Revision 5b6f9e35
| b/lib/bootstrap.py | ||
|---|---|---|
| 806 | 806 |
cfg = config.ConfigWriter(offline=True) |
| 807 | 807 |
ssh.WriteKnownHostsFile(cfg, pathutils.SSH_KNOWN_HOSTS_FILE) |
| 808 | 808 |
cfg.Update(cfg.GetClusterInfo(), logging.error) |
| 809 |
|
|
| 810 | 809 |
ssconf.WriteSsconfFiles(cfg.GetSsconfValues()) |
| 811 | 810 |
|
| 812 | 811 |
# set up the inter-node password and certificate |
| b/lib/cmdlib/cluster.py | ||
|---|---|---|
| 58 | 58 |
CheckOSParams, CheckHVParams, AdjustCandidatePool, CheckNodePVs, \ |
| 59 | 59 |
ComputeIPolicyInstanceViolation, AnnotateDiskParams, SupportsOob, \ |
| 60 | 60 |
CheckIpolicyVsDiskTemplates, CheckDiskAccessModeValidity, \ |
| 61 |
CheckDiskAccessModeConsistency |
|
| 61 |
CheckDiskAccessModeConsistency, AddNodeCertToCandidateCerts
|
|
| 62 | 62 |
|
| 63 | 63 |
import ganeti.masterd.instance |
| 64 | 64 |
|
| ... | ... | |
| 220 | 220 |
self.master_ndparams[constants.ND_OVS_NAME], |
| 221 | 221 |
self.master_ndparams.get(constants.ND_OVS_LINK, None)) |
| 222 | 222 |
result.Raise("Could not successully configure Open vSwitch")
|
| 223 |
|
|
| 224 |
AddNodeCertToCandidateCerts(self, self.master_uuid, |
|
| 225 |
self.cfg.GetClusterInfo()) |
|
| 226 |
|
|
| 223 | 227 |
return True |
| 224 | 228 |
|
| 225 | 229 |
|
| b/lib/cmdlib/common.py | ||
|---|---|---|
| 1216 | 1216 |
|
| 1217 | 1217 |
# Everything else: |
| 1218 | 1218 |
return False |
| 1219 |
|
|
| 1220 |
|
|
| 1221 |
def AddNodeCertToCandidateCerts(lu, node_uuid, cluster): |
|
| 1222 |
"""Add the node's client SSL certificate digest to the candidate certs. |
|
| 1223 |
|
|
| 1224 |
@type node_uuid: string |
|
| 1225 |
@param node_uuid: the node's UUID |
|
| 1226 |
@type cluster: C{object.Cluster}
|
|
| 1227 |
@param cluster: the cluster's configuration |
|
| 1228 |
|
|
| 1229 |
""" |
|
| 1230 |
result = lu.rpc.call_node_crypto_tokens( |
|
| 1231 |
node_uuid, [constants.CRYPTO_TYPE_SSL_DIGEST]) |
|
| 1232 |
result.Raise("Could not retrieve the node's (uuid %s) SSL digest."
|
|
| 1233 |
% node_uuid) |
|
| 1234 |
((crypto_type, digest), ) = result.payload |
|
| 1235 |
assert crypto_type == constants.CRYPTO_TYPE_SSL_DIGEST |
|
| 1236 |
|
|
| 1237 |
utils.AddNodeToCandidateCerts(node_uuid, digest, cluster.candidate_certs) |
|
| b/test/py/cmdlib/cluster_unittest.py | ||
|---|---|---|
| 31 | 31 |
import tempfile |
| 32 | 32 |
import shutil |
| 33 | 33 |
|
| 34 |
from collections import defaultdict |
|
| 35 |
|
|
| 34 | 36 |
from ganeti import constants |
| 35 | 37 |
from ganeti import errors |
| 36 | 38 |
from ganeti import netutils |
| ... | ... | |
| 229 | 231 |
|
| 230 | 232 |
|
| 231 | 233 |
class TestLUClusterPostInit(CmdlibTestCase): |
| 232 |
def testExecuion(self): |
|
| 234 |
def testExecution(self): |
|
| 235 |
# For the purpose of this test, return the same certificate digest for all |
|
| 236 |
# nodes |
|
| 237 |
self.rpc.call_node_crypto_tokens = \ |
|
| 238 |
lambda node_uuid, _: self.RpcResultsBuilder() \ |
|
| 239 |
.CreateSuccessfulNodeResult(node_uuid, |
|
| 240 |
[(constants.CRYPTO_TYPE_SSL_DIGEST, "IA:MA:FA:KE:DI:GE:ST")]) |
|
| 233 | 241 |
op = opcodes.OpClusterPostInit() |
| 234 | 242 |
|
| 235 | 243 |
self.ExecOpCode(op) |
Also available in: Unified diff