-
Dimitris Aragiorgis authored
Signed-off-by:
Dimitris Aragiorgis <dimara@grnet.gr> Reviewed-by:
Iustin Pop <iustin@google.com>
6e8091f9
Ganeti customisation using hooks
Documents Ganeti version 2.6
Contents
- Introduction
- Organisation
-
Operation list
- Node operations
- Node group operations
- Network operations
-
Instance operations
- OP_INSTANCE_CREATE
- OP_INSTANCE_REINSTALL
- OP_BACKUP_EXPORT
- OP_INSTANCE_STARTUP
- OP_INSTANCE_SHUTDOWN
- OP_INSTANCE_REBOOT
- OP_INSTANCE_SET_PARAMS
- OP_INSTANCE_FAILOVER
- OP_INSTANCE_MIGRATE
- OP_INSTANCE_REMOVE
- OP_INSTANCE_GROW_DISK
- OP_INSTANCE_RENAME
- OP_INSTANCE_MOVE
- OP_INSTANCE_RECREATE_DISKS
- OP_INSTANCE_REPLACE_DISKS
- OP_INSTANCE_CHANGE_GROUP
- Cluster operations
- Obsolete operations
- Environment variables
- Examples
Introduction
In order to allow customisation of operations, Ganeti runs scripts in
sub-directories of @SYSCONFDIR@/ganeti/hooks. These sub-directories
are named $hook-$phase.d, where $phase is either pre or
post and $hook matches the directory name given for a hook (e.g.
cluster-verify-post.d or node-add-pre.d).
This is similar to the /etc/network/ structure present in Debian
for network interface handling.
Organisation
For every operation, two sets of scripts are run:
- pre phase (for authorization/checking)
- post phase (for logging)
Also, for each operation, the scripts are run on one or more nodes, depending on the operation type.
Note that, even though we call them scripts, we are actually talking about any executable.
pre scripts
The pre scripts have a definite target: to check that the operation is allowed given the site-specific constraints. You could have, for example, a rule that says every new instance is required to exists in a database; to implement this, you could write a script that checks the new instance parameters against your database.
The objective of these scripts should be their return code (zero or non-zero for success and failure). However, if they modify the environment in any way, they should be idempotent, as failed executions could be restarted and thus the script(s) run again with exactly the same parameters.
Note that if a node is unreachable at the time a hooks is run, this will not be interpreted as a deny for the execution. In other words, only an actual error returned from a script will cause abort, and not an unreachable node.
Therefore, if you want to guarantee that a hook script is run and denies an action, it's best to put it on the master node.
post scripts
These scripts should do whatever you need as a reaction to the completion of an operation. Their return code is not checked (but logged), and they should not depend on the fact that the pre scripts have been run.
Naming
The allowed names for the scripts consist of (similar to run-parts)
upper and lower case, digits, underscores and hyphens. In other words,
the regexp ^[a-zA-Z0-9_-]+$. Also, non-executable scripts will be
ignored.
Order of execution
On a single node, the scripts in a directory are run in lexicographic order (more exactly, the python string comparison order). It is advisable to implement the usual NN-name convention where NN is a two digit number.
For an operation whose hooks are run on multiple nodes, there is no specific ordering of nodes with regard to hooks execution; you should assume that the scripts are run in parallel on the target nodes (keeping on each node the above specified ordering). If you need any kind of inter-node synchronisation, you have to implement it yourself in the scripts.
Execution environment
The scripts will be run as follows:
- no command line arguments
- no controlling tty
- stdin is actually /dev/null
- stdout and stderr are directed to files
- PATH is reset to :pyeval:`constants.HOOKS_PATH`
- the environment is cleared, and only ganeti-specific variables will be left
All information about the cluster is passed using environment variables. Different operations will have sligthly different environments, but most of the variables are common.