summaryrefslogtreecommitdiffstats
path: root/src/pybind/mgr/cephadm/inventory.py
diff options
context:
space:
mode:
Diffstat (limited to 'src/pybind/mgr/cephadm/inventory.py')
-rw-r--r--src/pybind/mgr/cephadm/inventory.py62
1 files changed, 57 insertions, 5 deletions
diff --git a/src/pybind/mgr/cephadm/inventory.py b/src/pybind/mgr/cephadm/inventory.py
index 5a89b362809..550604fc55b 100644
--- a/src/pybind/mgr/cephadm/inventory.py
+++ b/src/pybind/mgr/cephadm/inventory.py
@@ -140,6 +140,15 @@ class Inventory:
return stored_name
return host
+ def get_fqdn(self, hname: str) -> Optional[str]:
+ if hname in self._inventory:
+ if hname in self._all_known_names:
+ all_names = self._all_known_names[hname] # [hostname, shortname, fqdn]
+ if all_names:
+ return all_names[2]
+ return hname # names info is not yet available!
+ return None
+
def update_known_hostnames(self, hostname: str, shortname: str, fqdn: str) -> None:
for hname in [hostname, shortname, fqdn]:
# if we know the host by any of the names, store the full set of names
@@ -178,11 +187,12 @@ class Inventory:
def add_label(self, host: str, label: str) -> None:
host = self._get_stored_name(host)
-
+ labels = label.split(',') if ',' in label else [label]
if 'labels' not in self._inventory[host]:
self._inventory[host]['labels'] = list()
- if label not in self._inventory[host]['labels']:
- self._inventory[host]['labels'].append(label)
+ for label in labels:
+ if label not in self._inventory[host]['labels']:
+ self._inventory[host]['labels'].append(label)
self.save()
def rm_label(self, host: str, label: str) -> None:
@@ -428,6 +438,7 @@ class SpecStore():
for key_attr in [
'server_key',
'client_key',
+ 'encryption_key',
]:
key = getattr(nvmeof_spec, key_attr, None)
if key:
@@ -480,6 +491,7 @@ class SpecStore():
self.mgr.cert_key_store.rm_cert('nvmeof_root_ca_cert', service_name=spec.service_name())
self.mgr.cert_key_store.rm_key('nvmeof_server_key', service_name=spec.service_name())
self.mgr.cert_key_store.rm_key('nvmeof_client_key', service_name=spec.service_name())
+ self.mgr.cert_key_store.rm_key('nvmeof_encryption_key', service_name=spec.service_name())
def get_created(self, spec: ServiceSpec) -> Optional[datetime.datetime]:
return self.spec_created.get(spec.service_name())
@@ -628,6 +640,9 @@ class TunedProfileStore():
logger.error(
f'Attempted to set setting "{setting}" for nonexistent os tuning profile "{profile}"')
+ def add_settings(self, profile: str, settings: dict) -> None:
+ self.process_settings(profile, settings, action='add')
+
def rm_setting(self, profile: str, setting: str) -> None:
if profile in self.profiles:
if setting in self.profiles[profile].settings:
@@ -641,6 +656,39 @@ class TunedProfileStore():
logger.error(
f'Attempted to remove setting "{setting}" from nonexistent os tuning profile "{profile}"')
+ def rm_settings(self, profile: str, settings: List[str]) -> None:
+ self.process_settings(profile, settings, action='remove')
+
+ def process_settings(self, profile: str, settings: Union[dict, list], action: str) -> None:
+ """
+ Process settings by either adding or removing them based on the action specified.
+ """
+ if profile not in self.profiles:
+ logger.error(f'Attempted to {action} settings for nonexistent os tuning profile "{profile}"')
+ return
+ profile_settings = self.profiles[profile].settings
+ if action == 'remove' and isinstance(settings, list):
+ invalid_settings = [s for s in settings if '=' in s or s not in profile_settings]
+ if invalid_settings:
+ raise OrchestratorError(
+ f"Invalid settings: {', '.join(invalid_settings)}. "
+ "Ensure settings are specified without '=' and exist in the profile. Correct format: key1,key2"
+ )
+ if action == 'add' and isinstance(settings, dict):
+ for setting, value in settings.items():
+ self.profiles[profile].settings[setting] = value
+ elif action == 'remove' and isinstance(settings, list):
+ for setting in settings:
+ self.profiles[profile].settings.pop(setting, '')
+ else:
+ logger.error(
+ f'Invalid action "{action}" for settings modification for tuned profile '
+ f'"{profile}". Valid actions are "add" and "remove"'
+ )
+ return
+ self.profiles[profile]._last_updated = datetime_to_str(datetime_now())
+ self.save()
+
def add_profile(self, spec: TunedProfileSpec) -> None:
spec._last_updated = datetime_to_str(datetime_now())
self.profiles[spec.profile_name] = spec
@@ -1923,6 +1971,7 @@ class CertKeyStore():
'ingress_ssl_key',
'nvmeof_server_key',
'nvmeof_client_key',
+ 'nvmeof_encryption_key',
]
known_certs: Dict[str, Any] = {}
@@ -1943,6 +1992,7 @@ class CertKeyStore():
'nvmeof_client_cert': {}, # service-name -> cert
'nvmeof_root_ca_cert': {}, # service-name -> cert
'mgmt_gw_cert': Cert(), # cert
+ 'oauth2_proxy_cert': Cert(), # cert
'cephadm_root_ca_cert': Cert(), # cert
'grafana_cert': {}, # host -> cert
}
@@ -1951,12 +2001,14 @@ class CertKeyStore():
# so there is no need to store a separate key
self.known_keys = {
'mgmt_gw_key': PrivKey(), # cert
+ 'oauth2_proxy_key': PrivKey(), # cert
'cephadm_root_ca_key': PrivKey(), # cert
'grafana_key': {}, # host -> key
'iscsi_ssl_key': {}, # service-name -> key
'ingress_ssl_key': {}, # service-name -> key
'nvmeof_server_key': {}, # service-name -> key
'nvmeof_client_key': {}, # service-name -> key
+ 'nvmeof_encryption_key': {}, # service-name -> key
}
def get_cert(self, entity: str, service_name: str = '', host: str = '') -> str:
@@ -1984,8 +2036,8 @@ class CertKeyStore():
var = service_name if entity in self.service_name_cert else host
j = {}
self.known_certs[entity][var] = cert_obj
- for service_name in self.known_certs[entity].keys():
- j[var] = Cert.to_json(self.known_certs[entity][var])
+ for cert_key in self.known_certs[entity]:
+ j[cert_key] = Cert.to_json(self.known_certs[entity][cert_key])
else:
self.known_certs[entity] = cert_obj
j = Cert.to_json(cert_obj)
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-18 11:10:07 +0100