Revision d23ef431 lib/bootstrap.py
b/lib/bootstrap.py | ||
---|---|---|
71 | 71 |
f.close() |
72 | 72 |
|
73 | 73 |
|
74 |
def _InitGanetiServerSetup(ss):
|
|
74 |
def _InitGanetiServerSetup(): |
|
75 | 75 |
"""Setup the necessary configuration for the initial node daemon. |
76 | 76 |
|
77 | 77 |
This creates the nodepass file containing the shared password for |
78 | 78 |
the cluster and also generates the SSL certificate. |
79 | 79 |
|
80 |
Args: |
|
81 |
ss: A WritableSimpleStore |
|
82 |
|
|
83 | 80 |
""" |
84 | 81 |
# Create pseudo random password |
85 | 82 |
randpass = utils.GenerateSecret() |
86 |
# and write it into sstore |
|
87 |
ss.SetKey(ss.SS_NODED_PASS, randpass) |
|
83 |
|
|
84 |
# and write it into the config file |
|
85 |
utils.WriteFile(constants.CLUSTER_PASSWORD_FILE, |
|
86 |
data="%s\n" % randpass, mode=0400) |
|
88 | 87 |
|
89 | 88 |
result = utils.RunCmd(["openssl", "req", "-new", "-newkey", "rsa:1024", |
90 | 89 |
"-days", str(365*5), "-nodes", "-x509", |
... | ... | |
208 | 207 |
ss.SetKey(ss.SS_CONFIG_VERSION, constants.CONFIG_VERSION) |
209 | 208 |
|
210 | 209 |
# set up the inter-node password and certificate |
211 |
_InitGanetiServerSetup(ss)
|
|
210 |
_InitGanetiServerSetup() |
|
212 | 211 |
|
213 | 212 |
# set up ssh config and /etc/hosts |
214 | 213 |
f = open(constants.SSH_HOST_RSA_PUB, 'r') |
... | ... | |
276 | 275 |
""" |
277 | 276 |
cfg = ssconf.SimpleConfigReader() |
278 | 277 |
sshrunner = ssh.SshRunner(cfg) |
279 |
ss = ssconf.SimpleStore() |
|
280 |
gntpass = ss.GetNodeDaemonPassword() |
|
278 |
gntpass = utils.GetNodeDaemonPassword() |
|
281 | 279 |
if not re.match('^[a-zA-Z0-9.]{1,64}$', gntpass): |
282 | 280 |
raise errors.OpExecError("ganeti password corruption detected") |
283 | 281 |
f = open(constants.SSL_CERT_FILE) |
... | ... | |
302 | 300 |
"echo '%s' > '%s' && " |
303 | 301 |
"cat > '%s' << '!EOF.' && \n" |
304 | 302 |
"%s!EOF.\n%s restart" % |
305 |
(gntpass, ss.KeyToFilename(ss.SS_NODED_PASS),
|
|
303 |
(gntpass, constants.CLUSTER_PASSWORD_FILE,
|
|
306 | 304 |
constants.SSL_CERT_FILE, gntpem, |
307 | 305 |
constants.NODE_INITD_SCRIPT)) |
308 | 306 |
|
... | ... | |
326 | 324 |
new master. |
327 | 325 |
|
328 | 326 |
""" |
329 |
ss = ssconf.WritableSimpleStore()
|
|
327 |
cfg = ssconf.SimpleConfigWriter()
|
|
330 | 328 |
|
331 | 329 |
new_master = utils.HostInfo().name |
332 |
old_master = ss.GetMasterNode()
|
|
330 |
old_master = cfg.GetMasterNode()
|
|
333 | 331 |
|
334 | 332 |
if old_master == new_master: |
335 | 333 |
raise errors.OpPrereqError("This commands must be run on the node" |
... | ... | |
346 | 344 |
logging.error("could disable the master role on the old master" |
347 | 345 |
" %s, please disable manually", old_master) |
348 | 346 |
|
349 |
ss.SetKey(ss.SS_MASTER_NODE, new_master) |
|
347 |
cfg.SetMasterNode(new_master) |
|
348 |
cfg.Save() |
|
350 | 349 |
|
351 |
cfg = config.ConfigWriter()
|
|
350 |
# Here we have a phase where no master should be running
|
|
352 | 351 |
|
353 | 352 |
if not rpc.call_upload_file(cfg.GetNodeList(), |
354 |
ss.KeyToFilename(ss.SS_MASTER_NODE)):
|
|
353 |
constants.CLUSTER_CONF_FILE):
|
|
355 | 354 |
logging.error("could not distribute the new simple store master file" |
356 | 355 |
" to the other nodes, please check.") |
357 | 356 |
|
Also available in: Unified diff