LGTM, thanks On Thu, 14 Jan 2016 at 14:11 'Klaus Aehlig' via ganeti-devel < [email protected]> wrote:
> > > commit b5cfcef24f318092c87a16266c74b26bf69d7c08 > Merge: de78491 7b8b411 > Author: Klaus Aehlig <[email protected]> > Date: Thu Jan 14 14:07:02 2016 +0100 > > Merge branch 'stable-2.12' into stable-2.13 > > * stable-2.12 > Increase minimal sizes of test online nodes > Also log the high-level upgrade steps > Add function to provide logged user feedback > Run renew-crypto in upgrades in debug mode > Unconditionally log upgrades at debug level > Document healthy-majority restriction on master-failover > Check for healthy majority on master failover with voting > Add a predicate testing that a majority of nodes is healthy > Fix outdated comment > Pass arguments to correct daemons during master-failover > Fix documentation for master-failover > > * stable-2.11 > (no changes) > > * stable-2.10 > KVM: explicitly configure routed NICs late > > Signed-off-by: Klaus Aehlig <[email protected]> > > diff --cc lib/client/gnt_cluster.py > index fa29f9f,9a5c91a..954ab4b > --- a/lib/client/gnt_cluster.py > +++ b/lib/client/gnt_cluster.py > @@@ -2179,43 -2075,38 +2187,43 @@@ def _VersionSpecificDowngrade() > > @return: True upon success > """ > - ToStdout("Performing version-specific downgrade tasks.") > + ToStdoutAndLoginfo("Performing version-specific downgrade tasks.") > > + # Determine if this cluster is set up with SSH handling > + # (aka not using --no-ssh-init), check if the public > + # keyfile exists. > + update_keys = os.path.exists(pathutils.SSH_PUB_KEYS) > + > + if not update_keys: > + return True > + > + ToStdout("Replace nodes' SSH keys with the master's keys.") > + (_, root_keyfiles) = \ > + ssh.GetAllUserFiles(constants.SSH_LOGIN_USER, mkdir=False, > dircheck=False) > + > + dsa_root_keyfiles = dict((kind, value) for (kind, value) > + in root_keyfiles.items() > + if kind == constants.SSHK_DSA) > + master_private_keyfile, master_public_keyfile = \ > + dsa_root_keyfiles[constants.SSHK_DSA] > + > nodes = ssconf.SimpleStore().GetOnlineNodeList() > + master_node = ssconf.SimpleStore().GetMasterNode() > cluster_name = ssconf.SimpleStore().GetClusterName() > - ssh_ports = ssconf.SimpleStore().GetSshPortMap() > > - for node in nodes: > - data = { > - constants.NDS_CLUSTER_NAME: cluster_name, > - constants.NDS_NODE_DAEMON_CERTIFICATE: > - utils.ReadFile(pathutils.NODED_CERT_FILE), > - constants.NDS_NODE_NAME: node, > - constants.NDS_ACTION: constants.CRYPTO_ACTION_DELETE, > - } > + # If master node is in 'nodes', remove it > + if master_node in nodes: > + nodes.remove(master_node) > > - try: > - bootstrap.RunNodeSetupCmd( > - cluster_name, > - node, > - pathutils.SSL_UPDATE, > - True, # debug > - True, # verbose, > - True, # use cluster key > - False, # ask key > - True, # strict host check > - ssh_ports[node], > - data) > - except Exception as e: # pylint: disable=W0703 > - # As downgrading can fail if a node is temporarily unreachable > - # only output the error, but do not abort the entire operation. > - ToStderr("Downgrading SSL setup of node '%s' failed: %s." % > - (node, e)) > + srun = ssh.SshRunner(cluster_name=cluster_name) > + for name in nodes: > + for key_file in [master_private_keyfile, master_public_keyfile]: > + command = utils.text.ShellQuoteArgs([ > + "scp", key_file, "%s:%s" % (name, key_file)]) > + result = srun.Run(master_node, constants.SSH_LOGIN_USER, command) > + if result.exit_code != 0: > + ToStderr("Overiding SSH key '%s' of node '%s' failed. You might" > + " want to clean up manually." % (key_file, name)) > > return True > > > -- > Klaus Aehlig > Google Germany GmbH, Dienerstr. 12, 80331 Muenchen > Registergericht und -nummer: Hamburg, HRB 86891 > Sitz der Gesellschaft: Hamburg > Geschaeftsfuehrer: Matthew Scott Sucherman, Paul Terence Manicle > -- Helga Velroyen Software Engineer [email protected] Google Germany GmbH Erika-Mann-Strasse 33 80636 München Geschäftsführer: Matthew Scott Sucherman, Paul Terence Manicle Registergericht und -nummer: Hamburg, HRB 86891 Sitz der Gesellschaft: Hamburg Diese E-Mail ist vertraulich. Wenn Sie nicht der richtige Adressat sind, leiten Sie diese bitte nicht weiter, informieren Sie den Absender und löschen Sie die E-Mail und alle Anhänge. Vielen Dank. This e-mail is confidential. If you are not the right addressee please do not forward it, please inform the sender, and please erase this e-mail including any attachments. Thanks.
