Commit b2e7599d authored by Thomas Thrainer's avatar Thomas Thrainer
Browse files

Merge branch 'stable-2.8' into stable-2.9



* stable-2.8
  Make tools/users-setup explain its actions first
  Generate tools/users-setup from descriptions
  Provide ganeti user and group data in easy-to-parse form
  Remove dsahostkeypub during config downgrade
  Mark the DSA host pubkey as optional
  Fix documentation for gnt-node evacuate -p option

Conflicts:
	Makefile.am (trivial)
	tools/cfgupgrade (removed downgrade code to 2.7)
Signed-off-by: default avatarThomas Thrainer <thomasth@google.com>
Reviewed-by: default avatarKlaus Aehlig <aehlig@google.com>
parents e46de62a 9317e5dc
......@@ -62,6 +62,9 @@
/doc/hs-lint.html
/doc/manpages-enabled.rst
/doc/man-*.rst
/doc/users/groupmemberships
/doc/users/groups
/doc/users/users
# doc/examples
/doc/examples/bash_completion
......
......@@ -108,6 +108,7 @@ DIRS = \
doc/examples \
doc/examples/gnt-debug \
doc/examples/hooks \
doc/users \
test/data/htools \
test/data/htools/rapi \
test/hs/shelltests \
......@@ -198,6 +199,7 @@ CLEANFILES = \
$(BUILT_EXAMPLES) \
doc/examples/bash_completion \
doc/examples/bash_completion-debug \
$(userspecs) \
lib/_generated_rpc.py \
$(man_MANS) \
$(manhtml) \
......@@ -779,12 +781,21 @@ else
exit 1;
endif
doc/users/%: doc/users/%.in Makefile $(REPLACE_VARS_SED)
cat $< | sed -f $(REPLACE_VARS_SED) | LC_ALL=C sort | uniq | (grep -v '^root' || true) > $@
userspecs = \
doc/users/users \
doc/users/groups \
doc/users/groupmemberships
# Things to build but not to install (add it to EXTRA_DIST if it should be
# distributed)
noinst_DATA = \
$(BUILT_EXAMPLES) \
doc/examples/bash_completion \
doc/examples/bash_completion-debug \
$(userspecs) \
$(manhtml)
if HAS_SPHINX
......@@ -1002,7 +1013,6 @@ EXTRA_DIST = \
tools/kvm-ifup.in \
tools/vif-ganeti.in \
tools/net-common.in \
tools/users-setup.in \
tools/vcluster-setup.in \
$(docinput) \
doc/html \
......@@ -1013,6 +1023,9 @@ EXTRA_DIST = \
doc/examples/gnt-debug/README \
doc/examples/gnt-debug/delay0.json \
doc/examples/gnt-debug/delay50.json \
doc/users/groupmemberships.in \
doc/users/groups.in \
doc/users/users.in \
test/py/lockperf.py \
test/py/testutils.py \
test/py/mocks.py \
......@@ -1443,8 +1456,26 @@ tools/net-common: tools/net-common.in $(REPLACE_VARS_SED)
sed -f $(REPLACE_VARS_SED) < $< > $@
chmod +x $@
tools/users-setup: tools/users-setup.in $(REPLACE_VARS_SED)
sed -f $(REPLACE_VARS_SED) < $< > $@
tools/users-setup: Makefile $(userspecs)
set -e; \
{ echo '#!/bin/sh'; \
echo 'if [ "x$$1" != "x--yes-do-it" ];'; \
echo 'then echo "This will do the following changes"'; \
$(AWK) -- '{print "echo + Will add group ",$$1; count++}\
END {if (count == 0) {print "echo + No groups to add"}}' doc/users/groups; \
$(AWK) -- '{if (NF > 1) {print "echo + Will add user",$$1,"with primary group",$$2} \
else {print "echo + Will add user",$$1}; count++}\
END {if (count == 0) {print "echo + No users to add"}}' doc/users/users; \
$(AWK) -- '{print "echo + Will add user",$$1,"to group",$$2}' doc/users/groupmemberships; \
echo 'echo'; \
echo 'echo "OK? (y/n)"'; \
echo 'read confirm'; \
echo 'if [ "x$$confirm" != "xy" ]; then exit 0; fi'; \
echo 'fi'; \
$(AWK) -- '{print "addgroup --system",$$1}' doc/users/groups; \
$(AWK) -- '{if (NF > 1) {print "adduser --system --ingroup",$$2,$$1} else {print "adduser --system",$$1}}' doc/users/users; \
$(AWK) -- '{print "adduser",$$1,$$2}' doc/users/groupmemberships; \
} > $@
chmod +x $@
tools/vcluster-setup: tools/vcluster-setup.in $(REPLACE_VARS_SED)
......
@GNTMASTERUSER@ @GNTDAEMONSGROUP@
@GNTCONFDUSER@ @GNTDAEMONSGROUP@
@GNTLUXIDUSER@ @GNTDAEMONSGROUP@
@GNTRAPIUSER@ @GNTDAEMONSGROUP@
@GNTMONDUSER@ @GNTDAEMONSGROUP@
@GNTMASTERUSER@ @GNTADMINGROUP@
@GNTRAPIUSER@ @GNTADMINGROUP@
@GNTMASTERUSER@ @GNTCONFDGROUP@
@GNTMONDUSER@ @GNTMASTERDGROUP@
@GNTLUXIDUSER@ @GNTMASTERDGROUP@
@GNTLUXIDUSER@ @GNTCONFDGROUP@
@GNTDAEMONSGROUP@
@GNTADMINGROUP@
@GNTMASTERUSER@
@GNTRAPIUSER@
@GNTCONFDUSER@
@GNTLUXIDUSER@
@GNTMONDUSER@
@GNTMASTERUSER@ @GNTMASTERDGROUP@
@GNTRAPIUSER@ @GNTRAPIGROUP@
@GNTCONFDUSER@ @GNTCONFDGROUP@
@GNTLUXIDUSER@ @GNTLUXIDGROUP@
@GNTMONDUSER@ @GNTMONDGROUP@
@GNTNODEDUSER@
......@@ -114,14 +114,13 @@ potential recovery).
Note that this command is equivalent to using per-instance commands for
each affected instance individually:
- ``--primary-only`` is equivalent to ``gnt-instance
failover/migration`` for non-DRBD instances, but for DRBD instances
it's different, and usually is a slow process (it will change the
primary to another node while keeping the secondary, this requiring
data copies, whereas failover/migrate will only toggle the
primary/secondary roles, a fast process)
- ``--primary-only`` is equivalent to performing ``gnt-instance
migrate`` for every primary instance running on the node that can be
migrated and ``gnt-instance failover`` for every primary instance that
cannot be migrated.
- ``--secondary-only`` is equivalent to ``gnt-instance replace-disks``
in the secondary node change mode (only valid for DRBD instances)
in secondary node change mode (``--new-secondary``) for every DRBD
instance that the node is a secondary for.
- when neither of the above is done a combination of the two cases is run
See **ganeti**\(7) for a description of ``--submit`` and other common
......
......@@ -686,7 +686,8 @@ type UidPool = [(Int, Int)]
-- * Cluster definitions
$(buildObject "Cluster" "cluster" $
[ simpleField "rsahostkeypub" [t| String |]
, simpleField "dsahostkeypub" [t| String |]
, optionalField $
simpleField "dsahostkeypub" [t| String |]
, simpleField "highest_used_port" [t| Int |]
, simpleField "tcpudp_port_pool" [t| [Int] |]
, simpleField "mac_prefix" [t| String |]
......
#!/bin/sh
#Create common groups
addgroup --system @GNTDAEMONSGROUP@
addgroup --system @GNTADMINGROUP@
#Create user-specific groups
addgroup --system @GNTMASTERUSER@
addgroup --system @GNTRAPIUSER@
addgroup --system @GNTCONFDUSER@
addgroup --system @GNTLUXIDUSER@
addgroup --system @GNTMONDUSER@
#Create users
adduser --system --ingroup @GNTMASTERDGROUP@ @GNTMASTERUSER@
adduser --system --ingroup @GNTRAPIGROUP@ @GNTRAPIUSER@
adduser --system --ingroup @GNTCONFDGROUP@ @GNTCONFDUSER@
adduser --system --ingroup @GNTLUXIDGROUP@ @GNTLUXIDUSER@
adduser --system --ingroup @GNTMONDGROUP@ @GNTMONDUSER@
adduser --system @GNTNODEDUSER@
#Add users to extra groups
for u in @GNTMASTERUSER@ @GNTCONFDUSER@ @GNTLUXIDUSER@ @GNTRAPIUSER@ @GNTMONDUSER@
do
adduser $u @GNTDAEMONSGROUP@
done
for u in @GNTMASTERUSER@ @GNTRAPIUSER@
do
adduser $u @GNTADMINGROUP@
done
adduser @GNTMASTERUSER@ @GNTCONFDGROUP@
adduser @GNTMONDUSER@ @GNTMASTERDGROUP@
adduser @GNTLUXIDUSER@ @GNTMASTERDGROUP@
adduser @GNTLUXIDUSER@ @GNTCONFDGROUP@
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment