diff --git a/heartbeat/apache b/heartbeat/apache index d9adc62d5..6e22c9410 100755 --- a/heartbeat/apache +++ b/heartbeat/apache @@ -1,599 +1,608 @@ #!/bin/sh # # High-Availability Apache/IBMhttp control script # # apache (aka IBMhttpd) # # Description: starts/stops apache web servers. # # Author: Alan Robertson # Sun Jiang Dong # # Support: linux-ha@lists.linux-ha.org # # License: GNU General Public License (GPL) # # Copyright: (C) 2002-2005 International Business Machines # # # An example usage in /etc/ha.d/haresources: # node1 10.0.0.170 apache::/opt/IBMHTTPServer/conf/httpd.conf # node1 10.0.0.170 IBMhttpd # # Our parsing of the Apache config files is very rudimentary. # It'll work with lots of different configurations - but not every # possible configuration. # # Patches are being accepted ;-) # # OCF parameters: # OCF_RESKEY_configfile # OCF_RESKEY_httpd # OCF_RESKEY_port # OCF_RESKEY_statusurl # OCF_RESKEY_options # OCF_RESKEY_testregex # OCF_RESKEY_client # OCF_RESKEY_testurl # OCF_RESKEY_testregex10 # OCF_RESKEY_testconffile # OCF_RESKEY_testname # OCF_RESKEY_envfiles : ${OCF_FUNCTIONS_DIR=${OCF_ROOT}/lib/heartbeat} . ${OCF_FUNCTIONS_DIR}/ocf-shellfuncs . ${OCF_FUNCTIONS_DIR}/apache-conf.sh . ${OCF_FUNCTIONS_DIR}/http-mon.sh HA_VARRUNDIR=${HA_VARRUN} ####################################################################### # # Configuration options - usually you don't need to change these # ####################################################################### # IBMHTTPD=/opt/IBMHTTPServer/bin/httpd HTTPDLIST="/sbin/httpd2 /usr/sbin/httpd2 /usr/sbin/apache2 /sbin/httpd /usr/sbin/httpd /usr/sbin/apache $IBMHTTPD" MPM=/usr/share/apache2/find_mpm if [ -x $MPM ] then HTTPDLIST="$HTTPDLIST `$MPM 2>/dev/null`" fi LOCALHOST="http://localhost" HTTPDOPTS="-DSTATUS" DEFAULT_IBMCONFIG=/opt/IBMHTTPServer/conf/httpd.conf DEFAULT_NORMCONFIG="/etc/apache2/httpd.conf" # # You can also set # HTTPD # PORT # STATUSURL # CONFIGFILE # in this section if what we're doing doesn't work for you... # # End of Configuration options ####################################################################### CMD=`basename $0` # The config-file-pathname is the pathname to the configuration # file for this web server. Various appropriate defaults are # assumed if no config file is specified. If this command is # invoked as *IBM*, then the default config file name is # $DEFAULT_IBMCONFIG, otherwise the default config file # will be $DEFAULT_NORMCONFIG. usage() { cat <<-! usage: $0 action action: start start the web server stop stop the web server status return the status of web server, run or down monitor return TRUE if the web server appears to be working. For this to be supported you must configure mod_status and give it a server-status URL. You have to have installed either curl or wget for this to work. meta-data show meta data message validate-all validate the instance parameters ! exit $1 } # # return TRUE if a process with given PID is running # ProcessRunning() { ApachePID=$1 # Use /proc if it looks like it's here... if [ -d /proc -a -d /proc/1 ] then [ -d /proc/$ApachePID ] else # This assumes we're running as root... kill -s 0 "$ApachePID" >/dev/null 2>&1 fi } silent_status() { if [ -f $PidFile ] then ProcessRunning `cat $PidFile` else : No pid file false fi } # May be useful to add other distros in future validate_default_config() { if [ -e /etc/SuSE-release ]; then validate_default_suse_config else return 0 fi } # When using the default /etc/apache2/httpd.conf on SUSE, the file # /etc/apache2/sysconfig.d/include.conf is required to be present, # but this is only generated if you run the apache init script # (with contents derived from /etc/sysconfig/apache2). So, here, # if we're using the default system config file and it requires # that include, we run "/etc/init.d/apache2 configtest" to ensure # the relevant config is generated and valid. We're also taking # this opportunity to enable mod_status if it's not present. validate_default_suse_config() { if [ "$CONFIGFILE" = "$DEFAULT_NORMCONFIG" ] && \ grep -Eq '^Include\s+/etc/apache2/sysconfig.d/include.conf' "$CONFIGFILE" then [ -x "/usr/sbin/a2enmod" ] && ocf_run -q /usr/sbin/a2enmod status ocf_run -q /etc/init.d/apache2 configtest return else return 0 fi } start_apache() { if silent_status then ocf_log info "$CMD already running (pid $ApachePID)" return $OCF_SUCCESS fi validate_default_config || return $OCF_ERR_CONFIGURED ocf_run $HTTPD $HTTPDOPTS $OPTIONS -f $CONFIGFILE tries=0 while : # wait until the user set timeout do monitor_apache ec=$? if [ $ec -eq $OCF_NOT_RUNNING ] then tries=`expr $tries + 1` ocf_log info "waiting for apache $CONFIGFILE to come up" sleep 1 else break fi done if [ $ec -ne 0 ] && silent_status; then stop_apache fi return $ec } stop_apache() { if silent_status then if kill $ApachePID then tries=0 while ProcessRunning $ApachePID && [ $tries -lt 10 ] do sleep 1 kill $ApachePID >/dev/null ocf_log info "Killing apache PID $ApachePID" tries=`expr $tries + 1` done else ocf_log warn "Killing apache PID $ApachePID FAILED." fi if ProcessRunning $ApachePID then ocf_log info "$CMD still running ($ApachePID)." false else ocf_log info "$CMD stopped." fi else ocf_log info "$CMD is not running." fi for sig in SIGTERM SIGHUP SIGKILL ; do if pgrep -f $HTTPD.*$CONFIGFILE >/dev/null ; then pkill -$sig -f $HTTPD.*$CONFIGFILE >/dev/null ocf_log info "apache children were signalled ($sig)" sleep 1 else break fi done } status_apache() { silent_status rc=$? if [ $rc -eq 0 ] then ocf_log info "$CMD is running (pid $ApachePID)." return $OCF_SUCCESS else ocf_log info "$CMD is stopped." return $OCF_NOT_RUNNING fi } monitor_apache_extended() { if [ "$TESTCONFFILE" ]; then readtestconf < $TESTCONFFILE else test_url="$TESTURL" test_regex="$TESTREGEX10" fi whattorun=`gethttpclient` fixtesturl is_testconf_sane || return $OCF_ERR_CONFIGURED $whattorun "$test_url" | grep -Ei "$test_regex" > /dev/null } monitor_apache_basic() { if [ -z "$STATUSURL" ]; then ocf_log err "statusurl parameter empty" return $OCF_ERR_CONFIGURED elif [ -z "$ourhttpclient" ]; then ocf_log err "could not find a http client; make sure that either wget or curl is available" return $OCF_ERR_CONFIGURED fi ${ourhttpclient}_func "$STATUSURL" | grep -Ei "$TESTREGEX" > /dev/null } monitor_apache() { silent_status if [ $? -ne 0 ]; then ocf_log info "$CMD not running" return $OCF_NOT_RUNNING fi ourhttpclient=`findhttpclient` # we'll need one monitor_apache_basic rc=$? [ $rc -ne 0 ] && return $rc case "$OCF_CHECK_LEVEL" in ""|0) true;; 10) monitor_apache_extended;; *) ocf_log err "bad OCF_CHECK_LEVEL: $OCF_CHECK_LEVEL" return $OCF_ERR_CONFIGURED ;; esac } metadata_apache(){ cat < 1.0 This is the resource agent for the Apache web server. This resource agent operates both version 1.x and version 2.x Apache servers. The start operation ends with a loop in which monitor is repeatedly called to make sure that the server started and that it is operational. Hence, if the monitor operation does not succeed within the start operation timeout, the apache resource will end with an error status. The monitor operation by default loads the server status page which depends on the mod_status module and the corresponding configuration file (usually /etc/apache2/mod_status.conf). Make sure that the server status page works and that the access is allowed *only* from localhost (address 127.0.0.1). See the statusurl and testregex attributes for more details. See also http://httpd.apache.org/ Manages an Apache web server instance The full pathname of the Apache configuration file. This file is parsed to provide defaults for various other resource agent parameters. configuration file path The full pathname of the httpd binary (optional). httpd binary path A port number that we can probe for status information using the statusurl. This will default to the port number found in the configuration file, or 80, if none can be found in the configuration file. httpd port The URL to monitor (the apache server status page by default). If left unspecified, it will be inferred from the apache configuration file. If you set this, make sure that it succeeds *only* from the localhost (127.0.0.1). Otherwise, it may happen that the cluster complains about the resource being active on multiple nodes. url name Regular expression to match in the output of statusurl. Case insensitive. monitor regular expression Client to use to query to Apache. If not specified, the RA will try to find one on the system. Currently, wget and curl are supported. For example, you can set this parameter to "curl" if you prefer that to wget. http client URL to test. If it does not start with "http", then it's considered to be relative to the Listen address. test url Regular expression to match in the output of testurl. Case insensitive. extended monitor regular expression A file which contains test configuration. Could be useful if you have to check more than one web application or in case sensitive info should be passed as arguments (passwords). Furthermore, using a config file is the only way to specify certain parameters. Please see README.webapps for examples and file description. test configuration file Name of the test within the test configuration file. test name Extra options to apply when starting apache. See man httpd(8). command line options Files (one or more) which contain extra environment variables. If you want to prevent script from reading the default file, set this parameter to empty string. environment settings files + + +We will try to detect if the URL (for monitor) is IPv6, but if +that doesn't work set this to true to enforce IPv6. + +use ipv6 with http clients + + + END exit $OCF_SUCCESS } validate_all_apache() { if CheckPort $PORT; then # We are sure to succeed here, since we forced $PORT to be valid in GetParams() : OK else ocf_log err "Port number $PORT is invalid!" exit $OCF_ERR_ARGS fi if [ -z $STATUSURL ]; then : OK to be empty else case $STATUSURL in http://*/*) ;; *) ocf_log err "Invalid STATUSURL $STATUSURL" exit $OCF_ERR_ARGS ;; esac fi if [ ! -x $HTTPD ]; then ocf_log err "HTTPD $HTTPD not found or is not an executable!" exit $OCF_ERR_ARGS fi if [ ! -f $CONFIGFILE ]; then # We are sure to succeed here, since we have parsed $CONFIGFILE before getting here ocf_log err "Configuration file $CONFIGFILE not found!" exit $OCF_ERR_CONFIGURED fi return $OCF_SUCCESS } if [ $# -eq 1 ] then COMMAND=$1 HTTPD="$OCF_RESKEY_httpd" PORT="$OCF_RESKEY_port" STATUSURL="$OCF_RESKEY_statusurl" CONFIGFILE="$OCF_RESKEY_configfile" OPTIONS="$OCF_RESKEY_options" CLIENT=${OCF_RESKEY_client} TESTREGEX=${OCF_RESKEY_testregex:-'[[:space:]]*'} TESTURL="$OCF_RESKEY_testurl" TESTREGEX10=${OCF_RESKEY_testregex10} TESTCONFFILE="$OCF_RESKEY_testconffile" TESTNAME="$OCF_RESKEY_testname" : ${OCF_RESKEY_envfiles="/etc/apache2/envvars"} source_envfiles $OCF_RESKEY_envfiles else usage $OCF_ERR_ARGS fi LSB_STATUS_STOPPED=3 if [ "X$HTTPD" = X -o ! -f "$HTTPD" -o ! -x "$HTTPD" ] then case $0 in *IBM*) HTTPD=$IBMHTTPD DefaultConfig=$DEFAULT_IBMCONFIG;; *) HTTPD= for h in $HTTPDLIST do if [ -f $h -a -x $h ] then HTTPD=$h break fi done # It is possible that we still do not have a valid httpd at this stage if [ -z "$HTTPD" ] then case $COMMAND in stop) exit $OCF_SUCCESS;; monitor) exit $OCF_NOT_RUNNING;; status) exit $LSB_STATUS_STOPPED;; meta-data) metadata_apache;; esac ocf_log err "No valid httpd found! Please revise your item" exit $OCF_ERR_INSTALLED fi # Let the user know that the $HTTPD used is not the one (s)he specified via $OCF_RESKEY_httpd if [ "X$OCF_RESKEY_httpd" != X ] then ocf_log info "Using $HTTPD as HTTPD" fi DefaultConfig=$DEFAULT_NORMCONFIG;; esac fi httpd_basename=`basename $HTTPD` case $httpd_basename in *-*) httpd_basename=`echo "$httpd_basename" | sed -e 's%\-.*%%'`;; esac case "$CONFIGFILE" in "") CONFIGFILE=$DefaultConfig;; *) ;; esac if [ ! -f "$CONFIGFILE" ] then case $COMMAND in stop) ocf_log warn "$CONFIGFILE not found - apache considered stopped" exit $OCF_SUCCESS;; monitor) exit $OCF_NOT_RUNNING;; status) exit $LSB_STATUS_STOPPED;; esac fi if [ "X$COMMAND" = Xmeta-data ] || GetParams $CONFIGFILE then : OK else ocf_log err "Cannot parse config file [$CONFIGFILE]" exit $OCF_ERR_CONFIGURED fi case $COMMAND in start) start_apache;; stop) stop_apache;; status) status_apache;; monitor) monitor_apache;; meta-data) metadata_apache;; validate-all) validate_all_apache;; *) usage $OCF_ERR_UNIMPLEMENTED;; esac diff --git a/heartbeat/http-mon.sh b/heartbeat/http-mon.sh index 586051c91..c6576fb0c 100644 --- a/heartbeat/http-mon.sh +++ b/heartbeat/http-mon.sh @@ -1,113 +1,119 @@ # # General http monitor code # (sourced by apache and httpmon) # # Author: Alan Robertson # Sun Jiang Dong # # Support: linux-ha@lists.linux-ha.org # # License: GNU General Public License (GPL) # # Copyright: (C) 2002-2005 International Business Machines # # default options for http clients # NB: We _always_ test a local resource, so it should be # safe to connect from the local interface. -WGETOPTS="-O- -q -L --no-proxy --bind-address=127.0.0.1" -CURLOPTS="-o - -Ss -L --interface lo" +bind_address="127.0.0.1" +curl_ipv6_opts="" +if ocf_is_true "$OCF_RESKEY_use_ipv6" || echo "$STATUSURL" | grep -qs "::"; then + bind_address="::1" + curl_ipv6_opts="-g" +fi +WGETOPTS="-O- -q -L --no-proxy --bind-address=$bind_address" +CURLOPTS="-o - -Ss -L --interface lo $curl_ipv6_opts" # # run the http client # curl_func() { cl_opts="$CURLOPTS $test_httpclient_opts" if [ x != "x$test_user" ]; then echo "-u $test_user:$test_password" | curl -K - $cl_opts "$1" else curl $cl_opts "$1" fi } wget_func() { auth="" cl_opts="$WGETOPTS $test_httpclient_opts" [ x != "x$test_user" ] && auth="--http-user=$test_user --http-passwd=$test_password" wget $auth $cl_opts "$1" } # # rely on whatever the user provided userdefined() { $test_httpclient $test_httpclient_opts "$1" } # # find a good http client # findhttpclient() { # prefer wget (for historical reasons) if [ "x$CLIENT" != x ]; then echo "$CLIENT" elif which wget >/dev/null 2>&1; then echo "wget" elif which curl >/dev/null 2>&1; then echo "curl" else return 1 fi } gethttpclient() { [ -z "$test_httpclient" ] && test_httpclient=$ourhttpclient case "$test_httpclient" in curl|wget) echo ${test_httpclient}_func;; #these are supported *) echo userdefined;; esac } # test configuration good? is_testconf_sane() { if [ "x$test_regex" = x -o "x$test_url" = x ]; then ocf_log err "test regular expression or test url empty" return 1 fi if [ "x$test_user$test_password" != x -a \( "x$test_user" = x -o "x$test_password" = x \) ]; then ocf_log err "bad user authentication for extended test" return 1 fi return 0 } # # read the test definition from the config # readtestconf() { test_name="$1" # we look for this one or the first one if empty lcnt=0 readdef="" test_url="" test_regex="" test_user="" test_password="" test_httpclient="" test_httpclient_opts="" while read key value; do lcnt=$((lcnt+1)) if [ "$readdef" ]; then case "$key" in "url") test_url="$value" ;; "user") test_user="$value" ;; "password") test_password="$value" ;; "client") test_httpclient="$value" ;; "client_opts") test_httpclient_opts="$value" ;; "match") test_regex="$value" ;; "end") break ;; "#"*|"") ;; *) ocf_log err "$lcnt: $key: unknown keyword"; return 1 ;; esac else [ "$key" = "test" ] && [ -z "$test_name" -o "$test_name" = "$value" ] && readdef=1 fi done }