LGTM, thanks On Fri, 13 Nov 2015 at 11:17 'Hrvoje Ribicic' via ganeti-devel < [email protected]> wrote:
> This patch uses the previously added CLI options to allow the key > parameters to be specified at initialization time and saved in the > configuration. > > Signed-off-by: Hrvoje Ribicic <[email protected]> > --- > lib/bootstrap.py | 23 +++++++++++++---------- > lib/client/gnt_cluster.py | 12 ++++++++++++ > lib/ht.py | 1 + > lib/objects.py | 8 ++++++++ > src/Ganeti/Constants.hs | 8 ++++++++ > src/Ganeti/Objects.hs | 2 ++ > test/hs/Test/Ganeti/Objects.hs | 7 +++++++ > 7 files changed, 51 insertions(+), 10 deletions(-) > > diff --git a/lib/bootstrap.py b/lib/bootstrap.py > index d649b8e..69f75dd 100644 > --- a/lib/bootstrap.py > +++ b/lib/bootstrap.py > @@ -485,16 +485,17 @@ def _InitCheckDrbdHelper(drbd_helper, drbd_enabled): > def InitCluster(cluster_name, mac_prefix, # pylint: disable=R0913, R0914 > master_netmask, master_netdev, file_storage_dir, > shared_file_storage_dir, gluster_storage_dir, > - candidate_pool_size, secondary_ip=None, > - vg_name=None, beparams=None, nicparams=None, > ndparams=None, > - hvparams=None, diskparams=None, enabled_hypervisors=None, > - modify_etc_hosts=True, modify_ssh_setup=True, > - maintain_node_health=False, drbd_helper=None, > uid_pool=None, > - default_iallocator=None, default_iallocator_params=None, > - primary_ip_version=None, ipolicy=None, > - prealloc_wipe_disks=False, use_external_mip_script=False, > - hv_state=None, disk_state=None, > enabled_disk_templates=None, > - install_image=None, zeroing_image=None, > compression_tools=None, > + candidate_pool_size, ssh_key_type, ssh_key_bits, > + secondary_ip=None, vg_name=None, beparams=None, > nicparams=None, > + ndparams=None, hvparams=None, diskparams=None, > + enabled_hypervisors=None, modify_etc_hosts=True, > + modify_ssh_setup=True, maintain_node_health=False, > + drbd_helper=None, uid_pool=None, default_iallocator=None, > + default_iallocator_params=None, primary_ip_version=None, > + ipolicy=None, prealloc_wipe_disks=False, > + use_external_mip_script=False, hv_state=None, > disk_state=None, > + enabled_disk_templates=None, install_image=None, > + zeroing_image=None, compression_tools=None, > enabled_user_shutdown=False): > """Initialise the cluster. > > @@ -797,6 +798,8 @@ def InitCluster(cluster_name, mac_prefix, # pylint: > disable=R0913, R0914 > zeroing_image=zeroing_image, > compression_tools=compression_tools, > enabled_user_shutdown=enabled_user_shutdown, > + ssh_key_type=ssh_key_type, > + ssh_key_bits=ssh_key_bits, > ) > master_node_config = objects.Node(name=hostname.name, > primary_ip=hostname.ip, > diff --git a/lib/client/gnt_cluster.py b/lib/client/gnt_cluster.py > index dd31092..717da44 100644 > --- a/lib/client/gnt_cluster.py > +++ b/lib/client/gnt_cluster.py > @@ -299,6 +299,16 @@ def InitCluster(opts, args): > else: > enabled_user_shutdown = False > > + if opts.ssh_key_type: > + ssh_key_type = opts.ssh_key_type > + else: > + ssh_key_type = constants.SSH_DEFAULT_KEY_TYPE > + > + if opts.ssh_key_bits: > + ssh_key_bits = opts.ssh_key_bits > + else: > + ssh_key_bits = constants.SSH_DEFAULT_KEY_BITS > + > bootstrap.InitCluster(cluster_name=args[0], > secondary_ip=opts.secondary_ip, > vg_name=vg_name, > @@ -333,6 +343,8 @@ def InitCluster(opts, args): > zeroing_image=zeroing_image, > compression_tools=compression_tools, > enabled_user_shutdown=enabled_user_shutdown, > + ssh_key_type=ssh_key_type, > + ssh_key_bits=ssh_key_bits, > ) > op = opcodes.OpClusterPostInit() > SubmitOpCode(op, opts=opts) > diff --git a/lib/ht.py b/lib/ht.py > index 1fd5660..edadc3b 100644 > --- a/lib/ht.py > +++ b/lib/ht.py > @@ -651,6 +651,7 @@ def TStorageType(val): > TTagKind = TElemOf(constants.VALID_TAG_TYPES) > TDdmSimple = TElemOf(constants.DDMS_VALUES) > TVerifyOptionalChecks = TElemOf(constants.VERIFY_OPTIONAL_CHECKS) > +TSshKeyType = TElemOf(constants.SSHK_ALL) > > > @WithDesc("IPv4 network") > diff --git a/lib/objects.py b/lib/objects.py > index 8b5a926..4ea958a 100644 > --- a/lib/objects.py > +++ b/lib/objects.py > @@ -1653,6 +1653,8 @@ class Cluster(TaggableObject): > "compression_tools", > "enabled_user_shutdown", > "data_collectors", > + "ssh_key_type", > + "ssh_key_bits", > ] + _TIMESTAMPS + _UUID > > def UpgradeConfig(self): > @@ -1808,6 +1810,12 @@ class Cluster(TaggableObject): > if self.enabled_user_shutdown is None: > self.enabled_user_shutdown = False > > + if self.ssh_key_type is None: > + self.ssh_key_type = constants.SSH_DEFAULT_KEY_TYPE > + > + if self.ssh_key_bits is None: > + self.ssh_key_bits = constants.SSH_DEFAULT_KEY_BITS > + > @property > def primary_hypervisor(self): > """The first hypervisor is the primary. > diff --git a/src/Ganeti/Constants.hs b/src/Ganeti/Constants.hs > index eedd493..1a6ceca 100644 > --- a/src/Ganeti/Constants.hs > +++ b/src/Ganeti/Constants.hs > @@ -4702,6 +4702,14 @@ sshakRsa = "ssh-rsa" > sshakAll :: FrozenSet String > sshakAll = ConstantUtils.mkSet [sshakDss, sshakRsa] > > +-- * SSH key default values > + > +sshDefaultKeyType :: String > +sshDefaultKeyType = sshkRsa > + > +sshDefaultKeyBits :: Int > +sshDefaultKeyBits = 2048 > + > -- * SSH setup > > sshsClusterName :: String > diff --git a/src/Ganeti/Objects.hs b/src/Ganeti/Objects.hs > index 2bf734f..28bbe57 100644 > --- a/src/Ganeti/Objects.hs > +++ b/src/Ganeti/Objects.hs > @@ -670,6 +670,8 @@ $(buildObject "Cluster" "cluster" $ > , simpleField "compression_tools" [t| [String] > |] > , simpleField "enabled_user_shutdown" [t| Bool > |] > , simpleField "data_collectors" [t| Container > DataCollectorConfig |] > + , simpleField "ssh_key_type" [t| SshKeyType > |] > + , simpleField "ssh_key_bits" [t| Int > |] > ] > ++ timeStampFields > ++ uuidFields > diff --git a/test/hs/Test/Ganeti/Objects.hs > b/test/hs/Test/Ganeti/Objects.hs > index 319e7ee..aec06d8 100644 > --- a/test/hs/Test/Ganeti/Objects.hs > +++ b/test/hs/Test/Ganeti/Objects.hs > @@ -375,6 +375,13 @@ instance Arbitrary FilterRule where > <*> arbitrary > <*> genUUID > > +instance Arbitrary SshKeyType where > + arbitrary = oneof > + [ pure RSA > + , pure DSA > + , pure ECDSA > + ] > + > -- | Generates a network instance with minimum netmasks of /24. Generating > -- bigger networks slows down the tests, because long bit strings are > generated > -- for the reservations. > -- > 2.6.0.rc2.230.g3dd15c0 > > -- Helga Velroyen Software Engineer [email protected] Google Germany GmbH Dienerstraße 12 80331 München Geschäftsführer: Matthew Scott Sucherman, Paul Terence Manicle Registergericht und -nummer: Hamburg, HRB 86891 Sitz der Gesellschaft: Hamburg Diese E-Mail ist vertraulich. Wenn Sie nicht der richtige Adressat sind, leiten Sie diese bitte nicht weiter, informieren Sie den Absender und löschen Sie die E-Mail und alle Anhänge. Vielen Dank. This e-mail is confidential. If you are not the right addressee please do not forward it, please inform the sender, and please erase this e-mail including any attachments. Thanks.
