[pve-devel] r5352 - in pve-manager/pve2: bin bin/init.d debian lib/PVE www/templates
svn-commits at proxmox.com
svn-commits at proxmox.com
Tue Jan 11 13:26:41 CET 2011
Author: dietmar
Date: 2011-01-11 13:26:41 +0100 (Tue, 11 Jan 2011)
New Revision: 5352
Removed:
pve-manager/pve2/bin/init.d/pvemirror
pve-manager/pve2/bin/init.d/pvetunnel
pve-manager/pve2/bin/pveca
pve-manager/pve2/bin/pvemirror
pve-manager/pve2/bin/pvetunnel
Modified:
pve-manager/pve2/bin/Makefile.am
pve-manager/pve2/bin/Makefile.in
pve-manager/pve2/bin/init.d/Makefile.am
pve-manager/pve2/bin/init.d/Makefile.in
pve-manager/pve2/bin/init.d/pvenetcommit
pve-manager/pve2/bin/pvecert
pve-manager/pve2/debian/conffiles
pve-manager/pve2/debian/config
pve-manager/pve2/debian/control.in
pve-manager/pve2/debian/postinst
pve-manager/pve2/debian/postrm
pve-manager/pve2/lib/PVE/AuthCookieHandler.pm
pve-manager/pve2/lib/PVE/Cluster.pm
pve-manager/pve2/lib/PVE/REST.pm
pve-manager/pve2/www/templates/pve.conf.in
Log:
start to merge in the new pve-cluster code, removing old 1.0 code
Modified: pve-manager/pve2/bin/Makefile.am
===================================================================
--- pve-manager/pve2/bin/Makefile.am 2011-01-11 09:55:39 UTC (rev 5351)
+++ pve-manager/pve2/bin/Makefile.am 2011-01-11 12:26:41 UTC (rev 5352)
@@ -5,22 +5,17 @@
bin_SCRIPTS = \
pvesh \
pveam \
- pveca \
pvecert \
pvebanner \
pvectl \
pvebash \
pvedaemon \
- pvetunnel \
- pvemirror \
pvesetup \
pveversion \
pveperf
man_MANS = \
- pveca.1 \
pvedaemon.1 \
- pvetunnel.1 \
pveversion.1 \
pveperf.1
Modified: pve-manager/pve2/bin/Makefile.in
===================================================================
--- pve-manager/pve2/bin/Makefile.in 2011-01-11 09:55:39 UTC (rev 5351)
+++ pve-manager/pve2/bin/Makefile.in 2011-01-11 12:26:41 UTC (rev 5352)
@@ -218,22 +218,17 @@
bin_SCRIPTS = \
pvesh \
pveam \
- pveca \
pvecert \
pvebanner \
pvectl \
pvebash \
pvedaemon \
- pvetunnel \
- pvemirror \
pvesetup \
pveversion \
pveperf
man_MANS = \
- pveca.1 \
pvedaemon.1 \
- pvetunnel.1 \
pveversion.1 \
pveperf.1
Modified: pve-manager/pve2/bin/init.d/Makefile.am
===================================================================
--- pve-manager/pve2/bin/init.d/Makefile.am 2011-01-11 09:55:39 UTC (rev 5351)
+++ pve-manager/pve2/bin/init.d/Makefile.am 2011-01-11 12:26:41 UTC (rev 5352)
@@ -2,8 +2,6 @@
initdbin_SCRIPTS = \
pvedaemon \
- pvetunnel \
- pvemirror \
pvebanner \
pvenetcommit
Modified: pve-manager/pve2/bin/init.d/Makefile.in
===================================================================
--- pve-manager/pve2/bin/init.d/Makefile.in 2011-01-11 09:55:39 UTC (rev 5351)
+++ pve-manager/pve2/bin/init.d/Makefile.in 2011-01-11 12:26:41 UTC (rev 5352)
@@ -173,8 +173,6 @@
top_srcdir = @top_srcdir@
initdbin_SCRIPTS = \
pvedaemon \
- pvetunnel \
- pvemirror \
pvebanner \
pvenetcommit
Deleted: pve-manager/pve2/bin/init.d/pvemirror
===================================================================
--- pve-manager/pve2/bin/init.d/pvemirror 2011-01-11 09:55:39 UTC (rev 5351)
+++ pve-manager/pve2/bin/init.d/pvemirror 2011-01-11 12:26:41 UTC (rev 5352)
@@ -1,52 +0,0 @@
-#!/bin/sh
-
-### BEGIN INIT INFO
-# Provides: pvemirror
-# Required-Start: $network $syslog
-# Required-Stop: $network $syslog
-# Default-Start: 2 3 4 5
-# Default-Stop: 0 1 6
-# Short-Description: Start PVE Cluster Server
-### END INIT INFO
-
-. /lib/lsb/init-functions
-
-PATH=/sbin:/bin:/usr/bin:/usr/sbin
-DAEMON=/usr/bin/pvemirror
-PIDFILE=/var/run/pvemirror.pid
-
-test -f $DAEMON || exit 0
-
-case "$1" in
- start)
- log_daemon_msg "Starting PVE Cluster Server" "pvemirror"
- start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- -p $PIDFILE
- log_end_msg $?
- ;;
- stop)
- log_daemon_msg "Stopping PVE Cluster Server" "pvemirror"
- start-stop-daemon --oknodo --stop --quiet --retry TERM/5/TERM/10/KILL --pidfile $PIDFILE
- log_end_msg $?
- ;;
- reload)
- log_daemon_msg "Reloading PVE Cluster Server Configuration" "pvemirror"
- if ( [ -e $PIDFILE ] && kill -0 `cat $PIDFILE`) then
- start-stop-daemon --stop --quiet --pidfile $PIDFILE --signal HUP
- else
- start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- -p $PIDFILE
- fi
- log_end_msg $?
- ;;
- restart|force-reload)
- log_daemon_msg "Restarting PVE Cluster Server" "pvemirror"
- start-stop-daemon --stop --quiet --retry TERM/5/TERM/10/KILL --pidfile $PIDFILE
- start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- -p $PIDFILE
- log_end_msg $?
- ;;
- *)
- echo "Usage: /etc/init.d/pvemirror {start|stop|reload|restart|force-reload}"
- exit 1
- ;;
-esac
-
-exit 0
Modified: pve-manager/pve2/bin/init.d/pvenetcommit
===================================================================
--- pve-manager/pve2/bin/init.d/pvenetcommit 2011-01-11 09:55:39 UTC (rev 5351)
+++ pve-manager/pve2/bin/init.d/pvenetcommit 2011-01-11 12:26:41 UTC (rev 5352)
@@ -2,7 +2,7 @@
### BEGIN INIT INFO
# Provides: pvenetcommit
-# Required-Start: checkroot
+# Required-Start: checkroot $remote_fs
# Required-Stop:
# Default-Start: S
# Default-Stop:
Deleted: pve-manager/pve2/bin/init.d/pvetunnel
===================================================================
--- pve-manager/pve2/bin/init.d/pvetunnel 2011-01-11 09:55:39 UTC (rev 5351)
+++ pve-manager/pve2/bin/init.d/pvetunnel 2011-01-11 12:26:41 UTC (rev 5352)
@@ -1,52 +0,0 @@
-#!/bin/sh
-
-### BEGIN INIT INFO
-# Provides: pvetunnel
-# Required-Start: $network $syslog
-# Required-Stop: $network $syslog
-# Default-Start: 2 3 4 5
-# Default-Stop: 0 1 6
-# Short-Description: Start Proxmox Tunnel Server
-### END INIT INFO
-
-. /lib/lsb/init-functions
-
-PATH=/sbin:/bin:/usr/bin:/usr/sbin
-DAEMON=/usr/bin/pvetunnel
-PIDFILE=/var/run/pvetunnel.pid
-
-test -f $DAEMON || exit 0
-
-case "$1" in
- start)
- log_daemon_msg "Starting PVE Tunnel Server" "pvetunnel"
- start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- -p $PIDFILE
- log_end_msg $?
- ;;
- stop)
- log_daemon_msg "Stopping PVE Tunnel Server" "pvetunnel"
- start-stop-daemon --oknodo --stop --quiet --retry TERM/5/TERM/10/KILL --pidfile $PIDFILE
- log_end_msg $?
- ;;
- reload)
- log_daemon_msg "Reloading PVE Tunnel Server Configuration" "pvetunnel"
- if ( [ -e $PIDFILE ] && kill -0 `cat $PIDFILE`) then
- start-stop-daemon --stop --quiet --pidfile $PIDFILE --signal HUP
- else
- start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- -p $PIDFILE
- fi
- log_end_msg $?
- ;;
- restart|force-reload)
- log_daemon_msg "Restarting PVE Tunnel Server" "pvetunnel"
- start-stop-daemon --stop --quiet --retry TERM/5/TERM/10/KILL --pidfile $PIDFILE
- start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- -p $PIDFILE
- log_end_msg $?
- ;;
- *)
- echo "Usage: /etc/init.d/pvetunnel {start|stop|reload|restart|force-reload}"
- exit 1
- ;;
-esac
-
-exit 0
Deleted: pve-manager/pve2/bin/pveca
===================================================================
--- pve-manager/pve2/bin/pveca 2011-01-11 09:55:39 UTC (rev 5351)
+++ pve-manager/pve2/bin/pveca 2011-01-11 12:26:41 UTC (rev 5352)
@@ -1,385 +0,0 @@
-#!/usr/bin/perl -w
-
-use strict;
-use Socket;
-use PVE::Utils;
-use PVE::Cluster;
-use PVE::ConfigServer;
-use PVE::AtomicFile;
-use Getopt::Long;
-use File::Path;
-use Data::Dumper;
-
-my $cinfo = PVE::Cluster::clusterinfo();
-
-my $localip = $cinfo->{local}->{ip};
-my $localname = $cinfo->{local}->{name};
-
-my $opt_add;
-my $opt_create;
-my $opt_list;
-my $opt_host;
-my $opt_delete;
-my $opt_master;
-my $opt_sync;
-my $opt_info;
-my $opt_maxtimediff = 5;
-
-sub print_usage {
- my $msg = shift;
-
- print STDERR "ERROR: $msg\n" if $msg;
- print STDERR "USAGE: pveca -l # show cluster status\n";
- print STDERR " pveca -c # create new cluster with localhost as master\n";
- print STDERR " pveca -s [-h IP] # sync cluster configuration from master (or IP)\n";
- print STDERR " pveca -d ID # delete a node\n";
- print STDERR " pveca -a [-h IP] # add new node to cluster\n";
- print STDERR " pveca -m # force local node to become master\n";
- print STDERR " pveca -i # print node info (CID NAME IP ROLE)\n";
-}
-
-if (!GetOptions ('list' => \$opt_list,
- 'host=s' => \$opt_host,
- 'sync' => \$opt_sync,
- 'delete=i' => \$opt_delete,
- 'create' => \$opt_create,
- 'master' => \$opt_master,
- 'info' => \$opt_info,
- 'add' => \$opt_add)) {
- print_usage ();
- exit (-1);
-}
-
-#PVE::Cluster::debug (1);
-
-if ($opt_host && ($opt_host !~ m/\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/)) {
- my ($name,$aliases,$addrtype,$length, at addrs) = gethostbyname ($opt_host);
- if (@addrs) {
- $opt_host = inet_ntoa(@addrs);
- } else {
- die "unable to resolve name '$opt_host'\n";
- }
-}
-
-my $hostrsapubkey = PVE::Config::read_file('hostrsapubkey');
-
-if (! -f '/root/.ssh/id_rsa.pub') {
- mkdir '/root/.ssh/';
- system ("echo|ssh-keygen -t rsa -N '' -b 1024 -f /root/.ssh/id_rsa");
-}
-
-my $rootrsapubkey = PVE::Config::read_file('rootrsapubkey');
-
-sub create_needed_dirs {
- my ($lcid) = @_;
-
- if ($lcid) {
- #fixme: what dirs do we need?
- #my $spooldir = "/var/spool/proxmox";
- #mkpath "$spooldir/cluster/$lcid/virus";
- #mkpath "$spooldir/cluster/$lcid/spam";
- }
-}
-
-create_needed_dirs ($cinfo->{local}->{cid});
-
-my $secret = PVE::Utils::load_auth_secret();
-
-sub cluster_print_nodes {
- my ($cinfo) = @_;
-
- my $ticket = PVE::Utils::create_auth_ticket ($secret, 'root', 'root');
-
- print "CID----IPADDRESS----ROLE-STATE--------UPTIME---LOAD----MEM---DISK\n";
- foreach my $ni (@{$cinfo->{nodes}}) {
-
- my $state = '-';
- my $conn;
- my $status;
-
-
- eval {
- $conn = PVE::ConfigClient::connect ($ticket, $cinfo, $ni->{cid});
- if ($status = $conn->ping()->result) {
- $state = 'A';
- }
- };
-
- my $err = $@;
-
- $state = "ERROR: $err" if $err;
-
- if ($state eq 'A') {
- $state = 'S' if !$status->{insync};
-
- printf "%2s : %-15s %-5s %1s %15s %6s %5s%% %5s%%\n",
- $ni->{cid}, $ni->{ip}, $ni->{role}, $state,
- $status->{uptime}->{uptimestrshort}, $status->{uptime}->{avg1},
- int (0.5 + ($status->{meminfo}->{mbmemused}*100/$status->{meminfo}->{mbmemtotal})),
- int (0.5 + ($status->{hdinfo}->{root}->{used}*100/$status->{hdinfo}->{root}->{avail}));
-
- } else {
- printf "%2s : %-15s %-5s %1s\n", $ni->{cid}, $ni->{ip}, $ni->{role}, $state;
- }
- }
-}
-
-
-if ($opt_list) {
-
- if (scalar @{$cinfo->{nodes}}) {
- if ($cinfo->{local}->{role} eq '-') {
- print STDERR "local node '$cinfo->{local}->{ip}' not part of cluster\n";
- } else {
- cluster_print_nodes ($cinfo);
- }
- } else {
- print STDERR "no cluster defined\n";
- }
-
-} elsif ($opt_info) {
-
- my $ni = $cinfo->{local};
-
- print "$ni->{cid} $ni->{name} $ni->{ip} $ni->{role}\n";
-
-} elsif ($opt_master) {
-
- if (scalar @{$cinfo->{nodes}}) {
-
- if ($cinfo->{local}->{role} eq 'M') {
- print STDERR "local node is already master\n";
- } elsif ($cinfo->{local}->{role} eq 'N') {
- print STDERR "forcing local node to become master\n";
-
- my $nodes;
- foreach my $ni (@{$cinfo->{nodes}}) {
- push @$nodes, $ni if $ni->{role} ne 'M';
- }
-
- foreach my $ni (@$nodes) {
- if ($ni->{cid} eq $cinfo->{local}->{cid}) {
- $ni->{role} = 'M';
- }
- }
-
- $cinfo->{nodes} = $nodes;
-
- PVE::Cluster::save_clusterinfo ($cinfo);
-
- PVE::Utils::service_cmd ('pvetunnel', 'restart');
-
- } else {
- print STDERR "local node '$cinfo->{local}->{ip}' not part of cluster\n";
- }
-
- } else {
- print STDERR "no cluster defined\n";
- }
-
-} elsif ($opt_sync) {
-
- my $syncip = $opt_host;
-
- $syncip = $cinfo->{master}->{ip} if !$syncip && $cinfo->{master};
-
- die "no master specified (use option -h)\n" if !$syncip;
-
- print STDERR "syncing master configuration from '$syncip'\n";
- PVE::Cluster::cluster_sync_mastercfg ($cinfo, $syncip);
-
-} elsif ($opt_delete) {
-
- if (!scalar @{$cinfo->{nodes}}) {
- die "no cluster defined\n";
- }
-
- if ($cinfo->{local}->{role} ne 'M') {
- die "operation not permitted (not master)\n";
- }
-
- my $new = [];
- foreach my $ni (@{$cinfo->{nodes}}) {
-
- if ($ni->{cid} == $opt_delete) {
- if ($ni->{cid} == $cinfo->{master}->{cid}) {
- die "unable to delete master\n";
- }
- } else {
- push @$new, $ni;
- }
- }
-
- $cinfo->{nodes} = $new;
-
- PVE::Cluster::save_clusterinfo ($cinfo);
-
-} elsif ($opt_create) {
-
- if ($cinfo->{local}->{role} ne '-') {
-
- print STDERR "cluster already defined - checking consistency\n";
-
- # fixme: do something here ?
-
- }
-
- my $res;
-
- $res->{ip} = $cinfo->{local}->{ip};
- $res->{name} = $cinfo->{local}->{name};
- $res->{hostrsapubkey} = $hostrsapubkey;
- $res->{rootrsapubkey} = $rootrsapubkey;
-
- $res->{cid} = 1;
- $res->{role} = 'M';
-
- $cinfo = { "CID_1" => $res , maxcid => 1 };
- $cinfo->{local} = $cinfo->{"CID_1"};
- push @{$cinfo->{nodes}}, $cinfo->{"CID_1"};
-
- # stop all cluster services
- PVE::Utils::service_wait_stopped (40, 'pvemirror', 'pvetunnel');
-
- # save new cluster configuration
- PVE::Cluster::save_clusterinfo ($cinfo);
-
- # fixme: remove any stale date
- # system ("rm -rf /var/spool/proxmox/cluster");
- create_needed_dirs ($res->{cid});
-
- # start services again
- PVE::Utils::service_cmd ('pvetunnel', 'start');
- PVE::Utils::service_cmd ('pvemirror', 'start');
-
- print STDERR "cluster master successfully created\n";
-
-} elsif ($opt_add) {
-
- my $res = {};
-
- if (!$opt_host) {
- if ($cinfo->{local}->{role} eq '-') {
- die "local host not part of cluster\n";
- } elsif ($cinfo->{local}->{role} ne 'M') {
- die "operation not permitted (not master)\n";
- }
- } else {
- if ($cinfo->{local}->{role} ne '-') {
- die "local node already part of cluster\n";
- }
- }
-
- foreach my $arg (@ARGV) {
- if ($arg =~ m/^\s*(IP):\s*(\S+)\s*$/i) {
- my ($n, $v) = (lc $1, $2);
- $res->{$n} = $v;
- } elsif ($arg =~ m/^\s*(NAME):\s*(\S+)\s*$/i) {
- my ($n, $v) = (lc $1, $2);
- $res->{$n} = $v;
- } elsif ($arg =~ m/^\s*(HOSTRSAPUBKEY):\s*(\S+)\s*$/i) {
- my ($n, $v) = (lc $1, $2);
- $res->{$n} = $v;
- } elsif ($arg =~ m/^\s*(ROOTRSAPUBKEY):\s*(\S+)\s*$/i) {
- my ($n, $v) = (lc $1, $2);
- $res->{$n} = $v;
- } else {
- die "unknown argument type '$arg'\n";
- }
- }
-
- if ($opt_host) {
- $res->{ip} = $cinfo->{local}->{ip} if !$res->{ip};
- }
-
- die "missing ip address (or use option -h)\n" if !$res->{ip};
-
- if ($res->{ip} eq $cinfo->{local}->{ip}) {
- $res->{hostrsapubkey} = $hostrsapubkey if !$res->{hostrsapubkey};
- $res->{rootrsapubkey} = $rootrsapubkey if !$res->{rootrsapubkey};
- $res->{name} = $cinfo->{local}->{name} if !$res->{name};
- }
-
- die "missing name\n" if !$res->{name};
- die "missing host RSA key\n" if !$res->{hostrsapubkey};
- die "missing user RSA key\n" if !$res->{rootrsapubkey};
-
- # fixme: check values
-
- if ($opt_host) {
- my $cmd = "ssh $opt_host /usr/bin/pveca -a " .
- "'IP:$res->{ip}' " .
- "'NAME:$res->{name}' " .
- "'HOSTRSAPUBKEY:$res->{hostrsapubkey}' " .
- "'ROOTRSAPUBKEY:$res->{rootrsapubkey}'";
-
- # print "DOING: $cmd\n";
-
- if (system ($cmd) != 0) {
- die "unable to add node: command failed - $cmd\n";
- }
-
- # stop all cluster services
- PVE::Utils::service_wait_stopped (40, 'pvemirror', 'pvetunnel');
-
- PVE::Cluster::cluster_sync_mastercfg ($cinfo, $opt_host, 1);
-
- $cinfo = PVE::Cluster::clusterinfo (); # RELOAD
-
- create_needed_dirs ($cinfo->{local}->{cid});
-
- # start services again
- PVE::Utils::service_cmd ('pvetunnel', 'start');
- PVE::Utils::service_cmd ('pvemirror', 'start');
-
- # auth secrect may have changed
- PVE::Utils::service_cmd ('apache', 'restart');
- PVE::Utils::service_cmd ('pvedaemon', 'reload');
-
- print STDERR "cluster node successfully created\n";
-
- } else {
- # check if node is unique
-
- foreach my $ni (@{$cinfo->{nodes}}) {
- if ($ni->{ip} eq $res->{ip}) {
- die "node already exists (CID:$ni->{cid}, IP:$res->{ip})\n";
- }
- if ($ni->{name} eq $res->{name}) {
- die "node already exists (CID:$ni->{cid}, NAME:$res->{name})\n";
- }
- }
-
- $res->{cid} = (++$cinfo->{maxcid});
- $res->{role} = 'N';
-
- push @{$cinfo->{nodes}}, $res;
-
- PVE::Cluster::save_clusterinfo ($cinfo);
-
- create_needed_dirs ($res->{cid});
-
- PVE::Cluster::cluster_sync_mastercfg ($cinfo, $localip);
- }
-
-} else {
- print_usage ("no action specified");
-}
-
-exit (0);
-
-__END__
-
-=head1 NAME
-
-pveca - PVE Cluster Administration Toolkit
-
-=head1 SYNOPSIS
-
-pveca
-
-=head1 DESCRIPTION
-
-Documentation is available at www.proxmox.com
-
-
Modified: pve-manager/pve2/bin/pvecert
===================================================================
--- pve-manager/pve2/bin/pvecert 2011-01-11 09:55:39 UTC (rev 5351)
+++ pve-manager/pve2/bin/pvecert 2011-01-11 12:26:41 UTC (rev 5352)
@@ -3,7 +3,23 @@
use strict;
use PVE::Cluster;
use Getopt::Long;
+use PVE::RPCEnvironment;
+use PVE::INotify qw(read_file);
+$ENV{'PATH'} = '/sbin:/bin:/usr/sbin:/usr/bin';
+
+die "please run as root\n" if $> != 0;
+
+PVE::INotify::inotify_init();
+
+my $rpcenv = PVE::RPCEnvironment->init('cli');
+
+$rpcenv->set_language($ENV{LANG});
+
+$rpcenv->set_user('root');
+
+my $hostname = $rpcenv->get_hostname();
+
my $opt_force;
if (!GetOptions ('force' => \$opt_force)) {
@@ -11,6 +27,18 @@
exit (-1);
}
+PVE::Cluster::gen_local_dirs($hostname);
+
+# make sure we have a (per node) private key
+PVE::Cluster::gen_pve_ssl_key();
+
+# make sure we have a CA
+my $force = PVE::Cluster::gen_pveca_cert();
+
+PVE::Cluster::gen_pve_ssl_cert ($force, $hostname);
+
+exit 0;
+
eval {
# make sure we have a private key
PVE::Cluster::gen_pve_ssl_key();
Deleted: pve-manager/pve2/bin/pvemirror
===================================================================
--- pve-manager/pve2/bin/pvemirror 2011-01-11 09:55:39 UTC (rev 5351)
+++ pve-manager/pve2/bin/pvemirror 2011-01-11 12:26:41 UTC (rev 5352)
@@ -1,310 +0,0 @@
-#!/usr/bin/perl -w
-
-use strict;
-use PVE::SafeSyslog;
-use POSIX ":sys_wait_h";
-use Fcntl ':flock';
-use Getopt::Long;
-use Time::HiRes qw (gettimeofday);
-use PVE::Utils;
-use PVE::Cluster;
-use PVE::ConfigServer;
-
-initlog ('pvemirror', 'daemon');
-
-my $secret = PVE::Utils::load_auth_secret();
-
-my $synctime = 60*1;
-
-my $opt_pidfile;
-my $opt_debug;
-my $opt_maxtimediff = 5;
-
-if (!GetOptions ('pidfile=s' => \$opt_pidfile,
- 'debug' => \$opt_debug)) {
- die "USAGE: $0 [--pidfile=FILENAME --debug]\n";
- exit (-1);
-}
-
-$opt_pidfile = "/var/run/pvemirror.pid" if !$opt_pidfile;
-
-sub lockpidfile {
- my $pidfile = shift;
- my $lkfn = "$pidfile.lock";
-
- if (!open (FLCK, ">>$lkfn")) {
- my $msg = "can't aquire lock on file '$lkfn' - $!";
- syslog ('err', $msg);
- print STDERR "ERROR: $msg";
- exit (-1);
- }
-
- if (!flock (FLCK, LOCK_EX|LOCK_NB)) {
- close (FLCK);
- my $msg = "can't aquire lock '$lkfn' - $!";
- syslog ('err', $msg);
- print STDERR "ERROR: $msg";
- exit (-1);
- }
-}
-
-sub writepidfile {
- my $pidfile = shift;
-
- if (!open (PIDFH, ">$pidfile")) {
- my $msg = "can't open pid file '$pidfile' - $!";
- syslog ('err', $msg);
- print STDERR "ERROR: $msg";
- exit (-1);
- }
- print PIDFH "$$\n";
- close (PIDFH);
-}
-
-sub exit_if_not_cluster {
- my $cinfo = PVE::Cluster::clusterinfo();
-
- if ($cinfo->{local}->{role} eq '-') {
- syslog ('info' , "not starting server - not part of cluster");
- exit (0);
- }
-}
-
-exit_if_not_cluster ();
-
-# try to get the lock
-lockpidfile ($opt_pidfile);
-
-# run in background
-my $spid;
-
-if (!$opt_debug) {
- open STDIN, '</dev/null' || die "can't read /dev/null";
- open STDOUT, '>/dev/null' || die "can't write /dev/null";
-}
-
-my $restart = $ENV{RESTART_PVEMIRROR};
-
-if (!$restart && !$opt_debug) {
- $spid = fork();
- if (!defined ($spid)) {
- my $msg = "can't put server into background - fork failed";
- syslog ('err', $msg);
- print STDERR "ERROR: $msg\n";
- exit (-1);
- } elsif ($spid) { #parent
- exit (0);
- }
-}
-
-writepidfile ($opt_pidfile);
-
-open STDERR, '>&STDOUT' || die "can't close STDERR";
-
-sub cleanup {
- unlink "$opt_pidfile.lock";
- unlink "$opt_pidfile";
-}
-
-$SIG{INT} = $SIG{TERM} = $SIG{QUIT} = sub {
- syslog ('info' , "server closing");
-
- $SIG{INT} = 'DEFAULT';
-
- # wait for children
- 1 while (waitpid (-1, POSIX::WNOHANG()) > 0);
-
- cleanup ();
-
- exit (0);
-};
-
-my $reload_config;
-
-if ($restart) {
- syslog ('info' , "restarting server");
-} else {
- syslog ('info' , "starting server");
-}
-
-$SIG{HUP} = sub {
- $reload_config = 1;
-};
-
-sub cluster_sync {
-
- $reload_config = 0;
-
- my $cinfo = PVE::Cluster::clusterinfo();
- my $rsynctime = 0;
- my $csynctime = 0;
-
- return if $cinfo->{local}->{role} eq '-';
-
- return if !defined ($cinfo->{master});
-
- my ($ccsec, $cusec) = gettimeofday ();
-
- my $errors = {};
- foreach my $ni (@{$cinfo->{nodes}}) {
- $errors->{$ni->{cid}} = '';
- }
-
- syslog ('info', "starting cluster syncronization");
-
- if ($cinfo->{master}->{ip} ne $cinfo->{local}->{ip}) {
-
- eval {
- syslog ('info', "syncing master configuration from '$cinfo->{master}->{ip}'");
- PVE::Cluster::cluster_sync_mastercfg ($cinfo, $cinfo->{master}->{ip});
- };
-
- my $err = $@;
-
- my ($ccsec_end, $cusec_end) = gettimeofday ();
- $csynctime += int (($ccsec_end-$ccsec)*1000 + ($cusec_end - $cusec)/1000);
-
- if ($err) {
- syslog ('err', "syncing master configuration from '$cinfo->{master}->{ip}' failed ($csynctime ms) : $err");
- $errors->{$cinfo->{master}->{cid}} .= $err;
- }
-
- $cinfo = PVE::Cluster::clusterinfo(); # reload cinfo
- }
-
- # re-check role after cinfo update - still part of cluster?
- return if $cinfo->{local}->{role} eq '-';
-
- my $sync_status = PVE::Config::read_file ("syncstatus");
-
- foreach my $ni (@{$cinfo->{nodes}}) {
- my ($rhost, $rcid) = ($ni->{ip}, $ni->{cid});
- # fixme: test resmote time if remote
- # my $ctime = PVE::Cluster::get_remote_time ($rdb);
- #my $ltime = time();
- #my $td;
- #if (($td = abs ($ltime - $ctime)) > $opt_maxtimediff) {
- #die "large time difference ($td seconds) - not syncing\n";
- #}
- #};
-
- # sync other things
-
- my $vzl = {};
-
- my $ticket = PVE::Utils::create_auth_ticket ($secret, 'root', 'root');
-
- eval {
- my $conn = PVE::ConfigClient::connect ($ticket, $cinfo, $rcid);
- $vzl = $conn->vzlist()->result;
- };
-
- my $err = $@;
-
- if ($err) {
- syslog ('err', "syncing vzlist from '$rhost' failed: $err");
- $errors->{$ni->{cid}} .= $err;
- } else {
- PVE::Config::update_file ('vzlist', $vzl, $ni->{cid});
- }
-
- next if $rhost eq $cinfo->{local}->{ip}; # local host
-
- if (!$errors->{$ni->{cid}}) {
- $sync_status->{$ni->{cid}}->{lastsync} = time();
- }
-
- }
-
- # write sync status
-
- PVE::Config::write_file ("syncstatus", $sync_status);
-
- # try to sync template database - ignore errors
- syslog ('info', "syncing templates");
- eval { PVE::Cluster::sync_templates ($cinfo); };
- syslog ('err', $@) if $@;
-
- my ($ccsec_end, $cusec_end) = gettimeofday ();
- my $cptime = ($ccsec_end-$ccsec) + ($cusec_end - $cusec)/1000000;
- my $rstime = $rsynctime/1000.0;
- my $cstime = $csynctime/1000.0;
-
- syslog ('info', sprintf ("cluster syncronization finished (%.2f seconds " .
- "(files %.2f, config %.2f))",
- $cptime, $rstime, $cstime));
-}
-
-#Pve::Cluster::debug ($opt_debug);
-
-my $next_sync = 0;
-
-# do not sync master directly after startup, because install scripts
-# have a problem with that
-my $sync = 0;
-
-my $commandline = [$0, @ARGV];
-
-sub restart_server {
- my $waittime = shift;
-
- syslog ('info', "server shutdown (restart)");
-
- $ENV{RESTART_PVEMIRROR} = 1;
-
- sleep ($waittime) if $waittime; # avoid high server load due to restarts
-
- exec (@$commandline);
- exit (-1); # never reached?
-}
-
-for (;;) { # forever
-
- eval {
- $next_sync = time + $synctime;
-
- if ($sync) {
- cluster_sync ();
- }
-
- $sync++;
-
- my $mem = PVE::Utils::get_mem_usage();
-
- if ($mem->{resident} > (35*1024*1024)) {
- syslog ('info', "restarting server after $sync cycles to reduce memory usage (free $mem->{resident} bytes)");
- restart_server ();
- }
-
- while (time < $next_sync && !$reload_config) { sleep (1); };
- };
-
- my $err = $@;
-
- if ($err) {
- syslog ('err', "ERROR: $err");
- restart_server (5);
- exit (0);
- }
-}
-
-exit (0);
-
-__END__
-
-=head1 NAME
-
-pvemirror - PVE Cluster Server
-
-=head1 SYNOPSIS
-
-pvemirror
-
-=head1 DESCRIPTION
-
-Documentation is available at www.proxmox.com
-
-
-
-
-
Deleted: pve-manager/pve2/bin/pvetunnel
===================================================================
--- pve-manager/pve2/bin/pvetunnel 2011-01-11 09:55:39 UTC (rev 5351)
+++ pve-manager/pve2/bin/pvetunnel 2011-01-11 12:26:41 UTC (rev 5352)
@@ -1,280 +0,0 @@
-#!/usr/bin/perl -w
-
-use strict;
-use PVE::SafeSyslog;
-use POSIX ":sys_wait_h";
-use Fcntl ':flock';
-use Getopt::Long;
-use PVE::Utils;
-use PVE::Cluster;
-use File::stat;
-
-initlog ('pvetunnel', 'daemon');
-
-my $workers = {};
-my $delayed_exec = {};
-my $startcount = {};
-my $reload_config;
-
-my $opt_pidfile;
-my $opt_debug;
-
-if (!GetOptions ('pidfile=s' => \$opt_pidfile,
- 'debug' => \$opt_debug)) {
- die "USAGE: $0 [--pidfile=FILENAME --debug]\n";
- exit (-1);
-}
-
-$opt_pidfile = "/var/run/pvetunnel.pid" if !$opt_pidfile;
-
-sub lockpidfile {
- my $pidfile = shift;
- my $lkfn = "$pidfile.lock";
-
- if (!open (SERVER_FLCK, ">>$lkfn")) {
- my $msg = "can't aquire lock on file '$lkfn' - $!";
- syslog ('err', $msg);
- print STDERR "ERROR: $msg";
- exit (-1);
- }
-
- if (!flock (SERVER_FLCK, LOCK_EX|LOCK_NB)) {
- close (SERVER_FLCK);
- my $msg = "can't aquire lock '$lkfn' - $!";
- syslog ('err', $msg);
- print STDERR "ERROR: $msg";
- exit (-1);
- }
-}
-
-sub writepidfile {
- my $pidfile = shift;
-
- if (!open (PIDFH, ">$pidfile")) {
- my $msg = "can't open pid file '$pidfile' - $!";
- syslog ('err', $msg);
- print STDERR "ERROR: $msg";
- exit (-1);
- }
- print PIDFH "$$\n";
- close (PIDFH);
-}
-
-sub exit_if_not_cluster {
- my $cinfo = PVE::Cluster::clusterinfo();
-
- if ($cinfo->{local}->{role} eq '-') {
- syslog ('info' , "not starting server - not part of cluster");
- exit (0);
- }
-}
-
-exit_if_not_cluster ();
-
-# try to get the lock
-lockpidfile ($opt_pidfile);
-
-# run in background
-my $spid;
-
-open STDIN, '</dev/null' || die "can't read /dev/null";
-open STDOUT, '>/dev/null' || die "can't write /dev/null";
-
-if (!$opt_debug) {
- $spid = fork();
- if (!defined ($spid)) {
- my $msg = "can't put server into background - fork failed";
- syslog ('err', $msg);
- print STDERR "ERROR: $msg\n";
- exit (-1);
- } elsif ($spid) { #parent
- exit (0);
- }
-}
-
-writepidfile ($opt_pidfile);
-
-open STDERR, '>&STDOUT' || die "can't close STDERR";
-
-### set some sigs
-$SIG{INT} = $SIG{TERM} = $SIG{QUIT} = sub {
- syslog ('info' , "server closing");
-
- $SIG{INT} = 'DEFAULT';
-
- foreach my $cpid (keys %$workers) {
- if (kill (15, $cpid) || ! kill(0, $cpid)) {
- my $ip = $workers->{$cpid}->{ip};
- delete $workers->{$cpid};
- syslog ('info', "successfully deleted tunnel $cpid $ip");
- }
- }
- # wait for children
- 1 while (waitpid (-1, POSIX::WNOHANG()) > 0);
-
- unlink "$opt_pidfile.lock";
- unlink "$opt_pidfile";
-
- exit (0);
-};
-
-sub start_tunnels {
- my ($cinfo) = @_;
-
- return if $cinfo->{local}->{role} eq '-';
-
- foreach my $ni (@{$cinfo->{nodes}}) {
- next if $ni->{ip} eq $cinfo->{local}->{ip};
-
- my $running;
- foreach my $cpid (keys %$workers) {
- $running = 1 if $workers->{$cpid}->{ip} eq $ni->{ip};
- }
- next if $running;
-
- if ($delayed_exec->{$ni->{cid}} && (time < $delayed_exec->{$ni->{cid}})) {
- next;
- }
- $delayed_exec->{$ni->{cid}} = 0;
- $startcount->{$ni->{cid}}++;
-
- my $pid = fork;
-
- if (!defined ($pid)) {
-
- syslog ('err', "can't fork tunnel");
-
- } elsif ($pid) { #parent
-
- $workers->{$pid}->{ip} = $ni->{ip};
- $workers->{$pid}->{cid} = $ni->{cid};
- $workers->{$pid}->{configport} = $ni->{configport};
-
- if ($startcount->{$ni->{cid}} > 1) {
- syslog ('info', "restarting crashed tunnel $pid $ni->{ip}");
- } else {
- syslog ('info', "starting tunnel $pid $ni->{ip}");
- }
-
- } else { # child
-
- close (SERVER_FLCK); # close the lock file (not needed for children)
-
- exec ('/usr/bin/ssh', '-N', '-o', 'BatchMode=yes',
- '-L', "$ni->{configport}:localhost:83",
- $ni->{ip});
- exit (0);
- }
- }
-}
-
-sub purge_tunnels {
- my ($cinfo) = @_;
-
- foreach my $cpid (keys %$workers) {
- my $ip = $workers->{$cpid}->{ip};
- my $cid = $workers->{$cpid}->{cid};
- my $configport = $workers->{$cpid}->{configport};
-
- my $found;
- foreach my $ni (@{$cinfo->{nodes}}) {
- $found = 1 if (($ni->{ip} eq $ip) && ($ni->{configport} eq $configport));
- }
-
- $found = 0 if $cinfo->{local}->{role} eq '-';
-
- if (!$found) {
- syslog ('info', "trying to finish tunnel $cpid $ip");
- kill (15, $cpid);
- $delayed_exec->{$cid} = time + ($startcount->{$cid} > 5 ? 60 : 10);
- delete $workers->{$cpid};
- }
- }
-}
-
-sub finish_children {
- while ((my $cpid = waitpid(-1, POSIX::WNOHANG())) > 0) {
- if (defined ($workers->{$cpid})) {
- my $ip = $workers->{$cpid}->{ip};
- my $cid = $workers->{$cpid}->{cid};
- syslog ('err', "tunnel finished $cpid $ip");
- $delayed_exec->{$cid} = time + ($startcount->{$cid} > 5 ? 60 : 10);
- delete $workers->{$cpid};
- }
- }
-}
-
-syslog ('info' , "starting server");
-
-$SIG{CHLD} = \&finish_children;
-
-$SIG{HUP} = sub {
- $reload_config = 1;
-};
-
-$SIG{PIPE} = 'IGNORE';
-
-for (;;) { # forever
-
- eval {
-
- my $lasttime = time();
- my $cinfo = PVE::Cluster::clusterinfo ();
-
- start_tunnels ($cinfo);
-
- while (sleep (1)) {
-
- finish_children ();
-
- if ($reload_config) {
- syslog ('info', "HUP detected - reloading config");
- $lasttime = time();
- $cinfo = PVE::Cluster::clusterinfo ();
- $reload_config = 0;
- } else {
- my $st = stat ("/etc/pve/cluster.cfg");
- if ($st) {
- if ($st->ctime > $lasttime) {
- $lasttime = time();
- syslog ('info', "reloading config (test for changes)");
- $cinfo = PVE::Cluster::clusterinfo ();
- }
- } else {
- if ($cinfo->{exists}) {
- syslog ('info', "no cluster configuration found");
- $cinfo = PVE::Cluster::clusterinfo ();
- }
- }
- }
-
- purge_tunnels ($cinfo);
- start_tunnels ($cinfo);
- }
- };
-
- my $err = $@;
-
- if ($err) {
- syslog ('err', $err);
- }
-
- sleep (2); # dont loop to fast
-}
-
-exit (0);
-
-__END__
-
-=head1 NAME
-
-pvetunnel - PVE Cluster Tunnel Server
-
-=head1 SYNOPSIS
-
-pvetunnel
-
-=head1 DESCRIPTION
-
-Documentation is available at www.proxmox.com
-
Modified: pve-manager/pve2/debian/conffiles
===================================================================
--- pve-manager/pve2/debian/conffiles 2011-01-11 09:55:39 UTC (rev 5351)
+++ pve-manager/pve2/debian/conffiles 2011-01-11 12:26:41 UTC (rev 5352)
@@ -1,6 +1,4 @@
/etc/init.d/pvedaemon
-/etc/init.d/pvetunnel
-/etc/init.d/pvemirror
/etc/init.d/pvebanner
/etc/init.d/pvenetcommit
/etc/cron.daily/pve
Modified: pve-manager/pve2/debian/config
===================================================================
--- pve-manager/pve2/debian/config 2011-01-11 09:55:39 UTC (rev 5351)
+++ pve-manager/pve2/debian/config 2011-01-11 12:26:41 UTC (rev 5352)
@@ -1,5 +1,8 @@
#!/bin/sh
+# Abort if any command returns an error value
+set -e
+
. /usr/share/debconf/confmodule
# we do nothing here
Modified: pve-manager/pve2/debian/control.in
===================================================================
--- pve-manager/pve2/debian/control.in 2011-01-11 09:55:39 UTC (rev 5351)
+++ pve-manager/pve2/debian/control.in 2011-01-11 12:26:41 UTC (rev 5352)
@@ -3,7 +3,7 @@
Section: admin
Priority: optional
Architecture: all
-Depends: perl5, libtimedate-perl, apache2-mpm-prefork, postfix (>= 2.2.8), libembperl-perl, libauthen-pam-perl, libintl-perl, libfilesys-smbclient-perl, rsync, libsoap-lite-perl, libapache-authcookie-perl, libgd-graph-perl, libapache2-request-perl, atsar, libjson-perl, libfile-sync-perl, libdigest-sha1-perl, vncterm, qemu-server (>= 1.1-1), libwww-perl, wget, libnet-dns-perl, vlan, ifenslave-2.6 (>= 1.1.0-10), liblinux-inotify2-perl, debconf (>= 0.5) | debconf-2.0, libjs-prototype (>= 1.6.0.3-1), netcat-traditional, pve-cluster, libpve-common-perl, libpve-storage-perl, libterm-readline-gnu-perl, libhttp-request-params-perl, libpve-access-control
+Depends: perl5, libtimedate-perl, apache2-mpm-prefork, libauthen-pam-perl, libintl-perl, rsync, libapache-authcookie-perl, libapache2-request-perl, libjson-perl, libdigest-sha1-perl, libio-stringy-perl, vncterm, qemu-server (>= 1.1-1), libwww-perl, wget, libnet-dns-perl, vlan, ifenslave-2.6 (>= 1.1.0-10), liblinux-inotify2-perl, debconf (>= 0.5) | debconf-2.0, libjs-prototype (>= 1.6.0.3-1), netcat-traditional, pve-cluster, libpve-common-perl, libpve-storage-perl, libterm-readline-gnu-perl, libhttp-request-params-perl, libpve-access-control
Conflicts: netcat-openbsd
Maintainer: Proxmox Support Team <support at proxmox.com>
Description: The Proxmox Virtual Environment
Modified: pve-manager/pve2/debian/postinst
===================================================================
--- pve-manager/pve2/debian/postinst 2011-01-11 09:55:39 UTC (rev 5351)
+++ pve-manager/pve2/debian/postinst 2011-01-11 12:26:41 UTC (rev 5352)
@@ -1,7 +1,7 @@
-#! /bin/sh
+#!/bin/sh
# Abort if any command returns an error value
-set -e
+set -e
# This script is called as the last step of the installation of the
# package. All the package's files are in place, dpkg has already
@@ -21,55 +21,28 @@
# Configure this package. If the package must prompt the user for
# information, do it here.
- mkdir /etc/pve 2>/dev/null || /bin/true
- chown -R root:root /etc/pve
- chmod -R go-w /etc/pve
+ mkdir /etc/pve 2>/dev/null || true
- # fix security (V 1.3 set wrong owner/permission)
- if [ -e /etc/pve/pve-root-ca.key ]; then
- chmod 0600 /etc/pve/pve-root-ca.key
- fi
- if [ -e /etc/pve/pve-root-ca.pem ]; then
- chmod 0644 /etc/pve/pve-root-ca.pem
- fi
- if [ -e /etc/pve/pve-root-ca.srl ]; then
- chmod 0600 /etc/pve/pve-root-ca.srl
- fi
- if [ -e /etc/pve/pve-ssl.key ]; then
- chmod 0600 /etc/pve/pve-ssl.key
- fi
- if [ -e /etc/pve/pve-ssl.pem ]; then
- chmod 0644 /etc/pve/pve-ssl.pem
- fi
-
- # allow access to log files and passwords
- usermod -G adm,shadow www-data
-
test -e /var/lib/pve-manager/apl-available || cp /usr/share/doc/pve-manager/aplinfo.dat /var/lib/pve-manager/apl-available
update-rc.d pvedaemon defaults 21 >/dev/null 2>&1
- update-rc.d pvetunnel defaults 21 >/dev/null 2>&1
- update-rc.d pvemirror defaults 22 >/dev/null 2>&1
update-rc.d pvebanner defaults 99 >/dev/null 2>&1
update-rc.d pvenetcommit start 15 S . >/dev/null 2>&1
# generate ssl keys
- /usr/bin/pvecert
+ pvecert
# make sure we have a crontab for vzdump
touch /etc/cron.d/vzdump
test -e /proxmox_install_mode || invoke-rc.d pvedaemon restart
- test -e /proxmox_install_mode || invoke-rc.d pvetunnel restart
- test -e /proxmox_install_mode || invoke-rc.d pvemirror restart
a2enmod perl >/dev/null 2>&1
a2enmod ssl >/dev/null 2>&1
a2enmod rewrite >/dev/null 2>&1
a2enmod proxy >/dev/null 2>&1
- a2enmod zembperl >/dev/null 2>&1
- a2dissite default >/dev/null 2>&1 || /bin/true
+ a2dissite default >/dev/null 2>&1 || true
a2ensite pve.conf >/dev/null 2>&1
test -e /proxmox_install_mode || invoke-rc.d apache2 restart
Modified: pve-manager/pve2/debian/postrm
===================================================================
--- pve-manager/pve2/debian/postrm 2011-01-11 09:55:39 UTC (rev 5351)
+++ pve-manager/pve2/debian/postrm 2011-01-11 12:26:41 UTC (rev 5352)
@@ -5,8 +5,6 @@
if [ "$1" = purge ]; then
update-rc.d pvedaemon remove >/dev/null 2>&1
- update-rc.d pvetunnel remove >/dev/null 2>&1
- update-rc.d pvemirror remove >/dev/null 2>&1
update-rc.d pvebanner remove >/dev/null 2>&1
update-rc.d pvenetcommit remove >/dev/null 2>&1
Modified: pve-manager/pve2/lib/PVE/AuthCookieHandler.pm
===================================================================
--- pve-manager/pve2/lib/PVE/AuthCookieHandler.pm 2011-01-11 09:55:39 UTC (rev 5351)
+++ pve-manager/pve2/lib/PVE/AuthCookieHandler.pm 2011-01-11 12:26:41 UTC (rev 5352)
@@ -19,7 +19,6 @@
use Digest::SHA1;
use PVE::SafeSyslog;
use PVE::Utils;
-use PVE::ConfigServer;
use base qw(Apache2::AuthCookie);
use Encode;
Modified: pve-manager/pve2/lib/PVE/Cluster.pm
===================================================================
--- pve-manager/pve2/lib/PVE/Cluster.pm 2011-01-11 09:55:39 UTC (rev 5351)
+++ pve-manager/pve2/lib/PVE/Cluster.pm 2011-01-11 12:26:41 UTC (rev 5352)
@@ -1,11 +1,11 @@
package PVE::Cluster;
use strict;
+use Socket;
use IO::File;
use PVE::Config;
use PVE::Utils;
use PVE::I18N;
-use PVE::ConfigServer;
use PVE::SafeSyslog;
use Time::HiRes qw (gettimeofday);
@@ -14,12 +14,28 @@
# x509 certificate utils
-my $pveca_key_fn = "/etc/pve/pve-root-ca.key";
-my $pveca_srl_fn = "/etc/pve/pve-root-ca.srl";
-my $pveca_cert_fn = "/etc/pve/pve-root-ca.pem";
-my $pvessl_key_fn = "/etc/pve/pve-ssl.key";
-my $pvessl_cert_fn = "/etc/pve/pve-ssl.pem";
+my $basedir = "/etc/pve";
+my $pveca_key_fn = "$basedir/priv/pve-root-ca.key";
+my $pveca_srl_fn = "$basedir/priv/pve-root-ca.srl";
+my $pveca_cert_fn = "$basedir/pve-root-ca.pem";
+my $pvessl_key_fn = "$basedir/local/priv/pve-ssl.key";
+my $pvessl_cert_fn = "$basedir/local/pve-ssl.pem";
+sub gen_local_dirs {
+ my ($nodename) = @_;
+
+ (-l "$basedir/local" ) || die "pve configuration filesystem not mounted\n";
+
+ my $dir = "$basedir/nodes/$nodename";
+ if (! -d $dir) {
+ mkdir($dir) || die "unable to create directory '$dir' - $!\n";
+ }
+ $dir = "$dir/priv";
+ if (! -d $dir) {
+ mkdir($dir) || die "unable to create directory '$dir' - $!\n";
+ }
+}
+
sub gen_pveca_key {
return if -f $pveca_key_fn;
@@ -62,13 +78,10 @@
return if -f $pvessl_key_fn;
- my $old_umask = umask();
eval {
- umask (0177);
PVE::Utils::run_command (['openssl', 'genrsa', '-out', $pvessl_key_fn, '1024']);
};
- umask ($old_umask);
-
+
die "unable to generate pve ssl key:\n$@" if $@;
}
@@ -76,13 +89,11 @@
my ($serial) = @_;
my $old_umask = umask();
- umask (0177);
system ("echo '$serial' > '$pveca_srl_fn'");
- umask ($old_umask);
}
sub gen_pve_ssl_cert {
- my ($force, $cinfo) = @_;
+ my ($force, $nodename) = @_;
return if !$force && -f $pvessl_cert_fn;
@@ -90,23 +101,22 @@
my $rc = PVE::Config::read_file ('resolvconf');
- if ($cinfo->{local}->{ip}) {
- $names .= ",IP:" . $cinfo->{local}->{ip};
+ my $packed_ip = gethostbyname($nodename);
+ if (defined $packed_ip) {
+ my $ip = inet_ntoa($packed_ip);
+ $names .= ",IP:" . $ip;
}
- my $fqdn = 'pve'; # default value - should not be used
+ my $fqdn = $nodename;
- if ($cinfo->{local}->{name}) {
- $names .= ",DNS:" . $cinfo->{local}->{name};
- $fqdn = $cinfo->{local}->{name};
+ $names .= ",DNS:" . $nodename;
- if ($rc && $rc->{search}) {
- $fqdn = $cinfo->{local}->{name} . "." . $rc->{search};
- $names .= ",DNS:$fqdn";
- }
-
+ if ($rc && $rc->{search}) {
+ $fqdn = $nodename . "." . $rc->{search};
+ $names .= ",DNS:$fqdn";
}
+
my $sslconf = <<__EOD;
RANDFILE = /root/.rnd
extensions = v3_req
@@ -149,10 +159,8 @@
die "unable to generate pve certificate request:\n$err";
}
+ update_serial ("0000000000000000") if ! -f $pveca_srl_fn;
- my $serial = sprintf ("%04X000000000000", $cinfo->{local}->{cid});
- update_serial ($serial) if ! -f $pveca_srl_fn;
-
eval {
PVE::Utils::run_command (['openssl', 'x509', '-req', '-in', $reqfn, '-days', '3650',
'-out', $pvessl_cert_fn, '-CAkey', $pveca_key_fn,
Modified: pve-manager/pve2/lib/PVE/REST.pm
===================================================================
--- pve-manager/pve2/lib/PVE/REST.pm 2011-01-11 09:55:39 UTC (rev 5351)
+++ pve-manager/pve2/lib/PVE/REST.pm 2011-01-11 12:26:41 UTC (rev 5352)
@@ -3,7 +3,6 @@
use warnings;
use strict;
use PVE::SafeSyslog;
-use PVE::ConfigServer;
use PVE::API2;
use Apache2::Const;
use CGI;
Modified: pve-manager/pve2/www/templates/pve.conf.in
===================================================================
--- pve-manager/pve2/www/templates/pve.conf.in 2011-01-11 09:55:39 UTC (rev 5351)
+++ pve-manager/pve2/www/templates/pve.conf.in 2011-01-11 12:26:41 UTC (rev 5352)
@@ -67,8 +67,8 @@
SSLEngine on
SSLProtocol all -SSLv2
- SSLCertificateFile @PROXMOX_ETC@/pve-ssl.pem
- SSLCertificateKeyFile @PROXMOX_ETC@/pve-ssl.key
+ SSLCertificateFile @PROXMOX_ETC@/local/pve-ssl.pem
+ SSLCertificateKeyFile @PROXMOX_ETC@/local/priv/pve-ssl.key
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
More information about the pve-devel
mailing list