Commit a12aa2d2 authored by Helga Velroyen's avatar Helga Velroyen

Renew-crypto: remove dead code

This patch removes the code for renewing the master
nodes' client certificate using SSL. This is no longer
needed, as the master nodes' certificate is created
in already.
Signed-off-by: default avatarHelga Velroyen <>
Reviewed-by: default avatarKlaus Aehlig <>
parent 40c4e5d7
......@@ -72,36 +72,6 @@ from ganeti.cmdlib.common import ShareAll, RunPostHook, \
import ganeti.masterd.instance
def _UpdateMasterClientCert(
lu, cfg, master_uuid,
"""Renews the master's client certificate and propagates the config.
@type lu: C{LogicalUnit}
@param lu: the logical unit holding the config
@type cfg: C{config.ConfigWriter}
@param cfg: the cluster's configuration
@type master_uuid: string
@param master_uuid: the master node's UUID
@type client_cert: string
@param client_cert: the path of the client certificate
@type client_cert_tmp: string
@param client_cert_tmp: the temporary path of the client certificate
@rtype: string
@return: the digest of the newly created client certificate
client_digest = GetClientCertDigest(lu, master_uuid, filename=client_cert_tmp)
cfg.AddNodeToCandidateCerts(master_uuid, client_digest)
# This triggers an update of the config and distribution of it with the old
# SSL certificate
utils.RenameFile(client_cert_tmp, client_cert)
return client_digest
class LUClusterRenewCrypto(NoHooksLU):
"""Renew the cluster's crypto tokens.
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment