/ - Diff - snf-ganeti - Greek Research and Technology Network's projects

     News
     ====
     Version 2.4.0 rc1
     -----------------
     *(unreleased)*
     - Moved ``rapi_users`` file into separate directory, now named
       ``…/ganeti/rapi/users``
     Version 2.3.0 rc1
     -----------------

       _ensure_dir ${DATADIR}/queue 0700 "$(_fileset_owner masterd)"
       _ensure_dir ${DATADIR}/queue/archive 0700 "$(_fileset_owner masterd)"
       _ensure_dir ${DATADIR}/uidpool 0750 "$(_fileset_owner noded)"
       _ensure_dir ${DATADIR}/rapi 0750 "$(_fileset_owner rapi)"
       # We ignore these files if they don't exists (incomplete setup)
       _ensure_file ${DATADIR}/cluster-domain-secret 0640 \
-...
       _ensure_file ${DATADIR}/hmac.key 0440 "$(_fileset_owner confd)" || :
       _ensure_file ${DATADIR}/known_hosts 0644 "$(_fileset_owner masterd)" || :
       _ensure_file ${DATADIR}/rapi.pem 0440 "$(_fileset_owner rapi)" || :
       _ensure_file ${DATADIR}/rapi_users 0640 "$(_fileset_owner rapi)" || :
       _ensure_file ${DATADIR}/rapi/users 0640 "$(_fileset_owner rapi)" || :
       _ensure_file ${DATADIR}/server.pem 0440 "$(_fileset_owner masterd)" || :
       _ensure_file ${DATADIR}/queue/serial 0600 "$(_fileset_owner masterd)" || :

     -------------------
     ``ganeti-rapi`` reads users and passwords from a file (usually
     ``/var/lib/ganeti/rapi_users``) on startup. Changes to the file will be
     ``/var/lib/ganeti/rapi/users``) on startup. Changes to the file will be
     read automatically.
     Each line consists of two or three fields separated by whitespace. The

     WATCHER_PAUSEFILE = DATA_DIR + "/watcher.pause"
     INSTANCE_UPFILE = RUN_GANETI_DIR + "/instance-status"
     SSH_KNOWN_HOSTS_FILE = DATA_DIR + "/known_hosts"
     RAPI_USERS_FILE = DATA_DIR + "/rapi_users"
     RAPI_USERS_FILE = DATA_DIR + "/rapi/users"
     QUEUE_DIR = DATA_DIR + "/queue"
     DAEMON_UTIL = _autoconf.PKGLIBDIR + "/daemon-util"
     SETUP_SSH = _autoconf.TOOLSDIR + "/setup-ssh"

     modification operations require authentication, in the form of basic
     authentication.
     The users and their rights are defined in a file named rapi_users,
     located in the ``@LOCALSTATEDIR@/lib/ganeti`` directory. The users
     The users and their rights are defined in the
     ``@LOCALSTATEDIR@/lib/ganeti/rapi/users`` file. The users
     should be listed one per line, in the following format::
         username password options

         self.config_path = utils.PathJoin(self.tmpdir, "config.data")
         self.noded_cert_path = utils.PathJoin(self.tmpdir, "server.pem")
         self.rapi_cert_path = utils.PathJoin(self.tmpdir, "rapi.pem")
         self.rapi_users_path = utils.PathJoin(self.tmpdir, "rapi", "users")
         self.rapi_users_path_pre24 = utils.PathJoin(self.tmpdir, "rapi_users")
         self.known_hosts_path = utils.PathJoin(self.tmpdir, "known_hosts")
         self.confd_hmac_path = utils.PathJoin(self.tmpdir, "hmac.key")
         self.cds_path = utils.PathJoin(self.tmpdir, "cluster-domain-secret")
-...
         newcfg = self._LoadConfig()
         self.assertEqual(newcfg["version"], expversion)
       def testRapiUsers(self):
         self.assertFalse(os.path.exists(self.rapi_users_path))
         self.assertFalse(os.path.exists(self.rapi_users_path_pre24))
         utils.WriteFile(self.rapi_users_path_pre24, data="some user\n")
         self._TestSimpleUpgrade(constants.BuildVersion(2, 3, 0), False)
         self.assert_(os.path.islink(self.rapi_users_path_pre24))
         self.assert_(os.path.isfile(self.rapi_users_path))
         for path in [self.rapi_users_path, self.rapi_users_path_pre24]:
           self.assertEqual(utils.ReadFile(path), "some user\n")
       def testRapiUsers24AndAbove(self):
         self.assertFalse(os.path.exists(self.rapi_users_path))
         self.assertFalse(os.path.exists(self.rapi_users_path_pre24))
         os.mkdir(os.path.dirname(self.rapi_users_path))
         utils.WriteFile(self.rapi_users_path, data="other user\n")
         self._TestSimpleUpgrade(constants.BuildVersion(2, 3, 0), False)
         self.assert_(os.path.islink(self.rapi_users_path_pre24))
         self.assert_(os.path.isfile(self.rapi_users_path))
         for path in [self.rapi_users_path, self.rapi_users_path_pre24]:
           self.assertEqual(utils.ReadFile(path), "other user\n")
       def testRapiUsersExistingSymlink(self):
         self.assertFalse(os.path.exists(self.rapi_users_path))
         self.assertFalse(os.path.exists(self.rapi_users_path_pre24))
         os.symlink(self.rapi_users_path, self.rapi_users_path_pre24)
         utils.WriteFile(self.rapi_users_path_pre24, data="hello world\n")
         self._TestSimpleUpgrade(constants.BuildVersion(2, 2, 0), False)
         self.assert_(os.path.isfile(self.rapi_users_path))
         self.assert_(os.path.islink(self.rapi_users_path_pre24))
         for path in [self.rapi_users_path, self.rapi_users_path_pre24]:
           self.assertEqual(utils.ReadFile(path), "hello world\n")
       def testUpgradeFrom_2_0(self):
         self._TestSimpleUpgrade(constants.BuildVersion(2, 0, 0), False)
       def testUpgradeFrom_2_1(self):
         self._TestSimpleUpgrade(constants.BuildVersion(2, 1, 0), False)
       def testUpgradeFrom_2_2(self):
         self._TestSimpleUpgrade(constants.BuildVersion(2, 2, 0), False)
       def testUpgradeFrom_2_3(self):
         self._TestSimpleUpgrade(constants.BuildVersion(2, 3, 0), False)
       def testUpgradeCurrent(self):
         self._TestSimpleUpgrade(constants.CONFIG_VERSION, False)
-...
       def testUpgradeDryRunFrom_2_1(self):
         self._TestSimpleUpgrade(constants.BuildVersion(2, 1, 0), True)
       def testUpgradeDryRunFrom_2_2(self):
         self._TestSimpleUpgrade(constants.BuildVersion(2, 2, 0), True)
       def testUpgradeDryRunFrom_2_3(self):
         self._TestSimpleUpgrade(constants.BuildVersion(2, 3, 0), True)
       def testUpgradeCurrentDryRun(self):
         self._TestSimpleUpgrade(constants.CONFIG_VERSION, True)

       options.SERVER_PEM_PATH = options.data_dir + "/server.pem"
       options.KNOWN_HOSTS_PATH = options.data_dir + "/known_hosts"
       options.RAPI_CERT_FILE = options.data_dir + "/rapi.pem"
       options.RAPI_USERS_FILE = options.data_dir + "/rapi/users"
       options.RAPI_USERS_FILE_PRE24 = options.data_dir + "/rapi_users"
       options.CONFD_HMAC_KEY = options.data_dir + "/hmac.key"
       options.CDS_FILE = options.data_dir + "/cluster-domain-secret"
-...
         raise Error("Configuration version %d.%d.%d not supported by this tool" %
                     (config_major, config_minor, config_revision))
       if os.path.isfile(options.RAPI_USERS_FILE_PRE24):
         logging.info("Found pre-2.4 RAPI users file at %s, renaming to %s",
                      options.RAPI_USERS_FILE_PRE24, options.RAPI_USERS_FILE)
         utils.RenameFile(options.RAPI_USERS_FILE_PRE24, options.RAPI_USERS_FILE,
                          mkdir=True, mkdir_mode=0750)
       # Create a symlink for RAPI users file
       if not os.path.islink(options.RAPI_USERS_FILE_PRE24):
         logging.info("Creating symlink from %s to %s",
                      options.RAPI_USERS_FILE_PRE24, options.RAPI_USERS_FILE)
         os.symlink(options.RAPI_USERS_FILE, options.RAPI_USERS_FILE_PRE24)
       try:
         logging.info("Writing configuration file to %s", options.CONFIG_DATA_PATH)
         utils.WriteFile(file_name=options.CONFIG_DATA_PATH,

Synnefo » snf-ganeti

Revision fdd9ac5b