First part of confd timer changes

[ganeti-local] / lib / pathutils.py

diff --git a/lib/pathutils.py b/lib/pathutils.py
index ca78ea8..fe53180 100644 (file)
--- a/lib/pathutils.py
+++ b/lib/pathutils.py
@@ -24,6 +24,7 @@
 """
 
 from ganeti import _autoconf
+from ganeti import compat
 from ganeti import vcluster
 
 
@@ -33,7 +34,9 @@ DEFAULT_SHARED_FILE_STORAGE_DIR = \
   vcluster.AddNodePrefix(_autoconf.SHARED_FILE_STORAGE_DIR)
 EXPORT_DIR = vcluster.AddNodePrefix(_autoconf.EXPORT_DIR)
 OS_SEARCH_PATH = _autoconf.OS_SEARCH_PATH
+ES_SEARCH_PATH = _autoconf.ES_SEARCH_PATH
 SSH_CONFIG_DIR = _autoconf.SSH_CONFIG_DIR
+XEN_CONFIG_DIR = vcluster.AddNodePrefix(_autoconf.XEN_CONFIG_DIR)
 SYSCONFDIR = vcluster.AddNodePrefix(_autoconf.SYSCONFDIR)
 TOOLSDIR = _autoconf.TOOLSDIR
 LOCALSTATEDIR = vcluster.AddNodePrefix(_autoconf.LOCALSTATEDIR)
@@ -44,6 +47,7 @@ IMPORT_EXPORT_DAEMON = _autoconf.PKGLIBDIR + "/import-export"
 KVM_CONSOLE_WRAPPER = _autoconf.PKGLIBDIR + "/tools/kvm-console-wrapper"
 KVM_IFUP = _autoconf.PKGLIBDIR + "/kvm-ifup"
 PREPARE_NODE_JOIN = _autoconf.PKGLIBDIR + "/prepare-node-join"
+NODE_DAEMON_SETUP = _autoconf.PKGLIBDIR + "/node-daemon-setup"
 XEN_CONSOLE_WRAPPER = _autoconf.PKGLIBDIR + "/tools/xen-console-wrapper"
 ETC_HOSTS = vcluster.ETC_HOSTS
 
@@ -74,7 +78,6 @@ UIDPOOL_LOCKDIR = RUN_DIR + "/uid-pool"
 SSCONF_LOCK_FILE = LOCK_DIR + "/ganeti-ssconf.lock"
 
 CLUSTER_CONF_FILE = DATA_DIR + "/config.data"
-NODED_CERT_FILE = DATA_DIR + "/server.pem"
 RAPI_CERT_FILE = DATA_DIR + "/rapi.pem"
 CONFD_HMAC_KEY = DATA_DIR + "/hmac.key"
 SPICE_CERT_FILE = DATA_DIR + "/spice.pem"
@@ -88,6 +91,16 @@ USER_SCRIPTS_DIR = CONF_DIR + "/scripts"
 VNC_PASSWORD_FILE = CONF_DIR + "/vnc-cluster-password"
 HOOKS_BASE_DIR = CONF_DIR + "/hooks"
 FILE_STORAGE_PATHS_FILE = CONF_DIR + "/file-storage-paths"
+RESTRICTED_COMMANDS_DIR = CONF_DIR + "/restricted-commands"
+
+#: Node daemon certificate path
+NODED_CERT_FILE = DATA_DIR + "/server.pem"
+
+#: Node daemon certificate file permissions
+NODED_CERT_MODE = 0440
+
+#: Locked in exclusive mode while noded verifies a remote command
+RESTRICTED_COMMANDS_LOCK_FILE = LOCK_DIR + "/ganeti-restricted-commands.lock"
 
 #: Lock file for watcher, locked in shared mode by watcher; lock in exclusive
 # mode to block watcher (see L{cli._RunWhileClusterStoppedHelper.Call}
@@ -112,6 +125,7 @@ MASTER_SOCKET = SOCKET_DIR + "/ganeti-master"
 QUERY_SOCKET = SOCKET_DIR + "/ganeti-query"
 
 LOG_OS_DIR = LOG_DIR + "/os"
+LOG_ES_DIR = LOG_DIR + "/extstorage"
 
 # Job queue paths
 JOB_QUEUE_LOCK_FILE = QUEUE_DIR + "/lock"
@@ -120,7 +134,7 @@ JOB_QUEUE_SERIAL_FILE = QUEUE_DIR + "/serial"
 JOB_QUEUE_ARCHIVE_DIR = QUEUE_DIR + "/archive"
 JOB_QUEUE_DRAIN_FILE = QUEUE_DIR + "/drain"
 
-ALL_CERT_FILES = frozenset([
+ALL_CERT_FILES = compat.UniqueFrozenset([
   NODED_CERT_FILE,
   RAPI_CERT_FILE,
   SPICE_CERT_FILE,