From: Thomas Lamprecht <t.lamprecht@proxmox.com>
Date: Wed, 22 Feb 2017 15:59:08 +0000 (+0100)
Subject: pvecm addnode: ensure ring address isn't already used by cluster
X-Git-Url: https://git.proxmox.com/?a=commitdiff_plain;h=77a1c918ab6615fc1816d86ad882b6b806cb9535;hp=e73b85c0b99cd4da32ed5e3a76e5c8574a956bff;p=pve-cluster.git

pvecm addnode: ensure ring address isn't already used by cluster

If someone enters the wrong address by accident when adding a node it
may cause havoc in the cluster (meaning a reset of the whole cluster
when HA is used, may even happen more often during the recovery
tries. Also a whole lot of problems get triggered in gneral, even
witouth HA).

Further, user get into a hard to repair situation where a layman may
not be able to fix it by hand even when given directions by an
experienced user.

This is a really bad outcome for such a small and easy to make
mistake, so just make a small check and assert that the requested IPs
are not used by any node on any ring in the cluster configuration.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
---

diff --git a/data/PVE/CLI/pvecm.pm b/data/PVE/CLI/pvecm.pm
index c3f7905..1c5d863 100755
--- a/data/PVE/CLI/pvecm.pm
+++ b/data/PVE/CLI/pvecm.pm
@@ -316,6 +316,22 @@ __PACKAGE__->register_method ({
 
 	my $name = $param->{node};
 
+	# ensure we do not reuse an address, that can crash the whole cluster!
+	my $check_duplicate_addr = sub {
+	    my $addr = shift;
+	    return if !defined($addr);
+
+	    while (my ($k, $v) = each %$nodelist) {
+		next if $k eq $name; # allows re-adding a node if force is set
+		if ($v->{ring0_addr} eq $addr || ($v->{ring1_addr} && $v->{ring1_addr} eq $addr)) {
+		    die "corosync: address '$addr' already defined by node '$k'\n";
+		}
+	    }
+	};
+
+	&$check_duplicate_addr($param->{ring0_addr});
+	&$check_duplicate_addr($param->{ring1_addr});
+
 	$param->{ring0_addr} = $name if !$param->{ring0_addr};
 
 	die " ring1_addr needs a configured ring 1 interface!\n"