]> git.proxmox.com Git - pve-cluster.git/blame - data/PVE/CLI/pvecm.pm
projects / pve-cluster.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Add verification and fallback to cluster join/addnode
[pve-cluster.git] / data / PVE / CLI / pvecm.pm
CommitLineData
13d44dc5
DM		 1package PVE::CLI::pvecm;
2
3use strict;
4use warnings;
95e7bcac 5
13d44dc5
DM		 6use File::Path;
7use File::Basename;
294f76c4 8use PVE::Tools qw(run_command);
13d44dc5
DM		 9use PVE::Cluster;
10use PVE::INotify;
10c6810e 11use PVE::JSONSchema qw(get_standard_option);
03b23bd0 12use PVE::RPCEnvironment;
13d44dc5 13use PVE::CLIHandler;
03b23bd0 14use PVE::PTY;
1d26c202 15use PVE::API2::ClusterConfig;
b6973a89 16use PVE::Corosync;
c5204e14 17use PVE::Cluster::Setup;
13d44dc5
DM		 18
19use base qw(PVE::CLIHandler);
20
21$ENV{HOME} = '/root'; # for ssh-copy-id
22
23my $basedir = "/etc/pve";
24my $clusterconf = "$basedir/corosync.conf";
25my $libdir = "/var/lib/pve-cluster";
13d44dc5
DM		 26my $authfile = "/etc/corosync/authkey";
27
9db3f0c0 28
03b23bd0
TL		 29sub setup_environment {
30 PVE::RPCEnvironment->setup_default_cli_env();
31}
32
13d44dc5 33__PACKAGE__->register_method ({
c53b111f 34 name => 'keygen',
13d44dc5
DM		 35 path => 'keygen',
36 method => 'PUT',
37 description => "Generate new cryptographic key for corosync.",
38 parameters => {
39 additionalProperties => 0,
40 properties => {
41 filename => {
42 type => 'string',
43 description => "Output file name"
44 }
45 },
46 },
47 returns => { type => 'null' },
c53b111f 48
13d44dc5
DM		 49 code => sub {
50 my ($param) = @_;
51
52 my $filename = $param->{filename};
53
54 # test EUID
55 $> == 0 || die "Error: Authorization key must be generated as root user.\n";
56 my $dirname = dirname($filename);
13d44dc5
DM		 57
58 die "key file '$filename' already exists\n" if -e $filename;
59
60 File::Path::make_path($dirname) if $dirname;
61
294f76c4 62 run_command(['corosync-keygen', '-l', '-k', $filename]);
13d44dc5
DM		 63
64 return undef;
65 }});
66
63afd01d
OB		 67my $foreach_member = sub {
68 my ($code, $noerr) = @_;
69
70 my $members = PVE::Cluster::get_members();
71 foreach my $node (sort keys %$members) {
72 if (my $ip = $members->{$node}->{ip}) {
73 $code->($node, $ip);
74 } else {
75 die "cannot get the cluster IP for node '$node'.\n" if !$noerr;
76 warn "cannot get the cluster IP for node '$node'.\n";
77 return undef;
78 }
79 }
80};
81
82__PACKAGE__->register_method ({
83 name => 'setup_qdevice',
84 path => 'setup_qdevice',
85 method => 'PUT',
86 description => "Setup the use of a QDevice",
87 parameters => {
88 additionalProperties => 0,
89 properties => {
90 address => {
91 type => 'string', format => 'ip',
92 description => "Specifies the network address of an external corosync QDevice" ,
93 },
94 network => {
95 type => 'string',
96 format => 'CIDR',
97 description => 'The network which should be used to connect to the external qdevice',
98 optional => 1,
99 },
100 force => {
101 type => 'boolean',
102 description => "Do not throw error on possible dangerous operations.",
103 optional => 1,
104 },
105 },
106 },
107 returns => { type => 'null' },
108
109 code => sub {
110 my ($param) = @_;
111
75a3d341 112 PVE::Corosync::check_conf_exists();
63afd01d
OB		 113
114 my $members = PVE::Cluster::get_members();
115 foreach my $node (sort keys %$members) {
116 die "All nodes must be online! Node $node is offline, aborting.\n"
117 if !$members->{$node}->{online};
118 }
119
120 my $conf = PVE::Cluster::cfs_read_file("corosync.conf");
121
122 die "QDevice already configured!\n"
123 if defined($conf->{main}->{quorum}->{device}) && !$param->{force};
124
125 my $network = $param->{network};
126
127 my $model = "net";
128 my $algorithm = 'ffsplit';
129 if (scalar($members) & 1) {
130 if ($param->{force}) {
131 $algorithm = 'lms';
132 } else {
133 die "Clusters with an odd node count are not officially supported!\n";
134 }
135 }
136
137 my $qnetd_addr = $param->{address};
138 my $base_dir = "/etc/corosync/qdevice/net";
139 my $db_dir_qnetd = "/etc/corosync/qnetd/nssdb";
140 my $db_dir_node = "$base_dir/nssdb";
141 my $ca_export_base = "qnetd-cacert.crt";
142 my $ca_export_file = "$db_dir_qnetd/$ca_export_base";
143 my $crq_file_base = "qdevice-net-node.crq";
144 my $p12_file_base = "qdevice-net-node.p12";
145 my $qdevice_certutil = "corosync-qdevice-net-certutil";
146 my $qnetd_certutil= "corosync-qnetd-certutil";
147 my $clustername = $conf->{main}->{totem}->{cluster_name};
148
149 run_command(['ssh-copy-id', '-i', '/root/.ssh/id_rsa', "root\@$qnetd_addr"]);
150
151 if (-d $db_dir_node) {
152 # FIXME: check on all nodes?!
153 if ($param->{force}) {
154 rmtree $db_dir_node;
155 } else {
156 die "QDevice certificate store already initialised, set force to delete!\n";
157 }
158 }
159
160 my $ssh_cmd = ['ssh', '-o', 'BatchMode=yes', '-lroot'];
161 my $scp_cmd = ['scp', '-o', 'BatchMode=yes'];
162
163 print "\nINFO: initializing qnetd server\n";
164 run_command(
165 [@$ssh_cmd, $qnetd_addr, $qnetd_certutil, "-i"],
166 noerr => 1
167 );
168
169 print "\nINFO: copying CA cert and initializing on all nodes\n";
170 run_command([@$scp_cmd, "root\@\[$qnetd_addr\]:$ca_export_file", "/etc/pve/$ca_export_base"]);
171 $foreach_member->(sub {
172 my ($node, $ip) = @_;
173 my $outsub = sub { print "\nnode '$node': " . shift };
174 run_command(
175 [@$ssh_cmd, $ip, $qdevice_certutil, "-i", "-c", "/etc/pve/$ca_export_base"],
176 noerr => 1, outfunc => \&$outsub
177 );
178 });
179 unlink "/etc/pve/$ca_export_base";
180
181 print "\nINFO: generating cert request\n";
182 run_command([$qdevice_certutil, "-r", "-n", $clustername]);
183
184 print "\nINFO: copying exported cert request to qnetd server\n";
185 run_command([@$scp_cmd, "$db_dir_node/$crq_file_base", "root\@\[$qnetd_addr\]:/tmp"]);
186
187 print "\nINFO: sign and export cluster cert\n";
188 run_command([
189 @$ssh_cmd, $qnetd_addr, $qnetd_certutil, "-s", "-c",
190 "/tmp/$crq_file_base", "-n", "$clustername"
191 ]);
192
193 print "\nINFO: copy exported CRT\n";
194 run_command([
195 @$scp_cmd, "root\@\[$qnetd_addr\]:$db_dir_qnetd/cluster-$clustername.crt",
196 "$db_dir_node"
197 ]);
198
199 print "\nINFO: import certificate\n";
200 run_command(["$qdevice_certutil", "-M", "-c", "$db_dir_node/cluster-$clustername.crt"]);
201
202 print "\nINFO: copy and import pk12 cert to all nodes\n";
203 run_command([@$scp_cmd, "$db_dir_node/$p12_file_base", "/etc/pve/"]);
204 $foreach_member->(sub {
205 my ($node, $ip) = @_;
206 my $outsub = sub { print "\nnode '$node': " . shift };
207 run_command([
208 @$ssh_cmd, $ip, "$qdevice_certutil", "-m", "-c",
209 "/etc/pve/$p12_file_base"], outfunc => \&$outsub
210 );
211 });
212 unlink "/etc/pve/$p12_file_base";
213
214
215 my $code = sub {
216 my $conf = PVE::Cluster::cfs_read_file("corosync.conf");
217 my $quorum_section = $conf->{main}->{quorum};
218
219 die "Qdevice already configured, must be removed before setting up new one!\n"
220 if defined($quorum_section->{device}); # must not be forced!
221
222 my $qdev_section = {
223 model => $model,
224 "$model" => {
225 tls => 'on',
226 host => $qnetd_addr,
227 algorithm => $algorithm,
228 }
229 };
230 $qdev_section->{votes} = 1 if $algorithm eq 'ffsplit';
231
232 $quorum_section->{device} = $qdev_section;
233
234 PVE::Corosync::atomic_write_conf($conf);
235 };
236
237 print "\nINFO: add QDevice to cluster configuration\n";
238 PVE::Cluster::cfs_lock_file('corosync.conf', 10, $code);
239 die $@ if $@;
240
241 $foreach_member->(sub {
242 my ($node, $ip) = @_;
243 my $outsub = sub { print "\nnode '$node': " . shift };
244 print "\nINFO: start and enable corosync qdevice daemon on node '$node'...\n";
245 run_command([@$ssh_cmd, $ip, 'systemctl', 'start', 'corosync-qdevice'], outfunc => \&$outsub);
246 run_command([@$ssh_cmd, $ip, 'systemctl', 'enable', 'corosync-qdevice'], outfunc => \&$outsub);
247 });
248
249 run_command(['corosync-cfgtool', '-R']); # do cluster wide config reload
250
251 return undef;
252}});
253
254__PACKAGE__->register_method ({
255 name => 'remove_qdevice',
256 path => 'remove_qdevice',
257 method => 'DELETE',
258 description => "Remove a configured QDevice",
259 parameters => {
260 additionalProperties => 0,
261 properties => {},
262 },
263 returns => { type => 'null' },
264
265 code => sub {
266 my ($param) = @_;
267
75a3d341 268 PVE::Corosync::check_conf_exists();
63afd01d
OB		 269
270 my $members = PVE::Cluster::get_members();
271 foreach my $node (sort keys %$members) {
272 die "All nodes must be online! Node $node is offline, aborting.\n"
273 if !$members->{$node}->{online};
274 }
275
276 my $ssh_cmd = ['ssh', '-o', 'BatchMode=yes', '-lroot'];
277
278 my $code = sub {
279 my $conf = PVE::Cluster::cfs_read_file("corosync.conf");
280 my $quorum_section = $conf->{main}->{quorum};
281
282 die "No QDevice configured!\n" if !defined($quorum_section->{device});
283
284 delete $quorum_section->{device};
285
286 PVE::Corosync::atomic_write_conf($conf);
287
288 # cleanup qdev state (cert storage)
289 my $qdev_state_dir = "/etc/corosync/qdevice";
290 $foreach_member->(sub {
291 my (undef, $ip) = @_;
292 run_command([@$ssh_cmd, $ip, '--', 'rm', '-rf', $qdev_state_dir]);
293 });
294 };
295
296 PVE::Cluster::cfs_lock_file('corosync.conf', 10, $code);
297 die $@ if $@;
298
299 $foreach_member->(sub {
300 my (undef, $ip) = @_;
301 run_command([@$ssh_cmd, $ip, 'systemctl', 'stop', 'corosync-qdevice']);
302 run_command([@$ssh_cmd, $ip, 'systemctl', 'disable', 'corosync-qdevice']);
303 });
304
305 run_command(['corosync-cfgtool', '-R']);
306
307 print "\nRemoved Qdevice.\n";
308
309 return undef;
310}});
311
13d44dc5 312__PACKAGE__->register_method ({
c53b111f 313 name => 'add',
13d44dc5
DM		 314 path => 'add',
315 method => 'PUT',
316 description => "Adds the current node to an existing cluster.",
317 parameters => {
318 additionalProperties => 0,
8ef581e4 319 properties => PVE::Corosync::add_corosync_link_properties({
13d44dc5
DM		 320 hostname => {
321 type => 'string',
322 description => "Hostname (or IP) of an existing cluster member."
323 },
10c6810e 324 nodeid => get_standard_option('corosync-nodeid'),
13d44dc5
DM		 325 votes => {
326 type => 'integer',
327 description => "Number of votes for this node",
328 minimum => 0,
329 optional => 1,
330 },
331 force => {
332 type => 'boolean',
333 description => "Do not throw error if node already exists.",
334 optional => 1,
335 },
10c6810e 336 fingerprint => get_standard_option('fingerprint-sha256', {
03b23bd0
TL		 337 optional => 1,
338 }),
339 'use_ssh' => {
340 type => 'boolean',
341 description => "Always use SSH to join, even if peer may do it over API.",
342 optional => 1,
343 },
8ef581e4 344 }),
13d44dc5
DM		 345 },
346 returns => { type => 'null' },
c53b111f 347
13d44dc5
DM		 348 code => sub {
349 my ($param) = @_;
350
351 my $nodename = PVE::INotify::nodename();
03b23bd0 352 my $host = $param->{hostname};
f566b424 353
83e5e7b7 354 my $worker = sub {
03b23bd0 355
83e5e7b7 356 if (!$param->{use_ssh}) {
f55fe6b3 357 my $password = PVE::PTY::read_password("Please enter superuser (root) password for '$host': ");
03b23bd0 358
83e5e7b7
TL		 359 delete $param->{use_ssh};
360 $param->{password} = $password;
03b23bd0 361
83e5e7b7 362 my $local_cluster_lock = "/var/lock/pvecm.lock";
c5204e14 363 PVE::Tools::lock_file($local_cluster_lock, 10, \&PVE::Cluster::Setup::join, $param);
83e5e7b7
TL		 364
365 if (my $err = $@) {
efe59a84 366 if (ref($err) eq 'PVE::APIClient::Exception' && defined($err->{code}) && $err->{code} == 501) {
83e5e7b7
TL		 367 $err = "Remote side is not able to use API for Cluster join!\n" .
368 "Pass the 'use_ssh' switch or update the remote side.\n";
369 }
370 die $err;
03b23bd0 371 }
83e5e7b7 372 return; # all OK, the API join endpoint successfully set us up
03b23bd0 373 }
03b23bd0 374
83e5e7b7
TL		 375 # allow fallback to old ssh only join if wished or needed
376
1e3e951c 377 my $local_ip_address = PVE::Cluster::remote_node_ip($nodename);
8ef581e4 378 my $links = PVE::Corosync::extract_corosync_link_args($param);
1e3e951c 379
8ef581e4 380 PVE::Cluster::Setup::assert_joinable($local_ip_address, $links, $param->{force});
1e3e951c 381
c5204e14
FG		 382 PVE::Cluster::Setup::setup_sshd_config();
383 PVE::Cluster::Setup::setup_rootsshconfig();
384 PVE::Cluster::Setup::setup_ssh_keys();
03b23bd0 385
83e5e7b7 386 # make sure known_hosts is on local filesystem
c5204e14 387 PVE::Cluster::Setup::ssh_unmerge_known_hosts();
5a630d8f 388
83e5e7b7
TL		 389 my $cmd = ['ssh-copy-id', '-i', '/root/.ssh/id_rsa', "root\@$host"];
390 run_command($cmd, 'outfunc' => sub {}, 'errfunc' => sub {},
391 'errmsg' => "unable to copy ssh ID");
13d44dc5 392
83e5e7b7
TL		 393 $cmd = ['ssh', $host, '-o', 'BatchMode=yes',
394 'pvecm', 'addnode', $nodename, '--force', 1];
13d44dc5 395
83e5e7b7
TL		 396 push @$cmd, '--nodeid', $param->{nodeid} if $param->{nodeid};
397 push @$cmd, '--votes', $param->{votes} if defined($param->{votes});
8ef581e4
SR		 398
399 foreach my $link (keys %$links) {
400 push @$cmd, "--link$link", PVE::JSONSchema::print_property_string(
401 $links->{$link}, get_standard_option('corosync-link'));
402 }
83e5e7b7 403
88b4cb13
SR		 404 # this will be used as fallback if no links are specified
405 if (!%$links) {
406 push @$cmd, '--link0', $local_ip_address;
407 print "No cluster network links passed explicitly, fallback to local node"
408 . " IP '$local_ip_address'\n";
409 }
410
83e5e7b7
TL		 411 if (system (@$cmd) != 0) {
412 my $cmdtxt = join (' ', @$cmd);
413 die "unable to add node: command failed ($cmdtxt)\n";
414 }
13d44dc5 415
83e5e7b7
TL		 416 my $tmpdir = "$libdir/.pvecm_add.tmp.$$";
417 mkdir $tmpdir;
14d0000a 418
83e5e7b7
TL		 419 eval {
420 print "copy corosync auth key\n";
421 $cmd = ['rsync', '--rsh=ssh -l root -o BatchMode=yes', '-lpgoq',
422 "[$host]:$authfile $clusterconf", $tmpdir];
13d44dc5 423
83e5e7b7 424 system(@$cmd) == 0 || die "can't rsync data from host '$host'\n";
13d44dc5 425
83e5e7b7
TL		 426 my $corosync_conf = PVE::Tools::file_get_contents("$tmpdir/corosync.conf");
427 my $corosync_authkey = PVE::Tools::file_get_contents("$tmpdir/authkey");
13d44dc5 428
c5204e14 429 PVE::Cluster::Setup::finish_join($host, $corosync_conf, $corosync_authkey);
83e5e7b7
TL		 430 };
431 my $err = $@;
13d44dc5 432
83e5e7b7 433 rmtree $tmpdir;
13d44dc5 434
83e5e7b7 435 die $err if $err;
13d44dc5 436 };
13d44dc5 437
83e5e7b7
TL		 438 # use a synced worker so we get a nice task log when joining through CLI
439 my $rpcenv = PVE::RPCEnvironment::get();
440 my $authuser = $rpcenv->get_user();
13d44dc5 441
83e5e7b7 442 $rpcenv->fork_worker('clusterjoin', '', $authuser, $worker);
13d44dc5
DM		 443
444 return undef;
445 }});
446
447__PACKAGE__->register_method ({
c53b111f 448 name => 'status',
13d44dc5
DM		 449 path => 'status',
450 method => 'GET',
451 description => "Displays the local view of the cluster status.",
452 parameters => {
453 additionalProperties => 0,
454 properties => {},
455 },
456 returns => { type => 'null' },
c53b111f 457
13d44dc5
DM		 458 code => sub {
459 my ($param) = @_;
460
b6973a89 461 PVE::Corosync::check_conf_exists();
3df092f9
TL		 462 my $conf = eval { PVE::Cluster::cfs_read_file("corosync.conf") } // {};
463 warn "$@" if $@;
464 my $totem = PVE::Corosync::totem_config($conf);
465
466 if (scalar(%$totem)) {
467 my $print_info = sub {
468 my ($label, $key, $default) = @_;
469 my $val = $totem->{$key} // $default;
470 printf "%-17s %s\n", "$label:", "$val";
471 };
472
473 printf "Cluster information\n";
474 printf "-------------------\n";
475 $print_info->('Name', 'cluster_name', 'UNKOWN?');
476 $print_info->('Config Version', 'config_version', -1);
477 $print_info->('Transport', 'transport', 'knet');
478 $print_info->('Secure auth', 'secauth', 'off');
479 printf "\n";
480 }
eb51b829 481
13d44dc5
DM		 482 my $cmd = ['corosync-quorumtool', '-siH'];
483
484 exec (@$cmd);
485
486 exit (-1); # should not be reached
487 }});
488
489__PACKAGE__->register_method ({
c53b111f 490 name => 'nodes',
13d44dc5
DM		 491 path => 'nodes',
492 method => 'GET',
493 description => "Displays the local view of the cluster nodes.",
494 parameters => {
495 additionalProperties => 0,
496 properties => {},
497 },
498 returns => { type => 'null' },
c53b111f 499
13d44dc5
DM		 500 code => sub {
501 my ($param) = @_;
502
b6973a89 503 PVE::Corosync::check_conf_exists();
eb51b829 504
13d44dc5
DM		 505 my $cmd = ['corosync-quorumtool', '-l'];
506
507 exec (@$cmd);
508
509 exit (-1); # should not be reached
510 }});
511
512__PACKAGE__->register_method ({
c53b111f 513 name => 'expected',
13d44dc5
DM		 514 path => 'expected',
515 method => 'PUT',
516 description => "Tells corosync a new value of expected votes.",
517 parameters => {
518 additionalProperties => 0,
519 properties => {
520 expected => {
521 type => 'integer',
522 description => "Expected votes",
523 minimum => 1,
524 },
525 },
526 },
527 returns => { type => 'null' },
c53b111f 528
13d44dc5
DM		 529 code => sub {
530 my ($param) = @_;
531
b6973a89 532 PVE::Corosync::check_conf_exists();
eb51b829 533
13d44dc5
DM		 534 my $cmd = ['corosync-quorumtool', '-e', $param->{expected}];
535
536 exec (@$cmd);
537
538 exit (-1); # should not be reached
539
540 }});
541
13d44dc5 542__PACKAGE__->register_method ({
c53b111f 543 name => 'updatecerts',
13d44dc5
DM		 544 path => 'updatecerts',
545 method => 'PUT',
546 description => "Update node certificates (and generate all needed files/directories).",
547 parameters => {
548 additionalProperties => 0,
549 properties => {
550 force => {
551 description => "Force generation of new SSL certifate.",
552 type => 'boolean',
553 optional => 1,
554 },
555 silent => {
556 description => "Ignore errors (i.e. when cluster has no quorum).",
557 type => 'boolean',
558 optional => 1,
559 },
560 },
561 },
562 returns => { type => 'null' },
563 code => sub {
564 my ($param) = @_;
565
4e8cc352
TL		 566 # we get called by the pve-cluster.service ExecStartPost and as we do
567 # IO (on /etc/pve) which can hang (uninterruptedly D state). That'd be
568 # no-good for ExecStartPost as it fails the whole service in this case
569 PVE::Tools::run_fork_with_timeout(30, sub {
c5204e14 570 PVE::Cluster::Setup::updatecerts_and_ssh($param->@{qw(force silent)});
50f74e31 571 });
13d44dc5
DM		 572
573 return undef;
574 }});
575
ac7a8cf1
TL		 576__PACKAGE__->register_method ({
577 name => 'mtunnel',
578 path => 'mtunnel',
579 method => 'POST',
580 description => "Used by VM/CT migration - do not use manually.",
581 parameters => {
582 additionalProperties => 0,
583 properties => {
584 get_migration_ip => {
585 type => 'boolean',
586 default => 0,
587 description => 'return the migration IP, if configured',
588 optional => 1,
589 },
590 migration_network => {
591 type => 'string',
592 format => 'CIDR',
593 description => 'the migration network used to detect the local migration IP',
594 optional => 1,
595 },
596 'run-command' => {
597 type => 'boolean',
598 description => 'Run a command with a tcp socket as standard input.'
599 .' The IP address and port are printed via this'
600 ." command's stdandard output first, each on a separate line.",
601 optional => 1,
602 },
603 'extra-args' => PVE::JSONSchema::get_standard_option('extra-args'),
604 },
605 },
606 returns => { type => 'null'},
607 code => sub {
608 my ($param) = @_;
609
610 if (!PVE::Cluster::check_cfs_quorum(1)) {
611 print "no quorum\n";
612 return undef;
613 }
614
ab966729
FG		 615 my $get_local_migration_ip = sub {
616 my ($cidr) = @_;
617
618 if (!defined($cidr)) {
619 my $dc_conf = cfs_read_file('datacenter.cfg');
620 $cidr = $dc_conf->{migration}->{network}
621 if defined($dc_conf->{migration}->{network});
622 }
623
624 if (defined($cidr)) {
625 my $ips = PVE::Network::get_local_ip_from_cidr($cidr);
626
627 die "could not get migration ip: no IP address configured on local " .
628 "node for network '$cidr'\n" if scalar(@$ips) == 0;
629
26604116
TL		 630 die "could not get migration ip: multiple, different, IP address configured for " .
631 "network '$cidr'\n" if scalar(@$ips) > 1 && grep { @$ips[0] ne $_ } @$ips;
ab966729
FG		 632
633 return @$ips[0];
634 }
635
636 return undef;
637 };
638
ac7a8cf1
TL		 639 my $network = $param->{migration_network};
640 if ($param->{get_migration_ip}) {
641 die "cannot use --run-command with --get_migration_ip\n"
642 if $param->{'run-command'};
ab966729
FG		 643
644 if (my $ip = $get_local_migration_ip->($network)) {
ac7a8cf1
TL		 645 print "ip: '$ip'\n";
646 } else {
647 print "no ip\n";
648 }
649 # do not keep tunnel open when asked for migration ip
650 return undef;
651 }
652
653 if ($param->{'run-command'}) {
654 my $cmd = $param->{'extra-args'};
655 die "missing command\n"
656 if !$cmd || !scalar(@$cmd);
657
658 # Get an ip address to listen on, and find a free migration port
659 my ($ip, $family);
660 if (defined($network)) {
ab966729 661 $ip = $get_local_migration_ip->($network)
ac7a8cf1
TL		 662 or die "failed to get migration IP address to listen on\n";
663 $family = PVE::Tools::get_host_address_family($ip);
664 } else {
665 my $nodename = PVE::INotify::nodename();
666 ($ip, $family) = PVE::Network::get_ip_from_hostname($nodename, 0);
667 }
668 my $port = PVE::Tools::next_migrate_port($family, $ip);
669
670 PVE::Tools::pipe_socket_to_command($cmd, $ip, $port);
671 return undef;
672 }
673
674 print "tunnel online\n";
675 *STDOUT->flush();
676
677 while (my $line = <STDIN>) {
678 chomp $line;
679 last if $line =~ m/^quit$/;
680 }
681
682 return undef;
683 }});
684
685
13d44dc5
DM		 686our $cmddef = {
687 keygen => [ __PACKAGE__, 'keygen', ['filename']],
74e09a93 688 create => [ 'PVE::API2::ClusterConfig', 'create', ['clustername']],
13d44dc5 689 add => [ __PACKAGE__, 'add', ['hostname']],
1d26c202
TL		 690 addnode => [ 'PVE::API2::ClusterConfig', 'addnode', ['node']],
691 delnode => [ 'PVE::API2::ClusterConfig', 'delnode', ['node']],
13d44dc5
DM		 692 status => [ __PACKAGE__, 'status' ],
693 nodes => [ __PACKAGE__, 'nodes' ],
694 expected => [ __PACKAGE__, 'expected', ['expected']],
695 updatecerts => [ __PACKAGE__, 'updatecerts', []],
ac7a8cf1 696 mtunnel => [ __PACKAGE__, 'mtunnel', ['extra-args']],
63afd01d
OB		 697 qdevice => {
698 setup => [ __PACKAGE__, 'setup_qdevice', ['address']],
699 remove => [ __PACKAGE__, 'remove_qdevice', []],
700 }
13d44dc5
DM		 701};
702
7031;
Cluster FS and Tools