- 18 Aug, 2010 1 commit
-
-
Michael Hanselmann authored
Test multiple opcodes, also with failure. Signed-off-by:
Michael Hanselmann <hansmi@google.com> Reviewed-by:
Iustin Pop <iustin@google.com>
-
- 30 Jul, 2010 2 commits
-
-
Michael Hanselmann authored
Also add some assertions. Signed-off-by:
-
Michael Hanselmann authored
Before strict checking was implemented, NIC IP addresses could be set to “None”. Commit bd061c35 added more strict checking, including enforcing the IP address to be a string. With this new type, it can again be set to None. Signed-off-by:
-
- 23 Jul, 2010 1 commit
-
-
Iustin Pop authored
This is in preparation for the rename of the opcode 'live' parameter to 'mode'. Signed-off-by:
René Nussbaumer <rn@google.com>
-
- 21 Jul, 2010 1 commit
-
-
Manuel Franceschini authored
Due to the current switch of the RPC client to PycURL, a bug with newer versions of libcurl surfaced. When the 'Subject' or 'Issuer' of 'server.pem' were empty, SSL handshake failed. This patch changes the certificate generation functions such that they always use "ganeti.example.com" as commonName (CN) for 'Subject' and 'Issuer'. Signed-off-by:
Manuel Franceschini <livewire@google.com> Reviewed-by:
-
- 20 Jul, 2010 1 commit
-
-
René Nussbaumer authored
Signed-off-by:
-
- 19 Jul, 2010 1 commit
-
-
Iustin Pop authored
This patch adds a new vcs-version file that is generated via git (and can be adapted if VCS is changed) and then embebbded as VCS_VERSION in the constants module. This means two things: - local modifications without committing to git (or when using a tar.gz archive + mods) will not be reflected - version is fixed at the time of the last make regen-vcs-version (dist time, or devel/upload which calls this) Thus this is more geared at developers rather than end users. The patch: - adds rules for generating the vcs-version file - adds a dist-hook for re-generating the file (if possible) and copying the updated version to the distdir - modifies devel/upload to re-generate the file before upload The output of --version will look like: gnt-cluster (ganeti v2.2.0beta0-184-gebca7e6) 2.2.0~beta0 Signed-off-by:
-
- 16 Jul, 2010 2 commits
-
-
Balazs Lecz authored
Also implement syntax checking. Signed-off-by:
Balazs Lecz <leczb@google.com> Reviewed-by:
-
Iustin Pop authored
Since migration live/non-live is more stable (e.g.) for Xen-PVM versus Xen-HVM, we introduce a new parameter for what mode we should use by default (if not overridden by the user, in the opcode). The meaning of the opcode 'live' field changes from boolean to either None (use the hypervisor default), or one of the allowed migration string constants. The live parameter of the TLMigrateInstance is still a boolean, computed from the opcode field (which is no longer passed to the TL). Signed-off-by:
Guido Trotter <ultrotter@google.com>
-
- 15 Jul, 2010 2 commits
-
-
Michael Hanselmann authored
This new opcode and gnt-debug sub-command test some aspects of the job queue, including the status of a job. The bug fixed in commit 2034c70d was identified using this test. A future patch will run this test automatically from the QA scripts. Signed-off-by:
-
Michael Hanselmann authored
By splitting the _WaitForJobChangesHelper class into multiple smaller classes, we gain in several places: - Simpler code, less interaction between functions and variables - Easy to unittest (close to 100% coverage) - Waiting for job changes has no direct knowledge of queue anymore (it doesn't references queue functions anymore, especially not private ones) - Activate inotify only if there was no change at the beginning (and checking again right away to avoid race conditions) Signed-off-by:
-
- 07 Jul, 2010 1 commit
-
-
Balazs Lecz authored
Signed-off-by:
-
- 06 Jul, 2010 3 commits
-
-
Balazs Lecz authored
Signed-off-by:
-
Luca Bigliardi authored
Signed-off-by:
Luca Bigliardi <shammash@google.com> Reviewed-by:
-
Luca Bigliardi authored
Signed-off-by:
-
- 30 Jun, 2010 3 commits
-
-
Iustin Pop authored
This needs lots of work, but it can successfully launch an LXC-based instance. See the docstring for the limitations/work to be done. Signed-off-by:
-
Manuel Franceschini authored
Signed-off-by:
-
Manuel Franceschini authored
Signed-off-by:
-
- 24 Jun, 2010 1 commit
-
-
Apollon Oikonomopoulos authored
DTS_MAY_ADOPT include disk templates that may use disk adoption and will be used in all respective checks. Signed-off-by:
Apollon Oikonomopoulos <apollon@noc.grnet.gr> Signed-off-by:
-
- 23 Jun, 2010 5 commits
-
-
Iustin Pop authored
Currently, we have one structual validation for opcode attributes: the _OP_REQP, which checks that a given attribute is not 'None', and the rest of the checks are done at runtime. This means our type system has two types: None versus Not-None. We have been hit many times by small, trivial bugs in this area, and only a huge amount of unittest and/or hand-written checks would ensure that we cover all possibilities. This patch attempts to redress the needs for manual checks by introducing a micro-type system for the validation of the opcode attributes. What we lose, from the start, are the custom error messages (e.g. "Invalid reboot mode, choose one of …", or "The disk index must be a positive integer"). What we gain is the ability to express easily things as: - this parameter must be None or an int - this parameter must be a non-empty list - this parameter must be either none or a list of dictionaries with keys from the list of valid hypervisors and the values dictionaries with keys strings and values either None or strings; furthermore, the list must be non-empty These examples show that we have a composable (as opposed to just a few static types) system, and that we can nest it a few times (just for sanity; we could nest it up to stack depth). We also gain lots of ))))))), which is not that nice :) The current patch moves the existing _OP_REQP to the new framework, but if accepted, a lot more validations should move to it. In the end, we definitely should declare a type for all the opcode parameters (eventually moving _OP_REQP directly to opcodes.py and validating in the load/init case, and build __slots__ from it). Signed-off-by:
-
Iustin Pop authored
For this, we needed to extend the NodeImage class with a few extra variables, and we do a trick in the node verification where we pick the first node that returned valid OS data as the reference node, and then we compare all other nodes against it. The checks added are: - consistency of DiagnoseOS responses - multiple paths for an OS - inconsistent OS between a reference node and the current node Signed-off-by:
-
Iustin Pop authored
Nothing special here, just copy/adjust the beparams code. Signed-off-by:
-
Iustin Pop authored
While we only support the 'parameters' check today, the RPC call is generic enough that will be able to support other checks in the future. The backend function will both validate the parameters list (so as to make sure we don't pass in extra parameters that the OS validation doesn't care about) and the parameter values, via the OS verify script. Signed-off-by:
-
Iustin Pop authored
Signed-off-by:
-
- 22 Jun, 2010 1 commit
-
-
Apollon Oikonomopoulos authored
"adopt" was missing from bd061c35 , thus breaking disk adoption. Signed-off-by:
-
- 21 Jun, 2010 1 commit
-
-
Apollon Oikonomopoulos authored
"adopt" was missing from bd061c35 , thus breaking disk adoption. Signed-off-by:
-
- 17 Jun, 2010 1 commit
-
-
Michael Hanselmann authored
Many RPC calls have changed in Ganeti 2.2, hence bumping the RPC protocol version. Signed-off-by:
-
- 14 Jun, 2010 2 commits
-
-
Michael Hanselmann authored
Older OpenSSL versions include DES-CBC3-* ciphers when specifying the HIGH group of ciphers. Removing potentially weak ciphers from the list of allowed ciphers ensures only strong ciphers are considered for SSL connections. Signed-off-by:
-
Michael Hanselmann authored
This “magic” value will be used to ensure that we don't accidentially connect to the wrong daemon (e.g. due to a bug), comparable to DRBD's per-disk secret. Just depending on the SSL certificate isn't enough as it's always per instance and not per disk. Signed-off-by:
-
- 11 Jun, 2010 2 commits
-
-
Guido Trotter authored
Currently each time we submit a job we check the job queue size, and the drained file. With this change we keep these pieces of information in memory and don't read them from the filesystem each time. Significant changes include: - The drained value can only be properly set by calling the appropriate cluster command "gnt-cluster queue drain/undrain" and not by removing/creating the file in the job queue directory. Not that anybody would have done it in this undocumented way before. - We get rid of the soft limit for the job queue, which we haven't ever used anyway. Signed-off-by: -
Guido Trotter authored
With this change unknown disk and nic parameters will be refused, rather than silently ignored, so that one can't pass them in by mistake and not realize what went wrong. Signed-off-by:
-
- 08 Jun, 2010 1 commit
-
-
Michael Hanselmann authored
Once we have a size for an export (in the context of the import/export daemon), we can provide the user with a percentage and ETA. Signed-off-by:
-
- 04 Jun, 2010 1 commit
-
-
René Nussbaumer authored
Signed-off-by:
-
- 01 Jun, 2010 1 commit
-
-
Balazs Lecz authored
This patch adds a new boolean hypervisor parameter to the KVM hypervisor, named 'use_chroot'. If it's turned on for an instance, than KVM is started in "chroot mode": Ganeti creates an empty directory for the instance and passes the path of this dir to KVM via the -chroot flag. KVM changes its root to this directory after starting up. It also adds a "quarantine" feature for moving any unexpected files to a separate directory for later analysis. This has been backported from master, commit 84c08e4e Signed-off-by:
-
- 31 May, 2010 1 commit
-
-
Apollon Oikonomopoulos authored
Introduce 2 new hypervisor options, migration_bandwidth and migration_downtime and implement KVM migration bandwidth and downtime control. migration_bandwidth controls KVM's maximal bandwidth during migration, in MiB/s. Default value is 32 MiB/s, same as KVM's internal default. This option is a global hypervisor option. migration_downtime sets the amount of time (in ms) a KVM instance is allowed to freeze while copying memory pages. This is useful when migrating busy guests, as KVM's internal default of 30ms is too low for the page-copying algorithm to converge. This is a per-instance option, with a default of 30ms, same as KVM's internal default. Signed-off-by:
-
- 28 May, 2010 1 commit
-
-
Balazs Lecz authored
This patch adds a new boolean hypervisor parameter to the KVM hypervisor, named 'use_chroot'. If it's turned on for an instance, than KVM is started in "chroot mode": Ganeti creates an empty directory for the instance and passes the path of this dir to KVM via the -chroot flag. KVM changes its root to this directory after starting up. It also adds a "quarantine" feature for moving any unexpected files to a separate directory for later analysis. Signed-off-by:
-
- 21 May, 2010 1 commit
-
-
Michael Hanselmann authored
For example, exports on the same node shouldn't be compressed. Signed-off-by:
-
- 18 May, 2010 3 commits
-
-
Michael Hanselmann authored
Signed-off-by:
-
Michael Hanselmann authored
Signed-off-by:
-
Michael Hanselmann authored
To prepare a remote export, the X509 key and certificate need to be generated. A handshake value is also returned for an easier check whether both clusters share the same cluster domain secret. Signed-off-by:
-
