code.grnet.gr Git - ganeti-local/log

Add monitoring-query-format.rst to $(docinput)

Commit 431ff2c10 split the monitoring system documentation in two parts but did
not include the new monitoring-query-format.rst to $(docinput). As a result,
current tarballs of 2.8 do not ship doc/monitoring-query-format.rst.

Signed-off-by: Apollon Oikonomopoulos <apoikos@gmail.com>
Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Michele Tartara <mtartara@google.com>

Fix documentation building rules

Implement the correct behavior to be kept when sphinx-build is not installed.
It was already correctly checked, but instead of just disabling the
documentation generation, an error message was printed, having "make" fail.

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Thomas Thrainer <thomasth@google.com>

Check disk template in right dict when copying

Due to the structure of the code this condition can't possibly be true.
We have to look in the new_diskparams dict instead, otherwise it'd be
possible to try to update a non-existing entry.

(The same patch is in stable-2.7 as 106441d already).

Signed-off-by: Thomas Thrainer <thomasth@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

Mark the UUID design doc as implemented

The code implementing the UUID design document is included in Ganeti 2.8.

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

Clarify that cmdlib/ must be removed downgrading

Downgrading from 2.8 to a previous version will fail if the new cmdlib/
directory is not removed.

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

Fix formatting error in the UPGRADE document

An item of the enumerated list was not rendered correctly.

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

Make build_chroot compatible with Squeeze

Modify build_chroot to make it compatible with debian Squeeze. This
is done by using a function instead of a alias for the command that
was failing.

Fixes Issue 507.

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Thomas Thrainer <thomasth@google.com>

Update security doc and NEWS for luxid

Document the split of luxid from confd in security.rst and in the NEWS
file.

Signed-off-by: Thomas Thrainer <thomasth@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

Add --cleanup to instance failover manpage

Describe the new parameter in the manpage of gnt-instance.

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

Update NEWS with failover cleanup

Describe the new feature in the NEWS file.

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

Add cleanup parameter to instance failover

Most of the code is shared with instance migrate, so we actually only need
to add the parameter and pass its value along the the common code.

Also, tests and harep are updated to support the right set of options to
the "failover" opcode.

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

Update NEWS file for 2.8 wrt vnet_hdr KVM hvparam

Document the addition of the vnet_hdr HV parameter for KVM in the NEWS
file for 2.8.

Signed-off-by: Stratos Psomadakis <psomas@grnet.gr>
Reviewed-by: Guido Trotter <ultrotter@google.com>

Document the vnet_hdr HV parameter for KVM

Document the vnet_hdr HV parameter for KVM in the gnt-instance man page.

Signed-off-by: Stratos Psomadakis <psomas@grnet.gr>
Reviewed-by: Guido Trotter <ultrotter@google.com>

Prepare NEWS for 2.8.0 beta2

- Create stub "initial release" entry for beta1.
- Keep main 2.8 release information at top
- Add initial "since beta1" section

Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Michele Tartara <mtartara@google.com>

Fix the downgrade function of cfgupgrade

The downgrade was not correctly removing some of the UUIDs (namely, those
of disks and NICs).

Fixes Issue 510.

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Klaus Aehlig <aehlig@google.com>

Increase maximum HTTP message size

After adding a new KVM parameter, RAPI queries related to KVM have become
too big, so we need to increase this.

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Helga Velroyen <helgav@google.com>

Clarify hbal man page

In the sense of hbal, and, in fact, all htools, drained nodes
are considered as offline. Also, the cluster score is not just
the sum of its component, but, e.g., the count of instances on
offline nodes is weighted stronger.

Signed-off-by: Klaus Aehlig <aehlig@google.com>
Reviewed-by: Michele Tartara <mtartara@google.com>

Properly add the UUID to all the disks

Starting from Ganeti 2.8 all the disks need to have a UUID.
A function for adding a UUID automatically to disks was present, but it didn't
consider disks with children (like DRBD).

The function is modified to work recursively.

Partially fixes Issue 510.

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Helga Velroyen <helgav@google.com>

Merge branch 'stable-2.7' into stable-2.8

* stable-2.7:
  Update NEWS and version for Ganeti 2.7.1
  daemon-util: pass --oknodo at rotate_logs
  Add logrotate example
  daemon-util: provide rotate_logs and rotate_all_logs actions

Conflicts:
NEWS: trivial
configure.ac: trivial (keep 2.8 version)

Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Michele Tartara <mtartara@google.com>

Update NEWS and version for Ganeti 2.7.1

Release 2.7.1 with a handful of minor fixes.

Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Michele Tartara <mtartara@google.com>

Add hvparam to disable VNET_HDR on tap devices

IFF_VNET_HDR allows tap devices to extract a VIRTIO_NET_HDR from pkts
going through the tap iface, enabling segmentation offload for the
virtio nics.

Current (Debian) kernels (3.2 for Debian Squeeze backrports / Wheezy)
don't seem able to handle well VMs with 'broken' virtio ifaces (e.g.
FreeBSD virtio-net driver), using GSO. Broken or malicious virtio-net
drivers can cause the host kernel to flood the logs with WARNs(),
effectively live-locking the system and affecting its overall stabitlity
(eg DRBD disconnects).

The WARN() flooding has been fixed / ratelimited in Linus' tree, but it
hasn't been backported to -stable.

This patch adds the vnet_hdr hvparam for KVM, to select whether the tap
devices used for KVM virtio ifaces will get created with VNET_HDR
support (IFF_VNET_HDR), even when the underlying kernel supports it, in
order to avoid this issue.

Signed-off-by: Stratos Psomadakis <psomas@grnet.gr>
Reviewed-by: Guido Trotter <ultrotter@google.com>

daemon-util: pass --oknodo at rotate_logs

daemon-util's rotate_logs() did not pass --oknodo to start-stop-daemon while
HUPing the daemon processes. As a result, rotate_logs would fail for a
non-running daemon causing rotate_all_logs to exit prematurely.

We can fix this by either passing --oknodo to start-stop-daemon, or have
rotate_all_logs ignore any errors. The former is probably a safer approach - as
it doesn't mask any potential coding errors in rotate_logs - and is also
semantically correct (we only care about log rotation if a daemon is actually
running).

Signed-off-by: Apollon Oikonomopoulos <apoikos@gmail.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

Add logrotate example

Add an example logrotate snippet, along with the relevant documentation.

Signed-off-by: Apollon Oikonomopoulos <apoikos@gmail.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

daemon-util: provide rotate_logs and rotate_all_logs actions

Modify daemon-util to allow sending SIGHUP to one or all daemons. This is meant
as a utility function to be used in logrotate definitions.

Signed-off-by: Apollon Oikonomopoulos <apoikos@gmail.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

Fix permission errors for split users

Correctly set ownership and permissions for daemon log files, correct
the name of the luxid logfile and set the ownership of the query socket
correctly.

Signed-off-by: Thomas Thrainer <thomasth@google.com>
Reviewed-by: Michele Tartara <mtartara@google.com>

Make RAPI export device names and UUIDs

Add UUIDs and names of instance's disks and NICs to the list of instance
fields that are returned from RAPI.

Signed-off-by: Christos Stavrakakis <cstavr@grnet.gr>
Reviewed-by: Helga Velroyen <helgav@google.com>

Fix permission problem related to Issue 477

Commit 91525dee856951ace940c78b6254a1c7344b4803 fixed Issue 477 but broke
"gnt-cluster info".

This commit offers a solution to both problems, by changing the permission
of the socket instead of changing the permission the confd process is run
with.

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Klaus Aehlig <aehlig@google.com>

Add hs function to easily change file ownership

The Haskell library functions only allow to change file ownership using
uid/gid. A function for doing that with explicit names is added by this
commit.

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>

Rename queryd to luxid

As queryd will, in the future, handle all LUXI request, queue jobs and
most likely perform various other tasks, it is renamed to luxid already.
This will safe some headache when upgrading Ganeti installations, as we
don't have to deal with a daemon rename.

Signed-off-by: Thomas Thrainer <thomasth@google.com>
Reviewed-by: Klaus Aehlig <aehlig@google.com>

Document the rapi client not to have a QueryNetworks method

While there is a luxi query QueryNetworks, the rapi client does not
provide such a method. Document this by declaring it in the
KNOWN_UNUSED_LUXI calls.

Signed-off-by: Klaus Aehlig <aehlig@google.com>
Reviewed-by: Helga Velroyen <helgav@google.com>

Enable unit tests again

A while ago, the execution of python unit tests was
accidentally disabled for distcheck. This patch
enables them again. This will lead to a couple of
tests failing, but we decided to submit this first
and then fix the broken tests in separate patches.

Signed-off-by: Helga Velroyen <helgav@google.com>
Reviewed-by: Klaus Aehlig <aehlig@google.com>

Document ganeti-queryd

Add a man page for ganeti-queryd and update the documentation for
ganeti-confd in various places.

Signed-off-by: Thomas Thrainer <thomasth@google.com>
Reviewed-by: Helga Velroyen <helgav@google.com>

Add ganeti-queryd to QA env test

Test for the newly introduces ganeti-queryd in the environment test of
QA.

Signed-off-by: Thomas Thrainer <thomasth@google.com>
Reviewed-by: Helga Velroyen <helgav@google.com>

Add queryd daemon (split from confd)

queryd is added as a new daemon which handles configuration queries over
LUXI. This functionality was removed from confd, which now only queries
over the network.

The queryd user is added to the master group such that it can access
server.pem. The confd user no longer needs to be in the master group.
This fixes issue 292.

Signed-off-by: Thomas Thrainer <thomasth@google.com>
Reviewed-by: Helga Velroyen <helgav@google.com>

Extract ConfigReader from Confd/Server.hs

Confd's functionality to watch the Ganeti configuration file is
extracted to the ConfigReader module. No functional changes are
introduced.

This extraction makes will enable us to split queryd from confd, as
queryd will have to use the same functionality.

Signed-off-by: Thomas Thrainer <thomasth@google.com>
Reviewed-by: Helga Velroyen <helgav@google.com>

Add timestamps to haskell network query fields

Add timestamp fields to the list of available network query fields in
the Haskell code.

Signed-off-by: Christos Stavrakakis <cstavr@grnet.gr>
Reviewed-by: Helga Velroyen <helgav@google.com>

Merge branch 'stable-2.7' into stable-2.8

* stable-2.7
  Fix RAPI to include missing network fields
  Add support for querying network timestamps
  In the crontab example, look for the correct binary
  Fix wrong numbering in UPGRADE documentation

Conflicts:
src/Ganeti/Objects.hs
test/hs/Test/Ganeti/Objects.hs
Resolved by taking both additions.

Signed-off-by: Klaus Aehlig <aehlig@google.com>
Reviewed-by: Helga Velroyen <helgav@google.com>

Change method dispatch in ClientOps to enforce luxi.REQ_ALL

ClientOps' handle_request dispatches on the luxi request received. Change
this to first verify if the request is luxi.REQ_ALL. In this way, we catch
programming errors introducing "secret" luxi requests earlier. This is relevant,
as our other checks for internal consistency compare against luxi.REQ_ALL.

Signed-off-by: Klaus Aehlig <aehlig@google.com>
Reviewed-by: Michele Tartara <mtartara@google.com>

Allow modify_etc_hosts to be changed

The modify_etc_hosts options, enabling the cluster to modify the /etc/hosts
files of nodes, and to keep them in sync, could only be set at cluster init
time.

With this commit it can now be changed through modify_etc_hosts as well.

Fixes Issue 206.

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Helga Velroyen <helgav@google.com>

Add --modify-etc-hosts option for CLI tools

The option will be used by gnt-cluster modify in the following commit.

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Helga Velroyen <helgav@google.com>

Add luxiReqQueryNetworks to LuxiOp

When the QueryNetwork was introduced as a method, apparently
it was forgotten in the Haskell world. Add it here as well.

Signed-off-by: Klaus Aehlig <aehlig@google.com>
Reviewed-by: Helga Velroyen <helgav@google.com>

Log received message at debug level

At debug level, we can well afford to have a detailed entry
for each message received by a server.

Signed-off-by: Klaus Aehlig <aehlig@google.com>
Reviewed-by: Helga Velroyen <helgav@google.com>

Set the correct group for confd

Starting confd as a member of the daemons group allows the RAPI daemon to access
the LUXI socket.

Fixes Issue 477.

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Klaus Aehlig <aehlig@google.com>

Log RPC errors from inside executeRpcCall

executeRpcCall is the function to be used for executing RPCs, so it makes sense
to use it as the single point for logging all thte RPC call errors.

Fixes Issue 293.

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Klaus Aehlig <aehlig@google.com>

Factor out the logRpcErrors function

This function can be useful to multiple RPC calls, therefore it is moved
to the file containing the common RPC functions.

Also, it is made more generic by changing its signature.

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Klaus Aehlig <aehlig@google.com>

Expose bulk parameter for GetJobs in RAPI client

This patch exposes the bulk argument of the jobs resource on
the RAPI python wrapper, making it possible to retrieve status
information about all jobs with a single call.

Signed-off-by: Leon Handreke <lhandreke@google.com>
Signed-off-by: Klaus Aehlig <aehlig@google.com>
Reviewed-by: Klaus Aehlig <aehlig@google.com>

Add git send-email to the chroot

"git send-email" is used as part of the official workflow but it was not
installed in the chroot.

This patch adds it.

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Klaus Aehlig <aehlig@google.com>

Add tests for CanRead

Verify that the CanRead function is actually able to check whether a file has
the proper permissions.

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Klaus Aehlig <aehlig@google.com>

Fix RAPI to include missing network fields

Fix RAPI interface to include missing network fields. Specifically, fix
instance queries to include the network name for instance NICs. Also fix
network queries to include missing common fields, like uuid and serial.

Signed-off-by: Christos Stavrakakis <cstavr@grnet.gr>
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

Add support for querying network timestamps

Add creation and modified timestamps when creating a new network, and
extend the available query fields for networks with these fields,
namely 'ctime' and 'mtime'.

Signed-off-by: Christos Stavrakakis <cstavr@grnet.gr>
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

Only generate node lists with nodes having different names

genNodeList is used in testing to generate list of nodes
that could come up in cluster configurations. Since names
are used to assign indices to nodes, they have to be unique;
this is also the case in all real clusters.

Signed-off-by: Klaus Aehlig <aehlig@google.com>
Reviewed-by: Iustin Pop <iusty@k1024.org>
Reviewed-by: Guido Trotter <ultrotter@google.com>

Cluster verify checks server.pem permissions

Currently, ConfD must be able to access server.pem (though this is likely to
change in the future). If this is not true, all sorts of weird things happen,
such as "gnt-node list" printing lots of question marks instead of actual
data, with no meaningful error.

This patch adds a check for the proper access permission to
"gnt-cluster verify".

Fixes Issue 518.

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Klaus Aehlig <aehlig@google.com>

Add function for checking file access permissions

The CanRead function checks whether a user of the local machine (specified
by name) can access a given file.

IsUserInGroup is a helper function for CanRead, but might also be used
independently, so its name does not begin with an underscore.

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Klaus Aehlig <aehlig@google.com>

Prevent silent failure in case of connection problems

While running "gnt-node list", if a query to ConfD fails (especially
because of permission problems) it used to just fail silently, with gnt-node
showing question marks instead of data.

With this patch, ConfD records the error in its log file, together with a
message giving an indication of the reason.

Fixes Issue 517.

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Klaus Aehlig <aehlig@google.com>

In the crontab example, look for the correct binary

When ganeti-master-cleaner was merged back into ganeti-cleaner in 46118ed2,
the binary to test for should have also been updated. Do this now.

Signed-off-by: Klaus Aehlig <aehlig@google.com>
Reviewed-by: Helga Velroyen <helgav@google.com>

Fix apt-get invocation in chroot_builder

Use the macro containing all the required parameters, instead of just using
"apt-get install".

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Klaus Aehlig <aehlig@google.com>

Fix wrong numbering in UPGRADE documentation

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Klaus Aehlig <aehlig@google.com>

Merge branch 'stable-2.7' into stable-2.8

* stable-2.7:
  Release version 2.7.0
  Fix "instance replace" typo in admin.rst
  Fix typo in the install guide
  Disable pylint E1101 on hypothetical import

Conflicts:
NEWS: trivial
configure.ac: trivial

Signed-off-by: Klaus Aehlig <aehlig@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

Also remove prop_IterateAlloc_sane from test list

In f4d1bb7 that test was removed, but forgotten to remove it
from the list of tests to be executed. Fix that.

Signed-off-by: Klaus Aehlig <aehlig@google.com>
Reviewed-by: Michele Tartara <mtartara@google.com>

Fix documentation for prop_Alloc_sane

As discussed in the last commit, placing a new instance on the cluster
can lead to a cluster that can be improved by moving previously added
instances. For an empty cluster, however, there are no previous
instances. So add this to the test description to make obvious why
this test tests for a valid property.

Signed-off-by: Klaus Aehlig <aehlig@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

Remove IterateAllocSane test

The test is testing for a property that just isn't true. Iterated
allocation greedily place one instance at a time taking the locally
most balanced solution. Then it is tested whether the resulting global
allocation can be improved.

To see that this assumption does not hold, consider placing 3
identical instances on 3 nodes. The most balanced allocation of all 3
instances would be that each node is primary and secondary for one
instance. Now let's see what iterative allocation does.

Up to symmetry, the placing of the first instance is unique. Any
placement of the second instance that keeps the way to the global
optimum open would be one node being primary and secondary for one
instance each, one node being only secondary for instance, and one
node being only primary for one instance. An alternative allocation
would be to place the instances on two different nodes as primaries
and using the third node as shared secondary.

For cpu (2 nodes with 1 cpu, 1 with none), free memory (on two nodes
all minus 1 unit, on one node all), and disk (2 nodes with 1 disk, 1
with 2) there is no difference between these allocations. For reserved
memory, there's a difference in the values. In the first case, on two nodes,
there's one unit reserved and nothing on the third. In the second
case, on two nodes, there is nothing reserved, while on the third
node, there still is only one unit reserved, as the two instances have
different primaries. Nevertheless, the standard deviations of
0,0,1 and 1,1,0 are both sqrt(5/9); so, in everything that contributes
to the balancedness metric these allocations are equal. Therefore, it is
locally correct to chose the wrong allocation.

Signed-off-by: Klaus Aehlig <aehlig@google.com>
Reviewed-by: Thomas Thrainer <thomasth@google.com>

Release version 2.7.0

We don't have notice of anything blocking for 2.7, and it's been in
release candidate state long enough. Any future problems can be
addressed as bugfixes.

Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Klaus Aehlig <aehlig@google.com>

Fix "instance replace" typo in admin.rst

gnt-instance `replace` should read `replace-disks`

Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Klaus Aehlig <aehlig@google.com>

Clean up work around for host name filtering

These functions simply served as a work around to express
host name matching by regular expressions, instead of using
correct equality filter on host names that provides
the correct matching already.

Signed-off-by: Klaus Aehlig <aehlig@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

Do not handle host queries special

As, since 91c1a265, the equality used for host names already
is based on matching, there is no need to use a special function
for this any more.

Signed-off-by: Klaus Aehlig <aehlig@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

Fix typo in the install guide

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Helga Velroyen <helgav@google.com>

Fix error in installation instructions

Remove erroneous trailing "\"

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

Add documentation for harep

Include a section in the Administrator's guide describing how to use the
autorepair tool.

Fixes Issue 446

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Thomas Thrainer <thomasth@google.com>

Fix typo in ganeti-2.8 design doc

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Klaus Aehlig <aehlig@google.com>

Support big-step shrinking in tiered allocation

In tiered allocation, if by shrinking only a single resource a valid
allocation can be found, shrinking is bound to shrink on this resource.
Of course, after shrinking that resource a little bit without finding
an allocation, this property is still valid. So we can as well shrink
on that resource as far as needed to get a valid allocation.

Signed-off-by: Klaus Aehlig <aehlig@google.com>
Reviewed-by: Thomas Thrainer <thomasth@google.com>

Disable pylint E1101 on hypothetical import

In some versions of python the module IN does not provide
the constant SO_PEERCRED (issue 191). So in commit 069a4b
a work around was added. However, this work around still
leaves lint warnings when working with those versions of
python. So disable this warning during the work around,
so that users of these python versions can still develop
and contribute to ganeti.

Signed-off-by: Klaus Aehlig <aehlig@google.com>
Reviewed-by: Thomas Thrainer <thomasth@google.com>
Reviewed-by: Helga Velroyen <helgav@google.com>

Merge branch 'stable-2.7' into stable-2.8

* stable-2.7:
  Provide the right fix for the kvm_extra parameter
  NEWS and version updates for 2.7.0~rc3
  kvm: don't pass whole extra as a single argument
  For node queries allow short forms of host names
  Provide a special filter for host names

Conflicts:
NEWS: trivial
configure.ac: trivial

Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Michele Tartara <mtartara@google.com>

Provide the right fix for the kvm_extra parameter

With the previous adjustment the arguments were boxed into one extra
array. This actually makes the parameter work (with the same caveats).

The manpage is also updated with the limitations.

Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Thomas Thrainer <thomasth@google.com>

NEWS and version updates for 2.7.0~rc3

Time for a new release.

Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Klaus Aehlig <aehlig@google.com>

kvm: don't pass whole extra as a single argument

If extra is longer than a single word passing it the way it was passed
won't work. Of course this solution is also only partial, as won't take
into account any form of quoting. :/

Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Klaus Aehlig <aehlig@google.com>

For node queries allow short forms of host names

For node queries use the host-name filter instead of the simple
equality-based one.

Signed-off-by: Klaus Aehlig <aehlig@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

Provide a special filter for host names

For host names, usually short forms are used, e.g., node1 or node1.sub
instead of the full qualified node1.sub.example.com. Therefore comparing
node names only by equality is too restrictive. This patch provides an
alternative makeHostnameFilter to makeSimpleFilter suitable for comparing
host names.

Signed-off-by: Klaus Aehlig <aehlig@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

gnt-cluster info (py): add enabled disk templates

This fixes issue 485. In the python implementation of
the cluster config info, the enabled_disk_templates
were missing.

Signed-off-by: Helga Velroyen <helgav@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

Version bump to 2.8.0~beta1

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Thomas Thrainer <thomasth@google.com>

Change version numbers in documentation

Some of the documents have the version number of Ganeti. This commit updates
it in preparation for the 2.8 version bump.

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Thomas Thrainer <thomasth@google.com>

Fix issue with python coverage tests

The recently introduced check for python libraries required only for testing
(commit 27df5b736ef72b3b12c07f32d64dbac95fe7a5ba) was not correct. This
patch fixes the issue.

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

Merge branch 'stable-2.7' into stable-2.8

* stable-2.7:
  Add a warning about the restriction of gnt-node evacuate
  Fix permissions of the queue archive dir
  Fix daemon QA tests
  grow disk: call SetDiskID before blockdev_getsize
  Catch DeviceCreationError unhandled exceptions

Conflicts:
lib/cmdlib.py (due to the cmdlib split)
qa/qa_daemon.py (trivial)

Signed-off-by: Thomas Thrainer <thomasth@google.com>
Reviewed-by: Michele Tartara <mtartara@google.com>

Catch DeviceCreationError unhandled exceptions

_CreateBlockDevInner is called twice in TLReplaceDisks. While this
should be fixed, right now this leaves the DeviceCreationError exception
unhandled, which causes a problem due to the fact that this exception
was never supposed to be sent over the wire. For 2.7 we just catch the
exception and convert it to an OpExecError, but we should later do a
more proper cleanup.

This addresses Issue 472.

Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Michele Tartara <mtartara@google.com>

grow disk: call SetDiskID before blockdev_getsize

Missing this call caused blockdev_getsize to be called on the wrong
physical device, and fail.

This fixes Issue 497.

Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Michele Tartara <mtartara@google.com>

Fix daemon QA tests

TestInstanceConsecutiveFailures now leaves the test instance in the same
state it got it.

Signed-off-by: Thomas Thrainer <thomasth@google.com>
Reviewed-by: Michele Tartara <mtartara@google.com>

Disable python test if required libraries are missing

Some python libraries are only needed for the tests, but not for running
Ganeti. If those libraries are missing, just disable the Python tests.

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Thomas Thrainer <thomasth@google.com>

Better specify what packages to install

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Klaus Aehlig <aehlig@google.com>

Improve install guide

Add command for updating the list of cabal packages, before starting
installing them.

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Klaus Aehlig <aehlig@google.com>

Fix typo in the documentation index

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Klaus Aehlig <aehlig@google.com>

Fix typos in the documentation index

This patch fixes some typos in the documentation index.

Signed-off-by: Weiwei Jia <harryxiyou@gmail.com>
Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Michele Tartara <mtartara@google.com>

Update security document wrt confd access to SSL cert

The fact that confd has been given access to the server.pem certificate
needs to be described in the security document.

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Klaus Aehlig <aehlig@google.com>

Fix permissions of the queue archive dir

The permissions were set to 0740, but of course being a directory the
correct permissions are 0750.

Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Michele Tartara <mtartara@google.com>

Add a warning about the restriction of gnt-node evacuate

Even though gnt-node evacuate should be able to evacuate all instances
at once, this currently is not the case. Add a warning about this deficit
for the time being.

Signed-off-by: Klaus Aehlig <aehlig@google.com>
Reviewed-by: Michele Tartara <mtartara@google.com>

Add tools for building deb packages to build_chroot

The chroot only had tools for building and testing Ganeti, but not for
building its Debian packages. They are added by this commit.

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Klaus Aehlig <aehlig@google.com>

Improve the final message of build_chroot

Give more precise instructions on the next steps to actually run the
chroot.

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Klaus Aehlig <aehlig@google.com>

Make build_chroot self-contained

The configuration file are included in build_chroot, and are
automatically created by the script if it is not able to find them
already in the directory pointed by $DATA_DIR.

Note that the configuration file directory is cleaned if it's temporary,
but it is left untouched if it was esplicitly specified by the user.

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Klaus Aehlig <aehlig@google.com>

Add confd user to masterd group

The server.pem file is 0440 (materd_uid, masterd_gid) and cannot be
accessed by confd.

This patch contains a workaround for 2.8.0~beta1 (adding conf to the
masterd group in the user setup tool, and remembering the users to
actually execute that tool while upgrading).

This partially fixes Issue 292.

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Klaus Aehlig <aehlig@google.com>

In tiered allocation, cut non-promising shrinking tries

The heuristics for tiered allocation has been improved in that it
chooses to shrink such a resource next where by shrinking only this
resource a valid allocation can be made, if such a resource exists.
In order to decide whether such a resource exists, all potential
sizes of this resource are verified. We can improve performance by
cutting, as soon a potential allocation of an instance is no longer
blocked on this resource.

Signed-off-by: Klaus Aehlig <aehlig@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

Merge branch 'stable-2.7' into stable-2.8

* stable-2.7
More agressively line break man pages

Signed-off-by: Klaus Aehlig <aehlig@google.com>
Reviewed-by: Thomas Thrainer <thomasth@google.com>

More agressively line break man pages

Newer versions of pandoc (as, e.g., shipped with Ubuntu 13.04)
more agressively quote, in particular minus signs. That sometimes
leads to unintended line breaks, which are a problem, if the new
line starts with a dot.

Signed-off-by: Klaus Aehlig <aehlig@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>