Older versions use “-----BEGIN RSA PRIVATE KEY-----” instead of
“-----BEGIN PRIVATE KEY-----”.

Signed-off-by: Michael Hanselmann <hansmi@google.com>
Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

The design for this is in “doc/design-node-add.rst”. The tool receives a
JSON data structure on stdin and configures the node's daemon after
verifying the received values.

Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

Commit 4679547e implemented the ability to change job's priority after it
was submitted. The code contained a bug whereby it would modify the
input data for an opcode, something the job queue shouldn't do (logical
units do for historical reasons).

This patch removes the line modifying the opcode input and adjusts the
tests.

Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>

In the future instance creations might have a lock on all nodes as was
the case until the implementation of opportunistic locking. Nodes for
which the lock is not held will be shown to the iallocator plugin as if
they were marked offline.

This patch adds a new parameter named “node_whitelist” to
“IAReqInstanceAlloc”. If set to a list, only nodes contained within are
shown as online.

Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Helga Velroyen <helgav@google.com>

The network management code needs to verify a MAC address prefix.
Instead of (ab)using NormalizeAndValidateMac, clean code should be used.
Unit tests for NormalizeAndValidateMac are updated and new ones for
NormalizeAndValidateThreeOctetMacPrefix are added.

Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

This code is going to be used by a new utility for setting up the node
daemon. Unit tests are updated/added.

Additionally, the certificate and key stored in “server.pem” are
verified, too.

Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

This patch adds a new parameter to “LockSet.acquire” named
“opportunistic”. When enabled the lockset will try to acquire as many
locks as possible, but it won't wait for them (with the exception of the
lockset-internal lock in case the whole set is acquired). This is
implemented by using a timeout of 0 seconds when acquiring individual
locks. Commit 03c5291c made such acquisitions significantly cheaper.

The most complicated code included in this patch is probably the helper
function used to determine which mode to use and which timeout functions
are needed.

Full unit tests are included for the new and changed code
(“locking.py”'s overall coverage is at 97%).

Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>

Configuring a node daemon on a newly added node will need all ssconf
values.

Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

A new utility for configuring the node daemon will support a dry-run
mode. This patch adds the necessary functionality to
“ssconf.SimpleStore” and provides comprehensive tests for
“SimpleStore.WriteFiles”. To enable the latter, a testing-only parameter
specifying the lockfile was added to the class.

Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

The new utility for configuring the node daemon will have to check
whether it received valid ssconf names.

Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

This is not comprehensive, since in Python one can't determine what is
and what is not mutable; but I've added a few base cases (list, dict,
set).

The patch also improves (makes more uniform) the error messages in the
parameter definitions.

Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>

TValueNone checks if a value is "none" and TMaybeValueNone is a wrapper
of TOr(TValueNone, x). This is used by OpNetworkSetParam in order to
reset a network value (e.g. mac_prefix, gateway, etc.)

Signed-off-by: Dimitris Aragiorgis <dimara@grnet.gr>
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>

Also remove a superfluous empty line in test file.

Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

This patch adds descriptors to the “_CheckCIDR*” functions in opcodes
and improves the descriptions generated by “ht.TInstanceOf”, thereby
indirectly fixing bad type descriptions in the RAPI documentation.

Before this patch:
- (String and (<function _CheckCIDRAddrNotation at 0x2f…>))
- (Instance of (<class 'ganeti.opcodes.OpInstanceCreate'>))

After this patch:
- (String and (IPv4 address))
- (Instance of (ganeti.opcodes.OpInstanceCreate))

Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Helga Velroyen <helgav@google.com>

A new tool for configuring the node daemon will also have to verify the
cluster name, so it's better to have this function in a central place.
In the process of moving it to ssconf it is also changed to use
“SimpleStore” instead of reading the ssconf directly. Tests are updated.

Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Helga Velroyen <helgav@google.com>

Until now ssconf would limit the amount read from files to 128 KiB and
silently ignored files larger than that. With this patch a check is
added by using fstat(2) on the file descriptor while it's being read.

There were no tests file ssconf at all, so some are added.

Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

A new tool to configure the node daemon will also have to load and
verify JSON data.

Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

Most tools had their own “SetupLogging” function, but they were all
essentially the same. This patch adds a generic version to “utils.log”
and provides unit tests.

Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

A new method is added to check whether the LockSet-internal lock is
held. This is the case after LockSet.acquire was called with
locking.ALL_SET.

Unit tests are updated, including one where the list of names must be
empty.

Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

The new lock is similar to the BGL in the sense that it has its own
level and there is only one. It is called “node allocation lock”.
Logical units will use it to synchronize with instance creations, which
in turn will start using opportunistic locks on nodes.

Additionally, an assertion in GanetiLockManager gained a message.

Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

We have many cases in the code where we write TOr(TNone, a), so let's
introduce a combinator that simplifies this case.

Beside replacing the above with TMaybe(a), I did a few other parameter
fixes:

- noop change TOr(TNone, TDict) to TMaybeDict
- noop change TOr(TNone, TNonEmptyString) to TMaybeString
- OpClusterSetParams, change master netmask from any integer to a
  non-negative integer

(I can move the last one to a separate patch if desired)

Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>

The network patches and an existing test added function-call based
dict construction as opposed to literal sintax.

Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michele Tartara <mtartara@google.com>

As per Iustin Pop's suggestion in <20121115131730.GX824@google.com> on
<ganeti-devel@googlegroups.com>.

Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

As per Iustin Pop's suggestion in <20121115131730.GX824@google.com> on
<ganeti-devel@googlegroups.com>.

Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

“locking.PipeCondition” and “locking.SharedLock” define “__repr__”,
which until now was not tested at all.

Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

Now that 2.6 is essentially finished and 2.7 going to be branched
soon-ish, I thought it would be a good moment to replace some single
quotes in test/*.py. Merge pains should be limited.

In one place in test/ganeti.locking_unittest.py, spaces are added for
assignments.

Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

Fails if the default value of an opcode parameter doesn't verify.

Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

Until now there was no test for calling “LockSet.downgrade” without
specifying any names.

Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

Signed-off-by: Dimitris Aragiorgis <dimara@grnet.gr>
Reviewed-by: Iustin Pop <iustin@google.com>

This adds tests that existing test files can be parsed by the Haskell
parser as well, plus one new test file.

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>

Currently, ht.py uses a bad terminology for positive/non-negative
numbers. Per http://en.wikipedia.org/wiki/Positive_number

, this is the
correct terminology:

- A number is positive if it is greater than zero.
- A number is negative if it is less than zero.
- A number is non-negative if it is greater than or equal to zero.
- A number is non-positive if it is less than or equal to zero.

So this patch renames things as follows:

- TPositiveInt            ⇒ TNonNegativeInt
- TStrictPositiveInt      ⇒ TPositiveInt
- TMaybePositiveInt       ⇒ dropped, not used anywhere
- TMaybeStrictPositiveInt ⇒ TMaybePositiveInt
- TPositiveFloat          ⇒ TNonNegativeFloat
- TStrictNegativeInt      ⇒ TNegativeInt

Signed-off-by: Iustin Pop <iustin@google.com>
Reviewed-by: Michael Hanselmann <hansmi@google.com>

The opcode doesn't pay attention to the build-time flag to enable or
disable restricted commands. In a cluster different nodes could have
different settings.

Node locks are acquired in shared mode by default, but the use of an
exclusive lock can be forced using the “use_locking” parameter.

Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>

As per design document (doc/design-remote-commands.rst), a number of
rather strict tests is applied to any incoming request, a delay is
inserted upon errors and returned error messages are very generic
(unless it's the actual command that failed). There are unit tests for
all of the newly added code.

Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>

- Ensure query-related resources have the same access permissions
  (specifically “/2/query/*” and “/2/*/console”)
- Check access permission consistency (write implies read)

Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

This was requested in issue 301. Before this patch, requests to
“/2/query/*” and “/2/instances/*/console” would require authentication
with a user with write access. Since that is not strictly necessary, a
new user option named “read” is added.

Console information can also be retrieved as a normal query, therefore
the change applies there too.

This was the first user option to be added after “write”, therefore
quite a few changes were necessary. Documentation, including NEWS, is
updated as well.

Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

This test does not work properly if localstatedir is not “/etc”.

Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

Also add tests to ensure it's never allowed as a file storage path. A
constant for the lock file is also added.

Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>

The UID is there, the GID wasn't.

Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>

In some cases it's nice to verify a function has been called exactly N
times. This is going to be used in tests for remote commands.

Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>

Unlike existing tests, this actually tests RAPI at the interface with
the HTTP server. This way authentification can also be tested. A test
for “/2/query/…” is included as it's a bit special.

Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Bernardo Dal Seno <bdalseno@google.com>