Luca Bigliardi [Wed, 12 May 2010 15:02:36 +0000 (16:02 +0100)]
Node daemon availability improvements proposal
Signed-off-by: Luca Bigliardi <shammash@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Michael Hanselmann [Wed, 12 May 2010 12:12:00 +0000 (14:12 +0200)]
Fix wrong variable name in commit
d975f482
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Wed, 12 May 2010 11:30:27 +0000 (13:30 +0200)]
RAPI: Add initial support for instance creation request version
The way the resource /2/instances expects its request data (e.g.
instance name, disks, NICs) to be formatted in a dict is not
very extensible. HV and BE parameters are interleaved with all
other values. In commit
495cfdf0 a new parameter “mode” was added
which can be misunderstood as the instance creation mode, but is
actually a mode for the network interface.
Short of bumping the whole RAPI version (currently 2), which would
involve many, many other changes and potentially break clients,
we can not change the request format easily as it needs to stay
backwards and future-compatible as far as possible. This is not an
internal API, but one used by several external applications.
By introducing a data format version per request, we can still
support the old request format, and thereby not break existing users,
while we can add a more flexible request format which will, for
example, support multiple NICs and move HV/BE parameters to separate
containers, avoiding conflicts.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Guido Trotter [Wed, 12 May 2010 10:09:33 +0000 (11:09 +0100)]
Convert some ReadFile calls to ReadOneLineFile
For passwords we require strict oneliners, we're a bit more lax with pid
and uid files.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Tue, 11 May 2010 16:00:22 +0000 (17:00 +0100)]
utils.ReadOneLineFile()
Read the first non-empty file line. When strict is set, abort if more
than one line is non-empty. Some unittests inspired by the reverted ones
from commit
b774bb106cc28d008e790ad2666eb64c76866fa0, and some new ones.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Tue, 11 May 2010 15:32:03 +0000 (16:32 +0100)]
Remove oneline= parameter from utils.ReadFile
This partially reverts commit
b774bb106cc28d008e790ad2666eb64c76866fa0.
Unittests unrelated to that particular functionality but introduced in
that commit are left untouched. Since the temporary directory is now
only used to check for a non-existing file, it is removed as well, and
a convenient very-very-unlikely-to-exist file is used instead.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Wed, 12 May 2010 08:40:15 +0000 (09:40 +0100)]
install.rst: update os version and add KVM notes
The 0.7 version was just an example, but since we're on 0.9 now,
updating the number cannot be wrong. The new admonition helps KVM users
to configure debootstrap correctly so that instances can be shutdown
cleanly.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Wed, 12 May 2010 08:30:03 +0000 (09:30 +0100)]
INSTALL: update hypervisor requirements
Xen: Just specify 3.0 or above as a requirement, as versions above 3.1
have been tested and work fine with Ganeti. Also note that the Xen
dependency is optional, if one wants to work with KVM.
KVM: list as an alternative, specify that 72 (the one shipped with
lenny) is the bare minimum, but newer qemu-kvm is recommended.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Wed, 12 May 2010 09:28:38 +0000 (11:28 +0200)]
RAPI client: Fix SSL error reporting for real
My previous patch, commit
857705e8, helped in one particular
situation where the exception didn't contain any arguments
(pyOpenSSL reporting a WantReadError, which shouldn't occur with a
blocking socket anyway). With this patch, more common and uncommon
errors should be easy to recognize.
SSL errors without any of these patches:
“ganeti.rapi.client.CertificateError: SSL issue:
[('SSL routines', 'SSL3_GET_SERVER_CERTIFICATE',
'certificate verify failed')]”
SSL errors with both patches:
“ganeti.rapi.client.CertificateError: SSL issue:
[('SSL routines', 'SSL3_GET_SERVER_CERTIFICATE',
'certificate verify failed')] (<OpenSSL.SSL.Error
instance at 0x…>)”
WantReadError without any of these two patches:
“ganeti.rapi.client.CertificateError: SSL issue: ”
WantReadError with both patches:
“ganeti.rapi.client.CertificateError: SSL issue:
(<OpenSSL.SSL.WantReadError instance at 0x…>)”
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Tue, 11 May 2010 16:58:40 +0000 (18:58 +0200)]
RAPI client: Improve SSL error reporting
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Michael Hanselmann [Tue, 11 May 2010 15:55:45 +0000 (17:55 +0200)]
RAPI client: Don't check node role in client
Only the server knows which node roles can be set via RAPI.
Constants are provided for convenience.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Michael Hanselmann [Tue, 11 May 2010 15:50:50 +0000 (17:50 +0200)]
RAPI client: Update ReplaceInstanceDisks
- The RAPI client shouldn't check the replacement mode as only
the server knows which ones are valid (constants are still
provided for convenience)
- Disks shouldn't be a list of names, but of indexes
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Michael Hanselmann [Tue, 11 May 2010 14:22:29 +0000 (16:22 +0200)]
RAPI client: Fix behaviour of “allocatable” storage flag
When modifying a storage unit, the “allocatable” flag should default
to “no modification”. This replicates the behaviour of the command
line interface.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Michael Hanselmann [Tue, 11 May 2010 16:19:12 +0000 (18:19 +0200)]
RAPI client: Encode boolean and None query values
Boolean values must be passed as 0 or 1. None should be an empty
value ("").
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Michael Hanselmann [Tue, 11 May 2010 14:14:30 +0000 (16:14 +0200)]
RAPI client: No longer check storage type locally
Only the RAPI server (actually masterd) knows which storage types
are valid. The exception can no longer be raised as the type is
only checked in the job.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Michael Hanselmann [Tue, 11 May 2010 14:08:40 +0000 (16:08 +0200)]
RAPI client: Add constant for RAPI version
This reverts
a60e3cb0a partially by moving the RAPI version into a constant.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Michael Hanselmann [Mon, 10 May 2010 15:26:32 +0000 (17:26 +0200)]
RAPI QA: Use RAPI client
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Mon, 10 May 2010 15:21:45 +0000 (17:21 +0200)]
QA: Restore RAPI cert after “gnt-cluster renew-crypto”
The RAPI tests will depend on the certificate.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Mon, 10 May 2010 15:21:59 +0000 (17:21 +0200)]
QA: Add function create temporary backup file
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Mon, 10 May 2010 14:10:30 +0000 (16:10 +0200)]
RAPI client: Don't assume job IDs to be numeric
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: David Knowles <dknowles@google.com>
Michael Hanselmann [Mon, 10 May 2010 14:09:37 +0000 (16:09 +0200)]
Add RAPI client utility module with RAPI PollJob function
The RAPI client module shouldn't depend on any Ganeti module, yet it's
useful to have some Ganeti-specific code, like a PollJob function for
RAPI.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: David Knowles <dknowles@google.com>
Michael Hanselmann [Tue, 11 May 2010 12:45:56 +0000 (14:45 +0200)]
RAPI client: Include HTTP error code in GanetiApiError exception
Having the HTTP error code allows users of the class to act differently based
on the error code.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: David Knowles <dknowles@google.com>
Michael Hanselmann [Tue, 11 May 2010 12:47:15 +0000 (14:47 +0200)]
Support different HTTP error codes in RAPI client unittest mock
This allows testing error conditions (e.g. if a job wasn't found).
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: David Knowles <dknowles@google.com>
Michael Hanselmann [Fri, 7 May 2010 18:54:45 +0000 (20:54 +0200)]
RAPI client: Fix error message for unsupported methods in unittest
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: David Knowles <dknowles@google.com>
Michael Hanselmann [Fri, 7 May 2010 19:04:33 +0000 (21:04 +0200)]
RAPI client: Allow waiting for job changes
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Tue, 4 May 2010 17:02:54 +0000 (19:02 +0200)]
RAPI: Allow waiting for job changes
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Fri, 7 May 2010 18:29:18 +0000 (20:29 +0200)]
RAPI client: Rename “DeleteJob” to “CancelJob”
Jobs can't be deleted, but cancelled (even though the HTTP method
“DELETE” is used).
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: David Knowles <dknowles@google.com>
Michael Hanselmann [Fri, 7 May 2010 17:56:59 +0000 (19:56 +0200)]
RAPI client: Various code style changes
- Replace hardcoded values with constants
- Code formatting
- Exception messages without periods and fixed string formatting
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: David Knowles <dknowles@google.com>
Michael Hanselmann [Fri, 7 May 2010 17:40:59 +0000 (19:40 +0200)]
RAPI client: Add missing unittest for RepairNodeStorageUnits
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: David Knowles <dknowles@google.com>
Michael Hanselmann [Fri, 7 May 2010 17:40:43 +0000 (19:40 +0200)]
RAPI client: Always pass _SendRequest args as positional
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: David Knowles <dknowles@google.com>
Michael Hanselmann [Fri, 7 May 2010 17:28:49 +0000 (19:28 +0200)]
RAPI client: Simplify URL construction
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: David Knowles <dknowles@google.com>
Michael Hanselmann [Fri, 7 May 2010 17:22:31 +0000 (19:22 +0200)]
RAPI client: Instantiate JSON encoder only once
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: David Knowles <dknowles@google.com>
Michael Hanselmann [Fri, 7 May 2010 17:17:07 +0000 (19:17 +0200)]
RAPI client: Always return job ID
Even removing tags returns a job ID.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: David Knowles <dknowles@google.com>
Michael Hanselmann [Fri, 7 May 2010 17:12:56 +0000 (19:12 +0200)]
RAPI client: Hardcode version in URLs
If the version changes, the API is likely to change as well. Not
having to ask for the version first makes the code simpler.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: David Knowles <dknowles@google.com>
Michael Hanselmann [Fri, 7 May 2010 17:05:38 +0000 (19:05 +0200)]
Remove httplib2 dependency from ganeti.rapi.client
- It's possible to implement all functionality in ganeti.rapi.client
using Python's standard modules httplib and urllib2
- By doing so, proper SSL certificate verification is implemented
- Adjust some of the code to Ganeti's code style (this is not yet
finished)
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Tue, 11 May 2010 11:01:27 +0000 (13:01 +0200)]
utils.ReadFile: Add parameter to read only one line
Reading only one line is useful for reading passwords from files. This
also adds unittests for utils.ReadFile.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Iustin Pop [Tue, 11 May 2010 08:26:25 +0000 (10:26 +0200)]
Fix tiny typo in cluster verify
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Balazs Lecz <leczb@google.com>
Michael Hanselmann [Mon, 10 May 2010 11:57:04 +0000 (13:57 +0200)]
cli: Make PollJob generic to support other protocols
By separating the LUXI-specific code and stdio-related code
into separate classes, we can make cli.PollJob protocol-
agnostic, allowing it to be used with RAPI.
This patch also adds unittests for cli.PollJob.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Mon, 10 May 2010 09:16:31 +0000 (10:16 +0100)]
NEWS: fix empty lines
Make sure there are exactly two empty lines between different versions
(rather than 1 or 3).
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Balazs Lecz <leczb@google.com>
Guido Trotter [Mon, 10 May 2010 09:15:24 +0000 (10:15 +0100)]
Fix a unittest name and docstring
The docstring has been copied by the name, but the name reports a
misspell of the function it is actually testing.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Balazs Lecz <leczb@google.com>
Balazs Lecz [Fri, 7 May 2010 18:14:36 +0000 (19:14 +0100)]
Force ssh to allocate a tty
This is required to avoid the
"Pseudo-terminal will not be allocated because stdin is not a terminal."
ssh error message in case a Ganeti script is run non-interactively.
Signed-off-by: Balazs Lecz <leczb@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Mon, 10 May 2010 08:59:09 +0000 (09:59 +0100)]
Fix a unittest docstring
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Balazs Lecz <leczb@google.com>
Guido Trotter [Fri, 7 May 2010 08:11:37 +0000 (10:11 +0200)]
IsProcessAlive: retry stat() a few times
On multiprocessor dom0 stat() on /proc can sometimes return EINVAL.
Before giving up, we try a few times to get a consistent answer.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Fri, 7 May 2010 15:02:36 +0000 (17:02 +0200)]
Retry{Again,Timeout}: explain reraising
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Fri, 7 May 2010 08:09:45 +0000 (10:09 +0200)]
utils.Retry: pass up timeout arguments
If Retry has to fail with RetryTimeout, it might be useful to pass the
Retry argument to RetryTimeout, to help debugging outside the Retry
cycle. We also define a RetryTimeout.RaiseInner() helper, to re-raise an
exception passed to RetryAgain. All served with a side of unit tests.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Fri, 7 May 2010 08:51:56 +0000 (10:51 +0200)]
Add a few Retry unittests
Check that Retry actually times out, and actually retries.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Fri, 7 May 2010 14:25:03 +0000 (16:25 +0200)]
Merge branch 'stable-2.1' into devel-2.1
* stable-2.1:
Bump version for 2.1.2.1 release
Update NEWS for Ganeti 2.1.2.1
KVM: only export instance tags if present
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Fri, 7 May 2010 13:05:58 +0000 (15:05 +0200)]
Bump version for 2.1.2.1 release
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Fri, 7 May 2010 13:54:36 +0000 (15:54 +0200)]
Update NEWS for Ganeti 2.1.2.1
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Fri, 7 May 2010 13:03:57 +0000 (15:03 +0200)]
KVM: only export instance tags if present
Currently non-tagged instances fail starting with a TypeError.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Reviewed-by: Balazs Lecz <leczb@google.com>
Guido Trotter [Wed, 5 May 2010 15:10:29 +0000 (17:10 +0200)]
ssh.GetUserFiles: move to EnsureDirs
We also create a generic SECURE_DIR_MODE constant, rather than
hardcoding 0700 in the code.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Balazs Lecz <leczb@google.com>
Guido Trotter [Wed, 5 May 2010 14:46:45 +0000 (16:46 +0200)]
Hypervisors: use utils.EnsureDirs
Swap a few os.mkdir calls with utils.EnsureDirs
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Balazs Lecz <leczb@google.com>
Guido Trotter [Wed, 5 May 2010 14:36:25 +0000 (16:36 +0200)]
backend: remove a couple of useless mkdir calls
Those directories must exist for the node daemon to run (it's in the
node daemon's list of ensured directories) and those functions are only
called by the node daemon, so there's no point in those checks+mkdir
calls.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Balazs Lecz <leczb@google.com>
Guido Trotter [Wed, 5 May 2010 14:30:55 +0000 (16:30 +0200)]
daemon.GenericMain: fix docstring
The docstring reports a wrong type for the "dirs" argument. Fixing.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Balazs Lecz <leczb@google.com>
Guido Trotter [Wed, 5 May 2010 14:09:24 +0000 (16:09 +0200)]
jstore: use EnsureDirs, and add more constants
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Balazs Lecz <leczb@google.com>
Iustin Pop [Thu, 6 May 2010 09:58:14 +0000 (11:58 +0200)]
Bump version for 2.1.2 release
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Wed, 5 May 2010 13:08:31 +0000 (15:08 +0200)]
Update NEWS file for 2.1.2
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Iustin Pop [Wed, 5 May 2010 12:28:31 +0000 (14:28 +0200)]
Add dates to the NEWS file
Just for easier history digging…
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Michael Hanselmann [Wed, 5 May 2010 10:17:52 +0000 (12:17 +0200)]
RAPI QA: Test instance creation/removal via RAPI
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Tue, 4 May 2010 15:40:56 +0000 (17:40 +0200)]
RAPI QA: Support for request body
- Add support for sending JSON-encoded body to RAPI daemon
(required to test more complex resources)
- Expand names when testing resources against config
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
David Knowles [Fri, 30 Apr 2010 15:38:34 +0000 (11:38 -0400)]
Small fixes for RAPI client
- Always check SSL certificate for validity
- Actually JSON-encode HTTP content
Signed-off-by: David Knowles <dknowles@google.com>
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Mon, 3 May 2010 13:57:20 +0000 (15:57 +0200)]
cfgupgrade: allow working with relative paths
Since utils.WriteFile requires an absolute path, cfgupgrade needs to
normalize the directory it is given.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Iustin Pop [Mon, 3 May 2010 13:32:00 +0000 (15:32 +0200)]
Cleanup /etc/hosts during node removal
It seems that commit
d8470559 dropped the cleanup of /etc/hosts when a
node is removed from the cluster. I don't know for sure, but it seems
accidental. As long as we add it to /etc/hosts, we should clean it up
too.
The patch also adds two FIXMEs since this kind of modifications should
be done via RPC calls to the master's node daemon, not directly.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Iustin Pop [Mon, 3 May 2010 13:31:11 +0000 (15:31 +0200)]
verify cluster: check /etc/hosts consistency
If we are told to modify /etc/hosts, then verify its consistency during
cluster verify.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Iustin Pop [Mon, 3 May 2010 13:03:16 +0000 (15:03 +0200)]
Change the migration message
Let's remove the experimental message (the Ganeti side is stable
nowadays) and replace it with a warning about possible hypervisor
issues.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: René Nussbaumer <rn@google.com>
Iustin Pop [Mon, 3 May 2010 15:18:19 +0000 (17:18 +0200)]
qa: enable early release during parallel burnin
With this, the burnin sequence on big clusters should be (much?) faster.
The patch also fixes the parallel setting (before it was always
enabled).
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Iustin Pop [Mon, 3 May 2010 15:08:20 +0000 (17:08 +0200)]
Fix pylint 0.20.0 warnings
These seem to be wrong, possibly a regression in pylint.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Apollon Oikonomopoulos [Mon, 26 Apr 2010 12:21:17 +0000 (15:21 +0300)]
KVM: make tags available in KVM_NET_SCRIPT
Make instance tags available as a space-separated list during the execution of
the network setup script. This allows tag-based control of things like firewall
rules and/or networking setup.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Guido Trotter [Wed, 28 Apr 2010 09:46:26 +0000 (10:46 +0100)]
Remove "ssconf.CheckMasterCandidate"
This function is not used anymore, so there's no point in keeping it
around.
This reverts commit
3f71b464ad5cdd1f1b53f2a31a4eef4e2a5550cc, apart from
a one empty line conflict in ssconf.py
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Michael Hanselmann [Fri, 23 Apr 2010 15:07:36 +0000 (17:07 +0200)]
masterd: Log PID, UID and GID of connected client
This can be very useful if client programs run as non-root.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Michael Hanselmann [Fri, 23 Apr 2010 10:27:07 +0000 (12:27 +0200)]
qa: Use qa_utils.UploadFile to upload rapi_users file
Just using “echo” would use whatever umask is set in the shell,
in addition to potentially showing the password in the process
list.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: René Nussbaumer <rn@google.com>
Guido Trotter [Thu, 22 Apr 2010 17:12:38 +0000 (18:12 +0100)]
devel/upload: add --no-debug option
When this option is used the /etc/defaults/ganeti file, which sets all
the daemons in debug mode, is not copied.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Balazs Lecz [Thu, 22 Apr 2010 14:15:45 +0000 (15:15 +0100)]
Add a basic unittest for uidpool.RequestUnusedUid
Signed-off-by: Balazs Lecz <leczb@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Tue, 16 Feb 2010 15:58:48 +0000 (16:58 +0100)]
Factorize LUExportInstance
Apart from moving parts of the code to separate functions, error handling
is also improved by making sure snapshots are always removed.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Balazs Lecz [Wed, 21 Apr 2010 09:47:48 +0000 (10:47 +0100)]
Use ints instead of strings to represent user-ids
Signed-off-by: Balazs Lecz <leczb@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Iustin Pop [Thu, 22 Apr 2010 11:58:35 +0000 (13:58 +0200)]
QA: fix reimporting instance with different name
Since the original instance still exists, we need to use a different MAC
for its NIC.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Thu, 22 Apr 2010 09:40:58 +0000 (11:40 +0200)]
Fix broken commit 9e302a8
Commit 9e302a8 split the StopInstance function in two without properly
duplicating the local variables.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: René Nussbaumer <rn@google.com>
Iustin Pop [Thu, 22 Apr 2010 09:20:32 +0000 (11:20 +0200)]
ssh: make quiet configurable
Currently both CopyFileToNode and BuildCmd hardcode "-q" in the options.
This patch moves this setting as a configurable option to
_BuildSshOptions.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Thu, 22 Apr 2010 09:06:36 +0000 (11:06 +0200)]
SSH: do not check IPs
Since we use the cluster name for the SSH known_hosts file, ssh will
always detect a changed IP (since we never connect to the cluster master
name, but the node names), and will complain about it/try to update the
user known hosts file (since that is /dev/null, it doesn't matter, but
it's not nice). So we disable the IP check.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: René Nussbaumer <rn@google.com>
Michael Hanselmann [Wed, 21 Apr 2010 17:37:29 +0000 (19:37 +0200)]
Add separate module for backported language functionality
utils.py, where they were before, is already huge.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Guido Trotter [Wed, 21 Apr 2010 17:07:06 +0000 (18:07 +0100)]
Add make commit-check target
distcheck, lint and apidoc. Take three pay only one.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Iustin Pop [Tue, 20 Apr 2010 10:14:23 +0000 (12:14 +0200)]
burnin: skip migration based on hypervisor support
The patch adds selection of hypervisor in burnin (on multi-hypervisor
clusters, we always used the default) and optional hypervisor
parameters, and skips migration if the hypervisor doesn't support it.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Tue, 20 Apr 2010 10:14:22 +0000 (12:14 +0200)]
Add a hypervisor constant for migration support
This variable can be used by other tools to determine in a generic way
whether a given hypervisor supports migration or not.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Wed, 21 Apr 2010 14:07:40 +0000 (16:07 +0200)]
LUSetClusterParams: initialize needed parameters
… since the opcode doesn't auto-initialize to None.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Balazs Lecz <leczb@google.com>
Iustin Pop [Wed, 21 Apr 2010 13:49:49 +0000 (15:49 +0200)]
hv_chroot: move unmount to CleanupInstance()
This allows cleanup to be done properly if the "instance" wasn't running
at all (based on the CleanupInstance framework, instead of the retry in
hypervisor).
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Guido Trotter [Wed, 21 Apr 2010 16:41:30 +0000 (17:41 +0100)]
Fix indentation error
Commit
9cf4321fc39ec36359d9c90b22b36d33b6adc2f4 indented some lines by
4 spaces rather than 2, and was git-amed without noticing. Fixing.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Wed, 21 Apr 2010 13:46:34 +0000 (15:46 +0200)]
utils: Add function for partial application of function arguments
The function's code was mostly copied from Python's documentation
and it's equivalent to “functools.partial” in Python 2.5 and above.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Wed, 21 Apr 2010 13:57:30 +0000 (14:57 +0100)]
gnt-instance info: sort the hv parameters
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Apollon Oikonomopoulos [Wed, 24 Mar 2010 15:41:38 +0000 (17:41 +0200)]
Only use boot=on on non-ide disks only (KVM)
boot=on implies that KVM boots using extboot. This is only required
to boot non-IDE disks and has the side-effect that there is at most
one bootable device. This behaviour breaks some operating systems,
most notably the windows installer that tries to chainload the hard-disk
from the CD-ROM after the initial part of the installation.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Apollon Oikonomopoulos [Wed, 24 Mar 2010 15:40:31 +0000 (17:40 +0200)]
Add -usbdevice tablet to KVM when using vnc
When using VNC, it is recommended to use a tablet-style
input device instead of a mouse. This allows most VNC viewers
to send proper mouse coordinates to the virtual machine's desktop
resulting in perfectly aligned guest and host mouse pointers.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Guido Trotter [Wed, 21 Apr 2010 12:09:41 +0000 (13:09 +0100)]
KVM: fix a bug in _TryReadUidFile
If the uid pool is not in use _TryReadUidFile will try to return "uid"
even if it hasn't tried to read it at all.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
David Knowles [Tue, 20 Apr 2010 20:22:47 +0000 (16:22 -0400)]
Fix RAPI client methods return values
Ensure that all RAPI client methods that should return job ids actually
return job ids.
Signed-off-by: David Knowles <dknowles@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Signed-off-by: Iustin Pop <iustin@google.com>
Guido Trotter [Mon, 19 Apr 2010 17:04:44 +0000 (18:04 +0100)]
security.rst: add a KVM security section
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Mon, 19 Apr 2010 15:32:03 +0000 (16:32 +0100)]
KVM: implement the HT_SM_POOL security model
In order not to complicate to much the _ExecuteKVMRuntime function with
nested try/except/finally/else constructs we move the actual
runcmd+check call in a separate _RunKVMCmd function.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Mon, 19 Apr 2010 15:30:45 +0000 (16:30 +0100)]
KVM: add an instance uid file concept
If this file exists, for an instance, we release the uid contained
inside back to the uid pool, at instance shutdown.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Mon, 19 Apr 2010 15:27:44 +0000 (16:27 +0100)]
ReleaseUid: accept an integer as uid
We can't guarantee to keep the LockedObject around, when ReleaseUid is
called (because that might happen, for example, after a ganeti
shutdown/restart). So we'll support releasing on just an integer uid.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Mon, 19 Apr 2010 15:24:37 +0000 (16:24 +0100)]
LockedUid: add GetUid() method
uidpool users that get passed a LockedUid by the uidpool need to know
which one the uid is. Since it's not nice to make them access a private
member, and we shouldn't make "uid" public either, we'll add a getter
method.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Mon, 19 Apr 2010 15:22:33 +0000 (16:22 +0100)]
KVM: move post-shutdown cleanup operations
Currently putting the cleanup just after the actual shutdown ensures
that it never gets called, due to how the retry/shutdown cycle works.
So we move those cleanups to their new dedicated place.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Mon, 19 Apr 2010 13:05:59 +0000 (14:05 +0100)]
_PrintGroupedParams: sort before printing
It's a lot easier, when looking at the output, if you can search the
parameter you're looking for alphabetically.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Mon, 19 Apr 2010 15:19:58 +0000 (16:19 +0100)]
Add CleanupInstance hypervisor call
Currently some hypervisors (namely kvm) need to do some cleanup after
making sure an instance is stopped. With the moving of the retry cycle
in backend those cleanups were never done. In order to solve this we add
a new optional hypervisor function, CleanupInstance, which gets called
at the end of the shutdown procedure, and which interested hypervisors
can implement to be sure not to miss cleanup operations.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>