public inbox for pve-devel@lists.proxmox.com
 help / color / mirror / Atom feed
From: Aaron Lauterer <a.lauterer@proxmox.com>
To: "Proxmox VE development discussion" <pve-devel@lists.proxmox.com>,
	"Fabian Grünbichler" <f.gruenbichler@proxmox.com>
Subject: Re: [pve-devel] [PATCH cluster 1/2] fix #5461: pvecm: ssh: adapt intra cluster ssh options
Date: Thu, 16 May 2024 12:38:49 +0200	[thread overview]
Message-ID: <53d5707e-e297-4a91-8fe6-b3b1ae195929@proxmox.com> (raw)
In-Reply-To: <1715852043.kplc7htoyp.astroid@yuna.none>

I'll give it a try and will send a v2 :)

On  2024-05-16  12:17, Fabian Grünbichler wrote:
> On May 15, 2024 12:32 pm, Aaron Lauterer wrote:
>> because otherwise the SSH calls to other nodes in the cluster will fail
>> on newer clusters that only have the ssh known host keys located in the
>> pmxcfs.
>>
>> By utilizing SSHInfo::ssh_info_to_ssh_opts we can add the needed options
>> to the SSH call to have the node name aliased correctly and pointing SSH
>> to the correct known hosts file.
> 
> couldn't this completely be switched over to use ssh_info_to_command ?
> then we'd also benefit from other existing and future additions there
> 
> ssh_info_to_ssh_opts is basically the escape hatch for cases where that
> does not work, like scp ;)
> 
>> Signed-off-by: Aaron Lauterer <a.lauterer@proxmox.com>
>> ---
>>   src/PVE/CLI/pvecm.pm | 24 +++++++++++++++---------
>>   1 file changed, 15 insertions(+), 9 deletions(-)
>>
>> diff --git a/src/PVE/CLI/pvecm.pm b/src/PVE/CLI/pvecm.pm
>> index 0e8ca8f..5c285a9 100755
>> --- a/src/PVE/CLI/pvecm.pm
>> +++ b/src/PVE/CLI/pvecm.pm
>> @@ -18,6 +18,7 @@ use PVE::PTY;
>>   use PVE::API2::ClusterConfig;
>>   use PVE::Corosync;
>>   use PVE::Cluster::Setup;
>> +use PVE::SSHInfo;
>>   
>>   use base qw(PVE::CLIHandler);
>>   
>> @@ -173,9 +174,10 @@ __PACKAGE__->register_method ({
>>   	run_command([@$scp_cmd, "root\@\[$qnetd_addr\]:$ca_export_file", "/etc/pve/$ca_export_base"]);
>>   	$foreach_member->(sub {
>>   	    my ($node, $ip) = @_;
>> +	    my $ssh_options = PVE::SSHInfo::ssh_info_to_ssh_opts ({ ip => $ip, name => $node });
>>   	    my $outsub = sub { print "\nnode '$node': " . shift };
>>   	    run_command(
>> -		[@$ssh_cmd, $ip, $qdevice_certutil, "-i", "-c", "/etc/pve/$ca_export_base"],
>> +		[@$ssh_cmd, @$ssh_options, $ip, $qdevice_certutil, "-i", "-c", "/etc/pve/$ca_export_base"],
>>   		noerr => 1, outfunc => \&$outsub
>>   	    );
>>   	});
>> @@ -206,9 +208,10 @@ __PACKAGE__->register_method ({
>>   	run_command([@$scp_cmd, "$db_dir_node/$p12_file_base", "/etc/pve/"]);
>>   	$foreach_member->(sub {
>>   	    my ($node, $ip) = @_;
>> +	    my $ssh_options = PVE::SSHInfo::ssh_info_to_ssh_opts ({ ip => $ip, name => $node });
>>   	    my $outsub = sub { print "\nnode '$node': " . shift };
>>   	    run_command([
>> -		    @$ssh_cmd, $ip, "$qdevice_certutil", "-m", "-c",
>> +		    @$ssh_cmd, @$ssh_options, $ip, "$qdevice_certutil", "-m", "-c",
>>   		    "/etc/pve/$p12_file_base"], outfunc => \&$outsub
>>   		);
>>   	});
>> @@ -243,10 +246,11 @@ __PACKAGE__->register_method ({
>>   
>>   	$foreach_member->(sub {
>>   	    my ($node, $ip) = @_;
>> +	    my $ssh_options = PVE::SSHInfo::ssh_info_to_ssh_opts ({ ip => $ip, name => $node });
>>   	    my $outsub = sub { print "\nnode '$node': " . shift };
>>   	    print "\nINFO: start and enable corosync qdevice daemon on node '$node'...\n";
>> -	    run_command([@$ssh_cmd, $ip, 'systemctl', 'start', 'corosync-qdevice'], outfunc => \&$outsub);
>> -	    run_command([@$ssh_cmd, $ip, 'systemctl', 'enable', 'corosync-qdevice'], outfunc => \&$outsub);
>> +	    run_command([@$ssh_cmd, @$ssh_options, $ip, 'systemctl', 'start', 'corosync-qdevice'], outfunc => \&$outsub);
>> +	    run_command([@$ssh_cmd, @$ssh_options, $ip, 'systemctl', 'enable', 'corosync-qdevice'], outfunc => \&$outsub);
>>   	});
>>   
>>   	run_command(['corosync-cfgtool', '-R']); # do cluster wide config reload
>> @@ -291,8 +295,9 @@ __PACKAGE__->register_method ({
>>   	    # cleanup qdev state (cert storage)
>>   	    my $qdev_state_dir =  "/etc/corosync/qdevice";
>>   	    $foreach_member->(sub {
>> -		my (undef, $ip) = @_;
>> -		run_command([@$ssh_cmd, $ip, '--', 'rm', '-rf', $qdev_state_dir]);
>> +		my ($node, $ip) = @_;
>> +		my $ssh_options = PVE::SSHInfo::ssh_info_to_ssh_opts ({ ip => $ip, name => $node });
>> +		run_command([@$ssh_cmd, @$ssh_options, $ip, '--', 'rm', '-rf', $qdev_state_dir]);
>>   	    });
>>   	};
>>   
>> @@ -300,9 +305,10 @@ __PACKAGE__->register_method ({
>>   	die $@ if $@;
>>   
>>   	$foreach_member->(sub {
>> -	    my (undef, $ip) = @_;
>> -	    run_command([@$ssh_cmd, $ip, 'systemctl', 'stop', 'corosync-qdevice']);
>> -	    run_command([@$ssh_cmd, $ip, 'systemctl', 'disable', 'corosync-qdevice']);
>> +	    my ($node, $ip) = @_;
>> +	    my $ssh_options = PVE::SSHInfo::ssh_info_to_ssh_opts ({ ip => $ip, name => $node });
>> +	    run_command([@$ssh_cmd, @$ssh_options, $ip, 'systemctl', 'stop', 'corosync-qdevice']);
>> +	    run_command([@$ssh_cmd, @$ssh_options, $ip, 'systemctl', 'disable', 'corosync-qdevice']);
>>   	});
>>   
>>   	run_command(['corosync-cfgtool', '-R']);
>> -- 
>> 2.39.2
>>
>>
>>
>> _______________________________________________
>> pve-devel mailing list
>> pve-devel@lists.proxmox.com
>> https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
>>
>>
>>
> 
> 
> _______________________________________________
> pve-devel mailing list
> pve-devel@lists.proxmox.com
> https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
> 
> 


_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel

  reply	other threads:[~2024-05-16 10:39 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-05-15 10:32 [pve-devel] [PATCH cluster 0/2] fix #5461: qdevice cluster mgmt Aaron Lauterer
2024-05-15 10:32 ` [pve-devel] [PATCH cluster 1/2] fix #5461: pvecm: ssh: adapt intra cluster ssh options Aaron Lauterer
2024-05-16 10:17   ` Fabian Grünbichler
2024-05-16 10:38     ` Aaron Lauterer [this message]
2024-05-15 10:32 ` [pve-devel] [PATCH cluster 2/2] pvecm: qdevice: adjust line lengths Aaron Lauterer
2024-05-16  9:45   ` Fabian Grünbichler
2024-05-21  7:12 ` [pve-devel] [PATCH cluster 0/2] fix #5461: qdevice cluster mgmt Aaron Lauterer

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=53d5707e-e297-4a91-8fe6-b3b1ae195929@proxmox.com \
    --to=a.lauterer@proxmox.com \
    --cc=f.gruenbichler@proxmox.com \
    --cc=pve-devel@lists.proxmox.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal