From 40a24f5ab917863d1549508ae9cf31085955d174 Mon Sep 17 00:00:00 2001 From: Kaleb S KEITHLEY Date: Mon, 14 Dec 2015 09:24:57 -0500 Subject: common-ha: reliable grace using pacemaker notify actions Using *-dead_ip-1 resources to track on which nodes the ganesha.nfsd had died was found to be unreliable. Running `pcs status` in the ganesha_grace monitor action was seen to time out during failover; the HA devs opined that it was, generally, not a good idea to run `pcs status` in a monitor action in any event. They suggested using the notify feature, where the resources on all the nodes are notified when a clone resource agent dies. This change adds a notify action to the ganesha_grace RA. The ganesha_mon RA monitors its ganesha.nfsd daemon. While the daemon is running, it creates two attributes: ganesha-active and grace-active. When the daemon stops for any reason, the attributes are deleted. Deleting the ganesha-active attribute triggers the failover of the virtual IP (the IPaddr RA) to another node where ganesha.nfsd is still running. The ganesha_grace RA monitors the grace-active attribute. When the grace-active attibute is deleted, the ganesha_grace RA stops, and will not restart. This triggers pacemaker to trigger the notify action in the ganesha_grace RAs on the other nodes in the cluster; which send a DBUS message to their ganesha.nfsd. (N.B. grace-active is a bit of a misnomer. while the grace-active attribute exists, everything is normal and healthy. Deleting the attribute triggers putting the surviving ganesha.nfsds into GRACE.) To ensure that the remaining/surviving ganesha.nfsds are put into NFS-GRACE before the IPaddr (virtual IP) fails over there is a short delay (sleep) between deleting the grace-active attribute and the ganesha-active attribute. To summarize: 1. on node 2 ganesha_mon:monitor notices that ganesha.nfsd has died 2. on node 2 ganesha_mon:monitor deletes its grace-active attribute 3. on node 2 ganesha_grace:monitor notices that grace-active is gone and returns OCF_ERR_GENERIC, a.k.a. new error. When pacemaker tries to (re)start ganesha_grace, its start action will return OCF_NOT_RUNNING, a.k.a. known error, don't attempt further restarts. 4. on nodes 1, 3, etc., ganesha_grace:notify receives a post-stop notification indicating that node 2 is gone, and sends a DBUS message to its ganesha.nfsd putting it into NFS-GRACE. 5. on node 2 ganesha_mon:monitor waits a short period, then deletes its ganesha-active attribute. This triggers the IPaddr (virt IP) failover according to constraint location rules. ganesha_nfsd modified to run for the duration, start action is invoked to setup the /var/lib/nfs symlink, stop action is invoked to restore it. ganesha-ha.sh modified accordingly to create it as a clone resource. BUG: 1290865 Change-Id: I1ba24f38fa4338b3aeb17c65645e9f439387ff57 Signed-off-by: Kaleb S KEITHLEY Reviewed-on: http://review.gluster.org/12964 Smoke: Gluster Build System NetBSD-regression: NetBSD Build System CentOS-regression: Gluster Build System Reviewed-on: http://review.gluster.org/13725 --- extras/ganesha/ocf/ganesha_grace | 141 ++++++++++++++++++++++----------------- extras/ganesha/ocf/ganesha_mon | 110 +++++++++++++++++++----------- extras/ganesha/ocf/ganesha_nfsd | 89 ++++++++++++------------ 3 files changed, 199 insertions(+), 141 deletions(-) (limited to 'extras/ganesha/ocf') diff --git a/extras/ganesha/ocf/ganesha_grace b/extras/ganesha/ocf/ganesha_grace index 75ec16c0fd1..a82c9af417a 100644 --- a/extras/ganesha/ocf/ganesha_grace +++ b/extras/ganesha/ocf/ganesha_grace @@ -36,6 +36,9 @@ else . ${OCF_FUNCTIONS_DIR}/ocf-shellfuncs fi +OCF_RESKEY_grace_active_default="grace-active" +: ${OCF_RESKEY_grace_active=${OCF_RESKEY_grace_active_default}} + ganesha_meta_data() { cat < @@ -51,19 +54,25 @@ resource agent for nfs-ganesha. Manages the user-space nfs-ganesha NFS server + +NFS-Ganesha grace active attribute +NFS-Ganesha grace active attribute + + - - + + + END -return $OCF_SUCCESS +return ${OCF_SUCCESS} } ganesha_grace_usage() { @@ -73,10 +82,10 @@ ganesha_grace_usage() { # Make sure meta-data and usage always succeed case $__OCF_ACTION in meta-data) ganesha_meta_data - exit $OCF_SUCCESS + exit ${OCF_SUCCESS} ;; usage|help) ganesha_usage - exit $OCF_SUCCESS + exit ${OCF_SUCCESS} ;; *) ;; @@ -84,81 +93,89 @@ esac ganesha_grace_start() { - local result="" - local resourcename="" - local deadserver="" - local tmpIFS=${IFS} - local pid_file="/var/run/ganesha.nfsd.pid" - - # RHEL6 /etc/init.d/nfs-ganesha adds "-p /var/run/ganesha.nfsd.pid" - # RHEL7 systemd does not. Would be nicer if all distros used the - # same pid file. - if [ -e /usr/lib/systemd/system/nfs-ganesha.service ]; then - pid_file="/var/run/ganesha.pid" + rc=${OCF_ERR_GENERIC} + ocf_log debug "ganesha_grace_start()" + attr=$(attrd_updater -Q -n ${OCF_RESKEY_grace_active}) + + # Three possibilities: + # 1. There is no attribute at all and attr_updater returns + # a zero length string. This happens when + # ganesha_mon::monitor hasn't run at least once to set + # the attribute. The assumption here is that the system + # is coming up. We pretend, for now, that the node is + # healthy, to allow the system to continue coming up. + # It will cure itself in a few seconds + # 2. There is an attribute, and it has the value "1"; this + # node is healthy. + # 3. There is an attribute, but it has no value or the value + # "0"; this node is not healthy. + + # case 1 + if [[ -z "${attr}" ]]; then + return ${OCF_SUCCESS} fi - # logger "ganesha_grace_start()" - # we're here because somewhere in the cluster one or more - # of the ganesha.nfsds have died, triggering a floating IP - # address to move. Resource constraint location rules ensure - # that this is invoked before the floating IP is moved. - if [ -e ${pid_file} -a \ - -d /proc/$(cat ${pid_file} ) ]; then - # my ganesha.nfsd is still running - # find out which one died? - - pcs status | grep dead_ip-1 | sort > /tmp/.pcs_status - - result=$(diff /var/run/ganesha/pcs_status /tmp/.pcs_status | grep '^>') - if [[ ${result} ]]; then - # logger "ganesha_grace_start(), ${result}" - IFS=$'\n' - for line in ${result}; do - resourcename=$(echo ${line} | cut -f 1 | cut -d ' ' -f 3) - deadserver=${resourcename%"-dead_ip-1"} - - if [[ ${deadserver} ]]; then - # logger "ganesha_grace_start(), ${line}" - # logger "ganesha_grace_start(), dbus-send --print-reply --system --dest=org.ganesha.nfsd /org/ganesha/nfsd/admin org.ganesha.nfsd.admin.grace string:${deadserver}" - dbus-send --print-reply --system --dest=org.ganesha.nfsd /org/ganesha/nfsd/admin org.ganesha.nfsd.admin.grace string:${deadserver} - if [ $? -ne 0 ]; then - logger "warning: dbus-send --print-reply --system --dest=org.ganesha.nfsd /org/ganesha/nfsd/admin org.ganesha.nfsd.admin.grace string:${deadserver} failed" - fi - fi - done - IFS=${tmpIFS} - fi - + # case 2 + if [[ "${attr}" = *"value=\"1\"" ]]; then + return ${OCF_SUCCESS} fi - return $OCF_SUCCESS + + # case 3 + return ${OCF_NOT_RUNNING} } ganesha_grace_stop() { - # logger "ganesha_grace_stop()" - return $OCF_SUCCESS + ocf_log debug "ganesha_grace_stop()" + return ${OCF_SUCCESS} +} + +ganesha_grace_notify() +{ + mode="${OCF_RESKEY_CRM_meta_notify_type}-${OCF_RESKEY_CRM_meta_notify_operation}" + case "$mode" in + post-stop) + ocf_log debug "stop_uname:${OCF_RESKEY_CRM_meta_notify_stop_uname}" + dbus-send --print-reply --system --dest=org.ganesha.nfsd /org/ganesha/nfsd/admin org.ganesha.nfsd.admin.grace string:${OCF_RESKEY_CRM_meta_notify_stop_uname} + if [ $? -ne 0 ]; then + ocf_log info "dbus-send --print-reply --system --dest=org.ganesha.nfsd /org/ganesha/nfsd/admin org.ganesha.nfsd.admin.grace string:${OCF_RESKEY_CRM_meta_notify_stop_uname} failed" + fi + ;; + esac + + return ${OCF_SUCCESS} } ganesha_grace_monitor() { - # logger "ganesha_grace_monitor()" - if [ ! -d /var/run/ganesha ]; then - mkdir -p /var/run/ganesha + rc=${OCF_ERR_GENERIC} + ocf_log debug "monitor" + + attr=$(attrd_updater -Q -n ${OCF_RESKEY_grace_active}) + + # if there is no attribute (yet), maybe it's because + # this RA started before ganesha_mon (nfs-mon) has had + # chance to create it. In which case we'll pretend + # everything is okay this time around + if [[ -z "${attr}" ]]; then + return ${OCF_SUCCESS} + fi + + if [[ "${attr}" = *"value=\"1\"" ]]; then + rc=${OCF_SUCCESS} fi - pcs status | grep dead_ip-1 | sort > /var/run/ganesha/pcs_status - return $OCF_SUCCESS + + return ${rc} } ganesha_grace_validate() { - return $OCF_SUCCESS + return ${OCF_SUCCESS} } ganesha_grace_validate -# logger "ganesha_grace ${OCF_RESOURCE_INSTANCE} $__OCF_ACTION" - # Translate each action into the appropriate function call case $__OCF_ACTION in start) ganesha_grace_start @@ -167,14 +184,16 @@ stop) ganesha_grace_stop ;; status|monitor) ganesha_grace_monitor ;; +notify) ganesha_grace_notify + ;; *) ganesha_grace_usage - exit $OCF_ERR_UNIMPLEMENTED + exit ${OCF_ERR_UNIMPLEMENTED} ;; esac rc=$? # The resource agent may optionally log a debug message -ocf_log debug "${OCF_RESOURCE_INSTANCE} $__OCF_ACTION returned $rc" +ocf_log debug "${OCF_RESOURCE_INSTANCE} ${__OCF_ACTION} returned $rc" exit $rc diff --git a/extras/ganesha/ocf/ganesha_mon b/extras/ganesha/ocf/ganesha_mon index c8e7de9c45e..f55cf7f2af3 100644 --- a/extras/ganesha/ocf/ganesha_mon +++ b/extras/ganesha/ocf/ganesha_mon @@ -29,14 +29,21 @@ : ${OCF_FUNCTIONS_DIR=${OCF_ROOT}/lib/heartbeat} . ${OCF_FUNCTIONS_DIR}/ocf-shellfuncs -if [ -n "$OCF_DEBUG_LIBRARY" ]; then - . $OCF_DEBUG_LIBRARY +if [ -n "${OCF_DEBUG_LIBRARY}" ]; then + . ${OCF_DEBUG_LIBRARY} else : ${OCF_FUNCTIONS_DIR=${OCF_ROOT}/lib/heartbeat} . ${OCF_FUNCTIONS_DIR}/ocf-shellfuncs fi -GRACE_DELAY=7 +# Defaults +OCF_RESKEY_ganesha_active_default="ganesha-active" +OCF_RESKEY_grace_active_default="grace-active" +OCF_RESKEY_grace_delay_default="5" + +: ${OCF_RESKEY_ganesha_active=${OCF_RESKEY_ganesha_active_default}} +: ${OCF_RESKEY_grace_active=${OCF_RESKEY_grace_active_default}} +: ${OCF_RESKEY_grace_delay=${OCF_RESKEY_grace_delay_default}} ganesha_meta_data() { cat <Manages the user-space nfs-ganesha NFS server + +NFS-Ganesha daemon active attribute +NFS-Ganesha daemon active attribute + + + +NFS-Ganesha grace active attribute +NFS-Ganesha grace active attribute + + + + +NFS-Ganesha grace delay. +When changing this, adjust the ganesha_grace RA's monitor interval to match. + +NFS-Ganesha grace delay + + - + END -return $OCF_SUCCESS +return ${OCF_SUCCESS} } ganesha_mon_usage() { @@ -73,12 +98,12 @@ ganesha_mon_usage() { } # Make sure meta-data and usage always succeed -case $__OCF_ACTION in +case ${__OCF_ACTION} in meta-data) ganesha_meta_data - exit $OCF_SUCCESS + exit ${OCF_SUCCESS} ;; usage|help) ganesha_usage - exit $OCF_SUCCESS + exit ${OCF_SUCCESS} ;; *) ;; @@ -86,12 +111,15 @@ esac ganesha_mon_start() { - return $OCF_SUCCESS + ocf_log debug "ganesha_mon_start" + ganesha_mon_monitor + return $OCF_SUCCESS } ganesha_mon_stop() { - return $OCF_SUCCESS + ocf_log debug "ganesha_mon_stop" + return $OCF_SUCCESS } ganesha_mon_monitor() @@ -108,50 +136,56 @@ ganesha_mon_monitor() if [ -e ${pid_file} -a \ -d /proc/$(cat ${pid_file} ) ]; then - ( pcs resource delete ${short_host}-dead_ip-1 > /dev/null 2>&1 ) - attrd_updater -n ganesha-active -v 1 + attrd_updater -n ${OCF_RESKEY_ganesha_active} -v 1 if [ $? -ne 0 ]; then - logger "warning: attrd_updater -n ganesha-active -v 1 failed" + ocf_log info "warning: attrd_updater -n ${OCF_RESKEY_ganesha_active} -v 1 failed" fi - else - ( pcs resource create ${short_host}-dead_ip-1 ocf:heartbeat:Dummy > /dev/null 2>&1 ) + attrd_updater -n ${OCF_RESKEY_grace_active} -v 1 if [ $? -ne 0 ]; then - logger "warning: pcs resource create ${short_host}-dead_ip-1 ocf:heartbeat:Dummy failed" + ocf_log info "warning: attrd_updater -n ${OCF_RESKEY_grace_active} -v 1 failed" fi - # The ${this-node}-dead_ip-1 resource is used to indicate - # that this ganesha.nfsd has died. - # VIP fail-over is then triggered by clearing the - # ganesha-active node attribute on this node. - # - # Meanwhile the ganesha_grace monitor() runs every 5 - # seconds. We need to allow time for it to run and put - # the remaining ganesha.nfsds into grace before initiating - # the VIP fail-over. - sleep ${GRACE_DELAY} - - attrd_updater -D -n ganesha-active - if [ $? -ne 0 ]; then - logger "warning: attrd_updater -D -n ganesha-active failed" - fi + return ${OCF_SUCCESS} fi - return $OCF_SUCCESS + # VIP fail-over is triggered by clearing the + # ganesha-active node attribute on this node. + # + # Meanwhile the ganesha_grace notify() runs when its + # nfs-grace resource is disabled on a node; which + # is triggered by clearing the ganesha-grace node + # attribute on this node. + # + # We need to allow time for it to run and put + # the remaining ganesha.nfsds into grace before + # initiating the VIP fail-over. + + attrd_updater -D -n ${OCF_RESKEY_grace_active} + if [ $? -ne 0 ]; then + ocf_log info "warning: attrd_updater -D -n ${OCF_RESKEY_grace_active} failed" + fi + + sleep ${OCF_RESKEY_grace_delay} + + attrd_updater -D -n ${OCF_RESKEY_ganesha_active} + if [ $? -ne 0 ]; then + ocf_log info "warning: attrd_updater -D -n ${OCF_RESKEY_ganesha_active} failed" + fi + + return ${OCF_SUCCESS} } ganesha_mon_validate() { - return $OCF_SUCCESS + return ${OCF_SUCCESS} } ganesha_mon_validate -# logger "ganesha_mon ${OCF_RESOURCE_INSTANCE} $__OCF_ACTION" - # Translate each action into the appropriate function call -case $__OCF_ACTION in +case ${__OCF_ACTION} in start) ganesha_mon_start ;; stop) ganesha_mon_stop @@ -159,13 +193,13 @@ stop) ganesha_mon_stop status|monitor) ganesha_mon_monitor ;; *) ganesha_mon_usage - exit $OCF_ERR_UNIMPLEMENTED + exit ${OCF_ERR_UNIMPLEMENTED} ;; esac rc=$? # The resource agent may optionally log a debug message -ocf_log debug "${OCF_RESOURCE_INSTANCE} $__OCF_ACTION returned $rc" +ocf_log debug "${OCF_RESOURCE_INSTANCE} ${__OCF_ACTION} returned $rc" exit $rc diff --git a/extras/ganesha/ocf/ganesha_nfsd b/extras/ganesha/ocf/ganesha_nfsd index e064183daef..a9d3e4d860f 100644 --- a/extras/ganesha/ocf/ganesha_nfsd +++ b/extras/ganesha/ocf/ganesha_nfsd @@ -29,13 +29,16 @@ : ${OCF_FUNCTIONS_DIR=${OCF_ROOT}/lib/heartbeat} . ${OCF_FUNCTIONS_DIR}/ocf-shellfuncs -if [ -n "$OCF_DEBUG_LIBRARY" ]; then - . $OCF_DEBUG_LIBRARY +if [ -n "${OCF_DEBUG_LIBRARY}" ]; then + . ${OCF_DEBUG_LIBRARY} else : ${OCF_FUNCTIONS_DIR=${OCF_ROOT}/lib/heartbeat} . ${OCF_FUNCTIONS_DIR}/ocf-shellfuncs fi +OCF_RESKEY_ha_vol_mnt_default="/var/run/gluster/shared_storage" +: ${OCF_RESKEY_ha_vol_mnt=${OCF_RESKEY_ha_vol_mnt_default}} + ganesha_meta_data() { cat < @@ -59,16 +62,16 @@ resource agent for nfs-ganesha. - - - - + + + + END -return $OCF_SUCCESS +return ${OCF_SUCCESS} } ganesha_nfsd_usage() { @@ -78,10 +81,10 @@ ganesha_nfsd_usage() { # Make sure meta-data and usage always succeed case $__OCF_ACTION in meta-data) ganesha_meta_data - exit $OCF_SUCCESS + exit ${OCF_SUCCESS} ;; usage|help) ganesha_usage - exit $OCF_SUCCESS + exit ${OCF_SUCCESS} ;; *) ;; @@ -89,58 +92,60 @@ esac ganesha_nfsd_start() { - return $OCF_SUCCESS + local long_host=$(hostname) + + if [[ -d /var/lib/nfs ]]; then + mv /var/lib/nfs /var/lib/nfs.backup + if [ $? -ne 0 ]; then + ocf_log notice "mv /var/lib/nfs /var/lib/nfs.backup failed" + fi + ln -s ${OCF_RESKEY_ha_vol_mnt}/nfs-ganesha/${long_host}/nfs /var/lib/nfs + if [ $? -ne 0 ]; then + ocf_log notice "ln -s ${OCF_RESKEY_ha_vol_mnt}/nfs-ganesha/${long_host}/nfs /var/lib/nfs failed" + fi + fi + + return ${OCF_SUCCESS} } ganesha_nfsd_stop() { - local short_host=$(hostname -s) - local long_host="" - - if [ "X${OCF_RESOURCE_INSTANCE:0:9}X" = "Xnfs_startX" ]; then - - # if this is any nfs_start, go ahead. worst case we - # find the link already exists and do nothing - long_host=$(hostname) - - if [ -d /var/lib/nfs ]; then - mv /var/lib/nfs /var/lib/nfs.backup - ln -s $OCF_RESKEY_ha_vol_mnt/nfs-ganesha/${long_host}/nfs /var/lib/nfs - if [ $? -ne 0 ]; then - logger "warning: ln -s $OCF_RESKEY_ha_vol_mnt/nfs-ganesha/${long_host}/nfs /var/lib/nfs failed" - fi + if [ -L /var/lib/nfs -a -d /var/lib/nfs.backup ]; then + rm -f /var/lib/nfs + if [ $? -ne 0 ]; then + ocf_log notice "rm -f /var/lib/nfs failed" fi - else - - # if this is a clone resource or is specific to this node - # remove the symlink and restore /var/lib/nfs - - if [ "X${OCF_RESOURCE_INSTANCE}X" = "Xnfs_stopX" ] || - [ "X${OCF_RESOURCE_INSTANCE}X" = "Xnfs_stop-${short_host}X" ]; then - if [ -L /var/lib/nfs -a -d /var/lib/nfs.backup ]; then - rm -f /var/lib/nfs - mv /var/lib/nfs.backup /var/lib/nfs - fi + mv /var/lib/nfs.backup /var/lib/nfs + if [ $? -ne 0 ]; then + ocf_log notice "mv /var/lib/nfs.backup /var/lib/nfs failed" fi fi - return $OCF_SUCCESS + return ${OCF_SUCCESS} } ganesha_nfsd_monitor() { - return $OCF_SUCCESS + # pacemaker checks to see if RA is already running before starting it. + # if we return success, then it's presumed it's already running and + # doesn't need to be started, i.e. invoke the start action. + # return something other than success to make pacemaker invoke the + # start action + if [[ -L /var/lib/nfs ]]; then + return ${OCF_SUCCESS} + fi + return ${OCF_NOT_RUNNING} } ganesha_nfsd_validate() { - return $OCF_SUCCESS + return ${OCF_SUCCESS} } ganesha_nfsd_validate -# logger "ganesha_nfsd ${OCF_RESOURCE_INSTANCE} $__OCF_ACTION" +# ocf_log notice "ganesha_nfsd ${OCF_RESOURCE_INSTANCE} $__OCF_ACTION" # Translate each action into the appropriate function call case $__OCF_ACTION in @@ -151,13 +156,13 @@ stop) ganesha_nfsd_stop status|monitor) ganesha_nfsd_monitor ;; *) ganesha_nfsd_usage - exit $OCF_ERR_UNIMPLEMENTED + exit ${OCF_ERR_UNIMPLEMENTED} ;; esac rc=$? # The resource agent may optionally log a debug message -ocf_log debug "${OCF_RESOURCE_INSTANCE} $__OCF_ACTION returned $rc" +ocf_log debug "${OCF_RESOURCE_INSTANCE} ${__OCF_ACTION} returned $rc" exit $rc -- cgit