Commit 047f59ce authored by Hrvoje Ribicic's avatar Hrvoje Ribicic
Browse files

Filter disallowed compression tools



This patch makes import and export operations fail when a
non-whitelisted compression type is used. The whitelisted tools have to
be specified manually via
"gnt-cluster modify --custom-compression-tools=<tools>".
Signed-off-by: default avatarHrvoje Ribicic <riba@google.com>
Reviewed-by: default avatarThomas Thrainer <thomasth@google.com>
parent 14a31771
...@@ -40,7 +40,8 @@ from ganeti.cmdlib.common import CheckNodeOnline, ExpandNodeUuidAndName, \ ...@@ -40,7 +40,8 @@ from ganeti.cmdlib.common import CheckNodeOnline, ExpandNodeUuidAndName, \
from ganeti.cmdlib.instance_storage import StartInstanceDisks, \ from ganeti.cmdlib.instance_storage import StartInstanceDisks, \
ShutdownInstanceDisks, TemporaryDisk, ImageDisks ShutdownInstanceDisks, TemporaryDisk, ImageDisks
from ganeti.cmdlib.instance_utils import GetClusterDomainSecret, \ from ganeti.cmdlib.instance_utils import GetClusterDomainSecret, \
BuildInstanceHookEnvByObject, CheckNodeNotDrained, RemoveInstance BuildInstanceHookEnvByObject, CheckNodeNotDrained, RemoveInstance, \
CheckCompressionTool
class LUBackupPrepare(NoHooksLU): class LUBackupPrepare(NoHooksLU):
...@@ -318,6 +319,9 @@ class LUBackupExport(LogicalUnit): ...@@ -318,6 +319,9 @@ class LUBackupExport(LogicalUnit):
self.cfg.GetInstanceSecondaryNodes(self.instance.uuid) self.cfg.GetInstanceSecondaryNodes(self.instance.uuid)
self.inst_disks = self.cfg.GetInstanceDisks(self.instance.uuid) self.inst_disks = self.cfg.GetInstanceDisks(self.instance.uuid)
# Check if the compression tool is whitelisted
CheckCompressionTool(self, self.op.compress)
def _CleanupExports(self, feedback_fn): def _CleanupExports(self, feedback_fn):
"""Removes exports of current instance from all other nodes. """Removes exports of current instance from all other nodes.
......
...@@ -62,7 +62,8 @@ from ganeti.cmdlib.instance_utils import BuildInstanceHookEnvByObject, \ ...@@ -62,7 +62,8 @@ from ganeti.cmdlib.instance_utils import BuildInstanceHookEnvByObject, \
NICToTuple, CheckNodeNotDrained, RemoveInstance, CopyLockList, \ NICToTuple, CheckNodeNotDrained, RemoveInstance, CopyLockList, \
ReleaseLocks, CheckNodeVmCapable, CheckTargetNodeIPolicy, \ ReleaseLocks, CheckNodeVmCapable, CheckTargetNodeIPolicy, \
GetInstanceInfoText, RemoveDisks, CheckNodeFreeMemory, \ GetInstanceInfoText, RemoveDisks, CheckNodeFreeMemory, \
CheckInstanceBridgesExist, CheckNicsBridgesExist, UpdateMetadata CheckInstanceBridgesExist, CheckNicsBridgesExist, UpdateMetadata, \
CheckCompressionTool
import ganeti.masterd.instance import ganeti.masterd.instance
...@@ -1307,6 +1308,8 @@ class LUInstanceCreate(LogicalUnit): ...@@ -1307,6 +1308,8 @@ class LUInstanceCreate(LogicalUnit):
CheckNicsBridgesExist(self, self.nics, self.pnode.uuid) CheckNicsBridgesExist(self, self.nics, self.pnode.uuid)
CheckCompressionTool(self, self.op.compress)
#TODO: _CheckExtParams (remotely) #TODO: _CheckExtParams (remotely)
# Check parameters for extstorage # Check parameters for extstorage
......
...@@ -600,3 +600,26 @@ def UpdateMetadata(feedback_fn, rpc, instance, ...@@ -600,3 +600,26 @@ def UpdateMetadata(feedback_fn, rpc, instance,
result = rpc.call_instance_metadata_modify(instance.primary_node, data) result = rpc.call_instance_metadata_modify(instance.primary_node, data)
result.Warn("Could not update metadata for instance '%s'" % instance.name, result.Warn("Could not update metadata for instance '%s'" % instance.name,
feedback_fn) feedback_fn)
def CheckCompressionTool(lu, compression_tool):
""" Checks if the provided compression tool is allowed to be used.
@type compression_tool: string
@param compression_tool: Compression tool to use for importing or exporting
the instance
@rtype: NoneType
@return: None
@raise errors.OpPrereqError: If the tool is not enabled by Ganeti or
whitelisted
"""
allowed_tools = lu.cfg.GetCompressionTools()
if (compression_tool != constants.IEC_NONE and
compression_tool not in allowed_tools):
raise errors.OpPrereqError(
"Compression tool not allowed, tools allowed are [%s]"
% ", ".join(allowed_tools)
)
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment