]>
git.proxmox.com Git - pve-cluster.git/blob - data/PVE/pvecm
11 use Data
::Dumper
; # fixme: remove
18 use base
qw(PVE::CLIHandler);
20 $ENV{'PATH'} = '/sbin:/bin:/usr/sbin:/usr/bin';
22 $ENV{HOME
} = '/root'; # for ssh-copy-id
24 my ($local_ip_address, $nodename);
26 if ($ARGV[0] ne 'printmanpod' && $ARGV[0] ne 'verifyapi') {
27 die "please run as root\n" if $> != 0;
29 $nodename = PVE
::INotify
::nodename
();
30 # trigger check that we have resolvable name
31 $local_ip_address = PVE
::Cluster
::remote_node_ip
($nodename);
34 my $basedir = "/etc/pve";
35 my $clusterconf = "$basedir/corosync.conf";
36 my $libdir = "/var/lib/pve-cluster";
37 my $backupdir = "/var/lib/pve-cluster/backup";
38 my $dbfile = "$libdir/config.db";
39 my $authfile = "/etc/corosync/authkey";
44 print "backup old database\n";
49 my $cmd = "echo '.dump' |";
50 $cmd .= "sqlite3 '$dbfile' |";
51 $cmd .= "gzip - >'${backupdir}/config-${ctime}.sql.gz'";
54 die "can't backup old database: $!\n";
60 foreach my $fn (<$backupdir/config-*.sql
.gz
>) {
61 if ($fn =~ m!/config-(\d+)\.sql.gz$!) {
62 push @bklist, [$fn, $1];
66 @bklist = sort { $b->[1] <=> $a->[1] } @bklist;
68 while (scalar (@bklist) >= $maxfiles) {
70 print "delete old backup '$d->[0]'\n";
75 __PACKAGE__-
>register_method ({
79 description
=> "Generate new cryptographic key for corosync.",
81 additionalProperties
=> 0,
85 description
=> "Output file name"
89 returns
=> { type
=> 'null' },
94 my $filename = $param->{filename
};
97 $> == 0 || die "Error: Authorization key must be generated as root user.\n";
98 my $dirname = dirname
($filename);
99 my $basename = basename
($filename);
101 die "key file '$filename' already exists\n" if -e
$filename;
103 File
::Path
::make_path
($dirname) if $dirname;
105 my $cmd = ['corosync-keygen', '-l', '-k', $filename];
106 PVE
::Tools
::run_command
($cmd);
111 __PACKAGE__-
>register_method ({
115 description
=> "Generate new cluster configuration.",
117 additionalProperties
=> 0,
120 description
=> "The name of the cluster.",
121 type
=> 'string', format
=> 'pve-node',
126 description
=> "Node id for this node.",
132 description
=> "Number of votes for this node.",
138 returns
=> { type
=> 'null' },
143 -f
$clusterconf && die "cluster config '$clusterconf' already exists\n";
145 PVE
::Cluster
::setup_rootsshconfig
();
146 PVE
::Cluster
::setup_ssh_keys
();
148 -f
$authfile || __PACKAGE__-
>keygen({filename
=> $authfile});
150 -f
$authfile || die "no authentication key available\n";
152 my $clustername = $param->{clustername
};
154 $param->{nodeid
} = 1 if !$param->{nodeid
};
156 $param->{votes
} = 1 if !defined($param->{votes
});
158 # No, corosync cannot deduce this on its own
159 my $ipversion = Net
::IP
::ip_is_ipv6
($local_ip_address) ?
'ipv6' : 'ipv4';
165 cluster_name: $clustername
167 ip_version: $ipversion
170 bindnetaddr: $local_ip_address
176 ring0_addr: $nodename
177 nodeid: $param->{nodeid}
178 quorum_votes: $param->{votes}
183 provider: corosync_votequorum
192 PVE
::Tools
::file_set_contents
($clusterconf, $config);
194 PVE
::Cluster
::ssh_merge_keys
();
196 PVE
::Cluster
::gen_pve_node_files
($nodename, $local_ip_address);
198 PVE
::Cluster
::ssh_merge_known_hosts
($nodename, $local_ip_address, 1);
200 PVE
::Tools
::run_command
('service pve-cluster restart'); # restart
202 PVE
::Tools
::run_command
('service corosync restart'); # restart
207 __PACKAGE__-
>register_method ({
211 description
=> "Adds a node to the cluster configuration.",
213 additionalProperties
=> 0,
215 node
=> PVE
::JSONSchema
::get_standard_option
('pve-node'),
218 description
=> "Node id for this node.",
224 description
=> "Number of votes for this node",
230 description
=> "Do not throw error if node already exists.",
235 returns
=> { type
=> 'null' },
240 PVE
::Cluster
::check_cfs_quorum
();
242 my $conf = PVE
::Cluster
::cfs_read_file
("corosync.conf");
244 my $nodelist = corosync_nodelist
($conf);
246 my $name = $param->{node
};
248 if (defined(my $res = $nodelist->{$name})) {
249 $param->{nodeid
} = $res->{nodeid
} if !$param->{nodeid
};
250 $param->{votes
} = $res->{quorum_votes
} if !defined($param->{votes
});
252 if ($res->{quorum_votes
} == $param->{votes
} &&
253 $res->{nodeid
} == $param->{nodeid
}) {
254 print "node $name already defined\n";
255 if ($param->{force
}) {
261 die "can't add existing node\n";
263 } elsif (!$param->{nodeid
}) {
268 foreach my $v (values %$nodelist) {
269 if ($v->{nodeid
} eq $nodeid) {
278 $param->{nodeid
} = $nodeid;
281 $param->{votes
} = 1 if !defined($param->{votes
});
283 PVE
::Cluster
::gen_local_dirs
($name);
285 eval { PVE
::Cluster
::ssh_merge_keys
(); };
288 $nodelist->{$name} = { ring0_addr
=> $name, nodeid
=> $param->{nodeid
} };
289 $nodelist->{$name}->{quorum_votes
} = $param->{votes
} if $param->{votes
};
291 corosync_update_nodelist
($conf, $nodelist);
297 __PACKAGE__-
>register_method ({
301 description
=> "Removes a node to the cluster configuration.",
303 additionalProperties
=> 0,
305 node
=> PVE
::JSONSchema
::get_standard_option
('pve-node'),
308 returns
=> { type
=> 'null' },
313 PVE
::Cluster
::check_cfs_quorum
();
315 my $conf = PVE
::Cluster
::cfs_read_file
("corosync.conf");
317 my $nodelist = corosync_nodelist
($conf);
319 my $nd = delete $nodelist->{$param->{node
}};
320 die "no such node '$param->{node}'\n" if !$nd;
322 corosync_update_nodelist
($conf, $nodelist);
327 __PACKAGE__-
>register_method ({
331 description
=> "Adds the current node to an existing cluster.",
333 additionalProperties
=> 0,
337 description
=> "Hostname (or IP) of an existing cluster member."
341 description
=> "Node id for this node.",
347 description
=> "Number of votes for this node",
353 description
=> "Do not throw error if node already exists.",
358 returns
=> { type
=> 'null' },
363 PVE
::Cluster
::setup_rootsshconfig
();
364 PVE
::Cluster
::setup_ssh_keys
();
366 my $host = $param->{hostname
};
368 if (!$param->{force
}) {
371 die "authentication key already exists\n";
374 if (-f
$clusterconf) {
375 die "cluster config '$clusterconf' already exists\n";
378 my $vmlist = PVE
::Cluster
::get_vmlist
();
379 if ($vmlist && $vmlist->{ids
} && scalar(keys %{$vmlist->{ids
}})) {
380 die "this host already contains virtual machines - please remove the first\n";
383 if (system("corosync-quorumtool >/dev/null 2>&1") == 0) {
384 die "corosync is already running\n";
388 # make sure known_hosts is on local filesystem
389 PVE
::Cluster
::ssh_unmerge_known_hosts
();
391 my $cmd = "ssh-copy-id -i /root/.ssh/id_rsa 'root\@$host' >/dev/null 2>&1";
392 system ($cmd) == 0 ||
393 die "unable to copy ssh ID\n";
395 $cmd = ['ssh', $host, '-o', 'BatchMode=yes',
396 'pvecm', 'addnode', $nodename, '--force', 1];
398 push @$cmd, '--nodeid', $param->{nodeid
} if $param->{nodeid
};
400 push @$cmd, '--votes', $param->{votes
} if defined($param->{votes
});
402 if (system (@$cmd) != 0) {
403 my $cmdtxt = join (' ', @$cmd);
404 die "unable to add node: command failed ($cmdtxt)\n";
407 my $tmpdir = "$libdir/.pvecm_add.tmp.$$";
411 print "copy corosync auth key\n";
412 $cmd = ['rsync', '--rsh=ssh -l root -o BatchMode=yes', '-lpgoq',
413 "$host:$authfile $clusterconf", $tmpdir];
415 system(@$cmd) == 0 || die "can't rsync data from host '$host'\n";
417 mkdir "/etc/corosync";
418 my $confbase = basename
($clusterconf);
420 $cmd = "cp '$tmpdir/$confbase' '/etc/corosync/$confbase'";
421 system($cmd) == 0 || die "can't copy cluster configuration\n";
423 my $keybase = basename
($authfile);
424 system ("cp '$tmpdir/$keybase' '$authfile'") == 0 ||
425 die "can't copy '$tmpdir/$keybase' to '$authfile'\n";
427 print "stopping pve-cluster service\n";
429 system("umount $basedir -f >/dev/null 2>&1");
430 system("systemctl stop pve-cluster") == 0 ||
431 die "can't stop pve-cluster service\n";
437 system("systemctl start pve-cluster") == 0 ||
438 die "starting pve-cluster failed\n";
440 system("systemctl start corosync");
444 while (!PVE
::Cluster
::check_cfs_quorum
(1)) {
446 print "waiting for quorum...";
452 print "OK\n" if !$printqmsg;
454 # system("systemctl start clvm");
456 print "generating node certificates\n";
457 PVE
::Cluster
::gen_pve_node_files
($nodename, $local_ip_address);
459 print "merge known_hosts file\n";
460 PVE
::Cluster
::ssh_merge_known_hosts
($nodename, $local_ip_address, 1);
462 print "restart services\n";
463 # restart pvedaemon (changed certs)
464 system("systemctl restart pvedaemon");
465 # restart pveproxy (changed certs)
466 system("systemctl restart pveproxy");
468 print "successfully added node '$nodename' to cluster.\n";
479 __PACKAGE__-
>register_method ({
483 description
=> "Displays the local view of the cluster status.",
485 additionalProperties
=> 0,
488 returns
=> { type
=> 'null' },
493 my $cmd = ['corosync-quorumtool', '-siH'];
497 exit (-1); # should not be reached
500 __PACKAGE__-
>register_method ({
504 description
=> "Displays the local view of the cluster nodes.",
506 additionalProperties
=> 0,
509 returns
=> { type
=> 'null' },
514 my $cmd = ['corosync-quorumtool', '-l'];
518 exit (-1); # should not be reached
521 __PACKAGE__-
>register_method ({
525 description
=> "Tells corosync a new value of expected votes.",
527 additionalProperties
=> 0,
531 description
=> "Expected votes",
536 returns
=> { type
=> 'null' },
541 my $cmd = ['corosync-quorumtool', '-e', $param->{expected
}];
545 exit (-1); # should not be reached
549 sub corosync_update_nodelist
{
550 my ($conf, $nodelist) = @_;
552 delete $conf->{digest
};
554 my $version = PVE
::Cluster
::corosync_conf_version
($conf);
555 PVE
::Cluster
::corosync_conf_version
($conf, undef, $version + 1);
558 foreach my $v (values %$nodelist) {
559 next if !$v->{ring0_addr
};
561 foreach my $k (keys %$v) {
562 push @$kv, { key
=> $k, value
=> $v->{$k} };
564 my $ns = { section
=> 'node', children
=> $kv };
565 push @$children, $ns;
568 foreach my $main (@{$conf->{children
}}) {
569 next if !defined($main->{section
});
570 if ($main->{section
} eq 'nodelist') {
571 $main->{children
} = $children;
577 PVE
::Cluster
::cfs_write_file
("corosync.conf.new", $conf);
579 rename("/etc/pve/corosync.conf.new", "/etc/pve/corosync.conf")
580 || die "activate corosync.conf.new failed - $!\n";
583 sub corosync_nodelist
{
590 foreach my $main (@{$conf->{children
}}) {
591 next if !defined($main->{section
});
592 if ($main->{section
} eq 'nodelist') {
593 foreach my $ne (@{$main->{children
}}) {
594 next if !defined($ne->{section
}) || ($ne->{section
} ne 'node');
595 my $node = { quorum_votes
=> 1 };
596 foreach my $child (@{$ne->{children
}}) {
597 next if !defined($child->{key
});
598 $node->{$child->{key
}} = $child->{value
};
599 if ($child->{key
} eq 'ring0_addr') {
600 $nodelist->{$child->{value
}} = $node;
610 __PACKAGE__-
>register_method ({
611 name
=> 'updatecerts',
612 path
=> 'updatecerts',
614 description
=> "Update node certificates (and generate all needed files/directories).",
616 additionalProperties
=> 0,
619 description
=> "Force generation of new SSL certifate.",
624 description
=> "Ignore errors (i.e. when cluster has no quorum).",
630 returns
=> { type
=> 'null' },
634 PVE
::Cluster
::setup_rootsshconfig
();
636 PVE
::Cluster
::gen_pve_vzdump_symlink
();
638 if (!PVE
::Cluster
::check_cfs_quorum
(1)) {
639 return undef if $param->{silent
};
640 die "no quorum - unable to update files\n";
643 PVE
::Cluster
::setup_ssh_keys
();
645 PVE
::Cluster
::gen_pve_node_files
($nodename, $local_ip_address, $param->{force
});
646 PVE
::Cluster
::ssh_merge_keys
();
647 PVE
::Cluster
::ssh_merge_known_hosts
($nodename, $local_ip_address);
648 PVE
::Cluster
::gen_pve_vzdump_files
();
655 keygen
=> [ __PACKAGE__
, 'keygen', ['filename']],
656 create
=> [ __PACKAGE__
, 'create', ['clustername']],
657 add
=> [ __PACKAGE__
, 'add', ['hostname']],
658 addnode
=> [ __PACKAGE__
, 'addnode', ['node']],
659 delnode
=> [ __PACKAGE__
, 'delnode', ['node']],
660 status
=> [ __PACKAGE__
, 'status' ],
661 nodes
=> [ __PACKAGE__
, 'nodes' ],
662 expected
=> [ __PACKAGE__
, 'expected', ['expected']],
663 updatecerts
=> [ __PACKAGE__
, 'updatecerts', []],
668 if ($cmd && $cmd ne 'printmanpod' && $cmd ne 'verifyapi') {
669 PVE
::Cluster
::check_cfs_is_mounted
();
670 PVE
::Cluster
::cfs_update
();
673 PVE
::CLIHandler
::handle_cmd
($cmddef, "pvecm", $cmd, \
@ARGV, undef, $0);
681 pvecm - Proxmox VE cluster manager toolkit
689 pvecm is a program to manage the cluster configuration. It can be used
690 to create a new cluster, join nodes to a cluster, leave the cluster,
691 get status information and do various other cluster related tasks.
693 =include pve_copyright