Commit cfe1f843 authored by Petr Pudlak's avatar Petr Pudlak
Browse files

Add DRBD secrets to temporary reservations



Expose the generation method through WConfd's RPC interface.
Signed-off-by: default avatarPetr Pudlak <pudlak@google.com>
Reviewed-by: default avatarKlaus Aehlig <aehlig@google.com>
parent de81e4e7
...@@ -973,6 +973,10 @@ drbdMigrationNetProtocol = "C" ...@@ -973,6 +973,10 @@ drbdMigrationNetProtocol = "C"
drbdStatusFile :: String drbdStatusFile :: String
drbdStatusFile = "/proc/drbd" drbdStatusFile = "/proc/drbd"
-- | The length of generated DRBD secrets (see also TempRes module).
drbdSecretLength :: Int
drbdSecretLength = 20
-- | Size of DRBD meta block device -- | Size of DRBD meta block device
drbdMetaSize :: Int drbdMetaSize :: Int
drbdMetaSize = 128 drbdMetaSize = 128
......
...@@ -44,7 +44,7 @@ import qualified Ganeti.Locking.Allocation as L ...@@ -44,7 +44,7 @@ import qualified Ganeti.Locking.Allocation as L
import Ganeti.Locking.Locks ( GanetiLocks(ConfigLock), LockLevel(LevelConfig) import Ganeti.Locking.Locks ( GanetiLocks(ConfigLock), LockLevel(LevelConfig)
, lockLevel, LockLevel, ClientId ) , lockLevel, LockLevel, ClientId )
import qualified Ganeti.Locking.Waiting as LW import qualified Ganeti.Locking.Waiting as LW
import Ganeti.Objects (ConfigData) import Ganeti.Objects (ConfigData, DRBDSecret)
import Ganeti.WConfd.Language import Ganeti.WConfd.Language
import Ganeti.WConfd.Monad import Ganeti.WConfd.Monad
import qualified Ganeti.WConfd.TempRes as T import qualified Ganeti.WConfd.TempRes as T
...@@ -143,7 +143,7 @@ releaseDRBDMinors inst = modifyTempResState (const $ T.releaseDRBDMinors inst) ...@@ -143,7 +143,7 @@ releaseDRBDMinors inst = modifyTempResState (const $ T.releaseDRBDMinors inst)
-- *** MACs -- *** MACs
-- Randomly generate a MAC for an instance and reserves it for -- Randomly generate a MAC for an instance and reserve it for
-- a given client. -- a given client.
generateMAC generateMAC
:: ClientId -> J.MaybeForJSON T.NetworkUUID -> WConfdMonad T.MAC :: ClientId -> J.MaybeForJSON T.NetworkUUID -> WConfdMonad T.MAC
...@@ -155,6 +155,15 @@ generateMAC cid (J.MaybeForJSON netId) = do ...@@ -155,6 +155,15 @@ generateMAC cid (J.MaybeForJSON netId) = do
reserveMAC :: ClientId -> T.MAC -> WConfdMonad () reserveMAC :: ClientId -> T.MAC -> WConfdMonad ()
reserveMAC = (modifyTempResStateErr .) . T.reserveMAC reserveMAC = (modifyTempResStateErr .) . T.reserveMAC
-- *** DRBDSecrets
-- Randomly generate a DRBDSecret for an instance and reserves it for
-- a given client.
generateDRBDSecret :: ClientId -> WConfdMonad DRBDSecret
generateDRBDSecret cid = do
g <- liftIO Rand.newStdGen
modifyTempResStateErr $ T.generateDRBDSecret g cid
-- ** Locking related functions -- ** Locking related functions
-- | List the locks of a given owner (i.e., a job-id lockfile pair). -- | List the locks of a given owner (i.e., a job-id lockfile pair).
...@@ -226,6 +235,8 @@ exportedFunctions = [ 'echo ...@@ -226,6 +235,8 @@ exportedFunctions = [ 'echo
-- MACs -- MACs
, 'reserveMAC , 'reserveMAC
, 'generateMAC , 'generateMAC
-- DRBD secrets
, 'generateDRBDSecret
-- locking -- locking
, 'listLocks , 'listLocks
, 'listAllLocks , 'listAllLocks
......
...@@ -41,6 +41,7 @@ module Ganeti.WConfd.TempRes ...@@ -41,6 +41,7 @@ module Ganeti.WConfd.TempRes
, MAC , MAC
, generateMAC , generateMAC
, reserveMAC , reserveMAC
, generateDRBDSecret
, dropAllReservations , dropAllReservations
, isReserved , isReserved
, reserve , reserve
...@@ -64,6 +65,7 @@ import System.Random ...@@ -64,6 +65,7 @@ import System.Random
import Ganeti.BasicTypes import Ganeti.BasicTypes
import Ganeti.Config import Ganeti.Config
import qualified Ganeti.Constants as C
import Ganeti.Errors import Ganeti.Errors
import qualified Ganeti.JSON as J import qualified Ganeti.JSON as J
import Ganeti.Lens import Ganeti.Lens
...@@ -71,6 +73,7 @@ import Ganeti.Locking.Locks (ClientId) ...@@ -71,6 +73,7 @@ import Ganeti.Locking.Locks (ClientId)
import Ganeti.Objects import Ganeti.Objects
import Ganeti.Utils import Ganeti.Utils
import Ganeti.Utils.MonadPlus import Ganeti.Utils.MonadPlus
import Ganeti.Utils.Random
import qualified Ganeti.Utils.MultiMap as MM import qualified Ganeti.Utils.MultiMap as MM
-- * The main reservation state -- * The main reservation state
...@@ -106,11 +109,12 @@ instance (Ord j, Ord a) => Monoid (TempRes j a) where ...@@ -106,11 +109,12 @@ instance (Ord j, Ord a) => Monoid (TempRes j a) where
data TempResState = TempResState data TempResState = TempResState
{ trsDRBD :: DRBDMap { trsDRBD :: DRBDMap
, trsMACs :: TempRes ClientId MAC , trsMACs :: TempRes ClientId MAC
, trsDRBDSecrets :: TempRes ClientId DRBDSecret
} }
deriving (Eq, Show) deriving (Eq, Show)
emptyTempResState :: TempResState emptyTempResState :: TempResState
emptyTempResState = TempResState M.empty mempty emptyTempResState = TempResState M.empty mempty mempty
$(makeCustomLenses ''TempResState) $(makeCustomLenses ''TempResState)
...@@ -235,7 +239,9 @@ generateRand rgen jobid existing genfn tr = ...@@ -235,7 +239,9 @@ generateRand rgen jobid existing genfn tr =
-- --
-- If a new reservation resource type is added, it must be added here as well. -- If a new reservation resource type is added, it must be added here as well.
dropAllReservations :: ClientId -> TempResState -> TempResState dropAllReservations :: ClientId -> TempResState -> TempResState
dropAllReservations jobId = trsMACsL %~ dropReservationsFor jobId dropAllReservations jobId =
(trsMACsL %~ dropReservationsFor jobId)
. (trsDRBDSecretsL %~ dropReservationsFor jobId)
-- ** IDs -- ** IDs
...@@ -276,3 +282,14 @@ reserveMAC jobId mac cd = do ...@@ -276,3 +282,14 @@ reserveMAC jobId mac cd = do
when (S.member mac existing) when (S.member mac existing)
$ throwError (ReservationError "MAC already in use") $ throwError (ReservationError "MAC already in use")
get >>= traverseOf trsMACsL (reserve jobId mac) >>= put get >>= traverseOf trsMACsL (reserve jobId mac) >>= put
-- ** DRBD secrets
generateDRBDSecret
:: (RandomGen g, MonadError e m, Error e, Functor m)
=> g -> ClientId -> ConfigData -> StateT TempResState m DRBDSecret
generateDRBDSecret rgen jobId cd = do
let existing = S.fromList $ getAllDrbdSecrets cd
StateT $ traverseOf2 trsDRBDSecretsL
(generateRand rgen jobId existing
(over _1 Just . generateSecret C.drbdSecretLength))
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment