Rusty Russell [Tue, 24 Nov 2009 00:46:49 +0000 (11:16 +1030)]
eventscript: introduce enum for different event script calls.
Rather than doing strcmp everywhere, pass an explicit enum around. This
also subtly documents what options are available. The "options" arg
is now used for extra arguments only.
Unfortunately, gcc complains on empty format strings, so we make
ctdb_event_script() take no varargs, and add ctdb_event_script_args(). We
leave ctdb_event_script_callback() taking varargs, which means callers
have to do "%s", "".
For the moment, we have CTDB_EVENT_UNKNOWN for handling forced scripts
from the ctdb tool.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Rusty Russell [Tue, 24 Nov 2009 00:39:46 +0000 (11:09 +1030)]
eventscript: put timeout inside ctdb_event_script_callback_v
Everyone uses the same timeout value, so just remove it from the API.
If we ever need variable timeouts, that might as well be central too.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Rusty Russell [Tue, 24 Nov 2009 00:39:01 +0000 (11:09 +1030)]
eventscript: cleanup ctdb_event_script_v
ctdb_event_script_v doesn't take varargs. ctdb_run_event_script is
a better name, and fix comment.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Rusty Russell [Tue, 24 Nov 2009 00:36:53 +0000 (11:06 +1030)]
eventscript: fix bug in timeouts on forced eventscripts. Again.
In
15bc66ae801b0c69, Ronnie fixed a double-free race. The problem was that
ctdb_run_eventscripts() hands a context to ctdb_event_script_callback() to
hang its data off, which gets freed in the callback. This particularly
hurt in ctdb_event_script_timeout.
There's nothing wrong with this, but obviously we should make the callback
call last of all. At the time, ctdb_event_script_timeout() carefully
extracted everything from the struct ctdb_event_script_state before
calling ->callback.
This was cleaned up in
64da4402c6ad485f (Ronnie again), and now state
was referred to after the callback again. But the same change introduced
a direct use-after-free bug which caused an occasional oops.
So in our last episode (
eda052101728cf92) Volker fixed this, and Michael
committed it.
But we still have the double free bug which
15bc66ae801b0c69 was supposed
to fix! Let's try to fix this in a more permanent way, but always doing
the callback from the destructor. This means we need to hold the status,
and don't send the KILL signal if ->child is set to 0.
Finally, add a comment about freeing ourselves in run_eventscripts_callback
and the structure definition.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Rusty Russell [Tue, 24 Nov 2009 00:30:13 +0000 (11:00 +1030)]
eventscript: clean up forked handler event code
Write the whole int through the pipe, rather than quietly cutting it
off. Also, use -2 as the result if the read fails; -1 comes from many
paths if the child fails before running the script.
Add a comment about why we don't need to check the write.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Ronnie Sahlberg [Wed, 25 Nov 2009 00:30:11 +0000 (11:00 +1030)]
rework and simplify the eventscript handling
This version has no trailing whitespace, and fixed
Martin Schwenke [Thu, 19 Nov 2009 05:48:19 +0000 (16:48 +1100)]
Now vaguely tested initscript updates.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Martin Schwenke [Thu, 19 Nov 2009 04:00:17 +0000 (15:00 +1100)]
More untested eventscript factorisation.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Martin Schwenke [Fri, 13 Nov 2009 07:28:25 +0000 (18:28 +1100)]
Eventscripts: Untested factorisations and introduction of status event.
This is the first stage of an experimental change to eventscripts.
Ronnie and I did a few hours of factorisation of 40.vsftpd and applied
many of the changes to 41.httpd. Other eventscripts were also
modified.
At this stage this is completely untested.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Ronnie Sahlberg [Fri, 13 Nov 2009 01:37:55 +0000 (12:37 +1100)]
test of a change to make ctdbd use "status" event instead of the "monitor" event.
This allows running the actual monitoring asynchronously from ctdbd
and only using "status" to pick up the actual results.
Ronnie Sahlberg [Fri, 13 Nov 2009 01:25:31 +0000 (12:25 +1100)]
Merge commit 'martins/master'
Martin Schwenke [Thu, 12 Nov 2009 22:44:34 +0000 (09:44 +1100)]
Test suite: Fix the NFS and CIFS tickle tests.
The NFS test sleeps for MonitorInterval to give CTDB time to record an
NFS tickle. However, this isn't always long enough. This changes the
test to wait until a monitor event has actually occurred.
The CIFS test assumes that Samba is able to register a tickle with
CTDB before it notices that netstat has registered the tickle and can
use onnode to ask CTDB about it. That is an incorrect assumption -
sometimes we can get to the point of asking CTDB about the tickle
before Samba and CTDB have processed it. This adds a timeout loop
that makes the CIFS test wait until the tickle has been registered or
fail after 10 seconds.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Martin Schwenke [Wed, 11 Nov 2009 01:16:30 +0000 (12:16 +1100)]
Merge commit 'origin/master'
Mathieu Parent [Tue, 10 Nov 2009 11:04:13 +0000 (12:04 +0100)]
Fix bashism in events.d/11.natgw
Signed-off-by: Michael Adam <obnox@samba.org>
Ronnie Sahlberg [Fri, 6 Nov 2009 00:16:05 +0000 (11:16 +1100)]
version 1.0.104
Ronnie Sahlberg [Thu, 5 Nov 2009 22:54:03 +0000 (09:54 +1100)]
sugegstion from metze,
use killtcp and kill both directions of the nfs connections.
we used to kill only one direction since the other direction was unkillble
but recent kernels allow us to kill both
Ronnie Sahlberg [Thu, 5 Nov 2009 21:19:32 +0000 (08:19 +1100)]
suggestion from Christian,
dont allow UNHEALTHY nodes to become natgw master, unless all nodes
are unhealthy
Volker Lendecke [Tue, 3 Nov 2009 19:01:00 +0000 (20:01 +0100)]
Fix a segfault in the eventscript timeout handler.
The state was freed too early.
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Tue, 3 Nov 2009 19:00:27 +0000 (20:00 +0100)]
ctdb.sysconfig: add a comment section about CTDB_RUN_TIMEOUT_MONITOR
Michael
Michael Adam [Tue, 3 Nov 2009 19:00:07 +0000 (20:00 +0100)]
Add a 99.timeout event script to trigger monitor timeouts.
This just sleeps for twice the value of EventScriptTimeout
in the monitor action. It is not run by default, but
can be activated by setting CTDB_RUN_TIMEOUT_MONITOR
in /etc/sysconfig/ctdb .
Michael
Ronnie Sahlberg [Thu, 5 Nov 2009 05:07:23 +0000 (16:07 +1100)]
dont use the pointer after it has been talloc_free()d.
Ronnie Sahlberg [Thu, 5 Nov 2009 04:57:46 +0000 (15:57 +1100)]
From Rusty
It's much nicer for post-mortem debugging to have a body to examine.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Ronnie Sahlberg [Thu, 5 Nov 2009 01:12:06 +0000 (12:12 +1100)]
add an extra test for the bond devices and check that there is an active slave.
this to handle the case where all links do have a physical layer, but where all slaves have been disabled using ifdown
Ronnie Sahlberg [Tue, 3 Nov 2009 20:50:26 +0000 (07:50 +1100)]
dont verify winbindd is running properly at startup
Ronnie Sahlberg [Tue, 3 Nov 2009 00:46:37 +0000 (11:46 +1100)]
new version 1.0.103
Ronnie Sahlberg [Mon, 2 Nov 2009 23:48:27 +0000 (10:48 +1100)]
move the check to skip vacuuming on persistent database to the ctdb_vacuuming_init() function
Michael Adam [Mon, 2 Nov 2009 00:37:07 +0000 (01:37 +0100)]
packaging: use githash in rpm release by default.
setting USE_GITHASH=no in the environment makes
makerpms.sh omit the git hash
Michael
Michael Adam [Mon, 2 Nov 2009 23:04:27 +0000 (00:04 +0100)]
server: disable vacuuming for persistent tdbs.
The vacuum process treats persistent databases the same as
non-persistent and thus ignores the extra state for transactions.
This way, it breaks the api-level transactions.
Michael
Michael Adam [Thu, 29 Oct 2009 21:53:44 +0000 (22:53 +0100)]
client: randomize the transaction_start retry loop:
instead of sleeping 1 second, sleep between 1 and 100 milliseconds
Michael
Michael Adam [Thu, 29 Oct 2009 21:40:00 +0000 (22:40 +0100)]
Revert "dont exit on a commit failure"
This reverts commit
4e9a3a5dc232bac12ab387ea0cf4f1b279bed5c1.
Transaction commit should not be allowed to fail.
This is a real error.
Michael
Michael Adam [Thu, 29 Oct 2009 21:20:38 +0000 (22:20 +0100)]
client: fix a race in the local race condition fix in transaction_start
The gap that remained is between checking whether a transaction commit
is in progress and taking the lock. Now we first take the lock and then
check whether a transaction commit is in progress. If so, we release the
lock, wait for one second and retry.
Michael
Michael Adam [Thu, 29 Oct 2009 21:19:19 +0000 (22:19 +0100)]
client: add a debug message when a transaction_commit needs to be retried
Michael
Michael Adam [Tue, 20 Oct 2009 15:02:16 +0000 (17:02 +0200)]
packaging(RPM): don't touch the run levels in ctdb install/udpate.
We should really leave it up to the administrator to decide
whether ctdb should be started automatically at boot-time.
Michael
Ronnie Sahlberg [Fri, 30 Oct 2009 08:39:11 +0000 (19:39 +1100)]
start the syslog child a little later, after we have forked and detached from the local shell
Ronnie Sahlberg [Fri, 30 Oct 2009 07:53:17 +0000 (18:53 +1100)]
create a child process to write to syslog.
use a udp socket on the ctdbd port to send messages to teh syslog child process for loggign.
we need this when syslog becomes "slow", like very slow, and on boxes where syslog is limited to 100 lines per second and starts to block after that
Michael Adam [Thu, 29 Oct 2009 12:48:36 +0000 (13:48 +0100)]
server: fix debug message in trans2_commit (refusing persistent store during transaction)
log the right db_id
also log the client_id
Michael
Michael Adam [Thu, 29 Oct 2009 12:45:38 +0000 (13:45 +0100)]
client: log db_id as 8-digit hex in ctdb_transaction_fetch_start()
Michael
Michael Adam [Thu, 29 Oct 2009 12:44:39 +0000 (13:44 +0100)]
server: uniformly log db and client ids as 8-digit hex numbers in trans2_commit
Michael
Michael Adam [Thu, 29 Oct 2009 12:30:03 +0000 (13:30 +0100)]
server: line-wrap a debug statement in trans2_commit
Michael
Michael Adam [Thu, 29 Oct 2009 12:27:47 +0000 (13:27 +0100)]
server: output client_id in some debug messages in trans2_commit
Michael
Michael Adam [Thu, 29 Oct 2009 12:24:19 +0000 (13:24 +0100)]
server: fix a debug message in trans2_commit - log the correct db_id
Michael
Michael Adam [Thu, 29 Oct 2009 12:54:55 +0000 (13:54 +0100)]
server: extend a debug message in ctdb_control_trans2_error()
Michael
Michael Adam [Thu, 29 Oct 2009 12:53:44 +0000 (13:53 +0100)]
server: add positive debug statements to trans2_commit and trans2_finished
When the operation completed / started successfully.
Michael
Michael Adam [Thu, 29 Oct 2009 18:49:10 +0000 (19:49 +0100)]
client: improve "control timed out" debug message
* add __location__
* wrap overly long line
* print unsigned ints as unsigned (reqid, opcode, destnode)
Michael
Michael Adam [Thu, 29 Oct 2009 16:08:37 +0000 (17:08 +0100)]
server: trans2_active: don't report a transaction active on the node that performs the transaction
Otherwise a node can lock itself out, e.g. when a commit control times out...
Michael
Ronnie Sahlberg [Thu, 29 Oct 2009 02:49:27 +0000 (13:49 +1100)]
new version 1.0.102
Wolfgang Mueller-Friedt [Wed, 28 Oct 2009 11:54:29 +0000 (14:54 +0300)]
ensure tdb names end with .tdb. and any number of digits
Wolfgang Mueller-Friedt [Wed, 28 Oct 2009 10:01:27 +0000 (13:01 +0300)]
vacuuming needed additional check before getting rid of the record; there is a gap between selecting the records and deleting them, therefore we have to check if the records still can be deleted when we actually are about to delete them
Ronnie Sahlberg [Thu, 29 Oct 2009 02:44:12 +0000 (13:44 +1100)]
Revert "From Wolfgang M."
This reverts commit
5b70fa8cfd5916d3c212823ad5cc1b251ae175ed.
Ronnie Sahlberg [Thu, 29 Oct 2009 00:54:24 +0000 (11:54 +1100)]
make the error logged when winbindd fails to access the dc during startup more scary and easier to spot in the logs
Ronnie Sahlberg [Wed, 28 Oct 2009 23:58:14 +0000 (10:58 +1100)]
update the uptime command to indicate that time since last is either from alst recovery or from last failover
Ronnie Sahlberg [Wed, 28 Oct 2009 23:49:00 +0000 (10:49 +1100)]
Revert "update the "uptime" command to indicate the "time since last" is the time since the last recovery OR failover."
This reverts commit
3b0d44497800a16400d05a30bdaf6e6c285d4b36.
Ronnie Sahlberg [Wed, 28 Oct 2009 23:32:28 +0000 (10:32 +1100)]
update the manpage for "update" to indicate the "time since last" indicates
the time since the last recovery OR failover
Ronnie Sahlberg [Wed, 28 Oct 2009 23:37:10 +0000 (10:37 +1100)]
update the "uptime" command to indicate the "time since last" is the time since the last recovery OR failover.
Michael Adam [Thu, 22 Oct 2009 12:42:05 +0000 (14:42 +0200)]
ctdb_client: reformat a comment slightly to enhance clearness.
Michael
Michael Adam [Wed, 28 Oct 2009 21:55:44 +0000 (22:55 +0100)]
client: fix race condition with concurrent transactions on the same node.
In ctdb_transaction_commit(), when the trans2_commit control fails, there
is a race condition in the 1 second sleep between the local transaction_cancel
and the call to ctdb_replay_transaction(): The database is not locked, and
neither is the transaction_lock record. So another client can start and possibly
complete a new transaction in this gap, but only on the same node: The locking
of the transaction_lock record on a different node which involves migration of
the record to the other node has been disabled by introduction of the
transaction_active flag on the db which closes precisely this gap from the start
of the commit until the call to TRANS2_FINISH or TRANS2_ERROR.
But this mechanism does not cover the case where a process on the same node
tries to start a transaction: There is no obstacle to locking the transaction_lock
record because the record does not need to be migrated.
This commit closes this race condition in ctdb_transaction_fetch_start()
by using the new ctdb_ctrl_transaction_active() call to ask the local
ctdb daemon whether it has a transaction running on the database.
If so, the check is repeated until the running transaction is done.
This does introduce an additional call to the local ctdbd when starting
transactions, but it does close the (hopefully) last race condition.
Michael
Michael Adam [Wed, 28 Oct 2009 21:54:49 +0000 (22:54 +0100)]
client: add ctdb_ctrl_transaction_active() which calls out to CTDB_TRANS2_ACTIVE
Michael
Michael Adam [Wed, 28 Oct 2009 21:50:05 +0000 (22:50 +0100)]
server: add a new ctdb control CTDB_TRANS2_ACTIVE
This aske the daemon wheter a transaction is currently active on a
given DB on that node. More precisely this asks for the transaction_active
flag in the ctdb_db_context that is set in the CTDB_TRANS2_COMMIT
control and cleared in the CTDB_TRANS2_ERROR or CTDB_TRANS2_FINISHED controls.
This will be useful for fixing race conditions in the transaction code.
Michael
Ronnie Sahlberg [Wed, 28 Oct 2009 06:42:01 +0000 (17:42 +1100)]
version 1.0.101
Ronnie Sahlberg [Wed, 28 Oct 2009 06:35:15 +0000 (17:35 +1100)]
create a separate context for non-monitor eventscripts so they dont collide
Ronnie Sahlberg [Wed, 28 Oct 2009 05:40:31 +0000 (16:40 +1100)]
return 0 in the event script callback if it was aborted by a different script
Ronnie Sahlberg [Wed, 28 Oct 2009 05:18:28 +0000 (16:18 +1100)]
new version 1.0.100
Ronnie Sahlberg [Wed, 28 Oct 2009 05:11:54 +0000 (16:11 +1100)]
change the eventscript handling to allow EventScriptTimeout for each individual script isntead of for the entire set of scripts
restructure the talloc hierarchy to allow this
Martin Schwenke [Wed, 28 Oct 2009 02:02:18 +0000 (13:02 +1100)]
Test suite: Regression fix - wait_until should not run command in sub-shell.
Commit
25e82a8a667a54c6921ef076c63fdd738dd75d19 changed wait_until()
to protect the command it runs from "set -e" by running it in a
subshell. This breaks uses where the command is expected to set
global variables. For example, wait_until_get_src_socket lost the
value of $out from its call to get_src_socket().
The fix is to not be lazy and use a sub-shell!
Signed-off-by: Martin Schwenke <martin@meltin.net>
Ronnie Sahlberg [Tue, 27 Oct 2009 22:07:43 +0000 (09:07 +1100)]
Enhance the logging fromeventscripts.
When a single script is finished, also log the name of the script, the duration it took and the return status.
In the loop where we signal back to the main daemon that the script finished, do this once every 100ms instead of once every 1 second
Ronnie Sahlberg [Tue, 27 Oct 2009 04:45:03 +0000 (15:45 +1100)]
add a check that winbind can actually talk to teh dc during the startup event
and refuse to start up if it can not
Ronnie Sahlberg [Tue, 27 Oct 2009 04:17:45 +0000 (15:17 +1100)]
temporarily try allowing clients to attach to databases even if the node is banned/stopped or inactive in any other way.
Ronnie Sahlberg [Tue, 27 Oct 2009 02:51:45 +0000 (13:51 +1100)]
dont run the monitor event so frequently after a event has failed.
use _exit() instead of exit() when terminating an eventscript.
Ronnie Sahlberg [Tue, 27 Oct 2009 02:18:52 +0000 (13:18 +1100)]
for debugging
add a global variable holding the pid of the main daemon.
change the tracking of time() in the event loop to only check/warn when called from the main daemon
Stefan Metzmacher [Tue, 6 Oct 2009 14:16:13 +0000 (16:16 +0200)]
ctdb_diagnostics: don't use hardcoded path to iptables
All event scripts use only the relative path, so we should
here.
Also PATH includes /sbin and /usr/sbin...
metze
Stefan Metzmacher [Fri, 9 Oct 2009 13:47:06 +0000 (15:47 +0200)]
ctdb_client: fix DEBUG statement in ctdb_ctrl_modflags()
metze
Stefan Metzmacher [Fri, 9 Oct 2009 13:47:49 +0000 (15:47 +0200)]
server: if takeover runs when the recovery master becomes unhealthy
The problem was this:
When the monitor event fails, the node->flags get updated,
and an update (containing the old and new flags) is sent to
the recovery master.
If the recovery master sends the update to itself (the same process),
it was compairing the node->flags variable with the received new flags.
This check always found both flag values to be equal
and never sets the rec->need_takeover_run variable to true.
There were two problem, first the push_flags_handler() function
didn't pass the received old flags.
And the ctdb_control_modflags() function ignored the received old flags.
metze
Stefan Metzmacher [Fri, 9 Oct 2009 13:50:59 +0000 (15:50 +0200)]
server: print out the full 64-bit srvid on 32-bit hosts
metze
Stefan Metzmacher [Wed, 21 Oct 2009 15:06:48 +0000 (17:06 +0200)]
tcp: don't log an error when we succefully bind to the desired address
metze
Ronnie Sahlberg [Mon, 26 Oct 2009 02:20:35 +0000 (13:20 +1100)]
patch the event loop so we read the current time every iteration.
log an error if the clock jumps backwards
also log an error if the clock jumps >5 seconds forward (we assume here we will get at least one event every 5 seconds)
Ronnie Sahlberg [Mon, 26 Oct 2009 01:20:52 +0000 (12:20 +1100)]
Suggestion from Volker,
make ctdb_queue_length() cheaper by using a counter variable instead of counting the number of packets each time.
Ronnie Sahlberg [Sun, 25 Oct 2009 23:22:00 +0000 (10:22 +1100)]
disabel the multipath eventscript by default
Ronnie Sahlberg [Sun, 25 Oct 2009 23:11:00 +0000 (10:11 +1100)]
update the manpage for ctdb setreclock
Ronnie Sahlberg [Sun, 25 Oct 2009 23:13:20 +0000 (10:13 +1100)]
automatically re-activate the reclock file check if we set the reclock file to something
Ronnie Sahlberg [Sun, 25 Oct 2009 22:35:18 +0000 (09:35 +1100)]
lower the log level of a debug message
Ronnie Sahlberg [Fri, 23 Oct 2009 04:24:51 +0000 (15:24 +1100)]
Add a mechanism where we can register notifications to be sent out to a SRVID when the client disconnects.
The way to use this is from a client to :
1, first create a message handle and bind it to a SRVID
A special prefix for the srvid space has been set aside for samba :
Only samba is allowed to use srvid's with the top 32 bits set like this.
The lower 32 bits are for samba to use internally.
2, register a "notification" using the new control :
CTDB_CONTROL_REGISTER_NOTIFY = 114,
This control takes as indata a structure like this :
struct ctdb_client_notify_register {
uint64_t srvid;
uint32_t len;
uint8_t notify_data[1];
};
srvid is the srvid used in the space set aside above.
len and notify_data is an arbitrary blob.
When notifications are later sent out to all clients, this is the payload of that notification message.
If a client has registered with control 114 and then disconnects from ctdbd, ctdbd will broadcast a message to that srvid to all nodes/listeners in the cluster.
A client can resister itself with as many different srvid's it want, but this is handled through a linked list from the client structure so it mainly designed for "few notifications per client".
3, a client that no longer wants to have a notification set up can deregister using control
CTDB_CONTROL_DEREGISTER_NOTIFY = 115,
which takes this as arguments :
struct ctdb_client_notify_deregister {
uint64_t srvid;
};
When a client deregisters, there will no longer be sent a message to all other clients when this client disconnects from ctdbd.
Ronnie Sahlberg [Fri, 23 Oct 2009 02:55:21 +0000 (13:55 +1100)]
when scripts timeout, log pstree to a file in /tmp and just log the filename in the messages file
Ronnie Sahlberg [Fri, 23 Oct 2009 02:54:45 +0000 (13:54 +1100)]
set the eventscripts to timeout after 20 seconds
change the ban count to 10 failures before we ban by default
Ronnie Sahlberg [Thu, 22 Oct 2009 23:43:13 +0000 (10:43 +1100)]
Merge commit 'martins/master'
Ronnie Sahlberg [Thu, 22 Oct 2009 07:16:33 +0000 (18:16 +1100)]
new version 1.0.99
Martin Schwenke [Thu, 22 Oct 2009 06:48:09 +0000 (17:48 +1100)]
Merge commit 'origin/master'
Martin Schwenke [Thu, 22 Oct 2009 06:47:10 +0000 (17:47 +1100)]
Document onnode -n and -f options.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Ronnie Sahlberg [Thu, 22 Oct 2009 02:41:28 +0000 (13:41 +1100)]
if a lock wait child died/finished, we could have released the lockwait handle and set it to NULL before we call the destructors for releaseing the waiters.
The waiters reference the locakwait handle in order to remove itself from the li
nked list which caused a SEGV.
We dont actually need to remove ourselves from this list here since
if the parent freeze_handle holding the list is freed, then all waiters are rele
ased as well, and the only place we actually need to relink the waiter is in ctd
b_freeze_lock_handler, where we want to respond back to the clients and release
the waiters but we still want to keep the freeze_handle hanging around.
Ronnie Sahlberg [Thu, 22 Oct 2009 01:19:40 +0000 (12:19 +1100)]
From Volker L
Fix some warnings and an incorrect check for a talloc failure
Ronnie Sahlberg [Wed, 21 Oct 2009 20:58:44 +0000 (07:58 +1100)]
From Wolfgang M.
With the new vacuuming code, dont treat an invalid dmaster as fatal. Let it update to the new value insetad.
Martin Schwenke [Wed, 21 Oct 2009 10:48:15 +0000 (21:48 +1100)]
Merge commit 'origin/master'
Martin Schwenke [Wed, 21 Oct 2009 10:47:06 +0000 (21:47 +1100)]
Test suite: Remove the disable/enable monitor tests - they are useless.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Martin Schwenke [Wed, 21 Oct 2009 10:36:39 +0000 (21:36 +1100)]
Test suite: Fix the timeouts on the skip share check tests.
The timeout for waiting for state changes isn't very predictable. It
is "about" MonitorInterval seconds... but can be longer given the
duration of eventscript runs and other things. So, we change the
timeout to MonitorInterval + EventScriptTimeout, hoping it never takes
that long.
Move the eventscript installation/removal from the old fake-tests into
a function in the functions file. Implement supporting functions to
create/remove/check-for various files that it handles. Also add a
function that uses all of this that waits for the next monitor event
(but only if all other monitor events pass).
The final check in the skip share check tests uses the above and waits
for a monitor event, and then checks that the node is still healthy.
Also enhance the wait_until function to handle a command starting with
'!' (as a separate word) to make it easy to wait for a file not to
exist.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Ronnie Sahlberg [Wed, 21 Oct 2009 05:50:39 +0000 (16:50 +1100)]
During tests it is common to add/delete test eventscripts at runtime.
This can race with teh eventascript handling that does a :
list all scripts, sort them, then execute them
so trap status code 127 which means the script could not be executed (or /bin/sh does not exist) and treat it as not to cause the node to become unhealthy
Ronnie Sahlberg [Wed, 21 Oct 2009 04:26:24 +0000 (15:26 +1100)]
lower the debug levels for the "create FD messages" so we dont fill up the logs.
Ronnie Sahlberg [Wed, 21 Oct 2009 04:20:55 +0000 (15:20 +1100)]
When clients have blocked, perhaps because the node is banned or stopped and the client is blocked trying to tdb_fetch() a record, make sure we dont queue up too many REQ_MESSAGES.
Add a new tunable to control the maximum queue size we allow to a blocked client before we start discarding REQ_MESSAGES instead of queueing them for delivery.
This avoids having queued up very very large number of MESSAGES that samba semds
between eachother to nodes that are blocked/banned/stopped for extended periods
.
Ronnie Sahlberg [Wed, 21 Oct 2009 02:54:02 +0000 (13:54 +1100)]
dont restart ctdb when installing the rpm
Michael Adam [Tue, 20 Oct 2009 14:57:23 +0000 (16:57 +0200)]
In ctdb_ltdb_store(), add a missing transaction_cancel when local store failed.
Spotted by Volker.
Michael
Ronnie Sahlberg [Wed, 21 Oct 2009 00:51:30 +0000 (11:51 +1100)]
mprove the log message when we skip the ip allocation check from the recovery daemon.
we also skip this check if we are already in the process of performing an ip reallocation and not only when we are performing a full recovery.
Ronnie Sahlberg [Wed, 21 Oct 2009 00:34:17 +0000 (11:34 +1100)]
treat interfaces with the name ethX* as bond devices
git.samba.org / metze / ctdb / wip.git / log