]>
git.proxmox.com Git - pve-cluster.git/blob - data/PVE/API2/ClusterConfig.pm
1 package PVE
::API2
::ClusterConfig
;
9 use PVE
::RPCEnvironment
;
10 use PVE
::JSONSchema
qw(get_standard_option);
12 use PVE
::APIClient
::LWP
;
15 use base
qw(PVE::RESTHandler);
17 my $clusterconf = "/etc/pve/corosync.conf";
18 my $authfile = "/etc/corosync/authkey";
20 __PACKAGE__-
>register_method({
24 description
=> "Directory index.",
26 check
=> ['perm', '/', [ 'Sys.Audit' ]],
29 additionalProperties
=> 0,
38 links
=> [ { rel
=> 'child', href
=> "{name}" } ],
52 __PACKAGE__-
>register_method ({
57 description
=> "Generate new cluster configuration.",
59 additionalProperties
=> 0,
62 description
=> "The name of the cluster.",
63 type
=> 'string', format
=> 'pve-node',
68 description
=> "Node id for this node.",
74 description
=> "Number of votes for this node.",
79 type
=> 'string', format
=> 'ip',
80 description
=> "This specifies the network address the corosync ring 0".
81 " executive should bind to and defaults to the local IP address of the node.",
85 type
=> 'string', format
=> 'address',
86 description
=> "Hostname (or IP) of the corosync ring0 address of this node.".
87 " Defaults to the hostname of the node.",
91 type
=> 'string', format
=> 'ip',
92 description
=> "This specifies the network address the corosync ring 1".
93 " executive should bind to and is optional.",
97 type
=> 'string', format
=> 'address',
98 description
=> "Hostname (or IP) of the corosync ring1 address, this".
99 " needs an valid bindnet1_addr.",
104 returns
=> { type
=> 'string' },
108 -f
$clusterconf && die "cluster config '$clusterconf' already exists\n";
110 my $rpcenv = PVE
::RPCEnvironment
::get
();
111 my $authuser = $rpcenv->get_user();
114 PVE
::Cluster
::setup_sshd_config
(1);
115 PVE
::Cluster
::setup_rootsshconfig
();
116 PVE
::Cluster
::setup_ssh_keys
();
118 PVE
::Tools
::run_command
(['/usr/sbin/corosync-keygen', '-lk', $authfile])
120 die "no authentication key available\n" if -f
!$authfile;
122 my $nodename = PVE
::INotify
::nodename
();
124 # get the corosync basis config for the new cluster
125 my $config = PVE
::Corosync
::create_conf
($nodename, %$param);
127 print "Writing corosync config to /etc/pve/corosync.conf\n";
128 PVE
::Corosync
::atomic_write_conf
($config);
130 my $local_ip_address = PVE
::Cluster
::remote_node_ip
($nodename);
131 PVE
::Cluster
::ssh_merge_keys
();
132 PVE
::Cluster
::gen_pve_node_files
($nodename, $local_ip_address);
133 PVE
::Cluster
::ssh_merge_known_hosts
($nodename, $local_ip_address, 1);
135 print "Restart corosync and cluster filesystem\n";
136 PVE
::Tools
::run_command
('systemctl restart corosync pve-cluster');
139 return $rpcenv->fork_worker('clustercreate', '', $authuser, $worker);
142 __PACKAGE__-
>register_method({
146 description
=> "Corosync node list.",
148 check
=> ['perm', '/', [ 'Sys.Audit' ]],
151 additionalProperties
=> 0,
159 node
=> { type
=> 'string' },
162 links
=> [ { rel
=> 'child', href
=> "{node}" } ],
168 my $conf = PVE
::Cluster
::cfs_read_file
('corosync.conf');
169 my $nodelist = PVE
::Corosync
::nodelist
($conf);
171 return PVE
::RESTHandler
::hash_to_array
($nodelist, 'node');
174 # lock method to ensure local and cluster wide atomicity
175 # if we're a single node cluster just lock locally, we have no other cluster
176 # node which we could contend with, else also acquire a cluster wide lock
177 my $config_change_lock = sub {
180 my $local_lock_fn = "/var/lock/pvecm.lock";
181 PVE
::Tools
::lock_file
($local_lock_fn, 10, sub {
182 PVE
::Cluster
::cfs_update
(1);
183 my $members = PVE
::Cluster
::get_members
();
184 if (scalar(keys %$members) > 1) {
185 return PVE
::Cluster
::cfs_lock_file
('corosync.conf', 10, $code);
192 __PACKAGE__-
>register_method ({
194 path
=> 'nodes/{node}',
197 description
=> "Adds a node to the cluster configuration.",
199 additionalProperties
=> 0,
201 node
=> get_standard_option
('pve-node'),
204 description
=> "Node id for this node.",
210 description
=> "Number of votes for this node",
216 description
=> "Do not throw error if node already exists.",
220 type
=> 'string', format
=> 'address',
221 description
=> "Hostname (or IP) of the corosync ring0 address of this node.".
222 " Defaults to nodes hostname.",
226 type
=> 'string', format
=> 'address',
227 description
=> "Hostname (or IP) of the corosync ring1 address, this".
228 " needs an valid bindnet1_addr.",
236 corosync_authkey
=> {
247 PVE
::Cluster
::check_cfs_quorum
();
250 my $conf = PVE
::Cluster
::cfs_read_file
("corosync.conf");
251 my $nodelist = PVE
::Corosync
::nodelist
($conf);
252 my $totem_cfg = PVE
::Corosync
::totem_config
($conf);
254 my $name = $param->{node
};
256 # ensure we do not reuse an address, that can crash the whole cluster!
257 my $check_duplicate_addr = sub {
259 return if !defined($addr);
261 while (my ($k, $v) = each %$nodelist) {
262 next if $k eq $name; # allows re-adding a node if force is set
263 if ($v->{ring0_addr
} eq $addr || ($v->{ring1_addr
} && $v->{ring1_addr
} eq $addr)) {
264 die "corosync: address '$addr' already defined by node '$k'\n";
269 &$check_duplicate_addr($param->{ring0_addr
});
270 &$check_duplicate_addr($param->{ring1_addr
});
272 $param->{ring0_addr
} = $name if !$param->{ring0_addr
};
274 die "corosync: using 'ring1_addr' parameter needs a configured ring 1 interface!\n"
275 if $param->{ring1_addr
} && !defined($totem_cfg->{interface
}->{1});
277 die "corosync: ring 1 interface configured but 'ring1_addr' parameter not defined!\n"
278 if defined($totem_cfg->{interface
}->{1}) && !defined($param->{ring1_addr
});
280 if (defined(my $res = $nodelist->{$name})) {
281 $param->{nodeid
} = $res->{nodeid
} if !$param->{nodeid
};
282 $param->{votes
} = $res->{quorum_votes
} if !defined($param->{votes
});
284 if ($res->{quorum_votes
} == $param->{votes
} &&
285 $res->{nodeid
} == $param->{nodeid
} && $param->{force
}) {
286 print "forcing overwrite of configured node '$name'\n";
288 die "can't add existing node '$name'\n";
290 } elsif (!$param->{nodeid
}) {
295 foreach my $v (values %$nodelist) {
296 if ($v->{nodeid
} eq $nodeid) {
305 $param->{nodeid
} = $nodeid;
308 $param->{votes
} = 1 if !defined($param->{votes
});
310 PVE
::Cluster
::gen_local_dirs
($name);
312 eval { PVE
::Cluster
::ssh_merge_keys
(); };
315 $nodelist->{$name} = {
316 ring0_addr
=> $param->{ring0_addr
},
317 nodeid
=> $param->{nodeid
},
320 $nodelist->{$name}->{ring1_addr
} = $param->{ring1_addr
} if $param->{ring1_addr
};
321 $nodelist->{$name}->{quorum_votes
} = $param->{votes
} if $param->{votes
};
323 PVE
::Cluster
::log_msg
('notice', 'root@pam', "adding node $name to cluster");
325 PVE
::Corosync
::update_nodelist
($conf, $nodelist);
328 $config_change_lock->($code);
332 corosync_authkey
=> PVE
::Tools
::file_get_contents
($authfile),
333 corosync_conf
=> PVE
::Tools
::file_get_contents
($clusterconf),
340 __PACKAGE__-
>register_method ({
342 path
=> 'nodes/{node}',
345 description
=> "Removes a node from the cluster configuration.",
347 additionalProperties
=> 0,
349 node
=> get_standard_option
('pve-node'),
352 returns
=> { type
=> 'null' },
356 my $local_node = PVE
::INotify
::nodename
();
357 die "Cannot delete myself from cluster!\n" if $param->{node
} eq $local_node;
359 PVE
::Cluster
::check_cfs_quorum
();
362 my $conf = PVE
::Cluster
::cfs_read_file
("corosync.conf");
363 my $nodelist = PVE
::Corosync
::nodelist
($conf);
368 foreach my $tmp_node (keys %$nodelist) {
369 my $d = $nodelist->{$tmp_node};
370 my $ring0_addr = $d->{ring0_addr
};
371 my $ring1_addr = $d->{ring1_addr
};
372 if (($tmp_node eq $param->{node
}) ||
373 (defined($ring0_addr) && ($ring0_addr eq $param->{node
})) ||
374 (defined($ring1_addr) && ($ring1_addr eq $param->{node
}))) {
376 $nodeid = $d->{nodeid
};
381 die "Node/IP: $param->{node} is not a known host of the cluster.\n"
384 PVE
::Cluster
::log_msg
('notice', 'root@pam', "deleting node $node from cluster");
386 delete $nodelist->{$node};
388 PVE
::Corosync
::update_nodelist
($conf, $nodelist);
390 PVE
::Tools
::run_command
(['corosync-cfgtool','-k', $nodeid]) if defined($nodeid);
393 $config_change_lock->($code);
399 __PACKAGE__-
>register_method ({
404 description
=> "Joins this node into an existing cluster.",
406 additionalProperties
=> 0,
410 description
=> "Hostname (or IP) of an existing cluster member."
414 description
=> "Node id for this node.",
420 description
=> "Number of votes for this node",
426 description
=> "Do not throw error if node already exists.",
430 type
=> 'string', format
=> 'address',
431 description
=> "Hostname (or IP) of the corosync ring0 address of this node.".
432 " Defaults to nodes hostname.",
436 type
=> 'string', format
=> 'address',
437 description
=> "Hostname (or IP) of the corosync ring1 address, this".
438 " needs an valid configured ring 1 interface in the cluster.",
441 fingerprint
=> get_standard_option
('fingerprint-sha256'),
443 description
=> "Superuser (root) password of peer node.",
449 returns
=> { type
=> 'string' },
453 my $rpcenv = PVE
::RPCEnvironment
::get
();
454 my $authuser = $rpcenv->get_user();
457 PVE
::Cluster
::join($param);
460 return $rpcenv->fork_worker('clusterjoin', '', $authuser, $worker);
464 __PACKAGE__-
>register_method({
468 description
=> "Get corosync totem protocol settings.",
470 check
=> ['perm', '/', [ 'Sys.Audit' ]],
473 additionalProperties
=> 0,
484 my $conf = PVE
::Cluster
::cfs_read_file
('corosync.conf');
486 my $totem_cfg = $conf->{main
}->{totem
};