cmdlib.py 443 KB
Newer Older
Iustin Pop's avatar
Iustin Pop committed
1
#
Iustin Pop's avatar
Iustin Pop committed
2
3
#

4
# Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Google Inc.
Iustin Pop's avatar
Iustin Pop committed
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
# General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
# 02110-1301, USA.


22
"""Module implementing the master-side code."""
Iustin Pop's avatar
Iustin Pop committed
23

Iustin Pop's avatar
Iustin Pop committed
24
# pylint: disable-msg=W0201,C0302
25
26
27

# W0201 since most LU attributes are defined in CheckPrereq or similar
# functions
Iustin Pop's avatar
Iustin Pop committed
28

Iustin Pop's avatar
Iustin Pop committed
29
30
# C0302: since we have waaaay to many lines in this module

Iustin Pop's avatar
Iustin Pop committed
31
32
33
34
35
import os
import os.path
import time
import re
import platform
36
import logging
37
import copy
38
import OpenSSL
39
40
41
import socket
import tempfile
import shutil
42
import itertools
Iustin Pop's avatar
Iustin Pop committed
43
44
45
46
47

from ganeti import ssh
from ganeti import utils
from ganeti import errors
from ganeti import hypervisor
Guido Trotter's avatar
Guido Trotter committed
48
from ganeti import locking
Iustin Pop's avatar
Iustin Pop committed
49
50
from ganeti import constants
from ganeti import objects
51
from ganeti import serializer
52
from ganeti import ssconf
53
from ganeti import uidpool
54
from ganeti import compat
55
from ganeti import masterd
56
from ganeti import netutils
57
58
from ganeti import query
from ganeti import qlang
59
from ganeti import opcodes
60
from ganeti import ht
61
62

import ganeti.masterd.instance # pylint: disable-msg=W0611
63

Iustin Pop's avatar
Iustin Pop committed
64

65
66
67
68
69
70
71
72
73
74
75
76
77
def _SupportsOob(cfg, node):
  """Tells if node supports OOB.

  @type cfg: L{config.ConfigWriter}
  @param cfg: The cluster configuration
  @type node: L{objects.Node}
  @param node: The node
  @return: The OOB script if supported or an empty string otherwise

  """
  return cfg.GetNdParams(node)[constants.ND_OOB_PROGRAM]


78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
class ResultWithJobs:
  """Data container for LU results with jobs.

  Instances of this class returned from L{LogicalUnit.Exec} will be recognized
  by L{mcpu.Processor._ProcessResult}. The latter will then submit the jobs
  contained in the C{jobs} attribute and include the job IDs in the opcode
  result.

  """
  def __init__(self, jobs, **kwargs):
    """Initializes this class.

    Additional return values can be specified as keyword arguments.

    @type jobs: list of lists of L{opcode.OpCode}
    @param jobs: A list of lists of opcode objects

    """
    self.jobs = jobs
    self.other = kwargs


Iustin Pop's avatar
Iustin Pop committed
100
class LogicalUnit(object):
101
  """Logical Unit base class.
Iustin Pop's avatar
Iustin Pop committed
102
103

  Subclasses must follow these rules:
104
    - implement ExpandNames
105
106
    - implement CheckPrereq (except when tasklets are used)
    - implement Exec (except when tasklets are used)
Iustin Pop's avatar
Iustin Pop committed
107
    - implement BuildHooksEnv
108
    - implement BuildHooksNodes
Iustin Pop's avatar
Iustin Pop committed
109
    - redefine HPATH and HTYPE
110
    - optionally redefine their run requirements:
111
        REQ_BGL: the LU needs to hold the Big Ganeti Lock exclusively
112
113

  Note that all commands require root permissions.
Iustin Pop's avatar
Iustin Pop committed
114

115
116
117
  @ivar dry_run_result: the value (if any) that will be returned to the caller
      in dry-run mode (signalled by opcode dry_run parameter)

Iustin Pop's avatar
Iustin Pop committed
118
119
120
  """
  HPATH = None
  HTYPE = None
121
  REQ_BGL = True
Iustin Pop's avatar
Iustin Pop committed
122

Iustin Pop's avatar
Iustin Pop committed
123
  def __init__(self, processor, op, context, rpc):
Iustin Pop's avatar
Iustin Pop committed
124
125
    """Constructor for LogicalUnit.

Michael Hanselmann's avatar
Michael Hanselmann committed
126
    This needs to be overridden in derived classes in order to check op
Iustin Pop's avatar
Iustin Pop committed
127
128
129
    validity.

    """
Iustin Pop's avatar
Iustin Pop committed
130
    self.proc = processor
Iustin Pop's avatar
Iustin Pop committed
131
    self.op = op
Guido Trotter's avatar
Guido Trotter committed
132
    self.cfg = context.cfg
133
    self.glm = context.glm
Guido Trotter's avatar
Guido Trotter committed
134
    self.context = context
Iustin Pop's avatar
Iustin Pop committed
135
    self.rpc = rpc
136
    # Dicts used to declare locking needs to mcpu
137
    self.needed_locks = None
138
    self.share_locks = dict.fromkeys(locking.LEVELS, 0)
139
140
    self.add_locks = {}
    self.remove_locks = {}
141
142
    # Used to force good behavior when calling helper functions
    self.recalculate_locks = {}
143
    # logging
144
    self.Log = processor.Log # pylint: disable-msg=C0103
Iustin Pop's avatar
Iustin Pop committed
145
146
    self.LogWarning = processor.LogWarning # pylint: disable-msg=C0103
    self.LogInfo = processor.LogInfo # pylint: disable-msg=C0103
147
    self.LogStep = processor.LogStep # pylint: disable-msg=C0103
148
149
    # support for dry-run
    self.dry_run_result = None
150
151
152
153
    # support for generic debug attribute
    if (not hasattr(self.op, "debug_level") or
        not isinstance(self.op.debug_level, int)):
      self.op.debug_level = 0
154

155
    # Tasklets
156
    self.tasklets = None
157

158
159
    # Validate opcode parameters and set defaults
    self.op.Validate(True)
160

161
    self.CheckArguments()
Iustin Pop's avatar
Iustin Pop committed
162

163
164
165
166
167
168
169
170
171
  def CheckArguments(self):
    """Check syntactic validity for the opcode arguments.

    This method is for doing a simple syntactic check and ensure
    validity of opcode parameters, without any cluster-related
    checks. While the same can be accomplished in ExpandNames and/or
    CheckPrereq, doing these separate is better because:

      - ExpandNames is left as as purely a lock-related function
Michael Hanselmann's avatar
Michael Hanselmann committed
172
      - CheckPrereq is run after we have acquired locks (and possible
173
174
175
176
177
178
179
180
        waited for them)

    The function is allowed to change the self.op attribute so that
    later methods can no longer worry about missing parameters.

    """
    pass

181
182
183
184
185
186
  def ExpandNames(self):
    """Expand names for this LU.

    This method is called before starting to execute the opcode, and it should
    update all the parameters of the opcode to their canonical form (e.g. a
    short node name must be fully expanded after this method has successfully
Adeodato Simo's avatar
Adeodato Simo committed
187
    completed). This way locking, hooks, logging, etc. can work correctly.
188
189
190
191

    LUs which implement this method must also populate the self.needed_locks
    member, as a dict with lock levels as keys, and a list of needed lock names
    as values. Rules:
192
193
194
195
196

      - use an empty dict if you don't need any lock
      - if you don't need any lock at a particular level omit that level
      - don't put anything for the BGL level
      - if you want all locks at a level use locking.ALL_SET as a value
197

Guido Trotter's avatar
Guido Trotter committed
198
199
200
201
    If you need to share locks (rather than acquire them exclusively) at one
    level you can modify self.share_locks, setting a true value (usually 1) for
    that level. By default locks are not shared.

202
203
204
205
    This function can also define a list of tasklets, which then will be
    executed in order instead of the usual LU-level CheckPrereq and Exec
    functions, if those are not defined by the LU.

206
207
208
209
210
    Examples::

      # Acquire all nodes and one instance
      self.needed_locks = {
        locking.LEVEL_NODE: locking.ALL_SET,
211
        locking.LEVEL_INSTANCE: ['instance1.example.com'],
212
213
214
      }
      # Acquire just two nodes
      self.needed_locks = {
215
        locking.LEVEL_NODE: ['node1.example.com', 'node2.example.com'],
216
217
218
      }
      # Acquire no locks
      self.needed_locks = {} # No, you can't leave it to the default value None
219
220
221
222
223
224
225
226
227
228

    """
    # The implementation of this method is mandatory only if the new LU is
    # concurrent, so that old LUs don't need to be changed all at the same
    # time.
    if self.REQ_BGL:
      self.needed_locks = {} # Exclusive LUs don't need locks.
    else:
      raise NotImplementedError

Guido Trotter's avatar
Guido Trotter committed
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
  def DeclareLocks(self, level):
    """Declare LU locking needs for a level

    While most LUs can just declare their locking needs at ExpandNames time,
    sometimes there's the need to calculate some locks after having acquired
    the ones before. This function is called just before acquiring locks at a
    particular level, but after acquiring the ones at lower levels, and permits
    such calculations. It can be used to modify self.needed_locks, and by
    default it does nothing.

    This function is only called if you have something already set in
    self.needed_locks for the level.

    @param level: Locking level which is going to be locked
    @type level: member of ganeti.locking.LEVELS

    """

Iustin Pop's avatar
Iustin Pop committed
247
248
249
250
251
252
253
254
255
256
257
258
  def CheckPrereq(self):
    """Check prerequisites for this LU.

    This method should check that the prerequisites for the execution
    of this LU are fulfilled. It can do internode communication, but
    it should be idempotent - no cluster or system changes are
    allowed.

    The method should raise errors.OpPrereqError in case something is
    not fulfilled. Its return value is ignored.

    This method should also update all the parameters of the opcode to
259
    their canonical form if it hasn't been done by ExpandNames before.
Iustin Pop's avatar
Iustin Pop committed
260
261

    """
262
    if self.tasklets is not None:
263
      for (idx, tl) in enumerate(self.tasklets):
264
265
        logging.debug("Checking prerequisites for tasklet %s/%s",
                      idx + 1, len(self.tasklets))
266
267
        tl.CheckPrereq()
    else:
268
      pass
Iustin Pop's avatar
Iustin Pop committed
269
270
271
272
273
274
275
276
277

  def Exec(self, feedback_fn):
    """Execute the LU.

    This method should implement the actual work. It should raise
    errors.OpExecError for failures that are somewhat dealt with in
    code, or expected.

    """
278
    if self.tasklets is not None:
279
      for (idx, tl) in enumerate(self.tasklets):
280
        logging.debug("Executing tasklet %s/%s", idx + 1, len(self.tasklets))
281
282
283
        tl.Exec(feedback_fn)
    else:
      raise NotImplementedError
Iustin Pop's avatar
Iustin Pop committed
284
285
286
287

  def BuildHooksEnv(self):
    """Build hooks environment for this LU.

288
289
290
291
292
293
294
295
    @rtype: dict
    @return: Dictionary containing the environment that will be used for
      running the hooks for this LU. The keys of the dict must not be prefixed
      with "GANETI_"--that'll be added by the hooks runner. The hooks runner
      will extend the environment with additional variables. If no environment
      should be defined, an empty dictionary should be returned (not C{None}).
    @note: If the C{HPATH} attribute of the LU class is C{None}, this function
      will not be called.
Iustin Pop's avatar
Iustin Pop committed
296

297
298
    """
    raise NotImplementedError
Iustin Pop's avatar
Iustin Pop committed
299

300
301
  def BuildHooksNodes(self):
    """Build list of nodes to run LU's hooks.
Iustin Pop's avatar
Iustin Pop committed
302

303
304
305
306
307
308
309
    @rtype: tuple; (list, list)
    @return: Tuple containing a list of node names on which the hook
      should run before the execution and a list of node names on which the
      hook should run after the execution. No nodes should be returned as an
      empty list (and not None).
    @note: If the C{HPATH} attribute of the LU class is C{None}, this function
      will not be called.
Iustin Pop's avatar
Iustin Pop committed
310
311
312
313

    """
    raise NotImplementedError

314
315
316
317
318
319
320
321
322
  def HooksCallBack(self, phase, hook_results, feedback_fn, lu_result):
    """Notify the LU about the results of its hooks.

    This method is called every time a hooks phase is executed, and notifies
    the Logical Unit about the hooks' result. The LU can then use it to alter
    its result based on the hooks.  By default the method does nothing and the
    previous result is passed back unchanged but any LU can define it if it
    wants to use the local cluster hook-scripts somehow.

323
324
325
326
327
328
329
330
    @param phase: one of L{constants.HOOKS_PHASE_POST} or
        L{constants.HOOKS_PHASE_PRE}; it denotes the hooks phase
    @param hook_results: the results of the multi-node hooks rpc call
    @param feedback_fn: function used send feedback back to the caller
    @param lu_result: the previous Exec result this LU had, or None
        in the PRE phase
    @return: the new Exec result, based on the previous result
        and hook results
331
332

    """
333
334
335
    # API must be kept, thus we ignore the unused argument and could
    # be a function warnings
    # pylint: disable-msg=W0613,R0201
336
337
    return lu_result

338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
  def _ExpandAndLockInstance(self):
    """Helper function to expand and lock an instance.

    Many LUs that work on an instance take its name in self.op.instance_name
    and need to expand it and then declare the expanded name for locking. This
    function does it, and then updates self.op.instance_name to the expanded
    name. It also initializes needed_locks as a dict, if this hasn't been done
    before.

    """
    if self.needed_locks is None:
      self.needed_locks = {}
    else:
      assert locking.LEVEL_INSTANCE not in self.needed_locks, \
        "_ExpandAndLockInstance called with instance-level locks set"
353
354
355
    self.op.instance_name = _ExpandInstanceName(self.cfg,
                                                self.op.instance_name)
    self.needed_locks[locking.LEVEL_INSTANCE] = self.op.instance_name
356

357
  def _LockInstancesNodes(self, primary_only=False):
358
359
360
361
362
363
364
365
366
367
368
369
370
    """Helper function to declare instances' nodes for locking.

    This function should be called after locking one or more instances to lock
    their nodes. Its effect is populating self.needed_locks[locking.LEVEL_NODE]
    with all primary or secondary nodes for instances already locked and
    present in self.needed_locks[locking.LEVEL_INSTANCE].

    It should be called from DeclareLocks, and for safety only works if
    self.recalculate_locks[locking.LEVEL_NODE] is set.

    In the future it may grow parameters to just lock some instance's nodes, or
    to just lock primaries or secondary nodes, if needed.

371
    If should be called in DeclareLocks in a way similar to::
372

373
374
      if level == locking.LEVEL_NODE:
        self._LockInstancesNodes()
375

376
377
378
    @type primary_only: boolean
    @param primary_only: only lock primary nodes of locked instances

379
380
381
382
383
384
385
386
387
388
    """
    assert locking.LEVEL_NODE in self.recalculate_locks, \
      "_LockInstancesNodes helper function called with no nodes to recalculate"

    # TODO: check if we're really been called with the instance locks held

    # For now we'll replace self.needed_locks[locking.LEVEL_NODE], but in the
    # future we might want to have different behaviors depending on the value
    # of self.recalculate_locks[locking.LEVEL_NODE]
    wanted_nodes = []
389
    for instance_name in self.glm.list_owned(locking.LEVEL_INSTANCE):
390
391
      instance = self.context.cfg.GetInstanceInfo(instance_name)
      wanted_nodes.append(instance.primary_node)
392
393
      if not primary_only:
        wanted_nodes.extend(instance.secondary_nodes)
394
395
396
397
398

    if self.recalculate_locks[locking.LEVEL_NODE] == constants.LOCKS_REPLACE:
      self.needed_locks[locking.LEVEL_NODE] = wanted_nodes
    elif self.recalculate_locks[locking.LEVEL_NODE] == constants.LOCKS_APPEND:
      self.needed_locks[locking.LEVEL_NODE].extend(wanted_nodes)
399
400
401

    del self.recalculate_locks[locking.LEVEL_NODE]

Iustin Pop's avatar
Iustin Pop committed
402

Iustin Pop's avatar
Iustin Pop committed
403
class NoHooksLU(LogicalUnit): # pylint: disable-msg=W0223
Iustin Pop's avatar
Iustin Pop committed
404
405
406
407
408
409
410
411
412
  """Simple LU which runs no hooks.

  This LU is intended as a parent for other LogicalUnits which will
  run no hooks, in order to reduce duplicate code.

  """
  HPATH = None
  HTYPE = None

413
414
415
416
417
418
  def BuildHooksEnv(self):
    """Empty BuildHooksEnv for NoHooksLu.

    This just raises an error.

    """
419
420
421
422
423
424
425
    raise AssertionError("BuildHooksEnv called for NoHooksLUs")

  def BuildHooksNodes(self):
    """Empty BuildHooksNodes for NoHooksLU.

    """
    raise AssertionError("BuildHooksNodes called for NoHooksLU")
426

Iustin Pop's avatar
Iustin Pop committed
427

428
429
430
431
432
433
434
435
436
437
438
439
class Tasklet:
  """Tasklet base class.

  Tasklets are subcomponents for LUs. LUs can consist entirely of tasklets or
  they can mix legacy code with tasklets. Locking needs to be done in the LU,
  tasklets know nothing about locks.

  Subclasses must follow these rules:
    - Implement CheckPrereq
    - Implement Exec

  """
440
441
442
443
444
445
446
  def __init__(self, lu):
    self.lu = lu

    # Shortcuts
    self.cfg = lu.cfg
    self.rpc = lu.rpc

447
448
449
450
451
452
453
454
455
456
457
458
459
460
  def CheckPrereq(self):
    """Check prerequisites for this tasklets.

    This method should check whether the prerequisites for the execution of
    this tasklet are fulfilled. It can do internode communication, but it
    should be idempotent - no cluster or system changes are allowed.

    The method should raise errors.OpPrereqError in case something is not
    fulfilled. Its return value is ignored.

    This method should also update all parameters to their canonical form if it
    hasn't been done before.

    """
461
    pass
462
463
464
465
466
467
468
469
470
471
472
473

  def Exec(self, feedback_fn):
    """Execute the tasklet.

    This method should implement the actual work. It should raise
    errors.OpExecError for failures that are somewhat dealt with in code, or
    expected.

    """
    raise NotImplementedError


474
475
476
477
478
479
480
class _QueryBase:
  """Base for query utility classes.

  """
  #: Attribute holding field definitions
  FIELDS = None

481
  def __init__(self, filter_, fields, use_locking):
482
483
484
485
486
    """Initializes this class.

    """
    self.use_locking = use_locking

487
488
    self.query = query.Query(self.FIELDS, fields, filter_=filter_,
                             namefield="name")
489
    self.requested_data = self.query.RequestedData()
490
    self.names = self.query.RequestedNames()
491

492
493
494
    # Sort only if no names were requested
    self.sort_by_name = not self.names

495
496
497
498
499
500
501
502
    self.do_locking = None
    self.wanted = None

  def _GetNames(self, lu, all_names, lock_level):
    """Helper function to determine names asked for in the query.

    """
    if self.do_locking:
503
      names = lu.glm.list_owned(lock_level)
504
505
506
507
508
509
510
511
512
513
    else:
      names = all_names

    if self.wanted == locking.ALL_SET:
      assert not self.names
      # caller didn't specify names, so ordering is not important
      return utils.NiceSort(names)

    # caller specified names and we must keep the same order
    assert self.names
514
    assert not self.do_locking or lu.glm.is_owned(lock_level)
515
516
517
518
519
520
521
522
523

    missing = set(self.wanted).difference(names)
    if missing:
      raise errors.OpExecError("Some items were removed before retrieving"
                               " their data: %s" % missing)

    # Return expanded names
    return self.wanted

524
525
526
527
528
529
530
531
  def ExpandNames(self, lu):
    """Expand names for this query.

    See L{LogicalUnit.ExpandNames}.

    """
    raise NotImplementedError()

532
  def DeclareLocks(self, lu, level):
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
    """Declare locks for this query.

    See L{LogicalUnit.DeclareLocks}.

    """
    raise NotImplementedError()

  def _GetQueryData(self, lu):
    """Collects all data for this query.

    @return: Query data object

    """
    raise NotImplementedError()

  def NewStyleQuery(self, lu):
    """Collect data and execute query.

    """
552
553
    return query.GetQueryResponse(self.query, self._GetQueryData(lu),
                                  sort_by_name=self.sort_by_name)
554
555
556
557
558

  def OldStyleQuery(self, lu):
    """Collect data and execute query.

    """
559
560
    return self.query.OldStyleQuery(self._GetQueryData(lu),
                                    sort_by_name=self.sort_by_name)
561
562


563
def _GetWantedNodes(lu, nodes):
564
  """Returns list of checked and expanded node names.
565

566
567
568
569
570
571
  @type lu: L{LogicalUnit}
  @param lu: the logical unit on whose behalf we execute
  @type nodes: list
  @param nodes: list of node names or None for all nodes
  @rtype: list
  @return: the list of nodes, sorted
Iustin Pop's avatar
Iustin Pop committed
572
  @raise errors.ProgrammerError: if the nodes parameter is wrong type
573
574

  """
575
576
  if nodes:
    return [_ExpandNodeName(lu.cfg, name) for name in nodes]
577

578
  return utils.NiceSort(lu.cfg.GetNodeList())
579
580
581


def _GetWantedInstances(lu, instances):
582
  """Returns list of checked and expanded instance names.
583

584
585
586
587
588
589
590
591
  @type lu: L{LogicalUnit}
  @param lu: the logical unit on whose behalf we execute
  @type instances: list
  @param instances: list of instance names or None for all instances
  @rtype: list
  @return: the list of instances, sorted
  @raise errors.OpPrereqError: if the instances parameter is wrong type
  @raise errors.OpPrereqError: if any of the passed instances is not found
592
593
594

  """
  if instances:
595
    wanted = [_ExpandInstanceName(lu.cfg, name) for name in instances]
596
  else:
597
598
    wanted = utils.NiceSort(lu.cfg.GetInstanceList())
  return wanted
599
600


601
602
def _GetUpdatedParams(old_params, update_dict,
                      use_default=True, use_none=False):
603
604
605
606
607
608
609
610
  """Return the new version of a parameter dictionary.

  @type old_params: dict
  @param old_params: old parameters
  @type update_dict: dict
  @param update_dict: dict containing new parameter values, or
      constants.VALUE_DEFAULT to reset the parameter to its default
      value
611
612
613
614
615
616
  @param use_default: boolean
  @type use_default: whether to recognise L{constants.VALUE_DEFAULT}
      values as 'to be deleted' values
  @param use_none: boolean
  @type use_none: whether to recognise C{None} values as 'to be
      deleted' values
617
618
619
620
621
622
  @rtype: dict
  @return: the new parameter dictionary

  """
  params_copy = copy.deepcopy(old_params)
  for key, val in update_dict.iteritems():
623
624
    if ((use_default and val == constants.VALUE_DEFAULT) or
        (use_none and val is None)):
625
626
627
628
629
630
631
632
633
      try:
        del params_copy[key]
      except KeyError:
        pass
    else:
      params_copy[key] = val
  return params_copy


634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
def _ReleaseLocks(lu, level, names=None, keep=None):
  """Releases locks owned by an LU.

  @type lu: L{LogicalUnit}
  @param level: Lock level
  @type names: list or None
  @param names: Names of locks to release
  @type keep: list or None
  @param keep: Names of locks to retain

  """
  assert not (keep is not None and names is not None), \
         "Only one of the 'names' and the 'keep' parameters can be given"

  if names is not None:
    should_release = names.__contains__
  elif keep:
    should_release = lambda name: name not in keep
  else:
    should_release = None

  if should_release:
    retain = []
    release = []

    # Determine which locks to release
660
    for name in lu.glm.list_owned(level):
661
662
663
664
665
      if should_release(name):
        release.append(name)
      else:
        retain.append(name)

666
    assert len(lu.glm.list_owned(level)) == (len(retain) + len(release))
667
668

    # Release just some locks
669
    lu.glm.release(level, names=release)
670

671
    assert frozenset(lu.glm.list_owned(level)) == frozenset(retain)
672
673
  else:
    # Release everything
674
    lu.glm.release(level)
675

676
    assert not lu.glm.is_owned(level), "No locks should be owned"
677
678


679
680
681
682
683
684
685
686
687
688
689
690
def _RunPostHook(lu, node_name):
  """Runs the post-hook for an opcode on a single node.

  """
  hm = lu.proc.hmclass(lu.rpc.call_hooks_runner, lu)
  try:
    hm.RunPhase(constants.HOOKS_PHASE_POST, nodes=[node_name])
  except:
    # pylint: disable-msg=W0702
    lu.LogWarning("Errors occurred running hooks on %s" % node_name)


691
def _CheckOutputFields(static, dynamic, selected):
692
693
  """Checks whether all selected fields are valid.

Iustin Pop's avatar
Iustin Pop committed
694
  @type static: L{utils.FieldSet}
Iustin Pop's avatar
Iustin Pop committed
695
  @param static: static fields set
Iustin Pop's avatar
Iustin Pop committed
696
  @type dynamic: L{utils.FieldSet}
Iustin Pop's avatar
Iustin Pop committed
697
  @param dynamic: dynamic fields set
698
699

  """
Iustin Pop's avatar
Iustin Pop committed
700
  f = utils.FieldSet()
Iustin Pop's avatar
Iustin Pop committed
701
702
  f.Extend(static)
  f.Extend(dynamic)
703

Iustin Pop's avatar
Iustin Pop committed
704
705
  delta = f.NonMatching(selected)
  if delta:
706
    raise errors.OpPrereqError("Unknown output fields selected: %s"
707
                               % ",".join(delta), errors.ECODE_INVAL)
708
709


710
711
712
713
714
715
716
717
718
719
720
def _CheckGlobalHvParams(params):
  """Validates that given hypervisor params are not global ones.

  This will ensure that instances don't get customised versions of
  global params.

  """
  used_globals = constants.HVC_GLOBALS.intersection(params)
  if used_globals:
    msg = ("The following hypervisor parameters are global and cannot"
           " be customized at instance level, please modify them at"
721
           " cluster level: %s" % utils.CommaJoin(used_globals))
722
723
724
    raise errors.OpPrereqError(msg, errors.ECODE_INVAL)


725
def _CheckNodeOnline(lu, node, msg=None):
726
727
728
729
  """Ensure that a given node is online.

  @param lu: the LU on behalf of which we make the check
  @param node: the node to check
730
  @param msg: if passed, should be a message to replace the default one
731
  @raise errors.OpPrereqError: if the node is offline
732
733

  """
734
735
  if msg is None:
    msg = "Can't use offline node"
736
  if lu.cfg.GetNodeInfo(node).offline:
737
    raise errors.OpPrereqError("%s: %s" % (msg, node), errors.ECODE_STATE)
738
739


740
741
742
743
744
745
746
747
748
def _CheckNodeNotDrained(lu, node):
  """Ensure that a given node is not drained.

  @param lu: the LU on behalf of which we make the check
  @param node: the node to check
  @raise errors.OpPrereqError: if the node is drained

  """
  if lu.cfg.GetNodeInfo(node).drained:
749
    raise errors.OpPrereqError("Can't use drained node %s" % node,
750
751
752
753
754
755
756
757
758
759
760
761
762
763
                               errors.ECODE_STATE)


def _CheckNodeVmCapable(lu, node):
  """Ensure that a given node is vm capable.

  @param lu: the LU on behalf of which we make the check
  @param node: the node to check
  @raise errors.OpPrereqError: if the node is not vm capable

  """
  if not lu.cfg.GetNodeInfo(node).vm_capable:
    raise errors.OpPrereqError("Can't use non-vm_capable node %s" % node,
                               errors.ECODE_STATE)
764
765


Iustin Pop's avatar
Iustin Pop committed
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
def _CheckNodeHasOS(lu, node, os_name, force_variant):
  """Ensure that a node supports a given OS.

  @param lu: the LU on behalf of which we make the check
  @param node: the node to check
  @param os_name: the OS to query about
  @param force_variant: whether to ignore variant errors
  @raise errors.OpPrereqError: if the node is not supporting the OS

  """
  result = lu.rpc.call_os_get(node, os_name)
  result.Raise("OS '%s' not in supported OS list for node %s" %
               (os_name, node),
               prereq=True, ecode=errors.ECODE_INVAL)
  if not force_variant:
    _CheckOSVariant(result.payload, os_name)


784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
def _CheckNodeHasSecondaryIP(lu, node, secondary_ip, prereq):
  """Ensure that a node has the given secondary ip.

  @type lu: L{LogicalUnit}
  @param lu: the LU on behalf of which we make the check
  @type node: string
  @param node: the node to check
  @type secondary_ip: string
  @param secondary_ip: the ip to check
  @type prereq: boolean
  @param prereq: whether to throw a prerequisite or an execute error
  @raise errors.OpPrereqError: if the node doesn't have the ip, and prereq=True
  @raise errors.OpExecError: if the node doesn't have the ip, and prereq=False

  """
  result = lu.rpc.call_node_has_ip_address(node, secondary_ip)
  result.Raise("Failure checking secondary ip on node %s" % node,
               prereq=prereq, ecode=errors.ECODE_ENVIRON)
  if not result.payload:
    msg = ("Node claims it doesn't have the secondary ip you gave (%s),"
           " please fix and re-run this command" % secondary_ip)
    if prereq:
      raise errors.OpPrereqError(msg, errors.ECODE_ENVIRON)
    else:
      raise errors.OpExecError(msg)


811
812
813
814
815
816
817
def _GetClusterDomainSecret():
  """Reads the cluster domain secret.

  """
  return utils.ReadOneLineFile(constants.CLUSTER_DOMAIN_SECRET_FILE,
                               strict=True)

818

819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
def _CheckInstanceDown(lu, instance, reason):
  """Ensure that an instance is not running."""
  if instance.admin_up:
    raise errors.OpPrereqError("Instance %s is marked to be up, %s" %
                               (instance.name, reason), errors.ECODE_STATE)

  pnode = instance.primary_node
  ins_l = lu.rpc.call_instance_list([pnode], [instance.hypervisor])[pnode]
  ins_l.Raise("Can't contact node %s for instance information" % pnode,
              prereq=True, ecode=errors.ECODE_ENVIRON)

  if instance.name in ins_l.payload:
    raise errors.OpPrereqError("Instance %s is running, %s" %
                               (instance.name, reason), errors.ECODE_STATE)


835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
def _ExpandItemName(fn, name, kind):
  """Expand an item name.

  @param fn: the function to use for expansion
  @param name: requested item name
  @param kind: text description ('Node' or 'Instance')
  @return: the resolved (full) name
  @raise errors.OpPrereqError: if the item is not found

  """
  full_name = fn(name)
  if full_name is None:
    raise errors.OpPrereqError("%s '%s' not known" % (kind, name),
                               errors.ECODE_NOENT)
  return full_name


def _ExpandNodeName(cfg, name):
  """Wrapper over L{_ExpandItemName} for nodes."""
  return _ExpandItemName(cfg.ExpandNodeName, name, "Node")


def _ExpandInstanceName(cfg, name):
  """Wrapper over L{_ExpandItemName} for instance."""
  return _ExpandItemName(cfg.ExpandInstanceName, name, "Instance")


862
def _BuildInstanceHookEnv(name, primary_node, secondary_nodes, os_type, status,
863
                          memory, vcpus, nics, disk_template, disks,
Michael Hanselmann's avatar
Michael Hanselmann committed
864
                          bep, hvp, hypervisor_name):
865
866
867
868
869
870
871
872
873
874
875
876
  """Builds instance related env variables for hooks

  This builds the hook environment from individual variables.

  @type name: string
  @param name: the name of the instance
  @type primary_node: string
  @param primary_node: the name of the instance's primary node
  @type secondary_nodes: list
  @param secondary_nodes: list of secondary nodes as strings
  @type os_type: string
  @param os_type: the name of the instance's OS
877
878
  @type status: boolean
  @param status: the should_run status of the instance
879
880
881
882
883
  @type memory: string
  @param memory: the memory size of the instance
  @type vcpus: string
  @param vcpus: the count of VCPUs the instance has
  @type nics: list
884
885
  @param nics: list of tuples (ip, mac, mode, link) representing
      the NICs the instance has
Iustin Pop's avatar
Iustin Pop committed
886
  @type disk_template: string
Michael Hanselmann's avatar
Michael Hanselmann committed
887
  @param disk_template: the disk template of the instance
Iustin Pop's avatar
Iustin Pop committed
888
889
  @type disks: list
  @param disks: the list of (size, mode) pairs
890
891
892
893
  @type bep: dict
  @param bep: the backend parameters for the instance
  @type hvp: dict
  @param hvp: the hypervisor parameters for the instance
Michael Hanselmann's avatar
Michael Hanselmann committed
894
895
  @type hypervisor_name: string
  @param hypervisor_name: the hypervisor for the instance
896
897
  @rtype: dict
  @return: the hook environment for this instance
898

899
  """
900
901
902
903
  if status:
    str_status = "up"
  else:
    str_status = "down"
904
  env = {
905
    "OP_TARGET": name,
906
907
908
    "INSTANCE_NAME": name,
    "INSTANCE_PRIMARY": primary_node,
    "INSTANCE_SECONDARIES": " ".join(secondary_nodes),
909
    "INSTANCE_OS_TYPE": os_type,
910
    "INSTANCE_STATUS": str_status,
911
912
    "INSTANCE_MEMORY": memory,
    "INSTANCE_VCPUS": vcpus,
Iustin Pop's avatar
Iustin Pop committed
913
    "INSTANCE_DISK_TEMPLATE": disk_template,
Michael Hanselmann's avatar
Michael Hanselmann committed
914
    "INSTANCE_HYPERVISOR": hypervisor_name,
915
916
917
918
  }

  if nics:
    nic_count = len(nics)
919
    for idx, (ip, mac, mode, link) in enumerate(nics):
920
921
922
      if ip is None:
        ip = ""
      env["INSTANCE_NIC%d_IP" % idx] = ip
Iustin Pop's avatar
Iustin Pop committed
923
      env["INSTANCE_NIC%d_MAC" % idx] = mac
924
925
926
927
      env["INSTANCE_NIC%d_MODE" % idx] = mode
      env["INSTANCE_NIC%d_LINK" % idx] = link
      if mode == constants.NIC_MODE_BRIDGED:
        env["INSTANCE_NIC%d_BRIDGE" % idx] = link
928
929
930
931
932
  else:
    nic_count = 0

  env["INSTANCE_NIC_COUNT"] = nic_count

Iustin Pop's avatar
Iustin Pop committed
933
934
935
936
937
938
939
940
941
942
  if disks:
    disk_count = len(disks)
    for idx, (size, mode) in enumerate(disks):
      env["INSTANCE_DISK%d_SIZE" % idx] = size
      env["INSTANCE_DISK%d_MODE" % idx] = mode
  else:
    disk_count = 0

  env["INSTANCE_DISK_COUNT"] = disk_count

943
944
945
946
  for source, kind in [(bep, "BE"), (hvp, "HV")]:
    for key, value in source.items():
      env["INSTANCE_%s_%s" % (kind, key)] = value

947
948
  return env

949

950
def _NICListToTuple(lu, nics):
951
952
  """Build a list of nic information tuples.

953
  This list is suitable to be passed to _BuildInstanceHookEnv or as a return
954
  value in LUInstanceQueryData.
955
956
957
958
959
960
961
962

  @type lu:  L{LogicalUnit}
  @param lu: the logical unit on whose behalf we execute
  @type nics: list of L{objects.NIC}
  @param nics: list of nics to convert to hooks tuples

  """
  hooks_nics = []
963
  cluster = lu.cfg.GetClusterInfo()
964
965
966
  for nic in nics:
    ip = nic.ip
    mac = nic.mac
967
    filled_params = cluster.SimpleFillNIC(nic.nicparams)
968
969
970
971
    mode = filled_params[constants.NIC_MODE]
    link = filled_params[constants.NIC_LINK]
    hooks_nics.append((ip, mac, mode, link))
  return hooks_nics
972

973

Iustin Pop's avatar
Iustin Pop committed
974
def _BuildInstanceHookEnvByObject(lu, instance, override=None):
975
976
  """Builds instance related env variables for hooks from an object.

977
978
979
980
981
982
983
984
985
986
987
  @type lu: L{LogicalUnit}
  @param lu: the logical unit on whose behalf we execute
  @type instance: L{objects.Instance}
  @param instance: the instance for which we should build the
      environment
  @type override: dict
  @param override: dictionary with key/values that will override
      our values
  @rtype: dict
  @return: the hook environment dictionary

988
  """
989
990
991
  cluster = lu.cfg.GetClusterInfo()
  bep = cluster.FillBE(instance)
  hvp = cluster.FillHV(instance)
992
993
994
995
  args = {
    'name': instance.name,
    'primary_node': instance.primary_node,
    'secondary_nodes': instance.secondary_nodes,
996
    'os_type': instance.os,
997
    'status': instance.admin_up,
Iustin Pop's avatar
Iustin Pop committed
998
999
    'memory': bep[constants.BE_MEMORY],
    'vcpus': bep[constants.BE_VCPUS],
1000
    'nics': _NICListToTuple(lu, instance.nics),
Iustin Pop's avatar
Iustin Pop committed
1001
1002
    'disk_template': instance.disk_template,
    'disks': [(disk.size, disk.mode) for disk in instance.disks],
1003
1004
    'bep': bep,
    'hvp': hvp,
1005
    'hypervisor_name': instance.hypervisor,
1006
1007
1008
  }
  if override:
    args.update(override)
Iustin Pop's avatar
Iustin Pop committed
1009
  return _BuildInstanceHookEnv(**args) # pylint: disable-msg=W0142
1010
1011


Guido Trotter's avatar
Guido Trotter committed
1012
def _AdjustCandidatePool(lu, exceptions):
1013
1014
1015
  """Adjust the candidate pool after node operations.

  """
Guido Trotter's avatar
Guido Trotter committed
1016
  mod_list = lu.cfg.MaintainCandidatePool(exceptions)
1017
1018
  if mod_list:
    lu.LogInfo("Promoted nodes to master candidate role: %s",
1019
               utils.CommaJoin(node.name for node in mod_list))
1020
1021
    for name in mod_list:
      lu.context.ReaddNode(name)
Guido Trotter's avatar
Guido Trotter committed
1022
  mc_now, mc_max, _ = lu.cfg.GetMasterCandidateStats(exceptions)
1023
1024
1025
1026
1027
  if mc_now > mc_max:
    lu.LogInfo("Note: more nodes are candidates (%d) than desired (%d)" %
               (mc_now, mc_max))


1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
def _DecideSelfPromotion(lu, exceptions=None):
  """Decide whether I should promote myself as a master candidate.

  """
  cp_size = lu.cfg.GetClusterInfo().candidate_pool_size
  mc_now, mc_should, _ = lu.cfg.GetMasterCandidateStats(exceptions)
  # the new node will increase mc_max with one, so:
  mc_should = min(mc_should + 1, cp_size)
  return mc_now < mc_should


1039
def _CheckNicsBridgesExist(lu, target_nics, target_node):
1040
1041
1042
  """Check that the brigdes needed by a list of nics exist.

  """
1043
1044
  cluster = lu.cfg.GetClusterInfo()
  paramslist = [cluster.SimpleFillNIC(nic.nicparams) for nic in target_nics]
1045
1046
1047
1048
  brlist = [params[constants.NIC_LINK] for params in paramslist
            if params[constants.NIC_MODE] == constants.NIC_MODE_BRIDGED]
  if brlist:
    result = lu.rpc.call_bridges_exist(target_node, brlist)
1049
    result.Raise("Error checking bridges on destination node '%s'" %
1050
                 target_node, prereq=True, ecode=errors.ECODE_ENVIRON)
1051
1052
1053


def _CheckInstanceBridgesExist(lu, instance, node=None):
1054
1055
1056
  """Check that the brigdes needed by an instance exist.

  """
1057
  if node is None:
Iustin Pop's avatar
Iustin Pop committed
1058
    node = instance.primary_node
1059
  _CheckNicsBridgesExist(lu, instance.nics, node)
1060
1061


Iustin Pop's avatar
Iustin Pop committed
1062
def _CheckOSVariant(os_obj, name):
Guido Trotter's avatar
Guido Trotter committed
1063
1064
  """Check whether an OS name conforms to the os variants specification.

Iustin Pop's avatar
Iustin Pop committed
1065
1066
  @type os_obj: L{objects.OS}
  @param os_obj: OS object to check
Guido Trotter's avatar
Guido Trotter committed
1067
1068
1069
1070
  @type name: string
  @param name: OS name passed by the user, to check for validity

  """
Iustin Pop's avatar
Iustin Pop committed
1071
  if not os_obj.supported_variants:
Guido Trotter's avatar
Guido Trotter committed
1072
    return
1073
1074
  variant = objects.OS.GetVariant(name)
  if not variant:
1075
1076
    raise errors.OpPrereqError("OS name must include a variant",
                               errors.ECODE_INVAL)
Guido Trotter's avatar
Guido Trotter committed
1077

Iustin Pop's avatar
Iustin Pop committed
1078
  if variant not in os_obj.supported_variants:
1079
    raise errors.OpPrereqError("Unsupported OS variant", errors.ECODE_INVAL)
Guido Trotter's avatar
Guido Trotter committed
1080
1081


1082
1083
1084
1085
def _GetNodeInstancesInner(cfg, fn):
  return [i for i in cfg.GetAllInstancesInfo().values() if fn(i)]


1086
1087
1088
1089
1090
1091
1092
1093
def _GetNodeInstances(cfg, node_name):
  """Returns a list of all primary and secondary instances on a node.

  """

  return _GetNodeInstancesInner(cfg, lambda inst: node_name in inst.all_nodes)


1094
1095
1096
1097
def _GetNodePrimaryInstances(cfg, node_name):
  """Returns primary instances on a node.

  """
1098
1099
  return _GetNodeInstancesInner(cfg,
                                lambda inst: node_name == inst.primary_node)
1100
1101


1102
1103
1104
1105
def _GetNodeSecondaryInstances(cfg, node_name):
  """Returns secondary instances on a node.

  """
1106
1107
  return _GetNodeInstancesInner(cfg,
                                lambda inst: node_name in inst.secondary_nodes)
1108
1109


1110
1111
1112
1113
1114
1115
def _GetStorageTypeArgs(cfg, storage_type):
  """Returns the arguments for a storage type.

  """
  # Special case for file storage
  if storage_type == constants.ST_FILE:
1116
    # storage.FileStorage wants a list of storage directories
1117
    return [[cfg.GetFileStorageDir(), cfg.GetSharedFileStorageDir()]]
1118
1119
1120
1121

  return []


1122
1123
1124
1125
1126
1127
1128
1129
def _FindFaultyInstanceDisks(cfg, rpc, instance, node_name, prereq):
  faulty = []

  for dev in instance.disks:
    cfg.SetDiskID(dev, node_name)

  result = rpc.call_blockdev_getmirrorstatus(node_name, instance.disks)
  result.Raise("Failed to get disk status from node %s" % node_name,
1130
               prereq=prereq, ecode=errors.ECODE_ENVIRON)
1131
1132
1133
1134
1135
1136
1137
1138

  for idx, bdev_status in enumerate(result.payload):
    if bdev_status and bdev_status.ldisk_status == constants.LDS_FAULTY:
      faulty.append(idx)

  return faulty


1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
def _CheckIAllocatorOrNode(lu, iallocator_slot, node_slot):
  """Check the sanity of iallocator and node arguments and use the
  cluster-wide iallocator if appropriate.

  Check that at most one of (iallocator, node) is specified. If none is
  specified, then the LU's opcode's iallocator slot is filled with the
  cluster-wide default iallocator.

  @type iallocator_slot: string
  @param iallocator_slot: the name of the opcode iallocator slot
  @type node_slot: string
  @param node_slot: the name of the opcode target node slot

  """
  node = getattr(lu.op, node_slot, None)
  iallocator = getattr(lu.op, iallocator_slot, None)

  if node is not None and iallocator is not None:
1157
    raise errors.OpPrereqError("Do not specify both, iallocator and node",
1158
1159
1160
1161
1162
1163
1164
                               errors.ECODE_INVAL)
  elif node is None and iallocator is None:
    default_iallocator = lu.cfg.GetDefaultIAllocator()
    if default_iallocator:
      setattr(lu.op, iallocator_slot, default_iallocator)
    else:
      raise errors.OpPrereqError("No iallocator or node given and no"
1165
1166
                                 " cluster-wide default iallocator found;"
                                 " please specify either an iallocator or a"
1167
                                 " node, or set a cluster-wide default"
1168
                                 " iallocator")
1169
1170


1171
class LUClusterPostInit(LogicalUnit):
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
  """Logical unit for running hooks after cluster initialization.

  """
  HPATH = "cluster-init"
  HTYPE = constants.HTYPE_CLUSTER

  def BuildHooksEnv(self):
    """Build hooks env.

    """
1182
1183
1184
1185
1186
1187
1188
1189
1190
    return {
      "OP_TARGET": self.cfg.GetClusterName(),
      }

  def BuildHooksNodes(self):
    """Build hooks nodes.

    """
    return ([], [self.cfg.GetMasterNode()])
1191
1192
1193
1194
1195
1196
1197
1198

  def Exec(self, feedback_fn):
    """Nothing to do.

    """
    return True


1199
class LUClusterDestroy(LogicalUnit):
Iustin Pop's avatar
Iustin Pop committed
1200
1201
1202
  """Logical unit for destroying the cluster.

  """
1203
1204
  HPATH = "cluster-destroy"
  HTYPE = constants.HTYPE_CLUSTER
Iustin Pop's avatar
Iustin Pop committed
1205

1206
1207
1208
1209
  def BuildHooksEnv(self):
    """Build hooks env.

    """
1210
1211
1212
1213
1214
1215
1216
1217
1218
    return {
      "OP_TARGET": self.cfg.GetClusterName(),
      }

  def BuildHooksNodes(self):
    """Build hooks nodes.

    """
    return ([], [])
1219

Iustin Pop's avatar
Iustin Pop committed
1220
1221
1222
1223
1224
  def CheckPrereq(self):
    """Check prerequisites.

    This checks whether the cluster is empty.

Michael Hanselmann's avatar
Michael Hanselmann committed
1225
    Any errors are signaled by raising errors.OpPrereqError.
Iustin Pop's avatar
Iustin Pop committed
1226
1227

    """
Michael Hanselmann's avatar
Michael Hanselmann committed
1228
    master = self.cfg.GetMasterNode()
Iustin Pop's avatar
Iustin Pop committed
1229
1230

    nodelist = self.cfg.GetNodeList()
1231
    if len(nodelist) != 1 or nodelist[0] != master:
1232
      raise errors.OpPrereqError("There are still %d node(s) in"
1233
1234
                                 " this cluster." % (len(nodelist) - 1),
                                 errors.ECODE_INVAL)
1235
1236
    instancelist = self.cfg.GetInstanceList()
    if instancelist:
1237
      raise errors.OpPrereqError("There are still %d instance(s) in"
1238
1239
                                 " this cluster." % len(instancelist),
                                 errors.ECODE_INVAL)
Iustin Pop's avatar
Iustin Pop committed
1240
1241
1242
1243
1244

  def Exec(self, feedback_fn):
    """Destroys the cluster.

    """
Michael Hanselmann's avatar
Michael Hanselmann committed
1245
    master = self.cfg.GetMasterNode()
Luca Bigliardi's avatar
Luca Bigliardi committed
1246
1247

    # Run post hooks on master node before it's removed
1248
    _RunPostHook(self, master)
Luca Bigliardi's avatar
Luca Bigliardi committed
1249

1250
    result = self.rpc.call_node_stop_master(master, False)
1251
    result.Raise("Could not disable the master role")
1252

Iustin Pop's avatar
Iustin Pop committed
1253
    return master
Iustin Pop's avatar
Iustin Pop committed
1254
1255


1256
def _VerifyCertificate(filename):
1257
  """Verifies a certificate for LUClusterVerifyConfig.
1258
1259
1260
1261
1262
1263
1264
1265
1266

  @type filename: string
  @param filename: Path to PEM file

  """
  try:
    cert = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM,
                                           utils.ReadFile(filename))
  except Exception, err: # pylint: disable-msg=W0703
1267
    return (LUClusterVerifyConfig.ETYPE_ERROR,
1268
1269
            "Failed to load X509 certificate %s: %s" % (filename, err))

1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
  (errcode, msg) = \
    utils.VerifyX509Certificate(cert, constants.SSL_CERT_EXPIRATION_WARN,
                                constants.SSL_CERT_EXPIRATION_ERROR)

  if msg:
    fnamemsg = "While verifying %s: %s" % (filename, msg)
  else:
    fnamemsg = None

  if errcode is None:
    return (None, fnamemsg)
  elif errcode == utils.CERT_WARNING:
1282
    return (LUClusterVerifyConfig.ETYPE_WARNING, fnamemsg)
1283
  elif errcode == utils.CERT_ERROR:
1284
    return (LUClusterVerifyConfig.ETYPE_ERROR, fnamemsg)
1285

1286
  raise errors.ProgrammerError("Unhandled certificate error code %r" % errcode)
1287
1288


1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
def _GetAllHypervisorParameters(cluster, instances):
  """Compute the set of all hypervisor parameters.

  @type cluster: L{objects.Cluster}
  @param cluster: the cluster object
  @param instances: list of L{objects.Instance}
  @param instances: additional instances from which to obtain parameters
  @rtype: list of (origin, hypervisor, parameters)
  @return: a list with all parameters found, indicating the hypervisor they
       apply to, and the origin (can be "cluster", "os X", or "instance Y")

  """
  hvp_data = []

  for hv_name in cluster.enabled_hypervisors:
    hvp_data.append(("cluster", hv_name, cluster.GetHVDefaults(hv_name)))

  for os_name, os_hvp