Page Menu
Home
ClusterLabs Projects
Search
Configure Global Search
Log In
Files
F1841987
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Flag For Later
Award Token
Size
19 KB
Referenced Files
None
Subscribers
None
View Options
diff --git a/rgmanager/src/resources/ip.sh b/rgmanager/src/resources/ip.sh
index 2e0ca0321..112c5b27a 100644
--- a/rgmanager/src/resources/ip.sh
+++ b/rgmanager/src/resources/ip.sh
@@ -1,948 +1,948 @@
#!/bin/bash
#
# IPv4/IPv6 address management using new /sbin/ifcfg instead of
# ifconfig utility.
#
LC_ALL=C
LANG=C
PATH=/bin:/sbin:/usr/bin:/usr/sbin
export LC_ALL LANG PATH
# Grab nfs lock tricks if available
export NFS_TRICKS=1
if [ -f "$(dirname $0)/svclib_nfslock" ]; then
. $(dirname $0)/svclib_nfslock
NFS_TRICKS=0
fi
. $(dirname $0)/ocf-shellfuncs
meta_data()
{
cat <<EOT
<?xml version="1.0" ?>
<resource-agent version="rgmanager 2.0" name="ip">
<version>1.0</version>
<longdesc lang="en">
This is an IP address. Both IPv4 and IPv6 addresses are supported,
as well as NIC link monitoring for each IP address.
</longdesc>
<shortdesc lang="en">
This is an IP address.
</shortdesc>
<parameters>
<parameter name="address" unique="1" primary="1">
<longdesc lang="en">
IPv4 or IPv6 address to use as a virtual IP
resource.
</longdesc>
<shortdesc lang="en">
IP Address
</shortdesc>
<content type="string"/>
</parameter>
<parameter name="family">
<longdesc lang="en">
IPv4 or IPv6 address protocol family.
</longdesc>
<shortdesc lang="en">
Family
</shortdesc>
<!--
<val>auto</val>
<val>inet</val>
<val>inet6</val>
-->
<content type="string"/>
</parameter>
<parameter name="monitor_link">
<longdesc lang="en">
Enabling this causes the status check to fail if
the link on the NIC to which this IP address is
bound is not present.
</longdesc>
<shortdesc lang="en">
Monitor NIC Link
</shortdesc>
<content type="boolean" default="1"/>
</parameter>
<parameter name="nfslock" inherit="service%nfslock">
<longdesc lang="en">
If set and unmounting the file system fails, the node will
try to kill lockd and issue reclaims across all remaining
network interface cards.
</longdesc>
<shortdesc lang="en">
Enable NFS lock workarounds
</shortdesc>
<content type="boolean"/>
</parameter>
<parameter name="sleeptime">
<longdesc lang="en">
Amount of time to sleep after removing an IP address.
Value is specified in seconds. Default value is 10.
</longdesc>
<shortdesc lang="en">
Amount of time (seconds) to sleep.
</shortdesc>
<content type="string"/>
</parameter>
</parameters>
<actions>
<action name="start" timeout="20"/>
<action name="stop" timeout="20"/>
<!-- No recover action. If the IP address is not useable, then
resources may or may not depend on it. If it's been
deconfigured, resources using it are in a bad state. -->
<!-- Checks to see if the IP is up and (optionally) the link is
working -->
<action name="status" interval="20" timeout="10"/>
<action name="monitor" interval="20" timeout="10"/>
<!-- Checks to see if we can ping the IP address locally -->
<action name="status" depth="10" interval="60" timeout="20"/>
<action name="monitor" depth="10" interval="60" timeout="20"/>
<action name="meta-data" timeout="20"/>
<action name="validate-all" timeout="20"/>
</actions>
<special tag="rgmanager">
<attributes maxinstances="1"/>
<child type="nfsclient" forbid="1"/>
<child type="nfsexport" forbid="1"/>
</special>
</resource-agent>
EOT
}
verify_address()
{
# XXX TBD
return 0
}
verify_all()
{
# XXX TBD
return 0
}
#
# Expand an IPv6 address.
#
ipv6_expand()
{
typeset addr=$1
typeset maskbits
typeset -i x
maskbits=${addr/*\//}
if [ "$maskbits" = "$addr" ]; then
maskbits=""
else
# chop off mask bits
addr=${addr/\/*/}
fi
# use space as placeholder
addr=${addr/::/\ }
# get rid of colons
addr=${addr//:/}
# add in zeroes where the doublecolon was
len=$((${#addr}-1))
zeroes=
while [ $len -lt 32 ]; do
zeroes="0$zeroes"
((len++))
done
addr=${addr/\ /$zeroes}
# probably a better way to do this
for (( x=0; x < ${#addr} ; x++)); do
naddr=$naddr${addr:x:1}
if (( x < (${#addr} - 1) && x%4 == 3)); then
naddr=$naddr:
fi
done
if [ -n "$maskbits" ]; then
echo "$naddr/$maskbits"
return 0
fi
echo "$naddr"
return 0
}
#
# see if two ipv6 addrs are in the same subnet
#
ipv6_same_subnet()
{
declare addrl=$1
declare addrr=$2
declare m=$3
declare r x llsb rlsb
if [ $# -lt 2 ]; then
ocf_log err "usage: ipv6_same_subnet addr1 addr2 [mask]"
return 255
fi
if [ -z "$m" ]; then
m=${addrl/*\//}
[ -n "$m" ] || return 1
fi
if [ "${addrr}" != "${addrr/*\//}" ] &&
[ "$m" != "${addrr/*\//}" ]; then
return 1
fi
addrl=${addrl/\/*/}
if [ ${#addrl} -lt 39 ]; then
addrl=$(ipv6_expand $addrl)
fi
addrr=${addrr/\/*/}
if [ ${#addrr} -lt 39 ]; then
addrr=$(ipv6_expand $addrr)
fi
# Calculate the amount to compare directly
x=$(($m/4+$m/16-(($m%4)==0)))
# and the remaining number of bits
r=$(($m%4))
if [ $r -ne 0 ]; then
# If we have any remaining bits, we will need to compare
# them later. Get them now.
llsb=`printf "%d" 0x${addrl:$x:1}`
rlsb=`printf "%d" 0x${addrr:$x:1}`
# One less byte to compare directly, please
((--x))
fi
# direct (string comparison) to see if they are equal
if [ "${addrl:0:$x}" != "${addrr:0:$x}" ]; then
return 1
fi
case $r in
0)
return 0
;;
1)
[ $(($llsb & 8)) -eq $(($rlsb & 8)) ]
return $?
;;
2)
[ $(($llsb & 12)) -eq $(($rlsb & 12)) ]
return $?
;;
3)
[ $(($llsb & 14)) -eq $(($rlsb & 14)) ]
return $?
;;
esac
return 1
}
ipv4_same_subnet()
{
declare addrl=$1
declare addrr=$2
declare m=$3
declare r x llsb rlsb
if [ $# -lt 2 ]; then
ocf_log err "usage: ipv4_same_subnet current_addr new_addr [maskbits]"
return 255
fi
#
# Chop the netmask off of the ipaddr:
# e.g. 1.2.3.4/22 -> 22
#
if [ -z "$m" ]; then
m=${addrl/*\//}
[ -n "$m" ] || return 1
fi
#
# Check to see if there was a subnet mask provided on the
# new IP address. If there was one and it does not match
# our expected subnet mask, we are done.
#
if [ "${addrr}" != "${addrr/\/*/}" ] &&
[ "$m" != "${addrr/*\//}" ]; then
return 1
fi
#
# Chop off subnet bits for good.
#
addrl=${addrl/\/*/}
addrr=${addrr/\/*/}
#
# Remove '.' characters from dotted decimal notation and save
# in arrays. i.e.
#
# 192.168.1.163 -> array[0] = 192
# array[1] = 168
# array[2] = 1
# array[3] = 163
#
let x=0
for quad in ${addrl//./\ }; do
ip1[((x++))]=$quad
done
x=0
for quad in ${addrr//./\ }; do
ip2[((x++))]=$quad
done
x=0
while [ $m -ge 8 ]; do
((m-=8))
if [ ${ip1[x]} -ne ${ip2[x]} ]; then
return 1
fi
((x++))
done
case $m in
0)
return 0
;;
1)
[ $((${ip1[x]} & 128)) -eq $((${ip2[x]} & 128)) ]
return $?
;;
2)
[ $((${ip1[x]} & 192)) -eq $((${ip2[x]} & 192)) ]
return $?
;;
3)
[ $((${ip1[x]} & 224)) -eq $((${ip2[x]} & 224)) ]
return $?
;;
4)
[ $((${ip1[x]} & 240)) -eq $((${ip2[x]} & 240)) ]
return $?
;;
5)
[ $((${ip1[x]} & 248)) -eq $((${ip2[x]} & 248)) ]
return $?
;;
6)
[ $((${ip1[x]} & 252)) -eq $((${ip2[x]} & 252)) ]
return $?
;;
7)
[ $((${ip1[x]} & 254)) -eq $((${ip2[x]} & 254)) ]
return $?
;;
esac
return 1
}
ipv6_list_interfaces()
{
declare idx dev ifaddr
declare ifaddr_exp
while read idx dev ifaddr; do
isSlave $dev
if [ $? -ne 2 ]; then
continue
fi
idx=${idx/:/}
ifaddr_exp=$(ipv6_expand $ifaddr)
echo $dev ${ifaddr_exp/\/*/} ${ifaddr_exp/*\//}
done < <(/sbin/ip -o -f inet6 addr | awk '{print $1,$2,$4}')
return 0
}
#
# Find slaves for a bonded interface
#
findSlaves()
{
declare mastif=$1
declare line
declare intf
declare interfaces
if [ -z "$mastif" ]; then
ocf_log err "usage: findSlaves <master I/F>"
return $OCF_ERR_ARGS
fi
line=$(/sbin/ip link list dev $mastif | grep "<.*MASTER.*>")
if [ $? -ne 0 ]; then
ocf_log err "Error determining status of $mastif"
return $OCF_ERR_GENERIC
fi
if [ -z "`/sbin/ip link list dev $mastif | grep \"<.*MASTER.*>\"`" ]
then
ocf_log err "$mastif is not a master device"
return $OCF_ERR_GENERIC
fi
## Strip possible VLAN (802.1q) suffixes
## - Roland Gadinger <roland.gadinger@beko.at>
mastif=${mastif%%.*}
while read line; do
set - $line
interfaces="${2/:/} $interfaces"
done < <( /sbin/ip -o link list | grep "master $mastif" )
echo $interfaces
}
isSlave()
{
declare intf=$1
declare line
if [ -z "$intf" ]; then
ocf_log err "usage: isSlave <I/F>"
return $OCF_ERR_ARGS
fi
line=$(/sbin/ip link list dev $intf)
if [ $? -ne 0 ]; then
ocf_log err "$intf not found"
return $OCF_ERR_GENERIC
fi
if [ "$line" = "${line/<*SLAVE*>/}" ]; then
return 2
fi
# Yes, it is a slave device. Ignore.
return 0
}
#
# Check if interface is in UP state
#
interface_up()
{
declare intf=$1
if [ -z "$intf" ]; then
ocf_log err "usage: interface_up <I/F>"
return 1
fi
line=$(/sbin/ip -o link show up dev $intf 2> /dev/null)
[ -z "$line" ] && return 2
return 0
}
ethernet_link_up()
{
declare linkstate=$(ethtool $1 | grep "Link detected:" |\
awk '{print $3}')
[ -n "$linkstate" ] || return 0
case $linkstate in
yes)
return 0
;;
*)
return 1
;;
esac
return 1
}
#
# Checks the physical link status of an ethernet or bonded interface.
#
network_link_up()
{
declare slaves
declare intf_arg=$1
declare link_up=1 # Assume link down
declare intf_test
if [ -z "$intf_arg" ]; then
ocf_log err "usage: network_link_up <intf>"
return 1
fi
#
# XXX assumes bond* interfaces are the bonding driver. (Fair
# assumption on Linux, I think)
#
if [ "${intf_arg/bond/}" != "$intf_arg" ]; then
#
# With Xen we must check for slaves of pbondX, not bondX
#
masterif=$intf_arg
line=$(ip link list | awk {'print $2'} | grep "p$intf_arg:")
if [ $? -eq 0 ] ; then
masterif="p$intf_arg"
fi
#
# Bonded driver. Check link of all slaves for this interface.
# If any link is up, the bonding driver is expected to route
# traffic through that link. Thus, the entire bonded link
# is declared up.
#
slaves=$(findSlaves $masterif)
if [ $? -ne 0 ]; then
ocf_log err "Error finding slaves of $intf_arg"
return 1
fi
for intf_test in $slaves; do
ethernet_link_up $intf_test && link_up=0
done
else
ethernet_link_up $intf_arg
link_up=$?
fi
if [ $link_up -eq 0 ]; then
ocf_log debug "Link for $intf_arg: Detected"
else
ocf_log warn "Link for $intf_arg: Not detected"
fi
return $link_up
}
ipv4_list_interfaces()
{
declare idx dev ifaddr
while read idx dev ifaddr; do
isSlave $dev
if [ $? -ne 2 ]; then
continue
fi
idx=${idx/:/}
echo $dev ${ifaddr/\/*/} ${ifaddr/*\//}
done < <(/sbin/ip -o -f inet addr | awk '{print $1,$2,$4}')
return 0
}
#
# Add an IP address to our interface.
#
ipv6()
{
declare dev maskbits
declare addr=$2
declare addr_exp=$(ipv6_expand $addr)
while read dev ifaddr_exp maskbits; do
if [ -z "$dev" ]; then
continue
fi
if [ "$1" = "add" ]; then
ipv6_same_subnet $ifaddr_exp/$maskbits $addr_exp
if [ $? -ne 0 ]; then
continue
fi
interface_up $dev
if [ $? -ne 0 ]; then
continue
fi
network_link_up $dev
if [ $? -ne 0 ]; then
continue
fi
ocf_log info "Adding IPv6 address $addr to $dev"
fi
if [ "$1" = "del" ]; then
if [ "${addr_exp/\/*/}" != "$ifaddr_exp" ]; then
continue
fi
ocf_log info "Removing IPv6 address $addr from $dev"
fi
/sbin/ip -f inet6 addr $1 dev $dev $addr
[ $? -ne 0 ] && return 1
#
# NDP should take of figuring out our new address. Plus,
# we do not have something (like arping) to do this for ipv6
# anyway.
#
# RFC 2461, section 7.2.6 states thusly:
#
# Note that because unsolicited Neighbor Advertisements do not
# reliably update caches in all nodes (the advertisements might
# not be received by all nodes), they should only be viewed as
# a performance optimization to quickly update the caches in
# most neighbors.
#
# Not sure if this is necessary for ipv6 either.
file=$(which rdisc 2>/dev/null)
if [ -f "$file" ]; then
killall -HUP rdisc || rdisc -fs
fi
return 0
done < <(ipv6_list_interfaces)
return 1
}
#
# Add an IP address to our interface.
#
ipv4()
{
declare dev ifaddr maskbits
declare addr=$2
while read dev ifaddr maskbits; do
if [ -z "$dev" ]; then
continue
fi
if [ "$1" = "add" ]; then
ipv4_same_subnet $ifaddr/$maskbits $addr
if [ $? -ne 0 ]; then
continue
fi
interface_up $dev
if [ $? -ne 0 ]; then
continue
fi
network_link_up $dev
if [ $? -ne 0 ]; then
continue
fi
if [ "${addr/\/*/}" = "${addr}" ]; then
addr="$addr/$maskbits"
fi
ocf_log info "Adding IPv4 address $addr to $dev"
fi
if [ "$1" = "del" ]; then
if [ "${addr/\/*/}" != "$ifaddr" ]; then
continue
fi
- addr=`/sbin/ip addr list | grep "$addr/" | head -n 1 | awk '{print $2}'`
+ addr=`/sbin/ip addr list | grep "$ifaddr/" | head -n 1 | awk '{print $2}'`
ocf_log info "Removing IPv4 address $addr from $dev"
fi
/sbin/ip -f inet addr $1 dev $dev $addr
[ $? -ne 0 ] && return 1
#
# The following is needed only with ifconfig; ifcfg does it for us
#
if [ "$1" = "add" ]; then
# do that freak arp thing
hwaddr=$(/sbin/ip -o link show $dev)
hwaddr=${hwaddr/*link\/ether\ /}
hwaddr=${hwaddr/\ \*/}
addr=${addr/\/*/}
ocf_log debug "Sending gratuitous ARP: $addr $hwaddr"
arping -q -c 2 -U -I $dev $addr
fi
file=$(which rdisc 2>/dev/null)
if [ -f "$file" ]; then
killall -HUP rdisc || rdisc -fs
fi
return 0
done < <(ipv4_list_interfaces)
return 1
}
#
# Usage:
# ping_check <family> <address> [interface]
#
ping_check()
{
declare ops="-c 1 -w 2"
declare pingcmd=""
if [ "$1" = "inet6" ]; then
pingcmd="ping6"
else
pingcmd="ping"
fi
if [ -n "$3" ]; then
ops="$ops -I $3"
fi
return $($pingcmd $ops $2 &> /dev/null)
}
#
# Usage:
# check_interface_up <family> <address>
#
check_interface_up()
{
declare dev
declare addr=${2/\/*/}
dev=$(/sbin/ip -f $1 -o addr | grep " $addr/" | awk '{print $2}')
if [ -z "$dev" ]; then
return 1
fi
interface_up $dev
return $?
}
#
# Usage:
# address_configured <family> <address>
#
address_configured()
{
declare line
declare addr
# Chop off maxk bits
addr=${2/\/*/}
line=$(/sbin/ip -f $1 -o addr | grep " $addr/")
if [ -z "$line" ]; then
return 1
fi
return 0
}
#
# Usage:
# ip_op <family> <operation> <address> [quiet]
#
ip_op()
{
declare dev
declare rtr
declare monitor_link
declare addr=${3/\/*/}
monitor_link="yes"
if [ "${OCF_RESKEY_monitor_link}" = "no" ] ||
[ "${OCF_RESKEY_monitor_link}" = "0" ]; then
monitor_link="no"
fi
if [ "$2" = "status" ]; then
ocf_log debug "Checking $3, Level $OCF_CHECK_LEVEL"
dev=$(/sbin/ip -f $1 -o addr | grep " $addr/" | awk '{print $2}')
if [ -z "$dev" ]; then
ocf_log warn "$3 is not configured"
return 1
fi
ocf_log debug "$3 present on $dev"
if [ "$monitor_link" = "yes" ]; then
if ! network_link_up $dev; then
ocf_log warn "No link on $dev..."
return 1
fi
ocf_log debug "Link detected on $dev"
fi
[ $OCF_CHECK_LEVEL -lt 10 ] && return 0
if ! ping_check $1 $addr $dev; then
ocf_log warn "Failed to ping $addr"
return 1
fi
ocf_log debug "Local ping to $addr succeeded"
return 0
fi
case $1 in
inet)
ipv4 $2 $3
return $?
;;
inet6)
ipv6 $2 $3
return $?
;;
esac
return 1
}
case ${OCF_RESKEY_family} in
inet)
;;
inet6)
;;
*)
if [ "${OCF_RESKEY_address//:/}" != "${OCF_RESKEY_address}" ]; then
export OCF_RESKEY_family=inet6
else
export OCF_RESKEY_family=inet
fi
;;
esac
if [ -z "$OCF_CHECK_LEVEL" ]; then
OCF_CHECK_LEVEL=0
fi
if [ -z "$OCF_RESKEY_monitor_link" ]; then
OCF_RESKEY_monitor_link="yes"
fi
case $1 in
start)
if address_configured ${OCF_RESKEY_family} ${OCF_RESKEY_address}; then
ocf_log debug "${OCF_RESKEY_address} already configured"
exit 0
fi
ip_op ${OCF_RESKEY_family} add ${OCF_RESKEY_address}
if [ $? -ne 0 ]; then
exit $OCF_ERR_GENERIC
fi
if [ $NFS_TRICKS -eq 0 ]; then
if [ "$OCF_RESKEY_nfslock" = "yes" ] || \
[ "$OCF_RESKEY_nfslock" = "1" ]; then
notify_list_broadcast /var/lib/nfs/statd
fi
fi
exit $?
;;
stop)
if address_configured ${OCF_RESKEY_family} ${OCF_RESKEY_address}; then
ip_op ${OCF_RESKEY_family} del ${OCF_RESKEY_address}
# Make sure it's down
if address_configured ${OCF_RESKEY_family} ${OCF_RESKEY_address}; then
ocf_log err "Failed to remove ${OCF_RESKEY_address}"
exit 1
fi
# XXX Let nfsd/lockd clear their queues; we hope to have a
# way to enforce this in the future
if [ -z "$OCF_RESKEY_sleeptime" ]; then
sleep 10
else
if [ "$OCF_RESKEY_sleeptime" -gt "0" ]; then
sleep $OCF_RESKEY_sleeptime
fi
fi
else
ocf_log debug "${OCF_RESKEY_address} is not configured"
fi
exit 0
;;
status|monitor)
ip_op ${OCF_RESKEY_family} status ${OCF_RESKEY_address}
[ $? -ne 0 ] && exit $OCF_NOT_RUNNING
check_interface_up ${OCF_RESKEY_family} ${OCF_RESKEY_address}
exit $?
;;
restart)
$0 stop || exit $OCF_ERR_GENERIC
$0 start || exit $OCF_ERR_GENERIC
exit 0
;;
meta-data)
meta_data
exit 0
;;
validate-all|verify_all)
verify_all
exit $?
;;
*)
echo "usage: $0 {start|stop|status|monitor|restart|meta-data|validate-all}"
exit $OCF_ERR_UNIMPLEMENTED
;;
esac
File Metadata
Details
Attached
Mime Type
text/x-diff
Expires
Sat, Nov 23, 11:05 AM (1 d, 17 h)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
1018609
Default Alt Text
(19 KB)
Attached To
Mode
rR Resource Agents
Attached
Detach File
Event Timeline
Log In to Comment