ctdb/server/ctdb_monitor.c

   1 /*
   2    monitoring links to all other nodes to detect dead nodes
   3
   4
   5    Copyright (C) Ronnie Sahlberg 2007
   6
   7    This program is free software; you can redistribute it and/or modify
   8    it under the terms of the GNU General Public License as published by
   9    the Free Software Foundation; either version 3 of the License, or
  10    (at your option) any later version.
  11
  12    This program is distributed in the hope that it will be useful,
  13    but WITHOUT ANY WARRANTY; without even the implied warranty of
  14    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15    GNU General Public License for more details.
  16
  17    You should have received a copy of the GNU General Public License
  18    along with this program; if not, see <http://www.gnu.org/licenses/>.
  19 */
  20
  21 #include "includes.h"
  22 #include "lib/tevent/tevent.h"
  23 #include "system/filesys.h"
  24 #include "system/wait.h"
  25 #include "../include/ctdb_private.h"
  26
  27 struct ctdb_monitor_state {
  28         uint32_t monitoring_mode;
  29         TALLOC_CTX *monitor_context;
  30         uint32_t next_interval;
  31 };
  32
  33 static void ctdb_check_health(struct event_context *ev, struct timed_event *te,
  34                               struct timeval t, void *private_data);
  35
  36 /*
  37   setup the notification script
  38 */
  39 int ctdb_set_notification_script(struct ctdb_context *ctdb, const char *script)
  40 {
  41         ctdb->notification_script = talloc_strdup(ctdb, script);
  42         CTDB_NO_MEMORY(ctdb, ctdb->notification_script);
  43         return 0;
  44 }
  45
  46 static int ctdb_run_notification_script_child(struct ctdb_context *ctdb, const char *event)
  47 {
  48         struct stat st;
  49         int ret;
  50         char *cmd;
  51
  52         if (stat(ctdb->notification_script, &st) != 0) {
  53                 DEBUG(DEBUG_ERR,("Could not stat notification script %s. Can not send notifications.\n", ctdb->notification_script));
  54                 return -1;
  55         }
  56         if (!(st.st_mode & S_IXUSR)) {
  57                 DEBUG(DEBUG_ERR,("Notification script %s is not executable.\n", ctdb->notification_script));
  58                 return -1;
  59         }
  60
  61         cmd = talloc_asprintf(ctdb, "%s %s\n", ctdb->notification_script, event);
  62         CTDB_NO_MEMORY(ctdb, cmd);
  63
  64         ret = system(cmd);
  65         /* if the system() call was successful, translate ret into the
  66            return code from the command
  67         */
  68         if (ret != -1) {
  69                 ret = WEXITSTATUS(ret);
  70         }
  71         if (ret != 0) {
  72                 DEBUG(DEBUG_ERR,("Notification script \"%s\" failed with error %d\n", cmd, ret));
  73         }
  74
  75         return ret;
  76 }
  77
  78 void ctdb_run_notification_script(struct ctdb_context *ctdb, const char *event)
  79 {
  80         pid_t child;
  81
  82         if (ctdb->notification_script == NULL) {
  83                 return;
  84         }
  85
  86         child = fork();
  87         if (child == (pid_t)-1) {
  88                 DEBUG(DEBUG_ERR,("Failed to fork() a notification child process\n"));
  89                 return;
  90         }
  91         if (child == 0) {
  92                 int ret;
  93
  94                 ret = ctdb_run_notification_script_child(ctdb, event);
  95                 if (ret != 0) {
  96                         DEBUG(DEBUG_ERR,(__location__ " Notification script failed\n"));
  97                 }
  98                 _exit(0);
  99         }
 100
 101         return;
 102 }
 103
 104 /*
 105   called when a health monitoring event script finishes
 106  */
 107 static void ctdb_health_callback(struct ctdb_context *ctdb, int status, void *p)
 108 {
 109         struct ctdb_node *node = ctdb->nodes[ctdb->pnn];
 110         TDB_DATA data;
 111         struct ctdb_node_flag_change c;
 112         uint32_t next_interval;
 113         int ret;
 114         TDB_DATA rddata;
 115         struct takeover_run_reply rd;
 116
 117         c.pnn = ctdb->pnn;
 118         c.old_flags = node->flags;
 119
 120         rd.pnn   = ctdb->pnn;
 121         rd.srvid = CTDB_SRVID_TAKEOVER_RUN_RESPONSE;
 122
 123         rddata.dptr = (uint8_t *)&rd;
 124         rddata.dsize = sizeof(rd);
 125
 126         if (status == -ETIME) {
 127                 ctdb->event_script_timeouts++;
 128
 129                 if (ctdb->event_script_timeouts >= ctdb->tunable.script_timeout_count) {
 130                         DEBUG(DEBUG_ERR, ("Maximum timeout count %u reached for eventscript. Making node unhealthy\n", ctdb->tunable.script_timeout_count));
 131                 } else {
 132                         /* We pretend this is OK. */
 133                         goto after_change_status;
 134                 }
 135         }
 136
 137         if (status != 0 && !(node->flags & NODE_FLAGS_UNHEALTHY)) {
 138                 DEBUG(DEBUG_NOTICE,("monitor event failed - disabling node\n"));
 139                 node->flags |= NODE_FLAGS_UNHEALTHY;
 140                 ctdb->monitor->next_interval = 5;
 141
 142                 ctdb_run_notification_script(ctdb, "unhealthy");
 143
 144                 /* ask the recmaster to reallocate all addresses */
 145                 DEBUG(DEBUG_ERR,("Node became UNHEALTHY. Ask recovery master %u to perform ip reallocation\n", ctdb->recovery_master));
 146                 ret = ctdb_daemon_send_message(ctdb, ctdb->recovery_master, CTDB_SRVID_TAKEOVER_RUN, rddata);
 147                 if (ret != 0) {
 148                         DEBUG(DEBUG_ERR,(__location__ " Failed to send ip takeover run request message to %u\n", ctdb->recovery_master));
 149                 }
 150
 151         } else if (status == 0 && (node->flags & NODE_FLAGS_UNHEALTHY)) {
 152                 DEBUG(DEBUG_NOTICE,("monitor event OK - node re-enabled\n"));
 153                 node->flags &= ~NODE_FLAGS_UNHEALTHY;
 154                 ctdb->monitor->next_interval = 5;
 155
 156                 ctdb_run_notification_script(ctdb, "healthy");
 157
 158                 /* ask the recmaster to reallocate all addresses */
 159                 DEBUG(DEBUG_ERR,("Node became HEALTHY. Ask recovery master %u to perform ip reallocation\n", ctdb->recovery_master));
 160                 ret = ctdb_daemon_send_message(ctdb, ctdb->recovery_master, CTDB_SRVID_TAKEOVER_RUN, rddata);
 161                 if (ret != 0) {
 162                         DEBUG(DEBUG_ERR,(__location__ " Failed to send ip takeover run request message to %u\n", ctdb->recovery_master));
 163                 }
 164
 165         }
 166
 167 after_change_status:
 168         next_interval = ctdb->monitor->next_interval;
 169
 170         ctdb->monitor->next_interval *= 2;
 171         if (ctdb->monitor->next_interval > ctdb->tunable.monitor_interval) {
 172                 ctdb->monitor->next_interval = ctdb->tunable.monitor_interval;
 173         }
 174
 175         event_add_timed(ctdb->ev, ctdb->monitor->monitor_context,
 176                                 timeval_current_ofs(next_interval, 0),
 177                                 ctdb_check_health, ctdb);
 178
 179         if (c.old_flags == node->flags) {
 180                 return;
 181         }
 182
 183         c.new_flags = node->flags;
 184
 185         data.dptr = (uint8_t *)&c;
 186         data.dsize = sizeof(c);
 187
 188         /* ask the recovery daemon to push these changes out to all nodes */
 189         ctdb_daemon_send_message(ctdb, ctdb->pnn,
 190                                  CTDB_SRVID_PUSH_NODE_FLAGS, data);
 191
 192 }
 193
 194
 195 /*
 196   called when the startup event script finishes
 197  */
 198 static void ctdb_startup_callback(struct ctdb_context *ctdb, int status, void *p)
 199 {
 200         if (status != 0) {
 201                 DEBUG(DEBUG_ERR,("startup event failed\n"));
 202         } else if (status == 0) {
 203                 DEBUG(DEBUG_NOTICE,("startup event OK - enabling monitoring\n"));
 204                 ctdb->done_startup = true;
 205                 ctdb->monitor->next_interval = 0;
 206                 ctdb_run_notification_script(ctdb, "startup");
 207         }
 208
 209         event_add_timed(ctdb->ev, ctdb->monitor->monitor_context,
 210                         timeval_current_ofs(ctdb->monitor->next_interval, 0),
 211                         ctdb_check_health, ctdb);
 212 }
 213
 214
 215 /*
 216   wait until we have finished initial recoveries before we start the
 217   monitoring events
 218  */
 219 static void ctdb_wait_until_recovered(struct event_context *ev, struct timed_event *te,
 220                               struct timeval t, void *private_data)
 221 {
 222         struct ctdb_context *ctdb = talloc_get_type(private_data, struct ctdb_context);
 223         int ret;
 224
 225         DEBUG(DEBUG_NOTICE,("CTDB_WAIT_UNTIL_RECOVERED\n"));
 226
 227         if (ctdb->vnn_map->generation == INVALID_GENERATION) {
 228                 ctdb->db_persistent_startup_generation = INVALID_GENERATION;
 229
 230                 DEBUG(DEBUG_NOTICE,(__location__ " generation is INVALID. Wait one more second\n"));
 231                 event_add_timed(ctdb->ev, ctdb->monitor->monitor_context,
 232                                      timeval_current_ofs(1, 0),
 233                                      ctdb_wait_until_recovered, ctdb);
 234                 return;
 235         }
 236
 237         if (ctdb->recovery_mode != CTDB_RECOVERY_NORMAL) {
 238                 ctdb->db_persistent_startup_generation = INVALID_GENERATION;
 239
 240                 DEBUG(DEBUG_NOTICE,(__location__ " in recovery. Wait one more second\n"));
 241                 event_add_timed(ctdb->ev, ctdb->monitor->monitor_context,
 242                                      timeval_current_ofs(1, 0),
 243                                      ctdb_wait_until_recovered, ctdb);
 244                 return;
 245         }
 246
 247
 248         if (!fast_start && timeval_elapsed(&ctdb->last_recovery_finished) < (ctdb->tunable.rerecovery_timeout + 3)) {
 249                 ctdb->db_persistent_startup_generation = INVALID_GENERATION;
 250
 251                 DEBUG(DEBUG_NOTICE,(__location__ " wait for pending recoveries to end. Wait one more second.\n"));
 252
 253                 event_add_timed(ctdb->ev, ctdb->monitor->monitor_context,
 254                                      timeval_current_ofs(1, 0),
 255                                      ctdb_wait_until_recovered, ctdb);
 256                 return;
 257         }
 258
 259         if (ctdb->vnn_map->generation == ctdb->db_persistent_startup_generation) {
 260                 DEBUG(DEBUG_INFO,(__location__ " skip ctdb_recheck_persistent_health() "
 261                                   "until the next recovery\n"));
 262                 event_add_timed(ctdb->ev, ctdb->monitor->monitor_context,
 263                                      timeval_current_ofs(1, 0),
 264                                      ctdb_wait_until_recovered, ctdb);
 265                 return;
 266         }
 267
 268         ctdb->db_persistent_startup_generation = ctdb->vnn_map->generation;
 269         ret = ctdb_recheck_persistent_health(ctdb);
 270         if (ret != 0) {
 271                 ctdb->db_persistent_check_errors++;
 272                 if (ctdb->db_persistent_check_errors < ctdb->max_persistent_check_errors) {
 273                         DEBUG(ctdb->db_persistent_check_errors==1?DEBUG_ERR:DEBUG_WARNING,
 274                               (__location__ "ctdb_recheck_persistent_health() "
 275                               "failed (%llu of %llu times) - retry later\n",
 276                               (unsigned long long)ctdb->db_persistent_check_errors,
 277                               (unsigned long long)ctdb->max_persistent_check_errors));
 278                         event_add_timed(ctdb->ev,
 279                                         ctdb->monitor->monitor_context,
 280                                         timeval_current_ofs(1, 0),
 281                                         ctdb_wait_until_recovered, ctdb);
 282                         return;
 283                 }
 284                 DEBUG(DEBUG_ALERT,(__location__
 285                                   "ctdb_recheck_persistent_health() failed (%llu times) - prepare shutdown\n",
 286                                   (unsigned long long)ctdb->db_persistent_check_errors));
 287                 ctdb_stop_recoverd(ctdb);
 288                 ctdb_stop_keepalive(ctdb);
 289                 ctdb_stop_monitoring(ctdb);
 290                 ctdb_release_all_ips(ctdb);
 291                 if (ctdb->methods != NULL) {
 292                         ctdb->methods->shutdown(ctdb);
 293                 }
 294                 ctdb_event_script(ctdb, CTDB_EVENT_SHUTDOWN);
 295                 DEBUG(DEBUG_ALERT,("ctdb_recheck_persistent_health() failed - Stopping CTDB daemon\n"));
 296                 exit(11);
 297         }
 298         ctdb->db_persistent_check_errors = 0;
 299         DEBUG(DEBUG_NOTICE,(__location__
 300                            "ctdb_start_monitoring: ctdb_recheck_persistent_health() OK\n"));
 301
 302         DEBUG(DEBUG_NOTICE,(__location__ " Recoveries finished. Running the \"startup\" event.\n"));
 303         event_add_timed(ctdb->ev, ctdb->monitor->monitor_context,
 304                              timeval_current(),
 305                              ctdb_check_health, ctdb);
 306 }
 307
 308
 309 /*
 310   see if the event scripts think we are healthy
 311  */
 312 static void ctdb_check_health(struct event_context *ev, struct timed_event *te,
 313                               struct timeval t, void *private_data)
 314 {
 315         struct ctdb_context *ctdb = talloc_get_type(private_data, struct ctdb_context);
 316         int ret = 0;
 317
 318         if (ctdb->recovery_mode != CTDB_RECOVERY_NORMAL ||
 319             (ctdb->monitor->monitoring_mode == CTDB_MONITORING_DISABLED && ctdb->done_startup)) {
 320                 event_add_timed(ctdb->ev, ctdb->monitor->monitor_context,
 321                                 timeval_current_ofs(ctdb->monitor->next_interval, 0),
 322                                 ctdb_check_health, ctdb);
 323                 return;
 324         }
 325
 326         if (!ctdb->done_startup) {
 327                 ret = ctdb_event_script_callback(ctdb,
 328                                                  ctdb->monitor->monitor_context, ctdb_startup_callback,
 329                                                  ctdb, false,
 330                                                  CTDB_EVENT_STARTUP, "%s", "");
 331         } else {
 332                 int i;
 333                 int skip_monitoring = 0;
 334
 335                 if (ctdb->recovery_mode != CTDB_RECOVERY_NORMAL) {
 336                         skip_monitoring = 1;
 337                         DEBUG(DEBUG_ERR,("Skip monitoring during recovery\n"));
 338                 }
 339                 for (i=1; i<=NUM_DB_PRIORITIES; i++) {
 340                         if (ctdb->freeze_handles[i] != NULL) {
 341                                 DEBUG(DEBUG_ERR,("Skip monitoring since databases are frozen\n"));
 342                                 skip_monitoring = 1;
 343                                 break;
 344                         }
 345                 }
 346                 if (skip_monitoring != 0) {
 347                         event_add_timed(ctdb->ev, ctdb->monitor->monitor_context,
 348                                         timeval_current_ofs(ctdb->monitor->next_interval, 0),
 349                                         ctdb_check_health, ctdb);
 350                         return;
 351                 } else {
 352                         ret = ctdb_event_script_callback(ctdb,
 353                                         ctdb->monitor->monitor_context, ctdb_health_callback,
 354                                         ctdb, false,
 355                                         CTDB_EVENT_MONITOR, "%s", "");
 356                 }
 357         }
 358
 359         if (ret != 0) {
 360                 DEBUG(DEBUG_ERR,("Unable to launch monitor event script\n"));
 361                 ctdb->monitor->next_interval = 5;
 362                 event_add_timed(ctdb->ev, ctdb->monitor->monitor_context,
 363                         timeval_current_ofs(5, 0),
 364                         ctdb_check_health, ctdb);
 365         }
 366 }
 367
 368 /*
 369   (Temporaily) Disabling monitoring will stop the monitor event scripts
 370   from running   but node health checks will still occur
 371 */
 372 void ctdb_disable_monitoring(struct ctdb_context *ctdb)
 373 {
 374         ctdb->monitor->monitoring_mode = CTDB_MONITORING_DISABLED;
 375         DEBUG(DEBUG_INFO,("Monitoring has been disabled\n"));
 376 }
 377
 378 /*
 379    Re-enable running monitor events after they have been disabled
 380  */
 381 void ctdb_enable_monitoring(struct ctdb_context *ctdb)
 382 {
 383         ctdb->monitor->monitoring_mode  = CTDB_MONITORING_ACTIVE;
 384         ctdb->monitor->next_interval = 5;
 385         DEBUG(DEBUG_INFO,("Monitoring has been enabled\n"));
 386 }
 387
 388 /* stop any monitoring
 389    this should only be done when shutting down the daemon
 390 */
 391 void ctdb_stop_monitoring(struct ctdb_context *ctdb)
 392 {
 393         talloc_free(ctdb->monitor->monitor_context);
 394         ctdb->monitor->monitor_context = NULL;
 395
 396         ctdb->monitor->monitoring_mode  = CTDB_MONITORING_DISABLED;
 397         ctdb->monitor->next_interval = 5;
 398         DEBUG(DEBUG_NOTICE,("Monitoring has been stopped\n"));
 399 }
 400
 401 /*
 402   start watching for nodes that might be dead
 403  */
 404 void ctdb_start_monitoring(struct ctdb_context *ctdb)
 405 {
 406         if (ctdb->monitor != NULL) {
 407                 return;
 408         }
 409
 410         ctdb->monitor = talloc(ctdb, struct ctdb_monitor_state);
 411         CTDB_NO_MEMORY_FATAL(ctdb, ctdb->monitor);
 412
 413         ctdb->monitor->next_interval = 5;
 414
 415         ctdb->monitor->monitor_context = talloc_new(ctdb->monitor);
 416         CTDB_NO_MEMORY_FATAL(ctdb, ctdb->monitor->monitor_context);
 417
 418         event_add_timed(ctdb->ev, ctdb->monitor->monitor_context,
 419                              timeval_current_ofs(1, 0),
 420                              ctdb_wait_until_recovered, ctdb);
 421
 422         ctdb->monitor->monitoring_mode  = CTDB_MONITORING_ACTIVE;
 423         DEBUG(DEBUG_NOTICE,("Monitoring has been started\n"));
 424 }
 425
 426
 427 /*
 428   modify flags on a node
 429  */
 430 int32_t ctdb_control_modflags(struct ctdb_context *ctdb, TDB_DATA indata)
 431 {
 432         struct ctdb_node_flag_change *c = (struct ctdb_node_flag_change *)indata.dptr;
 433         struct ctdb_node *node;
 434         uint32_t old_flags;
 435         int i;
 436
 437         if (c->pnn >= ctdb->num_nodes) {
 438                 DEBUG(DEBUG_ERR,(__location__ " Node %d is invalid, num_nodes :%d\n", c->pnn, ctdb->num_nodes));
 439                 return -1;
 440         }
 441
 442         node         = ctdb->nodes[c->pnn];
 443         old_flags    = node->flags;
 444         if (c->pnn != ctdb->pnn) {
 445                 c->old_flags  = node->flags;
 446         }
 447         node->flags   = c->new_flags & ~NODE_FLAGS_DISCONNECTED;
 448         node->flags  |= (c->old_flags & NODE_FLAGS_DISCONNECTED);
 449
 450         /* we dont let other nodes modify our STOPPED status */
 451         if (c->pnn == ctdb->pnn) {
 452                 node->flags &= ~NODE_FLAGS_STOPPED;
 453                 if (old_flags & NODE_FLAGS_STOPPED) {
 454                         node->flags |= NODE_FLAGS_STOPPED;
 455                 }
 456         }
 457
 458         /* we dont let other nodes modify our BANNED status */
 459         if (c->pnn == ctdb->pnn) {
 460                 node->flags &= ~NODE_FLAGS_BANNED;
 461                 if (old_flags & NODE_FLAGS_BANNED) {
 462                         node->flags |= NODE_FLAGS_BANNED;
 463                 }
 464         }
 465
 466         if (node->flags == c->old_flags) {
 467                 DEBUG(DEBUG_INFO, ("Control modflags on node %u - Unchanged - flags 0x%x\n", c->pnn, node->flags));
 468                 return 0;
 469         }
 470
 471         DEBUG(DEBUG_INFO, ("Control modflags on node %u - flags now 0x%x\n", c->pnn, node->flags));
 472
 473         if (node->flags == 0 && !ctdb->done_startup) {
 474                 DEBUG(DEBUG_ERR, (__location__ " Node %u became healthy - force recovery for startup\n",
 475                                   c->pnn));
 476                 ctdb->recovery_mode = CTDB_RECOVERY_ACTIVE;
 477         }
 478
 479         /* tell the recovery daemon something has changed */
 480         ctdb_daemon_send_message(ctdb, ctdb->pnn,
 481                                  CTDB_SRVID_SET_NODE_FLAGS, indata);
 482
 483         /* if we have become banned, we should go into recovery mode */
 484         if ((node->flags & NODE_FLAGS_BANNED) && !(c->old_flags & NODE_FLAGS_BANNED) && (node->pnn == ctdb->pnn)) {
 485                 /* make sure we are frozen */
 486                 DEBUG(DEBUG_NOTICE,("This node has been banned - forcing freeze and recovery\n"));
 487                 /* Reset the generation id to 1 to make us ignore any
 488                    REQ/REPLY CALL/DMASTER someone sends to us.
 489                    We are now banned so we shouldnt service database calls
 490                    anymore.
 491                 */
 492                 ctdb->vnn_map->generation = INVALID_GENERATION;
 493
 494                 for (i=1; i<=NUM_DB_PRIORITIES; i++) {
 495                         if (ctdb_start_freeze(ctdb, i) != 0) {
 496                                 DEBUG(DEBUG_ERR,(__location__ " Failed to freeze db priority %u\n", i));
 497                         }
 498                 }
 499                 ctdb_release_all_ips(ctdb);
 500                 ctdb->recovery_mode = CTDB_RECOVERY_ACTIVE;
 501         }
 502
 503         return 0;
 504 }
 505
 506 /*
 507   return the monitoring mode
 508  */
 509 int32_t ctdb_monitoring_mode(struct ctdb_context *ctdb)
 510 {
 511         if (ctdb->monitor == NULL) {
 512                 return CTDB_MONITORING_DISABLED;
 513         }
 514         return ctdb->monitor->monitoring_mode;
 515 }
 516