Merge SSH auto-mode feature to next (#6601)

Author: BengangY

ocaml/idl/datamodel_errors.ml

@@ -2042,6 +2042,9 @@ let _ =
   error Api_errors.set_console_timeout_partially_failed ["hosts"]
     ~doc:"Some hosts failed to set console timeout." () ;
 
+  error Api_errors.set_ssh_auto_mode_partially_failed ["hosts"]
+    ~doc:"Some hosts failed to set SSH auto mode." () ;
+
   error Api_errors.host_driver_no_hardware ["driver variant"]
     ~doc:"No hardware present for this host driver variant" () ;
 

ocaml/idl/datamodel_host.ml

@@ -1335,6 +1335,13 @@ let create_params =
     ; param_release= numbered_release "25.21.0"
     ; param_default= Some (VInt Constants.default_console_idle_timeout)
     }
+  ; {
+      param_type= Bool
+    ; param_name= "ssh_auto_mode"
+    ; param_doc= "True if SSH auto mode is enabled for the host"
+    ; param_release= numbered_release "25.26.0-next"
+    ; param_default= Some (VBool Constants.default_ssh_auto_mode)
+    }
   ]
 
 let create =
@@ -1350,8 +1357,8 @@ let create =
       ; ( Changed
         , "25.21.0"
         , "Added --ssh_enabled --ssh_enabled_timeout --ssh_expiry \
-           --console_idle_timeout options to allow them to be configured for \
-           new host"
+           --console_idle_timeout --ssh_auto_mode options to allow them to be \
+           configured for new host"
         )
       ]
     ~versioned_params:create_params ~doc:"Create a new host record"
@@ -2440,6 +2447,21 @@ let set_console_idle_timeout =
       ]
     ~allowed_roles:_R_POOL_ADMIN ()
 
+let set_ssh_auto_mode =
+  call ~name:"set_ssh_auto_mode" ~lifecycle:[]
+    ~doc:"Set the SSH auto mode for the host"
+    ~params:
+      [
+        (Ref _host, "self", "The host")
+      ; ( Bool
+        , "value"
+        , "The SSH auto mode for the host，when set to true, SSH to normally be \
+           disabled and SSH to be enabled only in case of emergency e.g., xapi \
+           is down"
+        )
+      ]
+    ~allowed_roles:_R_POOL_ADMIN ()
+
 let latest_synced_updates_applied_state =
   Enum
     ( "latest_synced_updates_applied_state"
@@ -2601,6 +2623,7 @@ let t =
       ; disable_ssh
       ; set_ssh_enabled_timeout
       ; set_console_idle_timeout
+      ; set_ssh_auto_mode
       ]
     ~contents:
       ([
@@ -3056,6 +3079,10 @@ let t =
             "console_idle_timeout"
             "The timeout in seconds after which idle console will be \
              automatically terminated (0 means never)"
+        ; field ~qualifier:DynamicRO ~lifecycle:[] ~ty:Bool
+            ~default_value:(Some (VBool Constants.default_ssh_auto_mode))
+            "ssh_auto_mode"
+            "Reflects whether SSH auto mode is enabled for the host"
         ]
       )
     ()

ocaml/idl/datamodel_pool.ml

@@ -1606,6 +1606,21 @@ let set_console_idle_timeout =
       ]
     ~allowed_roles:_R_POOL_ADMIN ()
 
+let set_ssh_auto_mode =
+  call ~name:"set_ssh_auto_mode" ~lifecycle:[]
+    ~doc:"Set the SSH auto mode for all hosts in the pool"
+    ~params:
+      [
+        (Ref _pool, "self", "The pool")
+      ; ( Bool
+        , "value"
+        , "The SSH auto mode for all hosts in the pool，when set to true, SSH \
+           to normally be disabled and SSH to be enabled only in case of \
+           emergency e.g., xapi is down"
+        )
+      ]
+    ~allowed_roles:_R_POOL_ADMIN ()
+
 (** A pool class *)
 let t =
   create_obj ~in_db:true
@@ -1704,6 +1719,7 @@ let t =
       ; disable_ssh
       ; set_ssh_enabled_timeout
       ; set_console_idle_timeout
+      ; set_ssh_auto_mode
       ]
     ~contents:
       ([

ocaml/idl/schematest.ml

@@ -3,7 +3,7 @@ let hash x = Digest.string x |> Digest.to_hex
 (* BEWARE: if this changes, check that schema has been bumped accordingly in
    ocaml/idl/datamodel_common.ml, usually schema_minor_vsn *)
 
-let last_known_schema_hash = "9cd32d98d092440c36617546a3d995bd"
+let last_known_schema_hash = "7586cb039918e573594fc358e90b0f04"
 
 let current_schema_hash : string =
   let open Datamodel_types in

ocaml/tests/common/test_common.ml

@@ -172,14 +172,14 @@ let make_host ~__context ?(uuid = make_uuid ()) ?(name_label = "host")
     ?(local_cache_sr = Ref.null) ?(chipset_info = []) ?(ssl_legacy = false)
     ?(last_software_update = Date.epoch) ?(last_update_hash = "")
     ?(ssh_enabled = true) ?(ssh_enabled_timeout = 0L) ?(ssh_expiry = Date.epoch)
-    ?(console_idle_timeout = 0L) () =
+    ?(console_idle_timeout = 0L) ?(ssh_auto_mode = false) () =
   let host =
     Xapi_host.create ~__context ~uuid ~name_label ~name_description ~hostname
       ~address ~external_auth_type ~external_auth_service_name
       ~external_auth_configuration ~license_params ~edition ~license_server
       ~local_cache_sr ~chipset_info ~ssl_legacy ~last_software_update
       ~last_update_hash ~ssh_enabled ~ssh_enabled_timeout ~ssh_expiry
-      ~console_idle_timeout
+      ~console_idle_timeout ~ssh_auto_mode
   in
   Db.Host.set_cpu_info ~__context ~self:host ~value:default_cpu_info ;
   host
@@ -219,7 +219,7 @@ let make_host2 ~__context ?(ref = Ref.make ()) ?(uuid = make_uuid ())
     ~recommended_guidances:[] ~latest_synced_updates_applied:`unknown
     ~pending_guidances_recommended:[] ~pending_guidances_full:[]
     ~last_update_hash:"" ~ssh_enabled:true ~ssh_enabled_timeout:0L
-    ~ssh_expiry:Date.epoch ~console_idle_timeout:0L ;
+    ~ssh_expiry:Date.epoch ~console_idle_timeout:0L ~ssh_auto_mode:false ;
   ref
 
 let make_pif ~__context ~network ~host ?(device = "eth0")

ocaml/tests/test_host.ml

@@ -25,7 +25,7 @@ let add_host __context name =
        ~local_cache_sr:Ref.null ~chipset_info:[] ~ssl_legacy:false
        ~last_software_update:Clock.Date.epoch ~last_update_hash:""
        ~ssh_enabled:true ~ssh_enabled_timeout:0L ~ssh_expiry:Clock.Date.epoch
-       ~console_idle_timeout:0L
+       ~console_idle_timeout:0L ~ssh_auto_mode:false
     )
 
 (* Creates an unlicensed pool with the maximum number of hosts *)

ocaml/xapi-cli-server/records.ml

@@ -1584,6 +1584,17 @@ let pool_record rpc session_id pool =
               ~value:(safe_i64_of_string "console-idle-timeout" value)
           )
           ()
+      ; make_field ~name:"ssh-auto-mode"
+          ~get:(fun () ->
+            get_consistent_field_or_default ~rpc ~session_id
+              ~getter:Client.Host.get_ssh_auto_mode ~transform:string_of_bool
+              ~default:inconsistent
+          )
+          ~set:(fun value ->
+            Client.Pool.set_ssh_auto_mode ~rpc ~session_id ~self:pool
+              ~value:(safe_bool_of_string "ssh-auto-mode" value)
+          )
+          ()
       ]
   }
 
@@ -3375,6 +3386,13 @@ let host_record rpc session_id host =
               ~value:(safe_i64_of_string "console-idle-timeout" value)
           )
           ()
+      ; make_field ~name:"ssh-auto-mode"
+          ~get:(fun () -> string_of_bool (x ()).API.host_ssh_auto_mode)
+          ~set:(fun value ->
+            Client.Host.set_ssh_auto_mode ~rpc ~session_id ~self:host
+              ~value:(safe_bool_of_string "ssh-auto-mode" value)
+          )
+          ()
       ]
   }
 

ocaml/xapi-consts/api_errors.ml

@@ -1427,6 +1427,9 @@ let set_ssh_timeout_partially_failed =
 let set_console_timeout_partially_failed =
   add_error "SET_CONSOLE_TIMEOUT_PARTIALLY_FAILED"
 
+let set_ssh_auto_mode_partially_failed =
+  add_error "SET_SSH_AUTO_MODE_PARTIALLY_FAILED"
+
 let host_driver_no_hardware = add_error "HOST_DRIVER_NO_HARDWARE"
 
 let tls_verification_not_enabled_in_pool =

ocaml/xapi-consts/constants.ml

@@ -442,3 +442,5 @@ let default_ssh_enabled = true
 let default_ssh_enabled_timeout = 0L
 
 let default_console_idle_timeout = 0L
+
+let default_ssh_auto_mode = false

ocaml/xapi/dbsync_slave.ml

@@ -64,6 +64,7 @@ let create_localhost ~__context info =
         ~ssh_enabled_timeout:Constants.default_ssh_enabled_timeout
         ~ssh_expiry:Date.epoch
         ~console_idle_timeout:Constants.default_console_idle_timeout
+        ~ssh_auto_mode:!Xapi_globs.ssh_auto_mode_default
     in
     ()
 
@@ -383,7 +384,29 @@ let update_env __context sync_keys =
   switched_sync Xapi_globs.sync_ssh_status (fun () ->
       let ssh_service = !Xapi_globs.ssh_service in
       let status = Fe_systemctl.is_active ~service:ssh_service in
-      Db.Host.set_ssh_enabled ~__context ~self:localhost ~value:status
+      Db.Host.set_ssh_enabled ~__context ~self:localhost ~value:status ;
+      let auto_mode_in_db =
+        Db.Host.get_ssh_auto_mode ~__context ~self:localhost
+      in
+      let ssh_monitor_enabled =
+        Fe_systemctl.is_active ~service:!Xapi_globs.ssh_monitor_service
+      in
+      (* For xs9 when fresh install, the ssh_monitor service is not enabled by default.
+         If the auto_mode is enabled, we need to enable the ssh_monitor service.
+         and user may have disabled monitor service by mistake as well, so we need to check the status. *)
+      if auto_mode_in_db <> ssh_monitor_enabled then
+        Xapi_host.set_ssh_auto_mode ~__context ~self:localhost
+          ~value:auto_mode_in_db ;
+      let console_timeout =
+        Db.Host.get_console_idle_timeout ~__context ~self:localhost
+      in
+      let console_timeout_file_exists =
+        Sys.file_exists !Xapi_globs.console_timeout_profile_path
+      in
+      (* Ensure the console timeout profile file exists if the timeout is configured *)
+      if console_timeout > 0L && not console_timeout_file_exists then
+        Xapi_host.set_console_idle_timeout ~__context ~self:localhost
+          ~value:console_timeout
   ) ;
 
   remove_pending_guidances ~__context