Revision ec17d09c
b/daemons/ganeti-noded | ||
---|---|---|
694 | 694 |
|
695 | 695 |
try: |
696 | 696 |
port = utils.GetNodeDaemonPort() |
697 |
pwdata = utils.GetNodeDaemonPassword() |
|
698 | 697 |
except errors.ConfigurationError, err: |
699 | 698 |
print "Cluster configuration incomplete: '%s'" % str(err) |
700 | 699 |
sys.exit(5) |
b/doc/examples/ganeti.initd.in | ||
---|---|---|
36 | 36 |
|
37 | 37 |
check_config() { |
38 | 38 |
for fname in \ |
39 |
"@LOCALSTATEDIR@/lib/ganeti/ssconf_node_pass" \ |
|
40 | 39 |
"@LOCALSTATEDIR@/lib/ganeti/server.pem" |
41 | 40 |
do |
42 | 41 |
if ! [ -f "$fname" ]; then |
b/lib/bootstrap.py | ||
---|---|---|
77 | 77 |
the cluster and also generates the SSL certificate. |
78 | 78 |
|
79 | 79 |
""" |
80 |
# Create pseudo random password |
|
81 |
randpass = utils.GenerateSecret() |
|
82 |
|
|
83 |
# and write it into the config file |
|
84 |
utils.WriteFile(constants.CLUSTER_PASSWORD_FILE, |
|
85 |
data="%s\n" % randpass, mode=0400) |
|
86 |
|
|
87 | 80 |
result = utils.RunCmd(["openssl", "req", "-new", "-newkey", "rsa:1024", |
88 | 81 |
"-days", str(365*5), "-nodes", "-x509", |
89 | 82 |
"-keyout", constants.SSL_CERT_FILE, |
... | ... | |
291 | 284 |
""" |
292 | 285 |
cfg = ssconf.SimpleConfigReader() |
293 | 286 |
sshrunner = ssh.SshRunner(cfg.GetClusterName()) |
294 |
gntpass = utils.GetNodeDaemonPassword() |
|
295 |
if not re.match('^[a-zA-Z0-9.]{1,64}$', gntpass): |
|
296 |
raise errors.OpExecError("ganeti password corruption detected") |
|
297 | 287 |
gntpem = utils.ReadFile(constants.SSL_CERT_FILE) |
298 | 288 |
# in the base64 pem encoding, neither '!' nor '.' are valid chars, |
299 | 289 |
# so we use this to detect an invalid certificate; as long as the |
... | ... | |
309 | 299 |
# note that all the below variables are sanitized at this point, |
310 | 300 |
# either by being constants or by the checks above |
311 | 301 |
mycommand = ("umask 077 && " |
312 |
"echo '%s' > '%s' && " |
|
313 | 302 |
"cat > '%s' << '!EOF.' && \n" |
314 | 303 |
"%s!EOF.\n%s restart" % |
315 |
(gntpass, constants.CLUSTER_PASSWORD_FILE, |
|
316 |
constants.SSL_CERT_FILE, gntpem, |
|
304 |
(constants.SSL_CERT_FILE, gntpem, |
|
317 | 305 |
constants.NODE_INITD_SCRIPT)) |
318 | 306 |
|
319 | 307 |
result = sshrunner.Run(node, 'root', mycommand, batch=False, |
b/lib/constants.py | ||
---|---|---|
93 | 93 |
SSL_CERT_FILE = DATA_DIR + "/server.pem" |
94 | 94 |
WATCHER_STATEFILE = DATA_DIR + "/watcher.data" |
95 | 95 |
SSH_KNOWN_HOSTS_FILE = DATA_DIR + "/known_hosts" |
96 |
CLUSTER_PASSWORD_FILE = DATA_DIR + "/ssconf_node_pass" |
|
97 | 96 |
QUEUE_DIR = DATA_DIR + "/queue" |
98 | 97 |
ETC_HOSTS = "/etc/hosts" |
99 | 98 |
DEFAULT_FILE_STORAGE_DIR = _autoconf.FILE_STORAGE_DIR |
b/lib/rpc.py | ||
---|---|---|
89 | 89 |
self.body = serializer.DumpJson(args, indent=False) |
90 | 90 |
|
91 | 91 |
self.port = utils.GetNodeDaemonPort() |
92 |
self.nodepw = utils.GetNodeDaemonPassword() |
|
93 | 92 |
self.nc = {} |
94 | 93 |
|
95 | 94 |
def ConnectList(self, node_list, address_list=None): |
b/lib/utils.py | ||
---|---|---|
1522 | 1522 |
return port |
1523 | 1523 |
|
1524 | 1524 |
|
1525 |
def GetNodeDaemonPassword(): |
|
1526 |
"""Get the node password for the cluster. |
|
1527 |
|
|
1528 |
@rtype: str |
|
1529 |
|
|
1530 |
""" |
|
1531 |
return ReadFile(constants.CLUSTER_PASSWORD_FILE) |
|
1532 |
|
|
1533 |
|
|
1534 | 1525 |
def SetupLogging(logfile, debug=False, stderr_logging=False, program=""): |
1535 | 1526 |
"""Configures the logging module. |
1536 | 1527 |
|
Also available in: Unified diff