Move cluster verification out of prepare-node-join
A new tool for configuring the node daemon will also have to verify thecluster name, so it's better to have this function in a central place.In the process of moving it to ssconf it is also changed to use...
ssconf: Verify file size when reading, add some tests
Until now ssconf would limit the amount read from files to 128 KiB andsilently ignored files larger than that. With this patch a check isadded by using fstat(2) on the file descriptor while it's being read....
Fix pylint error introduced in commit 9675661
Missing spaces around operator.
Signed-off-by: Michael Hanselmann <hansmi@google.com>Reviewed-by: Michele Tartara <mtartara@google.com>
ssconf: Small error message fixes
- Include filename in error message- s/ip/IP/- Stop using superfluous variable
Signed-off-by: Michael Hanselmann <hansmi@google.com>Reviewed-by: Guido Trotter <ultrotter@google.com>
Remove ssconf.SimpleConfigReader
Commit b0dcdc1 removed the last user of this class.
ssconf: Move class-level constants to module
There is no good reason why these two constants should be inside theclass. This patch moves them to the module so they can be used without“self”.
Fix network query for extra stats fields
Extend _GetNetworkStatsField() to accept 4 arguments.This fixes Issue 323.
Signed-off-by: Dimitris Aragiorgis <dimara@grnet.gr>Reviewed-by: Helga Velroyen <helgav@google.com>
Export UUID and serial no in network queries
Add uuid and serial_no to _NETWORK_SIMPLE_FIELDS in order to exportthem in network queries. Modify gnt-network to list them too.
Signed-off-by: Dimitris Aragiorgis <dimara@grnet.gr>Reviewed-by: Michael Hanselmann <hansmi@google.com>
ssconf: Remove unused regular expression
RE_VALID_SSCONF_NAME is not used anywhere.
Fix build after commit 9b7e05a
Commit 9b7e05a didn't quite work as expected: glm.is_owned expects alocking level, not a lock name.
Signed-off-by: Michael Hanselmann <hansmi@google.com>Reviewed-by: Helga Velroyen <helgav@google.com>
Factorize logging setup in tools
Most tools had their own “SetupLogging” function, but they were allessentially the same. This patch adds a generic version to “utils.log”and provides unit tests.
Factorize code to load and verify JSON
A new tool to configure the node daemon will also have to load andverify JSON data.
LUNodeQueryStorage: Use node allocation lock
Block instance allocations when all node locks will be acquired.
cmdlib: Don't pass processor to _ComputeNics
The execution context ID can be passed right away.
cmdlib.LUInstanceRename: Another assertion for BGL
Check whether the BGL is actually held instead of just testing“REQ_BGL”.
cmdlib: Stop using proc.Log*
The Log* functions are re-exported through the LU. Inline use of stringformatting (“%”) was converted to additional arguments to Log* (unlike“feedback_fn”, these functions support it). Some punctuation has beenremoved from messages, as well as some small re-wordings....
cmdlib: Use CommaJoin where appropriate
Don't use inline versions of CommaJoin.
LUNetwork*: Build dictionaries right away
… instead of constructing an object, only to fill it separately.
locking: Method to check if LockSet is fully acquired
A new method is added to check whether the LockSet-internal lock isheld. This is the case after LockSet.acquire was called withlocking.ALL_SET.
Unit tests are updated, including one where the list of names must be...
mcpu: Start locking at correct level
Commit 8716b1d added a new lock level, LEVEL_NODE_ALLOC. It is ahead ofLEVEL_INSTANCE. The latter was hardcoded in mcpu to be locked rightafter the BGL, effectively ignoring LEVEL_NODE_ALLOC.
Signed-off-by: Michael Hanselmann <hansmi@google.com>...
Add new lock level for node allocations
The new lock is similar to the BGL in the sense that it has its ownlevel and there is only one. It is called “node allocation lock”.Logical units will use it to synchronize with instance creations, whichin turn will start using opportunistic locks on nodes....
Fix network opcode parameters
Commit 32e3d8b1 (“opcodes: Network parameter improvements and fixes”)changed a few parameters in the network add, connect and set paramsopcodes, but some of the changes are buggy. The patch changed the typeto TMaybe(), whereas the default should have been changed from None to...
Introduce a TMaybe combinator
We have many cases in the code where we write TOr(TNone, a), so let'sintroduce a combinator that simplifies this case.
Beside replacing the above with TMaybe(a), I did a few other parameterfixes:
- noop change TOr(TNone, TDict) to TMaybeDict...
Replace dict() with {}
The network patches and an existing test added function-call baseddict construction as opposed to literal sintax.
Signed-off-by: Iustin Pop <iustin@google.com>Reviewed-by: Michele Tartara <mtartara@google.com>
Export network in FinalizeExport()
Signed-off-by: Dimitris Aragiorgis <dimara@grnet.gr>Signed-off-by: Iustin Pop <iustin@google.com>Reviewed-by: Iustin Pop <iustin@google.com>
Fix bug in OpNetworkQuery result check
Fix bug in network module
Signed-off-by: Dimitris Aragiorgis <dimara@grnet.gr>Signed-off-by: Iustin Pop <iustin@google.com>[iustin@google.com: slightly improved code flow]Reviewed-by: Iustin Pop <iustin@google.com>
Make ipolicy violations a warning
So far, when running 'gnt-cluster verify' on a cluster whichhas instances that violate the instance policy, thoseviolations were shown as an error. This patch makes them awarning.
Signed-off-by: Helga Velroyen <helgav@google.com>...
Small style fixes (' vs ") in network code
This is just trivial fixes; I think I caught all of them.
Signed-off-by: Iustin Pop <iustin@google.com>Reviewed-by: Guido Trotter <ultrotter@google.com>
Rename leftovers from remote to restricted commands
As per Iustin Pop's suggestion in <20121115131730.GX824@google.com> on<ganeti-devel@googlegroups.com>.
backend: Rename RunRemoteCommand to RunRestrictedCmd
Rename constants and directory for restricted commands
Rename configure option for restricted commands
It is no longer “--enable-remote-commands”, but rather“--enable-restricted-commands”.
Signed-off-by: Michael Hanselmann <hansmi@google.com>Reviewed-by: Iustin Pop <iustin@google.com>
Add command line interface for running commands remotely
This patch adds a new command, “gnt-node restricted-command”. Since thesemantics are different from “gnt-cluster command”, the same subcommandshouldn't be re-used.
The included man page update also includes a small description of how to...
Remove delayed iallocator call in TLReplaceDisks
By setting the “delay_iallocator” parameter one could delay the call tothe instance allocator. This was not used for some time now, but thecode was still there.
cmdlib: Merge duplicated code for TLMigrateInstance
LUInstanceFailover and LUInstanceMigrate use TLMigrateInstance and hadthe essentially same code for expanding names and declaring locks. InLUInstanceMigrate.ExpandNames there was a mistake which led to node...
Fix lint error about too many variables
Lint complains about too many variables in the CheckPrereqmethod. While I think that this method/class would needsome refactoring in general, at least this patch makes lintshut up for now.
Check ispecs against ipolicy on instance modify
When modifying an instance, so far the specs were not checked againstthe ipolicy. This patch fixes this issue.
Note that for backend parameters which have a minimum and a maximumvalue (currently only memory), it checks both limits against the...
locking.LockSet: Replace boolean parameter with constants
Upcoming changes will add opportunistic locking to “locking.LockSet”.Doing so will require additional code in “LockSet.__acquire_inner”, atwhich point the existing “want_all” parameter does not always apply....
network: Style updates
- Quote characters- Docstrings
ht: Complain if TNone isn't listed first for TOr/TAnd
Some type descriptions are rather long. If "None" is listed at the endor somewhere in between it is easily missed. Therefore it should be atthe beginning, e.g. "None or (long description)".
opcodes: Network parameter improvements and fixes
- Use variables for checks for IP addresses (makes them more consistent, too)- Fix checks to accept default values- Small description improvements (e.g. s/IP/IP address/)
Merge branch 'devel-2.6'
Merge branch 'stable-2.6' into devel-2.6
locking: Use frozenset instead of utils.UniqueSequence
In this case “frozenset” is good enough as the result's order doesn'tmatter--it is the input to “sorted” (“utils.UniqueSequence” preservesthe order). “frozenset” is ca. 25% faster for this use-case....
Move _BuildNetworkEnv() at top-level
Signed-off-by: Dimitris Aragiorgis <dimara@grnet.gr>Reviewed-by: Iustin Pop <iustin@google.com>
Use bitarray 0.8 interface
Minor fix in query.py
Minor fix in ovf
Fix a few docstrings
Simplify GenerateFree in network module
GenerateFree now returns the first available IP in the networkor raises AddressPoolError if it is full.
Replace string values with proper constants
_UnlockedCommitIp is used either for releasing or reserving anIP inside a network. New constants RELEASE_ACTION/RESERVE_ACTIONare used to decide which is the case.
Signed-off-by: Dimitris Aragiorgis <dimara@grnet.gr>...
Add docstring to the GetECReserved config method
Simplify mac generation funtions
Introduce new config method _UnlockedGetNetworkMACPrefix and refactororiginal _GenerateOneMAC so that it takes prefix as an optionalargument and returns a function that actually generates a MAC. Ifprefix is not given or None it uses the cluster level default....
Fix _ComputeNics to include network slot
This bug was introduced after rebasing master branch.
Fixes to pass py-apidoc (make commit-check)
Fixes to pass pep8 (make lint)
Fixes to pass pylint (make lint)
Fixes to pass unittests (make check)
Check for existing networks/groups in Network LUs
Add tags in network objects
Support: - gnt-network add --tags. - gnt-network list-tags/add-tags/remove-tags/. - gnt-network list -o +tags
Change default fields for network listing
Pass detailed network info in hooks
Pass netinfo in rpcs
If a nic has a network field then encapsulate a network object innetinfo slot for every rpc. This is needed to pass network info toscripts managing nics (kvm-vif-bridge).
Introduce _BuildNetworkEnv().
Use network's mac prefix
Modify existing GenerateMAC so that it takes network as an argument.
Substitute _GenerateOneMAC with a decorator _GenerateMACPrefix thatchooses the prefix (network's or cluster's) and wraps_GenerateMACSuffix that generates the three remaining bytes....
Rapi support for networks
Support: - GetNetwork(s) - CreateNetwork - ConnectNetwork - DisconnectNetwork - RemoveNetwork
ss_conf support for networks
Signed-off-by: Apollon Oikonomopoulos <apollon@noc.grnet.gr>Signed-off-by: Dimitris Aragiorgis <dimara@grnet.gr>Reviewed-by: Iustin Pop <iustin@google.com>
Introduce client support for networks
gnt-network is used to manipulate and handle networks that currentlyprovides the following operations:
Modify instance client to support networks
Add --no-conflicts-check option.Modify instance query methods to return nic's network info.
Peripheral changes for networks
Specifically: * export a new environment variable for the gnt-os-interface * export a new environment variable for KVM specific scripts * ovf support for networks
Signed-off-by: Apollon Oikonomopoulos <apollon@noc.grnet.gr>...
Modify LUInstanceSetParams() to support networks
Keep backwards compatibility just like LUInstanceCreate() and supportnetwork parameter for NIC object.
Add ec_id argument in Update() to be able to commit temporary IPs thatwere previously reserved.
Modify RemoveInstance() to support networks
Release any IPs held the instance before actually removing.
Modify LUInstanceCreate to support networks
Implement backend support, to export the IP pool managementfunctionality to the clients. When the new NIC parameter 'network' isgiven, the ippool management system is triggered. If a NIC belongs toa network, it inherits the netparams (mode, link) as its nicparams. If...
Config methods for reserving/releasing IPs
Use TemporaryReservationManager for IP handling to ensure config dataconsistency.
Implement: - methods for reserving/releasing IPs - _UnlockedCommitTemporaryIps() - CheckIPInNodeGroup() used for conflicting IPs...
Implement network/nodegroup mappings
LUNetworkConnect() connects a network to a nodegroup and definesits netparams (mode and link). Specifically: * Check if network already exists * Check if netparams are valid * Check if already connected to the same nodegroup...
Implement LUNetworkSetParams
Support modifying all network parameters except for network (iprange). Cannot modify gateway and reserved ips at the same time.
Implement LUNetworkQuery
Summarily list all existing networksSupply detailed info for every existing network - List used/free IPs - List instances with NICs assigned to the corresponding network - List NIC index and IP for the above instances
Implement complementary config methods for retrieving networks....
Basic IP pool management logic
Implement LUs for corresponding opcodes: * LUNetworkAdd: - Check for IP validity - Reserves all necessary IPs - Create new Network config object * LUNetworkRemove: - Checks if connected to any nodegroup - Remove a Network config object...
Introduce new module for IP pool management
Add new library module lib/network.py.Introduce new class: AddressPool.
AddressPool implements all operations needed for managing IPs insidethe IP pool.
Given a Network config object (nobj), the class:
IP pool related objects, opcodes and constants
Config objects: * Introduce L{Network} with - IPv4 network field (mandatory) - IPv4 gateway, IPv6 (network/gateway), mac prefix, type (optional) * Modify existing config objects to support networks: - Add new slot 'network' to L{NIC} config object...
Improve error message for wrong opcode parameter values
When given an empty string as value to a parameter that doesn't acceptempty strings, the error message was confusing, since it was showingjust as a double space.
Signed-off-by: Iustin Pop <iustin@google.com>...
Cleanup ht's use of positive/strictpositive
Currently, ht.py uses a bad terminology for positive/non-negativenumbers. Per http://en.wikipedia.org/wiki/Positive_number, this is thecorrect terminology:
- A number is positive if it is greater than zero.- A number is negative if it is less than zero....
locking: Simplify condition
Fix opcode validation for OpOobCommand.command
The 'command' attribute of the OpOobCommand command is defined with adefault value of None, but its validation requires a member ofconstants.OOB_COMMANDS, which doesn't accept None. This result in thefollowing error when submitting an opcode without the command:...
Add opcode for running commands remotely
The opcode doesn't pay attention to the build-time flag to enable ordisable restricted commands. In a cluster different nodes could havedifferent settings.
Node locks are acquired in shared mode by default, but the use of an...
Add RPC for restricted commands
Expose the functionality to run restricted commands remotely via RPC.
Signed-off-by: Michael Hanselmann <hansmi@google.com>Reviewed-by: Guido Trotter <ultrotter@google.com>Reviewed-by: Iustin Pop <iustin@google.com>
locking: Don't schedule pending acq. for short timeout
Scheduling a pending acquisition is relatively expensive and lot of codeis involved. Unless there is already one, a new pipe needs to be opened.Data structures need to be updated as well, only to be undone shortly...
backend: Implement remote commands
As per design document (doc/design-remote-commands.rst), a number ofrather strict tests is applied to any incoming request, a delay isinserted upon errors and returned error messages are very generic(unless it's the actual command that failed). There are unit tests for...
configure: Add option to enable remote commands
By default remote commands are disabled and need to be explicitelyenabled at build time.
rapi: Add new user option for querying
This was requested in issue 301. Before this patch, requests to“/2/query/*” and “/2/instances/*/console” would require authenticationwith a user with write access. Since that is not strictly necessary, anew user option named “read” is added....
Move gnt_cluster.SHOW_MACHINE_OPT to cli
This allows the option to be re-used in other places.
Warn on invalid lines in HTTP user files
Without this change, invalid lines or values would be silently ignored.
pathutils: Add directory for remote commands
Also add tests to ensure it's never allowed as a file storage path. Aconstant for the lock file is also added.
utils.process.RunResult: Always set "fail_reason" attribute
Add “gnt-job change-priority” sub-command
This can be used to change the priority of a pending or running job (thelatter only if there are unprocessed opcodes).
Signed-off-by: Michael Hanselmann <hansmi@google.com>Reviewed-by: Bernardo Dal Seno <bdalseno@google.com>
Expose changing job priority via LUXI
A new LUXI request is added, in both Python and Haskell.
Signed-off-by: Michael Hanselmann <hansmi@google.com>Reviewed-by: Bernardo Dal Seno <bdalseno@google.com>Reviewed-by: Iustin Pop <iustin@google.com>
jqueue: Allow changing of job priority
This is due to a feature request. Sometimes one wants to change thepriority of a job after it has been submitted, e.g. after submitting animportant job only to later notice many other pending jobs which will beprocessed first. Priority changes only take effect at the next lock...
jqueue: Set task ID for jobs added to workerpool
The job ID is re-used as the task ID, as job IDs are unique.
workerpool: Preserve task number when deferring
When a task is deferred it should receive the same task ID upon beingreturned to the pool.
workerpool: Add method to change task's priority
Using the task ID a pending task's priority can be changed. This will beused to change the priority of jobs in the workerpool.