Statistics
| Branch: | Tag: | Revision:

root / lib / utils @ ab4b1cf2

Name Size
__init__.py 24 kB
algo.py 7.3 kB
filelock.py 5 kB
hash.py 2.4 kB
io.py 30 kB
log.py 9.5 kB
lvm.py 2.8 kB
mlock.py 2.3 kB
nodesetup.py 3.4 kB
process.py 30.1 kB
retry.py 6.2 kB
security.py 4.9 kB
storage.py 5.9 kB
text.py 17.4 kB
version.py 5 kB
wrapper.py 5.3 kB
x509.py 12.3 kB

Latest revisions

# Date Author Comment
ab4b1cf2 02/14/2014 03:51 pm Helga Velroyen

Use node UUID as client certificate serial number

It turns out, that some implementations of OpenSSL are more
pedantic in checking the certficates than others. In this
particular case, the SSL connection could not be
established when the serial number of the certificates...

306b855a 01/13/2014 07:43 pm Jose A. Lopes

Add helper function to tell if a daemon is alive

Add helper function 'utils.IsDaemonAlive' to tell if a daemon is alive
by name. This function will be necessary for the KVM hypervisor to
determine if the KVM daemon is running and otherwise start it.

Signed-off-by: Jose A. Lopes <>...

9b85ede9 01/13/2014 12:08 pm Klaus Aehlig

Add utility to compare versions

This will be needed, e.g., for post-upgrade task, as they
have to decide whether a feature was not yet present at
the version started from.

Signed-off-by: Klaus Aehlig <>
Reviewed-by: Hrvoje Ribicic <>

a6c43c02 12/20/2013 03:15 pm Helga Velroyen

Verify client certificates

This patch adds a step to 'gnt-cluster verify' to verify
the existence and validity of the nodes' client
certificates. Since this is a crucial point of the
security concept, the verification is very detailed with
expressive error messages and well tested by unit tests....

b3cc1646 12/20/2013 03:15 pm Helga Velroyen

Verify incoming RPCs against candidate map

From this patch on, incoming RPC calls are checked against
the map of valid master candidate certificates. If no map
is present, the cluster is assumed to be in
bootstrap/upgrade mode and compares the incoming call...

60cc531d 12/20/2013 03:15 pm Helga Velroyen

Create client SSL certificates on cluster init

This patch makes Ganeti create a client SSL certificate for
the master node on cluster initialization. Note that some of
the code in this patch is later moved into an LU to serve
requirements for crypto renewal and updates, but for this...

b544a3c2 12/20/2013 03:15 pm Helga Velroyen

Retrieve a node's certificate digest

In various cluster operations, the master node needs to
retrieve the digest of a node's SSL certificate. For this
purpose, we add an RPC call to retrieve the digest. The
function is designed in a general way to make it possible...

3338a9ce 12/20/2013 03:15 pm Helga Velroyen

Utility functions to manipulate the candidate map

This patch adds a couple of utility functions to manipulate
the map of master candidate SSL certificate digests.

Signed-off-by: Helga Velroyen <>
Reviewed-by: Hrvoje Ribicic <>

5a904197 12/17/2013 06:12 pm Santi Raffa

Gluster: add the Shared File storage type

The shared file and gluster disk templates should not report their disk
space information like file does, because they do not behave the same.

If a cluster pulls from the same, shared source of storage then it is...

ac156ecd 12/17/2013 06:12 pm Santi Raffa

Gluster: use ssconf value for mountpoint directory

Gluster still does not mount anything autonomously, but this commit
changes where Gluster expects its mountpoint to be.

Signed-off-by: Santi Raffa <>
Signed-off-by: Thomas Thrainer <>...

View revisions

Also available in: Atom