def set_add_resource_sets(elem, sets, cib):
allowed_options = {
"sequential": ("true", "false"),
"require-all": ("true", "false"),
"action": ("start", "promote", "demote", "stop"),
"role": ("Stopped", "Started", "Master", "Slave"),
}
for o_set in sets:
set_id = "pcs_rsc_set"
res_set = cib.createElement("resource_set")
elem.appendChild(res_set)
for opts in o_set:
if opts.find("=") != -1:
key, val = opts.split("=")
if key not in allowed_options:
utils.err("invalid option '%s', allowed options are: %s" %
(key, ", ".join(allowed_options.keys())))
if val not in allowed_options[key]:
utils.err(
"invalid value '%s' of option '%s', allowed values are: %s"
% (val, key, ", ".join(allowed_options[key])))
res_set.setAttribute(key, val)
else:
res_valid, res_error = utils.validate_constraint_resource(
cib, opts)
if not res_valid:
utils.err(res_error)
se = cib.createElement("resource_ref")
res_set.appendChild(se)
se.setAttribute("id", opts)
set_id = set_id + "_" + opts
res_set.setAttribute("id", utils.find_unique_id(cib, set_id))
def colocation_set(argv):
setoptions = []
for i in range(len(argv)):
if argv[i] == "setoptions":
setoptions = argv[i+1:]
argv[i:] = []
break
current_set = set_args_into_array(argv)
colocation_id = "pcs_rsc_colocation"
for a in argv:
if a.find('=') == -1:
colocation_id = colocation_id + "_" + a
cib = utils.get_cib_etree()
constraints = cib.find(".//constraints")
if constraints == None:
constraints = ET.SubElement(cib, "constraints")
rsc_colocation = ET.SubElement(constraints,"rsc_colocation")
rsc_colocation.set("id", utils.find_unique_id(cib,colocation_id))
rsc_colocation.set("score","INFINITY")
for opt in setoptions:
if opt.find("=") != -1:
name,value = opt.split("=")
rsc_colocation.set(name,value)
set_add_resource_sets(rsc_colocation, current_set, cib)
utils.replace_cib_configuration(cib)
def set_add_resource_sets(elem, sets, cib):
allowed_options = {
"sequential": ("true", "false"),
"require-all": ("true", "false"),
"action" : ("start", "promote", "demote", "stop"),
"role" : ("Stopped", "Started", "Master", "Slave"),
}
for o_set in sets:
set_id = "pcs_rsc_set"
res_set = ET.SubElement(elem,"resource_set")
for opts in o_set:
if opts.find("=") != -1:
key,val = opts.split("=")
if key not in allowed_options:
utils.err(
"invalid option '%s', allowed options are: %s"
% (key, ", ".join(allowed_options.keys()))
)
if val not in allowed_options[key]:
utils.err(
"invalid value '%s' of option '%s', allowed values are: %s"
% (val, key, ", ".join(allowed_options[key]))
)
res_set.set(key,val)
else:
se = ET.SubElement(res_set,"resource_ref")
se.set("id",opts)
set_id = set_id + "_" + opts
res_set.set("id", utils.find_unique_id(cib,set_id))
def order_set(argv):
setoptions = []
for i in range(len(argv)):
if argv[i] == "setoptions":
setoptions = argv[i + 1:]
argv[i:] = []
break
argv.insert(0, "set")
resource_sets = set_args_into_array(argv)
if not check_empty_resource_sets(resource_sets):
usage.constraint(["order set"])
sys.exit(1)
cib, constraints = getCurrentConstraints(utils.get_cib_dom())
attributes = []
id_specified = False
for opt in setoptions:
if "=" not in opt:
utils.err("missing value of '%s' option" % opt)
name, value = opt.split("=", 1)
if name == "id":
id_valid, id_error = utils.validate_xml_id(value, 'constraint id')
if not id_valid:
utils.err(id_error)
if utils.does_id_exist(cib, value):
utils.err(
"id '%s' is already in use, please specify another one" %
value)
id_specified = True
attributes.append((name, value))
elif name == "kind":
normalized_value = value.lower().capitalize()
if normalized_value not in OPTIONS_KIND:
utils.err("invalid kind value '%s', allowed values are: %s" %
(value, ", ".join(OPTIONS_KIND)))
attributes.append((name, normalized_value))
elif name == "symmetrical":
if value.lower() not in OPTIONS_SYMMETRICAL:
utils.err(
"invalid symmetrical value '%s', allowed values are: %s" %
(value, ", ".join(OPTIONS_SYMMETRICAL)))
attributes.append((name, value.lower()))
else:
utils.err("invalid option '%s', allowed options are: %s" %
(name, "kind, symmetrical, id"))
if not id_specified:
order_id = "pcs_rsc_order"
for a in argv:
if "=" not in a:
order_id += "_" + a
attributes.append(("id", utils.find_unique_id(cib, order_id)))
rsc_order = cib.createElement("rsc_order")
for name, value in attributes:
rsc_order.setAttribute(name, value)
set_add_resource_sets(rsc_order, resource_sets, cib)
constraints.appendChild(rsc_order)
utils.replace_cib_configuration(cib)
def stonith_level_add(level, node, devices):
dom = utils.get_cib_dom()
if not "--force" in utils.pcs_options:
for dev in devices.split(","):
if not utils.is_stonith_resource(dev):
utils.err("%s is not a stonith id (use --force to override)" % dev)
if not utils.is_corosync_node(node):
utils.err("%s is not currently a node (use --force to override)" % node)
ft = dom.getElementsByTagName("fencing-topology")
if len(ft) == 0:
conf = dom.getElementsByTagName("configuration")[0]
ft = dom.createElement("fencing-topology")
conf.appendChild(ft)
else:
ft = ft[0]
fls = ft.getElementsByTagName("fencing-level")
for fl in fls:
if fl.getAttribute("target") == node and fl.getAttribute("index") == level and fl.getAttribute("devices") == devices:
utils.err("unable to add fencing level, fencing level for node: %s, at level: %s, with device: %s already exists" % (node,level,devices))
new_fl = dom.createElement("fencing-level")
ft.appendChild(new_fl)
new_fl.setAttribute("target", node)
new_fl.setAttribute("index", level)
new_fl.setAttribute("devices", devices)
new_fl.setAttribute("id", utils.find_unique_id(dom, "fl-" + node +"-" + level))
utils.replace_cib_configuration(dom)
def colocation_add(argv):
if len(argv) < 2:
usage.constraint()
sys.exit(1)
resource1 = argv.pop(0)
resource2 = argv.pop(0)
if not utils.does_resource_exist(resource1):
print "Error: Resource '" + resource1 + "' does not exist"
sys.exit(1)
if not utils.does_resource_exist(resource2):
print "Error: Resource '" + resource2 + "' does not exist"
sys.exit(1)
score,nv_pairs = parse_score_options(argv)
(dom,constraintsElement) = getCurrentConstraints()
cl_id = utils.find_unique_id(dom, "colocation-" + resource1 + "-" +
resource2 + "-" + score)
element = dom.createElement("rsc_colocation")
element.setAttribute("id",cl_id)
element.setAttribute("rsc",resource1)
element.setAttribute("with-rsc",resource2)
element.setAttribute("score",score)
for nv_pair in nv_pairs:
element.setAttribute(nv_pair[0], nv_pair[1])
constraintsElement.appendChild(element)
xml_constraint_string = constraintsElement.toxml()
args = ["cibadmin", "-c", "-R", "--xml-text", xml_constraint_string]
output,retval = utils.run(args)
if output != "":
print output
def stonith_level_add(level, node, devices):
dom = utils.get_cib_dom()
if not "--force" in utils.pcs_options:
for dev in devices.split(","):
if not utils.is_stonith_resource(dev):
utils.err("%s is not a stonith id (use --force to override)" % dev)
if not utils.is_pacemaker_node(node) and not utils.is_corosync_node(node):
utils.err("%s is not currently a node (use --force to override)" % node)
ft = dom.getElementsByTagName("fencing-topology")
if len(ft) == 0:
conf = dom.getElementsByTagName("configuration")[0]
ft = dom.createElement("fencing-topology")
conf.appendChild(ft)
else:
ft = ft[0]
fls = ft.getElementsByTagName("fencing-level")
for fl in fls:
if fl.getAttribute("target") == node and fl.getAttribute("index") == level and fl.getAttribute("devices") == devices:
utils.err("unable to add fencing level, fencing level for node: %s, at level: %s, with device: %s already exists" % (node,level,devices))
new_fl = dom.createElement("fencing-level")
ft.appendChild(new_fl)
new_fl.setAttribute("target", node)
new_fl.setAttribute("index", level)
new_fl.setAttribute("devices", devices)
new_fl.setAttribute("id", utils.find_unique_id(dom, "fl-" + node +"-" + level))
utils.replace_cib_configuration(dom)
def acl_permission(argv):
if len(argv) < 1:
usage.acl("permission")
sys.exit(1)
dom = utils.get_cib_dom()
dom, acls = get_acls(dom)
command = argv.pop(0)
if command == "add":
if len(argv) < 4:
usage.acl("permission add")
sys.exit(1)
role_id = argv.pop(0)
found = False
for role in dom.getElementsByTagName("acl_role"):
if role.getAttribute("id") == role_id:
found = True
break
if found == False:
acl_role(["create", role_id] + argv)
return
while len(argv) >= 3:
kind = argv.pop(0)
se = dom.createElement("acl_permission")
se.setAttribute("id", utils.find_unique_id(dom, role_id + "-" + kind))
se.setAttribute("kind", kind)
xp_id = argv.pop(0)
if xp_id == "xpath":
xpath_query = argv.pop(0)
se.setAttribute("xpath",xpath_query)
elif xp_id == "id":
acl_ref = argv.pop(0)
se.setAttribute("reference",acl_ref)
else:
usage.acl("permission add")
role.appendChild(se)
utils.replace_cib_configuration(dom)
elif command == "delete":
if len(argv) < 1:
usage.acl("permission delete")
sys.exit(1)
perm_id = argv.pop(0)
found = False
for elem in dom.getElementsByTagName("acl_permission"):
if elem.getAttribute("id") == perm_id:
elem.parentNode.removeChild(elem)
found = True
if not found:
utils.err("Unable to find permission with id: %s" % perm_id)
utils.replace_cib_configuration(dom)
else:
usage.acl("permission")
sys.exit(1)
def location_rule(argv):
if len(argv) < 3:
usage.constraint("location rule")
sys.exit(1)
res_name = argv.pop(0)
resource_valid, resource_error = utils.validate_constraint_resource(
utils.get_cib_dom(), res_name
)
if not resource_valid:
utils.err(resource_error)
argv.pop(0)
cib = utils.get_cib_dom()
constraints = cib.getElementsByTagName("constraints")[0]
lc = cib.createElement("rsc_location")
constraints.appendChild(lc)
lc_id = utils.find_unique_id(cib, "location-" + res_name)
lc.setAttribute("id", lc_id)
lc.setAttribute("rsc", res_name)
rule_utils.dom_rule_add(lc, argv)
utils.replace_cib_configuration(cib)
def colocation_add(argv):
if len(argv) < 2:
usage.constraint()
sys.exit(1)
resource1 = argv.pop(0)
resource2 = argv.pop(0)
score, nv_pairs = parse_score_options(argv)
(dom, constraintsElement) = getCurrentConstraints()
cl_id = utils.find_unique_id(
dom, "colocation-" + resource1 + "-" + resource2 + "-" + score)
element = dom.createElement("rsc_colocation")
element.setAttribute("id", cl_id)
element.setAttribute("rsc", resource1)
element.setAttribute("with-rsc", resource2)
element.setAttribute("score", score)
for nv_pair in nv_pairs:
element.setAttribute(nv_pair[0], nv_pair[1])
constraintsElement.appendChild(element)
xml_constraint_string = constraintsElement.toxml()
args = ["cibadmin", "-c", "-R", "--xml-text", xml_constraint_string]
output, retval = utils.run(args)
if output != "":
print output
def order_set(argv):
current_set = set_args_into_array(argv)
cib = utils.get_cib_etree()
constraints = cib.find(".//constraints")
if constraints == None:
constraints = ET.SubElement(cib, "constraints")
rsc_order = ET.SubElement(constraints,"rsc_order")
rsc_order.set("id", utils.find_unique_id(cib,"pcs_rsc_order"))
set_add_resource_sets(rsc_order, current_set, cib)
utils.replace_cib_configuration(cib)
def order_set(argv):
current_set = set_args_into_array(argv)
cib = utils.get_cib_etree()
constraints = cib.find(".//constraints")
if constraints == None:
constraints = ET.SubElement(cib, "constraints")
rsc_order = ET.SubElement(constraints, "rsc_order")
rsc_order.set("id", utils.find_unique_id(cib, "pcs_rsc_order"))
set_add_resource_sets(rsc_order, current_set, cib)
utils.replace_cib_configuration(cib)
def set_add_resource_sets(elem, sets, cib):
for o_set in sets:
res_set = ET.SubElement(elem,"resource_set")
res_set.set("id", utils.find_unique_id(cib,"pcs_rsc_set"))
for opts in o_set:
if opts.find("=") != -1:
key,val = opts.split("=")
res_set.set(key,val)
else:
se = ET.SubElement(res_set,"resource_ref")
se.set("id",opts)
def set_add_resource_sets(elem, sets, cib):
for o_set in sets:
res_set = ET.SubElement(elem, "resource_set")
res_set.set("id", utils.find_unique_id(cib, "pcs_rsc_set"))
for opts in o_set:
if opts.find("=") != -1:
key, val = opts.split("=")
res_set.set(key, val)
else:
se = ET.SubElement(res_set, "resource_ref")
se.set("id", opts)
def location_rule(argv):
if len(argv) < 3:
usage.constraint(["location", "rule"])
sys.exit(1)
res_name = argv.pop(0)
resource_valid, resource_error, correct_id \
= utils.validate_constraint_resource(utils.get_cib_dom(), res_name)
if "--autocorrect" in utils.pcs_options and correct_id:
res_name = correct_id
elif not resource_valid:
utils.err(resource_error)
argv.pop(0) # pop "rule"
options, rule_argv = rule_utils.parse_argv(argv, {
"constraint-id": None,
"resource-discovery": None,
})
# If resource-discovery is specified, we use it with the rsc_location
# element not the rule
if "resource-discovery" in options and options["resource-discovery"]:
utils.checkAndUpgradeCIB(2, 2, 0)
cib, constraints = getCurrentConstraints(utils.get_cib_dom())
lc = cib.createElement("rsc_location")
lc.setAttribute("resource-discovery",
options.pop("resource-discovery"))
else:
cib, constraints = getCurrentConstraints(utils.get_cib_dom())
lc = cib.createElement("rsc_location")
constraints.appendChild(lc)
if options.get("constraint-id"):
id_valid, id_error = utils.validate_xml_id(options["constraint-id"],
'constraint id')
if not id_valid:
utils.err(id_error)
if utils.does_id_exist(cib, options["constraint-id"]):
utils.err("id '%s' is already in use, please specify another one" %
options["constraint-id"])
lc.setAttribute("id", options["constraint-id"])
del options["constraint-id"]
else:
lc.setAttribute("id", utils.find_unique_id(cib,
"location-" + res_name))
lc.setAttribute("rsc", res_name)
rule_utils.dom_rule_add(lc, options, rule_argv)
location_rule_check_duplicates(constraints, lc)
utils.replace_cib_configuration(cib)
def location_rule(argv):
if len(argv) < 3:
usage.constraint(["location", "rule"])
sys.exit(1)
res_name = argv.pop(0)
resource_valid, resource_error, correct_id \
= utils.validate_constraint_resource(utils.get_cib_dom(), res_name)
if "--autocorrect" in utils.pcs_options and correct_id:
res_name = correct_id
elif not resource_valid:
utils.err(resource_error)
argv.pop(0) # pop "rule"
options, rule_argv = rule_utils.parse_argv(argv, {"constraint-id": None, "resource-discovery": None,})
# If resource-discovery is specified, we use it with the rsc_location
# element not the rule
if "resource-discovery" in options and options["resource-discovery"]:
utils.checkAndUpgradeCIB(2,2,0)
cib, constraints = getCurrentConstraints(utils.get_cib_dom())
lc = cib.createElement("rsc_location")
lc.setAttribute("resource-discovery", options.pop("resource-discovery"))
else:
cib, constraints = getCurrentConstraints(utils.get_cib_dom())
lc = cib.createElement("rsc_location")
constraints.appendChild(lc)
if options.get("constraint-id"):
id_valid, id_error = utils.validate_xml_id(
options["constraint-id"], 'constraint id'
)
if not id_valid:
utils.err(id_error)
if utils.does_id_exist(cib, options["constraint-id"]):
utils.err(
"id '%s' is already in use, please specify another one"
% options["constraint-id"]
)
lc.setAttribute("id", options["constraint-id"])
del options["constraint-id"]
else:
lc.setAttribute("id", utils.find_unique_id(cib, "location-" + res_name))
lc.setAttribute("rsc", res_name)
rule_utils.dom_rule_add(lc, options, rule_argv)
location_rule_check_duplicates(constraints, lc)
utils.replace_cib_configuration(cib)
def order_set(argv):
current_set = set_args_into_array(argv)
order_id = "pcs_rsc_order"
for a in argv:
if a.find('=') == -1:
order_id = order_id + "_" + a
cib, constraints = getCurrentConstraints(utils.get_cib_dom())
rsc_order = cib.createElement("rsc_order")
constraints.appendChild(rsc_order)
rsc_order.setAttribute("id", utils.find_unique_id(cib, order_id))
set_add_resource_sets(rsc_order, current_set, cib)
utils.replace_cib_configuration(cib)
def order_set(argv):
current_set = set_args_into_array(argv)
order_id = "pcs_rsc_order"
for a in argv:
if a.find('=') == -1:
order_id = order_id + "_" + a
cib, constraints = getCurrentConstraints(utils.get_cib_dom())
rsc_order = cib.createElement("rsc_order")
constraints.appendChild(rsc_order)
rsc_order.setAttribute("id", utils.find_unique_id(cib, order_id))
set_add_resource_sets(rsc_order, current_set, cib)
utils.replace_cib_configuration(cib)
def set_add_resource_sets(elem, sets, cib):
allowed_options = {
"sequential": ("true", "false"),
"require-all": ("true", "false"),
"action" : OPTIONS_ACTION,
"role" : OPTIONS_ROLE,
}
for o_set in sets:
set_id = "pcs_rsc_set"
res_set = cib.createElement("resource_set")
elem.appendChild(res_set)
for opts in o_set:
if opts.find("=") != -1:
key,val = opts.split("=")
if key not in allowed_options:
utils.err(
"invalid option '%s', allowed options are: %s"
% (key, ", ".join(allowed_options.keys()))
)
if val not in allowed_options[key]:
utils.err(
"invalid value '%s' of option '%s', allowed values are: %s"
% (val, key, ", ".join(allowed_options[key]))
)
res_set.setAttribute(key, val)
else:
res_valid, res_error, correct_id \
= utils.validate_constraint_resource(cib, opts)
if "--autocorrect" in utils.pcs_options and correct_id:
opts = correct_id
elif not res_valid:
utils.err(res_error)
se = cib.createElement("resource_ref")
res_set.appendChild(se)
se.setAttribute("id", opts)
set_id = set_id + "_" + opts
res_set.setAttribute("id", utils.find_unique_id(cib, set_id))
if "--force" not in utils.pcs_options:
duplicates = set_constraint_find_duplicates(cib, elem)
if duplicates:
utils.err(
"duplicate constraint already exists, use --force to override\n"
+ "\n".join([
" " + set_constraint_el_to_string(dup, True)
for dup in duplicates
])
)
def resource_operation_add(res_id, argv):
if len(argv) < 1:
usage.resource()
sys.exit(1)
op_name = argv.pop(0)
dom = utils.get_cib_dom()
resource_found = False
for resource in dom.getElementsByTagName("primitive"):
if resource.getAttribute("id") == res_id:
resource_found = True
break
if not resource_found:
print "Unable to find resource: %s" % res_id
sys.exit(1)
op_properties = convert_args_to_tuples(argv)
op_properties.sort(key=lambda a:a[0])
op_properties.insert(0,('name', op_name))
found_match = False
op = dom.createElement("op")
op_id = res_id + "-"
for prop in op_properties:
op.setAttribute(prop[0], prop[1])
op_id += prop[0] + "-" + prop[1] + "-"
op_id = op_id[:-1]
op_id = utils.find_unique_id(dom, op_id)
op.setAttribute("id", op_id)
operations = resource.getElementsByTagName("operations")
if len(operations) == 0:
operations = dom.createElement("operations")
resource.appendChild(operations)
else:
operations = operations[0]
if utils.operation_exists(operations,op):
print "Error: identical operation already exists for %s" % res_id
sys.exit(1)
operations.appendChild(op)
utils.replace_cib_configuration(dom)
def location_rule(argv):
if len(argv) < 3:
usage.constraint("location rule")
sys.exit(1)
res_name = argv.pop(0)
argv.pop(0)
cib = utils.get_cib_etree()
constraints = cib.find(".//constraints")
lc = ET.SubElement(constraints, "rsc_location")
lc_id = utils.find_unique_id(cib, "location-" + res_name)
lc.set("id", lc_id)
lc.set("rsc", res_name)
utils.rule_add(lc, argv)
utils.replace_cib_configuration(cib)
def location_rule(argv):
if len(argv) < 3:
usage.constraint("location rule")
sys.exit(1)
res_name = argv.pop(0)
argv.pop(0)
cib = utils.get_cib_etree()
constraints = cib.find(".//constraints")
lc = ET.SubElement(constraints,"rsc_location")
lc_id = utils.find_unique_id(cib, "location-" + res_name)
lc.set("id", lc_id)
lc.set("rsc", res_name)
utils.rule_add(lc, argv)
utils.replace_cib_configuration(cib)
def set_add_resource_sets(elem, sets, cib):
allowed_options = {
"sequential": ("true", "false"),
"require-all": ("true", "false"),
"action": OPTIONS_ACTION,
"role": OPTIONS_ROLE,
}
for o_set in sets:
set_id = "pcs_rsc_set"
res_set = cib.createElement("resource_set")
elem.appendChild(res_set)
for opts in o_set:
if opts.find("=") != -1:
key, val = opts.split("=")
if key not in allowed_options:
utils.err("invalid option '%s', allowed options are: %s" %
(key, ", ".join(allowed_options.keys())))
if val not in allowed_options[key]:
utils.err(
"invalid value '%s' of option '%s', allowed values are: %s"
% (val, key, ", ".join(allowed_options[key])))
res_set.setAttribute(key, val)
else:
res_valid, res_error, correct_id \
= utils.validate_constraint_resource(cib, opts)
if "--autocorrect" in utils.pcs_options and correct_id:
opts = correct_id
elif not res_valid:
utils.err(res_error)
se = cib.createElement("resource_ref")
res_set.appendChild(se)
se.setAttribute("id", opts)
set_id = set_id + "_" + opts
res_set.setAttribute("id", utils.find_unique_id(cib, set_id))
if "--force" not in utils.pcs_options:
duplicates = set_constraint_find_duplicates(cib, elem)
if duplicates:
utils.err(
"duplicate constraint already exists, use --force to override\n"
+ "\n".join([
" " + set_constraint_el_to_string(dup, True)
for dup in duplicates
]))
def location_rule(argv):
if len(argv) < 3:
usage.constraint("location rule")
sys.exit(1)
res_name = argv.pop(0)
(dom, constraintsElement) = getCurrentConstraints()
lc = dom.createElement("rsc_location")
lc_id = utils.find_unique_id(dom, "location-" + res_name)
lc.setAttribute("id", lc_id)
lc.setAttribute("rsc", res_name)
rule = utils.getRule(dom, lc, argv)
lc.appendChild(rule)
constraintsElement.appendChild(lc)
utils.replace_cib_configuration(dom)
def location_rule(argv):
if len(argv) < 3:
usage.constraint("location rule")
sys.exit(1)
res_name = argv.pop(0)
(dom, constraintsElement) = getCurrentConstraints()
lc = dom.createElement("rsc_location")
lc_id = utils.find_unique_id(dom, "location-" + res_name)
lc.setAttribute("id", lc_id)
lc.setAttribute("rsc", res_name)
rule = utils.getRule(dom, lc, argv)
lc.appendChild(rule)
constraintsElement.appendChild(lc)
utils.replace_cib_configuration(dom)
def colocation_set(argv):
setoptions = []
for i in range(len(argv)):
if argv[i] == "setoptions":
setoptions = argv[i+1:]
argv[i:] = []
break
current_set = set_args_into_array(argv)
colocation_id = "pcs_rsc_colocation"
for a in argv:
if a.find('=') == -1:
colocation_id = colocation_id + "_" + a
cib = utils.get_cib_etree()
constraints = cib.find(".//constraints")
if constraints == None:
constraints = ET.SubElement(cib, "constraints")
rsc_colocation = ET.SubElement(constraints,"rsc_colocation")
rsc_colocation.set("id", utils.find_unique_id(cib,colocation_id))
rsc_colocation.set("score","INFINITY")
score_options = ("score", "score-attribute", "score-attribute-mangle")
score_specified = False
for opt in setoptions:
if opt.find("=") != -1:
name,value = opt.split("=")
if name not in score_options:
utils.err(
"invalid option '%s', allowed options are: %s"
% (name, ", ".join(score_options))
)
if score_specified:
utils.err("you cannot specify multiple score options")
score_specified = True
if name == "score" and not utils.is_score(value):
utils.err(
"invalid score '%s', use integer or INFINITY or -INFINITY"
% value
)
rsc_colocation.set(name,value)
set_add_resource_sets(rsc_colocation, current_set, cib)
utils.replace_cib_configuration(cib)
def colocation_set(argv):
setoptions = []
for i in range(len(argv)):
if argv[i] == "setoptions":
setoptions = argv[i + 1:]
argv[i:] = []
break
current_set = set_args_into_array(argv)
cib = utils.get_cib_etree()
constraints = cib.find(".//constraints")
if constraints == None:
constraints = ET.SubElement(cib, "constraints")
rsc_colocation = ET.SubElement(constraints, "rsc_colocation")
rsc_colocation.set("id", utils.find_unique_id(cib, "pcs_rsc_colocation"))
for opt in setoptions:
if opt.find("=") != -1:
name, value = opt.split("=")
rsc_colocation.set(name, value)
set_add_resource_sets(rsc_colocation, current_set, cib)
utils.replace_cib_configuration(cib)
def add_permissions_to_role(role_element, argv):
dom = role_element.ownerDocument
role_id = role_element.getAttribute("id")
while argv:
if len(argv) < 3:
return False
rwd = argv.pop(0).lower()
if not rwd in ["read", "write", "deny"]:
return False
se = dom.createElement("acl_permission")
se.setAttribute("id", utils.find_unique_id(dom, role_id + "-" + rwd))
se.setAttribute("kind", rwd)
xp_id = argv.pop(0).lower()
if xp_id == "xpath":
xpath_query = argv.pop(0)
se.setAttribute("xpath", xpath_query)
elif xp_id == "id":
acl_ref = argv.pop(0)
se.setAttribute("reference", acl_ref)
else:
return False
role_element.appendChild(se)
return True
def add_permissions_to_role(role_element, argv):
dom = role_element.ownerDocument
role_id = role_element.getAttribute("id")
while argv:
if len(argv) < 3:
return False
rwd = argv.pop(0).lower()
if not rwd in ["read", "write", "deny"]:
return False
se = dom.createElement("acl_permission")
se.setAttribute("id", utils.find_unique_id(dom, role_id + "-" + rwd))
se.setAttribute("kind", rwd)
xp_id = argv.pop(0).lower()
if xp_id == "xpath":
xpath_query = argv.pop(0)
se.setAttribute("xpath", xpath_query)
elif xp_id == "id":
acl_ref = argv.pop(0)
se.setAttribute("reference", acl_ref)
else:
return False
role_element.appendChild(se)
return True
def set_add_resource_sets(elem, sets, cib):
allowed_options = {
"sequential": ("true", "false"),
"require-all": ("true", "false"),
"action" : ("start", "promote", "demote", "stop"),
"role" : ("Stopped", "Started", "Master", "Slave"),
}
for o_set in sets:
set_id = "pcs_rsc_set"
res_set = cib.createElement("resource_set")
elem.appendChild(res_set)
for opts in o_set:
if opts.find("=") != -1:
key,val = opts.split("=")
if key not in allowed_options:
utils.err(
"invalid option '%s', allowed options are: %s"
% (key, ", ".join(allowed_options.keys()))
)
if val not in allowed_options[key]:
utils.err(
"invalid value '%s' of option '%s', allowed values are: %s"
% (val, key, ", ".join(allowed_options[key]))
)
res_set.setAttribute(key, val)
else:
res_valid, res_error = utils.validate_constraint_resource(
cib, opts
)
if not res_valid:
utils.err(res_error)
se = cib.createElement("resource_ref")
res_set.appendChild(se)
se.setAttribute("id", opts)
set_id = set_id + "_" + opts
res_set.setAttribute("id", utils.find_unique_id(cib, set_id))
def location_rule(argv):
if len(argv) < 3:
usage.constraint("location rule")
sys.exit(1)
res_name = argv.pop(0)
resource_valid, resource_error = utils.validate_constraint_resource(
utils.get_cib_dom(), res_name)
if not resource_valid:
utils.err(resource_error)
argv.pop(0)
cib = utils.get_cib_dom()
constraints = cib.getElementsByTagName("constraints")[0]
lc = cib.createElement("rsc_location")
constraints.appendChild(lc)
lc_id = utils.find_unique_id(cib, "location-" + res_name)
lc.setAttribute("id", lc_id)
lc.setAttribute("rsc", res_name)
rule_utils.dom_rule_add(lc, argv)
utils.replace_cib_configuration(cib)
def colocation_add(argv):
if len(argv) < 2:
usage.constraint()
sys.exit(1)
role1 = ""
role2 = ""
if len(argv) > 2:
if not utils.is_score_or_opt(argv[2]):
if argv[2] == "with":
role1 = argv.pop(0).lower().capitalize()
resource1 = argv.pop(0)
else:
resource1 = argv.pop(0)
argv.pop(0) # Pop 'with'
if len(argv) == 1:
resource2 = argv.pop(0)
else:
if utils.is_score_or_opt(argv[1]):
resource2 = argv.pop(0)
else:
role2 = argv.pop(0).lower().capitalize()
resource2 = argv.pop(0)
else:
resource1 = argv.pop(0)
resource2 = argv.pop(0)
else:
resource1 = argv.pop(0)
resource2 = argv.pop(0)
if not utils.is_valid_constraint_resource(resource1):
utils.err("Resource '" + resource1 + "' does not exist")
if not utils.is_valid_constraint_resource(resource2):
utils.err("Resource '" + resource2 + "' does not exist")
score, nv_pairs = parse_score_options(argv)
(dom, constraintsElement) = getCurrentConstraints()
cl_id = utils.find_unique_id(
dom, "colocation-" + resource1 + "-" + resource2 + "-" + score)
# If one role is specified, the other should default to "started"
if role1 != "" and role2 == "":
role2 = "Started"
if role2 != "" and role1 == "":
role1 = "Started"
element = dom.createElement("rsc_colocation")
element.setAttribute("id", cl_id)
element.setAttribute("rsc", resource1)
element.setAttribute("with-rsc", resource2)
element.setAttribute("score", score)
if role1 != "":
element.setAttribute("rsc-role", role1)
if role2 != "":
element.setAttribute("with-rsc-role", role2)
for nv_pair in nv_pairs:
element.setAttribute(nv_pair[0], nv_pair[1])
constraintsElement.appendChild(element)
xml_constraint_string = constraintsElement.toxml()
args = ["cibadmin", "-c", "-R", "--xml-text", xml_constraint_string]
output, retval = utils.run(args)
if output != "":
print output
def order_add(argv,returnElementOnly=False):
if len(argv) < 2:
usage.constraint()
sys.exit(1)
resource1 = argv.pop(0)
resource2 = argv.pop(0)
cib_dom = utils.get_cib_dom()
resource_valid, resource_error, correct_id \
= utils.validate_constraint_resource(cib_dom, resource1)
if "--autocorrect" in utils.pcs_options and correct_id:
resource1 = correct_id
elif not resource_valid:
utils.err(resource_error)
resource_valid, resource_error, correct_id \
= utils.validate_constraint_resource(cib_dom, resource2)
if "--autocorrect" in utils.pcs_options and correct_id:
resource2 = correct_id
elif not resource_valid:
utils.err(resource_error)
order_options = []
id_specified = False
sym = None
for arg in argv:
if arg == "symmetrical":
sym = "true"
elif arg == "nonsymmetrical":
sym = "false"
elif "=" in arg:
name, value = arg.split("=", 1)
if name == "id":
id_valid, id_error = utils.validate_xml_id(value, 'constraint id')
if not id_valid:
utils.err(id_error)
if utils.does_id_exist(cib_dom, value):
utils.err(
"id '%s' is already in use, please specify another one"
% value
)
id_specified = True
order_options.append((name, value))
elif name == "symmetrical":
if value.lower() in OPTIONS_SYMMETRICAL:
sym = value.lower()
else:
utils.err(
"invalid symmetrical value '%s', allowed values are: %s"
% (value, ", ".join(OPTIONS_SYMMETRICAL))
)
else:
order_options.append((name, value))
if sym:
order_options.append(("symmetrical", sym))
options = ""
if order_options:
options = " (Options: %s)" % " ".join([
"%s=%s" % (name, value)
for name, value in order_options
if name not in ("kind", "score")
])
scorekind = "kind: Mandatory"
id_suffix = "mandatory"
for opt in order_options:
if opt[0] == "score":
scorekind = "score: " + opt[1]
id_suffix = opt[1]
break
if opt[0] == "kind":
scorekind = "kind: " + opt[1]
id_suffix = opt[1]
break
if not id_specified:
order_id = "order-" + resource1 + "-" + resource2 + "-" + id_suffix
order_id = utils.find_unique_id(cib_dom, order_id)
order_options.append(("id", order_id))
(dom,constraintsElement) = getCurrentConstraints()
element = dom.createElement("rsc_order")
element.setAttribute("first",resource1)
element.setAttribute("then",resource2)
for order_opt in order_options:
element.setAttribute(order_opt[0], order_opt[1])
constraintsElement.appendChild(element)
if "--force" not in utils.pcs_options:
duplicates = order_find_duplicates(constraintsElement, element)
if duplicates:
utils.err(
"duplicate constraint already exists, use --force to override\n"
+ "\n".join([
" " + order_el_to_string(dup, True) for dup in duplicates
])
)
print(
"Adding " + resource1 + " " + resource2 + " ("+scorekind+")" + options
)
if returnElementOnly == False:
utils.replace_cib_configuration(dom)
else:
return element.toxml()
def order_set(argv):
setoptions = []
for i in range(len(argv)):
if argv[i] == "setoptions":
setoptions = argv[i+1:]
argv[i:] = []
break
argv.insert(0, "set")
resource_sets = set_args_into_array(argv)
if not check_empty_resource_sets(resource_sets):
usage.constraint(["order set"])
sys.exit(1)
cib, constraints = getCurrentConstraints(utils.get_cib_dom())
attributes = []
id_specified = False
for opt in setoptions:
if "=" not in opt:
utils.err("missing value of '%s' option" % opt)
name, value = opt.split("=", 1)
if name == "id":
id_valid, id_error = utils.validate_xml_id(value, 'constraint id')
if not id_valid:
utils.err(id_error)
if utils.does_id_exist(cib, value):
utils.err(
"id '%s' is already in use, please specify another one"
% value
)
id_specified = True
attributes.append((name, value))
elif name == "kind":
normalized_value = value.lower().capitalize()
if normalized_value not in OPTIONS_KIND:
utils.err(
"invalid kind value '%s', allowed values are: %s"
% (value, ", ".join(OPTIONS_KIND))
)
attributes.append((name, normalized_value))
elif name == "symmetrical":
if value.lower() not in OPTIONS_SYMMETRICAL:
utils.err(
"invalid symmetrical value '%s', allowed values are: %s"
% (value, ", ".join(OPTIONS_SYMMETRICAL))
)
attributes.append((name, value.lower()))
else:
utils.err(
"invalid option '%s', allowed options are: %s"
% (name, "kind, symmetrical, id")
)
if not id_specified:
order_id = "pcs_rsc_order"
for a in argv:
if "=" not in a:
order_id += "_" + a
attributes.append(("id", utils.find_unique_id(cib, order_id)))
rsc_order = cib.createElement("rsc_order")
for name, value in attributes:
rsc_order.setAttribute(name, value)
set_add_resource_sets(rsc_order, resource_sets, cib)
constraints.appendChild(rsc_order)
utils.replace_cib_configuration(cib)
def add_element(self, parent, tag_name, element_id):
dom = parent.ownerDocument
child = parent.appendChild(dom.createElement(tag_name))
child.setAttribute("id", utils.find_unique_id(dom, element_id))
return child
def constraint_rule(argv):
if len(argv) < 2:
usage.constraint("rule")
sys.exit(1)
found = False
command = argv.pop(0)
constraint_id = None
rule_id = None
cib = utils.get_cib_etree()
if command == "add":
constraint_id = argv.pop(0)
constraint = None
rule_type = "expression"
if len(argv) != 0:
if argv[1].find('=') == -1:
rule_type = argv[1]
if rule_type != "expression" and rule_type != "date_expression":
utils.err("rule_type must either be expression or date_expression")
for a in cib.findall(".//configuration//"):
if a.get("id") == constraint_id and a.tag == "rsc_location":
found = True
constraint = a
if not found:
utils.err("Unable to find constraint: " + constraint_id)
rule = ET.SubElement(constraint, "rule")
expression = ET.SubElement(rule, rule_type)
args = resource.convert_args_to_tuples(argv)
dict_args = dict()
for k, v in args:
dict_args[k] = v
if rule_type == "expression":
if "operation" not in dict_args or "attribute" not in dict_args:
utils.err(
"with rule_type: expression you must specify an attribute and operation"
)
elif rule_type == "date_expression":
if "operation" not in dict_args or ("start" not in dict_args
and "stop" not in dict_args):
utils.err(
"with rule_type: date_expression you must specify an operation and a start/end"
)
for arg in args:
if arg[0] == "id" or arg[0] == "score":
rule.set(arg[0], arg[1])
else:
expression.set(arg[0], arg[1])
if rule.get("score") == None and rule.get("score-attribute") == None:
rule.set("score", "INFINITY")
dom = utils.get_cib_dom()
if rule.get("id") == None:
rule.set("id",
utils.find_unique_id(dom,
constraint.get("id") + "-rule"))
if expression.get("id") == None:
expression.set("id",
utils.find_unique_id(dom,
rule.get("id") + "-expr"))
if "score" in constraint.attrib:
del constraint.attrib["score"]
if "node" in constraint.attrib:
del constraint.attrib["node"]
utils.replace_cib_configuration(cib)
elif command == "rm":
temp_id = argv.pop(0)
constraints = cib.find('.//constraints')
loc_cons = cib.findall('.//rsc_location')
rules = cib.findall('.//rule')
for loc_con in loc_cons:
for rule in loc_con:
if rule.get("id") == temp_id:
if len(loc_con) > 1:
print "Removing Rule:", rule.get("id")
loc_con.remove(rule)
found = True
break
else:
print "Removing Constraint:", loc_con.get("id")
constraints.remove(loc_con)
found = True
break
if found == True:
break
if found:
utils.replace_cib_configuration(cib)
else:
utils.err("unable to find rule with id: %s" % temp_id)
else:
usage.constraint("rule")
sys.exit(1)
def colocation_set(argv):
setoptions = []
for i in range(len(argv)):
if argv[i] == "setoptions":
setoptions = argv[i + 1:]
argv[i:] = []
break
argv.insert(0, "set")
resource_sets = set_args_into_array(argv)
if not check_empty_resource_sets(resource_sets):
usage.constraint(["colocation set"])
sys.exit(1)
cib, constraints = getCurrentConstraints(utils.get_cib_dom())
attributes = []
score_options = ("score", "score-attribute", "score-attribute-mangle")
score_specified = False
id_specified = False
for opt in setoptions:
if "=" not in opt:
utils.err("missing value of '%s' option" % opt)
name, value = opt.split("=", 1)
if name == "id":
id_valid, id_error = utils.validate_xml_id(value, 'constraint id')
if not id_valid:
utils.err(id_error)
if utils.does_id_exist(cib, value):
utils.err(
"id '%s' is already in use, please specify another one" %
value)
id_specified = True
attributes.append((name, value))
elif name in score_options:
if score_specified:
utils.err("you cannot specify multiple score options")
if name == "score" and not utils.is_score(value):
utils.err(
"invalid score '%s', use integer or INFINITY or -INFINITY"
% value)
score_specified = True
attributes.append((name, value))
else:
utils.err("invalid option '%s', allowed options are: %s" %
(name, ", ".join(score_options + ("id", ))))
if not score_specified:
attributes.append(("score", "INFINITY"))
if not id_specified:
colocation_id = "pcs_rsc_colocation"
for a in argv:
if "=" not in a:
colocation_id += "_" + a
attributes.append(("id", utils.find_unique_id(cib, colocation_id)))
rsc_colocation = cib.createElement("rsc_colocation")
for name, value in attributes:
rsc_colocation.setAttribute(name, value)
set_add_resource_sets(rsc_colocation, resource_sets, cib)
constraints.appendChild(rsc_colocation)
utils.replace_cib_configuration(cib)
def colocation_add(argv):
if len(argv) < 2:
usage.constraint()
sys.exit(1)
role1 = ""
role2 = ""
if len(argv) > 2:
if not utils.is_score_or_opt(argv[2]):
if argv[2] == "with":
role1 = argv.pop(0).lower().capitalize()
resource1 = argv.pop(0)
else:
resource1 = argv.pop(0)
argv.pop(0) # Pop 'with'
if len(argv) == 1:
resource2 = argv.pop(0)
else:
if utils.is_score_or_opt(argv[1]):
resource2 = argv.pop(0)
else:
role2 = argv.pop(0).lower().capitalize()
resource2 = argv.pop(0)
else:
resource1 = argv.pop(0)
resource2 = argv.pop(0)
else:
resource1 = argv.pop(0)
resource2 = argv.pop(0)
if not utils.is_valid_constraint_resource(resource1):
utils.err("Resource '" + resource1 + "' does not exist")
if not utils.is_valid_constraint_resource(resource2):
utils.err("Resource '" + resource2 + "' does not exist")
if utils.is_resource_masterslave(resource1):
utils.err(resource1 + " is a master/slave resource, you must use the master id: "+utils.get_resource_master_id(resource1)+ " when adding constraints")
if utils.is_resource_masterslave(resource2):
utils.err(resource2 + " is a master/slave resource, you must use the master id: "+utils.get_resource_master_id(resource2)+ " when adding constraints")
score,nv_pairs = parse_score_options(argv)
(dom,constraintsElement) = getCurrentConstraints()
cl_id = utils.find_unique_id(dom, "colocation-" + resource1 + "-" +
resource2 + "-" + score)
# If one role is specified, the other should default to "started"
if role1 != "" and role2 == "":
role2 = "Started"
if role2 != "" and role1 == "":
role1 = "Started"
element = dom.createElement("rsc_colocation")
element.setAttribute("id",cl_id)
element.setAttribute("rsc",resource1)
element.setAttribute("with-rsc",resource2)
element.setAttribute("score",score)
if role1 != "":
element.setAttribute("rsc-role", role1)
if role2 != "":
element.setAttribute("with-rsc-role", role2)
for nv_pair in nv_pairs:
element.setAttribute(nv_pair[0], nv_pair[1])
constraintsElement.appendChild(element)
utils.replace_cib_configuration(dom)
def constraint_rule(argv):
if len(argv) < 2:
usage.constraint("rule")
sys.exit(1)
found = False
command = argv.pop(0)
constraint_id = None
rule_id = None
cib = utils.get_cib_etree()
if command == "add":
constraint_id = argv.pop(0)
constraint = None
rule_type = "expression"
if len(argv) != 0:
if argv[1].find('=') == -1:
rule_type = argv[1]
if rule_type != "expression" and rule_type != "date_expression":
utils.err("rule_type must either be expression or date_expression")
for a in cib.findall(".//configuration//"):
if a.get("id") == constraint_id and a.tag == "rsc_location":
found = True
constraint = a
if not found:
utils.err("Unable to find constraint: " + constraint_id)
rule = ET.SubElement(constraint,"rule")
expression = ET.SubElement(rule,rule_type)
args = resource.convert_args_to_tuples(argv)
dict_args = dict()
for k,v in args:
dict_args[k] = v
if rule_type == "expression":
if "operation" not in dict_args or "attribute" not in dict_args:
utils.err("with rule_type: expression you must specify an attribute and operation")
elif rule_type == "date_expression":
if "operation" not in dict_args or ("start" not in dict_args and "stop" not in dict_args):
utils.err("with rule_type: date_expression you must specify an operation and a start/end")
for arg in args:
if arg[0] == "id" or arg[0] == "score":
rule.set(arg[0], arg[1])
else:
expression.set(arg[0],arg[1])
if rule.get("score") == None and rule.get("score-attribute") == None:
rule.set("score", "INFINITY")
dom = utils.get_cib_dom()
if rule.get("id") == None:
rule.set("id", utils.find_unique_id(dom,constraint.get("id") + "-rule"))
if expression.get("id") == None:
expression.set("id", utils.find_unique_id(dom,rule.get("id") + "-expr"))
if "score" in constraint.attrib:
del constraint.attrib["score"]
if "node" in constraint.attrib:
del constraint.attrib["node"]
utils.replace_cib_configuration(cib)
elif command == "rm":
temp_id = argv.pop(0)
constraints = cib.find('.//constraints')
loc_cons = cib.findall('.//rsc_location')
rules = cib.findall('.//rule')
for loc_con in loc_cons:
for rule in loc_con:
if rule.get("id") == temp_id:
if len(loc_con) > 1:
print "Removing Rule:",rule.get("id")
loc_con.remove(rule)
found = True
break
else:
print "Removing Constraint:",loc_con.get("id")
constraints.remove(loc_con)
found = True
break
if found == True:
break
if found:
utils.replace_cib_configuration(cib)
else:
utils.err("unable to find rule with id: %s" % temp_id)
else:
usage.constraint("rule")
sys.exit(1)
def acl_permission(argv):
if len(argv) < 1:
usage.acl("permission")
sys.exit(1)
dom = utils.get_cib_dom()
dom, acls = get_acls(dom)
command = argv.pop(0)
if command == "add":
if len(argv) < 4:
usage.acl("permission add")
sys.exit(1)
role_id = argv.pop(0)
found = False
for role in dom.getElementsByTagName("acl_role"):
if role.getAttribute("id") == role_id:
found = True
break
if found == False:
acl_role(["create", role_id] + argv)
return
while len(argv) >= 3:
kind = argv.pop(0)
se = dom.createElement("acl_permission")
se.setAttribute("id",
utils.find_unique_id(dom, role_id + "-" + kind))
se.setAttribute("kind", kind)
xp_id = argv.pop(0)
if xp_id == "xpath":
xpath_query = argv.pop(0)
se.setAttribute("xpath", xpath_query)
elif xp_id == "id":
acl_ref = argv.pop(0)
se.setAttribute("reference", acl_ref)
else:
usage.acl("permission add")
role.appendChild(se)
utils.replace_cib_configuration(dom)
elif command == "delete":
if len(argv) < 1:
usage.acl("permission delete")
sys.exit(1)
perm_id = argv.pop(0)
found = False
for elem in dom.getElementsByTagName("acl_permission"):
if elem.getAttribute("id") == perm_id:
elem.parentNode.removeChild(elem)
found = True
if not found:
utils.err("Unable to find permission with id: %s" % perm_id)
utils.replace_cib_configuration(dom)
else:
usage.acl("permission")
sys.exit(1)
def colocation_add(argv):
if len(argv) < 2:
usage.constraint()
sys.exit(1)
role1 = ""
role2 = ""
if len(argv) > 2:
if not utils.is_score_or_opt(argv[2]):
if argv[2] == "with":
role1 = argv.pop(0).lower().capitalize()
resource1 = argv.pop(0)
else:
resource1 = argv.pop(0)
argv.pop(0) # Pop 'with'
if len(argv) == 1:
resource2 = argv.pop(0)
else:
if utils.is_score_or_opt(argv[1]):
resource2 = argv.pop(0)
else:
role2 = argv.pop(0).lower().capitalize()
resource2 = argv.pop(0)
else:
resource1 = argv.pop(0)
resource2 = argv.pop(0)
else:
resource1 = argv.pop(0)
resource2 = argv.pop(0)
if not utils.is_valid_constraint_resource(resource1):
utils.err("Resource '" + resource1 + "' does not exist")
if not utils.is_valid_constraint_resource(resource2):
utils.err("Resource '" + resource2 + "' does not exist")
score,nv_pairs = parse_score_options(argv)
(dom,constraintsElement) = getCurrentConstraints()
cl_id = utils.find_unique_id(dom, "colocation-" + resource1 + "-" +
resource2 + "-" + score)
# If one role is specified, the other should default to "started"
if role1 != "" and role2 == "":
role2 = "Started"
if role2 != "" and role1 == "":
role1 = "Started"
element = dom.createElement("rsc_colocation")
element.setAttribute("id",cl_id)
element.setAttribute("rsc",resource1)
element.setAttribute("with-rsc",resource2)
element.setAttribute("score",score)
if role1 != "":
element.setAttribute("rsc-role", role1)
if role2 != "":
element.setAttribute("with-rsc-role", role2)
for nv_pair in nv_pairs:
element.setAttribute(nv_pair[0], nv_pair[1])
constraintsElement.appendChild(element)
xml_constraint_string = constraintsElement.toxml()
args = ["cibadmin", "-c", "-R", "--xml-text", xml_constraint_string]
output,retval = utils.run(args)
if output != "":
print output
def colocation_add(argv):
if len(argv) < 2:
usage.constraint()
sys.exit(1)
role1 = ""
role2 = ""
if len(argv) > 2:
if not utils.is_score_or_opt(argv[2]):
if argv[2] == "with":
role1 = argv.pop(0).lower().capitalize()
resource1 = argv.pop(0)
else:
resource1 = argv.pop(0)
argv.pop(0) # Pop 'with'
if len(argv) == 1:
resource2 = argv.pop(0)
else:
if utils.is_score_or_opt(argv[1]):
resource2 = argv.pop(0)
else:
role2 = argv.pop(0).lower().capitalize()
resource2 = argv.pop(0)
else:
resource1 = argv.pop(0)
resource2 = argv.pop(0)
else:
resource1 = argv.pop(0)
resource2 = argv.pop(0)
cib_dom = utils.get_cib_dom()
resource_valid, resource_error, correct_id \
= utils.validate_constraint_resource(cib_dom, resource1)
if "--autocorrect" in utils.pcs_options and correct_id:
resource1 = correct_id
elif not resource_valid:
utils.err(resource_error)
resource_valid, resource_error, correct_id \
= utils.validate_constraint_resource(cib_dom, resource2)
if "--autocorrect" in utils.pcs_options and correct_id:
resource2 = correct_id
elif not resource_valid:
utils.err(resource_error)
score,nv_pairs = parse_score_options(argv)
id_in_nvpairs = None
for name, value in nv_pairs:
if name == "id":
id_valid, id_error = utils.validate_xml_id(value, 'constraint id')
if not id_valid:
utils.err(id_error)
if utils.does_id_exist(cib_dom, value):
utils.err(
"id '%s' is already in use, please specify another one"
% value
)
id_in_nvpairs = True
if not id_in_nvpairs:
nv_pairs.append((
"id",
utils.find_unique_id(
cib_dom,
"colocation-%s-%s-%s" % (resource1, resource2, score)
)
))
(dom,constraintsElement) = getCurrentConstraints(cib_dom)
# If one role is specified, the other should default to "started"
if role1 != "" and role2 == "":
role2 = DEFAULT_ROLE
if role2 != "" and role1 == "":
role1 = DEFAULT_ROLE
element = dom.createElement("rsc_colocation")
element.setAttribute("rsc",resource1)
element.setAttribute("with-rsc",resource2)
element.setAttribute("score",score)
if role1 != "":
element.setAttribute("rsc-role", role1)
if role2 != "":
element.setAttribute("with-rsc-role", role2)
for nv_pair in nv_pairs:
element.setAttribute(nv_pair[0], nv_pair[1])
if "--force" not in utils.pcs_options:
duplicates = colocation_find_duplicates(constraintsElement, element)
if duplicates:
utils.err(
"duplicate constraint already exists, use --force to override\n"
+ "\n".join([
" " + colocation_el_to_string(dup, True)
for dup in duplicates
])
)
constraintsElement.appendChild(element)
utils.replace_cib_configuration(dom)
def colocation_set(argv):
setoptions = []
for i in range(len(argv)):
if argv[i] == "setoptions":
setoptions = argv[i+1:]
argv[i:] = []
break
argv.insert(0, "set")
resource_sets = set_args_into_array(argv)
if not check_empty_resource_sets(resource_sets):
usage.constraint(["colocation set"])
sys.exit(1)
cib, constraints = getCurrentConstraints(utils.get_cib_dom())
attributes = []
score_options = ("score", "score-attribute", "score-attribute-mangle")
score_specified = False
id_specified = False
for opt in setoptions:
if "=" not in opt:
utils.err("missing value of '%s' option" % opt)
name, value = opt.split("=", 1)
if name == "id":
id_valid, id_error = utils.validate_xml_id(value, 'constraint id')
if not id_valid:
utils.err(id_error)
if utils.does_id_exist(cib, value):
utils.err(
"id '%s' is already in use, please specify another one"
% value
)
id_specified = True
attributes.append((name, value))
elif name in score_options:
if score_specified:
utils.err("you cannot specify multiple score options")
if name == "score" and not utils.is_score(value):
utils.err(
"invalid score '%s', use integer or INFINITY or -INFINITY"
% value
)
score_specified = True
attributes.append((name, value))
else:
utils.err(
"invalid option '%s', allowed options are: %s"
% (name, ", ".join(score_options + ("id",)))
)
if not score_specified:
attributes.append(("score", "INFINITY"))
if not id_specified:
colocation_id = "pcs_rsc_colocation"
for a in argv:
if "=" not in a:
colocation_id += "_" + a
attributes.append(("id", utils.find_unique_id(cib, colocation_id)))
rsc_colocation = cib.createElement("rsc_colocation")
for name, value in attributes:
rsc_colocation.setAttribute(name, value)
set_add_resource_sets(rsc_colocation, resource_sets, cib)
constraints.appendChild(rsc_colocation)
utils.replace_cib_configuration(cib)
def acl_role(argv):
if len(argv) < 2:
usage.acl("role")
sys.exit(1)
dom = utils.get_cib_dom()
dom, acls = get_acls(dom)
command = argv.pop(0)
if command == "create":
role_name = argv.pop(0)
if len(argv) < 3:
usage.acl("role create")
sys.exit(1)
if argv[0].startswith('description=') and len(argv[0]) > 12:
description = argv.pop(0)[12:]
else:
description = ""
if utils.does_id_exist(dom, role_name):
utils.err(role_name + " already exists")
element = dom.createElement("acl_role")
element.setAttribute("id", role_name)
if description != "":
element.setAttribute("description", description)
acls.appendChild(element)
while (len(argv) > 2):
rwd = argv.pop(0)
if not rwd in ["read", "write", "deny"]:
usage.acl("role create")
sys.exit(1)
se = dom.createElement("acl_permission")
se.setAttribute("id",
utils.find_unique_id(dom, role_name + "-" + rwd))
se.setAttribute("kind", rwd)
xp_id = argv.pop(0)
if xp_id == "xpath":
xpath_query = argv.pop(0)
se.setAttribute("xpath", xpath_query)
elif xp_id == "id":
acl_ref = argv.pop(0)
se.setAttribute("reference", acl_ref)
else:
usage.acl("role create")
element.appendChild(se)
utils.replace_cib_configuration(dom)
elif command == "delete":
if len(argv) < 1:
usage.acl("acl role delete")
role_id = argv.pop(0)
found = False
for elem in dom.getElementsByTagName("acl_role"):
if elem.getAttribute("id") == role_id:
found = True
elem.parentNode.removeChild(elem)
break
if not found:
utils.err("unable to find acl role: %s" % role_id)
# Remove any references to this role in acl_target or acl_group
for elem in dom.getElementsByTagName("role"):
if elem.getAttribute("id") == role_id:
elem.parentNode.removeChild(elem)
utils.replace_cib_configuration(dom)
elif command == "assign":
if len(argv) < 2:
usage.acl("role assign")
sys.exit(1)
if len(argv) == 2:
role_id = argv[0]
ug_id = argv[1]
elif len(argv) > 2 and argv[1] == "to":
role_id = argv[0]
ug_id = argv[2]
else:
usage.acl("role assign")
sys.exit(1)
found = False
for role in dom.getElementsByTagName("acl_role"):
if role.getAttribute("id") == role_id:
found = True
break
if not found:
utils.err("cannot find role: %s" % role_id)
found = False
for ug in dom.getElementsByTagName(
"acl_target") + dom.getElementsByTagName("acl_group"):
if ug.getAttribute("id") == ug_id:
found = True
break
if not found:
utils.err("cannot find user or group: %s" % ug_id)
for current_role in ug.getElementsByTagName("role"):
if current_role.getAttribute("id") == role_id:
utils.err(role_id + " is already assigned to " + ug_id)
new_role = dom.createElement("role")
new_role.setAttribute("id", role_id)
ug.appendChild(new_role)
utils.replace_cib_configuration(dom)
elif command == "unassign":
if len(argv) < 2:
usage.acl("role unassign")
sys.exit(1)
role_id = argv.pop(0)
if len(argv) > 1 and argv[0] == "from":
ug_id = argv[1]
else:
ug_id = argv[0]
found = False
for ug in dom.getElementsByTagName(
"acl_target") + dom.getElementsByTagName("acl_group"):
if ug.getAttribute("id") == ug_id:
found = True
break
if not found:
utils.err("cannot find user or group: %s" % ug_id)
found = False
for current_role in ug.getElementsByTagName("role"):
if current_role.getAttribute("id") == role_id:
found = True
current_role.parentNode.removeChild(current_role)
break
if not found:
utils.err("cannot find role: %s, assigned to user/group: %s" %
(role_id, ug_id))
utils.replace_cib_configuration(dom)
else:
utils.err("Unknown pcs acl role command: '" + command +
"' (try create or delete)")
def add_element(self, parent, tag_name, element_id):
dom = parent.ownerDocument
child = parent.appendChild(dom.createElement(tag_name))
child.setAttribute("id", utils.find_unique_id(dom, element_id))
return child
def acl_role(argv):
if len(argv) < 2:
usage.acl("role")
sys.exit(1)
dom = utils.get_cib_dom()
dom, acls = get_acls(dom)
command = argv.pop(0)
if command == "create":
role_name = argv.pop(0)
if len(argv) < 3:
usage.acl("role create")
sys.exit(1)
if argv[0].startswith('description=') and len(argv[0]) > 12:
description = argv.pop(0)[12:]
else:
description = ""
if utils.does_id_exist(dom,role_name):
utils.err(role_name + " already exists")
element = dom.createElement("acl_role")
element.setAttribute("id",role_name)
if description != "":
element.setAttribute("description", description)
acls.appendChild(element)
while (len(argv) > 2):
rwd = argv.pop(0)
if not rwd in ["read","write","deny"]:
usage.acl("role create")
sys.exit(1)
se = dom.createElement("acl_permission")
se.setAttribute("id", utils.find_unique_id(dom,role_name + "-" + rwd))
se.setAttribute("kind", rwd)
xp_id = argv.pop(0)
if xp_id == "xpath":
xpath_query = argv.pop(0)
se.setAttribute("xpath",xpath_query)
elif xp_id == "id":
acl_ref = argv.pop(0)
se.setAttribute("reference",acl_ref)
else:
usage.acl("role create")
element.appendChild(se)
utils.replace_cib_configuration(dom)
elif command == "delete":
if len(argv) < 1:
usage.acl("acl role delete")
role_id = argv.pop(0)
found = False
for elem in dom.getElementsByTagName("acl_role"):
if elem.getAttribute("id") == role_id:
found = True
elem.parentNode.removeChild(elem)
break
if not found:
utils.err("unable to find acl role: %s" % role_id)
# Remove any references to this role in acl_target or acl_group
for elem in dom.getElementsByTagName("role"):
if elem.getAttribute("id") == role_id:
elem.parentNode.removeChild(elem)
utils.replace_cib_configuration(dom)
elif command == "assign":
if len(argv) < 2:
usage.acl("role assign")
sys.exit(1)
if len(argv) == 2:
role_id = argv[0]
ug_id = argv[1]
elif len(argv) > 2 and argv[1] == "to":
role_id = argv[0]
ug_id = argv[2]
else:
usage.acl("role assign")
sys.exit(1)
found = False
for role in dom.getElementsByTagName("acl_role"):
if role.getAttribute("id") == role_id:
found = True
break
if not found:
utils.err("cannot find role: %s" % role_id)
found = False
for ug in dom.getElementsByTagName("acl_target") + dom.getElementsByTagName("acl_group"):
if ug.getAttribute("id") == ug_id:
found = True
break
if not found:
utils.err("cannot find user or group: %s" % ug_id)
for current_role in ug.getElementsByTagName("role"):
if current_role.getAttribute("id") == role_id:
utils.err(role_id + " is already assigned to " + ug_id)
new_role = dom.createElement("role")
new_role.setAttribute("id", role_id)
ug.appendChild(new_role)
utils.replace_cib_configuration(dom)
elif command == "unassign":
if len(argv) < 2:
usage.acl("role unassign")
sys.exit(1)
role_id = argv.pop(0)
if len(argv) > 1 and argv[0] == "from":
ug_id = argv[1]
else:
ug_id = argv[0]
found = False
for ug in dom.getElementsByTagName("acl_target") + dom.getElementsByTagName("acl_group"):
if ug.getAttribute("id") == ug_id:
found = True
break
if not found:
utils.err("cannot find user or group: %s" % ug_id)
found = False
for current_role in ug.getElementsByTagName("role"):
if current_role.getAttribute("id") == role_id:
found = True
current_role.parentNode.removeChild(current_role)
break
if not found:
utils.err("cannot find role: %s, assigned to user/group: %s" % (role_id, ug_id))
utils.replace_cib_configuration(dom)
else:
utils.err("Unknown pcs acl role command: '" + command + "' (try create or delete)")
def colocation_add(argv):
if len(argv) < 2:
usage.constraint()
sys.exit(1)
role1 = ""
role2 = ""
if len(argv) > 2:
if not utils.is_score_or_opt(argv[2]):
if argv[2] == "with":
role1 = argv.pop(0).lower().capitalize()
resource1 = argv.pop(0)
else:
resource1 = argv.pop(0)
argv.pop(0) # Pop 'with'
if len(argv) == 1:
resource2 = argv.pop(0)
else:
if utils.is_score_or_opt(argv[1]):
resource2 = argv.pop(0)
else:
role2 = argv.pop(0).lower().capitalize()
resource2 = argv.pop(0)
else:
resource1 = argv.pop(0)
resource2 = argv.pop(0)
else:
resource1 = argv.pop(0)
resource2 = argv.pop(0)
cib_dom = utils.get_cib_dom()
resource_valid, resource_error, correct_id \
= utils.validate_constraint_resource(cib_dom, resource1)
if "--autocorrect" in utils.pcs_options and correct_id:
resource1 = correct_id
elif not resource_valid:
utils.err(resource_error)
resource_valid, resource_error, correct_id \
= utils.validate_constraint_resource(cib_dom, resource2)
if "--autocorrect" in utils.pcs_options and correct_id:
resource2 = correct_id
elif not resource_valid:
utils.err(resource_error)
score, nv_pairs = parse_score_options(argv)
id_in_nvpairs = None
for name, value in nv_pairs:
if name == "id":
id_valid, id_error = utils.validate_xml_id(value, 'constraint id')
if not id_valid:
utils.err(id_error)
if utils.does_id_exist(cib_dom, value):
utils.err(
"id '%s' is already in use, please specify another one" %
value)
id_in_nvpairs = True
if not id_in_nvpairs:
nv_pairs.append(
("id",
utils.find_unique_id(
cib_dom,
"colocation-%s-%s-%s" % (resource1, resource2, score))))
(dom, constraintsElement) = getCurrentConstraints(cib_dom)
# If one role is specified, the other should default to "started"
if role1 != "" and role2 == "":
role2 = DEFAULT_ROLE
if role2 != "" and role1 == "":
role1 = DEFAULT_ROLE
element = dom.createElement("rsc_colocation")
element.setAttribute("rsc", resource1)
element.setAttribute("with-rsc", resource2)
element.setAttribute("score", score)
if role1 != "":
element.setAttribute("rsc-role", role1)
if role2 != "":
element.setAttribute("with-rsc-role", role2)
for nv_pair in nv_pairs:
element.setAttribute(nv_pair[0], nv_pair[1])
if "--force" not in utils.pcs_options:
duplicates = colocation_find_duplicates(constraintsElement, element)
if duplicates:
utils.err(
"duplicate constraint already exists, use --force to override\n"
+ "\n".join([
" " + colocation_el_to_string(dup, True)
for dup in duplicates
]))
constraintsElement.appendChild(element)
utils.replace_cib_configuration(dom)
def order_add(argv,returnElementOnly=False):
if len(argv) < 2:
usage.constraint()
sys.exit(1)
resource1 = argv.pop(0)
resource2 = argv.pop(0)
if not utils.is_valid_constraint_resource(resource1):
utils.err("Resource '" + resource1 + "' does not exist")
if not utils.is_valid_constraint_resource(resource2):
utils.err("Resource '" + resource2 + "' does not exist")
sym = "true" if (len(argv) == 0 or argv[0] != "nonsymmetrical") else "false"
order_options = []
if len(argv) != 0:
if argv[0] == "nonsymmetrical" or argv[0] == "symmetrical":
argv.pop(0)
for arg in argv:
if arg.count("=") == 1:
mysplit = arg.split("=")
order_options.append((mysplit[0],mysplit[1]))
if len(argv) != 0:
options = " (Options: " + " ".join(argv)+")"
else:
options = ""
scorekind = "kind: Mandatory"
id_suffix = "mandatory"
for opt in order_options:
if opt[0] == "score":
scorekind = "score: " + opt[1]
id_suffix = opt[1]
break
if opt[0] == "kind":
scorekind = "kind: " + opt[1]
id_suffix = opt[1]
break
print "Adding " + resource1 + " " + resource2 + " ("+scorekind+")" + options
order_id = "order-" + resource1 + "-" + resource2 + "-" + id_suffix
order_id = utils.find_unique_id(utils.get_cib_dom(), order_id)
(dom,constraintsElement) = getCurrentConstraints()
element = dom.createElement("rsc_order")
element.setAttribute("id",order_id)
element.setAttribute("first",resource1)
element.setAttribute("then",resource2)
for order_opt in order_options:
element.setAttribute(order_opt[0], order_opt[1])
if (sym == "false"):
element.setAttribute("symmetrical", "false")
constraintsElement.appendChild(element)
if returnElementOnly == False:
utils.replace_cib_configuration(dom)
else:
return element.toxml()
def order_add(argv, returnElementOnly=False):
if len(argv) < 2:
usage.constraint()
sys.exit(1)
resource1 = argv.pop(0)
resource2 = argv.pop(0)
cib_dom = utils.get_cib_dom()
resource_valid, resource_error, correct_id \
= utils.validate_constraint_resource(cib_dom, resource1)
if "--autocorrect" in utils.pcs_options and correct_id:
resource1 = correct_id
elif not resource_valid:
utils.err(resource_error)
resource_valid, resource_error, correct_id \
= utils.validate_constraint_resource(cib_dom, resource2)
if "--autocorrect" in utils.pcs_options and correct_id:
resource2 = correct_id
elif not resource_valid:
utils.err(resource_error)
order_options = []
id_specified = False
sym = None
for arg in argv:
if arg == "symmetrical":
sym = "true"
elif arg == "nonsymmetrical":
sym = "false"
elif "=" in arg:
name, value = arg.split("=", 1)
if name == "id":
id_valid, id_error = utils.validate_xml_id(
value, 'constraint id')
if not id_valid:
utils.err(id_error)
if utils.does_id_exist(cib_dom, value):
utils.err(
"id '%s' is already in use, please specify another one"
% value)
id_specified = True
order_options.append((name, value))
elif name == "symmetrical":
if value.lower() in OPTIONS_SYMMETRICAL:
sym = value.lower()
else:
utils.err(
"invalid symmetrical value '%s', allowed values are: %s"
% (value, ", ".join(OPTIONS_SYMMETRICAL)))
else:
order_options.append((name, value))
if sym:
order_options.append(("symmetrical", sym))
options = ""
if order_options:
options = " (Options: %s)" % " ".join([
"%s=%s" % (name, value)
for name, value in order_options if name not in ("kind", "score")
])
scorekind = "kind: Mandatory"
id_suffix = "mandatory"
for opt in order_options:
if opt[0] == "score":
scorekind = "score: " + opt[1]
id_suffix = opt[1]
break
if opt[0] == "kind":
scorekind = "kind: " + opt[1]
id_suffix = opt[1]
break
if not id_specified:
order_id = "order-" + resource1 + "-" + resource2 + "-" + id_suffix
order_id = utils.find_unique_id(cib_dom, order_id)
order_options.append(("id", order_id))
(dom, constraintsElement) = getCurrentConstraints()
element = dom.createElement("rsc_order")
element.setAttribute("first", resource1)
element.setAttribute("then", resource2)
for order_opt in order_options:
element.setAttribute(order_opt[0], order_opt[1])
constraintsElement.appendChild(element)
if "--force" not in utils.pcs_options:
duplicates = order_find_duplicates(constraintsElement, element)
if duplicates:
utils.err(
"duplicate constraint already exists, use --force to override\n"
+ "\n".join([
" " + order_el_to_string(dup, True) for dup in duplicates
]))
print("Adding " + resource1 + " " + resource2 + " (" + scorekind + ")" +
options)
if returnElementOnly == False:
utils.replace_cib_configuration(dom)
else:
return element.toxml()