Iustin Pop [Fri, 19 Nov 2010 10:17:12 +0000 (11:17 +0100)]
Fix documentation regarding conversion to drbd
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: René Nussbaumer <rn@google.com>
Iustin Pop [Wed, 17 Nov 2010 10:53:10 +0000 (11:53 +0100)]
QA: add tests for gnt-cluster modify -B
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Wed, 17 Nov 2010 10:52:04 +0000 (11:52 +0100)]
LUSetClusterParms: fix validation of beparams
Since the contents of the dict is validated via the ForceDictType, we can
simply require that it is a dict here. The previous check was wrong, as it was
copied from the HV checks (which also doesn't verify the leaf dict type).
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Michael Hanselmann [Mon, 8 Nov 2010 19:44:00 +0000 (20:44 +0100)]
devel/release: Use release-specific Makefile targets
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Mon, 8 Nov 2010 19:43:39 +0000 (20:43 +0100)]
Makefile: Add new dist target for releases
A new script, autotools/check-tar, is used to check the resulting
.tar.gz file for unwanted contents like wrong file owners or
permissions.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Wed, 27 Oct 2010 15:20:20 +0000 (17:20 +0200)]
Makefile: Stricter checks for release distchecks
This should avoid cases like commit
f64de30f where the release
date was forgotten from NEWS.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Mon, 25 Oct 2010 16:37:52 +0000 (18:37 +0200)]
Allow remote imports without checked names
By default all names are checked (LUCreateInstance, name_check). In some
cases it can be useful to disable this check, but doing so was not
allowed for remote imports. One should be aware, however, that using
this feature can lead to rename script failures when importing a remote
instance without the proper name, e.g.:
“Failed to run rename script for inst1 on node node3.example.com: OS
rename script failed (exited with exit code 1), last lines in the log
file:\nCannot rename from inst2.example.com to inst1:\nInstance has a
different hostname (inst2)”
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Fri, 22 Oct 2010 16:07:39 +0000 (18:07 +0200)]
ConfigWriter: Fix typo in error message parts
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Iustin Pop [Fri, 22 Oct 2010 07:59:03 +0000 (09:59 +0200)]
Fix remote imports
A simple typo…
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: René Nussbaumer <rn@google.com>
Michael Hanselmann [Tue, 19 Oct 2010 11:26:40 +0000 (13:26 +0200)]
Bump version to 2.2.1, update NEWS
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Apollon Oikonomopoulos [Fri, 15 Oct 2010 05:55:59 +0000 (08:55 +0300)]
http.client: Disable SSL session ID cache
This patch disables the SSL session ID cache for all cURL operations.
This is needed because http.HttpBase's PyOpenSSL implementation does not
currently set a context using SSL_set_session_id_context(3SSL), cURL
tries to re-use the session ID and, according to
SSL_set_session_id_context(3SSL):
If the session id context is not set on an SSL/TLS server and client
certificates are used, stored sessions will not be reused but a fatal
error will be flagged and the handshake will fail.
Ideally, session caching should be either controlled, or disabled in
HttpBase, however PyOpenSSL does not seem to implement
SSL_CTX_set_session_cache_mode nor SSL_CTX_set_session_id_context which
are used for these purposes (it seems that only M2Crypto's SSL module
supports these).
Signed-off-by: Apollon Oikonomopoulos <apollon@noc.grnet.gr>
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Fri, 15 Oct 2010 14:48:26 +0000 (16:48 +0200)]
Crude workaround for pylint breakage
The way we currently call pylint, the exact order it inspect modules in
lib/http/ depends on the filesystem order. This is not good, and if
lib/http/server.py is loaded before lib/http/__init__.py, it will throw
a "R0921:763:HttpMessageReader: Abstract class not referenced" (as that
class is used in server.py).
For the short-term fix, we just add server.py after "ganeti", so that
it gets parsed (again?) and pylint sees the usage of the class.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Thu, 14 Oct 2010 10:58:06 +0000 (12:58 +0200)]
Release 2.2.1~rc1
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Thu, 14 Oct 2010 10:34:57 +0000 (12:34 +0200)]
Merge branch 'stable-2.2' into devel-2.2
* stable-2.2:
Require aclocal 1.11.1 or above for devel/release
Revert "Require aclocal 1.11.1 or above for autogen.sh"
Set list of trusted SSL CAs for client to verify
Require aclocal 1.11.1 or above for autogen.sh
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Guido Trotter [Wed, 13 Oct 2010 10:44:55 +0000 (11:44 +0100)]
Require aclocal 1.11.1 or above for devel/release
1.11.1 is the version in squeeze and lucid, and we know it works. We
also know that 1.10.1 in hardy and lenny doesn't, nor do 1.10 in etch
and 1.9.6 in dapper. We haven't tested any other version.
With older versions python.m4 is buggy, and results in the package being
built not working on python 2.6 (which uses dist-packages rather than
site-packages as a module directory).
Version comparison is done component-by-component, over a bash array.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Guido Trotter [Wed, 13 Oct 2010 10:09:45 +0000 (11:09 +0100)]
Revert "Require aclocal 1.11.1 or above for autogen.sh"
The comparison is incorrect, and the check also breaks daily work on
autobuilders and older distros.
This reverts commit
dbc4dda7f5b66c9905c3cf6e44414536a5b38177.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Iustin Pop [Tue, 12 Oct 2010 15:50:04 +0000 (17:50 +0200)]
Add mising --units in gnt-instance list man page
Also fixes some wrapping issues, and one typo.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
(cherry picked from commit
f8409165b4e6d24bd160ee6c85ba432ae8afa117)
Conflicts:
man/gnt-instance.sgml (re-wrapped)
Apollon Oikonomopoulos [Tue, 12 Oct 2010 15:08:06 +0000 (18:08 +0300)]
Set list of trusted SSL CAs for client to verify
As per SSL_CTX_set_client_CA_list(3SSL), set the list of acceptable CAs
advertised to SSL clients to include the server's own certificate. This
evidently fixes the pycurl/gnutls RPC client.
During the TLS Handshake, when client verification is requested, the
Server sends a CertificateRequest message which states that the client
should send a valid certificate as a response. The CertificateRequest
message contains a section called "certificate_authorities", which,
according to the standard, is a list of the Distinguished Names (DNs) of
acceptable certification authorities. The client uses this list to send
a certificate signed by one of the acceptable CAs.
Under OpenSSL's server implementation, this list must be set manually
using some appropriate call, otherwise the list is empty. TLS 1.0[1]
does not state whether the list may be left blank, whereas TLS 1.1[2]
and 1.2[3] state that in case the list is blank, then the client *may*
send any certificate of a valid type (valid types are specified
elsewhere in the handshake).
OpenSSL clients seem to obey the behaviour specified in TLS 1.1+,
whereas at least curl+GnuTLS does not send any certificates if the list
is empty (which is not wrong per the spec, but also evidently not
configurable).
[1] http://tools.ietf.org/html/rfc2246
[2] http://tools.ietf.org/html/rfc4346
[3] http://tools.ietf.org/html/rfc5246
Signed-off-by: Apollon Oikonomopoulos <apollon@noc.grnet.gr>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Guido Trotter [Tue, 12 Oct 2010 15:30:50 +0000 (16:30 +0100)]
Require aclocal 1.11.1 or above for autogen.sh
1.11.1 is the version in squeeze and lucid, and we know it works. We
also know that 1.10.1 in hardy and lenny doesn't, nor do 1.10 in etch
and 1.9.6 in dapper. We haven't tested any other version.
With older versions python.m4 is buggy, and results in the package being
built not working on python 2.6 (which uses dist-packages rather than
site-packages as a module directory).
The autogen.sh interpreter is changed to bash, as we need to use the [[
builtin to compare versions with "<". [ doesn't have that functionality,
and we can't of course rely on dpkg, which won't be installed on all
distributions.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Iustin Pop [Mon, 11 Oct 2010 12:31:09 +0000 (14:31 +0200)]
RPC: disable curl's Expect header
This patch solves the very slow (~8-9 seconds) gnt-instance modify
behaviour. Well, it solves in general the slow RPC behaviour, but it was
most visible in that LU.
It seems that curl's behaviour with regard to file uploads (via PUT) and
the 'Expect' header are interacting badly with our http server.
First, our http server doesn't properly handle this header. According to
RFC 2616:
Requirements for HTTP/1.1 origin servers: Upon receiving a request
which includes an Expect request-header field with the "100-continue"
expectation, an origin server MUST either respond with 100 (Continue)
status and continue to read from the input stream, or respond with a
final status code.
Our server doesn't do this, and hence it triggers this behaviour in curl
(from the curl FAQ):
4.16 My HTTP POST or PUT requests are slow!
libcurl makes all POST and PUT requests (except for POST requests with a
very tiny request body) use the "Expect: 100-continue" header. This header
allows the server to deny the operation early so that libcurl can bail out
already before having to send any data. This is useful in authentication
cases and others.
However, many servers don't implement the Expect: stuff properly and if the
server doesn't respond (positively) within 1 second libcurl will continue
and send off the data anyway.
You can disable libcurl's use of the Expect: header the same way you disable
any header, using -H / CURLOPT_HTTPHEADER, or by forcing it to use HTTP 1.0.
This behaviour was detected by watching the captured traffic (in non-SSL
mode), where between the initial HTTP headers (ending with the Expect
one), there was a ~1-2 second pause until curl was sending the body.
Properly RTFM-ing would have saved ~1 day of digging around, but hey…
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Guido Trotter [Fri, 8 Oct 2010 17:31:29 +0000 (18:31 +0100)]
Merge commit 'v2.2.0.1' into stable-2.2
* commit 'v2.2.0.1':
Release Ganeti 2.2.0.1
Conflicts:
NEWS
- merge
configure.ac
- keep 2.2.1~rc0 version
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Luca Bigliardi <shammash@google.com>
Guido Trotter [Fri, 8 Oct 2010 16:55:40 +0000 (17:55 +0100)]
Release Ganeti 2.2.0.1
2.2.0 was built with old autotools, and it's incompatible with Python
2.6. Rebuilding with a newer autotools version fixes this.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Luca Bigliardi <shammash@google.com>
Michael Hanselmann [Thu, 7 Oct 2010 13:08:47 +0000 (15:08 +0200)]
Bump version to 2.2.1~rc0
Also update NEWS.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Iustin Pop [Thu, 7 Oct 2010 09:56:12 +0000 (11:56 +0200)]
Try again to fix the inter-cluster move QA test
This time, we re-establish the old pri/sec nodes corretly. Unfortunately this
will require now a 3-node cluster at least for drbd instances, hence it's
somewhat suboptimal, but… The other option would be to move it simply from p:s
to s:p and then back to p:s, without involving a third node (for DRBD case),
but I think that moving it to a completely separate node is slightly better for
testing.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Wed, 6 Oct 2010 11:41:49 +0000 (13:41 +0200)]
QA: Fix instance move tests
The instance move tests were moving the instance from node pair (A,_) to
(B, A), and left it there. This patch makes sure that the first step
moves the instance to (B,A) but the second one back to (A,B), so that
the instance is left on the same primary node.
The original secondary node is lost though, if I read the code
correctly.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Michael Hanselmann [Fri, 1 Oct 2010 15:09:12 +0000 (17:09 +0200)]
Add simple unittest for utils.CommaJoin
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Fri, 1 Oct 2010 14:59:59 +0000 (16:59 +0200)]
LUDelTags: Improve formatting of error message
Use utils.CommaJoin to add spaces after comma, clean up code a bit.
Before: Tag(s) 'bar','baz','foo','moo' not found
After: Tag(s) 'bar', 'baz', 'foo', 'moo' not found
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Fri, 1 Oct 2010 14:59:41 +0000 (16:59 +0200)]
LUGetTags: Acquire locks in shared mode
Retrieving tags can be done while the lock is shared. Only writing
needs to be exclusive.
Also add a FIXME for cluster tags, where the code currently doesn't
use any locks except the config lock.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Fri, 1 Oct 2010 11:56:53 +0000 (13:56 +0200)]
gnt-cluster: Replace hardcoded “xenvg” with value retrieved from master
This fixes issue 125 (http://code.google.com/p/ganeti/issues/detail?id=125)
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Fri, 1 Oct 2010 11:56:46 +0000 (13:56 +0200)]
Export VG name via LUQueryConfigValues
This will be used by LUXI client programs to display the VG name.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Wed, 29 Sep 2010 15:34:51 +0000 (17:34 +0200)]
RAPI QA: Override MAC address when moving instance
This will make this test work again.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Wed, 29 Sep 2010 15:31:36 +0000 (17:31 +0200)]
move-instance: Allow overriding instance parameters
When moving a single instance within the same cluster, the NIC
is not allowed to re-use an existing MAC address. To avoid this,
NIC parameters must be overridden. BE, HV, OS and NIC parameters
can be overridden after applying this patch.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Wed, 29 Sep 2010 15:30:05 +0000 (17:30 +0200)]
cli: Move parsing of --net option to separate function
This function will also be used in tools/move-instance.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Tue, 5 Oct 2010 13:47:51 +0000 (14:47 +0100)]
kvm: collapse two consecutive extend calls
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Miguel Di Ciurcio Filho [Tue, 5 Oct 2010 13:35:02 +0000 (10:35 -0300)]
kvm: Introduce support for -mem-path
Using hugepages, KVM instances can get a good performance boost. To
activate that, we need to pass the -mem-path argument to KVM along with
the mount point of the hugetlbfs file system on the node.
For the sake of memory availability computation, we use the -mem-prealloc
argument when enabling hugepages, so KVM will reserve all hugepages it
needs when it starts. This avoids allocating an instance on a node that
will not have enough pages in case other instance needs more than what
is available after it boots.
Signed-off-by: Miguel Di Ciurcio Filho <miguel.filho@gmail.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Iustin Pop [Tue, 5 Oct 2010 09:07:28 +0000 (11:07 +0200)]
Rename the _oss cluster vars to _os
Per the mailing list discussion, rename _oss to _os, both in cluster parameters
and in the rest of the code.
This is just an s/_oss/_os, with the exception of a small bit of cleanup
around the helper_os function in cmdlib.py.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Michael Hanselmann [Mon, 4 Oct 2010 16:41:52 +0000 (18:41 +0200)]
Merge branch 'stable-2.2' into devel-2.2
* stable-2.2:
Bump version to 2.2.0, update NEWS
Fix instance rename regression from
3fe11ba3
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Michael Hanselmann [Mon, 4 Oct 2010 16:40:04 +0000 (18:40 +0200)]
gnt-job info: Sort input fields
This helps to find a value for complex opcodes.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Mon, 4 Oct 2010 15:22:53 +0000 (16:22 +0100)]
KVM: Add function to check the hypervisor version
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Michael Hanselmann [Mon, 4 Oct 2010 14:58:08 +0000 (16:58 +0200)]
Bump version to 2.2.0, update NEWS
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Iustin Pop [Thu, 30 Sep 2010 00:32:38 +0000 (20:32 -0400)]
Fix instance rename regression from
3fe11ba3
Committ
3fe11ba3 broke the instance rename as we don't use the FQDN
anymore. This fixes it.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Thu, 30 Sep 2010 00:32:38 +0000 (20:32 -0400)]
Fix instance rename regression from
3fe11ba3
Committ
3fe11ba3 broke the instance rename as we don't use the FQDN
anymore. This fixes it.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Michael Hanselmann [Thu, 30 Sep 2010 16:16:34 +0000 (18:16 +0200)]
Update RAPI documentation for /2/nodes/[node_name]/migrate
This was forgotten in commit
52194140.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Iustin Pop [Wed, 22 Sep 2010 07:34:12 +0000 (09:34 +0200)]
Sort OS names and variants in LUDiagnoseOS
The OS list and variants as returned from LUDiagnoseOS is not sorted,
and gnt-instance reinstall doesn't sort it either. This means that it
the menu that users are present with is inconsistent across clusters,
and that is confusing.
To make this consistent across all users of the LU, we sort the names in
the LU itself.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Tue, 21 Sep 2010 11:50:07 +0000 (13:50 +0200)]
Add some trivial QA tests for the new OS states
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Tue, 21 Sep 2010 08:07:12 +0000 (10:07 +0200)]
Change behaviour of OpDiagnoseOS w.r.t. 'valid'
This patch changes the behaviour of OpDiagnoseOS with regards to the
'valid' field to be similar to the one for the hidden/blacklisted
fields: unless this field is requested, invalid OSes are filtered out.
The rationale is that, except for the gnt-os info/diagnose, all other
users of this opcode are requesting the valid field just to filter out
invalid OSes, and not for any other use. Thus, changing this behaviour
makes these callers simpler.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Iustin Pop [Tue, 21 Sep 2010 07:59:33 +0000 (09:59 +0200)]
Allow gnt-os modify to change the new OS params
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Iustin Pop [Tue, 21 Sep 2010 07:58:53 +0000 (09:58 +0200)]
Add two more _T-type tests
These are useful for more in-depth checking of some kinds of arguments.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: René Nussbaumer <rn@google.com>
Iustin Pop [Mon, 20 Sep 2010 09:52:31 +0000 (11:52 +0200)]
Add blacklisted/hidden OS support in LUDiagnoseOS
This changes the behaviour of LUDiagnoseOS significantly.
The addition of hidden/blacklisted OSes would mean that each user-facing
client would have to filter intentionally such OSes from display, which
is not a good choice. Rather, the patch makes LUDiagnoseOS not return
any hidden or blacklisted OSes unless the hidden or respectively the
blacklisted status is requested.
While unconventional, this makes `gnt-instance reinstall --select-os`
work as intended without any changes; similar for gnt-os list. gnt-os
diagnose/gnt-os info are changed to query for, and display the new
fields.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Iustin Pop [Thu, 16 Sep 2010 15:42:51 +0000 (17:42 +0200)]
Restrict blacklisted OSes in instance installation
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Iustin Pop [Thu, 16 Sep 2010 14:34:15 +0000 (16:34 +0200)]
Add two new cluster settings
The new variables are:
- a list of hidden OSes, that should not be displayed to the users in
interactive selection (e.g. reinstall); however, if they are selected, they
can be used
- a list of OSes that should be hidden and blocked from install-time selection
The filtering will apply at pure OS name level, not OS+variant level.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Iustin Pop [Thu, 16 Sep 2010 14:00:25 +0000 (16:00 +0200)]
Abstract OS name/variant functions
Currently, the computation of the 'pure' name or the variant is
hardcoded and spread around the functions that need it. This is not
nice, and in the future we'd spread it even more with more usage of
variants/pure os names.
This patch abstracts these functions into the OS class, and then
replaces the hardcoded uses with the new functions.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Iustin Pop [Tue, 21 Sep 2010 08:38:04 +0000 (10:38 +0200)]
Add OS new states to the design doc
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Iustin Pop [Tue, 21 Sep 2010 08:26:02 +0000 (10:26 +0200)]
Remove the RPC changes from the 2.2 design
These were not implemented.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Iustin Pop [Tue, 21 Sep 2010 08:24:18 +0000 (10:24 +0200)]
Remove 'Detailed Design' from design-2.2.rst
This also bumps up the rest of the headings.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Michael Hanselmann [Wed, 22 Sep 2010 14:33:34 +0000 (16:33 +0200)]
Merge branch 'stable-2.2' into devel-2.2
* stable-2.2:
NEWS: Add 2.2.0~rc2 release date
Bump version to 2.2.0~rc2
Remove two old aliases
Fix migration on new KVMs
Prepare 2.2.0~rc2 release
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: René Nussbaumer <rn@google.com>
Michael Hanselmann [Wed, 22 Sep 2010 12:58:37 +0000 (14:58 +0200)]
Merge branch 'devel-2.1' into devel-2.2
* devel-2.1:
Fix mac checker regex
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: René Nussbaumer <rn@google.com>
Michael Hanselmann [Wed, 22 Sep 2010 12:49:52 +0000 (14:49 +0200)]
NEWS: Add 2.2.0~rc2 release date
This was forgotten when preparing the release.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: René Nussbaumer <rn@google.com>
Michael Hanselmann [Wed, 22 Sep 2010 10:44:17 +0000 (12:44 +0200)]
Bump version to 2.2.0~rc2
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Iustin Pop [Tue, 21 Sep 2010 18:24:28 +0000 (20:24 +0200)]
Fix mac checker regex
Currently, the mac checker regex could match a corner case of
11:22:33:44:55:66: (one extra colon at the end). We fix this, and we
also move the regex compilation outside of this function, at module
level.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Tue, 21 Sep 2010 07:09:08 +0000 (09:09 +0200)]
Remove two old aliases
These were deprecated since Ganeti 2.0, it's time to remove them.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Vitaly Kuznetsov [Thu, 16 Sep 2010 20:27:24 +0000 (20:27 +0000)]
Fix migration on new KVMs
New KVMs (0.12.1.2-el6 and 0.13.5 tested) exit immediately after
unsuccessful network connection when they are in "-incoming" mode. The
simple check netutils.TcpPing causes remote kvm to exit so the migration
will always fail. This check is also redundant by the way as if the
network port is closed migration will fail with guarantee. This commit
removes this check.
Signed-off-by: Vitaly Kuznetsov <vitty@altlinux.ru>
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Fri, 17 Sep 2010 15:51:58 +0000 (17:51 +0200)]
Fix typo in ganeti man page
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Fri, 17 Sep 2010 15:35:36 +0000 (17:35 +0200)]
cli: Pass options in {Add,Remove}Tags
They'll be used for job priorities. Also add an empty line to
gnt-os where it's missing.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Fri, 17 Sep 2010 11:45:57 +0000 (13:45 +0200)]
Prepare 2.2.0~rc2 release
Update NEWS, but not yet configure.ac.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Thu, 16 Sep 2010 10:46:32 +0000 (12:46 +0200)]
QA: Test more tag operations via RAPI
This ensures tag operations work via RAPI. Also print requested URI to
stdout for debugging.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Wed, 15 Sep 2010 19:38:23 +0000 (21:38 +0200)]
qa_rapi: Fix indentation error
If no function to verify the result was specified, qa_rapi._DoTests
wouldn't return the result.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Thu, 16 Sep 2010 10:38:18 +0000 (12:38 +0200)]
Merge branch 'stable-2.2' into devel-2.2
* stable-2.2:
cmdlib: Fix type of “name” parameter for tag operations
rlib2: Set tag operation param “name” to None for cluster tags
Fix OS_VARIANT variable setting
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Iustin Pop [Mon, 23 Aug 2010 14:20:26 +0000 (16:20 +0200)]
opcode summary: improve display for list summaries
Currently, opcodes like NODE_EVAC_STRATEGY look bad:
89684 error NODE_EVAC_STRATEGY([u'node3'])
With this patch, we try to render list arguments a little bit better:
89684 error NODE_EVAC_STRATEGY(node3)
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Thu, 16 Sep 2010 07:24:55 +0000 (09:24 +0200)]
Merge branch 'devel-2.1' into devel-2.2
* devel-2.1:
Fix case of MAC special-values
(no conflicts, took LGTM from original commit)
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Mon, 13 Sep 2010 09:30:03 +0000 (11:30 +0200)]
Fix case of MAC special-values
This fixes Debian bug #596347. An alternative would be to also allow
the uppercase form, but it's not nice I think.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Michael Hanselmann [Wed, 15 Sep 2010 19:37:38 +0000 (21:37 +0200)]
cmdlib: Fix type of “name” parameter for tag operations
The parameter “name” is be None for cluster tags.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Wed, 15 Sep 2010 19:39:05 +0000 (21:39 +0200)]
rlib2: Set tag operation param “name” to None for cluster tags
Otherwise parameter verification in the master daemon fails.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Mon, 13 Sep 2010 14:46:41 +0000 (16:46 +0200)]
Remove mcpu's ReportLocks callback
This is no longer needed with the new lock monitor. One callback is kept to
check for cancelled jobs.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Fri, 10 Sep 2010 15:28:30 +0000 (17:28 +0200)]
Revert "jqueue: Resume jobs from “waitlock” status"
This reverts commit
4008c8edae31a3971fa8c4b200238afc8005d3d4.
While it worked in my initial tests, I've now found cases where this doesn't
work properly as it is. More work is needed and will be done as part of the
Ganeti 2.3 job queue changes.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Vitaly Kuznetsov [Wed, 8 Sep 2010 16:57:45 +0000 (16:57 +0000)]
Fix OS_VARIANT variable setting
This was introduced in
efaa9b06d1e1e6d1678d0edd75b1ba37cf0de3d9.
in OSCoreEnv:
inst_os.name is pure operating system name (without variant) as variant is stripped
in OSFromDisk(). So we always get variant = inst_os.supported_variants[0] (first
variant in variants list).
Adding argument os_name with full name (including variant) solves this problem.
Signed-off-by: Vitaly Kuznetsov <vitty@altlinux.ru>
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
[modified by iustin to handle the call to OSCoreEnv from ValidateOS too]
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Michael Hanselmann [Fri, 10 Sep 2010 12:06:22 +0000 (14:06 +0200)]
Merge branch 'stable-2.2' into devel-2.2
* stable-2.2:
Fix pylint warning in http/__init__.py
Allow SSL ciphers to be overridden in HTTP server
If we had any errors in setup in one of the hosts, exit with non-zero
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Fri, 10 Sep 2010 11:48:53 +0000 (13:48 +0200)]
Fix pylint warning in http/__init__.py
My bad for not seeing this before:
R0201:614:HttpBase.GetSslCiphers: Method could be a function
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Fri, 10 Sep 2010 11:14:04 +0000 (13:14 +0200)]
Allow SSL ciphers to be overridden in HTTP server
Users of this class, such as the RAPI server, might want to override or adjust
the default SSL cipher defined in a constant.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Thu, 9 Sep 2010 16:17:25 +0000 (18:17 +0200)]
jqueue: Resume jobs from “waitlock” status
After an unclean restart of ganeti-masterd, jobs in the “waitlock” status can
be safely restarted. They hadn't modified the cluster yet.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: René Nussbaumer <rn@google.com>
Michael Hanselmann [Wed, 8 Sep 2010 17:25:07 +0000 (19:25 +0200)]
jqueue: Move queue inspection into separate function
This makes the __init__ function a lot smaller while not changing
functionality.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: René Nussbaumer <rn@google.com>
Michael Hanselmann [Thu, 9 Sep 2010 13:53:56 +0000 (15:53 +0200)]
jqueue: Don't update file in MarkUnfinishedOps
This reduced the number of updates to the job files. It's used in two places
while processing a job and the file is updated just afterwards.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Tue, 7 Sep 2010 14:04:00 +0000 (16:04 +0200)]
locking.SharedLock: Update class docstring
This was already outdated when the initial version of SharedLock was added
in commit
162c1c1f1 (February 2008).
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
René Nussbaumer [Thu, 9 Sep 2010 11:13:08 +0000 (13:13 +0200)]
If we had any errors in setup in one of the hosts, exit with non-zero
Signed-off-by: René Nussbaumer <rn@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
René Nussbaumer [Thu, 9 Sep 2010 11:09:41 +0000 (13:09 +0200)]
Fix the output of the key fingerprint from binary to hex
Signed-off-by: René Nussbaumer <rn@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Tue, 7 Sep 2010 09:53:12 +0000 (11:53 +0200)]
Merge branch 'stable-2.2' into devel-2.2
* stable-2.2:
Fix breakage introduced by commit
8044bf655
Remove “dry_run” from opcodes.OpCreateInstance
Disable the RAPI CA checks in watcher
move-instance: Fix parameter order in _CreateInstance
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Michael Hanselmann [Tue, 7 Sep 2010 09:44:26 +0000 (11:44 +0200)]
cli: Use list of options shared between commands
The completion script for bash has to know about these options. Until now
the list was in two places--once in cli.py and once in
autotools/build-bash-completion. A shared list is used with this patch.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Mon, 6 Sep 2010 19:58:31 +0000 (21:58 +0200)]
jqueue: Use separate function for encoding errors
Comes with unittest.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Manuel Franceschini [Fri, 3 Sep 2010 10:47:51 +0000 (12:47 +0200)]
Fix some epydoc warnings
Signed-off-by: Manuel Franceschini <livewire@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Michael Hanselmann [Thu, 2 Sep 2010 16:34:38 +0000 (18:34 +0200)]
Fix breakage introduced by commit
8044bf655
Note to self: even patches removing one line can break everything.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Manuel Franceschini <livewire@google.com>
Michael Hanselmann [Thu, 2 Sep 2010 15:52:44 +0000 (17:52 +0200)]
Remove “dry_run” from opcodes.OpCreateInstance
I'ts declared twice, once in opcodes.OpCode and here, and this one
is redundant.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Iustin Pop [Thu, 2 Sep 2010 09:18:27 +0000 (11:18 +0200)]
Disable the RAPI CA checks in watcher
Since the RAPI certificate is not necessarily self-signed, and we
currently don't have any configuration variable for the real CA file, we
disable for now the CA checks. This fixes the 'restart RAPI every 5
minutes' problem with non-self-signed certs.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Manuel Franceschini [Wed, 1 Sep 2010 09:34:30 +0000 (11:34 +0200)]
move-instance: Fix parameter order in _CreateInstance
This patch fixes a bug, which caused the primary and secondary
destination nodes to be revered on the destination cluster after an
instance move.
Signed-off-by: Manuel Franceschini <livewire@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Michael Hanselmann [Thu, 26 Aug 2010 16:17:20 +0000 (18:17 +0200)]
Show list of pending acquires in “gnt-debug locks”
This is accomplished by keeping a list of waiting threads instead
of just their number inside the lock-internal condition. A few
other tweaks to the output format are also made.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
René Nussbaumer [Tue, 24 Aug 2010 11:54:01 +0000 (13:54 +0200)]
Adding host key verification to setup-ssh
Signed-off-by: René Nussbaumer <rn@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
René Nussbaumer [Tue, 24 Aug 2010 14:21:37 +0000 (16:21 +0200)]
Adding a paramiko fingerprint format helper
And provide unittests for them
Signed-off-by: René Nussbaumer <rn@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Tue, 24 Aug 2010 17:06:33 +0000 (18:06 +0100)]
Merge branch 'devel-2.1' into devel-2.2
* devel-2.1:
Increase version to 2.1.7
Update NEWS for the 2.1.7 release
Conflicts:
NEWS
- merge
configure.ac
- keep the 2.2 version
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Tue, 24 Aug 2010 16:46:43 +0000 (17:46 +0100)]
Increase version to 2.1.7
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Fri, 20 Aug 2010 09:39:29 +0000 (10:39 +0100)]
Update NEWS for the 2.1.7 release
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Tue, 24 Aug 2010 15:22:29 +0000 (17:22 +0200)]
Fix race condition in locking unittest
While writing unittests for the new lock monitor, I made a small mistake and
didn't synchronize acquiring locks properly. This patch takes care of this
issue by adding additional synchronization.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>