Allow IPs to be members of groups

This allows fencing requests with the appropriate
key file to control VMs assigned to the same
group.

Signed-off-by: Lon Hohberger <lon@users.sourceforge.net>
This commit is contained in:
Lon Hohberger 2010-01-14 15:00:43 -05:00
parent 2edeb6dfe8
commit f38f9327d8
4 changed files with 87 additions and 38 deletions

View File

@ -63,7 +63,7 @@ _sc_dump_d(struct node *node, int depth, FILE *fp)
static void
_sc_dump(config_info_t *config, FILE *fp)
_sc_dump(void *config, FILE *fp)
{
struct node *n, *node;
struct value *v, *values;
@ -129,7 +129,7 @@ _sc_free_node(struct node *node)
static int
_sc_free(config_info_t *config)
_sc_free(void *config)
{
struct node *n, *nlist;
struct value *v, *vlist;
@ -163,7 +163,7 @@ _sc_free(config_info_t *config)
static int
_sc_get(config_info_t *config, const char *key, char *value, size_t valuesz)
_sc_get(void *config, const char *key, char *value, size_t valuesz)
{
char buf[1024];
struct node *n, *node = ((struct parser_context *)config)->node_list;
@ -335,7 +335,7 @@ top:
static int
_sc_set(config_info_t *config, const char *key, const char *value)
_sc_set(void *config, const char *key, const char *value)
{
char buf[1024];
struct node *n, **nodes = &((struct parser_context *)config)->node_list;
@ -412,7 +412,7 @@ _sc_set(config_info_t *config, const char *key, const char *value)
static int
_sc_parse(const char *filename, config_info_t **config)
_sc_parse(const char *filename, void **config)
{
struct parser_context *c;
FILE *fp = NULL;
@ -441,7 +441,7 @@ _sc_parse(const char *filename, config_info_t **config)
c->next = NULL;
val_list = NULL;
node_list = NULL;
*config = (config_info_t *)c;
*config = (void *)c;
if (fp)
fclose(fp);

View File

@ -62,9 +62,9 @@ section about listeners below.
.SS groups
This section contains static maps of which virtual machines may fence
which other virtual machines; see the
section about groups below.
This section contains static maps of which virtual machines
may fence which other virtual machines; see the section
about groups below.
.SH LISTENERS
@ -231,18 +231,23 @@ groups are arbitrary and are checked at fence time. Any member of
a group may fence any other member. Hosts may be assigned to multiple
groups if desired.
Note that this mode is only useful when using the serial listener, as
as other listener plugins (e.g. multicast) have no reliable way to
determine the originating VM of a fencing request.
.SS group
This defines a group.
.TP
.B member
.B uuid
.
defines a member of a group.
defines UUID as a member of a group.
.TP
.B ip
.
defines an IP which is allowed to send fencing requests
for members of this group (e.g. for multicast). It is
highly recommended that this be used in conjunction with
a key file.
.SH EXAMPLE
@ -268,8 +273,9 @@ defines a member of a group.
groups {
group {
member = "44179d3f-6c63-474f-a212-20c8b4b25b16";
member = "1ce02c4b-dfa1-42cb-b5b1-f0b1091ece60";
ip = "192.168.1.1";
uuid = "44179d3f-6c63-474f-a212-20c8b4b25b16";
uuid = "1ce02c4b-dfa1-42cb-b5b1-f0b1091ece60";
}
}

View File

@ -26,17 +26,16 @@ CMAN_LIBS=-lcman
VIRT_LIBS=-lvirt
VIRT_QPID=-lqmfconsole
NSS_LIBS=-lnss3
UUID_LIBS=-luuid
INCLUDES=-I../include `nss-config --cflags` `nspr-config --cflags` `xml2-config --cflags`
LIBS+=-L../common -lfence_virt -Wl,-wrap,syslog,-wrap,closelog -lpthread
LIBS+=-L../common -lfence_virt -Wl,-wrap,syslog,-wrap,closelog -lpthread -luuid
MODULE_PATH=${libdir}/${PACKAGE_NAME}
#
# Module sources
#
fence_virtd_SOURCES = main.c plugin.c config.c static_map.c
fence_virtd_SOURCES = main.c plugin.c config.c static_map.c uuid-test.c
libvirt_so_SOURCES = libvirt.c virt.c uuid-test.c
null_so_SOURCES = null.c
libvirt_qpid_so_SOURCES = uuid-test.c

View File

@ -10,6 +10,7 @@
#include <debug.h>
#include "serial.h"
#include "uuid-test.h"
struct perm_entry {
list_head();
@ -18,7 +19,8 @@ struct perm_entry {
struct perm_group {
list_head();
struct perm_entry *entries;
struct perm_entry *uuids;
struct perm_entry *ips;
char name[128];
};
@ -33,9 +35,14 @@ static_map_cleanup(void **info)
while (groups) {
group = groups;
list_remove(&groups, group);
while (group->entries) {
entry = group->entries;
list_remove(&group->entries, entry);
while (group->uuids) {
entry = group->uuids;
list_remove(&group->uuids, entry);
free(entry);
}
while (group->ips) {
entry = group->ips;
list_remove(&group->ips, entry);
free(entry);
}
free(group);
@ -51,25 +58,36 @@ static_map_check(void *info, const char *value1, const char *value2)
struct perm_group *groups = (struct perm_group *)info;
struct perm_group *group;
struct perm_entry *left, *tmp;
int x, y;
int x, y, uuid = 0;
if (!info)
return 1; /* no maps == wide open */
uuid = is_uuid(value1);
list_for(&groups, group, x) {
left = NULL;
list_for(&group->entries, tmp, y) {
if (!strcasecmp(tmp->name, value1)) {
left = tmp;
break;
if (uuid) {
list_for(&group->uuids, tmp, y) {
if (!strcasecmp(tmp->name, value1)) {
left = tmp;
break;
}
}
} else {
list_for(&group->ips, tmp, y) {
if (!strcasecmp(tmp->name, value1)) {
left = tmp;
break;
}
}
}
if (!left)
continue;
list_for(&group->entries, tmp, y) {
list_for(&group->uuids, tmp, y) {
if (!strcasecmp(tmp->name, value2)) {
return 1;
}
@ -100,12 +118,16 @@ static_map_load(void *config_ptr, void **perm_info)
snprintf(buf, sizeof(buf)-1, "groups/group[%d]", ++group_idx);
if (sc_get(config, buf, value, sizeof(value)) != 0) {
snprintf(buf2, sizeof(buf2)-1, "%s/@member", buf);
snprintf(buf2, sizeof(buf2)-1, "%s/@uuid", buf);
if (sc_get(config, buf2, value, sizeof(value)) != 0) {
break;
} else {
snprintf(value, sizeof(value), "unnamed-%d", group_idx);
snprintf(buf2, sizeof(buf2)-1, "%s/@ip", buf);
if (sc_get(config, buf2, value,
sizeof(value)) != 0) {
break;
}
}
snprintf(value, sizeof(value), "unnamed-%d",
group_idx);
}
group = malloc(sizeof(*group));
@ -114,10 +136,11 @@ static_map_load(void *config_ptr, void **perm_info)
strncpy(group->name, value, sizeof(group->name));
dbg_printf(3, "Group: %s\n", value);
entry_idx = 0;
found = 0;
entry_idx = 0;
do {
snprintf(buf2, sizeof(buf2)-1, "%s/@member[%d]", buf, ++entry_idx);
snprintf(buf2, sizeof(buf2)-1, "%s/@uuid[%d]",
buf, ++entry_idx);
if (sc_get(config, buf2, value, sizeof(value)) != 0) {
break;
@ -128,12 +151,33 @@ static_map_load(void *config_ptr, void **perm_info)
assert(entry);
memset(entry, 0, sizeof(*entry));
strncpy(entry->name, value, sizeof(entry->name));
dbg_printf(3, " - Entry: %s\n", value);
dbg_printf(3, " - UUID Entry: %s\n", value);
list_insert(&group->entries, entry);
list_insert(&group->uuids, entry);
} while (1);
entry_idx = 0;
do {
snprintf(buf2, sizeof(buf2)-1, "%s/@ip[%d]",
buf, ++entry_idx);
if (sc_get(config, buf2, value, sizeof(value)) != 0) {
break;
}
++found;
entry = malloc(sizeof(*entry));
assert(entry);
memset(entry, 0, sizeof(*entry));
strncpy(entry->name, value, sizeof(entry->name));
dbg_printf(3, " - IP Entry: %s\n", value);
list_insert(&group->ips, entry);
} while (1);
if (!found)
free(group);
else