[PATCHES] CTDB: improved IPv6 support
martin at meltin.net
Wed Dec 3 23:42:51 MST 2014
The attached patch series fixes most problems with IPv6 in CTDB.
The most notable things are:
* For machine-readable output from the "ctdb" CLI tool, effectively
replace "ctdb -Y ..." with "ctdb -X ..." which uses '|' as the field
delimiter. For those that don't want '|', they can use
"ctdb -x<char> ...".
"ctdb -Y ..." is still supported but all documentation and scripts
now use "ctdb -X".
Mathieu, you're CC:ed because this includes a minor change to the
nagios script, which I think is correct but it isn't yet tested. :-)
* When the CTDB daemon loads the nodes file it stores a string
representation of each node's IP address. This representation is now
first converted to canonical form so that IPv6 addresses will
compare more reliably.
* Some functionality has moved from the daemon to the 10.interfaces
eventscript and it now works with IPv6 addresses.
For the past couple of years the release IP code in the daemon has
depended on being able to determine which interface an IP address is
on, rather than trusting vnn->interface. This was done to more
reliably be able to remove rogue IP addresses (present due to
either race conditions or addresses that have been moved by hand).
This is not as easy for IPv6 addresses since the SIOCGIFCONF ioctl
does not support IPv6.
Therefore, this code has been removed and vnn->interface is now
passed to the "releaseip" event, even when it is NULL (in which case
"__none__" is passed). In all cases the eventscript now uses some "ip
addr show to ..." magic to determine the actual interface and netmask
for an IP address being released. If either of these differ from
what was passed then a warning is logged, and the actual interface
and netmask are used to delete the IP address.
I don't think we lost any functionality. The main part of this is in
32c2eab ctdb-scripts: Make 10.interface IPv6-safe
837f36a ctdb-daemon: Trust vnn->interface for an IP when releasing it
* Gratuitous ARP equivalent for IPv6 has been changed to use neighbor
advertisements. This seems to work reliably.
* Due to duplicate address detection in IPv6, the IP address addition
code will try to wait until IPv6 addresses are no longer
"tentative". If this times out or "dadfail" occurs then the IP
address is removed and the operation fails. Note that this could
cause an outage (all nodes unhealthy, one at a time) if a rogue node
refuses to release IPs or if CTDB just dies. It isn't possible to
easily work around this, so it is a design limitation and may need to
be looked at again in the future.
This has been tested on a virtual cluster with IPv6 addresses only, on
both public and private networks.
Please review and push if OK.
These patches are in my ctdb-ipv6 branch:
Still to do:
* Update policy routing to work with IPv6. There's some code in there
that only works for IPv4.
* Other features like LVS.
peace & happiness,
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 99421 bytes
Desc: not available
More information about the samba-technical