Statistics
| Branch: | Tag: | Revision:

root / daemons @ 69d89cb5

# Date Author Comment
69d89cb5 09/07/2010 02:26 pm René Nussbaumer

Partial Revert "Let ganeti-rapi run under a different user/group"

This partially reverts commit 8b72b05c51208190796b558233d69dae7643c7f7.

Basically it removes the user involved changes

Signed-off-by: René Nussbaumer <>
Reviewed-by: Michael Hanselmann <>

ae8419a2 09/07/2010 01:07 pm Michael Hanselmann

Merge branch 'devel-2.2'

  • devel-2.2:
    cli: Use list of options shared between commands
    jqueue: Use separate function for encoding errors
    Fix some epydoc warnings
    Fix breakage introduced by commit 8044bf655
    Remove “dry_run” from opcodes.OpCreateInstance...
fa697271 09/07/2010 01:06 pm Michael Hanselmann

Merge branch 'stable-2.2' into devel-2.2

  • stable-2.2:
    Fix breakage introduced by commit 8044bf655
    Remove “dry_run” from opcodes.OpCreateInstance
    Disable the RAPI CA checks in watcher
    move-instance: Fix parameter order in _CreateInstance

Signed-off-by: Michael Hanselmann <>...

b370482d 09/06/2010 01:54 pm René Nussbaumer

Allow ensure-dirs to run partially and skip big file chunks

The startup of the daemons would take a lot of time otherwise,
also it's not needed to set the permissions of those file over
and over again, because if the daemons are once migrated to the
user they will keep creating the file for that user....

5224330e 09/06/2010 01:54 pm René Nussbaumer

Adapt ensure-dirs to accomodate the additional permissions and files

Please note that this can and will be improved over time. There are discussions
about automated file generation of ensure-dirs so we can really keep all the
permissions and file ownerships in one place. Because right now they are all...

34f06005 09/02/2010 02:04 pm Iustin Pop

Disable the RAPI CA checks in watcher

Since the RAPI certificate is not necessarily self-signed, and we
currently don't have any configuration variable for the real CA file, we
disable for now the CA checks. This fixes the 'restart RAPI every 5
minutes' problem with non-self-signed certs....

c30421e0 08/25/2010 12:56 pm René Nussbaumer

Merge branch 'devel-2.2'

hansmi helped me with merging the conflict. Thanks

Conflicts:
lib/workerpool.py

Signed-off-by: René Nussbaumer <>
Reviewed-by: Iustin Pop <>

19b9ba9a 08/24/2010 05:57 pm Michael Hanselmann

Add simple lock monitor

This patch adds an initial implementation of a lock monitor, accessible
for the user through “gnt-debug locks”. It currently shows all resource
locks: BGL, nodes and instances. Config and job queue locks could be
shown too, but wouldn't be of much help. The current owner(s) and mode...

19ddc57a 08/23/2010 03:40 pm René Nussbaumer

Add RPC calls to update /etc/hosts

Signed-off-by: René Nussbaumer <>
Reviewed-by: Iustin Pop <>
Reviewed-by: Michael Hanselmann <>

e8d61457 08/19/2010 03:12 pm René Nussbaumer

Removing all ssh setup code from the core

Signed-off-by: René Nussbaumer <>
Reviewed-by: Iustin Pop <>

b705c7a6 08/18/2010 11:27 am Manuel Franceschini

Support for resolving hostnames to IPv6 addresses

This patch enables IPv6 name resolution by using socket.getaddrinfo
instead of socket.gethostbyname_ex.

It renames the HostInfo class to Hostname and unifies its use throughout
the code. This is achieved by using static calls where no object is...

8b312c1d 08/18/2010 11:26 am Manuel Franceschini

Introduce new IPAddress classes

This patch unifies the netutils functions dealing with IP addresses to
three classes:
- IPAddress: Common IP address functionality
- IPv4Address: IPv4 specific functionality
- IPv6address: IPv6-specific functionality

Furthermore it adds methods to check whether an address is a loopback...

b2e8a4d9 07/29/2010 04:05 pm Michael Hanselmann

workerpool: Change signature of AddTask function to not use *args

By changing it to a normal parameter, which must be a sequence, we can
start using keyword parameters.

Before this patch all arguments to “AddTask(self, *args)” were passed as
arguments to the worker's “RunTask” method. Priorities, which should be...

340f4757 07/26/2010 05:49 pm Iustin Pop

masterd: move the IP activation from Exec to Check

Currently, the master IP activation is done in the Exec function. Since
the original masterd process returns after forking, and Exec is run in
the (grand)child process, this means that after 'ganeti-masterd' has...

e0e916fe 07/26/2010 05:45 pm Iustin Pop

Move the UsesRPC decorator from cli to rpc

This is needed because not just the cli scripts need this decorator, but
the master daemon too (and it already duplicated the code once).

In cli.py we just leave a stub, so that we don't have to modify all the
scripts to import rpc.py....

f5116c87 07/26/2010 05:09 pm Iustin Pop

watcher: smarter handling of instance records

This patch implements a few changes to the instance handling. First, old
instances which no longer exist on the cluster are removed from the
state file, to keep things clean.

Second, the instance restart counters are reset every 8 hours, since...

33231500 07/16/2010 06:18 pm Michael Hanselmann

Convert RPC client to PycURL

Instead of using our custom HTTP client, using PycURL's multi
interface allows us to get rid of the HTTP client threadpool.
The majority of the code is still in the ganeti.http.client
module.

A simple per-thread HTTP client pool gives cURL a chance to...

d8bcfe21 07/12/2010 03:58 pm Manuel Franceschini

Confd IPv6 support

This patch series basically adds a new parameter 'family' to the constructors
of daemon.AsyncUDPSocket and confd.client.ConfdUDPClient. This enables the
users of these two classes to support IPv6.

In ganeti-confd.ConfdAsyncUDPClient a method to check the address families of...

a744b676 07/09/2010 04:37 pm Manuel Franceschini

Introduce lib/netutils.py

This patch moves network utility functions to a dedicated module.

Signed-off-by: Manuel Franceschini <>
Reviewed-by: Iustin Pop <>

7e5913a7 07/07/2010 05:50 pm Luca Bigliardi

Merge branch 'devel-2.1'

Signed-off-by: Luca Bigliardi <>
Reviewed-by: Iustin Pop <>

4c32a8bd 07/07/2010 05:45 pm Luca Bigliardi

Mlockall: decrease warnings if ctypes module is not present

Node daemon prints a lot of warnings if --no-mlock option is not specified and
ctypes module is not present.

With the following patch the warning is printed only at noded startup.

Signed-off-by: Luca Bigliardi <>...

c46b9782 07/06/2010 12:24 pm Luca Bigliardi

Add drbd_helper rpc call

Signed-off-by: Luca Bigliardi <>
Reviewed-by: Iustin Pop <>

9e47cad8 07/02/2010 06:34 pm Iustin Pop

Fix ganeti-rapi version string

This was "broken" for almost a year :)

Signed-off-by: Iustin Pop <>
Reviewed-by: Guido Trotter <>

2a7c3583 07/01/2010 03:13 pm Michael Hanselmann

RAPI client: Switch to pycURL

Currently the RAPI client uses the urllib2 and httplib modules from
Python's standard library. They're used with pyOpenSSL in a very fragile
way, and there are known issues when receiving large responses from a RAPI
server.
...

9769bb78 06/30/2010 01:41 pm Manuel Franceschini

Rename some constants to facilitate IPv6 support

Signed-off-by: Manuel Franceschini <>
Reviewed-by: Guido Trotter <>

e0dbb89b 06/30/2010 01:07 pm Guido Trotter

Add missing pylint disable for "except:"

Why it's needed here but not a few lines above is a mistery that only
pylint understands.

Also fix an indentation error in another disable, for the same function.

Signed-off-by: Guido Trotter <>...

7e5a6e86 06/29/2010 06:20 pm Guido Trotter

masterd: use AsyncTerminatedMessageStream for luxi

Each luxi connection now creates an asyncore MasterClientHandler (which
is an AsyncTerminatedMessageStream subclass, sending each message to a
client worker). This makes it harder to DOS the master daemon by just...

acd9ff9e 06/23/2010 07:23 pm Iustin Pop

Introduce an RPC call for OS parameters validation

While we only support the 'parameters' check today, the RPC call is
generic enough that will be able to support other checks in the future.
The backend function will both validate the parameters list (so as to...

1d3dfa29 06/14/2010 07:57 pm Michael Hanselmann

import/export daemon: Add support for a magic prefix

This “magic” value will be used to ensure that we don't accidentially
connect to the wrong daemon (e.g. due to a bug), comparable to DRBD's
per-disk secret. Just depending on the SSL certificate isn't enough...

acd65a16 06/14/2010 07:56 pm Michael Hanselmann

import/export: Validate remote host/port

The hostname and port received from the remote cluster should
be validated, just in case.

Signed-off-by: Michael Hanselmann <>
Reviewed-by: Guido Trotter <>

560cbec1 06/14/2010 07:55 pm Michael Hanselmann

Handle ESRCH when sending signals

Upon sending signals, ESRCH can be reported when the target no
longer exists.

Signed-off-by: Michael Hanselmann <>
Reviewed-by: Guido Trotter <>

6abf7f2c 06/11/2010 12:23 pm Guido Trotter

Remove the job queue drain rpc call

This call was introduced but never used. In two years.
Since it's just creating/removing a file it can also be in simpler ways,
without a special rpc call, if/when we need it again. In the meantime,
let's give it to history....

7172f605 06/10/2010 12:17 pm Michael Hanselmann

Add unittest for ganeti-cleaner

Signed-off-by: Michael Hanselmann <>
Reviewed-by: Guido Trotter <>

f9323011 06/08/2010 04:12 pm Michael Hanselmann

import/export: Allow script to predict size

Once we have a size for an export (in the context of the
import/export daemon), we can provide the user with a
percentage and ETA.

Signed-off-by: Michael Hanselmann <>
Reviewed-by: Guido Trotter <>

c08d76f5 06/08/2010 04:12 pm Michael Hanselmann

import/export daemon: Record amount of data transferred

This reports the amount of data transferred and the throughput (averaged
over 60 seconds) to the master daemon. While not yet fully implemented,
once the export scripts report the expected data size, we can even provide...

158377f3 06/04/2010 08:05 pm Guido Trotter

ensure-dirs: don't fail if no rapi log is present

Sometimes a node has never been a master. Or ran rapi. In that case we
need to create the file (because if later rapi gets started, it won't be
able to create it itself).

Signed-off-by: Guido Trotter <>...

46a8da3b 06/04/2010 05:23 pm René Nussbaumer

Let daemon-utils fix the owners for ganeti-rapi

This is a workaround until we fully switched to user separation and fixes the
owners of directories/log files so ganeti-rapi will start flawlessly. This is
right now run for every daemon but as it operates on a relatively small subset...

bbfd0568 06/04/2010 05:23 pm René Nussbaumer

Modify ganeti-masterd to set permission and owner of masterd-socket

Signed-off-by: René Nussbaumer <>
Reviewed-by: Michael Hanselmann <>

8b72b05c 06/04/2010 05:22 pm René Nussbaumer

Let ganeti-rapi run under a different user/group

Signed-off-by: René Nussbaumer <>
Reviewed-by: Michael Hanselmann <>

cdd7f900 06/03/2010 01:48 pm Guido Trotter

Convert ganeti-masterd's main thread to mainloop

Not much changes with this patch. The main loop for the IOServer is
repaced by mainloop.Run() and the main thread now uses asyncore to
handle connections to the master socket. Once it accepts them, though,...

db147305 06/03/2010 12:39 pm Tom Limoncelli

ganeti-watcher should attempt to fix ganeti-rapi

Update ganeti-watcher so that it tests the master's RAPI port with a
simple test (in this case GetVersion). If it fails, make one attempt
at restarting ganeti-rapi and retest.

- daemons/ganeti-watcher: Test rapi and make one attempt at restarting it....

bb44b1ae 05/28/2010 07:50 pm Michael Hanselmann

import/export daemon: Move command building into separate module

The import/export daemon code is already large. Moving some code
to a separate module will make it smaller and easier to test.

Signed-off-by: Michael Hanselmann <>
Reviewed-by: Guido Trotter <>

34c9ee7b 05/28/2010 07:50 pm Michael Hanselmann

import/export daemon: Move some I/O processing code to module

The code parsing the child process' output is moved to a separate
class in the impexpd module. As more programs are added, it'll
become more complex and should be separated.

Signed-off-by: Michael Hanselmann <>...

1e915b86 05/28/2010 07:33 pm Michael Hanselmann

import/export daemon: Move command building into class

Instead of passing around many variables for building the executed
command, they're now kept as instance variables.

Signed-off-by: Michael Hanselmann <>
Reviewed-by: Guido Trotter <>

fadc3742 05/25/2010 02:30 pm Guido Trotter

Merge branch 'devel-2.1'

  • devel-2.1:
    Test for errors during inotify callback
    SingleFileEventHandler: Remove try/except blocks
    ErrorLoggingAsyncNotifier
    daemon.GanetiBaseAsyncoreDispatcher

Signed-off-by: Guido Trotter <>
Reviewed-by: Iustin Pop <>

e9c8deab 05/25/2010 01:16 pm Guido Trotter

ErrorLoggingAsyncNotifier

This mixes AsyncNotifier with GanetiBaseAsyncoreDispatcher to provide an
AsyncNotifier which will log errors, rather than bail out.

Signed-off-by: Guido Trotter <>
Reviewed-by: Iustin Pop <>

eb630f50 05/21/2010 06:17 pm Michael Hanselmann

Put common import/export daemon options into object

The X509 key name and CA are passed from cmdlib all the way to
the backend import/export daemon. With the addition of an option
to choose the compression method, another parameter would have
to be passed all the way. By moving these options to a separate...

7e3c1da6 05/21/2010 06:16 pm Michael Hanselmann

import-export daemon: Allow changing compression method

For example, exports on the same node shouldn't be compressed.

Signed-off-by: Michael Hanselmann <>
Reviewed-by: Guido Trotter <>

39019f91 05/21/2010 02:24 pm Guido Trotter

Merge branch 'devel-2.1'

  • devel-2.1:
    Add asyncnotifier unittests
    Make ConfdInotifyEventHandler a library function
    Comment on AsyncNotifier upstream's availability
    Remove errors.ConfdFatalError
    TestMainloop: test scheduler priorities as well
    Fix race condition in mainloop unittest...
c666f1f4 05/21/2010 01:45 pm Guido Trotter

Make ConfdInotifyEventHandler a library function

Cut&Paste, plus the following changes:
- The class is renamed to SingleFileEventHandler
- The monitored filename must be passed in and doesn't default to the
ganeti cluster config file
- A small docstring is added to the class...

e22af31d 05/21/2010 01:45 pm Guido Trotter

Remove errors.ConfdFatalError

This exception is caught, but never thrown. It became useless when we
moved confd from on/off to enabled/disabled, but always running on all
nodes. Removing its definition and the code catching it can do no harm.

Signed-off-by: Guido Trotter <>...

b38599d8 05/18/2010 05:14 pm Guido Trotter

Merge branch 'devel-2.1'

  • devel-2.1:
    Abstract the LUXI eom into a constant
    KVM: vhost net acceleration support

Conflicts:
lib/luxi.py
- trivial

Signed-off-by: Guido Trotter <>
Reviewed-by: Iustin Pop <>

c6ccba7e 05/18/2010 03:40 pm Michael Hanselmann

ganeti-cleaner: Remove expired X509 certs

Importing/exporting an instance to a remote machine creates X509
certificates which expire after some time. They need to be removed from
the nodes as they become useless.

Signed-off-by: Michael Hanselmann <>...

25942a6c 05/18/2010 02:08 pm Guido Trotter

Abstract the LUXI eom into a constant

Currently the EOM terminator is hardcoded on the server side, and is
customizable in the Transport object (with the default being the same as
the value found in the server), but not in the luxi client.

With this patch we move the value to constants, and remove the "fake"...

e9f637cb 05/18/2010 02:06 pm Michael Hanselmann

Merge branch 'devel-2.1'

  • devel-2.1:
    ganeti-cleaner: Write log file with removed files
    RAPI client: Handle urllib2.HTTPError and raise GanetiApiError

Signed-off-by: Michael Hanselmann <>
Reviewed-by: Iustin Pop <>

f6781abf 05/18/2010 01:55 pm Michael Hanselmann

ganeti-cleaner: Write log file with removed files

Logfiles can be useful for debugging.

Signed-off-by: Michael Hanselmann <>
Reviewed-by: Iustin Pop <>

31ff0247 05/17/2010 02:17 pm Michael Hanselmann

Merge branch 'devel-2.1'

  • devel-2.1:
    RAPI: /2/{nodes,instances}/$name should return 404 for unknown items
    ganeti-masterd: Improve error logging for client requests
    Return disk_template from LUQueryInstanceData
    RAPI client: Rename Get{Node,Instance}Info, add new GetInstanceInfo...
d2fc26dd 05/17/2010 01:52 pm Michael Hanselmann

ganeti-masterd: Improve error logging for client requests

Ganeti errors should also be logged with a backtrace.

Signed-off-by: Michael Hanselmann <>
Reviewed-by: Iustin Pop <>

bebf68d3 05/14/2010 12:09 pm Guido Trotter

ganeti-noded: add the --no-mlock option

While mlock on noded is definitely good in most situations, there are
some - namely my laptop - where it has no benefit, and uses precious
non-swappable memory. To avoid this we make it optional, with a new
--no-mlock option. Note that only the main node daemon and its http...

1c54156d 05/13/2010 07:40 pm Luca Bigliardi

Merge branch 'devel-2.1'

Conflicts:
daemons/ganeti-noded
lib/daemon.py
lib/rapi/baserlib.py
lib/rapi/rlib2.py
lib/utils.py

Signed-off-by: Luca Bigliardi <>
Reviewed-by: Michael Hanselmann <>

565083ef 05/13/2010 04:32 pm Luca Bigliardi

Use console_logging in node daemon

Node daemon logs will be printed on system console if writing on the log file
fails.

Signed-off-by: Luca Bigliardi <>
Reviewed-by: Michael Hanselmann <>

38b77287 05/13/2010 04:31 pm Luca Bigliardi

Lock node daemon children in memory

Signed-off-by: Luca Bigliardi <>
Reviewed-by: Michael Hanselmann <>

02bea2fc 05/13/2010 04:31 pm Luca Bigliardi

Lock node daemon in memory

Signed-off-by: Luca Bigliardi <>
Reviewed-by: Michael Hanselmann <>

c1e7897d 05/04/2010 03:37 pm Michael Hanselmann

Merge branch 'devel-2.1'

  • devel-2.1:
    cfgupgrade: allow working with relative paths
    Cleanup /etc/hosts during node removal
    verify cluster: check /etc/hosts consistency
    Change the migration message
    qa: enable early release during parallel burnin...
71d23b33 05/03/2010 06:14 pm Iustin Pop

Fix pylint 0.20.0 warnings

These seem to be wrong, possibly a regression in pylint.

Signed-off-by: Iustin Pop <>
Reviewed-by: Guido Trotter <>

043f2292 04/27/2010 05:22 pm Michael Hanselmann

Retry connection in import-export daemon

Until now, exactly one attempt was made to establish a connection.
If it failed, the whole import/export for the disk in question
aborted. Retrying will make it more reliable.

Unfortunately the listening part can't be made completely...

29da446a 04/27/2010 05:22 pm Michael Hanselmann

Use new class for wakeup file descriptor in import/export daemon

Signed-off-by: Michael Hanselmann <>
Reviewed-by: René Nussbaumer <>

4ca693ca 04/27/2010 05:22 pm Michael Hanselmann

Move some code into separate class in import/export daemon

Signed-off-by: Michael Hanselmann <>
Reviewed-by: René Nussbaumer <>

1077f25c 04/26/2010 02:30 pm Michael Hanselmann

Merge branch 'devel-2.1'

  • devel-2.1:
    masterd: Log PID, UID and GID of connected client
    qa: Use qa_utils.UploadFile to upload rapi_users file
    devel/upload: add --no-debug option

Conflicts:
lib/utils.py: Trivial

Signed-off-by: Michael Hanselmann <>...

f93f2016 04/23/2010 06:07 pm Michael Hanselmann

masterd: Log PID, UID and GID of connected client

This can be very useful if client programs run as non-root.

Signed-off-by: Michael Hanselmann <>
Reviewed-by: Guido Trotter <>

47f8a2d2 04/23/2010 05:50 pm Michael Hanselmann

Remove two unused RPC functions

Both of these functions, “snapshot_export” and “instance_os_import”,
have been replaced by the instance import/export daemon.

Signed-off-by: Michael Hanselmann <>
Reviewed-by: Guido Trotter <>

f81c4737 04/22/2010 02:35 pm Michael Hanselmann

Add RPC call to send SIGTERM to import/export daemon

This will be used to stop the daemon without doing complete cleanup (yet).

Signed-off-by: Michael Hanselmann <>
Reviewed-by: Iustin Pop <>

ef40fbfb 04/22/2010 02:35 pm Michael Hanselmann

Rename import/export RPC calls to match others

Signed-off-by: Michael Hanselmann <>
Reviewed-by: Iustin Pop <>

1651d116 04/16/2010 04:24 pm Michael Hanselmann

Add RPC calls to import and export instance data

These RPC calls can be used to start, monitor and stop the instance data
import/export daemon.

Signed-off-by: Michael Hanselmann <>
Reviewed-by: Iustin Pop <>

2d76b580 04/16/2010 04:24 pm Michael Hanselmann

Add daemon for instance import and export

This backend daemon for instance import and export will be used to
transfer instance data to other machines. It is implemented in a generic
way to support different ways of data input and output. The third-party
program “socat”, which is already used by the KVM hypervisor abstraction,...

e7a25b08 04/12/2010 12:36 pm Guido Trotter

Merge branch 'devel-2.1'

  • devel-2.1:
    burnin: only remove instances we actually added
    burnin.ExecOrQueue: add post-process function
    burnin.ExecOrQueue: remove variable argument list
    Fix new pylint errors
    Rename the confd_client unittest (to confd.client)...
fe7c59d5 04/09/2010 05:54 pm Guido Trotter

Fix new pylint errors

Under squeeze pylint reports the following errors:
  • Module ganeti.serializer
    E1103:155:LoadSignedJson: Instance of 'False' has no 'get' member (but some types could not be inferred)
  • Module ganeti-masterd
    E1103:166:ClientRqHandler.handle: Instance of 'False' has no 'get' member (but some types could not be inferred)...
ebacb943 04/09/2010 10:57 am Iustin Pop

Make watcher request the max coverage

Since the actions are potentially destructive, we should try to get a
consistent view of the cluster, so it's better to get the most coverage
possible.

Signed-off-by: Iustin Pop <>
Reviewed-by: Guido Trotter <>

50273051 04/08/2010 06:50 pm Iustin Pop

Watcher: automatic shutdown of orphan resources

This patch changes the watcher so that it maintains (on all nodes) the
list of instances and DRBD devices by shutting down ones that confd
daemons indicate should not be running on this node.

Signed-off-by: Iustin Pop <>...

921efbb3 04/06/2010 03:32 pm Michael Hanselmann

Merge remote branch 'devel-2.1'

  • devel-2.1:
    Extend ConfdFilterCallback with consistency checks
    Abstract the confd client creation
    Remove unused import from test file
    kvm_flag hypervisor parameter
    Move the runas user at execution time
    Send "501 Not Implemented" back when method not found...
33664046 03/30/2010 05:21 pm René Nussbaumer

Send "501 Not Implemented" back when method not found

Before this was "400 Bad Request" and thus it didn't reflect
the reality.

Signed-off-by: René Nussbaumer <>
Reviewed-by: Iustin Pop <>

10e689d4 03/23/2010 12:21 pm Iustin Pop

Watcher: do not warn for missing hooks dir

If the hooks dir does not exist, do not warn needlessly. This is similar
to commit a9b7e346 (for backend.py).

Signed-off-by: Iustin Pop <>
Reviewed-by: René Nussbaumer <>

55c85950 03/23/2010 12:21 pm Iustin Pop

Watcher: fix some doc typos

Signed-off-by: Iustin Pop <>
Reviewed-by: René Nussbaumer <>

24f40363 03/23/2010 11:56 am Guido Trotter

Merge branch 'devel-2.1'

  • devel-2.1:
    ganeti-confd: Call pyinotify flags correctly
    Fix burnin error when trying to grow a file volume
    Some epydoc fixes
    A rewrite of LUClusterVerify
    Introduce a bool CLI option type
    Fix backend.VerifyNode behaviour for VG problems...
675bf1b7 03/23/2010 11:31 am Guido Trotter

ganeti-confd: Call pyinotify flags correctly

The "apparently pylint was right" commit.

Although the pyinotify constants work on old distributions, they fail on
new ones, with new python. Fixing this by calling them in a way that
works everywhere.

Signed-off-by: Guido Trotter <>...

3a488770 03/23/2010 10:35 am Iustin Pop

Some epydoc fixes

Signed-off-by: Iustin Pop <>
Reviewed-by: Guido Trotter <>

d8f5a37d 03/18/2010 05:28 pm Iustin Pop

Add a hint to masterd for inconsistent clusters

Signed-off-by: Iustin Pop <>
Reviewed-by: Guido Trotter <>

f942a838 03/17/2010 07:19 pm Michael Hanselmann

Add RPC calls to create and remove X509 certificates

Certificates and keys generated using these functions will be used for
inter-cluster instance moves. As per design, the private key should never
leave the node.

Signed-off-by: Michael Hanselmann <>...

084aba47 03/15/2010 07:00 pm Michael Hanselmann

Merge remote branch 'origin/devel-2.1'

  • origin/devel-2.1:
    Rightname confd's HMAC key
    Rename SSL_CERT_FILE to NODED_CERT_FILE
    Clarify the error message for ':' in PV names

Conflicts:
lib/bootstrap.py: Trivial
lib/constants.py: Trivial

Signed-off-by: Michael Hanselmann <>...

6b7d5878 03/15/2010 06:40 pm Michael Hanselmann

Rightname confd's HMAC key

Currently, the ganeti-confd's HMAC key is called “cluster HMAC key” or
simply “HMAC key” everywhere. With the implementation of inter-cluster
instance moves, another HMAC key will be introduced for signing critical
data. They can not be the same, so this patch clarifies the purpose of the...

bb3776b4 03/15/2010 04:25 pm Michael Hanselmann

Merge remote branch 'origin/devel-2.1'

  • origin/devel-2.1: (116 commits)
    Implement replacing cluster certs and keys via “gnt-cluster renew-crypto”
    cli: Add helper function to stop and start whole cluster
    cfgupgrade: Use new bootstrap function for certs and keys...
a34d8cc0 03/12/2010 05:44 pm Michael Hanselmann

daemon-util: Generate daemon path in separate function

Signed-off-by: Michael Hanselmann <>
Reviewed-by: Iustin Pop <>

49d43244 03/12/2010 05:44 pm Michael Hanselmann

daemon-util: Use “return” instead of “exit” in all functions

This is important if they're called directly within daemon-util.

Signed-off-by: Michael Hanselmann <>
Reviewed-by: Iustin Pop <>

2250afb3 03/12/2010 05:44 pm Michael Hanselmann

daemon-util: Add function to start and stop all daemons

This is, to some degree, duplicated code from the init script. However,
the init script has to conform to standards of the underlying Linux
distributions, while these functions will be called by Ganeti itself. By...

5d8acbdd 03/12/2010 05:44 pm Michael Hanselmann

ganeti.initd: Move all daemon names from init script to daemon-util

The list of daemon names will be used in daemon-util, too.

Signed-off-by: Michael Hanselmann <>
Reviewed-by: Iustin Pop <>
Reviewed-by: René Nussbaumer <>

10c5c1c3 03/12/2010 05:44 pm Michael Hanselmann

ganeti.initd: Move code checking daemon exit code to daemon-util

This is again for re-using code.

Signed-off-by: Michael Hanselmann <>
Reviewed-by: Iustin Pop <>
Reviewed-by: René Nussbaumer <>

d2baa21d 03/12/2010 05:44 pm Michael Hanselmann

ganeti.initd: Move code checking config to daemon-util

This allows for more code re-use. daemon-util will also be used to start
all daemons.

Signed-off-by: Michael Hanselmann <>
Reviewed-by: René Nussbaumer <>

7289c16e 03/12/2010 05:44 pm Michael Hanselmann

daemon-util: Require dashes in commands

Even though the script uses underscores (_) internally, the external
commands are supposed to be written using dashes (-).

Signed-off-by: Michael Hanselmann <>
Reviewed-by: René Nussbaumer <>

23ccba04 03/10/2010 12:17 pm Michael Hanselmann

http.auth: Fix bug with checking hashed passwords

When username and password were sent for a resource not requiring
authentication, it wouldn't be accepted if the user in question had a
hashed password. The reason was that the function GetAuthRealm used to...

c4feafe8 03/08/2010 03:48 pm Iustin Pop

Switch from os.path.join to utils.PathJoin

This passes a full burnin with lots of instances, and should be safe as
we mostly to join a known root (various constants) to a run-time
variable.

Signed-off-by: Iustin Pop <>
Reviewed-by: Michael Hanselmann <>