#!/bin/sh # This must run as root as CTDB tool commands need to access CTDB socket [ $(id -u) -eq 0 ] || exec sudo "$0" "$@" # this script needs to be installed so that statd points to it with the -H # command line argument. The easiest way to do that is to put something like this in # /etc/sysconfig/nfs: # STATD_HOSTNAME="myhostname -H /etc/ctdb/statd-callout" [ -n "$CTDB_BASE" ] || \ export CTDB_BASE=$(cd -P $(dirname "$0") ; echo "$PWD") . $CTDB_BASE/functions # Overwrite this so we get some logging die () { script_log "statd-callout" "$@" exit 1 } loadconfig ctdb loadconfig nfs [ -n "$NFS_HOSTNAME" ] || \ die "NFS_HOSTNAME is not configured. statd-callout failed" # A handy newline nl=" " case "$1" in add-client) # statd does not tell us to which IP the client connected so # we must add it to all the IPs that we serve cip="$2" pnn=$(ctdb xpnn | sed -e 's/.*://') date=$(date '+%s') ctdb ip -X | tail -n +2 | { # This all needs to be in the end of the pipe so it # doesn't get lost items="" while IFS="|" read x sip node x ; do [ "$node" = "$pnn" ] || continue # not us key="statd-state@${sip}@${cip}" item="\"${key}\" \"${date}\"" items="${items}${items:+${nl}}${item}" done if ! echo "$items" | ctdb ptrans "ctdb.tdb" ; then die "Failed to add clients" fi } ;; del-client) # statd does not tell us from which IP the client disconnected # so we must add it to all the IPs that we serve cip="$2" pnn=$(ctdb xpnn | sed -e 's/.*://') ctdb ip -X | tail -n +2 | { # This all needs to be in the end of the pipe so it # doesn't get lost items="" while IFS="|" read x sip node x ; do [ "$node" = "$pnn" ] || continue # not us key="statd-state@${sip}@${cip}" item="\"${key}\" \"\"" items="${items}${items:+${nl}}${item}" done if ! echo "$items" | ctdb ptrans "ctdb.tdb" ; then die "Failed to delete clients" fi } ;; notify) # we must restart the lockmanager (on all nodes) so that we get # a clusterwide grace period (so other clients dont take out # conflicting locks through other nodes before all locks have been # reclaimed) # we need these settings to make sure that no tcp connections survive # across a very fast failover/failback #echo 10 > /proc/sys/net/ipv4/tcp_fin_timeout #echo 0 > /proc/sys/net/ipv4/tcp_max_tw_buckets #echo 0 > /proc/sys/net/ipv4/tcp_max_orphans # Delete the notification list for statd, we dont want it to # ping any clients rm -f /var/lib/nfs/statd/sm/* rm -f /var/lib/nfs/statd/sm.bak/* # we must keep a monotonically increasing state variable for the entire # cluster so state always increases when ip addresses fail from one # node to another # We use epoch and hope the nodes are close enough in clock. # Even numbers mean service is shut down, odd numbers mean # service is started. state_even=$(( $(date '+%s') / 2 * 2)) # we must also let some time pass between stopping and restarting the # lockmanager since othervise there is a window where the lockmanager # will respond "strangely" immediately after restarting it, which # causes clients to fail to reclaim the locks. # if [ "${CTDB_NFS_SERVER_MODE:-${NFS_SERVER_MODE}}" != "ganesha" ] ; then startstop_nfslock stop >/dev/null 2>&1 sleep 2 startstop_nfslock start >/dev/null 2>&1 fi # we now need to send out additional statd notifications to ensure # that clients understand that the lockmanager has restarted. # we have three cases: # 1, clients that ignore the ip address the stat notification came from # and ONLY care about the 'name' in the notify packet. # these clients ONLY work with lock failover IFF that name # can be resolved into an ipaddress that matches the one used # to mount the share. (==linux clients) # This is handled when starting lockmanager above, but those # packets are sent from the "wrong" ip address, something linux # clients are ok with, buth other clients will barf at. # 2, Some clients only accept statd packets IFF they come from the # 'correct' ip address. # 2a,Send out the notification using the 'correct' ip address and also # specify the 'correct' hostname in the statd packet. # Some clients require both the correct source address and also the # correct name. (these clients also ONLY work if the ip addresses # used to map the share can be resolved into the name returned in # the notify packet.) # 2b,Other clients require that the source ip address of the notify # packet matches the ip address used to take out the lock. # I.e. that the correct source address is used. # These clients also require that the statd notify packet contains # the name as the ip address used when the lock was taken out. # # Both 2a and 2b are commonly used in lockmanagers since they maximize # probability that the client will accept the statd notify packet and # not just ignore it. # For all IPs we serve, collect info and push to the config database pnn=$(ctdb xpnn | sed -e 's/.*://') # Construct a sed expression to take catdb output and produce pairs of: # server-IP client-IP # but only for the server-IPs that are hosted on this node. sed_expr=$(ctdb ip | tail -n +2 | awk -v pnn=$pnn 'pnn == $2 { \ ip = $1; gsub(/\./, "\\\\.", ip); \ printf "s/^key.*=.*statd-state@\\(%s\\)@\\([^\"]*\\).*/\\1 \\2/p\n", ip }') statd_state=$(ctdb catdb ctdb.tdb | sed -n "$sed_expr" | sort) [ -n "$statd_state" ] || exit 0 # The following is dangerous if this script times out before # all of the smnotify commands are run. Revert to individual # pdelete commands for now and consider optimising smnotify to # read all the data from stdin and then run it in the # background. # # Delete all the items from the TDB #if ! echo "$statd_state" | \ # awk '{ printf "\"statd-state@%s@%s\" \"\"\n", $1, $2 }') | \ # ctdb ptrans ctdb.tdb ; then # die "Yikes!" #fi prev="" echo "$statd_state" | while read sip cip ; do # Delete the entry from the DB ctdb pdelete ctdb.tdb "statd-state@${sip}@${cip}" # Reset stateval for each serverip [ "$sip" = "$prev" ] || stateval="$state_even" # Send notifies for server shutdown smnotify --client=$cip --ip=$sip --server=$sip --stateval=$stateval smnotify --client=$cip --ip=$sip --server=$NFS_HOSTNAME --stateval=$stateval # Send notifies for server startup stateval=$(($stateval + 1)) smnotify --client=$cip --ip=$sip --server=$sip --stateval=$stateval smnotify --client=$cip --ip=$sip --server=$NFS_HOSTNAME --stateval=$stateval done ;; esac