]>
git.proxmox.com Git - pve-cluster.git/blob - data/PVE/CLI/pvecm.pm
1 package PVE
::CLI
::pvecm
;
8 use PVE
::Tools
qw(run_command);
12 use PVE
::RPCEnvironment
;
15 use PVE
::API2
::ClusterConfig
;
18 use base
qw(PVE::CLIHandler);
20 $ENV{HOME
} = '/root'; # for ssh-copy-id
22 my $basedir = "/etc/pve";
23 my $clusterconf = "$basedir/corosync.conf";
24 my $libdir = "/var/lib/pve-cluster";
25 my $authfile = "/etc/corosync/authkey";
28 sub setup_environment
{
29 PVE
::RPCEnvironment-
>setup_default_cli_env();
32 __PACKAGE__-
>register_method ({
36 description
=> "Generate new cryptographic key for corosync.",
38 additionalProperties
=> 0,
42 description
=> "Output file name"
46 returns
=> { type
=> 'null' },
51 my $filename = $param->{filename
};
54 $> == 0 || die "Error: Authorization key must be generated as root user.\n";
55 my $dirname = dirname
($filename);
57 die "key file '$filename' already exists\n" if -e
$filename;
59 File
::Path
::make_path
($dirname) if $dirname;
61 run_command
(['corosync-keygen', '-l', '-k', $filename]);
66 __PACKAGE__-
>register_method ({
70 description
=> "Adds the current node to an existing cluster.",
72 additionalProperties
=> 0,
76 description
=> "Hostname (or IP) of an existing cluster member."
80 description
=> "Node id for this node.",
86 description
=> "Number of votes for this node",
92 description
=> "Do not throw error if node already exists.",
96 type
=> 'string', format
=> 'address',
97 description
=> "Hostname (or IP) of the corosync ring0 address of this node.".
98 " Defaults to nodes hostname.",
102 type
=> 'string', format
=> 'address',
103 description
=> "Hostname (or IP) of the corosync ring1 address, this".
104 " needs an valid configured ring 1 interface in the cluster.",
107 fingerprint
=> PVE
::JSONSchema
::get_standard_option
('fingerprint-sha256', {
112 description
=> "Always use SSH to join, even if peer may do it over API.",
117 returns
=> { type
=> 'null' },
122 my $nodename = PVE
::INotify
::nodename
();
124 my $host = $param->{hostname
};
126 PVE
::Cluster
::assert_joinable
($param->{ring0_addr
}, $param->{ring1_addr
}, $param->{force
});
128 if (!$param->{use_ssh
}) {
129 print "Please enter superuser (root) password for '$host':\n";
130 my $password = PVE
::PTY
::read_password
("Password for root\@$host: ");
132 delete $param->{use_ssh
};
133 $param->{password
} = $password;
135 eval { PVE
::Cluster
::join($param) };
138 if (ref($err) eq 'PVE::APIClient::Exception' && $err->{code
} == 501) {
139 $err = "Remote side is not able to use API for Cluster join!\n" .
140 "Pass the 'use_ssh' switch or update the remote side.\n";
144 return; # all OK, the API join endpoint successfully set us up
147 # allow fallback to old ssh only join if wished or needed
149 PVE
::Cluster
::setup_sshd_config
();
150 PVE
::Cluster
::setup_rootsshconfig
();
151 PVE
::Cluster
::setup_ssh_keys
();
153 # make sure known_hosts is on local filesystem
154 PVE
::Cluster
::ssh_unmerge_known_hosts
();
156 my $cmd = ['ssh-copy-id', '-i', '/root/.ssh/id_rsa', "root\@$host"];
157 run_command
($cmd, 'outfunc' => sub {}, 'errfunc' => sub {},
158 'errmsg' => "unable to copy ssh ID");
160 $cmd = ['ssh', $host, '-o', 'BatchMode=yes',
161 'pvecm', 'addnode', $nodename, '--force', 1];
163 push @$cmd, '--nodeid', $param->{nodeid
} if $param->{nodeid
};
164 push @$cmd, '--votes', $param->{votes
} if defined($param->{votes
});
165 push @$cmd, '--ring0_addr', $param->{ring0_addr
} if defined($param->{ring0_addr
});
166 push @$cmd, '--ring1_addr', $param->{ring1_addr
} if defined($param->{ring1_addr
});
168 if (system (@$cmd) != 0) {
169 my $cmdtxt = join (' ', @$cmd);
170 die "unable to add node: command failed ($cmdtxt)\n";
173 my $tmpdir = "$libdir/.pvecm_add.tmp.$$";
177 print "copy corosync auth key\n";
178 $cmd = ['rsync', '--rsh=ssh -l root -o BatchMode=yes', '-lpgoq',
179 "[$host]:$authfile $clusterconf", $tmpdir];
181 system(@$cmd) == 0 || die "can't rsync data from host '$host'\n";
183 my $corosync_conf = PVE
::Tools
::file_get_contents
("$tmpdir/corosync.conf");
184 my $corosync_authkey = PVE
::Tools
::file_get_contents
("$tmpdir/authkey");
186 PVE
::Cluster
::finish_join
($host, $corosync_conf, $corosync_authkey);
197 __PACKAGE__-
>register_method ({
201 description
=> "Displays the local view of the cluster status.",
203 additionalProperties
=> 0,
206 returns
=> { type
=> 'null' },
211 PVE
::Corosync
::check_conf_exists
();
213 my $cmd = ['corosync-quorumtool', '-siH'];
217 exit (-1); # should not be reached
220 __PACKAGE__-
>register_method ({
224 description
=> "Displays the local view of the cluster nodes.",
226 additionalProperties
=> 0,
229 returns
=> { type
=> 'null' },
234 PVE
::Corosync
::check_conf_exists
();
236 my $cmd = ['corosync-quorumtool', '-l'];
240 exit (-1); # should not be reached
243 __PACKAGE__-
>register_method ({
247 description
=> "Tells corosync a new value of expected votes.",
249 additionalProperties
=> 0,
253 description
=> "Expected votes",
258 returns
=> { type
=> 'null' },
263 PVE
::Corosync
::check_conf_exists
();
265 my $cmd = ['corosync-quorumtool', '-e', $param->{expected
}];
269 exit (-1); # should not be reached
273 __PACKAGE__-
>register_method ({
274 name
=> 'updatecerts',
275 path
=> 'updatecerts',
277 description
=> "Update node certificates (and generate all needed files/directories).",
279 additionalProperties
=> 0,
282 description
=> "Force generation of new SSL certifate.",
287 description
=> "Ignore errors (i.e. when cluster has no quorum).",
293 returns
=> { type
=> 'null' },
297 PVE
::Cluster
::setup_rootsshconfig
();
299 PVE
::Cluster
::gen_pve_vzdump_symlink
();
301 if (!PVE
::Cluster
::check_cfs_quorum
(1)) {
302 return undef if $param->{silent
};
303 die "no quorum - unable to update files\n";
306 PVE
::Cluster
::setup_ssh_keys
();
308 my $nodename = PVE
::INotify
::nodename
();
310 my $local_ip_address = PVE
::Cluster
::remote_node_ip
($nodename);
312 PVE
::Cluster
::gen_pve_node_files
($nodename, $local_ip_address, $param->{force
});
313 PVE
::Cluster
::ssh_merge_keys
();
314 PVE
::Cluster
::ssh_merge_known_hosts
($nodename, $local_ip_address);
315 PVE
::Cluster
::gen_pve_vzdump_files
();
320 __PACKAGE__-
>register_method ({
324 description
=> "Used by VM/CT migration - do not use manually.",
326 additionalProperties
=> 0,
328 get_migration_ip
=> {
331 description
=> 'return the migration IP, if configured',
334 migration_network
=> {
337 description
=> 'the migration network used to detect the local migration IP',
342 description
=> 'Run a command with a tcp socket as standard input.'
343 .' The IP address and port are printed via this'
344 ." command's stdandard output first, each on a separate line.",
347 'extra-args' => PVE
::JSONSchema
::get_standard_option
('extra-args'),
350 returns
=> { type
=> 'null'},
354 if (!PVE
::Cluster
::check_cfs_quorum
(1)) {
359 my $network = $param->{migration_network
};
360 if ($param->{get_migration_ip
}) {
361 die "cannot use --run-command with --get_migration_ip\n"
362 if $param->{'run-command'};
363 if (my $ip = PVE
::Cluster
::get_local_migration_ip
($network)) {
368 # do not keep tunnel open when asked for migration ip
372 if ($param->{'run-command'}) {
373 my $cmd = $param->{'extra-args'};
374 die "missing command\n"
375 if !$cmd || !scalar(@$cmd);
377 # Get an ip address to listen on, and find a free migration port
379 if (defined($network)) {
380 $ip = PVE
::Cluster
::get_local_migration_ip
($network)
381 or die "failed to get migration IP address to listen on\n";
382 $family = PVE
::Tools
::get_host_address_family
($ip);
384 my $nodename = PVE
::INotify
::nodename
();
385 ($ip, $family) = PVE
::Network
::get_ip_from_hostname
($nodename, 0);
387 my $port = PVE
::Tools
::next_migrate_port
($family, $ip);
389 PVE
::Tools
::pipe_socket_to_command
($cmd, $ip, $port);
393 print "tunnel online\n";
396 while (my $line = <STDIN
>) {
398 last if $line =~ m/^quit$/;
406 keygen
=> [ __PACKAGE__
, 'keygen', ['filename']],
407 create
=> [ 'PVE::API2::ClusterConfig', 'create', ['clustername']],
408 add
=> [ __PACKAGE__
, 'add', ['hostname']],
409 addnode
=> [ 'PVE::API2::ClusterConfig', 'addnode', ['node']],
410 delnode
=> [ 'PVE::API2::ClusterConfig', 'delnode', ['node']],
411 status
=> [ __PACKAGE__
, 'status' ],
412 nodes
=> [ __PACKAGE__
, 'nodes' ],
413 expected
=> [ __PACKAGE__
, 'expected', ['expected']],
414 updatecerts
=> [ __PACKAGE__
, 'updatecerts', []],
415 mtunnel
=> [ __PACKAGE__
, 'mtunnel', ['extra-args']],