1. 18 May, 2010 1 commit
  2. 17 May, 2010 1 commit
  3. 14 May, 2010 1 commit
    • Guido Trotter's avatar
      ganeti-noded: add the --no-mlock option · bebf68d3
      Guido Trotter authored
      
      
      While mlock on noded is definitely good in most situations, there are
      some - namely my laptop - where it has no benefit, and uses precious
      non-swappable memory. To avoid this we make it optional, with a new
      --no-mlock option. Note that only the main node daemon and its http
      children are affected: the powercycle node child still uses mlock, which
      doesn't harm, since it's a short lived process happening just before
      node reboot anyway. The manpage is updated.
      Signed-off-by: default avatarGuido Trotter <ultrotter@google.com>
      Reviewed-by: default avatarLuca Bigliardi <shammash@google.com>
      bebf68d3
  4. 13 May, 2010 3 commits
  5. 03 May, 2010 1 commit
  6. 27 Apr, 2010 3 commits
  7. 23 Apr, 2010 2 commits
  8. 22 Apr, 2010 2 commits
  9. 16 Apr, 2010 2 commits
    • Michael Hanselmann's avatar
      Add RPC calls to import and export instance data · 1651d116
      Michael Hanselmann authored
      
      
      These RPC calls can be used to start, monitor and stop the instance data
      import/export daemon.
      Signed-off-by: default avatarMichael Hanselmann <hansmi@google.com>
      Reviewed-by: default avatarIustin Pop <iustin@google.com>
      1651d116
    • Michael Hanselmann's avatar
      Add daemon for instance import and export · 2d76b580
      Michael Hanselmann authored
      
      
      This backend daemon for instance import and export will be used to
      transfer instance data to other machines. It is implemented in a generic
      way to support different ways of data input and output. The third-party
      program “socat”, which is already used by the KVM hypervisor abstraction,
      is used to connect to remote machines using SSL/TLS. After starting the
      child processes in a separate process group, the import/export daemon
      monitors their output and updates a status file regularily. This status
      file can then be read by ganeti-noded (not in this patch).
      
      Three I/O methods are supported: Raw disk, file and script. Each of these
      can be used for import and export.
      
      Similar to daemon-util, an incomplete set of tests written in Bash is
      included.
      
      Two future enhancements are planned:
      - Run parts of the command chain as a dedicated user (privilege
        separation).
      - Currently users of this daemon have to poll the status file while data
        is transferred. This is inefficient and creates unnecessary delays. By
        adding “dd” into the chain and sending it SIGUSR1 regularily, we can get
        some statistics, optimize the polling frequenc and even provide the user
        with an ETA (which isn't available with all current methods to
        import/export instance data).
      Signed-off-by: default avatarMichael Hanselmann <hansmi@google.com>
      Reviewed-by: default avatarIustin Pop <iustin@google.com>
      2d76b580
  10. 09 Apr, 2010 2 commits
    • Guido Trotter's avatar
      Fix new pylint errors · fe7c59d5
      Guido Trotter authored
      
      
      Under squeeze pylint reports the following errors:
      ************* Module ganeti.serializer
      E1103:155:LoadSignedJson: Instance of 'False' has no 'get' member (but some types could not be inferred)
      ************* Module ganeti-masterd
      E1103:166:ClientRqHandler.handle: Instance of 'False' has no 'get' member (but some types could not be inferred)
      E1103:167:ClientRqHandler.handle: Instance of 'False' has no 'get' member (but some types could not be inferred)
      ************* Module gnt-instance
      E1103:431:BatchCreate: Instance of 'False' has no 'keys' member (but some types could not be inferred)
      
      For the first two cases it's actually wrong: we had checked before that
      the variable on which "get" is called is actually a dict. In the third
      case though such check doesn't exist, so we add it. Then we silence the
      error all three times.
      Signed-off-by: default avatarGuido Trotter <ultrotter@google.com>
      Reviewed-by: default avatarIustin Pop <iustin@google.com>
      fe7c59d5
    • Iustin Pop's avatar
      Make watcher request the max coverage · ebacb943
      Iustin Pop authored
      
      
      Since the actions are potentially destructive, we should try to get a
      consistent view of the cluster, so it's better to get the most coverage
      possible.
      Signed-off-by: default avatarIustin Pop <iustin@google.com>
      Reviewed-by: default avatarGuido Trotter <ultrotter@google.com>
      ebacb943
  11. 08 Apr, 2010 1 commit
  12. 30 Mar, 2010 1 commit
  13. 23 Mar, 2010 4 commits
  14. 18 Mar, 2010 1 commit
  15. 17 Mar, 2010 1 commit
  16. 15 Mar, 2010 1 commit
    • Michael Hanselmann's avatar
      Rightname confd's HMAC key · 6b7d5878
      Michael Hanselmann authored
      
      
      Currently, the ganeti-confd's HMAC key is called “cluster HMAC key” or
      simply “HMAC key” everywhere. With the implementation of inter-cluster
      instance moves, another HMAC key will be introduced for signing critical
      data. They can not be the same, so this patch clarifies the purpose of the
      “cluster HMAC key” by renaming it. The actual file name is not changed.
      Signed-off-by: default avatarMichael Hanselmann <hansmi@google.com>
      Reviewed-by: default avatarIustin Pop <iustin@google.com>
      6b7d5878
  17. 12 Mar, 2010 7 commits
  18. 10 Mar, 2010 1 commit
    • Michael Hanselmann's avatar
      http.auth: Fix bug with checking hashed passwords · 23ccba04
      Michael Hanselmann authored
      
      
      When username and password were sent for a resource not requiring
      authentication, it wouldn't be accepted if the user in question had a
      hashed password. The reason was that the function GetAuthRealm used to
      return None if no authentication was necessary. However, the
      authentication realm is necessary to verify hashed passwords. This is
      fixed by requiring GetAuthRealm to always return a realm and separating
      the decision whether to require authentication or not to a separate
      function.
      Signed-off-by: default avatarMichael Hanselmann <hansmi@google.com>
      Reviewed-by: default avatarIustin Pop <iustin@google.com>
      23ccba04
  19. 08 Mar, 2010 1 commit
  20. 26 Feb, 2010 4 commits