the size isn't an even multiple of 1 MiB.
+
+  """
+  (mib, remainder) = divmod(size, 1024 * 1024)
+
+  if remainder != 0:
+    lu.LogWarning("Disk size is not an even multiple of 1 MiB; rounding up"
+                  " to not overwrite existing data (%s bytes will not be"
+                  " wiped)", (1024 * 1024) - remainder)
+    mib += 1
+
+  return mib
+
+
+class LUInstanceGrowDisk(LogicalUnit):
+  """Grow a disk of an instance.
+
+  """
    HPATH = "disk-grow"
    HTYPE = constants.HTYPE_INSTANCE
    REQ_BGL = False
    HPATH = "disk-grow"
    HTYPE = constants.HTYPE_INSTANCE
    REQ_BGL = False
@@ -8923,11 +12207,17 @@ class LUInstanceGrowDisk(LogicalUnit):
    def ExpandNames(self):
      self._ExpandAndLockInstance()
      self.needed_locks[locking.LEVEL_NODE] = []
    def ExpandNames(self):
      self._ExpandAndLockInstance()
      self.needed_locks[locking.LEVEL_NODE] = []
+    self.needed_locks[locking.LEVEL_NODE_RES] = []
      self.recalculate_locks[locking.LEVEL_NODE] = constants.LOCKS_REPLACE
      self.recalculate_locks[locking.LEVEL_NODE] = constants.LOCKS_REPLACE
+    self.recalculate_locks[locking.LEVEL_NODE_RES] = constants.LOCKS_REPLACE
  
    def DeclareLocks(self, level):
      if level == locking.LEVEL_NODE:
        self._LockInstancesNodes()
  
    def DeclareLocks(self, level):
      if level == locking.LEVEL_NODE:
        self._LockInstancesNodes()
+    elif level == locking.LEVEL_NODE_RES:
+      # Copy node locks
+      self.needed_locks[locking.LEVEL_NODE_RES] = \
+        _CopyLockList(self.needed_locks[locking.LEVEL_NODE])
  
    def BuildHooksEnv(self):
      """Build hooks env.
  
    def BuildHooksEnv(self):
      """Build hooks env.
@@ -8938,10 +12228,17 @@ class LUInstanceGrowDisk(LogicalUnit):
      env = {
        "DISK": self.op.disk,
        "AMOUNT": self.op.amount,
      env = {
        "DISK": self.op.disk,
        "AMOUNT": self.op.amount,
+      "ABSOLUTE": self.op.absolute,
        }
      env.update(_BuildInstanceHookEnvByObject(self, self.instance))
        }
      env.update(_BuildInstanceHookEnvByObject(self, self.instance))
+    return env
+
+  def BuildHooksNodes(self):
+    """Build hooks nodes.
+
+    """
      nl = [self.cfg.GetMasterNode()] + list(self.instance.all_nodes)
      nl = [self.cfg.GetMasterNode()] + list(self.instance.all_nodes)
-    return env, nl, nl
+    return (nl, nl)
  
    def CheckPrereq(self):
      """Check prerequisites.
  
    def CheckPrereq(self):
      """Check prerequisites.
@@ -8960,15 +12257,34 @@ class LUInstanceGrowDisk(LogicalUnit):
  
      if instance.disk_template not in constants.DTS_GROWABLE:
        raise errors.OpPrereqError("Instance's disk layout does not support"
  
      if instance.disk_template not in constants.DTS_GROWABLE:
        raise errors.OpPrereqError("Instance's disk layout does not support"
-                                 " growing.", errors.ECODE_INVAL)
+                                 " growing", errors.ECODE_INVAL)
  
      self.disk = instance.FindDisk(self.op.disk)
  
  
      self.disk = instance.FindDisk(self.op.disk)
  
-    if instance.disk_template != constants.DT_FILE:
-      # TODO: check the free disk space for file, when that feature
-      # will be supported
+    if self.op.absolute:
+      self.target = self.op.amount
+      self.delta = self.target - self.disk.size
+      if self.delta < 0:
+        raise errors.OpPrereqError("Requested size (%s) is smaller than "
+                                   "current disk size (%s)" %
+                                   (utils.FormatUnit(self.target, "h"),
+                                    utils.FormatUnit(self.disk.size, "h")),
+                                   errors.ECODE_STATE)
+    else:
+      self.delta = self.op.amount
+      self.target = self.disk.size + self.delta
+      if self.delta < 0:
+        raise errors.OpPrereqError("Requested increment (%s) is negative" %
+                                   utils.FormatUnit(self.delta, "h"),
+                                   errors.ECODE_INVAL)
+
+    if instance.disk_template not in (constants.DT_FILE,
+                                      constants.DT_SHARED_FILE,
+                                      constants.DT_RBD):
+      # TODO: check the free disk space for file, when that feature will be
+      # supported
        _CheckNodesFreeDiskPerVG(self, nodenames,
        _CheckNodesFreeDiskPerVG(self, nodenames,
-                               self.disk.ComputeGrowth(self.op.amount))
+                               self.disk.ComputeGrowth(self.delta))
  
    def Exec(self, feedback_fn):
      """Execute disk grow.
  
    def Exec(self, feedback_fn):
      """Execute disk grow.
@@ -8977,35 +12293,95 @@ class LUInstanceGrowDisk(LogicalUnit):
      instance = self.instance
      disk = self.disk
  
      instance = self.instance
      disk = self.disk
  
+    assert set([instance.name]) == self.owned_locks(locking.LEVEL_INSTANCE)
+    assert (self.owned_locks(locking.LEVEL_NODE) ==
+            self.owned_locks(locking.LEVEL_NODE_RES))
+
+    wipe_disks = self.cfg.GetClusterInfo().prealloc_wipe_disks
+
      disks_ok, _ = _AssembleInstanceDisks(self, self.instance, disks=[disk])
      if not disks_ok:
        raise errors.OpExecError("Cannot activate block device to grow")
  
      disks_ok, _ = _AssembleInstanceDisks(self, self.instance, disks=[disk])
      if not disks_ok:
        raise errors.OpExecError("Cannot activate block device to grow")
  
+    feedback_fn("Growing disk %s of instance '%s' by %s to %s" %
+                (self.op.disk, instance.name,
+                 utils.FormatUnit(self.delta, "h"),
+                 utils.FormatUnit(self.target, "h")))
+
+    # First run all grow ops in dry-run mode
+    for node in instance.all_nodes:
+      self.cfg.SetDiskID(disk, node)
+      result = self.rpc.call_blockdev_grow(node, (disk, instance), self.delta,
+                                           True, True)
+      result.Raise("Dry-run grow request failed to node %s" % node)
+
+    if wipe_disks:
+      # Get disk size from primary node for wiping
+      result = self.rpc.call_blockdev_getsize(instance.primary_node, [disk])
+      result.Raise("Failed to retrieve disk size from node '%s'" %
+                   instance.primary_node)
+
+      (disk_size_in_bytes, ) = result.payload
+
+      if disk_size_in_bytes is None:
+        raise errors.OpExecError("Failed to retrieve disk size from primary"
+                                 " node '%s'" % instance.primary_node)
+
+      old_disk_size = _DiskSizeInBytesToMebibytes(self, disk_size_in_bytes)
+
+      assert old_disk_size >= disk.size, \
+        ("Retrieved disk size too small (got %s, should be at least %s)" %
+         (old_disk_size, disk.size))
+    else:
+      old_disk_size = None
+
+    # We know that (as far as we can test) operations across different
+    # nodes will succeed, time to run it for real on the backing storage
      for node in instance.all_nodes:
        self.cfg.SetDiskID(disk, node)
      for node in instance.all_nodes:
        self.cfg.SetDiskID(disk, node)
-      result = self.rpc.call_blockdev_grow(node, disk, self.op.amount)
+      result = self.rpc.call_blockdev_grow(node, (disk, instance), self.delta,
+                                           False, True)
        result.Raise("Grow request failed to node %s" % node)
  
        result.Raise("Grow request failed to node %s" % node)
  
-      # TODO: Rewrite code to work properly
-      # DRBD goes into sync mode for a short amount of time after executing the
-      # "resize" command. DRBD 8.x below version 8.0.13 contains a bug whereby
-      # calling "resize" in sync mode fails. Sleeping for a short amount of
-      # time is a work-around.
-      time.sleep(5)
+    # And now execute it for logical storage, on the primary node
+    node = instance.primary_node
+    self.cfg.SetDiskID(disk, node)
+    result = self.rpc.call_blockdev_grow(node, (disk, instance), self.delta,
+                                         False, False)
+    result.Raise("Grow request failed to node %s" % node)
  
  
-    disk.RecordGrow(self.op.amount)
+    disk.RecordGrow(self.delta)
      self.cfg.Update(instance, feedback_fn)
      self.cfg.Update(instance, feedback_fn)
+
+    # Changes have been recorded, release node lock
+    _ReleaseLocks(self, locking.LEVEL_NODE)
+
+    # Downgrade lock while waiting for sync
+    self.glm.downgrade(locking.LEVEL_INSTANCE)
+
+    assert wipe_disks ^ (old_disk_size is None)
+
+    if wipe_disks:
+      assert instance.disks[self.op.disk] == disk
+
+      # Wipe newly added disk space
+      _WipeDisks(self, instance,
+                 disks=[(self.op.disk, disk, old_disk_size)])
+
      if self.op.wait_for_sync:
        disk_abort = not _WaitForSync(self, instance, disks=[disk])
        if disk_abort:
      if self.op.wait_for_sync:
        disk_abort = not _WaitForSync(self, instance, disks=[disk])
        if disk_abort:
-        self.proc.LogWarning("Warning: disk sync-ing has not returned a good"
-                             " status.\nPlease check the instance.")
-      if not instance.admin_up:
+        self.LogWarning("Disk syncing has not returned a good status; check"
+                        " the instance")
+      if instance.admin_state != constants.ADMINST_UP:
          _SafeShutdownInstanceDisks(self, instance, disks=[disk])
          _SafeShutdownInstanceDisks(self, instance, disks=[disk])
-    elif not instance.admin_up:
-      self.proc.LogWarning("Not shutting down the disk even if the instance is"
-                           " not supposed to be running because no wait for"
-                           " sync mode was requested.")
+    elif instance.admin_state != constants.ADMINST_UP:
+      self.LogWarning("Not shutting down the disk even if the instance is"
+                      " not supposed to be running because no wait for"
+                      " sync mode was requested")
+
+    assert self.owned_locks(locking.LEVEL_NODE_RES)
+    assert set([instance.name]) == self.owned_locks(locking.LEVEL_INSTANCE)
  
  
  class LUInstanceQueryData(NoHooksLU):
  
  
  class LUInstanceQueryData(NoHooksLU):
@@ -9030,20 +12406,32 @@ class LUInstanceQueryData(NoHooksLU):
        self.wanted_names = None
  
      if self.op.use_locking:
        self.wanted_names = None
  
      if self.op.use_locking:
-      self.share_locks = dict.fromkeys(locking.LEVELS, 1)
+      self.share_locks = _ShareAll()
  
        if self.wanted_names is None:
          self.needed_locks[locking.LEVEL_INSTANCE] = locking.ALL_SET
        else:
          self.needed_locks[locking.LEVEL_INSTANCE] = self.wanted_names
  
  
        if self.wanted_names is None:
          self.needed_locks[locking.LEVEL_INSTANCE] = locking.ALL_SET
        else:
          self.needed_locks[locking.LEVEL_INSTANCE] = self.wanted_names
  
+      self.needed_locks[locking.LEVEL_NODEGROUP] = []
        self.needed_locks[locking.LEVEL_NODE] = []
        self.needed_locks[locking.LEVEL_NODE] = []
-      self.share_locks = dict.fromkeys(locking.LEVELS, 1)
        self.recalculate_locks[locking.LEVEL_NODE] = constants.LOCKS_REPLACE
  
    def DeclareLocks(self, level):
        self.recalculate_locks[locking.LEVEL_NODE] = constants.LOCKS_REPLACE
  
    def DeclareLocks(self, level):
-    if self.op.use_locking and level == locking.LEVEL_NODE:
-      self._LockInstancesNodes()
+    if self.op.use_locking:
+      if level == locking.LEVEL_NODEGROUP:
+        owned_instances = self.owned_locks(locking.LEVEL_INSTANCE)
+
+        # Lock all groups used by instances optimistically; this requires going
+        # via the node before it's locked, requiring verification later on
+        self.needed_locks[locking.LEVEL_NODEGROUP] = \
+          frozenset(group_uuid
+                    for instance_name in owned_instances
+                    for group_uuid in
+                      self.cfg.GetInstanceNodeGroups(instance_name))
+
+      elif level == locking.LEVEL_NODE:
+        self._LockInstancesNodes()
  
    def CheckPrereq(self):
      """Check prerequisites.
  
    def CheckPrereq(self):
      """Check prerequisites.
@@ -9051,14 +12439,25 @@ class LUInstanceQueryData(NoHooksLU):
      This only checks the optional instance list against the existing names.
  
      """
      This only checks the optional instance list against the existing names.
  
      """
+    owned_instances = frozenset(self.owned_locks(locking.LEVEL_INSTANCE))
+    owned_groups = frozenset(self.owned_locks(locking.LEVEL_NODEGROUP))
+    owned_nodes = frozenset(self.owned_locks(locking.LEVEL_NODE))
+
      if self.wanted_names is None:
        assert self.op.use_locking, "Locking was not used"
      if self.wanted_names is None:
        assert self.op.use_locking, "Locking was not used"
-      self.wanted_names = self.acquired_locks[locking.LEVEL_INSTANCE]
+      self.wanted_names = owned_instances
+
+    instances = dict(self.cfg.GetMultiInstanceInfo(self.wanted_names))
+
+    if self.op.use_locking:
+      _CheckInstancesNodeGroups(self.cfg, instances, owned_groups, owned_nodes,
+                                None)
+    else:
+      assert not (owned_instances or owned_groups or owned_nodes)
  
  
-    self.wanted_instances = [self.cfg.GetInstanceInfo(name)
-                             for name in self.wanted_names]
+    self.wanted_instances = instances.values()
  
  
-  def _ComputeBlockdevStatus(self, node, instance_name, dev):
+  def _ComputeBlockdevStatus(self, node, instance, dev):
      """Returns the status of a block device
  
      """
      """Returns the status of a block device
  
      """
@@ -9071,7 +12470,7 @@ class LUInstanceQueryData(NoHooksLU):
      if result.offline:
        return None
  
      if result.offline:
        return None
  
-    result.Raise("Can't compute disk status for %s" % instance_name)
+    result.Raise("Can't compute disk status for %s" % instance.name)
  
      status = result.payload
      if status is None:
  
      status = result.payload
      if status is None:
@@ -9085,6 +12484,16 @@ class LUInstanceQueryData(NoHooksLU):
      """Compute block device status.
  
      """
      """Compute block device status.
  
      """
+    (anno_dev,) = _AnnotateDiskParams(instance, [dev], self.cfg)
+
+    return self._ComputeDiskStatusInner(instance, snode, anno_dev)
+
+  def _ComputeDiskStatusInner(self, instance, snode, dev):
+    """Compute block device status.
+
+    @attention: The device has to be annotated already.
+
+    """
      if dev.dev_type in constants.LDS_DRBD:
        # we change the snode then (otherwise we use the one passed in)
        if dev.logical_id[0] == instance.primary_node:
      if dev.dev_type in constants.LDS_DRBD:
        # we change the snode then (otherwise we use the one passed in)
        if dev.logical_id[0] == instance.primary_node:
@@ -9093,12 +12502,13 @@ class LUInstanceQueryData(NoHooksLU):
          snode = dev.logical_id[0]
  
      dev_pstatus = self._ComputeBlockdevStatus(instance.primary_node,
          snode = dev.logical_id[0]
  
      dev_pstatus = self._ComputeBlockdevStatus(instance.primary_node,
-                                              instance.name, dev)
-    dev_sstatus = self._ComputeBlockdevStatus(snode, instance.name, dev)
+                                              instance, dev)
+    dev_sstatus = self._ComputeBlockdevStatus(snode, instance, dev)
  
      if dev.children:
  
      if dev.children:
-      dev_children = [self._ComputeDiskStatus(instance, snode, child)
-                      for child in dev.children]
+      dev_children = map(compat.partial(self._ComputeDiskStatusInner,
+                                        instance, snode),
+                         dev.children)
      else:
        dev_children = []
  
      else:
        dev_children = []
  
@@ -9120,8 +12530,24 @@ class LUInstanceQueryData(NoHooksLU):
  
      cluster = self.cfg.GetClusterInfo()
  
  
      cluster = self.cfg.GetClusterInfo()
  
+    node_names = itertools.chain(*(i.all_nodes for i in self.wanted_instances))
+    nodes = dict(self.cfg.GetMultiNodeInfo(node_names))
+
+    groups = dict(self.cfg.GetMultiNodeGroupInfo(node.group
+                                                 for node in nodes.values()))
+
+    group2name_fn = lambda uuid: groups[uuid].name
+
      for instance in self.wanted_instances:
      for instance in self.wanted_instances:
-      if not self.op.static:
+      pnode = nodes[instance.primary_node]
+
+      if self.op.static or pnode.offline:
+        remote_state = None
+        if pnode.offline:
+          self.LogWarning("Primary node %s is marked offline, returning static"
+                          " information only for instance %s" %
+                          (pnode.name, instance.name))
+      else:
          remote_info = self.rpc.call_instance_info(instance.primary_node,
                                                    instance.name,
                                                    instance.hypervisor)
          remote_info = self.rpc.call_instance_info(instance.primary_node,
                                                    instance.name,
                                                    instance.hypervisor)
@@ -9130,23 +12556,27 @@ class LUInstanceQueryData(NoHooksLU):
          if remote_info and "state" in remote_info:
            remote_state = "up"
          else:
          if remote_info and "state" in remote_info:
            remote_state = "up"
          else:
-          remote_state = "down"
-      else:
-        remote_state = None
-      if instance.admin_up:
-        config_state = "up"
-      else:
-        config_state = "down"
+          if instance.admin_state == constants.ADMINST_UP:
+            remote_state = "down"
+          else:
+            remote_state = instance.admin_state
  
  
-      disks = [self._ComputeDiskStatus(instance, None, device)
-               for device in instance.disks]
+      disks = map(compat.partial(self._ComputeDiskStatus, instance, None),
+                  instance.disks)
+
+      snodes_group_uuids = [nodes[snode_name].group
+                            for snode_name in instance.secondary_nodes]
  
        result[instance.name] = {
          "name": instance.name,
  
        result[instance.name] = {
          "name": instance.name,
-        "config_state": config_state,
+        "config_state": instance.admin_state,
          "run_state": remote_state,
          "pnode": instance.primary_node,
          "run_state": remote_state,
          "pnode": instance.primary_node,
+        "pnode_group_uuid": pnode.group,
+        "pnode_group_name": group2name_fn(pnode.group),
          "snodes": instance.secondary_nodes,
          "snodes": instance.secondary_nodes,
+        "snodes_group_uuids": snodes_group_uuids,
+        "snodes_group_names": map(group2name_fn, snodes_group_uuids),
          "os": instance.os,
          # this happens to be the same format used for hooks
          "nics": _NICListToTuple(self, instance.nics),
          "os": instance.os,
          # this happens to be the same format used for hooks
          "nics": _NICListToTuple(self, instance.nics),
@@ -9169,6 +12599,144 @@ class LUInstanceQueryData(NoHooksLU):
      return result
  
  
      return result
  
  
+def PrepareContainerMods(mods, private_fn):
+  """Prepares a list of container modifications by adding a private data field.
+
+  @type mods: list of tuples; (operation, index, parameters)
+  @param mods: List of modifications
+  @type private_fn: callable or None
+  @param private_fn: Callable for constructing a private data field for a
+    modification
+  @rtype: list
+
+  """
+  if private_fn is None:
+    fn = lambda: None
+  else:
+    fn = private_fn
+
+  return [(op, idx, params, fn()) for (op, idx, params) in mods]
+
+
+#: Type description for changes as returned by L{ApplyContainerMods}'s
+#: callbacks
+_TApplyContModsCbChanges = \
+  ht.TMaybeListOf(ht.TAnd(ht.TIsLength(2), ht.TItems([
+    ht.TNonEmptyString,
+    ht.TAny,
+    ])))
+
+
+def ApplyContainerMods(kind, container, chgdesc, mods,
+                       create_fn, modify_fn, remove_fn):
+  """Applies descriptions in C{mods} to C{container}.
+
+  @type kind: string
+  @param kind: One-word item description
+  @type container: list
+  @param container: Container to modify
+  @type chgdesc: None or list
+  @param chgdesc: List of applied changes
+  @type mods: list
+  @param mods: Modifications as returned by L{PrepareContainerMods}
+  @type create_fn: callable
+  @param create_fn: Callback for creating a new item (L{constants.DDM_ADD});
+    receives absolute item index, parameters and private data object as added
+    by L{PrepareContainerMods}, returns tuple containing new item and changes
+    as list
+  @type modify_fn: callable
+  @param modify_fn: Callback for modifying an existing item
+    (L{constants.DDM_MODIFY}); receives absolute item index, item, parameters
+    and private data object as added by L{PrepareContainerMods}, returns
+    changes as list
+  @type remove_fn: callable
+  @param remove_fn: Callback on removing item; receives absolute item index,
+    item and private data object as added by L{PrepareContainerMods}
+
+  """
+  for (op, idx, params, private) in mods:
+    if idx == -1:
+      # Append
+      absidx = len(container) - 1
+    elif idx < 0:
+      raise IndexError("Not accepting negative indices other than -1")
+    elif idx > len(container):
+      raise IndexError("Got %s index %s, but there are only %s" %
+                       (kind, idx, len(container)))
+    else:
+      absidx = idx
+
+    changes = None
+
+    if op == constants.DDM_ADD:
+      # Calculate where item will be added
+      if idx == -1:
+        addidx = len(container)
+      else:
+        addidx = idx
+
+      if create_fn is None:
+        item = params
+      else:
+        (item, changes) = create_fn(addidx, params, private)
+
+      if idx == -1:
+        container.append(item)
+      else:
+        assert idx >= 0
+        assert idx <= len(container)
+        # list.insert does so before the specified index
+        container.insert(idx, item)
+    else:
+      # Retrieve existing item
+      try:
+        item = container[absidx]
+      except IndexError:
+        raise IndexError("Invalid %s index %s" % (kind, idx))
+
+      if op == constants.DDM_REMOVE:
+        assert not params
+
+        if remove_fn is not None:
+          remove_fn(absidx, item, private)
+
+        changes = [("%s/%s" % (kind, absidx), "remove")]
+
+        assert container[absidx] == item
+        del container[absidx]
+      elif op == constants.DDM_MODIFY:
+        if modify_fn is not None:
+          changes = modify_fn(absidx, item, params, private)
+      else:
+        raise errors.ProgrammerError("Unhandled operation '%s'" % op)
+
+    assert _TApplyContModsCbChanges(changes)
+
+    if not (chgdesc is None or changes is None):
+      chgdesc.extend(changes)
+
+
+def _UpdateIvNames(base_index, disks):
+  """Updates the C{iv_name} attribute of disks.
+
+  @type disks: list of L{objects.Disk}
+
+  """
+  for (idx, disk) in enumerate(disks):
+    disk.iv_name = "disk/%s" % (base_index + idx, )
+
+
+class _InstNicModPrivate:
+  """Data structure for network interface modifications.
+
+  Used by L{LUInstanceSetParams}.
+
+  """
+  def __init__(self):
+    self.params = None
+    self.filled = None
+
+
  class LUInstanceSetParams(LogicalUnit):
    """Modifies an instances's parameters.
  
  class LUInstanceSetParams(LogicalUnit):
    """Modifies an instances's parameters.
  
@@ -9177,54 +12745,146 @@ class LUInstanceSetParams(LogicalUnit):
    HTYPE = constants.HTYPE_INSTANCE
    REQ_BGL = False
  
    HTYPE = constants.HTYPE_INSTANCE
    REQ_BGL = False
  
+  @staticmethod
+  def _UpgradeDiskNicMods(kind, mods, verify_fn):
+    assert ht.TList(mods)
+    assert not mods or len(mods[0]) in (2, 3)
+
+    if mods and len(mods[0]) == 2:
+      result = []
+
+      addremove = 0
+      for op, params in mods:
+        if op in (constants.DDM_ADD, constants.DDM_REMOVE):
+          result.append((op, -1, params))
+          addremove += 1
+
+          if addremove > 1:
+            raise errors.OpPrereqError("Only one %s add or remove operation is"
+                                       " supported at a time" % kind,
+                                       errors.ECODE_INVAL)
+        else:
+          result.append((constants.DDM_MODIFY, op, params))
+
+      assert verify_fn(result)
+    else:
+      result = mods
+
+    return result
+
+  @staticmethod
+  def _CheckMods(kind, mods, key_types, item_fn):
+    """Ensures requested disk/NIC modifications are valid.
+
+    """
+    for (op, _, params) in mods:
+      assert ht.TDict(params)
+
+      utils.ForceDictType(params, key_types)
+
+      if op == constants.DDM_REMOVE:
+        if params:
+          raise errors.OpPrereqError("No settings should be passed when"
+                                     " removing a %s" % kind,
+                                     errors.ECODE_INVAL)
+      elif op in (constants.DDM_ADD, constants.DDM_MODIFY):
+        item_fn(op, params)
+      else:
+        raise errors.ProgrammerError("Unhandled operation '%s'" % op)
+
+  @staticmethod
+  def _VerifyDiskModification(op, params):
+    """Verifies a disk modification.
+
+    """
+    if op == constants.DDM_ADD:
+      mode = params.setdefault(constants.IDISK_MODE, constants.DISK_RDWR)
+      if mode not in constants.DISK_ACCESS_SET:
+        raise errors.OpPrereqError("Invalid disk access mode '%s'" % mode,
+                                   errors.ECODE_INVAL)
+
+      size = params.get(constants.IDISK_SIZE, None)
+      if size is None:
+        raise errors.OpPrereqError("Required disk parameter '%s' missing" %
+                                   constants.IDISK_SIZE, errors.ECODE_INVAL)
+
+      try:
+        size = int(size)
+      except (TypeError, ValueError), err:
+        raise errors.OpPrereqError("Invalid disk size parameter: %s" % err,
+                                   errors.ECODE_INVAL)
+
+      params[constants.IDISK_SIZE] = size
+
+    elif op == constants.DDM_MODIFY and constants.IDISK_SIZE in params:
+      raise errors.OpPrereqError("Disk size change not possible, use"
+                                 " grow-disk", errors.ECODE_INVAL)
+
+  @staticmethod
+  def _VerifyNicModification(op, params):
+    """Verifies a network interface modification.
+
+    """
+    if op in (constants.DDM_ADD, constants.DDM_MODIFY):
+      ip = params.get(constants.INIC_IP, None)
+      req_net = params.get(constants.INIC_NETWORK, None)
+      link = params.get(constants.NIC_LINK, None)
+      mode = params.get(constants.NIC_MODE, None)
+      if req_net is not None:
+        if req_net.lower() == constants.VALUE_NONE:
+          params[constants.INIC_NETWORK] = None
+          req_net = None
+        elif link is not None or mode is not None:
+          raise errors.OpPrereqError("If network is given"
+                                     " mode or link should not",
+                                     errors.ECODE_INVAL)
+
+      if op == constants.DDM_ADD:
+        macaddr = params.get(constants.INIC_MAC, None)
+        if macaddr is None:
+          params[constants.INIC_MAC] = constants.VALUE_AUTO
+
+      if ip is not None:
+        if ip.lower() == constants.VALUE_NONE:
+          params[constants.INIC_IP] = None
+        else:
+          if ip.lower() == constants.NIC_IP_POOL:
+            if op == constants.DDM_ADD and req_net is None:
+              raise errors.OpPrereqError("If ip=pool, parameter network"
+                                         " cannot be none",
+                                         errors.ECODE_INVAL)
+          else:
+            if not netutils.IPAddress.IsValid(ip):
+              raise errors.OpPrereqError("Invalid IP address '%s'" % ip,
+                                         errors.ECODE_INVAL)
+
+      if constants.INIC_MAC in params:
+        macaddr = params[constants.INIC_MAC]
+        if macaddr not in (constants.VALUE_AUTO, constants.VALUE_GENERATE):
+          macaddr = utils.NormalizeAndValidateMac(macaddr)
+
+        if op == constants.DDM_MODIFY and macaddr == constants.VALUE_AUTO:
+          raise errors.OpPrereqError("'auto' is not a valid MAC address when"
+                                     " modifying an existing NIC",
+                                     errors.ECODE_INVAL)
+
    def CheckArguments(self):
      if not (self.op.nics or self.op.disks or self.op.disk_template or
    def CheckArguments(self):
      if not (self.op.nics or self.op.disks or self.op.disk_template or
-            self.op.hvparams or self.op.beparams or self.op.os_name):
+            self.op.hvparams or self.op.beparams or self.op.os_name or
+            self.op.offline is not None or self.op.runtime_mem):
        raise errors.OpPrereqError("No changes submitted", errors.ECODE_INVAL)
  
      if self.op.hvparams:
        _CheckGlobalHvParams(self.op.hvparams)
  
        raise errors.OpPrereqError("No changes submitted", errors.ECODE_INVAL)
  
      if self.op.hvparams:
        _CheckGlobalHvParams(self.op.hvparams)
  
-    # Disk validation
-    disk_addremove = 0
-    for disk_op, disk_dict in self.op.disks:
-      utils.ForceDictType(disk_dict, constants.IDISK_PARAMS_TYPES)
-      if disk_op == constants.DDM_REMOVE:
-        disk_addremove += 1
-        continue
-      elif disk_op == constants.DDM_ADD:
-        disk_addremove += 1
-      else:
-        if not isinstance(disk_op, int):
-          raise errors.OpPrereqError("Invalid disk index", errors.ECODE_INVAL)
-        if not isinstance(disk_dict, dict):
-          msg = "Invalid disk value: expected dict, got '%s'" % disk_dict
-          raise errors.OpPrereqError(msg, errors.ECODE_INVAL)
-
-      if disk_op == constants.DDM_ADD:
-        mode = disk_dict.setdefault('mode', constants.DISK_RDWR)
-        if mode not in constants.DISK_ACCESS_SET:
-          raise errors.OpPrereqError("Invalid disk access mode '%s'" % mode,
-                                     errors.ECODE_INVAL)
-        size = disk_dict.get('size', None)
-        if size is None:
-          raise errors.OpPrereqError("Required disk parameter size missing",
-                                     errors.ECODE_INVAL)
-        try:
-          size = int(size)
-        except (TypeError, ValueError), err:
-          raise errors.OpPrereqError("Invalid disk size parameter: %s" %
-                                     str(err), errors.ECODE_INVAL)
-        disk_dict['size'] = size
-      else:
-        # modification of disk
-        if 'size' in disk_dict:
-          raise errors.OpPrereqError("Disk size change not possible, use"
-                                     " grow-disk", errors.ECODE_INVAL)
+    self.op.disks = self._UpgradeDiskNicMods(
+      "disk", self.op.disks, opcodes.OpInstanceSetParams.TestDiskModifications)
+    self.op.nics = self._UpgradeDiskNicMods(
+      "NIC", self.op.nics, opcodes.OpInstanceSetParams.TestNicModifications)
  
  
-    if disk_addremove > 1:
-      raise errors.OpPrereqError("Only one disk add or remove operation"
-                                 " supported at a time", errors.ECODE_INVAL)
+    # Check disk modifications
+    self._CheckMods("disk", self.op.disks, constants.IDISK_PARAMS_TYPES,
+                    self._VerifyDiskModification)
  
      if self.op.disks and self.op.disk_template is not None:
        raise errors.OpPrereqError("Disk template conversion and other disk"
  
      if self.op.disks and self.op.disk_template is not None:
        raise errors.OpPrereqError("Disk template conversion and other disk"
@@ -9232,78 +12892,43 @@ class LUInstanceSetParams(LogicalUnit):
                                   errors.ECODE_INVAL)
  
      if (self.op.disk_template and
                                   errors.ECODE_INVAL)
  
      if (self.op.disk_template and
-        self.op.disk_template in constants.DTS_NET_MIRROR and
+        self.op.disk_template in constants.DTS_INT_MIRROR and
          self.op.remote_node is None):
        raise errors.OpPrereqError("Changing the disk template to a mirrored"
                                   " one requires specifying a secondary node",
                                   errors.ECODE_INVAL)
  
          self.op.remote_node is None):
        raise errors.OpPrereqError("Changing the disk template to a mirrored"
                                   " one requires specifying a secondary node",
                                   errors.ECODE_INVAL)
  
-    # NIC validation
-    nic_addremove = 0
-    for nic_op, nic_dict in self.op.nics:
-      utils.ForceDictType(nic_dict, constants.INIC_PARAMS_TYPES)
-      if nic_op == constants.DDM_REMOVE:
-        nic_addremove += 1
-        continue
-      elif nic_op == constants.DDM_ADD:
-        nic_addremove += 1
-      else:
-        if not isinstance(nic_op, int):
-          raise errors.OpPrereqError("Invalid nic index", errors.ECODE_INVAL)
-        if not isinstance(nic_dict, dict):
-          msg = "Invalid nic value: expected dict, got '%s'" % nic_dict
-          raise errors.OpPrereqError(msg, errors.ECODE_INVAL)
-
-      # nic_dict should be a dict
-      nic_ip = nic_dict.get('ip', None)
-      if nic_ip is not None:
-        if nic_ip.lower() == constants.VALUE_NONE:
-          nic_dict['ip'] = None
-        else:
-          if not netutils.IPAddress.IsValid(nic_ip):
-            raise errors.OpPrereqError("Invalid IP address '%s'" % nic_ip,
-                                       errors.ECODE_INVAL)
-
-      nic_bridge = nic_dict.get('bridge', None)
-      nic_link = nic_dict.get('link', None)
-      if nic_bridge and nic_link:
-        raise errors.OpPrereqError("Cannot pass 'bridge' and 'link'"
-                                   " at the same time", errors.ECODE_INVAL)
-      elif nic_bridge and nic_bridge.lower() == constants.VALUE_NONE:
-        nic_dict['bridge'] = None
-      elif nic_link and nic_link.lower() == constants.VALUE_NONE:
-        nic_dict['link'] = None
-
-      if nic_op == constants.DDM_ADD:
-        nic_mac = nic_dict.get('mac', None)
-        if nic_mac is None:
-          nic_dict['mac'] = constants.VALUE_AUTO
-
-      if 'mac' in nic_dict:
-        nic_mac = nic_dict['mac']
-        if nic_mac not in (constants.VALUE_AUTO, constants.VALUE_GENERATE):
-          nic_mac = utils.NormalizeAndValidateMac(nic_mac)
-
-        if nic_op != constants.DDM_ADD and nic_mac == constants.VALUE_AUTO:
-          raise errors.OpPrereqError("'auto' is not a valid MAC address when"
-                                     " modifying an existing nic",
-                                     errors.ECODE_INVAL)
-
-    if nic_addremove > 1:
-      raise errors.OpPrereqError("Only one NIC add or remove operation"
-                                 " supported at a time", errors.ECODE_INVAL)
+    # Check NIC modifications
+    self._CheckMods("NIC", self.op.nics, constants.INIC_PARAMS_TYPES,
+                    self._VerifyNicModification)
  
    def ExpandNames(self):
      self._ExpandAndLockInstance()
  
    def ExpandNames(self):
      self._ExpandAndLockInstance()
+    self.needed_locks[locking.LEVEL_NODEGROUP] = []
+    # Can't even acquire node locks in shared mode as upcoming changes in
+    # Ganeti 2.6 will start to modify the node object on disk conversion
      self.needed_locks[locking.LEVEL_NODE] = []
      self.needed_locks[locking.LEVEL_NODE] = []
+    self.needed_locks[locking.LEVEL_NODE_RES] = []
      self.recalculate_locks[locking.LEVEL_NODE] = constants.LOCKS_REPLACE
      self.recalculate_locks[locking.LEVEL_NODE] = constants.LOCKS_REPLACE
+    # Look node group to look up the ipolicy
+    self.share_locks[locking.LEVEL_NODEGROUP] = 1
  
    def DeclareLocks(self, level):
  
    def DeclareLocks(self, level):
-    if level == locking.LEVEL_NODE:
+    if level == locking.LEVEL_NODEGROUP:
+      assert not self.needed_locks[locking.LEVEL_NODEGROUP]
+      # Acquire locks for the instance's nodegroups optimistically. Needs
+      # to be verified in CheckPrereq
+      self.needed_locks[locking.LEVEL_NODEGROUP] = \
+        self.cfg.GetInstanceNodeGroups(self.op.instance_name)
+    elif level == locking.LEVEL_NODE:
        self._LockInstancesNodes()
        if self.op.disk_template and self.op.remote_node:
          self.op.remote_node = _ExpandNodeName(self.cfg, self.op.remote_node)
          self.needed_locks[locking.LEVEL_NODE].append(self.op.remote_node)
        self._LockInstancesNodes()
        if self.op.disk_template and self.op.remote_node:
          self.op.remote_node = _ExpandNodeName(self.cfg, self.op.remote_node)
          self.needed_locks[locking.LEVEL_NODE].append(self.op.remote_node)
+    elif level == locking.LEVEL_NODE_RES and self.op.disk_template:
+      # Copy node locks
+      self.needed_locks[locking.LEVEL_NODE_RES] = \
+        _CopyLockList(self.needed_locks[locking.LEVEL_NODE])
  
    def BuildHooksEnv(self):
      """Build hooks env.
  
    def BuildHooksEnv(self):
      """Build hooks env.
@@ -9311,74 +12936,206 @@ class LUInstanceSetParams(LogicalUnit):
      This runs on the master, primary and secondaries.
  
      """
      This runs on the master, primary and secondaries.
  
      """
-    args = dict()
-    if constants.BE_MEMORY in self.be_new:
-      args['memory'] = self.be_new[constants.BE_MEMORY]
+    args = {}
+    if constants.BE_MINMEM in self.be_new:
+      args["minmem"] = self.be_new[constants.BE_MINMEM]
+    if constants.BE_MAXMEM in self.be_new:
+      args["maxmem"] = self.be_new[constants.BE_MAXMEM]
      if constants.BE_VCPUS in self.be_new:
      if constants.BE_VCPUS in self.be_new:
-      args['vcpus'] = self.be_new[constants.BE_VCPUS]
+      args["vcpus"] = self.be_new[constants.BE_VCPUS]
      # TODO: export disk changes. Note: _BuildInstanceHookEnv* don't export disk
      # information at all.
      # TODO: export disk changes. Note: _BuildInstanceHookEnv* don't export disk
      # information at all.
-    if self.op.nics:
-      args['nics'] = []
-      nic_override = dict(self.op.nics)
-      for idx, nic in enumerate(self.instance.nics):
-        if idx in nic_override:
-          this_nic_override = nic_override[idx]
-        else:
-          this_nic_override = {}
-        if 'ip' in this_nic_override:
-          ip = this_nic_override['ip']
-        else:
-          ip = nic.ip
-        if 'mac' in this_nic_override:
-          mac = this_nic_override['mac']
-        else:
-          mac = nic.mac
-        if idx in self.nic_pnew:
-          nicparams = self.nic_pnew[idx]
-        else:
-          nicparams = self.cluster.SimpleFillNIC(nic.nicparams)
-        mode = nicparams[constants.NIC_MODE]
-        link = nicparams[constants.NIC_LINK]
-        args['nics'].append((ip, mac, mode, link))
-      if constants.DDM_ADD in nic_override:
-        ip = nic_override[constants.DDM_ADD].get('ip', None)
-        mac = nic_override[constants.DDM_ADD]['mac']
-        nicparams = self.nic_pnew[constants.DDM_ADD]
-        mode = nicparams[constants.NIC_MODE]
-        link = nicparams[constants.NIC_LINK]
-        args['nics'].append((ip, mac, mode, link))
-      elif constants.DDM_REMOVE in nic_override:
-        del args['nics'][-1]
+
+    if self._new_nics is not None:
+      nics = []
+
+      for nic in self._new_nics:
+        n = copy.deepcopy(nic)
+        nicparams = self.cluster.SimpleFillNIC(n.nicparams)
+        n.nicparams = nicparams
+        nics.append(_NICToTuple(self, n))
+
+      args["nics"] = nics
  
      env = _BuildInstanceHookEnvByObject(self, self.instance, override=args)
      if self.op.disk_template:
        env["NEW_DISK_TEMPLATE"] = self.op.disk_template
  
      env = _BuildInstanceHookEnvByObject(self, self.instance, override=args)
      if self.op.disk_template:
        env["NEW_DISK_TEMPLATE"] = self.op.disk_template
-    nl = [self.cfg.GetMasterNode()] + list(self.instance.all_nodes)
-    return env, nl, nl
+    if self.op.runtime_mem:
+      env["RUNTIME_MEMORY"] = self.op.runtime_mem
  
  
-  def CheckPrereq(self):
-    """Check prerequisites.
+    return env
  
  
-    This only checks the instance list against the existing names.
+  def BuildHooksNodes(self):
+    """Build hooks nodes.
  
      """
  
      """
-    # checking the new params on the primary/secondary nodes
+    nl = [self.cfg.GetMasterNode()] + list(self.instance.all_nodes)
+    return (nl, nl)
  
  
-    instance = self.instance = self.cfg.GetInstanceInfo(self.op.instance_name)
-    cluster = self.cluster = self.cfg.GetClusterInfo()
-    assert self.instance is not None, \
-      "Cannot retrieve locked instance %s" % self.op.instance_name
-    pnode = instance.primary_node
-    nodelist = list(instance.all_nodes)
+  def _PrepareNicModification(self, params, private, old_ip, old_net,
+                              old_params, cluster, pnode):
  
  
-    # OS change
-    if self.op.os_name and not self.op.force:
-      _CheckNodeHasOS(self, instance.primary_node, self.op.os_name,
-                      self.op.force_variant)
-      instance_os = self.op.os_name
+    update_params_dict = dict([(key, params[key])
+                               for key in constants.NICS_PARAMETERS
+                               if key in params])
+
+    req_link = update_params_dict.get(constants.NIC_LINK, None)
+    req_mode = update_params_dict.get(constants.NIC_MODE, None)
+
+    new_net = params.get(constants.INIC_NETWORK, old_net)
+    if new_net is not None:
+      netparams = self.cfg.GetGroupNetParams(new_net, pnode)
+      if netparams is None:
+        raise errors.OpPrereqError("No netparams found for the network"
+                                   " %s, probably not connected" % new_net,
+                                   errors.ECODE_INVAL)
+      new_params = dict(netparams)
      else:
      else:
-      instance_os = instance.os
+      new_params = _GetUpdatedParams(old_params, update_params_dict)
+
+    utils.ForceDictType(new_params, constants.NICS_PARAMETER_TYPES)
+
+    new_filled_params = cluster.SimpleFillNIC(new_params)
+    objects.NIC.CheckParameterSyntax(new_filled_params)
+
+    new_mode = new_filled_params[constants.NIC_MODE]
+    if new_mode == constants.NIC_MODE_BRIDGED:
+      bridge = new_filled_params[constants.NIC_LINK]
+      msg = self.rpc.call_bridges_exist(pnode, [bridge]).fail_msg
+      if msg:
+        msg = "Error checking bridges on node '%s': %s" % (pnode, msg)
+        if self.op.force:
+          self.warn.append(msg)
+        else:
+          raise errors.OpPrereqError(msg, errors.ECODE_ENVIRON)
+
+    elif new_mode == constants.NIC_MODE_ROUTED:
+      ip = params.get(constants.INIC_IP, old_ip)
+      if ip is None:
+        raise errors.OpPrereqError("Cannot set the NIC IP address to None"
+                                   " on a routed NIC", errors.ECODE_INVAL)
+
+    if constants.INIC_MAC in params:
+      mac = params[constants.INIC_MAC]
+      if mac is None:
+        raise errors.OpPrereqError("Cannot unset the NIC MAC address",
+                                   errors.ECODE_INVAL)
+      elif mac in (constants.VALUE_AUTO, constants.VALUE_GENERATE):
+        # otherwise generate the MAC address
+        params[constants.INIC_MAC] = \
+          self.cfg.GenerateMAC(new_net, self.proc.GetECId())
+      else:
+        # or validate/reserve the current one
+        try:
+          self.cfg.ReserveMAC(mac, self.proc.GetECId())
+        except errors.ReservationError:
+          raise errors.OpPrereqError("MAC address '%s' already in use"
+                                     " in cluster" % mac,
+                                     errors.ECODE_NOTUNIQUE)
+    elif new_net != old_net:
+
+      def get_net_prefix(net):
+        if net:
+          uuid = self.cfg.LookupNetwork(net)
+          if uuid:
+            nobj = self.cfg.GetNetwork(uuid)
+            return nobj.mac_prefix
+        return None
+
+      new_prefix = get_net_prefix(new_net)
+      old_prefix = get_net_prefix(old_net)
+      if old_prefix != new_prefix:
+        params[constants.INIC_MAC] = \
+          self.cfg.GenerateMAC(new_net, self.proc.GetECId())
+
+    #if there is a change in nic-network configuration
+    new_ip = params.get(constants.INIC_IP, old_ip)
+    if (new_ip, new_net) != (old_ip, old_net):
+      if new_ip:
+        if new_net:
+          if new_ip.lower() == constants.NIC_IP_POOL:
+            try:
+              new_ip = self.cfg.GenerateIp(new_net, self.proc.GetECId())
+            except errors.ReservationError:
+              raise errors.OpPrereqError("Unable to get a free IP"
+                                         " from the address pool",
+                                         errors.ECODE_STATE)
+            self.LogInfo("Chose IP %s from pool %s", new_ip, new_net)
+            params[constants.INIC_IP] = new_ip
+          elif new_ip != old_ip or new_net != old_net:
+            try:
+              self.LogInfo("Reserving IP %s in pool %s", new_ip, new_net)
+              self.cfg.ReserveIp(new_net, new_ip, self.proc.GetECId())
+            except errors.ReservationError:
+              raise errors.OpPrereqError("IP %s not available in network %s" %
+                                         (new_ip, new_net),
+                                         errors.ECODE_NOTUNIQUE)
+        elif new_ip.lower() == constants.NIC_IP_POOL:
+          raise errors.OpPrereqError("ip=pool, but no network found",
+                                     errors.ECODE_INVAL)
+        else:
+          # new net is None
+          if self.op.conflicts_check:
+            _CheckForConflictingIp(self, new_ip, pnode)
+
+      if old_ip:
+        if old_net:
+          try:
+            self.cfg.ReleaseIp(old_net, old_ip, self.proc.GetECId())
+          except errors.AddressPoolError:
+            logging.warning("Release IP %s not contained in network %s",
+                            old_ip, old_net)
+
+    # there are no changes in (net, ip) tuple
+    elif (old_net is not None and
+          (req_link is not None or req_mode is not None)):
+      raise errors.OpPrereqError("Not allowed to change link or mode of"
+                                 " a NIC that is connected to a network",
+                                 errors.ECODE_INVAL)
+
+    private.params = new_params
+    private.filled = new_filled_params
+
+  def CheckPrereq(self):
+    """Check prerequisites.
+
+    This only checks the instance list against the existing names.
+
+    """
+    assert self.op.instance_name in self.owned_locks(locking.LEVEL_INSTANCE)
+    instance = self.instance = self.cfg.GetInstanceInfo(self.op.instance_name)
+
+    cluster = self.cluster = self.cfg.GetClusterInfo()
+    assert self.instance is not None, \
+      "Cannot retrieve locked instance %s" % self.op.instance_name
+
+    pnode = instance.primary_node
+    assert pnode in self.owned_locks(locking.LEVEL_NODE)
+    nodelist = list(instance.all_nodes)
+    pnode_info = self.cfg.GetNodeInfo(pnode)
+    self.diskparams = self.cfg.GetInstanceDiskParams(instance)
+
+    #_CheckInstanceNodeGroups(self.cfg, self.op.instance_name, owned_groups)
+    assert pnode_info.group in self.owned_locks(locking.LEVEL_NODEGROUP)
+    group_info = self.cfg.GetNodeGroup(pnode_info.group)
+
+    # dictionary with instance information after the modification
+    ispec = {}
+
+    # Prepare disk/NIC modifications
+    self.diskmod = PrepareContainerMods(self.op.disks, None)
+    self.nicmod = PrepareContainerMods(self.op.nics, _InstNicModPrivate)
+
+    # OS change
+    if self.op.os_name and not self.op.force:
+      _CheckNodeHasOS(self, instance.primary_node, self.op.os_name,
+                      self.op.force_variant)
+      instance_os = self.op.os_name
+    else:
+      instance_os = instance.os
+
+    assert not (self.op.disk_template and self.op.disks), \
+      "Can't modify disk template and apply disk changes at the same time"
  
      if self.op.disk_template:
        if instance.disk_template == self.op.disk_template:
  
      if self.op.disk_template:
        if instance.disk_template == self.op.disk_template:
@@ -9391,8 +13148,9 @@ class LUInstanceSetParams(LogicalUnit):
                                     " %s to %s" % (instance.disk_template,
                                                    self.op.disk_template),
                                     errors.ECODE_INVAL)
                                     " %s to %s" % (instance.disk_template,
                                                    self.op.disk_template),
                                     errors.ECODE_INVAL)
-      _CheckInstanceDown(self, instance, "cannot change disk template")
-      if self.op.disk_template in constants.DTS_NET_MIRROR:
+      _CheckInstanceState(self, instance, INSTANCE_DOWN,
+                          msg="cannot change disk template")
+      if self.op.disk_template in constants.DTS_INT_MIRROR:
          if self.op.remote_node == pnode:
            raise errors.OpPrereqError("Given new secondary node %s is the same"
                                       " as the primary node of the instance" %
          if self.op.remote_node == pnode:
            raise errors.OpPrereqError("Given new secondary node %s is the same"
                                       " as the primary node of the instance" %
@@ -9401,11 +13159,24 @@ class LUInstanceSetParams(LogicalUnit):
          _CheckNodeNotDrained(self, self.op.remote_node)
          # FIXME: here we assume that the old instance type is DT_PLAIN
          assert instance.disk_template == constants.DT_PLAIN
          _CheckNodeNotDrained(self, self.op.remote_node)
          # FIXME: here we assume that the old instance type is DT_PLAIN
          assert instance.disk_template == constants.DT_PLAIN
-        disks = [{"size": d.size, "vg": d.logical_id[0]}
+        disks = [{constants.IDISK_SIZE: d.size,
+                  constants.IDISK_VG: d.logical_id[0]}
                   for d in instance.disks]
          required = _ComputeDiskSizePerVG(self.op.disk_template, disks)
          _CheckNodesFreeDiskPerVG(self, [self.op.remote_node], required)
  
                   for d in instance.disks]
          required = _ComputeDiskSizePerVG(self.op.disk_template, disks)
          _CheckNodesFreeDiskPerVG(self, [self.op.remote_node], required)
  
+        snode_info = self.cfg.GetNodeInfo(self.op.remote_node)
+        snode_group = self.cfg.GetNodeGroup(snode_info.group)
+        ipolicy = ganeti.masterd.instance.CalculateGroupIPolicy(cluster,
+                                                                snode_group)
+        _CheckTargetNodeIPolicy(self, ipolicy, instance, snode_info,
+                                ignore=self.op.ignore_ipolicy)
+        if pnode_info.group != snode_info.group:
+          self.LogWarning("The primary and secondary nodes are in two"
+                          " different node groups; the disk parameters"
+                          " from the first disk's node group will be"
+                          " used")
+
      # hvparams processing
      if self.op.hvparams:
        hv_type = instance.hypervisor
      # hvparams processing
      if self.op.hvparams:
        hv_type = instance.hypervisor
@@ -9416,23 +13187,54 @@ class LUInstanceSetParams(LogicalUnit):
        # local check
        hypervisor.GetHypervisor(hv_type).CheckParameterSyntax(hv_new)
        _CheckHVParams(self, nodelist, instance.hypervisor, hv_new)
        # local check
        hypervisor.GetHypervisor(hv_type).CheckParameterSyntax(hv_new)
        _CheckHVParams(self, nodelist, instance.hypervisor, hv_new)
-      self.hv_new = hv_new # the new actual values
+      self.hv_proposed = self.hv_new = hv_new # the new actual values
        self.hv_inst = i_hvdict # the new dict (without defaults)
      else:
        self.hv_inst = i_hvdict # the new dict (without defaults)
      else:
+      self.hv_proposed = cluster.SimpleFillHV(instance.hypervisor, instance.os,
+                                              instance.hvparams)
        self.hv_new = self.hv_inst = {}
  
      # beparams processing
      if self.op.beparams:
        i_bedict = _GetUpdatedParams(instance.beparams, self.op.beparams,
                                     use_none=True)
        self.hv_new = self.hv_inst = {}
  
      # beparams processing
      if self.op.beparams:
        i_bedict = _GetUpdatedParams(instance.beparams, self.op.beparams,
                                     use_none=True)
+      objects.UpgradeBeParams(i_bedict)
        utils.ForceDictType(i_bedict, constants.BES_PARAMETER_TYPES)
        be_new = cluster.SimpleFillBE(i_bedict)
        utils.ForceDictType(i_bedict, constants.BES_PARAMETER_TYPES)
        be_new = cluster.SimpleFillBE(i_bedict)
-      self.be_new = be_new # the new actual values
+      self.be_proposed = self.be_new = be_new # the new actual values
        self.be_inst = i_bedict # the new dict (without defaults)
      else:
        self.be_new = self.be_inst = {}
        self.be_inst = i_bedict # the new dict (without defaults)
      else:
        self.be_new = self.be_inst = {}
+      self.be_proposed = cluster.SimpleFillBE(instance.beparams)
      be_old = cluster.FillBE(instance)
  
      be_old = cluster.FillBE(instance)
  
+    # CPU param validation -- checking every time a parameter is
+    # changed to cover all cases where either CPU mask or vcpus have
+    # changed
+    if (constants.BE_VCPUS in self.be_proposed and
+        constants.HV_CPU_MASK in self.hv_proposed):
+      cpu_list = \
+        utils.ParseMultiCpuMask(self.hv_proposed[constants.HV_CPU_MASK])
+      # Verify mask is consistent with number of vCPUs. Can skip this
+      # test if only 1 entry in the CPU mask, which means same mask
+      # is applied to all vCPUs.
+      if (len(cpu_list) > 1 and
+          len(cpu_list) != self.be_proposed[constants.BE_VCPUS]):
+        raise errors.OpPrereqError("Number of vCPUs [%d] does not match the"
+                                   " CPU mask [%s]" %
+                                   (self.be_proposed[constants.BE_VCPUS],
+                                    self.hv_proposed[constants.HV_CPU_MASK]),
+                                   errors.ECODE_INVAL)
+
+      # Only perform this test if a new CPU mask is given
+      if constants.HV_CPU_MASK in self.hv_new:
+        # Calculate the largest CPU number requested
+        max_requested_cpu = max(map(max, cpu_list))
+        # Check that all of the instance's nodes have enough physical CPUs to
+        # satisfy the requested CPU mask
+        _CheckNodesPhysicalCPUs(self, instance.all_nodes,
+                                max_requested_cpu + 1, instance.hypervisor)
+
      # osparams processing
      if self.op.osparams:
        i_osdict = _GetUpdatedParams(instance.osparams, self.op.osparams)
      # osparams processing
      if self.op.osparams:
        i_osdict = _GetUpdatedParams(instance.osparams, self.op.osparams)
@@ -9443,8 +13245,9 @@ class LUInstanceSetParams(LogicalUnit):
  
      self.warn = []
  
  
      self.warn = []
  
-    if (constants.BE_MEMORY in self.op.beparams and not self.op.force and
-        be_new[constants.BE_MEMORY] > be_old[constants.BE_MEMORY]):
+    #TODO(dynmem): do the appropriate check involving MINMEM
+    if (constants.BE_MAXMEM in self.op.beparams and not self.op.force and
+        be_new[constants.BE_MAXMEM] > be_old[constants.BE_MAXMEM]):
        mem_check_list = [pnode]
        if be_new[constants.BE_AUTO_BALANCE]:
          # either we changed auto_balance to yes or it was from before
        mem_check_list = [pnode]
        if be_new[constants.BE_AUTO_BALANCE]:
          # either we changed auto_balance to yes or it was from before
@@ -9452,34 +13255,38 @@ class LUInstanceSetParams(LogicalUnit):
        instance_info = self.rpc.call_instance_info(pnode, instance.name,
                                                    instance.hypervisor)
        nodeinfo = self.rpc.call_node_info(mem_check_list, None,
        instance_info = self.rpc.call_instance_info(pnode, instance.name,
                                                    instance.hypervisor)
        nodeinfo = self.rpc.call_node_info(mem_check_list, None,
-                                         instance.hypervisor)
+                                         [instance.hypervisor])
        pninfo = nodeinfo[pnode]
        msg = pninfo.fail_msg
        if msg:
          # Assume the primary node is unreachable and go ahead
          self.warn.append("Can't get info from primary node %s: %s" %
        pninfo = nodeinfo[pnode]
        msg = pninfo.fail_msg
        if msg:
          # Assume the primary node is unreachable and go ahead
          self.warn.append("Can't get info from primary node %s: %s" %
-                         (pnode,  msg))
-      elif not isinstance(pninfo.payload.get('memory_free', None), int):
-        self.warn.append("Node data from primary node %s doesn't contain"
-                         " free memory information" % pnode)
-      elif instance_info.fail_msg:
-        self.warn.append("Can't get instance runtime information: %s" %
-                        instance_info.fail_msg)
+                         (pnode, msg))
        else:
        else:
-        if instance_info.payload:
-          current_mem = int(instance_info.payload['memory'])
+        (_, _, (pnhvinfo, )) = pninfo.payload
+        if not isinstance(pnhvinfo.get("memory_free", None), int):
+          self.warn.append("Node data from primary node %s doesn't contain"
+                           " free memory information" % pnode)
+        elif instance_info.fail_msg:
+          self.warn.append("Can't get instance runtime information: %s" %
+                           instance_info.fail_msg)
          else:
          else:
-          # Assume instance not running
-          # (there is a slight race condition here, but it's not very probable,
-          # and we have no other way to check)
-          current_mem = 0
-        miss_mem = (be_new[constants.BE_MEMORY] - current_mem -
-                    pninfo.payload['memory_free'])
-        if miss_mem > 0:
-          raise errors.OpPrereqError("This change will prevent the instance"
-                                     " from starting, due to %d MB of memory"
-                                     " missing on its primary node" % miss_mem,
-                                     errors.ECODE_NORES)
+          if instance_info.payload:
+            current_mem = int(instance_info.payload["memory"])
+          else:
+            # Assume instance not running
+            # (there is a slight race condition here, but it's not very
+            # probable, and we have no other way to check)
+            # TODO: Describe race condition
+            current_mem = 0
+          #TODO(dynmem): do the appropriate check involving MINMEM
+          miss_mem = (be_new[constants.BE_MAXMEM] - current_mem -
+                      pnhvinfo["memory_free"])
+          if miss_mem > 0:
+            raise errors.OpPrereqError("This change will prevent the instance"
+                                       " from starting, due to %d MB of memory"
+                                       " missing on its primary node" %
+                                       miss_mem, errors.ECODE_NORES)
  
        if be_new[constants.BE_AUTO_BALANCE]:
          for node, nres in nodeinfo.items():
  
        if be_new[constants.BE_AUTO_BALANCE]:
          for node, nres in nodeinfo.items():
@@ -9487,118 +13294,134 @@ class LUInstanceSetParams(LogicalUnit):
              continue
            nres.Raise("Can't get info from secondary node %s" % node,
                       prereq=True, ecode=errors.ECODE_STATE)
              continue
            nres.Raise("Can't get info from secondary node %s" % node,
                       prereq=True, ecode=errors.ECODE_STATE)
-          if not isinstance(nres.payload.get('memory_free', None), int):
+          (_, _, (nhvinfo, )) = nres.payload
+          if not isinstance(nhvinfo.get("memory_free", None), int):
              raise errors.OpPrereqError("Secondary node %s didn't return free"
                                         " memory information" % node,
                                         errors.ECODE_STATE)
              raise errors.OpPrereqError("Secondary node %s didn't return free"
                                         " memory information" % node,
                                         errors.ECODE_STATE)
-          elif be_new[constants.BE_MEMORY] > nres.payload['memory_free']:
+          #TODO(dynmem): do the appropriate check involving MINMEM
+          elif be_new[constants.BE_MAXMEM] > nhvinfo["memory_free"]:
              raise errors.OpPrereqError("This change will prevent the instance"
                                         " from failover to its secondary node"
                                         " %s, due to not enough memory" % node,
                                         errors.ECODE_STATE)
  
              raise errors.OpPrereqError("This change will prevent the instance"
                                         " from failover to its secondary node"
                                         " %s, due to not enough memory" % node,
                                         errors.ECODE_STATE)
  
-    # NIC processing
-    self.nic_pnew = {}
-    self.nic_pinst = {}
-    for nic_op, nic_dict in self.op.nics:
-      if nic_op == constants.DDM_REMOVE:
-        if not instance.nics:
-          raise errors.OpPrereqError("Instance has no NICs, cannot remove",
-                                     errors.ECODE_INVAL)
-        continue
-      if nic_op != constants.DDM_ADD:
-        # an existing nic
-        if not instance.nics:
-          raise errors.OpPrereqError("Invalid NIC index %s, instance has"
-                                     " no NICs" % nic_op,
-                                     errors.ECODE_INVAL)
-        if nic_op < 0 or nic_op >= len(instance.nics):
-          raise errors.OpPrereqError("Invalid NIC index %s, valid values"
-                                     " are 0 to %d" %
-                                     (nic_op, len(instance.nics) - 1),
-                                     errors.ECODE_INVAL)
-        old_nic_params = instance.nics[nic_op].nicparams
-        old_nic_ip = instance.nics[nic_op].ip
-      else:
-        old_nic_params = {}
-        old_nic_ip = None
-
-      update_params_dict = dict([(key, nic_dict[key])
-                                 for key in constants.NICS_PARAMETERS
-                                 if key in nic_dict])
-
-      if 'bridge' in nic_dict:
-        update_params_dict[constants.NIC_LINK] = nic_dict['bridge']
-
-      new_nic_params = _GetUpdatedParams(old_nic_params,
-                                         update_params_dict)
-      utils.ForceDictType(new_nic_params, constants.NICS_PARAMETER_TYPES)
-      new_filled_nic_params = cluster.SimpleFillNIC(new_nic_params)
-      objects.NIC.CheckParameterSyntax(new_filled_nic_params)
-      self.nic_pinst[nic_op] = new_nic_params
-      self.nic_pnew[nic_op] = new_filled_nic_params
-      new_nic_mode = new_filled_nic_params[constants.NIC_MODE]
-
-      if new_nic_mode == constants.NIC_MODE_BRIDGED:
-        nic_bridge = new_filled_nic_params[constants.NIC_LINK]
-        msg = self.rpc.call_bridges_exist(pnode, [nic_bridge]).fail_msg
-        if msg:
-          msg = "Error checking bridges on node %s: %s" % (pnode, msg)
-          if self.op.force:
-            self.warn.append(msg)
-          else:
-            raise errors.OpPrereqError(msg, errors.ECODE_ENVIRON)
-      if new_nic_mode == constants.NIC_MODE_ROUTED:
-        if 'ip' in nic_dict:
-          nic_ip = nic_dict['ip']
-        else:
-          nic_ip = old_nic_ip
-        if nic_ip is None:
-          raise errors.OpPrereqError('Cannot set the nic ip to None'
-                                     ' on a routed nic', errors.ECODE_INVAL)
-      if 'mac' in nic_dict:
-        nic_mac = nic_dict['mac']
-        if nic_mac is None:
-          raise errors.OpPrereqError('Cannot set the nic mac to None',
-                                     errors.ECODE_INVAL)
-        elif nic_mac in (constants.VALUE_AUTO, constants.VALUE_GENERATE):
-          # otherwise generate the mac
-          nic_dict['mac'] = self.cfg.GenerateMAC(self.proc.GetECId())
-        else:
-          # or validate/reserve the current one
-          try:
-            self.cfg.ReserveMAC(nic_mac, self.proc.GetECId())
-          except errors.ReservationError:
-            raise errors.OpPrereqError("MAC address %s already in use"
-                                       " in cluster" % nic_mac,
-                                       errors.ECODE_NOTUNIQUE)
+    if self.op.runtime_mem:
+      remote_info = self.rpc.call_instance_info(instance.primary_node,
+                                                instance.name,
+                                                instance.hypervisor)
+      remote_info.Raise("Error checking node %s" % instance.primary_node)
+      if not remote_info.payload: # not running already
+        raise errors.OpPrereqError("Instance %s is not running" %
+                                   instance.name, errors.ECODE_STATE)
+
+      current_memory = remote_info.payload["memory"]
+      if (not self.op.force and
+           (self.op.runtime_mem > self.be_proposed[constants.BE_MAXMEM] or
+            self.op.runtime_mem < self.be_proposed[constants.BE_MINMEM])):
+        raise errors.OpPrereqError("Instance %s must have memory between %d"
+                                   " and %d MB of memory unless --force is"
+                                   " given" %
+                                   (instance.name,
+                                    self.be_proposed[constants.BE_MINMEM],
+                                    self.be_proposed[constants.BE_MAXMEM]),
+                                   errors.ECODE_INVAL)
+
+      delta = self.op.runtime_mem - current_memory
+      if delta > 0:
+        _CheckNodeFreeMemory(self, instance.primary_node,
+                             "ballooning memory for instance %s" %
+                             instance.name, delta, instance.hypervisor)
  
  
-    # DISK processing
      if self.op.disks and instance.disk_template == constants.DT_DISKLESS:
        raise errors.OpPrereqError("Disk operations not supported for"
      if self.op.disks and instance.disk_template == constants.DT_DISKLESS:
        raise errors.OpPrereqError("Disk operations not supported for"
-                                 " diskless instances",
-                                 errors.ECODE_INVAL)
-    for disk_op, _ in self.op.disks:
-      if disk_op == constants.DDM_REMOVE:
-        if len(instance.disks) == 1:
-          raise errors.OpPrereqError("Cannot remove the last disk of"
-                                     " an instance", errors.ECODE_INVAL)
-        _CheckInstanceDown(self, instance, "cannot remove disks")
-
-      if (disk_op == constants.DDM_ADD and
-          len(instance.disks) >= constants.MAX_DISKS):
-        raise errors.OpPrereqError("Instance has too many disks (%d), cannot"
-                                   " add more" % constants.MAX_DISKS,
-                                   errors.ECODE_STATE)
-      if disk_op not in (constants.DDM_ADD, constants.DDM_REMOVE):
-        # an existing disk
-        if disk_op < 0 or disk_op >= len(instance.disks):
-          raise errors.OpPrereqError("Invalid disk index %s, valid values"
-                                     " are 0 to %d" %
-                                     (disk_op, len(instance.disks)),
-                                     errors.ECODE_INVAL)
+                                 " diskless instances", errors.ECODE_INVAL)
  
  
-    return
+    def _PrepareNicCreate(_, params, private):
+      self._PrepareNicModification(params, private, None, None,
+                                   {}, cluster, pnode)
+      return (None, None)
+
+    def _PrepareNicMod(_, nic, params, private):
+      self._PrepareNicModification(params, private, nic.ip, nic.network,
+                                   nic.nicparams, cluster, pnode)
+      return None
+
+    def _PrepareNicRemove(_, params, __):
+      ip = params.ip
+      net = params.network
+      if net is not None and ip is not None:
+        self.cfg.ReleaseIp(net, ip, self.proc.GetECId())
+
+    # Verify NIC changes (operating on copy)
+    nics = instance.nics[:]
+    ApplyContainerMods("NIC", nics, None, self.nicmod,
+                       _PrepareNicCreate, _PrepareNicMod, _PrepareNicRemove)
+    if len(nics) > constants.MAX_NICS:
+      raise errors.OpPrereqError("Instance has too many network interfaces"
+                                 " (%d), cannot add more" % constants.MAX_NICS,
+                                 errors.ECODE_STATE)
+
+    # Verify disk changes (operating on a copy)
+    disks = instance.disks[:]
+    ApplyContainerMods("disk", disks, None, self.diskmod, None, None, None)
+    if len(disks) > constants.MAX_DISKS:
+      raise errors.OpPrereqError("Instance has too many disks (%d), cannot add"
+                                 " more" % constants.MAX_DISKS,
+                                 errors.ECODE_STATE)
+    disk_sizes = [disk.size for disk in instance.disks]
+    disk_sizes.extend(params["size"] for (op, idx, params, private) in
+                      self.diskmod if op == constants.DDM_ADD)
+    ispec[constants.ISPEC_DISK_COUNT] = len(disk_sizes)
+    ispec[constants.ISPEC_DISK_SIZE] = disk_sizes
+
+    if self.op.offline is not None:
+      if self.op.offline:
+        msg = "can't change to offline"
+      else:
+        msg = "can't change to online"
+      _CheckInstanceState(self, instance, CAN_CHANGE_INSTANCE_OFFLINE, msg=msg)
+
+    # Pre-compute NIC changes (necessary to use result in hooks)
+    self._nic_chgdesc = []
+    if self.nicmod:
+      # Operate on copies as this is still in prereq
+      nics = [nic.Copy() for nic in instance.nics]
+      ApplyContainerMods("NIC", nics, self._nic_chgdesc, self.nicmod,
+                         self._CreateNewNic, self._ApplyNicMods, None)
+      self._new_nics = nics
+      ispec[constants.ISPEC_NIC_COUNT] = len(self._new_nics)
+    else:
+      self._new_nics = None
+      ispec[constants.ISPEC_NIC_COUNT] = len(instance.nics)
+
+    if not self.op.ignore_ipolicy:
+      ipolicy = ganeti.masterd.instance.CalculateGroupIPolicy(cluster,
+                                                              group_info)
+
+      # Fill ispec with backend parameters
+      ispec[constants.ISPEC_SPINDLE_USE] = \
+        self.be_new.get(constants.BE_SPINDLE_USE, None)
+      ispec[constants.ISPEC_CPU_COUNT] = self.be_new.get(constants.BE_VCPUS,
+                                                         None)
+
+      # Copy ispec to verify parameters with min/max values separately
+      ispec_max = ispec.copy()
+      ispec_max[constants.ISPEC_MEM_SIZE] = \
+        self.be_new.get(constants.BE_MAXMEM, None)
+      res_max = _ComputeIPolicyInstanceSpecViolation(ipolicy, ispec_max)
+      ispec_min = ispec.copy()
+      ispec_min[constants.ISPEC_MEM_SIZE] = \
+        self.be_new.get(constants.BE_MINMEM, None)
+      res_min = _ComputeIPolicyInstanceSpecViolation(ipolicy, ispec_min)
+
+      if (res_max or res_min):
+        # FIXME: Improve error message by including information about whether
+        # the upper or lower limit of the parameter fails the ipolicy.
+        msg = ("Instance allocation to group %s (%s) violates policy: %s" %
+               (group_info, group_info.name,
+                utils.CommaJoin(set(res_max + res_min))))
+        raise errors.OpPrereqError(msg, errors.ECODE_INVAL)
  
    def _ConvertPlainToDrbd(self, feedback_fn):
      """Converts an instance from plain to drbd.
  
    def _ConvertPlainToDrbd(self, feedback_fn):
      """Converts an instance from plain to drbd.
@@ -9609,16 +13432,22 @@ class LUInstanceSetParams(LogicalUnit):
      pnode = instance.primary_node
      snode = self.op.remote_node
  
      pnode = instance.primary_node
      snode = self.op.remote_node
  
+    assert instance.disk_template == constants.DT_PLAIN
+
      # create a fake disk info for _GenerateDiskTemplate
      # create a fake disk info for _GenerateDiskTemplate
-    disk_info = [{"size": d.size, "mode": d.mode,
-                  "vg": d.logical_id[0]} for d in instance.disks]
+    disk_info = [{constants.IDISK_SIZE: d.size, constants.IDISK_MODE: d.mode,
+                  constants.IDISK_VG: d.logical_id[0]}
+                 for d in instance.disks]
      new_disks = _GenerateDiskTemplate(self, self.op.disk_template,
                                        instance.name, pnode, [snode],
      new_disks = _GenerateDiskTemplate(self, self.op.disk_template,
                                        instance.name, pnode, [snode],
-                                      disk_info, None, None, 0, feedback_fn)
+                                      disk_info, None, None, 0, feedback_fn,
+                                      self.diskparams)
+    anno_disks = rpc.AnnotateDiskParams(constants.DT_DRBD8, new_disks,
+                                        self.diskparams)
      info = _GetInstanceInfoText(instance)
      info = _GetInstanceInfoText(instance)
-    feedback_fn("Creating aditional volumes...")
+    feedback_fn("Creating additional volumes...")
      # first, create the missing data and meta devices
      # first, create the missing data and meta devices
-    for disk in new_disks:
+    for disk in anno_disks:
        # unfortunately this is... not too nice
        _CreateSingleBlockDev(self, pnode, instance, disk.children[1],
                              info, True)
        # unfortunately this is... not too nice
        _CreateSingleBlockDev(self, pnode, instance, disk.children[1],
                              info, True)
@@ -9634,7 +13463,7 @@ class LUInstanceSetParams(LogicalUnit):
  
      feedback_fn("Initializing DRBD devices...")
      # all child devices are in place, we can now create the DRBD devices
  
      feedback_fn("Initializing DRBD devices...")
      # all child devices are in place, we can now create the DRBD devices
-    for disk in new_disks:
+    for disk in anno_disks:
        for node in [pnode, snode]:
          f_create = node == pnode
          _CreateSingleBlockDev(self, node, instance, disk, info, f_create)
        for node in [pnode, snode]:
          f_create = node == pnode
          _CreateSingleBlockDev(self, node, instance, disk, info, f_create)
@@ -9644,6 +13473,9 @@ class LUInstanceSetParams(LogicalUnit):
      instance.disks = new_disks
      self.cfg.Update(instance, feedback_fn)
  
      instance.disks = new_disks
      self.cfg.Update(instance, feedback_fn)
  
+    # Release node locks while waiting for sync
+    _ReleaseLocks(self, locking.LEVEL_NODE)
+
      # disks are created, waiting for sync
      disk_abort = not _WaitForSync(self, instance,
                                    oneshot=not self.op.wait_for_sync)
      # disks are created, waiting for sync
      disk_abort = not _WaitForSync(self, instance,
                                    oneshot=not self.op.wait_for_sync)
@@ -9651,18 +13483,23 @@ class LUInstanceSetParams(LogicalUnit):
        raise errors.OpExecError("There are some degraded disks for"
                                 " this instance, please cleanup manually")
  
        raise errors.OpExecError("There are some degraded disks for"
                                 " this instance, please cleanup manually")
  
+    # Node resource locks will be released by caller
+
    def _ConvertDrbdToPlain(self, feedback_fn):
      """Converts an instance from drbd to plain.
  
      """
      instance = self.instance
    def _ConvertDrbdToPlain(self, feedback_fn):
      """Converts an instance from drbd to plain.
  
      """
      instance = self.instance
+
      assert len(instance.secondary_nodes) == 1
      assert len(instance.secondary_nodes) == 1
+    assert instance.disk_template == constants.DT_DRBD8
+
      pnode = instance.primary_node
      snode = instance.secondary_nodes[0]
      feedback_fn("Converting template to plain")
  
      pnode = instance.primary_node
      snode = instance.secondary_nodes[0]
      feedback_fn("Converting template to plain")
  
-    old_disks = instance.disks
-    new_disks = [d.children[0] for d in old_disks]
+    old_disks = _AnnotateDiskParams(instance, instance.disks, self.cfg)
+    new_disks = [d.children[0] for d in instance.disks]
  
      # copy over size and mode
      for parent, child in zip(old_disks, new_disks):
  
      # copy over size and mode
      for parent, child in zip(old_disks, new_disks):
@@ -9680,6 +13517,9 @@ class LUInstanceSetParams(LogicalUnit):
      instance.disk_template = constants.DT_PLAIN
      self.cfg.Update(instance, feedback_fn)
  
      instance.disk_template = constants.DT_PLAIN
      self.cfg.Update(instance, feedback_fn)
  
+    # Release locks in case removing disks takes a while
+    _ReleaseLocks(self, locking.LEVEL_NODE)
+
      feedback_fn("Removing volumes on the secondary node...")
      for disk in old_disks:
        self.cfg.SetDiskID(disk, snode)
      feedback_fn("Removing volumes on the secondary node...")
      for disk in old_disks:
        self.cfg.SetDiskID(disk, snode)
@@ -9697,6 +13537,108 @@ class LUInstanceSetParams(LogicalUnit):
          self.LogWarning("Could not remove metadata for disk %d on node %s,"
                          " continuing anyway: %s", idx, pnode, msg)
  
          self.LogWarning("Could not remove metadata for disk %d on node %s,"
                          " continuing anyway: %s", idx, pnode, msg)
  
+  def _CreateNewDisk(self, idx, params, _):
+    """Creates a new disk.
+
+    """
+    instance = self.instance
+
+    # add a new disk
+    if instance.disk_template in constants.DTS_FILEBASED:
+      (file_driver, file_path) = instance.disks[0].logical_id
+      file_path = os.path.dirname(file_path)
+    else:
+      file_driver = file_path = None
+
+    disk = \
+      _GenerateDiskTemplate(self, instance.disk_template, instance.name,
+                            instance.primary_node, instance.secondary_nodes,
+                            [params], file_path, file_driver, idx,
+                            self.Log, self.diskparams)[0]
+
+    info = _GetInstanceInfoText(instance)
+
+    logging.info("Creating volume %s for instance %s",
+                 disk.iv_name, instance.name)
+    # Note: this needs to be kept in sync with _CreateDisks
+    #HARDCODE
+    for node in instance.all_nodes:
+      f_create = (node == instance.primary_node)
+      try:
+        _CreateBlockDev(self, node, instance, disk, f_create, info, f_create)
+      except errors.OpExecError, err:
+        self.LogWarning("Failed to create volume %s (%s) on node '%s': %s",
+                        disk.iv_name, disk, node, err)
+
+    return (disk, [
+      ("disk/%d" % idx, "add:size=%s,mode=%s" % (disk.size, disk.mode)),
+      ])
+
+  @staticmethod
+  def _ModifyDisk(idx, disk, params, _):
+    """Modifies a disk.
+
+    """
+    disk.mode = params[constants.IDISK_MODE]
+
+    return [
+      ("disk.mode/%d" % idx, disk.mode),
+      ]
+
+  def _RemoveDisk(self, idx, root, _):
+    """Removes a disk.
+
+    """
+    (anno_disk,) = _AnnotateDiskParams(self.instance, [root], self.cfg)
+    for node, disk in anno_disk.ComputeNodeTree(self.instance.primary_node):
+      self.cfg.SetDiskID(disk, node)
+      msg = self.rpc.call_blockdev_remove(node, disk).fail_msg
+      if msg:
+        self.LogWarning("Could not remove disk/%d on node '%s': %s,"
+                        " continuing anyway", idx, node, msg)
+
+    # if this is a DRBD disk, return its port to the pool
+    if root.dev_type in constants.LDS_DRBD:
+      self.cfg.AddTcpUdpPort(root.logical_id[2])
+
+  @staticmethod
+  def _CreateNewNic(idx, params, private):
+    """Creates data structure for a new network interface.
+
+    """
+    mac = params[constants.INIC_MAC]
+    ip = params.get(constants.INIC_IP, None)
+    net = params.get(constants.INIC_NETWORK, None)
+    #TODO: not private.filled?? can a nic have no nicparams??
+    nicparams = private.filled
+
+    return (objects.NIC(mac=mac, ip=ip, network=net, nicparams=nicparams), [
+      ("nic.%d" % idx,
+       "add:mac=%s,ip=%s,mode=%s,link=%s,network=%s" %
+       (mac, ip, private.filled[constants.NIC_MODE],
+       private.filled[constants.NIC_LINK],
+       net)),
+      ])
+
+  @staticmethod
+  def _ApplyNicMods(idx, nic, params, private):
+    """Modifies a network interface.
+
+    """
+    changes = []
+
+    for key in [constants.INIC_MAC, constants.INIC_IP, constants.INIC_NETWORK]:
+      if key in params:
+        changes.append(("nic.%s/%d" % (key, idx), params[key]))
+        setattr(nic, key, params[key])
+
+    if private.filled:
+      nic.nicparams = private.filled
+
+      for (key, val) in nic.nicparams.items():
+        changes.append(("nic.%s/%d" % (key, idx), val))
+
+    return changes
  
    def Exec(self, feedback_fn):
      """Modifies an instance.
  
    def Exec(self, feedback_fn):
      """Modifies an instance.
@@ -9706,69 +13648,41 @@ class LUInstanceSetParams(LogicalUnit):
      """
      # Process here the warnings from CheckPrereq, as we don't have a
      # feedback_fn there.
      """
      # Process here the warnings from CheckPrereq, as we don't have a
      # feedback_fn there.
+    # TODO: Replace with self.LogWarning
      for warn in self.warn:
        feedback_fn("WARNING: %s" % warn)
  
      for warn in self.warn:
        feedback_fn("WARNING: %s" % warn)
  
+    assert ((self.op.disk_template is None) ^
+            bool(self.owned_locks(locking.LEVEL_NODE_RES))), \
+      "Not owning any node resource locks"
+
      result = []
      instance = self.instance
      result = []
      instance = self.instance
-    # disk changes
-    for disk_op, disk_dict in self.op.disks:
-      if disk_op == constants.DDM_REMOVE:
-        # remove the last disk
-        device = instance.disks.pop()
-        device_idx = len(instance.disks)
-        for node, disk in device.ComputeNodeTree(instance.primary_node):
-          self.cfg.SetDiskID(disk, node)
-          msg = self.rpc.call_blockdev_remove(node, disk).fail_msg
-          if msg:
-            self.LogWarning("Could not remove disk/%d on node %s: %s,"
-                            " continuing anyway", device_idx, node, msg)
-        result.append(("disk/%d" % device_idx, "remove"))
-
-        # if this is a DRBD disk, return its port to the pool
-        if device.dev_type in constants.LDS_DRBD:
-          tcp_port = device.logical_id[2]
-          self.cfg.AddTcpUdpPort(tcp_port)
-      elif disk_op == constants.DDM_ADD:
-        # add a new disk
-        if instance.disk_template == constants.DT_FILE:
-          file_driver, file_path = instance.disks[0].logical_id
-          file_path = os.path.dirname(file_path)
-        else:
-          file_driver = file_path = None
-        disk_idx_base = len(instance.disks)
-        new_disk = _GenerateDiskTemplate(self,
-                                         instance.disk_template,
-                                         instance.name, instance.primary_node,
-                                         instance.secondary_nodes,
-                                         [disk_dict],
-                                         file_path,
-                                         file_driver,
-                                         disk_idx_base, feedback_fn)[0]
-        instance.disks.append(new_disk)
-        info = _GetInstanceInfoText(instance)
-
-        logging.info("Creating volume %s for instance %s",
-                     new_disk.iv_name, instance.name)
-        # Note: this needs to be kept in sync with _CreateDisks
-        #HARDCODE
-        for node in instance.all_nodes:
-          f_create = node == instance.primary_node
-          try:
-            _CreateBlockDev(self, node, instance, new_disk,
-                            f_create, info, f_create)
-          except errors.OpExecError, err:
-            self.LogWarning("Failed to create volume %s (%s) on"
-                            " node %s: %s",
-                            new_disk.iv_name, new_disk, node, err)
-        result.append(("disk/%d" % disk_idx_base, "add:size=%s,mode=%s" %
-                       (new_disk.size, new_disk.mode)))
-      else:
-        # change a given disk
-        instance.disks[disk_op].mode = disk_dict['mode']
-        result.append(("disk.mode/%d" % disk_op, disk_dict['mode']))
+
+    # runtime memory
+    if self.op.runtime_mem:
+      rpcres = self.rpc.call_instance_balloon_memory(instance.primary_node,
+                                                     instance,
+                                                     self.op.runtime_mem)
+      rpcres.Raise("Cannot modify instance runtime memory")
+      result.append(("runtime_memory", self.op.runtime_mem))
+
+    # Apply disk changes
+    ApplyContainerMods("disk", instance.disks, result, self.diskmod,
+                       self._CreateNewDisk, self._ModifyDisk, self._RemoveDisk)
+    _UpdateIvNames(0, instance.disks)
  
      if self.op.disk_template:
  
      if self.op.disk_template:
+      if __debug__:
+        check_nodes = set(instance.all_nodes)
+        if self.op.remote_node:
+          check_nodes.add(self.op.remote_node)
+        for level in [locking.LEVEL_NODE, locking.LEVEL_NODE_RES]:
+          owned = self.owned_locks(level)
+          assert not (check_nodes - owned), \
+            ("Not owning the correct locks, owning %r, expected at least %r" %
+             (owned, check_nodes))
+
        r_shut = _ShutdownInstanceDisks(self, instance)
        if not r_shut:
          raise errors.OpExecError("Cannot shutdown instance disks, unable to"
        r_shut = _ShutdownInstanceDisks(self, instance)
        if not r_shut:
          raise errors.OpExecError("Cannot shutdown instance disks, unable to"
@@ -9781,33 +13695,19 @@ class LUInstanceSetParams(LogicalUnit):
          raise
        result.append(("disk_template", self.op.disk_template))
  
          raise
        result.append(("disk_template", self.op.disk_template))
  
-    # NIC changes
-    for nic_op, nic_dict in self.op.nics:
-      if nic_op == constants.DDM_REMOVE:
-        # remove the last nic
-        del instance.nics[-1]
-        result.append(("nic.%d" % len(instance.nics), "remove"))
-      elif nic_op == constants.DDM_ADD:
-        # mac and bridge should be set, by now
-        mac = nic_dict['mac']
-        ip = nic_dict.get('ip', None)
-        nicparams = self.nic_pinst[constants.DDM_ADD]
-        new_nic = objects.NIC(mac=mac, ip=ip, nicparams=nicparams)
-        instance.nics.append(new_nic)
-        result.append(("nic.%d" % (len(instance.nics) - 1),
-                       "add:mac=%s,ip=%s,mode=%s,link=%s" %
-                       (new_nic.mac, new_nic.ip,
-                        self.nic_pnew[constants.DDM_ADD][constants.NIC_MODE],
-                        self.nic_pnew[constants.DDM_ADD][constants.NIC_LINK]
-                       )))
-      else:
-        for key in 'mac', 'ip':
-          if key in nic_dict:
-            setattr(instance.nics[nic_op], key, nic_dict[key])
-        if nic_op in self.nic_pinst:
-          instance.nics[nic_op].nicparams = self.nic_pinst[nic_op]
-        for key, val in nic_dict.iteritems():
-          result.append(("nic.%s/%d" % (key, nic_op), val))
+      assert instance.disk_template == self.op.disk_template, \
+        ("Expected disk template '%s', found '%s'" %
+         (self.op.disk_template, instance.disk_template))
+
+    # Release node and resource locks if there are any (they might already have
+    # been released during disk conversion)
+    _ReleaseLocks(self, locking.LEVEL_NODE)
+    _ReleaseLocks(self, locking.LEVEL_NODE_RES)
+
+    # Apply NIC changes
+    if self._new_nics is not None:
+      instance.nics = self._new_nics
+      result.extend(self._nic_chgdesc)
  
      # hvparams changes
      if self.op.hvparams:
  
      # hvparams changes
      if self.op.hvparams:
@@ -9831,7 +13731,23 @@ class LUInstanceSetParams(LogicalUnit):
        for key, val in self.op.osparams.iteritems():
          result.append(("os/%s" % key, val))
  
        for key, val in self.op.osparams.iteritems():
          result.append(("os/%s" % key, val))
  
-    self.cfg.Update(instance, feedback_fn)
+    if self.op.offline is None:
+      # Ignore
+      pass
+    elif self.op.offline:
+      # Mark instance as offline
+      self.cfg.MarkInstanceOffline(instance.name)
+      result.append(("admin_state", constants.ADMINST_OFFLINE))
+    else:
+      # Mark instance as online, but stopped
+      self.cfg.MarkInstanceDown(instance.name)
+      result.append(("admin_state", constants.ADMINST_DOWN))
+
+    self.cfg.Update(instance, feedback_fn, self.proc.GetECId())
+
+    assert not (self.owned_locks(locking.LEVEL_NODE_RES) or
+                self.owned_locks(locking.LEVEL_NODE)), \
+      "All node locks should have been released by now"
  
      return result
  
  
      return result
  
@@ -9841,38 +13757,223 @@ class LUInstanceSetParams(LogicalUnit):
      }
  
  
      }
  
  
+class LUInstanceChangeGroup(LogicalUnit):
+  HPATH = "instance-change-group"
+  HTYPE = constants.HTYPE_INSTANCE
+  REQ_BGL = False
+
+  def ExpandNames(self):
+    self.share_locks = _ShareAll()
+
+    self.needed_locks = {
+      locking.LEVEL_NODEGROUP: [],
+      locking.LEVEL_NODE: [],
+      locking.LEVEL_NODE_ALLOC: locking.ALL_SET,
+      }
+
+    self._ExpandAndLockInstance()
+
+    if self.op.target_groups:
+      self.req_target_uuids = map(self.cfg.LookupNodeGroup,
+                                  self.op.target_groups)
+    else:
+      self.req_target_uuids = None
+
+    self.op.iallocator = _GetDefaultIAllocator(self.cfg, self.op.iallocator)
+
+  def DeclareLocks(self, level):
+    if level == locking.LEVEL_NODEGROUP:
+      assert not self.needed_locks[locking.LEVEL_NODEGROUP]
+
+      if self.req_target_uuids:
+        lock_groups = set(self.req_target_uuids)
+
+        # Lock all groups used by instance optimistically; this requires going
+        # via the node before it's locked, requiring verification later on
+        instance_groups = self.cfg.GetInstanceNodeGroups(self.op.instance_name)
+        lock_groups.update(instance_groups)
+      else:
+        # No target groups, need to lock all of them
+        lock_groups = locking.ALL_SET
+
+      self.needed_locks[locking.LEVEL_NODEGROUP] = lock_groups
+
+    elif level == locking.LEVEL_NODE:
+      if self.req_target_uuids:
+        # Lock all nodes used by instances
+        self.recalculate_locks[locking.LEVEL_NODE] = constants.LOCKS_APPEND
+        self._LockInstancesNodes()
+
+        # Lock all nodes in all potential target groups
+        lock_groups = (frozenset(self.owned_locks(locking.LEVEL_NODEGROUP)) -
+                       self.cfg.GetInstanceNodeGroups(self.op.instance_name))
+        member_nodes = [node_name
+                        for group in lock_groups
+                        for node_name in self.cfg.GetNodeGroup(group).members]
+        self.needed_locks[locking.LEVEL_NODE].extend(member_nodes)
+      else:
+        # Lock all nodes as all groups are potential targets
+        self.needed_locks[locking.LEVEL_NODE] = locking.ALL_SET
+
+  def CheckPrereq(self):
+    owned_instances = frozenset(self.owned_locks(locking.LEVEL_INSTANCE))
+    owned_groups = frozenset(self.owned_locks(locking.LEVEL_NODEGROUP))
+    owned_nodes = frozenset(self.owned_locks(locking.LEVEL_NODE))
+
+    assert (self.req_target_uuids is None or
+            owned_groups.issuperset(self.req_target_uuids))
+    assert owned_instances == set([self.op.instance_name])
+
+    # Get instance information
+    self.instance = self.cfg.GetInstanceInfo(self.op.instance_name)
+
+    # Check if node groups for locked instance are still correct
+    assert owned_nodes.issuperset(self.instance.all_nodes), \
+      ("Instance %s's nodes changed while we kept the lock" %
+       self.op.instance_name)
+
+    inst_groups = _CheckInstanceNodeGroups(self.cfg, self.op.instance_name,
+                                           owned_groups)
+
+    if self.req_target_uuids:
+      # User requested specific target groups
+      self.target_uuids = frozenset(self.req_target_uuids)
+    else:
+      # All groups except those used by the instance are potential targets
+      self.target_uuids = owned_groups - inst_groups
+
+    conflicting_groups = self.target_uuids & inst_groups
+    if conflicting_groups:
+      raise errors.OpPrereqError("Can't use group(s) '%s' as targets, they are"
+                                 " used by the instance '%s'" %
+                                 (utils.CommaJoin(conflicting_groups),
+                                  self.op.instance_name),
+                                 errors.ECODE_INVAL)
+
+    if not self.target_uuids:
+      raise errors.OpPrereqError("There are no possible target groups",
+                                 errors.ECODE_INVAL)
+
+  def BuildHooksEnv(self):
+    """Build hooks env.
+
+    """
+    assert self.target_uuids
+
+    env = {
+      "TARGET_GROUPS": " ".join(self.target_uuids),
+      }
+
+    env.update(_BuildInstanceHookEnvByObject(self, self.instance))
+
+    return env
+
+  def BuildHooksNodes(self):
+    """Build hooks nodes.
+
+    """
+    mn = self.cfg.GetMasterNode()
+    return ([mn], [mn])
+
+  def Exec(self, feedback_fn):
+    instances = list(self.owned_locks(locking.LEVEL_INSTANCE))
+
+    assert instances == [self.op.instance_name], "Instance not locked"
+
+    req = iallocator.IAReqGroupChange(instances=instances,
+                                      target_groups=list(self.target_uuids))
+    ial = iallocator.IAllocator(self.cfg, self.rpc, req)
+
+    ial.Run(self.op.iallocator)
+
+    if not ial.success:
+      raise errors.OpPrereqError("Can't compute solution for changing group of"
+                                 " instance '%s' using iallocator '%s': %s" %
+                                 (self.op.instance_name, self.op.iallocator,
+                                  ial.info), errors.ECODE_NORES)
+
+    jobs = _LoadNodeEvacResult(self, ial.result, self.op.early_release, False)
+
+    self.LogInfo("Iallocator returned %s job(s) for changing group of"
+                 " instance '%s'", len(jobs), self.op.instance_name)
+
+    return ResultWithJobs(jobs)
+
+
  class LUBackupQuery(NoHooksLU):
    """Query the exports list
  
    """
    REQ_BGL = False
  
  class LUBackupQuery(NoHooksLU):
    """Query the exports list
  
    """
    REQ_BGL = False
  
+  def CheckArguments(self):
+    self.expq = _ExportQuery(qlang.MakeSimpleFilter("node", self.op.nodes),
+                             ["node", "export"], self.op.use_locking)
+
    def ExpandNames(self):
    def ExpandNames(self):
-    self.needed_locks = {}
-    self.share_locks[locking.LEVEL_NODE] = 1
-    if not self.op.nodes:
-      self.needed_locks[locking.LEVEL_NODE] = locking.ALL_SET
-    else:
-      self.needed_locks[locking.LEVEL_NODE] = \
-        _GetWantedNodes(self, self.op.nodes)
+    self.expq.ExpandNames(self)
+
+  def DeclareLocks(self, level):
+    self.expq.DeclareLocks(self, level)
  
    def Exec(self, feedback_fn):
  
    def Exec(self, feedback_fn):
-    """Compute the list of all the exported system images.
+    result = {}
  
  
-    @rtype: dict
-    @return: a dictionary with the structure node->(export-list)
-        where export-list is a list of the instances exported on
-        that node.
+    for (node, expname) in self.expq.OldStyleQuery(self):
+      if expname is None:
+        result[node] = False
+      else:
+        result.setdefault(node, []).append(expname)
+
+    return result
+
+
+class _ExportQuery(_QueryBase):
+  FIELDS = query.EXPORT_FIELDS
+
+  #: The node name is not a unique key for this query
+  SORT_FIELD = "node"
+
+  def ExpandNames(self, lu):
+    lu.needed_locks = {}
+
+    # The following variables interact with _QueryBase._GetNames
+    if self.names:
+      self.wanted = _GetWantedNodes(lu, self.names)
+    else:
+      self.wanted = locking.ALL_SET
+
+    self.do_locking = self.use_locking
+
+    if self.do_locking:
+      lu.share_locks = _ShareAll()
+      lu.needed_locks = {
+        locking.LEVEL_NODE: self.wanted,
+        }
+
+  def DeclareLocks(self, lu, level):
+    pass
+
+  def _GetQueryData(self, lu):
+    """Computes the list of nodes and their attributes.
  
      """
  
      """
-    self.nodes = self.acquired_locks[locking.LEVEL_NODE]
-    rpcresult = self.rpc.call_export_list(self.nodes)
-    result = {}
-    for node in rpcresult:
-      if rpcresult[node].fail_msg:
-        result[node] = False
+    # Locking is not used
+    # TODO
+    assert not (compat.any(lu.glm.is_owned(level)
+                           for level in locking.LEVELS
+                           if level != locking.LEVEL_CLUSTER) or
+                self.do_locking or self.use_locking)
+
+    nodes = self._GetNames(lu, lu.cfg.GetNodeList(), locking.LEVEL_NODE)
+
+    result = []
+
+    for (node, nres) in lu.rpc.call_export_list(nodes).items():
+      if nres.fail_msg:
+        result.append((node, None))
        else:
        else:
-        result[node] = rpcresult[node].payload
+        result.extend((node, expname) for expname in nres.payload)
  
      return result
  
  
      return result
  
@@ -9988,12 +14089,18 @@ class LUBackupExport(LogicalUnit):
  
      env.update(_BuildInstanceHookEnvByObject(self, self.instance))
  
  
      env.update(_BuildInstanceHookEnvByObject(self, self.instance))
  
+    return env
+
+  def BuildHooksNodes(self):
+    """Build hooks nodes.
+
+    """
      nl = [self.cfg.GetMasterNode(), self.instance.primary_node]
  
      if self.op.mode == constants.EXPORT_MODE_LOCAL:
        nl.append(self.op.target_node)
  
      nl = [self.cfg.GetMasterNode(), self.instance.primary_node]
  
      if self.op.mode == constants.EXPORT_MODE_LOCAL:
        nl.append(self.op.target_node)
  
-    return env, nl, nl
+    return (nl, nl)
  
    def CheckPrereq(self):
      """Check prerequisites.
  
    def CheckPrereq(self):
      """Check prerequisites.
@@ -10008,10 +14115,11 @@ class LUBackupExport(LogicalUnit):
            "Cannot retrieve locked instance %s" % self.op.instance_name
      _CheckNodeOnline(self, self.instance.primary_node)
  
            "Cannot retrieve locked instance %s" % self.op.instance_name
      _CheckNodeOnline(self, self.instance.primary_node)
  
-    if (self.op.remove_instance and self.instance.admin_up and
+    if (self.op.remove_instance and
+        self.instance.admin_state == constants.ADMINST_UP and
          not self.op.shutdown):
        raise errors.OpPrereqError("Can not remove instance without shutting it"
          not self.op.shutdown):
        raise errors.OpPrereqError("Can not remove instance without shutting it"
-                                 " down before")
+                                 " down before", errors.ECODE_STATE)
  
      if self.op.mode == constants.EXPORT_MODE_LOCAL:
        self.op.target_node = _ExpandNodeName(self.cfg, self.op.target_node)
  
      if self.op.mode == constants.EXPORT_MODE_LOCAL:
        self.op.target_node = _ExpandNodeName(self.cfg, self.op.target_node)
@@ -10041,7 +14149,8 @@ class LUBackupExport(LogicalUnit):
        try:
          (key_name, hmac_digest, hmac_salt) = self.x509_key_name
        except (TypeError, ValueError), err:
        try:
          (key_name, hmac_digest, hmac_salt) = self.x509_key_name
        except (TypeError, ValueError), err:
-        raise errors.OpPrereqError("Invalid data for X509 key name: %s" % err)
+        raise errors.OpPrereqError("Invalid data for X509 key name: %s" % err,
+                                   errors.ECODE_INVAL)
  
        if not utils.VerifySha1Hmac(cds, key_name, hmac_digest, salt=hmac_salt):
          raise errors.OpPrereqError("HMAC for X509 key name is wrong",
  
        if not utils.VerifySha1Hmac(cds, key_name, hmac_digest, salt=hmac_salt):
          raise errors.OpPrereqError("HMAC for X509 key name is wrong",
@@ -10138,7 +14247,7 @@ class LUBackupExport(LogicalUnit):
      for disk in instance.disks:
        self.cfg.SetDiskID(disk, src_node)
  
      for disk in instance.disks:
        self.cfg.SetDiskID(disk, src_node)
  
-    activate_disks = (not instance.admin_up)
+    activate_disks = (instance.admin_state != constants.ADMINST_UP)
  
      if activate_disks:
        # Activate the instance disks if we'exporting a stopped instance
  
      if activate_disks:
        # Activate the instance disks if we'exporting a stopped instance
@@ -10151,11 +14260,13 @@ class LUBackupExport(LogicalUnit):
  
        helper.CreateSnapshots()
        try:
  
        helper.CreateSnapshots()
        try:
-        if (self.op.shutdown and instance.admin_up and
+        if (self.op.shutdown and
+            instance.admin_state == constants.ADMINST_UP and
              not self.op.remove_instance):
            assert not activate_disks
            feedback_fn("Starting instance %s" % instance.name)
              not self.op.remove_instance):
            assert not activate_disks
            feedback_fn("Starting instance %s" % instance.name)
-          result = self.rpc.call_instance_start(src_node, instance, None, None)
+          result = self.rpc.call_instance_start(src_node,
+                                                (instance, None, None), False)
            msg = result.fail_msg
            if msg:
              feedback_fn("Failed to start instance: %s" % msg)
            msg = result.fail_msg
            if msg:
              feedback_fn("Failed to start instance: %s" % msg)
@@ -10223,11 +14334,19 @@ class LUBackupRemove(NoHooksLU):
    REQ_BGL = False
  
    def ExpandNames(self):
    REQ_BGL = False
  
    def ExpandNames(self):
-    self.needed_locks = {}
-    # We need all nodes to be locked in order for RemoveExport to work, but we
-    # don't need to lock the instance itself, as nothing will happen to it (and
-    # we can remove exports also for a removed instance)
-    self.needed_locks[locking.LEVEL_NODE] = locking.ALL_SET
+    self.needed_locks = {
+      # We need all nodes to be locked in order for RemoveExport to work, but
+      # we don't need to lock the instance itself, as nothing will happen to it
+      # (and we can remove exports also for a removed instance)
+      locking.LEVEL_NODE: locking.ALL_SET,
+
+      # Removing backups is quick, so blocking allocations is justified
+      locking.LEVEL_NODE_ALLOC: locking.ALL_SET,
+      }
+
+    # Allocations should be stopped while this LU runs with node locks, but it
+    # doesn't have to be exclusive
+    self.share_locks[locking.LEVEL_NODE_ALLOC] = 1
  
    def Exec(self, feedback_fn):
      """Remove any export.
  
    def Exec(self, feedback_fn):
      """Remove any export.
@@ -10241,7 +14360,7 @@ class LUBackupRemove(NoHooksLU):
        fqdn_warn = True
        instance_name = self.op.instance_name
  
        fqdn_warn = True
        instance_name = self.op.instance_name
  
-    locked_nodes = self.acquired_locks[locking.LEVEL_NODE]
+    locked_nodes = self.owned_locks(locking.LEVEL_NODE)
      exportlist = self.rpc.call_export_list(locked_nodes)
      found = False
      for node in exportlist:
      exportlist = self.rpc.call_export_list(locked_nodes)
      found = False
      for node in exportlist:
@@ -10299,15 +14418,53 @@ class LUGroupAdd(LogicalUnit):
      if self.op.ndparams:
        utils.ForceDictType(self.op.ndparams, constants.NDS_PARAMETER_TYPES)
  
      if self.op.ndparams:
        utils.ForceDictType(self.op.ndparams, constants.NDS_PARAMETER_TYPES)
  
+    if self.op.hv_state:
+      self.new_hv_state = _MergeAndVerifyHvState(self.op.hv_state, None)
+    else:
+      self.new_hv_state = None
+
+    if self.op.disk_state:
+      self.new_disk_state = _MergeAndVerifyDiskState(self.op.disk_state, None)
+    else:
+      self.new_disk_state = None
+
+    if self.op.diskparams:
+      for templ in constants.DISK_TEMPLATES:
+        if templ in self.op.diskparams:
+          utils.ForceDictType(self.op.diskparams[templ],
+                              constants.DISK_DT_TYPES)
+      self.new_diskparams = self.op.diskparams
+      try:
+        utils.VerifyDictOptions(self.new_diskparams, constants.DISK_DT_DEFAULTS)
+      except errors.OpPrereqError, err:
+        raise errors.OpPrereqError("While verify diskparams options: %s" % err,
+                                   errors.ECODE_INVAL)
+    else:
+      self.new_diskparams = {}
+
+    if self.op.ipolicy:
+      cluster = self.cfg.GetClusterInfo()
+      full_ipolicy = cluster.SimpleFillIPolicy(self.op.ipolicy)
+      try:
+        objects.InstancePolicy.CheckParameterSyntax(full_ipolicy, False)
+      except errors.ConfigurationError, err:
+        raise errors.OpPrereqError("Invalid instance policy: %s" % err,
+                                   errors.ECODE_INVAL)
+
    def BuildHooksEnv(self):
      """Build hooks env.
  
      """
    def BuildHooksEnv(self):
      """Build hooks env.
  
      """
-    env = {
+    return {
        "GROUP_NAME": self.op.group_name,
        }
        "GROUP_NAME": self.op.group_name,
        }
+
+  def BuildHooksNodes(self):
+    """Build hooks nodes.
+
+    """
      mn = self.cfg.GetMasterNode()
      mn = self.cfg.GetMasterNode()
-    return env, [mn], [mn]
+    return ([mn], [mn])
  
    def Exec(self, feedback_fn):
      """Add the node group to the cluster.
  
    def Exec(self, feedback_fn):
      """Add the node group to the cluster.
@@ -10316,7 +14473,11 @@ class LUGroupAdd(LogicalUnit):
      group_obj = objects.NodeGroup(name=self.op.group_name, members=[],
                                    uuid=self.group_uuid,
                                    alloc_policy=self.op.alloc_policy,
      group_obj = objects.NodeGroup(name=self.op.group_name, members=[],
                                    uuid=self.group_uuid,
                                    alloc_policy=self.op.alloc_policy,
-                                  ndparams=self.op.ndparams)
+                                  ndparams=self.op.ndparams,
+                                  diskparams=self.new_diskparams,
+                                  ipolicy=self.op.ipolicy,
+                                  hv_state_static=self.new_hv_state,
+                                  disk_state_static=self.new_disk_state)
  
      self.cfg.AddNodeGroup(group_obj, self.proc.GetECId(), check_uuid=False)
      del self.remove_locks[locking.LEVEL_NODEGROUP]
  
      self.cfg.AddNodeGroup(group_obj, self.proc.GetECId(), check_uuid=False)
      del self.remove_locks[locking.LEVEL_NODEGROUP]
@@ -10356,12 +14517,12 @@ class LUGroupAssignNodes(NoHooksLU):
  
      """
      assert self.needed_locks[locking.LEVEL_NODEGROUP]
  
      """
      assert self.needed_locks[locking.LEVEL_NODEGROUP]
-    assert (frozenset(self.acquired_locks[locking.LEVEL_NODE]) ==
+    assert (frozenset(self.owned_locks(locking.LEVEL_NODE)) ==
              frozenset(self.op.nodes))
  
      expected_locks = (set([self.group_uuid]) |
                        self.cfg.GetNodeGroupsFromNodes(self.op.nodes))
              frozenset(self.op.nodes))
  
      expected_locks = (set([self.group_uuid]) |
                        self.cfg.GetNodeGroupsFromNodes(self.op.nodes))
-    actual_locks = self.acquired_locks[locking.LEVEL_NODEGROUP]
+    actual_locks = self.owned_locks(locking.LEVEL_NODEGROUP)
      if actual_locks != expected_locks:
        raise errors.OpExecError("Nodes changed groups since locks were acquired,"
                                 " current groups are '%s', used to be '%s'" %
      if actual_locks != expected_locks:
        raise errors.OpExecError("Nodes changed groups since locks were acquired,"
                                 " current groups are '%s', used to be '%s'" %
@@ -10416,7 +14577,7 @@ class LUGroupAssignNodes(NoHooksLU):
      In particular, it returns information about newly split instances, and
      instances that were already split, and remain so after the change.
  
      In particular, it returns information about newly split instances, and
      instances that were already split, and remain so after the change.
  
-    Only instances whose disk template is listed in constants.DTS_NET_MIRROR are
+    Only instances whose disk template is listed in constants.DTS_INT_MIRROR are
      considered.
  
      @type changes: list of (node_name, new_group_uuid) pairs.
      considered.
  
      @type changes: list of (node_name, new_group_uuid) pairs.
@@ -10439,7 +14600,7 @@ class LUGroupAssignNodes(NoHooksLU):
        return [instance.primary_node] + list(instance.secondary_nodes)
  
      for inst in instance_data.values():
        return [instance.primary_node] + list(instance.secondary_nodes)
  
      for inst in instance_data.values():
-      if inst.disk_template not in constants.DTS_NET_MIRROR:
+      if inst.disk_template not in constants.DTS_INT_MIRROR:
          continue
  
        instance_nodes = InstanceNodes(inst)
          continue
  
        instance_nodes = InstanceNodes(inst)
@@ -10456,13 +14617,13 @@ class LUGroupAssignNodes(NoHooksLU):
  
  
  class _GroupQuery(_QueryBase):
  
  
  class _GroupQuery(_QueryBase):
-
    FIELDS = query.GROUP_FIELDS
  
    def ExpandNames(self, lu):
      lu.needed_locks = {}
  
      self._all_groups = lu.cfg.GetAllNodeGroupsInfo()
    FIELDS = query.GROUP_FIELDS
  
    def ExpandNames(self, lu):
      lu.needed_locks = {}
  
      self._all_groups = lu.cfg.GetAllNodeGroupsInfo()
+    self._cluster = lu.cfg.GetClusterInfo()
      name_to_uuid = dict((g.name, g.uuid) for g in self._all_groups.values())
  
      if not self.names:
      name_to_uuid = dict((g.name, g.uuid) for g in self._all_groups.values())
  
      if not self.names:
@@ -10528,9 +14689,11 @@ class _GroupQuery(_QueryBase):
            # Do not pass on node information if it was not requested.
            group_to_nodes = None
  
            # Do not pass on node information if it was not requested.
            group_to_nodes = None
  
-    return query.GroupQueryData([self._all_groups[uuid]
+    return query.GroupQueryData(self._cluster,
+                                [self._all_groups[uuid]
                                   for uuid in self.wanted],
                                   for uuid in self.wanted],
-                                group_to_nodes, group_to_instances)
+                                group_to_nodes, group_to_instances,
+                                query.GQ_DISKPARAMS in self.requested_data)
  
  
  class LUGroupQuery(NoHooksLU):
  
  
  class LUGroupQuery(NoHooksLU):
@@ -10540,11 +14703,15 @@ class LUGroupQuery(NoHooksLU):
    REQ_BGL = False
  
    def CheckArguments(self):
    REQ_BGL = False
  
    def CheckArguments(self):
-    self.gq = _GroupQuery(self.op.names, self.op.output_fields, False)
+    self.gq = _GroupQuery(qlang.MakeSimpleFilter("name", self.op.names),
+                          self.op.output_fields, False)
  
    def ExpandNames(self):
      self.gq.ExpandNames(self)
  
  
    def ExpandNames(self):
      self.gq.ExpandNames(self)
  
+  def DeclareLocks(self, level):
+    self.gq.DeclareLocks(self, level)
+
    def Exec(self, feedback_fn):
      return self.gq.OldStyleQuery(self)
  
    def Exec(self, feedback_fn):
      return self.gq.OldStyleQuery(self)
  
@@ -10560,7 +14727,11 @@ class LUGroupSetParams(LogicalUnit):
    def CheckArguments(self):
      all_changes = [
        self.op.ndparams,
    def CheckArguments(self):
      all_changes = [
        self.op.ndparams,
+      self.op.diskparams,
        self.op.alloc_policy,
        self.op.alloc_policy,
+      self.op.hv_state,
+      self.op.disk_state,
+      self.op.ipolicy,
        ]
  
      if all_changes.count(None) == len(all_changes):
        ]
  
      if all_changes.count(None) == len(all_changes):
@@ -10572,14 +14743,41 @@ class LUGroupSetParams(LogicalUnit):
      self.group_uuid = self.cfg.LookupNodeGroup(self.op.group_name)
  
      self.needed_locks = {
      self.group_uuid = self.cfg.LookupNodeGroup(self.op.group_name)
  
      self.needed_locks = {
+      locking.LEVEL_INSTANCE: [],
        locking.LEVEL_NODEGROUP: [self.group_uuid],
        }
  
        locking.LEVEL_NODEGROUP: [self.group_uuid],
        }
  
+    self.share_locks[locking.LEVEL_INSTANCE] = 1
+
+  def DeclareLocks(self, level):
+    if level == locking.LEVEL_INSTANCE:
+      assert not self.needed_locks[locking.LEVEL_INSTANCE]
+
+      # Lock instances optimistically, needs verification once group lock has
+      # been acquired
+      self.needed_locks[locking.LEVEL_INSTANCE] = \
+          self.cfg.GetNodeGroupInstances(self.group_uuid)
+
+  @staticmethod
+  def _UpdateAndVerifyDiskParams(old, new):
+    """Updates and verifies disk parameters.
+
+    """
+    new_params = _GetUpdatedParams(old, new)
+    utils.ForceDictType(new_params, constants.DISK_DT_TYPES)
+    return new_params
+
    def CheckPrereq(self):
      """Check prerequisites.
  
      """
    def CheckPrereq(self):
      """Check prerequisites.
  
      """
+    owned_instances = frozenset(self.owned_locks(locking.LEVEL_INSTANCE))
+
+    # Check if locked instances are still correct
+    _CheckNodeGroupInstances(self.cfg, self.group_uuid, owned_instances)
+
      self.group = self.cfg.GetNodeGroup(self.group_uuid)
      self.group = self.cfg.GetNodeGroup(self.group_uuid)
+    cluster = self.cfg.GetClusterInfo()
  
      if self.group is None:
        raise errors.OpExecError("Could not retrieve group '%s' (UUID: %s)" %
  
      if self.group is None:
        raise errors.OpExecError("Could not retrieve group '%s' (UUID: %s)" %
@@ -10587,19 +14785,70 @@ class LUGroupSetParams(LogicalUnit):
  
      if self.op.ndparams:
        new_ndparams = _GetUpdatedParams(self.group.ndparams, self.op.ndparams)
  
      if self.op.ndparams:
        new_ndparams = _GetUpdatedParams(self.group.ndparams, self.op.ndparams)
-      utils.ForceDictType(self.op.ndparams, constants.NDS_PARAMETER_TYPES)
+      utils.ForceDictType(new_ndparams, constants.NDS_PARAMETER_TYPES)
        self.new_ndparams = new_ndparams
  
        self.new_ndparams = new_ndparams
  
+    if self.op.diskparams:
+      diskparams = self.group.diskparams
+      uavdp = self._UpdateAndVerifyDiskParams
+      # For each disktemplate subdict update and verify the values
+      new_diskparams = dict((dt,
+                             uavdp(diskparams.get(dt, {}),
+                                   self.op.diskparams[dt]))
+                            for dt in constants.DISK_TEMPLATES
+                            if dt in self.op.diskparams)
+      # As we've all subdicts of diskparams ready, lets merge the actual
+      # dict with all updated subdicts
+      self.new_diskparams = objects.FillDict(diskparams, new_diskparams)
+      try:
+        utils.VerifyDictOptions(self.new_diskparams, constants.DISK_DT_DEFAULTS)
+      except errors.OpPrereqError, err:
+        raise errors.OpPrereqError("While verify diskparams options: %s" % err,
+                                   errors.ECODE_INVAL)
+
+    if self.op.hv_state:
+      self.new_hv_state = _MergeAndVerifyHvState(self.op.hv_state,
+                                                 self.group.hv_state_static)
+
+    if self.op.disk_state:
+      self.new_disk_state = \
+        _MergeAndVerifyDiskState(self.op.disk_state,
+                                 self.group.disk_state_static)
+
+    if self.op.ipolicy:
+      self.new_ipolicy = _GetUpdatedIPolicy(self.group.ipolicy,
+                                            self.op.ipolicy,
+                                            group_policy=True)
+
+      new_ipolicy = cluster.SimpleFillIPolicy(self.new_ipolicy)
+      inst_filter = lambda inst: inst.name in owned_instances
+      instances = self.cfg.GetInstancesInfoByFilter(inst_filter).values()
+      gmi = ganeti.masterd.instance
+      violations = \
+          _ComputeNewInstanceViolations(gmi.CalculateGroupIPolicy(cluster,
+                                                                  self.group),
+                                        new_ipolicy, instances)
+
+      if violations:
+        self.LogWarning("After the ipolicy change the following instances"
+                        " violate them: %s",
+                        utils.CommaJoin(violations))
+
    def BuildHooksEnv(self):
      """Build hooks env.
  
      """
    def BuildHooksEnv(self):
      """Build hooks env.
  
      """
-    env = {
+    return {
        "GROUP_NAME": self.op.group_name,
        "NEW_ALLOC_POLICY": self.op.alloc_policy,
        }
        "GROUP_NAME": self.op.group_name,
        "NEW_ALLOC_POLICY": self.op.alloc_policy,
        }
+
+  def BuildHooksNodes(self):
+    """Build hooks nodes.
+
+    """
      mn = self.cfg.GetMasterNode()
      mn = self.cfg.GetMasterNode()
-    return env, [mn], [mn]
+    return ([mn], [mn])
  
    def Exec(self, feedback_fn):
      """Modifies the node group.
  
    def Exec(self, feedback_fn):
      """Modifies the node group.
@@ -10611,14 +14860,26 @@ class LUGroupSetParams(LogicalUnit):
        self.group.ndparams = self.new_ndparams
        result.append(("ndparams", str(self.group.ndparams)))
  
        self.group.ndparams = self.new_ndparams
        result.append(("ndparams", str(self.group.ndparams)))
  
+    if self.op.diskparams:
+      self.group.diskparams = self.new_diskparams
+      result.append(("diskparams", str(self.group.diskparams)))
+
      if self.op.alloc_policy:
        self.group.alloc_policy = self.op.alloc_policy
  
      if self.op.alloc_policy:
        self.group.alloc_policy = self.op.alloc_policy
  
+    if self.op.hv_state:
+      self.group.hv_state_static = self.new_hv_state
+
+    if self.op.disk_state:
+      self.group.disk_state_static = self.new_disk_state
+
+    if self.op.ipolicy:
+      self.group.ipolicy = self.new_ipolicy
+
      self.cfg.Update(self.group, feedback_fn)
      return result
  
  
      self.cfg.Update(self.group, feedback_fn)
      return result
  
  
-
  class LUGroupRemove(LogicalUnit):
    HPATH = "group-remove"
    HTYPE = constants.HTYPE_GROUP
  class LUGroupRemove(LogicalUnit):
    HPATH = "group-remove"
    HTYPE = constants.HTYPE_GROUP
@@ -10653,20 +14914,24 @@ class LUGroupRemove(LogicalUnit):
  
      # Verify the cluster would not be left group-less.
      if len(self.cfg.GetNodeGroupList()) == 1:
  
      # Verify the cluster would not be left group-less.
      if len(self.cfg.GetNodeGroupList()) == 1:
-      raise errors.OpPrereqError("Group '%s' is the only group,"
-                                 " cannot be removed" %
-                                 self.op.group_name,
+      raise errors.OpPrereqError("Group '%s' is the only group, cannot be"
+                                 " removed" % self.op.group_name,
                                   errors.ECODE_STATE)
  
    def BuildHooksEnv(self):
      """Build hooks env.
  
      """
                                   errors.ECODE_STATE)
  
    def BuildHooksEnv(self):
      """Build hooks env.
  
      """
-    env = {
+    return {
        "GROUP_NAME": self.op.group_name,
        }
        "GROUP_NAME": self.op.group_name,
        }
+
+  def BuildHooksNodes(self):
+    """Build hooks nodes.
+
+    """
      mn = self.cfg.GetMasterNode()
      mn = self.cfg.GetMasterNode()
-    return env, [mn], [mn]
+    return ([mn], [mn])
  
    def Exec(self, feedback_fn):
      """Remove the node group.
  
    def Exec(self, feedback_fn):
      """Remove the node group.
@@ -10688,7 +14953,7 @@ class LUGroupRename(LogicalUnit):
  
    def ExpandNames(self):
      # This raises errors.OpPrereqError on its own:
  
    def ExpandNames(self):
      # This raises errors.OpPrereqError on its own:
-    self.group_uuid = self.cfg.LookupNodeGroup(self.op.old_name)
+    self.group_uuid = self.cfg.LookupNodeGroup(self.op.group_name)
  
      self.needed_locks = {
        locking.LEVEL_NODEGROUP: [self.group_uuid],
  
      self.needed_locks = {
        locking.LEVEL_NODEGROUP: [self.group_uuid],
@@ -10697,8 +14962,7 @@ class LUGroupRename(LogicalUnit):
    def CheckPrereq(self):
      """Check prerequisites.
  
    def CheckPrereq(self):
      """Check prerequisites.
  
-    This checks that the given old_name exists as a node group, and that
-    new_name doesn't.
+    Ensures requested new name is not yet used.
  
      """
      try:
  
      """
      try:
@@ -10715,21 +14979,25 @@ class LUGroupRename(LogicalUnit):
      """Build hooks env.
  
      """
      """Build hooks env.
  
      """
-    env = {
-      "OLD_NAME": self.op.old_name,
+    return {
+      "OLD_NAME": self.op.group_name,
        "NEW_NAME": self.op.new_name,
        }
  
        "NEW_NAME": self.op.new_name,
        }
  
+  def BuildHooksNodes(self):
+    """Build hooks nodes.
+
+    """
      mn = self.cfg.GetMasterNode()
      mn = self.cfg.GetMasterNode()
+
      all_nodes = self.cfg.GetAllNodesInfo()
      all_nodes = self.cfg.GetAllNodesInfo()
-    run_nodes = [mn]
      all_nodes.pop(mn, None)
  
      all_nodes.pop(mn, None)
  
-    for node in all_nodes.values():
-      if node.group == self.group_uuid:
-        run_nodes.append(node.name)
+    run_nodes = [mn]
+    run_nodes.extend(node.name for node in all_nodes.values()
+                     if node.group == self.group_uuid)
  
  
-    return env, run_nodes, run_nodes
+    return (run_nodes, run_nodes)
  
    def Exec(self, feedback_fn):
      """Rename the node group.
  
    def Exec(self, feedback_fn):
      """Rename the node group.
@@ -10739,7 +15007,7 @@ class LUGroupRename(LogicalUnit):
  
      if group is None:
        raise errors.OpExecError("Could not retrieve group '%s' (UUID: %s)" %
  
      if group is None:
        raise errors.OpExecError("Could not retrieve group '%s' (UUID: %s)" %
-                               (self.op.old_name, self.group_uuid))
+                               (self.op.group_name, self.group_uuid))
  
      group.name = self.op.new_name
      self.cfg.Update(group, feedback_fn)
  
      group.name = self.op.new_name
      self.cfg.Update(group, feedback_fn)
@@ -10747,21 +15015,187 @@ class LUGroupRename(LogicalUnit):
      return self.op.new_name
  
  
      return self.op.new_name
  
  
-class TagsLU(NoHooksLU): # pylint: disable-msg=W0223
+class LUGroupEvacuate(LogicalUnit):
+  HPATH = "group-evacuate"
+  HTYPE = constants.HTYPE_GROUP
+  REQ_BGL = False
+
+  def ExpandNames(self):
+    # This raises errors.OpPrereqError on its own:
+    self.group_uuid = self.cfg.LookupNodeGroup(self.op.group_name)
+
+    if self.op.target_groups:
+      self.req_target_uuids = map(self.cfg.LookupNodeGroup,
+                                  self.op.target_groups)
+    else:
+      self.req_target_uuids = []
+
+    if self.group_uuid in self.req_target_uuids:
+      raise errors.OpPrereqError("Group to be evacuated (%s) can not be used"
+                                 " as a target group (targets are %s)" %
+                                 (self.group_uuid,
+                                  utils.CommaJoin(self.req_target_uuids)),
+                                 errors.ECODE_INVAL)
+
+    self.op.iallocator = _GetDefaultIAllocator(self.cfg, self.op.iallocator)
+
+    self.share_locks = _ShareAll()
+    self.needed_locks = {
+      locking.LEVEL_INSTANCE: [],
+      locking.LEVEL_NODEGROUP: [],
+      locking.LEVEL_NODE: [],
+      }
+
+  def DeclareLocks(self, level):
+    if level == locking.LEVEL_INSTANCE:
+      assert not self.needed_locks[locking.LEVEL_INSTANCE]
+
+      # Lock instances optimistically, needs verification once node and group
+      # locks have been acquired
+      self.needed_locks[locking.LEVEL_INSTANCE] = \
+        self.cfg.GetNodeGroupInstances(self.group_uuid)
+
+    elif level == locking.LEVEL_NODEGROUP:
+      assert not self.needed_locks[locking.LEVEL_NODEGROUP]
+
+      if self.req_target_uuids:
+        lock_groups = set([self.group_uuid] + self.req_target_uuids)
+
+        # Lock all groups used by instances optimistically; this requires going
+        # via the node before it's locked, requiring verification later on
+        lock_groups.update(group_uuid
+                           for instance_name in
+                             self.owned_locks(locking.LEVEL_INSTANCE)
+                           for group_uuid in
+                             self.cfg.GetInstanceNodeGroups(instance_name))
+      else:
+        # No target groups, need to lock all of them
+        lock_groups = locking.ALL_SET
+
+      self.needed_locks[locking.LEVEL_NODEGROUP] = lock_groups
+
+    elif level == locking.LEVEL_NODE:
+      # This will only lock the nodes in the group to be evacuated which
+      # contain actual instances
+      self.recalculate_locks[locking.LEVEL_NODE] = constants.LOCKS_APPEND
+      self._LockInstancesNodes()
+
+      # Lock all nodes in group to be evacuated and target groups
+      owned_groups = frozenset(self.owned_locks(locking.LEVEL_NODEGROUP))
+      assert self.group_uuid in owned_groups
+      member_nodes = [node_name
+                      for group in owned_groups
+                      for node_name in self.cfg.GetNodeGroup(group).members]
+      self.needed_locks[locking.LEVEL_NODE].extend(member_nodes)
+
+  def CheckPrereq(self):
+    owned_instances = frozenset(self.owned_locks(locking.LEVEL_INSTANCE))
+    owned_groups = frozenset(self.owned_locks(locking.LEVEL_NODEGROUP))
+    owned_nodes = frozenset(self.owned_locks(locking.LEVEL_NODE))
+
+    assert owned_groups.issuperset(self.req_target_uuids)
+    assert self.group_uuid in owned_groups
+
+    # Check if locked instances are still correct
+    _CheckNodeGroupInstances(self.cfg, self.group_uuid, owned_instances)
+
+    # Get instance information
+    self.instances = dict(self.cfg.GetMultiInstanceInfo(owned_instances))
+
+    # Check if node groups for locked instances are still correct
+    _CheckInstancesNodeGroups(self.cfg, self.instances,
+                              owned_groups, owned_nodes, self.group_uuid)
+
+    if self.req_target_uuids:
+      # User requested specific target groups
+      self.target_uuids = self.req_target_uuids
+    else:
+      # All groups except the one to be evacuated are potential targets
+      self.target_uuids = [group_uuid for group_uuid in owned_groups
+                           if group_uuid != self.group_uuid]
+
+      if not self.target_uuids:
+        raise errors.OpPrereqError("There are no possible target groups",
+                                   errors.ECODE_INVAL)
+
+  def BuildHooksEnv(self):
+    """Build hooks env.
+
+    """
+    return {
+      "GROUP_NAME": self.op.group_name,
+      "TARGET_GROUPS": " ".join(self.target_uuids),
+      }
+
+  def BuildHooksNodes(self):
+    """Build hooks nodes.
+
+    """
+    mn = self.cfg.GetMasterNode()
+
+    assert self.group_uuid in self.owned_locks(locking.LEVEL_NODEGROUP)
+
+    run_nodes = [mn] + self.cfg.GetNodeGroup(self.group_uuid).members
+
+    return (run_nodes, run_nodes)
+
+  def Exec(self, feedback_fn):
+    instances = list(self.owned_locks(locking.LEVEL_INSTANCE))
+
+    assert self.group_uuid not in self.target_uuids
+
+    req = iallocator.IAReqGroupChange(instances=instances,
+                                      target_groups=self.target_uuids)
+    ial = iallocator.IAllocator(self.cfg, self.rpc, req)
+
+    ial.Run(self.op.iallocator)
+
+    if not ial.success:
+      raise errors.OpPrereqError("Can't compute group evacuation using"
+                                 " iallocator '%s': %s" %
+                                 (self.op.iallocator, ial.info),
+                                 errors.ECODE_NORES)
+
+    jobs = _LoadNodeEvacResult(self, ial.result, self.op.early_release, False)
+
+    self.LogInfo("Iallocator returned %s job(s) for evacuating node group %s",
+                 len(jobs), self.op.group_name)
+
+    return ResultWithJobs(jobs)
+
+
+class TagsLU(NoHooksLU): # pylint: disable=W0223
    """Generic tags LU.
  
    This is an abstract class which is the parent of all the other tags LUs.
  
    """
    """Generic tags LU.
  
    This is an abstract class which is the parent of all the other tags LUs.
  
    """
-
    def ExpandNames(self):
    def ExpandNames(self):
+    self.group_uuid = None
      self.needed_locks = {}
      self.needed_locks = {}
+
      if self.op.kind == constants.TAG_NODE:
        self.op.name = _ExpandNodeName(self.cfg, self.op.name)
      if self.op.kind == constants.TAG_NODE:
        self.op.name = _ExpandNodeName(self.cfg, self.op.name)
-      self.needed_locks[locking.LEVEL_NODE] = self.op.name
+      lock_level = locking.LEVEL_NODE
+      lock_name = self.op.name
      elif self.op.kind == constants.TAG_INSTANCE:
        self.op.name = _ExpandInstanceName(self.cfg, self.op.name)
      elif self.op.kind == constants.TAG_INSTANCE:
        self.op.name = _ExpandInstanceName(self.cfg, self.op.name)
-      self.needed_locks[locking.LEVEL_INSTANCE] = self.op.name
+      lock_level = locking.LEVEL_INSTANCE
+      lock_name = self.op.name
+    elif self.op.kind == constants.TAG_NODEGROUP:
+      self.group_uuid = self.cfg.LookupNodeGroup(self.op.name)
+      lock_level = locking.LEVEL_NODEGROUP
+      lock_name = self.group_uuid
+    elif self.op.kind == constants.TAG_NETWORK:
+      self.network_uuid = self.cfg.LookupNetwork(self.op.name)
+      lock_level = locking.LEVEL_NETWORK
+      lock_name = self.network_uuid
+    else:
+      lock_level = None
+      lock_name = None
+
+    if lock_level and getattr(self.op, "use_locking", True):
+      self.needed_locks[lock_level] = lock_name
  
      # FIXME: Acquire BGL for cluster tag operations (as of this writing it's
      # not possible to acquire the BGL based on opcode parameters)
  
      # FIXME: Acquire BGL for cluster tag operations (as of this writing it's
      # not possible to acquire the BGL based on opcode parameters)
@@ -10776,6 +15210,10 @@ class TagsLU(NoHooksLU): # pylint: disable-msg=W0223
        self.target = self.cfg.GetNodeInfo(self.op.name)
      elif self.op.kind == constants.TAG_INSTANCE:
        self.target = self.cfg.GetInstanceInfo(self.op.name)
        self.target = self.cfg.GetNodeInfo(self.op.name)
      elif self.op.kind == constants.TAG_INSTANCE:
        self.target = self.cfg.GetInstanceInfo(self.op.name)
+    elif self.op.kind == constants.TAG_NODEGROUP:
+      self.target = self.cfg.GetNodeGroup(self.group_uuid)
+    elif self.op.kind == constants.TAG_NETWORK:
+      self.target = self.cfg.GetNetwork(self.network_uuid)
      else:
        raise errors.OpPrereqError("Wrong tag type requested (%s)" %
                                   str(self.op.kind), errors.ECODE_INVAL)
      else:
        raise errors.OpPrereqError("Wrong tag type requested (%s)" %
                                   str(self.op.kind), errors.ECODE_INVAL)
@@ -10791,7 +15229,7 @@ class LUTagsGet(TagsLU):
      TagsLU.ExpandNames(self)
  
      # Share locks as this is only a read operation
      TagsLU.ExpandNames(self)
  
      # Share locks as this is only a read operation
-    self.share_locks = dict.fromkeys(locking.LEVELS, 1)
+    self.share_locks = _ShareAll()
  
    def Exec(self, feedback_fn):
      """Returns the tag list.
  
    def Exec(self, feedback_fn):
      """Returns the tag list.
@@ -10831,6 +15269,8 @@ class LUTagsSearch(NoHooksLU):
      tgts.extend([("/instances/%s" % i.name, i) for i in ilist])
      nlist = cfg.GetAllNodesInfo().values()
      tgts.extend([("/nodes/%s" % n.name, n) for n in nlist])
      tgts.extend([("/instances/%s" % i.name, i) for i in ilist])
      nlist = cfg.GetAllNodesInfo().values()
      tgts.extend([("/nodes/%s" % n.name, n) for n in nlist])
+    tgts.extend(("/nodegroup/%s" % n.name, n)
+                for n in cfg.GetAllNodeGroupsInfo().values())
      results = []
      for path, target in tgts:
        for tag in target.GetTags():
      results = []
      for path, target in tgts:
        for tag in target.GetTags():
@@ -10945,10 +15385,57 @@ class LUTestDelay(NoHooksLU):
      else:
        top_value = self.op.repeat - 1
        for i in range(self.op.repeat):
      else:
        top_value = self.op.repeat - 1
        for i in range(self.op.repeat):
-        self.LogInfo("Test delay iteration %d/%d" % (i, top_value))
+        self.LogInfo("Test delay iteration %d/%d", i, top_value)
          self._TestDelay()
  
  
          self._TestDelay()
  
  
+class LURestrictedCommand(NoHooksLU):
+  """Logical unit for executing restricted commands.
+
+  """
+  REQ_BGL = False
+
+  def ExpandNames(self):
+    if self.op.nodes:
+      self.op.nodes = _GetWantedNodes(self, self.op.nodes)
+
+    self.needed_locks = {
+      locking.LEVEL_NODE: self.op.nodes,
+      }
+    self.share_locks = {
+      locking.LEVEL_NODE: not self.op.use_locking,
+      }
+
+  def CheckPrereq(self):
+    """Check prerequisites.
+
+    """
+
+  def Exec(self, feedback_fn):
+    """Execute restricted command and return output.
+
+    """
+    owned_nodes = frozenset(self.owned_locks(locking.LEVEL_NODE))
+
+    # Check if correct locks are held
+    assert set(self.op.nodes).issubset(owned_nodes)
+
+    rpcres = self.rpc.call_restricted_command(self.op.nodes, self.op.command)
+
+    result = []
+
+    for node_name in self.op.nodes:
+      nres = rpcres[node_name]
+      if nres.fail_msg:
+        msg = ("Command '%s' on node '%s' failed: %s" %
+               (self.op.command, node_name, nres.fail_msg))
+        result.append((False, msg))
+      else:
+        result.append((True, nres.payload))
+
+    return result
+
+
  class LUTestJqueue(NoHooksLU):
    """Utility LU to test some aspects of the job queue.
  
  class LUTestJqueue(NoHooksLU):
    """Utility LU to test some aspects of the job queue.
  
@@ -11001,7 +15488,7 @@ class LUTestJqueue(NoHooksLU):
      # Wait for client to close
      try:
        try:
      # Wait for client to close
      try:
        try:
-        # pylint: disable-msg=E1101
+        # pylint: disable=E1101
          # Instance of '_socketobject' has no ... member
          conn.settimeout(cls._CLIENT_CONFIRM_TIMEOUT)
          conn.recv(1)
          # Instance of '_socketobject' has no ... member
          conn.settimeout(cls._CLIENT_CONFIRM_TIMEOUT)
          conn.recv(1)
@@ -11085,498 +15572,796 @@ class LUTestJqueue(NoHooksLU):
      return True
  
  
      return True
  
  
-class IAllocator(object):
-  """IAllocator framework.
+class LUTestAllocator(NoHooksLU):
+  """Run allocator tests.
  
  
-  An IAllocator instance has three sets of attributes:
-    - cfg that is needed to query the cluster
-    - input data (all members of the _KEYS class attribute are required)
-    - four buffer attributes (in|out_data|text), that represent the
-      input (to the external script) in text and data structure format,
-      and the output from it, again in two formats
-    - the result variables from the script (success, info, nodes) for
-      easy usage
+  This LU runs the allocator tests
  
    """
  
    """
-  # pylint: disable-msg=R0902
-  # lots of instance attributes
-  _ALLO_KEYS = [
-    "name", "mem_size", "disks", "disk_template",
-    "os", "tags", "nics", "vcpus", "hypervisor",
-    ]
-  _RELO_KEYS = [
-    "name", "relocate_from",
-    ]
-  _EVAC_KEYS = [
-    "evac_nodes",
-    ]
+  def CheckPrereq(self):
+    """Check prerequisites.
  
  
-  def __init__(self, cfg, rpc, mode, **kwargs):
-    self.cfg = cfg
-    self.rpc = rpc
-    # init buffer variables
-    self.in_text = self.out_text = self.in_data = self.out_data = None
-    # init all input fields so that pylint is happy
-    self.mode = mode
-    self.mem_size = self.disks = self.disk_template = None
-    self.os = self.tags = self.nics = self.vcpus = None
-    self.hypervisor = None
-    self.relocate_from = None
-    self.name = None
-    self.evac_nodes = None
-    # computed fields
-    self.required_nodes = None
-    # init result fields
-    self.success = self.info = self.result = None
-    if self.mode == constants.IALLOCATOR_MODE_ALLOC:
-      keyset = self._ALLO_KEYS
-      fn = self._AddNewInstance
-    elif self.mode == constants.IALLOCATOR_MODE_RELOC:
-      keyset = self._RELO_KEYS
-      fn = self._AddRelocateInstance
-    elif self.mode == constants.IALLOCATOR_MODE_MEVAC:
-      keyset = self._EVAC_KEYS
-      fn = self._AddEvacuateNodes
-    else:
-      raise errors.ProgrammerError("Unknown mode '%s' passed to the"
-                                   " IAllocator" % self.mode)
-    for key in kwargs:
-      if key not in keyset:
-        raise errors.ProgrammerError("Invalid input parameter '%s' to"
-                                     " IAllocator" % key)
-      setattr(self, key, kwargs[key])
-
-    for key in keyset:
-      if key not in kwargs:
-        raise errors.ProgrammerError("Missing input parameter '%s' to"
-                                     " IAllocator" % key)
-    self._BuildInputData(fn)
-
-  def _ComputeClusterData(self):
-    """Compute the generic allocator input data.
-
-    This is the data that is independent of the actual operation.
+    This checks the opcode parameters depending on the director and mode test.
  
      """
  
      """
-    cfg = self.cfg
-    cluster_info = cfg.GetClusterInfo()
-    # cluster data
-    data = {
-      "version": constants.IALLOCATOR_VERSION,
-      "cluster_name": cfg.GetClusterName(),
-      "cluster_tags": list(cluster_info.GetTags()),
-      "enabled_hypervisors": list(cluster_info.enabled_hypervisors),
-      # we don't have job IDs
-      }
-    ninfo = cfg.GetAllNodesInfo()
-    iinfo = cfg.GetAllInstancesInfo().values()
-    i_list = [(inst, cluster_info.FillBE(inst)) for inst in iinfo]
+    if self.op.mode in (constants.IALLOCATOR_MODE_ALLOC,
+                        constants.IALLOCATOR_MODE_MULTI_ALLOC):
+      for attr in ["memory", "disks", "disk_template",
+                   "os", "tags", "nics", "vcpus"]:
+        if not hasattr(self.op, attr):
+          raise errors.OpPrereqError("Missing attribute '%s' on opcode input" %
+                                     attr, errors.ECODE_INVAL)
+      iname = self.cfg.ExpandInstanceName(self.op.name)
+      if iname is not None:
+        raise errors.OpPrereqError("Instance '%s' already in the cluster" %
+                                   iname, errors.ECODE_EXISTS)
+      if not isinstance(self.op.nics, list):
+        raise errors.OpPrereqError("Invalid parameter 'nics'",
+                                   errors.ECODE_INVAL)
+      if not isinstance(self.op.disks, list):
+        raise errors.OpPrereqError("Invalid parameter 'disks'",
+                                   errors.ECODE_INVAL)
+      for row in self.op.disks:
+        if (not isinstance(row, dict) or
+            constants.IDISK_SIZE not in row or
+            not isinstance(row[constants.IDISK_SIZE], int) or
+            constants.IDISK_MODE not in row or
+            row[constants.IDISK_MODE] not in constants.DISK_ACCESS_SET):
+          raise errors.OpPrereqError("Invalid contents of the 'disks'"
+                                     " parameter", errors.ECODE_INVAL)
+      if self.op.hypervisor is None:
+        self.op.hypervisor = self.cfg.GetHypervisorType()
+    elif self.op.mode == constants.IALLOCATOR_MODE_RELOC:
+      fname = _ExpandInstanceName(self.cfg, self.op.name)
+      self.op.name = fname
+      self.relocate_from = \
+          list(self.cfg.GetInstanceInfo(fname).secondary_nodes)
+    elif self.op.mode in (constants.IALLOCATOR_MODE_CHG_GROUP,
+                          constants.IALLOCATOR_MODE_NODE_EVAC):
+      if not self.op.instances:
+        raise errors.OpPrereqError("Missing instances", errors.ECODE_INVAL)
+      self.op.instances = _GetWantedInstances(self, self.op.instances)
+    else:
+      raise errors.OpPrereqError("Invalid test allocator mode '%s'" %
+                                 self.op.mode, errors.ECODE_INVAL)
  
  
-    # node data
-    node_list = [n.name for n in ninfo.values() if n.vm_capable]
+    if self.op.direction == constants.IALLOCATOR_DIR_OUT:
+      if self.op.iallocator is None:
+        raise errors.OpPrereqError("Missing allocator name",
+                                   errors.ECODE_INVAL)
+    elif self.op.direction != constants.IALLOCATOR_DIR_IN:
+      raise errors.OpPrereqError("Wrong allocator test '%s'" %
+                                 self.op.direction, errors.ECODE_INVAL)
  
  
-    if self.mode == constants.IALLOCATOR_MODE_ALLOC:
-      hypervisor_name = self.hypervisor
-    elif self.mode == constants.IALLOCATOR_MODE_RELOC:
-      hypervisor_name = cfg.GetInstanceInfo(self.name).hypervisor
-    elif self.mode == constants.IALLOCATOR_MODE_MEVAC:
-      hypervisor_name = cluster_info.enabled_hypervisors[0]
+  def Exec(self, feedback_fn):
+    """Run the allocator test.
  
  
-    node_data = self.rpc.call_node_info(node_list, cfg.GetVGName(),
-                                        hypervisor_name)
-    node_iinfo = \
-      self.rpc.call_all_instances_info(node_list,
-                                       cluster_info.enabled_hypervisors)
+    """
+    if self.op.mode == constants.IALLOCATOR_MODE_ALLOC:
+      req = iallocator.IAReqInstanceAlloc(name=self.op.name,
+                                          memory=self.op.memory,
+                                          disks=self.op.disks,
+                                          disk_template=self.op.disk_template,
+                                          os=self.op.os,
+                                          tags=self.op.tags,
+                                          nics=self.op.nics,
+                                          vcpus=self.op.vcpus,
+                                          spindle_use=self.op.spindle_use,
+                                          hypervisor=self.op.hypervisor)
+    elif self.op.mode == constants.IALLOCATOR_MODE_RELOC:
+      req = iallocator.IAReqRelocate(name=self.op.name,
+                                     relocate_from=list(self.relocate_from))
+    elif self.op.mode == constants.IALLOCATOR_MODE_CHG_GROUP:
+      req = iallocator.IAReqGroupChange(instances=self.op.instances,
+                                        target_groups=self.op.target_groups)
+    elif self.op.mode == constants.IALLOCATOR_MODE_NODE_EVAC:
+      req = iallocator.IAReqNodeEvac(instances=self.op.instances,
+                                     evac_mode=self.op.evac_mode)
+    elif self.op.mode == constants.IALLOCATOR_MODE_MULTI_ALLOC:
+      disk_template = self.op.disk_template
+      insts = [iallocator.IAReqInstanceAlloc(name="%s%s" % (self.op.name, idx),
+                                             memory=self.op.memory,
+                                             disks=self.op.disks,
+                                             disk_template=disk_template,
+                                             os=self.op.os,
+                                             tags=self.op.tags,
+                                             nics=self.op.nics,
+                                             vcpus=self.op.vcpus,
+                                             spindle_use=self.op.spindle_use,
+                                             hypervisor=self.op.hypervisor)
+               for idx in range(self.op.count)]
+      req = iallocator.IAReqMultiInstanceAlloc(instances=insts)
+    else:
+      raise errors.ProgrammerError("Uncatched mode %s in"
+                                   " LUTestAllocator.Exec", self.op.mode)
  
  
-    data["nodegroups"] = self._ComputeNodeGroupData(cfg)
+    ial = iallocator.IAllocator(self.cfg, self.rpc, req)
+    if self.op.direction == constants.IALLOCATOR_DIR_IN:
+      result = ial.in_text
+    else:
+      ial.Run(self.op.iallocator, validate=False)
+      result = ial.out_text
+    return result
  
  
-    config_ndata = self._ComputeBasicNodeData(ninfo)
-    data["nodes"] = self._ComputeDynamicNodeData(ninfo, node_data, node_iinfo,
-                                                 i_list, config_ndata)
-    assert len(data["nodes"]) == len(ninfo), \
-        "Incomplete node data computed"
  
  
-    data["instances"] = self._ComputeInstanceData(cluster_info, i_list)
+class LUNetworkAdd(LogicalUnit):
+  """Logical unit for creating networks.
  
  
-    self.in_data = data
+  """
+  HPATH = "network-add"
+  HTYPE = constants.HTYPE_NETWORK
+  REQ_BGL = False
  
  
-  @staticmethod
-  def _ComputeNodeGroupData(cfg):
-    """Compute node groups data.
+  def BuildHooksNodes(self):
+    """Build hooks nodes.
  
      """
  
      """
-    ng = {}
-    for guuid, gdata in cfg.GetAllNodeGroupsInfo().items():
-      ng[guuid] = {
-        "name": gdata.name,
-        "alloc_policy": gdata.alloc_policy,
-        }
-    return ng
+    mn = self.cfg.GetMasterNode()
+    return ([mn], [mn])
  
  
-  @staticmethod
-  def _ComputeBasicNodeData(node_cfg):
-    """Compute global node data.
+  def CheckArguments(self):
+    if self.op.mac_prefix:
+      self.op.mac_prefix = \
+        utils.NormalizeAndValidateThreeOctetMacPrefix(self.op.mac_prefix)
  
  
-    @rtype: dict
-    @returns: a dict of name: (node dict, node config)
-
-    """
-    node_results = {}
-    for ninfo in node_cfg.values():
-      # fill in static (config-based) values
-      pnr = {
-        "tags": list(ninfo.GetTags()),
-        "primary_ip": ninfo.primary_ip,
-        "secondary_ip": ninfo.secondary_ip,
-        "offline": ninfo.offline,
-        "drained": ninfo.drained,
-        "master_candidate": ninfo.master_candidate,
-        "group": ninfo.group,
-        "master_capable": ninfo.master_capable,
-        "vm_capable": ninfo.vm_capable,
+  def ExpandNames(self):
+    self.network_uuid = self.cfg.GenerateUniqueID(self.proc.GetECId())
+
+    if self.op.conflicts_check:
+      self.share_locks[locking.LEVEL_NODE] = 1
+      self.needed_locks = {
+        locking.LEVEL_NODE: locking.ALL_SET,
          }
          }
+    else:
+      self.needed_locks = {}
  
  
-      node_results[ninfo.name] = pnr
+    self.add_locks[locking.LEVEL_NETWORK] = self.network_uuid
  
  
-    return node_results
+  def CheckPrereq(self):
+    if self.op.network is None:
+      raise errors.OpPrereqError("Network must be given",
+                                 errors.ECODE_INVAL)
  
  
-  @staticmethod
-  def _ComputeDynamicNodeData(node_cfg, node_data, node_iinfo, i_list,
-                              node_results):
-    """Compute global node data.
-
-    @param node_results: the basic node structures as filled from the config
-
-    """
-    # make a copy of the current dict
-    node_results = dict(node_results)
-    for nname, nresult in node_data.items():
-      assert nname in node_results, "Missing basic data for node %s" % nname
-      ninfo = node_cfg[nname]
-
-      if not (ninfo.offline or ninfo.drained):
-        nresult.Raise("Can't get data for node %s" % nname)
-        node_iinfo[nname].Raise("Can't get node instance info from node %s" %
-                                nname)
-        remote_info = nresult.payload
-
-        for attr in ['memory_total', 'memory_free', 'memory_dom0',
-                     'vg_size', 'vg_free', 'cpu_total']:
-          if attr not in remote_info:
-            raise errors.OpExecError("Node '%s' didn't return attribute"
-                                     " '%s'" % (nname, attr))
-          if not isinstance(remote_info[attr], int):
-            raise errors.OpExecError("Node '%s' returned invalid value"
-                                     " for '%s': %s" %
-                                     (nname, attr, remote_info[attr]))
-        # compute memory used by primary instances
-        i_p_mem = i_p_up_mem = 0
-        for iinfo, beinfo in i_list:
-          if iinfo.primary_node == nname:
-            i_p_mem += beinfo[constants.BE_MEMORY]
-            if iinfo.name not in node_iinfo[nname].payload:
-              i_used_mem = 0
-            else:
-              i_used_mem = int(node_iinfo[nname].payload[iinfo.name]['memory'])
-            i_mem_diff = beinfo[constants.BE_MEMORY] - i_used_mem
-            remote_info['memory_free'] -= max(0, i_mem_diff)
-
-            if iinfo.admin_up:
-              i_p_up_mem += beinfo[constants.BE_MEMORY]
-
-        # compute memory used by instances
-        pnr_dyn = {
-          "total_memory": remote_info['memory_total'],
-          "reserved_memory": remote_info['memory_dom0'],
-          "free_memory": remote_info['memory_free'],
-          "total_disk": remote_info['vg_size'],
-          "free_disk": remote_info['vg_free'],
-          "total_cpus": remote_info['cpu_total'],
-          "i_pri_memory": i_p_mem,
-          "i_pri_up_memory": i_p_up_mem,
-          }
-        pnr_dyn.update(node_results[nname])
-        node_results[nname] = pnr_dyn
+    uuid = self.cfg.LookupNetwork(self.op.network_name)
  
  
-    return node_results
+    if uuid:
+      raise errors.OpPrereqError("Network '%s' already defined" %
+                                 self.op.network, errors.ECODE_EXISTS)
  
  
-  @staticmethod
-  def _ComputeInstanceData(cluster_info, i_list):
-    """Compute global instance data.
-
-    """
-    instance_data = {}
-    for iinfo, beinfo in i_list:
-      nic_data = []
-      for nic in iinfo.nics:
-        filled_params = cluster_info.SimpleFillNIC(nic.nicparams)
-        nic_dict = {"mac": nic.mac,
-                    "ip": nic.ip,
-                    "mode": filled_params[constants.NIC_MODE],
-                    "link": filled_params[constants.NIC_LINK],
-                   }
-        if filled_params[constants.NIC_MODE] == constants.NIC_MODE_BRIDGED:
-          nic_dict["bridge"] = filled_params[constants.NIC_LINK]
-        nic_data.append(nic_dict)
-      pir = {
-        "tags": list(iinfo.GetTags()),
-        "admin_up": iinfo.admin_up,
-        "vcpus": beinfo[constants.BE_VCPUS],
-        "memory": beinfo[constants.BE_MEMORY],
-        "os": iinfo.os,
-        "nodes": [iinfo.primary_node] + list(iinfo.secondary_nodes),
-        "nics": nic_data,
-        "disks": [{"size": dsk.size, "mode": dsk.mode} for dsk in iinfo.disks],
-        "disk_template": iinfo.disk_template,
-        "hypervisor": iinfo.hypervisor,
-        }
-      pir["disk_space_total"] = _ComputeDiskSize(iinfo.disk_template,
-                                                 pir["disks"])
-      instance_data[iinfo.name] = pir
+    # Check tag validity
+    for tag in self.op.tags:
+      objects.TaggableObject.ValidateTag(tag)
+
+  def BuildHooksEnv(self):
+    """Build hooks env.
+
+    """
+    args = {
+      "name": self.op.network_name,
+      "subnet": self.op.network,
+      "gateway": self.op.gateway,
+      "network6": self.op.network6,
+      "gateway6": self.op.gateway6,
+      "mac_prefix": self.op.mac_prefix,
+      "network_type": self.op.network_type,
+      "tags": self.op.tags,
+      }
+    return _BuildNetworkHookEnv(**args) # pylint: disable=W0142
  
  
-    return instance_data
+  def Exec(self, feedback_fn):
+    """Add the ip pool to the cluster.
+
+    """
+    nobj = objects.Network(name=self.op.network_name,
+                           network=self.op.network,
+                           gateway=self.op.gateway,
+                           network6=self.op.network6,
+                           gateway6=self.op.gateway6,
+                           mac_prefix=self.op.mac_prefix,
+                           network_type=self.op.network_type,
+                           uuid=self.network_uuid,
+                           family=constants.IP4_VERSION)
+    # Initialize the associated address pool
+    try:
+      pool = network.AddressPool.InitializeNetwork(nobj)
+    except errors.AddressPoolError, e:
+      raise errors.OpExecError("Cannot create IP pool for this network. %s" % e)
+
+    # Check if we need to reserve the nodes and the cluster master IP
+    # These may not be allocated to any instances in routed mode, as
+    # they wouldn't function anyway.
+    if self.op.conflicts_check:
+      for node in self.cfg.GetAllNodesInfo().values():
+        for ip in [node.primary_ip, node.secondary_ip]:
+          try:
+            if pool.Contains(ip):
+              pool.Reserve(ip)
+              self.LogInfo("Reserved IP address of node '%s' (%s)",
+                           node.name, ip)
+          except errors.AddressPoolError:
+            self.LogWarning("Cannot reserve IP address of node '%s' (%s)",
+                            node.name, ip)
+
+      master_ip = self.cfg.GetClusterInfo().master_ip
+      try:
+        if pool.Contains(master_ip):
+          pool.Reserve(master_ip)
+          self.LogInfo("Reserved cluster master IP address (%s)", master_ip)
+      except errors.AddressPoolError:
+        self.LogWarning("Cannot reserve cluster master IP address (%s)",
+                        master_ip)
+
+    if self.op.add_reserved_ips:
+      for ip in self.op.add_reserved_ips:
+        try:
+          pool.Reserve(ip, external=True)
+        except errors.AddressPoolError, e:
+          raise errors.OpExecError("Cannot reserve IP %s. %s " % (ip, e))
  
  
-  def _AddNewInstance(self):
-    """Add new instance data to allocator structure.
+    if self.op.tags:
+      for tag in self.op.tags:
+        nobj.AddTag(tag)
  
  
-    This in combination with _AllocatorGetClusterData will create the
-    correct structure needed as input for the allocator.
+    self.cfg.AddNetwork(nobj, self.proc.GetECId(), check_uuid=False)
+    del self.remove_locks[locking.LEVEL_NETWORK]
  
  
-    The checks for the completeness of the opcode must have already been
-    done.
+
+class LUNetworkRemove(LogicalUnit):
+  HPATH = "network-remove"
+  HTYPE = constants.HTYPE_NETWORK
+  REQ_BGL = False
+
+  def ExpandNames(self):
+    self.network_uuid = self.cfg.LookupNetwork(self.op.network_name)
+
+    if not self.network_uuid:
+      raise errors.OpPrereqError(("Network '%s' not found" %
+                                  self.op.network_name),
+                                 errors.ECODE_INVAL)
+
+    self.share_locks[locking.LEVEL_NODEGROUP] = 1
+    self.needed_locks = {
+      locking.LEVEL_NETWORK: [self.network_uuid],
+      locking.LEVEL_NODEGROUP: locking.ALL_SET,
+      }
+
+  def CheckPrereq(self):
+    """Check prerequisites.
+
+    This checks that the given network name exists as a network, that is
+    empty (i.e., contains no nodes), and that is not the last group of the
+    cluster.
  
      """
  
      """
-    disk_space = _ComputeDiskSize(self.disk_template, self.disks)
+    # Verify that the network is not conncted.
+    node_groups = [group.name
+                   for group in self.cfg.GetAllNodeGroupsInfo().values()
+                   if self.network_uuid in group.networks]
+
+    if node_groups:
+      self.LogWarning("Network '%s' is connected to the following"
+                      " node groups: %s" %
+                      (self.op.network_name,
+                       utils.CommaJoin(utils.NiceSort(node_groups))))
+      raise errors.OpPrereqError("Network still connected", errors.ECODE_STATE)
  
  
-    if self.disk_template in constants.DTS_NET_MIRROR:
-      self.required_nodes = 2
-    else:
-      self.required_nodes = 1
-    request = {
-      "name": self.name,
-      "disk_template": self.disk_template,
-      "tags": self.tags,
-      "os": self.os,
-      "vcpus": self.vcpus,
-      "memory": self.mem_size,
-      "disks": self.disks,
-      "disk_space_total": disk_space,
-      "nics": self.nics,
-      "required_nodes": self.required_nodes,
+  def BuildHooksEnv(self):
+    """Build hooks env.
+
+    """
+    return {
+      "NETWORK_NAME": self.op.network_name,
        }
        }
-    return request
  
  
-  def _AddRelocateInstance(self):
-    """Add relocate instance data to allocator structure.
+  def BuildHooksNodes(self):
+    """Build hooks nodes.
  
  
-    This in combination with _IAllocatorGetClusterData will create the
-    correct structure needed as input for the allocator.
+    """
+    mn = self.cfg.GetMasterNode()
+    return ([mn], [mn])
  
  
-    The checks for the completeness of the opcode must have already been
-    done.
+  def Exec(self, feedback_fn):
+    """Remove the network.
  
      """
  
      """
-    instance = self.cfg.GetInstanceInfo(self.name)
-    if instance is None:
-      raise errors.ProgrammerError("Unknown instance '%s' passed to"
-                                   " IAllocator" % self.name)
+    try:
+      self.cfg.RemoveNetwork(self.network_uuid)
+    except errors.ConfigurationError:
+      raise errors.OpExecError("Network '%s' with UUID %s disappeared" %
+                               (self.op.network_name, self.network_uuid))
  
  
-    if instance.disk_template not in constants.DTS_NET_MIRROR:
-      raise errors.OpPrereqError("Can't relocate non-mirrored instances",
-                                 errors.ECODE_INVAL)
  
  
-    if len(instance.secondary_nodes) != 1:
-      raise errors.OpPrereqError("Instance has not exactly one secondary node",
-                                 errors.ECODE_STATE)
+class LUNetworkSetParams(LogicalUnit):
+  """Modifies the parameters of a network.
  
  
-    self.required_nodes = 1
-    disk_sizes = [{'size': disk.size} for disk in instance.disks]
-    disk_space = _ComputeDiskSize(instance.disk_template, disk_sizes)
+  """
+  HPATH = "network-modify"
+  HTYPE = constants.HTYPE_NETWORK
+  REQ_BGL = False
+
+  def CheckArguments(self):
+    if (self.op.gateway and
+        (self.op.add_reserved_ips or self.op.remove_reserved_ips)):
+      raise errors.OpPrereqError("Cannot modify gateway and reserved ips"
+                                 " at once", errors.ECODE_INVAL)
  
  
-    request = {
-      "name": self.name,
-      "disk_space_total": disk_space,
-      "required_nodes": self.required_nodes,
-      "relocate_from": self.relocate_from,
+  def ExpandNames(self):
+    self.network_uuid = self.cfg.LookupNetwork(self.op.network_name)
+    if self.network_uuid is None:
+      raise errors.OpPrereqError(("Network '%s' not found" %
+                                  self.op.network_name),
+                                 errors.ECODE_INVAL)
+
+    self.needed_locks = {
+      locking.LEVEL_NETWORK: [self.network_uuid],
        }
        }
-    return request
  
  
-  def _AddEvacuateNodes(self):
-    """Add evacuate nodes data to allocator structure.
+  def CheckPrereq(self):
+    """Check prerequisites.
  
      """
  
      """
-    request = {
-      "evac_nodes": self.evac_nodes
-      }
-    return request
+    self.network = self.cfg.GetNetwork(self.network_uuid)
+    self.gateway = self.network.gateway
+    self.network_type = self.network.network_type
+    self.mac_prefix = self.network.mac_prefix
+    self.network6 = self.network.network6
+    self.gateway6 = self.network.gateway6
+    self.tags = self.network.tags
+
+    self.pool = network.AddressPool(self.network)
+
+    if self.op.gateway:
+      if self.op.gateway == constants.VALUE_NONE:
+        self.gateway = None
+      else:
+        self.gateway = self.op.gateway
+        if self.pool.IsReserved(self.gateway):
+          raise errors.OpPrereqError("%s is already reserved" %
+                                     self.gateway, errors.ECODE_INVAL)
+
+    if self.op.network_type:
+      if self.op.network_type == constants.VALUE_NONE:
+        self.network_type = None
+      else:
+        self.network_type = self.op.network_type
  
  
-  def _BuildInputData(self, fn):
-    """Build input data structures.
+    if self.op.mac_prefix:
+      if self.op.mac_prefix == constants.VALUE_NONE:
+        self.mac_prefix = None
+      else:
+        self.mac_prefix = \
+          utils.NormalizeAndValidateThreeOctetMacPrefix(self.op.mac_prefix)
+
+    if self.op.gateway6:
+      if self.op.gateway6 == constants.VALUE_NONE:
+        self.gateway6 = None
+      else:
+        self.gateway6 = self.op.gateway6
+
+    if self.op.network6:
+      if self.op.network6 == constants.VALUE_NONE:
+        self.network6 = None
+      else:
+        self.network6 = self.op.network6
+
+  def BuildHooksEnv(self):
+    """Build hooks env.
  
      """
  
      """
-    self._ComputeClusterData()
+    args = {
+      "name": self.op.network_name,
+      "subnet": self.network.network,
+      "gateway": self.gateway,
+      "network6": self.network6,
+      "gateway6": self.gateway6,
+      "mac_prefix": self.mac_prefix,
+      "network_type": self.network_type,
+      "tags": self.tags,
+      }
+    return _BuildNetworkHookEnv(**args) # pylint: disable=W0142
  
  
-    request = fn()
-    request["type"] = self.mode
-    self.in_data["request"] = request
+  def BuildHooksNodes(self):
+    """Build hooks nodes.
  
  
-    self.in_text = serializer.Dump(self.in_data)
+    """
+    mn = self.cfg.GetMasterNode()
+    return ([mn], [mn])
  
  
-  def Run(self, name, validate=True, call_fn=None):
-    """Run an instance allocator and return the results.
+  def Exec(self, feedback_fn):
+    """Modifies the network.
  
      """
  
      """
-    if call_fn is None:
-      call_fn = self.rpc.call_iallocator_runner
+    #TODO: reserve/release via temporary reservation manager
+    #      extend cfg.ReserveIp/ReleaseIp with the external flag
+    if self.op.gateway:
+      if self.gateway == self.network.gateway:
+        self.LogWarning("Gateway is already %s", self.gateway)
+      else:
+        if self.gateway:
+          self.pool.Reserve(self.gateway, external=True)
+        if self.network.gateway:
+          self.pool.Release(self.network.gateway, external=True)
+        self.network.gateway = self.gateway
+
+    if self.op.add_reserved_ips:
+      for ip in self.op.add_reserved_ips:
+        try:
+          if self.pool.IsReserved(ip):
+            self.LogWarning("IP address %s is already reserved", ip)
+          else:
+            self.pool.Reserve(ip, external=True)
+        except errors.AddressPoolError, err:
+          self.LogWarning("Cannot reserve IP address %s: %s", ip, err)
+
+    if self.op.remove_reserved_ips:
+      for ip in self.op.remove_reserved_ips:
+        if ip == self.network.gateway:
+          self.LogWarning("Cannot unreserve Gateway's IP")
+          continue
+        try:
+          if not self.pool.IsReserved(ip):
+            self.LogWarning("IP address %s is already unreserved", ip)
+          else:
+            self.pool.Release(ip, external=True)
+        except errors.AddressPoolError, err:
+          self.LogWarning("Cannot release IP address %s: %s", ip, err)
+
+    if self.op.mac_prefix:
+      self.network.mac_prefix = self.mac_prefix
+
+    if self.op.network6:
+      self.network.network6 = self.network6
+
+    if self.op.gateway6:
+      self.network.gateway6 = self.gateway6
+
+    if self.op.network_type:
+      self.network.network_type = self.network_type
+
+    self.pool.Validate()
+
+    self.cfg.Update(self.network, feedback_fn)
+
+
+class _NetworkQuery(_QueryBase):
+  FIELDS = query.NETWORK_FIELDS
+
+  def ExpandNames(self, lu):
+    lu.needed_locks = {}
+
+    self._all_networks = lu.cfg.GetAllNetworksInfo()
+    name_to_uuid = dict((n.name, n.uuid) for n in self._all_networks.values())
+
+    if not self.names:
+      self.wanted = [name_to_uuid[name]
+                     for name in utils.NiceSort(name_to_uuid.keys())]
+    else:
+      # Accept names to be either names or UUIDs.
+      missing = []
+      self.wanted = []
+      all_uuid = frozenset(self._all_networks.keys())
  
  
-    result = call_fn(self.cfg.GetMasterNode(), name, self.in_text)
-    result.Raise("Failure while running the iallocator script")
+      for name in self.names:
+        if name in all_uuid:
+          self.wanted.append(name)
+        elif name in name_to_uuid:
+          self.wanted.append(name_to_uuid[name])
+        else:
+          missing.append(name)
  
  
-    self.out_text = result.payload
-    if validate:
-      self._ValidateResult()
+      if missing:
+        raise errors.OpPrereqError("Some networks do not exist: %s" % missing,
+                                   errors.ECODE_NOENT)
  
  
-  def _ValidateResult(self):
-    """Process the allocator results.
+  def DeclareLocks(self, lu, level):
+    pass
  
  
-    This will process and if successful save the result in
-    self.out_data and the other parameters.
+  def _GetQueryData(self, lu):
+    """Computes the list of networks and their attributes.
  
      """
  
      """
-    try:
-      rdict = serializer.Load(self.out_text)
-    except Exception, err:
-      raise errors.OpExecError("Can't parse iallocator results: %s" % str(err))
+    do_instances = query.NETQ_INST in self.requested_data
+    do_groups = do_instances or (query.NETQ_GROUP in self.requested_data)
+    do_stats = query.NETQ_STATS in self.requested_data
  
  
-    if not isinstance(rdict, dict):
-      raise errors.OpExecError("Can't parse iallocator results: not a dict")
+    network_to_groups = None
+    network_to_instances = None
+    stats = None
  
  
-    # TODO: remove backwards compatiblity in later versions
-    if "nodes" in rdict and "result" not in rdict:
-      rdict["result"] = rdict["nodes"]
-      del rdict["nodes"]
+    # For NETQ_GROUP, we need to map network->[groups]
+    if do_groups:
+      all_groups = lu.cfg.GetAllNodeGroupsInfo()
+      network_to_groups = dict((uuid, []) for uuid in self.wanted)
  
  
-    for key in "success", "info", "result":
-      if key not in rdict:
-        raise errors.OpExecError("Can't parse iallocator results:"
-                                 " missing key '%s'" % key)
-      setattr(self, key, rdict[key])
+      if do_instances:
+        all_instances = lu.cfg.GetAllInstancesInfo()
+        all_nodes = lu.cfg.GetAllNodesInfo()
+        network_to_instances = dict((uuid, []) for uuid in self.wanted)
+
+      for group in all_groups.values():
+        if do_instances:
+          group_nodes = [node.name for node in all_nodes.values() if
+                         node.group == group.uuid]
+          group_instances = [instance for instance in all_instances.values()
+                             if instance.primary_node in group_nodes]
+
+        for net_uuid in group.networks.keys():
+          if net_uuid in network_to_groups:
+            netparams = group.networks[net_uuid]
+            mode = netparams[constants.NIC_MODE]
+            link = netparams[constants.NIC_LINK]
+            info = group.name + "(" + mode + ", " + link + ")"
+            network_to_groups[net_uuid].append(info)
+
+            if do_instances:
+              for instance in group_instances:
+                for nic in instance.nics:
+                  if nic.network == self._all_networks[net_uuid].name:
+                    network_to_instances[net_uuid].append(instance.name)
+                    break
+
+    if do_stats:
+      stats = {}
+      for uuid, net in self._all_networks.items():
+        if uuid in self.wanted:
+          pool = network.AddressPool(net)
+          stats[uuid] = {
+            "free_count": pool.GetFreeCount(),
+            "reserved_count": pool.GetReservedCount(),
+            "map": pool.GetMap(),
+            "external_reservations":
+              utils.CommaJoin(pool.GetExternalReservations()),
+            }
+
+    return query.NetworkQueryData([self._all_networks[uuid]
+                                   for uuid in self.wanted],
+                                   network_to_groups,
+                                   network_to_instances,
+                                   stats)
+
+
+class LUNetworkQuery(NoHooksLU):
+  """Logical unit for querying networks.
  
  
-    if not isinstance(rdict["result"], list):
-      raise errors.OpExecError("Can't parse iallocator results: 'result' key"
-                               " is not a list")
-    self.out_data = rdict
+  """
+  REQ_BGL = False
  
  
+  def CheckArguments(self):
+    self.nq = _NetworkQuery(qlang.MakeSimpleFilter("name", self.op.names),
+                            self.op.output_fields, False)
  
  
-class LUTestAllocator(NoHooksLU):
-  """Run allocator tests.
+  def ExpandNames(self):
+    self.nq.ExpandNames(self)
  
  
-  This LU runs the allocator tests
+  def Exec(self, feedback_fn):
+    return self.nq.OldStyleQuery(self)
+
+
+class LUNetworkConnect(LogicalUnit):
+  """Connect a network to a nodegroup
  
    """
  
    """
+  HPATH = "network-connect"
+  HTYPE = constants.HTYPE_NETWORK
+  REQ_BGL = False
+
+  def ExpandNames(self):
+    self.network_name = self.op.network_name
+    self.group_name = self.op.group_name
+    self.network_mode = self.op.network_mode
+    self.network_link = self.op.network_link
+
+    self.network_uuid = self.cfg.LookupNetwork(self.network_name)
+    if self.network_uuid is None:
+      raise errors.OpPrereqError("Network %s does not exist" %
+                                 self.network_name, errors.ECODE_INVAL)
+
+    self.group_uuid = self.cfg.LookupNodeGroup(self.group_name)
+    if self.group_uuid is None:
+      raise errors.OpPrereqError("Group %s does not exist" %
+                                 self.group_name, errors.ECODE_INVAL)
+
+    self.needed_locks = {
+      locking.LEVEL_INSTANCE: [],
+      locking.LEVEL_NODEGROUP: [self.group_uuid],
+      }
+    self.share_locks[locking.LEVEL_INSTANCE] = 1
+
+    if self.op.conflicts_check:
+      self.needed_locks[locking.LEVEL_NETWORK] = [self.network_uuid]
+      self.share_locks[locking.LEVEL_NETWORK] = 1
+
+  def DeclareLocks(self, level):
+    if level == locking.LEVEL_INSTANCE:
+      assert not self.needed_locks[locking.LEVEL_INSTANCE]
+
+      # Lock instances optimistically, needs verification once group lock has
+      # been acquired
+      if self.op.conflicts_check:
+        self.needed_locks[locking.LEVEL_INSTANCE] = \
+            self.cfg.GetNodeGroupInstances(self.group_uuid)
+
+  def BuildHooksEnv(self):
+    ret = {
+      "GROUP_NAME": self.group_name,
+      "GROUP_NETWORK_MODE": self.network_mode,
+      "GROUP_NETWORK_LINK": self.network_link,
+      }
+    return ret
+
+  def BuildHooksNodes(self):
+    nodes = self.cfg.GetNodeGroup(self.group_uuid).members
+    return (nodes, nodes)
+
    def CheckPrereq(self):
    def CheckPrereq(self):
-    """Check prerequisites.
+    owned_groups = frozenset(self.owned_locks(locking.LEVEL_NODEGROUP))
  
  
-    This checks the opcode parameters depending on the director and mode test.
+    assert self.group_uuid in owned_groups
  
  
-    """
-    if self.op.mode == constants.IALLOCATOR_MODE_ALLOC:
-      for attr in ["mem_size", "disks", "disk_template",
-                   "os", "tags", "nics", "vcpus"]:
-        if not hasattr(self.op, attr):
-          raise errors.OpPrereqError("Missing attribute '%s' on opcode input" %
-                                     attr, errors.ECODE_INVAL)
-      iname = self.cfg.ExpandInstanceName(self.op.name)
-      if iname is not None:
-        raise errors.OpPrereqError("Instance '%s' already in the cluster" %
-                                   iname, errors.ECODE_EXISTS)
-      if not isinstance(self.op.nics, list):
-        raise errors.OpPrereqError("Invalid parameter 'nics'",
-                                   errors.ECODE_INVAL)
-      if not isinstance(self.op.disks, list):
-        raise errors.OpPrereqError("Invalid parameter 'disks'",
-                                   errors.ECODE_INVAL)
-      for row in self.op.disks:
-        if (not isinstance(row, dict) or
-            "size" not in row or
-            not isinstance(row["size"], int) or
-            "mode" not in row or
-            row["mode"] not in ['r', 'w']):
-          raise errors.OpPrereqError("Invalid contents of the 'disks'"
-                                     " parameter", errors.ECODE_INVAL)
-      if self.op.hypervisor is None:
-        self.op.hypervisor = self.cfg.GetHypervisorType()
-    elif self.op.mode == constants.IALLOCATOR_MODE_RELOC:
-      fname = _ExpandInstanceName(self.cfg, self.op.name)
-      self.op.name = fname
-      self.relocate_from = self.cfg.GetInstanceInfo(fname).secondary_nodes
-    elif self.op.mode == constants.IALLOCATOR_MODE_MEVAC:
-      if not hasattr(self.op, "evac_nodes"):
-        raise errors.OpPrereqError("Missing attribute 'evac_nodes' on"
-                                   " opcode input", errors.ECODE_INVAL)
-    else:
-      raise errors.OpPrereqError("Invalid test allocator mode '%s'" %
-                                 self.op.mode, errors.ECODE_INVAL)
+    l = lambda value: utils.CommaJoin("%s: %s/%s" % (i[0], i[1], i[2])
+                                      for i in value)
  
  
-    if self.op.direction == constants.IALLOCATOR_DIR_OUT:
-      if self.op.allocator is None:
-        raise errors.OpPrereqError("Missing allocator name",
+    self.netparams = {
+      constants.NIC_MODE: self.network_mode,
+      constants.NIC_LINK: self.network_link,
+      }
+    objects.NIC.CheckParameterSyntax(self.netparams)
+
+    self.group = self.cfg.GetNodeGroup(self.group_uuid)
+    #if self.network_mode == constants.NIC_MODE_BRIDGED:
+    #  _CheckNodeGroupBridgesExist(self, self.network_link, self.group_uuid)
+    self.connected = False
+    if self.network_uuid in self.group.networks:
+      self.LogWarning("Network '%s' is already mapped to group '%s'" %
+                      (self.network_name, self.group.name))
+      self.connected = True
+      return
+
+    if self.op.conflicts_check:
+      # Check if locked instances are still correct
+      owned_instances = frozenset(self.owned_locks(locking.LEVEL_INSTANCE))
+      _CheckNodeGroupInstances(self.cfg, self.group_uuid, owned_instances)
+
+      nobj = self.cfg.GetNetwork(self.network_uuid)
+      pool = network.AddressPool(nobj)
+      conflicting_instances = []
+
+      for (_, instance) in self.cfg.GetMultiInstanceInfo(owned_instances):
+        for idx, nic in enumerate(instance.nics):
+          if pool.Contains(nic.ip):
+            conflicting_instances.append((instance.name, idx, nic.ip))
+
+      if conflicting_instances:
+        self.LogWarning("Following occurences use IPs from network %s"
+                        " that is about to connect to nodegroup %s: %s" %
+                        (self.network_name, self.group.name,
+                        l(conflicting_instances)))
+        raise errors.OpPrereqError("Conflicting IPs found."
+                                   " Please remove/modify"
+                                   " corresponding NICs",
                                     errors.ECODE_INVAL)
                                     errors.ECODE_INVAL)
-    elif self.op.direction != constants.IALLOCATOR_DIR_IN:
-      raise errors.OpPrereqError("Wrong allocator test '%s'" %
-                                 self.op.direction, errors.ECODE_INVAL)
  
    def Exec(self, feedback_fn):
  
    def Exec(self, feedback_fn):
-    """Run the allocator test.
+    if self.connected:
+      return
  
  
-    """
-    if self.op.mode == constants.IALLOCATOR_MODE_ALLOC:
-      ial = IAllocator(self.cfg, self.rpc,
-                       mode=self.op.mode,
-                       name=self.op.name,
-                       mem_size=self.op.mem_size,
-                       disks=self.op.disks,
-                       disk_template=self.op.disk_template,
-                       os=self.op.os,
-                       tags=self.op.tags,
-                       nics=self.op.nics,
-                       vcpus=self.op.vcpus,
-                       hypervisor=self.op.hypervisor,
-                       )
-    elif self.op.mode == constants.IALLOCATOR_MODE_RELOC:
-      ial = IAllocator(self.cfg, self.rpc,
-                       mode=self.op.mode,
-                       name=self.op.name,
-                       relocate_from=list(self.relocate_from),
-                       )
-    elif self.op.mode == constants.IALLOCATOR_MODE_MEVAC:
-      ial = IAllocator(self.cfg, self.rpc,
-                       mode=self.op.mode,
-                       evac_nodes=self.op.evac_nodes)
-    else:
-      raise errors.ProgrammerError("Uncatched mode %s in"
-                                   " LUTestAllocator.Exec", self.op.mode)
+    self.group.networks[self.network_uuid] = self.netparams
+    self.cfg.Update(self.group, feedback_fn)
  
  
-    if self.op.direction == constants.IALLOCATOR_DIR_IN:
-      result = ial.in_text
-    else:
-      ial.Run(self.op.allocator, validate=False)
-      result = ial.out_text
-    return result
+
+class LUNetworkDisconnect(LogicalUnit):
+  """Disconnect a network to a nodegroup
+
+  """
+  HPATH = "network-disconnect"
+  HTYPE = constants.HTYPE_NETWORK
+  REQ_BGL = False
+
+  def ExpandNames(self):
+    self.network_name = self.op.network_name
+    self.group_name = self.op.group_name
+
+    self.network_uuid = self.cfg.LookupNetwork(self.network_name)
+    if self.network_uuid is None:
+      raise errors.OpPrereqError("Network %s does not exist" %
+                                 self.network_name, errors.ECODE_INVAL)
+
+    self.group_uuid = self.cfg.LookupNodeGroup(self.group_name)
+    if self.group_uuid is None:
+      raise errors.OpPrereqError("Group %s does not exist" %
+                                 self.group_name, errors.ECODE_INVAL)
+
+    self.needed_locks = {
+      locking.LEVEL_INSTANCE: [],
+      locking.LEVEL_NODEGROUP: [self.group_uuid],
+      }
+    self.share_locks[locking.LEVEL_INSTANCE] = 1
+
+  def DeclareLocks(self, level):
+    if level == locking.LEVEL_INSTANCE:
+      assert not self.needed_locks[locking.LEVEL_INSTANCE]
+
+      # Lock instances optimistically, needs verification once group lock has
+      # been acquired
+      if self.op.conflicts_check:
+        self.needed_locks[locking.LEVEL_INSTANCE] = \
+          self.cfg.GetNodeGroupInstances(self.group_uuid)
+
+  def BuildHooksEnv(self):
+    ret = {
+      "GROUP_NAME": self.group_name,
+      }
+    return ret
+
+  def BuildHooksNodes(self):
+    nodes = self.cfg.GetNodeGroup(self.group_uuid).members
+    return (nodes, nodes)
+
+  def CheckPrereq(self):
+    owned_groups = frozenset(self.owned_locks(locking.LEVEL_NODEGROUP))
+
+    assert self.group_uuid in owned_groups
+
+    l = lambda value: utils.CommaJoin("%s: %s/%s" % (i[0], i[1], i[2])
+                                      for i in value)
+
+    self.group = self.cfg.GetNodeGroup(self.group_uuid)
+    self.connected = True
+    if self.network_uuid not in self.group.networks:
+      self.LogWarning("Network '%s' is not mapped to group '%s'",
+                      self.network_name, self.group.name)
+      self.connected = False
+      return
+
+    if self.op.conflicts_check:
+      # Check if locked instances are still correct
+      owned_instances = frozenset(self.owned_locks(locking.LEVEL_INSTANCE))
+      _CheckNodeGroupInstances(self.cfg, self.group_uuid, owned_instances)
+
+      conflicting_instances = []
+
+      for (_, instance) in self.cfg.GetMultiInstanceInfo(owned_instances):
+        for idx, nic in enumerate(instance.nics):
+          if nic.network == self.network_name:
+            conflicting_instances.append((instance.name, idx, nic.ip))
+
+      if conflicting_instances:
+        self.LogWarning("Following occurences use IPs from network %s"
+                           " that is about to disconnected from the nodegroup"
+                           " %s: %s" %
+                           (self.network_name, self.group.name,
+                            l(conflicting_instances)))
+        raise errors.OpPrereqError("Conflicting IPs."
+                                   " Please remove/modify"
+                                   " corresponding NICS",
+                                   errors.ECODE_INVAL)
+
+  def Exec(self, feedback_fn):
+    if not self.connected:
+      return
+
+    del self.group.networks[self.network_uuid]
+    self.cfg.Update(self.group, feedback_fn)
  
  
  #: Query type implementations
  _QUERY_IMPL = {
  
  
  #: Query type implementations
  _QUERY_IMPL = {
+  constants.QR_CLUSTER: _ClusterQuery,
    constants.QR_INSTANCE: _InstanceQuery,
    constants.QR_NODE: _NodeQuery,
    constants.QR_GROUP: _GroupQuery,
    constants.QR_INSTANCE: _InstanceQuery,
    constants.QR_NODE: _NodeQuery,
    constants.QR_GROUP: _GroupQuery,
+  constants.QR_NETWORK: _NetworkQuery,
+  constants.QR_OS: _OsQuery,
+  constants.QR_EXPORT: _ExportQuery,
    }
  
    }
  
+assert set(_QUERY_IMPL.keys()) == constants.QR_VIA_OP
+
  
  def _GetQueryImplementation(name):
    """Returns the implemtnation for a query type.
  
  
  def _GetQueryImplementation(name):
    """Returns the implemtnation for a query type.
  
-  @param name: Query type, must be one of L{constants.QR_OP_QUERY}
+  @param name: Query type, must be one of L{constants.QR_VIA_OP}
  
    """
    try:
  
    """
    try:
@@ -11584,3 +16369,21 @@ def _GetQueryImplementation(name):
    except KeyError:
      raise errors.OpPrereqError("Unknown query resource '%s'" % name,
                                 errors.ECODE_INVAL)
    except KeyError:
      raise errors.OpPrereqError("Unknown query resource '%s'" % name,
                                 errors.ECODE_INVAL)
+
+
+def _CheckForConflictingIp(lu, ip, node):
+  """In case of conflicting ip raise error.
+
+  @type ip: string
+  @param ip: ip address
+  @type node: string
+  @param node: node name
+
+  """
+  (conf_net, _) = lu.cfg.CheckIPInNodeGroup(ip, node)
+  if conf_net is not None:
+    raise errors.OpPrereqError("Conflicting IP found:"
+                               " %s <> %s." % (ip, conf_net),
+                               errors.ECODE_INVAL)
+
+  return (None, None)