Default to using the API for a add node procedure.
But, allow the user to manually fall back to the legacy SSH method.
Also fallback if the API detected an not up to date peer.
This could be removed in a later release.
Signed-off-by: Thomas Lamprecht <t.lampre...@proxmox.com>
---
data/PVE/CLI/pvecm.pm | 44 ++++++++++++++++++++++++++++++++++++++++++--
1 file changed, 42 insertions(+), 2 deletions(-)
diff --git a/data/PVE/CLI/pvecm.pm b/data/PVE/CLI/pvecm.pm
index e76a822..b7cc70b 100755
--- a/data/PVE/CLI/pvecm.pm
+++ b/data/PVE/CLI/pvecm.pm
@@ -10,6 +10,7 @@ use PVE::Tools qw(run_command);
use PVE::Cluster;
use PVE::INotify;
use PVE::JSONSchema;
+use PVE::RPCEnvironment;
use PVE::CLIHandler;
use PVE::API2::ClusterConfig;
use PVE::Corosync;
@@ -26,6 +27,10 @@ my $dbfile = "$libdir/config.db";
my $authfile = "/etc/corosync/authkey";
+sub setup_environment {
+ PVE::RPCEnvironment->setup_default_cli_env();
+}
+
__PACKAGE__->register_method ({
name => 'keygen',
path => 'keygen',
@@ -261,6 +266,17 @@ __PACKAGE__->register_method ({
" needs an valid configured ring 1 interface in the
cluster.",
optional => 1,
},
+ fingerprint => {
+ description => "SSL certificate fingerprint.",
+ type => 'string',
+ pattern => '^(:?[A-Z0-9][A-Z0-9]:){31}[A-Z0-9][A-Z0-9]$',
+ optional => 1,
+ },
+ 'use_ssh' => {
+ type => 'boolean',
+ description => "Always use SSH to join, even if peer may do it
over API.",
+ optional => 1,
+ },
},
},
returns => { type => 'null' },
@@ -270,14 +286,38 @@ __PACKAGE__->register_method ({
my $nodename = PVE::INotify::nodename();
+ my $host = $param->{hostname};
+
+ if (!$param->{use_ssh}) {
+ print "Please enter superuser (root) password for '$host':\n";
+ my $password = PVE::CLIHandler::read_password(undef, 1);
+
+ delete $param->{use_ssh};
+ $param->{password} = $password;
+
+ eval { PVE::API2::ClusterConfig->join($param) };
+
+ if (my $err = $@) {
+ if ($err eq "Cannot use API to join, peer is not up to
date!\n") {
+ print "$err\n";
+ print "Do you want to fallback to joining over SSH
(yes/no)?\n";
+
+ my $answer = <>;
+ die "OK, abort cluster join.\n" if $answer !~
m/^\s*y(es)?\s*$/i;
+ } else {
+ die $err;
+ }
+ } else {
+ return; # all OK, the API joint endpoint successfully set us up
+ }
+ }
+
PVE::Cluster::setup_sshd_config();
PVE::Cluster::setup_rootsshconfig();
PVE::Cluster::setup_ssh_keys();
PVE::Cluster::assert_joinable($param->{ring0_addr},
$param->{ring1_addr}, $param->{force});
- my $host = $param->{hostname};
-
# make sure known_hosts is on local filesystem
PVE::Cluster::ssh_unmerge_known_hosts();
--
2.11.0
_______________________________________________
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
