From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <f.gruenbichler@proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 by lists.proxmox.com (Postfix) with ESMTPS id A3D9C72242
 for <pve-devel@lists.proxmox.com>; Thu,  1 Jul 2021 09:59:33 +0200 (CEST)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
 by firstgate.proxmox.com (Proxmox) with ESMTP id 932E221E2F
 for <pve-devel@lists.proxmox.com>; Thu,  1 Jul 2021 09:59:03 +0200 (CEST)
Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com
 [94.136.29.106])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 by firstgate.proxmox.com (Proxmox) with ESMTPS id E1BE021E24
 for <pve-devel@lists.proxmox.com>; Thu,  1 Jul 2021 09:59:02 +0200 (CEST)
Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1])
 by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 9DE7942506
 for <pve-devel@lists.proxmox.com>; Thu,  1 Jul 2021 09:59:02 +0200 (CEST)
From: =?UTF-8?q?Fabian=20Gr=C3=BCnbichler?= <f.gruenbichler@proxmox.com>
To: pve-devel@lists.proxmox.com
Date: Thu,  1 Jul 2021 09:58:56 +0200
Message-Id: <20210701075857.3871664-1-f.gruenbichler@proxmox.com>
X-Mailer: git-send-email 2.30.2
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-SPAM-LEVEL: Spam detection results:  0
 AWL 0.567 Adjusted score from AWL reputation of From: address
 BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_PASS               -0.001 SPF: sender matches SPF record
Subject: [pve-devel] [PATCH manager 1/2] pve6to7: reduce number of cluster
 PASS statements
X-BeenThere: pve-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pve-devel/>
List-Post: <mailto:pve-devel@lists.proxmox.com>
List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=subscribe>
X-List-Received-Date: Thu, 01 Jul 2021 07:59:33 -0000

these were mostly releveant for upgrading from Corosync 2.x to 3.x - so
keep the warnings/errors, but reduce the noise a bit by skipping lots of
PASS output.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
---

Notes:
    on a 3-node cluster this reduced the amount of output from 47 statements to 40,
    total lines from 111 to 101.

 PVE/CLI/pve6to7.pm | 50 +++++++++++++++++++++++++---------------------
 1 file changed, 27 insertions(+), 23 deletions(-)

diff --git a/PVE/CLI/pve6to7.pm b/PVE/CLI/pve6to7.pm
index 1c89242d..899ef6c6 100644
--- a/PVE/CLI/pve6to7.pm
+++ b/PVE/CLI/pve6to7.pm
@@ -302,17 +302,25 @@ sub check_cluster_corosync {
 	if $conf_nodelist_count != $cfs_nodelist_count;
 
     print "\nChecking nodelist entries..\n";
+    my $nodelist_pass = 1;
     for my $cs_node (sort keys %$conf_nodelist) {
 	my $entry = $conf_nodelist->{$cs_node};
-	log_fail("$cs_node: no name entry in corosync.conf.")
-	    if !defined($entry->{name});
-	log_fail("$cs_node: no nodeid configured in corosync.conf.")
-	    if !defined($entry->{nodeid});
+	if (!defined($entry->{name})) {
+	    $nodelist_pass = 0;
+	    log_fail("$cs_node: no name entry in corosync.conf.");
+	}
+	if (!defined($entry->{nodeid})) {
+	    $nodelist_pass = 0;
+	    log_fail("$cs_node: no nodeid configured in corosync.conf.");
+	}
 	my $gotLinks = 0;
 	for my $link (0..7) {
 	    $gotLinks++ if defined($entry->{"ring${link}_addr"});
 	}
-	log_fail("$cs_node: no ringX_addr (0 <= X <= 7) link defined in corosync.conf.") if $gotLinks <= 0;
+	if ($gotLinks <= 0) {
+	    $nodelist_pass = 0;
+	    log_fail("$cs_node: no ringX_addr (0 <= X <= 7) link defined in corosync.conf.");
+	}
 
 	my $verify_ring_ip = sub {
 	    my $key = shift;
@@ -320,11 +328,11 @@ sub check_cluster_corosync {
 		my ($resolved_ip, undef) = PVE::Corosync::resolve_hostname_like_corosync($ring, $conf);
 		if (defined($resolved_ip)) {
 		    if ($resolved_ip ne $ring) {
+			$nodelist_pass = 0;
 			log_warn("$cs_node: $key '$ring' resolves to '$resolved_ip'.\n Consider replacing it with the currently resolved IP address.");
-		    } else {
-			log_pass("$cs_node: $key is configured to use IP address '$ring'");
 		    }
 		} else {
+		    $nodelist_pass = 0;
 		    log_fail("$cs_node: unable to resolve $key '$ring' to an IP address according to Corosync's resolve strategy - cluster will potentially fail with Corosync 3.x/kronosnet!");
 		}
 	    }
@@ -333,42 +341,38 @@ sub check_cluster_corosync {
 	    $verify_ring_ip->("ring${link}_addr");
 	}
     }
+    log_pass("nodelist settings OK") if $nodelist_pass;
 
     print "\nChecking totem settings..\n";
     my $totem = $conf->{main}->{totem};
+    my $totem_pass = 1;
+
     my $transport = $totem->{transport};
     if (defined($transport)) {
 	if ($transport ne 'knet') {
+	    $totem_pass = 0;
 	    log_fail("Corosync transport explicitly set to '$transport' instead of implicit default!");
-	} else {
-	    log_pass("Corosync transport set to '$transport'.");
 	}
-    } else {
-	log_pass("Corosync transport set to implicit default.");
     }
 
     # TODO: are those values still up-to-date?
     if ((!defined($totem->{secauth}) || $totem->{secauth} ne 'on') && (!defined($totem->{crypto_cipher}) || $totem->{crypto_cipher} eq 'none')) {
+	$totem_pass = 0;
 	log_fail("Corosync authentication/encryption is not explicitly enabled (secauth / crypto_cipher / crypto_hash)!");
-    } else {
-	if (defined($totem->{crypto_cipher}) && $totem->{crypto_cipher} eq '3des') {
-	    log_fail("Corosync encryption cipher set to '3des', no longer supported in Corosync 3.x!"); # FIXME: can be removed?
-	} else {
-	    log_pass("Corosync encryption and authentication enabled.");
-	}
+    } elsif (defined($totem->{crypto_cipher}) && $totem->{crypto_cipher} eq '3des') {
+	$totem_pass = 0;
+	log_fail("Corosync encryption cipher set to '3des', no longer supported in Corosync 3.x!"); # FIXME: can be removed?
     }
 
+    log_pass("totem settings OK") if $totem_pass;
     print "\n";
     log_info("run 'pvecm status' to get detailed cluster status..");
 
-    print_header("CHECKING INSTALLED COROSYNC VERSION");
     if (defined(my $corosync = $get_pkg->('corosync'))) {
 	if ($corosync->{OldVersion} =~ m/^2\./) {
-	    log_fail("corosync 2.x installed, cluster-wide upgrade to 3.x needed!");
-	} elsif ($corosync->{OldVersion} =~ m/^3\./) {
-	    log_pass("corosync 3.x installed.");
-	} else {
-	    log_fail("unexpected corosync version installed: $corosync->{OldVersion}!");
+	    log_fail("\ncorosync 2.x installed, cluster-wide upgrade to 3.x needed!");
+	} elsif ($corosync->{OldVersion} !~ m/^3\./) {
+	    log_fail("\nunexpected corosync version installed: $corosync->{OldVersion}!");
 	}
     }
 }
-- 
2.30.2