Prior to this patch, gnt-cluster renew-crypto still created the ganeti_pub_keys file regardless of whether the cluster was initiated with --no-ssh-init or not. Instead, query the matching config parameter and build the file only if Ganeti manages SSH keys.
Signed-off-by: Hrvoje Ribicic <[email protected]> --- lib/client/gnt_cluster.py | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/lib/client/gnt_cluster.py b/lib/client/gnt_cluster.py index 0aa1bb4..2da9832 100644 --- a/lib/client/gnt_cluster.py +++ b/lib/client/gnt_cluster.py @@ -1211,18 +1211,24 @@ def _BuildGanetiPubKeys(options, pub_key_file=pathutils.SSH_PUB_KEYS, cl=None, """Recreates the 'ganeti_pub_key' file by polling all nodes. """ + + if not cl: + cl = GetClient() + + (cluster_name, master_node, modify_ssh_setup) = \ + cl.QueryConfigValues(["cluster_name", "master_node", "modify_ssh_setup"]) + + # In case Ganeti is not supposed to modify the SSH setup, simply exit and do + # not update this file. + if not modify_ssh_setup: + return + if os.path.exists(pub_key_file): utils.CreateBackup(pub_key_file) utils.RemoveFile(pub_key_file) ssh.ClearPubKeyFile(pub_key_file) - if not cl: - cl = GetClient() - - (cluster_name, master_node) = \ - cl.QueryConfigValues(["cluster_name", "master_node"]) - online_nodes = get_online_nodes_fn([], cl=cl) ssh_ports = get_nodes_ssh_ports_fn(online_nodes + [master_node], cl) ssh_port_map = dict(zip(online_nodes + [master_node], ssh_ports)) -- 2.1.4
