The branch, master has been updated via c8a5ab9 WHATSNEW: CTDB_NATGW_SLAVE_ONLY is no longer used via df6cca2 ctdb-tools: Drop support for setting and viewing NAT gateway capability via 3b64c27 ctdb-scripts: No longer set the NAT gateway capability via 411ccb9 ctdb/tools: Update ctdb CLI tool to call ctdb_natgw via e515968 ctdb-tests: Drop some unnecessary NAT gateway tests via bae9fea ctdb: Call out to ctdb_natgw helper from 11.natgw via f1265f0 ctdb-tests: NAT gateway slave-only changes via 7095c9b ctdb-scripts: New function ctdb_natgw_slave_only() via 3a2eebf ctdb-tests: Test ctdb CLI tool via a stub via 1538fc4 ctdb-tools: Add standalone ctdb_natgw tool script via d71f747 ctdb-scripts: Tests for monitoring of CTDB_NATGW_PUBLIC_IFACE via 638117c ctdb-scripts: Move monitoring of CTDB_NATGW_PUBLIC_IFACE to 11.natgw via df5845c ctdb-scripts: CTDB_PARTIALLY_ONLINE_INTERFACES incompatible with NAT gateway via 06901f4 ctdb-scripts: Rename variable: fail -> down_interfaces_found via d0f2143 ctdb-scripts: Drop functions mark_up() and mark_down() via 85316c0 ctdb-scripts: Move interface monitoring code to functions file via fe64e76 ctdb-scripts: Rename get_real_iface() -> interface_get_real() via 6f212aa ctdb-scripts: Refactor function interface_monitor() to monitor one interface from cd86f20 s4:torture: add SMB2 test for directory creation initial allocation size
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit c8a5ab9ed2cdde3958000d00e634955e437afa05 Author: Martin Schwenke <mar...@meltin.net> Date: Mon Jan 25 12:52:43 2016 +1100 WHATSNEW: CTDB_NATGW_SLAVE_ONLY is no longer used Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> Autobuild-User(master): Amitay Isaacs <ami...@samba.org> Autobuild-Date(master): Mon Jan 25 10:23:49 CET 2016 on sn-devel-144 commit df6cca2bc03df2208a76126fa98b1c4d2306b67f Author: Martin Schwenke <mar...@meltin.net> Date: Tue Jan 5 15:58:29 2016 +1100 ctdb-tools: Drop support for setting and viewing NAT gateway capability This is no longer used. Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> commit 3b64c27ca6def4f0ec7f6c5b543977f9a48647f9 Author: Martin Schwenke <mar...@meltin.net> Date: Tue Jan 5 15:53:50 2016 +1100 ctdb-scripts: No longer set the NAT gateway capability Nothing checks it anymore. This means that the NAT gateway capability in the daemon is now unused. Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> commit 411ccb98c3e1c3d6bd26e74874c03acb0d470454 Author: Martin Schwenke <mar...@meltin.net> Date: Thu Jan 21 12:53:43 2016 +1100 ctdb/tools: Update ctdb CLI tool to call ctdb_natgw The "natgwlist" command is no longer marked "auto all" and is also marked "without daemon". That latter is not strictly true because ctdb_natgw needs the daemon so a subsequent invocation of "ctdb nodestatus" will work. However, "without daemon" is used here because the top-level "ctdb natgwlist" does not need to open a connection to the daemon. It just needs to invoke ctdb_natgw. Update tests to suit. It would make sense to make "ctdb natgw" generally call out to ctdb_natgw, passing all argument. However, that can be done later. Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> commit e515968a51b9a8c1bb8ad59fb010a8736e2c6bd0 Author: Martin Schwenke <mar...@meltin.net> Date: Thu Jan 21 19:35:46 2016 +1100 ctdb-tests: Drop some unnecessary NAT gateway tests These tests deal only with timeouts that can occur retrieving capabilities. The NAT gateway capability is going away so drop the tests now to simplify future commits. Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> commit bae9feacf2c3a1117f7b9001b95398142479e1c7 Author: Martin Schwenke <mar...@meltin.net> Date: Mon Dec 14 21:37:44 2015 +1100 ctdb: Call out to ctdb_natgw helper from 11.natgw To keep this commit comprehensible, 11.natgw and the CTDB CLI tool are temporarily inconsistent. The tool will be made consistent in a subsequent commit. ctdb_natgw_slave_only() is reimplemented to check for the option in the appropriate line in $CTDB_NATGW_NODES. Update unit tests and documentation. Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> commit f1265f0ebec6a41eff38d4c3b3e5211015748c9c Author: Martin Schwenke <mar...@meltin.net> Date: Fri Jan 22 11:04:22 2016 +1100 ctdb-tests: NAT gateway slave-only changes Handle the "slave-only" option in the unit test setup. Reindent function while touching it. Also drop a test that no longer makes sense. Specifying both "master" and "slave-only' is now much more obvious, since they need to be on the same line, and is now punishable by undefined behaviour. Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> commit 7095c9bcd061cdc8ac4728c137a974b815773e3d Author: Martin Schwenke <mar...@meltin.net> Date: Tue Jan 5 13:09:05 2016 +1100 ctdb-scripts: New function ctdb_natgw_slave_only() This allows future changes to be more self-contained. Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> commit 3a2eebfe19e9c90271d68b17f588192c4d2f3d91 Author: Martin Schwenke <mar...@meltin.net> Date: Mon Dec 14 21:08:03 2015 +1100 ctdb-tests: Test ctdb CLI tool via a stub Some features, such NAT gateway and LVS support, can be implemented without daemon and (internal) ctdb CLI tool support. These are non-core features that don't need incredible performance and they don't need to be in the core code. They can easily be reimplemented in scripts, along with some configuration changes. For continuity, the ctdb CLI tool code will call out to helper scripts so that the current status information can still be provided. Those helper scripts may then reinvoke the ctdb CLI tool to gather information. So, redo the tool testing using a "ctdb" stub command. This will swallow standard input and feed it to the test program each time the "ctdb" stub is called. Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> commit 1538fc458568c9d5b29125256957f8d6de580d4c Author: Martin Schwenke <mar...@meltin.net> Date: Mon Dec 14 11:34:41 2015 +1100 ctdb-tools: Add standalone ctdb_natgw tool script This is intended to replace the use of "ctdb natgwlist" in 11.natgw and provide different views of the NAT gateway status. It replaces the use of CTDB_NATGW_SLAVE_ONLY=yes with a "slave-only" keyword in the NAT gateway nodes file. This means the nodes file must be consistent on all nodes in a NAT gateway group. Note that this script is not yet integrated, so there are no behaviour or documentation changes. Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> commit d71f747f5c1c7e937fa76e77167cc87fddd37403 Author: Martin Schwenke <mar...@meltin.net> Date: Fri Dec 18 16:23:04 2015 +1100 ctdb-scripts: Tests for monitoring of CTDB_NATGW_PUBLIC_IFACE Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> commit 638117c01a7883f9a15735fd6cb573a5d8f1aa12 Author: Martin Schwenke <mar...@meltin.net> Date: Fri Dec 18 16:22:14 2015 +1100 ctdb-scripts: Move monitoring of CTDB_NATGW_PUBLIC_IFACE to 11.natgw The NAT gateway code should be self-contained. Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> commit df5845c641b7b883ecc73147ff913f90af3743f5 Author: Martin Schwenke <mar...@meltin.net> Date: Wed Jan 20 19:14:15 2016 +1100 ctdb-scripts: CTDB_PARTIALLY_ONLINE_INTERFACES incompatible with NAT gateway This has always been the case. Now it is documented and enforced. Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> commit 06901f4aeb877a261d45e44fc58dcb2b830dd2cb Author: Martin Schwenke <mar...@meltin.net> Date: Fri Jan 15 21:22:16 2016 +1100 ctdb-scripts: Rename variable: fail -> down_interfaces_found Now its name describes its usage and the code reads better. Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> commit d0f2143fe86da5f3de15b374a26bdfba5935f838 Author: Martin Schwenke <mar...@meltin.net> Date: Fri Jan 15 21:20:26 2016 +1100 ctdb-scripts: Drop functions mark_up() and mark_down() Each is now used in only one place and the logic is more obvious without them. Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> commit 85316c04154466b18f266de90362eb08cbec64ee Author: Martin Schwenke <mar...@meltin.net> Date: Fri Dec 18 15:43:33 2015 +1100 ctdb-scripts: Move interface monitoring code to functions file Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> commit fe64e76aa01eca5c206efa421abc2274240ddcd8 Author: Martin Schwenke <mar...@meltin.net> Date: Fri Dec 18 15:37:31 2015 +1100 ctdb-scripts: Rename get_real_iface() -> interface_get_real() Now suitably named for move to functions file. Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> commit 6f212aacf8d9798c7f923df277e9a40f379fea7a Author: Martin Schwenke <mar...@meltin.net> Date: Fri Dec 18 15:30:18 2015 +1100 ctdb-scripts: Refactor function interface_monitor() to monitor one interface Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> ----------------------------------------------------------------------- Summary of changes: WHATSNEW.txt | 6 + ctdb/config/events.d/10.interface | 115 ++--------- ctdb/config/events.d/11.natgw | 55 ++++-- ctdb/config/functions | 94 +++++++++ ctdb/doc/ctdb.1.xml | 8 - ctdb/doc/ctdb.7.xml | 21 +- ctdb/doc/ctdbd.conf.5.xml | 36 ++-- ctdb/packaging/RPM/ctdb.spec.in | 1 + .../tests/eventscripts/10.interface.monitor.015.sh | 2 +- .../tests/eventscripts/10.interface.monitor.016.sh | 2 +- ctdb/tests/eventscripts/11.natgw.005.sh | 24 --- ctdb/tests/eventscripts/11.natgw.041.sh | 5 +- ctdb/tests/eventscripts/11.natgw.042.sh | 5 +- ctdb/tests/eventscripts/11.natgw.051.sh | 16 ++ ctdb/tests/eventscripts/11.natgw.052.sh | 20 ++ ctdb/tests/eventscripts/11.natgw.053.sh | 16 ++ ctdb/tests/eventscripts/11.natgw.054.sh | 20 ++ ctdb/tests/eventscripts/scripts/local.sh | 66 ++++--- ctdb/tests/eventscripts/stubs/ctdb | 75 ++------ ctdb/tests/eventscripts/stubs/ctdb_natgw | 34 ++++ ctdb/tests/src/ctdb_test_stubs.c | 6 +- ctdb/tests/tool/scripts/local.sh | 38 +++- ctdb/tests/tool/stubby.getcapabilities.001.sh | 1 - ctdb/tests/tool/stubby.getcapabilities.002.sh | 1 - ctdb/tests/tool/stubby.getcapabilities.004.sh | 5 +- ctdb/tests/tool/stubby.natgwlist.006.sh | 6 +- ctdb/tests/tool/stubby.natgwlist.007.sh | 14 +- ctdb/tests/tool/stubby.natgwlist.009.sh | 36 ---- ctdb/tests/tool/stubby.natgwlist.010.sh | 37 ---- ctdb/tests/tool/stubs/ctdb | 27 +++ ctdb/tools/ctdb.c | 214 ++------------------- ctdb/tools/ctdb_natgw | 199 +++++++++++++++++++ ctdb/wscript | 7 + 33 files changed, 625 insertions(+), 587 deletions(-) delete mode 100755 ctdb/tests/eventscripts/11.natgw.005.sh create mode 100755 ctdb/tests/eventscripts/11.natgw.051.sh create mode 100755 ctdb/tests/eventscripts/11.natgw.052.sh create mode 100755 ctdb/tests/eventscripts/11.natgw.053.sh create mode 100755 ctdb/tests/eventscripts/11.natgw.054.sh create mode 100755 ctdb/tests/eventscripts/stubs/ctdb_natgw delete mode 100755 ctdb/tests/tool/stubby.natgwlist.009.sh delete mode 100755 ctdb/tests/tool/stubby.natgwlist.010.sh create mode 100755 ctdb/tests/tool/stubs/ctdb create mode 100755 ctdb/tools/ctdb_natgw Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 53f7860..e070b9f 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -44,6 +44,12 @@ smb.conf changes CTDB changes ------------ +* Configuration variable CTDB_NATGW_SLAVE_ONLY is no longer used. + Instead, nodes should be annotated with the "slave-only" option in + the CTDB NAT gateway nodes file. This file must be consistent + across nodes in a NAT gateway group. See ctdbd.conf(5) for more + details. + * The CTDB tunable parameter EventScriptTimeoutCount has been renamed to MonitorTimeoutCount diff --git a/ctdb/config/events.d/10.interface b/ctdb/config/events.d/10.interface index 00b5f97..4fb3524 100755 --- a/ctdb/config/events.d/10.interface +++ b/ctdb/config/events.d/10.interface @@ -22,18 +22,6 @@ loadconfig exit 0 } -mark_up () -{ - up_interfaces_found=true - ctdb setifacelink $1 up >/dev/null 2>&1 -} - -mark_down () -{ - fail=true - ctdb setifacelink $1 down >/dev/null 2>&1 -} - # This sets $all_interfaces as a side-effect. get_all_interfaces () { @@ -42,7 +30,6 @@ get_all_interfaces () # Add some special interfaces if they're defined [ "$CTDB_PUBLIC_INTERFACE" ] && all_interfaces="$CTDB_PUBLIC_INTERFACE $all_interfaces" - [ "$CTDB_NATGW_PUBLIC_IFACE" ] && all_interfaces="$CTDB_NATGW_PUBLIC_IFACE $all_interfaces" # Get the interfaces for which CTDB has public IPs configured. # That is, for all but the 1st line, get the 1st field. @@ -52,107 +39,27 @@ get_all_interfaces () all_interfaces=$(echo $all_interfaces $ctdb_ifaces | tr ' ' '\n' | sort -u) } -get_real_iface () -{ - # Output of "ip link show <iface>" - _iface_info="$1" - - # Extract the full interface description to see if it is a VLAN - _t=$(echo "$_iface_info" | - awk 'NR == 1 { iface = $2; sub(":$", "", iface) ; \ - print iface }') - case "$_t" in - *@*) - # VLAN: use the underlying interface, after the '@' - echo "${_t##*@}" - ;; - *) - # Not a regular VLAN. For backward compatibility, assume - # there is some other sort of VLAN that doesn't have the - # '@' in the output and only use what is before a '.'. If - # there is no '.' then this will be the whole interface - # name. - echo "${_t%%.*}" - esac -} - monitor_interfaces() { get_all_interfaces - fail=false + down_interfaces_found=false up_interfaces_found=false # Note that this loop must not exit early. It must process # all interfaces so that the correct state for each interface - # is set in CTDB using mark_up/mark_down. If there is a - # problem with an interface then set fail=true and continue. - for iface in $all_interfaces ; do - - _iface_info=$(ip link show $iface 2>&1) || { - echo "ERROR: Interface $iface does not exist but it is used by public addresses." - mark_down $iface - continue - } - - # These interfaces are sometimes bond devices - # When we use VLANs for bond interfaces, there will only - # be an entry in /proc for the underlying real interface - realiface=$(get_real_iface "$_iface_info") - bi=$(get_proc "net/bonding/$realiface" 2>/dev/null) && { - echo "$bi" | grep -q 'Currently Active Slave: None' && { - echo "ERROR: No active slaves for bond device $realiface" - mark_down $iface - continue - } - echo "$bi" | grep -q '^MII Status: up' || { - echo "ERROR: public network interface $realiface is down" - mark_down $iface - continue - } - echo "$bi" | grep -q '^Bonding Mode: IEEE 802.3ad Dynamic link aggregation' && { - # This works around a bug in the driver where the - # overall bond status can be up but none of the actual - # physical interfaces have a link. - echo "$bi" | grep 'MII Status:' | tail -n +2 | grep -q '^MII Status: up' || { - echo "ERROR: No active slaves for 802.ad bond device $realiface" - mark_down $iface - continue - } - } - mark_up $iface - continue - } - - case $iface in - lo*) - # loopback is always working - mark_up $iface - ;; - ib*) - # we don't know how to test ib links - mark_up $iface - ;; - *) - ethtool $iface | grep -q 'Link detected: yes' || { - # On some systems, this is not successful when a - # cable is plugged but the interface has not been - # brought up previously. Bring the interface up - # and try again... - ip link set $iface up - ethtool $iface | grep -q 'Link detected: yes' || { - echo "ERROR: No link on the public network interface $iface" - mark_down $iface - continue - } - } - mark_up $iface - ;; - esac - + # is set in CTDB using setifacelink. + for _iface in $all_interfaces ; do + if interface_monitor "$_iface" ; then + up_interfaces_found=true + ctdb setifacelink "$_iface" up >/dev/null 2>&1 + else + down_interfaces_found=true + ctdb setifacelink "$_iface" down >/dev/null 2>&1 + fi done - if ! $fail ; then + if ! $down_interfaces_found ; then return 0 fi diff --git a/ctdb/config/events.d/11.natgw b/ctdb/config/events.d/11.natgw index 54e6cd9..2b30eeb 100755 --- a/ctdb/config/events.d/11.natgw +++ b/ctdb/config/events.d/11.natgw @@ -23,18 +23,44 @@ natgw_cfg_new="${service_state_dir}/cfg_new" natgw_cfg_old="${service_state_dir}/cfg_old" natgw_master_old="${service_state_dir}/master_old" +# Cached retrieval of private IP address from local node. This never +# changes. Sets $ip_address to avoid an unnecessary subprocess. +ctdb_get_ip_address () +{ + _ip_addr_file="${service_state_dir}/my-ip-address" + if [ ! -f "$_ip_addr_file" ] ; then + ctdb -X nodestatus | + awk -F '|' 'NR == 2 { print $3 }' >"$_ip_addr_file" + fi + + read ip_address <"$_ip_addr_file" +} + +ctdb_natgw_slave_only () +{ + ctdb_get_ip_address + + awk -v my_ip="$ip_address" \ + '$1 == my_ip { if ($2 ~ "slave-only") { exit 0 } else { exit 1 } }' \ + "$CTDB_NATGW_NODES" +} + natgw_check_config () { [ -r "$CTDB_NATGW_NODES" ] || \ die "error: CTDB_NATGW_NODES=${CTDB_NATGW_NODES} unreadable" - if [ "$CTDB_NATGW_SLAVE_ONLY" != "yes" ] ; then + if ! ctdb_natgw_slave_only ; then [ -n "$CTDB_NATGW_PUBLIC_IP" ] || \ die "Invalid configuration: CTDB_NATGW_PUBLIC_IP not set" [ -n "$CTDB_NATGW_PUBLIC_IFACE" ] || \ die "Invalid configuration: CTDB_NATGW_PUBLIC_IFACE not set" fi [ -n "$CTDB_NATGW_PRIVATE_NETWORK" ] || \ - die "Invalid configuration: CTDB_NATGW_PRIVATE_NETWORK not set" + die "Invalid configuration: CTDB_NATGW_PRIVATE_NETWORK not set" + + if [ "$CTDB_PARTIALLY_ONLINE_INTERFACES" = "yes" ] ; then + die "Invalid configuration: CTDB_PARTIALLY_ONLINE_INTERFACES=yes incompatible with NAT gateway" + fi # The default is to create a single default route [ -n "$CTDB_NATGW_STATIC_ROUTES" ] || CTDB_NATGW_STATIC_ROUTES="0.0.0.0/0" @@ -51,7 +77,6 @@ CTDB_NATGW_PUBLIC_IFACE="$CTDB_NATGW_PUBLIC_IFACE" CTDB_NATGW_DEFAULT_GATEWAY="$CTDB_NATGW_DEFAULT_GATEWAY" CTDB_NATGW_PRIVATE_NETWORK="$CTDB_NATGW_PRIVATE_NETWORK" CTDB_NATGW_STATIC_ROUTES="$CTDB_NATGW_STATIC_ROUTES" -CTDB_NATGW_SLAVE_ONLY="$CTDB_NATGW_SLAVE_ONLY" EOF } @@ -73,16 +98,6 @@ natgw_config_has_changed () return 0 } -natgw_set_capability () -{ - # Set NATGW capability depending on configuration - if [ "$CTDB_NATGW_SLAVE_ONLY" = "yes" ] ; then - ctdb setnatgwstate off - else - ctdb setnatgwstate on - fi -} - _natgw_clear () { _ip="${CTDB_NATGW_PUBLIC_IP%/*}" @@ -157,7 +172,7 @@ natgw_set_slave () natgw_ensure_master () { - set -- $(ctdb natgwlist) + set -- $(ctdb_natgw master) natgwmaster="${1:--1}" # Default is -1 if natgwlist fails natgwip="$2" @@ -185,10 +200,9 @@ natgw_save_state () } -case "$1" in +case "$1" in setup) natgw_check_config - natgw_set_capability ;; startup) @@ -210,7 +224,6 @@ case "$1" in ctdb_get_pnn - natgw_set_capability natgw_ensure_master natgw_config_has_changed || natgw_master_has_changed || exit 0 @@ -235,6 +248,14 @@ case "$1" in natgw_clear ;; + monitor) + natgw_check_config + + if [ -n "$CTDB_NATGW_PUBLIC_IFACE" ] ; then + interface_monitor "$CTDB_NATGW_PUBLIC_IFACE" || exit 1 + fi + ;; + *) ctdb_standard_event_handler "@" ;; diff --git a/ctdb/config/functions b/ctdb/config/functions index 68e53ab..b714c63 100755 --- a/ctdb/config/functions +++ b/ctdb/config/functions @@ -639,6 +639,100 @@ flush_route_cache () } ######################################################## +# Interface monitoring + +# If the interface is a virtual one (e.g. VLAN) then get the +# underlying interface +interface_get_real () +{ + # Output of "ip link show <iface>" + _iface_info="$1" + + # Extract the full interface description to see if it is a VLAN + _t=$(echo "$_iface_info" | + awk 'NR == 1 { iface = $2; sub(":$", "", iface) ; \ + print iface }') + case "$_t" in + *@*) + # VLAN: use the underlying interface, after the '@' + echo "${_t##*@}" + ;; + *) + # Not a regular VLAN. For backward compatibility, assume + # there is some other sort of VLAN that doesn't have the + # '@' in the output and only use what is before a '.'. If + # there is no '.' then this will be the whole interface + # name. + echo "${_t%%.*}" + esac +} + +# Check whether an interface is operational +interface_monitor () +{ + _iface="$1" + + _iface_info=$(ip link show "$_iface" 2>&1) || { + echo "ERROR: Monitored interface ${_iface} does not exist" + return 1 + } + + + # If the interface is a virtual one (e.g. VLAN) then get the + # underlying interface. + _realiface=$(interface_get_real "$_iface_info") + + if _bi=$(get_proc "net/bonding/${_realiface}" 2>/dev/null) ; then + # This is a bond: various monitoring strategies + echo "$_bi" | grep -q 'Currently Active Slave: None' && { + echo "ERROR: No active slaves for bond device ${_realiface}" + return 1 + } + echo "$_bi" | grep -q '^MII Status: up' || { + echo "ERROR: public network interface ${_realiface} is down" + return 1 + } + echo "$_bi" | grep -q '^Bonding Mode: IEEE 802.3ad Dynamic link aggregation' && { + # This works around a bug in the driver where the + # overall bond status can be up but none of the actual + # physical interfaces have a link. + echo "$_bi" | grep 'MII Status:' | tail -n +2 | grep -q '^MII Status: up' || { + echo "ERROR: No active slaves for 802.ad bond device ${_realiface}" + return 1 + } + } + + return 0 + else + # Not a bond + case "$_iface" in + lo*) + # loopback is always working + return 0 + ;; + ib*) + # we don't know how to test ib links + return 0 + ;; + *) + ethtool "$_iface" | grep -q 'Link detected: yes' || { + # On some systems, this is not successful when a + # cable is plugged but the interface has not been + # brought up previously. Bring the interface up + # and try again... + ip link set "$_iface" up + ethtool "$_iface" | grep -q 'Link detected: yes' || { + echo "ERROR: No link on the public network interface ${_iface}" + return 1 + } + } + return 0 + ;; + esac + fi +} + +######################################################## # Simple counters _ctdb_counter_common () { _service_name="${1:-${service_name:-${script_name}}}" diff --git a/ctdb/doc/ctdb.1.xml b/ctdb/doc/ctdb.1.xml index 3658c89..57eac24 100644 --- a/ctdb/doc/ctdb.1.xml +++ b/ctdb/doc/ctdb.1.xml @@ -769,7 +769,6 @@ MaxRedirectCount = 3 RECMASTER: YES LMASTER: YES LVS: NO -NATGW: YES </screen> </refsect2> @@ -1405,13 +1404,6 @@ RUNNING </refsect2> <refsect2> - <title>setnatgwstate on|off</title> - <para> - Enable or disable the NAT gateway master capability on a node. - </para> - </refsect2> - - <refsect2> <title>tickle <parameter>SRC-IPADDR</parameter>:<parameter>SRC-PORT</parameter> <parameter>DST-IPADDR</parameter>:<parameter>DST-PORT</parameter></title> <para> Send a TCP tickle to the source host for the specified TCP diff --git a/ctdb/doc/ctdb.7.xml b/ctdb/doc/ctdb.7.xml index 45d7c23..6fab41c 100644 --- a/ctdb/doc/ctdb.7.xml +++ b/ctdb/doc/ctdb.7.xml @@ -446,18 +446,6 @@ Node 3:/usr/local/etc/ctdb/public_addresses </listitem> </varlistentry> - <varlistentry> - <term>NATGW</term> - <listitem> - <para> - Indicates that this node is configured to become the NAT - gateway master in a NAT gateway group. See the - <citetitle>NAT GATEWAY</citetitle> section for more - details. - </para> - </listitem> - </varlistentry> - </variablelist> <para> @@ -681,14 +669,15 @@ CTDB_NATGW_DEFAULT_GATEWAY=10.0.0.1 <para> Normally any node in a NATGW group can act as the NATGW master. Some configurations may have special nodes that lack - connectivity to a public network. In such cases, - <varname>CTDB_NATGW_SLAVE_ONLY</varname> can be used to limit the - NATGW functionality of thos nodes. + connectivity to a public network. In such cases, those nodes + can be flagged with the "slave-only" option in the + <varname>CTDB_NATGW_NODES</varname> file to limit the NATGW + functionality of those nodes. </para> <para> See the <citetitle>NAT GATEWAY</citetitle> section in - <citerefentry><refentrytitle>ctdb.conf</refentrytitle> + <citerefentry><refentrytitle>ctdbd.conf</refentrytitle> <manvolnum>5</manvolnum></citerefentry> for more details of NATGW configuration. </para> diff --git a/ctdb/doc/ctdbd.conf.5.xml b/ctdb/doc/ctdbd.conf.5.xml index 40296ba..5494b51 100644 --- a/ctdb/doc/ctdbd.conf.5.xml +++ b/ctdb/doc/ctdbd.conf.5.xml @@ -561,10 +561,21 @@ <para> File format: <screen> -<parameter>IPADDR</parameter> +<parameter>IPADDR</parameter> <optional>slave-only</optional> </screen> </para> <para> + IPADDR is the private IP address of each node in the NAT + gateway group. + </para> + <para> + If "slave-only" is specified then the corresponding node + can not be the NAT gateway master node. In this case + <varname>CTDB_NATGW_PUBLIC_IFACE</varname> and + <varname>CTDB_NATGW_PUBLIC_IP</varname> are optional and + unused. + </para> + <para> No default, usually <filename>/usr/local/etc/ctdb/natgw_nodes</filename> when enabled. </para> @@ -616,22 +627,6 @@ </varlistentry> <varlistentry> - <term>CTDB_NATGW_SLAVE_ONLY=yes|no</term> - <listitem> - <para> - When set to "yes" a node can not be a NAT gateway master - node. In this case - <varname>CTDB_NATGW_PUBLIC_IFACE</varname> and - <varname>CTDB_NATGW_PUBLIC_IP</varname> are optional - and unused. -- Samba Shared Repository