Allow IPs to be members of groups

This allows fencing requests with the appropriate key file to control VMs assigned to the same group. Signed-off-by: Lon Hohberger <lon@users.sourceforge.net>
2010-01-14 15:00:43 -05:00 · 2010-01-14 15:00:43 -05:00 · f38f9327d8
commit f38f9327d8
parent 2edeb6dfe8
4 changed files with 87 additions and 38 deletions
--- a/config/simpleconfig.c
+++ b/config/simpleconfig.c
@ -63,7 +63,7 @@ _sc_dump_d(struct node *node, int depth, FILE *fp)
 static void
-_sc_dump(config_info_t *config, FILE *fp)
+_sc_dump(void *config, FILE *fp)
 {
 	struct node *n, *node;
 	struct value *v, *values;
@ -129,7 +129,7 @@ _sc_free_node(struct node *node)
 static int
-_sc_free(config_info_t *config)
+_sc_free(void *config)
 {
 	struct node *n, *nlist;
 	struct value *v, *vlist;
@ -163,7 +163,7 @@ _sc_free(config_info_t *config)
 static int
-_sc_get(config_info_t *config, const char *key, char *value, size_t valuesz)
+_sc_get(void *config, const char *key, char *value, size_t valuesz)
 {
 	char buf[1024];
 	struct node *n, *node = ((struct parser_context *)config)->node_list;
@ -335,7 +335,7 @@ top:
 static int
-_sc_set(config_info_t *config, const char *key, const char *value)
+_sc_set(void *config, const char *key, const char *value)
 {
 	char buf[1024];
 	struct node *n, **nodes = &((struct parser_context *)config)->node_list;
@ -412,7 +412,7 @@ _sc_set(config_info_t *config, const char *key, const char *value)
 static int
-_sc_parse(const char *filename, config_info_t **config)
+_sc_parse(const char *filename, void **config)
 {
 	struct parser_context *c;
 	FILE *fp = NULL;
@ -441,7 +441,7 @@ _sc_parse(const char *filename, config_info_t **config)
 	c->next = NULL;
 	val_list = NULL;
 	node_list = NULL;
-	*config = (config_info_t *)c;
+	*config = (void *)c;
 	if (fp)
 		fclose(fp);
--- a/man/fence_virt.conf.5
+++ b/man/fence_virt.conf.5
@ -62,9 +62,9 @@ section about listeners below.
 .SS groups
-This section contains static maps of which virtual machines may fence
+This section contains static maps of which virtual machines
-which other virtual machines; see the
+may fence which other virtual machines; see the section
-section about groups below.
+about groups below.
 .SH LISTENERS
@ -231,18 +231,23 @@ groups are arbitrary and are checked at fence time.  Any member of
 a group may fence any other member.  Hosts may be assigned to multiple
 groups if desired.
 Note that this mode is only useful when using the serial listener, as
 as other listener plugins (e.g. multicast) have no reliable way to
 determine the originating VM of a fencing request.
 .SS group
 This defines a group.
 .TP
-.B member
+.B uuid
 .
-defines a member of a group.
+defines UUID as a member of a group.
 .TP
 .B ip
 .
 defines an IP which is allowed to send fencing requests
 for members of this group (e.g. for multicast).  It is
 highly recommended that this be used in conjunction with
 a key file.
 .SH EXAMPLE
@ -268,8 +273,9 @@ defines a member of a group.
 groups {
  group {
-   member = "44179d3f-6c63-474f-a212-20c8b4b25b16";
+   ip = "192.168.1.1";
-   member = "1ce02c4b-dfa1-42cb-b5b1-f0b1091ece60";
+   uuid = "44179d3f-6c63-474f-a212-20c8b4b25b16";
   uuid = "1ce02c4b-dfa1-42cb-b5b1-f0b1091ece60";
  }
 }
--- a/server/Makefile.in
+++ b/server/Makefile.in
@ -26,17 +26,16 @@ CMAN_LIBS=-lcman
 VIRT_LIBS=-lvirt
 VIRT_QPID=-lqmfconsole
 NSS_LIBS=-lnss3
 UUID_LIBS=-luuid
 INCLUDES=-I../include `nss-config --cflags` `nspr-config --cflags` `xml2-config --cflags`
-LIBS+=-L../common -lfence_virt -Wl,-wrap,syslog,-wrap,closelog -lpthread
+LIBS+=-L../common -lfence_virt -Wl,-wrap,syslog,-wrap,closelog -lpthread -luuid
 MODULE_PATH=${libdir}/${PACKAGE_NAME}
 #
 # Module sources
 #
-fence_virtd_SOURCES = main.c plugin.c config.c static_map.c
+fence_virtd_SOURCES = main.c plugin.c config.c static_map.c uuid-test.c
 libvirt_so_SOURCES = libvirt.c virt.c uuid-test.c
 null_so_SOURCES = null.c
 libvirt_qpid_so_SOURCES = uuid-test.c
--- a/server/static_map.c
+++ b/server/static_map.c
@ -10,6 +10,7 @@
 #include <debug.h>
 #include "serial.h"
 #include "uuid-test.h"
 struct perm_entry {
 	list_head();
@ -18,7 +19,8 @@ struct perm_entry {
 struct perm_group {
 	list_head();
-	struct perm_entry *entries;
+	struct perm_entry *uuids;
 	struct perm_entry *ips;
 	char name[128];
 };
@ -33,9 +35,14 @@ static_map_cleanup(void **info)
 	while (groups) {
 		group = groups;
 		list_remove(&groups, group);
-		while (group->entries) {
+		while (group->uuids) {
-			entry = group->entries;
+			entry = group->uuids;
-			list_remove(&group->entries, entry);
+			list_remove(&group->uuids, entry);
 			free(entry);
 		}
 		while (group->ips) {
 			entry = group->ips;
 			list_remove(&group->ips, entry);
 			free(entry);
 		}
 		free(group);
@ -51,25 +58,36 @@ static_map_check(void *info, const char *value1, const char *value2)
 	struct perm_group *groups = (struct perm_group *)info;
 	struct perm_group *group;
 	struct perm_entry *left, *tmp;
-	int x, y;
+	int x, y, uuid = 0;
 	if (!info)
 		return 1; /* no maps == wide open */
 	uuid = is_uuid(value1);
 	list_for(&groups, group, x) {
 		left = NULL;
-		list_for(&group->entries, tmp, y) {
+		if (uuid) {
-			if (!strcasecmp(tmp->name, value1)) {
+			list_for(&group->uuids, tmp, y) {
-				left = tmp;
+				if (!strcasecmp(tmp->name, value1)) {
-				break;
+					left = tmp;
 					break;
 				}
 			}
 		} else {
 			list_for(&group->ips, tmp, y) {
 				if (!strcasecmp(tmp->name, value1)) {
 					left = tmp;
 					break;
 				}
 			}
 		}
 		if (!left)
 			continue;
-		list_for(&group->entries, tmp, y) {
+		list_for(&group->uuids, tmp, y) {
 			if (!strcasecmp(tmp->name, value2)) {
 				return 1;
 			}
@ -100,12 +118,16 @@ static_map_load(void *config_ptr, void **perm_info)
 		snprintf(buf, sizeof(buf)-1, "groups/group[%d]", ++group_idx);
 		if (sc_get(config, buf, value, sizeof(value)) != 0) {
-			snprintf(buf2, sizeof(buf2)-1, "%s/@member", buf);
+			snprintf(buf2, sizeof(buf2)-1, "%s/@uuid", buf);
 			if (sc_get(config, buf2, value, sizeof(value)) != 0) {
-				break;
+				snprintf(buf2, sizeof(buf2)-1, "%s/@ip", buf);
-			} else {
+				if (sc_get(config, buf2, value,
-				snprintf(value, sizeof(value), "unnamed-%d", group_idx);
+					   sizeof(value)) != 0) {
 					break;
 				}
 			}
 			snprintf(value, sizeof(value), "unnamed-%d",
 				 group_idx);
 		}
 		group = malloc(sizeof(*group));
@ -114,10 +136,11 @@ static_map_load(void *config_ptr, void **perm_info)
 		strncpy(group->name, value, sizeof(group->name));
 		dbg_printf(3, "Group: %s\n", value);
 		entry_idx = 0;
 		found = 0;
 		entry_idx = 0;
 		do {
-			snprintf(buf2, sizeof(buf2)-1, "%s/@member[%d]", buf, ++entry_idx);
+			snprintf(buf2, sizeof(buf2)-1, "%s/@uuid[%d]",
 				 buf, ++entry_idx);
 			if (sc_get(config, buf2, value, sizeof(value)) != 0) {
 				break;
@ -128,12 +151,33 @@ static_map_load(void *config_ptr, void **perm_info)
 			assert(entry);
 			memset(entry, 0, sizeof(*entry));
 			strncpy(entry->name, value, sizeof(entry->name));
-			dbg_printf(3, " - Entry: %s\n", value);
+			dbg_printf(3, " - UUID Entry: %s\n", value);
-			list_insert(&group->entries, entry);
+			list_insert(&group->uuids, entry);
 		} while (1);
 		entry_idx = 0;
 		do {
 			snprintf(buf2, sizeof(buf2)-1, "%s/@ip[%d]",
 				 buf, ++entry_idx);
 			if (sc_get(config, buf2, value, sizeof(value)) != 0) {
 				break;
 			}
 			++found;
 			entry = malloc(sizeof(*entry));
 			assert(entry);
 			memset(entry, 0, sizeof(*entry));
 			strncpy(entry->name, value, sizeof(entry->name));
 			dbg_printf(3, " - IP Entry: %s\n", value);
 			list_insert(&group->ips, entry);
 		} while (1);
 		if (!found)
 			free(group);
 		else