geo-rep-cli: added a new option "no-verify" to geo-rep create.

This patch adds a new option called as "no-verify" to geo-rep
create command. With no-verify option, following checks does
not take place before session creation:

* if ssh port 22 is open in slave
* has proper passwordless ssh login setup
* slave volume is created and is empty
* if slave has enough memory

This option is needed by ovirt-engine as the tasks done
by push-pem is taken care by ovirt-engine and also the
above checks are done. Thus creation of password-less
ssh can be avoided when geo-replication is managed
through ovirt.

Usage: volume geo-replication [<VOLNAME>] [<SLAVE-URL>]
       { create [[no-verify]|[push-pem]] [force]|
         start [force]|stop [force]|pause [force]|
         resume [force]|config|status [detail]|
         delete } [options...]

Change-Id: I975265f27d6434be5409438257d09cd4190c9159
BUG: 1198615
Signed-off-by: darshan n <dnarayan@redhat.com>
Reviewed-on: http://review.gluster.org/9799
Reviewed-by: Aravinda VK <avishwan@redhat.com>
Reviewed-by: Kotresh HR <khiremat@redhat.com>
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Krishnan Parthasarathi <kparthas@redhat.com>
Tested-by: Krishnan Parthasarathi <kparthas@redhat.com>

4 files changed, 60 insertions, 22 deletions

diff --git a/cli/src/cli-cmd-parser.c b/cli/src/cli-cmd-parser.c
index 0981f11b7be..b2ef1d77104 100644
--- a/cli/src/cli-cmd-parser.c
+++ b/cli/src/cli-cmd-parser.c
@@ -2028,7 +2028,7 @@ out:
 }
 
 static int32_t
-force_push_pem_parse (const char **words, int wordcount,
+force_push_pem_no_verify_parse (const char **words, int wordcount,
                       dict_t *dict, unsigned *cmdi)
 {
         int32_t            ret     = 0;
@@ -2037,6 +2037,7 @@ force_push_pem_parse (const char **words, int wordcount,
                 if ((strcmp ((char *)words[wordcount-2], "start")) &&
                     (strcmp ((char *)words[wordcount-2], "stop")) &&
                     (strcmp ((char *)words[wordcount-2], "create")) &&
+                    (strcmp ((char *)words[wordcount-2], "no-verify")) &&
                     (strcmp ((char *)words[wordcount-2], "push-pem")) &&
                     (strcmp ((char *)words[wordcount-2], "pause")) &&
                     (strcmp ((char *)words[wordcount-2], "resume"))) {
@@ -2058,6 +2059,16 @@ force_push_pem_parse (const char **words, int wordcount,
                         if (ret)
                                 goto out;
                         (*cmdi)++;
+                } else if (!strcmp ((char *)words[wordcount-2], "no-verify")) {
+                        if (strcmp ((char *)words[wordcount-3], "create")) {
+                                ret = -1;
+                                goto out;
+                        }
+                        ret = dict_set_uint32 (dict, "no_verify",
+                                               _gf_true);
+                        if (ret)
+                                goto out;
+                        (*cmdi)++;
                 }
         } else if (!strcmp ((char *)words[wordcount-1], "push-pem")) {
                 if (strcmp ((char *)words[wordcount-2], "create")) {
@@ -2068,6 +2079,16 @@ force_push_pem_parse (const char **words, int wordcount,
                 if (ret)
                         goto out;
                 (*cmdi)++;
+        } else if (!strcmp ((char *)words[wordcount-1], "no-verify")) {
+                if ((strcmp ((char *)words[wordcount-2], "create"))) {
+                        ret = -1;
+                        goto out;
+                }
+                ret = dict_set_uint32 (dict, "no_verify",
+                                       _gf_true);
+                if (ret)
+                        goto out;
+                (*cmdi)++;
         }
 
 out:
@@ -2088,7 +2109,7 @@ cli_cmd_gsync_set_parse (const char **words, int wordcount, dict_t **options)
         unsigned           glob    = 0;
         unsigned           cmdi    = 0;
         char               *opwords[] = { "create", "status", "start", "stop",
-                                          "config", "force", "delete",
+                                          "config", "force", "delete", "no-verify"
                                           "push-pem", "detail", "pause",
                                           "resume", NULL };
         char               *w = NULL;
@@ -2102,7 +2123,7 @@ cli_cmd_gsync_set_parse (const char **words, int wordcount, dict_t **options)
 
         /* new syntax:
          *
-         * volume geo-replication $m $s create [push-pem] [force]
+         * volume geo-replication $m $s create [[no-verify] | [push-pem]] [force]
          * volume geo-replication [$m [$s]] status [detail]
          * volume geo-replication [$m] $s config [[!]$opt [$val]]
          * volume geo-replication $m $s start|stop [force]
@@ -2215,7 +2236,7 @@ cli_cmd_gsync_set_parse (const char **words, int wordcount, dict_t **options)
         } else
                 GF_ASSERT (!"opword mismatch");
 
-        ret = force_push_pem_parse (words, wordcount, dict, &cmdi);
+        ret = force_push_pem_no_verify_parse (words, wordcount, dict, &cmdi);
         if (ret)
                 goto out;
 
diff --git a/cli/src/cli-cmd-volume.c b/cli/src/cli-cmd-volume.c
index af9cc6a5aa6..a14a772cfb7 100644
--- a/cli/src/cli-cmd-volume.c
+++ b/cli/src/cli-cmd-volume.c
@@ -2378,7 +2378,7 @@ struct cli_cmd volume_cmds[] = {
          "reset all the reconfigured options"},
 
 #if (SYNCDAEMON_COMPILE)
-        {"volume "GEOREP" [<VOLNAME>] [<SLAVE-URL>] {create [push-pem] [force]"
+        {"volume "GEOREP" [<VOLNAME>] [<SLAVE-URL>] {create [[no-verify]|[push-pem]] [force]"
          "|start [force]|stop [force]|pause [force]|resume [force]|config|status [detail]|delete} [options...]",
          cli_cmd_volume_gsync_set_cbk,
          "Geo-sync operations",
diff --git a/doc/admin-guide/en-US/markdown/admin_distributed_geo_rep.md b/doc/admin-guide/en-US/markdown/admin_distributed_geo_rep.md
index fe2cc3ec976..c559f2cc306 100644
--- a/doc/admin-guide/en-US/markdown/admin_distributed_geo_rep.md
+++ b/doc/admin-guide/en-US/markdown/admin_distributed_geo_rep.md
@@ -33,6 +33,17 @@ gluster volume geo-replication <master_volume> <slave_host>::<slave_volume> crea
 
 If the total available size in slave volume is less than the total size of master, the command will throw error message. In such cases 'force' option can be used.
 
+In use cases where the rsa-keys of nodes in master volume is distributed to slave nodes through an external agent and slave side verifications like:
+- if ssh port 22 is open in slave
+- has proper passwordless ssh login setup
+- slave volume is created and is empty
+- if slave has enough memory
+is taken care by the external agent, the following command can be used to create geo-replication:
+```sh
+gluster volume geo-replication <master_volume> <slave_host>::<slave_volume> create no-verify [force]
+```
+In this case the master node rsa-key distribution to slave node does not happen and above mentioned slave verification is not performed and these two things has to be taken care externaly.
+
 #### Starting a geo-rep session
 There is no change in this command from previous versions to this version.
 ```sh
diff --git a/xlators/mgmt/glusterd/src/glusterd-geo-rep.c b/xlators/mgmt/glusterd/src/glusterd-geo-rep.c
index 5efd232554e..8dff3d9e419 100644
--- a/xlators/mgmt/glusterd/src/glusterd-geo-rep.c
+++ b/xlators/mgmt/glusterd/src/glusterd-geo-rep.c
@@ -2205,6 +2205,7 @@ glusterd_op_stage_gsync_create (dict_t *dict, char **op_errstr)
         int                 ret                       = -1;
         int                 is_pem_push               = -1;
         gf_boolean_t        is_force                  = -1;
+        gf_boolean_t        is_no_verify              = -1;
         gf_boolean_t        is_force_blocker          = -1;
         gf_boolean_t        exists                    = _gf_false;
         gf_boolean_t        is_template_in_use        = _gf_false;
@@ -2289,23 +2290,28 @@ glusterd_op_stage_gsync_create (dict_t *dict, char **op_errstr)
                          down_peerstr = NULL;
                 }
 
-                /* Checking if slave host is pingable, has proper passwordless
-                 * ssh login setup, slave volume is created, slave vol is empty,
-                 * and if it has enough memory and bypass in case of force if
-                 * the error is not a force blocker */
-                ret = glusterd_verify_slave (volname, slave_url, slave_vol,
-                                             op_errstr, &is_force_blocker);
-                if (ret) {
-                        if (is_force && !is_force_blocker) {
-                                gf_log ("", GF_LOG_INFO, "%s is not a valid slave"
-                                        " volume. Error: %s. Force creating geo-rep"
-                                        " session.", slave, *op_errstr);
-                        } else {
-                                gf_log ("", GF_LOG_ERROR,
-                                        "%s is not a valid slave volume. Error: %s",
-                                        slave, *op_errstr);
-                                ret = -1;
-                                goto out;
+                is_no_verify = dict_get_str_boolean (dict, "no_verify", _gf_false);
+
+                if (!is_no_verify) {
+                        /* Checking if slave host is pingable, has proper passwordless
+                        * ssh login setup, slave volume is created, slave vol is empty,
+                        * and if it has enough memory and bypass in case of force if
+                        * the error is not a force blocker */
+                        ret = glusterd_verify_slave (volname, slave_url, slave_vol,
+                                                     op_errstr, &is_force_blocker);
+                        if (ret) {
+                                if (is_force && !is_force_blocker) {
+                                        gf_log ("", GF_LOG_INFO, "%s is not a valid slave"
+                                                " volume. Error: %s. Force creating geo-rep"
+                                                " session.", slave, *op_errstr);
+                                } else {
+                                        gf_log ("", GF_LOG_ERROR,
+                                                "%s is not a valid slave volume. Error: %s",
+                                                slave, *op_errstr);
+                                        ret = -1;
+
+                                        goto out;
+                                }
                         }
                 }