1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135 |
- ;;; GNU Guix --- Functional package management for GNU
- ;;; Copyright © 2020, 2022 Marius Bakke <marius@gnu.org>
- ;;;
- ;;; This file is part of GNU Guix.
- ;;;
- ;;; GNU Guix is free software; you can redistribute it and/or modify it
- ;;; under the terms of the GNU General Public License as published by
- ;;; the Free Software Foundation; either version 3 of the License, or (at
- ;;; your option) any later version.
- ;;;
- ;;; GNU Guix is distributed in the hope that it will be useful, but
- ;;; WITHOUT ANY WARRANTY; without even the implied warranty of
- ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- ;;; GNU General Public License for more details.
- ;;;
- ;;; You should have received a copy of the GNU General Public License
- ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
- (define-module (gnu services ganeti)
- #:use-module (gnu packages virtualization)
- #:use-module (gnu services)
- #:use-module (gnu services mcron)
- #:use-module (gnu services shepherd)
- #:use-module (guix gexp)
- #:use-module (guix records)
- #:use-module (srfi srfi-1)
- #:use-module (ice-9 match)
- #:export (ganeti-noded-configuration
- ganeti-noded-configuration?
- ganeti-noded-configuration-ganeti
- ganeti-noded-configuration-port
- ganeti-noded-configuration-address
- ganeti-noded-configuration-interface
- ganeti-noded-configuration-max-clients
- ganeti-noded-configuration-ssl?
- ganeti-noded-configuration-ssl-key
- ganeti-noded-configuration-ssl-cert
- ganeti-noded-configuration-debug?
- ganeti-noded-service-type
- ganeti-confd-configuration
- ganeti-confd-configuration?
- ganeti-confd-configuration-ganeti
- ganeti-confd-configuration-port
- ganeti-confd-configuration-address
- ganeti-confd-configuration-debug
- ganeti-confd-service-type
- ganeti-wconfd-configuration
- ganeti-wconfd-configuration?
- ganeti-wconfd-configuration-ganeti
- ganeti-wconfd-configuration-no-voting?
- ganeti-wconfd-configuration-debug?
- ganeti-wconfd-service-type
- ganeti-luxid-configuration
- ganeti-luxid-configuration?
- ganeti-luxid-configuration-ganeti
- ganeti-luxid-configuration-no-voting?
- ganeti-luxid-configuration-debug?
- ganeti-luxid-service-type
- ganeti-rapi-configuration
- ganeti-rapi-configuration?
- ganeti-rapi-configuration-ganeti
- ganeti-rapi-configuration-require-authentication?
- ganeti-rapi-configuration-port
- ganeti-rapi-configuration-address
- ganeti-rapi-configuration-interface
- ganeti-rapi-configuration-max-clients
- ganeti-rapi-configuration-ssl?
- ganeti-rapi-configuration-ssl-key
- ganeti-rapi-configuration-ssl-cert
- ganeti-rapi-configuration-debug?
- ganeti-rapi-service-type
- ganeti-kvmd-configuration
- ganeti-kvmd-configuration?
- ganeti-kvmd-configuration-ganeti
- ganeti-kvmd-configuration-debug?
- ganeti-kvmd-service-type
- ganeti-mond-configuration
- ganeti-mond-configuration?
- ganeti-mond-configuration-ganeti
- ganeti-mond-configuration-port
- ganeti-mond-configuration-address
- ganeti-mond-configuration-debug?
- ganeti-mond-service-type
- ganeti-metad-configuration
- ganeti-metad-configuration?
- ganeti-metad-configuration-ganeti
- ganeti-metad-configuration-port
- ganeti-metad-configuration-address
- ganeti-metad-configuration-debug?
- ganeti-metad-service-type
- ganeti-watcher-configuration
- ganeti-watcher-configuration?
- ganeti-watcher-configuration-ganeti
- ganeti-watcher-configuration-schedule
- ganeti-watcher-configuration-rapi-ip
- ganeti-watcher-configuration-job-age
- ganeti-watcher-configuration-verify-disks?
- ganeti-watcher-configuration-debug?
- ganeti-watcher-service-type
- ganeti-cleaner-configuration
- ganeti-cleaner-configuration?
- ganeti-cleaner-configuration-ganeti
- ganeti-cleaner-configuration-master-schedule
- ganeti-cleaner-configuration-node-schedule
- ganeti-cleaner-service-type
- ganeti-os
- ganeti-os?
- ganeti-os-name
- ganeti-os-extension
- ganeti-os-variants
- ganeti-os-variant
- ganeti-os-variant?
- ganeti-os-variant-name
- ganeti-os-variant-configuration
- %debootstrap-interfaces-hook
- %debootstrap-grub-hook
- %default-debootstrap-hooks
- %default-debootstrap-extra-pkgs
- debootstrap-configuration
- debootstrap-configuration?
- debootstrap-configuration-hooks
- debootstrap-configuration-proxy
- debootstrap-configuration-mirror
- debootstrap-configuration-arch
- debootstrap-configuration-suite
- debootstrap-configuration-extra-pkgs
- debootstrap-configuration-components
- debootstrap-configuration-generate-cache?
- debootstrap-configuration-clean-cache
- debootstrap-configuration-partition-style
- debootstrap-configuration-partition-alignment
- debootstrap-variant
- debootstrap-os
- %default-debootstrap-variants
- guix-variant
- guix-os
- %default-guix-variants
- %default-ganeti-os
- ganeti-configuration
- ganeti-configuration?
- ganeti-configuration-noded-configuration
- ganeti-configuration-confd-configuration
- ganeti-configuration-wconfd-configuration
- ganeti-configuration-luxid-configuration
- ganeti-configuration-rapi-configuration
- ganeti-configuration-kvmd-configuration
- ganeti-configuration-mond-configuration
- ganeti-configuration-metad-configuration
- ganeti-configuration-watcher-configuration
- ganeti-configuration-cleaner-configuration
- ganeti-configuration-file-storage-paths
- ganeti-configuration-os
- ganeti-service-type))
- ;;;
- ;;; Service definitions for running a Ganeti cluster.
- ;;;
- ;;; Planned improvements: run daemons (except ganeti-noded) under unprivileged
- ;;; user accounts and/or containers. The account names must match the ones
- ;;; given to Ganetis configure script. metad needs "setcap" or root in order
- ;;; to bind on port 80.
- ;; Set PATH so the various daemons are able to find the 'ip' executable, LVM,
- ;; Ceph, Gluster, etc, without having to add absolute references to everything.
- (define %default-ganeti-environment-variables
- (list (string-append "PATH="
- (string-join '("/run/setuid-programs"
- "/run/current-system/profile/sbin"
- "/run/current-system/profile/bin")
- ":"))))
- (define-record-type* <ganeti-noded-configuration>
- ganeti-noded-configuration make-ganeti-noded-configuration
- ganeti-noded-configuration?
- (ganeti ganeti-noded-configuration-ganeti ;file-like
- (default ganeti))
- (port ganeti-noded-configuration-port ;integer
- (default 1811))
- (address ganeti-noded-configuration-address ;string
- (default "0.0.0.0"))
- (interface ganeti-noded-configuration-interface ;string | #f
- (default #f))
- (max-clients ganeti-noded-configuration-max-clients ;integer
- (default 20))
- (ssl? ganeti-noded-configuration-ssl? ;Boolean
- (default #t))
- (ssl-key ganeti-noded-configuration-ssl-key ;string
- (default "/var/lib/ganeti/server.pem"))
- (ssl-cert ganeti-noded-configuration-ssl-cert ;string
- (default "/var/lib/ganeti/server.pem"))
- (debug? ganeti-noded-configuration-debug? ;Boolean
- (default #f)))
- (define ganeti-noded-service
- (match-lambda
- (($ <ganeti-noded-configuration> ganeti port address interface max-clients
- ssl? ssl-key ssl-cert debug?)
- (list (shepherd-service
- (documentation "Run the Ganeti node daemon.")
- (provision '(ganeti-noded))
- (requirement '(user-processes networking))
- ;; If the daemon stops, it is probably for a good reason;
- ;; otherwise ganeti-watcher will restart it for us anyway.
- (respawn? #f)
- (start #~(make-forkexec-constructor
- (list #$(file-append ganeti "/sbin/ganeti-noded")
- #$(string-append "--port=" (number->string port))
- #$(string-append "--bind=" address)
- #$@(if interface
- #~((string-append "--interface=" #$interface))
- #~())
- #$(string-append "--max-clients="
- (number->string max-clients))
- #$@(if ssl?
- #~((string-append "--ssl-key=" #$ssl-key)
- (string-append "--ssl-cert=" #$ssl-cert))
- #~("--no-ssl"))
- #$@(if debug?
- #~("--debug")
- #~()))
- #:environment-variables
- '#$%default-ganeti-environment-variables
- #:pid-file "/var/run/ganeti/ganeti-noded.pid"))
- (stop #~(make-kill-destructor)))))))
- (define ganeti-noded-service-type
- (service-type (name 'ganeti-noded)
- (extensions
- (list (service-extension shepherd-root-service-type
- ganeti-noded-service)))
- (default-value (ganeti-noded-configuration))
- (description
- "@command{ganeti-noded} is the daemon which is responsible
- for the node functions in the Ganeti system.")))
- (define-record-type* <ganeti-confd-configuration>
- ganeti-confd-configuration make-ganeti-confd-configuration
- ganeti-confd-configuration?
- (ganeti ganeti-confd-configuration-ganeti ;file-like
- (default ganeti))
- (port ganeti-confd-configuration-port ;integer
- (default 1814))
- (address ganeti-confd-configuration-address ;string
- (default "0.0.0.0"))
- (debug? ganeti-confd-configuration-debug? ;Boolean
- (default #f)))
- (define ganeti-confd-service
- (match-lambda
- (($ <ganeti-confd-configuration> ganeti port address debug?)
- (list (shepherd-service
- (documentation "Run the Ganeti confd daemon.")
- (provision '(ganeti-confd))
- (requirement '(user-processes networking))
- (respawn? #f)
- (start #~(make-forkexec-constructor
- (list #$(file-append ganeti "/sbin/ganeti-confd")
- #$(string-append "--port=" (number->string port))
- #$(string-append "--bind=" address)
- #$@(if debug?
- #~("--debug")
- #~()))
- #:environment-variables
- '#$%default-ganeti-environment-variables
- #:pid-file "/var/run/ganeti/ganeti-confd.pid"))
- (stop #~(make-kill-destructor)))))))
- (define ganeti-confd-service-type
- (service-type (name 'ganeti-confd)
- (extensions
- (list (service-extension shepherd-root-service-type
- ganeti-confd-service)))
- (default-value (ganeti-confd-configuration))
- (description
- "@command{ganeti-confd} is a daemon used to answer queries
- related to the configuration of a Ganeti cluster.")))
- (define-record-type* <ganeti-wconfd-configuration>
- ganeti-wconfd-configuration make-ganeti-wconfd-configuration
- ganeti-wconfd-configuration?
- (ganeti ganeti-wconfd-configuration-ganeti ;file-like
- (default ganeti))
- (no-voting? ganeti-wconfd-configuration-no-voting? ;Boolean
- (default #f))
- (debug? ganeti-wconfd-configuration-debug? ;Boolean
- (default #f)))
- ;; If this file exists, the wconfd daemon will be forcefully started even on
- ;; non-master nodes. It is used to accommodate a master-failover scenario.
- (define %wconfd-force-node-hint
- "/var/lib/ganeti/guix_wconfd_force_node_hint")
- (define (wconfd-wrapper ganeti args)
- ;; Wrapper for the wconfd daemon that looks for the force-node hint.
- (program-file
- "wconfd-wrapper"
- #~(begin
- (let ((wconfd #$(file-append ganeti "/sbin/ganeti-wconfd"))
- (force-node? (file-exists? #$%wconfd-force-node-hint)))
- (if force-node?
- (execl wconfd wconfd "--force-node" "--no-voting" "--yes-do-it" #$@args)
- (execl wconfd wconfd #$@args))))))
- (define shepherd-wconfd-force-start-action
- ;; Shepherd action to create the force-node hint and start wconfd.
- (shepherd-action
- (name 'force-start)
- (documentation
- "Forcefully start wconfd even on non-master nodes (dangerous!).")
- (procedure #~(lambda _
- (format #t "Forcefully starting the wconfd daemon...~%")
- (action 'ganeti-wconfd 'enable)
- (dynamic-wind
- (lambda ()
- (false-if-exception
- (call-with-output-file #$%wconfd-force-node-hint
- (lambda (port)
- (const #t)))))
- (lambda ()
- (action 'ganeti-wconfd 'restart))
- (lambda ()
- (delete-file #$%wconfd-force-node-hint)))
- #t))))
- (define ganeti-wconfd-service
- (match-lambda
- (($ <ganeti-wconfd-configuration> ganeti no-voting? debug?)
- (list (shepherd-service
- (documentation "Run the Ganeti wconfd daemon.")
- (provision '(ganeti-wconfd))
- (requirement '(user-processes))
- ;; Shepherd action to support a master-failover scenario. It is
- ;; automatically invoked during 'gnt-cluster master-failover' (see
- ;; related Ganeti patch) and not intended for interactive use.
- (actions (list shepherd-wconfd-force-start-action))
- ;; wconfd will disable itself when not running on the master
- ;; node. Don't attempt to restart it.
- (respawn? #f)
- (start
- #~(make-forkexec-constructor
- (list #$(wconfd-wrapper ganeti
- (append
- (if no-voting?
- '("--no-voting" "--yes-do-it")
- '())
- (if debug?
- '("--debug")
- '()))))
- #:environment-variables
- '#$%default-ganeti-environment-variables
- #:pid-file "/var/run/ganeti/ganeti-wconfd.pid"))
- (stop #~(make-kill-destructor)))))))
- (define ganeti-wconfd-service-type
- (service-type (name 'ganeti-wconfd)
- (extensions
- (list (service-extension shepherd-root-service-type
- ganeti-wconfd-service)))
- (default-value (ganeti-wconfd-configuration))
- (description
- "@command{ganeti-wconfd} is the daemon that has authoritative
- knowledge about the configuration and is the only entity that can accept changes
- to it. All jobs that need to modify the configuration will do so by sending
- appropriate requests to this daemon.")))
- (define-record-type* <ganeti-luxid-configuration>
- ganeti-luxid-configuration make-ganeti-luxid-configuration
- ganeti-luxid-configuration?
- (ganeti ganeti-luxid-configuration-ganeti ;file-like
- (default ganeti))
- (no-voting? ganeti-luxid-configuration-no-voting? ;Boolean
- (default #f))
- (debug? ganeti-luxid-configuration-debug? ;Boolean
- (default #f)))
- (define ganeti-luxid-service
- (match-lambda
- (($ <ganeti-luxid-configuration> ganeti no-voting? debug?)
- (list (shepherd-service
- (documentation "Run the Ganeti LUXI daemon.")
- (provision '(ganeti-luxid))
- (requirement '(user-processes))
- ;; This service will automatically disable itself when not
- ;; running on the master node. Don't attempt to restart it.
- (respawn? #f)
- (start #~(make-forkexec-constructor
- (list #$(file-append ganeti "/sbin/ganeti-luxid")
- #$@(if no-voting?
- #~("--no-voting" "--yes-do-it")
- #~())
- #$@(if debug?
- #~("--debug")
- #~()))
- #:environment-variables
- '#$%default-ganeti-environment-variables
- #:pid-file "/var/run/ganeti/ganeti-luxid.pid"))
- (stop #~(make-kill-destructor)))))))
- (define ganeti-luxid-service-type
- (service-type (name 'ganeti-luxid)
- (extensions
- (list (service-extension shepherd-root-service-type
- ganeti-luxid-service)))
- (default-value (ganeti-luxid-configuration))
- (description
- "@command{ganeti-luxid} is a daemon used to answer queries
- related to the configuration and the current live state of a Ganeti cluster.
- Additionally, it is the authoritative daemon for the Ganeti job queue. Jobs can
- be submitted via this daemon and it schedules and starts them.")))
- (define-record-type* <ganeti-rapi-configuration>
- ganeti-rapi-configuration make-ganeti-rapi-configuration
- ganeti-rapi-configuration?
- (ganeti ganeti-rapi-configuration-ganeti ;file-like
- (default ganeti))
- (require-authentication?
- ganeti-rapi-configuration-require-authentication? ;Boolean
- (default #f))
- (port ganeti-rapi-configuration-port ;integer
- (default 5080))
- (address ganeti-rapi-configuration-address ;string
- (default "0.0.0.0"))
- (interface ganeti-rapi-configuration-interface ;string | #f
- (default #f))
- (max-clients ganeti-rapi-configuration-max-clients ;integer
- (default 20))
- (ssl? ganeti-rapi-configuration-ssl? ;Boolean
- (default #t))
- (ssl-key ganeti-rapi-configuration-ssl-key ;string
- (default "/var/lib/ganeti/server.pem"))
- (ssl-cert ganeti-rapi-configuration-ssl-cert ;string
- (default "/var/lib/ganeti/server.pem"))
- (debug? ganeti-rapi-configuration-debug? ;Boolean
- (default #f)))
- (define ganeti-rapi-service
- (match-lambda
- (($ <ganeti-rapi-configuration> ganeti require-authentication? port address
- interface max-clients ssl? ssl-key ssl-cert
- debug?)
- (list (shepherd-service
- (documentation "Run the Ganeti RAPI daemon.")
- (provision '(ganeti-rapi))
- (requirement '(user-processes networking))
- ;; This service will automatically disable itself when not
- ;; running on the master node. Don't attempt to restart it.
- (respawn? #f)
- (start #~(make-forkexec-constructor
- (list #$(file-append ganeti "/sbin/ganeti-rapi")
- #$@(if require-authentication?
- #~("--require-authentication")
- #~())
- #$(string-append "--port=" (number->string port))
- #$(string-append "--bind=" address)
- #$@(if interface
- #~((string-append "--interface=" #$interface))
- #~())
- #$(string-append "--max-clients="
- (number->string max-clients))
- #$@(if ssl?
- #~((string-append "--ssl-key=" #$ssl-key)
- (string-append "--ssl-cert=" #$ssl-cert))
- #~("--no-ssl"))
- #$@(if debug?
- #~("--debug")
- #~()))
- #:environment-variables
- '#$%default-ganeti-environment-variables
- #:pid-file "/var/run/ganeti/ganeti-rapi.pid"))
- (stop #~(make-kill-destructor)))))))
- (define ganeti-rapi-service-type
- (service-type (name 'ganeti-rapi)
- (extensions
- (list (service-extension shepherd-root-service-type
- ganeti-rapi-service)))
- (default-value (ganeti-rapi-configuration))
- (description
- "@command{ganeti-rapi} is the daemon providing a remote API
- for Ganeti clusters.")))
- (define-record-type* <ganeti-kvmd-configuration>
- ganeti-kvmd-configuration make-ganeti-kvmd-configuration
- ganeti-kvmd-configuration?
- (ganeti ganeti-kvmd-configuration-ganeti ;file-like
- (default ganeti))
- (debug? ganeti-kvmd-configuration-debug? ;Boolean
- (default #f)))
- (define ganeti-kvmd-service
- (match-lambda
- (($ <ganeti-kvmd-configuration> ganeti debug?)
- (list (shepherd-service
- (documentation "Run the Ganeti KVM daemon.")
- (provision '(ganeti-kvmd))
- (requirement '(user-processes))
- ;; This service will automatically disable itself when not
- ;; needed. Don't attempt to restart it.
- (respawn? #f)
- (start #~(make-forkexec-constructor
- (list #$(file-append ganeti "/sbin/ganeti-kvmd")
- #$@(if debug?
- #~("--debug")
- #~()))
- #:environment-variables
- '#$%default-ganeti-environment-variables
- #:pid-file "/var/run/ganeti/ganeti-kvmd.pid"))
- (stop #~(make-kill-destructor)))))))
- (define ganeti-kvmd-service-type
- (service-type (name 'ganeti-kvmd)
- (extensions
- (list (service-extension shepherd-root-service-type
- ganeti-kvmd-service)))
- (default-value (ganeti-kvmd-configuration))
- (description
- "@command{ganeti-kvmd} is responsible for determining whether
- a given KVM instance was shutdown by an administrator or a user.
- The KVM daemon monitors, using @code{inotify}, KVM instances through their QMP
- sockets, which are provided by KVM. Using the QMP sockets, the KVM daemon
- listens for particular shutdown, powerdown, and stop events which will determine
- if a given instance was shutdown by the user or Ganeti, and this result is
- communicated to Ganeti via a special file in the file system.")))
- (define-record-type* <ganeti-mond-configuration>
- ganeti-mond-configuration make-ganeti-mond-configuration
- ganeti-mond-configuration?
- (ganeti ganeti-mond-configuration-ganeti ;file-like
- (default ganeti))
- (port ganeti-mond-configuration-port ;integer
- (default 1815))
- (address ganeti-mond-configuration-address ;string
- (default "0.0.0.0"))
- (debug? ganeti-mond-configuration-debug? ;Boolean
- (default #f)))
- (define ganeti-mond-service
- (match-lambda
- (($ <ganeti-mond-configuration> ganeti port address debug?)
- (list (shepherd-service
- (documentation "Run the Ganeti monitoring daemon.")
- (provision '(ganeti-mond))
- (requirement '(user-processes networking))
- (respawn? #f)
- (start #~(make-forkexec-constructor
- (list #$(file-append ganeti "/sbin/ganeti-mond")
- #$(string-append "--port=" (number->string port))
- #$(string-append "--bind=" address)
- #$@(if debug?
- #~("--debug")
- #~()))
- #:pid-file "/var/run/ganeti/ganeti-mond.pid"))
- (stop #~(make-kill-destructor)))))))
- (define ganeti-mond-service-type
- (service-type (name 'ganeti-mond)
- (extensions
- (list (service-extension shepherd-root-service-type
- ganeti-mond-service)))
- (default-value (ganeti-mond-configuration))
- (description
- "@command{ganeti-mond} is a daemon providing monitoring
- functionality. It is responsible for running the data collectors and to
- provide the collected information through a HTTP interface.")))
- (define-record-type* <ganeti-metad-configuration>
- ganeti-metad-configuration make-ganeti-metad-configuration
- ganeti-metad-configuration?
- (ganeti ganeti-metad-configuration-ganeti ;file-like
- (default ganeti))
- (port ganeti-metad-configuration-port ;integer
- (default 80))
- (address ganeti-metad-configuration-address ;string | #f
- (default #f))
- (debug? ganeti-metad-configuration-debug? ;Boolean
- (default #f)))
- (define ganeti-metad-service
- (match-lambda
- (($ <ganeti-metad-configuration> ganeti port address debug?)
- (list (shepherd-service
- (documentation "Run the Ganeti metadata daemon.")
- (provision '(ganeti-metad))
- (requirement '(user-processes networking))
- ;; This service is started on demand.
- (auto-start? #f)
- (respawn? #f)
- (start #~(make-forkexec-constructor
- (list #$(file-append ganeti "/sbin/ganeti-metad")
- #$(string-append "--port=" (number->string port))
- #$@(if address
- #~((string-append "--bind=" #$address))
- #~())
- #$@(if debug?
- #~("--debug")
- #~()))
- #:pid-file "/var/run/ganeti/ganeti-metad.pid"))
- (stop #~(make-kill-destructor)))))))
- (define ganeti-metad-service-type
- (service-type (name 'ganeti-metad)
- (extensions
- (list (service-extension shepherd-root-service-type
- ganeti-metad-service)))
- (default-value (ganeti-metad-configuration))
- (description
- "@command{ganeti-metad} is a daemon that can be used to pass
- information to OS install scripts or instances.")))
- (define-record-type* <ganeti-watcher-configuration>
- ganeti-watcher-configuration make-ganeti-watcher-configuration
- ganeti-watcher-configuration?
- (ganeti ganeti-watcher-configuration-ganeti ;file-like
- (default ganeti))
- (schedule ganeti-watcher-configuration-schedule ;list | string
- (default '(next-second-from
- ;; Run every five minutes.
- (next-minute (range 0 60 5)))))
- (rapi-ip ganeti-watcher-configuration-rapi-ip ;#f | string
- (default #f))
- (job-age ganeti-watcher-configuration-job-age ;integer
- (default (* 6 3600)))
- (verify-disks? ganeti-watcher-configuration-verify-disks? ;Boolean
- (default #t))
- (debug? ganeti-watcher-configuration-debug? ;Boolean
- (default #f)))
- (define ganeti-watcher-command
- (match-lambda
- (($ <ganeti-watcher-configuration> ganeti _ rapi-ip job-age verify-disks?
- debug?)
- #~(lambda ()
- (system* #$(file-append ganeti "/sbin/ganeti-watcher")
- #$@(if rapi-ip
- #~((string-append "--rapi-ip=" #$rapi-ip))
- #~())
- #$(string-append "--job-age=" (number->string job-age))
- #$@(if verify-disks?
- #~()
- #~("--no-verify-disks"))
- #$@(if debug?
- #~("--debug")
- #~()))))))
- (define (ganeti-watcher-jobs config)
- (match config
- (($ <ganeti-watcher-configuration> _ schedule)
- (list
- #~(job #$@(match schedule
- ((? string?)
- #~(#$schedule))
- ((? list?)
- #~('#$schedule)))
- #$(ganeti-watcher-command config)
- "ganeti-watcher")))))
- (define ganeti-watcher-service-type
- (service-type (name 'ganeti-watcher)
- (extensions
- (list (service-extension mcron-service-type
- ganeti-watcher-jobs)))
- (default-value (ganeti-watcher-configuration))
- (description
- "@command{ganeti-watcher} is a periodically run script that
- performs a number of maintenance actions on the cluster. It will automatically
- restart instances that are marked as ERROR_down, i.e., instances that should be
- running, but are not; and it will also try to repair DRBD links in case a
- secondary node has rebooted. In addition it is responsible for archiving old
- cluster jobs, and it will restart any down Ganeti daemons that are appropriate
- for the current node. If the cluster parameter @code{maintain_node_health} is
- enabled, the watcher will also shutdown instances and DRBD devices if the node
- is declared offline by known master candidates.")))
- (define-record-type* <ganeti-cleaner-configuration>
- ganeti-cleaner-configuration make-ganeti-cleaner-configuration
- ganeti-cleaner-configuration?
- (ganeti ganeti-cleaner-configuration-ganeti ;file-like
- (default ganeti))
- (master-schedule ganeti-cleaner-configuration-master-schedule ;list | string
- ;; Run the master cleaner at 01:45 every day.
- (default "45 1 * * *"))
- (node-schedule ganeti-cleaner-configuration-node-schedule ;list | string
- ;; Run the node cleaner at 02:45 every day.
- (default "45 2 * * *")))
- (define ganeti-cleaner-jobs
- (match-lambda
- (($ <ganeti-cleaner-configuration> ganeti master-schedule node-schedule)
- (list
- #~(job #$@(match master-schedule
- ((? string?)
- #~(#$master-schedule))
- ((? list?)
- #~('#$master-schedule)))
- (lambda ()
- (system* #$(file-append ganeti "/sbin/ganeti-cleaner")
- "master"))
- "ganeti master cleaner")
- #~(job #$@(match node-schedule
- ((? string?)
- #~(#$node-schedule))
- ((? list?)
- #~('#$node-schedule)))
- (lambda ()
- (system* #$(file-append ganeti "/sbin/ganeti-cleaner")
- "node"))
- "ganeti node cleaner")))))
- (define ganeti-cleaner-service-type
- (service-type (name 'ganeti-cleaner)
- (extensions
- (list (service-extension mcron-service-type
- ganeti-cleaner-jobs)))
- (default-value (ganeti-cleaner-configuration))
- (description
- "@command{ganeti-cleaner} is a script that removes old files
- from the cluster. When called with @code{node} as argument it removes expired
- X509 certificates and keys from @file{/var/run/ganeti/crypto}, as well as
- outdated @command{ganeti-watcher} information.
- When called with @code{master} as argument, it instead removes files older
- than 21 days from @file{/var/lib/ganeti/queue/archive}.")))
- (define-record-type* <ganeti-configuration>
- ganeti-configuration make-ganeti-configuration
- ganeti-configuration?
- (ganeti ganeti-configuration-ganeti
- (default ganeti))
- (noded-configuration ganeti-configuration-noded-configuration
- (default (ganeti-noded-configuration)))
- (confd-configuration ganeti-configuration-confd-configuration
- (default (ganeti-confd-configuration)))
- (wconfd-configuration ganeti-configuration-wconfd-configuration
- (default (ganeti-wconfd-configuration)))
- (luxid-configuration ganeti-configuration-luxid-configuration
- (default (ganeti-luxid-configuration)))
- (rapi-configuration ganeti-configuration-rapi-configuration
- (default (ganeti-rapi-configuration)))
- (kvmd-configuration ganeti-configuration-kvmd-configuration
- (default (ganeti-kvmd-configuration)))
- (mond-configuration ganeti-configuration-mond-configuration
- (default (ganeti-mond-configuration)))
- (metad-configuration ganeti-configuration-metad-configuration
- (default (ganeti-metad-configuration)))
- (watcher-configuration ganeti-configuration-watcher-configuration
- (default (ganeti-watcher-configuration)))
- (cleaner-configuration ganeti-configuration-cleaner-configuration
- (default (ganeti-cleaner-configuration)))
- (file-storage-paths ganeti-configuration-file-storage-paths ;list of strings | gexp
- (default '()))
- (hooks ganeti-configuration-hooks ;<file-like> | #f
- (default #f))
- (os ganeti-configuration-os ;list of <ganeti-os>
- (default '())))
- (define (ganeti-activation config)
- (with-imported-modules '((guix build utils))
- #~(begin
- (use-modules (guix build utils))
- (for-each mkdir-p
- '("/var/log/ganeti"
- "/var/log/ganeti/kvm"
- "/var/log/ganeti/os"
- "/var/lib/ganeti/rapi"
- "/var/lib/ganeti/queue"
- "/var/lib/ganeti/queue/archive"
- "/var/run/ganeti/bdev-cache"
- "/var/run/ganeti/crypto"
- "/var/run/ganeti/socket"
- "/var/run/ganeti/instance-disks"
- "/var/run/ganeti/instance-reason"
- "/var/run/ganeti/livelocks")))))
- (define ganeti-shepherd-services
- (match-lambda
- (($ <ganeti-configuration> _ noded confd wconfd luxid rapi kvmd mond metad)
- (append (ganeti-noded-service noded)
- (ganeti-confd-service confd)
- (ganeti-wconfd-service wconfd)
- (ganeti-luxid-service luxid)
- (ganeti-rapi-service rapi)
- (ganeti-kvmd-service kvmd)
- (ganeti-mond-service mond)
- (ganeti-metad-service metad)))))
- (define ganeti-mcron-jobs
- (match-lambda
- (($ <ganeti-configuration> _ _ _ _ _ _ _ _ _ watcher cleaner)
- (append (ganeti-watcher-jobs watcher)
- (ganeti-cleaner-jobs cleaner)))))
- (define-record-type* <ganeti-os>
- ganeti-os make-ganeti-os ganeti-os?
- (name ganeti-os-name) ;string
- (extension ganeti-os-extension ;#f | string
- (default #f))
- (variants ganeti-os-variants ;<file-like> | list of <ganeti-os-variant>
- (default '())))
- (define-record-type* <ganeti-os-variant>
- ganeti-os-variant make-ganeti-os-variant ganeti-os-variant?
- (name ganeti-os-variant-name) ;string
- (configuration ganeti-os-variant-configuration)) ;<file-like>
- (define %debootstrap-interfaces-hook
- (file-append ganeti-instance-debootstrap
- "/share/doc/ganeti-instance-debootstrap/examples/interfaces"))
- ;; The GRUB hook shipped with instance-debootstrap does not work with GRUB2.
- ;; For convenience, provide one that work with modern Debians here.
- ;; Note: it would be neat to reuse Guix' bootloader infrastructure instead.
- (define %debootstrap-grub-hook
- (plain-file "grub"
- "#!/usr/bin/env bash
- CLEANUP=( )
- cleanup() {
- if [ ${#CLEANUP[*]} -gt 0 ]; then
- LAST_ELEMENT=$((${#CLEANUP[*]}-1))
- REVERSE_INDEXES=$(seq ${LAST_ELEMENT} -1 0)
- for i in $REVERSE_INDEXES; do
- ${CLEANUP[$i]}
- done
- fi
- }
- trap cleanup EXIT
- mount -t proc proc $TARGET/proc
- CLEANUP+=(\"umount $TARGET/proc\")
- mount -t sysfs sysfs $TARGET/sys
- CLEANUP+=(\"umount $TARGET/sys\")
- mount -o bind /dev $TARGET/dev
- CLEANUP+=(\"umount $TARGET/dev\")
- echo '
- GRUB_TIMEOUT_STYLE=menu
- GRUB_CMDLINE_LINUX_DEFAULT=\"console=ttyS0,115200 net.ifnames=0\"
- GRUB_TERMINAL=\"serial\"
- GRUB_SERIAL_COMMAND=\"serial --unit=0 --speed=115200\"
- ' >> $TARGET/etc/default/grub
- # This PATH is propagated into the chroot and necessary to make grub-install
- # and related commands visible.
- export PATH=\"/usr/sbin:/usr/bin:/sbin:/bin:$PATH\"
- chroot \"$TARGET\" grub-install $BLOCKDEV
- chroot \"$TARGET\" update-grub
- cleanup
- trap - EXIT
- "))
- (define %default-debootstrap-hooks
- `((10-interfaces . ,%debootstrap-interfaces-hook)
- (90-grub . ,%debootstrap-grub-hook)))
- (define %default-debootstrap-extra-pkgs
- ;; Packages suitable for a fully virtualized KVM guest.
- '("acpi-support-base" "udev" "linux-image-amd64" "openssh-server"
- "locales-all" "grub-pc"))
- (define-record-type* <debootstrap-configuration>
- debootstrap-configuration make-debootstrap-configuration
- debootstrap-configuration?
- (hooks debootstrap-configuration-hooks ;#f | gexp | '((name . gexp))
- (default %default-debootstrap-hooks))
- (proxy debootstrap-configuration-proxy (default #f)) ;#f | string
- (mirror debootstrap-configuration-mirror ;#f | string
- (default #f))
- (arch debootstrap-configuration-arch (default #f)) ;#f | string
- (suite debootstrap-configuration-suite ;#f | string
- (default "stable"))
- (extra-pkgs debootstrap-configuration-extra-pkgs ;list of strings
- (default %default-debootstrap-extra-pkgs))
- (components debootstrap-configuration-components ;list of strings
- (default '()))
- (generate-cache? debootstrap-configuration-generate-cache? ;Boolean
- (default #t))
- (clean-cache debootstrap-configuration-clean-cache ;#f | integer
- (default 14))
- (partition-style debootstrap-configuration-partition-style ;#f | symbol | string
- (default 'msdos))
- (partition-alignment debootstrap-configuration-partition-alignment ;#f | integer
- (default 2048)))
- (define (debootstrap-hooks->directory hooks)
- (match hooks
- ((? file-like?)
- hooks)
- ((? list?)
- (let ((names (map car hooks))
- (files (map cdr hooks)))
- (with-imported-modules '((guix build utils))
- (computed-file "debootstrap-hooks"
- #~(begin
- (use-modules (guix build utils)
- (ice-9 match))
- (mkdir-p #$output)
- (with-directory-excursion #$output
- (for-each (match-lambda
- ((name hook)
- (let ((file-name (string-append
- #$output "/"
- (symbol->string name))))
- ;; Copy to the destination to ensure
- ;; the file is executable.
- (copy-file hook file-name)
- (chmod file-name #o555))))
- '#$(zip names files))))))))
- (_ #f)))
- (define-gexp-compiler (debootstrap-configuration-compiler
- (file <debootstrap-configuration>) system target)
- (match file
- (($ <debootstrap-configuration> hooks proxy mirror arch suite extra-pkgs
- components generate-cache? clean-cache
- partition-style partition-alignment)
- (let ((customize-dir (debootstrap-hooks->directory hooks)))
- (gexp->derivation
- "debootstrap-variant"
- #~(call-with-output-file (ungexp output "out")
- (lambda (port)
- (display
- (string-append
- (ungexp-splicing
- `(,@(if proxy
- `("PROXY=" ,proxy "\n")
- '())
- ,@(if mirror
- `("MIRROR=" ,mirror "\n")
- '())
- ,@(if arch
- `("ARCH=" ,arch "\n")
- '())
- ,@(if suite
- `("SUITE=" ,suite "\n")
- '())
- ,@(if (not (null? extra-pkgs))
- `("EXTRA_PKGS=" ,(string-join extra-pkgs ",") "\n")
- '())
- ,@(if (not (null? components))
- `("COMPONENTS=" ,(string-join components ",") "\n")
- '())
- ,@(if customize-dir
- `("CUSTOMIZE_DIR=" ,customize-dir "\n")
- '())
- ,@(if generate-cache?
- '("GENERATE_CACHE=yes\n")
- '("GENERATE_CACHE=no\n"))
- ,@(if clean-cache
- `("CLEAN_CACHE=" ,(number->string clean-cache) "\n")
- '())
- ,@(if partition-style
- (if (symbol? partition-style)
- `("PARTITION_STYLE="
- ,(symbol->string partition-style) "\n")
- `("PARTITION_STYLE=" ,partition-style "\n"))
- '())
- ,@(if partition-alignment
- `("PARTITION_ALIGNMENT="
- ,(number->string partition-alignment) "\n")
- '()))))
- port)))
- #:local-build? #t)))))
- (define (ganeti-os->directory os)
- "Return the derivation to build the configuration directory to be installed
- in /etc/ganeti/instance-$os for OS."
- (let ((name (ganeti-os-name os))
- (extension (ganeti-os-extension os))
- (variants (ganeti-os-variants os)))
- (define builder
- (with-imported-modules '((guix build utils))
- (if (file-like? variants)
- #~(begin
- (use-modules (guix build utils))
- (mkdir-p #$output)
- (symlink #$variants
- (string-append #$output "/variants")))
- #~(begin
- (use-modules (guix build utils)
- (ice-9 format)
- (ice-9 match)
- (srfi srfi-1))
- (mkdir-p #$output)
- (let ((variants-dir (string-append #$output "/variants"))
- (names '#$(map ganeti-os-variant-name variants))
- (configs '#$(map ganeti-os-variant-configuration variants)))
- (mkdir-p variants-dir)
- (unless (null? names)
- (call-with-output-file (string-append variants-dir
- "/variants.list")
- (lambda (port)
- (format port "~a~%"
- (string-join names "\n"))))
- (for-each (match-lambda
- ((name file)
- (let ((file-name
- (if #$extension
- (string-append name #$extension)
- name)))
- (symlink file
- (string-append variants-dir "/"
- file-name)))))
- (zip names configs))))))))
- (computed-file (string-append name "-os") builder
- #:local-build? #t)))
- (define (ganeti-directory file-storage-file hooks os)
- (let ((dirs (map ganeti-os->directory os))
- (names (map ganeti-os-name os)))
- (define builder
- #~(begin
- (use-modules (ice-9 match))
- (mkdir #$output)
- (when #$file-storage-file
- (symlink #$file-storage-file
- (string-append #$output "/file-storage-paths")))
- (when #$hooks
- (symlink #$hooks
- (string-append #$output "/hooks")))
- (for-each (match-lambda
- ((name dest)
- (symlink dest
- (string-append #$output "/instance-" name))))
- '#$(zip names dirs))))
- (computed-file "etc-ganeti" builder)))
- (define (file-storage-file paths)
- (match paths
- ((? null?) #f)
- ((? list?) (plain-file
- "file-storage-paths"
- (string-join paths "\n")))
- (_ paths)))
- (define (ganeti-etc-service config)
- (list `("ganeti" ,(ganeti-directory
- (file-storage-file
- (ganeti-configuration-file-storage-paths config))
- (ganeti-configuration-hooks config)
- (ganeti-configuration-os config)))))
- (define (debootstrap-os variants)
- (ganeti-os
- (name "debootstrap")
- (extension ".conf")
- (variants variants)))
- (define (debootstrap-variant name configuration)
- (ganeti-os-variant
- (name name)
- (configuration configuration)))
- (define %default-debootstrap-variants
- (list (debootstrap-variant
- "default"
- (debootstrap-configuration))))
- (define (guix-os variants)
- (ganeti-os
- (name "guix")
- (extension ".scm")
- (variants variants)))
- (define (guix-variant name configuration)
- (ganeti-os-variant
- (name name)
- (configuration configuration)))
- (define %default-guix-variants
- (list (guix-variant
- "default"
- (file-append ganeti-instance-guix
- "/share/doc/ganeti-instance-guix/examples/dynamic.scm"))))
- ;; The OS configurations usually come with a default OS. To make them work
- ;; out of the box, follow suit.
- (define %default-ganeti-os
- (list (debootstrap-os %default-debootstrap-variants)
- (guix-os %default-guix-variants)))
- (define ganeti-service-type
- (service-type (name 'ganeti)
- (extensions
- (list (service-extension activation-service-type
- ganeti-activation)
- (service-extension shepherd-root-service-type
- ganeti-shepherd-services)
- (service-extension etc-service-type
- ganeti-etc-service)
- (service-extension profile-service-type
- (compose list ganeti-configuration-ganeti))
- (service-extension mcron-service-type
- ganeti-mcron-jobs)))
- (default-value (ganeti-configuration (os %default-ganeti-os)))
- (description
- "Ganeti is a family of services that are designed to run
- on a fleet of machines and facilitate deployment and maintenance of virtual
- servers (@dfn{instances}). It can migrate instances between nodes, automatically
- restart failed instances, evacuate nodes, and much more.")))
|