[SCM] CTDB repository - branch 1.0.112 updated - ctdb-1.0.111-58-g7bbf083
Ronnie Sahlberg
sahlberg at samba.org
Tue Apr 6 18:46:18 MDT 2010
The branch, 1.0.112 has been updated
via 7bbf08373eea95d8a859043cf0f9063e77c8c133 (commit)
via 8f2e48b74b96219a3b4258ec864a5652883620e4 (commit)
from f5ac659e4df9ba6ee4652aeb9b4f5a01b532fd99 (commit)
http://gitweb.samba.org/?p=sahlberg/ctdb.git;a=shortlog;h=1.0.112
- Log -----------------------------------------------------------------
commit 7bbf08373eea95d8a859043cf0f9063e77c8c133
Author: Ronnie Sahlberg <ronniesahlberg at gmail.com>
Date: Wed Apr 7 10:42:51 2010 +1000
Lower the loglevel for "Recovery lock successfully taken"
from ERR to NOTICE
BZ62086
commit 8f2e48b74b96219a3b4258ec864a5652883620e4
Author: Ronnie Sahlberg <ronniesahlberg at gmail.com>
Date: Wed Mar 31 11:20:25 2010 +1100
Volker experienced a situation where we leaked iptable rules
and continued to block an ipaddress after a recovery had completed.
Rework how we handle the iptables blocking and use a new separate
table for all failover related blocks so that we can find these rules and
remove them more easily from outside of the takeip and releaseip events.
-----------------------------------------------------------------------
Summary of changes:
config/events.d/10.interface | 38 ++++++++++++++++++++++++++++++++++----
server/ctdb_recover.c | 2 +-
server/ctdb_recoverd.c | 2 +-
3 files changed, 36 insertions(+), 6 deletions(-)
Changeset truncated at 500 lines:
diff --git a/config/events.d/10.interface b/config/events.d/10.interface
index f881808..88ab2e9 100755
--- a/config/events.d/10.interface
+++ b/config/events.d/10.interface
@@ -17,6 +17,31 @@ loadconfig
exit 0
}
+add_failover_block() {
+ # Make sure our chain exists
+ iptables -N ctdbfailover 2> /dev/null
+
+ # make sure we link to it from INPUT
+ iptables -L INPUT -n | grep ctdbfailover >/dev/null 2>/dev/null || {
+ iptables -I INPUT -j ctdbfailover
+ }
+ # block this ip
+ iptables -I ctdbfailover -i $1 -d $2 -j DROP
+}
+
+delete_failover_block() {
+ iptables -D ctdbfailover -i $1 -d $2 -j DROP 2>/dev/null
+}
+
+delete_all_failover_blocks() {
+ # make sure to remova all links to the ctdbfailover table
+ while iptables -L INPUT -n | grep ctdbfailover >/dev/null 2>/dev/null ; do
+ iptables -D INPUT -j ctdbfailover
+ done
+ iptables -F ctdbfailover 2>/dev/null
+ iptables -X ctdbfailover 2>/dev/null
+}
+
case "$1" in
#############################
# called when ctdbd starts up
@@ -58,7 +83,7 @@ case "$1" in
echo "Failed to add $ip/$maskbits on dev $iface"
}
# cope with the script being killed while we have the interface blocked
- iptables -D INPUT -i $iface -d $ip -j DROP 2> /dev/null
+ delete_failover_block $iface $ip
# flush our route cache
echo 1 > /proc/sys/net/ipv4/route/flush
@@ -89,8 +114,8 @@ case "$1" in
failed=0
# we do an extra delete to cope with the script being killed
- iptables -D INPUT -i $iface -d $ip -j DROP 2> /dev/null
- iptables -I INPUT -i $iface -d $ip -j DROP
+ delete_failover_block $iface $ip
+ add_failover_block $iface $ip
kill_tcp_connections $ip
# the ip tool will delete all secondary IPs if this is the primary. To work around
@@ -111,7 +136,7 @@ case "$1" in
fi
done
}
- iptables -D INPUT -i $iface -d $ip -j DROP 2> /dev/null
+ delete_failover_block $iface $ip
[ $failed = 0 ] || {
echo "Failed to del $ip on dev $iface"
exit 1
@@ -125,14 +150,19 @@ case "$1" in
###########################################
# called when ctdbd has finished a recovery
recovered)
+ delete_all_failover_blocks
;;
####################################
# called when ctdbd is shutting down
shutdown)
+ delete_all_failover_blocks
;;
monitor)
+ # make sure we dont block any ips when we are outside of recovery
+ delete_all_failover_blocks
+
INTERFACES=`cat $CTDB_PUBLIC_ADDRESSES |
sed -e "s/^[^\t ]*[\t ]*//" -e "s/[\t ]*$//"`
diff --git a/server/ctdb_recover.c b/server/ctdb_recover.c
index ed5c22b..4a1e04c 100644
--- a/server/ctdb_recover.c
+++ b/server/ctdb_recover.c
@@ -819,7 +819,7 @@ bool ctdb_recovery_lock(struct ctdb_context *ctdb, bool keep)
}
if (keep) {
- DEBUG(DEBUG_ERR, ("Recovery lock taken successfully\n"));
+ DEBUG(DEBUG_NOTICE, ("Recovery lock taken successfully\n"));
}
DEBUG(DEBUG_NOTICE,("ctdb_recovery_lock: Got recovery lock on '%s'\n", ctdb->recovery_lock_file));
diff --git a/server/ctdb_recoverd.c b/server/ctdb_recoverd.c
index 80dbc1e..f94d43b 100644
--- a/server/ctdb_recoverd.c
+++ b/server/ctdb_recoverd.c
@@ -1274,7 +1274,7 @@ static int do_recovery(struct ctdb_recoverd *rec,
return -1;
}
ctdb_ctrl_report_recd_lock_latency(ctdb, CONTROL_TIMEOUT(), timeval_elapsed(&start_time));
- DEBUG(DEBUG_ERR,("Recovery lock taken successfully by recovery daemon\n"));
+ DEBUG(DEBUG_NOTICE,("Recovery lock taken successfully by recovery daemon\n"));
}
DEBUG(DEBUG_NOTICE, (__location__ " Recovery initiated due to problem with node %u\n", rec->last_culprit_node));
--
CTDB repository
More information about the samba-cvs
mailing list