diff -Nru resource-agents-4.4.0/ChangeLog resource-agents-4.5.0/ChangeLog --- resource-agents-4.4.0/ChangeLog 2019-10-23 07:48:11.000000000 +0000 +++ resource-agents-4.5.0/ChangeLog 2020-03-06 09:49:12.000000000 +0000 @@ -1,3 +1,34 @@ +* Fri Mar 6 2020 resource-agents contributors +- stable release 4.5.0 +- iSCSILogicalUnit: fix default value for OCF_RESKEY_liot_bstype +- aws-vpc-move-ip: add parameter for role to use to query/update route table + +* Fri Feb 28 2020 resource-agents contributors +- release candidate 4.5.0 rc1 +- Filesystem: add trigger_udev_rules_if_need() for -U, -L, or /dev/xxx device +- Filesystem: refresh UUID in the start phase +- IPaddr2: add noprefixroute parameter +- IPaddr2: add info to metadata that ipt_CLUSTERIP "iptables" extension is not "nft" backend compatible, and iptables-legacy support for distros that still support it +- IPsrcaddr: replace local rule if using local table, and set src back to primary for device on stop +- IPsrcaddr: fix failure during probe when using destination/table parameters +- LVM-activate: add OCF_CHECK_LEVEL 10 check that can be enabled to verify vg or lv validity with an additional "read 1 byte" test in special cases like iSCSI SAN +- MailTo: fix variable expansion +- SAPInstance: clear the $DIR_EXECUTABLE variable so we catch the situation when we lose the directory with binaries after first sapinstance_init invokation +- aliyun-vpc-move-ip: add support for both 'go' and 'python' versions of Aliyun CLI, and auto-detect which to use by default +- apache: use get_release_id() to detect OS/distro, and fix LOAD_STATUS_MODULE issue +- azure-lb set socat to default on SUSE distributions. +- exportfs: allow multiple exports of same directory +- iSCSILogicalUnit: add liot_bstype to handle block/fileio for targetcli, and change behavior of lio-t with portals which do not use 0.0.0.0 +- ldirectord: support sched-flags +- lvmlockd: fix for LVM2 v2.03+ removing lvmetad +- mysql-common: return correct rc during start-action +- oralsnr: allow using the same tns_admin directory for different listeners +- pgsql: Support for PostgreSQL 12 +- podman: improve the code for checking if an image exists +- rabbitmq-cluster: ensure we delete nodename if stop action fails +- redis: validate_all: fix file status tests +- spec: add missing requirement (lsb-release) + * Wed Oct 23 2019 resource-agents contributors - stable release 4.4.0 - NodeUtilization: fix Xen detection and improve logging diff -Nru resource-agents-4.4.0/configure.ac resource-agents-4.5.0/configure.ac --- resource-agents-4.4.0/configure.ac 2019-10-23 07:48:11.000000000 +0000 +++ resource-agents-4.5.0/configure.ac 2020-03-06 09:49:12.000000000 +0000 @@ -1076,7 +1076,7 @@ AC_MSG_RESULT([]) AC_MSG_RESULT([$PACKAGE configuration:]) AC_MSG_RESULT([ Version = ${VERSION}]) -AC_MSG_RESULT([ Build Version = 9b45bb6a896ae9fec450450b553be1ac2a14fb9b]) +AC_MSG_RESULT([ Build Version = fee181320547365d7f8c88cca2b32801412b933d]) AC_MSG_RESULT([ Features =${PKG_FEATURES}]) AC_MSG_RESULT([]) AC_MSG_RESULT([ Prefix = ${prefix}]) diff -Nru resource-agents-4.4.0/debian/changelog resource-agents-4.5.0/debian/changelog --- resource-agents-4.4.0/debian/changelog 2020-02-16 00:56:30.000000000 +0000 +++ resource-agents-4.5.0/debian/changelog 2020-04-15 03:32:33.000000000 +0000 @@ -1,3 +1,30 @@ +resource-agents (1:4.5.0-2ubuntu2) focal; urgency=medium + + * Remove bind9 autopkgtest not compatible with ubuntu (LP: #1872877) + + -- Rafael David Tinoco Wed, 15 Apr 2020 03:32:33 +0000 + +resource-agents (1:4.5.0-2ubuntu1) focal; urgency=medium + + * Merge with Debian unstable (LP: #1866383). Remaining changes: + - d/control: Demote python3-googleapi to Suggests to avoid + inclusion in Ubuntu main. + + -- Rafael David Tinoco Tue, 07 Apr 2020 22:43:39 +0000 + +resource-agents (1:4.5.0-2) unstable; urgency=medium + + * debian/tests: fix test for new bind9 version + + -- Valentin Vidic Sun, 05 Apr 2020 20:10:00 +0200 + +resource-agents (1:4.5.0-1) unstable; urgency=medium + + * New upstream version 4.5.0 + * debian/patches: refresh for new version + + -- Valentin Vidic Fri, 06 Mar 2020 19:50:58 +0100 + resource-agents (1:4.4.0-3ubuntu1) focal; urgency=low * Merge from Debian unstable. Remaining changes: diff -Nru resource-agents-4.4.0/debian/patches/mailto-shell-expansion.patch resource-agents-4.5.0/debian/patches/mailto-shell-expansion.patch --- resource-agents-4.4.0/debian/patches/mailto-shell-expansion.patch 2019-11-16 09:45:16.000000000 +0000 +++ resource-agents-4.5.0/debian/patches/mailto-shell-expansion.patch 1970-01-01 00:00:00.000000000 +0000 @@ -1,22 +0,0 @@ -From 20ff678ee0077456efea83a258d418af519e030b Mon Sep 17 00:00:00 2001 -From: Valentin Vidic -Date: Wed, 30 Oct 2019 20:34:55 +0100 -Subject: [PATCH] Low: MailTo: fix variable expansion - -Wrong kind of braces used (expand to 0 or fail -to expand with dash as shell). ---- - heartbeat/MailTo | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - ---- a/heartbeat/MailTo -+++ b/heartbeat/MailTo -@@ -67,7 +67,7 @@ - The email address of sysadmin. - - Email address -- -+ - - - diff -Nru resource-agents-4.4.0/debian/patches/mysql-exit-code.patch resource-agents-4.5.0/debian/patches/mysql-exit-code.patch --- resource-agents-4.4.0/debian/patches/mysql-exit-code.patch 2020-02-15 05:43:30.000000000 +0000 +++ resource-agents-4.5.0/debian/patches/mysql-exit-code.patch 1970-01-01 00:00:00.000000000 +0000 @@ -1,21 +0,0 @@ -Description: mysql-common: fix startup check - PID value is not captured correctly so the startup - fails with the wrong exit code. -Author: Valentin Vidic -Bug: https://github.com/ClusterLabs/resource-agents/pull/1422 -Last-Update: 2019-10-24 ---- -This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ ---- a/heartbeat/mysql-common.sh -+++ b/heartbeat/mysql-common.sh -@@ -239,8 +239,8 @@ - --datadir=$OCF_RESKEY_datadir \ - --log-error=$OCF_RESKEY_log \ - $OCF_RESKEY_additional_parameters \ -- $mysql_extra_params >/dev/null 2>&1 & -- pid=$!" -+ $mysql_extra_params >/dev/null 2>&1" & -+ pid=$! - - # Spin waiting for the server to come up. - # Let the CRM/LRM time us out if required. diff -Nru resource-agents-4.4.0/debian/patches/ocft-configs.patch resource-agents-4.5.0/debian/patches/ocft-configs.patch --- resource-agents-4.4.0/debian/patches/ocft-configs.patch 2020-02-15 05:43:30.000000000 +0000 +++ resource-agents-4.5.0/debian/patches/ocft-configs.patch 2020-04-14 00:27:21.000000000 +0000 @@ -28,20 +28,18 @@ Include prepare --- a/tools/ocft/named +++ b/tools/ocft/named -@@ -6,15 +6,16 @@ +@@ -6,8 +6,8 @@ CONFIG Agent named AgentRoot /usr/lib/ocf/resource.d/heartbeat - InstallPackage bind - InstallPackage bind-utils + InstallPackage bind9 -+ InstallPackage bind9utils ++ InstallPackage bind9-utils SETUP-AGENT -- /etc/init.d/named start -- /etc/init.d/named stop -+ /etc/init.d/bind9 start -+ /etc/init.d/bind9 stop + /etc/init.d/named start +@@ -15,6 +15,7 @@ CASE-BLOCK crm_setting Env OCF_RESKEY_CRM_meta_timeout=15000 diff -Nru resource-agents-4.4.0/debian/patches/series resource-agents-4.5.0/debian/patches/series --- resource-agents-4.4.0/debian/patches/series 2020-02-15 05:43:30.000000000 +0000 +++ resource-agents-4.5.0/debian/patches/series 2020-04-14 00:27:21.000000000 +0000 @@ -6,5 +6,3 @@ gitignore.patch reproducible.patch var-run.patch -mysql-exit-code.patch -mailto-shell-expansion.patch diff -Nru resource-agents-4.4.0/debian/tests/control resource-agents-4.5.0/debian/tests/control --- resource-agents-4.4.0/debian/tests/control 2020-02-15 05:43:30.000000000 +0000 +++ resource-agents-4.5.0/debian/tests/control 2020-04-15 03:32:33.000000000 +0000 @@ -26,12 +26,6 @@ Depends: resource-agents, postfix Restrictions: needs-root, isolation-container -# currently failing on Ubuntu autopkgtest setup for networking differences, so skip there -# Working in Debci, but compared to badtest retains all the other tests coverage -Test-Command: [ "`lsb_release -is`" = "Ubuntu" ] || debian/tests/run-ocft named -Depends: resource-agents, bind9, bind9-host, bind9utils, lsb-release -Restrictions: needs-root, isolation-container - Test-Command: debian/tests/run-ocft Filesystem Depends: resource-agents Restrictions: needs-root, isolation-machine diff -Nru resource-agents-4.4.0/heartbeat/aliyun-vpc-move-ip resource-agents-4.5.0/heartbeat/aliyun-vpc-move-ip --- resource-agents-4.4.0/heartbeat/aliyun-vpc-move-ip 2019-10-23 07:48:11.000000000 +0000 +++ resource-agents-4.5.0/heartbeat/aliyun-vpc-move-ip 2020-03-06 09:49:12.000000000 +0000 @@ -16,18 +16,39 @@ OCF_RESKEY_routing_table_default="" OCF_RESKEY_interface_default="eth0" OCF_RESKEY_profile_default="default" +OCF_RESKEY_endpoint_default="vpc.aliyuncs.com" +OCF_RESKEY_aliyuncli_default="detect" + : ${OCF_RESKEY_address=${OCF_RESKEY_address_default}} : ${OCF_RESKEY_routing_table=${OCF_RESKEY_routing_table_default}} : ${OCF_RESKEY_interface=${OCF_RESKEY_interface_default}} : ${OCF_RESKEY_profile=${OCF_RESKEY_profile_default}} +: ${OCF_RESKEY_endpoint=${OCF_RESKEY_endpoint_default}} +: ${OCF_RESKEY_aliyuncli=${OCF_RESKEY_aliyuncli_default}} ####################################################################### -# aliyuncli doesnt work without HOME parameter +# aliyun cli doesnt work without HOME parameter export HOME="/root" USAGE="usage: $0 {start|stop|status|meta-data}"; + +if [ "${OCF_RESKEY_aliyuncli}" = "detect" ]; then + OCF_RESKEY_aliyuncli="$(which aliyuncli 2> /dev/null || which aliyun 2> /dev/null)" +fi + +if [[ "${OCF_RESKEY_aliyuncli##*/}" == 'aliyuncli' ]]; then + OUTPUT="text" + EXECUTING='{ print $3 }' + IFS_=" " + ENDPOINT="" +elif [[ "${OCF_RESKEY_aliyuncli##*/}" == 'aliyun' ]]; then + OUTPUT="table cols=InstanceId,DestinationCidrBlock rows=RouteTables.RouteTable[].RouteEntrys.RouteEntry[]" + EXECUTING='{ gsub (" ", "", $0); print $1 }' + IFS_="|" + ENDPOINT="--endpoint $OCF_RESKEY_endpoint" +fi ############################################################################### @@ -37,27 +58,37 @@ # ############################################################################### +request_create_route_entry() { + cmd="${OCF_RESKEY_aliyuncli} vpc CreateRouteEntry --RouteTableId $OCF_RESKEY_routing_table --DestinationCidrBlock ${OCF_RESKEY_address}/32 --NextHopId $ECS_INSTANCE_ID --NextHopType Instance ${ENDPOINT}" + ocf_log debug "executing command: $cmd" + $cmd +} +request_delete_route_entry() { + cmd="${OCF_RESKEY_aliyuncli} vpc DeleteRouteEntry --RouteTableId $OCF_RESKEY_routing_table --DestinationCidrBlock ${OCF_RESKEY_address}/32 --NextHopId $ROUTE_TO_INSTANCE ${ENDPOINT}" + ocf_log debug "executing command: $cmd" + $cmd +} + +request_describe_route_tables() { + cmd="${OCF_RESKEY_aliyuncli} vpc DescribeRouteTables --RouteTableId $OCF_RESKEY_routing_table --output ${OUTPUT} ${ENDPOINT}" + ocf_log debug "executing command: $cmd" + ROUTE_TO_INSTANCE=$($cmd |grep $OCF_RESKEY_address | awk -F "${IFS_}" "${EXECUTING}") +} ip_get_and_configure() { ocf_log debug "function: ip_get_and_configure" - ROUTE_TO_INSTANCE="$($cmd |grep $OCF_RESKEY_address | awk '{ print $3 }')" - + request_describe_route_tables if [ "$ECS_INSTANCE_ID" != "$ROUTE_TO_INSTANCE" ]; then if [ -n "$ROUTE_TO_INSTANCE" ]; then ip_drop fi - - cmd="aliyuncli vpc CreateRouteEntry --RouteTableId $OCF_RESKEY_routing_table --DestinationCidrBlock ${OCF_RESKEY_address}/32 --NextHopId $ECS_INSTANCE_ID --NextHopType Instance --output text" - ocf_log debug "executing command: $cmd" - $cmd + request_create_route_entry rc=$? while [ $rc -ne 0 ]; do sleep 1 - cmd="aliyuncli vpc CreateRouteEntry --RouteTableId $OCF_RESKEY_routing_table --DestinationCidrBlock ${OCF_RESKEY_address}/32 --NextHopId $ECS_INSTANCE_ID --NextHopType Instance --output text" - ocf_log debug "executing command: $cmd" - $cmd + request_create_route_entry rc=$? done wait_for_started @@ -87,10 +118,7 @@ ocf_log err "command failed, rc $rc" return $OCF_ERR_GENERIC fi - - cmd="aliyuncli vpc DeleteRouteEntry --RouteTableId $OCF_RESKEY_routing_table --DestinationCidrBlock ${OCF_RESKEY_address}/32 --NextHopId $ROUTE_TO_INSTANCE --output text" - ocf_log debug "executing command: $cmd" - $cmd + request_delete_route_entry if [ $? -ne 0 ]; then ocf_log err "command failed, rc: $rc" return $OCF_ERR_GENERIC @@ -103,26 +131,18 @@ } wait_for_started() { - cmd="aliyuncli vpc DescribeRouteTables --RouteTableId $OCF_RESKEY_routing_table --output text" - ocf_log debug "executing command: $cmd" - ROUTE_TO_INSTANCE="$($cmd | grep $OCF_RESKEY_address | awk '{ print $3 }')" - + request_describe_route_tables while [ "$ECS_INSTANCE_ID" != "$ROUTE_TO_INSTANCE" ]; do sleep 3 - cmd="aliyuncli vpc DescribeRouteTables --RouteTableId $OCF_RESKEY_routing_table --output text" - ocf_log debug "executing command: $cmd" - ROUTE_TO_INSTANCE="$($cmd | grep $OCF_RESKEY_address | awk '{ print $3 }')" + request_describe_route_tables done } wait_for_deleted() { - ROUTE_TO_INSTANCE="$($cmd |grep $OCF_RESKEY_address | awk '{ print $3 }')" - + request_describe_route_tables while [ ! -z "$ROUTE_TO_INSTANCE" ]; do sleep 1 - cmd="aliyuncli vpc DescribeRouteTables --RouteTableId $OCF_RESKEY_routing_table --output text" - ocf_log debug "executing command: $cmd" - ROUTE_TO_INSTANCE="$($cmd |grep $OCF_RESKEY_address | awk '{ print $3 }')" + request_describe_route_tables done } @@ -137,7 +157,16 @@ by changing an entry in an specific routing table Move IP within a VPC of the Aliyun ECS + + + +Path to command line tools for Aliyun + +Path to Aliyun CLI tools + + + VPC private IP address @@ -145,6 +174,7 @@ vpc ip + Name of the routing table, where the route for the IP address should be changed, i.e. vtb-... @@ -152,6 +182,7 @@ routing table name + Name of the network interface, i.e. eth0 @@ -159,16 +190,25 @@ network interface name - + + -Valid Aliyun CLI profile name (see 'aliyuncli configure'). +An endpoint is the service entry of an Alibaba Cloud service, i.e. vpc.cn-beijing.aliyuncs.com + +service endpoint + + -See https://www.alibabacloud.com/help/doc-detail/43039.htm?spm=a2c63.p38356.b99.16.38a914abRZtOU3 for more information about aliyuncli. + + +Valid Aliyun CLI profile name (see 'aliyun cli configure'). +See https://www.alibabacloud.com/help/zh/product/29991.htm for more information about aliyun cli. profile name + @@ -183,6 +223,11 @@ ecs_ip_validate() { ocf_log debug "function: validate" + if [ -z "${OCF_RESKEY_aliyuncli}" ]; then + ocf_exit_reason "unable to detect aliyuncli binary" + exit $OCF_ERR_INSTALLED + fi + # IP address if [ -z "$OCF_RESKEY_address" ]; then ocf_log err "IP address parameter not set $OCF_RESKEY_ADDRESS!" @@ -263,10 +308,7 @@ ecs_ip_monitor() { ocf_log debug "function: ecsip_monitor: check routing table" - cmd="aliyuncli vpc DescribeRouteTables --RouteTableId $OCF_RESKEY_routing_table --output text" - ocf_log debug "executing command: $cmd" - - ROUTE_TO_INSTANCE="$($cmd |grep $OCF_RESKEY_address | awk '{ print $3 }')" + request_describe_route_tables if [ "$ECS_INSTANCE_ID" != "$ROUTE_TO_INSTANCE" ]; then ocf_log debug "not routed to this instance ($ECS_INSTANCE_ID) but to instance $ROUTE_TO_INSTANCE" diff -Nru resource-agents-4.4.0/heartbeat/apache resource-agents-4.5.0/heartbeat/apache --- resource-agents-4.4.0/heartbeat/apache 2019-10-23 07:48:11.000000000 +0000 +++ resource-agents-4.5.0/heartbeat/apache 2020-03-06 09:49:12.000000000 +0000 @@ -167,13 +167,16 @@ # May be useful to add other distros in future validate_default_config() { - if [ -e /etc/SuSE-release ]; then - validate_default_suse_config - elif [ -e /etc/debian_version ]; then - validate_default_debian_config - else - return 0 - fi + case "$( get_release_id )" in + *SUSE) + validate_default_suse_config + ;; + Debian) + validate_default_debian_config + ;; + *) + return 0 + esac } # When using the default /etc/apache2/httpd.conf on SUSE, the file @@ -206,8 +209,6 @@ apache_mod_status="/usr/lib64/apache2-prefork/mod_status.so" if [ -e $apache_mod_status ]; then LOAD_STATUS_MODULE="LoadModule status_module $apache_mod_status" - # append to apache options the module so we can load it for suse only systems. - HTTPDOPTS="$HTTPDOPTS -C $LOAD_STATUS_MODULE" fi fi return 0 @@ -242,9 +243,17 @@ validate_default_config || return $OCF_ERR_CONFIGURED if [ -z $PIDFILE_DIRECTIVE ]; then - ocf_run $HTTPD $HTTPDOPTS $OPTIONS -f $CONFIGFILE + if [ -z "$LOAD_STATUS_MODULE" ]; then + ocf_run $HTTPD $HTTPDOPTS $OPTIONS -f $CONFIGFILE + else + ocf_run $HTTPD -C "$LOAD_STATUS_MODULE" $HTTPDOPTS $OPTIONS -f $CONFIGFILE + fi else - ocf_run $HTTPD $HTTPDOPTS $OPTIONS -f $CONFIGFILE -c "PidFile $PidFile" + if [ -z "$LOAD_STATUS_MODULE" ]; then + ocf_run $HTTPD $HTTPDOPTS $OPTIONS -f $CONFIGFILE -c "PidFile $PidFile" + else + ocf_run $HTTPD $HTTPDOPTS -C "$LOAD_STATUS_MODULE" $OPTIONS -f $CONFIGFILE -c "PidFile $PidFile" + fi fi tries=0 diff -Nru resource-agents-4.4.0/heartbeat/aws-vpc-move-ip resource-agents-4.5.0/heartbeat/aws-vpc-move-ip --- resource-agents-4.4.0/heartbeat/aws-vpc-move-ip 2019-10-23 07:48:11.000000000 +0000 +++ resource-agents-4.5.0/heartbeat/aws-vpc-move-ip 2020-03-06 09:49:12.000000000 +0000 @@ -40,6 +40,7 @@ OCF_RESKEY_ip_default="" OCF_RESKEY_address_default="" OCF_RESKEY_routing_table_default="" +OCF_RESKEY_routing_table_role_default="" OCF_RESKEY_interface_default="eth0" OCF_RESKEY_monapi_default="false" @@ -48,6 +49,7 @@ : ${OCF_RESKEY_ip=${OCF_RESKEY_ip_default}} : ${OCF_RESKEY_address=${OCF_RESKEY_address_default}} : ${OCF_RESKEY_routing_table=${OCF_RESKEY_routing_table_default}} +: ${OCF_RESKEY_routing_table_role=${OCF_RESKEY_routing_table_role_default}} : ${OCF_RESKEY_interface=${OCF_RESKEY_interface_default}} : ${OCF_RESKEY_monapi=${OCF_RESKEY_monapi_default}} ####################################################################### @@ -117,6 +119,14 @@ + + +Role to use to query/update the route table + +route table query/update role + + + Name of the network interface, i.e. eth0 @@ -145,6 +155,24 @@ END } + +execute_cmd_as_role(){ + cmd=$1 + role=$2 + output="$(aws sts assume-role --role-arn $role --role-session-name AWSCLI-RouteTableUpdate --profile $OCF_RESKEY_profile --output=text)" + export AWS_ACCESS_KEY_ID="$(echo $output | awk -F" " '$4=="CREDENTIALS" {print $5}')" + export AWS_SECRET_ACCESS_KEY="$(echo $output | awk -F" " '$4=="CREDENTIALS" {print $7}')" + export AWS_SESSION_TOKEN="$(echo $output | awk -F" " '$4=="CREDENTIALS" {print $8}')" + + #Execute command + ocf_log debug "Assumed Role ${role}" + ocf_log debug "$(aws sts get-caller-identity)" + ocf_log debug "executing command: $cmd" + response="$($cmd)" + unset output AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN + echo $response +} + ec2ip_set_address_param_compat(){ # Include backward compatibility for the deprecated address parameter if [ -z "$OCF_RESKEY_ip" ] && [ -n "$OCF_RESKEY_address" ]; then @@ -177,9 +205,14 @@ if ocf_is_true ${OCF_RESKEY_monapi} || [ "$__OCF_ACTION" = "start" ] || ocf_is_probe; then for rtb in $(echo $OCF_RESKEY_routing_table | sed -e 's/,/ /g'); do ocf_log info "monitor: check routing table (API call) - $rtb" - cmd="$OCF_RESKEY_awscli --profile $OCF_RESKEY_profile --output text ec2 describe-route-tables --route-table-ids $rtb --query RouteTables[*].Routes[?DestinationCidrBlock=='$OCF_RESKEY_ip/32'].InstanceId" - ocf_log debug "executing command: $cmd" - ROUTE_TO_INSTANCE="$($cmd)" + if [[ -z "${OCF_RESKEY_routing_table_role}" ]]; then + cmd="$OCF_RESKEY_awscli --profile $OCF_RESKEY_profile --output text ec2 describe-route-tables --route-table-ids $rtb --query RouteTables[*].Routes[?DestinationCidrBlock=='$OCF_RESKEY_ip/32'].InstanceId" + ocf_log debug "executing command: $cmd" + ROUTE_TO_INSTANCE="$($cmd)" + else + cmd="$OCF_RESKEY_awscli --output text ec2 describe-route-tables --route-table-ids $rtb --query RouteTables[*].Routes[?DestinationCidrBlock=='$OCF_RESKEY_ip/32'].InstanceId" + ROUTE_TO_INSTANCE="$(execute_cmd_as_role "$cmd" $OCF_RESKEY_routing_table_role)" + fi ocf_log debug "Overlay IP is currently routed to ${ROUTE_TO_INSTANCE}" if [ -z "$ROUTE_TO_INSTANCE" ]; then ROUTE_TO_INSTANCE="" @@ -253,9 +286,14 @@ ocf_log debug "network interface id associated MAC address ${MAC_ADDR}: ${EC2_NETWORK_INTERFACE_ID}" for rtb in $(echo $OCF_RESKEY_routing_table | sed -e 's/,/ /g'); do - cmd="$OCF_RESKEY_awscli --profile $OCF_RESKEY_profile --output text ec2 replace-route --route-table-id $rtb --destination-cidr-block ${OCF_RESKEY_ip}/32 --network-interface-id $EC2_NETWORK_INTERFACE_ID" - ocf_log debug "executing command: $cmd" - $cmd + if [[ -z "${OCF_RESKEY_routing_table_role}" ]]; then + cmd="$OCF_RESKEY_awscli --profile $OCF_RESKEY_profile --output text ec2 replace-route --route-table-id $rtb --destination-cidr-block ${OCF_RESKEY_ip}/32 --network-interface-id $EC2_NETWORK_INTERFACE_ID" + ocf_log debug "executing command: $cmd" + $cmd + else + cmd="$OCF_RESKEY_awscli --output text ec2 replace-route --route-table-id $rtb --destination-cidr-block ${OCF_RESKEY_ip}/32 --network-interface-id $EC2_NETWORK_INTERFACE_ID" + update_response="$(execute_cmd_as_role "$cmd" $OCF_RESKEY_routing_table_role)" + fi rc=$? if [ "$rc" != 0 ]; then ocf_log warn "command failed, rc: $rc" diff -Nru resource-agents-4.4.0/heartbeat/azure-lb resource-agents-4.5.0/heartbeat/azure-lb --- resource-agents-4.4.0/heartbeat/azure-lb 2019-10-23 07:48:11.000000000 +0000 +++ resource-agents-4.5.0/heartbeat/azure-lb 2020-03-06 09:49:12.000000000 +0000 @@ -18,6 +18,11 @@ # Defaults OCF_RESKEY_nc_default="/usr/bin/nc" +case "$( get_release_id )" in + *SUSE) + OCF_RESKEY_nc_default="/usr/bin/socat" + ;; +esac OCF_RESKEY_port_default="61000" : ${OCF_RESKEY_nc=${OCF_RESKEY_nc_default}} @@ -54,8 +59,7 @@ The full path of the used binary. This can be nc or socat path. -The default is /usr/bin/nc. -If you need /usr/bin/socat this parameter should be set. +The default is /usr/bin/nc and /usr/bin/socat for SUSE distributions. Full path of the used binary (nc or socat are allowed) diff -Nru resource-agents-4.4.0/heartbeat/exportfs resource-agents-4.5.0/heartbeat/exportfs --- resource-agents-4.4.0/heartbeat/exportfs 2019-10-23 07:48:11.000000000 +0000 +++ resource-agents-4.5.0/heartbeat/exportfs 2020-03-06 09:49:12.000000000 +0000 @@ -52,7 +52,7 @@ the use case to export the directory(-ies) for multiple subnets, please do config a dedicated primitive for each subnet CIDR ip address, and do not attempt to use multiple CIDR ip addresses in a space -seperated list, like in /etc/exports. +separated list, like in /etc/exports. Client ACL. @@ -82,7 +82,7 @@ - + The fsid option to pass to exportfs. This can be a unique positive integer, a UUID (assuredly sans comma characters), or the special string diff -Nru resource-agents-4.4.0/heartbeat/Filesystem resource-agents-4.5.0/heartbeat/Filesystem --- resource-agents-4.4.0/heartbeat/Filesystem 2019-10-23 07:48:11.000000000 +0000 +++ resource-agents-4.5.0/heartbeat/Filesystem 2020-03-06 09:49:12.000000000 +0000 @@ -431,6 +431,47 @@ # +# In the case a fresh filesystem is just created from another +# node on the shared storage, and is not visible yet. Then try +# partprobe to refresh /dev/disk/by-{label,uuid}/* up to date. +# +# DEVICE can be /dev/xxx, -U, -L +# +trigger_udev_rules_if_needed() +{ + local refresh_flag="no" + local tmp + local timeout + + if [ $blockdevice = "yes" ]; then + tmp="$DEVICE" + if [ "$DEVICE" != "/dev/null" -a ! -b "$DEVICE" ] ; then + refresh_flag="yes" + fi + else + tmp="`echo $DEVICE|awk '{$1=""; print substr($0,2)}'`" + case "$DEVICE" in + -U*|--uuid*) + tmp="/dev/disk/by-uuid/$tmp" + ;; + -L*|--label*) + tmp="/dev/disk/by-label/$tmp" + ;; + esac + [ ! -b "$tmp" ] && refresh_flag="yes" + fi + + [ "$refresh_flag" = "no" ] && return + + have_binary partprobe && partprobe >/dev/null 2>&1 + timeout=${OCF_RESKEY_CRM_meta_timeout:="60000"} + timeout=$((timeout/1000)) + have_binary udevadm && udevadm settle -t $timeout --exit-if-exists=$tmp + + return $? +} + +# # START: Start up the filesystem # Filesystem_start() @@ -453,6 +494,8 @@ # NOTE: Some filesystem types don't need this step... Please modify # accordingly + trigger_udev_rules_if_needed + if [ $blockdevice = "yes" ]; then if [ "$DEVICE" != "/dev/null" -a ! -b "$DEVICE" ] ; then ocf_exit_reason "Couldn't find device [$DEVICE]. Expected /dev/??? to exist" diff -Nru resource-agents-4.4.0/heartbeat/IPaddr2 resource-agents-4.5.0/heartbeat/IPaddr2 --- resource-agents-4.4.0/heartbeat/IPaddr2 2019-10-23 07:48:11.000000000 +0000 +++ resource-agents-4.5.0/heartbeat/IPaddr2 2020-03-06 09:49:12.000000000 +0000 @@ -88,6 +88,7 @@ OCF_RESKEY_send_arp_opts_default="" OCF_RESKEY_flush_routes_default="false" OCF_RESKEY_run_arping_default=false +OCF_RESKEY_noprefixroute_default="false" OCF_RESKEY_preferred_lft_default="forever" OCF_RESKEY_network_namespace_default="" @@ -109,6 +110,7 @@ : ${OCF_RESKEY_send_arp_opts=${OCF_RESKEY_send_arp_opts_default}} : ${OCF_RESKEY_flush_routes=${OCF_RESKEY_flush_routes_default}} : ${OCF_RESKEY_run_arping=${OCF_RESKEY_run_arping_default}} +: ${OCF_RESKEY_noprefixroute=${OCF_RESKEY_noprefixroute_default}} : ${OCF_RESKEY_preferred_lft=${OCF_RESKEY_preferred_lft_default}} : ${OCF_RESKEY_network_namespace=${OCF_RESKEY_network_namespace_default}} @@ -121,6 +123,8 @@ SENDARPPIDDIR=$HA_RSCTMP CIP_lockfile=$HA_RSCTMP/IPaddr2-CIP-${OCF_RESKEY_ip} +IPADDR2_CIP_IPTABLES=$IPTABLES + ####################################################################### meta_data() { @@ -136,11 +140,21 @@ In addition, it can implement Cluster Alias IP functionality if invoked as a clone resource. -If used as a clone, you should explicitly set clone-node-max >= 2, +If used as a clone, "shared address with a trivial, stateless +(autonomous) load-balancing/mutual exclusion on ingress" mode gets +applied (as opposed to "assume resource uniqueness" mode otherwise). +For that, Linux firewall (kernel and userspace) is assumed, and since +recent distributions are ambivalent in plain "iptables" command to +particular back-end resolution, "iptables-legacy" (when present) gets +prioritized so as to avoid incompatibilities (note that respective +ipt_CLUSTERIP firewall extension in use here is, at the same time, +marked deprecated, yet said "legacy" layer can make it workable, +literally, to this day) with "netfilter" one (as in "iptables-nft"). +In that case, you should explicitly set clone-node-max >= 2, and/or clone-max < number of nodes. In case of node failure, clone instances need to be re-allocated on surviving nodes. -This would not be possible if there is already an instance on those nodes, -and clone-node-max=1 (which is the default). +This would not be possible if there is already an instance +on those nodes, and clone-node-max=1 (which is the default). Manages virtual IPv4 and IPv6 addresses (Linux specific version) @@ -377,6 +391,14 @@ + + +Use noprefixroute flag (see 'man ip-address'). + +Use noprefixroute flag + + + For IPv6, set the preferred lifetime of the IP address. @@ -397,8 +419,8 @@ Network namespace to use - + @@ -640,6 +662,11 @@ msg="Adding $FAMILY address $ipaddr/$netmask with broadcast address $broadcast to device $iface" fi + if ocf_is_true "${OCF_RESKEY_noprefixroute}"; then + cmd="$cmd noprefixroute" + msg="${msg} (with noprefixroute)" + fi + if [ ! -z "$label" ]; then cmd="$cmd label $label" msg="${msg} (with label $label)" @@ -980,7 +1007,7 @@ if [ -n "$IP_CIP" ] && ([ $ip_status = "no" ] || [ $ip_status = "partial2" ]); then $MODPROBE ip_conntrack - $IPTABLES -I INPUT -d $OCF_RESKEY_ip -i $NIC -j CLUSTERIP \ + $IPADDR2_CIP_IPTABLES -I INPUT -d $OCF_RESKEY_ip -i $NIC -j CLUSTERIP \ --new \ --clustermac $IF_MAC \ --total-nodes $IP_INC_GLOBAL \ @@ -1074,7 +1101,7 @@ i=1 while [ $i -le $IP_INC_GLOBAL ]; do ocf_log info $i - $IPTABLES -D INPUT -d $OCF_RESKEY_ip -i $NIC -j CLUSTERIP \ + $IPADDR2_CIP_IPTABLES -D INPUT -d $OCF_RESKEY_ip -i $NIC -j CLUSTERIP \ --new \ --clustermac $IF_MAC \ --total-nodes $IP_INC_GLOBAL \ @@ -1171,8 +1198,11 @@ set_send_arp_program if [ -n "$IP_CIP" ]; then - check_binary $IPTABLES - check_binary $MODPROBE + if have_binary "$IPTABLES_LEGACY"; then + IPADDR2_CIP_IPTABLES="$IPTABLES_LEGACY" + fi + check_binary "$IPADDR2_CIP_IPTABLES" + check_binary $MODPROBE fi # $BASEIP, $NETMASK, $NIC , $IP_INC_GLOBAL, and $BRDCAST have been checked within ip_init, diff -Nru resource-agents-4.4.0/heartbeat/IPsrcaddr resource-agents-4.5.0/heartbeat/IPsrcaddr --- resource-agents-4.4.0/heartbeat/IPsrcaddr 2019-10-23 07:48:11.000000000 +0000 +++ resource-agents-4.5.0/heartbeat/IPsrcaddr 2020-03-06 09:49:12.000000000 +0000 @@ -75,6 +75,14 @@ CMDSHOW="$IP2UTIL route show $TABLE to exact $OCF_RESKEY_destination" CMDCHANGE="$IP2UTIL route change to " +if [ "$OCF_RESKEY_destination" != "0.0.0.0/0" ]; then + CMDSHOW="$CMDSHOW src $OCF_RESKEY_ipaddress" +fi + +if [ "$OCF_RESKEY_table" = "local" ]; then + TABLE="$TABLE local" +fi + SYSTYPE="`uname -s`" usage() { @@ -179,7 +187,7 @@ srca_read() { # Capture matching route - doublequotes prevent word splitting... - ROUTE="`$CMDSHOW`" || errorexit "command '$CMDSHOW' failed" + ROUTE="`$CMDSHOW 2> /dev/null`" || errorexit "command '$CMDSHOW' failed" # ... so we can make sure there is only 1 matching route [ 1 -eq `echo "$ROUTE" | wc -l` ] || \ @@ -195,6 +203,11 @@ # and what remains after stripping out the source ip address clause ROUTE_WO_SRC=`echo $ROUTE | sed "s/$MATCHROUTE/\1\5/"` + # using "src " only returns output if there's a match + if [ "$OCF_RESKEY_destination" != "0.0.0.0/0" ]; then + [ -z "$ROUTE" ] && return 1 || return 0 + fi + [ -z "$SRCIP" ] && return 1 [ $SRCIP = $1 ] && return 0 return 2 @@ -247,8 +260,14 @@ [ $rc = 2 ] && errorexit "The address you specified to stop does not match the preferred source address" - $IP2UTIL route replace $TABLE $NETWORK dev $INTERFACE || \ - errorexit "command 'ip route replace $TABLE $NETWORK dev $INTERFACE' failed" + OPTS="" + if [ "$OCF_RESKEY_destination" != "0.0.0.0/0" ] ;then + PRIMARY_IP="$($IP2UTIL -4 -o addr show dev $INTERFACE primary | awk '{split($4,a,"/");print a[1]}')" + OPTS="proto kernel scope host src $PRIMARY_IP" + fi + + $IP2UTIL route replace $TABLE $NETWORK dev $INTERFACE $OPTS || \ + errorexit "command 'ip route replace $TABLE $NETWORK dev $INTERFACE $OPTS' failed" if [ "$OCF_RESKEY_destination" = "0.0.0.0/0" ] ;then $CMDCHANGE $ROUTE_WO_SRC || \ diff -Nru resource-agents-4.4.0/heartbeat/iSCSILogicalUnit.in resource-agents-4.5.0/heartbeat/iSCSILogicalUnit.in --- resource-agents-4.4.0/heartbeat/iSCSILogicalUnit.in 2019-10-23 07:48:11.000000000 +0000 +++ resource-agents-4.5.0/heartbeat/iSCSILogicalUnit.in 2020-03-06 09:49:12.000000000 +0000 @@ -64,6 +64,9 @@ # set 0 as a default value for lio iblock device number OCF_RESKEY_lio_iblock_default=0 OCF_RESKEY_lio_iblock=${OCF_RESKEY_lio_iblock:-$OCF_RESKEY_lio_iblock_default} +# Set LIO-T backend default as 'block' +OCF_RESKEY_liot_bstype_default="block" +: ${OCF_RESKEY_liot_bstype=${OCF_RESKEY_liot_bstype_default}} ## tgt specifics # tgt has "backing store type" and "backing store open flags", @@ -71,6 +74,9 @@ # # suggestions how to make this generic accross all supported implementations? # how should they be named, how should they be mapped to implementation specifics? +# # Conversation: Due to the phase out of most implementations other than lio-t +# # I have decided to use specific implementation of tgt_bstype like key for +# # lio-t. # # OCF_RESKEY_tgt_bstype # OCF_RESKEY_tgt_bsoflags @@ -89,7 +95,7 @@ 0.9 -Manages iSCSI Logical Unit. An iSCSI Logical unit is a subdivision of +Manages iSCSI Logical Unit. An iSCSI Logical unit is a subdivision of an SCSI Target, exported via a daemon that speaks the iSCSI protocol. Manages iSCSI Logical Units (LUs) @@ -143,7 +149,11 @@ The SCSI serial number to be configured for this Logical Unit. -The default is a hash of the resource name, truncated to 8 bytes. +The default is a hash of the resource name, truncated to 8 bytes, +meaning 26 hex characters. +If you are using XenServer with multipath as iSCSI client, you +MUST make sure this value is set, or else XenServer multipath will +not be able to access the LUN SCSI serial number @@ -268,6 +278,18 @@ + + +LIO-T specific backing store type. If you want to use aio, +set this to 'block'. If you want to use async IO, set this to 'fileio'. +Async I/O works also with block devices, however - you need to understand +the consequences. See targetcli(8). If using file backend, you need to create this file in +advance. + +LIO-T backing store type + + + @@ -407,15 +429,26 @@ iblock_attrib_path="/sys/kernel/config/target/core/iblock_${OCF_RESKEY_lio_iblock}/${OCF_RESOURCE_INSTANCE}/attrib" # For lio, we first have to create a target device, then # add it to the Target Portal Group as an LU. - ocf_run targetcli /backstores/block create name=${OCF_RESOURCE_INSTANCE} dev=${OCF_RESKEY_path} || exit $OCF_ERR_GENERIC + # Handle differently 'block' and 'fileio' + if [ "${OCF_RESKEY_liot_bstype}" = "block" ] + then + ocf_run targetcli /backstores/${OCF_RESKEY_liot_bstype} create name=${OCF_RESOURCE_INSTANCE} dev=${OCF_RESKEY_path} $(test -n "$OCF_RESKEY_scsi_sn" && echo "wwn=${OCF_RESKEY_scsi_sn}") || exit $OCF_ERR_GENERIC + elif [ "${OCF_RESKEY_liot_bstype}" = "fileio" ] + then + ocf_run targetcli /backstores/${OCF_RESKEY_liot_bstype} create ${OCF_RESOURCE_INSTANCE} ${OCF_RESKEY_path} $(test -n "$OCF_RESKEY_scsi_sn" && echo "wwn=${OCF_RESKEY_scsi_sn}") || exit $OCF_ERR_GENERIC + fi if [ -n "${OCF_RESKEY_scsi_sn}" ]; then echo ${OCF_RESKEY_scsi_sn} > /sys/kernel/config/target/core/iblock_${OCF_RESKEY_lio_iblock}/${OCF_RESOURCE_INSTANCE}/wwn/vpd_unit_serial fi - ocf_run targetcli /iscsi/${OCF_RESKEY_target_iqn}/tpg1/luns create /backstores/block/${OCF_RESOURCE_INSTANCE} ${OCF_RESKEY_lun} || exit $OCF_ERR_GENERIC + ocf_run targetcli /iscsi/${OCF_RESKEY_target_iqn}/tpg1/luns create /backstores/${OCF_RESKEY_liot_bstype}/${OCF_RESOURCE_INSTANCE} ${OCF_RESKEY_lun} || exit $OCF_ERR_GENERIC if $(ip a | grep -q inet6); then - ocf_run -q targetcli /iscsi/${OCF_RESKEY_target_iqn}/tpg1/portals delete 0.0.0.0 3260 - ocf_run -q targetcli /iscsi/${OCF_RESKEY_target_iqn}/tpg1/portals create ::0 + # Solving the 0.0.0.0 conversion to IPv6 when using specific portal addresses + if $(ocf_run -q targetcli /iscsi/${OCF_RESKEY_target_iqn}/tpg1/portals | grep -q 0.0.0.0) + then + ocf_run -q targetcli /iscsi/${OCF_RESKEY_target_iqn}/tpg1/portals delete 0.0.0.0 3260 + ocf_run -q targetcli /iscsi/${OCF_RESKEY_target_iqn}/tpg1/portals create ::0 + fi fi if [ -n "${OCF_RESKEY_allowed_initiators}" ]; then @@ -506,7 +539,7 @@ # delete the backstore, then something is seriously # wrong and we need to fail the stop operation # (potentially causing fencing) - ocf_run targetcli /backstores/block delete ${OCF_RESOURCE_INSTANCE} || exit $OCF_ERR_GENERIC + ocf_run targetcli /backstores/${OCF_RESKEY_liot_bstype} delete ${OCF_RESOURCE_INSTANCE} || exit $OCF_ERR_GENERIC ;; esac @@ -645,13 +678,13 @@ iet) # IET does not support setting the vendor and product ID # (it always uses "IET" and "VIRTUAL-DISK") - unsupported_params="vendor_id product_id allowed_initiators lio_iblock tgt_bstype tgt_bsoflags tgt_bsopts tgt_device_type emulate_tpu emulate_3pc emulate_caw" + unsupported_params="vendor_id product_id allowed_initiators lio_iblock tgt_bstype tgt_bsoflags tgt_bsopts tgt_device_type emulate_tpu emulate_3pc emulate_caw liot_bstype" ;; tgt) - unsupported_params="allowed_initiators lio_iblock emulate_tpu emulate_3pc emulate_caw" + unsupported_params="allowed_initiators lio_iblock emulate_tpu emulate_3pc emulate_caw liot_bstype" ;; lio) - unsupported_params="scsi_id vendor_id product_id tgt_bstype tgt_bsoflags tgt_bsopts tgt_device_type emulate_tpu emulate_3pc emulate_caw" + unsupported_params="scsi_id vendor_id product_id tgt_bstype tgt_bsoflags tgt_bsopts tgt_device_type emulate_tpu emulate_3pc emulate_caw liot_bstype" ;; lio-t) unsupported_params="scsi_id vendor_id product_id tgt_bstype tgt_bsoflags tgt_bsopts tgt_device_type lio_iblock" @@ -662,7 +695,7 @@ envar=OCF_RESKEY_${var} defvar=OCF_RESKEY_${var}_default if [ -n "${!envar}" ]; then - if [[ "${!envar}" != "${!defvar}" ]];then + if [[ "${!envar}" != "${!defvar}" ]]; then case "$__OCF_ACTION" in start|validate-all) ocf_log warn "Configuration parameter \"${var}\"" \ diff -Nru resource-agents-4.4.0/heartbeat/LVM-activate resource-agents-4.5.0/heartbeat/LVM-activate --- resource-agents-4.4.0/heartbeat/LVM-activate 2019-10-23 07:48:11.000000000 +0000 +++ resource-agents-4.5.0/heartbeat/LVM-activate 2020-03-06 09:49:12.000000000 +0000 @@ -114,6 +114,18 @@ if using the cluster to manage at least one of them. If you manage some manually, the stop action of the lvmlockd agent may fail and the node may get fenced, because some DLM lockspaces might be in use and cannot be closed automatically. + +Option: OCF_CHECK_LEVEL + +The standard monitor operation of depth 0 checks if the VG or LV is valid. +If you want deeper tests, set OCF_CHECK_LEVEL to 10: + + 10: read first 1 byte of the underlying device (raw read) + +If there are many underlying devs in VG, it will only read one of the devs. +This is not perfect solution for detecting underlying devices livable. +e.g. iscsi SAN IO timeout will return EIO, and it makes monitor failed. + This agent activates/deactivates logical volumes. @@ -779,6 +791,7 @@ # This is AllBad but there isn't a better way that I'm aware of yet. lvm_status() { local dm_count + local dm_name if [ -n "${LV}" ]; then # dmsetup ls? It cannot accept device name. It's @@ -792,7 +805,25 @@ return $OCF_NOT_RUNNING fi - return $OCF_SUCCESS + if [ $OCF_CHECK_LEVEL -gt 0 ]; then + case "$OCF_CHECK_LEVEL" in + 10) + # if there are many lv in vg dir, pick the first name + dm_name="/dev/${VG}/$(ls -1 /dev/${VG} | head -n 1)" + + # read 1 byte to check the dev is alive + dd if=${dm_name} of=/dev/null bs=1 count=1 >/dev/null 2>&1 + if [ $? -ne 0 ]; then + return $OCF_NOT_RUNNING + fi + return $OCF_SUCCESS + ;; + *) + ocf_exit_reason "unsupported monitor level $OCF_CHECK_LEVEL" + rc=$OCF_ERR_CONFIGURED + ;; + esac + fi } lvm_start() { diff -Nru resource-agents-4.4.0/heartbeat/lvmlockd resource-agents-4.5.0/heartbeat/lvmlockd --- resource-agents-4.4.0/heartbeat/lvmlockd 2019-10-23 07:48:11.000000000 +0000 +++ resource-agents-4.5.0/heartbeat/lvmlockd 2020-03-06 09:49:12.000000000 +0000 @@ -190,19 +190,31 @@ # To use lvmlockd, ensure configure lvm.conf: # locking_type = 1 # use_lvmlockd = 1 - out=$(lvmconfig 'global/use_lvmlockd') + out=$(lvmconfig 'global/use_lvmlockd' 2> /dev/null) use_lvmlockd=$(echo "$out" | cut -d'=' -f2) - out=$(lvmconfig 'global/locking_type') + out=$(lvmconfig 'global/locking_type' 2> /dev/null) lock_type=$(echo "$out" | cut -d'=' -f2) - if [ "$use_lvmlockd" -ne 1 ] ; then + if [ -n "$use_lvmlockd" ] && [ "$use_lvmlockd" != 1 ] ; then ocf_log info "setting \"use_lvmlockd=1\" in /etc/lvm/lvm.conf ..." sed -i 's,^[[:blank:]]*use_lvmlockd[[:blank:]]*=.*,\ \ \ \ use_lvmlockd = 1,g' /etc/lvm/lvm.conf fi - if [ "$lock_type" -ne 1 ] ; then - ocf_log info "setting \"locking_type=1\" in /etc/lvm/lvm.conf ..." - sed -i 's,^[[:blank:]]*locking_type[[:blank:]]*=.*,\ \ \ \ locking_type = 1,g' /etc/lvm/lvm.conf + if [ -n "$lock_type" ] ; then + # locking_type was removed from config in v2.03 + ocf_version_cmp "$(lvmconfig --version | awk '/LVM ver/ {sub(/\(.*/, "", $3); print $3}')" "2.03" + case "$?" in + 1|2) + ocf_log info "removing \"locking_type\" from /etc/lvm/lvm.conf ..." + sed -i '/^[[:blank:]]*locking_type[[:blank:]]*=.*/d' /etc/lvm/lvm.conf + ;; + 0) + if [ "$lock_type" != 1 ] ; then + ocf_log info "setting \"locking_type=1\" in /etc/lvm/lvm.conf ..." + sed -i 's,^[[:blank:]]*locking_type[[:blank:]]*=.*,\ \ \ \ locking_type = 1,g' /etc/lvm/lvm.conf + fi + ;; + esac fi return $OCF_SUCCESS diff -Nru resource-agents-4.4.0/heartbeat/MailTo resource-agents-4.5.0/heartbeat/MailTo --- resource-agents-4.4.0/heartbeat/MailTo 2019-10-23 07:48:11.000000000 +0000 +++ resource-agents-4.5.0/heartbeat/MailTo 2020-03-06 09:49:12.000000000 +0000 @@ -67,7 +67,7 @@ The email address of sysadmin. Email address - + diff -Nru resource-agents-4.4.0/heartbeat/mysql-common.sh resource-agents-4.5.0/heartbeat/mysql-common.sh --- resource-agents-4.4.0/heartbeat/mysql-common.sh 2019-10-23 07:48:11.000000000 +0000 +++ resource-agents-4.5.0/heartbeat/mysql-common.sh 2020-03-06 09:49:12.000000000 +0000 @@ -239,8 +239,8 @@ --datadir=$OCF_RESKEY_datadir \ --log-error=$OCF_RESKEY_log \ $OCF_RESKEY_additional_parameters \ - $mysql_extra_params >/dev/null 2>&1 & - pid=$!" + $mysql_extra_params >/dev/null 2>&1" & + pid=$! # Spin waiting for the server to come up. # Let the CRM/LRM time us out if required. diff -Nru resource-agents-4.4.0/heartbeat/ocf-binaries.in resource-agents-4.5.0/heartbeat/ocf-binaries.in --- resource-agents-4.4.0/heartbeat/ocf-binaries.in 2019-10-23 07:48:11.000000000 +0000 +++ resource-agents-4.5.0/heartbeat/ocf-binaries.in 2020-03-06 09:49:12.000000000 +0000 @@ -26,6 +26,8 @@ : ${GREP:=grep} : ${IFCONFIG:=ifconfig} : ${IPTABLES:=iptables} +## for cases that are known not to be serviceable with iptables-nft impl. +: ${IPTABLES_LEGACY:=iptables-legacy} : ${IP2UTIL:=ip} : ${MDADM:=mdadm} : ${MODPROBE:=modprobe} diff -Nru resource-agents-4.4.0/heartbeat/ocf-shellfuncs.in resource-agents-4.5.0/heartbeat/ocf-shellfuncs.in --- resource-agents-4.4.0/heartbeat/ocf-shellfuncs.in 2019-10-23 07:48:11.000000000 +0000 +++ resource-agents-4.5.0/heartbeat/ocf-shellfuncs.in 2020-03-06 09:49:12.000000000 +0000 @@ -22,7 +22,7 @@ # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # -# Build version: 9b45bb6a896ae9fec450450b553be1ac2a14fb9b +# Build version: fee181320547365d7f8c88cca2b32801412b933d # TODO: Some of this should probably split out into a generic OCF # library for shell scripts, but for the time being, we'll just use it diff -Nru resource-agents-4.4.0/heartbeat/oralsnr resource-agents-4.5.0/heartbeat/oralsnr --- resource-agents-4.4.0/heartbeat/oralsnr 2019-10-23 07:48:11.000000000 +0000 +++ resource-agents-4.5.0/heartbeat/oralsnr 2020-03-06 09:49:12.000000000 +0000 @@ -116,7 +116,7 @@ - + Full path to the directory that contains the Oracle listener tnsnames.ora configuration file. The shell diff -Nru resource-agents-4.4.0/heartbeat/pgsql resource-agents-4.5.0/heartbeat/pgsql --- resource-agents-4.4.0/heartbeat/pgsql 2019-10-23 07:48:11.000000000 +0000 +++ resource-agents-4.5.0/heartbeat/pgsql 2020-03-06 09:49:12.000000000 +0000 @@ -700,7 +700,7 @@ fi if [ "$output" = "f" ]; then - ocf_log info "PostgreSQL is alredy Master. Don't execute promote." + ocf_log info "PostgreSQL is already Master. Don't execute promote." return $OCF_SUCCESS fi @@ -720,7 +720,11 @@ ocf_log info "Restarting PostgreSQL instead of promote." #stop : this function returns $OCF_SUCCESS only. pgsql_real_stop slave - rm -f $RECOVERY_CONF + if "${USE_STANDBY_SIGNAL}"; then + rm -f ${OCF_RESKEY_pgdata}/standby.signal + else + rm -f $RECOVERY_CONF + fi pgsql_real_start rc=$? if [ $rc -ne $OCF_RUNNING_MASTER ]; then @@ -1612,12 +1616,24 @@ fi cat > $RECOVERY_CONF <> $RECOVERY_CONF <> $RECOVERY_CONF ocf_log debug "Created recovery.conf. host=${OCF_RESKEY_master_ip}, user=${OCF_RESKEY_repuser}" return 0 @@ -1835,6 +1851,7 @@ local version local check_config_rc local rep_mode_string + local recovery_conf_string local socket_directories local rc @@ -1898,6 +1915,22 @@ ocf_exit_reason "Replication mode needs PostgreSQL 9.1 or higher." return $OCF_ERR_INSTALLED fi + ocf_version_cmp "$version" "12" + rc=$? + if [ $rc -eq 1 ]||[ $rc -eq 2 ]; then + # change the standby method for PosrgreSQL 12 or later. + USE_STANDBY_SIGNAL=true + # change the path to recovery.conf because it cause PostgreSQL start error. + RECOVERY_CONF=${OCF_RESKEY_tmpdir}/recovery.conf + if [ $check_config_rc -eq 0 ]; then + # adding recovery parameters to postgresql.conf. + recovery_conf_string="include '$RECOVERY_CONF' # added by pgsql RA" + if ! grep -q "^[[:space:]]*$recovery_conf_string" $OCF_RESKEY_config; then + ocf_log info "adding include directive $recovery_conf_string into $OCF_RESKEY_config" + echo "$recovery_conf_string" >> $OCF_RESKEY_config + fi + fi + fi if [ ! -n "$OCF_RESKEY_master_ip" ]; then ocf_exit_reason "master_ip can't be empty." return $OCF_ERR_CONFIGURED @@ -2107,6 +2140,7 @@ PGSQL_WAL_RECEIVER_STATUS_ATTR="${RESOURCE_NAME}-receiver-status" RECOVERY_CONF=${OCF_RESKEY_pgdata}/recovery.conf NODENAME=$(ocf_local_nodename | tr '[A-Z]' '[a-z]') +USE_STANDBY_SIGNAL=false case "$1" in methods) pgsql_methods diff -Nru resource-agents-4.4.0/heartbeat/podman resource-agents-4.5.0/heartbeat/podman --- resource-agents-4.4.0/heartbeat/podman 2019-10-23 07:48:11.000000000 +0000 +++ resource-agents-4.5.0/heartbeat/podman 2020-03-06 09:49:12.000000000 +0000 @@ -441,31 +441,7 @@ image_exists() { - # if no tag was specified, use default "latest" - local COLON_FOUND=0 - local SLASH_FOUND=0 - local SERVER_NAME="" - local IMAGE_NAME="${OCF_RESKEY_image}" - local IMAGE_TAG="latest" - - SLASH_FOUND="$(echo "${OCF_RESKEY_image}" | grep -o '/' | grep -c .)" - - if [ ${SLASH_FOUND} -ge 1 ]; then - SERVER_NAME="$(echo ${IMAGE_NAME} | cut -d / -f 1-${SLASH_FOUND})" - IMAGE_NAME="$(echo ${IMAGE_NAME} | awk -F'/' '{print $NF}')" - fi - - COLON_FOUND="$(echo "${IMAGE_NAME}" | grep -o ':' | grep -c .)" - if [ ${COLON_FOUND} -ge 1 ]; then - IMAGE_TAG="$(echo ${IMAGE_NAME} | awk -F':' '{print $NF}')" - IMAGE_NAME="$(echo ${IMAGE_NAME} | cut -d : -f 1-${COLON_FOUND})" - fi - - # IMAGE_NAME might be following formats: - # - image - # - repository:port/image - # - docker.io/image (some distro will display "docker.io/" as prefix) - podman images | awk '{print $1 ":" $2}' | egrep -q -s "^(docker.io\/|${SERVER_NAME}\/)?${IMAGE_NAME}:${IMAGE_TAG}\$" + podman image exists "${OCF_RESKEY_image}" if [ $? -eq 0 ]; then # image found return 0 diff -Nru resource-agents-4.4.0/heartbeat/rabbitmq-cluster resource-agents-4.5.0/heartbeat/rabbitmq-cluster --- resource-agents-4.4.0/heartbeat/rabbitmq-cluster 2019-10-23 07:48:11.000000000 +0000 +++ resource-agents-4.5.0/heartbeat/rabbitmq-cluster 2020-03-06 09:49:12.000000000 +0000 @@ -552,6 +552,7 @@ if [ $rc -ne 0 ]; then ocf_log err "rabbitmq-server stop command failed: $RMQ_CTL stop, $rc" + rmq_delete_nodename return $rc fi @@ -565,6 +566,7 @@ break elif [ "$rc" -ne $OCF_SUCCESS ]; then ocf_log info "rabbitmq-server stop failed: $rc" + rmq_delete_nodename exit $OCF_ERR_GENERIC fi sleep 1 diff -Nru resource-agents-4.4.0/heartbeat/redis.in resource-agents-4.5.0/heartbeat/redis.in --- resource-agents-4.4.0/heartbeat/redis.in 2019-10-23 07:48:11.000000000 +0000 +++ resource-agents-4.5.0/heartbeat/redis.in 2020-03-06 09:49:12.000000000 +0000 @@ -698,15 +698,15 @@ } redis_validate() { - if [[ -x "$REDIS_SERVER" ]]; then + if [[ ! -x "$REDIS_SERVER" ]]; then ocf_log err "validate: $REDIS_SERVER does not exist or is not executable" return $OCF_ERR_INSTALLED fi - if [[ -x "$REDIS_CLIENT" ]]; then + if [[ ! -x "$REDIS_CLIENT" ]]; then ocf_log err "validate: $REDIS_CLIENT does not exist or is not executable" return $OCF_ERR_INSTALLED fi - if [[ -f "$REDIS_CONFIG" ]]; then + if [[ ! -f "$REDIS_CONFIG" ]]; then ocf_log err "validate: $REDIS_CONFIG does not exist" return $OCF_ERR_CONFIGURED fi diff -Nru resource-agents-4.4.0/heartbeat/SAPInstance resource-agents-4.5.0/heartbeat/SAPInstance --- resource-agents-4.4.0/heartbeat/SAPInstance 2019-10-23 07:48:11.000000000 +0000 +++ resource-agents-4.5.0/heartbeat/SAPInstance 2020-03-06 09:49:12.000000000 +0000 @@ -356,6 +356,8 @@ InstanceNr=`echo "$InstanceName" | sed 's/.*\([0-9][0-9]\)$/\1/'` SAPVIRHOST=`echo "$myInstanceName" | cut -d_ -f3` + # make sure that we don't care the content of variable from previous run of sapinstance_init + DIR_EXECUTABLE="" # optional OCF parameters, we try to guess which directories are correct if [ -z "$OCF_RESKEY_DIR_EXECUTABLE" ] then diff -Nru resource-agents-4.4.0/ldirectord/ldirectord.in resource-agents-4.5.0/ldirectord/ldirectord.in --- resource-agents-4.4.0/ldirectord/ldirectord.in 2019-10-23 07:48:11.000000000 +0000 +++ resource-agents-4.5.0/ldirectord/ldirectord.in 2020-03-06 09:49:12.000000000 +0000 @@ -1496,6 +1496,9 @@ } elsif ($rcmd =~ /^persistent\s*=\s*(.*)/) { $1 =~ /(\d+)/ or &config_error($line, "invalid persistent timeout"); $vsrv{persistent} = $1; + } elsif ($rcmd =~ /^schedflags\s*=\s*(.*)/) { + $1 =~ /(\S+)/ or &config_error($line, "invalid sched-flags"); + $vsrv{schedflags} = $1; } elsif ($rcmd =~ /^netmask\s*=\s*(.*)/) { my $val = $1; if ($vsrv{addressfamily} == AF_INET6) { @@ -2286,6 +2289,9 @@ $$v{flags} .= "-p $$v{persistent} "; $$v{flags} .= "-M $$v{netmask} " if defined ($$v{netmask}); } + if (defined $$v{schedflags}) { + $$v{flags} .= "-b $$v{schedflags} "; + } my $real = $$v{real}; for my $r (@$real) { $$r{forw} = get_forward_flag($$r{forward}); diff -Nru resource-agents-4.4.0/resource-agents.spec.in resource-agents-4.5.0/resource-agents.spec.in --- resource-agents-4.4.0/resource-agents.spec.in 2019-10-23 07:48:11.000000000 +0000 +++ resource-agents-4.5.0/resource-agents.spec.in 2020-03-06 09:49:12.000000000 +0000 @@ -98,6 +98,9 @@ # nfsserver / netfs.sh Requires: /usr/sbin/rpc.nfsd /sbin/rpc.statd /usr/sbin/rpc.mountd +# ocf-distro +Requires: lsb-release + # rgmanager %if %{with rgmanager} # ip.sh