Remove oneline= parameter from utils.ReadFile
This partially reverts commit b774bb106cc28d008e790ad2666eb64c76866fa0.Unittests unrelated to that particular functionality but introduced inthat commit are left untouched. Since the temporary directory is now...
INSTALL: update hypervisor requirements
Xen: Just specify 3.0 or above as a requirement, as versions above 3.1have been tested and work fine with Ganeti. Also note that the Xendependency is optional, if one wants to work with KVM.
KVM: list as an alternative, specify that 72 (the one shipped with...
install.rst: update os version and add KVM notes
The 0.7 version was just an example, but since we're on 0.9 now,updating the number cannot be wrong. The new admonition helps KVM usersto configure debootstrap correctly so that instances can be shutdown...
RAPI client: Fix SSL error reporting for real
My previous patch, commit 857705e8, helped in one particularsituation where the exception didn't contain any arguments(pyOpenSSL reporting a WantReadError, which shouldn't occur with ablocking socket anyway). With this patch, more common and uncommon...
RAPI client: Improve SSL error reporting
Signed-off-by: Michael Hanselmann <hansmi@google.com>Reviewed-by: Guido Trotter <ultrotter@google.com>
RAPI client: Don't check node role in client
Only the server knows which node roles can be set via RAPI.Constants are provided for convenience.
RAPI client: Update ReplaceInstanceDisks
- The RAPI client shouldn't check the replacement mode as only the server knows which ones are valid (constants are still provided for convenience)- Disks shouldn't be a list of names, but of indexes
Signed-off-by: Michael Hanselmann <hansmi@google.com>...
RAPI client: Fix behaviour of “allocatable” storage flag
When modifying a storage unit, the “allocatable” flag should defaultto “no modification”. This replicates the behaviour of the commandline interface.
RAPI client: Encode boolean and None query values
Boolean values must be passed as 0 or 1. None should be an emptyvalue ("").
RAPI client: No longer check storage type locally
Only the RAPI server (actually masterd) knows which storage typesare valid. The exception can no longer be raised as the type isonly checked in the job.
RAPI client: Add constant for RAPI version
This reverts a60e3cb0a partially by moving the RAPI version into a constant.
RAPI QA: Use RAPI client
Signed-off-by: Michael Hanselmann <hansmi@google.com>Reviewed-by: Iustin Pop <iustin@google.com>
Add RAPI client utility module with RAPI PollJob function
The RAPI client module shouldn't depend on any Ganeti module, yet it'suseful to have some Ganeti-specific code, like a PollJob function forRAPI.
RAPI client: Don't assume job IDs to be numeric
Signed-off-by: Michael Hanselmann <hansmi@google.com>Reviewed-by: David Knowles <dknowles@google.com>
QA: Add function create temporary backup file
QA: Restore RAPI cert after “gnt-cluster renew-crypto”
The RAPI tests will depend on the certificate.
RAPI client: Include HTTP error code in GanetiApiError exception
Having the HTTP error code allows users of the class to act differently basedon the error code.
Support different HTTP error codes in RAPI client unittest mock
This allows testing error conditions (e.g. if a job wasn't found).
RAPI client: Fix error message for unsupported methods in unittest
RAPI client: Allow waiting for job changes
RAPI: Allow waiting for job changes
RAPI client: Rename “DeleteJob” to “CancelJob”
Jobs can't be deleted, but cancelled (even though the HTTP method“DELETE” is used).
RAPI client: Various code style changes
- Replace hardcoded values with constants- Code formatting- Exception messages without periods and fixed string formatting
RAPI client: Add missing unittest for RepairNodeStorageUnits
RAPI client: Always pass _SendRequest args as positional
RAPI client: Simplify URL construction
RAPI client: Instantiate JSON encoder only once
RAPI client: Always return job ID
Even removing tags returns a job ID.
RAPI client: Hardcode version in URLs
If the version changes, the API is likely to change as well. Nothaving to ask for the version first makes the code simpler.
Remove httplib2 dependency from ganeti.rapi.client
- It's possible to implement all functionality in ganeti.rapi.client using Python's standard modules httplib and urllib2- By doing so, proper SSL certificate verification is implemented- Adjust some of the code to Ganeti's code style (this is not yet...
utils.ReadFile: Add parameter to read only one line
Reading only one line is useful for reading passwords from files. Thisalso adds unittests for utils.ReadFile.
Fix tiny typo in cluster verify
Signed-off-by: Iustin Pop <iustin@google.com>Reviewed-by: Balazs Lecz <leczb@google.com>
cli: Make PollJob generic to support other protocols
By separating the LUXI-specific code and stdio-related codeinto separate classes, we can make cli.PollJob protocol-agnostic, allowing it to be used with RAPI.
This patch also adds unittests for cli.PollJob....
Fix a unittest name and docstring
The docstring has been copied by the name, but the name reports amisspell of the function it is actually testing.
Signed-off-by: Guido Trotter <ultrotter@google.com>Reviewed-by: Balazs Lecz <leczb@google.com>
NEWS: fix empty lines
Make sure there are exactly two empty lines between different versions(rather than 1 or 3).
Force ssh to allocate a tty
This is required to avoid the"Pseudo-terminal will not be allocated because stdin is not a terminal." ssh error message in case a Ganeti script is run non-interactively.
Signed-off-by: Balazs Lecz <leczb@google.com>Reviewed-by: Iustin Pop <iustin@google.com>
Fix a unittest docstring
Retry{Again,Timeout}: explain reraising
Signed-off-by: Guido Trotter <ultrotter@google.com>Reviewed-by: Iustin Pop <iustin@google.com>
IsProcessAlive: retry stat() a few times
On multiprocessor dom0 stat() on /proc can sometimes return EINVAL.Before giving up, we try a few times to get a consistent answer.
utils.Retry: pass up timeout arguments
If Retry has to fail with RetryTimeout, it might be useful to pass theRetry argument to RetryTimeout, to help debugging outside the Retrycycle. We also define a RetryTimeout.RaiseInner() helper, to re-raise anexception passed to RetryAgain. All served with a side of unit tests....
Add a few Retry unittests
Check that Retry actually times out, and actually retries.
Merge branch 'stable-2.1' into devel-2.1
Bump version for 2.1.2.1 release
Update NEWS for Ganeti 2.1.2.1
KVM: only export instance tags if present
Currently non-tagged instances fail starting with a TypeError.
Signed-off-by: Guido Trotter <ultrotter@google.com>Reviewed-by: Iustin Pop <iustin@google.com>Reviewed-by: Balazs Lecz <leczb@google.com>
ssh.GetUserFiles: move to EnsureDirs
We also create a generic SECURE_DIR_MODE constant, rather thanhardcoding 0700 in the code.
Hypervisors: use utils.EnsureDirs
Swap a few os.mkdir calls with utils.EnsureDirs
backend: remove a couple of useless mkdir calls
Those directories must exist for the node daemon to run (it's in thenode daemon's list of ensured directories) and those functions are onlycalled by the node daemon, so there's no point in those checks+mkdir...
daemon.GenericMain: fix docstring
The docstring reports a wrong type for the "dirs" argument. Fixing.
jstore: use EnsureDirs, and add more constants
Bump version for 2.1.2 release
Signed-off-by: Iustin Pop <iustin@google.com>Reviewed-by: Michael Hanselmann <hansmi@google.com>
Update NEWS file for 2.1.2
Signed-off-by: Iustin Pop <iustin@google.com>Reviewed-by: Michael Hanselmann <hansmi@google.com>Reviewed-by: Guido Trotter <ultrotter@google.com>
Add dates to the NEWS file
Just for easier history digging…
Signed-off-by: Iustin Pop <iustin@google.com>Reviewed-by: Guido Trotter <ultrotter@google.com>
RAPI QA: Test instance creation/removal via RAPI
RAPI QA: Support for request body
- Add support for sending JSON-encoded body to RAPI daemon (required to test more complex resources)- Expand names when testing resources against config
Small fixes for RAPI client
- Always check SSL certificate for validity- Actually JSON-encode HTTP content
Signed-off-by: David Knowles <dknowles@google.com>Signed-off-by: Michael Hanselmann <hansmi@google.com>Reviewed-by: Michael Hanselmann <hansmi@google.com>
cfgupgrade: allow working with relative paths
Since utils.WriteFile requires an absolute path, cfgupgrade needs tonormalize the directory it is given.
qa: enable early release during parallel burnin
With this, the burnin sequence on big clusters should be (much?) faster.The patch also fixes the parallel setting (before it was alwaysenabled).
Change the migration message
Let's remove the experimental message (the Ganeti side is stablenowadays) and replace it with a warning about possible hypervisorissues.
Signed-off-by: Iustin Pop <iustin@google.com>Reviewed-by: René Nussbaumer <rn@google.com>
verify cluster: check /etc/hosts consistency
If we are told to modify /etc/hosts, then verify its consistency duringcluster verify.
Cleanup /etc/hosts during node removal
It seems that commit d8470559 dropped the cleanup of /etc/hosts when anode is removed from the cluster. I don't know for sure, but it seemsaccidental. As long as we add it to /etc/hosts, we should clean it uptoo....
Fix pylint 0.20.0 warnings
These seem to be wrong, possibly a regression in pylint.
KVM: make tags available in KVM_NET_SCRIPT
Make instance tags available as a space-separated list during the execution ofthe network setup script. This allows tag-based control of things like firewallrules and/or networking setup.
Signed-off-by: Guido Trotter <ultrotter@google.com>...
Remove "ssconf.CheckMasterCandidate"
This function is not used anymore, so there's no point in keeping itaround.
This reverts commit 3f71b464ad5cdd1f1b53f2a31a4eef4e2a5550cc, apart froma one empty line conflict in ssconf.py
masterd: Log PID, UID and GID of connected client
This can be very useful if client programs run as non-root.
qa: Use qa_utils.UploadFile to upload rapi_users file
Just using “echo” would use whatever umask is set in the shell,in addition to potentially showing the password in the processlist.
Signed-off-by: Michael Hanselmann <hansmi@google.com>Reviewed-by: René Nussbaumer <rn@google.com>
devel/upload: add --no-debug option
When this option is used the /etc/defaults/ganeti file, which sets allthe daemons in debug mode, is not copied.
Add a basic unittest for uidpool.RequestUnusedUid
Factorize LUExportInstance
Apart from moving parts of the code to separate functions, error handlingis also improved by making sure snapshots are always removed.
Use ints instead of strings to represent user-ids
Signed-off-by: Balazs Lecz <leczb@google.com>Reviewed-by: Guido Trotter <ultrotter@google.com>
QA: fix reimporting instance with different name
Since the original instance still exists, we need to use a different MACfor its NIC.
Fix broken commit 9e302a8
Commit 9e302a8 split the StopInstance function in two without properlyduplicating the local variables.
ssh: make quiet configurable
Currently both CopyFileToNode and BuildCmd hardcode "-q" in the options.This patch moves this setting as a configurable option to_BuildSshOptions.
SSH: do not check IPs
Since we use the cluster name for the SSH known_hosts file, ssh willalways detect a changed IP (since we never connect to the cluster mastername, but the node names), and will complain about it/try to update theuser known hosts file (since that is /dev/null, it doesn't matter, but...
Add separate module for backported language functionality
utils.py, where they were before, is already huge.
Add make commit-check target
distcheck, lint and apidoc. Take three pay only one.
hv_chroot: move unmount to CleanupInstance()
This allows cleanup to be done properly if the "instance" wasn't runningat all (based on the CleanupInstance framework, instead of the retry inhypervisor).
LUSetClusterParams: initialize needed parameters
… since the opcode doesn't auto-initialize to None.
Add a hypervisor constant for migration support
This variable can be used by other tools to determine in a generic waywhether a given hypervisor supports migration or not.
burnin: skip migration based on hypervisor support
The patch adds selection of hypervisor in burnin (on multi-hypervisorclusters, we always used the default) and optional hypervisorparameters, and skips migration if the hypervisor doesn't support it.
Signed-off-by: Iustin Pop <iustin@google.com>...
Fix indentation error
Commit 9cf4321fc39ec36359d9c90b22b36d33b6adc2f4 indented some lines by4 spaces rather than 2, and was git-amed without noticing. Fixing.
utils: Add function for partial application of function arguments
The function's code was mostly copied from Python's documentationand it's equivalent to “functools.partial” in Python 2.5 and above.
gnt-instance info: sort the hv parameters
Add -usbdevice tablet to KVM when using vnc
When using VNC, it is recommended to use a tablet-styleinput device instead of a mouse. This allows most VNC viewersto send proper mouse coordinates to the virtual machine's desktopresulting in perfectly aligned guest and host mouse pointers....
Only use boot=on on non-ide disks only (KVM)
boot=on implies that KVM boots using extboot. This is only requiredto boot non-IDE disks and has the side-effect that there is at mostone bootable device. This behaviour breaks some operating systems,most notably the windows installer that tries to chainload the hard-disk...
KVM: fix a bug in _TryReadUidFile
If the uid pool is not in use _TryReadUidFile will try to return "uid" even if it hasn't tried to read it at all.
Fix RAPI client methods return values
Ensure that all RAPI client methods that should return job ids actuallyreturn job ids.
Signed-off-by: David Knowles <dknowles@google.com>Reviewed-by: Iustin Pop <iustin@google.com>Signed-off-by: Iustin Pop <iustin@google.com>
security.rst: add a KVM security section
KVM: implement the HT_SM_POOL security model
In order not to complicate to much the _ExecuteKVMRuntime function withnested try/except/finally/else constructs we move the actualruncmd+check call in a separate _RunKVMCmd function.
KVM: add an instance uid file concept
If this file exists, for an instance, we release the uid containedinside back to the uid pool, at instance shutdown.
ReleaseUid: accept an integer as uid
We can't guarantee to keep the LockedObject around, when ReleaseUid iscalled (because that might happen, for example, after a ganetishutdown/restart). So we'll support releasing on just an integer uid.
LockedUid: add GetUid() method
uidpool users that get passed a LockedUid by the uidpool need to knowwhich one the uid is. Since it's not nice to make them access a privatemember, and we shouldn't make "uid" public either, we'll add a gettermethod.
KVM: move post-shutdown cleanup operations
Currently putting the cleanup just after the actual shutdown ensuresthat it never gets called, due to how the retry/shutdown cycle works.So we move those cleanups to their new dedicated place.
_PrintGroupedParams: sort before printing
It's a lot easier, when looking at the output, if you can search theparameter you're looking for alphabetically.
Add CleanupInstance hypervisor call
Currently some hypervisors (namely kvm) need to do some cleanup aftermaking sure an instance is stopped. With the moving of the retry cyclein backend those cleanups were never done. In order to solve this we adda new optional hypervisor function, CleanupInstance, which gets called...
Using the added stop-all functionality from daemon-utils in cluster-merge
Additionally also move to the RunWhileStopped method for the configuration merger.
Signed-off-by: René Nussbaumer <rn@google.com>Reviewed-by: Guido Trotter <ultrotter@google.com>...
Complete check-man changes from 5fa16422
Commit 5fa16422 removed the checks at sed time, but only for %.7. Weneed to do it for %.8 too.
Fix a typo commited→committed in gnt-instance.sgml
Fix changing the list of enabled hypervisors
When enabling a new hypervisor, we must ensure that we have itsparameters in the cluster (global) hvparams dictionary.
Furthermore, we add a verify check for this case (this should be betterreplaced with an auto-fix?)....
Fix heading to the one of epydoc
Signed-off-by: René Nussbaumer <rn@google.com>Reviewed-by: Iustin Pop <iustin@google.com>