From d59a000da2766476538bb82d1889f5c0f3882f9f Mon Sep 17 00:00:00 2001

From: Jan Friesse <jfriesse@redhat.com>

Date: Wed, 2 Mar 2022 18:43:31 +0100

Subject: [PATCH] corosync-qnetd: Add resource agent

Mostly for better monitor operation using corosync-qnetd-tool. As qnetd

is (almost) stateless only directory which has to be copied (once)

across the nodes is nss db directory (usually

/etc/corosync/qnetd/nssdb).

Signed-off-by: Jan Friesse <jfriesse@redhat.com>

---

 doc/man/Makefile.am      |   1 +

 heartbeat/Makefile.am    |   1 +

 heartbeat/corosync-qnetd | 353 +++++++++++++++++++++++++++++++++++++++

 3 files changed, 355 insertions(+)

 create mode 100755 heartbeat/corosync-qnetd

diff --git a/doc/man/Makefile.am b/doc/man/Makefile.am

index 1093717fe..013aa392d 100644

--- a/doc/man/Makefile.am

+++ b/doc/man/Makefile.am

@@ -127,6 +127,7 @@ man_MANS                = ocf_heartbeat_AoEtarget.7 \

                           ocf_heartbeat_azure-lb.7 \

                           ocf_heartbeat_clvm.7 \

                           ocf_heartbeat_conntrackd.7 \

+                          ocf_heartbeat_corosync-qnetd.7 \

                           ocf_heartbeat_crypt.7 \

                           ocf_heartbeat_db2.7 \

                           ocf_heartbeat_dhcpd.7 \

diff --git a/heartbeat/Makefile.am b/heartbeat/Makefile.am

index 67b400679..38154e2da 100644

--- a/heartbeat/Makefile.am

+++ b/heartbeat/Makefile.am

@@ -101,6 +101,7 @@ ocf_SCRIPTS	      = AoEtarget		\

 			azure-lb		\

 			clvm			\

 			conntrackd		\

+			corosync-qnetd		\

 			crypt			\

 			db2			\

 			dhcpd			\

diff --git a/heartbeat/corosync-qnetd b/heartbeat/corosync-qnetd

new file mode 100755

index 000000000..6b9777711

--- /dev/null

+++ b/heartbeat/corosync-qnetd

@@ -0,0 +1,353 @@

+#!/bin/sh

+#

+# Copyright (C) 2022 Red Hat, Inc.  All rights reserved.

+#

+# Authors: Jan Friesse <jfriesse@redhat.com>

+#

+# This program is free software; you can redistribute it and/or modify

+# it under the terms of version 2 of the GNU General Public License as

+# published by the Free Software Foundation.

+#

+# This program is distributed in the hope that it would be useful, but

+# WITHOUT ANY WARRANTY; without even the implied warranty of

+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

+#

+# Further, this software is distributed without any warranty that it is

+# free of the rightful claim of any third person regarding infringement

+# or the like.  Any license provided herein, whether implied or

+# otherwise, applies only to this software file.  Patent licenses, if

+# any, provided herein do not apply to combinations of this program with

+# other software, or any other product whatsoever.

+#

+# You should have received a copy of the GNU General Public License

+# along with this program; if not, write the Free Software Foundation,

+# Inc., 59 Temple Place - Suite 330, Boston MA 02111-1307, USA.

+#

+

+# Initialization:

+: "${OCF_FUNCTIONS_DIR=${OCF_ROOT}/lib/heartbeat}"

+. "${OCF_FUNCTIONS_DIR}/ocf-shellfuncs"

+

+# Use runuser if available for SELinux.

+if [ -x "/sbin/runuser" ]; then

+    SU="runuser"

+else

+    SU="su"

+fi

+

+# Attempt to detect a default binary

+OCF_RESKEY_binary_default=$(which corosync-qnetd 2> /dev/null)

+if [ "${OCF_RESKEY_binary_default}" = "" ]; then

+    OCF_RESKEY_binary_default="/usr/bin/corosync-qnetd"

+fi

+

+# Defaults

+OCF_RESKEY_qnetd_opts_default=""

+OCF_RESKEY_qnetd_tool_binary_default="/usr/bin/corosync-qnetd-tool"

+OCF_RESKEY_ip_default=""

+OCF_RESKEY_port_default=""

+OCF_RESKEY_nss_db_dir_default=""

+OCF_RESKEY_pid_default="/var/run/corosync-qnetd/corosync-qnetd-${OCF_RESOURCE_INSTANCE}.pid"

+OCF_RESKEY_ipc_sock_default="/var/run/corosync-qnetd/corosync-qnetd-${OCF_RESOURCE_INSTANCE}.sock"

+OCF_RESKEY_user_default="coroqnetd"

+OCF_RESKEY_group_default="${OCF_RESKEY_user_default}"

+

+: "${OCF_RESKEY_binary=${OCF_RESKEY_binary_default}}"

+: "${OCF_RESKEY_qnetd_opts=${OCF_RESKEY_qnetd_opts_default}}"

+: "${OCF_RESKEY_qnetd_tool_binary=${OCF_RESKEY_qnetd_tool_binary_default}}"

+: "${OCF_RESKEY_ip=${OCF_RESKEY_ip_default}}"

+: "${OCF_RESKEY_port=${OCF_RESKEY_port_default}}"

+: "${OCF_RESKEY_nss_db_dir=${OCF_RESKEY_nss_db_dir_default}}"

+: "${OCF_RESKEY_pid=${OCF_RESKEY_pid_default}}"

+: "${OCF_RESKEY_ipc_sock=${OCF_RESKEY_ipc_sock_default}}"

+: "${OCF_RESKEY_user=${OCF_RESKEY_user_default}}"

+: "${OCF_RESKEY_group=${OCF_RESKEY_group_default}}"

+

+corosync_qnetd_usage() {

+    cat <

+usage: $0 {start|stop|status|monitor|validate-all|meta-data}

+

+Expects to have a fully populated OCF RA-compliant environment set.

+END

+}

+

+corosync_qnetd_meta_data() {

+        cat <

+

+

+<resource-agent name="corosync-qnetd" version="1.0">

+<version>1.0</version>

+

+<longdesc lang="en">OCF Resource script for corosync-qnetd. It manages a corosync-qnetd

+instance as a HA resource. It is required to copy nss db directory (usually /etc/corosync/qnetd/nssdb)

+across all nodes (only once - after database is initialized).</longdesc>

+<shortdesc lang="en">Corosync QNet daemon resource agent</shortdesc>

+

+<parameters>

+

+<parameter name="binary">

+    <longdesc lang="en">Location of the corosync-qnetd binary</longdesc>

+    <shortdesc lang="en">corosync-qnetd binary</shortdesc>

+    <content type="string" default="${OCF_RESKEY_binary_default}" />

+</parameter>

+

+<parameter name="qnetd_opts">

+    <longdesc lang="en">

+        Additional options for corosync-qnetd binary. "-4" for example.

+    </longdesc>

+    <shortdesc lang="en">corosync-qnetd extra options</shortdesc>

+    <content type="string" default="${OCF_RESKEY_qnetd_opts_default}" />

+</parameter>

+

+<parameter name="qnetd_tool_binary">

+    <longdesc lang="en">

+        The absolute path to the corosync-qnetd-tool for monitoring with OCF_CHECK_LEVEL greater zero.

+    </longdesc>

+    <shortdesc lang="en">The absolute path to the corosync-qnetd-tool binary</shortdesc>

+    <content type="string" default="${OCF_RESKEY_qnetd_tool_binary_default}" />

+</parameter>

+

+<parameter name="ip">

+    <longdesc lang="en">

+        IP address to listen on. By default the daemon listens on all addresses (wildcard).

+    </longdesc>

+    <shortdesc lang="en">IP address to listen on</shortdesc>

+    <content type="string" default="${OCF_RESKEY_ip_default}" />

+</parameter>

+

+<parameter name="port">

+    <longdesc lang="en">

+        TCP port to listen on. Default port is 5403.

+    </longdesc>

+    <shortdesc lang="en">TCP port to listen on</shortdesc>

+    <content type="string" default="${OCF_RESKEY_port_default}" />

+</parameter>

+

+<parameter name="nss_db_dir">

+    <longdesc lang="en">

+        Location of the corosync-qnetd nss db directory (empty for default - usually /etc/corosync/qnetd/nssdb)

+    </longdesc>

+    <shortdesc lang="en">corosync-qnetd nss db directory</shortdesc>

+    <content type="string" default="${OCF_RESKEY_nss_db_dir_default}" />

+</parameter>

+

+<parameter name="pid">

+    <longdesc lang="en">

+        Location of the corosync-qnetd pid/lock

+    </longdesc>

+    <shortdesc lang="en">corosync-qnetd pid file</shortdesc>

+    <content type="string" default="${OCF_RESKEY_pid_default}" />

+</parameter>

+

+<parameter name="ipc_sock">

+    <longdesc lang="en">

+        Location of the corosync-qnetd ipc socket

+    </longdesc>

+    <shortdesc lang="en">corosync-qnetd ipc socket file</shortdesc>

+    <content type="string" default="${OCF_RESKEY_ipc_sock_default}" />

+</parameter>

+

+<parameter name="user">

+    <longdesc lang="en">User running corosync-qnetd</longdesc>

+    <shortdesc lang="en">corosync-qnetd user</shortdesc>

+    <content type="string" default="${OCF_RESKEY_user_default}" />

+</parameter>

+

+<parameter name="group">

+    <longdesc lang="en">Group running corosync-qnetd</longdesc>

+    <shortdesc lang="en">corosync-qnetd group</shortdesc>

+    <content type="string" default="${OCF_RESKEY_group_default}" />

+</parameter>

+

+</parameters>

+

+<actions>

+<action name="start" timeout="20s" />

+<action name="stop" timeout="20s" />

+<action name="status" timeout="20s" />

+<action name="monitor" depth="0" timeout="20s" interval="10s" start-delay="10s" />

+<action name="validate-all" timeout="20s" />

+<action name="meta-data" timeout="20s" />

+</actions>

+</resource-agent>

+END

+}

+

+corosync_qnetd_status() {

+    ocf_pidfile_status "${OCF_RESKEY_pid}" > /dev/null 2>&1

+    case "$?" in

+        0)

+            rc="$OCF_SUCCESS"

+            ;;

+        1|2)

+            rc="$OCF_NOT_RUNNING"

+            ;;

+        *)

+            rc="$OCF_ERR_GENERIC"

+            ;;

+    esac

+

+    return "$rc"

+}

+

+corosync_qnetd_start() {

+    corosync_qnetd_validate_all

+    rc="$?"

+

+    if [ "$rc" -ne 0 ]; then

+        return "$rc"

+    fi

+

+    # if resource is already running,no need to continue code after this.

+    if corosync_qnetd_status; then

+        ocf_log info "corosync-qnetd is already running"

+        return "${OCF_SUCCESS}"

+    fi

+

+    pid_dir=$(dirname "${OCF_RESKEY_pid}")

+    sock_dir=$(dirname "${OCF_RESKEY_ipc_sock}")

+

+    for d in "$pid_dir" "$sock_dir";do

+        if [ ! -d "$d" ];then

+            mkdir -p "$d"

+            chmod 0770 "$d"

+            chown "${OCF_RESKEY_user}:${OCF_RESKEY_group}" "$d"

+        fi

+    done

+

+    params="-S \"local_socket_file=${OCF_RESKEY_ipc_sock}\" -S \"lock_file=${OCF_RESKEY_pid}\""

+

+    if [ -n "${OCF_RESKEY_nss_db_dir}" ];then

+        params="$params -S \"nss_db_dir=${OCF_RESKEY_nss_db_dir}\""

+    fi

+

+    if [ -n "${OCF_RESKEY_ip}" ];then

+        params="$params -l \"${OCF_RESKEY_ip}\""

+    fi

+

+    if [ -n "${OCF_RESKEY_port}" ];then

+        params="$params -p \"${OCF_RESKEY_port}\""

+    fi

+

+    params="$params ${OCF_RESKEY_qnetd_opts}"

+

+    ocf_run "$SU" -s "/bin/sh" "${OCF_RESKEY_user}" -c "${OCF_RESKEY_binary} $params"

+

+    while :; do

+        corosync_qnetd_monitor "debug"

+        rc="$?"

+

+        if [ "$rc" -eq "${OCF_SUCCESS}" ]; then

+            break

+        fi

+        sleep 1

+

+        ocf_log debug "corosync-qnetd still hasn't started yet. Waiting..."

+    done

+

+    ocf_log info "corosync-qnetd started"

+    return "${OCF_SUCCESS}"

+}

+

+corosync_qnetd_stop() {

+    corosync_qnetd_status

+

+    if [ "$?" -ne "$OCF_SUCCESS" ]; then

+        # Currently not running. Nothing to do.

+        ocf_log info "corosync-qnetd is already stopped"

+

+        return "$OCF_SUCCESS"

+    fi

+

+    pid=$(cat "${OCF_RESKEY_pid}")

+    kill "$pid"

+

+    # Wait for process to stop

+    while corosync_qnetd_monitor "debug"; do

+        sleep 1

+    done

+

+    ocf_log info "corosync-qnetd stopped"

+    return "$OCF_SUCCESS"

+}

+

+corosync_qnetd_monitor() {

+    loglevel=${1:-err}

+

+    corosync_qnetd_status

+    rc="$?"

+

+    if [ "$rc" -ne "$OCF_SUCCESS" ];then

+        return "$rc"

+    fi

+

+    out=$("${OCF_RESKEY_qnetd_tool_binary}" -s -p "${OCF_RESKEY_ipc_sock}" 2>&1 >/dev/null)

+    rc="$?"

+

+    if [ "$rc" != 0 ];then

+        ocf_log "$loglevel" "$out"

+    fi

+

+    case "$rc" in

+        "0") rc="$OCF_SUCCESS" ;;

+        "3") rc="$OCF_NOT_RUNNING" ;;

+        *) rc="$OCF_ERR_GENERIC" ;;

+    esac

+

+    return "$rc"

+}

+

+corosync_qnetd_validate_all() {

+    check_binary "${OCF_RESKEY_binary}"

+

+    check_binary "${OCF_RESKEY_qnetd_tool_binary}"

+}

+

+

+# **************************** MAIN SCRIPT ************************************

+

+# Make sure meta-data and usage always succeed

+case "$__OCF_ACTION" in

+    meta-data)

+        corosync_qnetd_meta_data

+        exit "$OCF_SUCCESS"

+        ;;

+    usage|help)

+        corosync_qnetd_usage

+        exit "$OCF_SUCCESS"

+        ;;

+esac

+

+# This OCF agent script need to be run as root user.

+if ! ocf_is_root; then

+        echo "$0 agent script need to be run as root user."

+        ocf_log debug "$0 agent script need to be run as root user."

+        exit "$OCF_ERR_GENERIC"

+fi

+

+# Translate each action into the appropriate function call

+case "$__OCF_ACTION" in

+    start)

+        corosync_qnetd_start

+        ;;

+    stop)

+        corosync_qnetd_stop

+        ;;

+    status)

+        corosync_qnetd_status

+        ;;

+    monitor)

+        corosync_qnetd_monitor

+        ;;

+    validate-all)

+        corosync_qnetd_validate_all

+        ;;

+    *)

+        corosync_qnetd_usage

+        exit "$OCF_ERR_UNIMPLEMENTED"

+        ;;

+esac

+

+rc="$?"

+exit "$rc"

+# End of this script