Michael Hanselmann [Fri, 23 Apr 2010 15:07:36 +0000 (17:07 +0200)]
masterd: Log PID, UID and GID of connected client
This can be very useful if client programs run as non-root.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Michael Hanselmann [Fri, 23 Apr 2010 10:27:07 +0000 (12:27 +0200)]
qa: Use qa_utils.UploadFile to upload rapi_users file
Just using “echo” would use whatever umask is set in the shell,
in addition to potentially showing the password in the process
list.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: René Nussbaumer <rn@google.com>
Guido Trotter [Thu, 22 Apr 2010 17:12:38 +0000 (18:12 +0100)]
devel/upload: add --no-debug option
When this option is used the /etc/defaults/ganeti file, which sets all
the daemons in debug mode, is not copied.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Balazs Lecz [Thu, 22 Apr 2010 14:15:45 +0000 (15:15 +0100)]
Add a basic unittest for uidpool.RequestUnusedUid
Signed-off-by: Balazs Lecz <leczb@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Tue, 16 Feb 2010 15:58:48 +0000 (16:58 +0100)]
Factorize LUExportInstance
Apart from moving parts of the code to separate functions, error handling
is also improved by making sure snapshots are always removed.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Balazs Lecz [Wed, 21 Apr 2010 09:47:48 +0000 (10:47 +0100)]
Use ints instead of strings to represent user-ids
Signed-off-by: Balazs Lecz <leczb@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Iustin Pop [Thu, 22 Apr 2010 11:58:35 +0000 (13:58 +0200)]
QA: fix reimporting instance with different name
Since the original instance still exists, we need to use a different MAC
for its NIC.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Thu, 22 Apr 2010 09:40:58 +0000 (11:40 +0200)]
Fix broken commit 9e302a8
Commit 9e302a8 split the StopInstance function in two without properly
duplicating the local variables.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: René Nussbaumer <rn@google.com>
Iustin Pop [Thu, 22 Apr 2010 09:20:32 +0000 (11:20 +0200)]
ssh: make quiet configurable
Currently both CopyFileToNode and BuildCmd hardcode "-q" in the options.
This patch moves this setting as a configurable option to
_BuildSshOptions.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Thu, 22 Apr 2010 09:06:36 +0000 (11:06 +0200)]
SSH: do not check IPs
Since we use the cluster name for the SSH known_hosts file, ssh will
always detect a changed IP (since we never connect to the cluster master
name, but the node names), and will complain about it/try to update the
user known hosts file (since that is /dev/null, it doesn't matter, but
it's not nice). So we disable the IP check.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: René Nussbaumer <rn@google.com>
Michael Hanselmann [Wed, 21 Apr 2010 17:37:29 +0000 (19:37 +0200)]
Add separate module for backported language functionality
utils.py, where they were before, is already huge.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Guido Trotter [Wed, 21 Apr 2010 17:07:06 +0000 (18:07 +0100)]
Add make commit-check target
distcheck, lint and apidoc. Take three pay only one.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Iustin Pop [Tue, 20 Apr 2010 10:14:23 +0000 (12:14 +0200)]
burnin: skip migration based on hypervisor support
The patch adds selection of hypervisor in burnin (on multi-hypervisor
clusters, we always used the default) and optional hypervisor
parameters, and skips migration if the hypervisor doesn't support it.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Tue, 20 Apr 2010 10:14:22 +0000 (12:14 +0200)]
Add a hypervisor constant for migration support
This variable can be used by other tools to determine in a generic way
whether a given hypervisor supports migration or not.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Wed, 21 Apr 2010 14:07:40 +0000 (16:07 +0200)]
LUSetClusterParams: initialize needed parameters
… since the opcode doesn't auto-initialize to None.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Balazs Lecz <leczb@google.com>
Iustin Pop [Wed, 21 Apr 2010 13:49:49 +0000 (15:49 +0200)]
hv_chroot: move unmount to CleanupInstance()
This allows cleanup to be done properly if the "instance" wasn't running
at all (based on the CleanupInstance framework, instead of the retry in
hypervisor).
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Guido Trotter [Wed, 21 Apr 2010 16:41:30 +0000 (17:41 +0100)]
Fix indentation error
Commit
9cf4321fc39ec36359d9c90b22b36d33b6adc2f4 indented some lines by
4 spaces rather than 2, and was git-amed without noticing. Fixing.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Wed, 21 Apr 2010 13:46:34 +0000 (15:46 +0200)]
utils: Add function for partial application of function arguments
The function's code was mostly copied from Python's documentation
and it's equivalent to “functools.partial” in Python 2.5 and above.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Wed, 21 Apr 2010 13:57:30 +0000 (14:57 +0100)]
gnt-instance info: sort the hv parameters
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Apollon Oikonomopoulos [Wed, 24 Mar 2010 15:41:38 +0000 (17:41 +0200)]
Only use boot=on on non-ide disks only (KVM)
boot=on implies that KVM boots using extboot. This is only required
to boot non-IDE disks and has the side-effect that there is at most
one bootable device. This behaviour breaks some operating systems,
most notably the windows installer that tries to chainload the hard-disk
from the CD-ROM after the initial part of the installation.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Apollon Oikonomopoulos [Wed, 24 Mar 2010 15:40:31 +0000 (17:40 +0200)]
Add -usbdevice tablet to KVM when using vnc
When using VNC, it is recommended to use a tablet-style
input device instead of a mouse. This allows most VNC viewers
to send proper mouse coordinates to the virtual machine's desktop
resulting in perfectly aligned guest and host mouse pointers.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Guido Trotter [Wed, 21 Apr 2010 12:09:41 +0000 (13:09 +0100)]
KVM: fix a bug in _TryReadUidFile
If the uid pool is not in use _TryReadUidFile will try to return "uid"
even if it hasn't tried to read it at all.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
David Knowles [Tue, 20 Apr 2010 20:22:47 +0000 (16:22 -0400)]
Fix RAPI client methods return values
Ensure that all RAPI client methods that should return job ids actually
return job ids.
Signed-off-by: David Knowles <dknowles@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Signed-off-by: Iustin Pop <iustin@google.com>
Guido Trotter [Mon, 19 Apr 2010 17:04:44 +0000 (18:04 +0100)]
security.rst: add a KVM security section
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Mon, 19 Apr 2010 15:32:03 +0000 (16:32 +0100)]
KVM: implement the HT_SM_POOL security model
In order not to complicate to much the _ExecuteKVMRuntime function with
nested try/except/finally/else constructs we move the actual
runcmd+check call in a separate _RunKVMCmd function.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Mon, 19 Apr 2010 15:30:45 +0000 (16:30 +0100)]
KVM: add an instance uid file concept
If this file exists, for an instance, we release the uid contained
inside back to the uid pool, at instance shutdown.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Mon, 19 Apr 2010 15:27:44 +0000 (16:27 +0100)]
ReleaseUid: accept an integer as uid
We can't guarantee to keep the LockedObject around, when ReleaseUid is
called (because that might happen, for example, after a ganeti
shutdown/restart). So we'll support releasing on just an integer uid.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Mon, 19 Apr 2010 15:24:37 +0000 (16:24 +0100)]
LockedUid: add GetUid() method
uidpool users that get passed a LockedUid by the uidpool need to know
which one the uid is. Since it's not nice to make them access a private
member, and we shouldn't make "uid" public either, we'll add a getter
method.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Mon, 19 Apr 2010 15:22:33 +0000 (16:22 +0100)]
KVM: move post-shutdown cleanup operations
Currently putting the cleanup just after the actual shutdown ensures
that it never gets called, due to how the retry/shutdown cycle works.
So we move those cleanups to their new dedicated place.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Mon, 19 Apr 2010 13:05:59 +0000 (14:05 +0100)]
_PrintGroupedParams: sort before printing
It's a lot easier, when looking at the output, if you can search the
parameter you're looking for alphabetically.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Mon, 19 Apr 2010 15:19:58 +0000 (16:19 +0100)]
Add CleanupInstance hypervisor call
Currently some hypervisors (namely kvm) need to do some cleanup after
making sure an instance is stopped. With the moving of the retry cycle
in backend those cleanups were never done. In order to solve this we add
a new optional hypervisor function, CleanupInstance, which gets called
at the end of the shutdown procedure, and which interested hypervisors
can implement to be sure not to miss cleanup operations.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
René Nussbaumer [Fri, 16 Apr 2010 11:49:47 +0000 (13:49 +0200)]
Using the added stop-all functionality from daemon-utils in cluster-merge
Additionally also move to the RunWhileStopped method for the configuration merger.
Signed-off-by: René Nussbaumer <rn@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Mon, 19 Apr 2010 09:06:25 +0000 (11:06 +0200)]
Fix changing the list of enabled hypervisors
When enabling a new hypervisor, we must ensure that we have its
parameters in the cluster (global) hvparams dictionary.
Furthermore, we add a verify check for this case (this should be better
replaced with an auto-fix?).
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Iustin Pop [Mon, 19 Apr 2010 08:13:36 +0000 (10:13 +0200)]
Fix a typo commited→committed in gnt-instance.sgml
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Iustin Pop [Mon, 19 Apr 2010 08:11:13 +0000 (10:11 +0200)]
Complete check-man changes from
5fa16422
Commit
5fa16422 removed the checks at sed time, but only for %.7. We
need to do it for %.8 too.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
René Nussbaumer [Fri, 16 Apr 2010 14:49:25 +0000 (16:49 +0200)]
Fix heading to the one of epydoc
Signed-off-by: René Nussbaumer <rn@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Luca Bigliardi [Mon, 19 Apr 2010 14:20:58 +0000 (15:20 +0100)]
Fix gnt-node powercycle documentation
Fix options description in the documentation for gnt-node powercycle.
Signed-off-by: Luca Bigliardi <shammash@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Balazs Lecz [Mon, 19 Apr 2010 12:15:58 +0000 (13:15 +0100)]
Fix a couple of pydoc syntax problems
Signed-off-by: Balazs Lecz <leczb@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Guido Trotter [Fri, 16 Apr 2010 16:19:40 +0000 (17:19 +0100)]
uidpool: test the separator= argument
Also, fix the string quoting style.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Balazs Lecz <leczb@google.com>
Michael Hanselmann [Fri, 16 Apr 2010 15:28:37 +0000 (17:28 +0200)]
Makefile.am: sort lists, clean *.py[co] from all directories
*.py[co] were not removed from lib/confd. Removing *.py[co]
from all directories listed in $DIRS can't hurt.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Iustin Pop [Fri, 16 Apr 2010 13:36:49 +0000 (15:36 +0200)]
Readd node: allow changed primary IP
The primary IP is not used for DRBD disks, only for the job queue and
internal commands. As such, it's trivial (with a quiet job queue) to
re-ip the node.
The patch just relaxes the checks in LUAddNode, and manual testing shows
that live instances on that node keep working, and that cluster verify
is happy afterwards.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Balazs Lecz [Tue, 13 Apr 2010 11:51:19 +0000 (12:51 +0100)]
Update gnt-cluster manpage with uid-pool options
Signed-off-by: Balazs Lecz <leczb@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Balazs Lecz [Fri, 9 Apr 2010 14:02:13 +0000 (15:02 +0100)]
Add ExecuteWithUnusedUid() to uidpool.py
Signed-off-by: Balazs Lecz <leczb@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Balazs Lecz [Fri, 26 Mar 2010 17:01:06 +0000 (17:01 +0000)]
Manage the assignment of uids from the uid pool
Signed-off-by: Balazs Lecz <leczb@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Balazs Lecz [Fri, 9 Apr 2010 10:39:09 +0000 (11:39 +0100)]
Add basic unittests for uid_pool
Signed-off-by: Balazs Lecz <leczb@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Balazs Lecz [Thu, 25 Mar 2010 15:50:24 +0000 (15:50 +0000)]
Add uid_pool to ssconf
Signed-off-by: Balazs Lecz <leczb@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Balazs Lecz [Thu, 25 Mar 2010 14:00:51 +0000 (14:00 +0000)]
Add --uid-pool option to gnt-cluster init
Signed-off-by: Balazs Lecz <leczb@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Balazs Lecz [Fri, 26 Mar 2010 15:25:35 +0000 (15:25 +0000)]
Add printing of uid_pool to gnt-cluster info
Signed-off-by: Balazs Lecz <leczb@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Balazs Lecz [Thu, 8 Apr 2010 17:00:43 +0000 (18:00 +0100)]
Add --add-uids/--remove-uids to gnt-cluster modify
Signed-off-by: Balazs Lecz <leczb@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Balazs Lecz [Wed, 24 Mar 2010 17:59:45 +0000 (17:59 +0000)]
Add --uid-pool option to gnt-cluster modify
Signed-off-by: Balazs Lecz <leczb@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Balazs Lecz [Thu, 1 Apr 2010 13:16:25 +0000 (14:16 +0100)]
Add lib/uidpool.py module
Signed-off-by: Balazs Lecz <leczb@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Balazs Lecz [Fri, 26 Mar 2010 15:13:11 +0000 (15:13 +0000)]
Add uid_pool cluster parameter
Signed-off-by: Balazs Lecz <leczb@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Balazs Lecz [Tue, 6 Apr 2010 14:36:53 +0000 (15:36 +0100)]
Add user-id pool design doc
Signed-off-by: Balazs Lecz <leczb@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Michael Hanselmann [Fri, 16 Apr 2010 12:28:59 +0000 (14:28 +0200)]
backend: Consolidate code opening real block device
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Thu, 15 Apr 2010 15:23:08 +0000 (17:23 +0200)]
utils: Add class to split string stream into lines
This will be used by the new import/export daemon to split
output by its child processes into lines.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Iustin Pop [Mon, 12 Apr 2010 13:44:43 +0000 (15:44 +0200)]
Fix cluster behaviour with disabled file storage
There are a few issues with disabled file storage:
- cluster initialization is broken by default, as it uses the 'no'
setting which is not a valid path
- some other parts of the code require the file storage dir to be a
valid path; we workaround by skipping such code paths when it is
disabled
A side effect is that we abstract the storage type checks into a
separate function and add validation in RepairNodeStorage (previously a
luxi client which didn't use cli.py and submitted an invalid type would
get "storage units of type 'foo' can not be repaired").
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: René Nussbaumer <rn@google.com>
Iustin Pop [Wed, 14 Apr 2010 16:45:35 +0000 (18:45 +0200)]
Update docstrings in tools/ and enable epydoc
This patch updates the docstrings in tools/ (mostly in lvmstrap, which
is very very old code-base) and then enabled the tools in this directory
for 'make apidoc' too.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: René Nussbaumer <rn@google.com>
Iustin Pop [Wed, 14 Apr 2010 16:27:03 +0000 (18:27 +0200)]
Forward-port the ganeti 2.0 cfgupgrade
2.1's cfgupgrade doesn't support upgrading from 1.2, only from 2.0.
However, it's trivial to forward-port the 2.0 cfgupgrade to work with
2.1, thus providing an upgrade path for 1.2 users directly to 2.1,
without the intermediate step of installing 2.0.
The new cfgupgrade12 file has just a few trivial changes from 2.0, and
skipping the load of the config file.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: René Nussbaumer <rn@google.com>
Iustin Pop [Tue, 13 Apr 2010 16:19:39 +0000 (18:19 +0200)]
Add a new tool: sanitize-config
This can be used for two purposes:
- safety copy of the config file, with just the secrets changed
- cleanup of the config file (full randomization), so that (e.g.) users
could send a broken config file to the devel-list
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: René Nussbaumer <rn@google.com>
Iustin Pop [Tue, 13 Apr 2010 12:24:19 +0000 (14:24 +0200)]
Fix cfgupgrade with non-default DATA_DIR
Commit
43575108 added bootstrap.GenerateclusterCrypto and commit
7506a7f1 changed cfgupgrade to use it. However, this lost the
functionality of upgrading in non-default DATA_DIR.
To fix this, we enhance bootstrap.GenerateclusterCrypto to accept custom
file paths for the three files it modifies. If more files will be needed
in the future, we could just pass in modified DATA_DIR, but for now it
suffices.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: René Nussbaumer <rn@google.com>
René Nussbaumer [Wed, 14 Apr 2010 11:56:35 +0000 (13:56 +0200)]
Improving the RAPI documentation
* Be more clear about when POST and PUT should be used
* Be more verbose on parameters
* Describe allowed parameter values (if not self explaining)
Signed-off-by: René Nussbaumer <rn@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Iustin Pop [Tue, 13 Apr 2010 11:12:09 +0000 (13:12 +0200)]
Mark cluster-merge as executable
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: René Nussbaumer <rn@google.com>
René Nussbaumer [Mon, 12 Apr 2010 14:04:22 +0000 (16:04 +0200)]
QA: Make the rapi credential handling less involving
Signed-off-by: René Nussbaumer <rn@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Mon, 12 Apr 2010 11:50:11 +0000 (13:50 +0200)]
Update import documentation for the recent changes
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Mon, 12 Apr 2010 11:30:12 +0000 (13:30 +0200)]
Add a identify-defaults options for import
When importing an instance, all the saved valued will be used as
explicitly specified values, overriding the cluster defaults. This means
export+import will change the status (from default to explicitly
specified) of parameters.
This patch adds a new option that changes the behaviour to identify
parameter values which are equal to the current cluster defaults and
mark them as such. It does this for hv, be and nic parameters.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Mon, 12 Apr 2010 09:54:10 +0000 (11:54 +0200)]
Fix create/import verification of hvparams
Currently the instance creation checks the cluster hv defaults + the new
parameters for validity, ignoring the os-specific hvparams (this was an
oversight during the implementation of the os hvp). This patch uses the
new GetHVDefaults method to provide the defaults, instead of reading
directly the attributes of the cluster object.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Mon, 12 Apr 2010 09:48:36 +0000 (11:48 +0200)]
objects.Cluster: add method to get hv defaults
Currently the FillHV method is the one that does the cluster hvparams +
os hvparams merger. However, in some cases we need to do just this,
without adding the instance hvparams on top.
This patch adds a function to compute just this (hv + os hvp
combination) default dict, and modifies FillHV to use it to build the
final dict.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Fri, 9 Apr 2010 15:55:40 +0000 (17:55 +0200)]
Reuse NIC information from export
If the user doesn't pass any nics in import, do not use a default
one-nic, but instead read the nics from the export file as is.
Fortunately the export and the way nics are read from the command line
are compatible…
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Fri, 9 Apr 2010 15:21:24 +0000 (17:21 +0200)]
Reuse backend parameters from export
Similar to the previous patches, if we're missing some parameters and
the export has them (either in the new style or old-style), we reuse
them.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Fri, 9 Apr 2010 15:09:04 +0000 (17:09 +0200)]
Reuse disk information from export
If the user doesn't pass the disk information on import, automatically
reuse the number and size of disks. This loses the iv_name attribute,
but that is only cosmetic and cannot be changed by the user.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Fri, 9 Apr 2010 14:49:04 +0000 (16:49 +0200)]
Reuse hypervisor parameters in import
If available, we reuse the parameters from the export info.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Fri, 9 Apr 2010 12:58:32 +0000 (14:58 +0200)]
Read disk template from export info
This patch changes the instance import to read the disk template
automatically from the export info, if the opcode doesn't already
specify a disk template.
To do this, we have a couple of additional changes:
- change from required parameter to optional one for disk_template
- move check for disabled file storage at ./configure time to the
generic _CheckDiskTemplate checker
- move checks of the disk template from CheckArguments to CheckPrereq
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Fri, 9 Apr 2010 12:07:38 +0000 (14:07 +0200)]
CreateInstance: separate the reading of the export
We move the reading of the export to a separate function, to simplify
CheckPrepreq and also read it earlier. This will allow building the
missing opcode parameters from the export information, instead of
requiring all of them on the command line.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Fri, 9 Apr 2010 11:49:34 +0000 (13:49 +0200)]
Move code from ExpandNames to CheckPrereq
This is needed since only in CheckPrereq we have the nodes locked, and
future import enhancements will need to have access to the export info
during the parameter build.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Fri, 9 Apr 2010 11:23:39 +0000 (13:23 +0200)]
CreateInstance: Move some code to CheckArguments
ExpandNames holds too much non-locking code (first LU to be converted to
ExpandNames, and we didn't have CheckArguments at that poin), and this
patch moves the checks that are lock-independent to CheckArguments.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Fri, 9 Apr 2010 09:50:51 +0000 (11:50 +0200)]
Export more instance parameters in instance export
Currently the backend parameters are not exported automatically, but
only a few directly in the '[instance]' section. Hypervisor type and
hypervisor parameters are not exported at all.
This patch creates two separate sections for the be and hv parameters,
and stores the parameters (including ones that come from the cluster
defaults, but not the hypervisor globals for example) in the export.
The import code is not changed yet.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Fri, 29 Jan 2010 12:16:06 +0000 (13:16 +0100)]
Export the nicparams too during instance export
The patch tries to export all params (based on the dict defined in
constants), using None for missing keys.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Fri, 29 Jan 2010 12:14:51 +0000 (13:14 +0100)]
Handle errors better for wrong nic_count in export
This fixes an old 'FIXME' entry.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
René Nussbaumer [Mon, 12 Apr 2010 12:48:19 +0000 (14:48 +0200)]
QA: Make sure RAPI credentials are setup on cluster init
This patch makes sure that the Ganeti RAPI credentials are setup,
if any, on cluster init time.
Signed-off-by: René Nussbaumer <rn@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Fri, 9 Apr 2010 14:06:13 +0000 (15:06 +0100)]
burnin: only remove instances we actually added
Currently burnin, if proceding in parallel, will remove all instances
which were passed, even if they failed to add. This is bad because it
will also remove instances which existed before burnin started. By
adding the instances to the removal queue only if their creation was
successful (passing the action as a post processing action to
ExecOrQueue) we guarantee pre-existing instances are saved.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Sat, 27 Mar 2010 10:37:51 +0000 (10:37 +0000)]
burnin.ExecOrQueue: add post-process function
If a post-process function is passed to ExecOrQueue it is executed if
and only if the job is successful. This happens immediately if we're
proceding iteratively, and at the end, when we collect all job results,
if we're proceding in parallel.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Fri, 9 Apr 2010 13:12:55 +0000 (14:12 +0100)]
burnin.ExecOrQueue: remove variable argument list
In order to later add an optional parameter we transform the variable
ops argument list in an explicit list.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Guido Trotter [Fri, 9 Apr 2010 14:46:13 +0000 (15:46 +0100)]
Fix new pylint errors
Under squeeze pylint reports the following errors:
************* Module ganeti.serializer
E1103:155:LoadSignedJson: Instance of 'False' has no 'get' member (but some types could not be inferred)
************* Module ganeti-masterd
E1103:166:ClientRqHandler.handle: Instance of 'False' has no 'get' member (but some types could not be inferred)
E1103:167:ClientRqHandler.handle: Instance of 'False' has no 'get' member (but some types could not be inferred)
************* Module gnt-instance
E1103:431:BatchCreate: Instance of 'False' has no 'keys' member (but some types could not be inferred)
For the first two cases it's actually wrong: we had checked before that
the variable on which "get" is called is actually a dict. In the third
case though such check doesn't exist, so we add it. Then we silence the
error all three times.
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Iustin Pop [Fri, 9 Apr 2010 08:40:30 +0000 (10:40 +0200)]
Rename the confd_client unittest (to confd.client)
This is to keep same naming across all tests (modules separate with dot,
followed by _unittest.py).
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Iustin Pop [Thu, 8 Apr 2010 16:15:57 +0000 (18:15 +0200)]
Make watcher request the max coverage
Since the actions are potentially destructive, we should try to get a
consistent view of the cluster, so it's better to get the most coverage
possible.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Iustin Pop [Thu, 8 Apr 2010 16:08:51 +0000 (18:08 +0200)]
ConfdClient.SendRequest: allow max coverage
This patch changes the coverage parameter to allow specification of max
coverage (via -1), versus auto-computation (default, 0) and manual
specification.
Unittests are updated for this case too.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Iustin Pop [Tue, 23 Mar 2010 09:25:13 +0000 (10:25 +0100)]
Document the watcher node maintenance feature
The patch changes significantly the watcher man page, as it was very
simplistic.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Iustin Pop [Mon, 22 Mar 2010 15:10:03 +0000 (16:10 +0100)]
Watcher: automatic shutdown of orphan resources
This patch changes the watcher so that it maintains (on all nodes) the
list of instances and DRBD devices by shutting down ones that confd
daemons indicate should not be running on this node.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Iustin Pop [Tue, 23 Mar 2010 08:50:24 +0000 (09:50 +0100)]
Export the maintain_node_health option in ssconf
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Iustin Pop [Tue, 23 Mar 2010 08:47:37 +0000 (09:47 +0100)]
Add a new cluster parameter maintain_node_health
This will be used to conditionally enable the watcher node maintenance
feature.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Iustin Pop [Wed, 7 Apr 2010 13:47:02 +0000 (15:47 +0200)]
Add a new confd callback (StoreResultCallback)
This new callback simply stores (without calling any lower-level
callback) the last result; coupled with the filtering callback, this
ensures that it has the 'best' response after all have been received.
The result can then be retrieved via the GetResponse method.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Iustin Pop [Wed, 7 Apr 2010 13:01:57 +0000 (15:01 +0200)]
ConfdClient: add synchronous wait for replies mode
Currently, there is no way for a user of the confd client library to
know how many replies there should be, whether all have been received,
etc. This is bad since we can't reliably detect the consistency of the
results.
This patch attempts to fix this by adding a synchronous WaitForReply
function that will wait until either a timeout expires, or until a
minimum number of replies have been received (interested users should
add similar functionality for the async case). The callback
functionality will still do call-backs into the user-provided code
during the wait, but after this function has returned, we know that we
received all possible replies.
Note: To account for the interval between initial send of the request,
and calling of this function, we modify the expiration time of the
request.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Iustin Pop [Wed, 7 Apr 2010 15:16:43 +0000 (17:16 +0200)]
ConfdClient: unify some internal variables
Currently the requests are tracked in _request and in _expire_requests.
This is conventient, but it restricts the ability to extend the request
tracking, e.g. via packet stats and/or extension of expiration time.
This patch introduces a new simple class _Request that holds all
properties of pending requests; it then uses instances of this class as
values in _request instead of tuples, and removes the _expire_requests.
The only drawback is the change in behaviour of _ExpireRequests:
previously, it used to scan the list only up to the first non-expired
request, after which it aborted. Now it will scan the entire dict, which
(depending on workload) could change the time behaviour. I don't think
this is a problem, as:
- deleting from the head of a list is very expensive (list.pop(0);
list.append() is an order of magnitude more expensive than deleting
an element from a dictionary and re-adding it)
- we should have more than tens or hundreds of pending requests; in case
this assumption changes, we could introduce a no-more-often-than-X
expiration policy, etc.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Iustin Pop [Wed, 7 Apr 2010 13:44:54 +0000 (15:44 +0200)]
Fix consistency checks in ConfdFilterCallback
Commit 49b3fda added consistency checks, but these are wrongly triggered
for old responses - we need to make sure to check that we have the same
serial.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Iustin Pop [Wed, 7 Apr 2010 12:41:16 +0000 (14:41 +0200)]
Fix utils.WaitForFdCondition inner retry loop
Commit
dfdc4060 added WaitForFdCondition which uses utils.Retry without
handling timeout exceptions. This breaks any nested retry loops.
This patch fixes the above function, and also changes utils.Retry to
detect and warn future similar cases. In addition, we add a few small
unittests for utils.Retry.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Michael Hanselmann [Wed, 7 Apr 2010 13:26:55 +0000 (15:26 +0200)]
Fix bug introduced in
76e5f8b54: mkdir mode
After commit
76e5f8b54, mkdir_mode in utils.RenameFile is
no longer passed to Makedirs. This is fixed by this patch.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Michael Hanselmann [Wed, 7 Apr 2010 11:12:22 +0000 (13:12 +0200)]
utils: Move wrapper code around os.makedirs into separate function
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Iustin Pop [Tue, 6 Apr 2010 15:38:27 +0000 (17:38 +0200)]
Fix unittest for the rapi client library
Wrong escape, so we make sure to use proper escapes (we want the
backslashes to be embedded, not interpreted). Also change " to ' to be
easier to read.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: David Knowles <dknowles@google.com>
David Knowles [Tue, 16 Mar 2010 17:21:38 +0000 (13:21 -0400)]
Adding RAPI client library.
Signed-off-by: David Knowles <dknowles@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
Signed-off-by: Iustin Pop <iustin@google.com>
(modified slightly the unittest to account for
missing httplib2 library)
Iustin Pop [Thu, 18 Mar 2010 15:46:54 +0000 (16:46 +0100)]
Extend ConfdFilterCallback with consistency checks
Note that users of the callback will have to manually check the
attribute.
Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>