1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-05 09:18:06 +03:00
Commit Graph

9170 Commits

Author SHA1 Message Date
Martin Schwenke
8da34956d6 ctdb-scripts: Track connections for all ports for public IPs
Currently TCP ports like NFS lock manager are not tracked.  It is
easier to track all connections than to add a configuration system to
try to track specified ports, so do that.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15320
RN: Update CTDB to track all TCP connections to public IP addresses

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jerry Heyman <jheyman@ddn.com>
(cherry picked from commit 590a86dbe4)

Autobuild-User(v4-21-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-21-test): Mon Nov 25 14:09:18 UTC 2024 on atb-devel-224
2024-11-25 14:09:18 +00:00
Martin Schwenke
53df2b78ae ctdb-scripts: Get connections after tickle list
Running ss to get current connections before running ctdb gettickles
means the ss output might be out of date when the 2 lists are
compared.  Some tickles might have been added after ss was run by some
other means (e.g. SMB tickles, added internally) and they would be
deleted according to the stale ss output.

This isn't currently a problem because update_tickles() is currently
only called with port 2049, so all tickles are managed by this code.
That will change in a subsequent commit.

Changing the order means the reverse problem can occur, where
update_tickles() attempts to delete an already deleted tickle.  That
may happen occasionally but is harmless because it doesn't result in
missing information.  It (currently) just causes a message to be
logged at DEBUG level.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15320
RN: Update CTDB to track all TCP connections to public IP addresses

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jerry Heyman <jheyman@ddn.com>
(cherry picked from commit c3695722b6)
2024-11-25 12:38:16 +00:00
Martin Schwenke
f5fc8aa709 ctdb-scripts: Move connection tracking to 10.interface
This should really be done for all connections to public IP addresses.
Leave the port number there for now - this is just the first step.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15320
RN: Update CTDB to track all TCP connections to public IP addresses

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jerry Heyman <jheyman@ddn.com>
(cherry picked from commit 9683bb3ac2)
2024-11-25 12:38:16 +00:00
Martin Schwenke
c6c0722cb7 ctdb-server: Drop a log message to DEBUG level
This is harmless, so it doesn't generally need to be logged.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15320
RN: Update CTDB to track all TCP connections to public IP addresses

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jerry Heyman <jheyman@ddn.com>
(cherry picked from commit f4a8f84328)
2024-11-25 12:38:16 +00:00
Martin Schwenke
7791375ccc ctdb-server: Clean up connection tracking functions
Apply README.Coding, modernise logging, pre-render connection as a
string for logging, switch terminology from "tickle" to "connection",
tidy up comments.

No changes in functionality.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15320
RN: Update CTDB to track all TCP connections to public IP addresses

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jerry Heyman <jheyman@ddn.com>
(cherry picked from commit 3c19c8df77)
2024-11-25 12:38:16 +00:00
Martin Schwenke
84deecc5e8 ctdb-scripts: Use ss -H option to simplify
This option has been available since ~2018 and has been implemented in
the stub since then.  I guess we didn't use it because CentOS 7?

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15320
RN: Update CTDB to track all TCP connections to public IP addresses

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jerry Heyman <jheyman@ddn.com>
(cherry picked from commit 0505d06b12)
2024-11-25 12:38:16 +00:00
Martin Schwenke
5920d47149 ctdb-scripts: Remove superseded compatibility code
Since commit 224e99804e, square brackets
have been parsed by daemon and tool code, so drop the compatibility
code from here.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15320
RN: Update CTDB to track all TCP connections to public IP addresses

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jerry Heyman <jheyman@ddn.com>
(cherry picked from commit 32e4f78660)
2024-11-25 12:38:16 +00:00
Martin Schwenke
0a571a6dbe ctdb-scripts: update_tickles() should use the public IPs cache
This avoids duplicating logic.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15320
RN: Update CTDB to track all TCP connections to public IP addresses

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jerry Heyman <jheyman@ddn.com>
(cherry picked from commit b3e2c69ad9)
2024-11-25 12:38:16 +00:00
Martin Schwenke
650ce39d63 ctdb-scripts: Don't list connections when not hosting IPs
With an empty IP filter, all incoming connections to port 2049 will be
listed, not just those to public IP addresses.  This causes error
messages like the following to be logged:

  ctdb-eventd[...]: 60.nfs: Failed to add 1 tickles

since the connection being added seems to be for a random NFS mount
that doesn't use a public IP addresses.

This has been a problem for a long time (probably since commit
04fe9e2074 in 2015).  It isn't currently
a huge deal because it only affects NFS connections.  However, this
code will soon be used to track connections to public IP addresses on
all ports.  This would result in a constant stream of log messages,
since there will always be some active connections.

The theory behind the fix is that if a node hosts no public IPs then
it should have no relevant connections and has no business changing
the list of registered tickles.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15320
RN: Update CTDB to track all TCP connections to public IP addresses

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jerry Heyman <jheyman@ddn.com>
(cherry picked from commit 1a4a6c46f1)
2024-11-25 12:38:16 +00:00
Pavel Filipenský
1fcaf066f4 ctdb:events: Add 46.update-keytabs.script for 'recovered' event
BUG: https://bugzilla.samba.org/show_bug.cgi?id=6750

Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2024-07-26 17:12:36 +00:00
Martin Schwenke
ead5a3111f ctdb-daemon: Use ctdb_parse_node_address() in ctdbd
While here, fix a trivial memory leak (ctdbd will exit anyway if this
function fails).

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Anoop C S <anoopcs@samba.org>

Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Tue Jul 23 12:39:18 UTC 2024 on atb-devel-224
2024-07-23 12:39:18 +00:00
Martin Schwenke
181cc097ef ctdb-daemon: Use ctdb_read_nodes() in ctdbd
ctdb_control_getnodesfile() calls ctdb_read_nodes(), which returns a
struct ctdb_node_map rather than the old version, so update associated
marshalling.  While here modernise a debug message and wrap the
function arguments.

For ctdb_load_nodes_file() to use ctdb_read_nodes(), tweak
convert_node_map_to_list() to also use the modern node map structure.

Remove unused copy of ctdb_read_nodes_file().

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Anoop C S <anoopcs@samba.org>
2024-07-23 11:37:34 +00:00
Martin Schwenke
5d2a864c0b ctdb-protocol: Move ctdb_node_map_* to protocol_api.h
Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Anoop C S <anoopcs@samba.org>
2024-07-23 11:37:34 +00:00
Martin Schwenke
fe97d04f18 ctdb-tests: Use ctdb_read_nodes() in the fake ctdbd
Remove unused copy of ctdb_read_nodes_file().

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Anoop C S <anoopcs@samba.org>
2024-07-23 11:37:34 +00:00
Martin Schwenke
3d52258d8a ctdb-tools: Use ctdb_read_nodes() in the ctdb tool
Remove unused copy of ctdb_read_nodes_file().

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Anoop C S <anoopcs@samba.org>
2024-07-23 11:37:34 +00:00
Martin Schwenke
45da2281aa ctdb-conf: Add a common node address handling module
These functions are intended to be used in ctdbd, the ctdb tool and
fake_ctdbd, replacing the different copies in each place.

ctdb_read_nodes() will replace ctdb_read_nodes_file().  The name
change is intentional - in future the location may be something other
than a simple filename.

The static copies of ctdb_read_nodes_file() and node_map_add() are
slightly sanitised versions of those in tools/ctdb.c, with a call to
ctdb_parse_node_address().  A bit more care is taken in node_map_add()
to avoid undefined behaviour if talloc_realloc() fails.

ctdb_parse_node_address() will replace ctdb_parse_address().  There is
an obvious argument change, since the ctdb context argument was
unused.  It can only fail on an invalid node address, so return a
bool.  This function might be changed later to allow the input address
string to include an optional port.

Where to put this module isn't entirely clear.  It could go in common,
so be part of ctdb-util.  However, if it later needs
ctdb-conf (e.g. to allow the node list location to be configurable)
then there would be a direct cyclic dependency.  This is configuration
handling, so conf/ seems sane.  However, I didn't want to put it into
the ctdb-conf target, since some code might need to parse a nodes list
but not need to parse ctdb.conf.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Anoop C S <anoopcs@samba.org>
2024-07-23 11:37:34 +00:00
Martin Schwenke
79c5f451c8 ctdb-protocol: Move definition of CTDB_PORT to protocol
Users of CTDB_PORT will all pick up the new definition.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Anoop C S <anoopcs@samba.org>
2024-07-23 11:37:34 +00:00
Martin Schwenke
67e49d3e54 ctdb-build: Remove unused dependencies on ctdb-util
Since commit ba8f8ef33c.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Anoop C S <anoopcs@samba.org>
2024-07-23 11:37:34 +00:00
Martin Schwenke
8ba8fef8ac ctdb-tests: Correctly handle adding a deleted node at the end
The current fake_ctdbd code for reloading the nodes file overruns the
allocation when adding a deleted node at the end.  This is a very
unlikely case, but it might as well work.

Check the size of the internal node map when marking a node deleted.
Also, update the code that adds a node to correctly set the deleted
flag when appropriate.

The included test case tests this.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Guenther Deschner <gd@samba.org>

Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Wed Jul 17 00:06:53 UTC 2024 on atb-devel-224
2024-07-17 00:06:53 +00:00
Martin Schwenke
340563633c ctdb-tests: Add more reloadnodes unit tests
There are no existing tests to exercise node IP address change
detection.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
2024-07-16 23:05:35 +00:00
Björn Baumbach
056dd415dd ctdb-failover: omit "restrict" optimization keyword
Fails with some compilers with

error: expected ';', ',' or ')' before 'lineptr'

Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Martin Schwenke <martin@meltin.net>

Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Tue Jul  2 23:52:37 UTC 2024 on atb-devel-224
2024-07-02 23:52:37 +00:00
Anoop C S
6ba69da8d3 ctdb/wscript: Remove long pending unsupported option
It has been a while since --with-libcephfs option was dropped. Therefore
stop advertising it through waf scripts.

Signed-off-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Jul  2 09:13:20 UTC 2024 on atb-devel-224
2024-07-02 09:13:20 +00:00
Xavi Hernandez
60550fbe18 Fix starvation of pending writes in CTDB queues
CTDB uses a queue to receive requests and send answers. It works
asynchronously using the tevent framework. However there was an issue
that gave priority to the receiving side so, when a request was
processed and the answer posted to the queue, if another incoming
request arrived, it was served before sending the previous answer.

This scenario could repeat for long periods of time if the frequency of
incoming requests was high enough.

Eventually, a small time gap between incoming request gave a chance to
process the pending output queue, sending many answers in a burst.

This patch makes sure that both queues (input and output) are processed
if the event contains the appropriate flag.

Signed-off-by: Xavi Hernandez <xhernandez@redhat.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Jul  1 09:17:43 UTC 2024 on atb-devel-224
2024-07-01 09:17:43 +00:00
Martin Schwenke
11c4b25331 ctdb-conf: Rename config loading to not be daemon-specific
We might end up using it elsewhere.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>
2024-06-28 18:43:52 +05:30
Martin Schwenke
cf25243421 ctdb-conf: Move conf.[ch] to conf/ subdirectory
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>
2024-06-28 18:43:52 +05:30
Martin Schwenke
52e5e92693 ctdb-conf: Move all conf files to new conf/ subdirectory
Leave common/conf.[ch] where they are to make this commit
comprehensible.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>
2024-06-28 18:43:52 +05:30
Martin Schwenke
415f9f0745 ctdb-failover: Split statd_callout add-client/del-client
rpc.statd is single-threaded and runs its HA callout synchronously. If
it is too slow then latency accumulates and rpc.statd's backlog grows.

Running a pair of add-client/del-client events with the current code
averages ~0.030s in my test environment.  This mean that 1000 clients
reclaiming locks after failover can easily cause 10s of latency.  This
could cause rpc.statd to become unresponsive, resulting in a time out
for an rpcinfo-based health check of the status service.

Split the add-client/del-client events out to a standalone
statd_callout executable, written in C, to be used as the HA callout
for rpc.statd.  All other functions move to statd_callout_helper.
Now, running a pair of add-client/del-client events in my test
environment averages only ~0.002s.  This seems less likely to cause
latency problems.

The standalone statd_callout executable needs to read a configuration
file, which is generated by statd_callout_helper from the "startup"
event.  It also needs access to a list of currently assigned public
IPs.

For backward compatibility, during installation a symlink is created
from $CTDB_BASE/statd-callout to the new statd_callout, which is
installed in the helper directory.

Testing this as part of the eventscript unit tests starts to become
even more of a hack than it used to be.  However, the dependency on
stubs and the corresponding setup of fake state makes it hard to move
this elsewhere.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Tue Jun 25 04:24:57 UTC 2024 on atb-devel-224
2024-06-25 04:24:57 +00:00
Martin Schwenke
089aec2885 ctdb-doc: Drop unnecessary, broken attempt at rpc.statd stack trace
There is a typo here, since there will be no process called "status".
Instead of fixing it, drop this because rpc.statd isn't the focus of
this monitoring check and when systemd is init rpc.statd isn't
restarted with nfs-ganesha.  It stays running, so a confusing stack
trace for rpc.statd is always logged.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2024-06-25 03:16:37 +00:00
Martin Schwenke
707e0ef55b ctdb-scripts: Fail monitoring after 1 x NFS-Ganesha not running
If ganesha.nfsd is gone then a node can't provide an NFS service, so
should be marked unhealthy.  A later restart may bring it back to
health.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2024-06-25 03:16:37 +00:00
Martin Schwenke
4766d4568b ctdb-doc: Add example for NFS-Ganesha RPC checking
This one does an rpcinfo check, along with statistics mitigation.  It
can be used in combination with the existing 20.nfs_ganesha.check.

The equivalent kernel NFS file only restarts every 10 failures.  This
one can be a little more proactive given that false positives are less
likely with the statistics mitigation.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2024-06-25 03:16:37 +00:00
Martin Schwenke
d96078e263 ctdb-scripts: Implement NFS statistics retrieval for NFS-Ganesha
Simplicity is preferred here over absolute correctness.  If the
ganesha_stats command exits with an error or times out then no output
is produced so, implicitly, the statistics do not change.  Also, the
statistics always change at startup.  However, it is likely that the
statistics change when NFS makes progress and do not change when NFS
does not make progress.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2024-06-25 03:16:37 +00:00
Martin Schwenke
5b7d17d44d ctdb-scripts: Add service_stats_command variable to NFS checks
When monitoring an RPC service, the rpcinfo command might time out
even though the service is making progress.  In this case, it is just
slow, so counting the timeout as a failure and potentially restarting
the service will not help.  The problem is determining if a service is
making progress.

Add a new NFS checks service_stats_command.  This command is intended
to run a statistics command.  The output is naively compared using
cmp(1).  If the output changes then rpcinfo failures are converted to
successes.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2024-06-25 03:16:37 +00:00
Günther Deschner
35f6c3f3d4 ctdb/docs: Include ceph rados namespace support in man page
Document the new optional argument to specify the namespace to be
associated with RADOS objects in a pool.

Pair-Programmed-With: Anoop C S <anoopcs@samba.org>
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>

Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Fri Jun 14 07:42:25 UTC 2024 on atb-devel-224
2024-06-14 07:42:25 +00:00
Günther Deschner
d8c52995f6 ctdb/ceph: Add optional namespace support for mutex helper
RADOS objects within a pool can be associated to a namespace for
logical separation. librados already provides an API to configure
such a namespace with respect to a context. Make use of it as an
optional argument to the helper binary.

Pair-Programmed-With: Anoop C S <anoopcs@samba.org>
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
2024-06-14 06:40:37 +00:00
Martin Schwenke
e9eb581043 ctdb-scripts: Protect against races when starting grace period
While the PID check is worth it in relevant cases, NFS-Ganesha still
might go away after the check.  Unfortunately, neither grace command
fails an indicative exit code, so invent one by checking error
messages.  This can then be converted to success by the caller.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu May 30 12:50:01 UTC 2024 on atb-devel-224
2024-05-30 12:50:01 +00:00
Martin Schwenke
911117c79a ctdb-scripts: Check NFS-Ganesha is running before attempting grace
If monitoring has failed because it isn't running, then don't fail
"startipreallocate" or "relaseip" by trying to go into grace.

Don't check this for "takeip".  In that case NFS-Ganesha had better be
running.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-05-30 11:42:30 +00:00
Martin Schwenke
27c53880c2 ctdb-scripts: Improve service PID check
No need to grovel around in /proc.  ps will happily tell us the
command.

Factor out the actual check into a separate function that can be used
elsewhere.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-05-30 11:42:30 +00:00
Martin Schwenke
bc10704aec ctdb-scripts: Improve NFS-Ganesha export path extraction
Path values do not need to have quotes.  The current code fails if
there aren't any.

Instead, implement a 2 stage parser using 2 sed commands.  See
comments in the code for details.

Regexps are POSIX basic regular expressions, apart from \<WORD\> (used
to ensure WORD is on word boundaries, and the 'i' flag for case
insensitivity.  The latter is supported in FreeBSD sed.

This code successfully parses Path values out of the following
monstrosity:

path = "/foo/bar1;a";
   Path = /foo/bar2;
Something = false;
Pseudo = "/foo/bar3x" ; Path = "/foo/bar3; y" ; Access_type = RO;
Pseudo = "/foo/bar4x" ; path=/foo/bar4; Access_type = RO;
Pseudo = "/foo/barNONONO" ; not_Path=/foo/barNONONO; Access_type = RO;
   Path = /foo/bar5
Pseudo = "/foo/bar6x Path=foo" ; Path=/foo/bar6; Access_type = RO

This is probably the best that can be done within a shell script.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-05-30 11:42:30 +00:00
Martin Schwenke
944d9d308d ctdb-scripts: Add script option CTDB_NFS_EXPORTS_FILE
Exports may be contained in an include file rather than the top-level
ganesha.conf.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-05-30 11:42:30 +00:00
Martin Schwenke
1be5b1df1b ctdb-scripts: Fix usage message
An IP address is passed to these actions.

Reported-by: Arnab Tah <atah@ddn.com>
Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-05-30 11:42:30 +00:00
Martin Schwenke
2a3d7c0971 ctdb-scripts: Change NFS-Ganesha PID file location
This is the current default.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-05-30 11:42:30 +00:00
Martin Schwenke
a534f71347 ctdb-scripts: Quote variable expansions
Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-05-30 11:42:30 +00:00
Martin Schwenke
6ffb73bb55 ctdb-scripts: Reformat with "shfmt -w -p -i 0 -fn"
Best reviewed with "git show -w".

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-05-30 11:42:30 +00:00
Martin Schwenke
991d21d075 ctdb-scripts: No longer run statd-callout under sudo
This simplifies and removes a bad hack.  Also, in my test environment,
it also drops the average time take to run an add-client/del-client
pair from ~0.055s to ~0.030s.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-05-30 11:42:30 +00:00
Martin Schwenke
ecb9545b3f ctdb-scripts: Use find_statd_sm_dir() in one more place
Take advantage of new function find_statd_sm_dir() when clearing the
local system statd state directory, so it uses the correct directory
when running on a non-RH distro.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-05-30 11:42:30 +00:00
Martin Schwenke
50b3cebeb3 ctdb-scripts: Set ownership of statd-callout state directory
For add-client and del-client, statd-callout is called by rpc.statd,
which runs as rpcuser, statd or some other non-root system user.  This
means that add-client and del-client can't write in the statd-callout
state directory if it is only writable by root.  rpc.statd must be
able to write to its own local system statd state directory, so find
this directory and use it as a reference to set the ownership of
CTDB's statd-callout state directory.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-05-30 11:42:30 +00:00
Martin Schwenke
608557c6ce ctdb-scripts: Avoid connecting to ctdbd in add-client/del-client
rpc.statd runs statd-callout as a non-root user, which is currently
hacked around using some sudo logic that fails to work in some
contexts (e.g. in a container).

Use $CTDB_MY_PUBLIC_IPS_CACHE to access the node's currently assigned
public IPs, for add-client/del-client.  This avoids connecting to
ctdbd when called from rpc.statd.

Also, use $CTDB_MY_PUBLIC_IPS_CACHE in other places where it makes
sense.

Connections to ctdbd are still made in the "notify" action, but this
is always run as root.

In the test code, set the PNN after public addresses setup so that the
cache of assigned IPs correctly initialised.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-05-30 11:42:30 +00:00
Martin Schwenke
5a4209b713 ctdb-tests: Default PNN is 0
This is called in a couple of places without an argument, so give it a
default.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-05-30 11:42:30 +00:00
Martin Schwenke
ed3f041c30 ctdb-scripts: Add caching function for public IPs
This is way more complicated than I would like but, as per the
comment, this is due to complexities in the way public IPs work.  The
main consumer will be statd-callout, which will then be able to run as
a non-root user.

Also generate the cache file in test code, whenever the PNN is set.
However, this can cause "ctdb ip" to generate a fake IP layout before
public IPs are setup.  So, have the "ctdb ip" stub generate the IP
layout every time it is run to avoid it being stale.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-05-30 11:42:30 +00:00
Martin Schwenke
558cf280b2 ctdb-scripts: Move state directory creation to "startup" action
Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-05-30 11:42:30 +00:00