my $sshglobalknownhosts = "/etc/ssh/ssh_known_hosts";
my $sshknownhosts = "/etc/pve/priv/known_hosts";
my $sshauthkeys = "/etc/pve/priv/authorized_keys";
+my $sshd_config_fn = "/etc/ssh/sshd_config";
my $rootsshauthkeys = "/root/.ssh/authorized_keys";
my $rootsshauthkeysbackup = "${rootsshauthkeys}.org";
my $rootsshconfig = "/root/.ssh/config";
'vzdump.cron' => 1,
'storage.cfg' => 1,
'datacenter.cfg' => 1,
- 'cluster.conf' => 1,
- 'cluster.conf.new' => 1,
+ 'corosync.conf' => 1,
+ 'corosync.conf.new' => 1,
'user.cfg' => 1,
'domains.cfg' => 1,
'priv/shadow.cfg' => 1,
'/qemu-server/' => 1,
'/openvz/' => 1,
+ '/lxc/' => 1,
+ 'ha/crm_commands' => 1,
+ 'ha/manager_status' => 1,
+ 'ha/resources.cfg' => 1,
+ 'ha/groups.cfg' => 1,
+ 'status.cfg' => 1,
};
# only write output if something fails
"$basedir/priv",
"$basedir/nodes",
"$basedir/nodes/$nodename",
+ "$basedir/nodes/$nodename/lxc",
"$basedir/nodes/$nodename/qemu-server",
"$basedir/nodes/$nodename/openvz",
"$basedir/nodes/$nodename/priv");
return if !$force && -f $pvessl_cert_fn;
- my $names = "IP:127.0.0.1,DNS:localhost";
+ my $names = "IP:127.0.0.1,IP:::1,DNS:localhost";
my $rc = PVE::INotify::read_file('resolvconf');
my $version;
my $infotag;
- if ($filename =~ m!^nodes/[^/]+/(openvz|qemu-server)/(\d+)\.conf$!) {
+ if ($filename =~ m!^nodes/[^/]+/(openvz|lxc|qemu-server)/(\d+)\.conf$!) {
my ($type, $vmid) = ($1, $2);
if ($vmlist && $vmlist->{ids} && $vmlist->{ids}->{$vmid}) {
$version = $vmlist->{ids}->{$vmid}->{version};
syslog("err", "writing cluster log failed: $@") if $@;
}
+sub check_vmid_unused {
+ my ($vmid, $noerr) = @_;
+
+ my $vmlist = get_vmlist();
+
+ my $d = $vmlist->{ids}->{$vmid};
+ return 1 if !defined($d);
+
+ return undef if $noerr;
+
+ die "VM $vmid already exists\n" if $d->{type} eq 'qemu';
+
+ die "CT $vmid already exists\n";
+}
+
sub check_node_exists {
my ($nodename, $noerr) = @_;
my $nodelist = $clinfo->{nodelist};
if ($nodelist && $nodelist->{$nodename}) {
if (my $ip = $nodelist->{$nodename}->{ip}) {
- return $ip;
+ return $ip if !wantarray;
+ my $family = $nodelist->{$nodename}->{address_family};
+ if (!$family) {
+ $nodelist->{$nodename}->{address_family} =
+ $family =
+ PVE::Tools::get_host_address_family($ip);
+ }
+ return ($ip, $family);
}
}
# fallback: try to get IP by other means
- my $packed_ip = gethostbyname($nodename);
- if (defined $packed_ip) {
- my $ip = inet_ntoa($packed_ip);
+ my ($family, $packed_ip);
- if ($ip =~ m/^127\./) {
- die "hostname lookup failed - got local IP address ($nodename = $ip)\n" if !$noerr;
- return undef;
- }
+ eval {
+ my @res = PVE::Tools::getaddrinfo_all($nodename);
+ $family = $res[0]->{family};
+ $packed_ip = (PVE::Tools::unpack_sockaddr_in46($res[0]->{addr}))[2];
+ };
- return $ip;
+ if ($@) {
+ die "hostname lookup failed:\n$@" if !$noerr;
+ return undef;
}
- die "unable to get IP for node '$nodename' - node offline?\n" if !$noerr;
+ my $ip = Socket::inet_ntop($family, $packed_ip);
+ if ($ip =~ m/^127\.|^::1$/) {
+ die "hostname lookup failed - got local IP address ($nodename = $ip)\n" if !$noerr;
+ return undef;
+ }
- return undef;
+ return wantarray ? ($ip, $family) : $ip;
}
# ssh related utility functions
}
}
+sub setup_sshd_config {
+
+ my $conf = PVE::Tools::file_get_contents($sshd_config_fn);
+
+ return if $conf =~ m/^PermitRootLogin\s+yes\s*$/m;
+
+ if ($conf !~ s/^#?PermitRootLogin.*$/PermitRootLogin yes/m) {
+ chomp $conf;
+ $conf .= "\nPermitRootLogin yes\n";
+ }
+
+ PVE::Tools::file_set_contents($sshd_config_fn, $conf);
+
+ PVE::Tools::run_command(['systemctl', 'reload-or-restart', 'sshd']);
+}
+
sub setup_rootsshconfig {
# create ssh key if it does not exist
}
my $hostkey = PVE::Tools::file_get_contents($ssh_host_rsa_id);
- die "can't parse $ssh_rsa_id" if $hostkey !~ m/^(ssh-rsa\s\S+)(\s.*)?$/;
+ # Note: file sometimes containe emty lines at start, so we use multiline match
+ die "can't parse $ssh_host_rsa_id" if $hostkey !~ m/^(ssh-rsa\s\S+)(\s.*)?$/m;
$hostkey = $1;
my $data = '';
email_from => {
optional => 1,
type => 'string',
+ format => 'email-opt',
description => "Specify email address to send notification from (default is root@\$hostname)",
},
},
sub parse_datacenter_config {
my ($filename, $raw) = @_;
- return PVE::JSONSchema::parse_config($datacenter_schema, $filename, $raw);
+ return PVE::JSONSchema::parse_config($datacenter_schema, $filename, $raw // '');
}
sub write_datacenter_config {
\&parse_datacenter_config,
\&write_datacenter_config);
-sub parse_cluster_conf {
+# a very simply parser ...
+sub parse_corosync_conf {
my ($filename, $raw) = @_;
- my $conf = {};
+ return {} if !$raw;
my $digest = Digest::SHA::sha1_hex(defined($raw) ? $raw : '');
- my $createNode = sub {
- my ($expat, $tag, %attrib) = @_;
- $expat->{NodeCount}++;
- return { text => $tag, id => $expat->{NodeCount}, %attrib };
- };
-
- my $handlers = {
- Init => sub {
- my $expat = shift;
- $expat->{NodeCount} = 0;
- $expat->{NodeStack} = [];
- $expat->{CurNode} = $expat->{Tree} = &$createNode($expat, 'root');
- },
- Final => sub {
- my $expat = shift;
- delete $expat->{CurNode};
- delete $expat->{NodeStack};
- $expat->{Tree};
- },
- Start => sub {
- my $expat = shift;
- my $tag = shift;
- my $parent = $expat->{CurNode};
- push @{ $expat->{NodeStack} }, $parent;
- my $node = &$createNode($expat, $tag, @_);
- push @{$expat->{CurNode}->{children}}, $node;
- $expat->{CurNode} = $node;
- },
- End => sub {
- my $expat = shift;
- my $tag = shift;
- my $node = pop @{ $expat->{NodeStack} };
- $expat->{CurNode} = $node;
- },
- };
-
- if ($raw) {
- my $parser = new XML::Parser(Handlers => $handlers);
- $conf = $parser->parse($raw);
- }
+ $raw =~ s/#.*$//mg;
+ $raw =~ s/\r?\n/ /g;
+ $raw =~ s/\s+/ /g;
+ $raw =~ s/^\s+//;
+ $raw =~ s/\s*$//;
+
+ my @tokens = split(/\s/, $raw);
+
+ my $conf = { section => 'main', children => [] };
- $conf->{digest} = $digest;
+ my $stack = [];
+ my $section = $conf;
+
+ while (defined(my $token = shift @tokens)) {
+ my $nexttok = $tokens[0];
+
+ if ($nexttok && ($nexttok eq '{')) {
+ shift @tokens; # skip '{'
+ my $new_section = {
+ section => $token,
+ children => [],
+ };
+ push @{$section->{children}}, $new_section;
+ push @$stack, $section;
+ $section = $new_section;
+ next;
+ }
- return $conf;
-}
+ if ($token eq '}') {
+ $section = pop @$stack;
+ die "parse error - uncexpected '}'\n" if !$section;
+ next;
+ }
-sub cluster_conf_version {
- my ($conf, $noerr) = @_;
+ my $key = $token;
+ die "missing ':' after key '$key'\n" if ! ($key =~ s/:$//);
+
+ die "parse error - no value for '$key'\n" if !defined($nexttok);
+ my $value = shift @tokens;
- if ($conf && $conf->{children} && $conf->{children}->[0]) {
- my $cluster = $conf->{children}->[0];
- if ($cluster && ($cluster->{text} eq 'cluster') &&
- $cluster->{config_version}) {
- if (my $version = int($cluster->{config_version})) {
- return wantarray ? ($version, $cluster) : $version;
- }
- }
+ push @{$section->{children}}, { key => $key, value => $value };
}
- return undef if $noerr;
+ $conf->{digest} = $digest;
- die "no cluster config - unable to read version\n";
+ return $conf;
}
-sub cluster_conf_lookup_cluster_section {
- my ($conf, $noerr) = @_;
+my $dump_corosync_section;
+$dump_corosync_section = sub {
+ my ($section, $prefix) = @_;
+
+ my $raw = $prefix . $section->{section} . " {\n";
+
+ my @list = grep { defined($_->{key}) } @{$section->{children}};
+ foreach my $child (sort {$a->{key} cmp $b->{key}} @list) {
+ $raw .= $prefix . " $child->{key}: $child->{value}\n";
+ }
+
+ @list = grep { defined($_->{section}) } @{$section->{children}};
+ foreach my $child (sort {$a->{section} cmp $b->{section}} @list) {
+ $raw .= &$dump_corosync_section($child, "$prefix ");
+ }
- my ($version, $cluster) = cluster_conf_version($conf, $noerr);
+ $raw .= $prefix . "}\n\n";
+
+ return $raw;
+
+};
- return $cluster;
-}
+sub write_corosync_conf {
+ my ($filename, $conf) = @_;
-sub cluster_conf_lookup_rm_section {
- my ($conf, $create, $noerr) = @_;
+ my $raw = '';
- my $cluster = cluster_conf_lookup_cluster_section($conf, $noerr);
- return undef if !$cluster;
+ my $prefix = '';
+
+ die "no main section" if $conf->{section} ne 'main';
- my $rmsec;
- foreach my $child (@{$cluster->{children}}) {
- if ($child->{text} eq 'rm') {
- $rmsec = $child;
- }
+ my @list = grep { defined($_->{key}) } @{$conf->{children}};
+ foreach my $child (sort {$a->{key} cmp $b->{key}} @list) {
+ $raw .= "$child->{key}: $child->{value}\n";
}
- if (!$rmsec) {
- if (!$create) {
- return undef if $noerr;
- die "no resource manager section\n";
- }
- $rmsec = { text => 'rm' };
- push @{$cluster->{children}}, $rmsec;
+
+ @list = grep { defined($_->{section}) } @{$conf->{children}};
+ foreach my $child (sort {$a->{section} cmp $b->{section}} @list) {
+ $raw .= &$dump_corosync_section($child, $prefix);
}
- return $rmsec;
+ return $raw;
}
-sub cluster_conf_lookup_pvevm {
- my ($conf, $create, $vmid, $noerr) = @_;
-
- my $rmsec = cluster_conf_lookup_rm_section($conf, $create, $noerr);
- return undef if !$rmsec;
-
- my $vmref;
- foreach my $child (@{$rmsec->{children}}) {
- if ($child->{text} eq 'pvevm' && $child->{vmid} eq $vmid) {
- $vmref = $child;
- }
- }
-
- if (!$vmref) {
- if (!$create) {
- return undef if $noerr;
- die "unable to find service 'pvevm:$vmid'\n";
+sub corosync_conf_version {
+ my ($conf, $noerr, $new_value) = @_;
+
+ foreach my $child (@{$conf->{children}}) {
+ next if !defined($child->{section});
+ if ($child->{section} eq 'totem') {
+ foreach my $e (@{$child->{children}}) {
+ next if !defined($e->{key});
+ if ($e->{key} eq 'config_version') {
+ if ($new_value) {
+ $e->{value} = $new_value;
+ return $new_value;
+ } elsif (my $version = int($e->{value})) {
+ return $version;
+ }
+ last;
+ }
+ }
}
- $vmref = { text => 'pvevm', vmid => $vmid };
- push @{$rmsec->{children}}, $vmref;
- } elsif ($create) {
- return undef if $noerr;
- die "unable to create service 'pvevm:$vmid' - already exists\n";
}
+
+ return undef if $noerr;
- return $vmref;
+ die "invalid corosync config - unable to read version\n";
}
-sub xml_escape_attrib {
- my ($data) = @_;
+# read only - use "rename corosync.conf.new corosync.conf" to write
+PVE::Cluster::cfs_register_file('corosync.conf', \&parse_corosync_conf);
+# this is read/write
+PVE::Cluster::cfs_register_file('corosync.conf.new', \&parse_corosync_conf,
+ \&write_corosync_conf);
- return '' if !defined($data);
+# bash completion helpers
- $data =~ s/&/&/sg;
- $data =~ s/</</sg;
- $data =~ s/>/>/sg;
- $data =~ s/"/"/sg;
+sub complete_next_vmid {
- return $data;
-}
+ my $vmlist = get_vmlist() || {};
+ my $idlist = $vmlist->{ids} || {};
-sub __cluster_conf_dump_node {
- my ($node, $indend) = @_;
+ for (my $i = 100; $i < 10000; $i++) {
+ return [$i] if !defined($idlist->{$i});
+ }
- my $xml = '';
+ return [];
+}
- $indend = '' if !defined($indend);
+sub complete_local_vmid {
- my $attribs = '';
+ my $vmlist = get_vmlist();
+ my $ids = $vmlist->{ids} || {};
- foreach my $key (sort keys %$node) {
- my $value = $node->{$key};
- next if $key eq 'id' || $key eq 'text' || $key eq 'children';
- $attribs .= " $key=\"" . xml_escape_attrib($value) . "\"";
- }
-
- my $children = $node->{children};
+ my $nodename = PVE::INotify::nodename();
- if ($children && scalar(@$children)) {
- $xml .= "$indend<$node->{text}$attribs>\n";
- my $childindend = "$indend ";
- foreach my $child (@$children) {
- $xml .= __cluster_conf_dump_node($child, $childindend);
- }
- $xml .= "$indend</$node->{text}>\n";
- } else {
- $xml .= "$indend<$node->{text}$attribs/>\n";
+ my $res = [];
+ foreach my $vmid (keys %$ids) {
+ my $d = $ids->{$vmid};
+ next if !$d->{node} || $d->{node} ne $nodename;
+ push @$res, $vmid;
}
- return $xml;
+ return $res;
}
-sub write_cluster_conf {
- my ($filename, $cfg) = @_;
+sub complete_migration_target {
- my $version = cluster_conf_version($cfg);
-
- my $res = "<?xml version=\"1.0\"?>\n";
+ my $res = [];
+
+ my $nodename = PVE::INotify::nodename();
- $res .= __cluster_conf_dump_node($cfg->{children}->[0]);
+ my $nodelist = get_nodelist();
+ foreach my $node (@$nodelist) {
+ next if $node eq $nodename;
+ push @$res, $node;
+ }
return $res;
}
-# read only - use "rename cluster.conf.new cluster.conf" to write
-PVE::Cluster::cfs_register_file('cluster.conf', \&parse_cluster_conf);
-# this is read/write
-PVE::Cluster::cfs_register_file('cluster.conf.new', \&parse_cluster_conf,
- \&write_cluster_conf);
+1;
projects / pve-cluster.git / blobdiff