import resource-agents-4.1.1-86.el8
This commit is contained in:
parent
629cb00f8d
commit
99cab2d15d
415
SOURCES/bz1471182-crypt-1-new-ra.patch
Normal file
415
SOURCES/bz1471182-crypt-1-new-ra.patch
Normal file
@ -0,0 +1,415 @@
|
||||
From 019c3108feff48d8ad496cd0759349c46170dc2d Mon Sep 17 00:00:00 2001
|
||||
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
|
||||
Date: Mon, 6 Apr 2020 10:23:51 +0200
|
||||
Subject: [PATCH 1/2] crypt: new resource agent
|
||||
|
||||
---
|
||||
doc/man/Makefile.am | 1 +
|
||||
heartbeat/Makefile.am | 1 +
|
||||
heartbeat/crypt | 337 ++++++++++++++++++++++++++++++++++++++++++
|
||||
3 files changed, 339 insertions(+)
|
||||
create mode 100755 heartbeat/crypt
|
||||
|
||||
diff --git a/doc/man/Makefile.am b/doc/man/Makefile.am
|
||||
index 478fbe4f8..53c9975ec 100644
|
||||
--- a/doc/man/Makefile.am
|
||||
+++ b/doc/man/Makefile.am
|
||||
@@ -105,6 +105,7 @@ man_MANS = ocf_heartbeat_AoEtarget.7 \
|
||||
ocf_heartbeat_azure-lb.7 \
|
||||
ocf_heartbeat_clvm.7 \
|
||||
ocf_heartbeat_conntrackd.7 \
|
||||
+ ocf_heartbeat_crypt.7 \
|
||||
ocf_heartbeat_db2.7 \
|
||||
ocf_heartbeat_dhcpd.7 \
|
||||
ocf_heartbeat_docker.7 \
|
||||
diff --git a/heartbeat/Makefile.am b/heartbeat/Makefile.am
|
||||
index 893115810..bbc9590ac 100644
|
||||
--- a/heartbeat/Makefile.am
|
||||
+++ b/heartbeat/Makefile.am
|
||||
@@ -101,6 +101,7 @@ ocf_SCRIPTS = AoEtarget \
|
||||
azure-lb \
|
||||
clvm \
|
||||
conntrackd \
|
||||
+ crypt \
|
||||
db2 \
|
||||
dhcpd \
|
||||
dnsupdate \
|
||||
diff --git a/heartbeat/crypt b/heartbeat/crypt
|
||||
new file mode 100755
|
||||
index 000000000..6bffdff89
|
||||
--- /dev/null
|
||||
+++ b/heartbeat/crypt
|
||||
@@ -0,0 +1,337 @@
|
||||
+#!/bin/sh
|
||||
+#
|
||||
+# crypt/LUKS OCF RA. Manages cryptsetup devices.
|
||||
+#
|
||||
+# Copyright (c) 2020 Red Hat GmbH, Heinz Mauelshagen
|
||||
+# All Rights Reserved.
|
||||
+#
|
||||
+# This program is free software; you can redistribute it and/or modify
|
||||
+# it under the terms of version 2 of the GNU General Public License as
|
||||
+# published by the Free Software Foundation.
|
||||
+#
|
||||
+# This program is distributed in the hope that it would be useful, but
|
||||
+# WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
||||
+#
|
||||
+# Further, this software is distributed without any warranty that it is
|
||||
+# free of the rightful claim of any third person regarding infringement
|
||||
+# or the like. Any license provided herein, whether implied or
|
||||
+# otherwise, applies only to this software file. Patent licenses, if
|
||||
+# any, provided herein do not apply to combinations of this program with
|
||||
+# other software, or any other product whatsoever.
|
||||
+#
|
||||
+# You should have received a copy of the GNU General Public License
|
||||
+# along with this program; if not, write the Free Software Foundation,
|
||||
+# Inc., 59 Temple Place - Suite 330, Boston MA 02111-1307, USA.
|
||||
+#
|
||||
+
|
||||
+#######################################################################
|
||||
+# Initialization:
|
||||
+
|
||||
+: ${OCF_FUNCTIONS_DIR=${OCF_ROOT}/lib/heartbeat}
|
||||
+. ${OCF_FUNCTIONS_DIR}/ocf-shellfuncs
|
||||
+
|
||||
+# Parameter defaults
|
||||
+OCF_RESKEY_encrypted_dev_default=""
|
||||
+OCF_RESKEY_crypt_dev_default=""
|
||||
+OCF_RESKEY_key_file_default=""
|
||||
+OCF_RESKEY_crypt_type_default=""
|
||||
+OCF_RESKEY_force_stop_default="false"
|
||||
+
|
||||
+: ${OCF_RESKEY_encrypted_dev=${OCF_RESKEY_encrypted_dev_default}}
|
||||
+: ${OCF_RESKEY_crypt_dev=${OCF_RESKEY_crypt_dev_default}}
|
||||
+: ${OCF_RESKEY_key_file=${OCF_RESKEY_key_file_default}}
|
||||
+: ${OCF_RESKEY_crypt_type=${OCF_RESKEY_crypt_type_default}}
|
||||
+: ${OCF_RESKEY_force_stop=${OCF_RESKEY_force_stop_default}}
|
||||
+
|
||||
+#######################################################################
|
||||
+
|
||||
+meta_data() {
|
||||
+ cat <<END
|
||||
+<?xml version="1.0"?>
|
||||
+<!DOCTYPE resource-agent SYSTEM "ra-api-1.dtd">
|
||||
+<resource-agent name="crypt">
|
||||
+<version>1.0</version>
|
||||
+
|
||||
+<longdesc lang="en">
|
||||
+This is a LUKS/crypt Resource Agent managing encrypted devices via cryptsetup(8).
|
||||
+The agent imposes limitations on device types supported: luks, luks[1..N].
|
||||
+</longdesc>
|
||||
+<shortdesc lang="en">LUKS/crypt resource agent</shortdesc>
|
||||
+
|
||||
+<parameters>
|
||||
+
|
||||
+<parameter name="encrypted_dev" unique="1" required="1">
|
||||
+<longdesc lang="en">
|
||||
+Encrypted backing device, which should be defined by UUID,
|
||||
+36 characters including '-'s as reported by blkid(8).
|
||||
+
|
||||
+Although it can be defined as a block device path (e.g. /dev/sdh),
|
||||
+the UUID should be preferred over the block device path to allow for the
|
||||
+unique discovery of the crypt backing device given the volatile nature of
|
||||
+/dev entries (e.g. /dev/sdh on one node may be /dev/sdg on another).
|
||||
+
|
||||
+Only define as block device path if you know what you are doing.
|
||||
+</longdesc>
|
||||
+<shortdesc lang="en">Encrypted device</shortdesc>
|
||||
+<content type="string" default="${OCF_RESKEY_encrypted_dev_default}" />
|
||||
+</parameter>
|
||||
+
|
||||
+<parameter name="crypt_dev" unique="1" required="1">
|
||||
+<longdesc lang="en">
|
||||
+Encrypted device name, no path. I.e. the one given in "cryptsetup open name ...".
|
||||
+The resulting block device path is /dev/mapper/name.
|
||||
+</longdesc>
|
||||
+<shortdesc lang="en">Encrypted device</shortdesc>
|
||||
+<content type="string" default="${OCF_RESKEY_crypt_dev_default}" />
|
||||
+</parameter>
|
||||
+
|
||||
+<parameter name="key_file" unique="1" required="1">
|
||||
+<longdesc lang="en">
|
||||
+Key file path containing the encryption passphrase
|
||||
+(aka key; see cryptsetup(8)). For LUKS, the passphrase as of the key_file
|
||||
+parameter is used to decrypt a randomly selected key when the device was created.
|
||||
+</longdesc>
|
||||
+<shortdesc lang="en">Key file</shortdesc>
|
||||
+<content type="string" default="${OCF_RESKEY_key_file_default}" />
|
||||
+</parameter>
|
||||
+
|
||||
+<parameter name="crypt_type" unique="1" required="1">
|
||||
+<longdesc lang="en">
|
||||
+Encryption (device) type (e.g. "luks" or "luks2").
|
||||
+
|
||||
+This parameter affirms the encryption format as of the crypt metadata
|
||||
+thus allowing for safety measures when starting the encrypted resource.
|
||||
+</longdesc>
|
||||
+<shortdesc lang="en">Encryption type</shortdesc>
|
||||
+<content type="string" default="${OCF_RESKEY_crypt_type_default}" />
|
||||
+</parameter>
|
||||
+
|
||||
+<parameter name="force_stop" unique="0" required="0">
|
||||
+<longdesc lang="en">
|
||||
+If processes or kernel threads are using the crypt device, it cannot
|
||||
+be stopped. We will try to stop processes, first by sending TERM and
|
||||
+then, if that doesn't help in $PROC_CLEANUP_TIME seconds, using KILL.
|
||||
+The lsof(8) program is required to get the list of array users.
|
||||
+Of course, the kernel threads cannot be stopped this way.
|
||||
+If the processes are critical for data integrity, then set this
|
||||
+parameter to false. Note that in that case the stop operation
|
||||
+will fail and the node will be fenced.
|
||||
+</longdesc>
|
||||
+<shortdesc lang="en">force stop processes using the crpyt device</shortdesc>
|
||||
+<content type="boolean" default="${OCF_RESKEY_force_stop_default}" />
|
||||
+</parameter>
|
||||
+
|
||||
+</parameters>
|
||||
+
|
||||
+<actions>
|
||||
+<action name="start" timeout="20s" />
|
||||
+<action name="stop" timeout="20s" />
|
||||
+<action name="monitor" timeout="20s" interval="10s" depth="0" />
|
||||
+<action name="meta-data" timeout="5s" />
|
||||
+<action name="validate-all" timeout="10s" />
|
||||
+</actions>
|
||||
+</resource-agent>
|
||||
+END
|
||||
+}
|
||||
+
|
||||
+# Disable cryptsetup auto-recovery if cloned.
|
||||
+disable_locks=""
|
||||
+ocf_is_clone && disable_locks="--disable-locks"
|
||||
+
|
||||
+crypt_usage() {
|
||||
+ cat <<END
|
||||
+usage: $0 {start|stop|monitor|usage|meta-data|validate-all}
|
||||
+
|
||||
+Expects to have a fully populated OCF RA-compliant environment set.
|
||||
+END
|
||||
+}
|
||||
+
|
||||
+encrypted_dev="${OCF_RESKEY_encrypted_dev}"
|
||||
+crypt_dev="${OCF_RESKEY_crypt_dev}"
|
||||
+crypt_dev_path="/dev/mapper/$crypt_dev"
|
||||
+key_file="${OCF_RESKEY_key_file}"
|
||||
+crypt_type="${OCF_RESKEY_crypt_type}"
|
||||
+force_stop="${OCF_RESKEY_force_stop}"
|
||||
+
|
||||
+crypt_validate_all() {
|
||||
+ if ! have_binary cryptsetup; then
|
||||
+ ocf_exit_reason "Please install cryptsetup(8)"
|
||||
+ return $OCF_ERR_INSTALLED
|
||||
+ fi
|
||||
+ if [ -z "$encrypted_dev" ]; then
|
||||
+ ocf_exit_reason "Undefined OCF_RESKEY_encrypted_dev"
|
||||
+ return $OCF_ERR_CONFIGURED
|
||||
+ fi
|
||||
+ if [ -n "$encrypted_dev" ]; then
|
||||
+ case "$encrypted_dev" in
|
||||
+ *-*-*-*) if [ `echo "$encrypted_dev" | wc -c` -ne 37 ]; then
|
||||
+ ocf_exit_reason "Bogus encrypted device UUID \"$encrypted_dev\""
|
||||
+ return $OCF_ERR_ARGS
|
||||
+ fi
|
||||
+ encrypted_dev=/dev/disk/by-uuid/"$encrypted_dev";;
|
||||
+ *) case "$encrypted_dev" in
|
||||
+ /dev/*) ;;
|
||||
+ *) ocf_exit_reason "Bogus encrypted device path"
|
||||
+ return $OCF_ERR_ARGS;;
|
||||
+ esac
|
||||
+ esac
|
||||
+ fi
|
||||
+ if [ ! -b "$encrypted_dev" ]; then
|
||||
+ ocf_exit_reason "Encrypted device $encrypted_dev not accessible"
|
||||
+ return $OCF_ERR_ARGS
|
||||
+ fi
|
||||
+ echo "$crypt_dev" | grep "/" >/dev/null
|
||||
+ if [ $? -eq 0 ] && [ -z "$crypt_dev" ]; then
|
||||
+ ocf_exit_reason "Crypt device \"$crypt_dev\" name has to at least 1 character long and without path"
|
||||
+ return $OCF_ERR_ARGS
|
||||
+ fi
|
||||
+ if [ ! -r "$key_file" ]; then
|
||||
+ ocf_exit_reason "Hash key file $key_file not accessible"
|
||||
+ return $OCF_ERR_ARGS
|
||||
+ fi
|
||||
+ if ! ocf_is_true "$force_stop" && "$force_stop" != "false" ]]; then
|
||||
+ ocf_exit_reason "Bogus force_stop=\"$force_stop\" attribute"
|
||||
+ return $OCF_ERR_CONFIGURED
|
||||
+ fi
|
||||
+ if "$force_stop" = "true" && ! have_binary lsof; then
|
||||
+ ocf_exit_reason "Force stop requested, please install lsof(8)"
|
||||
+ return $OCF_ERR_INSTALLED
|
||||
+ fi
|
||||
+ cryptsetup isLuks $encrypted_dev 2>/dev/null
|
||||
+ if [ $? -ne 0 ]; then
|
||||
+ ocf_exit_reason "$encrypted_dev is not a Luks formatted device"
|
||||
+ return $OCF_ERR_CONFIGURED
|
||||
+ fi
|
||||
+
|
||||
+ return $OCF_SUCCESS
|
||||
+}
|
||||
+
|
||||
+get_users_pids() {
|
||||
+ ocf_log debug "running lsof to list \"$crypt_dev\" users..."
|
||||
+ ocf_run -warn 'lsof $crypt_dev_path | tail -n +2 | awk "{print $2}" | sort -u'
|
||||
+}
|
||||
+
|
||||
+stop_crypt_users() {
|
||||
+ local pids=`get_users_pids`
|
||||
+
|
||||
+ if [ -z "$pids" ]; then
|
||||
+ ocf_log warn "lsof reported no users holding arrays"
|
||||
+ return 2
|
||||
+ fi
|
||||
+
|
||||
+ ocf_stop_processes TERM $PROC_CLEANUP_TIME $pids
|
||||
+}
|
||||
+
|
||||
+show_users() {
|
||||
+ local dm_dev
|
||||
+
|
||||
+ ocf_log info "running lsof to list \"$crypt_dev\" users..."
|
||||
+ ocf_run -warn lsof $crypt_dev_path
|
||||
+
|
||||
+ dm_dev=$(basename $(realpath $crypt_dev_path))
|
||||
+ if [ -d /sys/block/$dm_dev/holders ]; then
|
||||
+ ocf_log debug "ls -l /sys/block/$dm_dev/holders"
|
||||
+ ocf_run -warn ls -l /sys/block/$dm_dev/holders
|
||||
+ fi
|
||||
+}
|
||||
+
|
||||
+crypt_stop_one() {
|
||||
+ cryptsetup close $crypt_dev $disable_locks
|
||||
+}
|
||||
+
|
||||
+#######################################################################
|
||||
+#
|
||||
+# Action: START an encrypted resource
|
||||
+#
|
||||
+crypt_start() {
|
||||
+ local rc
|
||||
+
|
||||
+ cryptsetup open $encrypted_dev $crypt_dev --type $crypt_type $disable_locks --key-file=$key_file
|
||||
+ rc=$?
|
||||
+ if [ $rc -eq 0 ];then
|
||||
+ crypt_monitor
|
||||
+ rc=$?
|
||||
+ else
|
||||
+ rc=$OCF_ERR_GERNERIC
|
||||
+ fi
|
||||
+ [ $rc -ne $OCF_SUCCESS ] ocf_exit_reason "Failed to start encrypted device \"$crypt_dev\""
|
||||
+
|
||||
+ return $rc
|
||||
+}
|
||||
+
|
||||
+#
|
||||
+# Action: STOP an encrypted resource
|
||||
+#
|
||||
+crypt_stop() {
|
||||
+ local rc
|
||||
+
|
||||
+ crypt_monitor
|
||||
+ rc=$?
|
||||
+ if [ $rc -ne $OCF_NOT_RUNNING ]; then
|
||||
+ crypt_stop_one
|
||||
+ crypt_monitor
|
||||
+ rc=$?
|
||||
+ fi
|
||||
+ if [ $rc -ne $OCF_NOT_RUNNING ] && ocf_is_true $FORCESTOP; then
|
||||
+ stop_crypt_users
|
||||
+ case $? in
|
||||
+ 2) rc=$OCF_SUCCESS;;
|
||||
+ *) crypt_stop_one
|
||||
+ crypt_monitor
|
||||
+ rc=$?;;
|
||||
+ esac
|
||||
+ fi
|
||||
+ if [ $rc -ne $OCF_NOT_RUNNING ]; then
|
||||
+ ocf_log warn "Couldn't stop crypt device \"$crypt_dev\" (rc=$rc)"
|
||||
+ show_users
|
||||
+ ocf_exit_reason "Failed to stop crypt device \"$crypt_dev\"!"
|
||||
+ return $OCF_ERR_GENERIC
|
||||
+ fi
|
||||
+
|
||||
+ return $OCF_SUCCESS
|
||||
+}
|
||||
+
|
||||
+#
|
||||
+# Action: MONITOR an encrypted resource
|
||||
+#
|
||||
+crypt_monitor() {
|
||||
+ cryptsetup status $crypt_dev $disable_locks &>/dev/null
|
||||
+ if [ $? -eq 0 ]; then
|
||||
+ [ -L $crypt_dev_path ] && return $OCF_SUCCESS
|
||||
+ return $OCF_ERR_GENERIC
|
||||
+ fi
|
||||
+
|
||||
+ [ "$__OCF_ACTION" = "monitor" ] && ! ocf_is_probe && ocf_exit_reason "Crypt resource not running"
|
||||
+ return $OCF_NOT_RUNNING
|
||||
+}
|
||||
+
|
||||
+# Check for stange argument count.
|
||||
+if [ $# -ne 1 ]; then
|
||||
+ usage
|
||||
+ exit $OCF_ERR_ARGS
|
||||
+fi
|
||||
+
|
||||
+case "$__OCF_ACTION" in
|
||||
+meta-data) meta_data
|
||||
+ exit $OCF_SUCCESS;;
|
||||
+usage|help) crypt_usage
|
||||
+ exit $OCF_SUCCESS;;
|
||||
+esac
|
||||
+
|
||||
+# XME: remove once pacemaker is fixed and calls this action
|
||||
+crypt_validate_all
|
||||
+rc=$?
|
||||
+[ $rc -ne $OCF_SUCCESS ] && exit $rc
|
||||
+
|
||||
+case "$__OCF_ACTION" in
|
||||
+start) crypt_start; rc=$?;;
|
||||
+stop) crypt_stop; rc=$?;;
|
||||
+monitor) crypt_monitor; rc=$?;;
|
||||
+validate-all) rc=$OCF_SUCCESS;; # crypt_validate_all would have errored out above already.
|
||||
+*) crypt_usage
|
||||
+ exit $OCF_ERR_UNIMPLEMENTED;;
|
||||
+esac
|
||||
+
|
||||
+ocf_log debug "${OCF_RESOURCE_INSTANCE} $__OCF_ACTION : $rc"
|
||||
+exit $rc
|
||||
|
||||
From 5e0d35f8db967419ea9f1234ab621b88babcf3ea Mon Sep 17 00:00:00 2001
|
||||
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
|
||||
Date: Tue, 7 Apr 2020 12:39:24 +0200
|
||||
Subject: [PATCH 2/2] crypt: force_stop check fixes
|
||||
|
||||
---
|
||||
heartbeat/crypt | 8 ++------
|
||||
1 file changed, 2 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/heartbeat/crypt b/heartbeat/crypt
|
||||
index 6bffdff89..8bfa1094d 100755
|
||||
--- a/heartbeat/crypt
|
||||
+++ b/heartbeat/crypt
|
||||
@@ -190,11 +190,7 @@ crypt_validate_all() {
|
||||
ocf_exit_reason "Hash key file $key_file not accessible"
|
||||
return $OCF_ERR_ARGS
|
||||
fi
|
||||
- if ! ocf_is_true "$force_stop" && "$force_stop" != "false" ]]; then
|
||||
- ocf_exit_reason "Bogus force_stop=\"$force_stop\" attribute"
|
||||
- return $OCF_ERR_CONFIGURED
|
||||
- fi
|
||||
- if "$force_stop" = "true" && ! have_binary lsof; then
|
||||
+ if ocf_is_true "$force_stop" && ! have_binary lsof; then
|
||||
ocf_exit_reason "Force stop requested, please install lsof(8)"
|
||||
return $OCF_ERR_INSTALLED
|
||||
fi
|
||||
@@ -273,7 +269,7 @@ crypt_stop() {
|
||||
crypt_monitor
|
||||
rc=$?
|
||||
fi
|
||||
- if [ $rc -ne $OCF_NOT_RUNNING ] && ocf_is_true $FORCESTOP; then
|
||||
+ if [ $rc -ne $OCF_NOT_RUNNING ] && ocf_is_true $force_stop; then
|
||||
stop_crypt_users
|
||||
case $? in
|
||||
2) rc=$OCF_SUCCESS;;
|
22
SOURCES/bz1471182-crypt-2-fix-bashism.patch
Normal file
22
SOURCES/bz1471182-crypt-2-fix-bashism.patch
Normal file
@ -0,0 +1,22 @@
|
||||
From 2915fa336e95b609d3d738d335799f015022c493 Mon Sep 17 00:00:00 2001
|
||||
From: Valentin Vidic <vvidic@valentin-vidic.from.hr>
|
||||
Date: Sat, 13 Jun 2020 08:47:36 +0200
|
||||
Subject: [PATCH] crypt: fix bashism
|
||||
|
||||
---
|
||||
heartbeat/crypt | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/heartbeat/crypt b/heartbeat/crypt
|
||||
index 8bfa1094d..2727b5b23 100755
|
||||
--- a/heartbeat/crypt
|
||||
+++ b/heartbeat/crypt
|
||||
@@ -292,7 +292,7 @@ crypt_stop() {
|
||||
# Action: MONITOR an encrypted resource
|
||||
#
|
||||
crypt_monitor() {
|
||||
- cryptsetup status $crypt_dev $disable_locks &>/dev/null
|
||||
+ cryptsetup status $crypt_dev $disable_locks >/dev/null 2>&1
|
||||
if [ $? -eq 0 ]; then
|
||||
[ -L $crypt_dev_path ] && return $OCF_SUCCESS
|
||||
return $OCF_ERR_GENERIC
|
22
SOURCES/bz1471182-crypt-3-fix-missing-and.patch
Normal file
22
SOURCES/bz1471182-crypt-3-fix-missing-and.patch
Normal file
@ -0,0 +1,22 @@
|
||||
From 635c344fb85ef225b8a0c094687d2838b0b0cd2c Mon Sep 17 00:00:00 2001
|
||||
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
|
||||
Date: Mon, 26 Oct 2020 16:36:06 +0100
|
||||
Subject: [PATCH] crypt: fix missing && to set exit_reason
|
||||
|
||||
---
|
||||
heartbeat/crypt | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/heartbeat/crypt b/heartbeat/crypt
|
||||
index 2727b5b23..0e49b6c2d 100755
|
||||
--- a/heartbeat/crypt
|
||||
+++ b/heartbeat/crypt
|
||||
@@ -251,7 +251,7 @@ crypt_start() {
|
||||
else
|
||||
rc=$OCF_ERR_GERNERIC
|
||||
fi
|
||||
- [ $rc -ne $OCF_SUCCESS ] ocf_exit_reason "Failed to start encrypted device \"$crypt_dev\""
|
||||
+ [ $rc -ne $OCF_SUCCESS ] && ocf_exit_reason "Failed to start encrypted device \"$crypt_dev\""
|
||||
|
||||
return $rc
|
||||
}
|
40
SOURCES/bz1640587-pgsql-ignore-masters-re-promote.patch
Normal file
40
SOURCES/bz1640587-pgsql-ignore-masters-re-promote.patch
Normal file
@ -0,0 +1,40 @@
|
||||
From 355cd29f2dee828bfe0a4ab64f425827aba7dd3b Mon Sep 17 00:00:00 2001
|
||||
From: Hideo Yamauchi <renayama19661014@ybb.ne.jp>
|
||||
Date: Wed, 17 Oct 2018 09:54:37 +0900
|
||||
Subject: [PATCH] Mid: pgsql: Fix to ignore Master's re-promote.
|
||||
|
||||
---
|
||||
heartbeat/pgsql | 13 +++++++++++++
|
||||
1 file changed, 13 insertions(+)
|
||||
|
||||
diff --git a/heartbeat/pgsql b/heartbeat/pgsql
|
||||
index 380866da1..38f6ceeb7 100755
|
||||
--- a/heartbeat/pgsql
|
||||
+++ b/heartbeat/pgsql
|
||||
@@ -680,6 +680,7 @@ pgsql_start() {
|
||||
|
||||
#pgsql_promote: Promote PostgreSQL
|
||||
pgsql_promote() {
|
||||
+ local output
|
||||
local target
|
||||
local rc
|
||||
|
||||
@@ -687,6 +688,18 @@ pgsql_promote() {
|
||||
ocf_exit_reason "Not in a replication mode."
|
||||
return $OCF_ERR_CONFIGURED
|
||||
fi
|
||||
+
|
||||
+ output=`exec_sql "${CHECK_MS_SQL}"`
|
||||
+ if [ $? -ne 0 ]; then
|
||||
+ report_psql_error $rc $loglevel "Can't get PostgreSQL recovery status on promote."
|
||||
+ return $OCF_ERR_GENERIC
|
||||
+ fi
|
||||
+
|
||||
+ if [ "$output" = "f" ]; then
|
||||
+ ocf_log info "PostgreSQL is alredy Master. Don't execute promote."
|
||||
+ return $OCF_SUCCESS
|
||||
+ fi
|
||||
+
|
||||
rm -f ${XLOG_NOTE_FILE}.*
|
||||
|
||||
for target in $NODE_LIST; do
|
53
SOURCES/bz1763249-manpages-fix-pcs-syntax.patch
Normal file
53
SOURCES/bz1763249-manpages-fix-pcs-syntax.patch
Normal file
@ -0,0 +1,53 @@
|
||||
From 0903a60930238238d5caa6c3b42b28d7bc4cccf4 Mon Sep 17 00:00:00 2001
|
||||
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
|
||||
Date: Mon, 26 Oct 2020 13:11:05 +0100
|
||||
Subject: [PATCH 1/2] man: use promotable keyword in manpage examples
|
||||
|
||||
---
|
||||
doc/man/ra2refentry.xsl | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/doc/man/ra2refentry.xsl b/doc/man/ra2refentry.xsl
|
||||
index d0535fd36..f3cdcdbb2 100644
|
||||
--- a/doc/man/ra2refentry.xsl
|
||||
+++ b/doc/man/ra2refentry.xsl
|
||||
@@ -556,7 +556,7 @@
|
||||
<!-- Insert a master/slave set definition if the resource
|
||||
agent supports promotion and demotion -->
|
||||
<xsl:if test="actions/action/@name = 'promote' and actions/action/@name = 'demote'">
|
||||
- <xsl:text>--master</xsl:text>
|
||||
+ <xsl:text>promotable</xsl:text>
|
||||
</xsl:if>
|
||||
</programlisting>
|
||||
|
||||
|
||||
From bfcd5796ae12e6a43a245d0c785f183342943393 Mon Sep 17 00:00:00 2001
|
||||
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
|
||||
Date: Mon, 26 Oct 2020 16:56:00 +0100
|
||||
Subject: [PATCH 2/2] man: use OCF_CHECK_LEVEL for depth parameters in pcs
|
||||
examples
|
||||
|
||||
---
|
||||
doc/man/ra2refentry.xsl | 9 ++++++++-
|
||||
1 file changed, 8 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/doc/man/ra2refentry.xsl b/doc/man/ra2refentry.xsl
|
||||
index f3cdcdbb2..f8e12321f 100644
|
||||
--- a/doc/man/ra2refentry.xsl
|
||||
+++ b/doc/man/ra2refentry.xsl
|
||||
@@ -612,7 +612,14 @@
|
||||
<xsl:choose>
|
||||
<xsl:when test="name() = 'name'"><!-- suppress --></xsl:when>
|
||||
<xsl:otherwise>
|
||||
- <xsl:value-of select="name()"/>
|
||||
+ <xsl:choose>
|
||||
+ <xsl:when test="name() != 'depth'">
|
||||
+ <xsl:value-of select="name()"/>
|
||||
+ </xsl:when>
|
||||
+ <xsl:otherwise>
|
||||
+ <xsl:text>OCF_CHECK_LEVEL</xsl:text>
|
||||
+ </xsl:otherwise>
|
||||
+ </xsl:choose>
|
||||
<xsl:text>="</xsl:text>
|
||||
<xsl:value-of select="current()"/>
|
||||
<xsl:text>" </xsl:text>
|
105
SOURCES/bz1795535-pgsql-1-add-postgresql-12-support.patch
Normal file
105
SOURCES/bz1795535-pgsql-1-add-postgresql-12-support.patch
Normal file
@ -0,0 +1,105 @@
|
||||
From a43075be72683e1d4ddab700ec16d667164d359c Mon Sep 17 00:00:00 2001
|
||||
From: Kazutomo Nakahira <kazutomo_nakahira@newson.co.jp>
|
||||
Date: Mon, 25 Nov 2019 17:40:33 +0900
|
||||
Subject: [PATCH 1/2] High: pgsql: Support for PostgreSQL 12
|
||||
|
||||
---
|
||||
heartbeat/pgsql | 32 +++++++++++++++++++++++++++++++-
|
||||
1 file changed, 31 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/heartbeat/pgsql b/heartbeat/pgsql
|
||||
index b1c070ead..5bc76cc4c 100755
|
||||
--- a/heartbeat/pgsql
|
||||
+++ b/heartbeat/pgsql
|
||||
@@ -1612,12 +1612,24 @@ make_recovery_conf() {
|
||||
fi
|
||||
|
||||
cat > $RECOVERY_CONF <<END
|
||||
-standby_mode = 'on'
|
||||
primary_conninfo = 'host=${OCF_RESKEY_master_ip} port=${OCF_RESKEY_pgport} user=${OCF_RESKEY_repuser} application_name=${NODENAME} ${OCF_RESKEY_primary_conninfo_opt}'
|
||||
restore_command = '${OCF_RESKEY_restore_command}'
|
||||
recovery_target_timeline = 'latest'
|
||||
END
|
||||
|
||||
+ if "${USE_STANDBY_SIGNAL}"; then
|
||||
+ # create a standby.signal to start standby server.
|
||||
+ runasowner "touch ${OCF_RESKEY_pgdata}/standby.signal"
|
||||
+ if [ $? -ne 0 ]; then
|
||||
+ ocf_exit_reason "Can't create ${OCF_RESKEY_pgdata}/standby.signal."
|
||||
+ return 1
|
||||
+ fi
|
||||
+ else
|
||||
+cat >> $RECOVERY_CONF <<END
|
||||
+standby_mode = 'on'
|
||||
+END
|
||||
+ fi
|
||||
+
|
||||
user_recovery_conf >> $RECOVERY_CONF
|
||||
ocf_log debug "Created recovery.conf. host=${OCF_RESKEY_master_ip}, user=${OCF_RESKEY_repuser}"
|
||||
return 0
|
||||
@@ -1835,6 +1847,7 @@ pgsql_validate_all() {
|
||||
local version
|
||||
local check_config_rc
|
||||
local rep_mode_string
|
||||
+ local recovery_conf_string
|
||||
local socket_directories
|
||||
local rc
|
||||
|
||||
@@ -1898,6 +1911,22 @@ pgsql_validate_all() {
|
||||
ocf_exit_reason "Replication mode needs PostgreSQL 9.1 or higher."
|
||||
return $OCF_ERR_INSTALLED
|
||||
fi
|
||||
+ ocf_version_cmp "$version" "12"
|
||||
+ rc=$?
|
||||
+ if [ $rc -eq 1 ]||[ $rc -eq 2 ]; then
|
||||
+ # change the standby method for PosrgreSQL 12 or later.
|
||||
+ USE_STANDBY_SIGNAL=true
|
||||
+ # change the path to recovery.conf because it cause PostgreSQL start error.
|
||||
+ RECOVERY_CONF=${OCF_RESKEY_tmpdir}/recovery.conf
|
||||
+ if [ $check_config_rc -eq 0 ]; then
|
||||
+ # adding recovery parameters to postgresql.conf.
|
||||
+ recovery_conf_string="include '$RECOVERY_CONF' # added by pgsql RA"
|
||||
+ if ! grep -q "^[[:space:]]*$recovery_conf_string" $OCF_RESKEY_config; then
|
||||
+ ocf_log info "adding include directive $recovery_conf_string into $OCF_RESKEY_config"
|
||||
+ echo "$recovery_conf_string" >> $OCF_RESKEY_config
|
||||
+ fi
|
||||
+ fi
|
||||
+ fi
|
||||
if [ ! -n "$OCF_RESKEY_master_ip" ]; then
|
||||
ocf_exit_reason "master_ip can't be empty."
|
||||
return $OCF_ERR_CONFIGURED
|
||||
@@ -2107,6 +2136,7 @@ RESOURCE_NAME=`echo $OCF_RESOURCE_INSTANCE | cut -d ":" -f 1`
|
||||
PGSQL_WAL_RECEIVER_STATUS_ATTR="${RESOURCE_NAME}-receiver-status"
|
||||
RECOVERY_CONF=${OCF_RESKEY_pgdata}/recovery.conf
|
||||
NODENAME=$(ocf_local_nodename | tr '[A-Z]' '[a-z]')
|
||||
+USE_STANDBY_SIGNAL=false
|
||||
|
||||
case "$1" in
|
||||
methods) pgsql_methods
|
||||
|
||||
From 5ab3339e8cb236583d375f5577f5a4dc129d5b27 Mon Sep 17 00:00:00 2001
|
||||
From: munenari <munenari@gmail.com>
|
||||
Date: Thu, 16 Jan 2020 09:27:59 +0900
|
||||
Subject: [PATCH 2/2] Remove standby.signal when promote with restart
|
||||
|
||||
---
|
||||
heartbeat/pgsql | 6 +++++-
|
||||
1 file changed, 5 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/heartbeat/pgsql b/heartbeat/pgsql
|
||||
index 5bc76cc4c..d5baa7b35 100755
|
||||
--- a/heartbeat/pgsql
|
||||
+++ b/heartbeat/pgsql
|
||||
@@ -720,7 +720,11 @@ pgsql_promote() {
|
||||
ocf_log info "Restarting PostgreSQL instead of promote."
|
||||
#stop : this function returns $OCF_SUCCESS only.
|
||||
pgsql_real_stop slave
|
||||
- rm -f $RECOVERY_CONF
|
||||
+ if "${USE_STANDBY_SIGNAL}"; then
|
||||
+ rm -f ${OCF_RESKEY_pgdata}/standby.signal
|
||||
+ else
|
||||
+ rm -f $RECOVERY_CONF
|
||||
+ fi
|
||||
pgsql_real_start
|
||||
rc=$?
|
||||
if [ $rc -ne $OCF_RUNNING_MASTER ]; then
|
@ -0,0 +1,48 @@
|
||||
From e56d0e1727bf84d0664db544a129a0237a1757c0 Mon Sep 17 00:00:00 2001
|
||||
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
|
||||
Date: Fri, 11 Sep 2020 10:12:21 +0200
|
||||
Subject: [PATCH 1/2] pgsql: lower-case application_name to avoid issues with
|
||||
upper-case hostnames
|
||||
|
||||
---
|
||||
heartbeat/pgsql | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/heartbeat/pgsql b/heartbeat/pgsql
|
||||
index 99e074287..de9f750c5 100755
|
||||
--- a/heartbeat/pgsql
|
||||
+++ b/heartbeat/pgsql
|
||||
@@ -1960,7 +1960,7 @@ pgsql_validate_all() {
|
||||
else
|
||||
CHECK_XLOG_LOC_SQL="select pg_last_xlog_replay_location(),pg_last_xlog_receive_location()"
|
||||
fi
|
||||
- CHECK_REPLICATION_STATE_SQL="select application_name,upper(state),upper(sync_state) from pg_stat_replication"
|
||||
+ CHECK_REPLICATION_STATE_SQL="select lower(application_name),upper(state),upper(sync_state) from pg_stat_replication"
|
||||
|
||||
PGSQL_STATUS_ATTR="${RESOURCE_NAME}-status"
|
||||
PGSQL_DATA_STATUS_ATTR="${RESOURCE_NAME}-data-status"
|
||||
|
||||
From 5aee799878180bb8daca82aebc2290c2735045eb Mon Sep 17 00:00:00 2001
|
||||
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
|
||||
Date: Fri, 11 Sep 2020 10:13:47 +0200
|
||||
Subject: [PATCH 2/2] pgsql: set exit-reason when failing due to remaining
|
||||
PGSQL.lock
|
||||
|
||||
---
|
||||
heartbeat/pgsql | 3 +++
|
||||
1 file changed, 3 insertions(+)
|
||||
|
||||
diff --git a/heartbeat/pgsql b/heartbeat/pgsql
|
||||
index de9f750c5..5a0628b7a 100755
|
||||
--- a/heartbeat/pgsql
|
||||
+++ b/heartbeat/pgsql
|
||||
@@ -966,6 +966,9 @@ pgsql_real_monitor() {
|
||||
if ! pgsql_status
|
||||
then
|
||||
ocf_log info "PostgreSQL is down"
|
||||
+ if [ "$__OCF_ACTION" = "monitor" ] && ! ocf_is_probe && [ -f $PGSQL_LOCK ]; then
|
||||
+ ocf_exit_reason "My data may be inconsistent. You have to remove $PGSQL_LOCK file to force start."
|
||||
+ fi
|
||||
return $OCF_NOT_RUNNING
|
||||
fi
|
||||
|
@ -0,0 +1,169 @@
|
||||
From 2270c5d6aaf8b3b6d663d413a8e7193a493cfdc5 Mon Sep 17 00:00:00 2001
|
||||
From: Konstantin Pokotilenko <pokotilenko@mail.ru>
|
||||
Date: Tue, 24 Sep 2019 17:26:11 +0300
|
||||
Subject: [PATCH 1/2] Consider redis-cli features to choose optimal password
|
||||
passing method and warning filtering workaround
|
||||
|
||||
---
|
||||
heartbeat/redis.in | 60 +++++++++++++++++++++++++++++++++++++++++++---
|
||||
1 file changed, 57 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/heartbeat/redis.in b/heartbeat/redis.in
|
||||
index ec7186d8b..409961d0b 100644
|
||||
--- a/heartbeat/redis.in
|
||||
+++ b/heartbeat/redis.in
|
||||
@@ -237,6 +237,51 @@ CRM_ATTR_REPL_INFO="${HA_SBIN_DIR}/crm_attribute --type crm_config --name ${INST
|
||||
MASTER_HOST=""
|
||||
MASTER_ACTIVE_CACHED=""
|
||||
MASTER_ACTIVE=""
|
||||
+CLI_HAVE_AUTH_WARNING=0
|
||||
+CLI_HAVE_ARG_NO_AUTH_WARNING=0
|
||||
+CLI_HAVE_ENV_AUTH=0
|
||||
+
|
||||
+cmp_redis_version()
|
||||
+{
|
||||
+
|
||||
+ if [ "$1" == "$2" ]; then
|
||||
+ return 1
|
||||
+ elif [ $(echo -e "$1\n$2" | sort -V | head -1) == "$1" ]; then
|
||||
+ return 0
|
||||
+ else
|
||||
+ return 2
|
||||
+ fi
|
||||
+}
|
||||
+
|
||||
+redis_cli_features()
|
||||
+{
|
||||
+
|
||||
+ CLI_VER=$(redis-cli --version | tr " " "\n" | tail -1)
|
||||
+ # Starting with 4.0.10 there is a warning on stderr when using a pass
|
||||
+ # Starting with 5.0.0 there is an argument to silence the warning: --no-auth-warning
|
||||
+ # Starting with 5.0.3 there is an option to use REDISCLI_AUTH evironment variable for password, no warning in this case
|
||||
+
|
||||
+ cmp_redis_version $CLI_VER 5.0.3
|
||||
+ res=$?
|
||||
+ echo 5.0.3: $res
|
||||
+ if [[ res -ge 1 ]]; then
|
||||
+ CLI_HAVE_ENV_AUTH=1
|
||||
+ fi
|
||||
+
|
||||
+ cmp_redis_version $CLI_VER 5.0.0
|
||||
+ res=$?
|
||||
+ echo 5.0.0: $res
|
||||
+ if [[ res -ge 1 ]]; then
|
||||
+ CLI_HAVE_ARG_NO_AUTH_WARNING=1
|
||||
+ fi
|
||||
+
|
||||
+ cmp_redis_version $CLI_VER 4.0.10
|
||||
+ res=$?
|
||||
+ echo 4.0.10: $res
|
||||
+ if [[ res -ge 1 ]]; then
|
||||
+ CLI_HAVE_AUTH_WARNING=1
|
||||
+ fi
|
||||
+}
|
||||
|
||||
master_is_active()
|
||||
{
|
||||
@@ -315,9 +360,16 @@ set_score()
|
||||
redis_client() {
|
||||
ocf_log debug "redis_client: '$REDIS_CLIENT' -s '$REDIS_SOCKET' $*"
|
||||
if [ -n "$clientpasswd" ]; then
|
||||
- # Starting with 4.0.10 there is a warning on stderr when using a pass
|
||||
- # Once we stop supporting versions < 5.0.0 we can add --no-auth-warning here
|
||||
- ("$REDIS_CLIENT" -s "$REDIS_SOCKET" -a "$clientpasswd" "$@" 2>&1 >&3 3>&- | grep -v "Using a password" >&2 3>&-) 3>&1 | sed 's/\r//'
|
||||
+ # Consider redis-cli features to choose optimal password passing method and warning filtering workaround
|
||||
+ if [[ CLI_HAVE_ENV_AUTH -eq 1 ]]; then
|
||||
+ REDISCLI_AUTH=$clientpasswd "$REDIS_CLIENT" -s "$REDIS_SOCKET" "$@" | sed 's/\r//'
|
||||
+ elif [[ CLI_HAVE_ARG_NO_AUTH_WARNING -eq 1 ]]; then
|
||||
+ "$REDIS_CLIENT" -s "$REDIS_SOCKET" -a "$clientpasswd" "$@" --no-auth-warning | sed 's/\r//'
|
||||
+ elif [[ CLI_HAVE_AUTH_WARNING -eq 1 ]]; then
|
||||
+ ("$REDIS_CLIENT" -s "$REDIS_SOCKET" -a "$clientpasswd" "$@" 2>&1 >&3 3>&- | grep -v "Using a password" >&2 3>&-) 3>&1 | sed 's/\r//'
|
||||
+ else
|
||||
+ "$REDIS_CLIENT" -s "$REDIS_SOCKET" -a "$clientpasswd" "$@" | sed 's/\r//'
|
||||
+ fi
|
||||
else
|
||||
"$REDIS_CLIENT" -s "$REDIS_SOCKET" "$@" | sed 's/\r//'
|
||||
fi
|
||||
@@ -686,6 +738,8 @@ if [ -r "$REDIS_CONFIG" ]; then
|
||||
clientpasswd="$(sed -n -e 's/^\s*requirepass\s*\(.*\)\s*$/\1/p' < $REDIS_CONFIG | tail -n 1)"
|
||||
fi
|
||||
|
||||
+redis_cli_features
|
||||
+
|
||||
ocf_log debug "action=${1:-$__OCF_ACTION} notify_type=${OCF_RESKEY_CRM_meta_notify_type} notify_operation=${OCF_RESKEY_CRM_meta_notify_operation} master_host=${OCF_RESKEY_CRM_meta_notify_master_uname} slave_host=${OCF_RESKEY_CRM_meta_notify_slave_uname} promote_host=${OCF_RESKEY_CRM_meta_notify_promote_uname} demote_host=${OCF_RESKEY_CRM_meta_notify_demote_uname}; params: bin=${OCF_RESKEY_bin} client_bin=${OCF_RESKEY_client_bin} config=${OCF_RESKEY_config} user=${OCF_RESKEY_user} rundir=${OCF_RESKEY_rundir} port=${OCF_RESKEY_port}"
|
||||
|
||||
case "${1:-$__OCF_ACTION}" in
|
||||
|
||||
From 0b9f942a88bfc3ad04938aa5135fad8f8bece69c Mon Sep 17 00:00:00 2001
|
||||
From: Konstantin Pokotilenko <pokotilenko@mail.ru>
|
||||
Date: Tue, 24 Sep 2019 18:35:59 +0300
|
||||
Subject: [PATCH 2/2] use ocf_version_cmp instead of own implementation use
|
||||
same method of getting redis-cli version as already used before in file, this
|
||||
also uses redis client from variable instead of hardcoded remove debug output
|
||||
fix --no-auth-warning argument position
|
||||
|
||||
---
|
||||
heartbeat/redis.in | 25 +++++--------------------
|
||||
1 file changed, 5 insertions(+), 20 deletions(-)
|
||||
|
||||
diff --git a/heartbeat/redis.in b/heartbeat/redis.in
|
||||
index 409961d0b..d722fb12c 100644
|
||||
--- a/heartbeat/redis.in
|
||||
+++ b/heartbeat/redis.in
|
||||
@@ -241,43 +241,28 @@ CLI_HAVE_AUTH_WARNING=0
|
||||
CLI_HAVE_ARG_NO_AUTH_WARNING=0
|
||||
CLI_HAVE_ENV_AUTH=0
|
||||
|
||||
-cmp_redis_version()
|
||||
-{
|
||||
-
|
||||
- if [ "$1" == "$2" ]; then
|
||||
- return 1
|
||||
- elif [ $(echo -e "$1\n$2" | sort -V | head -1) == "$1" ]; then
|
||||
- return 0
|
||||
- else
|
||||
- return 2
|
||||
- fi
|
||||
-}
|
||||
-
|
||||
redis_cli_features()
|
||||
{
|
||||
|
||||
- CLI_VER=$(redis-cli --version | tr " " "\n" | tail -1)
|
||||
+ CLI_VER=$("$REDIS_CLIENT" -v | awk '{print $NF}')
|
||||
# Starting with 4.0.10 there is a warning on stderr when using a pass
|
||||
# Starting with 5.0.0 there is an argument to silence the warning: --no-auth-warning
|
||||
# Starting with 5.0.3 there is an option to use REDISCLI_AUTH evironment variable for password, no warning in this case
|
||||
|
||||
- cmp_redis_version $CLI_VER 5.0.3
|
||||
+ ocf_version_cmp $CLI_VER 5.0.3
|
||||
res=$?
|
||||
- echo 5.0.3: $res
|
||||
if [[ res -ge 1 ]]; then
|
||||
CLI_HAVE_ENV_AUTH=1
|
||||
fi
|
||||
|
||||
- cmp_redis_version $CLI_VER 5.0.0
|
||||
+ ocf_version_cmp $CLI_VER 5.0.0
|
||||
res=$?
|
||||
- echo 5.0.0: $res
|
||||
if [[ res -ge 1 ]]; then
|
||||
CLI_HAVE_ARG_NO_AUTH_WARNING=1
|
||||
fi
|
||||
|
||||
- cmp_redis_version $CLI_VER 4.0.10
|
||||
+ ocf_version_cmp $CLI_VER 4.0.10
|
||||
res=$?
|
||||
- echo 4.0.10: $res
|
||||
if [[ res -ge 1 ]]; then
|
||||
CLI_HAVE_AUTH_WARNING=1
|
||||
fi
|
||||
@@ -364,7 +349,7 @@ redis_client() {
|
||||
if [[ CLI_HAVE_ENV_AUTH -eq 1 ]]; then
|
||||
REDISCLI_AUTH=$clientpasswd "$REDIS_CLIENT" -s "$REDIS_SOCKET" "$@" | sed 's/\r//'
|
||||
elif [[ CLI_HAVE_ARG_NO_AUTH_WARNING -eq 1 ]]; then
|
||||
- "$REDIS_CLIENT" -s "$REDIS_SOCKET" -a "$clientpasswd" "$@" --no-auth-warning | sed 's/\r//'
|
||||
+ "$REDIS_CLIENT" -s "$REDIS_SOCKET" --no-auth-warning -a "$clientpasswd" "$@" | sed 's/\r//'
|
||||
elif [[ CLI_HAVE_AUTH_WARNING -eq 1 ]]; then
|
||||
("$REDIS_CLIENT" -s "$REDIS_SOCKET" -a "$clientpasswd" "$@" 2>&1 >&3 3>&- | grep -v "Using a password" >&2 3>&-) 3>&1 | sed 's/\r//'
|
||||
else
|
@ -0,0 +1,48 @@
|
||||
From dbd45cb5fcce0a3378f6ecd0c14b578e6f843e3d Mon Sep 17 00:00:00 2001
|
||||
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
|
||||
Date: Fri, 24 Jul 2020 16:03:20 +0200
|
||||
Subject: [PATCH 1/2] nfsserver: fix SELinux issue due to newer ls versions
|
||||
giving additional output.
|
||||
|
||||
This patch has been tested on RHEL6, 7 and 8.
|
||||
---
|
||||
heartbeat/nfsserver | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/heartbeat/nfsserver b/heartbeat/nfsserver
|
||||
index 0dbc173f3..80d20676b 100755
|
||||
--- a/heartbeat/nfsserver
|
||||
+++ b/heartbeat/nfsserver
|
||||
@@ -192,7 +192,7 @@ fi
|
||||
which restorecon > /dev/null 2>&1 && selinuxenabled
|
||||
SELINUX_ENABLED=$?
|
||||
if [ $SELINUX_ENABLED -eq 0 ]; then
|
||||
- export SELINUX_LABEL="$(ls -ldZ $STATD_PATH | cut -f4 -d' ')"
|
||||
+ export SELINUX_LABEL="$(ls -dZ $STATD_PATH | grep -o '\S\+:\S\+:\S\+')"
|
||||
fi
|
||||
|
||||
##
|
||||
|
||||
From 81118dbb25fe2cfc7d5fc803178cd7c3b445915e Mon Sep 17 00:00:00 2001
|
||||
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
|
||||
Date: Mon, 27 Jul 2020 10:33:44 +0200
|
||||
Subject: [PATCH 2/2] nfsnotify: fix SELinux issue due to newer ls versions
|
||||
giving additional output.
|
||||
|
||||
---
|
||||
heartbeat/nfsnotify.in | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/heartbeat/nfsnotify.in b/heartbeat/nfsnotify.in
|
||||
index 7f710bca7..851f6ad6b 100644
|
||||
--- a/heartbeat/nfsnotify.in
|
||||
+++ b/heartbeat/nfsnotify.in
|
||||
@@ -305,7 +305,7 @@ esac
|
||||
which restorecon > /dev/null 2>&1 && selinuxenabled
|
||||
SELINUX_ENABLED=$?
|
||||
if [ $SELINUX_ENABLED -eq 0 ]; then
|
||||
- export SELINUX_LABEL="$(ls -ldZ $STATD_PATH | cut -f4 -d' ')"
|
||||
+ export SELINUX_LABEL="$(ls -dZ $STATD_PATH | grep -o '\S\+:\S\+:\S\+')"
|
||||
fi
|
||||
|
||||
case $__OCF_ACTION in
|
34
SOURCES/bz1818997-nfsserver-2-stop-nfsdcld-if-present.patch
Normal file
34
SOURCES/bz1818997-nfsserver-2-stop-nfsdcld-if-present.patch
Normal file
@ -0,0 +1,34 @@
|
||||
From 290741f43ff414630f558ee3432e830e39d1599d Mon Sep 17 00:00:00 2001
|
||||
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
|
||||
Date: Wed, 22 Jul 2020 11:56:32 +0200
|
||||
Subject: [PATCH] nfsserver: stop nfsdcld if present during stop-action
|
||||
|
||||
---
|
||||
heartbeat/nfsserver | 14 ++++++++++++++
|
||||
1 file changed, 14 insertions(+)
|
||||
|
||||
diff --git a/heartbeat/nfsserver b/heartbeat/nfsserver
|
||||
index 9e6e1fcb1..0dbc173f3 100755
|
||||
--- a/heartbeat/nfsserver
|
||||
+++ b/heartbeat/nfsserver
|
||||
@@ -806,6 +806,20 @@ nfsserver_stop ()
|
||||
ocf_exit_reason "Failed to stop nfs-mountd"
|
||||
return $OCF_ERR_GENERIC
|
||||
fi
|
||||
+
|
||||
+ if systemctl --no-legend list-unit-files "nfsdcld*" | grep -q nfsdcld; then
|
||||
+ nfs_exec stop nfsdcld > /dev/null 2>&1
|
||||
+ ocf_log info "Stop: nfsdcld"
|
||||
+ fn=`mktemp`
|
||||
+ nfs_exec status nfsdcld > $fn 2>&1
|
||||
+ rc=$?
|
||||
+ ocf_log debug "$(cat $fn)"
|
||||
+ rm -f $fn
|
||||
+ if [ "$rc" -eq "0" ]; then
|
||||
+ ocf_exit_reason "Failed to stop nfsdcld"
|
||||
+ return $OCF_ERR_GENERIC
|
||||
+ fi
|
||||
+ fi
|
||||
esac
|
||||
|
||||
|
@ -0,0 +1,59 @@
|
||||
From 57424bd1f158f1ff597034e09ca90da864925a16 Mon Sep 17 00:00:00 2001
|
||||
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
|
||||
Date: Thu, 16 Jul 2020 09:58:55 +0200
|
||||
Subject: [PATCH] azure-events: only decode() when exec() output not of type
|
||||
str
|
||||
|
||||
---
|
||||
heartbeat/azure-events.in | 10 ++++++----
|
||||
1 file changed, 6 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/heartbeat/azure-events.in b/heartbeat/azure-events.in
|
||||
index a48a86309..d4a166d9f 100644
|
||||
--- a/heartbeat/azure-events.in
|
||||
+++ b/heartbeat/azure-events.in
|
||||
@@ -179,6 +179,8 @@ class clusterHelper:
|
||||
ocf.logger.debug("_exec: cmd = %s" % " ".join(command))
|
||||
try:
|
||||
ret = subprocess.check_output(command)
|
||||
+ if type(ret) != str:
|
||||
+ ret = ret.decode()
|
||||
ocf.logger.debug("_exec: return = %s" % ret)
|
||||
return ret.rstrip()
|
||||
except Exception as err:
|
||||
@@ -232,7 +234,7 @@ class clusterHelper:
|
||||
|
||||
nodes = []
|
||||
nodeList = clusterHelper._exec("crm_node", "--list")
|
||||
- for n in nodeList.decode().split("\n"):
|
||||
+ for n in nodeList.split("\n"):
|
||||
nodes.append(n.split()[1])
|
||||
ocf.logger.debug("getAllNodes: finished; return %s" % str(nodes))
|
||||
|
||||
@@ -303,7 +305,7 @@ class clusterHelper:
|
||||
ocf.logger.warning("transitionSummary: received unexpected transition summary: %s" % summary)
|
||||
return False
|
||||
summary = summary.split("Transition Summary:")[1]
|
||||
- ret = summary.decode().split("\n").pop(0)
|
||||
+ ret = summary.split("\n").pop(0)
|
||||
|
||||
ocf.logger.debug("transitionSummary: finished; return = %s" % str(ret))
|
||||
return ret
|
||||
@@ -324,7 +326,7 @@ class clusterHelper:
|
||||
if len(resources) == 0:
|
||||
ret = []
|
||||
else:
|
||||
- ret = resources.decode().split("\n")
|
||||
+ ret = resources.split("\n")
|
||||
|
||||
ocf.logger.debug("listOperationsOnNode: finished; return = %s" % str(ret))
|
||||
return ret
|
||||
@@ -470,7 +472,7 @@ class Node:
|
||||
|
||||
eventIDStr = clusterHelper.getAttr(attr_pendingEventIDs, node=node)
|
||||
if eventIDStr:
|
||||
- eventIDs = eventIDStr.decode().split(",")
|
||||
+ eventIDs = eventIDStr.split(",")
|
||||
else:
|
||||
eventIDs = None
|
||||
|
@ -0,0 +1,68 @@
|
||||
From f2bf1d8a07ea810099b03469883cb7f485ab9ac1 Mon Sep 17 00:00:00 2001
|
||||
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
|
||||
Date: Mon, 27 Jul 2020 10:09:43 +0200
|
||||
Subject: [PATCH 1/2] azure-events: import URLError and encode postData when
|
||||
necessary
|
||||
|
||||
---
|
||||
heartbeat/azure-events.in | 6 ++++++
|
||||
1 file changed, 6 insertions(+)
|
||||
|
||||
diff --git a/heartbeat/azure-events.in b/heartbeat/azure-events.in
|
||||
index d4a166d9f..a7f359468 100644
|
||||
--- a/heartbeat/azure-events.in
|
||||
+++ b/heartbeat/azure-events.in
|
||||
@@ -13,8 +13,10 @@ import subprocess
|
||||
import json
|
||||
try:
|
||||
import urllib2
|
||||
+ from urllib2 import URLError
|
||||
except ImportError:
|
||||
import urllib.request as urllib2
|
||||
+ from urllib.error import URLError
|
||||
import socket
|
||||
from collections import defaultdict
|
||||
|
||||
@@ -76,9 +78,13 @@ class azHelper:
|
||||
Send a request to Azure's Azure Metadata Service API
|
||||
"""
|
||||
url = "%s/%s?api-version=%s" % (azHelper.metadata_host, endpoint, azHelper.api_version)
|
||||
+ data = ""
|
||||
ocf.logger.debug("_sendMetadataRequest: begin; endpoint = %s, postData = %s" % (endpoint, postData))
|
||||
ocf.logger.debug("_sendMetadataRequest: url = %s" % url)
|
||||
|
||||
+ if postData and type(postData) != bytes:
|
||||
+ postData = postData.encode()
|
||||
+
|
||||
req = urllib2.Request(url, postData)
|
||||
req.add_header("Metadata", "true")
|
||||
req.add_header("User-Agent", USER_AGENT)
|
||||
|
||||
From 1ab5d71bff95eb271f1e1bbc401961dc313219d9 Mon Sep 17 00:00:00 2001
|
||||
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
|
||||
Date: Wed, 29 Jul 2020 21:25:43 +0200
|
||||
Subject: [PATCH 2/2] azure-events: report error if jsondata not received
|
||||
|
||||
---
|
||||
heartbeat/azure-events.in | 8 ++++++--
|
||||
1 file changed, 6 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/heartbeat/azure-events.in b/heartbeat/azure-events.in
|
||||
index a7f359468..3a24d6358 100644
|
||||
--- a/heartbeat/azure-events.in
|
||||
+++ b/heartbeat/azure-events.in
|
||||
@@ -117,8 +117,12 @@ class azHelper:
|
||||
jsondata = azHelper._sendMetadataRequest(azHelper.instance_api)
|
||||
ocf.logger.debug("getInstanceInfo: json = %s" % jsondata)
|
||||
|
||||
- ocf.logger.debug("getInstanceInfo: finished, returning {}".format(jsondata["compute"]))
|
||||
- return attrDict(jsondata["compute"])
|
||||
+ if jsondata:
|
||||
+ ocf.logger.debug("getInstanceInfo: finished, returning {}".format(jsondata["compute"]))
|
||||
+ return attrDict(jsondata["compute"])
|
||||
+ else:
|
||||
+ ocf.ocf_exit_reason("getInstanceInfo: Unable to get instance info")
|
||||
+ sys.exit(ocf.OCF_ERR_GENERIC)
|
||||
|
||||
@staticmethod
|
||||
def pullScheduledEvents():
|
@ -0,0 +1,317 @@
|
||||
--- a/heartbeat/gcp-vpc-move-vip.in 2020-08-17 10:33:22.132531259 +0200
|
||||
+++ b/heartbeat/gcp-vpc-move-vip.in 2020-08-17 10:34:54.050633259 +0200
|
||||
@@ -22,7 +22,8 @@
|
||||
import sys
|
||||
import time
|
||||
|
||||
-OCF_FUNCTIONS_DIR="%s/lib/heartbeat" % os.environ.get("OCF_ROOT")
|
||||
+OCF_FUNCTIONS_DIR = os.environ.get("OCF_FUNCTIONS_DIR", "%s/lib/heartbeat"
|
||||
+ % os.environ.get("OCF_ROOT"))
|
||||
sys.path.append(OCF_FUNCTIONS_DIR)
|
||||
|
||||
from ocf import *
|
||||
@@ -43,6 +44,10 @@
|
||||
import urllib2 as urlrequest
|
||||
|
||||
|
||||
+# Constants for alias add/remove modes
|
||||
+ADD = 0
|
||||
+REMOVE = 1
|
||||
+
|
||||
CONN = None
|
||||
THIS_VM = None
|
||||
ALIAS = None
|
||||
@@ -53,27 +58,27 @@
|
||||
<!DOCTYPE resource-agent SYSTEM "ra-api-1.dtd">
|
||||
<resource-agent name="gcp-vpc-move-vip">
|
||||
<version>1.0</version>
|
||||
- <longdesc lang="en">Floating IP Address on Google Cloud Platform - Using Alias IP address functionality to attach a secondary IP address to a running instance</longdesc>
|
||||
- <shortdesc lang="en">Floating IP Address on Google Cloud Platform</shortdesc>
|
||||
+ <longdesc lang="en">Floating IP Address or Range on Google Cloud Platform - Using Alias IP address functionality to attach a secondary IP range to a running instance</longdesc>
|
||||
+ <shortdesc lang="en">Floating IP Address or Range on Google Cloud Platform</shortdesc>
|
||||
<parameters>
|
||||
<parameter name="alias_ip" unique="1" required="1">
|
||||
- <longdesc lang="en">IP Address to be added including CIDR. E.g 192.168.0.1/32</longdesc>
|
||||
- <shortdesc lang="en">IP Address to be added including CIDR. E.g 192.168.0.1/32</shortdesc>
|
||||
+ <longdesc lang="en">IP range to be added including CIDR netmask (e.g., 192.168.0.1/32)</longdesc>
|
||||
+ <shortdesc lang="en">IP range to be added including CIDR netmask (e.g., 192.168.0.1/32)</shortdesc>
|
||||
<content type="string" default="" />
|
||||
</parameter>
|
||||
- <parameter name="alias_range_name" unique="1" required="0">
|
||||
+ <parameter name="alias_range_name" unique="0" required="0">
|
||||
<longdesc lang="en">Subnet name for the Alias IP</longdesc>
|
||||
<shortdesc lang="en">Subnet name for the Alias IP</shortdesc>
|
||||
<content type="string" default="" />
|
||||
</parameter>
|
||||
- <parameter name="hostlist" unique="1" required="0">
|
||||
- <longdesc lang="en">List of hosts in the cluster</longdesc>
|
||||
+ <parameter name="hostlist" unique="0" required="0">
|
||||
+ <longdesc lang="en">List of hosts in the cluster, separated by spaces</longdesc>
|
||||
<shortdesc lang="en">Host list</shortdesc>
|
||||
<content type="string" default="" />
|
||||
</parameter>
|
||||
<parameter name="stackdriver_logging" unique="0" required="0">
|
||||
- <longdesc lang="en">If enabled (set to true), IP failover logs will be posted to stackdriver logging. Using stackdriver logging requires additional libraries (google-cloud-logging).</longdesc>
|
||||
- <shortdesc lang="en">Stackdriver-logging support. Requires additional libraries (google-cloud-logging).</shortdesc>
|
||||
+ <longdesc lang="en">If enabled (set to true), IP failover logs will be posted to stackdriver logging</longdesc>
|
||||
+ <shortdesc lang="en">Stackdriver-logging support</shortdesc>
|
||||
<content type="boolean" default="" />
|
||||
</parameter>
|
||||
</parameters>
|
||||
@@ -107,7 +112,8 @@
|
||||
url = '%s?%s' % (metadata_url, params)
|
||||
request = urlrequest.Request(url, headers=METADATA_HEADERS)
|
||||
request_opener = urlrequest.build_opener(urlrequest.ProxyHandler({}))
|
||||
- return request_opener.open(request, timeout=timeout * 1.1).read().decode("utf-8")
|
||||
+ return request_opener.open(
|
||||
+ request, timeout=timeout * 1.1).read().decode("utf-8")
|
||||
|
||||
|
||||
def get_instance(project, zone, instance):
|
||||
@@ -134,17 +140,21 @@
|
||||
time.sleep(1)
|
||||
|
||||
|
||||
-def set_alias(project, zone, instance, alias, alias_range_name=None):
|
||||
- fingerprint = get_network_ifaces(project, zone, instance)[0]['fingerprint']
|
||||
+def set_aliases(project, zone, instance, aliases, fingerprint):
|
||||
+ """Sets the alias IP ranges for an instance.
|
||||
+
|
||||
+ Args:
|
||||
+ project: string, the project in which the instance resides.
|
||||
+ zone: string, the zone in which the instance resides.
|
||||
+ instance: string, the name of the instance.
|
||||
+ aliases: list, the list of dictionaries containing alias IP ranges
|
||||
+ to be added to or removed from the instance.
|
||||
+ fingerprint: string, the fingerprint of the network interface.
|
||||
+ """
|
||||
body = {
|
||||
- 'aliasIpRanges': [],
|
||||
- 'fingerprint': fingerprint
|
||||
+ 'aliasIpRanges': aliases,
|
||||
+ 'fingerprint': fingerprint
|
||||
}
|
||||
- if alias:
|
||||
- obj = {'ipCidrRange': alias}
|
||||
- if alias_range_name:
|
||||
- obj['subnetworkRangeName'] = alias_range_name
|
||||
- body['aliasIpRanges'].append(obj)
|
||||
|
||||
request = CONN.instances().updateNetworkInterface(
|
||||
instance=instance, networkInterface='nic0', project=project, zone=zone,
|
||||
@@ -153,21 +163,75 @@
|
||||
wait_for_operation(project, zone, operation)
|
||||
|
||||
|
||||
-def get_alias(project, zone, instance):
|
||||
- iface = get_network_ifaces(project, zone, instance)
|
||||
+def add_rm_alias(mode, project, zone, instance, alias, alias_range_name=None):
|
||||
+ """Adds or removes an alias IP range for a GCE instance.
|
||||
+
|
||||
+ Args:
|
||||
+ mode: int, a constant (ADD (0) or REMOVE (1)) indicating the
|
||||
+ operation type.
|
||||
+ project: string, the project in which the instance resides.
|
||||
+ zone: string, the zone in which the instance resides.
|
||||
+ instance: string, the name of the instance.
|
||||
+ alias: string, the alias IP range to be added to or removed from
|
||||
+ the instance.
|
||||
+ alias_range_name: string, the subnet name for the alias IP range.
|
||||
+
|
||||
+ Returns:
|
||||
+ True if the existing list of alias IP ranges was modified, or False
|
||||
+ otherwise.
|
||||
+ """
|
||||
+ ifaces = get_network_ifaces(project, zone, instance)
|
||||
+ fingerprint = ifaces[0]['fingerprint']
|
||||
+
|
||||
+ try:
|
||||
+ old_aliases = ifaces[0]['aliasIpRanges']
|
||||
+ except KeyError:
|
||||
+ old_aliases = []
|
||||
+
|
||||
+ new_aliases = [a for a in old_aliases if a['ipCidrRange'] != alias]
|
||||
+
|
||||
+ if alias:
|
||||
+ if mode == ADD:
|
||||
+ obj = {'ipCidrRange': alias}
|
||||
+ if alias_range_name:
|
||||
+ obj['subnetworkRangeName'] = alias_range_name
|
||||
+ new_aliases.append(obj)
|
||||
+ elif mode == REMOVE:
|
||||
+ pass # already removed during new_aliases build
|
||||
+ else:
|
||||
+ raise ValueError('Invalid value for mode: {}'.format(mode))
|
||||
+
|
||||
+ if (sorted(new_aliases) != sorted(old_aliases)):
|
||||
+ set_aliases(project, zone, instance, new_aliases, fingerprint)
|
||||
+ return True
|
||||
+ else:
|
||||
+ return False
|
||||
+
|
||||
+
|
||||
+def add_alias(project, zone, instance, alias, alias_range_name=None):
|
||||
+ return add_rm_alias(ADD, project, zone, instance, alias, alias_range_name)
|
||||
+
|
||||
+
|
||||
+def remove_alias(project, zone, instance, alias):
|
||||
+ return add_rm_alias(REMOVE, project, zone, instance, alias)
|
||||
+
|
||||
+
|
||||
+def get_aliases(project, zone, instance):
|
||||
+ ifaces = get_network_ifaces(project, zone, instance)
|
||||
try:
|
||||
- return iface[0]['aliasIpRanges'][0]['ipCidrRange']
|
||||
+ aliases = ifaces[0]['aliasIpRanges']
|
||||
+ return [a['ipCidrRange'] for a in aliases]
|
||||
except KeyError:
|
||||
- return ''
|
||||
+ return []
|
||||
|
||||
|
||||
-def get_localhost_alias():
|
||||
+def get_localhost_aliases():
|
||||
net_iface = get_metadata('instance/network-interfaces', {'recursive': True})
|
||||
net_iface = json.loads(net_iface)
|
||||
try:
|
||||
- return net_iface[0]['ipAliases'][0]
|
||||
+ return net_iface[0]['ipAliases']
|
||||
except (KeyError, IndexError):
|
||||
- return ''
|
||||
+ return []
|
||||
|
||||
|
||||
def get_zone(project, instance):
|
||||
@@ -201,21 +265,17 @@
|
||||
|
||||
|
||||
def gcp_alias_start(alias):
|
||||
- my_alias = get_localhost_alias()
|
||||
+ my_aliases = get_localhost_aliases()
|
||||
my_zone = get_metadata('instance/zone').split('/')[-1]
|
||||
project = get_metadata('project/project-id')
|
||||
|
||||
- # If I already have the IP, exit. If it has an alias IP that isn't the VIP,
|
||||
- # then remove it
|
||||
- if my_alias == alias:
|
||||
+ if alias in my_aliases:
|
||||
+ # TODO: Do we need to check alias_range_name?
|
||||
logger.info(
|
||||
'%s already has %s attached. No action required' % (THIS_VM, alias))
|
||||
sys.exit(OCF_SUCCESS)
|
||||
- elif my_alias:
|
||||
- logger.info('Removing %s from %s' % (my_alias, THIS_VM))
|
||||
- set_alias(project, my_zone, THIS_VM, '')
|
||||
|
||||
- # Loops through all hosts & remove the alias IP from the host that has it
|
||||
+ # If the alias is currently attached to another host, detach it.
|
||||
hostlist = os.environ.get('OCF_RESKEY_hostlist', '')
|
||||
if hostlist:
|
||||
hostlist = hostlist.replace(THIS_VM, '').split()
|
||||
@@ -223,47 +283,53 @@
|
||||
hostlist = get_instances_list(project, THIS_VM)
|
||||
for host in hostlist:
|
||||
host_zone = get_zone(project, host)
|
||||
- host_alias = get_alias(project, host_zone, host)
|
||||
- if alias == host_alias:
|
||||
+ host_aliases = get_aliases(project, host_zone, host)
|
||||
+ if alias in host_aliases:
|
||||
logger.info(
|
||||
- '%s is attached to %s - Removing all alias IP addresses from %s' %
|
||||
- (alias, host, host))
|
||||
- set_alias(project, host_zone, host, '')
|
||||
+ '%s is attached to %s - Removing %s from %s' %
|
||||
+ (alias, host, alias, host))
|
||||
+ remove_alias(project, host_zone, host, alias)
|
||||
break
|
||||
|
||||
- # add alias IP to localhost
|
||||
- set_alias(
|
||||
+ # Add alias IP range to localhost
|
||||
+ add_alias(
|
||||
project, my_zone, THIS_VM, alias,
|
||||
os.environ.get('OCF_RESKEY_alias_range_name'))
|
||||
|
||||
- # Check the IP has been added
|
||||
- my_alias = get_localhost_alias()
|
||||
- if alias == my_alias:
|
||||
+ # Verify that the IP range has been added
|
||||
+ my_aliases = get_localhost_aliases()
|
||||
+ if alias in my_aliases:
|
||||
logger.info('Finished adding %s to %s' % (alias, THIS_VM))
|
||||
- elif my_alias:
|
||||
- logger.error(
|
||||
- 'Failed to add IP. %s has an IP attached but it isn\'t %s' %
|
||||
- (THIS_VM, alias))
|
||||
- sys.exit(OCF_ERR_GENERIC)
|
||||
else:
|
||||
- logger.error('Failed to add IP address %s to %s' % (alias, THIS_VM))
|
||||
+ if my_aliases:
|
||||
+ logger.error(
|
||||
+ 'Failed to add alias IP range %s. %s has alias IP ranges attached but'
|
||||
+ + ' they don\'t include %s' % (alias, THIS_VM, alias))
|
||||
+ else:
|
||||
+ logger.error(
|
||||
+ 'Failed to add IP range %s. %s has no alias IP ranges attached'
|
||||
+ % (alias, THIS_VM))
|
||||
sys.exit(OCF_ERR_GENERIC)
|
||||
|
||||
|
||||
def gcp_alias_stop(alias):
|
||||
- my_alias = get_localhost_alias()
|
||||
+ my_aliases = get_localhost_aliases()
|
||||
my_zone = get_metadata('instance/zone').split('/')[-1]
|
||||
project = get_metadata('project/project-id')
|
||||
|
||||
- if my_alias == alias:
|
||||
- logger.info('Removing %s from %s' % (my_alias, THIS_VM))
|
||||
- set_alias(project, my_zone, THIS_VM, '')
|
||||
+ if alias in my_aliases:
|
||||
+ logger.info('Removing %s from %s' % (alias, THIS_VM))
|
||||
+ remove_alias(project, my_zone, THIS_VM, alias)
|
||||
+ else:
|
||||
+ logger.info(
|
||||
+ '%s is not attached to %s. No action required'
|
||||
+ % (alias, THIS_VM))
|
||||
|
||||
|
||||
def gcp_alias_status(alias):
|
||||
- my_alias = get_localhost_alias()
|
||||
- if alias == my_alias:
|
||||
- logger.info('%s has the correct IP address attached' % THIS_VM)
|
||||
+ my_aliases = get_localhost_aliases()
|
||||
+ if alias in my_aliases:
|
||||
+ logger.info('%s has the correct IP range attached' % THIS_VM)
|
||||
else:
|
||||
sys.exit(OCF_NOT_RUNNING)
|
||||
|
||||
@@ -275,7 +341,8 @@
|
||||
|
||||
# Populate global vars
|
||||
try:
|
||||
- CONN = googleapiclient.discovery.build('compute', 'v1')
|
||||
+ CONN = googleapiclient.discovery.build('compute', 'v1',
|
||||
+ cache_discovery=False)
|
||||
except Exception as e:
|
||||
logger.error('Couldn\'t connect with google api: ' + str(e))
|
||||
sys.exit(OCF_ERR_CONFIGURED)
|
||||
@@ -283,7 +350,8 @@
|
||||
try:
|
||||
THIS_VM = get_metadata('instance/name')
|
||||
except Exception as e:
|
||||
- logger.error('Couldn\'t get instance name, is this running inside GCE?: ' + str(e))
|
||||
+ logger.error('Couldn\'t get instance name, is this running inside GCE?: '
|
||||
+ + str(e))
|
||||
sys.exit(OCF_ERR_CONFIGURED)
|
||||
|
||||
ALIAS = os.environ.get('OCF_RESKEY_alias_ip')
|
||||
@@ -309,7 +377,8 @@
|
||||
formatter = logging.Formatter('gcp:alias "%(message)s"')
|
||||
handler.setFormatter(formatter)
|
||||
log.addHandler(handler)
|
||||
- logger = logging.LoggerAdapter(log, {'OCF_RESOURCE_INSTANCE': OCF_RESOURCE_INSTANCE})
|
||||
+ logger = logging.LoggerAdapter(log, {'OCF_RESOURCE_INSTANCE':
|
||||
+ OCF_RESOURCE_INSTANCE})
|
||||
except ImportError:
|
||||
logger.error('Couldn\'t import google.cloud.logging, '
|
||||
'disabling Stackdriver-logging support')
|
32
SOURCES/bz1846733-gcp-vpc-move-vip-2-fix-list-sort.patch
Normal file
32
SOURCES/bz1846733-gcp-vpc-move-vip-2-fix-list-sort.patch
Normal file
@ -0,0 +1,32 @@
|
||||
From 2b22a14a128b87214bfb1ece221274aac78ba81b Mon Sep 17 00:00:00 2001
|
||||
From: Reid Wahl <nrwahl@protonmail.com>
|
||||
Date: Tue, 18 Aug 2020 18:43:13 -0700
|
||||
Subject: [PATCH] gcp-vpc-move-vip: Fix sort for list of dicts in python3
|
||||
|
||||
python2 sorts a list of dicts of `{'ipCidrRange': <alias>}` correctly by
|
||||
default. python3 fails with a TypeError:
|
||||
|
||||
`TypeError: '<' not supported between instances of 'dict' and 'dict'`
|
||||
|
||||
Fix this by using the key parameter of sorted(). python2 also supports
|
||||
this.
|
||||
|
||||
Signed-off-by: Reid Wahl <nrwahl@protonmail.com>
|
||||
---
|
||||
heartbeat/gcp-vpc-move-vip.in | 3 ++-
|
||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/heartbeat/gcp-vpc-move-vip.in b/heartbeat/gcp-vpc-move-vip.in
|
||||
index 85d59f6bb..01d91a59d 100755
|
||||
--- a/heartbeat/gcp-vpc-move-vip.in
|
||||
+++ b/heartbeat/gcp-vpc-move-vip.in
|
||||
@@ -200,7 +200,8 @@ def add_rm_alias(mode, project, zone, instance, alias, alias_range_name=None):
|
||||
else:
|
||||
raise ValueError('Invalid value for mode: {}'.format(mode))
|
||||
|
||||
- if (sorted(new_aliases) != sorted(old_aliases)):
|
||||
+ if (sorted(new_aliases, key=lambda item: item.get('ipCidrRange'))
|
||||
+ != sorted(old_aliases, key=lambda item: item.get('ipCidrRange'))):
|
||||
set_aliases(project, zone, instance, new_aliases, fingerprint)
|
||||
return True
|
||||
else:
|
@ -0,0 +1,41 @@
|
||||
From 953f689cb2a37606b6d4b2250ebec23f129f5095 Mon Sep 17 00:00:00 2001
|
||||
From: Reid wahl <nrwahl@protonmail.com>
|
||||
Date: Thu, 9 Jul 2020 23:32:22 -0700
|
||||
Subject: [PATCH] sybaseASE: Run verify_all() for start operation only
|
||||
|
||||
The `sybaseASE` resource agent runs the `verify_all()` function at the
|
||||
beginning of start, stop, and monitor operations.
|
||||
|
||||
When `verify_all()` is run for a probe (monitor) operation and
|
||||
`sybase_home` resides on a cluster-managed filesystem, the probe often
|
||||
fails with `$OCF_ERR_GENERIC` because the filesystem isn't mounted yet.
|
||||
This prevents the resource from starting on that node.
|
||||
|
||||
For the stop operation, there's simply no reason to run `verify_all()`.
|
||||
|
||||
This patch removes `verify_all()` for the stop and monitor operations.
|
||||
It is now only run for the start operation.
|
||||
|
||||
Resolves: RHBZ#1848673
|
||||
Resolves: RHBZ#1848025
|
||||
---
|
||||
heartbeat/sybaseASE.in | 2 --
|
||||
1 file changed, 2 deletions(-)
|
||||
|
||||
diff --git a/heartbeat/sybaseASE.in b/heartbeat/sybaseASE.in
|
||||
index 9ddd429be..7ff30bd31 100755
|
||||
--- a/heartbeat/sybaseASE.in
|
||||
+++ b/heartbeat/sybaseASE.in
|
||||
@@ -864,12 +864,10 @@ case $__OCF_ACTION in
|
||||
exit $?
|
||||
;;
|
||||
stop)
|
||||
- verify_all || exit $OCF_ERR_GENERIC
|
||||
ase_stop
|
||||
exit $?
|
||||
;;
|
||||
status | monitor)
|
||||
- verify_all || exit $OCF_ERR_GENERIC
|
||||
ase_status $OCF_CHECK_LEVEL
|
||||
exit $?
|
||||
;;
|
54
SOURCES/bz1850778-azure-lb-fix-redirect-issue.patch
Normal file
54
SOURCES/bz1850778-azure-lb-fix-redirect-issue.patch
Normal file
@ -0,0 +1,54 @@
|
||||
From d22700fc5d5098c683b465ea0fede43803fd4d6b Mon Sep 17 00:00:00 2001
|
||||
From: Reid wahl <nrwahl@protonmail.com>
|
||||
Date: Tue, 7 Jul 2020 02:18:09 -0700
|
||||
Subject: [PATCH] azure-lb: Don't redirect nc listener output to pidfile
|
||||
|
||||
The `lb_start()` function spawns an `nc` listener background process
|
||||
and echoes the resulting pid to `$pidfile`. Due to a bug in the
|
||||
redirection, all future data received by the `nc` process is also
|
||||
appended to `$pidfile`.
|
||||
|
||||
If binary data is received later and appended to `$pidfile`, the
|
||||
monitor operation fails when `grep` searches the now-binary file.
|
||||
|
||||
```
|
||||
line 97: kill: Binary: arguments must be process or job IDs ]
|
||||
line 97: kill: file: arguments must be process or job IDs ]
|
||||
line 97: kill: /var/run/nc_PF2_02.pid: arguments must be process or job
|
||||
IDs ]
|
||||
line 97: kill: matches: arguments must be process or job IDs ]
|
||||
```
|
||||
|
||||
Then the start operation fails during recovery. `lb_start()` spawns a
|
||||
new `nc` process, but the old process is still running and using the
|
||||
configured port.
|
||||
|
||||
```
|
||||
nc_PF2_02_start_0:777:stderr [ Ncat: bind to :::62502: Address
|
||||
already in use. QUITTING. ]
|
||||
```
|
||||
|
||||
This patch fixes the issue by removing the `nc &` command from the
|
||||
section whose output gets redirected to `$pidfile`. Now, only the `nc`
|
||||
PID is echoed to `$pidfile`.
|
||||
|
||||
Resolves: RHBZ#1850778
|
||||
Resolves: RHBZ#1850779
|
||||
---
|
||||
heartbeat/azure-lb | 3 ++-
|
||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/heartbeat/azure-lb b/heartbeat/azure-lb
|
||||
index 05c134514..05755d778 100755
|
||||
--- a/heartbeat/azure-lb
|
||||
+++ b/heartbeat/azure-lb
|
||||
@@ -113,7 +113,8 @@ lb_start() {
|
||||
if ! lb_monitor; then
|
||||
ocf_log debug "Starting $process: $cmd"
|
||||
# Execute the command as created above
|
||||
- eval "$cmd & echo \$!" > $pidfile
|
||||
+ $cmd &
|
||||
+ echo $! > $pidfile
|
||||
if lb_monitor; then
|
||||
ocf_log debug "$process: $cmd started successfully, calling monitor"
|
||||
lb_monitor
|
566
SOURCES/bz1858752-Filesystem-support-whitespace-device-dir.patch
Normal file
566
SOURCES/bz1858752-Filesystem-support-whitespace-device-dir.patch
Normal file
@ -0,0 +1,566 @@
|
||||
From a8051cf9e21d231ce3c445f09631266157ffc2e0 Mon Sep 17 00:00:00 2001
|
||||
From: Reid wahl <nrwahl@protonmail.com>
|
||||
Date: Fri, 10 Jul 2020 03:44:18 -0700
|
||||
Subject: [PATCH 1/3] Filesystem: Support whitespace in device or directory
|
||||
name
|
||||
|
||||
Whitespace in a device name (e.g., a CIFS share) or a directory name
|
||||
breaks resource operations.
|
||||
|
||||
One issue is that many of the variable occurrences aren't quoted, so a
|
||||
string containing whitespace is split into multiple tokens. This is a
|
||||
problem when the string meant to be passed as a single argument to a
|
||||
function (e.g., `list_submounts()`).
|
||||
|
||||
Another issue involves the parsing of `list_mounts()` output.
|
||||
`list_mounts()` can pull data from `/proc/mounts`, `/etc/mtab`, or the
|
||||
`mount` command. `/proc/mounts` and `/etc/mtab` represent spaces within
|
||||
a field as octal `\040` strings, while `mount` represents them as
|
||||
literal space characters.
|
||||
|
||||
`list_mounts()` had to be modified to output the mount list as three
|
||||
distinct fields ((`device`, `mountpoint`, `fstype`), separated by tab
|
||||
characters) regardless of the data source. Parsers of `list_mounts()`
|
||||
were modified to use tabs as field delimiters.
|
||||
|
||||
The for loop in `Filesystem_stop()` also had to become a while loop to
|
||||
read line-by-line irrespective of spaces. A for loop splits on spaces.
|
||||
|
||||
Resolves: RHBZ#1624591
|
||||
---
|
||||
heartbeat/Filesystem | 106 +++++++++++++++++++++++++------------------
|
||||
1 file changed, 61 insertions(+), 45 deletions(-)
|
||||
|
||||
diff --git a/heartbeat/Filesystem b/heartbeat/Filesystem
|
||||
index 2f07a90ad..9a52aa712 100755
|
||||
--- a/heartbeat/Filesystem
|
||||
+++ b/heartbeat/Filesystem
|
||||
@@ -91,6 +91,7 @@ fi
|
||||
|
||||
# Variables used by multiple methods
|
||||
HOSTOS=`uname`
|
||||
+TAB=' '
|
||||
|
||||
# The status file is going to an extra directory, by default
|
||||
#
|
||||
@@ -100,7 +101,7 @@ suffix="${OCF_RESOURCE_INSTANCE}"
|
||||
[ "$OCF_RESKEY_CRM_meta_clone" ] &&
|
||||
suffix="${suffix}_$OCF_RESKEY_CRM_meta_clone"
|
||||
suffix="${suffix}_`uname -n`"
|
||||
-STATUSFILE=${OCF_RESKEY_directory}/$prefix$suffix
|
||||
+STATUSFILE="${OCF_RESKEY_directory}/$prefix$suffix"
|
||||
|
||||
#######################################################################
|
||||
|
||||
@@ -283,6 +284,7 @@ flushbufs() {
|
||||
is_bind_mount() {
|
||||
echo "$options" | grep -w bind >/dev/null 2>&1
|
||||
}
|
||||
+
|
||||
list_mounts() {
|
||||
local inpf=""
|
||||
local mount_list=""
|
||||
@@ -296,15 +298,23 @@ list_mounts() {
|
||||
|
||||
# Make sure that the mount list has not been changed while reading.
|
||||
while [ "$mount_list" != "$check_list" ]; do
|
||||
- check_list=$mount_list
|
||||
+ check_list="$mount_list"
|
||||
if [ "$inpf" ]; then
|
||||
- mount_list=$(cut -d' ' -f1,2,3 < $inpf)
|
||||
+ # <device> <mountpoint> <fstype> ...
|
||||
+ # Spaces in device or mountpoint are octal \040 in $inpf
|
||||
+ # Convert literal spaces (field separators) to tabs
|
||||
+ mount_list=$(cut -d' ' -f1,2,3 < $inpf | tr ' ' "$TAB")
|
||||
else
|
||||
- mount_list=$($MOUNT | cut -d' ' -f1,3,5)
|
||||
+ # <device> on <mountpoint> type <fstype> ...
|
||||
+ # Use tabs as field separators
|
||||
+ match_string='\(.*\) on \(.*\) type \([^[:space:]]\)'
|
||||
+ replace_string="\\1${TAB}\\3${TAB}\\5"
|
||||
+ mount_list=$($MOUNT | sed "s/$match_string/$replace_string/g")
|
||||
fi
|
||||
done
|
||||
|
||||
- echo "$mount_list"
|
||||
+ # Convert octal \040 to space characters
|
||||
+ printf "$mount_list"
|
||||
}
|
||||
|
||||
determine_blockdevice() {
|
||||
@@ -318,7 +328,8 @@ determine_blockdevice() {
|
||||
nfs4|nfs|smbfs|cifs|glusterfs|ceph|tmpfs|overlay|overlayfs|rozofs|zfs|cvfs|none|lustre)
|
||||
: ;;
|
||||
*)
|
||||
- DEVICE=`list_mounts | grep " $CANONICALIZED_MOUNTPOINT " | cut -d' ' -f1`
|
||||
+ match_string="${TAB}${CANONICALIZED_MOUNTPOINT}${TAB}"
|
||||
+ DEVICE=`list_mounts | grep "$match_string" | cut -d"$TAB" -f1`
|
||||
if [ -b "$DEVICE" ]; then
|
||||
blockdevice=yes
|
||||
fi
|
||||
@@ -329,7 +340,7 @@ determine_blockdevice() {
|
||||
# Lists all filesystems potentially mounted under a given path,
|
||||
# excluding the path itself.
|
||||
list_submounts() {
|
||||
- list_mounts | grep " $1/" | cut -d' ' -f2 | sort -r
|
||||
+ list_mounts | grep "${TAB}${1}/" | cut -d"$TAB" -f2 | sort -r
|
||||
}
|
||||
|
||||
# kernels < 2.6.26 can't handle bind remounts
|
||||
@@ -358,15 +369,15 @@ bind_mount() {
|
||||
if is_bind_mount && [ "$options" != "-o bind" ]
|
||||
then
|
||||
bind_kernel_check
|
||||
- bind_opts=`echo $options | sed 's/bind/remount/'`
|
||||
- $MOUNT $bind_opts $MOUNTPOINT
|
||||
+ bind_opts=`echo "$options" | sed 's/bind/remount/'`
|
||||
+ $MOUNT $bind_opts "$MOUNTPOINT"
|
||||
else
|
||||
true # make sure to return OK
|
||||
fi
|
||||
}
|
||||
|
||||
is_option() {
|
||||
- echo $OCF_RESKEY_options | grep -w "$1" >/dev/null 2>&1
|
||||
+ echo "$OCF_RESKEY_options" | grep -w "$1" >/dev/null 2>&1
|
||||
}
|
||||
|
||||
is_fsck_needed() {
|
||||
@@ -374,7 +385,7 @@ is_fsck_needed() {
|
||||
force) true;;
|
||||
no) false;;
|
||||
""|auto)
|
||||
- case $FSTYPE in
|
||||
+ case "$FSTYPE" in
|
||||
ext4|ext4dev|ext3|reiserfs|reiser4|nss|xfs|jfs|vfat|fat|nfs4|nfs|cifs|smbfs|ocfs2|gfs2|none|lustre|glusterfs|ceph|tmpfs|overlay|overlayfs|rozofs|zfs|cvfs)
|
||||
false;;
|
||||
*)
|
||||
@@ -403,7 +414,7 @@ fstype_supported()
|
||||
fi
|
||||
|
||||
# support fuse-filesystems (e.g. GlusterFS)
|
||||
- case $FSTYPE in
|
||||
+ case "$FSTYPE" in
|
||||
fuse.*|glusterfs|rozofs) support="fuse";;
|
||||
esac
|
||||
|
||||
@@ -486,7 +497,8 @@ trigger_udev_rules_if_needed()
|
||||
Filesystem_start()
|
||||
{
|
||||
# Check if there are any mounts mounted under the mountpoint
|
||||
- if list_mounts | grep -q -E " $CANONICALIZED_MOUNTPOINT/\w+" >/dev/null 2>&1; then
|
||||
+ match_string="${TAB}${CANONICALIZED_MOUNTPOINT}"
|
||||
+ if list_mounts | grep -q -E "$match_string/\w+" >/dev/null 2>&1; then
|
||||
ocf_log err "There is one or more mounts mounted under $MOUNTPOINT."
|
||||
return $OCF_ERR_CONFIGURED
|
||||
fi
|
||||
@@ -514,9 +526,9 @@ Filesystem_start()
|
||||
if is_fsck_needed; then
|
||||
ocf_log info "Starting filesystem check on $DEVICE"
|
||||
if [ -z "$FSTYPE" ]; then
|
||||
- $FSCK -p $DEVICE
|
||||
+ $FSCK -p "$DEVICE"
|
||||
else
|
||||
- $FSCK -t $FSTYPE -p $DEVICE
|
||||
+ $FSCK -t "$FSTYPE" -p "$DEVICE"
|
||||
fi
|
||||
|
||||
# NOTE: if any errors at all are detected, it returns non-zero
|
||||
@@ -529,20 +541,20 @@ Filesystem_start()
|
||||
fi
|
||||
|
||||
[ -d "$MOUNTPOINT" ] ||
|
||||
- ocf_run mkdir -p $MOUNTPOINT
|
||||
+ ocf_run mkdir -p "$MOUNTPOINT"
|
||||
if [ ! -d "$MOUNTPOINT" ] ; then
|
||||
ocf_exit_reason "Couldn't find directory [$MOUNTPOINT] to use as a mount point"
|
||||
exit $OCF_ERR_INSTALLED
|
||||
fi
|
||||
|
||||
- flushbufs $DEVICE
|
||||
+ flushbufs "$DEVICE"
|
||||
# Mount the filesystem.
|
||||
case "$FSTYPE" in
|
||||
- none) $MOUNT $options $DEVICE $MOUNTPOINT &&
|
||||
+ none) $MOUNT $options "$DEVICE" "$MOUNTPOINT" &&
|
||||
bind_mount
|
||||
;;
|
||||
- "") $MOUNT $options $DEVICE $MOUNTPOINT ;;
|
||||
- *) $MOUNT -t $FSTYPE $options $DEVICE $MOUNTPOINT ;;
|
||||
+ "") $MOUNT $options "$DEVICE" "$MOUNTPOINT" ;;
|
||||
+ *) $MOUNT -t "$FSTYPE" $options "$DEVICE" "$MOUNTPOINT" ;;
|
||||
esac
|
||||
|
||||
if [ $? -ne 0 ]; then
|
||||
@@ -595,23 +607,23 @@ signal_processes() {
|
||||
done
|
||||
}
|
||||
try_umount() {
|
||||
- local SUB=$1
|
||||
- $UMOUNT $umount_force $SUB
|
||||
- list_mounts | grep -q " $SUB " >/dev/null 2>&1 || {
|
||||
+ local SUB="$1"
|
||||
+ $UMOUNT $umount_force "$SUB"
|
||||
+ list_mounts | grep -q "${TAB}${SUB}${TAB}" >/dev/null 2>&1 || {
|
||||
ocf_log info "unmounted $SUB successfully"
|
||||
return $OCF_SUCCESS
|
||||
}
|
||||
return $OCF_ERR_GENERIC
|
||||
}
|
||||
fs_stop() {
|
||||
- local SUB=$1 timeout=$2 sig cnt
|
||||
+ local SUB="$1" timeout=$2 sig cnt
|
||||
for sig in TERM KILL; do
|
||||
cnt=$((timeout/2)) # try half time with TERM
|
||||
while [ $cnt -gt 0 ]; do
|
||||
- try_umount $SUB &&
|
||||
+ try_umount "$SUB" &&
|
||||
return $OCF_SUCCESS
|
||||
ocf_exit_reason "Couldn't unmount $SUB; trying cleanup with $sig"
|
||||
- signal_processes $SUB $sig
|
||||
+ signal_processes "$SUB" $sig
|
||||
cnt=$((cnt-1))
|
||||
sleep 1
|
||||
done
|
||||
@@ -633,7 +645,7 @@ Filesystem_stop()
|
||||
# Wipe the status file, but continue with a warning if
|
||||
# removal fails -- the file system might be read only
|
||||
if [ $OCF_CHECK_LEVEL -eq 20 ]; then
|
||||
- rm -f ${STATUSFILE}
|
||||
+ rm -f "${STATUSFILE}"
|
||||
if [ $? -ne 0 ]; then
|
||||
ocf_log warn "Failed to remove status file ${STATUSFILE}."
|
||||
fi
|
||||
@@ -650,7 +662,7 @@ Filesystem_stop()
|
||||
|
||||
# Umount all sub-filesystems mounted under $MOUNTPOINT/ too.
|
||||
local timeout
|
||||
- for SUB in `list_submounts $MOUNTPOINT` $MOUNTPOINT; do
|
||||
+ while read SUB; do
|
||||
ocf_log info "Trying to unmount $SUB"
|
||||
if ocf_is_true "$FAST_STOP"; then
|
||||
timeout=6
|
||||
@@ -658,15 +670,18 @@ Filesystem_stop()
|
||||
timeout=${OCF_RESKEY_CRM_meta_timeout:="20000"}
|
||||
timeout=$((timeout/1000))
|
||||
fi
|
||||
- fs_stop $SUB $timeout
|
||||
+ fs_stop "$SUB" $timeout
|
||||
rc=$?
|
||||
if [ $rc -ne $OCF_SUCCESS ]; then
|
||||
ocf_exit_reason "Couldn't unmount $SUB, giving up!"
|
||||
fi
|
||||
- done
|
||||
+ done <<-EOF
|
||||
+ $(list_submounts "$CANONICALIZED_MOUNTPOINT"; \
|
||||
+ echo $CANONICALIZED_MOUNTPOINT)
|
||||
+ EOF
|
||||
fi
|
||||
|
||||
- flushbufs $DEVICE
|
||||
+ flushbufs "$DEVICE"
|
||||
|
||||
return $rc
|
||||
}
|
||||
@@ -677,7 +692,8 @@ Filesystem_stop()
|
||||
#
|
||||
Filesystem_status()
|
||||
{
|
||||
- if list_mounts | grep -q " $CANONICALIZED_MOUNTPOINT " >/dev/null 2>&1; then
|
||||
+ match_string="${TAB}${CANONICALIZED_MOUNTPOINT}${TAB}"
|
||||
+ if list_mounts | grep -q "$match_string" >/dev/null 2>&1; then
|
||||
rc=$OCF_SUCCESS
|
||||
msg="$MOUNTPOINT is mounted (running)"
|
||||
else
|
||||
@@ -712,7 +728,7 @@ Filesystem_monitor_10()
|
||||
return $OCF_SUCCESS
|
||||
fi
|
||||
dd_opts="iflag=direct bs=4k count=1"
|
||||
- err_output=`dd if=$DEVICE $dd_opts 2>&1 >/dev/null`
|
||||
+ err_output=`dd if="$DEVICE" $dd_opts 2>&1 >/dev/null`
|
||||
if [ $? -ne 0 ]; then
|
||||
ocf_exit_reason "Failed to read device $DEVICE"
|
||||
ocf_log err "dd said: $err_output"
|
||||
@@ -733,20 +749,20 @@ Filesystem_monitor_20()
|
||||
# to bypass caches.
|
||||
dd_opts="oflag=direct,sync bs=4k conv=fsync,sync"
|
||||
fi
|
||||
- status_dir=`dirname $STATUSFILE`
|
||||
+ status_dir=$(dirname "$STATUSFILE")
|
||||
[ -d "$status_dir" ] || mkdir -p "$status_dir"
|
||||
- err_output=`echo "${OCF_RESOURCE_INSTANCE}" | dd of=${STATUSFILE} $dd_opts 2>&1`
|
||||
+ err_output=`echo "${OCF_RESOURCE_INSTANCE}" | dd of="${STATUSFILE}" $dd_opts 2>&1`
|
||||
if [ $? -ne 0 ]; then
|
||||
ocf_exit_reason "Failed to write status file ${STATUSFILE}"
|
||||
ocf_log err "dd said: $err_output"
|
||||
return $OCF_ERR_GENERIC
|
||||
fi
|
||||
- test -f ${STATUSFILE}
|
||||
+ test -f "${STATUSFILE}"
|
||||
if [ $? -ne 0 ]; then
|
||||
ocf_exit_reason "Cannot stat the status file ${STATUSFILE}"
|
||||
return $OCF_ERR_GENERIC
|
||||
fi
|
||||
- cat ${STATUSFILE} > /dev/null
|
||||
+ cat "${STATUSFILE}" > /dev/null
|
||||
if [ $? -ne 0 ]; then
|
||||
ocf_exit_reason "Cannot read the status file ${STATUSFILE}"
|
||||
return $OCF_ERR_GENERIC
|
||||
@@ -791,9 +807,9 @@ Filesystem_validate_all()
|
||||
# NOTE: Without inserting the $FSTYPE module, this step may be imprecise
|
||||
# TODO: This is Linux specific crap.
|
||||
if [ ! -z "$FSTYPE" -a "$FSTYPE" != none ]; then
|
||||
- cut -f2 /proc/filesystems |grep -q ^$FSTYPE$
|
||||
+ cut -f2 /proc/filesystems |grep -q "^${FSTYPE}$"
|
||||
if [ $? -ne 0 ]; then
|
||||
- modpath=/lib/modules/`uname -r`
|
||||
+ modpath=/lib/modules/`uname -r`
|
||||
moddep=$modpath/modules.dep
|
||||
# Do we have $FSTYPE in modules.dep?
|
||||
cut -d' ' -f1 $moddep |grep -q "^$modpath.*$FSTYPE\.k\?o:$"
|
||||
@@ -826,7 +842,7 @@ set_blockdevice_var() {
|
||||
blockdevice=no
|
||||
|
||||
# these are definitely not block devices
|
||||
- case $FSTYPE in
|
||||
+ case "$FSTYPE" in
|
||||
nfs4|nfs|smbfs|cifs|none|glusterfs|ceph|tmpfs|overlay|overlayfs|rozofs|zfs|cvfs) return;;
|
||||
esac
|
||||
|
||||
@@ -834,7 +850,7 @@ set_blockdevice_var() {
|
||||
return
|
||||
fi
|
||||
|
||||
- case $DEVICE in
|
||||
+ case "$DEVICE" in
|
||||
-*) # Oh... An option to mount instead... Typically -U or -L
|
||||
;;
|
||||
/dev/null) # Special case for BSC
|
||||
@@ -863,7 +879,7 @@ if [ -n "${OCF_RESKEY_force_unmount}" ]; then
|
||||
FORCE_UNMOUNT=$OCF_RESKEY_force_unmount
|
||||
fi
|
||||
|
||||
-DEVICE=$OCF_RESKEY_device
|
||||
+DEVICE="$OCF_RESKEY_device"
|
||||
FSTYPE=$OCF_RESKEY_fstype
|
||||
if [ ! -z "$OCF_RESKEY_options" ]; then
|
||||
options="-o $OCF_RESKEY_options"
|
||||
@@ -899,10 +915,10 @@ if [ -z "$OCF_RESKEY_directory" ]; then
|
||||
exit $OCF_ERR_CONFIGURED
|
||||
fi
|
||||
else
|
||||
- MOUNTPOINT=$(echo $OCF_RESKEY_directory | sed 's/\/*$//')
|
||||
+ MOUNTPOINT="$(echo "$OCF_RESKEY_directory" | sed 's/\/*$//')"
|
||||
: ${MOUNTPOINT:=/}
|
||||
if [ -e "$MOUNTPOINT" ] ; then
|
||||
- CANONICALIZED_MOUNTPOINT=$(readlink -f "$MOUNTPOINT")
|
||||
+ CANONICALIZED_MOUNTPOINT="$(readlink -f "$MOUNTPOINT")"
|
||||
if [ $? -ne 0 ]; then
|
||||
ocf_exit_reason "Could not canonicalize $MOUNTPOINT because readlink failed"
|
||||
exit $OCF_ERR_GENERIC
|
||||
@@ -947,7 +963,7 @@ CLUSTERSAFE=0
|
||||
is_option "ro" &&
|
||||
CLUSTERSAFE=2
|
||||
|
||||
-case $FSTYPE in
|
||||
+case "$FSTYPE" in
|
||||
nfs4|nfs|smbfs|cifs|none|gfs2|glusterfs|ceph|ocfs2|overlay|overlayfs|tmpfs|cvfs)
|
||||
CLUSTERSAFE=1 # this is kind of safe too
|
||||
;;
|
||||
|
||||
From eca9a96ad3356df3636bfa3187afe1b1954693b2 Mon Sep 17 00:00:00 2001
|
||||
From: Reid wahl <nrwahl@protonmail.com>
|
||||
Date: Fri, 10 Jul 2020 16:38:04 -0700
|
||||
Subject: [PATCH 2/3] Filesystem: POSIX-compliant syntax for portability
|
||||
|
||||
Updated to use POSIX `$()` instead of Bourne-shell backticks, and to
|
||||
use `grep ... >/dev/null 2>&1` instead of `grep -q`. (Note: `grep -q`
|
||||
only suppresses `stdout` anyway. `grep -q -s` would be required to
|
||||
suppress both `stdout` and `stderr`.)
|
||||
---
|
||||
heartbeat/Filesystem | 33 +++++++++++++++++----------------
|
||||
1 file changed, 17 insertions(+), 16 deletions(-)
|
||||
|
||||
diff --git a/heartbeat/Filesystem b/heartbeat/Filesystem
|
||||
index 9a52aa712..34ade20d7 100755
|
||||
--- a/heartbeat/Filesystem
|
||||
+++ b/heartbeat/Filesystem
|
||||
@@ -90,7 +90,7 @@ fi
|
||||
: ${OCF_RESKEY_force_unmount=${OCF_RESKEY_force_unmount_default}}
|
||||
|
||||
# Variables used by multiple methods
|
||||
-HOSTOS=`uname`
|
||||
+HOSTOS=$(uname)
|
||||
TAB=' '
|
||||
|
||||
# The status file is going to an extra directory, by default
|
||||
@@ -100,7 +100,7 @@ prefix=${OCF_RESKEY_statusfile_prefix}
|
||||
suffix="${OCF_RESOURCE_INSTANCE}"
|
||||
[ "$OCF_RESKEY_CRM_meta_clone" ] &&
|
||||
suffix="${suffix}_$OCF_RESKEY_CRM_meta_clone"
|
||||
-suffix="${suffix}_`uname -n`"
|
||||
+suffix="${suffix}_$(uname -n)"
|
||||
STATUSFILE="${OCF_RESKEY_directory}/$prefix$suffix"
|
||||
|
||||
#######################################################################
|
||||
@@ -329,7 +329,7 @@ determine_blockdevice() {
|
||||
: ;;
|
||||
*)
|
||||
match_string="${TAB}${CANONICALIZED_MOUNTPOINT}${TAB}"
|
||||
- DEVICE=`list_mounts | grep "$match_string" | cut -d"$TAB" -f1`
|
||||
+ DEVICE=$(list_mounts | grep "$match_string" | cut -d"$TAB" -f1)
|
||||
if [ -b "$DEVICE" ]; then
|
||||
blockdevice=yes
|
||||
fi
|
||||
@@ -354,7 +354,7 @@ bind_kernel_check() {
|
||||
exit(1);
|
||||
}'
|
||||
[ $? -ne 0 ] &&
|
||||
- ocf_log warn "kernel `uname -r` cannot handle read only bind mounts"
|
||||
+ ocf_log warn "kernel $(uname -r) cannot handle read only bind mounts"
|
||||
}
|
||||
|
||||
bind_root_mount_check() {
|
||||
@@ -369,7 +369,7 @@ bind_mount() {
|
||||
if is_bind_mount && [ "$options" != "-o bind" ]
|
||||
then
|
||||
bind_kernel_check
|
||||
- bind_opts=`echo "$options" | sed 's/bind/remount/'`
|
||||
+ bind_opts=$(echo "$options" | sed 's/bind/remount/')
|
||||
$MOUNT $bind_opts "$MOUNTPOINT"
|
||||
else
|
||||
true # make sure to return OK
|
||||
@@ -469,7 +469,7 @@ trigger_udev_rules_if_needed()
|
||||
refresh_flag="yes"
|
||||
fi
|
||||
else
|
||||
- tmp="`echo $DEVICE|awk '{$1=""; print substr($0,2)}'`"
|
||||
+ tmp="$(echo $DEVICE|awk '{$1=""; print substr($0,2)}')"
|
||||
case "$DEVICE" in
|
||||
-U*|--uuid*)
|
||||
tmp="/dev/disk/by-uuid/$tmp"
|
||||
@@ -498,7 +498,7 @@ Filesystem_start()
|
||||
{
|
||||
# Check if there are any mounts mounted under the mountpoint
|
||||
match_string="${TAB}${CANONICALIZED_MOUNTPOINT}"
|
||||
- if list_mounts | grep -q -E "$match_string/\w+" >/dev/null 2>&1; then
|
||||
+ if list_mounts | grep -E "$match_string/\w+" >/dev/null 2>&1; then
|
||||
ocf_log err "There is one or more mounts mounted under $MOUNTPOINT."
|
||||
return $OCF_ERR_CONFIGURED
|
||||
fi
|
||||
@@ -602,14 +602,14 @@ signal_processes() {
|
||||
return
|
||||
fi
|
||||
for pid in $pids; do
|
||||
- ocf_log info "sending signal $sig to: `ps -f $pid | tail -1`"
|
||||
+ ocf_log info "sending signal $sig to: $(ps -f $pid | tail -1)"
|
||||
kill -s $sig $pid
|
||||
done
|
||||
}
|
||||
try_umount() {
|
||||
local SUB="$1"
|
||||
$UMOUNT $umount_force "$SUB"
|
||||
- list_mounts | grep -q "${TAB}${SUB}${TAB}" >/dev/null 2>&1 || {
|
||||
+ list_mounts | grep "${TAB}${SUB}${TAB}" >/dev/null 2>&1 || {
|
||||
ocf_log info "unmounted $SUB successfully"
|
||||
return $OCF_SUCCESS
|
||||
}
|
||||
@@ -693,7 +693,7 @@ Filesystem_stop()
|
||||
Filesystem_status()
|
||||
{
|
||||
match_string="${TAB}${CANONICALIZED_MOUNTPOINT}${TAB}"
|
||||
- if list_mounts | grep -q "$match_string" >/dev/null 2>&1; then
|
||||
+ if list_mounts | grep "$match_string" >/dev/null 2>&1; then
|
||||
rc=$OCF_SUCCESS
|
||||
msg="$MOUNTPOINT is mounted (running)"
|
||||
else
|
||||
@@ -728,7 +728,7 @@ Filesystem_monitor_10()
|
||||
return $OCF_SUCCESS
|
||||
fi
|
||||
dd_opts="iflag=direct bs=4k count=1"
|
||||
- err_output=`dd if="$DEVICE" $dd_opts 2>&1 >/dev/null`
|
||||
+ err_output=$(dd if="$DEVICE" $dd_opts 2>&1 >/dev/null)
|
||||
if [ $? -ne 0 ]; then
|
||||
ocf_exit_reason "Failed to read device $DEVICE"
|
||||
ocf_log err "dd said: $err_output"
|
||||
@@ -751,7 +751,7 @@ Filesystem_monitor_20()
|
||||
fi
|
||||
status_dir=$(dirname "$STATUSFILE")
|
||||
[ -d "$status_dir" ] || mkdir -p "$status_dir"
|
||||
- err_output=`echo "${OCF_RESOURCE_INSTANCE}" | dd of="${STATUSFILE}" $dd_opts 2>&1`
|
||||
+ err_output=$(echo "${OCF_RESOURCE_INSTANCE}" | dd of="${STATUSFILE}" $dd_opts 2>&1)
|
||||
if [ $? -ne 0 ]; then
|
||||
ocf_exit_reason "Failed to write status file ${STATUSFILE}"
|
||||
ocf_log err "dd said: $err_output"
|
||||
@@ -807,12 +807,13 @@ Filesystem_validate_all()
|
||||
# NOTE: Without inserting the $FSTYPE module, this step may be imprecise
|
||||
# TODO: This is Linux specific crap.
|
||||
if [ ! -z "$FSTYPE" -a "$FSTYPE" != none ]; then
|
||||
- cut -f2 /proc/filesystems |grep -q "^${FSTYPE}$"
|
||||
+ cut -f2 /proc/filesystems | grep "^${FSTYPE}$" >/dev/null 2>&1
|
||||
if [ $? -ne 0 ]; then
|
||||
- modpath=/lib/modules/`uname -r`
|
||||
+ modpath=/lib/modules/$(uname -r)
|
||||
moddep=$modpath/modules.dep
|
||||
# Do we have $FSTYPE in modules.dep?
|
||||
- cut -d' ' -f1 $moddep |grep -q "^$modpath.*$FSTYPE\.k\?o:$"
|
||||
+ cut -d' ' -f1 $moddep \
|
||||
+ | grep "^${modpath}.*${FSTYPE}\.k\?o:$" >/dev/null 2>&1
|
||||
if [ $? -ne 0 ]; then
|
||||
ocf_log info "It seems we do not have $FSTYPE support"
|
||||
fi
|
||||
@@ -846,7 +847,7 @@ set_blockdevice_var() {
|
||||
nfs4|nfs|smbfs|cifs|none|glusterfs|ceph|tmpfs|overlay|overlayfs|rozofs|zfs|cvfs|lustre) return;;
|
||||
esac
|
||||
|
||||
- if `is_option "loop"`; then
|
||||
+ if $(is_option "loop"); then
|
||||
return
|
||||
fi
|
||||
|
||||
|
||||
From 5517712f4bb6e90b23cde6310c03509c9061cb36 Mon Sep 17 00:00:00 2001
|
||||
From: Reid wahl <nrwahl@protonmail.com>
|
||||
Date: Fri, 10 Jul 2020 16:44:17 -0700
|
||||
Subject: [PATCH 3/3] Filesystem: Convert leading space characters to tabs
|
||||
|
||||
A few lines started with spaces instead of tabs. Tabs are the
|
||||
convention in this file.
|
||||
---
|
||||
heartbeat/Filesystem | 16 ++++++++--------
|
||||
1 file changed, 8 insertions(+), 8 deletions(-)
|
||||
|
||||
diff --git a/heartbeat/Filesystem b/heartbeat/Filesystem
|
||||
index 34ade20d7..501e5a0d0 100755
|
||||
--- a/heartbeat/Filesystem
|
||||
+++ b/heartbeat/Filesystem
|
||||
@@ -359,10 +359,10 @@ bind_kernel_check() {
|
||||
|
||||
bind_root_mount_check() {
|
||||
if [ "$(df -P "$1" | awk 'END{print $6}')" = "/" ]; then
|
||||
- return 1
|
||||
- else
|
||||
- return 0
|
||||
- fi
|
||||
+ return 1
|
||||
+ else
|
||||
+ return 0
|
||||
+ fi
|
||||
}
|
||||
|
||||
bind_mount() {
|
||||
@@ -571,10 +571,10 @@ get_pids()
|
||||
local procs
|
||||
local mmap_procs
|
||||
|
||||
- if is_bind_mount && ocf_is_true "$FORCE_UNMOUNT" && ! bind_root_mount_check "$DEVICE"; then
|
||||
- ocf_log debug "Change force_umount from '$FORCE_UNMOUNT' to 'safe'"
|
||||
- FORCE_UNMOUNT=safe
|
||||
- fi
|
||||
+ if is_bind_mount && ocf_is_true "$FORCE_UNMOUNT" && ! bind_root_mount_check "$DEVICE"; then
|
||||
+ ocf_log debug "Change force_umount from '$FORCE_UNMOUNT' to 'safe'"
|
||||
+ FORCE_UNMOUNT=safe
|
||||
+ fi
|
||||
|
||||
if ocf_is_true "$FORCE_UNMOUNT"; then
|
||||
if [ "X${HOSTOS}" = "XOpenBSD" ];then
|
53
SOURCES/bz1861001-sybaseASE-add-logfile-parameter.patch
Normal file
53
SOURCES/bz1861001-sybaseASE-add-logfile-parameter.patch
Normal file
@ -0,0 +1,53 @@
|
||||
From d62d8776df8aaa1da32e8452b3816505d1ea1f7f Mon Sep 17 00:00:00 2001
|
||||
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
|
||||
Date: Wed, 28 Oct 2020 15:06:47 +0100
|
||||
Subject: [PATCH] sybaseASE: add logfile parameter
|
||||
|
||||
---
|
||||
heartbeat/sybaseASE.in | 19 ++++++++++++++++++-
|
||||
1 file changed, 18 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/heartbeat/sybaseASE.in b/heartbeat/sybaseASE.in
|
||||
index 7ff30bd31..fef76474e 100755
|
||||
--- a/heartbeat/sybaseASE.in
|
||||
+++ b/heartbeat/sybaseASE.in
|
||||
@@ -115,6 +115,13 @@ fi
|
||||
interfaces_file_default="${OCF_RESKEY_sybase_home}/interfaces"
|
||||
: ${OCF_RESKEY_interfaces_file=${interfaces_file_default}}
|
||||
|
||||
+if [ $__OCF_ACTION != "meta-data" ]; then
|
||||
+ logfile_default="$OCF_RESKEY_sybase_home/$OCF_RESKEY_sybase_ase/install/$OCF_RESKEY_server_name.log"
|
||||
+else
|
||||
+ logfile_default="detect"
|
||||
+fi
|
||||
+: ${OCF_RESKEY_logfile=${logfile_default}}
|
||||
+
|
||||
export LD_POINTER_GUARD=0
|
||||
|
||||
#######################################################################################
|
||||
@@ -122,7 +129,7 @@ export LD_POINTER_GUARD=0
|
||||
#######################################################################################
|
||||
declare login_string=""
|
||||
declare RUNSERVER_SCRIPT=$OCF_RESKEY_sybase_home/$OCF_RESKEY_sybase_ase/install/RUN_$OCF_RESKEY_server_name
|
||||
-declare CONSOLE_LOG=$OCF_RESKEY_sybase_home/$OCF_RESKEY_sybase_ase/install/$OCF_RESKEY_server_name.log
|
||||
+declare CONSOLE_LOG="$OCF_RESKEY_logfile"
|
||||
|
||||
##################################################################################################
|
||||
# This function will be called by Pacemaker to get the meta data of resource agent "sybaseASE". #
|
||||
@@ -223,6 +230,16 @@ meta_data()
|
||||
<content type="string"/>
|
||||
</parameter>
|
||||
|
||||
+ <parameter name="logfile">
|
||||
+ <longdesc lang="en">
|
||||
+ Logfile
|
||||
+ </longdesc>
|
||||
+ <shortdesc lang="en">
|
||||
+ Logfile
|
||||
+ </shortdesc>
|
||||
+ <content type="string" default="$logfile_default" />
|
||||
+ </parameter>
|
||||
+
|
||||
</parameters>
|
||||
|
||||
<actions>
|
81
SOURCES/bz1872999-aws-vpc-move-ip-add-region-parameter.patch
Normal file
81
SOURCES/bz1872999-aws-vpc-move-ip-add-region-parameter.patch
Normal file
@ -0,0 +1,81 @@
|
||||
--- ClusterLabs-resource-agents-e711383f/heartbeat/aws-vpc-move-ip 2020-09-23 11:57:38.855067216 +0200
|
||||
+++ aws-vpc-move-ip.tmp 2020-09-23 11:57:17.993045991 +0200
|
||||
@@ -37,13 +37,17 @@
|
||||
# Defaults
|
||||
OCF_RESKEY_awscli_default="/usr/bin/aws"
|
||||
OCF_RESKEY_profile_default="default"
|
||||
+OCF_RESKEY_region_default=""
|
||||
OCF_RESKEY_routing_table_role_default=""
|
||||
OCF_RESKEY_monapi_default="false"
|
||||
|
||||
: ${OCF_RESKEY_awscli=${OCF_RESKEY_awscli_default}}
|
||||
: ${OCF_RESKEY_profile=${OCF_RESKEY_profile_default}}
|
||||
+: ${OCF_RESKEY_region=${OCF_RESKEY_region_default}}
|
||||
: ${OCF_RESKEY_routing_table_role=${OCF_RESKEY_routing_table_role_default}}
|
||||
: ${OCF_RESKEY_monapi=${OCF_RESKEY_monapi_default}}
|
||||
+
|
||||
+[ -n "$OCF_RESKEY_region" ] && region_opt="--region $OCF_RESKEY_region"
|
||||
#######################################################################
|
||||
|
||||
|
||||
@@ -87,6 +91,14 @@
|
||||
<content type="string" default="${OCF_RESKEY_profile_default}" />
|
||||
</parameter>
|
||||
|
||||
+<parameter name="region">
|
||||
+<longdesc lang="en">
|
||||
+Valid AWS region name (e.g., 'us-west-2')
|
||||
+</longdesc>
|
||||
+<shortdesc lang="en">region name</shortdesc>
|
||||
+<content type="string" default="${OCF_RESKEY_region_default}" />
|
||||
+</parameter>
|
||||
+
|
||||
<parameter name="ip" required="1">
|
||||
<longdesc lang="en">
|
||||
VPC private IP address
|
||||
@@ -151,7 +163,7 @@
|
||||
execute_cmd_as_role(){
|
||||
cmd=$1
|
||||
role=$2
|
||||
- output="$($OCF_RESKEY_awscli sts assume-role --role-arn $role --role-session-name AWSCLI-RouteTableUpdate --profile $OCF_RESKEY_profile --output=text)"
|
||||
+ output="$($OCF_RESKEY_awscli sts assume-role --role-arn $role --role-session-name AWSCLI-RouteTableUpdate --profile $OCF_RESKEY_profile $region_opt --output=text)"
|
||||
export AWS_ACCESS_KEY_ID="$(echo $output | awk -F" " '$4=="CREDENTIALS" {print $5}')"
|
||||
export AWS_SECRET_ACCESS_KEY="$(echo $output | awk -F" " '$4=="CREDENTIALS" {print $7}')"
|
||||
export AWS_SESSION_TOKEN="$(echo $output | awk -F" " '$4=="CREDENTIALS" {print $8}')"
|
||||
@@ -198,11 +210,11 @@
|
||||
for rtb in $(echo $OCF_RESKEY_routing_table | sed -e 's/,/ /g'); do
|
||||
ocf_log info "monitor: check routing table (API call) - $rtb"
|
||||
if [[ -z "${OCF_RESKEY_routing_table_role}" ]]; then
|
||||
- cmd="$OCF_RESKEY_awscli --profile $OCF_RESKEY_profile --output text ec2 describe-route-tables --route-table-ids $rtb --query RouteTables[*].Routes[?DestinationCidrBlock=='$OCF_RESKEY_ip/32'].InstanceId"
|
||||
+ cmd="$OCF_RESKEY_awscli --profile $OCF_RESKEY_profile $region_opt --output text ec2 describe-route-tables --route-table-ids $rtb --query RouteTables[*].Routes[?DestinationCidrBlock=='$OCF_RESKEY_ip/32'].InstanceId"
|
||||
ocf_log debug "executing command: $cmd"
|
||||
ROUTE_TO_INSTANCE="$($cmd)"
|
||||
else
|
||||
- cmd="$OCF_RESKEY_awscli --output text ec2 describe-route-tables --route-table-ids $rtb --query RouteTables[*].Routes[?DestinationCidrBlock=='$OCF_RESKEY_ip/32'].InstanceId"
|
||||
+ cmd="$OCF_RESKEY_awscli $region_opt --output text ec2 describe-route-tables --route-table-ids $rtb --query RouteTables[*].Routes[?DestinationCidrBlock=='$OCF_RESKEY_ip/32'].InstanceId"
|
||||
ROUTE_TO_INSTANCE="$(execute_cmd_as_role "$cmd" $OCF_RESKEY_routing_table_role)"
|
||||
fi
|
||||
ocf_log debug "Overlay IP is currently routed to ${ROUTE_TO_INSTANCE}"
|
||||
@@ -283,11 +295,11 @@
|
||||
|
||||
for rtb in $(echo $OCF_RESKEY_routing_table | sed -e 's/,/ /g'); do
|
||||
if [[ -z "${OCF_RESKEY_routing_table_role}" ]]; then
|
||||
- cmd="$OCF_RESKEY_awscli --profile $OCF_RESKEY_profile --output text ec2 replace-route --route-table-id $rtb --destination-cidr-block ${OCF_RESKEY_ip}/32 --network-interface-id $EC2_NETWORK_INTERFACE_ID"
|
||||
+ cmd="$OCF_RESKEY_awscli --profile $OCF_RESKEY_profile $region_opt --output text ec2 replace-route --route-table-id $rtb --destination-cidr-block ${OCF_RESKEY_ip}/32 --network-interface-id $EC2_NETWORK_INTERFACE_ID"
|
||||
ocf_log debug "executing command: $cmd"
|
||||
$cmd
|
||||
else
|
||||
- cmd="$OCF_RESKEY_awscli --output text ec2 replace-route --route-table-id $rtb --destination-cidr-block ${OCF_RESKEY_ip}/32 --network-interface-id $EC2_NETWORK_INTERFACE_ID"
|
||||
+ cmd="$OCF_RESKEY_awscli $region_opt --output text ec2 replace-route --route-table-id $rtb --destination-cidr-block ${OCF_RESKEY_ip}/32 --network-interface-id $EC2_NETWORK_INTERFACE_ID"
|
||||
update_response="$(execute_cmd_as_role "$cmd" $OCF_RESKEY_routing_table_role)"
|
||||
fi
|
||||
rc=$?
|
||||
@@ -397,7 +409,7 @@
|
||||
ec2ip_monitor;;
|
||||
validate-all)
|
||||
exit $?;;
|
||||
- *)
|
||||
+ *)
|
||||
echo $USAGE
|
||||
exit $OCF_ERR_UNIMPLEMENTED
|
||||
;;
|
@ -0,0 +1,51 @@
|
||||
From 028bd6aab181104fe68166c8ec9c0485e12f9376 Mon Sep 17 00:00:00 2001
|
||||
From: Damien Ciabrini <dciabrin@redhat.com>
|
||||
Date: Fri, 18 Sep 2020 18:34:22 +0200
|
||||
Subject: [PATCH] galera: recover from joining a non existing cluster
|
||||
|
||||
galera being a M/S resource, the resource agent decides
|
||||
when and how to promote a resource based on the current
|
||||
state of the galera cluster. If there's no cluster,
|
||||
a resource is promoted as the bootstrap node. Otherwise
|
||||
it is promoted as a joiner node.
|
||||
|
||||
There can be some time between the moment when a node is
|
||||
promoted and when the promote operation effectively
|
||||
takes place. So if a node is promoted for joining a cluster,
|
||||
all the running galera nodes are stopped before the promote
|
||||
operation start, the joining node won't be able to join the
|
||||
cluster, and it can't bootstrap a new one either because it
|
||||
doesn't have the most recent copy of the DB.
|
||||
|
||||
In that case, do not make the promotion fail, and force
|
||||
a demotion instead. This ensures that a normal bootstrap
|
||||
election will take place eventually, without blocking
|
||||
the joining node due to a failed promotion.
|
||||
---
|
||||
heartbeat/galera | 13 ++++++++++---
|
||||
1 file changed, 10 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/heartbeat/galera b/heartbeat/galera
|
||||
index 74f11d8c5..d2f4faa86 100755
|
||||
--- a/heartbeat/galera
|
||||
+++ b/heartbeat/galera
|
||||
@@ -727,9 +727,16 @@ galera_promote()
|
||||
ocf_log info "Node <${NODENAME}> is bootstrapping the cluster"
|
||||
extra_opts="--wsrep-cluster-address=gcomm://"
|
||||
else
|
||||
- ocf_exit_reason "Failure, Attempted to promote Master instance of $OCF_RESOURCE_INSTANCE before bootstrap node has been detected."
|
||||
- clear_last_commit
|
||||
- return $OCF_ERR_GENERIC
|
||||
+ # We are being promoted without having the bootstrap
|
||||
+ # attribute in the CIB, which means we are supposed to
|
||||
+ # join a cluster; however if we end up here, there is no
|
||||
+ # Master remaining right now, which means there is no
|
||||
+ # cluster to join anymore. So force a demotion, and and
|
||||
+ # let the RA decide later which node should be the next
|
||||
+ # bootstrap node.
|
||||
+ ocf_log warn "There is no running cluster to join, demoting ourself"
|
||||
+ clear_master_score
|
||||
+ return $OCF_SUCCESS
|
||||
fi
|
||||
fi
|
||||
|
63
SOURCES/bz1886262-podman-recover-from-killed-conmon.patch
Normal file
63
SOURCES/bz1886262-podman-recover-from-killed-conmon.patch
Normal file
@ -0,0 +1,63 @@
|
||||
From 3aa0dda4e0c2a3b801d65aeacc4fdfd713a604f2 Mon Sep 17 00:00:00 2001
|
||||
From: Damien Ciabrini <damien.ciabrini@gmail.com>
|
||||
Date: Tue, 27 Oct 2020 18:01:36 +0100
|
||||
Subject: [PATCH] podman: recover from killed conmon side process
|
||||
|
||||
When podman containers are created by the resource-agent, the podman
|
||||
runtime spawns a side process (conmon) to monitor the container and
|
||||
record the exit status.
|
||||
|
||||
If the conmon process dies unexpectedly (e.g. kill -9), the podman
|
||||
container can still be stopped, even if the cli returns a generic
|
||||
error.
|
||||
|
||||
Try to distinguish this specific failure condition and make the stop
|
||||
operation resilient; when it happens, just log a warning and finish
|
||||
the usual stop actions.
|
||||
---
|
||||
heartbeat/podman | 18 +++++++++++++++---
|
||||
1 file changed, 15 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/heartbeat/podman b/heartbeat/podman
|
||||
index 81b00ee6f..9f8c2a091 100755
|
||||
--- a/heartbeat/podman
|
||||
+++ b/heartbeat/podman
|
||||
@@ -419,6 +419,7 @@ podman_start()
|
||||
podman_stop()
|
||||
{
|
||||
local timeout=60
|
||||
+ local rc
|
||||
podman_simple_status
|
||||
if [ $? -eq $OCF_NOT_RUNNING ]; then
|
||||
remove_container
|
||||
@@ -434,16 +435,27 @@ podman_stop()
|
||||
|
||||
if ocf_is_true "$OCF_RESKEY_force_kill"; then
|
||||
ocf_run podman kill $CONTAINER
|
||||
+ rc=$?
|
||||
else
|
||||
ocf_log debug "waiting $timeout second[s] before killing container"
|
||||
ocf_run podman stop -t=$timeout $CONTAINER
|
||||
+ rc=$?
|
||||
# on stop, systemd will automatically delete any transient
|
||||
# drop-in conf that has been created earlier
|
||||
fi
|
||||
|
||||
- if [ $? -ne 0 ]; then
|
||||
- ocf_exit_reason "Failed to stop container, ${CONTAINER}, based on image, ${OCF_RESKEY_image}."
|
||||
- return $OCF_ERR_GENERIC
|
||||
+ if [ $rc -ne 0 ]; then
|
||||
+ # If the stop failed, it could be because the controlling conmon
|
||||
+ # process died unexpectedly. If so, a generic error code is returned
|
||||
+ # but the associated container exit code is -1. If that's the case,
|
||||
+ # assume there's no failure and continue with the rm as usual.
|
||||
+ if [ $rc -eq 125 ] && \
|
||||
+ podman inspect --format '{{.State.Status}}:{{.State.ExitCode}}' $CONTAINER | grep -wq "stopped:-1"; then
|
||||
+ ocf_log warn "Container ${CONTAINER} had an unexpected stop outcome. Trying to remove it anyway."
|
||||
+ else
|
||||
+ ocf_exit_reason "Failed to stop container, ${CONTAINER}, based on image, ${OCF_RESKEY_image}."
|
||||
+ return $OCF_ERR_GENERIC
|
||||
+ fi
|
||||
fi
|
||||
|
||||
remove_container
|
@ -0,0 +1,58 @@
|
||||
From 2927279ba1677e9dda202121176a8245a7ef76ca Mon Sep 17 00:00:00 2001
|
||||
From: tositaka77 <45960626+tositaka77@users.noreply.github.com>
|
||||
Date: Wed, 14 Oct 2020 22:22:56 +0900
|
||||
Subject: [PATCH] fixes and improvements
|
||||
|
||||
- Fixed "regional" PD functionality in attach_disk()
|
||||
- Improve to exact match disk_name with disks.source in detach_disk()
|
||||
---
|
||||
heartbeat/gcp-pd-move.in | 8 +++++++-
|
||||
1 file changed, 7 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/heartbeat/gcp-pd-move.in b/heartbeat/gcp-pd-move.in
|
||||
index f82bd25e5..e99cc71f8 100644
|
||||
--- a/heartbeat/gcp-pd-move.in
|
||||
+++ b/heartbeat/gcp-pd-move.in
|
||||
@@ -49,6 +49,7 @@ else:
|
||||
CONN = None
|
||||
PROJECT = None
|
||||
ZONE = None
|
||||
+REGION = None
|
||||
LIST_DISK_ATTACHED_INSTANCES = None
|
||||
INSTANCE_NAME = None
|
||||
|
||||
@@ -148,6 +149,7 @@ def populate_vars():
|
||||
global INSTANCE_NAME
|
||||
global PROJECT
|
||||
global ZONE
|
||||
+ global REGION
|
||||
global LIST_DISK_ATTACHED_INSTANCES
|
||||
|
||||
# Populate global vars
|
||||
@@ -175,6 +177,7 @@ def populate_vars():
|
||||
PROJECT = get_metadata('project/project-id')
|
||||
if PARAMETERS['disk_scope'] in ['detect', 'regional']:
|
||||
ZONE = get_metadata('instance/zone').split('/')[-1]
|
||||
+ REGION = ZONE[:-2]
|
||||
else:
|
||||
ZONE = PARAMETERS['disk_scope']
|
||||
LIST_DISK_ATTACHED_INSTANCES = get_disk_attached_instances(
|
||||
@@ -255,7 +258,7 @@ def detach_disk(instance, disk_name):
|
||||
|
||||
device_name = None
|
||||
for disk in response['disks']:
|
||||
- if disk_name in disk['source']:
|
||||
+ if disk_name == re.sub('.*disks/',"",disk['source']):
|
||||
device_name = disk['deviceName']
|
||||
break
|
||||
|
||||
@@ -273,6 +276,9 @@ def detach_disk(instance, disk_name):
|
||||
|
||||
def attach_disk(instance, disk_name):
|
||||
location = 'zones/%s' % ZONE
|
||||
+ if PARAMETERS['disk_scope'] == 'regional':
|
||||
+ location = 'regions/%s' % REGION
|
||||
+
|
||||
prefix = 'https://www.googleapis.com/compute/v1'
|
||||
body = {
|
||||
'source': '%(prefix)s/projects/%(project)s/%(location)s/disks/%(disk)s' % {
|
@ -0,0 +1,36 @@
|
||||
From ac213f158ff851422d78ae8f56b022e8e30751bc Mon Sep 17 00:00:00 2001
|
||||
From: Damien Ciabrini <damien.ciabrini@gmail.com>
|
||||
Date: Mon, 26 Oct 2020 14:54:05 +0100
|
||||
Subject: [PATCH] galera: set bootstrap attribute before promote
|
||||
|
||||
When the master detection takes place, the node chosen for
|
||||
becoming the master is given two attributes in the CIB:
|
||||
a master score and a bootstrap flag. The master score makes
|
||||
pacemaker schedule a promote operation, and the bootstrap flag
|
||||
drives how the galera server is started.
|
||||
|
||||
The order in which we set the attributes is racy; it may happen
|
||||
that a promote operation is started before the current master
|
||||
detection function has set the bootstrap flag, in which case
|
||||
the promotion will fail.
|
||||
|
||||
Reverse the order in which we set the attributes on a bootstrap
|
||||
node to close the race.
|
||||
---
|
||||
heartbeat/galera | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/heartbeat/galera b/heartbeat/galera
|
||||
index d2f4faa86..b4d7e187d 100755
|
||||
--- a/heartbeat/galera
|
||||
+++ b/heartbeat/galera
|
||||
@@ -587,8 +587,8 @@ detect_first_master()
|
||||
fi
|
||||
|
||||
ocf_log info "Promoting $best_node to be our bootstrap node"
|
||||
- set_master_score $best_node
|
||||
set_bootstrap_node $best_node
|
||||
+ set_master_score $best_node
|
||||
}
|
||||
|
||||
detect_safe_to_bootstrap()
|
80
SOURCES/bz1891855-galera-recover-2-node-cluster.patch
Normal file
80
SOURCES/bz1891855-galera-recover-2-node-cluster.patch
Normal file
@ -0,0 +1,80 @@
|
||||
--- a/heartbeat/galera 2020-10-28 16:28:48.125700714 +0100
|
||||
+++ b/heartbeat/galera 2020-10-28 16:31:14.932820752 +0100
|
||||
@@ -81,6 +81,11 @@
|
||||
. /etc/default/clustercheck
|
||||
fi
|
||||
|
||||
+# Parameter defaults
|
||||
+
|
||||
+OCF_RESKEY_two_node_mode_default="false"
|
||||
+: ${OCF_RESKEY_two_node_mode=${OCF_RESKEY_two_node_mode_default}}
|
||||
+
|
||||
#######################################################################
|
||||
|
||||
usage() {
|
||||
@@ -249,6 +254,16 @@
|
||||
<content type="string" default="" />
|
||||
</parameter>
|
||||
|
||||
+<parameter name="two_node_mode" unique="0" required="0">
|
||||
+<longdesc lang="en">
|
||||
+If running in a 2-node pacemaker cluster, rely on pacemaker quorum
|
||||
+to allow automatic recovery even when the other node is unreachable.
|
||||
+Use it with caution! (and fencing)
|
||||
+</longdesc>
|
||||
+<shortdesc lang="en">Special recovery when running on a 2-node cluster</shortdesc>
|
||||
+<content type="boolean" default="${OCF_RESKEY_two_node_mode_default}"/>
|
||||
+</parameter>
|
||||
+
|
||||
</parameters>
|
||||
|
||||
<actions>
|
||||
@@ -400,6 +415,27 @@
|
||||
return 0
|
||||
}
|
||||
|
||||
+is_two_node_mode_active()
|
||||
+{
|
||||
+ # crm_node or corosync-quorumtool cannot access various corosync
|
||||
+ # flags when running inside a bundle, so only count the cluster
|
||||
+ # members
|
||||
+ ocf_is_true "$OCF_RESKEY_two_node_mode" && ${HA_SBIN_DIR}/crm_mon -1X | xmllint --xpath "count(//nodes/node[@type='member'])" - | grep -q -w 2
|
||||
+}
|
||||
+
|
||||
+is_last_node_in_quorate_partition()
|
||||
+{
|
||||
+ # when a network split occurs in a 2-node cluster, pacemaker
|
||||
+ # fences the other node and try to retain quorum. So until
|
||||
+ # the fencing is resolved (and the status of the peer node
|
||||
+ # is clean), we shouldn't consider ourself quorate.
|
||||
+ local partition_members=$(${HA_SBIN_DIR}/crm_node -p | wc -w)
|
||||
+ local quorate=$(${HA_SBIN_DIR}/crm_node -q)
|
||||
+ local clean_members=$(${HA_SBIN_DIR}/crm_mon -1X | xmllint --xpath 'count(//nodes/node[@type="member" and @unclean="false"])' -)
|
||||
+
|
||||
+ [ "$partition_members" = 1 ] && [ "$quorate" = 1 ] && [ "$clean_members" = 2 ]
|
||||
+}
|
||||
+
|
||||
master_exists()
|
||||
{
|
||||
if [ "$__OCF_ACTION" = "demote" ]; then
|
||||
@@ -518,8 +554,20 @@
|
||||
done
|
||||
|
||||
for node in $nodes_recovered $nodes; do
|
||||
+ # On clean shutdown, galera sets the last stopped node as 'safe to bootstrap',
|
||||
+ # so use this hint when we can
|
||||
safe_to_bootstrap=$(get_safe_to_bootstrap $node)
|
||||
|
||||
+ # Special case for 2-node clusters: during a network split, rely on
|
||||
+ # pacemaker's quorum to check whether we can restart galera
|
||||
+ if [ "$safe_to_bootstrap" != "1" ] && [ "$node" = "$NODENAME" ] && is_two_node_mode_active; then
|
||||
+ is_last_node_in_quorate_partition
|
||||
+ if [ $? -eq 0 ]; then
|
||||
+ ocf_log warn "Survived a split in a 2-node cluster, considering ourselves safe to bootstrap"
|
||||
+ safe_to_bootstrap=1
|
||||
+ fi
|
||||
+ fi
|
||||
+
|
||||
if [ "$safe_to_bootstrap" = "1" ]; then
|
||||
# Galera marked the node as safe to boostrap during shutdown. Let's just
|
||||
# pick it as our bootstrap node.
|
@ -0,0 +1,84 @@
|
||||
From 8d459216c9718269303b9caf227a971d73ec4df9 Mon Sep 17 00:00:00 2001
|
||||
From: Reid Wahl <nrwahl@protonmail.com>
|
||||
Date: Thu, 27 Aug 2020 01:34:01 -0700
|
||||
Subject: [PATCH] aws-vpc-move-ip: Don't warn for expected scenarios
|
||||
|
||||
Make log levels more appropriate to the situation. Before this patch, a
|
||||
normal start looked like this:
|
||||
|
||||
Operation start for aws-vip (ocf:heartbeat:aws-vpc-move-ip) returned: 'ok' (0)
|
||||
> stderr: Nov 09 02:38:20 INFO: EC2: Moving IP address 10.0.1.65 to this host by adjusting routing table rtb-01b4ea1ae0ec0a4d9
|
||||
> stderr: Nov 09 02:38:20 INFO: monitor: check routing table (API call) - rtb-01b4ea1ae0ec0a4d9
|
||||
> stderr: Nov 09 02:38:22 WARNING: IP 10.0.1.65 not assigned to running interface
|
||||
> stderr: Nov 09 02:38:22 INFO: EC2: Adjusting routing table and locally configuring IP address
|
||||
> stderr: RTNETLINK answers: Cannot assign requested address
|
||||
> stderr: Nov 09 02:38:24 WARNING: command failed, rc 2
|
||||
> stderr: Nov 09 02:38:24 INFO: monitor: check routing table (API call) - rtb-01b4ea1ae0ec0a4d9
|
||||
|
||||
Now it looks like this:
|
||||
|
||||
Operation start for aws-vip (ocf:heartbeat:aws-vpc-move-ip) returned: 'ok' (0)
|
||||
> stderr: Nov 09 02:40:43 INFO: EC2: Moving IP address 10.0.1.65 to this host by adjusting routing table rtb-01b4ea1ae0ec0a4d9
|
||||
> stderr: Nov 09 02:40:43 INFO: monitor: check routing table (API call) - rtb-01b4ea1ae0ec0a4d9
|
||||
> stderr: Nov 09 02:40:44 INFO: IP 10.0.1.65 not assigned to running interface
|
||||
> stderr: Nov 09 02:40:44 INFO: EC2: Adjusting routing table and locally configuring IP address
|
||||
> stderr: Nov 09 02:40:46 INFO: monitor: check routing table (API call) - rtb-01b4ea1ae0ec0a4d9
|
||||
|
||||
Under normal circumstances, the call to `ec2ip_drop()` within
|
||||
`ec2ip_get_and_configure` should not be required at all. The drop
|
||||
function deletes the address before the get_and_configure function
|
||||
immediately re-adds the address. This call could probably be removed
|
||||
altogether. Instead, I left the call and silenced its output just in
|
||||
case of unexpected edge cases.
|
||||
|
||||
Resolves: RHBZ#1895811
|
||||
|
||||
Signed-off-by: Reid Wahl <nrwahl@protonmail.com>
|
||||
---
|
||||
heartbeat/aws-vpc-move-ip | 23 ++++++++++++++++++++---
|
||||
1 file changed, 20 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/heartbeat/aws-vpc-move-ip b/heartbeat/aws-vpc-move-ip
|
||||
index a5b28ad92..72a89ecb1 100755
|
||||
--- a/heartbeat/aws-vpc-move-ip
|
||||
+++ b/heartbeat/aws-vpc-move-ip
|
||||
@@ -270,7 +270,13 @@ ec2ip_monitor() {
|
||||
ocf_log debug "executing command: $cmd"
|
||||
RESULT=$($cmd | grep "$OCF_RESKEY_ip")
|
||||
if [ -z "$RESULT" ]; then
|
||||
- ocf_log warn "IP $OCF_RESKEY_ip not assigned to running interface"
|
||||
+ if [ "$__OCF_ACTION" = "monitor" ] && ! ocf_is_probe; then
|
||||
+ level="error"
|
||||
+ else
|
||||
+ level="info"
|
||||
+ fi
|
||||
+
|
||||
+ ocf_log "$level" "IP $OCF_RESKEY_ip not assigned to running interface"
|
||||
return $OCF_NOT_RUNNING
|
||||
fi
|
||||
|
||||
@@ -282,11 +288,22 @@ ec2ip_monitor() {
|
||||
ec2ip_drop() {
|
||||
cmd="ip addr delete ${OCF_RESKEY_ip}/32 dev $OCF_RESKEY_interface"
|
||||
ocf_log debug "executing command: $cmd"
|
||||
- $cmd
|
||||
+ output=$($cmd 2>&1)
|
||||
rc=$?
|
||||
+
|
||||
if [ "$rc" -gt 0 ]; then
|
||||
- ocf_log warn "command failed, rc $rc"
|
||||
+ if [ "$__OCF_ACTION" = "start" ]; then
|
||||
+ # expected to fail during start
|
||||
+ level="debug"
|
||||
+ else
|
||||
+ level="warn"
|
||||
+ fi
|
||||
+
|
||||
+ ocf_log "$level" "command failed, rc $rc"
|
||||
+ ocf_log "$level" "output/error: $output"
|
||||
return $OCF_ERR_GENERIC
|
||||
+ else
|
||||
+ ocf_log debug "output/error: $output"
|
||||
fi
|
||||
|
||||
# delete remaining route-entries if any
|
97
SOURCES/bz1897570-aws-add-imdsv2-support.patch
Normal file
97
SOURCES/bz1897570-aws-add-imdsv2-support.patch
Normal file
@ -0,0 +1,97 @@
|
||||
From 8f10d0eb1e33d38ab6e89015a903620c54edd7c1 Mon Sep 17 00:00:00 2001
|
||||
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
|
||||
Date: Fri, 13 Nov 2020 16:36:20 +0100
|
||||
Subject: [PATCH] AWS agents: add support for IMDSv2
|
||||
|
||||
---
|
||||
heartbeat/aws-vpc-move-ip | 5 +++--
|
||||
heartbeat/aws-vpc-route53.in | 3 ++-
|
||||
heartbeat/awseip | 9 +++++----
|
||||
heartbeat/awsvip | 7 ++++---
|
||||
4 files changed, 14 insertions(+), 10 deletions(-)
|
||||
|
||||
diff --git a/heartbeat/aws-vpc-move-ip b/heartbeat/aws-vpc-move-ip
|
||||
index 72a89ecb1..cbb629b00 100755
|
||||
--- a/heartbeat/aws-vpc-move-ip
|
||||
+++ b/heartbeat/aws-vpc-move-ip
|
||||
@@ -215,7 +215,8 @@ ec2ip_validate() {
|
||||
return $OCF_ERR_CONFIGURED
|
||||
fi
|
||||
|
||||
- EC2_INSTANCE_ID="$(curl -s http://169.254.169.254/latest/meta-data/instance-id)"
|
||||
+ TOKEN=$(curl -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 21600")
|
||||
+ EC2_INSTANCE_ID=$(curl -s http://169.254.169.254/latest/meta-data/instance-id -H "X-aws-ec2-metadata-token: $TOKEN")
|
||||
|
||||
if [ -z "${EC2_INSTANCE_ID}" ]; then
|
||||
ocf_exit_reason "Instance ID not found. Is this a EC2 instance?"
|
||||
@@ -329,7 +330,7 @@ ec2ip_get_instance_eni() {
|
||||
fi
|
||||
ocf_log debug "MAC address associated with interface ${OCF_RESKEY_interface}: ${MAC_ADDR}"
|
||||
|
||||
- cmd="curl -s http://169.254.169.254/latest/meta-data/network/interfaces/macs/${MAC_ADDR}/interface-id"
|
||||
+ cmd="curl -s http://169.254.169.254/latest/meta-data/network/interfaces/macs/${MAC_ADDR}/interface-id -H \"X-aws-ec2-metadata-token: $TOKEN\""
|
||||
ocf_log debug "executing command: $cmd"
|
||||
EC2_NETWORK_INTERFACE_ID="$(eval $cmd)"
|
||||
rc=$?
|
||||
diff --git a/heartbeat/aws-vpc-route53.in b/heartbeat/aws-vpc-route53.in
|
||||
index b06b93726..4fb17019b 100644
|
||||
--- a/heartbeat/aws-vpc-route53.in
|
||||
+++ b/heartbeat/aws-vpc-route53.in
|
||||
@@ -347,7 +347,8 @@ r53_monitor() {
|
||||
_get_ip() {
|
||||
case $OCF_RESKEY_ip in
|
||||
local|public)
|
||||
- IPADDRESS="$(curl -s http://169.254.169.254/latest/meta-data/${OCF_RESKEY_ip}-ipv4)";;
|
||||
+ TOKEN=$(curl -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 21600")
|
||||
+ IPADDRESS=$(curl -s http://169.254.169.254/latest/meta-data/${OCF_RESKEY_ip}-ipv4 -H "X-aws-ec2-metadata-token: $TOKEN");;
|
||||
*.*.*.*)
|
||||
IPADDRESS="${OCF_RESKEY_ip}";;
|
||||
esac
|
||||
diff --git a/heartbeat/awseip b/heartbeat/awseip
|
||||
index 445a03666..de1967774 100755
|
||||
--- a/heartbeat/awseip
|
||||
+++ b/heartbeat/awseip
|
||||
@@ -149,12 +149,12 @@ awseip_start() {
|
||||
awseip_monitor && return $OCF_SUCCESS
|
||||
|
||||
if [ -n "${PRIVATE_IP_ADDRESS}" ]; then
|
||||
- NETWORK_INTERFACES_MACS="$(curl -s http://169.254.169.254/latest/meta-data/network/interfaces/macs/)"
|
||||
+ NETWORK_INTERFACES_MACS=$(curl -s http://169.254.169.254/latest/meta-data/network/interfaces/macs/ -H "X-aws-ec2-metadata-token: $TOKEN")
|
||||
for MAC in ${NETWORK_INTERFACES_MACS}; do
|
||||
- curl -s http://169.254.169.254/latest/meta-data/network/interfaces/macs/${MAC}/local-ipv4s |
|
||||
+ curl -s http://169.254.169.254/latest/meta-data/network/interfaces/macs/${MAC}/local-ipv4s -H "X-aws-ec2-metadata-token: $TOKEN" |
|
||||
grep -q "^${PRIVATE_IP_ADDRESS}$"
|
||||
if [ $? -eq 0 ]; then
|
||||
- NETWORK_ID="$(curl -s http://169.254.169.254/latest/meta-data/network/interfaces/macs/${MAC}/interface-id)"
|
||||
+ NETWORK_ID=$(curl -s http://169.254.169.254/latest/meta-data/network/interfaces/macs/${MAC}/interface-id -H "X-aws-ec2-metadata-token: $TOKEN")
|
||||
fi
|
||||
done
|
||||
$AWSCLI --profile $OCF_RESKEY_profile ec2 associate-address \
|
||||
@@ -244,7 +244,8 @@ AWSCLI="${OCF_RESKEY_awscli}"
|
||||
ELASTIC_IP="${OCF_RESKEY_elastic_ip}"
|
||||
ALLOCATION_ID="${OCF_RESKEY_allocation_id}"
|
||||
PRIVATE_IP_ADDRESS="${OCF_RESKEY_private_ip_address}"
|
||||
-INSTANCE_ID="$(curl -s http://169.254.169.254/latest/meta-data/instance-id)"
|
||||
+TOKEN=$(curl -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 21600")
|
||||
+INSTANCE_ID=$(curl -s http://169.254.169.254/latest/meta-data/instance-id -H "X-aws-ec2-metadata-token: $TOKEN")
|
||||
|
||||
case $__OCF_ACTION in
|
||||
start)
|
||||
diff --git a/heartbeat/awsvip b/heartbeat/awsvip
|
||||
index 3eb31e6ae..8050107e8 100755
|
||||
--- a/heartbeat/awsvip
|
||||
+++ b/heartbeat/awsvip
|
||||
@@ -206,9 +206,10 @@ esac
|
||||
|
||||
AWSCLI="${OCF_RESKEY_awscli}"
|
||||
SECONDARY_PRIVATE_IP="${OCF_RESKEY_secondary_private_ip}"
|
||||
-INSTANCE_ID="$(curl -s http://169.254.169.254/latest/meta-data/instance-id)"
|
||||
-MAC_ADDRESS="$(curl -s http://169.254.169.254/latest/meta-data/mac)"
|
||||
-NETWORK_ID="$(curl -s http://169.254.169.254/latest/meta-data/network/interfaces/macs/${MAC_ADDRESS}/interface-id)"
|
||||
+TOKEN=$(curl -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 21600")
|
||||
+INSTANCE_ID=$(curl -s http://169.254.169.254/latest/meta-data/instance-id -H "X-aws-ec2-metadata-token: $TOKEN")
|
||||
+MAC_ADDRESS=$(curl -s http://169.254.169.254/latest/meta-data/mac -H "X-aws-ec2-metadata-token: $TOKEN")
|
||||
+NETWORK_ID=$(curl -s http://169.254.169.254/latest/meta-data/network/interfaces/macs/${MAC_ADDRESS}/interface-id -H "X-aws-ec2-metadata-token: $TOKEN")
|
||||
|
||||
case $__OCF_ACTION in
|
||||
start)
|
@ -0,0 +1,31 @@
|
||||
From 16236f76d086187f6ae6202153519c1eb2fe4f87 Mon Sep 17 00:00:00 2001
|
||||
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
|
||||
Date: Tue, 24 Nov 2020 10:49:14 +0100
|
||||
Subject: [PATCH] crypt: make key_file and crypt_type parameters not unique
|
||||
|
||||
---
|
||||
heartbeat/crypt | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/heartbeat/crypt b/heartbeat/crypt
|
||||
index 0e49b6c2d..7d0a5607c 100755
|
||||
--- a/heartbeat/crypt
|
||||
+++ b/heartbeat/crypt
|
||||
@@ -86,7 +86,7 @@ The resulting block device path is /dev/mapper/name.
|
||||
<content type="string" default="${OCF_RESKEY_crypt_dev_default}" />
|
||||
</parameter>
|
||||
|
||||
-<parameter name="key_file" unique="1" required="1">
|
||||
+<parameter name="key_file" unique="0" required="1">
|
||||
<longdesc lang="en">
|
||||
Key file path containing the encryption passphrase
|
||||
(aka key; see cryptsetup(8)). For LUKS, the passphrase as of the key_file
|
||||
@@ -96,7 +96,7 @@ parameter is used to decrypt a randomly selected key when the device was created
|
||||
<content type="string" default="${OCF_RESKEY_key_file_default}" />
|
||||
</parameter>
|
||||
|
||||
-<parameter name="crypt_type" unique="1" required="1">
|
||||
+<parameter name="crypt_type" unique="0" required="1">
|
||||
<longdesc lang="en">
|
||||
Encryption (device) type (e.g. "luks" or "luks2").
|
||||
|
@ -0,0 +1,33 @@
|
||||
From 11ac2db8f55aa3e6858d6c1b2ab29ee36b612f03 Mon Sep 17 00:00:00 2001
|
||||
From: Michele Baldessari <michele@acksyn.org>
|
||||
Date: Tue, 17 Nov 2020 15:16:29 +0100
|
||||
Subject: [PATCH] Fix delay_evacuate being unset
|
||||
|
||||
In Ie2fe784202d754eda38092479b1ab3ff4d02136a we added an additional
|
||||
parameter to allow for setting a delay on the evacuation.
|
||||
While it was tested with a specific delay, the case with a delay
|
||||
being unset was missed.
|
||||
Since OCF does not set the defaults from the metadata specification
|
||||
for a parameter, we need to manually set it ourselves.
|
||||
|
||||
This fixes the following error:
|
||||
Nov 17 13:00:21 database-1.foo.local pacemaker-execd [185805] (log_op_output) notice: nova-evacuate_monitor_10000[1038417] error output [ /usr/lib/ocf/resource.d/openstack/NovaEvacuate: line 228: [: !=: unary operator expected ]
|
||||
|
||||
Change-Id: I0b7aacd67b77bc44c67fe7da4c494807abbbb4f3
|
||||
---
|
||||
|
||||
diff --git a/heartbeat/NovaEvacuate b/heartbeat/NovaEvacuate
|
||||
index 596f520..8aa778c 100644
|
||||
--- a/heartbeat/NovaEvacuate
|
||||
+++ b/heartbeat/NovaEvacuate
|
||||
@@ -359,6 +359,10 @@
|
||||
fence_options="${fence_options} -e ${OCF_RESKEY_endpoint_type}"
|
||||
fi
|
||||
|
||||
+ if [ -z "${OCF_RESKEY_evacuate_delay}" ]; then
|
||||
+ OCF_RESKEY_evacuate_delay=0
|
||||
+ fi
|
||||
+
|
||||
if [ $rc != $OCF_SUCCESS ]; then
|
||||
exit $rc
|
||||
fi
|
@ -0,0 +1,64 @@
|
||||
From 52d09b57a499ed7b3757e0e2954c2783198d5b23 Mon Sep 17 00:00:00 2001
|
||||
From: Damien Ciabrini <damien.ciabrini@gmail.com>
|
||||
Date: Mon, 9 Nov 2020 20:42:19 +0100
|
||||
Subject: [PATCH] podman: recover from podman's storage being out of sync
|
||||
|
||||
If a system crash while podman is stopping a container (e.g. a fencing action
|
||||
took place), it might happen that on reboot, podman is not able to recreate
|
||||
a container as requested by the resource agent.
|
||||
|
||||
When such a start operation fails, it might be because the internal storage
|
||||
layer still references an old container with the same name, even though podman
|
||||
itself thinks there is no such container. If so, purge the storage layer to try
|
||||
to clean the corruption and try recreating the container.
|
||||
---
|
||||
heartbeat/podman | 29 +++++++++++++++++++++++++++--
|
||||
1 file changed, 27 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/heartbeat/podman b/heartbeat/podman
|
||||
index 81b00ee6f..d4d608ca3 100755
|
||||
--- a/heartbeat/podman
|
||||
+++ b/heartbeat/podman
|
||||
@@ -345,6 +345,32 @@ create_transient_drop_in_dependency()
|
||||
}
|
||||
|
||||
|
||||
+run_new_container()
|
||||
+{
|
||||
+ local opts=$1
|
||||
+ local image=$2
|
||||
+ local cmd=$3
|
||||
+ local rc
|
||||
+
|
||||
+ ocf_log info "running container $CONTAINER for the first time"
|
||||
+ ocf_run podman run $opts $image $cmd
|
||||
+ rc=$?
|
||||
+ if [ $rc -eq 125 ]; then
|
||||
+ # If an internal podman error occurred, it might be because
|
||||
+ # the internal storage layer still references an old container
|
||||
+ # with the same name, even though podman itself thinks there
|
||||
+ # is no such container. If so, purge the storage layer to try
|
||||
+ # to clean the corruption and try again.
|
||||
+ ocf_log warn "Internal podman error while creating new container $CONTAINER. Retrying."
|
||||
+ ocf_run podman rm --storage $CONTAINER
|
||||
+ ocf_run podman run $opts $image $cmd
|
||||
+ rc=$?
|
||||
+ fi
|
||||
+
|
||||
+ return $rc
|
||||
+}
|
||||
+
|
||||
+
|
||||
podman_start()
|
||||
{
|
||||
local cid
|
||||
@@ -378,8 +404,7 @@ podman_start()
|
||||
# make sure any previous container matching our container name is cleaned up first.
|
||||
# we already know at this point it wouldn't be running
|
||||
remove_container
|
||||
- ocf_log info "running container $CONTAINER for the first time"
|
||||
- ocf_run podman run $run_opts $OCF_RESKEY_image $OCF_RESKEY_run_cmd
|
||||
+ run_new_container "$run_opts" $OCF_RESKEY_image "$OCF_RESKEY_run_cmd"
|
||||
fi
|
||||
rc=$?
|
||||
|
23
SOURCES/bz1901357-crypt-1-support-symlink-devices.patch
Normal file
23
SOURCES/bz1901357-crypt-1-support-symlink-devices.patch
Normal file
@ -0,0 +1,23 @@
|
||||
From 4ded33d34505af19ddf19bfa125b5e6c243ebd94 Mon Sep 17 00:00:00 2001
|
||||
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
|
||||
Date: Thu, 26 Nov 2020 12:56:03 +0100
|
||||
Subject: [PATCH] crypt: allow encrypted_dev to be symlink to support using
|
||||
devices in /dev/disk/... or UUID
|
||||
|
||||
---
|
||||
heartbeat/crypt | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/heartbeat/crypt b/heartbeat/crypt
|
||||
index 7d0a5607c..3ca28b92d 100755
|
||||
--- a/heartbeat/crypt
|
||||
+++ b/heartbeat/crypt
|
||||
@@ -177,7 +177,7 @@ crypt_validate_all() {
|
||||
esac
|
||||
esac
|
||||
fi
|
||||
- if [ ! -b "$encrypted_dev" ]; then
|
||||
+ if [ ! -b "$encrypted_dev" ] && [ ! -L "$encrypted_dev" ]; then
|
||||
ocf_exit_reason "Encrypted device $encrypted_dev not accessible"
|
||||
return $OCF_ERR_ARGS
|
||||
fi
|
@ -0,0 +1,44 @@
|
||||
From 6a45c28cd074e14a7bc2e2531b15595b9985965c Mon Sep 17 00:00:00 2001
|
||||
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
|
||||
Date: Tue, 1 Dec 2020 10:11:52 +0100
|
||||
Subject: [PATCH] crypt: avoid failing for LVM exclusive by not running full
|
||||
sanity check during probes
|
||||
|
||||
---
|
||||
heartbeat/crypt | 13 +++++++++++--
|
||||
1 file changed, 11 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/heartbeat/crypt b/heartbeat/crypt
|
||||
index 3ca28b92d..05bded7c5 100755
|
||||
--- a/heartbeat/crypt
|
||||
+++ b/heartbeat/crypt
|
||||
@@ -177,6 +177,13 @@ crypt_validate_all() {
|
||||
esac
|
||||
esac
|
||||
fi
|
||||
+
|
||||
+ # return early for probes where device might not be available yet
|
||||
+ # e.g. LVM exclusive volumes
|
||||
+ if ocf_is_probe; then
|
||||
+ return $OCF_SUCCESS
|
||||
+ fi
|
||||
+
|
||||
if [ ! -b "$encrypted_dev" ] && [ ! -L "$encrypted_dev" ]; then
|
||||
ocf_exit_reason "Encrypted device $encrypted_dev not accessible"
|
||||
return $OCF_ERR_ARGS
|
||||
@@ -294,11 +301,13 @@ crypt_stop() {
|
||||
crypt_monitor() {
|
||||
cryptsetup status $crypt_dev $disable_locks >/dev/null 2>&1
|
||||
if [ $? -eq 0 ]; then
|
||||
- [ -L $crypt_dev_path ] && return $OCF_SUCCESS
|
||||
+ if [ -b "$encrypted_dev" ] || [ -L $crypt_dev_path ]; then
|
||||
+ return $OCF_SUCCESS
|
||||
+ fi
|
||||
return $OCF_ERR_GENERIC
|
||||
fi
|
||||
|
||||
- [ "$__OCF_ACTION" = "monitor" ] && ! ocf_is_probe && ocf_exit_reason "Crypt resource not running"
|
||||
+ [ "$__OCF_ACTION" = "monitor" ] && ! ocf_is_probe && ocf_exit_reason "Crypt resource not running"
|
||||
return $OCF_NOT_RUNNING
|
||||
}
|
||||
|
@ -0,0 +1,60 @@
|
||||
From 79fb4b2d3d862f4e83b1df72107b6322b420ea34 Mon Sep 17 00:00:00 2001
|
||||
From: Reid Wahl <nrwahl@protonmail.com>
|
||||
Date: Sat, 28 Nov 2020 18:10:03 -0800
|
||||
Subject: [PATCH] LVM-activate: Stop before blk-availability.service
|
||||
|
||||
If storage services (e.g., iscsi-shutdown.service) stop before an
|
||||
LVM-activate resource stops, the managed VG may become unavailable. Then
|
||||
the LVM-activate resource may fail to deactivate the volume group and
|
||||
thus fail its stop operation.
|
||||
|
||||
This commit adds a systemd drop-in "After=blk-availability.service"
|
||||
directive for resource-agents-deps.target during the LVM-activate start
|
||||
op. blk-availability includes "After=" directives for other storage
|
||||
services and thus serves as a convenient wrapper.
|
||||
|
||||
blk-availability is not enabled by default, and a "Wants=" drop-in
|
||||
that's created after Pacemaker starts would not be able to start
|
||||
blk-availability automatically. So here we also start blk-availability
|
||||
during LVM_start().
|
||||
|
||||
Resolves RHBZ#1902208
|
||||
|
||||
Signed-off-by: Reid Wahl <nrwahl@protonmail.com>
|
||||
---
|
||||
heartbeat/LVM-activate | 22 ++++++++++++++++++++++
|
||||
1 file changed, 22 insertions(+)
|
||||
|
||||
diff --git a/heartbeat/LVM-activate b/heartbeat/LVM-activate
|
||||
index 94f9e5813..b8abd7579 100755
|
||||
--- a/heartbeat/LVM-activate
|
||||
+++ b/heartbeat/LVM-activate
|
||||
@@ -830,6 +830,28 @@ lvm_start() {
|
||||
local rc
|
||||
local vol
|
||||
|
||||
+ if systemd_is_running ; then
|
||||
+ # Create drop-in to deactivate VG before stopping
|
||||
+ # storage services during shutdown/reboot.
|
||||
+ after=$(systemctl show resource-agents-deps.target.d \
|
||||
+ --property=After | cut -d'=' -f2)
|
||||
+
|
||||
+ case "$after" in
|
||||
+ *" blk-availability.service "*)
|
||||
+ ;;
|
||||
+ *)
|
||||
+ systemd_drop_in "99-LVM-activate" "After" \
|
||||
+ "blk-availability.service"
|
||||
+ ;;
|
||||
+ esac
|
||||
+
|
||||
+ # If blk-availability isn't started, the "After="
|
||||
+ # directive has no effect.
|
||||
+ if ! systemctl is-active blk-availability.service ; then
|
||||
+ systemctl start blk-availability.service
|
||||
+ fi
|
||||
+ fi
|
||||
+
|
||||
if lvm_status ; then
|
||||
ocf_log info "${vol}: is already active."
|
||||
return $OCF_SUCCESS
|
@ -0,0 +1,45 @@
|
||||
From 908431d416076e3ceb70cc95871957d15265a949 Mon Sep 17 00:00:00 2001
|
||||
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
|
||||
Date: Wed, 2 Dec 2020 16:48:32 +0100
|
||||
Subject: [PATCH] ocf-shellfuncs: make ocf_is_bash4() detect Bash v4 or greater
|
||||
(which it was supposed to according to the comments)
|
||||
|
||||
---
|
||||
heartbeat/ocf-shellfuncs.in | 13 +++++++++----
|
||||
1 file changed, 9 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/heartbeat/ocf-shellfuncs.in b/heartbeat/ocf-shellfuncs.in
|
||||
index b8d47e3d5..ac75dfc87 100644
|
||||
--- a/heartbeat/ocf-shellfuncs.in
|
||||
+++ b/heartbeat/ocf-shellfuncs.in
|
||||
@@ -907,13 +907,18 @@ ocf_unique_rundir()
|
||||
# NB: FD 9 may be used for tracing with bash >= v4 in case
|
||||
# OCF_TRACE_FILE is set to a path.
|
||||
#
|
||||
-ocf_is_bash4() {
|
||||
+ocf_bash_has_xtracefd() {
|
||||
echo "$SHELL" | grep bash > /dev/null &&
|
||||
- [ ${BASH_VERSINFO[0]} = "4" ]
|
||||
+ [ ${BASH_VERSINFO[0]} -ge 4 ]
|
||||
+}
|
||||
+# for backwards compatibility
|
||||
+ocf_is_bash4() {
|
||||
+ ocf_bash_has_xtracefd
|
||||
+ return $?
|
||||
}
|
||||
ocf_trace_redirect_to_file() {
|
||||
local dest=$1
|
||||
- if ocf_is_bash4; then
|
||||
+ if ocf_bash_has_xtracefd; then
|
||||
exec 9>$dest
|
||||
BASH_XTRACEFD=9
|
||||
else
|
||||
@@ -922,7 +927,7 @@ ocf_trace_redirect_to_file() {
|
||||
}
|
||||
ocf_trace_redirect_to_fd() {
|
||||
local fd=$1
|
||||
- if ocf_is_bash4; then
|
||||
+ if ocf_bash_has_xtracefd; then
|
||||
BASH_XTRACEFD=$fd
|
||||
else
|
||||
exec 2>&$fd
|
86
SOURCES/bz1913932-1-gcp-vpc-move-add-project-parameter.patch
Normal file
86
SOURCES/bz1913932-1-gcp-vpc-move-add-project-parameter.patch
Normal file
@ -0,0 +1,86 @@
|
||||
From 560683500b3f9d5d8e183a569daea27422ae5268 Mon Sep 17 00:00:00 2001
|
||||
From: Reid Wahl <nrwahl@protonmail.com>
|
||||
Date: Thu, 7 Jan 2021 12:25:04 -0800
|
||||
Subject: [PATCH] gcp-vpc-move-route, gcp-vpc-move-vip: Parameterize project ID
|
||||
|
||||
Resolves: RHBZ#1913932
|
||||
Resolves: RHBZ#1913936
|
||||
|
||||
Signed-off-by: Reid Wahl <nrwahl@protonmail.com>
|
||||
---
|
||||
heartbeat/gcp-vpc-move-route.in | 13 ++++++++++++-
|
||||
heartbeat/gcp-vpc-move-vip.in | 16 ++++++++++++++--
|
||||
2 files changed, 26 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/heartbeat/gcp-vpc-move-route.in b/heartbeat/gcp-vpc-move-route.in
|
||||
index d8e8ea8dd..179eba15a 100644
|
||||
--- a/heartbeat/gcp-vpc-move-route.in
|
||||
+++ b/heartbeat/gcp-vpc-move-route.in
|
||||
@@ -106,6 +106,16 @@ Name of the VPC network
|
||||
<content type="string" default="default" />
|
||||
</parameter>
|
||||
|
||||
+<parameter name="project">
|
||||
+<longdesc lang="en">
|
||||
+Project ID of the instance. It can be useful to set this attribute if
|
||||
+the instance is in a shared service project. Otherwise, the agent should
|
||||
+be able to determine the project ID automatically.
|
||||
+</longdesc>
|
||||
+<shortdesc lang="en">Project ID</shortdesc>
|
||||
+<content type="string" default="default" />
|
||||
+</parameter>
|
||||
+
|
||||
<parameter name="interface">
|
||||
<longdesc lang="en">
|
||||
Name of the network interface
|
||||
@@ -215,7 +225,8 @@ def validate(ctx):
|
||||
try:
|
||||
ctx.instance = get_metadata('instance/name')
|
||||
ctx.zone = get_metadata('instance/zone').split('/')[-1]
|
||||
- ctx.project = get_metadata('project/project-id')
|
||||
+ ctx.project = os.environ.get(
|
||||
+ 'OCF_RESKEY_project', get_metadata('project/project-id'))
|
||||
except Exception as e:
|
||||
logger.error(
|
||||
'Instance information not found. Is this a GCE instance ?: %s', str(e))
|
||||
diff --git a/heartbeat/gcp-vpc-move-vip.in b/heartbeat/gcp-vpc-move-vip.in
|
||||
index 01d91a59d..e792f71d5 100755
|
||||
--- a/heartbeat/gcp-vpc-move-vip.in
|
||||
+++ b/heartbeat/gcp-vpc-move-vip.in
|
||||
@@ -75,6 +75,16 @@ METADATA = \
|
||||
<shortdesc lang="en">Host list</shortdesc>
|
||||
<content type="string" default="" />
|
||||
</parameter>
|
||||
+ <parameter name="project" unique="0" required="0">
|
||||
+ <longdesc lang="en">
|
||||
+ Project ID of the instance. It can be useful to set this
|
||||
+ attribute if the instance is in a shared service project.
|
||||
+ Otherwise, the agent should be able to determine the project ID
|
||||
+ automatically.
|
||||
+ </longdesc>
|
||||
+ <shortdesc lang="en">Project ID</shortdesc>
|
||||
+ <content type="string" default="default" />
|
||||
+ </parameter>
|
||||
<parameter name="stackdriver_logging" unique="0" required="0">
|
||||
<longdesc lang="en">If enabled (set to true), IP failover logs will be posted to stackdriver logging</longdesc>
|
||||
<shortdesc lang="en">Stackdriver-logging support</shortdesc>
|
||||
@@ -267,7 +277,8 @@ def get_instances_list(project, exclude):
|
||||
def gcp_alias_start(alias):
|
||||
my_aliases = get_localhost_aliases()
|
||||
my_zone = get_metadata('instance/zone').split('/')[-1]
|
||||
- project = get_metadata('project/project-id')
|
||||
+ project = os.environ.get(
|
||||
+ 'OCF_RESKEY_project', get_metadata('project/project-id'))
|
||||
|
||||
if alias in my_aliases:
|
||||
# TODO: Do we need to check alias_range_name?
|
||||
@@ -315,7 +326,8 @@ def gcp_alias_start(alias):
|
||||
def gcp_alias_stop(alias):
|
||||
my_aliases = get_localhost_aliases()
|
||||
my_zone = get_metadata('instance/zone').split('/')[-1]
|
||||
- project = get_metadata('project/project-id')
|
||||
+ project = os.environ.get(
|
||||
+ 'OCF_RESKEY_project', get_metadata('project/project-id'))
|
||||
|
||||
if alias in my_aliases:
|
||||
logger.info('Removing %s from %s' % (alias, THIS_VM))
|
106
SOURCES/bz1913932-2-gcp-vpc-move-route-fixes.patch
Normal file
106
SOURCES/bz1913932-2-gcp-vpc-move-route-fixes.patch
Normal file
@ -0,0 +1,106 @@
|
||||
From 523c4cee64b3b8ee9f603a940d83a6628531078d Mon Sep 17 00:00:00 2001
|
||||
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
|
||||
Date: Tue, 19 Jan 2021 10:56:47 +0100
|
||||
Subject: [PATCH 1/2] gcp-vpc-move-route: fix stop-action when route stopped,
|
||||
and fix check_conflicting_routes()
|
||||
|
||||
---
|
||||
heartbeat/gcp-vpc-move-route.in | 23 +++++++++++++++++------
|
||||
1 file changed, 17 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/heartbeat/gcp-vpc-move-route.in b/heartbeat/gcp-vpc-move-route.in
|
||||
index 179eba15a..9fe985832 100644
|
||||
--- a/heartbeat/gcp-vpc-move-route.in
|
||||
+++ b/heartbeat/gcp-vpc-move-route.in
|
||||
@@ -252,8 +252,19 @@ def validate(ctx):
|
||||
def check_conflicting_routes(ctx):
|
||||
fl = '(destRange = "%s*") AND (network = "%s") AND (name != "%s")' % (
|
||||
ctx.ip, ctx.vpc_network_url, ctx.route_name)
|
||||
- request = ctx.conn.routes().list(project=ctx.project, filter=fl)
|
||||
- response = request.execute()
|
||||
+ try:
|
||||
+ request = ctx.conn.routes().list(project=ctx.project, filter=fl)
|
||||
+ response = request.execute()
|
||||
+ except googleapiclient.errors.HttpError as e:
|
||||
+ if e.resp.status == 404:
|
||||
+ logger.error('VPC network not found')
|
||||
+ if 'stop' in sys.argv[1]:
|
||||
+ sys.exit(OCF_SUCCESS)
|
||||
+ else:
|
||||
+ sys.exit(OCF_ERR_CONFIGURED)
|
||||
+ else:
|
||||
+ raise
|
||||
+
|
||||
route_list = response.get('items', None)
|
||||
if route_list:
|
||||
logger.error(
|
||||
@@ -353,16 +364,16 @@ def route_monitor(ctx):
|
||||
logger.info('GCP route monitor: checking route table')
|
||||
|
||||
# Ensure that there is no route that we are not aware of that is also handling our IP
|
||||
- check_conflicting_routes
|
||||
+ check_conflicting_routes(ctx)
|
||||
|
||||
try:
|
||||
request = ctx.conn.routes().get(project=ctx.project, route=ctx.route_name)
|
||||
response = request.execute()
|
||||
except googleapiclient.errors.HttpError as e:
|
||||
- if 'Insufficient Permission' in e.content:
|
||||
- return OCF_ERR_PERM
|
||||
- elif e.resp.status == 404:
|
||||
+ if e.resp.status == 404:
|
||||
return OCF_NOT_RUNNING
|
||||
+ elif 'Insufficient Permission' in e.content:
|
||||
+ return OCF_ERR_PERM
|
||||
else:
|
||||
raise
|
||||
|
||||
|
||||
From 50dbfc3230e87b8d29163c235e6866d15fd6fc1b Mon Sep 17 00:00:00 2001
|
||||
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
|
||||
Date: Tue, 19 Jan 2021 11:50:22 +0100
|
||||
Subject: [PATCH 2/2] gcp-vpc-move-vip: correctly return error when no
|
||||
instances are returned
|
||||
|
||||
---
|
||||
heartbeat/gcp-vpc-move-vip.in | 20 +++++++++++++++-----
|
||||
1 file changed, 15 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/heartbeat/gcp-vpc-move-vip.in b/heartbeat/gcp-vpc-move-vip.in
|
||||
index e792f71d5..bbbd87b7a 100755
|
||||
--- a/heartbeat/gcp-vpc-move-vip.in
|
||||
+++ b/heartbeat/gcp-vpc-move-vip.in
|
||||
@@ -263,8 +263,14 @@ def get_instances_list(project, exclude):
|
||||
hostlist = []
|
||||
request = CONN.instances().aggregatedList(project=project)
|
||||
while request is not None:
|
||||
- response = request.execute()
|
||||
- zones = response.get('items', {})
|
||||
+ try:
|
||||
+ response = request.execute()
|
||||
+ zones = response.get('items', {})
|
||||
+ except googleapiclient.errors.HttpError as e:
|
||||
+ if e.resp.status == 404:
|
||||
+ logger.debug('get_instances_list(): no instances found')
|
||||
+ return ''
|
||||
+
|
||||
for zone in zones.values():
|
||||
for inst in zone.get('instances', []):
|
||||
if inst['name'] != exclude:
|
||||
@@ -303,9 +309,13 @@ def gcp_alias_start(alias):
|
||||
break
|
||||
|
||||
# Add alias IP range to localhost
|
||||
- add_alias(
|
||||
- project, my_zone, THIS_VM, alias,
|
||||
- os.environ.get('OCF_RESKEY_alias_range_name'))
|
||||
+ try:
|
||||
+ add_alias(
|
||||
+ project, my_zone, THIS_VM, alias,
|
||||
+ os.environ.get('OCF_RESKEY_alias_range_name'))
|
||||
+ except googleapiclient.errors.HttpError as e:
|
||||
+ if e.resp.status == 404:
|
||||
+ sys.exit(OCF_ERR_CONFIGURED)
|
||||
|
||||
# Verify that the IP range has been added
|
||||
my_aliases = get_localhost_aliases()
|
@ -70,7 +70,7 @@
|
||||
Name: resource-agents
|
||||
Summary: Open Source HA Reusable Cluster Resource Scripts
|
||||
Version: 4.1.1
|
||||
Release: 60%{?rcver:%{rcver}}%{?numcomm:.%{numcomm}}%{?alphatag:.%{alphatag}}%{?dirty:.%{dirty}}%{?dist}
|
||||
Release: 86%{?rcver:%{rcver}}%{?numcomm:.%{numcomm}}%{?alphatag:.%{alphatag}}%{?dirty:.%{dirty}}%{?dist}
|
||||
License: GPLv2+ and LGPLv2+
|
||||
URL: https://github.com/ClusterLabs/resource-agents
|
||||
%if 0%{?fedora} || 0%{?centos_version} || 0%{?rhel}
|
||||
@ -215,7 +215,7 @@ Patch123: bz1744190-pgsql-1-set-primary-standby-initial-score.patch
|
||||
Patch124: bz1744190-pgsql-2-improve-start-checks.patch
|
||||
Patch125: bz1820523-exportfs-1-add-symlink-support.patch
|
||||
Patch126: bz1832321-rabbitmq-cluster-increase-wait-timeout.patch
|
||||
Patch127: bz1818997-nfsserver-fix-nfsv4-only-support.patch
|
||||
Patch127: bz1818997-nfsserver-1-fix-nfsv4-only-support.patch
|
||||
Patch128: bz1830716-NovaEvacuate-suppress-expected-error.patch
|
||||
Patch129: bz1836945-db2-hadr-promote-standby-node.patch
|
||||
Patch130: bz1633251-gcp-pd-move-4-fixes-and-improvements.patch
|
||||
@ -223,12 +223,47 @@ Patch131: bz1633251-gcp-pd-move-5-bundle.patch
|
||||
Patch132: bz1839721-podman-force-rm-container-if-rm-fails.patch
|
||||
Patch133: bz1820523-exportfs-2-fix-monitor-action.patch
|
||||
Patch134: bz1843999-aliyun-vpc-move-ip-log-output-when-failing.patch
|
||||
Patch135: bz1845574-azure-events-handle-exceptions-in-urlopen.patch
|
||||
Patch135: bz1845574-azure-events-1-handle-exceptions-in-urlopen.patch
|
||||
Patch136: bz1845581-nfsserver-dont-log-error-message-file-doesnt-exist.patch
|
||||
Patch137: bz1845583-exportfs-1-describe-clientspec-format-in-metadata.patch
|
||||
Patch138: bz1845583-exportfs-2-fix-typo.patch
|
||||
Patch139: bz1814896-Filesystem-fast_stop-default-to-no-for-GFS2.patch
|
||||
Patch140: bz1836186-pgsql-support-Pacemaker-v2.03-output.patch
|
||||
Patch141: bz1819965-3-azure-events-decode-when-type-not-str.patch
|
||||
Patch142: bz1818997-nfsserver-2-stop-nfsdcld-if-present.patch
|
||||
Patch143: bz1818997-3-nfsserver-nfsnotify-fix-selinux-label-issue.patch
|
||||
Patch144: bz1845574-azure-events-2-import-urlerror-encode-postdata.patch
|
||||
Patch145: bz1846733-gcp-vpc-move-vip-1-support-multiple-alias-ips.patch
|
||||
Patch146: bz1846733-gcp-vpc-move-vip-2-fix-list-sort.patch
|
||||
Patch147: bz1850778-azure-lb-fix-redirect-issue.patch
|
||||
Patch148: bz1640587-pgsql-ignore-masters-re-promote.patch
|
||||
Patch149: bz1795535-pgsql-1-add-postgresql-12-support.patch
|
||||
Patch150: bz1795535-pgsql-2-fix-uppercase-hostname-support.patch
|
||||
Patch151: bz1858752-Filesystem-support-whitespace-device-dir.patch
|
||||
Patch152: bz1872999-aws-vpc-move-ip-add-region-parameter.patch
|
||||
Patch153: bz1881114-galera-recover-joining-non-existing-cluster.patch
|
||||
Patch154: bz1815013-redis-parse-password-correctly-based-on-version.patch
|
||||
Patch155: bz1763249-manpages-fix-pcs-syntax.patch
|
||||
Patch156: bz1890068-gcp-pd-move-fix-partially-matched-disk_name.patch
|
||||
Patch157: bz1848025-sybaseASE-run-verify-for-start-action-only.patch
|
||||
Patch158: bz1861001-sybaseASE-add-logfile-parameter.patch
|
||||
Patch159: bz1891835-galera-set-bootstrap-attribute-before-promote.patch
|
||||
Patch160: bz1891855-galera-recover-2-node-cluster.patch
|
||||
Patch161: bz1471182-crypt-1-new-ra.patch
|
||||
Patch162: bz1471182-crypt-2-fix-bashism.patch
|
||||
Patch163: bz1471182-crypt-3-fix-missing-and.patch
|
||||
Patch164: bz1895811-aws-vpc-move-ip-dont-warn-for-expected-scenarios.patch
|
||||
Patch165: bz1897570-aws-add-imdsv2-support.patch
|
||||
Patch166: bz1886262-podman-recover-from-killed-conmon.patch
|
||||
Patch167: bz1900015-podman-recover-from-storage-out-of-sync.patch
|
||||
Patch168: bz1898690-crypt-make-key_file-crypt_type_not-unique.patch
|
||||
Patch169: bz1899551-NovaEvacuate-fix-delay_evacuate-unset.patch
|
||||
Patch170: bz1901357-crypt-1-support-symlink-devices.patch
|
||||
Patch171: bz1902208-LVM-activate-stop-before-storage-service.patch
|
||||
Patch172: bz1901357-crypt-2-dont-sanity-check-during-probe.patch
|
||||
Patch173: bz1903677-ocf-shellfuncs-fix-traceback-redirection-bash5.patch
|
||||
Patch174: bz1913932-1-gcp-vpc-move-add-project-parameter.patch
|
||||
Patch175: bz1913932-2-gcp-vpc-move-route-fixes.patch
|
||||
|
||||
# bundle patches
|
||||
Patch1000: 7-gcp-bundled.patch
|
||||
@ -268,7 +303,14 @@ Requires: /usr/sbin/fuser /bin/mount
|
||||
Requires: /sbin/fsck
|
||||
Requires: /usr/sbin/fsck.ext2 /usr/sbin/fsck.ext3 /usr/sbin/fsck.ext4
|
||||
Requires: /usr/sbin/fsck.xfs
|
||||
Requires: /sbin/mount.nfs /sbin/mount.nfs4 /usr/sbin/mount.cifs
|
||||
Requires: /sbin/mount.nfs /sbin/mount.nfs4
|
||||
%if 0%{?fedora} < 33 || (0%{?rhel} && 0%{?rhel} < 9) || (0%{?centos} && 0%{?centos} < 9) || 0%{?suse_version}
|
||||
%if (0%{?rhel} && 0%{?rhel} < 8) || (0%{?centos} && 0%{?centos} < 8)
|
||||
Requires: /usr/sbin/mount.cifs
|
||||
%else
|
||||
Recommends: /usr/sbin/mount.cifs
|
||||
%endif
|
||||
%endif
|
||||
|
||||
# IPaddr2
|
||||
Requires: /sbin/ip
|
||||
@ -518,6 +560,41 @@ exit 1
|
||||
%patch138 -p1
|
||||
%patch139 -p1
|
||||
%patch140 -p1
|
||||
%patch141 -p1
|
||||
%patch142 -p1
|
||||
%patch143 -p1
|
||||
%patch144 -p1
|
||||
%patch145 -p1
|
||||
%patch146 -p1
|
||||
%patch147 -p1
|
||||
%patch148 -p1
|
||||
%patch149 -p1
|
||||
%patch150 -p1
|
||||
%patch151 -p1 -F1
|
||||
%patch152 -p1
|
||||
%patch153 -p1
|
||||
%patch154 -p1 -F1
|
||||
%patch155 -p1
|
||||
%patch156 -p1
|
||||
%patch157 -p1
|
||||
%patch158 -p1
|
||||
%patch159 -p1
|
||||
%patch160 -p1
|
||||
%patch161 -p1
|
||||
%patch162 -p1
|
||||
%patch163 -p1
|
||||
%patch164 -p1
|
||||
%patch165 -p1
|
||||
%patch166 -p1
|
||||
%patch167 -p1
|
||||
%patch168 -p1
|
||||
%patch169 -p1 -F2
|
||||
%patch170 -p1
|
||||
%patch171 -p1
|
||||
%patch172 -p1
|
||||
%patch173 -p1
|
||||
%patch174 -p1
|
||||
%patch175 -p1
|
||||
|
||||
chmod 755 heartbeat/nova-compute-wait
|
||||
chmod 755 heartbeat/NovaEvacuate
|
||||
@ -1081,6 +1158,116 @@ ccs_update_schema > /dev/null 2>&1 ||:
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Tue Jan 19 2021 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-86
|
||||
- gcp-vpc-move-route, gcp-vpc-move-vip: add project parameter
|
||||
|
||||
Resolves: rhbz#1913932
|
||||
|
||||
* Thu Dec 3 2020 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-81
|
||||
- ocf-shellfuncs: fix traceback redirection for Bash 5+
|
||||
|
||||
Resolves: rhbz#1903677
|
||||
|
||||
* Tue Dec 1 2020 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-80
|
||||
- crypt: support symlink devices, and dont run sanity checks for probes
|
||||
|
||||
Resolves: rhbz#1901357
|
||||
|
||||
* Mon Nov 30 2020 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-79
|
||||
- LVM-activate: add drop-in during start-action to avoid getting
|
||||
fenced during reboot
|
||||
|
||||
Resolves: rhbz#1902208
|
||||
|
||||
* Wed Nov 25 2020 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-77
|
||||
- NovaEvacuate: set delay_evacuate to 0 when it's not set
|
||||
|
||||
Resolves: rhbz#1899551
|
||||
|
||||
* Tue Nov 24 2020 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-76
|
||||
- podman: recover from killed conmon process
|
||||
- podman: recover from podman's storage being out of sync
|
||||
- crypt: make key_file and crypt_type parameters not unique
|
||||
|
||||
Resolves: rhbz#1886262
|
||||
Resolves: rhbz#1900015
|
||||
Resolves: rhbz#1898690
|
||||
|
||||
* Fri Nov 13 2020 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-75
|
||||
- AWS agents: add support for IMDSv2
|
||||
|
||||
Resolves: rhbz#1897570
|
||||
|
||||
* Wed Nov 11 2020 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-74
|
||||
- aws-vpc-move-ip: don't warn for expected scenarios
|
||||
|
||||
Resolves: rhbz#1895811
|
||||
|
||||
* Mon Nov 2 2020 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-73
|
||||
- crypt: new resource agent
|
||||
|
||||
Resolves: rhbz#1471182
|
||||
|
||||
* Wed Oct 28 2020 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-72
|
||||
- sybaseASE: Run verify_all() for start operation only
|
||||
- sybaseASE: add logfile parameter
|
||||
- galera: set bootstrap attribute before promote
|
||||
- galera: recover after network split in a 2-node cluster
|
||||
|
||||
Resolves: rhbz#1848025
|
||||
Resolves: rhbz#1861001
|
||||
Resolves: rhbz#1891835
|
||||
Resolves: rhbz#1891855
|
||||
|
||||
* Tue Oct 27 2020 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-71
|
||||
- redis: parse password correctly based on version
|
||||
- all agents: fix pcs syntax in manpage for pcs 0.10+
|
||||
- gcp-pd-move: dont stop partially matched "disk_name"
|
||||
|
||||
Resolves: rhbz#1815013
|
||||
Resolves: rhbz#1763249
|
||||
Resolves: rhbz#1890068
|
||||
|
||||
* Wed Oct 7 2020 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-70
|
||||
- galera: recover from joining a non existing cluster
|
||||
|
||||
Resolves: rhbz#1881114
|
||||
|
||||
* Wed Sep 23 2020 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-69
|
||||
- pgsql: ignore masters re-promote
|
||||
- pgsql: add PostgreSQL 12 support
|
||||
- Make Samba/CIFS dependency weak
|
||||
- Filesystem: Support whitespace in device or directory name
|
||||
- aws-vpc-move-ip: add region parameter
|
||||
|
||||
Resolves: rhbz#1640587
|
||||
Resolves: rhbz#1795535
|
||||
Resolves: rhbz#1828600
|
||||
Resolves: rhbz#1858752
|
||||
Resolves: rhbz#1872999
|
||||
|
||||
* Thu Aug 20 2020 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-68
|
||||
- azure-lb: fix redirect issue
|
||||
|
||||
Resolves: rhbz#1850778
|
||||
|
||||
* Wed Aug 19 2020 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-67
|
||||
- gcp-vpc-move-vip: add support for multiple alias IPs
|
||||
|
||||
Resolves: rhbz#1846733
|
||||
|
||||
* Thu Jul 30 2020 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-65
|
||||
- azure-events: handle exceptions in urlopen
|
||||
|
||||
Resolves: rhbz#1845574
|
||||
|
||||
* Mon Jul 27 2020 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-64
|
||||
- nfsserver: fix NFSv4-only support
|
||||
- azure-events: new resource agent for Azure
|
||||
|
||||
Resolves: rhbz#1818997
|
||||
Resolves: rhbz#1819965
|
||||
|
||||
* Thu Jun 25 2020 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-60
|
||||
- Upgrade bundled python-httplib2 to fix CVE-2020-11078
|
||||
|
||||
@ -1097,11 +1284,9 @@ ccs_update_schema > /dev/null 2>&1 ||:
|
||||
Resolves: rhbz#1814896
|
||||
|
||||
* Wed Jun 10 2020 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-55
|
||||
- azure-events: handle exceptions in urlopen
|
||||
- nfsserver: dont log error message when /etc/sysconfig/nfs does not exist
|
||||
- exportfs: describe clientspec format in metadata
|
||||
|
||||
Resolves: rhbz#1845574
|
||||
Resolves: rhbz#1845581
|
||||
Resolves: rhbz#1845583
|
||||
|
||||
@ -1123,11 +1308,9 @@ ccs_update_schema > /dev/null 2>&1 ||:
|
||||
Resolves: rhbz#1633251
|
||||
|
||||
* Wed May 27 2020 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-51
|
||||
- nfsserver: fix NFSv4-only support
|
||||
- NovaEvacuate: suppress expected initial error message
|
||||
- db2 (HADR): promote standby node when master node disappears
|
||||
|
||||
Resolves: rhbz#1818997
|
||||
Resolves: rhbz#1830716
|
||||
Resolves: rhbz#1836945
|
||||
|
||||
@ -1144,12 +1327,6 @@ ccs_update_schema > /dev/null 2>&1 ||:
|
||||
Resolves: rhbz#1759115
|
||||
Resolves: rhbz#1744190
|
||||
|
||||
* Thu Apr 16 2020 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-48
|
||||
- azure-events: new resource agent for Azure
|
||||
|
||||
Resolves: rhbz#1633251
|
||||
Resolves: rhbz#1819965
|
||||
|
||||
* Mon Apr 6 2020 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-47
|
||||
- aws-vpc-move-ip: delete remaining route entries
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user