Try to prevent instance memory changes N+1 failures

[ganeti-local] / lib / config.py
diff --git a/lib/config.py b/lib/config.py

index d1f061c..fe580ef 100644 (file)
--- a/lib/config.py
+++ b/lib/config.py
@@ -1,7 +1,7 @@
  #
  #
  
  #
  #
  
-# Copyright (C) 2006, 2007 Google Inc.
+# Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Google Inc.
  #
  # This program is free software; you can redistribute it and/or modify
  # it under the terms of the GNU General Public License as published by
  #
  # This program is free software; you can redistribute it and/or modify
  # it under the terms of the GNU General Public License as published by
@@ -31,6 +31,9 @@ much memory.
  
  """
  
  
  """
  
+# pylint: disable-msg=R0904
+# R0904: Too many public methods
+
  import os
  import random
  import logging
  import os
  import random
  import logging
@@ -43,9 +46,12 @@ from ganeti import constants
  from ganeti import rpc
  from ganeti import objects
  from ganeti import serializer
  from ganeti import rpc
  from ganeti import objects
  from ganeti import serializer
+from ganeti import uidpool
+from ganeti import netutils
+from ganeti import runtime
  
  
  
  
-_config_lock = locking.SharedLock()
+_config_lock = locking.SharedLock("ConfigWriter")
  
  # job id used for resource management at config upgrade time
  _UPGRADE_CONFIG_JID = "jid-cfg-upgrade"
  
  # job id used for resource management at config upgrade time
  _UPGRADE_CONFIG_JID = "jid-cfg-upgrade"
@@ -61,10 +67,7 @@ def _ValidateConfig(data):
  
    """
    if data.version != constants.CONFIG_VERSION:
  
    """
    if data.version != constants.CONFIG_VERSION:
-    raise errors.ConfigurationError("Cluster configuration version"
-                                    " mismatch, got %s instead of %s" %
-                                    (data.version,
-                                     constants.CONFIG_VERSION))
+    raise errors.ConfigVersionMismatch(constants.CONFIG_VERSION, data.version)
  
  
  class TemporaryReservationManager:
  
  
  class TemporaryReservationManager:
@@ -78,15 +81,15 @@ class TemporaryReservationManager:
      self._ec_reserved = {}
  
    def Reserved(self, resource):
      self._ec_reserved = {}
  
    def Reserved(self, resource):
-    for holder_reserved in self._ec_reserved.items():
+    for holder_reserved in self._ec_reserved.values():
        if resource in holder_reserved:
          return True
      return False
  
    def Reserve(self, ec_id, resource):
      if self.Reserved(resource):
        if resource in holder_reserved:
          return True
      return False
  
    def Reserve(self, ec_id, resource):
      if self.Reserved(resource):
-      raise errors.ReservationError("Duplicate reservation for resource: %s." %
-                                    (resource))
+      raise errors.ReservationError("Duplicate reservation for resource '%s'"
+                                    % str(resource))
      if ec_id not in self._ec_reserved:
        self._ec_reserved[ec_id] = set([resource])
      else:
      if ec_id not in self._ec_reserved:
        self._ec_reserved[ec_id] = set([resource])
      else:
@@ -125,8 +128,12 @@ class TemporaryReservationManager:
  class ConfigWriter:
    """The interface to the cluster configuration.
  
  class ConfigWriter:
    """The interface to the cluster configuration.
  
+  @ivar _temporary_lvs: reservation manager for temporary LVs
+  @ivar _all_rms: a list of all temporary reservation managers
+
    """
    """
-  def __init__(self, cfg_file=None, offline=False):
+  def __init__(self, cfg_file=None, offline=False, _getents=runtime.GetEnts,
+               accept_foreign=False):
      self.write_count = 0
      self._lock = _config_lock
      self._config_data = None
      self.write_count = 0
      self._lock = _config_lock
      self._config_data = None
@@ -135,17 +142,22 @@ class ConfigWriter:
        self._cfg_file = constants.CLUSTER_CONF_FILE
      else:
        self._cfg_file = cfg_file
        self._cfg_file = constants.CLUSTER_CONF_FILE
      else:
        self._cfg_file = cfg_file
+    self._getents = _getents
      self._temporary_ids = TemporaryReservationManager()
      self._temporary_drbds = {}
      self._temporary_macs = TemporaryReservationManager()
      self._temporary_secrets = TemporaryReservationManager()
      self._temporary_ids = TemporaryReservationManager()
      self._temporary_drbds = {}
      self._temporary_macs = TemporaryReservationManager()
      self._temporary_secrets = TemporaryReservationManager()
+    self._temporary_lvs = TemporaryReservationManager()
+    self._all_rms = [self._temporary_ids, self._temporary_macs,
+                     self._temporary_secrets, self._temporary_lvs]
      # Note: in order to prevent errors when resolving our name in
      # _DistributeConfig, we compute it here once and reuse it; it's
      # better to raise an error before starting to modify the config
      # file than after it was modified
      # Note: in order to prevent errors when resolving our name in
      # _DistributeConfig, we compute it here once and reuse it; it's
      # better to raise an error before starting to modify the config
      # file than after it was modified
-    self._my_hostname = utils.HostInfo().name
+    self._my_hostname = netutils.Hostname.GetSysName()
      self._last_cluster_serial = -1
      self._last_cluster_serial = -1
-    self._OpenConfig()
+    self._cfg_id = None
+    self._OpenConfig(accept_foreign)
  
    # this method needs to be static, so that we can call it on the class
    @staticmethod
  
    # this method needs to be static, so that we can call it on the class
    @staticmethod
@@ -167,6 +179,18 @@ class ConfigWriter:
      return mac
  
    @locking.ssynchronized(_config_lock, shared=1)
      return mac
  
    @locking.ssynchronized(_config_lock, shared=1)
+  def GetNdParams(self, node):
+    """Get the node params populated with cluster defaults.
+
+    @type node: L{object.Node}
+    @param node: The node we want to know the params for
+    @return: A dict with the filled in node params
+
+    """
+    nodegroup = self._UnlockedGetNodeGroup(node.group)
+    return self._config_data.cluster.FillND(node, nodegroup)
+
+  @locking.ssynchronized(_config_lock, shared=1)
    def GenerateMAC(self, ec_id):
      """Generate a MAC for an instance.
  
    def GenerateMAC(self, ec_id):
      """Generate a MAC for an instance.
  
@@ -191,6 +215,20 @@ class ConfigWriter:
        self._temporary_macs.Reserve(mac, ec_id)
  
    @locking.ssynchronized(_config_lock, shared=1)
        self._temporary_macs.Reserve(mac, ec_id)
  
    @locking.ssynchronized(_config_lock, shared=1)
+  def ReserveLV(self, lv_name, ec_id):
+    """Reserve an VG/LV pair for an instance.
+
+    @type lv_name: string
+    @param lv_name: the logical volume name to reserve
+
+    """
+    all_lvs = self._AllLVs()
+    if lv_name in all_lvs:
+      raise errors.ReservationError("LV already in use")
+    else:
+      self._temporary_lvs.Reserve(lv_name, ec_id)
+
+  @locking.ssynchronized(_config_lock, shared=1)
    def GenerateDRBDSecret(self, ec_id):
      """Generate a DRBD secret.
  
    def GenerateDRBDSecret(self, ec_id):
      """Generate a DRBD secret.
  
@@ -329,24 +367,52 @@ class ConfigWriter:
          configuration errors
  
      """
          configuration errors
  
      """
+    # pylint: disable-msg=R0914
      result = []
      seen_macs = []
      ports = {}
      data = self._config_data
      result = []
      seen_macs = []
      ports = {}
      data = self._config_data
+    cluster = data.cluster
      seen_lids = []
      seen_pids = []
  
      # global cluster checks
      seen_lids = []
      seen_pids = []
  
      # global cluster checks
-    if not data.cluster.enabled_hypervisors:
+    if not cluster.enabled_hypervisors:
        result.append("enabled hypervisors list doesn't have any entries")
        result.append("enabled hypervisors list doesn't have any entries")
-    invalid_hvs = set(data.cluster.enabled_hypervisors) - constants.HYPER_TYPES
+    invalid_hvs = set(cluster.enabled_hypervisors) - constants.HYPER_TYPES
      if invalid_hvs:
        result.append("enabled hypervisors contains invalid entries: %s" %
                      invalid_hvs)
      if invalid_hvs:
        result.append("enabled hypervisors contains invalid entries: %s" %
                      invalid_hvs)
+    missing_hvp = (set(cluster.enabled_hypervisors) -
+                   set(cluster.hvparams.keys()))
+    if missing_hvp:
+      result.append("hypervisor parameters missing for the enabled"
+                    " hypervisor(s) %s" % utils.CommaJoin(missing_hvp))
  
  
-    if data.cluster.master_node not in data.nodes:
+    if cluster.master_node not in data.nodes:
        result.append("cluster has invalid primary node '%s'" %
        result.append("cluster has invalid primary node '%s'" %
-                    data.cluster.master_node)
+                    cluster.master_node)
+
+    def _helper(owner, attr, value, template):
+      try:
+        utils.ForceDictType(value, template)
+      except errors.GenericError, err:
+        result.append("%s has invalid %s: %s" % (owner, attr, err))
+
+    def _helper_nic(owner, params):
+      try:
+        objects.NIC.CheckParameterSyntax(params)
+      except errors.ConfigurationError, err:
+        result.append("%s has invalid nicparams: %s" % (owner, err))
+
+    # check cluster parameters
+    _helper("cluster", "beparams", cluster.SimpleFillBE({}),
+            constants.BES_PARAMETER_TYPES)
+    _helper("cluster", "nicparams", cluster.SimpleFillNIC({}),
+            constants.NICS_PARAMETER_TYPES)
+    _helper_nic("cluster", cluster.SimpleFillNIC({}))
+    _helper("cluster", "ndparams", cluster.SimpleFillND({}),
+            constants.NDS_PARAMETER_TYPES)
  
      # per-instance checks
      for instance_name in data.instances:
  
      # per-instance checks
      for instance_name in data.instances:
@@ -367,6 +433,17 @@ class ConfigWriter:
                          (instance_name, idx, nic.mac))
          else:
            seen_macs.append(nic.mac)
                          (instance_name, idx, nic.mac))
          else:
            seen_macs.append(nic.mac)
+        if nic.nicparams:
+          filled = cluster.SimpleFillNIC(nic.nicparams)
+          owner = "instance %s nic %d" % (instance.name, idx)
+          _helper(owner, "nicparams",
+                  filled, constants.NICS_PARAMETER_TYPES)
+          _helper_nic(owner, filled)
+
+      # parameter checks
+      if instance.beparams:
+        _helper("instance %s" % instance.name, "beparams",
+                cluster.FillBE(instance), constants.BES_PARAMETER_TYPES)
  
        # gather the drbd ports for duplicate checks
        for dsk in instance.disks:
  
        # gather the drbd ports for duplicate checks
        for dsk in instance.disks:
@@ -389,7 +466,7 @@ class ConfigWriter:
          result.extend(self._CheckDiskIDs(disk, seen_lids, seen_pids))
  
      # cluster-wide pool of free ports
          result.extend(self._CheckDiskIDs(disk, seen_lids, seen_pids))
  
      # cluster-wide pool of free ports
-    for free_port in data.cluster.tcpudp_port_pool:
+    for free_port in cluster.tcpudp_port_pool:
        if free_port not in ports:
          ports[free_port] = []
        ports[free_port].append(("cluster", "port marked as free"))
        if free_port not in ports:
          ports[free_port] = []
        ports[free_port].append(("cluster", "port marked as free"))
@@ -405,11 +482,11 @@ class ConfigWriter:
  
      # highest used tcp port check
      if keys:
  
      # highest used tcp port check
      if keys:
-      if keys[-1] > data.cluster.highest_used_port:
+      if keys[-1] > cluster.highest_used_port:
          result.append("Highest used port mismatch, saved %s, computed %s" %
          result.append("Highest used port mismatch, saved %s, computed %s" %
-                      (data.cluster.highest_used_port, keys[-1]))
+                      (cluster.highest_used_port, keys[-1]))
  
  
-    if not data.nodes[data.cluster.master_node].master_candidate:
+    if not data.nodes[cluster.master_node].master_candidate:
        result.append("Master node is not a master candidate")
  
      # master candidate checks
        result.append("Master node is not a master candidate")
  
      # master candidate checks
@@ -426,8 +503,35 @@ class ConfigWriter:
        if [node.master_candidate, node.drained, node.offline].count(True) > 1:
          result.append("Node %s state is invalid: master_candidate=%s,"
                        " drain=%s, offline=%s" %
        if [node.master_candidate, node.drained, node.offline].count(True) > 1:
          result.append("Node %s state is invalid: master_candidate=%s,"
                        " drain=%s, offline=%s" %
-                      (node.name, node.master_candidate, node.drain,
+                      (node.name, node.master_candidate, node.drained,
                         node.offline))
                         node.offline))
+      if node.group not in data.nodegroups:
+        result.append("Node '%s' has invalid group '%s'" %
+                      (node.name, node.group))
+      else:
+        _helper("node %s" % node.name, "ndparams",
+                cluster.FillND(node, data.nodegroups[node.group]),
+                constants.NDS_PARAMETER_TYPES)
+
+    # nodegroups checks
+    nodegroups_names = set()
+    for nodegroup_uuid in data.nodegroups:
+      nodegroup = data.nodegroups[nodegroup_uuid]
+      if nodegroup.uuid != nodegroup_uuid:
+        result.append("node group '%s' (uuid: '%s') indexed by wrong uuid '%s'"
+                      % (nodegroup.name, nodegroup.uuid, nodegroup_uuid))
+      if utils.UUID_RE.match(nodegroup.name.lower()):
+        result.append("node group '%s' (uuid: '%s') has uuid-like name" %
+                      (nodegroup.name, nodegroup.uuid))
+      if nodegroup.name in nodegroups_names:
+        result.append("duplicate node group name '%s'" % nodegroup.name)
+      else:
+        nodegroups_names.add(nodegroup.name)
+      if nodegroup.ndparams:
+        _helper("group %s" % nodegroup.name, "ndparams",
+                cluster.SimpleFillND(nodegroup.ndparams),
+                constants.NDS_PARAMETER_TYPES)
+
  
      # drbd minors check
      _, duplicates = self._UnlockedComputeDRBDMap()
  
      # drbd minors check
      _, duplicates = self._UnlockedComputeDRBDMap()
@@ -436,13 +540,13 @@ class ConfigWriter:
                      " %s and %s" % (minor, node, instance_a, instance_b))
  
      # IP checks
                      " %s and %s" % (minor, node, instance_a, instance_b))
  
      # IP checks
-    default_nicparams = data.cluster.nicparams[constants.PP_DEFAULT]
+    default_nicparams = cluster.nicparams[constants.PP_DEFAULT]
      ips = {}
  
      def _AddIpAddress(ip, name):
        ips.setdefault(ip, []).append(name)
  
      ips = {}
  
      def _AddIpAddress(ip, name):
        ips.setdefault(ip, []).append(name)
  
-    _AddIpAddress(data.cluster.master_ip, "cluster_ip")
+    _AddIpAddress(cluster.master_ip, "cluster_ip")
  
      for node in data.nodes.values():
        _AddIpAddress(node.primary_ip, "node:%s/primary" % node.name)
  
      for node in data.nodes.values():
        _AddIpAddress(node.primary_ip, "node:%s/primary" % node.name)
@@ -790,6 +894,169 @@ class ConfigWriter:
      """
      return self._config_data.cluster.rsahostkeypub
  
      """
      return self._config_data.cluster.rsahostkeypub
  
+  @locking.ssynchronized(_config_lock, shared=1)
+  def GetDefaultIAllocator(self):
+    """Get the default instance allocator for this cluster.
+
+    """
+    return self._config_data.cluster.default_iallocator
+
+  @locking.ssynchronized(_config_lock, shared=1)
+  def GetPrimaryIPFamily(self):
+    """Get cluster primary ip family.
+
+    @return: primary ip family
+
+    """
+    return self._config_data.cluster.primary_ip_family
+
+  @locking.ssynchronized(_config_lock)
+  def AddNodeGroup(self, group, ec_id, check_uuid=True):
+    """Add a node group to the configuration.
+
+    This method calls group.UpgradeConfig() to fill any missing attributes
+    according to their default values.
+
+    @type group: L{objects.NodeGroup}
+    @param group: the NodeGroup object to add
+    @type ec_id: string
+    @param ec_id: unique id for the job to use when creating a missing UUID
+    @type check_uuid: bool
+    @param check_uuid: add an UUID to the group if it doesn't have one or, if
+                       it does, ensure that it does not exist in the
+                       configuration already
+
+    """
+    self._UnlockedAddNodeGroup(group, ec_id, check_uuid)
+    self._WriteConfig()
+
+  def _UnlockedAddNodeGroup(self, group, ec_id, check_uuid):
+    """Add a node group to the configuration.
+
+    """
+    logging.info("Adding node group %s to configuration", group.name)
+
+    # Some code might need to add a node group with a pre-populated UUID
+    # generated with ConfigWriter.GenerateUniqueID(). We allow them to bypass
+    # the "does this UUID" exist already check.
+    if check_uuid:
+      self._EnsureUUID(group, ec_id)
+
+    try:
+      existing_uuid = self._UnlockedLookupNodeGroup(group.name)
+    except errors.OpPrereqError:
+      pass
+    else:
+      raise errors.OpPrereqError("Desired group name '%s' already exists as a"
+                                 " node group (UUID: %s)" %
+                                 (group.name, existing_uuid),
+                                 errors.ECODE_EXISTS)
+
+    group.serial_no = 1
+    group.ctime = group.mtime = time.time()
+    group.UpgradeConfig()
+
+    self._config_data.nodegroups[group.uuid] = group
+    self._config_data.cluster.serial_no += 1
+
+  @locking.ssynchronized(_config_lock)
+  def RemoveNodeGroup(self, group_uuid):
+    """Remove a node group from the configuration.
+
+    @type group_uuid: string
+    @param group_uuid: the UUID of the node group to remove
+
+    """
+    logging.info("Removing node group %s from configuration", group_uuid)
+
+    if group_uuid not in self._config_data.nodegroups:
+      raise errors.ConfigurationError("Unknown node group '%s'" % group_uuid)
+
+    assert len(self._config_data.nodegroups) != 1, \
+            "Group '%s' is the only group, cannot be removed" % group_uuid
+
+    del self._config_data.nodegroups[group_uuid]
+    self._config_data.cluster.serial_no += 1
+    self._WriteConfig()
+
+  def _UnlockedLookupNodeGroup(self, target):
+    """Lookup a node group's UUID.
+
+    @type target: string or None
+    @param target: group name or UUID or None to look for the default
+    @rtype: string
+    @return: nodegroup UUID
+    @raises errors.OpPrereqError: when the target group cannot be found
+
+    """
+    if target is None:
+      if len(self._config_data.nodegroups) != 1:
+        raise errors.OpPrereqError("More than one node group exists. Target"
+                                   " group must be specified explicitely.")
+      else:
+        return self._config_data.nodegroups.keys()[0]
+    if target in self._config_data.nodegroups:
+      return target
+    for nodegroup in self._config_data.nodegroups.values():
+      if nodegroup.name == target:
+        return nodegroup.uuid
+    raise errors.OpPrereqError("Node group '%s' not found" % target,
+                               errors.ECODE_NOENT)
+
+  @locking.ssynchronized(_config_lock, shared=1)
+  def LookupNodeGroup(self, target):
+    """Lookup a node group's UUID.
+
+    This function is just a wrapper over L{_UnlockedLookupNodeGroup}.
+
+    @type target: string or None
+    @param target: group name or UUID or None to look for the default
+    @rtype: string
+    @return: nodegroup UUID
+
+    """
+    return self._UnlockedLookupNodeGroup(target)
+
+  def _UnlockedGetNodeGroup(self, uuid):
+    """Lookup a node group.
+
+    @type uuid: string
+    @param uuid: group UUID
+    @rtype: L{objects.NodeGroup} or None
+    @return: nodegroup object, or None if not found
+
+    """
+    if uuid not in self._config_data.nodegroups:
+      return None
+
+    return self._config_data.nodegroups[uuid]
+
+  @locking.ssynchronized(_config_lock, shared=1)
+  def GetNodeGroup(self, uuid):
+    """Lookup a node group.
+
+    @type uuid: string
+    @param uuid: group UUID
+    @rtype: L{objects.NodeGroup} or None
+    @return: nodegroup object, or None if not found
+
+    """
+    return self._UnlockedGetNodeGroup(uuid)
+
+  @locking.ssynchronized(_config_lock, shared=1)
+  def GetAllNodeGroupsInfo(self):
+    """Get the configuration of all node groups.
+
+    """
+    return dict(self._config_data.nodegroups)
+
+  @locking.ssynchronized(_config_lock, shared=1)
+  def GetNodeGroupList(self):
+    """Get a list of node groups.
+
+    """
+    return self._config_data.nodegroups.keys()
+
    @locking.ssynchronized(_config_lock)
    def AddInstance(self, instance, ec_id):
      """Add an instance to the config.
    @locking.ssynchronized(_config_lock)
    def AddInstance(self, instance, ec_id):
      """Add an instance to the config.
@@ -890,10 +1157,14 @@ class ConfigWriter:
        if disk.dev_type == constants.LD_FILE:
          # rename the file paths in logical and physical id
          file_storage_dir = os.path.dirname(os.path.dirname(disk.logical_id[1]))
        if disk.dev_type == constants.LD_FILE:
          # rename the file paths in logical and physical id
          file_storage_dir = os.path.dirname(os.path.dirname(disk.logical_id[1]))
+        disk_fname = "disk%s" % disk.iv_name.split("/")[1]
          disk.physical_id = disk.logical_id = (disk.logical_id[0],
                                                utils.PathJoin(file_storage_dir,
                                                               inst.name,
          disk.physical_id = disk.logical_id = (disk.logical_id[0],
                                                utils.PathJoin(file_storage_dir,
                                                               inst.name,
-                                                             disk.iv_name))
+                                                             disk_fname))
+
+    # Force update of ssconf files
+    self._config_data.cluster.serial_no += 1
  
      self._config_data.instances[inst.name] = inst
      self._WriteConfig()
  
      self._config_data.instances[inst.name] = inst
      self._WriteConfig()
@@ -986,6 +1257,7 @@ class ConfigWriter:
  
      node.serial_no = 1
      node.ctime = node.mtime = time.time()
  
      node.serial_no = 1
      node.ctime = node.mtime = time.time()
+    self._UnlockedAddNodeToGroup(node.name, node.group)
      self._config_data.nodes[node.name] = node
      self._config_data.cluster.serial_no += 1
      self._WriteConfig()
      self._config_data.nodes[node.name] = node
      self._config_data.cluster.serial_no += 1
      self._WriteConfig()
@@ -1000,6 +1272,7 @@ class ConfigWriter:
      if node_name not in self._config_data.nodes:
        raise errors.ConfigurationError("Unknown node '%s'" % node_name)
  
      if node_name not in self._config_data.nodes:
        raise errors.ConfigurationError("Unknown node '%s'" % node_name)
  
+    self._UnlockedRemoveNodeFromGroup(self._config_data.nodes[node_name])
      del self._config_data.nodes[node_name]
      self._config_data.cluster.serial_no += 1
      self._WriteConfig()
      del self._config_data.nodes[node_name]
      self._config_data.cluster.serial_no += 1
      self._WriteConfig()
@@ -1044,6 +1317,25 @@ class ConfigWriter:
      """
      return self._UnlockedGetNodeInfo(node_name)
  
      """
      return self._UnlockedGetNodeInfo(node_name)
  
+  @locking.ssynchronized(_config_lock, shared=1)
+  def GetNodeInstances(self, node_name):
+    """Get the instances of a node, as stored in the config.
+
+    @param node_name: the node name, e.g. I{node1.example.com}
+
+    @rtype: (list, list)
+    @return: a tuple with two lists: the primary and the secondary instances
+
+    """
+    pri = []
+    sec = []
+    for inst in self._config_data.instances.values():
+      if inst.primary_node == node_name:
+        pri.append(inst.name)
+      if node_name in inst.secondary_nodes:
+        sec.append(inst.name)
+    return (pri, sec)
+
    def _UnlockedGetNodeList(self):
      """Return the list of nodes which are in the configuration.
  
    def _UnlockedGetNodeList(self):
      """Return the list of nodes which are in the configuration.
  
@@ -1078,6 +1370,24 @@ class ConfigWriter:
      return self._UnlockedGetOnlineNodeList()
  
    @locking.ssynchronized(_config_lock, shared=1)
      return self._UnlockedGetOnlineNodeList()
  
    @locking.ssynchronized(_config_lock, shared=1)
+  def GetVmCapableNodeList(self):
+    """Return the list of nodes which are not vm capable.
+
+    """
+    all_nodes = [self._UnlockedGetNodeInfo(node)
+                 for node in self._UnlockedGetNodeList()]
+    return [node.name for node in all_nodes if node.vm_capable]
+
+  @locking.ssynchronized(_config_lock, shared=1)
+  def GetNonVmCapableNodeList(self):
+    """Return the list of nodes which are not vm capable.
+
+    """
+    all_nodes = [self._UnlockedGetNodeInfo(node)
+                 for node in self._UnlockedGetNodeList()]
+    return [node.name for node in all_nodes if not node.vm_capable]
+
+  @locking.ssynchronized(_config_lock, shared=1)
    def GetAllNodesInfo(self):
      """Get the configuration of all nodes.
  
    def GetAllNodesInfo(self):
      """Get the configuration of all nodes.
  
@@ -1090,6 +1400,17 @@ class ConfigWriter:
                      for node in self._UnlockedGetNodeList()])
      return my_dict
  
                      for node in self._UnlockedGetNodeList()])
      return my_dict
  
+  @locking.ssynchronized(_config_lock, shared=1)
+  def GetNodeGroupsFromNodes(self, nodes):
+    """Returns groups for a list of nodes.
+
+    @type nodes: list of string
+    @param nodes: List of node names
+    @rtype: frozenset
+
+    """
+    return frozenset(self._UnlockedGetNodeInfo(name).group for name in nodes)
+
    def _UnlockedGetMasterCandidateStats(self, exceptions=None):
      """Get the number of current and maximum desired and possible candidates.
  
    def _UnlockedGetMasterCandidateStats(self, exceptions=None):
      """Get the number of current and maximum desired and possible candidates.
  
@@ -1103,7 +1424,7 @@ class ConfigWriter:
      for node in self._config_data.nodes.values():
        if exceptions and node.name in exceptions:
          continue
      for node in self._config_data.nodes.values():
        if exceptions and node.name in exceptions:
          continue
-      if not (node.offline or node.drained):
+      if not (node.offline or node.drained) and node.master_capable:
          mc_max += 1
        if node.master_candidate:
          mc_now += 1
          mc_max += 1
        if node.master_candidate:
          mc_now += 1
@@ -1144,7 +1465,7 @@ class ConfigWriter:
            break
          node = self._config_data.nodes[name]
          if (node.master_candidate or node.offline or node.drained or
            break
          node = self._config_data.nodes[name]
          if (node.master_candidate or node.offline or node.drained or
-            node.name in exceptions):
+            node.name in exceptions or not node.master_capable):
            continue
          mod_list.append(node)
          node.master_candidate = True
            continue
          mod_list.append(node)
          node.master_candidate = True
@@ -1160,6 +1481,34 @@ class ConfigWriter:
  
      return mod_list
  
  
      return mod_list
  
+  def _UnlockedAddNodeToGroup(self, node_name, nodegroup_uuid):
+    """Add a given node to the specified group.
+
+    """
+    if nodegroup_uuid not in self._config_data.nodegroups:
+      # This can happen if a node group gets deleted between its lookup and
+      # when we're adding the first node to it, since we don't keep a lock in
+      # the meantime. It's ok though, as we'll fail cleanly if the node group
+      # is not found anymore.
+      raise errors.OpExecError("Unknown node group: %s" % nodegroup_uuid)
+    if node_name not in self._config_data.nodegroups[nodegroup_uuid].members:
+      self._config_data.nodegroups[nodegroup_uuid].members.append(node_name)
+
+  def _UnlockedRemoveNodeFromGroup(self, node):
+    """Remove a given node from its group.
+
+    """
+    nodegroup = node.group
+    if nodegroup not in self._config_data.nodegroups:
+      logging.warning("Warning: node '%s' has unknown node group '%s'"
+                      " (while being removed from it)", node.name, nodegroup)
+    nodegroup_obj = self._config_data.nodegroups[nodegroup]
+    if node.name not in nodegroup_obj.members:
+      logging.warning("Warning: node '%s' not a member of its node group '%s'"
+                      " (while being removed from it)", node.name, nodegroup)
+    else:
+      nodegroup_obj.members.remove(node.name)
+
    def _BumpSerialNo(self):
      """Bump up the serial number of the config.
  
    def _BumpSerialNo(self):
      """Bump up the serial number of the config.
  
@@ -1173,9 +1522,10 @@ class ConfigWriter:
      """
      return (self._config_data.instances.values() +
              self._config_data.nodes.values() +
      """
      return (self._config_data.instances.values() +
              self._config_data.nodes.values() +
+            self._config_data.nodegroups.values() +
              [self._config_data.cluster])
  
              [self._config_data.cluster])
  
-  def _OpenConfig(self):
+  def _OpenConfig(self, accept_foreign):
      """Read the config data from disk.
  
      """
      """Read the config data from disk.
  
      """
@@ -1194,6 +1544,13 @@ class ConfigWriter:
        raise errors.ConfigurationError("Incomplete configuration"
                                        " (missing cluster.rsahostkeypub)")
  
        raise errors.ConfigurationError("Incomplete configuration"
                                        " (missing cluster.rsahostkeypub)")
  
+    if data.cluster.master_node != self._my_hostname and not accept_foreign:
+      msg = ("The configuration denotes node %s as master, while my"
+             " hostname is %s; opening a foreign configuration is only"
+             " possible in accept_foreign mode" %
+             (data.cluster.master_node, self._my_hostname))
+      raise errors.ConfigurationError(msg)
+
      # Upgrade configuration if needed
      data.UpgradeConfig()
  
      # Upgrade configuration if needed
      data.UpgradeConfig()
  
@@ -1205,15 +1562,19 @@ class ConfigWriter:
      # And finally run our (custom) config upgrade sequence
      self._UpgradeConfig()
  
      # And finally run our (custom) config upgrade sequence
      self._UpgradeConfig()
  
+    self._cfg_id = utils.GetFileID(path=self._cfg_file)
+
    def _UpgradeConfig(self):
      """Run upgrade steps that cannot be done purely in the objects.
  
      This is because some data elements need uniqueness across the
      whole configuration, etc.
  
    def _UpgradeConfig(self):
      """Run upgrade steps that cannot be done purely in the objects.
  
      This is because some data elements need uniqueness across the
      whole configuration, etc.
  
-    @warning: this function will call L{_WriteConfig()}, so it needs
-        to either be called with the lock held or from a safe place
-        (the constructor)
+    @warning: this function will call L{_WriteConfig()}, but also
+        L{DropECReservations} so it needs to be called only from a
+        "safe" place (the constructor). If one wanted to call it with
+        the lock held, a DropECReservationUnlocked would need to be
+        created first, to avoid causing deadlock.
  
      """
      modified = False
  
      """
      modified = False
@@ -1221,6 +1582,21 @@ class ConfigWriter:
        if item.uuid is None:
          item.uuid = self._GenerateUniqueID(_UPGRADE_CONFIG_JID)
          modified = True
        if item.uuid is None:
          item.uuid = self._GenerateUniqueID(_UPGRADE_CONFIG_JID)
          modified = True
+    if not self._config_data.nodegroups:
+      default_nodegroup_name = constants.INITIAL_NODE_GROUP_NAME
+      default_nodegroup = objects.NodeGroup(name=default_nodegroup_name,
+                                            members=[])
+      self._UnlockedAddNodeGroup(default_nodegroup, _UPGRADE_CONFIG_JID, True)
+      modified = True
+    for node in self._config_data.nodes.values():
+      if not node.group:
+        node.group = self.LookupNodeGroup(None)
+        modified = True
+      # This is technically *not* an upgrade, but needs to be done both when
+      # nodegroups are being added, and upon normally loading the config,
+      # because the members list of a node group is discarded upon
+      # serializing/deserializing the object.
+      self._UnlockedAddNodeToGroup(node.name, node.group)
      if modified:
        self._WriteConfig()
        # This is ok even if it acquires the internal lock, as _UpgradeConfig is
      if modified:
        self._WriteConfig()
        # This is ok even if it acquires the internal lock, as _UpgradeConfig is
@@ -1294,7 +1670,18 @@ class ConfigWriter:
      self._BumpSerialNo()
      txt = serializer.Dump(self._config_data.ToDict())
  
      self._BumpSerialNo()
      txt = serializer.Dump(self._config_data.ToDict())
  
-    utils.WriteFile(destination, data=txt)
+    getents = self._getents()
+    try:
+      fd = utils.SafeWriteFile(destination, self._cfg_id, data=txt,
+                               close=False, gid=getents.confd_gid, mode=0640)
+    except errors.LockError:
+      raise errors.ConfigurationError("The configuration file has been"
+                                      " modified since the last write, cannot"
+                                      " update")
+    try:
+      self._cfg_id = utils.GetFileID(fd=fd)
+    finally:
+      os.close(fd)
  
      self.write_count += 1
  
  
      self.write_count += 1
  
@@ -1349,6 +1736,15 @@ class ConfigWriter:
  
      cluster = self._config_data.cluster
      cluster_tags = fn(cluster.GetTags())
  
      cluster = self._config_data.cluster
      cluster_tags = fn(cluster.GetTags())
+
+    hypervisor_list = fn(cluster.enabled_hypervisors)
+
+    uid_pool = uidpool.FormatUidPool(cluster.uid_pool, separator="\n")
+
+    nodegroups = ["%s %s" % (nodegroup.uuid, nodegroup.name) for nodegroup in
+                  self._config_data.nodegroups.values()]
+    nodegroups_data = fn(utils.NiceSort(nodegroups))
+
      return {
        constants.SS_CLUSTER_NAME: cluster.cluster_name,
        constants.SS_CLUSTER_TAGS: cluster_tags,
      return {
        constants.SS_CLUSTER_NAME: cluster.cluster_name,
        constants.SS_CLUSTER_TAGS: cluster_tags,
@@ -1363,11 +1759,23 @@ class ConfigWriter:
        constants.SS_NODE_SECONDARY_IPS: node_snd_ips_data,
        constants.SS_OFFLINE_NODES: off_data,
        constants.SS_ONLINE_NODES: on_data,
        constants.SS_NODE_SECONDARY_IPS: node_snd_ips_data,
        constants.SS_OFFLINE_NODES: off_data,
        constants.SS_ONLINE_NODES: on_data,
+      constants.SS_PRIMARY_IP_FAMILY: str(cluster.primary_ip_family),
        constants.SS_INSTANCE_LIST: instance_data,
        constants.SS_RELEASE_VERSION: constants.RELEASE_VERSION,
        constants.SS_INSTANCE_LIST: instance_data,
        constants.SS_RELEASE_VERSION: constants.RELEASE_VERSION,
+      constants.SS_HYPERVISOR_LIST: hypervisor_list,
+      constants.SS_MAINTAIN_NODE_HEALTH: str(cluster.maintain_node_health),
+      constants.SS_UID_POOL: uid_pool,
+      constants.SS_NODEGROUPS: nodegroups_data,
        }
  
    @locking.ssynchronized(_config_lock, shared=1)
        }
  
    @locking.ssynchronized(_config_lock, shared=1)
+  def GetSsconfValues(self):
+    """Wrapper using lock around _UnlockedGetSsconf().
+
+    """
+    return self._UnlockedGetSsconfValues()
+
+  @locking.ssynchronized(_config_lock, shared=1)
    def GetVGName(self):
      """Return the volume group name.
  
    def GetVGName(self):
      """Return the volume group name.
  
@@ -1384,6 +1792,22 @@ class ConfigWriter:
      self._WriteConfig()
  
    @locking.ssynchronized(_config_lock, shared=1)
      self._WriteConfig()
  
    @locking.ssynchronized(_config_lock, shared=1)
+  def GetDRBDHelper(self):
+    """Return DRBD usermode helper.
+
+    """
+    return self._config_data.cluster.drbd_usermode_helper
+
+  @locking.ssynchronized(_config_lock)
+  def SetDRBDHelper(self, drbd_helper):
+    """Set DRBD usermode helper.
+
+    """
+    self._config_data.cluster.drbd_usermode_helper = drbd_helper
+    self._config_data.cluster.serial_no += 1
+    self._WriteConfig()
+
+  @locking.ssynchronized(_config_lock, shared=1)
    def GetMACPrefix(self):
      """Return the mac prefix.
  
    def GetMACPrefix(self):
      """Return the mac prefix.
  
@@ -1400,6 +1824,13 @@ class ConfigWriter:
      """
      return self._config_data.cluster
  
      """
      return self._config_data.cluster
  
+  @locking.ssynchronized(_config_lock, shared=1)
+  def HasAnyDiskOfType(self, dev_type):
+    """Check if in there is at disk of the given type in the configuration.
+
+    """
+    return self._config_data.HasAnyDiskOfType(dev_type)
+
    @locking.ssynchronized(_config_lock)
    def Update(self, target, feedback_fn):
      """Notify function to be called after updates.
    @locking.ssynchronized(_config_lock)
    def Update(self, target, feedback_fn):
      """Notify function to be called after updates.
@@ -1427,6 +1858,8 @@ class ConfigWriter:
        update_serial = True
      elif isinstance(target, objects.Instance):
        test = target in self._config_data.instances.values()
        update_serial = True
      elif isinstance(target, objects.Instance):
        test = target in self._config_data.instances.values()
+    elif isinstance(target, objects.NodeGroup):
+      test = target in self._config_data.nodegroups.values()
      else:
        raise errors.ProgrammerError("Invalid object type (%s) passed to"
                                     " ConfigWriter.Update" % type(target))
      else:
        raise errors.ProgrammerError("Invalid object type (%s) passed to"
                                     " ConfigWriter.Update" % type(target))
@@ -1451,6 +1884,5 @@ class ConfigWriter:
      """Drop per-execution-context reservations
  
      """
      """Drop per-execution-context reservations
  
      """
-    self._temporary_ids.DropECReservations(ec_id)
-    self._temporary_macs.DropECReservations(ec_id)
-    self._temporary_secrets.DropECReservations(ec_id)
+    for rm in self._all_rms:
+      rm.DropECReservations(ec_id)