Commit cfe1f843 authored by Petr Pudlak's avatar Petr Pudlak

Add DRBD secrets to temporary reservations

Expose the generation method through WConfd's RPC interface.
Signed-off-by: default avatarPetr Pudlak <pudlak@google.com>
Reviewed-by: default avatarKlaus Aehlig <aehlig@google.com>
parent de81e4e7
......@@ -973,6 +973,10 @@ drbdMigrationNetProtocol = "C"
drbdStatusFile :: String
drbdStatusFile = "/proc/drbd"
-- | The length of generated DRBD secrets (see also TempRes module).
drbdSecretLength :: Int
drbdSecretLength = 20
-- | Size of DRBD meta block device
drbdMetaSize :: Int
drbdMetaSize = 128
......
......@@ -44,7 +44,7 @@ import qualified Ganeti.Locking.Allocation as L
import Ganeti.Locking.Locks ( GanetiLocks(ConfigLock), LockLevel(LevelConfig)
, lockLevel, LockLevel, ClientId )
import qualified Ganeti.Locking.Waiting as LW
import Ganeti.Objects (ConfigData)
import Ganeti.Objects (ConfigData, DRBDSecret)
import Ganeti.WConfd.Language
import Ganeti.WConfd.Monad
import qualified Ganeti.WConfd.TempRes as T
......@@ -143,7 +143,7 @@ releaseDRBDMinors inst = modifyTempResState (const $ T.releaseDRBDMinors inst)
-- *** MACs
-- Randomly generate a MAC for an instance and reserves it for
-- Randomly generate a MAC for an instance and reserve it for
-- a given client.
generateMAC
:: ClientId -> J.MaybeForJSON T.NetworkUUID -> WConfdMonad T.MAC
......@@ -155,6 +155,15 @@ generateMAC cid (J.MaybeForJSON netId) = do
reserveMAC :: ClientId -> T.MAC -> WConfdMonad ()
reserveMAC = (modifyTempResStateErr .) . T.reserveMAC
-- *** DRBDSecrets
-- Randomly generate a DRBDSecret for an instance and reserves it for
-- a given client.
generateDRBDSecret :: ClientId -> WConfdMonad DRBDSecret
generateDRBDSecret cid = do
g <- liftIO Rand.newStdGen
modifyTempResStateErr $ T.generateDRBDSecret g cid
-- ** Locking related functions
-- | List the locks of a given owner (i.e., a job-id lockfile pair).
......@@ -226,6 +235,8 @@ exportedFunctions = [ 'echo
-- MACs
, 'reserveMAC
, 'generateMAC
-- DRBD secrets
, 'generateDRBDSecret
-- locking
, 'listLocks
, 'listAllLocks
......
......@@ -41,6 +41,7 @@ module Ganeti.WConfd.TempRes
, MAC
, generateMAC
, reserveMAC
, generateDRBDSecret
, dropAllReservations
, isReserved
, reserve
......@@ -64,6 +65,7 @@ import System.Random
import Ganeti.BasicTypes
import Ganeti.Config
import qualified Ganeti.Constants as C
import Ganeti.Errors
import qualified Ganeti.JSON as J
import Ganeti.Lens
......@@ -71,6 +73,7 @@ import Ganeti.Locking.Locks (ClientId)
import Ganeti.Objects
import Ganeti.Utils
import Ganeti.Utils.MonadPlus
import Ganeti.Utils.Random
import qualified Ganeti.Utils.MultiMap as MM
-- * The main reservation state
......@@ -106,11 +109,12 @@ instance (Ord j, Ord a) => Monoid (TempRes j a) where
data TempResState = TempResState
{ trsDRBD :: DRBDMap
, trsMACs :: TempRes ClientId MAC
, trsDRBDSecrets :: TempRes ClientId DRBDSecret
}
deriving (Eq, Show)
emptyTempResState :: TempResState
emptyTempResState = TempResState M.empty mempty
emptyTempResState = TempResState M.empty mempty mempty
$(makeCustomLenses ''TempResState)
......@@ -235,7 +239,9 @@ generateRand rgen jobid existing genfn tr =
--
-- If a new reservation resource type is added, it must be added here as well.
dropAllReservations :: ClientId -> TempResState -> TempResState
dropAllReservations jobId = trsMACsL %~ dropReservationsFor jobId
dropAllReservations jobId =
(trsMACsL %~ dropReservationsFor jobId)
. (trsDRBDSecretsL %~ dropReservationsFor jobId)
-- ** IDs
......@@ -276,3 +282,14 @@ reserveMAC jobId mac cd = do
when (S.member mac existing)
$ throwError (ReservationError "MAC already in use")
get >>= traverseOf trsMACsL (reserve jobId mac) >>= put
-- ** DRBD secrets
generateDRBDSecret
:: (RandomGen g, MonadError e m, Error e, Functor m)
=> g -> ClientId -> ConfigData -> StateT TempResState m DRBDSecret
generateDRBDSecret rgen jobId cd = do
let existing = S.fromList $ getAllDrbdSecrets cd
StateT $ traverseOf2 trsDRBDSecretsL
(generateRand rgen jobId existing
(over _1 Just . generateSecret C.drbdSecretLength))
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment