Revision 28756f80 lib/cmdlib/node.py

b/lib/cmdlib/node.py
42 42
  CheckInstanceState, INSTANCE_DOWN, GetUpdatedParams, \
43 43
  AdjustCandidatePool, CheckIAllocatorOrNode, LoadNodeEvacResult, \
44 44
  GetWantedNodes, MapInstanceLvsToNodes, RunPostHook, \
45
  FindFaultyInstanceDisks, CheckStorageTypeEnabled, AddNodeCertToCandidateCerts
45
  FindFaultyInstanceDisks, CheckStorageTypeEnabled, CreateNewClientCert, \
46
  AddNodeCertToCandidateCerts, RemoveNodeCertFromCandidateCerts
46 47

  
47 48

  
48 49
def _DecideSelfPromotion(lu, exceptions=None):
......
416 417

  
417 418
    cluster = self.cfg.GetClusterInfo()
418 419
    if self.new_node.master_candidate:
419
      AddNodeCertToCandidateCerts(self, self.new_node.uuid, cluster)
420
      # We create a new certificate even if the node is readded
421
      digest = CreateNewClientCert(self, self.new_node.uuid)
422
      utils.AddNodeToCandidateCerts(self.new_node.uuid, digest,
423
                                    cluster.candidate_certs)
420 424
      self.cfg.Update(cluster, feedback_fn)
421 425
    else:
422 426
      if self.new_node.uuid in cluster.candidate_certs:
......
780 784
      if self.lock_all:
781 785
        AdjustCandidatePool(self, [node.uuid])
782 786

  
787
      cluster = self.cfg.GetClusterInfo()
788
      # if node gets promoted, grant RPC priviledges
789
      if self.new_role == self._ROLE_CANDIDATE:
790
        AddNodeCertToCandidateCerts(self, node.uuid, cluster)
791
      # if node is demoted, revoke RPC priviledges
792
      if self.old_role == self._ROLE_CANDIDATE:
793
        RemoveNodeCertFromCandidateCerts(node.uuid, cluster)
794

  
783 795
    if self.op.secondary_ip:
784 796
      node.secondary_ip = self.op.secondary_ip
785 797
      result.append(("secondary_ip", self.op.secondary_ip))

Also available in: Unified diff