Revision 5b6f9e35
b/lib/bootstrap.py | ||
---|---|---|
806 | 806 |
cfg = config.ConfigWriter(offline=True) |
807 | 807 |
ssh.WriteKnownHostsFile(cfg, pathutils.SSH_KNOWN_HOSTS_FILE) |
808 | 808 |
cfg.Update(cfg.GetClusterInfo(), logging.error) |
809 |
|
|
810 | 809 |
ssconf.WriteSsconfFiles(cfg.GetSsconfValues()) |
811 | 810 |
|
812 | 811 |
# set up the inter-node password and certificate |
b/lib/cmdlib/cluster.py | ||
---|---|---|
58 | 58 |
CheckOSParams, CheckHVParams, AdjustCandidatePool, CheckNodePVs, \ |
59 | 59 |
ComputeIPolicyInstanceViolation, AnnotateDiskParams, SupportsOob, \ |
60 | 60 |
CheckIpolicyVsDiskTemplates, CheckDiskAccessModeValidity, \ |
61 |
CheckDiskAccessModeConsistency |
|
61 |
CheckDiskAccessModeConsistency, AddNodeCertToCandidateCerts
|
|
62 | 62 |
|
63 | 63 |
import ganeti.masterd.instance |
64 | 64 |
|
... | ... | |
220 | 220 |
self.master_ndparams[constants.ND_OVS_NAME], |
221 | 221 |
self.master_ndparams.get(constants.ND_OVS_LINK, None)) |
222 | 222 |
result.Raise("Could not successully configure Open vSwitch") |
223 |
|
|
224 |
AddNodeCertToCandidateCerts(self, self.master_uuid, |
|
225 |
self.cfg.GetClusterInfo()) |
|
226 |
|
|
223 | 227 |
return True |
224 | 228 |
|
225 | 229 |
|
b/lib/cmdlib/common.py | ||
---|---|---|
1216 | 1216 |
|
1217 | 1217 |
# Everything else: |
1218 | 1218 |
return False |
1219 |
|
|
1220 |
|
|
1221 |
def AddNodeCertToCandidateCerts(lu, node_uuid, cluster): |
|
1222 |
"""Add the node's client SSL certificate digest to the candidate certs. |
|
1223 |
|
|
1224 |
@type node_uuid: string |
|
1225 |
@param node_uuid: the node's UUID |
|
1226 |
@type cluster: C{object.Cluster} |
|
1227 |
@param cluster: the cluster's configuration |
|
1228 |
|
|
1229 |
""" |
|
1230 |
result = lu.rpc.call_node_crypto_tokens( |
|
1231 |
node_uuid, [constants.CRYPTO_TYPE_SSL_DIGEST]) |
|
1232 |
result.Raise("Could not retrieve the node's (uuid %s) SSL digest." |
|
1233 |
% node_uuid) |
|
1234 |
((crypto_type, digest), ) = result.payload |
|
1235 |
assert crypto_type == constants.CRYPTO_TYPE_SSL_DIGEST |
|
1236 |
|
|
1237 |
utils.AddNodeToCandidateCerts(node_uuid, digest, cluster.candidate_certs) |
b/test/py/cmdlib/cluster_unittest.py | ||
---|---|---|
31 | 31 |
import tempfile |
32 | 32 |
import shutil |
33 | 33 |
|
34 |
from collections import defaultdict |
|
35 |
|
|
34 | 36 |
from ganeti import constants |
35 | 37 |
from ganeti import errors |
36 | 38 |
from ganeti import netutils |
... | ... | |
229 | 231 |
|
230 | 232 |
|
231 | 233 |
class TestLUClusterPostInit(CmdlibTestCase): |
232 |
def testExecuion(self): |
|
234 |
def testExecution(self): |
|
235 |
# For the purpose of this test, return the same certificate digest for all |
|
236 |
# nodes |
|
237 |
self.rpc.call_node_crypto_tokens = \ |
|
238 |
lambda node_uuid, _: self.RpcResultsBuilder() \ |
|
239 |
.CreateSuccessfulNodeResult(node_uuid, |
|
240 |
[(constants.CRYPTO_TYPE_SSL_DIGEST, "IA:MA:FA:KE:DI:GE:ST")]) |
|
233 | 241 |
op = opcodes.OpClusterPostInit() |
234 | 242 |
|
235 | 243 |
self.ExecOpCode(op) |
Also available in: Unified diff