cfgupgrade: Local variable for cluster-domain-secret filename

This is necessary to allow cfgupgrade to work on a non-standard directory. Signed-off-by: Michael Hanselmann <hansmi@google.com> Reviewed-by: Iustin Pop <iustin@google.com>

cfgupgrade: Local variable for cluster-domain-secret filename
This is necessary to allow cfgupgrade to work on a non-standard directory. Signed-off-by: Michael Hanselmann <hansmi@google.com> Reviewed-by: Iustin Pop <iustin@google.com>
fc0726b9 · Michael Hanselmann · 94182b63 · fc0726b9 · fc0726b9
Commit fc0726b9 authored 14 years ago by Michael Hanselmann
--- a/lib/bootstrap.py
+++ b/lib/bootstrap.py
@@ -80,7 +80,8 @@ def GenerateClusterCrypto(new_cluster_cert, new_rapi_cert, new_confd_hmac_key,
                          new_cds, rapi_cert_pem=None, cds=None,
                          nodecert_file=constants.NODED_CERT_FILE,
                          rapicert_file=constants.RAPI_CERT_FILE,
-                          hmackey_file=constants.CONFD_HMAC_KEY):
+                          hmackey_file=constants.CONFD_HMAC_KEY,
+                          cds_file=constants.CLUSTER_DOMAIN_SECRET_FILE):
  """Updates the cluster certificates, keys and secrets.

  @type new_cluster_cert: bool
@@ -134,15 +135,12 @@ def GenerateClusterCrypto(new_cluster_cert, new_rapi_cert, new_confd_hmac_key,

  # Cluster domain secret
  if cds:
-    logging.debug("Writing cluster domain secret to %s",
-                  constants.CLUSTER_DOMAIN_SECRET_FILE)
-    utils.WriteFile(constants.CLUSTER_DOMAIN_SECRET_FILE,
-                    data=cds, backup=True)
-
-  elif new_cds or not os.path.exists(constants.CLUSTER_DOMAIN_SECRET_FILE):
-    logging.debug("Generating new cluster domain secret at %s",
-                  constants.CLUSTER_DOMAIN_SECRET_FILE)
-    GenerateHmacKey(constants.CLUSTER_DOMAIN_SECRET_FILE)
+    logging.debug("Writing cluster domain secret to %s", cds_file)
+    utils.WriteFile(cds_file, data=cds, backup=True)
+
+  elif new_cds or not os.path.exists(cds_file):
+    logging.debug("Generating new cluster domain secret at %s", cds_file)
+    GenerateHmacKey(cds_file)


 def _InitGanetiServerSetup(master_name):

--- a/tools/cfgupgrade
+++ b/tools/cfgupgrade
@@ -123,6 +123,7 @@ def main():
  options.KNOWN_HOSTS_PATH = options.data_dir + "/known_hosts"
  options.RAPI_CERT_FILE = options.data_dir + "/rapi.pem"
  options.CONFD_HMAC_KEY = options.data_dir + "/hmac.key"
+  options.CDS_FILE = options.data_dir + "/cluster-domain-secret"

  SetupLogging()

@@ -178,7 +179,8 @@ def main():
      bootstrap.GenerateClusterCrypto(False, False, False, False,
                                      nodecert_file=options.SERVER_PEM_PATH,
                                      rapicert_file=options.RAPI_CERT_FILE,
-                                      hmackey_file=options.CONFD_HMAC_KEY)
+                                      hmackey_file=options.CONFD_HMAC_KEY,
+                                      cds_file=options.CDS_FILE)

  except:
    logging.critical("Writing configuration failed. It is probably in an"