- 10 Jul, 2015 1 commit
-
-
Klaus Aehlig authored
This daemon will take over cluster maintenance as per our design document. As it will heavily depend on the monitoring daemon, it will only be enabled (at configure time) if the monitoring daemon is enabled as well. It will also run as the same user and group. In this commit only the plain daemon is added with the only supported request being the question for the supported protocol versions. Signed-off-by:
Klaus Aehlig <aehlig@google.com> Reviewed-by:
Petr Pudlak <pudlak@google.com>
-
- 09 Jun, 2015 1 commit
-
-
Hrvoje Ribicic authored
This patch modifies the daemon-util to check if setcap is present before attempting to use it. Signed-off-by:
Hrvoje Ribicic <riba@google.com> Reviewed-by:
Klaus Aehlig <aehlig@google.com>
-
- 29 May, 2015 1 commit
-
-
Hrvoje Ribicic authored
The metadata daemon was previously running as root due to its need to open port 80 to provide information to instances. To allow the daemon to run in a more secure way, this patch adds a separate metadata user, and grants the metad executable the CAP_NET_BIND_SERVICE capability. As a result, the metadata daemon can use the port 80 without having to acquire the full set of root capabilities and drop it later. Signed-off-by:
Hrvoje Ribicic <riba@google.com> Reviewed-by:
Klaus Aehlig <aehlig@google.com>
-
- 19 Nov, 2014 1 commit
-
-
Niklas Hambuechen authored
The only reason why it was optional was its dependency on regex-pcre, which was an optional Ganeti dependency. Job filter rules require rexex-pcre unconditionally, so now confd requires no additional depdendencies and can be built by default. Signed-off-by:
Niklas Hambuechen <niklash@google.com> Reviewed-by:
Klaus Aehlig <aehlig@google.com>
-
- 12 Sep, 2014 1 commit
-
-
Klaus Aehlig authored
It was decided that Ganeti is relicensed under the 2-clause BSD license. Update the license statements accordingly (issue #936). Signed-off-by:
Klaus Aehlig <aehlig@google.com> Reviewed-by:
Petr Pudlak <pudlak@google.com>
-
- 16 Jul, 2014 1 commit
-
-
Klaus Aehlig authored
For some reason, find does stat the current working directory, which, when invoked via cron, may or may not be readable by the process (issue 880). Therefore, first change to a directory that is definitely accessible to the process; the directory it logs into is such a safe place. Signed-off-by:
Klaus Aehlig <aehlig@google.com> Reviewed-by:
Petr Pudlak <pudlak@google.com>
-
- 13 Jun, 2014 1 commit
-
-
Petr Pudlak authored
Signed-off-by:
Petr Pudlak <pudlak@google.com> Reviewed-by:
Jose A. Lopes <jabolopes@google.com>
-
- 10 Jun, 2014 1 commit
-
-
Jose A. Lopes authored
This patch modifies how the KVM daemon is started/stopped. After this patch, the KVM daemon is always started by default, as it will terminate itself if necessary, and it is restarted by the watcher. Also, changes to user shutdown and vm capable attributes will cause the KVM daemon instances on the corresponding nodes to be started/stopped accordingly. This is achieved through the helper function 'EnsureKvmdOnNodes'. Signed-off-by:
Jose A. Lopes <jabolopes@google.com> Reviewed-by:
Hrvoje Ribicic <riba@google.com>
-
- 03 Jun, 2014 1 commit
-
-
Klaus Aehlig authored
noded is designed to live on a normal node and hence will not depend on any other daemon. In particular, it is safe to start this daemon first. Starting it after wconfd also allows wconfd to carry out a full voting. Signed-off-by:
Klaus Aehlig <aehlig@google.com> Reviewed-by:
Petr Pudlak <pudlak@google.com>
-
- 22 May, 2014 1 commit
-
-
Helga Velroyen authored
... to make lint shut up. Signed-off-by:
Helga Velroyen <helgav@google.com> Reviewed-by:
Jose Lopes <jabolopes@google.com>
-
- 13 May, 2014 4 commits
-
-
Klaus Aehlig authored
This daemon does not do anything anymore, so we can as well get rid of it. Signed-off-by:
Klaus Aehlig <aehlig@google.com> Reviewed-by:
Hrvoje Ribicic <riba@google.com> Signed-off-by:
Klaus Aehlig <aehlig@google.com>
-
Hrvoje Ribicic authored
We assume that the compression tools the user supplies use stdin and stdout for handling data, and that a switch is used to distinguish compression from decompression. This patch introduces these constraints by adding the invocation of these tools to the import-export daemon. Signed-off-by:
Hrvoje Ribicic <riba@google.com> Reviewed-by:
Thomas Thrainer <thomasth@google.com>
-
Hrvoje Ribicic authored
The addition of lzop as a compression option that does not necessarily exist on a Ganeti-running machine requires checks that lzop exists. This patch applies a more general solution, and attempts to check for the existence of a tool by running it with the -h switch on the target node. A timeout is imposed in case the tool expects input, and missing tools are handled as well. Signed-off-by:
Hrvoje Ribicic <riba@google.com> Reviewed-by:
Thomas Thrainer <thomasth@google.com>
-
Hrvoje Ribicic authored
Ganeti took care to restrict all possible compression invocations to the few options that were available. This patch strips away all of those, but does not allow any interesting and dangerous commands provided to the import-export daemon to be executed yet. Signed-off-by:
Hrvoje Ribicic <riba@google.com> Reviewed-by:
Thomas Thrainer <thomasth@google.com>
-
- 29 Apr, 2014 2 commits
-
-
Apollon Oikonomopoulos authored
daemon-util's check-and-start function is only used by the watcher to start failed services that should be running on the node. Systemd supervises and restarts the services as needed; if a service is down, it is so either because of an unrecoverable error, or because the administrator manually stopped it. In any case, it should not be blindly restarted. Signed-off-by:
Apollon Oikonomopoulos <apoikos@gmail.com> Reviewed-by:
Jose A. Lopes <jabolopes@google.com>
-
Apollon Oikonomopoulos authored
daemon-util is used throughout the code for starting a daemon whenever this is needed (e.g. during cluster bootstrapping or master failover). In order not to confuse systemd and its service supervision code, daemon-util needs to cooperate with it. Thus, we use systemctl for all operations if both of these conditions hold: - systemd is running as PID 1, checked via the existence of /run/systemd/system, as per sd_booted(3). - systemd has the ganeti.target unit loaded, indicating that the relevant systemd unit files have been installed. Signed-off-by:
Apollon Oikonomopoulos <apoikos@gmail.com> Reviewed-by:
Jose A. Lopes <jabolopes@google.com>
-
- 28 Apr, 2014 1 commit
-
-
Apollon Oikonomopoulos authored
We add a second category of daemons in daemon-util, those that are started on demand and should not be started by the start_all action, but should be stopped during service shutdown. This category currently includes metad and kvmd. To this end we introduce two more array variables: - ON_DEMAND_DAEMONS: currently holds kvmd and metad, which should only be stopped during stop-all. - ALL_DAEMONS: is the union of DAEMONS and ON_DEMAND_DAEMONS, i.e. the list of all known daemons. We also change the daemon-util test to expect kvmd and metad in the stop daemon list. Signed-off-by:
Apollon Oikonomopoulos <apoikos@gmail.com> Reviewed-by:
Jose A. Lopes <jabolopes@google.com>
-
- 02 Apr, 2014 1 commit
-
-
Jose A. Lopes authored
* Add 'ganeti-metad' to list of daemons to stop * Update 'daemon-util' test Note that 'ganeti-metad' is not automatically started together with all the other daemons. Instead, 'ganeti-metad' is only started when it is necessary. Nevertheless, it is stopped together with the other daemons. Signed-off-by:
Jose A. Lopes <jabolopes@google.com> Reviewed-by:
Hrvoje Ribicic <riba@google.com>
-
- 27 Feb, 2014 1 commit
-
-
Petr Pudlak authored
.. and make it the first one so that masterd can use it when it starts. Signed-off-by:
Petr Pudlak <pudlak@google.com> Reviewed-by:
Klaus Aehlig <aehlig@google.com>
-
- 14 Feb, 2014 1 commit
-
-
Petr Pudlak authored
The daemon exposes the declared functions in Ganeti.WConfd.Core to RPC clients (currently just 'echo'). Signed-off-by:
Petr Pudlak <pudlak@google.com> Reviewed-by:
Klaus Aehlig <aehlig@google.com>
-
- 12 Feb, 2014 1 commit
-
-
Petr Pudlak authored
and update the unit check the list of daemons. Signed-off-by:
Petr Pudlak <pudlak@google.com> Reviewed-by:
Helga Velroyen <helgav@google.com>
-
- 05 Feb, 2014 1 commit
-
-
Michele Tartara authored
The Node deamon was executed with the wrong gid (gnt-daemons) instead of the one assigned to it by configure.ac. Fixes Issue 707. Signed-off-by:
Michele Tartara <mtartara@google.com> Reviewed-by:
Klaus Aehlig <aehlig@google.com>
-
- 20 Jan, 2014 1 commit
-
-
Jose A. Lopes authored
In 'daemons/daemon-util.in', 'start-master' and 'stop-master' always fail if confd is disabled. Fixes issue 685. Signed-off-by:
Jose A. Lopes <jabolopes@gmail.com> Reviewed-by:
Klaus Aehlig <aehlig@google.com>
-
- 16 Oct, 2013 1 commit
-
-
Apollon Oikonomopoulos authored
Luxid was not handled in start_master() and stop_master() at all. As a result, during a master-failover, luxid would be left running on the old master and would not start on the new master, leaving the cluster without management until luxid was manually started. Signed-off-by:
Apollon Oikonomopoulos <apoikos@gmail.com> Signed-off-by:
Michele Tartara <mtartara@google.com> Reviewed-by:
Michele Tartara <mtartara@google.com>
-
- 24 Jul, 2013 1 commit
-
-
Apollon Oikonomopoulos authored
daemon-util's rotate_logs() did not pass --oknodo to start-stop-daemon while HUPing the daemon processes. As a result, rotate_logs would fail for a non-running daemon causing rotate_all_logs to exit prematurely. We can fix this by either passing --oknodo to start-stop-daemon, or have rotate_all_logs ignore any errors. The former is probably a safer approach - as it doesn't mask any potential coding errors in rotate_logs - and is also semantically correct (we only care about log rotation if a daemon is actually running). Signed-off-by:
Apollon Oikonomopoulos <apoikos@gmail.com> Reviewed-by:
Guido Trotter <ultrotter@google.com>
-
- 23 Jul, 2013 1 commit
-
-
Apollon Oikonomopoulos authored
Modify daemon-util to allow sending SIGHUP to one or all daemons. This is meant as a utility function to be used in logrotate definitions. Signed-off-by:
Apollon Oikonomopoulos <apoikos@gmail.com> Reviewed-by:
Guido Trotter <ultrotter@google.com>
-
- 18 Jul, 2013 1 commit
-
-
Michele Tartara authored
Commit 91525dee fixed Issue 477 but broke "gnt-cluster info". This commit offers a solution to both problems, by changing the permission of the socket instead of changing the permission the confd process is run with. Signed-off-by:
Michele Tartara <mtartara@google.com> Reviewed-by:
Klaus Aehlig <aehlig@google.com>
-
- 17 Jul, 2013 2 commits
-
-
Thomas Thrainer authored
As queryd will, in the future, handle all LUXI request, queue jobs and most likely perform various other tasks, it is renamed to luxid already. This will safe some headache when upgrading Ganeti installations, as we don't have to deal with a daemon rename. Signed-off-by:
Thomas Thrainer <thomasth@google.com> Reviewed-by:
Klaus Aehlig <aehlig@google.com>
-
Thomas Thrainer authored
queryd is added as a new daemon which handles configuration queries over LUXI. This functionality was removed from confd, which now only queries over the network. The queryd user is added to the master group such that it can access server.pem. The confd user no longer needs to be in the master group. This fixes issue 292. Signed-off-by:
Thomas Thrainer <thomasth@google.com> Reviewed-by:
Helga Velroyen <helgav@google.com>
-
- 11 Jul, 2013 1 commit
-
-
Michele Tartara authored
Starting confd as a member of the daemons group allows the RAPI daemon to access the LUXI socket. Fixes Issue 477. Signed-off-by:
Michele Tartara <mtartara@google.com> Reviewed-by:
Klaus Aehlig <aehlig@google.com>
-
- 29 May, 2013 1 commit
-
-
Helga Velroyen authored
This is a workaround for issue 477. Confd resets the permissions of the query socket in a wrong way. This patch fixes them after the start of confd. Signed-off-by:
Helga Velroyen <helgav@google.com> Reviewed-by:
Thomas Thrainer <thomasth@google.com>
-
- 21 Mar, 2013 1 commit
-
-
Michele Tartara authored
This commit adds the core infrastructure of the monitoring daemon, and integrates it in the build and test systems. The actual functionality of the monitoring daemon is still completely missing. Signed-off-by:
Michele Tartara <mtartara@google.com> Reviewed-by:
Iustin Pop <iustin@google.com>
-
- 20 Nov, 2012 1 commit
-
-
Dimitris Aragiorgis authored
Signed-off-by:
Dimitris Aragiorgis <dimara@grnet.gr> Reviewed-by:
Iustin Pop <iustin@google.com>
-
- 08 Oct, 2012 1 commit
-
-
Iustin Pop authored
As I wrote during/after the review on commit 2958c56e, “ganeti-cleaner: Separate queue cleaning code”, while I appreciated the permission separation, I didn't like too much the file-based approach: - it is a very simple script, and lots of the code is duplicated between the two; I wouldn't like to see "ganeti-vmcapable-cleaner", "ganeti-master-candidate-cleaner", etc. in the future - ganeti-master-cleaner "pollutes" the namespace, creating tab-completion conflicts with ganeti-masterd This patch simply merges the master-cleaner back into cleaner, while keeping the separate user permissions scheme, separate log files, etc. Additionally, it fixes two bugs in the unit-test (not run with set -u and wrong path in the master-cleaner log files test; yay for even worse safety than Python?). And finally, since we have now support for --help-completion, it adds bash completion support for this script :) (needs to be applied on top of my argument support patch series). Signed-off-by:
Iustin Pop <iustin@google.com> Reviewed-by:
Michael Hanselmann <hansmi@google.com>
-
- 28 Sep, 2012 1 commit
-
-
Michael Hanselmann authored
This code does not need to run as root, therefore it's better to split it out. It is now run with the same permissions as the master daemon. Signed-off-by:
Michael Hanselmann <hansmi@google.com> Reviewed-by:
Iustin Pop <iustin@google.com>
-
- 27 Sep, 2012 2 commits
-
-
Michael Hanselmann authored
Instead of having a different set in (almost) every shell script, this inserts the most commonly used variables at build time. This way the code for injecting a root directory for virtual clusters also is just needed once. I chose inserting the variables using “sed” at build time over a runtime script as the latter would need to be located from within the script and the path would be different depending on the environment (unittest vs. actual installation). Signed-off-by:
Michael Hanselmann <hansmi@google.com> Reviewed-by:
Iustin Pop <iustin@google.com>
-
Michael Hanselmann authored
… instead of comparing with two different values in two placse. Signed-off-by:
Michael Hanselmann <hansmi@google.com> Reviewed-by:
René Nussbaumer <rn@google.com>
-
- 21 Sep, 2012 1 commit
-
-
Michael Hanselmann authored
GANETI_ROOTDIR contains the root directory for the current “virtual node”. Signed-off-by:
Michael Hanselmann <hansmi@google.com> Reviewed-by:
René Nussbaumer <rn@google.com>
-
- 12 Jun, 2012 1 commit
-
-
Iustin Pop authored
Commit 4b42c3d6 broke non-root user mode since, while trying to do a cleanup a move all local variable definitions to the start of the function; however, the plain_name var is only defined later, so this actually doesn't work. Note that enabling set -u doesn't _directly_ work, since we rely on some variables which are usually undefined (EXTRA_*_ARGS, etc.). It can be fixed, but in a later patch. Signed-off-by:
Iustin Pop <iustin@google.com> Reviewed-by:
René Nussbaumer <rn@google.com>
-
- 23 May, 2012 1 commit
-
-
Jun Futagawa authored
This adds support to daemon-util for Red Hat based distributions that do not have a start-stop-daemon. If /sbin/start-stop-daemon is not available, daemon-util will source /etc/rc.d/init.d/functions. check(), start(), and stop() are updated to use the relevant functions from /etc/rc.d/init.d/functions. Thanks to Stephen Fromm and Michael Hanselmann for improving the error handling, style, and comments. Signed-off-by:
Jun Futagawa <jfut@integ.jp> Reviewed-by:
Michael Hanselmann <hansmi@google.com> (cherry picked from commit 4b42c3d6)
-