rapi: Add new user option for querying
This was requested in issue 301. Before this patch, requests to“/2/query/*” and “/2/instances/*/console” would require authenticationwith a user with write access. Since that is not strictly necessary, anew user option named “read” is added....
Move gnt_cluster.SHOW_MACHINE_OPT to cli
This allows the option to be re-used in other places.
Signed-off-by: Michael Hanselmann <hansmi@google.com>Reviewed-by: Guido Trotter <ultrotter@google.com>
Warn on invalid lines in HTTP user files
Without this change, invalid lines or values would be silently ignored.
pathutils: Add directory for remote commands
Also add tests to ensure it's never allowed as a file storage path. Aconstant for the lock file is also added.
Signed-off-by: Michael Hanselmann <hansmi@google.com>Reviewed-by: Iustin Pop <iustin@google.com>
utils.process.RunResult: Always set "fail_reason" attribute
Add “gnt-job change-priority” sub-command
This can be used to change the priority of a pending or running job (thelatter only if there are unprocessed opcodes).
Signed-off-by: Michael Hanselmann <hansmi@google.com>Reviewed-by: Bernardo Dal Seno <bdalseno@google.com>
Expose changing job priority via LUXI
A new LUXI request is added, in both Python and Haskell.
Signed-off-by: Michael Hanselmann <hansmi@google.com>Reviewed-by: Bernardo Dal Seno <bdalseno@google.com>Reviewed-by: Iustin Pop <iustin@google.com>
jqueue: Allow changing of job priority
This is due to a feature request. Sometimes one wants to change thepriority of a job after it has been submitted, e.g. after submitting animportant job only to later notice many other pending jobs which will beprocessed first. Priority changes only take effect at the next lock...
jqueue: Set task ID for jobs added to workerpool
The job ID is re-used as the task ID, as job IDs are unique.
workerpool: Preserve task number when deferring
When a task is deferred it should receive the same task ID upon beingreturned to the pool.
workerpool: Add method to change task's priority
Using the task ID a pending task's priority can be changed. This will beused to change the priority of jobs in the workerpool.
workerpool: Change data structure for priority change
To prepare for the addition of a new function allowing changing apending task's priority, the internal data structure is slightlychanged. The (optional) task ID is stored as part of the task entry. A...
Documentation for the NODE_RES level
Signed-off-by: Helga Velroyen <helgav@google.com>Reviewed-by: Guido Trotter <ultrotter@google.com>
RunCmd: Expose "postfork" callback
The “_postfork_fn” parameter was only used for tests until now. Toimplement a good locking scheme, remote commands must also make use ofthis callback to release a lock when the command was successfullystarted (but did not yet finish)....
Merge branch 'devel-2.6' into master
Conflicts (both trivial): htools/Ganeti/Daemon.hs (_writePidFile rename)...
Merge branch 'stable-2.6' into devel-2.6
Signed-off-by: Iustin Pop <iustin@google.com>Reviewed-by: Guido Trotter <ultrotter@google.com>
Improve error message when migration status fail
Commit 6a1434d7 (“Make migration RPC non-blocking”) changed the APIfor reporting migration status, but has a small cosmetic bug: if themigration status if failure, but the RPC itself to get the statusdidn't fail, it shows the following error message:...
Fix type error in kvm/GetMigrationStatus
Commit 6a1434d7 (“Make migration RPC non-blocking”) changed fromraising HypervisorErrors to returning MigrationStatusobjects. However, these objects don't have an "info" attribute, sothey can't pass a reason back (which is in itself a bug); but the KVM...
sphinx_ext: Allow use of “rapi” module in pyeval
This way constants like “rapi.RAPI_ACCESS_WRITE” can be used indocumentation.
rlib2: Document two previously undocumented functions
Commit 208a6cff just included empty docstrings.
jqueue/mcpu: Determine priority using callback
Instead of being given the priority for acquiring locks by means of aparameter, mcpu will now call back. This is in preparation forimplementing a command to change a job's priority on the fly and allowsto change it while locks are being acquired (taking effect on the next...
Merge branch 'devel-2.6'
http/__init__.py: Remove extraneous argument
pylint complained, I fixed it, and unfortunately pushed too early.
rapi.testutils: Add utility to format HTTP headers
Once again this will be used by forthcoming RAPI test.
rapi.testutils: Return headers from mock utility
A newly added test for RAPI will also verify the returned headers. Atest in ganeti.rapi.client_unittest.py is split into smaller stand-alonetests.
http: Add wrapper for mimetools.Message
A newly added piece of code will also have to parse headers, so havingthis wrapper saves us from copying this part of code.
Add missing tests for commit f0d2286
Commit f0d2286 changed the logic ofgnt_instance._ConvertNicDiskModifications to also allow a parameternamed “modify”. Unfortunately the corresponding unittest was notupdated. An “if”/“else” condition is also merged....
workerpool: Use itertools.count instead of manual counting
Instead of having to explicitely increment the value (“… += 1”), a callto next() is enough. These numbers should in no case be re-used (theyare used for ordering tasks). Using “itertools.count” is useful here as...
Merge branch 'devel-2.6' into submit
Conflicts: Makefile.am (reordering, fixed) htools/Ganeti/Confd/Server.hs (hlint fixes on master) htools/Ganeti/Daemon.hs (hlint)...
Signed-off-by: Iustin Pop <iustin@google.com>Reviewed-by: Michael Hanselmann <hansmi@google.com>
Use SSH_LOGIN_USER rather than root for xl ssh
Signed-off-by: Guido Trotter <ultrotter@google.com>Reviewed-by: Michael Hanselmann <hansmi@google.com>Reviewed-by: Iustin Pop <iustin@google.com>
Fix gnt-instance console with xl
- Rename xm-console-wrapper to xen-console-wrapper- Pass the xen command to use as a parameter
Signed-off-by: Guido Trotter <ultrotter@google.com>Reviewed-by: Iustin Pop <iustin@google.com>
Add utility to check if file is executable
This replaces direct calls to “os.access” and“os.path.exists”/“os.path.isfile”.
Signed-off-by: Michael Hanselmann <hansmi@google.com>Reviewed-by: Guido Trotter <ultrotter@google.com>Reviewed-by: Iustin Pop <iustin@google.com>
Fix NameError in constants.py introduced in merge 46c1f82
Conflicts: lib/hypervisor/hv_xen.py: trivial
Signed-off-by: Guido Trotter <ultrotter@google.com>...
Signed-off-by: Guido Trotter <ultrotter@google.com>Reviewed-by: Bernardo Dal Seno <bdalseno@google.com>...
Disable E1101 on ganeti/http/server.py:424
Fix live migration under xl
Until now the only way to make live migration work in conjunction with"xl" was to add ssh known_hosts keys for every node's secondary ip onevery other node.
With this command we remove the target key verification: this is not...
Don't check for xend port when using xl
If the toolstack is set to "xl" we shouldn't ping xend for livenessbefore attempting a live migration.
utils.io: Improve handling of double and single slashes
Up until now “IsBelowDir("/", …)” would never return True. The reasonwas that an additional slash was added to the root path resulting in“//", which is “implementation-defined” in posix and treated specially...
workerpool: Don't mask variable in AddManyTasks
The name “priority” is already used.
workerpool: Simplify _WaitForTaskUnlocked
The function in is simplified in its structure and duplicated checkshave been merged.
cli.py: use None as name for tag operations on the cluster
This change is mostly cosmetic. Previously, the literal "cluster" wasused for the 'name' field of tag operations on the cluster (as opposedto a node or an instance). Since this field has a type of TMaybeString...
Fix previous merge
A call to _CalculateGroupIPolicy wasn't refactored during the merge.
Signed-off-by: Bernardo Dal Seno <bdalseno@google.com>Reviewed-by: Michael Hanselmann <hansmi@google.com>
jqueue: Return jobs to queue when shutting down
When a job is still waiting for locks and the queue is shutting down,they should be returned and not actually start processing. Until nowjobs which transitioned from “queued” to “waiting” were alreadyconsidered to be running as far as the shutdown code was concerned....
gnt-debug delay: Add "--submit" option
Make hostname checks uniform between instance rename and add
Currently, we have instance rename doing extra checks on the hostname, to prevent accidental wrong renames; however, instance createdoesn't do these checks (issue 291), which (if DNS is misconfigured)...
Improve logging of new job submissions
This addresses issue 290: when receiving new jobs, logging isincomplete, and we don't have the job ID and/or summarieslogged. Only later, when the job is queried for or being processed, weknow more.
This is not good when troubleshooting, so let's improve the initial...
Improve handling of lock exceptions
There are two issues with lock exceptions right now:
- first, we don't log the original error; this is fine for now (locking.py always returns the same error here), but in general is brittle: if locking.py would start returning more information, we'd...
Fix runtime memory increases
Commit 2c0af7da which added the runtime memory changes functionalityhad a small typo (wrong name); I've rewritten this to only compute thedelta once, for simplicity.
Fix validation of vgname in OpClusterSetParams
This variable can be empty, when we want to disable LVM, so we can'tuse TMaybeString.
Fixes issue 285.
Fix removal of storage directory on shared file storage
This patch makes _RemoveDisks symmetric to _CreateDisks with respectto file-based storage: _CreateDisks uses "in constants.DTS_FILEBASED",whereas _RemoveDisks was not update and only uses "==constants.DT_FILE". This results in stale directories left on the...
Switch non-redundant check to disk template-based
Currently, the warning/notice about non-redundant instances in clusterverify is based non empty secondaries list (how old is this?); theproper way to check this nowadays is via DTS_MIRRORED.
Signed-off-by: Iustin Pop <iustin@google.com>...
Fix permission for socket directory
The directory must we writable also by the confd daemon user.
Signed-off-by: Bernardo Dal Seno <bdalseno@google.com>Reviewed-by: Iustin Pop <iustin@google.com>
Add option to force master-failover without voting
This fixes issue 282.
Signed-off-by: Iustin Pop <iustin@google.com>Reviewed-by: Bernardo Dal Seno <bdalseno@google.com>
backend: Switch to new file storage directory verification
The configuration is no longer used for verifying file storage paths.
Check allowed file storage paths during cluster-verify
Some paths, such as /bin or /usr/lib, should not be used for filestorage. This patch implements a check during cluster verification tofail in case such a path has been used.
Signed-off-by: Michael Hanselmann <hansmi@google.com>...
Make Paramiko an optional dependency for listrunner
With the move away from “setup-ssh”, Paramiko is no longer necessary toconfigure SSH on nodes.
Remove setup-ssh
It has been superseeded by “prepare-node-join”.
gnt-node add: Use prepare-node-join
This patch changes “gnt-node add” to use the newly added“prepare-node-join” tool. Hereby Paramiko is no longer a hard dependencyfor setting up SSH on nodes.
In “gnt_cluster.py”, a positional parameter is no longer passed as a...
prepare-node-join: Use ssh.GetAllUserFiles
Instead of building the dictionary locally, the global version in“ssh.py” can be used.
ssh: Add function to get all of user's SSH files
This new function returns the file paths for all of a user's SSH-relatedfiles (RSA, DSA and authorized_keys).
RunCmd: Support standard input file descriptor
This patch changes “utils.RunCmd” to accept a file-like object or anumeric file descriptor which will be used as the command's standardinput. One use-case will be to pass all necessary data to“prepare-node-join”....
Factorize job selection in “gnt-job cancel”
This will also be used for changing jobs' priorities. All parameters tothe common function are non-optional.
utils.x509: Factorize code to extract X509 certificate
This will be useful in “gnt-node add”.
prepare_node_join: Move daemon SSH files to constants
This dictionary will also be useful in “gnt-node add”.
prepare-node-join: Swap private and public keys
Other places, such as “ssh.GetUserFiles”, use a structure where theprivate key comes before the private key. Until now prepare-node-joindid the opposite, that is the public key came first. To avoid confusion...
prepare-node-join: Use public key directly for auth…_keys
A public key already includes the necessary prefix (“ssh-rsa” or“ssh-dss”), so there is no need to add it again.
ssh.GetUserFiles: Parameter to disable directory check
Without this parameter, either an error would be raised or “.ssh” wouldhave to be created. Now it is possible to retrieve the paths withoutrequiring the “.ssh” directory to exist.
Update instance modify message
Currently the message does not say explicitly that instance-initiatedreboots are useless to trigger the use of new parameters, per thethread on the user mailing list. Let's improve it a bit.
Errors.hs: improve field names for ConfigVersionMismatch
Change {exp,act}Code to {exp,act}Ver, which gives a better idea thatthe integer fields represent version numbers.
Also:
- errors.py: update OpPrereqError's docstring to note that an error code is always expected as the second argument (it was previously...
Remove unused cache implementation
Note that this commit has no Makefile.am changes, as the files werenot actually used. So it's better to actually remove them.
bdev: Remove unused import of itertools
Signed-off-by: Michael Hanselmann <hansmi@google.com>Reviewed-by: Michele Tartara <mtartara@google.com>
bdev: Add verification for file storage paths
An earlier version of this patch series verified all paths in cmdlib inthe master daemon. With this change all that verification code is movedto bdev to run inside the node daemon. The checks are much stricter...
jqueue: Factorize code to modify job
A new function will be added to change a job's priority.
cli: Use callback for --priority
If the option is used elsewhere, the numeric value is directlyavailable.
jqueue: Add docstring for _DetermineJobDirectories
Somehow this was missed in commit 0422250e.
Signed-off-by: Michael Hanselmann <hansmi@google.com>Reviewed-by: Helga Velroyen <helgav@google.com>
jqueue: Fix comments in _SubmitJobUnlocked
Drop SSHS_FORCE constant
It is not actually used.
Improve logging of AssertionErrors
Currently, when we have an assertion error raised from cmdlib, it looks like this:
[cluster] root@node4:~# gnt-instance grow-disk instance1 0 1G Failure: command execution error:
This is very very confusing. This patch adds a bit of traceback...
tools.prepare_node_join: Fix pep8 errors
Pep8 didn't agree with the indentation.
Add initial implementation of prepare-node-join
This is a new tool as per the design document “design-ssh-setup”. Itreceives a JSON data structure on its standard input and configures theSSH daemon and root's SSH keys accordingly. Unit tests are included....
ssh.GetUserFiles: RSA support, unit tests
This patch changes “ssh.GetUserFiles” to support two different kinds ofSSH keys, RSA and DSA. Before it would always use DSA. Newly writtenunit tests are included.
Update blockdev's "info" at instance rename
Currently, we set "info" metadata on block devices at device creationtime, but we never update it, leading to stale data in case ofinstance renames. This would not be a big problem in case of regularrenames (assuming this is a rare operation), but importing instances...
LVM: remove old tags when adding new ones
This patch adds a small helper function to clear an LV's tags, andcalls it at SetInfo time. We need this to be able to correctly trackinstance renames, once we will call SetInfo at such times.
Add a small bdev helper function
I wanted to write that snippet the third time, which is too much :)
Fix disk adoption interaction with ipolicy checks
In Ganeti 2.6, disk adoption is broken due to the ipolicy checks beingdone before we read volume size from remote nodes. We fix this bysimply moving these checks to after the disk adoption code whichupdates the disk size; it's not that nice that we fail a (almost)...
Compare significant fields only for simple SSH keys
For simple SSH keys, that is those without options such as“command="…"”, only the first two parts need to be compared. The thirdfield is a free-form comment.
This patch changes the comparison used in...
ensure-dirs: Don't accept arguments
Before they would just be silently ignored.
ensure-dirs: Fix program name on usage screen
No string replacements are used, so doubling of the percent sign is notnecessary.
Before: Usage: %ensure-dirs [--full-run]After: Usage: ensure-dirs [--full-run]
cli: Fix small typo
s/it/if/
Signed-off-by: Michael Hanselmann <hansmi@google.com>Reviewed-by: Dato Simó <dato@google.com>Reviewed-by: Helga Velroyen <helgav@google.com>
Group.hs: add 'allTags'; adjust loaders and test data for it
This commit adds a Group.allTags field to store the tags of node groups,and teaches each loader backend in HTools to populate it (additionally, theIAllocator class in lib/cmdlib.py now includes tags for groups too). Test...
Remove support for PUT in noded
This takes care of a FIXME; 2.6 already uses the new method, so we'regood during upgrades.
Ignore empty/comment lines in OS variants file
Per a conversation on ganeti@googlegroups.com:
- gnt-os diagnose ; gnt-os list take in consideration blank lines in /etc/ganeti/instance-image/variants.list that could be confusing.
Let's fix this and also let's ignore comment lines....
gnt-job cancel: Confirmation and selection of jobs
New parameters, “--pending”, “--queued” and “--waiting”, are added toselect all jobs in the respective state. If one of those options is usedand “--force” is not given, the user is asked to confirm the operation....