diff --git a/heartbeat/Squid.in b/heartbeat/Squid.in index 12e248936..e574ad045 100644 --- a/heartbeat/Squid.in +++ b/heartbeat/Squid.in @@ -1,472 +1,472 @@ #!@BASH_SHELL@ # # Description: Manages a Squid Server provided by NTT OSSC as an # OCF High-Availability resource under Heartbeat/LinuxHA control # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version 2 # of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA # 02110-1301, USA. # # Copyright (c) 2008 NIPPON TELEGRAPH AND TELEPHONE CORPORATION # ####################################################################### # OCF parameters: # OCF_RESKEY_squid_exe : Executable file # OCF_RESKEY_squid_conf : Configuration file # OCF_RESKEY_squid_opts : Start options # OCF_RESKEY_squid_pidfile: Process id file # OCF_RESKEY_squid_port : Port number # OCF_RESKEY_debug_mode : Debug mode # OCF_RESKEY_debug_log : Debug log file # OCF_RESKEY_squid_stop_timeout: # Number of seconds to await to confirm a # normal stop method # # OCF_RESKEY_squid_exe, OCF_RESKEY_squid_conf, OCF_RESKEY_squid_pidfile # and OCF_RESKEY_squid_port must be specified. Each of the rests # has its default value or refers OCF_RESKEY_squid_conf to make # its value when no explicit value is given. ############################################################################### : ${OCF_FUNCTIONS_DIR=${OCF_ROOT}/lib/heartbeat} . ${OCF_FUNCTIONS_DIR}/ocf-shellfuncs # Parameter defaults OCF_RESKEY_squid_exe_default="" OCF_RESKEY_squid_conf_default="" OCF_RESKEY_squid_opts_default="" OCF_RESKEY_squid_pidfile_default="" OCF_RESKEY_squid_port_default="" OCF_RESKEY_squid_stop_timeout_default="10" OCF_RESKEY_debug_mode_default="" OCF_RESKEY_debug_log_default="" : ${OCF_RESKEY_squid_exe=${OCF_RESKEY_squid_exe_default}} : ${OCF_RESKEY_squid_conf=${OCF_RESKEY_squid_conf_default}} : ${OCF_RESKEY_squid_pidfile=${OCF_RESKEY_squid_pidfile_default}} : ${OCF_RESKEY_squid_port=${OCF_RESKEY_squid_port_default}} : ${OCF_RESKEY_squid_stop_timeout=${OCF_RESKEY_squid_stop_timeout_default}} : ${OCF_RESKEY_debug_mode=${OCF_RESKEY_debug_mode_default}} : ${OCF_RESKEY_debug_log=${OCF_RESKEY_debug_log_default}} usage() { cat <<-! usage: $0 action action: start : start a new squid instance stop : stop the running squid instance status : return the status of squid, run or down monitor : return TRUE if the squid appears to be working. meta-data : show meta data message validate-all: validate the instance parameters ! return $OCF_ERR_ARGS } metadata_squid() { cat < 1.0 The resource agent of Squid. This manages a Squid instance as an HA resource. Manages a Squid proxy server instance This is a required parameter. This parameter specifies squid's executable file. Executable file This is a required parameter. This parameter specifies a configuration file for a squid instance managed by this RA. Configuration file This is a optional parameter. This parameter specifies the start options. Start options Deprecated - do not use anymore deprecated - do not use anymore This is a required parameter. This parameter specifies a port number for a squid instance managed by this RA. If multiple ports are used, you must specify only one of them. Port number On stop, a squid shutdown is invoked first. If the resource doesn't stop within this timeout, we resort to stopping processes by sending signals and finally KILLing them. how long to wait for squid shutdown to stop the instance before resorting to kill This is an optional parameter. This RA runs in debug mode when this parameter includes 'x' or 'v'. If 'x' is included, both of STDOUT and STDERR redirect to the logfile specified by "debug_log", and then the builtin shell option 'x' is turned on. It is similar about 'v'. Debug mode This is an optional parameter. This parameter specifies a destination file for debug logs and works only if this RA run in debug mode. Refer to "debug_mode" about debug mode. If no value is given but is required, it's constructed according to the following rules: "/var/log/" as a directory part, the basename of the configuration file given by "syslog_ng_conf" as a basename part, ".log" as a suffix. A destination of the debug log END return $OCF_SUCCESS } get_pids() { SQUID_PIDS=( ) # Seek by pattern SQUID_PIDS[0]=$(pgrep -f "$PROCESS_PATTERN") # Seek by child process if [[ -n "${SQUID_PIDS[0]}" ]]; then SQUID_PIDS[1]=$(pgrep -P ${SQUID_PIDS[0]}) fi if [[ -n "${SQUID_PIDS[1]}" ]]; then typeset exe exe=$(ls -l "/proc/${SQUID_PIDS[1]}/exe") if [[ $? = 0 ]]; then exe=${exe##*-> } if ! [[ "$exe" = $SQUID_EXE ]]; then SQUID_PIDS[1]="" fi else SQUID_PIDS[1]="" fi fi # Seek by port if have_binary netstat; then SQUID_PIDS[2]=$( netstat -apn | awk '/tcp.*:'$SQUID_PORT' .*LISTEN/ && $7~/^[1-9]/ { sub("\\/.*", "", $7); print $7; exit}') else SQUID_PIDS[2]=$( ss -apn | awk '/tcp.*LISTEN.*:'$SQUID_PORT'/ { sub(".*pid=", "", $7); sub(",fd=.*", "", $7); print $7 }') fi } are_all_pids_found() { if [[ -n "${SQUID_PIDS[0]}" ]] && [[ -n "${SQUID_PIDS[1]}" ]] && [[ -n "${SQUID_PIDS[2]}" ]] then return 0 else return 1 fi } are_pids_sane() { if [[ "${SQUID_PIDS[1]}" = "${SQUID_PIDS[2]}" ]]; then return $OCF_SUCCESS else ocf_exit_reason "$SQUID_NAME:Pid unmatch" return $OCF_ERR_GENERIC fi } is_squid_dead() { if [[ -z "${SQUID_PIDS[0]}" ]] && [[ -z "${SQUID_PIDS[2]}" ]] then return 0 else return 1 fi } monitor_squid() { typeset trialcount=0 while true; do get_pids if are_all_pids_found; then are_pids_sane return $OCF_SUCCESS fi if is_squid_dead; then return $OCF_NOT_RUNNING fi ocf_log info "$SQUID_NAME:Inconsistent processes:" \ "${SQUID_PIDS[0]},${SQUID_PIDS[1]},${SQUID_PIDS[2]}" (( trialcount = trialcount + 1 )) if (( trialcount > SQUID_CONFIRM_TRIALCOUNT )); then ocf_exit_reason "$SQUID_NAME:Inconsistency of processes remains unsolved" return $OCF_ERR_GENERIC fi sleep 1 done } start_squid() { typeset status monitor_squid status=$? if [[ $status != $OCF_NOT_RUNNING ]]; then return $status fi set -- "$SQUID_OPTS" ocf_run $SQUID_EXE -f "$SQUID_CONF" "$@" status=$? if [[ $status != $OCF_SUCCESS ]]; then return $OCF_ERR_GENERIC fi while true; do get_pids if are_all_pids_found && are_pids_sane; then return $OCF_SUCCESS fi ocf_log info "$SQUID_NAME:Waiting for squid to be invoked" sleep 1 done return $OCF_ERR_GENERIC } stop_squid() { typeset lapse_sec if ocf_run $SQUID_EXE -f $SQUID_CONF -k shutdown; then lapse_sec=0 while true; do get_pids if is_squid_dead; then return $OCF_SUCCESS fi (( lapse_sec = lapse_sec + 1 )) if (( lapse_sec > SQUID_STOP_TIMEOUT )); then break fi sleep 1 ocf_log info "$SQUID_NAME:$FUNCNAME:$LINENO: " \ "stop NORM $lapse_sec/$SQUID_STOP_TIMEOUT" done fi while true; do get_pids ocf_log info "$SQUID_NAME:$FUNCNAME:$LINENO: " \ "try to stop by SIGKILL:${SQUID_PIDS[0]} ${SQUID_PIDS[2]}" kill -KILL ${SQUID_PIDS[0]} ${SQUID_PIDS[2]} sleep 1 if is_squid_dead; then return $OCF_SUCCESS fi done return $OCF_ERR_GENERIC } status_squid() { return $OCF_SUCCESS } validate_all_squid() { ocf_log info "validate_all_squid[$SQUID_NAME]" return $OCF_SUCCESS } -: === Debug ${0##*/} $1 === +: "=== Debug ${0##*/} $1 ===" if [[ "$1" = "meta-data" ]]; then metadata_squid exit $? fi SQUID_CONF="${OCF_RESKEY_squid_conf}" if [[ -z "$SQUID_CONF" ]]; then ocf_exit_reason "SQUID_CONF is not defined" exit $OCF_ERR_CONFIGURED fi SQUID_NAME="${SQUID_CONF##*/}" SQUID_NAME="${SQUID_NAME%.*}" DEBUG_LOG="${OCF_RESKEY_debug_log-/var/log/squid_${SQUID_NAME}_debug}.log" DEBUG_MODE="" case $OCF_RESKEY_debug_mode in *x*) DEBUG_MODE="${DEBUG_MODE}x";; esac case $OCF_RESKEY_debug_mode in *v*) DEBUG_MODE="${DEBUG_MODE}v";; esac if [ -n "$DEBUG_MODE" ]; then PS4='\d \t \h '"${1-unknown} " export PS4 exec 1>>$DEBUG_LOG 2>&1 set -$DEBUG_MODE fi SQUID_EXE="${OCF_RESKEY_squid_exe}" if [[ -z "$SQUID_EXE" ]]; then ocf_exit_reason "SQUID_EXE is not defined" exit $OCF_ERR_CONFIGURED fi if [[ ! -x "$SQUID_EXE" ]]; then ocf_exit_reason "$SQUID_EXE is not found" exit $OCF_ERR_CONFIGURED fi SQUID_PORT="${OCF_RESKEY_squid_port}" if [[ -z "$SQUID_PORT" ]]; then ocf_exit_reason "SQUID_PORT is not defined" exit $OCF_ERR_CONFIGURED fi SQUID_OPTS="${OCF_RESKEY_squid_opts}" SQUID_PIDS=( ) SQUID_CONFIRM_TRIALCOUNT="${OCF_RESKEY_squid_confirm_trialcount-3}" SQUID_STOP_TIMEOUT="${OCF_RESKEY_squid_stop_timeout-10}" SQUID_SUSPEND_TRIALCOUNT="${OCF_RESKEY_squid_suspend_trialcount-10}" PROCESS_PATTERN="$SQUID_EXE -f $SQUID_CONF" COMMAND=$1 case "$COMMAND" in start) ocf_log debug "[$SQUID_NAME] Enter squid start" start_squid func_status=$? ocf_log debug "[$SQUID_NAME] Leave squid start $func_status" exit $func_status ;; stop) ocf_log debug "[$SQUID_NAME] Enter squid stop" stop_squid func_status=$? ocf_log debug "[$SQUID_NAME] Leave squid stop $func_status" exit $func_status ;; status) status_squid exit $? ;; monitor) #ocf_log debug "[$SQUID_NAME] Enter squid monitor" monitor_squid func_status=$? #ocf_log debug "[$SQUID_NAME] Leave squid monitor $func_status" exit $func_status ;; validate-all) validate_all_squid exit $? ;; *) usage ;; esac # vim: set sw=4 ts=4 : diff --git a/heartbeat/gcp-ilb b/heartbeat/gcp-ilb index 28484b241..48dc3ac4e 100755 --- a/heartbeat/gcp-ilb +++ b/heartbeat/gcp-ilb @@ -1,343 +1,343 @@ #!/bin/sh # --------------------------------------------------------------------- # # Copyright 2021 Google Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # Authors: Fatima Silveira, Lucia Subatin # --------------------------------------------------------------------- # Description: Wrapper to respond to probe requests from health # check agents in Google Cloud Platform. Nothing is specific to Google # Cloud. # --------------------------------------------------------------------- # Initialization: : ${OCF_FUNCTIONS_DIR=${OCF_ROOT}/lib/heartbeat} . ${OCF_FUNCTIONS_DIR}/ocf-shellfuncs # Defaults OCF_RESKEY_cat_default="socat" OCF_RESKEY_port_default="60000" OCF_RESKEY_log_enable_default="false" OCF_RESKEY_log_cmd_default="gcloud" OCF_RESKEY_log_params_default="logging write GCPILB" OCF_RESKEY_log_end_params_default="" if type "socat" > /dev/null 2>&1; then OCF_RESKEY_cat_default="socat" else OCF_RESKEY_cat_default="nc" fi; : ${OCF_RESKEY_cat=${OCF_RESKEY_cat_default}} : ${OCF_RESKEY_port=${OCF_RESKEY_port_default}} : ${OCF_RESKEY_log_enable=${OCF_RESKEY_log_enable_default}} : ${OCF_RESKEY_log_cmd=${OCF_RESKEY_log_cmd_default}} : ${OCF_RESKEY_log_params=${OCF_RESKEY_log_params_default}} : ${OCF_RESKEY_log_end_params=${OCF_RESKEY_log_end_params_default}} process="$OCF_RESOURCE_INSTANCE" pidfile="/var/run/$OCF_RESOURCE_INSTANCE.pid" #Validate command for logging -if $OCF_RESKEY_log_enable = "true"; then +if [ $OCF_RESKEY_log_enable = "true" ]; then if type $OCF_RESKEY_log_cmd > /dev/null 2>&1; then logging_cmd="$OCF_RESKEY_log_cmd $OCF_RESKEY_log_params" ocf_log debug "Logging command is: \'$logging_cmd\' " else - $OCF_RESKEY_log_enable = "false" + OCF_RESKEY_log_enable="false" ocf_log err "\'$logging_cmd\' is invalid. External logging disabled." fi; fi ####################################################################### ilb_metadata() { cat < 1.0 Resource Agent that wraps /usr/bin/nc or /usr/bin/socat to reply to health checks in Google Cloud. See https://cloud.google.com/load-balancing/docs/health-checks for more information. Replies to health checks from Google Cloud Listening port for health-check probes. Default: ${OCF_RESKEY_port_default} Listening port (def ${OCF_RESKEY_port_default}) Location of netcat (default: /usr/bin/nc ) or socat (default: /usr/bin/socat ). If present, is used /usr/bin/socat. The recommended binary is socat, present in the following minimum versions if the package resource-agents: - SLES 12 SP4/SP5: resource-agents-4.3.018.a7fb5035-3.30.1. - SLES 15/15 SP1: resource-agents-4.3.0184.6ee15eb2-4.13.1. Path to nc / socat Logging with an external application is enabled (accepts "true" or "false"). The defaults are configured to call "gcloud logging" (see: https://cloud.google.com/sdk/gcloud/reference/logging). Log enabled External logging command. The defaults are configured to call "gcloud logging" (see: https://cloud.google.com/sdk/gcloud/reference/logging). This parameter should only have the binary that can be validated (e.g., gcloud). The rest of the command is formed with the additional parameters and the message being logged as follows: - log_cmd + log_params + "The message being logged" + log_end_params Using the gcloud command for Stackdriver logging, the parameters would be: - log_cmd = gcloud - log_params = logging write GCPILB - "This is a message being sent by the app" - log_end_params = (nothing in this case, this is reserved for use with other tools) Which would result in this valid command (where GCPILB is the name of the log): gcloud logging write GCPILB "This is a message being sent by the app" NOTE: Only the binary is validated for existence and no further checks are performed. The assumption is that only administrators with root access can configure this tool. External log command Additional input for the logging application. See explanation for log_cmd Additional input 1 Additional input for the logging application. Placed after the message being logged. Additional input 1 END exit 0 } ####################################################################### log() { lvl=$1 msg=$2 ocf_log $lvl "$0 - $process - $pid: $msg" if ocf_is_true "${OCF_RESKEY_log_enable}" ; then ( ${OCF_RESKEY_log_cmd} ${OCF_RESKEY_log_params} "L $lvl: $msg" ${OCF_RESKEY_log_end_params} ) fi } getpid() { if ! [ -f "$pidfile" ] ; then return fi cat $pidfile } ilb_usage() { cat < $pidfile return $OCF_SUCCESS else log err "\'$cmd\' could not be started" return $OCF_ERR_GENERIC fi } ilb_stop() { if ! ilb_monitor; then rm -f $pidfile return $OCF_SUCCESS fi if [ -n "$OCF_RESKEY_CRM_meta_timeout" ]; then # Allow 2/3 of the action timeout for the orderly shutdown # (The origin unit is ms, hence the conversion) stop_timeout=$((OCF_RESKEY_CRM_meta_timeout/1500)) else stop_timeout=10 fi pid=`getpid` kill $pid i=0 while [ $i -lt $stop_timeout ]; do if ! ilb_monitor; then rm -f $pidfile return $OCF_SUCCESS fi sleep 1 i=$((i+1)) done log warn "Stop with SIGTERM failed/timed out, now sending SIGKILL." i=0 while [ $i -lt $stop_timeout ]; do kill -s 9 $pid if ! ilb_monitor; then log warn "SIGKILL did the job." rm -f $pidfile return $OCF_SUCCESS fi log info "The job still hasn't stopped yet. Re-trying SIGKILL..." sleep 2 i=$((i+2)) done log err "The cat has more than 9 lives and could not be terminated." return $OCF_ERR_GENERIC } ilb_validate() { check_binary "$OCF_RESKEY_cat" check_binary "$OCF_RESKEY_log_cmd" if ! ocf_is_decimal "$OCF_RESKEY_port"; then ocf_exit_reason "$OCF_RESKEY_port is not a valid port" exit $OCF_ERR_CONFIGURED fi return $OCF_SUCCESS } ############################################################################### # # MAIN # ############################################################################### case $__OCF_ACTION in meta-data) ilb_metadata exit $OCF_SUCCESS ;; usage|help) ilb_usage exit $OCF_SUCCESS ;; esac if ! ocf_is_root; then log err "You must be root for $__OCF_ACTION operation." exit $OCF_ERR_PERM fi case $__OCF_ACTION in start) ilb_validate ilb_start ;; stop) ilb_stop ;; monitor) ilb_monitor ;; validate-all) ilb_validate ;; *) ilb_usage exit $OCF_ERR_UNIMPLEMENTED ;; esac rc=$? log debug "${OCF_RESOURCE_INSTANCE} $__OCF_ACTION returned $rc" exit $rc