Use new class for wakeup file descriptor in import/export daemon
Signed-off-by: Michael Hanselmann <hansmi@google.com>Reviewed-by: René Nussbaumer <rn@google.com>
Move some code into separate class in import/export daemon
Merge branch 'devel-2.1'
Conflicts: lib/utils.py: Trivial
Signed-off-by: Michael Hanselmann <hansmi@google.com>...
masterd: Log PID, UID and GID of connected client
This can be very useful if client programs run as non-root.
Signed-off-by: Michael Hanselmann <hansmi@google.com>Reviewed-by: Guido Trotter <ultrotter@google.com>
Remove two unused RPC functions
Both of these functions, “snapshot_export” and “instance_os_import”,have been replaced by the instance import/export daemon.
Add RPC call to send SIGTERM to import/export daemon
This will be used to stop the daemon without doing complete cleanup (yet).
Signed-off-by: Michael Hanselmann <hansmi@google.com>Reviewed-by: Iustin Pop <iustin@google.com>
Rename import/export RPC calls to match others
Add RPC calls to import and export instance data
These RPC calls can be used to start, monitor and stop the instance dataimport/export daemon.
Add daemon for instance import and export
This backend daemon for instance import and export will be used totransfer instance data to other machines. It is implemented in a genericway to support different ways of data input and output. The third-partyprogram “socat”, which is already used by the KVM hypervisor abstraction,...
Fix new pylint errors
Make watcher request the max coverage
Since the actions are potentially destructive, we should try to get aconsistent view of the cluster, so it's better to get the most coveragepossible.
Signed-off-by: Iustin Pop <iustin@google.com>Reviewed-by: Guido Trotter <ultrotter@google.com>
Watcher: automatic shutdown of orphan resources
This patch changes the watcher so that it maintains (on all nodes) thelist of instances and DRBD devices by shutting down ones that confddaemons indicate should not be running on this node.
Signed-off-by: Iustin Pop <iustin@google.com>...
Merge remote branch 'devel-2.1'
Send "501 Not Implemented" back when method not found
Before this was "400 Bad Request" and thus it didn't reflectthe reality.
Signed-off-by: René Nussbaumer <rn@google.com>Reviewed-by: Iustin Pop <iustin@google.com>
Watcher: do not warn for missing hooks dir
If the hooks dir does not exist, do not warn needlessly. This is similarto commit a9b7e346 (for backend.py).
Signed-off-by: Iustin Pop <iustin@google.com>Reviewed-by: René Nussbaumer <rn@google.com>
Watcher: fix some doc typos
ganeti-confd: Call pyinotify flags correctly
The "apparently pylint was right" commit.
Although the pyinotify constants work on old distributions, they fail onnew ones, with new python. Fixing this by calling them in a way thatworks everywhere.
Signed-off-by: Guido Trotter <ultrotter@google.com>...
Some epydoc fixes
Add a hint to masterd for inconsistent clusters
Add RPC calls to create and remove X509 certificates
Certificates and keys generated using these functions will be used forinter-cluster instance moves. As per design, the private key should neverleave the node.
Merge remote branch 'origin/devel-2.1'
Conflicts: lib/bootstrap.py: Trivial lib/constants.py: Trivial
Rightname confd's HMAC key
Currently, the ganeti-confd's HMAC key is called “cluster HMAC key” orsimply “HMAC key” everywhere. With the implementation of inter-clusterinstance moves, another HMAC key will be introduced for signing criticaldata. They can not be the same, so this patch clarifies the purpose of the...
daemon-util: Generate daemon path in separate function
daemon-util: Use “return” instead of “exit” in all functions
This is important if they're called directly within daemon-util.
daemon-util: Add function to start and stop all daemons
This is, to some degree, duplicated code from the init script. However,the init script has to conform to standards of the underlying Linuxdistributions, while these functions will be called by Ganeti itself. By...
ganeti.initd: Move all daemon names from init script to daemon-util
The list of daemon names will be used in daemon-util, too.
Signed-off-by: Michael Hanselmann <hansmi@google.com>Reviewed-by: Iustin Pop <iustin@google.com>Reviewed-by: René Nussbaumer <rn@google.com>
ganeti.initd: Move code checking daemon exit code to daemon-util
This is again for re-using code.
ganeti.initd: Move code checking config to daemon-util
This allows for more code re-use. daemon-util will also be used to startall daemons.
daemon-util: Require dashes in commands
Even though the script uses underscores (_) internally, the externalcommands are supposed to be written using dashes (-).
http.auth: Fix bug with checking hashed passwords
When username and password were sent for a resource not requiringauthentication, it wouldn't be accepted if the user in question had ahashed password. The reason was that the function GetAuthRealm used to...
Switch from os.path.join to utils.PathJoin
This passes a full burnin with lots of instances, and should be safe aswe mostly to join a known root (various constants) to a run-timevariable.
Signed-off-by: Iustin Pop <iustin@google.com>Reviewed-by: Michael Hanselmann <hansmi@google.com>
watcher: Acquire lock early and give more friendly message
By opening the lock file early, other programs can lock thestate file to prevent ganeti-watcher from restarting daemons.Using the pause feature is inherently prone to race conditions.
Before a traceback was logged when the lock file couldn't...
Merge remote branch 'origin/devel-2.0' into devel-2.1
Conflicts: NEWS: Trivial configure.ac: Trivial...
Move watcher's EnsureDaemon function to utils
This is going to be used from the nbma repository, to ensure that thenld daemon is running.
Signed-off-by: Guido Trotter <ultrotter@google.com>Reviewed-by: Iustin Pop <iustin@google.com>
Add watcher hooks
These hooks are run on all nodes, after the "base" daemons are started.
Signed-off-by: Guido Trotter <ultrotter@google.com>Reviewed-by: Michael Hanselmann <hansmi@google.com>
Abstract starting the node daemons
We're using a separate function for this, as we're going to add somefunctionality to this feature.
ganeti-watcher: remove unused Indent function
Catch disk activation errors in watcher
If activating disks fails for some reason, the watcher didn'tcatch the exception. With this patch it's caught and logged.
Disable warning for not calling ProcessEvent init
This class doesn't need its constructor to be called.
Move RunInSeparateProcess to ganeti.utils
This function could be useful in other places and thisway we can easily unittest it.
ganeti-noded: Fix bug when export didn't succeed for all disks
snap_disks can contain boolean values. They weren't handled correctly.The error message was “Error while executing backend function: Invalidobject passed to FromDict: expected dict, got <type 'bool'>”....
Merge branch 'stable-2.1' into devel-2.1
Implement debug level across OS-related RPC calls
This doesn't implement the full functionality, we need to add the debuglevel to the opcodes too, but at least won't require changing the RPCcalls during the 2.1 series.
ganeti-cleaner: does 'echo 0' instead of 'exit 0'
This is from Debian Bug#568105.
ganeti-cleaner in one case erroneously calls "echo 0" instead of "exit0". As ganeti-cleaner is called in the daily cronjob, this leads to adaily mail containing just "0" with an unconfigured default install....
Merge remote branch 'origin/stable-2.1' into devel-2.1
ganeti-watcher: ensure confd is running as well
Ganeti-confd should be running on all 2.1 nodes.
node daemon: allow working with broken queue dir
In case the queue dir cannot be create/initialized, currentlyganeti-noded exits. This means that a read-only filesystem or apermission error breaks all node daemon functionality, includingpowercycle. This is not good for the usual failure case for nodes....
daemon-utils: remove usage of here-docs
In some versions of bash, here-docs and here-strings use temporaryfiles, which means daemon-util needs a writable temporary filesystem.Since echo is a bash builtin anyway, it's simple to switch to it andremove this dependency....
Fix lint warnings after my last changes
Remove http.HttpJsonConverter
With the move of the content-type handling to the various users of the HTTPlayer, this class isn't really useful anymore.
http.server: No longer enfore JSON encoding for body
The HTTP layer shouldn't care about the contents of the request data orresponses. This requires further changes in the RAPI code to handle clientrequests correctly.
ganeti-rapi: Remove serial number/ETag code
It was never used as intended.
Factorize LUXI parsing and handling code
Also fix a typo in http/__init__.py and add unittestsfor the LUXI parsing and formatting functions.
daemon-util: Fix quoting issue
This patch fixes a quoting issue in daemon-util:
The reason was that the generated variables were not quoted properly and...
workerpool: Make worker ID alphanumeric
Having a proper name instead of just a number makes debuggingeasier.
Introduce a Luxi call for GetTags
This changes from submitting jobs to get the tags (in cli scripts) toqueries, which (since the tags query is a cheap one) should be muchfaster.
The tags queries are already done without locks (in the generic querypaths for instances/nodes/cluster), so this shouldn't break tags query...
Fix unused imports or add silences where needed
In some cases pylint doesn't parse the import correctly, so we addsilences; but there are also many cases of unused imports, which wesimply remove.
Signed-off-by: Iustin Pop <iustin@google.com>Reviewed-by: Olivier Tharan <olive@google.com>
confd: add a TODO and a pylint disable
Two variables are used in a strange way in ExecConfd. Until that isclarified, add a TODO and a silence for the unused variable warning.
Further pylint disables, mostly for Unused args
Many of our functions have to follow a given API, and thus we have tokeep a given signature, but pylint doesn't understand this. Therefore,we silence this warning.
The patch does a few other cleanups.
daemons: handle arguments correctly and uniformly
Of all daemons, only rapi did abort when given argument. None of ourdaemons use any arguments, but they accepted them blindly. This is avery bad experience for the user.
This patch adds checking and exiting in all daemons, in a uniform way....
Remove more unused variables
This removes unused variables in the rest of the code (outside lib/).
Add targeted pylint disables
This patch should have only:
- pylint disables- docstring changes- whitespace changes
Rename an ConfdInotifyEventHandler init argument
'file' is a builtin keyword/type. Like many others, it should not beused as a variable/argument name.
No code is actually passing in this argument so renaming it is simple.
Fix use of the logging functions
The logging functions expand the arguments themselves, thus it's saferto let them do it rather than manual string formatting.
Also re-wraps one comment.
Change pyinotify import for broader compatibility
On some distributions pyinotify is installed in a different way, and theactual module just contains an internal pyinotify entry, which is theactual library. On others the main pyinotify module contains the library...
daemon.GenericMain: Don't use dict for SSL paths, improve CLI options
Pass SSL certificate and key paths from ganeti-* instead of using a dict. Thepatch also improves the --ssl-{key,cert} options by giving the default in--help output and changes the validation a bit....
daemon.GenericMain: Don't use list of multithreaded daemons
Passing it in as a parameter seems more logical.
Remove quotes from CommaJoin and convert to it
This patch removes the quotes from CommaJoin and converts most of thecallers (that I could find) to it. Since CommaJoin does str(i) for i inparam, we can remove these, thus simplifying slightly a few calls....
Use “daemon-util” to reload SSH keys
Processor: support a unique execution id
When the processor is executing a job, it can export the execution id toits callers. This is not supported for Queries, as they're not executedin a job.
config.Add{Node,Instance}: get the ec id
This is ok because adding a node or instance cannot happen in a query.
We get the ec id from the LU and pass it to _EnsureUUID, which willthen for now not use it.
Add new “daemon-util” script to start/stop Ganeti daemons
Until now, Ganeti started and stopped its own daemons using custom functions.To start, the daemon was just executed and then sent the appropriate signals tostop it again. Init scripts would have to pay attention to the PID file and...
Convert the rest of the OpPrereqError users
This finishes the conversion of OpPrereqError creation to two-argumentstyle. Any leftovers as one-argument are not breaking anything, justlosing information about the errors.
ganeti-rapi: Use new function to verify passwords
This enables the use of hashed passwords in rapi_users.
Adding '--no-ssh-init' option to 'gnt-cluster init'.
Allows the initialization of a cluster without the creation or distributionof SSH key pairs. Includes changes for LeaveCluster and RPC.
Signed-off-by: Ken Wehr <ksw@google.com>Signed-off-by: Guido Trotter <ultrotter@google.com>...
Add timeout options to other LUs
All the LUs that shut down the instance need to be able too pass thetimeout parameter as well.
Accept shutdown timeout from the user
Using the new --timeout option:
- gnt-instance shutdown is changed to accept a timeout- the opcode is changed to hold one- the LU is changed to optionally get one- the rpc is changed to carry one- the backend is changed to take it as a parameter rather than...
Remove ‘-u’ from masterd shebang
This is not needed anymore - the original change was more than a yearago when masterd was in its incipient phase.
ganeti-confd: cleanup imports
Many functionalities of confd have been moved to other classes/modules,and the main confd daemon doesn't reference these modules directlyanymore.
ganeti-confd: don't depend on the os log dir
ganeti-confd doesn't need to log anything related to os installations.
Move the luxi error handling into errors.py
Currently the luxi error handling is hardcoded as special encoding onthe masterd-side and special decoding on the client side. This patchmoves it to errors.py such that other parts of the code can reuse thesame encoding....
Make ganeti-watcher use the standard debug option
Remove RpcResult.RemoteFailMsg completely
ganeti-confd: remove partial imports
ConfdAsyncUDPServer: handle signals at read time
Currently if a signal is delivered during an attempted read, anexception is logged in the logfile. There is no need for this, so wehandle this case explicitely.
ConfdAsyncUDPServer: defer handling writes
Currently if we fail writing to the socket (perhaps because a signal wasdelivered) we lose the data we were sending. Although this is not toobad (it's udp, and data may get lost anyway) we try to avoid this by...
Abstract AsyncUDPSocket to daemon
This allows this extended asyncore+udp module to be used also in otherdaemons, and in the confd client library
ConfdAsyncUDPServer: fix a docstring
It refers to an older input variable
Add a magic fourcc code to confd packets
This will make it easier to change the protocol later on
ganeti-confd: explicitely log failed big sends
Make sure that if we try to send packages which are too big (whichshouldn't happen) this gets properly logged in the config file.
Signed-off-by: Guido Trotter <ultrotter@google.com>Reviewed-by: Luca Bigliardi <shammash@google.com>
Move fourcc packing/unpacking to main confd module
This way it can be used by the client as well