• Petr Pudlak's avatar
    Merge branch 'stable-2.13' into stable-2.14 · 6d9446fa
    Petr Pudlak authored
    * stable-2.13
      Describe --no-verify-disks option in watcher man page
      Make disk verification optional
    * stable-2.12
      Handle SSL setup when downgrading
      Write SSH ports to ssconf files
      Noded: Consider certificate chain in callback
      Cluster-keys-replacement: update documentation
      Backend: Use timestamp as serial no for server cert
      UPGRADE: add note about 2.12.5
      NEWS: Mention issue 1094
      man: mention changes in renew-crypto
      Verify: warn about self-signed client certs
      Bootstrap: validate SSL setup before starting noded
      Clean up configuration of curl request
      Renew-crypto: remove superflous copying of node certs
      Renew-crypto: propagate verbose and debug option
      Noded: log the certificate and digest on noded startup
      QA: reload rapi cert after renew crypto
      Prepare-node-join: use common functions
      Renew-crypto: remove dead code
      Init: add master client certificate to configuration
      Renew-crypto: rebuild digest map of all nodes
      Noded: make "bootstrap" a constant
      node-daemon-setup: generate client certificate
      tools: Move (Re)GenerateClientCert to common
      Renew cluster and client certificates together
      Init: create the master's client cert in bootstrap
      Renew client certs using ssl_update tool
      Run functions while (some) daemons are stopped
      Back up old client.pem files
      Introduce ssl_update tool
      x509 function for creating signed certs
      Add tools/common.py from 2.13
      Consider ECDSA in SSH setup
      Update documentation of watcher and RAPI daemon
      Watcher: add option for setting RAPI IP
      When connecting to Metad fails, log the full stack trace
      Set up the Metad client with allow_non_master
      Set up the configuration client properly on non-masters
      Add the 'allow_non_master' option to the WConfd RPC client
      Add the option to disable master checks to the RPC client
      Add 'allow_non_master' to the Luxi test transport class too
      Add 'allow_non_master' to FdTransport for compatibility
      Properly document all constructor arguments of Transport
      Allow the Transport class to be used for non-master nodes
      Don't define the set of all daemons twice
              - keep newly added files from both branches
              - propagate relevant changes from/lib/cmdlib/cluster.py to
              - include methods added in stable-2.13
              - temporarily disable the warning for too many lines
              - propagate changes to lib/tools/cfgupgrade.py
    Signed-off-by: default avatarPetr Pudlak <pudlak@google.com>
    Reviewed-by: default avatarHelga Velroyen <helgav@google.com>
cli.py 88.3 KB