Revision 5557b04c lib/bootstrap.py
b/lib/bootstrap.py | ||
---|---|---|
322 | 322 |
|
323 | 323 |
""" |
324 | 324 |
sshrunner = ssh.SshRunner(cluster_name) |
325 |
gntpem = utils.ReadFile(constants.SSL_CERT_FILE) |
|
325 |
|
|
326 |
noded_cert = utils.ReadFile(constants.SSL_CERT_FILE) |
|
327 |
|
|
326 | 328 |
# in the base64 pem encoding, neither '!' nor '.' are valid chars, |
327 | 329 |
# so we use this to detect an invalid certificate; as long as the |
328 | 330 |
# cert doesn't contain this, the here-document will be correctly |
329 | 331 |
# parsed by the shell sequence below |
330 |
if re.search('^!EOF\.', gntpem, re.MULTILINE):
|
|
332 |
if re.search('^!EOF\.', noded_cert, re.MULTILINE):
|
|
331 | 333 |
raise errors.OpExecError("invalid PEM encoding in the SSL certificate") |
332 |
if not gntpem.endswith("\n"): |
|
333 |
raise errors.OpExecError("PEM must end with newline") |
|
334 |
|
|
335 |
if not noded_cert.endswith("\n"): |
|
336 |
noded_cert += "\n" |
|
334 | 337 |
|
335 | 338 |
# set up inter-node password and certificate and restarts the node daemon |
336 | 339 |
# and then connect with ssh to set password and start ganeti-noded |
... | ... | |
339 | 342 |
mycommand = ("umask 077 && " |
340 | 343 |
"cat > '%s' << '!EOF.' && \n" |
341 | 344 |
"%s!EOF.\n%s restart" % |
342 |
(constants.SSL_CERT_FILE, gntpem,
|
|
345 |
(constants.SSL_CERT_FILE, noded_cert,
|
|
343 | 346 |
constants.NODE_INITD_SCRIPT)) |
344 | 347 |
|
345 | 348 |
result = sshrunner.Run(node, 'root', mycommand, batch=False, |
Also available in: Unified diff