OpCodes: modify InstanceReinstall for private, secret params
Modify InstanceReinstall to accept and process private and secretparameters.
Signed-off-by: Santi Raffa <rsanti@google.com>Reviewed-by: Jose A. Lopes <jabolopes@google.com>
OpCodes: modify InstanceCreate for private, secret params
Modify InstanceCreate to accept process private and secret parameters.
OpCodes: modify ClusterSetParams for private parameters
Modify ClusterSetParams to accept and process private parameters.
OpCodes: modify InstanceSetParams for private parameters
Modify InstanceSetParams to accept and process private parameters.
Add extra NIC to instance being created for communication
When an instance is being created, add an extra NIC (if necessary)which is meant to be used by the instance communication.
Signed-off-by: Jose A. Lopes <jabolopes@google.com>Reviewed-by: Michele Tartara <mtartara@google.com>
Merge branch 'stable-2.10' into stable-2.11
Merge branch 'stable-2.9' into stable-2.10
Disabling client certificate usage
This patch temporarily disables the usage of the clientSSL certificates. The handling of RPC connections had aconceptional flaw, because the certificates lack a propersignature. For this, Ganeti needs to implement a CA,...
Merge branch 'stable-2.8' into stable-2.9
Add correct locking of master node to gnt-debug delay
The gnt-debug delay command required locks for all nodes except themaster - this patch fixes the issue by adding master to the lockswhenever needed.
Signed-off-by: Hrvoje Ribicic <riba@google.com>Reviewed-by: Klaus Aehlig <aehlig@google.com>
Include target node in hooks nodes for migration
In case of DRBD, hooks run on both primary (source) and secondary(target) nodes. To get the same behavior for DTS_EXT_MIRROR, where wedo not have secondary node, we should explicitly add target node tohooks nodes during instance migration/failover....
Make max_running_jobs queryable
As we have introduced a new cluster parameter, it shouldbe also visible when querying about the cluster configuration.
Signed-off-by: Klaus Aehlig <aehlig@google.com>Reviewed-by: Petr Pudlak <pudlak@google.com>
Add opcode parameter for the maximal number of running jobs
This parameter of OpClusterSetParams will allow to set themaximal number of jobs to be run simultaneously.
Add certificate of auto-promoted master candidates to map
When a normal node is auto-promoted to be a mastercandidate, its SSL client certificate digest needsto be added to the map of candidate certificatesas well.
Signed-off-by: Helga Velroyen <helgav@google.com>...
User shutdown hypervisor parameter
Add user shutdown parameter for KVM. Based on this parameter, decidewhat information to report for a KVM instance, for example,distinguish between 'ADMIN_down' and 'USER_down'.
Signed-off-by: Jose A. Lopes <jabolopes@google.com>...
Create client certificate for normal nodes
The vcluster QA revealed a bug in the SSL certificatehandling code, where certificates were only createdwhen the node is a master-candidate. However, every nodeshould have a certificate, but only the digests of the...
Verify client certificates
This patch adds a step to 'gnt-cluster verify' to verifythe existence and validity of the nodes' clientcertificates. Since this is a crucial point of thesecurity concept, the verification is very detailed withexpressive error messages and well tested by unit tests....
Verify incoming RPCs against candidate map
From this patch on, incoming RPC calls are checked againstthe map of valid master candidate certificates. If no mapis present, the cluster is assumed to be inbootstrap/upgrade mode and compares the incoming call...
Handle promoting/demoting nodes wrt to client certificates
This patch makes Ganeti correctly handle the clientcertificates when nodes get promoted to master candidatesor demoted to normal nodes.
Signed-off-by: Helga Velroyen <helgav@google.com>Reviewed-by: Hrvoje Ribicic <riba@google.com>
Extend RPC call to create SSL certificates
So far the RPC call 'node_crypto_tokens' did only retrievethe certificate digest of an existing certificate. Thiscall is now enhanced to also create a new certificate andreturn the respective digest. This will be used in various...
Handle client certificates on node add/remove
This patch adds the certificate of a newly added orreadded master candidate node to the map of master candidatecertificates. It removes a master candidate node's certificatedigest from the candidate certificate map if the node is...
Add certificate for master node
On cluster initialization, the master node'sSSL certificate digest is added to the list of mastercandidate certificates.
Merge branch 'stable-2.10' into master
rpc: Fix py-apidoc warnings
The previous commits shuffled code around using import renames asglue. apidoc ignores import renames, however, and chokes on somenow invalid link targets.
This commit fixes the issue.
Signed-off-by: Santi Raffa <rsanti@google.com>...
Add a Python directory for RPC code to keep it at one place
Move rpc.py to rpc/node.py and modify imports in existing code.
Signed-off-by: Petr Pudlak <pudlak@google.com>Reviewed-by: Helga Velroyen <helgav@google.com>
Gluster: add the Shared File storage type
The shared file and gluster disk templates should not report their diskspace information like file does, because they do not behave the same.
If a cluster pulls from the same, shared source of storage then it is...
Gluster: add userspace access support
Add support for the QEMU gluster: protocol. Also change the accessmode routines so they check the access parameter for all templates.
Signed-off-by: Santi Raffa <rsanti@google.com>Signed-off-by: Thomas Thrainer <thomasth@google.com>...
Gluster: mount automatically
Add parameters to the Gluster disk template so Gluster can manage themount point point autonomously.
Signed-off-by: Santi Raffa <rsanti@google.com>Signed-off-by: Thomas Thrainer <thomasth@google.com>Reviewed-by: Thomas Thrainer <thomasth@google.com>
Gluster: use ssconf value for mountpoint directory
Gluster still does not mount anything autonomously, but this commitchanges where Gluster expects its mountpoint to be.
Gluster: minimal implementation
Add Gluster to Ganeti by essentially cloning the shared file behavioureverywhere in the code base.
gnt-cluster verify: demote orphan volume error to warning
Ganeti checks for orphan volume by making sure that it knows about allvolumes on disk; any additional orphan volume, even if created by theadministrator, causes a failure in gnt-cluster verify. Given that...
Make network tags searchable
This patch adds the network tags to the tags searched by gnt-clustersearch-tags, and in the process cleans up the code slightly.
Signed-off-by: Hrvoje Ribicic <riba@google.com>Reviewed-by: Michele Tartara <mtartara@google.com>
Adapt parameters that moved to instance variables
Due to a change in the code organization in stable-2.9, somemethod variables became instance variables, causing a semanticmerge conflict. Fix this.
Signed-off-by: Klaus Aehlig <aehlig@google.com>Reviewed-by: Helga Velroyen <helgav@google.com>
Support reseting arbitrary params of ext disks
If param=default and the param already exists then we removeit from params dict. This is stolen by GetUpdatedParams() whichis used for hvparams modification/inheritance.
This means that 'default' value is not accepted for an arbitrary...
Allow modification of arbitrary params for ext
Disks of ext template are allowed to have arbitrary parametersstored in the Disk object's params slot. Those parameters can bepassed during creation of a new disk, either in LUInstanceCreate()or in LUInsanceSetParams(). Still those parameters can not be...
SetDiskID() before accepting an instance
SetDiskID() fills physical_id slot of a Disk object.
LUInstanceSetParams() does not invoke SetDiskID() upon creation of anew disk. As a result the physical_id slot of the Disk object inconfig data is missing.
In case of ext disk template, in AcceptInstance() we invoke...
Lock group(s) when creating instances
This is required to prevent race conditions such as removing a networkfrom a group and adding an instance at the same time. (See issue 621#2.)
Signed-off-by: Petr Pudlak <pudlak@google.com>Reviewed-by: Thomas Thrainer <thomasth@google.com>...
Add default file_driver if missing
If the file driver of an instance with file based storage is not specified, thedefault one is automatically added by the UpgradeConfig function.
Fixes Issue 571.
Signed-off-by: Michele Tartara <mtartara@google.com>Reviewed-by: Helga Velroyen <helgav@google.com>
Fix a bug in InstanceSetParams concerning names
In case no name is passed in disk modifications we shouldkeep the old one. If name=none then set disk name to None.
Signed-off-by: Dimitris Aragiorgis <dimara@grnet.gr>Reviewed-by: Jose A. Lopes <jabolopes@google.com>
Add default_iallocator_params cluster parameter
Add a cluster parameter to hold the iallocator parameters usedby the default instance allocator. Implement the option tomodify config.data, query config.data and upgrade man pages,tests and cfgupgrade tool. The new default_iallocator_params is...
Fix NODE/NODE_RES locking in LUInstanceCreate
Both NODE and NODE_RES locks were acquired opportunistically if sorequested by the user. LUInstanceCreate requires, however, that theactually locked elements on NODE and NODE_RES level are the same.
This patch changes the locking of NODE_RES such that those locks are not...
Instance queries: remove opcodes and LU
Removes the remains of the instance queries.
Export and network queries: remove opcodes and LUs
Removes the remains of the export (aka backup) and networkqueries.
Group queries: remove opcodes and LUs
Removes the remains of the group query code.
Node queries: remove opcodes and LUs
Removes the remains of the node query code.
Remove instance query python code
This patch removes the python code for the instancequeries. So far, it replaces it by 'NotImplemented'exceptions. In a later patch of this series, theremaining part is remove completely.
Switch to Haskell for group queries
This patch removes the group query implementationin python in order to use the new Haskell implementation.
Switch to haskell for export (aka backup) queries
This patch removes the python implementation of export(aka backup) queries. So far, it is replaced by'NotImplemented' exceptions, but later in this seriesit will be replaced completely.
Switch to Haskell for network queries
This patch removes the python implementation of networkqueries and replaces it with 'NotImplemented' exceptions.It will be removed completely once all queries areswitched to Haskell.
Disable node query code
This patch removes the python query implementation fornodes. So far, the code is replaced by 'NotImplemented'exceptions, because the overall structure of query classescan be removed more easily at once when all queryimplementations are ready to be removed....
masterd: implement query via luxi
The master daemon so far still did queries via the pythonimplementation. This patch implements that it uses thehaskell implementation and removes the node queries fromthe list of OP-queriable entities.
Introduce --hotplug-if-possible option
This will be useful for an external entity using RAPI thatwants to modify devices of instances.
The common use case for that is:"I want to add a NIC/disk to an instance. If it is runningthen try to hotplug the device. If not, then just add it to config."...
Allow instances to obtain externally reserved IPs
The administrator should be able to assign an externally reserved IPto a Ganeti instance manually, if desired. Currently this is notsupported. External reservations should act as holes in the pool andnot just as IPs already used by someone outside of Ganeti....
Mark cluster's IPs as externally reserved
Currently, upon network creation, nodes' and master's IPsare reserved in the pool.
This leads to pool reservations ('X' in map) that cannot be changedafterwards, although they may need to (e.g. in case of node...
Use configured SSH ports when connecting to a console
This is accomplished by passing the corresponding node group tohv_*.py. Tests for hv_*.py that call GetInstanceConsole updated.
Signed-off-by: Petr Pudlak <pudlak@google.com>Reviewed-by: Hrvoje Ribicic <riba@google.com>
Use custom SSH ports in node groups when working with nodes
Calling `gnt-instance console` with a custom SSH port doesn't work yet.
Don't allow optional node parameters
Ganeti does not support optional fields in parameters(hypervisor-params, disk-params, etc.). OpenVSwitch related nodeparameters were the exception to this rule, which caused numerousproblems related to import/export and (de-)serialization....
Fix instance info
Signed-off-by: Jose A. Lopes <jabolopes@google.com>Reviewed-by: Hrvoje Ribicic <riba@google.com>
Prevent instance start when user down
Prevent starting a given instance when that instance has been shutdownby the user, given that the instance must be first properly shutdown.
Fix typo in documentation
Fix retrieval of xen command in class method
This patch fixes issue 608. When introducing theconfigurability of the xen toolstack in commit8ef418bb92, the hypervisor api was accidentally changedin a way that let to this error in KVM.
Remove hardcoded references to File, SharedFile templates
DTS_FILEBASED is a constant that exists and this commit makes surethat it is used whenever sensible, rather than resorting to hardcodingthe pair of templates in very many files.
Readd nodes as online
Patch d0d7d7cf accidentally removed the offline-flag resetwhen readding a node. Readd it.
Signed-off-by: Klaus Aehlig <aehlig@google.com>Reviewed-by: Thomas Thrainer <thomasth@google.com>
When verifying BRBD version, ignore missing values
When comparing for consistency of the DRBD versions, someversions might not be available via RPC, typically, if thenode is offline. In this case, leave these nodes out of thetest, instead of failing with an internal python error....
Conflicts: NEWS: trivial configure.ac: drop suffix bump of stable-2.9
Signed-off-by: Klaus Aehlig <aehlig@google.com>...
Conflicts: lib/cmdlib/instance_storage.pyResolved by manually applying the node name to uuidtransition on the version of stable-2.9.
Improve error message for replace-disks
In some conditions, replace-disks will fail if the disks are not properlyactivated. Improve the error message suggesting to run activate-disks beforeexecuting replace-disks.
Fixes Issue 606.
Signed-off-by: Michele Tartara <mtartara@google.com>...
Fix indentation that triggers PEP8 error
Signed-off-by: Petr Pudlak <pudlak@google.com>Signed-off-by: Klaus Aehlig <aehlig@google.com>Reviewed-by: Klaus Aehlig <aehlig@google.com>
Check if hotplug is supported in CheckPrereq
Introduce new RPC hotplug_supported that invokes the correspondinghypervisor's method which checks if hotplug is generallysupported. Call this RPC early in CheckPrereq() and abort ifhotplug is not supported. Currently only KVM hypervisor with...
Create Open vSwitch on Master during Cluster init
Currently, Open vSwitch is only created on additional nodes, not on the masteritself.This fixes the issue and creates and configures an Open vSwitch on the masternode during cluster init.
Signed-off-by: Sebastian Gebhard <sege@fs.ei.tum.de>...
Add possibility to compress to OpInstanceCreate
OpInstanceCreate now supports the 'compress' option. It allows to enablecompression during instance imports.
Signed-off-by: Thomas Thrainer <thomasth@google.com>Reviewed-by: Klaus Aehlig <aehlig@google.com>
Honor compress parameter in remote backups
Use the specified compression mode not only for local exports, but alsofor remote ones.
Support import with compressed instance moves
Support compressing instance data while sending it to the target node oninstance imports.
Add local compression to OpBackupExport
OpBackupExport is extended by a compress parameter. This parameter(either 'none' or 'gzip') controls if instance disks are compressedbefore being sent over the network to the destination node.
Signed-off-by: Thomas Thrainer <thomasth@google.com>...
Add possibility to compress to OpInstanceMove
OpInstanceMove now supports the 'compress' option. It allows to enablecompression for intra-cluster instance moves.
Use import-export daemon for intra-cluster moves
This unifies the inter- and intra-cluster moves and the backup code, soless code needs to be maintained.
Also fix failing tests for LUInstanceMove by following the code changesin the tests.
Use cluster variable consistently
The cluster object is already retrieved from the configuration, so useit consistently in LUInstanceMove.CheckPrereq().
Correct comments
Correct comments which confuse the target node with the secondary nodeof an instance in LUInstanceMove.
Fix usage of xm/xl for gnt-instance modify --new-primary
This fixes issue 519. When calling 'gnt-instance modify--new-primary', an exception was raised, because aRPC call was not called with the right hypervisorparameters which caused the backend function to crash,...
Minor changes regarding hotplug support
Fix in RPC
Use _SingleDiskDictDP() instead of _ObjectDict() for serializinga disk.
Signed-off-by: Dimitris Aragiorgis <dimara@grnet.gr>Signed-off-by: Thomas Thrainer <thomasth@google.com>Reviewed-by: Thomas Thrainer <thomasth@google.com>
Hotplug: cmdlib support
Hotplugging is done by functions invoked by ApplyContainerMods(). Inorder hotplugging to take place the --hotplug option must be passedotherwise the modifications will take place after reboot.
NIC hotplug supports add, remove and modify. The modify is done by removing...
Add unit tests for LUBackupExport
This patch adds unit tests for LUBackupExport.
Signed-off-by: Thomas Thrainer <thomasth@google.com>Reviewed-by: Helga Velroyen <helgav@google.com>
Use node names in LUBackupQuery
The result of LUBackupQuery has to be indexed by node name rather thanby node UUID, otherwise the automatically constructed filter won'treturn any results.
Make 'gnt-node list-storage' use default storage type
Currently, when no explicit storage type is given, the'gnt-node list-storage' command defaults to file storagewhether or not file storage is enabled on the clusteror not. This patch fixes it by defaulting to the default...
Make 'gnt-cluster modify' respect the order of templates
This fixes a bug where the order of enabled disk templateswas not respected when manipulating it with 'gnt-clustermodify'.
Signed-off-by: Helga Velroyen <helgav@google.com>Reviewed-by: Klaus Aehlig <aehlig@google.com>
Streamlining handling of spindles and default templates
This rather lenghy patch comprises a couple of refactoringsto achieve the following goals:- 'gnt-node info' should only report space information about spindles, when exclusive storage is enabled on the node...
Fix typos and indentation for cluster.py
This patches fixes a typo and some indentation errorsthat were accidentally introduced by premature pushingof the patch series "Improvements on disk templates, inparticular file storage".
Make GetDiskTemplateSets output disabled disk templates
This patch extends the 'GetDiskTemplateSets' function toalso output the list of disk templates that were enabledbefore this operation, but will be disabled afterwards.This patch also includes code to check for instances using...
Rename GetEnabledDiskTemplates to include disabled ones
This patch solely renames the functions_GetEnabledDiskTemplates* to _GetDiskTemplateSets, becausein later patches, we will refactor it to not only outputdisk templates that are or get enabled, but also the ones...
Check for running instances when disabling templates
This patch introduces a function to be used in'gnt-cluster modify' when disabling a couple of disktemplates. It checks whether there are still instancesrunning that use these templates.
Merge branch 'stable-2.9' into master
Use 'DTS_LVM' when possible
This patch replaces all usages of the utility function'GetLvmDiskTemplate' by the new 'DTS_LVM' constantto make it consistant with the usage of other DTS_*constants.
Additionally, it provides a unit tests to ensureconsistancy between DTS_LVM and the mapping of disk...