Revision ec17d09c
| b/daemons/ganeti-noded | ||
|---|---|---|
| 694 | 694 |
|
| 695 | 695 |
try: |
| 696 | 696 |
port = utils.GetNodeDaemonPort() |
| 697 |
pwdata = utils.GetNodeDaemonPassword() |
|
| 698 | 697 |
except errors.ConfigurationError, err: |
| 699 | 698 |
print "Cluster configuration incomplete: '%s'" % str(err) |
| 700 | 699 |
sys.exit(5) |
| b/doc/examples/ganeti.initd.in | ||
|---|---|---|
| 36 | 36 |
|
| 37 | 37 |
check_config() {
|
| 38 | 38 |
for fname in \ |
| 39 |
"@LOCALSTATEDIR@/lib/ganeti/ssconf_node_pass" \ |
|
| 40 | 39 |
"@LOCALSTATEDIR@/lib/ganeti/server.pem" |
| 41 | 40 |
do |
| 42 | 41 |
if ! [ -f "$fname" ]; then |
| b/lib/bootstrap.py | ||
|---|---|---|
| 77 | 77 |
the cluster and also generates the SSL certificate. |
| 78 | 78 |
|
| 79 | 79 |
""" |
| 80 |
# Create pseudo random password |
|
| 81 |
randpass = utils.GenerateSecret() |
|
| 82 |
|
|
| 83 |
# and write it into the config file |
|
| 84 |
utils.WriteFile(constants.CLUSTER_PASSWORD_FILE, |
|
| 85 |
data="%s\n" % randpass, mode=0400) |
|
| 86 |
|
|
| 87 | 80 |
result = utils.RunCmd(["openssl", "req", "-new", "-newkey", "rsa:1024", |
| 88 | 81 |
"-days", str(365*5), "-nodes", "-x509", |
| 89 | 82 |
"-keyout", constants.SSL_CERT_FILE, |
| ... | ... | |
| 291 | 284 |
""" |
| 292 | 285 |
cfg = ssconf.SimpleConfigReader() |
| 293 | 286 |
sshrunner = ssh.SshRunner(cfg.GetClusterName()) |
| 294 |
gntpass = utils.GetNodeDaemonPassword() |
|
| 295 |
if not re.match('^[a-zA-Z0-9.]{1,64}$', gntpass):
|
|
| 296 |
raise errors.OpExecError("ganeti password corruption detected")
|
|
| 297 | 287 |
gntpem = utils.ReadFile(constants.SSL_CERT_FILE) |
| 298 | 288 |
# in the base64 pem encoding, neither '!' nor '.' are valid chars, |
| 299 | 289 |
# so we use this to detect an invalid certificate; as long as the |
| ... | ... | |
| 309 | 299 |
# note that all the below variables are sanitized at this point, |
| 310 | 300 |
# either by being constants or by the checks above |
| 311 | 301 |
mycommand = ("umask 077 && "
|
| 312 |
"echo '%s' > '%s' && " |
|
| 313 | 302 |
"cat > '%s' << '!EOF.' && \n" |
| 314 | 303 |
"%s!EOF.\n%s restart" % |
| 315 |
(gntpass, constants.CLUSTER_PASSWORD_FILE, |
|
| 316 |
constants.SSL_CERT_FILE, gntpem, |
|
| 304 |
(constants.SSL_CERT_FILE, gntpem, |
|
| 317 | 305 |
constants.NODE_INITD_SCRIPT)) |
| 318 | 306 |
|
| 319 | 307 |
result = sshrunner.Run(node, 'root', mycommand, batch=False, |
| b/lib/constants.py | ||
|---|---|---|
| 93 | 93 |
SSL_CERT_FILE = DATA_DIR + "/server.pem" |
| 94 | 94 |
WATCHER_STATEFILE = DATA_DIR + "/watcher.data" |
| 95 | 95 |
SSH_KNOWN_HOSTS_FILE = DATA_DIR + "/known_hosts" |
| 96 |
CLUSTER_PASSWORD_FILE = DATA_DIR + "/ssconf_node_pass" |
|
| 97 | 96 |
QUEUE_DIR = DATA_DIR + "/queue" |
| 98 | 97 |
ETC_HOSTS = "/etc/hosts" |
| 99 | 98 |
DEFAULT_FILE_STORAGE_DIR = _autoconf.FILE_STORAGE_DIR |
| b/lib/rpc.py | ||
|---|---|---|
| 89 | 89 |
self.body = serializer.DumpJson(args, indent=False) |
| 90 | 90 |
|
| 91 | 91 |
self.port = utils.GetNodeDaemonPort() |
| 92 |
self.nodepw = utils.GetNodeDaemonPassword() |
|
| 93 | 92 |
self.nc = {}
|
| 94 | 93 |
|
| 95 | 94 |
def ConnectList(self, node_list, address_list=None): |
| b/lib/utils.py | ||
|---|---|---|
| 1522 | 1522 |
return port |
| 1523 | 1523 |
|
| 1524 | 1524 |
|
| 1525 |
def GetNodeDaemonPassword(): |
|
| 1526 |
"""Get the node password for the cluster. |
|
| 1527 |
|
|
| 1528 |
@rtype: str |
|
| 1529 |
|
|
| 1530 |
""" |
|
| 1531 |
return ReadFile(constants.CLUSTER_PASSWORD_FILE) |
|
| 1532 |
|
|
| 1533 |
|
|
| 1534 | 1525 |
def SetupLogging(logfile, debug=False, stderr_logging=False, program=""): |
| 1535 | 1526 |
"""Configures the logging module. |
| 1536 | 1527 |
|
Also available in: Unified diff