diff options
author | Michele Baldessari <michele@acksyn.org> | 2021-02-28 09:38:32 +0100 |
---|---|---|
committer | Michele Baldessari <michele@acksyn.org> | 2021-02-28 15:51:39 +0100 |
commit | 97117f86dd108a8f68128e14aa50bc9e5570a837 (patch) | |
tree | defa7e6b5b08adc0885490ea5cf14983411cc901 | |
parent | cf039f9a54d7ee9ae81a1bb792e5036183ab2cd5 (diff) | |
download | rabbitmq-server-git-97117f86dd108a8f68128e14aa50bc9e5570a837.tar.gz |
Stop logging unblock client access unconditionally
Currently every call to unblock_client_access() is followed by a log line
showing which function requested the unblocking. When we pass the parameter
OCF_RESKEY_avoid_using_iptables=true it makes no sense to log
unblocking of iptables since it is effectively a no-op.
Let's move that logging inside the unblock_client_access() function
allowing a parameter to log which function called it.
Tested on a cluster with rabbitmq bundles with avoid_using_iptables=true
and observed no spurious logging any longer:
[root@messaging-0 ~]# journalctl |grep 'unblocked access to RMQ port' |wc -l
0
-rwxr-xr-x | scripts/rabbitmq-server-ha.ocf | 19 |
1 files changed, 10 insertions, 9 deletions
diff --git a/scripts/rabbitmq-server-ha.ocf b/scripts/rabbitmq-server-ha.ocf index 1ecf1d09fd..62172b824a 100755 --- a/scripts/rabbitmq-server-ha.ocf +++ b/scripts/rabbitmq-server-ha.ocf @@ -811,6 +811,10 @@ block_client_access() unblock_client_access() { + local lhtext="none" + if [ -z $1 ] ; then + lhtext=$1 + fi # When OCF_RESKEY_avoid_using_iptables is true iptables calls are noops if [ "${OCF_RESKEY_avoid_using_iptables}" == 'true' ] ; then return @@ -820,6 +824,7 @@ unblock_client_access() iptables --wait -D INPUT -p tcp -m tcp --dport ${OCF_RESKEY_node_port} -m state --state NEW,RELATED,ESTABLISHED \ -m comment --comment 'temporary RMQ block' -j REJECT --reject-with tcp-reset done + ocf_log info "${lhtext} unblocked access to RMQ port" } get_nodes__base(){ @@ -1369,7 +1374,7 @@ start_rmq_server_app() { ocf_log info "${LH} begin." # Safe-unblock the rules, if there are any - unblock_client_access + unblock_client_access "${LH}" # Apply the blocking rule block_client_access rc=$? @@ -1386,8 +1391,7 @@ start_rmq_server_app() { start_beam_process rc=$? if [ $rc -ne $OCF_SUCCESS ]; then - unblock_client_access - ocf_log info "${LH} unblocked access to RMQ port" + unblock_client_access "${LH}" return $OCF_ERR_GENERIC fi fi @@ -1403,8 +1407,7 @@ start_rmq_server_app() { if [ $rc -ne 0 ] ; then ocf_log err "${LH} RMQ-server app can't be stopped. Beam will be killed." kill_rmq_and_remove_pid - unblock_client_access - ocf_log info "${LH} unblocked access to RMQ port" + unblock_client_access "${LH}" return $OCF_ERR_GENERIC fi else @@ -1426,8 +1429,7 @@ start_rmq_server_app() { else ocf_log err "${LH} RMQ-server app can't be stopped during Mnesia cleaning. Beam will be killed." kill_rmq_and_remove_pid - unblock_client_access - ocf_log info "${LH} unblocked access to RMQ port" + unblock_client_access "${LH}" return $OCF_ERR_GENERIC fi fi @@ -1438,8 +1440,7 @@ start_rmq_server_app() { kill_rmq_and_remove_pid fi ocf_log info "${LH} end." - unblock_client_access - ocf_log info "${LH} unblocked access to RMQ port" + unblock_client_access "${LH}" return $rc } |