Synnefo » snf-ganeti » ganeti-local

#

#

# Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Google Inc.

#

# This program is free software; you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation; either version 2 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful, but

# WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

# General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program; if not, write to the Free Software

# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA

# 02110-1301, USA.

"""Module implementing the master-side code."""

# pylint: disable=W0201,C0302

# W0201 since most LU attributes are defined in CheckPrereq or similar

# functions

# C0302: since we have waaaay to many lines in this module

import os

import os.path

import time

import re

import platform

import logging

import copy

import OpenSSL

import socket

import tempfile

import shutil

import itertools

import operator

from ganeti import ssh

from ganeti import utils

from ganeti import errors

from ganeti import hypervisor

from ganeti import locking

from ganeti import constants

from ganeti import objects

from ganeti import serializer

from ganeti import ssconf

from ganeti import uidpool

from ganeti import compat

from ganeti import masterd

from ganeti import netutils

from ganeti import query

from ganeti import qlang

from ganeti import opcodes

from ganeti import ht

import ganeti.masterd.instance # pylint: disable=W0611

class ResultWithJobs:

  """Data container for LU results with jobs.

  Instances of this class returned from L{LogicalUnit.Exec} will be recognized

  by L{mcpu.Processor._ProcessResult}. The latter will then submit the jobs

  contained in the C{jobs} attribute and include the job IDs in the opcode

  result.

  """

  def __init__(self, jobs, **kwargs):

    """Initializes this class.

    Additional return values can be specified as keyword arguments.

    @type jobs: list of lists of L{opcode.OpCode}

    @param jobs: A list of lists of opcode objects

    """

    self.jobs = jobs

    self.other = kwargs

class LogicalUnit(object):

  """Logical Unit base class.

  Subclasses must follow these rules:

    - implement ExpandNames

    - implement CheckPrereq (except when tasklets are used)

    - implement Exec (except when tasklets are used)

    - implement BuildHooksEnv

    - implement BuildHooksNodes

    - redefine HPATH and HTYPE

    - optionally redefine their run requirements:

        REQ_BGL: the LU needs to hold the Big Ganeti Lock exclusively

  Note that all commands require root permissions.

  @ivar dry_run_result: the value (if any) that will be returned to the caller

      in dry-run mode (signalled by opcode dry_run parameter)

  """

  HPATH = None

  HTYPE = None

  REQ_BGL = True

  def __init__(self, processor, op, context, rpc):

    """Constructor for LogicalUnit.

    This needs to be overridden in derived classes in order to check op

    validity.

    """

    self.proc = processor

    self.op = op

    self.cfg = context.cfg

    self.glm = context.glm

    # readability alias

    self.owned_locks = context.glm.list_owned

    self.context = context

    self.rpc = rpc

    # Dicts used to declare locking needs to mcpu

    self.needed_locks = None

    self.share_locks = dict.fromkeys(locking.LEVELS, 0)

    self.add_locks = {}

    self.remove_locks = {}

    # Used to force good behavior when calling helper functions

    self.recalculate_locks = {}

    # logging

    self.Log = processor.Log # pylint: disable=C0103

    self.LogWarning = processor.LogWarning # pylint: disable=C0103

    self.LogInfo = processor.LogInfo # pylint: disable=C0103

    self.LogStep = processor.LogStep # pylint: disable=C0103

    # support for dry-run

    self.dry_run_result = None

    # support for generic debug attribute

    if (not hasattr(self.op, "debug_level") or

        not isinstance(self.op.debug_level, int)):

      self.op.debug_level = 0

    # Tasklets

    self.tasklets = None

    # Validate opcode parameters and set defaults

    self.op.Validate(True)

    self.CheckArguments()

  def CheckArguments(self):

    """Check syntactic validity for the opcode arguments.

    This method is for doing a simple syntactic check and ensure

    validity of opcode parameters, without any cluster-related

    checks. While the same can be accomplished in ExpandNames and/or

    CheckPrereq, doing these separate is better because:

      - ExpandNames is left as as purely a lock-related function

      - CheckPrereq is run after we have acquired locks (and possible

        waited for them)

    The function is allowed to change the self.op attribute so that

    later methods can no longer worry about missing parameters.

    """

    pass

  def ExpandNames(self):

    """Expand names for this LU.

    This method is called before starting to execute the opcode, and it should

    update all the parameters of the opcode to their canonical form (e.g. a

    short node name must be fully expanded after this method has successfully

    completed). This way locking, hooks, logging, etc. can work correctly.

    LUs which implement this method must also populate the self.needed_locks

    member, as a dict with lock levels as keys, and a list of needed lock names

    as values. Rules:

      - use an empty dict if you don't need any lock

      - if you don't need any lock at a particular level omit that level

      - don't put anything for the BGL level

      - if you want all locks at a level use locking.ALL_SET as a value

    If you need to share locks (rather than acquire them exclusively) at one

    level you can modify self.share_locks, setting a true value (usually 1) for

    that level. By default locks are not shared.

    This function can also define a list of tasklets, which then will be

    executed in order instead of the usual LU-level CheckPrereq and Exec

    functions, if those are not defined by the LU.

    Examples::

      # Acquire all nodes and one instance

      self.needed_locks = {

        locking.LEVEL_NODE: locking.ALL_SET,

        locking.LEVEL_INSTANCE: ['instance1.example.com'],

      }

      # Acquire just two nodes

      self.needed_locks = {

        locking.LEVEL_NODE: ['node1.example.com', 'node2.example.com'],

      }

      # Acquire no locks

      self.needed_locks = {} # No, you can't leave it to the default value None

    """

    # The implementation of this method is mandatory only if the new LU is

    # concurrent, so that old LUs don't need to be changed all at the same

    # time.

    if self.REQ_BGL:

      self.needed_locks = {} # Exclusive LUs don't need locks.

    else:

      raise NotImplementedError

  def DeclareLocks(self, level):

    """Declare LU locking needs for a level

    While most LUs can just declare their locking needs at ExpandNames time,

    sometimes there's the need to calculate some locks after having acquired

    the ones before. This function is called just before acquiring locks at a

    particular level, but after acquiring the ones at lower levels, and permits

    such calculations. It can be used to modify self.needed_locks, and by

    default it does nothing.

    This function is only called if you have something already set in

    self.needed_locks for the level.

    @param level: Locking level which is going to be locked

    @type level: member of ganeti.locking.LEVELS

    """

  def CheckPrereq(self):

    """Check prerequisites for this LU.

    This method should check that the prerequisites for the execution

    of this LU are fulfilled. It can do internode communication, but

    it should be idempotent - no cluster or system changes are

    allowed.

    The method should raise errors.OpPrereqError in case something is

    not fulfilled. Its return value is ignored.

    This method should also update all the parameters of the opcode to

    their canonical form if it hasn't been done by ExpandNames before.

    """

    if self.tasklets is not None:

      for (idx, tl) in enumerate(self.tasklets):

        logging.debug("Checking prerequisites for tasklet %s/%s",

                      idx + 1, len(self.tasklets))

        tl.CheckPrereq()

    else:

      pass

  def Exec(self, feedback_fn):

    """Execute the LU.

    This method should implement the actual work. It should raise

    errors.OpExecError for failures that are somewhat dealt with in

    code, or expected.

    """

    if self.tasklets is not None:

      for (idx, tl) in enumerate(self.tasklets):

        logging.debug("Executing tasklet %s/%s", idx + 1, len(self.tasklets))

        tl.Exec(feedback_fn)

    else:

      raise NotImplementedError

  def BuildHooksEnv(self):

    """Build hooks environment for this LU.

    @rtype: dict

    @return: Dictionary containing the environment that will be used for

      running the hooks for this LU. The keys of the dict must not be prefixed

      with "GANETI_"--that'll be added by the hooks runner. The hooks runner

      will extend the environment with additional variables. If no environment

      should be defined, an empty dictionary should be returned (not C{None}).

    @note: If the C{HPATH} attribute of the LU class is C{None}, this function

      will not be called.

    """

    raise NotImplementedError

  def BuildHooksNodes(self):

    """Build list of nodes to run LU's hooks.

    @rtype: tuple; (list, list)

    @return: Tuple containing a list of node names on which the hook

      should run before the execution and a list of node names on which the

      hook should run after the execution. No nodes should be returned as an

      empty list (and not None).

    @note: If the C{HPATH} attribute of the LU class is C{None}, this function

      will not be called.

    """

    raise NotImplementedError

  def HooksCallBack(self, phase, hook_results, feedback_fn, lu_result):

    """Notify the LU about the results of its hooks.

    This method is called every time a hooks phase is executed, and notifies

    the Logical Unit about the hooks' result. The LU can then use it to alter

    its result based on the hooks.  By default the method does nothing and the

    previous result is passed back unchanged but any LU can define it if it

    wants to use the local cluster hook-scripts somehow.

    @param phase: one of L{constants.HOOKS_PHASE_POST} or

        L{constants.HOOKS_PHASE_PRE}; it denotes the hooks phase

    @param hook_results: the results of the multi-node hooks rpc call

    @param feedback_fn: function used send feedback back to the caller

    @param lu_result: the previous Exec result this LU had, or None

        in the PRE phase

    @return: the new Exec result, based on the previous result

        and hook results

    """

    # API must be kept, thus we ignore the unused argument and could

    # be a function warnings

    # pylint: disable=W0613,R0201

    return lu_result

  def _ExpandAndLockInstance(self):

    """Helper function to expand and lock an instance.

    Many LUs that work on an instance take its name in self.op.instance_name

    and need to expand it and then declare the expanded name for locking. This

    function does it, and then updates self.op.instance_name to the expanded

    name. It also initializes needed_locks as a dict, if this hasn't been done

    before.

    """

    if self.needed_locks is None:

      self.needed_locks = {}

    else:

      assert locking.LEVEL_INSTANCE not in self.needed_locks, \

        "_ExpandAndLockInstance called with instance-level locks set"

    self.op.instance_name = _ExpandInstanceName(self.cfg,

                                                self.op.instance_name)

    self.needed_locks[locking.LEVEL_INSTANCE] = self.op.instance_name

  def _LockInstancesNodes(self, primary_only=False):

    """Helper function to declare instances' nodes for locking.

    This function should be called after locking one or more instances to lock

    their nodes. Its effect is populating self.needed_locks[locking.LEVEL_NODE]

    with all primary or secondary nodes for instances already locked and

    present in self.needed_locks[locking.LEVEL_INSTANCE].

    It should be called from DeclareLocks, and for safety only works if

    self.recalculate_locks[locking.LEVEL_NODE] is set.

    In the future it may grow parameters to just lock some instance's nodes, or

    to just lock primaries or secondary nodes, if needed.

    If should be called in DeclareLocks in a way similar to::

      if level == locking.LEVEL_NODE:

        self._LockInstancesNodes()

    @type primary_only: boolean

    @param primary_only: only lock primary nodes of locked instances

    """

    assert locking.LEVEL_NODE in self.recalculate_locks, \

      "_LockInstancesNodes helper function called with no nodes to recalculate"

    # TODO: check if we're really been called with the instance locks held

    # For now we'll replace self.needed_locks[locking.LEVEL_NODE], but in the

    # future we might want to have different behaviors depending on the value

    # of self.recalculate_locks[locking.LEVEL_NODE]

    wanted_nodes = []

    locked_i = self.owned_locks(locking.LEVEL_INSTANCE)

    for _, instance in self.cfg.GetMultiInstanceInfo(locked_i):

      wanted_nodes.append(instance.primary_node)

      if not primary_only:

        wanted_nodes.extend(instance.secondary_nodes)

    if self.recalculate_locks[locking.LEVEL_NODE] == constants.LOCKS_REPLACE:

      self.needed_locks[locking.LEVEL_NODE] = wanted_nodes

    elif self.recalculate_locks[locking.LEVEL_NODE] == constants.LOCKS_APPEND:

      self.needed_locks[locking.LEVEL_NODE].extend(wanted_nodes)

    del self.recalculate_locks[locking.LEVEL_NODE]

class NoHooksLU(LogicalUnit): # pylint: disable=W0223

  """Simple LU which runs no hooks.

  This LU is intended as a parent for other LogicalUnits which will

  run no hooks, in order to reduce duplicate code.

  """

  HPATH = None

  HTYPE = None

  def BuildHooksEnv(self):

    """Empty BuildHooksEnv for NoHooksLu.

    This just raises an error.

    """

    raise AssertionError("BuildHooksEnv called for NoHooksLUs")

  def BuildHooksNodes(self):

    """Empty BuildHooksNodes for NoHooksLU.

    """

    raise AssertionError("BuildHooksNodes called for NoHooksLU")

class Tasklet:

  """Tasklet base class.

  Tasklets are subcomponents for LUs. LUs can consist entirely of tasklets or

  they can mix legacy code with tasklets. Locking needs to be done in the LU,

  tasklets know nothing about locks.

  Subclasses must follow these rules:

    - Implement CheckPrereq

    - Implement Exec

  """

  def __init__(self, lu):

    self.lu = lu

    # Shortcuts

    self.cfg = lu.cfg

    self.rpc = lu.rpc

  def CheckPrereq(self):

    """Check prerequisites for this tasklets.

    This method should check whether the prerequisites for the execution of

    this tasklet are fulfilled. It can do internode communication, but it

    should be idempotent - no cluster or system changes are allowed.

    The method should raise errors.OpPrereqError in case something is not

    fulfilled. Its return value is ignored.

    This method should also update all parameters to their canonical form if it

    hasn't been done before.

    """

    pass

  def Exec(self, feedback_fn):

    """Execute the tasklet.

    This method should implement the actual work. It should raise

    errors.OpExecError for failures that are somewhat dealt with in code, or

    expected.

    """

    raise NotImplementedError

class _QueryBase:

  """Base for query utility classes.

  """

  #: Attribute holding field definitions

  FIELDS = None

  def __init__(self, filter_, fields, use_locking):

    """Initializes this class.

    """

    self.use_locking = use_locking

    self.query = query.Query(self.FIELDS, fields, filter_=filter_,

                             namefield="name")

    self.requested_data = self.query.RequestedData()

    self.names = self.query.RequestedNames()

    # Sort only if no names were requested

    self.sort_by_name = not self.names

    self.do_locking = None

    self.wanted = None

  def _GetNames(self, lu, all_names, lock_level):

    """Helper function to determine names asked for in the query.

    """

    if self.do_locking:

      names = lu.owned_locks(lock_level)

    else:

      names = all_names

    if self.wanted == locking.ALL_SET:

      assert not self.names

      # caller didn't specify names, so ordering is not important

      return utils.NiceSort(names)

    # caller specified names and we must keep the same order

    assert self.names

    assert not self.do_locking or lu.glm.is_owned(lock_level)

    missing = set(self.wanted).difference(names)

    if missing:

      raise errors.OpExecError("Some items were removed before retrieving"

                               " their data: %s" % missing)

    # Return expanded names

    return self.wanted

  def ExpandNames(self, lu):

    """Expand names for this query.

    See L{LogicalUnit.ExpandNames}.

    """

    raise NotImplementedError()

  def DeclareLocks(self, lu, level):

    """Declare locks for this query.

    See L{LogicalUnit.DeclareLocks}.

    """

    raise NotImplementedError()

  def _GetQueryData(self, lu):

    """Collects all data for this query.

    @return: Query data object

    """

    raise NotImplementedError()

  def NewStyleQuery(self, lu):

    """Collect data and execute query.

    """

    return query.GetQueryResponse(self.query, self._GetQueryData(lu),

                                  sort_by_name=self.sort_by_name)

  def OldStyleQuery(self, lu):

    """Collect data and execute query.

    """

    return self.query.OldStyleQuery(self._GetQueryData(lu),

                                    sort_by_name=self.sort_by_name)

def _ShareAll():

  """Returns a dict declaring all lock levels shared.

  """

  return dict.fromkeys(locking.LEVELS, 1)

def _CheckInstanceNodeGroups(cfg, instance_name, owned_groups):

  """Checks if the owned node groups are still correct for an instance.

  @type cfg: L{config.ConfigWriter}

  @param cfg: The cluster configuration

  @type instance_name: string

  @param instance_name: Instance name

  @type owned_groups: set or frozenset

  @param owned_groups: List of currently owned node groups

  """

  inst_groups = cfg.GetInstanceNodeGroups(instance_name)

  if not owned_groups.issuperset(inst_groups):

    raise errors.OpPrereqError("Instance %s's node groups changed since"

                               " locks were acquired, current groups are"

                               " are '%s', owning groups '%s'; retry the"

                               " operation" %

                               (instance_name,

                                utils.CommaJoin(inst_groups),

                                utils.CommaJoin(owned_groups)),

                               errors.ECODE_STATE)

  return inst_groups

def _CheckNodeGroupInstances(cfg, group_uuid, owned_instances):

  """Checks if the instances in a node group are still correct.

  @type cfg: L{config.ConfigWriter}

  @param cfg: The cluster configuration

  @type group_uuid: string

  @param group_uuid: Node group UUID

  @type owned_instances: set or frozenset

  @param owned_instances: List of currently owned instances

  """

  wanted_instances = cfg.GetNodeGroupInstances(group_uuid)

  if owned_instances != wanted_instances:

    raise errors.OpPrereqError("Instances in node group '%s' changed since"

                               " locks were acquired, wanted '%s', have '%s';"

                               " retry the operation" %

                               (group_uuid,

                                utils.CommaJoin(wanted_instances),

                                utils.CommaJoin(owned_instances)),

                               errors.ECODE_STATE)

  return wanted_instances

def _SupportsOob(cfg, node):

  """Tells if node supports OOB.

  @type cfg: L{config.ConfigWriter}

  @param cfg: The cluster configuration

  @type node: L{objects.Node}

  @param node: The node

  @return: The OOB script if supported or an empty string otherwise

  """

  return cfg.GetNdParams(node)[constants.ND_OOB_PROGRAM]

def _GetWantedNodes(lu, nodes):

  """Returns list of checked and expanded node names.

  @type lu: L{LogicalUnit}

  @param lu: the logical unit on whose behalf we execute

  @type nodes: list

  @param nodes: list of node names or None for all nodes

  @rtype: list

  @return: the list of nodes, sorted

  @raise errors.ProgrammerError: if the nodes parameter is wrong type

  """

  if nodes:

    return [_ExpandNodeName(lu.cfg, name) for name in nodes]

  return utils.NiceSort(lu.cfg.GetNodeList())

def _GetWantedInstances(lu, instances):

  """Returns list of checked and expanded instance names.

  @type lu: L{LogicalUnit}

  @param lu: the logical unit on whose behalf we execute

  @type instances: list

  @param instances: list of instance names or None for all instances

  @rtype: list

  @return: the list of instances, sorted

  @raise errors.OpPrereqError: if the instances parameter is wrong type

  @raise errors.OpPrereqError: if any of the passed instances is not found

  """

  if instances:

    wanted = [_ExpandInstanceName(lu.cfg, name) for name in instances]

  else:

    wanted = utils.NiceSort(lu.cfg.GetInstanceList())

  return wanted

def _GetUpdatedParams(old_params, update_dict,

                      use_default=True, use_none=False):

  """Return the new version of a parameter dictionary.

  @type old_params: dict

  @param old_params: old parameters

  @type update_dict: dict

  @param update_dict: dict containing new parameter values, or

      constants.VALUE_DEFAULT to reset the parameter to its default

      value

  @param use_default: boolean

  @type use_default: whether to recognise L{constants.VALUE_DEFAULT}

      values as 'to be deleted' values

  @param use_none: boolean

  @type use_none: whether to recognise C{None} values as 'to be

      deleted' values

  @rtype: dict

  @return: the new parameter dictionary

  """

  params_copy = copy.deepcopy(old_params)

  for key, val in update_dict.iteritems():

    if ((use_default and val == constants.VALUE_DEFAULT) or

        (use_none and val is None)):

      try:

        del params_copy[key]

      except KeyError:

        pass

    else:

      params_copy[key] = val

  return params_copy

def _ReleaseLocks(lu, level, names=None, keep=None):

  """Releases locks owned by an LU.

  @type lu: L{LogicalUnit}

  @param level: Lock level

  @type names: list or None

  @param names: Names of locks to release

  @type keep: list or None

  @param keep: Names of locks to retain

  """

  assert not (keep is not None and names is not None), \

         "Only one of the 'names' and the 'keep' parameters can be given"

  if names is not None:

    should_release = names.__contains__

  elif keep:

    should_release = lambda name: name not in keep

  else:

    should_release = None

  if should_release:

    retain = []

    release = []

    # Determine which locks to release

    for name in lu.owned_locks(level):

      if should_release(name):

        release.append(name)

      else:

        retain.append(name)

    assert len(lu.owned_locks(level)) == (len(retain) + len(release))

    # Release just some locks

    lu.glm.release(level, names=release)

    assert frozenset(lu.owned_locks(level)) == frozenset(retain)

  else:

    # Release everything

    lu.glm.release(level)

    assert not lu.glm.is_owned(level), "No locks should be owned"

def _MapInstanceDisksToNodes(instances):

  """Creates a map from (node, volume) to instance name.

  @type instances: list of L{objects.Instance}

  @rtype: dict; tuple of (node name, volume name) as key, instance name as value

  """

  return dict(((node, vol), inst.name)

              for inst in instances

              for (node, vols) in inst.MapLVsByNode().items()

              for vol in vols)

def _RunPostHook(lu, node_name):

  """Runs the post-hook for an opcode on a single node.

  """

  hm = lu.proc.hmclass(lu.rpc.call_hooks_runner, lu)

  try:

    hm.RunPhase(constants.HOOKS_PHASE_POST, nodes=[node_name])

  except:

    # pylint: disable=W0702

    lu.LogWarning("Errors occurred running hooks on %s" % node_name)

def _CheckOutputFields(static, dynamic, selected):

  """Checks whether all selected fields are valid.

  @type static: L{utils.FieldSet}

  @param static: static fields set

  @type dynamic: L{utils.FieldSet}

  @param dynamic: dynamic fields set

  """

  f = utils.FieldSet()

  f.Extend(static)

  f.Extend(dynamic)

  delta = f.NonMatching(selected)

  if delta:

    raise errors.OpPrereqError("Unknown output fields selected: %s"

                               % ",".join(delta), errors.ECODE_INVAL)

def _CheckGlobalHvParams(params):

  """Validates that given hypervisor params are not global ones.

  This will ensure that instances don't get customised versions of

  global params.

  """

  used_globals = constants.HVC_GLOBALS.intersection(params)

  if used_globals:

    msg = ("The following hypervisor parameters are global and cannot"

           " be customized at instance level, please modify them at"

           " cluster level: %s" % utils.CommaJoin(used_globals))

    raise errors.OpPrereqError(msg, errors.ECODE_INVAL)

def _CheckNodeOnline(lu, node, msg=None):

  """Ensure that a given node is online.

  @param lu: the LU on behalf of which we make the check

  @param node: the node to check

  @param msg: if passed, should be a message to replace the default one

  @raise errors.OpPrereqError: if the node is offline

  """

  if msg is None:

    msg = "Can't use offline node"

  if lu.cfg.GetNodeInfo(node).offline:

    raise errors.OpPrereqError("%s: %s" % (msg, node), errors.ECODE_STATE)

def _CheckNodeNotDrained(lu, node):

  """Ensure that a given node is not drained.

  @param lu: the LU on behalf of which we make the check

  @param node: the node to check

  @raise errors.OpPrereqError: if the node is drained

  """

  if lu.cfg.GetNodeInfo(node).drained:

    raise errors.OpPrereqError("Can't use drained node %s" % node,

                               errors.ECODE_STATE)

def _CheckNodeVmCapable(lu, node):

  """Ensure that a given node is vm capable.

  @param lu: the LU on behalf of which we make the check

  @param node: the node to check

  @raise errors.OpPrereqError: if the node is not vm capable

  """

  if not lu.cfg.GetNodeInfo(node).vm_capable:

    raise errors.OpPrereqError("Can't use non-vm_capable node %s" % node,

                               errors.ECODE_STATE)

def _CheckNodeHasOS(lu, node, os_name, force_variant):

  """Ensure that a node supports a given OS.

  @param lu: the LU on behalf of which we make the check

  @param node: the node to check

  @param os_name: the OS to query about

  @param force_variant: whether to ignore variant errors

  @raise errors.OpPrereqError: if the node is not supporting the OS

  """

  result = lu.rpc.call_os_get(node, os_name)

  result.Raise("OS '%s' not in supported OS list for node %s" %

               (os_name, node),

               prereq=True, ecode=errors.ECODE_INVAL)

  if not force_variant:

    _CheckOSVariant(result.payload, os_name)

def _CheckNodeHasSecondaryIP(lu, node, secondary_ip, prereq):

  """Ensure that a node has the given secondary ip.

  @type lu: L{LogicalUnit}

  @param lu: the LU on behalf of which we make the check

  @type node: string

  @param node: the node to check

  @type secondary_ip: string

  @param secondary_ip: the ip to check

  @type prereq: boolean

  @param prereq: whether to throw a prerequisite or an execute error

  @raise errors.OpPrereqError: if the node doesn't have the ip, and prereq=True

  @raise errors.OpExecError: if the node doesn't have the ip, and prereq=False

  """

  result = lu.rpc.call_node_has_ip_address(node, secondary_ip)

  result.Raise("Failure checking secondary ip on node %s" % node,

               prereq=prereq, ecode=errors.ECODE_ENVIRON)

  if not result.payload:

    msg = ("Node claims it doesn't have the secondary ip you gave (%s),"

           " please fix and re-run this command" % secondary_ip)

    if prereq:

      raise errors.OpPrereqError(msg, errors.ECODE_ENVIRON)

    else:

      raise errors.OpExecError(msg)

def _GetClusterDomainSecret():

  """Reads the cluster domain secret.

  """

  return utils.ReadOneLineFile(constants.CLUSTER_DOMAIN_SECRET_FILE,

                               strict=True)

def _CheckInstanceDown(lu, instance, reason):

  """Ensure that an instance is not running."""

  if instance.admin_up:

    raise errors.OpPrereqError("Instance %s is marked to be up, %s" %

                               (instance.name, reason), errors.ECODE_STATE)

  pnode = instance.primary_node

  ins_l = lu.rpc.call_instance_list([pnode], [instance.hypervisor])[pnode]

  ins_l.Raise("Can't contact node %s for instance information" % pnode,

              prereq=True, ecode=errors.ECODE_ENVIRON)

  if instance.name in ins_l.payload:

    raise errors.OpPrereqError("Instance %s is running, %s" %

                               (instance.name, reason), errors.ECODE_STATE)

def _ExpandItemName(fn, name, kind):

  """Expand an item name.

  @param fn: the function to use for expansion

  @param name: requested item name

  @param kind: text description ('Node' or 'Instance')

  @return: the resolved (full) name

  @raise errors.OpPrereqError: if the item is not found

  """

  full_name = fn(name)

  if full_name is None:

    raise errors.OpPrereqError("%s '%s' not known" % (kind, name),

                               errors.ECODE_NOENT)

  return full_name

def _ExpandNodeName(cfg, name):

  """Wrapper over L{_ExpandItemName} for nodes."""

  return _ExpandItemName(cfg.ExpandNodeName, name, "Node")

def _ExpandInstanceName(cfg, name):

  """Wrapper over L{_ExpandItemName} for instance."""

  return _ExpandItemName(cfg.ExpandInstanceName, name, "Instance")

def _BuildInstanceHookEnv(name, primary_node, secondary_nodes, os_type, status,

                          memory, vcpus, nics, disk_template, disks,

                          bep, hvp, hypervisor_name, tags):

  """Builds instance related env variables for hooks

  This builds the hook environment from individual variables.

  @type name: string

  @param name: the name of the instance

  @type primary_node: string

  @param primary_node: the name of the instance's primary node

  @type secondary_nodes: list

  @param secondary_nodes: list of secondary nodes as strings

  @type os_type: string

  @param os_type: the name of the instance's OS

  @type status: boolean

  @param status: the should_run status of the instance

  @type memory: string

  @param memory: the memory size of the instance

  @type vcpus: string

  @param vcpus: the count of VCPUs the instance has

  @type nics: list

  @param nics: list of tuples (ip, mac, mode, link) representing

      the NICs the instance has

  @type disk_template: string

  @param disk_template: the disk template of the instance

  @type disks: list

  @param disks: the list of (size, mode) pairs

  @type bep: dict

  @param bep: the backend parameters for the instance

  @type hvp: dict

  @param hvp: the hypervisor parameters for the instance

  @type hypervisor_name: string

  @param hypervisor_name: the hypervisor for the instance

  @type tags: list

  @param tags: list of instance tags as strings

  @rtype: dict

  @return: the hook environment for this instance

  """

  if status:

    str_status = "up"

  else:

    str_status = "down"

  env = {

    "OP_TARGET": name,

    "INSTANCE_NAME": name,

    "INSTANCE_PRIMARY": primary_node,

    "INSTANCE_SECONDARIES": " ".join(secondary_nodes),

    "INSTANCE_OS_TYPE": os_type,

    "INSTANCE_STATUS": str_status,

    "INSTANCE_MEMORY": memory,

    "INSTANCE_VCPUS": vcpus,

    "INSTANCE_DISK_TEMPLATE": disk_template,

    "INSTANCE_HYPERVISOR": hypervisor_name,

  }

  if nics:

    nic_count = len(nics)

    for idx, (ip, mac, mode, link) in enumerate(nics):

      if ip is None:

        ip = ""

      env["INSTANCE_NIC%d_IP" % idx] = ip

      env["INSTANCE_NIC%d_MAC" % idx] = mac

      env["INSTANCE_NIC%d_MODE" % idx] = mode

      env["INSTANCE_NIC%d_LINK" % idx] = link

      if mode == constants.NIC_MODE_BRIDGED:

        env["INSTANCE_NIC%d_BRIDGE" % idx] = link

  else:

    nic_count = 0

  env["INSTANCE_NIC_COUNT"] = nic_count

  if disks:

    disk_count = len(disks)

    for idx, (size, mode) in enumerate(disks):

      env["INSTANCE_DISK%d_SIZE" % idx] = size

      env["INSTANCE_DISK%d_MODE" % idx] = mode

  else:

    disk_count = 0

  env["INSTANCE_DISK_COUNT"] = disk_count

  if not tags:

    tags = []