1 %define initdir %{_sysconfdir}/init.d
5 Packager: Samba Team <samba@samba.org>
9 License: GNU GPL version 3
10 Group: System Environment/Daemons
11 URL: http://ctdb.samba.org/
13 Source: ctdb-%{version}.tar.gz
15 Prereq: /bin/mktemp /usr/bin/killall
16 Prereq: fileutils sed /etc/init.d
17 Prereq: /usr/bin/tdbdump /usr/bin/tdbtool
19 Provides: ctdb = %{version}
22 BuildRoot: %{_tmppath}/%{name}-%{version}-root
25 ctdb is the clustered database used by samba
28 #######################################################################
34 # setup the init script and sysconfig file
35 %setup -T -D -n ctdb-%{version} -q
40 if ccache -h >/dev/null 2>&1 ; then
48 ## always run autogen.sh
51 CFLAGS="$RPM_OPT_FLAGS $EXTRA -O0 -D_GNU_SOURCE -DCTDB_VERS=\"%{version}-%{release}\"" ./configure \
53 --sysconfdir=%{_sysconfdir} \
55 --localstatedir="/var"
57 make docdir=%{_docdir} showflags
58 make docdir=%{_docdir}
61 # Clean up in case there is trash left from a previous build
62 rm -rf $RPM_BUILD_ROOT
64 # Create the target build directory hierarchy
65 mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig
66 mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/init.d
68 make DESTDIR=$RPM_BUILD_ROOT docdir=%{_docdir} install
70 install -m644 config/ctdb.sysconfig $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/ctdb
71 install -m755 config/ctdb.init $RPM_BUILD_ROOT%{initdir}/ctdb
73 mkdir -p $RPM_BUILD_ROOT%{_docdir}/ctdb/tests/bin
74 install -m755 tests/bin/ctdb_transaction $RPM_BUILD_ROOT%{_docdir}/ctdb/tests/bin
76 # Remove "*.old" files
77 find $RPM_BUILD_ROOT -name "*.old" -exec rm -f {} \;
80 rm -rf $RPM_BUILD_ROOT
83 #######################################################################
85 #######################################################################
90 %config(noreplace) %{_sysconfdir}/sysconfig/ctdb
91 %config(noreplace) %{_sysconfdir}/ctdb/notify.sh
92 %config(noreplace) %{_sysconfdir}/ctdb/ctdb-crash-cleanup.sh
93 %config(noreplace) %{_sysconfdir}/ctdb/functions
94 %attr(755,root,root) %{initdir}/ctdb
96 %{_docdir}/ctdb/README.eventscripts
97 %{_docdir}/ctdb/recovery-process.txt
98 %{_sysconfdir}/ctdb/events.d/00.ctdb
99 %{_sysconfdir}/ctdb/events.d/01.reclock
100 %{_sysconfdir}/ctdb/events.d/10.interface
101 %{_sysconfdir}/ctdb/events.d/13.per_ip_routing
102 %{_sysconfdir}/ctdb/events.d/11.natgw
103 %{_sysconfdir}/ctdb/events.d/11.routing
104 %{_sysconfdir}/ctdb/events.d/20.multipathd
105 %{_sysconfdir}/ctdb/events.d/31.clamd
106 %{_sysconfdir}/ctdb/events.d/40.vsftpd
107 %{_sysconfdir}/ctdb/events.d/41.httpd
108 %{_sysconfdir}/ctdb/events.d/50.samba
109 %{_sysconfdir}/ctdb/events.d/60.nfs
110 %{_sysconfdir}/ctdb/events.d/62.cnfs
111 %{_sysconfdir}/ctdb/events.d/70.iscsi
112 %{_sysconfdir}/ctdb/events.d/91.lvs
113 %{_sysconfdir}/ctdb/statd-callout
114 %{_sysconfdir}/ctdb/interface_modify.sh
119 %{_bindir}/ctdb_diagnostics
121 %{_mandir}/man1/ctdb.1.gz
122 %{_mandir}/man1/ctdbd.1.gz
123 %{_mandir}/man1/onnode.1.gz
124 %{_libdir}/pkgconfig/ctdb.pc
126 %{_docdir}/ctdb/tests/bin/ctdb_transaction
129 Summary: CTDB developmnet libraries
133 development libraries for ctdb
136 %defattr(-,root,root)
137 %{_includedir}/ctdb.h
138 %{_includedir}/ctdb_client.h
139 %{_includedir}/ctdb_protocol.h
140 %{_includedir}/ctdb_private.h
141 %{_includedir}/ctdb_typesafe_cb.h
145 * Mon Aug 30 2010 : Version 1.2.4
146 - fix a bug in the ipreallocate eventscript handling
147 - remove a debug logentry
148 * Mon Aug 30 2010 : Version 1.2.3
149 - finish moving CTDB off the udnerlying filesystem.
150 both tickles and statd information
151 - new infrastructure to support the above
152 - move configuration of public addresses into a config persistent database
154 - infrastructure for the above
155 * Fri Aug 20 2010 : Version 1.2
156 - Initial version 1.2 release
157 * Tue May 25 2010 : Version 1.9
159 * Wed Mar 25 2010 : Version 1.0.114
160 - Lots of changes from Metze
161 * Wed Jan 13 2010 : Version 1.0.113
162 - Incorrect use of dup2() could cause ctdb to spin eating 100% cpu.
163 * Tue Jan 12 2010 : Version 1.0.112
164 - Revert the use of wbinfo --ping-dc as it is proving too unreliable.
165 - Minor testsuite changes.
166 * Fri Dec 18 2009 : Version 1.0.111
167 - Fix a logging bug when an eventscript is aborted that could cause a crash.
168 - Add back cb_status that was lost in a previous commit.
169 * Fri Dec 18 2009 : Version 1.0.110
170 - Metxe: fix for filedescriptor leak in the new eventscript code.
171 - Rusty: fix for a crash bug in the eventscript code.
172 * Thu Dec 17 2009 : Version 1.0.109
173 - Massive eventscript updates. (bz58828)
174 - Nice the daemon instead of using realtime scheduler, also use mlockall() to
175 reduce the risk of blockign due to paging.
176 - Workarounds for valgrind when forking once for each script. Valgrind consumes
177 massive cpu when terminating the scripts on virtual systems.
178 - Sync the tdb library with upstream, and use the new TDB_DISALLOW_NESTING flag.
179 - Add new command "ctdb dumpdbbackup"
180 - Start using the new tdb check framework to validate tdb files upon startup.
181 - A new framework where we can control health for individual tdb databases.
182 - Fix a crash bug in the logging code.
183 - New transaction code for persistent databases.
184 - Various other smaller fixes.
185 * Mon Dec 7 2009 : Version 1.0.108
186 - Transaction updates from Michael Adam.
187 - Use the new wbinfo --ping-dc instead of -p in the eventscript for samba
188 the check if winbindd is ok.
189 - Add a better "process-exist" for samba so it will automatically
190 reap smbd's on stopped and banned nodes to reclaim subrecords.
191 This will be done a bit differently in the next release.
192 - Use a statically allocated buffer for the 'first-time' capture buffer
193 to reduce the pressure on malloc/free.
194 * Wed Dec 2 2009 : Version 1.0.107
195 - fix for rusty to solve a double-free that can happen when there are
196 multiple packets queued and the connection is destroyed before
197 all packets are processed.
198 * Tue Dec 1 2009 : Version 1.0.106
199 - Buildscript changes from Michael Adam
200 - Dont do a full recovery when there is a mismatch detected for ip addresses,
201 just do a less disruptive ip-reallocation
202 - When starting ctdbd, wait until all initial recoveries have finished
203 before we issue the "startup" event.
204 So dont start services or monitoring until the cluster has
206 - Major eventscript overhaul by Ronnie, Rusty and Martins and fixes of a few
208 * Thu Nov 19 2009 : Version 1.0.105
209 - Fix a bug where we could SEGV if multiple concurrent "ctdb eventscript ..."
210 are used and some of them block.
211 - Monitor the daemon from the syslog child process so we shutdown cleanly when
212 the main daemon terminates.
213 - Add a 500k line ringbuffer in memory where all log messages are stored.
214 - Add a "ctdb getlog <level>" command to pull log messages from the in memory
216 - From martin : fixes to cifs and nfs autotests
217 - from michael a : fix a bashism in 11.natgw
218 * Fri Nov 6 2009 : Version 1.0.104
219 - Suggestion from Metze, we can now use killtcp to kill local connections
220 for nfs so change the killtcp script to kill both directions of an NFS
222 We used to deliberately only kill one direction in these cases due to
224 - Suggestion from christian Ambach, when using natgw, try to avoid using a
225 UNHEALTHY node as the natgw master.
226 - From Michael Adam: Fix a SEGV bug in the recent change to the eventscripts
227 to allow the timeout to apply to each individual script.
228 - fix a talloc bug in teh vacuuming code that produced nasty valgrind
230 - From Rusty: Set up ulimit to create core files for ctdb, and spawned
231 processes by default. This is useful for debugging and testing but can be
232 disabled by setting CTDB_SUPRESS_COREFILE=yes in the sysconfig file.
233 - Remove the wbinfo -t check from the startup check that winbindd is happy.
234 - Enhance the test for bond devices so we also check if the sysadmin have
235 disabled all slave devices using "ifdown".
236 * Tue Nov 3 2009 : Version 1.0.103
237 - Dont use vacuuming on persistent databases
238 - Michael A : transaction updates to persistent databases
239 - Dont activate service automatically when installing the RPM. Leave this to the admin.
240 - Create a child process to send all log messages to, to prevent a hung/slow syslogd
241 from blocking the main daemon. In this case, discard log messages instead and let the child
243 - Michael A: updates to log messages
244 * Thu Oct 29 2009 : Version 1.0.102
245 - Wolfgang: fix for the vacuuming code
246 - Wolfgang: stronger tests for persistent database filename tests
247 - Improve the log message when we refuse to startup since wbinfo -t fails
248 to make it easier to spot in the log.
249 - Update the uptime command output and the man page to indicate that
250 "time since last ..." if from either the last recovery OR the last failover
251 - Michael A: transaction updates
252 * Wed Oct 28 2009 : Version 1.0.101
253 - create a separate context for non-monitoring events so they dont interfere with the monitor event
254 - make sure to return status 0 in teh callback when we abort an event
255 * Wed Oct 28 2009 : Version 1.0.100
256 - Change eventscript handling to allow EventScriptTimeout for each individual script instead of for all scripts as a whole.
257 - Enhanced logging from the eventscripts, log the name and the duration for each script as it finishes.
258 - Add a check to use wbinfo -t for the startup event of samba
259 - TEMP: allow clients to attach to databases even when teh node is in recovery mode
260 - dont run the monitor event as frequently after an event has failed
261 - DEBUG: in the eventloops, check the local time and warn if the time changes backward or rapidly forward
262 - From Metze, fix a bug where recovery master becoming unhealthy did not trigger an ip failover.
263 - Disable the multipath script by default
264 - Automatically re-activate the reclock checking if the reclock file is specified at runtime. Update manpage to reflect this.
265 - Add a mechanism where samba can register a SRVID and if samba unexpectedly disconnects, a message will be broadcasted to all other samba daemons.
266 - Log the pstree on hung scripts to a file in /tmp isntead of /var/log/messages
267 - change ban count before unhealthy/banned to 10
268 * Thu Oct 22 2009 : Version 1.0.99
269 - Fix a SEGV in the new db priority code.
270 - From Wolfgang : eliminate a ctdb_fatal() if there is a dmaster violation detected.
271 - During testing we often add/delete eventscripts at runtime. This could cause an eventscript to fail and mark the node unhealthy if an eventscript was deleted while we were listing the names. Handle the errorcode and make sure the node does not becomne unhealthy in this case.
272 - Lower the debuglevel for the messages when ctdb creates a filedescruiptor so we dont spam the logs with these messages.
273 - Dont have the RPM automatically restart ctdb
274 - Volker : add a missing transaction_cancel() in the handling of persistent databases
275 - Treat interfaces with the anme ethX* as bond devices in 10.interfaces so we do the correct test for if they are up or not.
276 * Tue Oct 20 2009 : Version 1.0.98
277 - Fix for the vacuuming database from Wolfgang M
278 - Create a directory where the test framework can put temporary overrides
279 to variables and functions.
280 - Wait a lot longer before shutting down the node when the reclock file
281 is incorrectly configured, and log where it is configured.
282 - Try to avoid running the "monitor" event when databases are frozen.
283 - Add logging for every time we create a filedescriptor so we can trap
285 * Thu Oct 14 2009 : Version 1.0.97
286 - From martins : update onnode.
287 Update onnode to allow specifying an alternative nodes file from
288 the command line and also to be able to specify hostnames on the
290 onnode host1,host2,...
291 * Tue Oct 13 2009 : Version 1.0.96
292 - Add more debugging output when eventscripts have trouble. Print a
293 "pstree -p" to the log when scripts have hung.
294 - Update the initscript, only print the "No reclock file used" warning
295 when we do "service ctdb start", dont also print them for all other
297 - When changing between unhealthy/healthy state, push a request to the
298 recovery master to perform an ip reallocation instead of waiting for the
299 recovery master to pull and check the state change.
300 - Fix a bug in the new db-priority handling where a pre-.95 recovery master
301 could no longer lock the databases on a post-.95 daemon.
302 - Always create the nfs state directories during the "monitor" event.
303 This makes it easier to configure and enable nfs at runtime.
304 - From Volker, forward-port a simper deadlock avoiding patch from the 1.0.82
305 branch. This is a simpler versionof the "db priority lock order" patch
306 that went into 1.0.95, and will be kept for a few versions until samba
307 has been updated to use the functionality from 1.0.95.
308 * Mon Oct 12 2009 : Version 1.0.95
309 - Add database priorities. Allow samba to set the priority of databases
310 and lock the databases in priority order during recovery
311 to avoid a deadlock when samba locks one database then blocks indefinitely
312 while waiting for the second databaso to become locked.
313 - Be aggressive and ban nodes where the recovery transaction start call
315 * Thu Oct 10 2009 : Version 1.0.94
316 - Be very aggressive and quickly ban nodes that can not freeze their databases
317 * Tue Oct 8 2009 : Version 1.0.93
318 - When adding an ip, make sure to update this assignment on all nodes
319 so it wont show up as -1 on other nodes.
320 - When adding an ip and immediately deleting it, it was possible that
321 the daemon would crash accessing already freed memory.
322 Readjust the memory hierarchy so the destructors are called in the right order.
323 - Add a handshake to the recovery daemon to eliminate some rare cases where
324 addip/delip might cause a recovery to occur.
325 - updated onnode documenation from Martin S
326 - Updates to the natgw eventscript to allow disabling natgw at runtime
327 * Fri Oct 2 2009 : Version 1.0.92
328 - Test updates and merge from martin
329 - Add notification for "startup"
330 - Add documentation for notification
331 - from martin, a fix for restarting vsftpd in the eventscript
332 * Tue Sep 29 2009 : Version 1.0.91
333 - New vacuum and repack design from Wolgang Mueller.
334 - Add a new eventscript 01.reclock that will first mark a node unhealthy and later ban the node if the reclock file can not be accessed.
335 - Add machinereadable output to the ctdb getreclock command
336 - merge transaction updates from Michael Adam
337 - In the new banning code, reset the culprit count to 0 for all nodes that could successfully compelte a full recovery.
338 - dont mark the recovery master as a ban culprit because a node in the cluster needs a recovery. this happens naturally when using ctdb recover command so dont make this cause a node to be banned.
339 * Sat Sep 12 2009 : Version 1.0.90
340 - Be more forgiving for eventscripts that hang during startup
341 - Fix for a banning bug in the new banning logic
342 * Thu Sep 3 2009 : Version 1.0.89
343 - Make it possible to manage winbind independently of samba.
344 - Add new prototype banning code
345 - Overwrite the vsftpd state file instead of appending. This eliminates
346 annoying errors in the log.
347 - Redirect some iptables commands to dev null
348 - From Michael A, explicitely set the broadcast when we takeover a public ip
349 - Remove a reclock file check we no longer need
350 - Skip any persistent database files ending in .bak
351 * Mon Aug 17 2009 : Version 1.0.88
352 - Add a new state for eventscripts : DISABLED.
353 Add two new commands "ctdb enablescript/disablescript" to enable/disable
354 eventscripts at runtime.
355 - Bugfixes for TDB from rusty.
356 - Merge/Port changes from upstream TDB library by rusty.
357 - Additional new tests from MartinS. Tests for stop/continue.
358 - Initial patch to rework vacuuming/repacking process from Wolfgang Mueller.
359 - Updates from Michael Adam for persistent writes.
360 - Updates from MartinS to handle the new STOPPED bit in the test framework.
361 - Make it possible to enable/disable the RECMASTER and LMASTER roles
362 at runtime. Add two new commands
363 "ctdb setlmasterrole/setrecmasterrole on/off"
364 - Make it possible to enable/disable the natgw feature at runtime. Add
365 the command "ctdb setnatgwstate on/off"
366 * Fri Jul 17 2009 : Version 1.0.87
367 - Add a new event "stopped" that is called when a node is stopped.
368 - Documentation of the STOPPED flag and the stop/continue commands
369 - Make it possible to start a node in STOPPED mode.
370 - Add a new node flag : STOPPED and commands "ctdb stop" "ctdb continue"
371 These commands are similar to "diasble/enable" but will also remove the node from the vnnmap, while disable only fails all ip addresses over.
372 - tests for NFS , CIFS by martins
373 - major updates to the init script by martins
374 - Send gratious arps with a 1.1 second stride instead of a 1 second stride to workaround interesting "features" of common linux stacks.
375 - Various test enhancements from martins:
376 - additional other tests
377 - add tests for grat arp generation, ping during failover, ssh and failover
378 - New/updated tcp tickle tests and supprot functions
379 - provide better debugging when a test fails
380 - make ctdbd restarts more reliable in the tests
381 - update the "wait bar" to make the wait progress in tests more obvious
383 - when dispatching a message to a handler, make the message a real talloc object so that we can reparent the object in the tallic hierarchy.
384 - document the ipreallocate command
385 - Updates to enable/disable to use the ipreallocate command to block until the following ipreallocation has completed.
386 - Update the main daemon and the tools to allow debug level to be a string instead of an integer.
387 - Update the sysconfig file to show using string literals instead of numeric values for the debuglevels used.
388 - If no debuglevel is specific, make "ctdb setdebug" show the available options.
389 - When trying to allocate network packets, add explicit checks if the network transport has been shutdown before trying and failing, to make log messages easier to read. Add this extra check and logging to every plave packets are allocated.
390 * Tue Jun 30 2009 : Version 1.0.86
391 - Do not access the reclock at all if VerifyRecoveryLock is zero, not even try to probe it.
392 - Allow setting the reclock file as "", which means that no reclock file at all should be used.
393 - Document that a reclock file is no longer required, but that it is dangerous.
394 - Add a control that can be used to set/clear/change the reclock file in the daemon during runtime.
395 - Update the recovery daemon to poll whether a reclock file should be sued and if so which file at runtime in each monitoring cycle.
396 - Automatically disable VerifyRecoveryLock everytime a user changes the location of the reclock file.
397 - do not allow the VerifyRecoveryLock to be set using ctdb setvar if there is no recovery lock file specified.
398 - Add two commands "ctdb getreclock" and "ctdb setreclock" to modify the reclock file.
399 * Tue Jun 23 2009 : Version 1.0.85
400 - From William Jojo : Dont use getopt on AIX
401 - Make it possible to use "ctdb listnodes" also when the daemon is not running
402 - Provide machinereadable output to "ctdb listnodes"
403 - Dont list DELETED nodes in the ctdb listnodes output
404 - Try to avoid causing a recovery for the average case when adding/deleting/moving an ip
405 - When banning a node, drop the IPs on that node only and not all nodes.
406 - Add tests for NFS and CIFS tickles
407 - Rename 99.routing to 11.routing so it executes before NFS and LVS scripts
408 - Increase the default timeout before we deem an unresponsive recovery daemon hung and shutdown
409 - Reduce the reclock timout to 5 seconds
410 - Spawn a child process in the recovery daemon ot check the reclock file to
411 avoid blocking the process if the underlying filesystem is unresponsive
412 - fix for filedescriptor leak when a child process timesout
413 - Dont log errors if waitpid() returns -1
414 - Onnode updates by Martins
415 - Test and initscript cleanups from Martin S
416 * Tue Jun 2 2009 : Version 1.0.84
417 - Fix a bug in onnode that could not handle dead nodes
418 * Tue Jun 2 2009 : Version 1.0.83
419 - Document how to remove a ndoe from a running cluster.
420 - Hide all deleted nodes from ctdb output.
421 - Lower the loglevel on some eventscript related items
422 - Dont queue packets to deleted nodes
423 - When building initial vnnmap, ignode any nonexisting nodes
424 - Add a new nodestate : DELETED that is used when deleting a node from an
426 - dont remove the ctdb socket when shutting down. This prevents a race in the
427 initscripts when restarting ctdb quickly after stopping it.
428 - TDB nesting reworked.
429 - Remove obsolete ipmux
430 - From Flavio Carmo Junior: Add eventscript and documentation for ClamAV antivirus engine
431 - From Sumit Bose: fix the regex in the test to handle the new ctdb
432 statistics output that was recently added.
433 - change the socket type we use for grauitious arps from the obsolete
434 AF_INET/SOCK_PACKET to instead use PF_PACKET/SOCK_RAW.
435 - Check return codes for some functions, from Sumit Bose, based on codereview by Jim Meyering.
436 - Sumit Bose: Remove structure memeber node_list_file that is no longer used.
437 - Sumit Bose: fix configure warning for netfilter.h
438 - Updates to the webpages by Volker.
439 - Remove error messages about missing /var/log/log.ctdb file from ctdb_diagnostics.sh from christian Ambach
440 - Additional error logs if hte eventscript switching from dameon to client mode fails.
441 - track how long it takes for ctdbd and the recovery daemon to perform the rec-lock fcntl() lock attemt and show this in the ctdb statistics output.
442 * Thu May 14 2009 : Version 1.0.82
443 - Update the "ctdb lvsmaster" command to return -1 on error.
444 - Add a -Y flag to "ctdb lvsmaster"
445 - RHEL5 apache leaks semaphores when crashing. Add semaphore cleanup to the
446 41.httpd eventscript and try to restart apache when it has crashed.
447 - Fixes to some tests
448 - Add a -o option to "onnode" which will redirect all stdout to a file for
450 - Add a natgw and a lvs node specifier to onnode so that we can use
452 - Assign the natgw address to lo instead of the private network so it can also
453 be used where private and public networks are the same.
454 - Add GPL boilerplates to two missing scripts.
455 - Change the natgw prefix NATGW_ to CTDB_NATGW_
456 * Fri May 8 2009 : Version 1.0.81
457 - use smbstatus -np instead of smbstatus -n in the 50.samba eventscript
458 since this avoids performing an expensive traverse on the locking and brlock
460 - make ctdb automatically terminate all traverse child processes clusterwide
461 associated to a client application that terminates before the traversal is
463 - From Sumit Bose : fixes to AC_INIT handling.
464 - From Michael Adam, add Tridge's "ping_pong" tool the the ctdb distro since
465 this is very useful for testing the backend filesystem.
466 - From Sumit bose, add support for additional 64 bit platforms.
467 - Add a link from the webpage to Michael Adams SambaXP paper on CTDB.
468 * Fri May 1 2009 : Version 1.0.80
469 - change init shutdown level to 01 for ctdb so it stops before any of the other services
470 - if we can not pull a database from a remote node during recovery, mark that node as a culprit so it becomes banned
471 - increase the loglevel when we volunteer to drop all ip addresses after beeing in recovery mode for too long. Make this timeout tuneable with "RecoveryDropAllIPs" and have it default to 60 seconds
472 - Add a new flag TDB_NO_NESTING to the tdb layer to prevent nested transactions which ctdb does not use and does not expect. Have ctdb set this flag to prevent nested transactions from occuring.
473 - dont unconditionally kill off ctdb and restrat it on "service ctdb start". Fail "service ctdb start" with an error if ctdb is already running.
474 - Add a new tunable "VerifyRecoveryLock" that can be set to 0 to prevent the main ctdb daemon to verify that the recovery master has locked the reclock file correctly before allowing it to set the recovery mode to active.
475 - fix a cosmetic bug with ctdb statistics where certain counters could become negative.
476 * Wed Apr 8 2009 : Version 1.0.79
477 - From Mathieu Parent: add a ctdb pkgconfig file
479 - add a funciton remove_ip to safely remove an ip from an interface, taking care to workaround an issue with linux alias interfaces.
480 - Update the natgw eventscript to use the safe remove_ip() function
481 - fix a bug in the eventscript child process that would cause the socket to be removed.
482 - dont verify nodemap on banned nodes during cluster monitoring
483 - Update the dodgy SeqnumInterval to have ms resolution
484 * Tue Mar 31 2009 : Version 1.0.78
485 - Add a notify mechanism so we can send snmptraps/email to external management systems when the node becomes unhealthy
486 - include 11.natgw eventscript in thew install so that the NATGW feature works
487 * Tue Mar 31 2009 : Version 1.0.77
488 - Update the 99.routing eventscript to also try to add the routes (back) during a releaseip event. Similar to the reasons why we must add addresses back during releaseip in 10.interfaces
489 * Wed Mar 24 2009 : Version 1.0.76
490 - Add a debugging command "xpnn" which can print the pnn of the node even when ctdbd is not running.
491 - Redo the NATGW implementation to allow multiple disjoing NATGW groups in the same cluster.
492 * Tue Mar 24 2009 : Version 1.0.75
493 - Various updates to LVS
494 - Fix a bug in the killtcp control where we did not set the port correctly
495 - add a new "ctdb scriptstatus" command that shows the status of the eventrscripts.
496 * Mon Mar 16 2009 : Version 1.0.74
497 - Fixes to AIX from C Cowan.
498 - Fixes to ctdb_diagnostics so we collect correct GPFS data
499 - Fixes to the net conf list command in ctdb_diagnostics
500 - Check the static-routes file IFF it exists in ctdb_diagnostics
501 * Wed Mar 4 2009 : Version 1.0.73
502 - Add possibility to disable the check of shares for NFS and Samba
503 - From Sumit Bose, fix dependencies so make -j works
504 * Wed Feb 18 2009 : Version 1.0.72
505 - Updates to test scripts by martin s
506 - Adding a COPYING file
507 - Use netstat to check for services and ports and fallback to netcat
508 only if netstat is unavailable.
509 * Mon Feb 2 2009 : Version 1.0.71
510 - Additional ipv6 fixes from Michael Adams
511 * Fri Jan 16 2009 : Version 1.0.70
512 - IPv6 support is completed. this is backward compatible with ipv4-only
513 systems. To use IPv6 with samba and ctdb you need current GIT of samba 3.3
514 or michael adams samba-ctdeb branch.
515 - Many enhancements to the build system and scripts to make it more SUSE
516 friendly by Michael Adams.
517 - Change of how the naming of the package is structured. We are now
518 using "1.0.70" as a release and "-1" as the revision instead of as
519 previously using "1.0" as release and ".70" as the revision.
521 * Thu Dec 18 2008 : Version 1.0.69
522 - Various fixes to scripts by M Adam
523 - Dont call ctdb_fatal() when the transport is down during shutdown
524 * Fri Dec 12 2008 : Version 1.0.68
525 - Fixes for monitoring of interfaces status from Michael Adam.
526 - Use -q instead of >/dev/null for grep to enhance readability of the
527 scripts from Michael Adam.
528 - Update to the "ctdb recover" command. This command now block until the
529 has completed. This makes it much easier to use in scripts and avoids
530 the common workaround :
532 ... loop while waiting for recovery completes ...
534 - Add a CTDB_TIMEOUT variable. If set, this variable provides an automatic
535 timeout for "ctdb <command>", similar to using -T <timeout>
536 - Set a unique errorcode for "ctdb <command>" when it terminates due to a
537 timeout so that scripts can distinguish between a hung command and what was
539 - Update "ctdb ban/unban" so that if the cluster is in recovery these commands
540 blocks and waits until after recovery is complete before the perform the
541 ban/unban operation. This is necessary since the recovery process can cause
542 nodes to become automatically unbanned.
543 - Update "ctdb ban/unban" to block until the recovery that will follow shortly
544 after this command has completed.
545 This makes it much easier to use in scripts and avoids the common
548 ... loop while waiting for recovery completes ...
550 - Bugfix for the new flags handling in 1.0.67. Abort and restart monitoring
551 if we failed to get proper nodemaps from a remote node instead of
552 dereferencing a null pointer.
553 - If ctdbd was explicitely started with the '--socket' argument, make
554 ctdbd automatically set CTDB_SOCKET to the specified argument.
555 This ensures that eventscripts spawned by the ctdb daemon will default to
556 using the same socket and talk to the correct daemon.
557 This primarily affects running multiple daemons on the same host and where
558 you want each instance of ctdb daemons have their eventscripts talk to the
560 - Update "ctdb ping" to return an error code if the ping fail so that it
561 can be used in scripts.
562 - Update to how to synchronize management of node flags across the cluster.
563 * Thu Dec 3 2008 : Version 1.0.67
564 - Add a document describing the recovery process.
565 - Fix a bug in "ctdb setdebug" where it would refuse to set a negative
567 - Print the list of literals for debug names if an invalid one was given
569 - Redesign how "ctdb reloadnodes" works and reduce the amont of tcp teardowns
570 used during this event.
571 - Make it possible to delete a public ip from all nodes at once using
573 * Mon Nov 24 2008 : Version 1.0.66
574 - Allow to change the recmaster even when we are not frozen.
575 - Remove two redundant SAMBA_CHECK variables from the sysconf example
576 - After a node failure it can take very long before some lock operations
577 ctdb needs to perform are allowed/works with gpfs again. Workaround this
578 by treating a hang/timeout as success.
579 - Dont override CTDB_BASE is fet in the shell already
580 - Always send keepalive packets regardless of whether the link is idle or not.
581 - Rewrite the disable/enable flag update logic to prevent a race between
582 "ctdb disable/enable" and the recovery daemon when updating the flags to
584 * Thu Nov 13 2008 : Version 1.0.65
585 - Update the sysconfig example: The default debug level is 2 (NOTICE) and not
587 - Add support for a CTDB_SOCKET environment variable for the ctdb command
588 line tool. If set, this overrides the default socket the ctdb tool will
590 - Add logging of high latency operations.
591 * Mon Oct 22 2008 : Version 1.0.64
592 - Add a context and a timed event so that once we have been in recovery for
593 too long we drop all public addresses.
594 * Mon Oct 20 2008 : Version 1.0.63
595 - Remove logging of "periodic cleanup ..." in 50.samba
596 - When we reload a nodes file, we must detect this and reload the file also
597 in the recovery daemon before we try to dereference somethoung beyond the end
599 * Thu Oct 16 2008 : Version 1.0.62
600 - Allow multiple eventscritps using the same prefix number.
601 It is undefined which order scripts with the same prefix will execute in.
602 * Wed Oct 15 2008 : Version 1.0.61
603 - Use "route add -net" instead of "ip route add" when adding routes in 99.routing
604 - lower the loglevel os several debug statements
605 - check the status returned from ctdb_ctrl_get_tickles() before we try to print them out to the screen.
606 - install a new eventscript 20.multipathd whoich can be used to monitor that multipath devices are healthy
607 * Wed Oct 15 2008 : Version 1.0.60
608 - Verify that nodes we try to ban/unban are reachable and print an error othervise.
609 - Update the client and server sides of TAKEIP/RELEASEIP/GETPUBLICIPS and GETNODEMAP to fall back to the old style ipv4-only controls if the new ipv4/ipv6 controls fail. This allows an ipv4/v6 enabled ctdb daemon to interoperate with earlier ipv4-only versions of the daemons.
610 - From Mathieu Parent : log debian systems log the package versions in ctdb diagnostics
611 - From Mathieu Parent : specify logdir location for debian (this patch was later reversed)
612 - From Michael Adams : allow # comments in nodes/public_addresses files
613 * Tue Oct 7 2008 : Version 1.0.59
614 - Updated "reloadnodes" logic. Instead of bouncing the entire tcp layer it is sufficient to just close and reopen all outgoing tcp connections.
615 - New eventscript 99.routing which can be used to re-attach routes to public interfaces after a takeip event. (routes may be deleted by the kernel when we release an ip)
616 - IDR tree fix from Jim Houston
617 - Better handling of critical events if the local clock is suddenly changed forward by a lot.
618 - Fix three slow memory leaks in the recovery daemon
619 - New ctdb command : ctdb recmaster which prints the pnn of the recmaster
620 - Onnode enhancements from Martin S : "healthy" and "connected" are now possible nodespecifiers
621 - From Martin S : doc fixes
622 - lowering some debug levels for some nonvital informational messages
623 - Make the daemon daemon monitoring stronger and allow ctdbd to detect a hung
625 - From C Cowan : patches to compile ipv6 under AIX
626 - zero out some structs to keep valgrind happy
627 * Wed Aug 27 2008 : Version 1.0.58
628 - revert the name change tcp_tcp_client back to tcp_control_tcp so
630 - Updates to the init script from Abhijith Das <adas@redhat.com>
631 * Mon Aug 25 2008 : Version 1.0.57
632 - initial support for IPv6
633 * Mon Aug 11 2008 : Version 1.0.56
634 - fix a memory leak in the recovery daemon.
635 * Mon Aug 11 2008 : Version 1.0.55
636 - Fix the releaseip message we seond to samba.
637 * Fri Aug 8 2008 : Version 1.0.54
638 - fix a looping error in the transaction code
639 - provide a more detailed error code for persistent store errors
640 so clients can make more intelligent choices on how to try to recover
641 * Thu Aug 7 2008 : Version 1.0.53
642 - Remove the reclock.pnn file it can cause gpfs to fail to umount
643 - New transaction code
644 * Mon Aug 4 2008 : Version 1.0.52
645 - Send an explicit gratious arp when starting sending the tcp tickles.
646 - When doing failover, issue a killtcp to non-NFS/non-CIFS clients
647 so that they fail quickly. NFS and CIFS already fail and recover
649 - Update the test scripts to handle CTRL-C to kill off the test.
650 * Mon Jul 28 2008 : Version 1.0.51
651 - Strip off the vlan tag from bond devices before we check in /proc
652 if the interface is up or not.
653 - Use testparm in the background in the scripts to allow probing
654 that the shares do exist.
655 - Fix a bug in the logging code to handle multiline entries better
656 - Rename private elements from private to private_data
657 * Fri Jul 18 2008 : Version 1.0.50
658 - Dont assume that just because we can establish a TCP connection
659 that we are actually talking to a functioning ctdb daemon.
660 So dont mark the node as CONNECTED just because the tcp handshake
662 - Dont try to set the recmaster to ourself during elections for those
663 cases we know this will fail. To remove some annoying benign but scary
664 looking entries from the log.
665 - Bugfix for eventsystem for signal handling that could cause a node to
667 * Thu Jul 17 2008 : Version 1.0.49
668 - Update the safe persistent update fix to work with unpatched samba
670 * Thu Jul 17 2008 : Version 1.0.48
671 - Update the spec file.
672 - Do not start new user-triggered eventscripts if we are already
673 inside recovery mode.
674 - Add two new controls to start/cancel a persistent update.
675 A client such as samba can use these to tell ctdbd that it will soon
676 be writing directly to the persistent database tdb file. So if
677 samba is -9ed before it has eitehr done the persistent_store or
678 canceled the operation, ctdb knows that the persistent databases
679 'may' be out of sync and therefore a full blown recovery is called for.
680 - Add two new options :
681 CTDB_SAMBA_SKIP_CONF_CHECK and CTDB_SAMBA_CHECK_PORTS that can be used
682 to override what checks to do when monitoring samba health.
683 We can no longer use the smbstatus, net or testparm commands to check
684 if samba or its config is healthy since these commands may block
685 indefinitely and thus can not be used in scripts.
686 * Fri Jul 11 2008 : Version 1.0.47
687 - Fix a double free bug where if a user striggered (ctdb eventscript)
688 hung and while the timeout handler was being processed a new user
689 triggered eventscript was started we would free state twice.
690 - Rewrite of onnode and associated documentation.
691 * Thu Jul 10 2008 : Version 1.0.46
692 - Document both the LVS:cingle-ip-address and the REMOTE-NODE:wan-accelerator
694 - Add commands "ctdb pnn", "ctdb lvs", "ctdb lvsmaster".
695 - LVS improvements. LVS is the single-ip-address mode for a ctdb cluster.
696 - Fixes to supress rpmlint warnings
698 - Change \s to [[:space:]] in some scripts. Not all RHEL5 packages come
699 with a egrep that handles \s even same version but different arch.
700 - Revert the change to NFS restart. CTDB should NOT attempt to restart
702 - Rewrite of the waitpid() patch to use the eventsystem for handling
704 * Tue Jul 8 2008 : Version 1.0.45
705 - Try to restart the nfs service if it has failed to respond 3 times in a row.
706 - waitpid() can block if the child does not respond promptly to SIGTERM.
707 ignore all SIGCHILD signals by setting SIGCHLD to SIG_DEF.
708 get rid of all calls to waitpid().
709 - make handling of eventscripts hanging more liberal.
710 only consider the script to have failed and making the node unhealthy
711 IF the eventscript terminated wiht an error
712 OR the eventscript hung 5 or more times in a row
713 * Mon Jul 7 2008 : Version 1.0.44
714 - Add a CTDB_VALGRIND option to /etc/sysconfig/ctdb to make it start
715 ctdb under valgrind. Logs go to /var/log/ctdb_valgrind.PID
716 - Add a hack to show the control opcode that caused uninitialized data
717 in the valgrind output by encoding the opcode as the line number.
718 - Initialize structures and allocated memory in various places in
719 ctdb to make it valgrind-clean and remove all valgrind errors/warnings.
720 - If/when we destroy a lockwait child, also make sure we cancel any pending transactions
721 - If a transaction_commit fails, delete/cancel any pending transactions and
722 return an error instead of calling ctdb_fatal()
723 - When running ctdb under valgrind, make sure we run it with --nosetsched and also
724 ensure that we do not use mem-mapped i/o when accessing the tdb's.
725 - zero out ctdb->freeze_handle when we free/destroy a freeze-child.
726 This prevent a heap corruption/ctdb crash bug that could trigger
727 if the freeze child times out.
728 - we dont need to explicitely thaw the databases from the recovery daemon
729 since this is done implicitely when we restore the recovery mode back to normal.
730 - track when we start and stop a recovery. Add the 'time it took to complete the
731 recovery' to the 'ctdb uptime' output.
732 Ensure by tracking the start/stop recovery timestamps that we do not
733 check that the ip allocation is consistend from inside the recovery daemon
734 while a different node (recovery master) is performing a recovery.
735 This prevent a race that could cause a full recovery to trigger if the
736 'ctdb disable/enable' commands took very long.
737 - The freeze child indicates to the master daemon that all databases are locked
738 by writing data to the pipe shared with the master daemon.
739 This write sometimes fail and thus the master daemon never notices that the databases
740 are locked cvausing long timeouts and extra recoveries.
741 Check that the write is successful and try the write again if it failed.
742 - In each node, verify that the recmaster have the right node flags for us
743 and force a push of our flags to the recmaster if wrong.
744 * Tue Jul 1 2008 : Version 1.0.43
745 - Updates and bugfixes to the specfile to keep rpmlint happy
746 - Force a global flags update after each recovery event.
747 - Verify that the recmaster agrees with our node flags and update the
749 - When writing back to the parent from a freeze-child across the pipe,
750 loop over the write in case the write failed with an error othervise
751 the parent will never be notified tha the child has completed the operation.
752 - Automatically thaw all databases when recmaster marks us as being in normal
753 mode instead of recovery mode.
754 * Fri Jun 13 2008 : Version 1.0.42
755 - When event scripts have hung/timedout more than EventScriptBanCount times
756 in a row the node will ban itself.
757 - Many updates to persistent write tests and the test scripts.
758 * Wed May 28 2008 : Version 1.0.41
759 - Reactivate the safe writes to persistent databases and solve the
760 locking issues. Locking issues are solved the only possible way,
761 by using a child process to do the writes. Expensive and slow but... .
762 * Tue May 27 2008 : Version 1.0.40
763 - Read the samba sysconfig file from the 50.samba eventscript
764 - Fix some emmory hierarchical bugs in the persistent write handling
765 * Thu May 22 2008 : Version 1.0.39
766 - Moved a CTDB_MANAGES_NFS, CTDB_MANAGES_ISCSI and CTDB_MANAGES_CSFTPD
767 into /etc/sysconfig/ctdb
768 - Lowered some debug messages to not fill the logfile with entries
769 that normally occur in the default configuration.
770 * Fri May 16 2008 : Version 1.0.38
771 - Add machine readable output support to "ctdb getmonmode"
772 - Lots of tweaks and enhancements if the event scripts are "slow"
773 - Merge from tridge: an attempt to break the chicken-and-egg deadlock that
774 net conf introduces if used from an eventscript.
775 - Enhance tickles so we can tickle an ipv6 connection.
776 - Start adding ipv6 support : create a new container to replace sockaddr_in.
777 - Add a checksum routine for ipv6/tcp
778 - When starting up ctdb, let the init script do a tdbdump on all
779 persistent databases and verify that they are good (i.e. not corrupted).
780 - Try to use "safe transactions" when writing to a persistent database
781 that was opened with the TDB_NOSYNC flag. If we can get the transaction
782 thats great, if we cant we have to write anyway since we cant block here.
783 * Mon May 12 2008 : Version 1.0.37
784 - When we shutdown ctdb we close the transport down before we run the
785 "shutdown" eventscripts. If ctdb decides to send a packet to a remote node
786 after we have shutdown the transport but before we have shutdown ctdbd
787 itself this could lead to a SEGV instead of a clean shutdown. Fix.
788 - When using the "exportfs" command to extract which NFS export directories
789 to monitor, exportfs violates the "principle of least surprise" and
790 sometimes report a single export line as two lines of text output
791 causing the monitoring to fail.
792 * Fri May 9 2008 : Version 1.0.36
793 - fix a memory corruption bug that could cause the recovery daemon to crash.
794 - fix a bug with distributing public ip addresses during recovery.
795 If the node that is the recovery master did NOT use public addresses,
796 then it assumed that no other node in the cluster used them either and
797 thus skipped the entire step of reallocating public addresses.
798 * Wed May 7 2008 : Version 1.0.35
799 - During recovery, when we define the new set of lmasters (vnnmap)
800 only consider those nodes that have the can-be-lmaster capability
801 when we create the vnnmap. unless there are no nodes available which
802 supports this capability in which case we allow the recmaster to
803 become lmaster capable (temporarily).
804 - Extend the async framework so that we can use paralell async calls
805 to controls that return data.
806 - If we do not have the "can be recmaster" capability, make sure we will
807 lose any recmaster elections, unless there are no nodes available that
808 have the capability, in which case we "take/win" the election anyway.
809 - Close and reopen the reclock pnn file at regular intervals.
810 Make it a non-fatal event if we occasionally fail to open/read/write
812 - Monitor that the recovery daemon is still running from the main ctdb
813 daemon and shutdown the main daemon when recovery daemon has terminated.
814 - Add a "ctdb getcapabilities" command to read the capabilities off a node.
815 - Define two new capabilities : can be recmaster and can be lmaster
816 and default both capabilities to YES.
817 - Log denied tcp connection attempts with DEBUG_ERR and not DEBUG_WARNING
818 * Thu Apr 24 2008 : Version 1.0.34
819 - When deleting a public ip from a node, try to migrate the ip to a different
821 - Change catdb to produce output similar to tdbdump
822 - When adding a new public ip address, if this ip does not exist yet in
823 the cluster, then grab the ip on the local node and activate it.
824 - When a node disagrees with the recmaster on WHO is the recmaster, then
825 mark that node as a recovery culprit so it will eventually become
827 - Make ctdb eventscript support the -n all argument.
828 * Thu Apr 10 2008 : Version 1.0.33
829 - Add facilities to include site local adaptations to the eventscript
830 by /etc/ctdb/rc.local which will be read by all eventscripts.
831 - Add a "ctdb version" command.
832 - Secure the domain socket with proper permissions from Chris Cowan
833 - Bugfixes for AIX from Chris Cowan
834 * Wed Apr 02 2008 : Version 1.0.32
835 - Add a control to have a node execute the eventscripts with arbitrary
836 command line arguments.
837 - Add a control "rddumpmemory" that will dump the talloc memory allocations
838 for the recovery daemon.
839 - Decorate the talloc memdump to produce better and easier memory leak
841 - Update the RHEL5 iscsi tgtd scripts to allow one iscsi target for each
843 - Add two new controls "addip/delip" that can be used to add/remove public
844 addresses to a node at runtime. After using these controls a "ctdb recover"
845 ir required to make the changes take.
846 - Fix a couple of slow memory leaks.
847 * Tue Mar 25 2008 : Version 1.0.31
848 - Add back controls to disable/enable monitoring on a node.
849 - Fix a memory leak where we used to attach CALL data to the ctdb structure
850 when performing a local call. Memory which would be lost if the call was
852 - Reduce the loglevel for the log output when someone connects to a non
853 public ip address for samba.
854 - Redo and optimize the vacuuming process to send only one control to each
855 other node containing all records to be vacuumed instead of one
856 control per node per record.
857 * Tue Mar 04 2008 : Version 1.0.30
858 - Update documentation cor new commands and tuneables
859 - Add machinereadable output to the ip,uptime and getdebug commands
860 - Add a moveip command to manually failover/failback public ips
861 - Add NoIPFallback tuneable that prevents ip address failback
862 - Use file locking inside the CFS as alternative to verify when other nodes
863 Are connected/disconnected to be able to recover from split network
864 - Add DisableWhenUnhealthy tunable
865 - Add CTDB_START_AS_DISABLED sysconfig param
866 - Add --start-as-disabled flag to ctdb
867 - Add ability to monitor for OOM condition
868 * Thu Feb 21 2008 : Version 1.0.29
869 - Add a new command to make expansion of an existing cluster easier
870 - Fix bug with references to freed objects in the ctdb structure
871 - Propagate debuglevel changes to the recovery daemon
872 - Merge patches to event scripts from Mathieu Parent :
873 - MP: Simulate "service" on systems which do not provide this tool
874 - MP: Set correct permissions for events.d/README
875 - Add nice helper functions to start/stop nfs from the event scripts
876 * Fri Feb 08 2008 : Version 1.0.28
877 - Fix a problem where we tried to use ethtool on non-ethernet interfaces
878 - Warn if the ipvsadm packege is missing when LVS is used
879 - Dont use absolute pathnames in some of the event scripts
880 - Fix for persistent tdbs growing inifinitely.
881 * Wed Feb 06 2008 : Version 1.0.27
882 - Add eventscript for iscsi
883 * Thu Jan 31 2008 : Version 1.0.26
884 - Fix crashbug in tdb transaction code
885 * Tue Jan 29 2008 : Version 1.0.25
886 - added async recovery code
887 - make event scripts more portable
888 - fixed ctdb dumpmemory
889 - more efficient tdb allocation code
890 - improved machine readable ctdb status output
892 * Wed Jan 16 2008 : Version 1.0.24
893 - added syslog support
894 - documentation updates
895 * Wed Jan 16 2008 : Version 1.0.23
896 - fixed a memory leak in the recoveryd
897 - fixed a corruption bug in the new transaction code
898 - fixed a case where an packet for a disconnected client could be processed
899 - added http event script
900 - updated documentation
901 * Thu Jan 10 2008 : Version 1.0.22
902 - auto-run vacuum and repack ops
903 * Wed Jan 09 2008 : Version 1.0.21
904 - added ctdb vacuum and ctdb repack code
905 * Sun Jan 06 2008 : Version 1.0.20
906 - new transaction based recovery code
907 * Sat Jan 05 2008 : Version 1.0.19
908 - fixed non-master bug
909 - big speedup in recovery for large databases
910 - lots of changes to improve tdb and ctdb for high churn databases
911 * Thu Dec 27 2007 : Version 1.0.18
912 - fixed crash bug in monitor_handler
913 * Tue Dec 04 2007 : Version 1.0.17
914 - fixed bugs related to ban/unban of nodes
915 - fixed a race condition that could lead to monitoring being permanently disabled,
916 which would lead to long recovery times
917 - make deterministic IPs the default
918 - fixed a bug related to continuous recovery
919 - added a debugging option --node-ip