from ganeti import serializer
from ganeti import netutils
from ganeti import runtime
+from ganeti import mcpu
+from ganeti import compat
_BOOT_ID_PATH = "/proc/sys/kernel/random/boot_id"
constants.SSH_KNOWN_HOSTS_FILE,
constants.VNC_PASSWORD_FILE,
constants.RAPI_CERT_FILE,
+ constants.SPICE_CERT_FILE,
+ constants.SPICE_CACERT_FILE,
constants.RAPI_USERS_FILE,
constants.CONFD_HMAC_KEY,
constants.CLUSTER_DOMAIN_SECRET_FILE,
for hv_name in constants.HYPER_TYPES:
hv_class = hypervisor.GetHypervisorClass(hv_name)
- allowed_files.update(hv_class.GetAncillaryFiles())
+ allowed_files.update(hv_class.GetAncillaryFiles()[0])
return frozenset(allowed_files)
for consumption here or from the node daemon.
@rtype: tuple
- @return: master_netdev, master_ip, master_name, primary_ip_family
+ @return: master_netdev, master_ip, master_name, primary_ip_family,
+ master_netmask
@raise RPCFail: in case of errors
"""
cfg = _GetConfig()
master_netdev = cfg.GetMasterNetdev()
master_ip = cfg.GetMasterIP()
+ master_netmask = cfg.GetMasterNetmask()
master_node = cfg.GetMasterNode()
primary_ip_family = cfg.GetPrimaryIPFamily()
except errors.ConfigurationError, err:
_Fail("Cluster configuration incomplete: %s", err, exc=True)
- return (master_netdev, master_ip, master_node, primary_ip_family)
+ return (master_netdev, master_ip, master_node, primary_ip_family,
+ master_netmask)
-def StartMaster(start_daemons, no_voting):
- """Activate local node as master node.
+def RunLocalHooks(hook_opcode, hooks_path, env_builder_fn):
+ """Decorator that runs hooks before and after the decorated function.
- The function will either try activate the IP address of the master
- (unless someone else has it) or also start the master daemons, based
- on the start_daemons parameter.
+ @type hook_opcode: string
+ @param hook_opcode: opcode of the hook
+ @type hooks_path: string
+ @param hooks_path: path of the hooks
+ @type env_builder_fn: function
+ @param env_builder_fn: function that returns a dictionary containing the
+ environment variables for the hooks. Will get all the parameters of the
+ decorated function.
+ @raise RPCFail: in case of pre-hook failure
- @type start_daemons: boolean
- @param start_daemons: whether to start the master daemons
- (ganeti-masterd and ganeti-rapi), or (if false) activate the
- master ip
- @type no_voting: boolean
- @param no_voting: whether to start ganeti-masterd without a node vote
- (if start_daemons is True), but still non-interactively
- @rtype: None
+ """
+ def decorator(fn):
+ def wrapper(*args, **kwargs):
+ _, myself = ssconf.GetMasterAndMyself()
+ nodes = ([myself], [myself]) # these hooks run locally
+
+ env_fn = compat.partial(env_builder_fn, *args, **kwargs)
+
+ cfg = _GetConfig()
+ hr = HooksRunner()
+ hm = mcpu.HooksMaster(hook_opcode, hooks_path, nodes, hr.RunLocalHooks,
+ None, env_fn, logging.warning, cfg.GetClusterName(),
+ cfg.GetMasterNode())
+
+ hm.RunPhase(constants.HOOKS_PHASE_PRE)
+ result = fn(*args, **kwargs)
+ hm.RunPhase(constants.HOOKS_PHASE_POST)
+
+ return result
+ return wrapper
+ return decorator
+
+
+def _BuildMasterIpEnv(master_params, use_external_mip_script=None):
+ """Builds environment variables for master IP hooks.
+
+ @type master_params: L{objects.MasterNetworkParameters}
+ @param master_params: network parameters of the master
+ @type use_external_mip_script: boolean
+ @param use_external_mip_script: whether to use an external master IP
+ address setup script (unused, but necessary per the implementation of the
+ _RunLocalHooks decorator)
"""
- # GetMasterInfo will raise an exception if not able to return data
- master_netdev, master_ip, _, family = GetMasterInfo()
+ # pylint: disable=W0613
+ ver = netutils.IPAddress.GetVersionFromAddressFamily(master_params.ip_family)
+ env = {
+ "MASTER_NETDEV": master_params.netdev,
+ "MASTER_IP": master_params.ip,
+ "MASTER_NETMASK": master_params.netmask,
+ "CLUSTER_IP_VERSION": str(ver),
+ }
- err_msgs = []
- # either start the master and rapi daemons
- if start_daemons:
- if no_voting:
- masterd_args = "--no-voting --yes-do-it"
- else:
- masterd_args = ""
+ return env
- env = {
- "EXTRA_MASTERD_ARGS": masterd_args,
- }
- result = utils.RunCmd([constants.DAEMON_UTIL, "start-master"], env=env)
- if result.failed:
- msg = "Can't start Ganeti master: %s" % result.output
- logging.error(msg)
- err_msgs.append(msg)
- # or activate the IP
- else:
- if netutils.TcpPing(master_ip, constants.DEFAULT_NODED_PORT):
- if netutils.IPAddress.Own(master_ip):
- # we already have the ip:
- logging.debug("Master IP already configured, doing nothing")
- else:
- msg = "Someone else has the master ip, not activating"
- logging.error(msg)
- err_msgs.append(msg)
+@RunLocalHooks(constants.FAKE_OP_MASTER_TURNUP, "master-ip-turnup",
+ _BuildMasterIpEnv)
+def ActivateMasterIp(master_params, use_external_mip_script):
+ """Activate the IP address of the master daemon.
+
+ @type master_params: L{objects.MasterNetworkParameters}
+ @param master_params: network parameters of the master
+ @type use_external_mip_script: boolean
+ @param use_external_mip_script: whether to use an external master IP
+ address setup script
+
+ """
+ # pylint: disable=W0613
+ err_msg = None
+ if netutils.TcpPing(master_params.ip, constants.DEFAULT_NODED_PORT):
+ if netutils.IPAddress.Own(master_params.ip):
+ # we already have the ip:
+ logging.debug("Master IP already configured, doing nothing")
else:
- ipcls = netutils.IP4Address
- if family == netutils.IP6Address.family:
- ipcls = netutils.IP6Address
-
- result = utils.RunCmd([constants.IP_COMMAND_PATH, "address", "add",
- "%s/%d" % (master_ip, ipcls.iplen),
- "dev", master_netdev, "label",
- "%s:0" % master_netdev])
- if result.failed:
- msg = "Can't activate master IP: %s" % result.output
- logging.error(msg)
- err_msgs.append(msg)
+ err_msg = "Someone else has the master ip, not activating"
+ logging.error(err_msg)
+ else:
+ ipcls = netutils.IPAddress.GetClassFromIpFamily(master_params.ip_family)
+ result = utils.RunCmd([constants.IP_COMMAND_PATH, "address", "add",
+ "%s/%s" % (master_params.ip, master_params.netmask),
+ "dev", master_params.netdev, "label",
+ "%s:0" % master_params.netdev])
+ if result.failed:
+ err_msg = "Can't activate master IP: %s" % result.output
+ logging.error(err_msg)
+
+ else:
# we ignore the exit code of the following cmds
if ipcls == netutils.IP4Address:
- utils.RunCmd(["arping", "-q", "-U", "-c 3", "-I", master_netdev, "-s",
- master_ip, master_ip])
+ utils.RunCmd(["arping", "-q", "-U", "-c 3", "-I", master_params.netdev,
+ "-s", master_params.ip, master_params.ip])
elif ipcls == netutils.IP6Address:
try:
- utils.RunCmd(["ndisc6", "-q", "-r 3", master_ip, master_netdev])
+ utils.RunCmd(["ndisc6", "-q", "-r 3", master_params.ip,
+ master_params.netdev])
except errors.OpExecError:
# TODO: Better error reporting
logging.warning("Can't execute ndisc6, please install if missing")
- if err_msgs:
- _Fail("; ".join(err_msgs))
+ if err_msg:
+ _Fail(err_msg)
-def StopMaster(stop_daemons):
- """Deactivate this node as master.
+def StartMasterDaemons(no_voting):
+ """Activate local node as master node.
- The function will always try to deactivate the IP address of the
- master. It will also stop the master daemons depending on the
- stop_daemons parameter.
+ The function will start the master daemons (ganeti-masterd and ganeti-rapi).
- @type stop_daemons: boolean
- @param stop_daemons: whether to also stop the master daemons
- (ganeti-masterd and ganeti-rapi)
+ @type no_voting: boolean
+ @param no_voting: whether to start ganeti-masterd without a node vote
+ but still non-interactively
@rtype: None
"""
- # TODO: log and report back to the caller the error failures; we
- # need to decide in which case we fail the RPC for this
- # GetMasterInfo will raise an exception if not able to return data
- master_netdev, master_ip, _, family = GetMasterInfo()
+ if no_voting:
+ masterd_args = "--no-voting --yes-do-it"
+ else:
+ masterd_args = ""
+
+ env = {
+ "EXTRA_MASTERD_ARGS": masterd_args,
+ }
+
+ result = utils.RunCmd([constants.DAEMON_UTIL, "start-master"], env=env)
+ if result.failed:
+ msg = "Can't start Ganeti master: %s" % result.output
+ logging.error(msg)
+ _Fail(msg)
+
- ipcls = netutils.IP4Address
- if family == netutils.IP6Address.family:
- ipcls = netutils.IP6Address
+@RunLocalHooks(constants.FAKE_OP_MASTER_TURNDOWN, "master-ip-turndown",
+ _BuildMasterIpEnv)
+def DeactivateMasterIp(master_params, use_external_mip_script):
+ """Deactivate the master IP on this node.
+
+ @type master_params: L{objects.MasterNetworkParameters}
+ @param master_params: network parameters of the master
+ @type use_external_mip_script: boolean
+ @param use_external_mip_script: whether to use an external master IP
+ address setup script
+
+ """
+ # pylint: disable=W0613
+ # TODO: log and report back to the caller the error failures; we
+ # need to decide in which case we fail the RPC for this
result = utils.RunCmd([constants.IP_COMMAND_PATH, "address", "del",
- "%s/%d" % (master_ip, ipcls.iplen),
- "dev", master_netdev])
+ "%s/%s" % (master_params.ip, master_params.netmask),
+ "dev", master_params.netdev])
if result.failed:
logging.error("Can't remove the master IP, error: %s", result.output)
# but otherwise ignore the failure
- if stop_daemons:
- result = utils.RunCmd([constants.DAEMON_UTIL, "stop-master"])
- if result.failed:
- logging.error("Could not stop Ganeti master, command %s had exitcode %s"
- " and error %s",
- result.cmd, result.exit_code, result.output)
+
+def StopMasterDaemons():
+ """Stop the master daemons on this node.
+
+ Stop the master daemons (ganeti-masterd and ganeti-rapi) on this node.
+
+ @rtype: None
+
+ """
+ # TODO: log and report back to the caller the error failures; we
+ # need to decide in which case we fail the RPC for this
+
+ result = utils.RunCmd([constants.DAEMON_UTIL, "stop-master"])
+ if result.failed:
+ logging.error("Could not stop Ganeti master, command %s had exitcode %s"
+ " and error %s",
+ result.cmd, result.exit_code, result.output)
+
+
+def ChangeMasterNetmask(old_netmask, netmask, master_ip, master_netdev):
+ """Change the netmask of the master IP.
+
+ @param old_netmask: the old value of the netmask
+ @param netmask: the new value of the netmask
+ @param master_ip: the master IP
+ @param master_netdev: the master network device
+
+ """
+ if old_netmask == netmask:
+ return
+
+ if not netutils.IPAddress.Own(master_ip):
+ _Fail("The master IP address is not up, not attempting to change its"
+ " netmask")
+
+ result = utils.RunCmd([constants.IP_COMMAND_PATH, "address", "add",
+ "%s/%s" % (master_ip, netmask),
+ "dev", master_netdev, "label",
+ "%s:0" % master_netdev])
+ if result.failed:
+ _Fail("Could not set the new netmask on the master IP address")
+
+ result = utils.RunCmd([constants.IP_COMMAND_PATH, "address", "del",
+ "%s/%s" % (master_ip, old_netmask),
+ "dev", master_netdev, "label",
+ "%s:0" % master_netdev])
+ if result.failed:
+ _Fail("Could not bring down the master IP address with the old netmask")
def EtcHostsModify(mode, host, ip):
try:
utils.RemoveFile(constants.CONFD_HMAC_KEY)
utils.RemoveFile(constants.RAPI_CERT_FILE)
+ utils.RemoveFile(constants.SPICE_CERT_FILE)
+ utils.RemoveFile(constants.SPICE_CACERT_FILE)
utils.RemoveFile(constants.NODED_CERT_FILE)
except: # pylint: disable=W0702
logging.exception("Error while removing cluster secrets")
- memory_dom0 is the memory allocated for domain0 in MiB
- memory_free is the currently available (free) ram in MiB
- memory_total is the total number of ram in MiB
+ - hv_version: the hypervisor version, if available
"""
outputarray = {}
what[constants.NV_FILELIST])
if constants.NV_NODELIST in what:
- result[constants.NV_NODELIST] = tmp = {}
- random.shuffle(what[constants.NV_NODELIST])
- for node in what[constants.NV_NODELIST]:
+ (nodes, bynode) = what[constants.NV_NODELIST]
+
+ # Add nodes from other groups (different for each node)
+ try:
+ nodes.extend(bynode[my_name])
+ except KeyError:
+ pass
+
+ # Use a random order
+ random.shuffle(nodes)
+
+ # Try to contact all nodes
+ val = {}
+ for node in nodes:
success, message = _GetSshRunner(cluster_name).VerifyNodeHostname(node)
if not success:
- tmp[node] = message
+ val[node] = message
+
+ result[constants.NV_NODELIST] = val
if constants.NV_NODENETTEST in what:
result[constants.NV_NODENETTEST] = tmp = {}
result[constants.NV_MASTERIP] = netutils.TcpPing(master_ip, port,
source=source)
+ if constants.NV_USERSCRIPTS in what:
+ result[constants.NV_USERSCRIPTS] = \
+ [script for script in what[constants.NV_USERSCRIPTS]
+ if not (os.path.exists(script) and os.access(script, os.X_OK))]
+
if constants.NV_OOB_PATHS in what:
result[constants.NV_OOB_PATHS] = tmp = []
for path in what[constants.NV_OOB_PATHS]:
blockdevs = {}
for devpath in devices:
- if os.path.commonprefix([DEV_PREFIX, devpath]) != DEV_PREFIX:
+ if not utils.IsBelowDir(DEV_PREFIX, devpath):
continue
try:
_Fail("Failed to accept instance: %s", err, exc=True)
-def FinalizeMigration(instance, info, success):
+def FinalizeMigrationDst(instance, info, success):
"""Finalize any preparation to accept an instance.
@type instance: L{objects.Instance}
"""
hyper = hypervisor.GetHypervisor(instance.hypervisor)
try:
- hyper.FinalizeMigration(instance, info, success)
+ hyper.FinalizeMigrationDst(instance, info, success)
except errors.HypervisorError, err:
- _Fail("Failed to finalize migration: %s", err, exc=True)
+ _Fail("Failed to finalize migration on the target node: %s", err, exc=True)
def MigrateInstance(instance, target, live):
@type live: boolean
@param live: whether the migration should be done live or not (the
interpretation of this parameter is left to the hypervisor)
- @rtype: tuple
- @return: a tuple of (success, msg) where:
- - succes is a boolean denoting the success/failure of the operation
- - msg is a string with details in case of failure
+ @raise RPCFail: if migration fails for some reason
"""
hyper = hypervisor.GetHypervisor(instance.hypervisor)
_Fail("Failed to migrate instance: %s", err, exc=True)
+def FinalizeMigrationSource(instance, success, live):
+ """Finalize the instance migration on the source node.
+
+ @type instance: L{objects.Instance}
+ @param instance: the instance definition of the migrated instance
+ @type success: bool
+ @param success: whether the migration succeeded or not
+ @type live: bool
+ @param live: whether the user requested a live migration or not
+ @raise RPCFail: If the execution fails for some reason
+
+ """
+ hyper = hypervisor.GetHypervisor(instance.hypervisor)
+
+ try:
+ hyper.FinalizeMigrationSource(instance, success, live)
+ except Exception, err: # pylint: disable=W0703
+ _Fail("Failed to finalize the migration on the source node: %s", err,
+ exc=True)
+
+
+def GetMigrationStatus(instance):
+ """Get the migration status
+
+ @type instance: L{objects.Instance}
+ @param instance: the instance that is being migrated
+ @rtype: L{objects.MigrationStatus}
+ @return: the status of the current migration (one of
+ L{constants.HV_MIGRATION_VALID_STATUSES}), plus any additional
+ progress info that can be retrieved from the hypervisor
+ @raise RPCFail: If the migration status cannot be retrieved
+
+ """
+ hyper = hypervisor.GetHypervisor(instance.hypervisor)
+ try:
+ return hyper.GetMigrationStatus(instance)
+ except Exception, err: # pylint: disable=W0703
+ _Fail("Failed to get migration status: %s", err, exc=True)
+
+
def BlockdevCreate(disk, size, owner, on_primary, info):
"""Creates a block device for an instance.
fs_dir = os.path.normpath(fs_dir)
base_fstore = cfg.GetFileStorageDir()
base_shared = cfg.GetSharedFileStorageDir()
- if ((os.path.commonprefix([fs_dir, base_fstore]) != base_fstore) and
- (os.path.commonprefix([fs_dir, base_shared]) != base_shared)):
+ if not (utils.IsBelowDir(base_fstore, fs_dir) or
+ utils.IsBelowDir(base_shared, fs_dir)):
_Fail("File storage directory '%s' is not under base file"
" storage directory '%s' or shared storage directory '%s'",
fs_dir, base_fstore, base_shared)
_EnsureJobQueueFile(old)
_EnsureJobQueueFile(new)
- utils.RenameFile(old, new, mkdir=True)
+ getents = runtime.GetEnts()
+
+ utils.RenameFile(old, new, mkdir=True, mkdir_mode=0700,
+ dir_uid=getents.masterd_uid, dir_gid=getents.masterd_gid)
def BlockdevClose(instance_name, disks):
if not utils.IsNormAbsPath(filename):
_Fail("Path '%s' is not normalized or absolute", filename)
- directory = os.path.normpath(os.path.dirname(filename))
+ real_filename = os.path.realpath(filename)
+ directory = os.path.dirname(real_filename)
- if (os.path.commonprefix([constants.EXPORT_DIR, directory]) !=
- constants.EXPORT_DIR):
- _Fail("File '%s' is not under exports directory '%s'",
- filename, constants.EXPORT_DIR)
+ if not utils.IsBelowDir(constants.EXPORT_DIR, real_filename):
+ _Fail("File '%s' is not under exports directory '%s': %s",
+ filename, constants.EXPORT_DIR, real_filename)
# Create directory
utils.Makedirs(directory, mode=0750)
# constant
self._BASE_DIR = hooks_base_dir # pylint: disable=C0103
+ def RunLocalHooks(self, node_list, hpath, phase, env):
+ """Check that the hooks will be run only locally and then run them.
+
+ """
+ assert len(node_list) == 1
+ node = node_list[0]
+ _, myself = ssconf.GetMasterAndMyself()
+ assert node == myself
+
+ results = self.RunHooks(hpath, phase, env)
+
+ # Return values in the form expected by HooksMaster
+ return {node: (None, False, results)}
+
def RunHooks(self, hpath, phase, env):
"""Run the scripts in the hooks directory.