hv_chroot: move unmount to CleanupInstance()
This allows cleanup to be done properly if the "instance" wasn't runningat all (based on the CleanupInstance framework, instead of the retry inhypervisor).
Signed-off-by: Iustin Pop <iustin@google.com>Reviewed-by: Guido Trotter <ultrotter@google.com>
LUSetClusterParams: initialize needed parameters
… since the opcode doesn't auto-initialize to None.
Signed-off-by: Iustin Pop <iustin@google.com>Reviewed-by: Balazs Lecz <leczb@google.com>
Add a hypervisor constant for migration support
This variable can be used by other tools to determine in a generic waywhether a given hypervisor supports migration or not.
Signed-off-by: Iustin Pop <iustin@google.com>Reviewed-by: Michael Hanselmann <hansmi@google.com>
burnin: skip migration based on hypervisor support
The patch adds selection of hypervisor in burnin (on multi-hypervisorclusters, we always used the default) and optional hypervisorparameters, and skips migration if the hypervisor doesn't support it.
Signed-off-by: Iustin Pop <iustin@google.com>...
Fix indentation error
Commit 9cf4321fc39ec36359d9c90b22b36d33b6adc2f4 indented some lines by4 spaces rather than 2, and was git-amed without noticing. Fixing.
Signed-off-by: Guido Trotter <ultrotter@google.com>Reviewed-by: Iustin Pop <iustin@google.com>
utils: Add function for partial application of function arguments
The function's code was mostly copied from Python's documentationand it's equivalent to “functools.partial” in Python 2.5 and above.
Signed-off-by: Michael Hanselmann <hansmi@google.com>...
gnt-instance info: sort the hv parameters
Add -usbdevice tablet to KVM when using vnc
When using VNC, it is recommended to use a tablet-styleinput device instead of a mouse. This allows most VNC viewersto send proper mouse coordinates to the virtual machine's desktopresulting in perfectly aligned guest and host mouse pointers....
Only use boot=on on non-ide disks only (KVM)
boot=on implies that KVM boots using extboot. This is only requiredto boot non-IDE disks and has the side-effect that there is at mostone bootable device. This behaviour breaks some operating systems,most notably the windows installer that tries to chainload the hard-disk...
KVM: fix a bug in _TryReadUidFile
If the uid pool is not in use _TryReadUidFile will try to return "uid" even if it hasn't tried to read it at all.
Fix RAPI client methods return values
Ensure that all RAPI client methods that should return job ids actuallyreturn job ids.
Signed-off-by: David Knowles <dknowles@google.com>Reviewed-by: Iustin Pop <iustin@google.com>Signed-off-by: Iustin Pop <iustin@google.com>
security.rst: add a KVM security section
KVM: implement the HT_SM_POOL security model
In order not to complicate to much the _ExecuteKVMRuntime function withnested try/except/finally/else constructs we move the actualruncmd+check call in a separate _RunKVMCmd function.
Signed-off-by: Guido Trotter <ultrotter@google.com>...
KVM: add an instance uid file concept
If this file exists, for an instance, we release the uid containedinside back to the uid pool, at instance shutdown.
ReleaseUid: accept an integer as uid
We can't guarantee to keep the LockedObject around, when ReleaseUid iscalled (because that might happen, for example, after a ganetishutdown/restart). So we'll support releasing on just an integer uid.
LockedUid: add GetUid() method
uidpool users that get passed a LockedUid by the uidpool need to knowwhich one the uid is. Since it's not nice to make them access a privatemember, and we shouldn't make "uid" public either, we'll add a gettermethod.
KVM: move post-shutdown cleanup operations
Currently putting the cleanup just after the actual shutdown ensuresthat it never gets called, due to how the retry/shutdown cycle works.So we move those cleanups to their new dedicated place.
_PrintGroupedParams: sort before printing
It's a lot easier, when looking at the output, if you can search theparameter you're looking for alphabetically.
Add CleanupInstance hypervisor call
Currently some hypervisors (namely kvm) need to do some cleanup aftermaking sure an instance is stopped. With the moving of the retry cyclein backend those cleanups were never done. In order to solve this we adda new optional hypervisor function, CleanupInstance, which gets called...
Using the added stop-all functionality from daemon-utils in cluster-merge
Additionally also move to the RunWhileStopped method for the configuration merger.
Signed-off-by: René Nussbaumer <rn@google.com>Reviewed-by: Guido Trotter <ultrotter@google.com>...
Complete check-man changes from 5fa16422
Commit 5fa16422 removed the checks at sed time, but only for %.7. Weneed to do it for %.8 too.
Fix a typo commited→committed in gnt-instance.sgml
Fix changing the list of enabled hypervisors
When enabling a new hypervisor, we must ensure that we have itsparameters in the cluster (global) hvparams dictionary.
Furthermore, we add a verify check for this case (this should be betterreplaced with an auto-fix?)....
Fix heading to the one of epydoc
Signed-off-by: René Nussbaumer <rn@google.com>Reviewed-by: Iustin Pop <iustin@google.com>
Fix gnt-node powercycle documentation
Fix options description in the documentation for gnt-node powercycle.
Signed-off-by: Luca Bigliardi <shammash@google.com>Reviewed-by: Guido Trotter <ultrotter@google.com>
Fix a couple of pydoc syntax problems
Signed-off-by: Balazs Lecz <leczb@google.com>Reviewed-by: Michael Hanselmann <hansmi@google.com>
uidpool: test the separator= argument
Also, fix the string quoting style.
Signed-off-by: Guido Trotter <ultrotter@google.com>Reviewed-by: Balazs Lecz <leczb@google.com>
Makefile.am: sort lists, clean *.py[co] from all directories
*.py[co] were not removed from lib/confd. Removing *.py[co]from all directories listed in $DIRS can't hurt.
Signed-off-by: Michael Hanselmann <hansmi@google.com>Reviewed-by: Guido Trotter <ultrotter@google.com>
Readd node: allow changed primary IP
The primary IP is not used for DRBD disks, only for the job queue andinternal commands. As such, it's trivial (with a quiet job queue) tore-ip the node.
The patch just relaxes the checks in LUAddNode, and manual testing shows...
Update gnt-cluster manpage with uid-pool options
Signed-off-by: Balazs Lecz <leczb@google.com>Reviewed-by: Guido Trotter <ultrotter@google.com>
Add ExecuteWithUnusedUid() to uidpool.py
Manage the assignment of uids from the uid pool
Add basic unittests for uid_pool
Add uid_pool to ssconf
Add --uid-pool option to gnt-cluster init
Add printing of uid_pool to gnt-cluster info
Add --add-uids/--remove-uids to gnt-cluster modify
Add --uid-pool option to gnt-cluster modify
Add lib/uidpool.py module
Add uid_pool cluster parameter
Add user-id pool design doc
backend: Consolidate code opening real block device
Signed-off-by: Michael Hanselmann <hansmi@google.com>Reviewed-by: Iustin Pop <iustin@google.com>
utils: Add class to split string stream into lines
This will be used by the new import/export daemon to splitoutput by its child processes into lines.
Fix cluster behaviour with disabled file storage
There are a few issues with disabled file storage:- cluster initialization is broken by default, as it uses the 'no' setting which is not a valid path- some other parts of the code require the file storage dir to be a...
Update docstrings in tools/ and enable epydoc
This patch updates the docstrings in tools/ (mostly in lvmstrap, whichis very very old code-base) and then enabled the tools in this directoryfor 'make apidoc' too.
Forward-port the ganeti 2.0 cfgupgrade
2.1's cfgupgrade doesn't support upgrading from 1.2, only from 2.0.However, it's trivial to forward-port the 2.0 cfgupgrade to work with2.1, thus providing an upgrade path for 1.2 users directly to 2.1,without the intermediate step of installing 2.0....
Add a new tool: sanitize-config
This can be used for two purposes:
- safety copy of the config file, with just the secrets changed- cleanup of the config file (full randomization), so that (e.g.) users could send a broken config file to the devel-list...
Fix cfgupgrade with non-default DATA_DIR
Commit 43575108 added bootstrap.GenerateclusterCrypto and commit7506a7f1 changed cfgupgrade to use it. However, this lost thefunctionality of upgrading in non-default DATA_DIR.
To fix this, we enhance bootstrap.GenerateclusterCrypto to accept custom...
Improving the RAPI documentation
Mark cluster-merge as executable
Signed-off-by: Iustin Pop <iustin@google.com>Reviewed-by: René Nussbaumer <rn@google.com>
QA: Make the rapi credential handling less involving
Signed-off-by: René Nussbaumer <rn@google.com>Reviewed-by: Michael Hanselmann <hansmi@google.com>
Update import documentation for the recent changes
Add a identify-defaults options for import
When importing an instance, all the saved valued will be used asexplicitly specified values, overriding the cluster defaults. This meansexport+import will change the status (from default to explicitlyspecified) of parameters....
Fix create/import verification of hvparams
Currently the instance creation checks the cluster hv defaults + the newparameters for validity, ignoring the os-specific hvparams (this was anoversight during the implementation of the os hvp). This patch uses the...
objects.Cluster: add method to get hv defaults
Currently the FillHV method is the one that does the cluster hvparams +os hvparams merger. However, in some cases we need to do just this,without adding the instance hvparams on top.
This patch adds a function to compute just this (hv + os hvp...
Reuse NIC information from export
If the user doesn't pass any nics in import, do not use a defaultone-nic, but instead read the nics from the export file as is.
Fortunately the export and the way nics are read from the command lineare compatible…
Reuse backend parameters from export
Similar to the previous patches, if we're missing some parameters andthe export has them (either in the new style or old-style), we reusethem.
Reuse disk information from export
If the user doesn't pass the disk information on import, automaticallyreuse the number and size of disks. This loses the iv_name attribute,but that is only cosmetic and cannot be changed by the user.
Reuse hypervisor parameters in import
If available, we reuse the parameters from the export info.
Read disk template from export info
This patch changes the instance import to read the disk templateautomatically from the export info, if the opcode doesn't alreadyspecify a disk template.
To do this, we have a couple of additional changes:
- change from required parameter to optional one for disk_template...
CreateInstance: separate the reading of the export
We move the reading of the export to a separate function, to simplifyCheckPrepreq and also read it earlier. This will allow building themissing opcode parameters from the export information, instead of...
Move code from ExpandNames to CheckPrereq
This is needed since only in CheckPrereq we have the nodes locked, andfuture import enhancements will need to have access to the export infoduring the parameter build.
CreateInstance: Move some code to CheckArguments
ExpandNames holds too much non-locking code (first LU to be converted toExpandNames, and we didn't have CheckArguments at that poin), and thispatch moves the checks that are lock-independent to CheckArguments....
Export more instance parameters in instance export
Currently the backend parameters are not exported automatically, butonly a few directly in the '[instance]' section. Hypervisor type andhypervisor parameters are not exported at all.
This patch creates two separate sections for the be and hv parameters,...
Export the nicparams too during instance export
The patch tries to export all params (based on the dict defined inconstants), using None for missing keys.
Handle errors better for wrong nic_count in export
This fixes an old 'FIXME' entry.
QA: Make sure RAPI credentials are setup on cluster init
This patch makes sure that the Ganeti RAPI credentials are setup,if any, on cluster init time.
Fix new pylint errors
burnin.ExecOrQueue: remove variable argument list
In order to later add an optional parameter we transform the variableops argument list in an explicit list.
burnin.ExecOrQueue: add post-process function
If a post-process function is passed to ExecOrQueue it is executed ifand only if the job is successful. This happens immediately if we'reproceding iteratively, and at the end, when we collect all job results,...
burnin: only remove instances we actually added
Currently burnin, if proceding in parallel, will remove all instanceswhich were passed, even if they failed to add. This is bad because itwill also remove instances which existed before burnin started. By...
Rename the confd_client unittest (to confd.client)
This is to keep same naming across all tests (modules separate with dot,followed by _unittest.py).
Make watcher request the max coverage
Since the actions are potentially destructive, we should try to get aconsistent view of the cluster, so it's better to get the most coveragepossible.
ConfdClient.SendRequest: allow max coverage
This patch changes the coverage parameter to allow specification of maxcoverage (via -1), versus auto-computation (default, 0) and manualspecification.
Unittests are updated for this case too.
Document the watcher node maintenance feature
The patch changes significantly the watcher man page, as it was verysimplistic.
Watcher: automatic shutdown of orphan resources
This patch changes the watcher so that it maintains (on all nodes) thelist of instances and DRBD devices by shutting down ones that confddaemons indicate should not be running on this node.
Export the maintain_node_health option in ssconf
Add a new cluster parameter maintain_node_health
This will be used to conditionally enable the watcher node maintenancefeature.
Add a new confd callback (StoreResultCallback)
This new callback simply stores (without calling any lower-levelcallback) the last result; coupled with the filtering callback, thisensures that it has the 'best' response after all have been received.
The result can then be retrieved via the GetResponse method....
ConfdClient: add synchronous wait for replies mode
Currently, there is no way for a user of the confd client library toknow how many replies there should be, whether all have been received,etc. This is bad since we can't reliably detect the consistency of the...
ConfdClient: unify some internal variables
Currently the requests are tracked in _request and in _expire_requests.This is conventient, but it restricts the ability to extend the requesttracking, e.g. via packet stats and/or extension of expiration time....
Fix consistency checks in ConfdFilterCallback
Commit 49b3fda added consistency checks, but these are wrongly triggeredfor old responses - we need to make sure to check that we have the sameserial.
Fix utils.WaitForFdCondition inner retry loop
Commit dfdc4060 added WaitForFdCondition which uses utils.Retry withouthandling timeout exceptions. This breaks any nested retry loops.
This patch fixes the above function, and also changes utils.Retry todetect and warn future similar cases. In addition, we add a few small...
Fix bug introduced in 76e5f8b54: mkdir mode
After commit 76e5f8b54, mkdir_mode in utils.RenameFile isno longer passed to Makedirs. This is fixed by this patch.
utils: Move wrapper code around os.makedirs into separate function
Fix unittest for the rapi client library
Wrong escape, so we make sure to use proper escapes (we want thebackslashes to be embedded, not interpreted). Also change " to ' to beeasier to read.
Signed-off-by: Iustin Pop <iustin@google.com>Reviewed-by: Michael Hanselmann <hansmi@google.com>...
Adding RAPI client library.
Signed-off-by: David Knowles <dknowles@google.com>Reviewed-by: Iustin Pop <iustin@google.com>Signed-off-by: Iustin Pop <iustin@google.com>(modified slightly the unittest to account for missing httplib2 library)
Extend ConfdFilterCallback with consistency checks
Note that users of the callback will have to manually check theattribute.
Abstract the confd client creation
Most creation of confd clients will do the same steps: read MC file,parse it, read HMAC key, etc. We abstract this functionality so thatwe don't duplicate the code.
Remove unused import from test file
kvm_flag hypervisor parameter
Move the runas user at execution time
Everything still works the same way, but the user is calculated eachtime we start kvm, rather than stored in the config file. This makes iteasier to implement the "pool" security model.
Send "501 Not Implemented" back when method not found
Before this was "400 Bad Request" and thus it didn't reflectthe reality.
Adding QA RAPI tests for activate-disks and deactivate-disks calls
Signed-off-by: René Nussbaumer <rn@google.com>Reviewed-by: Guido Trotter <ultrotter@google.com>
SerializableConfigParser: Make Loads class indep
Currently SerializableConfigParser.Loads is a static method that returnsa SerializableConfigParser. With this patch we change it to a classmethod that returns a member of the class. This way a subclass calling...
Unbreak command line job submission
A change introduced in 5299e61f modified the contents ofJobExecutor.jobs, missing a place where this tuple was deconstructed.This creates a traceback in gnt-* <any> --submit, fixed by this patch.
Write grow support for file storage
Allow file storage to be grown
Watcher: do not warn for missing hooks dir
If the hooks dir does not exist, do not warn needlessly. This is similarto commit a9b7e346 (for backend.py).
Watcher: fix some doc typos