Michael Hanselmann [Mon, 26 Apr 2010 14:53:03 +0000 (16:53 +0200)]
Use new class for wakeup file descriptor in import/export daemon
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: René Nussbaumer <rn@google.com>
Michael Hanselmann [Mon, 26 Apr 2010 14:52:22 +0000 (16:52 +0200)]
Add wrapper class for signal.set_wrapper_fd
Managing file descriptors is always a bit tricky. Having this in a separate
class is better.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: René Nussbaumer <rn@google.com>
Michael Hanselmann [Mon, 26 Apr 2010 13:53:25 +0000 (15:53 +0200)]
Move some code into separate class in import/export daemon
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: René Nussbaumer <rn@google.com>
Michael Hanselmann [Mon, 26 Apr 2010 10:38:12 +0000 (12:38 +0200)]
Merge branch 'devel-2.1'
* devel-2.1:
masterd: Log PID, UID and GID of connected client
qa: Use qa_utils.UploadFile to upload rapi_users file
devel/upload: add --no-debug option
Conflicts:
lib/utils.py: Trivial
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: René Nussbaumer <rn@google.com>
Michael Hanselmann [Fri, 23 Apr 2010 15:07:36 +0000 (17:07 +0200)]
masterd: Log PID, UID and GID of connected client
This can be very useful if client programs run as non-root.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Michael Hanselmann [Fri, 23 Apr 2010 10:27:07 +0000 (12:27 +0200)]
qa: Use qa_utils.UploadFile to upload rapi_users file
Just using “echo” would use whatever umask is set in the shell,
in addition to potentially showing the password in the process
list.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: René Nussbaumer <rn@google.com>
Michael Hanselmann [Wed, 7 Apr 2010 15:20:32 +0000 (17:20 +0200)]
Remove two unused RPC functions
Both of these functions, “snapshot_export” and “instance_os_import”,
have been replaced by the instance import/export daemon.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Michael Hanselmann [Wed, 21 Apr 2010 17:46:39 +0000 (19:46 +0200)]
cmdlib: Convert instance import to new style
Use instance data transfer utility to import instances.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: René Nussbaumer <rn@google.com>
Michael Hanselmann [Tue, 16 Feb 2010 15:58:48 +0000 (16:58 +0100)]
cmdlib: Convert instance export to new style
With this change, exports of several disks will occur in parallel. Error
handling has also been improved.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: René Nussbaumer <rn@google.com>
Michael Hanselmann [Tue, 20 Apr 2010 16:38:40 +0000 (18:38 +0200)]
cmdlib: Add utility to transfer instance data within the cluster
This is yet another wrapper around the instance import/export utility
classes, providing an even simpler API for instance imports/exports within
the same cluster.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: René Nussbaumer <rn@google.com>
Michael Hanselmann [Wed, 21 Apr 2010 17:41:35 +0000 (19:41 +0200)]
cmdlib: Add utility for instance data import/export
Interpreting the backend's import/export daemon status is a bit tricky.
This utility code keeps track of multiple transfers at the same time.
Users can supply callback functions to react to events.
Timeouts are currently hardcoded. Intra-cluster instance moves will likely
require other timeouts.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: René Nussbaumer <rn@google.com>
Guido Trotter [Thu, 22 Apr 2010 17:12:38 +0000 (18:12 +0100)]
devel/upload: add --no-debug option
When this option is used the /etc/defaults/ganeti file, which sets all
the daemons in debug mode, is not copied.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Thu, 22 Apr 2010 15:50:10 +0000 (17:50 +0200)]
Merge branch 'devel-2.1'
* devel-2.1:
Add a basic unittest for uidpool.RequestUnusedUid
Factorize LUExportInstance
Use ints instead of strings to represent user-ids
QA: fix reimporting instance with different name
Fix broken commit 9e302a8
ssh: make quiet configurable
Conflicts:
lib/cmdlib.py: Mostly trivial
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Balazs Lecz [Thu, 22 Apr 2010 14:15:45 +0000 (15:15 +0100)]
Add a basic unittest for uidpool.RequestUnusedUid
Signed-off-by: Balazs Lecz <leczb@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Tue, 16 Feb 2010 15:58:48 +0000 (16:58 +0100)]
Factorize LUExportInstance
Apart from moving parts of the code to separate functions, error handling
is also improved by making sure snapshots are always removed.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Balazs Lecz [Wed, 21 Apr 2010 09:47:48 +0000 (10:47 +0100)]
Use ints instead of strings to represent user-ids
Signed-off-by: Balazs Lecz <leczb@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Michael Hanselmann [Thu, 22 Apr 2010 11:49:14 +0000 (13:49 +0200)]
Complete what was begun in commit
ef40fbfb4
The X509 certificate RPC functions were also renamed, but I
forgot to rename them in rpc.py. Fortunately they aren't used
yet.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Iustin Pop [Thu, 22 Apr 2010 11:58:35 +0000 (13:58 +0200)]
QA: fix reimporting instance with different name
Since the original instance still exists, we need to use a different MAC
for its NIC.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Michael Hanselmann [Wed, 21 Apr 2010 10:41:15 +0000 (12:41 +0200)]
Add RPC call to send SIGTERM to import/export daemon
This will be used to stop the daemon without doing complete cleanup (yet).
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Thu, 22 Apr 2010 11:15:57 +0000 (13:15 +0200)]
Rename import/export RPC calls to match others
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Iustin Pop [Thu, 22 Apr 2010 09:40:58 +0000 (11:40 +0200)]
Fix broken commit 9e302a8
Commit 9e302a8 split the StopInstance function in two without properly
duplicating the local variables.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: René Nussbaumer <rn@google.com>
Iustin Pop [Thu, 22 Apr 2010 09:20:32 +0000 (11:20 +0200)]
ssh: make quiet configurable
Currently both CopyFileToNode and BuildCmd hardcode "-q" in the options.
This patch moves this setting as a configurable option to
_BuildSshOptions.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Michael Hanselmann [Thu, 22 Apr 2010 09:34:18 +0000 (11:34 +0200)]
Merge branch 'devel-2.1'
* devel-2.1:
SSH: do not check IPs
Add separate module for backported language functionality
Add make commit-check target
burnin: skip migration based on hypervisor support
Add a hypervisor constant for migration support
LUSetClusterParams: initialize needed parameters
hv_chroot: move unmount to CleanupInstance()
Fix indentation error
utils: Add function for partial application of function arguments
gnt-instance info: sort the hv parameters
Only use boot=on on non-ide disks only (KVM)
Add -usbdevice tablet to KVM when using vnc
KVM: fix a bug in _TryReadUidFile
Fix RAPI client methods return values
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Thu, 22 Apr 2010 09:06:36 +0000 (11:06 +0200)]
SSH: do not check IPs
Since we use the cluster name for the SSH known_hosts file, ssh will
always detect a changed IP (since we never connect to the cluster master
name, but the node names), and will complain about it/try to update the
user known hosts file (since that is /dev/null, it doesn't matter, but
it's not nice). So we disable the IP check.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: René Nussbaumer <rn@google.com>
Michael Hanselmann [Wed, 21 Apr 2010 17:37:29 +0000 (19:37 +0200)]
Add separate module for backported language functionality
utils.py, where they were before, is already huge.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Guido Trotter [Wed, 21 Apr 2010 17:07:06 +0000 (18:07 +0100)]
Add make commit-check target
distcheck, lint and apidoc. Take three pay only one.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Iustin Pop [Tue, 20 Apr 2010 10:14:23 +0000 (12:14 +0200)]
burnin: skip migration based on hypervisor support
The patch adds selection of hypervisor in burnin (on multi-hypervisor
clusters, we always used the default) and optional hypervisor
parameters, and skips migration if the hypervisor doesn't support it.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Tue, 20 Apr 2010 10:14:22 +0000 (12:14 +0200)]
Add a hypervisor constant for migration support
This variable can be used by other tools to determine in a generic way
whether a given hypervisor supports migration or not.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Wed, 21 Apr 2010 14:07:40 +0000 (16:07 +0200)]
LUSetClusterParams: initialize needed parameters
… since the opcode doesn't auto-initialize to None.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Balazs Lecz <leczb@google.com>
Iustin Pop [Wed, 21 Apr 2010 13:49:49 +0000 (15:49 +0200)]
hv_chroot: move unmount to CleanupInstance()
This allows cleanup to be done properly if the "instance" wasn't running
at all (based on the CleanupInstance framework, instead of the retry in
hypervisor).
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Guido Trotter [Wed, 21 Apr 2010 16:41:30 +0000 (17:41 +0100)]
Fix indentation error
Commit
9cf4321fc39ec36359d9c90b22b36d33b6adc2f4 indented some lines by
4 spaces rather than 2, and was git-amed without noticing. Fixing.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Wed, 21 Apr 2010 13:46:34 +0000 (15:46 +0200)]
utils: Add function for partial application of function arguments
The function's code was mostly copied from Python's documentation
and it's equivalent to “functools.partial” in Python 2.5 and above.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Wed, 21 Apr 2010 13:57:30 +0000 (14:57 +0100)]
gnt-instance info: sort the hv parameters
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Apollon Oikonomopoulos [Wed, 24 Mar 2010 15:41:38 +0000 (17:41 +0200)]
Only use boot=on on non-ide disks only (KVM)
boot=on implies that KVM boots using extboot. This is only required
to boot non-IDE disks and has the side-effect that there is at most
one bootable device. This behaviour breaks some operating systems,
most notably the windows installer that tries to chainload the hard-disk
from the CD-ROM after the initial part of the installation.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Apollon Oikonomopoulos [Wed, 24 Mar 2010 15:40:31 +0000 (17:40 +0200)]
Add -usbdevice tablet to KVM when using vnc
When using VNC, it is recommended to use a tablet-style
input device instead of a mouse. This allows most VNC viewers
to send proper mouse coordinates to the virtual machine's desktop
resulting in perfectly aligned guest and host mouse pointers.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Guido Trotter [Wed, 21 Apr 2010 12:09:41 +0000 (13:09 +0100)]
KVM: fix a bug in _TryReadUidFile
If the uid pool is not in use _TryReadUidFile will try to return "uid"
even if it hasn't tried to read it at all.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Tue, 20 Apr 2010 16:18:06 +0000 (18:18 +0200)]
utils: Add function to read locked PID file
This is useful in combination with utils.StartDaemon and will be used for
reading the import/export daemon's PID file.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Michael Hanselmann [Fri, 16 Apr 2010 15:18:23 +0000 (17:18 +0200)]
Add ganeti.masterd module
This will be used to keep masterd-specific code.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Iustin Pop [Wed, 21 Apr 2010 11:34:59 +0000 (13:34 +0200)]
Fix cfgupgrade's use of GenerateSelfSignedSslCert
In master, the function GenerateSelfSignedSslCert has been moved to
utils.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
David Knowles [Tue, 20 Apr 2010 20:22:47 +0000 (16:22 -0400)]
Fix RAPI client methods return values
Ensure that all RAPI client methods that should return job ids actually
return job ids.
Signed-off-by: David Knowles <dknowles@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Signed-off-by: Iustin Pop <iustin@google.com>
Balazs Lecz [Tue, 20 Apr 2010 16:21:12 +0000 (17:21 +0100)]
Merge branch 'devel-2.1'
Conflicts:
doc/security.rst
trivial
lib/cli.py
trivial
Signed-off-by: Balazs Lecz <leczb@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Guido Trotter [Mon, 19 Apr 2010 17:04:44 +0000 (18:04 +0100)]
security.rst: add a KVM security section
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Mon, 19 Apr 2010 15:32:03 +0000 (16:32 +0100)]
KVM: implement the HT_SM_POOL security model
In order not to complicate to much the _ExecuteKVMRuntime function with
nested try/except/finally/else constructs we move the actual
runcmd+check call in a separate _RunKVMCmd function.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Mon, 19 Apr 2010 15:30:45 +0000 (16:30 +0100)]
KVM: add an instance uid file concept
If this file exists, for an instance, we release the uid contained
inside back to the uid pool, at instance shutdown.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Mon, 19 Apr 2010 15:27:44 +0000 (16:27 +0100)]
ReleaseUid: accept an integer as uid
We can't guarantee to keep the LockedObject around, when ReleaseUid is
called (because that might happen, for example, after a ganeti
shutdown/restart). So we'll support releasing on just an integer uid.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Mon, 19 Apr 2010 15:24:37 +0000 (16:24 +0100)]
LockedUid: add GetUid() method
uidpool users that get passed a LockedUid by the uidpool need to know
which one the uid is. Since it's not nice to make them access a private
member, and we shouldn't make "uid" public either, we'll add a getter
method.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Mon, 19 Apr 2010 15:22:33 +0000 (16:22 +0100)]
KVM: move post-shutdown cleanup operations
Currently putting the cleanup just after the actual shutdown ensures
that it never gets called, due to how the retry/shutdown cycle works.
So we move those cleanups to their new dedicated place.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Mon, 19 Apr 2010 13:05:59 +0000 (14:05 +0100)]
_PrintGroupedParams: sort before printing
It's a lot easier, when looking at the output, if you can search the
parameter you're looking for alphabetically.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Mon, 19 Apr 2010 15:19:58 +0000 (16:19 +0100)]
Add CleanupInstance hypervisor call
Currently some hypervisors (namely kvm) need to do some cleanup after
making sure an instance is stopped. With the moving of the retry cycle
in backend those cleanups were never done. In order to solve this we add
a new optional hypervisor function, CleanupInstance, which gets called
at the end of the shutdown procedure, and which interested hypervisors
can implement to be sure not to miss cleanup operations.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
René Nussbaumer [Fri, 16 Apr 2010 11:49:47 +0000 (13:49 +0200)]
Using the added stop-all functionality from daemon-utils in cluster-merge
Additionally also move to the RunWhileStopped method for the configuration merger.
Signed-off-by: René Nussbaumer <rn@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Mon, 19 Apr 2010 09:06:25 +0000 (11:06 +0200)]
Fix changing the list of enabled hypervisors
When enabling a new hypervisor, we must ensure that we have its
parameters in the cluster (global) hvparams dictionary.
Furthermore, we add a verify check for this case (this should be better
replaced with an auto-fix?).
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Iustin Pop [Mon, 19 Apr 2010 08:13:36 +0000 (10:13 +0200)]
Fix a typo commited→committed in gnt-instance.sgml
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Iustin Pop [Mon, 19 Apr 2010 08:11:13 +0000 (10:11 +0200)]
Complete check-man changes from
5fa16422
Commit
5fa16422 removed the checks at sed time, but only for %.7. We
need to do it for %.8 too.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
René Nussbaumer [Fri, 16 Apr 2010 14:49:25 +0000 (16:49 +0200)]
Fix heading to the one of epydoc
Signed-off-by: René Nussbaumer <rn@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Luca Bigliardi [Mon, 19 Apr 2010 14:20:58 +0000 (15:20 +0100)]
Fix gnt-node powercycle documentation
Fix options description in the documentation for gnt-node powercycle.
Signed-off-by: Luca Bigliardi <shammash@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Balazs Lecz [Mon, 19 Apr 2010 12:15:58 +0000 (13:15 +0100)]
Fix a couple of pydoc syntax problems
Signed-off-by: Balazs Lecz <leczb@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Guido Trotter [Fri, 16 Apr 2010 16:19:40 +0000 (17:19 +0100)]
uidpool: test the separator= argument
Also, fix the string quoting style.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Balazs Lecz <leczb@google.com>
Michael Hanselmann [Fri, 16 Apr 2010 15:28:37 +0000 (17:28 +0200)]
Makefile.am: sort lists, clean *.py[co] from all directories
*.py[co] were not removed from lib/confd. Removing *.py[co]
from all directories listed in $DIRS can't hurt.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Iustin Pop [Fri, 16 Apr 2010 13:36:49 +0000 (15:36 +0200)]
Readd node: allow changed primary IP
The primary IP is not used for DRBD disks, only for the job queue and
internal commands. As such, it's trivial (with a quiet job queue) to
re-ip the node.
The patch just relaxes the checks in LUAddNode, and manual testing shows
that live instances on that node keep working, and that cluster verify
is happy afterwards.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Michael Hanselmann [Fri, 16 Apr 2010 12:47:47 +0000 (14:47 +0200)]
Add RPC calls to import and export instance data
These RPC calls can be used to start, monitor and stop the instance data
import/export daemon.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Wed, 17 Mar 2010 15:49:07 +0000 (16:49 +0100)]
Add daemon for instance import and export
This backend daemon for instance import and export will be used to
transfer instance data to other machines. It is implemented in a generic
way to support different ways of data input and output. The third-party
program “socat”, which is already used by the KVM hypervisor abstraction,
is used to connect to remote machines using SSL/TLS. After starting the
child processes in a separate process group, the import/export daemon
monitors their output and updates a status file regularily. This status
file can then be read by ganeti-noded (not in this patch).
Three I/O methods are supported: Raw disk, file and script. Each of these
can be used for import and export.
Similar to daemon-util, an incomplete set of tests written in Bash is
included.
Two future enhancements are planned:
- Run parts of the command chain as a dedicated user (privilege
separation).
- Currently users of this daemon have to poll the status file while data
is transferred. This is inefficient and creates unnecessary delays. By
adding “dd” into the chain and sending it SIGUSR1 regularily, we can get
some statistics, optimize the polling frequenc and even provide the user
with an ETA (which isn't available with all current methods to
import/export instance data).
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Balazs Lecz [Tue, 13 Apr 2010 11:51:19 +0000 (12:51 +0100)]
Update gnt-cluster manpage with uid-pool options
Signed-off-by: Balazs Lecz <leczb@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Balazs Lecz [Fri, 9 Apr 2010 14:02:13 +0000 (15:02 +0100)]
Add ExecuteWithUnusedUid() to uidpool.py
Signed-off-by: Balazs Lecz <leczb@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Balazs Lecz [Fri, 26 Mar 2010 17:01:06 +0000 (17:01 +0000)]
Manage the assignment of uids from the uid pool
Signed-off-by: Balazs Lecz <leczb@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Balazs Lecz [Fri, 9 Apr 2010 10:39:09 +0000 (11:39 +0100)]
Add basic unittests for uid_pool
Signed-off-by: Balazs Lecz <leczb@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Balazs Lecz [Thu, 25 Mar 2010 15:50:24 +0000 (15:50 +0000)]
Add uid_pool to ssconf
Signed-off-by: Balazs Lecz <leczb@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Balazs Lecz [Thu, 25 Mar 2010 14:00:51 +0000 (14:00 +0000)]
Add --uid-pool option to gnt-cluster init
Signed-off-by: Balazs Lecz <leczb@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Balazs Lecz [Fri, 26 Mar 2010 15:25:35 +0000 (15:25 +0000)]
Add printing of uid_pool to gnt-cluster info
Signed-off-by: Balazs Lecz <leczb@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Balazs Lecz [Thu, 8 Apr 2010 17:00:43 +0000 (18:00 +0100)]
Add --add-uids/--remove-uids to gnt-cluster modify
Signed-off-by: Balazs Lecz <leczb@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Balazs Lecz [Wed, 24 Mar 2010 17:59:45 +0000 (17:59 +0000)]
Add --uid-pool option to gnt-cluster modify
Signed-off-by: Balazs Lecz <leczb@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Balazs Lecz [Thu, 1 Apr 2010 13:16:25 +0000 (14:16 +0100)]
Add lib/uidpool.py module
Signed-off-by: Balazs Lecz <leczb@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Balazs Lecz [Fri, 26 Mar 2010 15:13:11 +0000 (15:13 +0000)]
Add uid_pool cluster parameter
Signed-off-by: Balazs Lecz <leczb@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Balazs Lecz [Tue, 6 Apr 2010 14:36:53 +0000 (15:36 +0100)]
Add user-id pool design doc
Signed-off-by: Balazs Lecz <leczb@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Michael Hanselmann [Fri, 16 Apr 2010 12:33:54 +0000 (14:33 +0200)]
Merge branch 'devel-2.1'
* devel-2.1:
backend: Consolidate code opening real block device
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Fri, 16 Apr 2010 12:28:59 +0000 (14:28 +0200)]
backend: Consolidate code opening real block device
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Iustin Pop [Fri, 16 Apr 2010 11:42:00 +0000 (13:42 +0200)]
Merge branch 'devel-2.1'
* devel-2.1:
utils: Add class to split string stream into lines
Fix cluster behaviour with disabled file storage
Update docstrings in tools/ and enable epydoc
Forward-port the ganeti 2.0 cfgupgrade
Add a new tool: sanitize-config
Fix cfgupgrade with non-default DATA_DIR
Improving the RAPI documentation
Mark cluster-merge as executable
QA: Make the rapi credential handling less involving
Conflicts:
lib/bootstrap.py (merge cds and new file names)
lib/cmdlib.py (trivial, kept 2.1 version for disabled file
storage)
lib/utils.py (trivial, new imports)
tools/cfgupgrade (trivial, new cds parameter)
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Michael Hanselmann [Thu, 15 Apr 2010 15:23:08 +0000 (17:23 +0200)]
utils: Add class to split string stream into lines
This will be used by the new import/export daemon to split
output by its child processes into lines.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Iustin Pop [Mon, 12 Apr 2010 13:44:43 +0000 (15:44 +0200)]
Fix cluster behaviour with disabled file storage
There are a few issues with disabled file storage:
- cluster initialization is broken by default, as it uses the 'no'
setting which is not a valid path
- some other parts of the code require the file storage dir to be a
valid path; we workaround by skipping such code paths when it is
disabled
A side effect is that we abstract the storage type checks into a
separate function and add validation in RepairNodeStorage (previously a
luxi client which didn't use cli.py and submitted an invalid type would
get "storage units of type 'foo' can not be repaired").
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: René Nussbaumer <rn@google.com>
Iustin Pop [Wed, 14 Apr 2010 16:45:35 +0000 (18:45 +0200)]
Update docstrings in tools/ and enable epydoc
This patch updates the docstrings in tools/ (mostly in lvmstrap, which
is very very old code-base) and then enabled the tools in this directory
for 'make apidoc' too.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: René Nussbaumer <rn@google.com>
Iustin Pop [Wed, 14 Apr 2010 16:27:03 +0000 (18:27 +0200)]
Forward-port the ganeti 2.0 cfgupgrade
2.1's cfgupgrade doesn't support upgrading from 1.2, only from 2.0.
However, it's trivial to forward-port the 2.0 cfgupgrade to work with
2.1, thus providing an upgrade path for 1.2 users directly to 2.1,
without the intermediate step of installing 2.0.
The new cfgupgrade12 file has just a few trivial changes from 2.0, and
skipping the load of the config file.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: René Nussbaumer <rn@google.com>
Iustin Pop [Tue, 13 Apr 2010 16:19:39 +0000 (18:19 +0200)]
Add a new tool: sanitize-config
This can be used for two purposes:
- safety copy of the config file, with just the secrets changed
- cleanup of the config file (full randomization), so that (e.g.) users
could send a broken config file to the devel-list
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: René Nussbaumer <rn@google.com>
Iustin Pop [Tue, 13 Apr 2010 12:24:19 +0000 (14:24 +0200)]
Fix cfgupgrade with non-default DATA_DIR
Commit
43575108 added bootstrap.GenerateclusterCrypto and commit
7506a7f1 changed cfgupgrade to use it. However, this lost the
functionality of upgrading in non-default DATA_DIR.
To fix this, we enhance bootstrap.GenerateclusterCrypto to accept custom
file paths for the three files it modifies. If more files will be needed
in the future, we could just pass in modified DATA_DIR, but for now it
suffices.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: René Nussbaumer <rn@google.com>
René Nussbaumer [Wed, 14 Apr 2010 11:56:35 +0000 (13:56 +0200)]
Improving the RAPI documentation
* Be more clear about when POST and PUT should be used
* Be more verbose on parameters
* Describe allowed parameter values (if not self explaining)
Signed-off-by: René Nussbaumer <rn@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Iustin Pop [Tue, 13 Apr 2010 11:12:09 +0000 (13:12 +0200)]
Mark cluster-merge as executable
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: René Nussbaumer <rn@google.com>
René Nussbaumer [Mon, 12 Apr 2010 14:04:22 +0000 (16:04 +0200)]
QA: Make the rapi credential handling less involving
Signed-off-by: René Nussbaumer <rn@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Mon, 12 Apr 2010 14:06:46 +0000 (16:06 +0200)]
Merge remote branch 'devel-2.1'
* devel-2.1:
Update import documentation for the recent changes
Add a identify-defaults options for import
Fix create/import verification of hvparams
objects.Cluster: add method to get hv defaults
Reuse NIC information from export
Reuse backend parameters from export
Reuse disk information from export
Reuse hypervisor parameters in import
Read disk template from export info
CreateInstance: separate the reading of the export
Move code from ExpandNames to CheckPrereq
CreateInstance: Move some code to CheckArguments
Export more instance parameters in instance export
Export the nicparams too during instance export
Handle errors better for wrong nic_count in export
QA: Make sure RAPI credentials are setup on cluster init
Conflicts:
lib/cmdlib.py (strange conflict, HEAD had no changes)
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Mon, 12 Apr 2010 11:50:11 +0000 (13:50 +0200)]
Update import documentation for the recent changes
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Mon, 12 Apr 2010 11:30:12 +0000 (13:30 +0200)]
Add a identify-defaults options for import
When importing an instance, all the saved valued will be used as
explicitly specified values, overriding the cluster defaults. This means
export+import will change the status (from default to explicitly
specified) of parameters.
This patch adds a new option that changes the behaviour to identify
parameter values which are equal to the current cluster defaults and
mark them as such. It does this for hv, be and nic parameters.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Mon, 12 Apr 2010 09:54:10 +0000 (11:54 +0200)]
Fix create/import verification of hvparams
Currently the instance creation checks the cluster hv defaults + the new
parameters for validity, ignoring the os-specific hvparams (this was an
oversight during the implementation of the os hvp). This patch uses the
new GetHVDefaults method to provide the defaults, instead of reading
directly the attributes of the cluster object.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Mon, 12 Apr 2010 09:48:36 +0000 (11:48 +0200)]
objects.Cluster: add method to get hv defaults
Currently the FillHV method is the one that does the cluster hvparams +
os hvparams merger. However, in some cases we need to do just this,
without adding the instance hvparams on top.
This patch adds a function to compute just this (hv + os hvp
combination) default dict, and modifies FillHV to use it to build the
final dict.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Fri, 9 Apr 2010 15:55:40 +0000 (17:55 +0200)]
Reuse NIC information from export
If the user doesn't pass any nics in import, do not use a default
one-nic, but instead read the nics from the export file as is.
Fortunately the export and the way nics are read from the command line
are compatible…
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Fri, 9 Apr 2010 15:21:24 +0000 (17:21 +0200)]
Reuse backend parameters from export
Similar to the previous patches, if we're missing some parameters and
the export has them (either in the new style or old-style), we reuse
them.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Fri, 9 Apr 2010 15:09:04 +0000 (17:09 +0200)]
Reuse disk information from export
If the user doesn't pass the disk information on import, automatically
reuse the number and size of disks. This loses the iv_name attribute,
but that is only cosmetic and cannot be changed by the user.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Fri, 9 Apr 2010 14:49:04 +0000 (16:49 +0200)]
Reuse hypervisor parameters in import
If available, we reuse the parameters from the export info.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Fri, 9 Apr 2010 12:58:32 +0000 (14:58 +0200)]
Read disk template from export info
This patch changes the instance import to read the disk template
automatically from the export info, if the opcode doesn't already
specify a disk template.
To do this, we have a couple of additional changes:
- change from required parameter to optional one for disk_template
- move check for disabled file storage at ./configure time to the
generic _CheckDiskTemplate checker
- move checks of the disk template from CheckArguments to CheckPrereq
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Fri, 9 Apr 2010 12:07:38 +0000 (14:07 +0200)]
CreateInstance: separate the reading of the export
We move the reading of the export to a separate function, to simplify
CheckPrepreq and also read it earlier. This will allow building the
missing opcode parameters from the export information, instead of
requiring all of them on the command line.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Fri, 9 Apr 2010 11:49:34 +0000 (13:49 +0200)]
Move code from ExpandNames to CheckPrereq
This is needed since only in CheckPrereq we have the nodes locked, and
future import enhancements will need to have access to the export info
during the parameter build.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Fri, 9 Apr 2010 11:23:39 +0000 (13:23 +0200)]
CreateInstance: Move some code to CheckArguments
ExpandNames holds too much non-locking code (first LU to be converted to
ExpandNames, and we didn't have CheckArguments at that poin), and this
patch moves the checks that are lock-independent to CheckArguments.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Fri, 9 Apr 2010 09:50:51 +0000 (11:50 +0200)]
Export more instance parameters in instance export
Currently the backend parameters are not exported automatically, but
only a few directly in the '[instance]' section. Hypervisor type and
hypervisor parameters are not exported at all.
This patch creates two separate sections for the be and hv parameters,
and stores the parameters (including ones that come from the cluster
defaults, but not the hypervisor globals for example) in the export.
The import code is not changed yet.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Fri, 29 Jan 2010 12:16:06 +0000 (13:16 +0100)]
Export the nicparams too during instance export
The patch tries to export all params (based on the dict defined in
constants), using None for missing keys.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>