Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Copy hmac.key to new nodes #1494

Merged
merged 3 commits into from Jul 3, 2020
Merged

Copy hmac.key to new nodes #1494

merged 3 commits into from Jul 3, 2020

Conversation

mbakke
Copy link
Contributor

@mbakke mbakke commented Jun 30, 2020

Hello,

This is a cherry-pick of three commits (c99ad7b, ab92101, 4f3b030) from stable-2.17 that went missing as part of #1328. They are marked as TODO in https://github.com/ganeti/ganeti/wiki/AtticMasterCherrypicks.

It fixes #1182 (again).

saschalucas
saschalucas approved these changes Jul 3, 2020
View reviewed changes
Copy link
Member

@saschalucas saschalucas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks a lot for spotting this out. I have verified, that mond and confd complain about missing hmac.key right after gnt-node add and therefore fails to start initially. The noded will install hmac.key later via RPC calls during node setup. Then these daemons can be started by the watcher. This PR makes these daemons start properly (again).

@aehlig @saschalucas
Add a constant for a new node-setup paramter
f5f941c 
Signed-off-by: Klaus Aehlig <aehlig@google.com>
Reviewed-by: Petr Pudlak <pudlak@google.com>
(cherry picked from commit c99ad7b)
@aehlig @saschalucas
Add a function to extract the hmac key
2859b3e 
The function extracts the hmac key from the provided
initial data; it also raises an appropriate error if
the key is not provided.

Signed-off-by: Klaus Aehlig <aehlig@google.com>
Reviewed-by: Petr Pudlak <pudlak@google.com>
(cherry picked from commit cd58e9e)
@aehlig @saschalucas
Also ship the hmac key with the inital data
fc34b27 
On setting up a node, initial data is shipped via ssh to the
target node, so that the node daemon can run properly to take
on the remaining configuration tasks via RPC. At that point, also
other daemons, including the monitoring daemon (if enabled) are
started. Therefore, also ship the hmac key file as part of the
initial data, as the monitoring daemon needs it for confd queries.

Signed-off-by: Klaus Aehlig <aehlig@google.com>
Reviewed-by: Petr Pudlak <pudlak@google.com>
(cherry picked from commit 4f3b030)
@saschalucas saschalucas merged commit 80de857 into ganeti:master Jul 3, 2020
@mbakke mbakke deleted the copy-hmac branch July 3, 2020 20:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@saschalucas saschalucas saschalucas approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

ganeti-mond and ganeti-confd fail to start upon node add
3 participants
@mbakke @saschalucas @aehlig