Commit eb5a67a4 authored by Rocky Automation's avatar Rocky Automation 📺
Browse files

import resource-agents-4.1.1-90.el8_4.5

parent 7d8d4c64
From b727fe4e2a0f4c88fca0ed9f90f57e570253c961 Mon Sep 17 00:00:00 2001
From: Costas Tyfoxylos <costas.tyf@gmail.com>
Date: Wed, 26 Aug 2020 15:18:00 +0300
Subject: [PATCH 1/2] aws-vpc-move-ip: Implemented optional eni lookup instead
of the default instance id.
In a shared network pattern where the cluster resides in shared subnets the instance ids of the nodes are not retrievable but the eni ids are and this optional feature gives transparent support in that situation.
---
heartbeat/aws-vpc-move-ip | 41 +++++++++++++++++++++++++++++++--------
1 file changed, 33 insertions(+), 8 deletions(-)
diff --git a/heartbeat/aws-vpc-move-ip b/heartbeat/aws-vpc-move-ip
index 1b540caec..bc82428e5 100755
--- a/heartbeat/aws-vpc-move-ip
+++ b/heartbeat/aws-vpc-move-ip
@@ -44,6 +44,7 @@ OCF_RESKEY_routing_table_default=""
OCF_RESKEY_routing_table_role_default=""
OCF_RESKEY_interface_default="eth0"
OCF_RESKEY_monapi_default="false"
+OCF_RESKEY_lookup_type_default="InstanceId"
: ${OCF_RESKEY_awscli=${OCF_RESKEY_awscli_default}}
: ${OCF_RESKEY_profile=${OCF_RESKEY_profile_default}}
@@ -54,6 +55,7 @@ OCF_RESKEY_monapi_default="false"
: ${OCF_RESKEY_routing_table_role=${OCF_RESKEY_routing_table_role_default}}
: ${OCF_RESKEY_interface=${OCF_RESKEY_interface_default}}
: ${OCF_RESKEY_monapi=${OCF_RESKEY_monapi_default}}
+: ${OCF_RESKEY_lookup_type=${OCF_RESKEY_lookup_type_default}}
[ -n "$OCF_RESKEY_region" ] && region_opt="--region $OCF_RESKEY_region"
#######################################################################
@@ -154,6 +156,17 @@ Enable enhanced monitoring using AWS API calls to check route table entry
<shortdesc lang="en">Enhanced Monitoring</shortdesc>
<content type="boolean" default="${OCF_RESKEY_monapi_default}" />
</parameter>
+
+<parameter name="lookup_type" required="0">
+<longdesc lang="en">
+Name of resource type to lookup in route table.
+"InstanceId" : EC2 instance ID. (default)
+"NetworkInterfaceId" : ENI ID. (useful in shared VPC setups).
+</longdesc>
+<shortdesc lang="en">lookup type for route table resource</shortdesc>
+<content type="string" default="${OCF_RESKEY_lookup_type_default}" />
+</parameter>
+
</parameters>
<actions>
@@ -187,7 +200,7 @@ execute_cmd_as_role(){
ec2ip_set_address_param_compat(){
# Include backward compatibility for the deprecated address parameter
- if [ -z "$OCF_RESKEY_ip" ] && [ -n "$OCF_RESKEY_address" ]; then
+ if [ -z "$OCF_RESKEY_ip" ] && [ -n "$OCF_RESKEY_address" ]; then
OCF_RESKEY_ip="$OCF_RESKEY_address"
fi
}
@@ -213,16 +226,24 @@ ec2ip_validate() {
}
ec2ip_monitor() {
- MON_RES=""
+ MON_RES=""
+ if [ "${OCF_RESKEY_lookup_type}" = "NetworkInterfaceId" ]; then
+ EC2_ID="$(ec2ip_get_instance_eni)"
+ RESOURCE_TYPE="interface"
+ else
+ EC2_ID="$EC2_INSTANCE_ID"
+ RESOURCE_TYPE="instance"
+ fi
+
if ocf_is_true ${OCF_RESKEY_monapi} || [ "$__OCF_ACTION" = "start" ] || ocf_is_probe; then
for rtb in $(echo $OCF_RESKEY_routing_table | sed -e 's/,/ /g'); do
ocf_log info "monitor: check routing table (API call) - $rtb"
if [[ -z "${OCF_RESKEY_routing_table_role}" ]]; then
- cmd="$OCF_RESKEY_awscli --profile $OCF_RESKEY_profile $region_opt --output text ec2 describe-route-tables --route-table-ids $rtb --query RouteTables[*].Routes[?DestinationCidrBlock=='$OCF_RESKEY_ip/32'].InstanceId"
+ cmd="$OCF_RESKEY_awscli --profile $OCF_RESKEY_profile $region_opt --output text ec2 describe-route-tables --route-table-ids $rtb --query RouteTables[*].Routes[?DestinationCidrBlock=='$OCF_RESKEY_ip/32'].$OCF_RESKEY_lookup_type"
ocf_log debug "executing command: $cmd"
ROUTE_TO_INSTANCE="$($cmd)"
else
- cmd="$OCF_RESKEY_awscli $region_opt --output text ec2 describe-route-tables --route-table-ids $rtb --query RouteTables[*].Routes[?DestinationCidrBlock=='$OCF_RESKEY_ip/32'].InstanceId"
+ cmd="$OCF_RESKEY_awscli $region_opt --output text ec2 describe-route-tables --route-table-ids $rtb --query RouteTables[*].Routes[?DestinationCidrBlock=='$OCF_RESKEY_ip/32'].$OCF_RESKEY_lookup_type"
ROUTE_TO_INSTANCE="$(execute_cmd_as_role "$cmd" $OCF_RESKEY_routing_table_role)"
fi
ocf_log debug "Overlay IP is currently routed to ${ROUTE_TO_INSTANCE}"
@@ -230,8 +251,8 @@ ec2ip_monitor() {
ROUTE_TO_INSTANCE="<unknown>"
fi
- if [ "$EC2_INSTANCE_ID" != "$ROUTE_TO_INSTANCE" ]; then
- ocf_log warn "not routed to this instance ($EC2_INSTANCE_ID) but to instance $ROUTE_TO_INSTANCE on $rtb"
+ if [ "$EC2_ID" != "$ROUTE_TO_INSTANCE" ]; then
+ ocf_log warn "not routed to this $RESOURCE_TYPE ($EC2_ID) but to $RESOURCE_TYPE $ROUTE_TO_INSTANCE on $rtb"
MON_RES="$MON_RES $rtb"
fi
sleep 1
@@ -275,7 +296,7 @@ ec2ip_drop() {
return $OCF_SUCCESS
}
-ec2ip_get_and_configure() {
+ec2ip_get_instance_eni() {
MAC_FILE="/sys/class/net/${OCF_RESKEY_interface}/address"
if [ -f $MAC_FILE ]; then
cmd="cat ${MAC_FILE}"
@@ -300,7 +321,11 @@ ec2ip_get_and_configure() {
return $OCF_ERR_GENERIC
fi
ocf_log debug "network interface id associated MAC address ${MAC_ADDR}: ${EC2_NETWORK_INTERFACE_ID}"
+ echo $EC2_NETWORK_INTERFACE_ID
+}
+ec2ip_get_and_configure() {
+ EC2_NETWORK_INTERFACE_ID="$(ec2ip_get_instance_eni)"
for rtb in $(echo $OCF_RESKEY_routing_table | sed -e 's/,/ /g'); do
if [ -z "${OCF_RESKEY_routing_table_role}" ]; then
cmd="$OCF_RESKEY_awscli --profile $OCF_RESKEY_profile $region_opt --output text ec2 replace-route --route-table-id $rtb --destination-cidr-block ${OCF_RESKEY_ip}/32 --network-interface-id $EC2_NETWORK_INTERFACE_ID"
From f4c8daae098dd33bdd5136ca4846eb505110e006 Mon Sep 17 00:00:00 2001
From: Sander Botman <sbotman@schubergphilis.com>
Date: Fri, 28 Aug 2020 22:01:03 +0200
Subject: [PATCH 2/2] aws-vpc-move-ip: Fix the region option
---
heartbeat/aws-vpc-move-ip | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/heartbeat/aws-vpc-move-ip b/heartbeat/aws-vpc-move-ip
index bc82428e5..a5b28ad92 100755
--- a/heartbeat/aws-vpc-move-ip
+++ b/heartbeat/aws-vpc-move-ip
@@ -243,7 +243,7 @@ ec2ip_monitor() {
ocf_log debug "executing command: $cmd"
ROUTE_TO_INSTANCE="$($cmd)"
else
- cmd="$OCF_RESKEY_awscli $region_opt --output text ec2 describe-route-tables --route-table-ids $rtb --query RouteTables[*].Routes[?DestinationCidrBlock=='$OCF_RESKEY_ip/32'].$OCF_RESKEY_lookup_type"
+ cmd="$OCF_RESKEY_awscli $region_opt --output text ec2 describe-route-tables --route-table-ids $rtb --query RouteTables[*].Routes[?DestinationCidrBlock=='$OCF_RESKEY_ip/32'].$OCF_RESKEY_lookup_type"
ROUTE_TO_INSTANCE="$(execute_cmd_as_role "$cmd" $OCF_RESKEY_routing_table_role)"
fi
ocf_log debug "Overlay IP is currently routed to ${ROUTE_TO_INSTANCE}"
From 7850aea1600389beb16c7aad40bba1b76ae694c4 Mon Sep 17 00:00:00 2001
From: Damien Ciabrini <dciabrin@redhat.com>
Date: Tue, 15 Jun 2021 20:03:20 +0200
Subject: [PATCH] podman: workaround race during container creation
podman and OCI runtime have a race that sometimes causes
a container to fail to be created and run [1] if the
cgroup to be used is not available yet. When that happens,
try to recreate it until it succeeds or the start
timeout is reached.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1972209
---
heartbeat/podman | 32 ++++++++++++++++++++++++++++++--
1 file changed, 30 insertions(+), 2 deletions(-)
diff --git a/heartbeat/podman b/heartbeat/podman
index 5b707f3f5..034dfff76 100755
--- a/heartbeat/podman
+++ b/heartbeat/podman
@@ -358,8 +358,18 @@ run_new_container()
local rc
ocf_log info "running container $CONTAINER for the first time"
- ocf_run podman run $opts $image $cmd
+ out=$(podman run $opts $image $cmd 2>&1)
rc=$?
+
+ if [ -n "$out" ]; then
+ out="$(echo "$out" | tr -s ' \t\r\n' ' ')"
+ if [ $rc -eq 0 ]; then
+ ocf_log info "$out"
+ else
+ ocf_log err "$out"
+ fi
+ fi
+
if [ $rc -eq 125 ]; then
# If an internal podman error occurred, it might be because
# the internal storage layer still references an old container
@@ -370,6 +380,24 @@ run_new_container()
ocf_run podman rm --storage $CONTAINER
ocf_run podman run $opts $image $cmd
rc=$?
+ elif [ $rc -eq 127 ]; then
+ # rhbz#1972209: podman 3.0.x seems to be hit by a race
+ # where the cgroup is not yet set up properly when the OCI
+ # runtime configures the container. If that happens, recreate
+ # the container as long as we get the same error code or
+ # until start timeout preempts us.
+ while [ $rc -eq 127 ] && (echo "$out" | grep -q "cgroup.*scope not found") ; do
+ ocf_log warn "Internal podman error while assigning cgroup. Retrying."
+ # Arbitrary sleep to prevent consuming all CPU while looping
+ sleep 1
+ podman rm -f "$CONTAINER"
+ out=$(podman run $opts $image $cmd 2>&1)
+ rc=$?
+ done
+ # Log the created container ID if it succeeded
+ if [ $rc -eq 0 ]; then
+ ocf_log info "$out"
+ fi
fi
return $rc
@@ -422,7 +450,7 @@ podman_start()
fi
if [ $rc -ne 0 ]; then
- ocf_exit_reason "podman failed to launch container"
+ ocf_exit_reason "podman failed to launch container (rc: $rc)"
return $OCF_ERR_GENERIC
fi
......@@ -70,7 +70,7 @@
Name: resource-agents
Summary: Open Source HA Reusable Cluster Resource Scripts
Version: 4.1.1
Release: 90%{?rcver:%{rcver}}%{?numcomm:.%{numcomm}}%{?alphatag:.%{alphatag}}%{?dirty:.%{dirty}}%{?dist}
Release: 90%{?rcver:%{rcver}}%{?numcomm:.%{numcomm}}%{?alphatag:.%{alphatag}}%{?dirty:.%{dirty}}%{?dist}.5
License: GPLv2+ and LGPLv2+
URL: https://github.com/ClusterLabs/resource-agents
%if 0%{?fedora} || 0%{?centos_version} || 0%{?rhel}
......@@ -268,6 +268,8 @@ Patch176: bz1913932-3-gcp-vpc-move-route-make-vpc_network-optional.patch
Patch177: bz1937142-azure-lb-redirect-to-avoid-nc-dying-EPIPE-error.patch
Patch178: bz1940363-1-galera-redis-use-output-as.patch
Patch179: bz1940363-2-bundle-disable-validate-with.patch
Patch180: bz1943093-aws-vpc-move-ip-add-ENI-lookup.patch
Patch181: bz1973035-podman-fix-container-creation-race.patch
# bundle patches
Patch1000: 7-gcp-bundled.patch
......@@ -603,6 +605,8 @@ exit 1
%patch177 -p1
%patch178 -p1
%patch179 -p1
%patch180 -p1 -F2
%patch181 -p1
chmod 755 heartbeat/nova-compute-wait
chmod 755 heartbeat/NovaEvacuate
......@@ -1166,6 +1170,16 @@ ccs_update_schema > /dev/null 2>&1 ||:
%endif
%changelog
* Thu Jun 17 2021 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-90.5
- podman: fix possible race during container creation
Resolves: rhbz#1973035
* Wed Apr 14 2021 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-90.2
- aws-vpc-move-ip: add ENI lookup
Resolves: rhbz#1943093
* Mon Mar 22 2021 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-90
- galera/rabbitmq-cluster/redis: run crm_mon without validation when
running in bundle
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment