1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-12 09:18:10 +03:00
Commit Graph

194 Commits

Author SHA1 Message Date
Martin Schwenke
8cf74f335e ctdb-recovery: Wrap private data for reclock test callback
This will allow a simplification of the cluster mutex API, so the
private data can be registered when calling ctdb_cluster_mutex().

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-06-08 00:51:29 +02:00
Martin Schwenke
5c4744e69d ctdb-cluster-mutex: Pass a talloc context to allocate the handle off
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-06-08 00:51:28 +02:00
Martin Schwenke
fdd214ce6a ctdb-daemon: Rename recovery lock file to just recovery lock
It isn't necessarily a file.

Don't bother changing the control, since it doesn't pervade the code.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-06-08 00:51:28 +02:00
Martin Schwenke
091d4d2dbb ctdb-recovery: Consistency check reclock in start recovery control
If the recovery lock setting is not consistent with that of the
recovery master then abort.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-06-08 00:51:28 +02:00
Martin Schwenke
3e272e081f ctdb-recover: Avoid duplicate deferred attach processing
Deferred attach processing is done unconditionally at this point.  It
is then done again if recovery lock checking is done and completes
successfuly.  If the recovery lock checking fails then it should not
be done at all.

Move this processing so it is done with the early exit when the
recovery lock is not being used.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-05-06 11:39:09 +02:00
Martin Schwenke
bcb838ba1e ctdb-recovery: Move recovery lock functions to recovery daemon code
ctdb_recovery_have_lock(), ctdb_recovery_lock(),
ctdb_recovery_unlock() are only used by recovery daemon, so move them
there.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-04-28 09:39:17 +02:00
Martin Schwenke
df99d9e273 ctdb-cluster-mutex: Factor out cluster mutex code
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-04-28 09:39:17 +02:00
Martin Schwenke
ecc6751c6b ctdb-recovery: Factor out setting of cluster mutex handler
This means that the cluster mutex handle can now be treated as opaque.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-04-28 09:39:17 +02:00
Martin Schwenke
94fb2cf0ec ctdb_recovery: ctdb_cluster_mutex() now takes an argstring argument
All of the ctdb_cluster_mutex_* infrastucture can now handle an
arbitrary mutex.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-04-28 09:39:17 +02:00
Martin Schwenke
46684867b1 ctdb-recovery: Recovery lock setting can now include helper command
The underlying change is to allow the cluster mutex argstring to
optionally contain a helper command.  When the argument string starts
with '!' then the first word is the helper command to run.  This is
now the standard way of changing the helper from the default.

CTDB_CLUSTER_MUTEX_HELPER show now only be used to change the location
of the default helper when testing.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-04-28 09:39:17 +02:00
Martin Schwenke
918b0d9a9c ctdb-recovery: Parse recovery lock setting
This is currently just treated as the name of a lock file.  However,
it is really some arbitrary arguments to lock helper.

Therefore, it should be parsed and passed as separate arguments to the
lock helper.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-04-28 09:39:17 +02:00
Martin Schwenke
64d557200e ctdb-recovery: Reimplement ctdb_recovery_lock() using ctdb_cluster_mutex()
Replace the file descriptor for the recovery lock in the CTDB context
with the cluster mutex handle, where non-NULL means locked.
Attempting to take the recovery lock is now asynchronous and no longer
blocks the recovery daemon.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-04-28 09:39:16 +02:00
Martin Schwenke
0b0b954ff2 ctdb-recovery: Kill cluster mutex helper with a signal that can be caught
Unlike fcntl(2), some other helper might need to explicitly take
action to release a mutex.  This can be done by catching SIGTERM.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-04-28 09:39:16 +02:00
Martin Schwenke
e679a1731c ctdb-recovery: Switch ctdb_cluster_mutex() to use helper
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-04-28 09:39:16 +02:00
Martin Schwenke
978404ecde ctdb-recovery: Add optional timeout argument to ctdb_cluster_mutex()
Timeout in seconds, 0 means no timeout.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-04-28 09:39:16 +02:00
Martin Schwenke
43e9f58d6a ctdb-recovery: Factor out reclock testing into ctdb_cluster_mutex()
This is currently only used to check whether the recovery lock can be
taken.  However, name it more generally in anticipation of using it
for general cluster mutex taking and testing.

No functional changes.  A couple of debug message simplifications and
code rearrangements.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-04-28 09:39:16 +02:00
Martin Schwenke
ab75f2a587 ctdb-recovery: Use a configurable handler when testing cluster mutex
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-04-28 09:39:16 +02:00
Martin Schwenke
419f57f378 ctdb-recovery: Factor out new function set_recmode_handler()
This is used to reply to the recmode control for all the different
cases.  The callers can later be generalised to use a pointer, which
can then be used for recovery lock handling in different contexts.

Note that the handle is now freed in set_recmode_handler() rather than
the callbacks.

There is one difference in behaviour.  Deferred attach calls are now
processed in the timeout case, where they weren't before.  That's a
bug fix!

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-04-28 09:39:16 +02:00
Martin Schwenke
14a2330692 ctdb-recovery: Use single char ASCII numbers for status from child
'0' = Child took the mutex
  '1' = Unable to take mutex - contention
  '2' = Unable to take mutex - timeout
  '3' = Unable to take mutex - error

This is a straightforward API.  When the child is generalised to an
external helper then this makes it easier for a helper to be, for
example, a simple script.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-04-28 09:39:16 +02:00
Martin Schwenke
4842b6bb91 ctdb-recovery: Rename recovery lock functions and struct
Use the more general name "cluster mutex", since we are likely to end
up with more than one cluster-wide lock.  There will probably be a
dedicated recovery lock, held only during recovery, and also a second
lock that is held by the master node.  Currently one lock is used for
both purposes.

At the moment the struct and functions are involved with setting the
recovery mode.  However, they'll be abstracted out to more generally
deal with the cluster mutexes, so "recmode" -> "cluster_mutex".  Drop
"set" from names, since this is used to test the lock.  Also drop
"ctdb" prefix from functions, since they are local to this file.  The
struct will eventually be a long-lived handle that will release the
mutex when freed, so name it accordingly.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-04-28 09:39:16 +02:00
Amitay Isaacs
95a15cde45 ctdb-daemon: Implement new controls DB_PULL and DB_PUSH_START/DB_PUSH_CONFIRM
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2016-03-25 03:26:15 +01:00
Martin Schwenke
46edef25df ctdb-recovery: Limit scope of reclock latency statistics
It does not make sense to update this statistic for the timeout case,
since this could skew the statistic.  To keep it simple, just update
it for the usual case where there is lock contention, since this is
the usual case.  So the daemon statistic measures time to test the
lock and the corresponding recovery daemon statistic measures time to
take the lock.

Additionally, the recovery daemon will eventually use this code to
take the lock, and the method of updating the latency statistic will
need to be pushed further out to a configurable handler that depends
on the calling context.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Tue Feb 23 10:32:06 CET 2016 on sn-devel-144
2016-02-23 10:32:06 +01:00
Martin Schwenke
188019b877 ctdb-recovery: Negate the status when checking the recovery lock
Have 0 indicate that the lock was taken.  This allows non-zero values
to be used to indicate why the lock could not be taken.  EACCES means
lock contention.

For now use just EACCES to cover all failures, since
ctdb_recovery_lock() returns a bool and details of other errors will
be lost.  ctdb_recovery_lock() will undergo some big changes, so don't
try to fix this now.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-02-23 07:23:18 +01:00
Martin Schwenke
fad3f367b7 ctdb-recovery: Clean up status handling from recmode child
This currently returns an incorrect error when the expected number of
bytes are not read.  Separate out the different cases to clarify the
logic and avoid reporting the wrong error.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-02-23 07:23:18 +01:00
Martin Schwenke
b6c3918457 ctdb-recovery: Don't bother ensuring file descriptor is -1
This is already done before the destructor is assigned.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-02-23 07:23:18 +01:00
Martin Schwenke
531e6724ba ctdb-recovery: Don't store recmode in recovery mode state
The callbacks that use this value are only ever called if recovery
mode is being set to NORMAL.  So do not check if recmode is NORMAL
either.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-02-23 07:23:18 +01:00
Martin Schwenke
6695fa50ae ctdb: Use ctdb_wait_for_process_to_exit()
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-02-23 07:23:18 +01:00
Martin Schwenke
4d6ec81299 ctdb-recovery: Drop redundant status send when setting recovery mode
The child process writes the status into the pipe before looping to
wait.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-02-23 07:23:18 +01:00
Martin Schwenke
3e2f2169a4 ctdb-recovery: Include lib/util/time.h instead of samba_util.h
Less is more...

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-02-23 07:23:18 +01:00
Martin Schwenke
24160ee6a4 ctdb-daemon: Don't leak memory if not using recovery lock
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Michael Adam <obnox@samba.org>
2016-01-12 19:16:17 +01:00
Christof Schmitt
03b27bd139 ctdb: Use prctl_set_comment from lib/util
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2015-11-18 04:05:13 +01:00
Amitay Isaacs
f50db5cba5 ctdb-server: Replace ctdb_logging.h with common/logging.h
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Michael Adam <obnox@samba.org>
2015-11-16 00:46:15 +01:00
Amitay Isaacs
64d8bb626b ctdb-daemon: Rename struct ctdb_control_pulldb to ctdb_pulldb
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2015-11-04 00:47:15 +01:00
Amitay Isaacs
645cd43200 ctdb-daemon: Rename struct ctdb_dbid_map to ctdb_dbid_map_old
Match struct ctdb_dbid as per protocol/protocol.h

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2015-11-04 00:47:15 +01:00
Amitay Isaacs
b99436e425 ctdb-daemon: Rename struct ctdb_rec_data to ctdb_rec_data_old
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2015-11-04 00:47:14 +01:00
Amitay Isaacs
e1fed53e2a ctdb-daemon: Rename struct ctdb_req_control to ctdb_req_control_old
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2015-11-04 00:47:14 +01:00
Amitay Isaacs
4647787773 ctdb-daemon: Separate prototypes for common client/server functions
This groups function prototypes for common client/server functions in
common/common.h and removes them from ctdb_private.h.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2015-10-30 02:00:27 +01:00
Amitay Isaacs
01c6c90e98 ctdb-daemon: Remove dependency on includes.h
Instead of includes.h, include the required header files explicitly.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2015-10-30 02:00:27 +01:00
Amitay Isaacs
2fdb332fad ctdb-daemon: Stop using tevent compatibility definitions
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2015-10-30 02:00:27 +01:00
Amitay Isaacs
b900adc55c ctdb-daemon: Separate prototypes for system specific functions
This groups function prototypes for system specific functions in
common/system.h and removes them from ctdb_private.h.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2015-10-30 02:00:27 +01:00
Amitay Isaacs
42f7722151 ctdb-daemon: Remove freeze requirement for updating vnnmap
In the parallel database recovery model, all the database will not remain
frozen at the same time.  So relax the condition to check if recovery
is active.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2015-10-07 14:53:27 +02:00
Amitay Isaacs
3cbd0409f3 ctdb-daemon: Add a check for database generation consistency
Before setting recovery mode to normal, confirm that all the databases are
recovered by matching the database generation with the global generation.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2015-10-07 14:53:27 +02:00
Amitay Isaacs
66c7bcc777 ctdb-daemon: Use database specific mark/unmark routines
Instead of marking all the databases with priority, mark only the database
which is currently being processed.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2015-10-07 14:53:27 +02:00
Amitay Isaacs
e0fa182d93 ctdb-daemon: Use database specific freeze check routine
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2015-10-07 14:53:27 +02:00
Amitay Isaacs
7afabb1285 ctdb-daemon: Avoid the use of ctdb->freeze_handle variable
These variables are used for state information related to freezing
databases.  Instead use the API functions to check if the databases
are frozen.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2015-10-07 14:53:26 +02:00
Amitay Isaacs
8c58c7392f ctdb-daemon: Avoid the use of ctdb->freeze_mode variable
Use ctdb->freeze_mode only in ctdb_freeze.c and use the functions to
check if databases are frozen everywhere else.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2015-10-07 14:53:26 +02:00
Amitay Isaacs
9b6865475e ctdb-daemon: Remove obsolete IPv4 only controls
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-05-12 01:32:11 +02:00
Martin Schwenke
20a7945a26 Revert "ctdb-recoverd: Abort when daemon can take recovery lock during recovery"
This reverts commit 39d2fd330a.

An election can occur in the middle of a recovery.  During the
election the recovery master can change.  When a node loses a round of
the election and stops being the recovery master it releases the
recovery lock.  Then at the end of the ongoing recovery all nodes are
able to take the recovery lock so they will all abort.

The most likely cause for a change in recovery master is that several
(all?) nodes are starting up and the "connected-ness" of each node is
a primary factor in winning the election.  In this situation the
recovery master can bounce around the cluster.

The simplest solution is to revert this patch so that the recovery
will fail.  The new recovery master will then start a new recovery.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Mon May  4 10:40:36 CEST 2015 on sn-devel-104
2015-05-04 10:40:36 +02:00
Martin Schwenke
1ef1cfdc4d ctdb-common: Move ctdb_node_list_to_map() to utilities
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2015-04-07 07:43:13 +02:00
Martin Schwenke
dd52d82c73 ctdb-daemon: Factor out new function ctdb_node_list_to_map()
Change ctdb_control_getnodemap() to use this.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2015-04-07 07:43:13 +02:00