[pve-devel] [RFC ha-manager v2 4/7] add Fence class for external fence devices
Thomas Lamprecht
t.lamprecht at proxmox.com
Fri Mar 11 16:57:13 CET 2016
This class provides methods for starting and checking the current
status of a fence job.
When a fence job is started we execute a fence agent command.
If we can fork this happens in forked worker, which can be multiple
processes also, when parallel devices are configured.
When a device fails to successfully fence a node we try the next
device configured, or if no device is left we tell the CRM and let
him decide what to do.
If one process of a parallel device set fails we kill the remaining
(with reset_hard) and try the next device as we want to avoid a
partial fenced node. (not ideal, user should see status of devices)
The current running fence jobs can be picked up (if env. allows
forking) and processed by calling the process_fencing method.
If the CRM (which should handle the fencing) looses its lock
bail_out can be called to kill all fencing processes and reset
the fencing status of all nodes.
---
src/PVE/HA/Fence.pm | 217 ++++++++++++++++++++++++++++++++++++++++++++++++++++
src/PVE/HA/Makefile | 2 +-
2 files changed, 218 insertions(+), 1 deletion(-)
create mode 100644 src/PVE/HA/Fence.pm
diff --git a/src/PVE/HA/Fence.pm b/src/PVE/HA/Fence.pm
new file mode 100644
index 0000000..f4eff10
--- /dev/null
+++ b/src/PVE/HA/Fence.pm
@@ -0,0 +1,217 @@
+package PVE::HA::Fence;
+
+use strict;
+use warnings;
+use POSIX qw( WNOHANG );
+use PVE::HA::FenceConfig;
+use Data::Dumper;
+
+
+ # pid's and additional info of fence processes
+my $fence_jobs = {};
+
+# fence state of a node
+my $fenced_nodes = {};
+
+sub has_fencing_job { # update for parallel fencing
+ my ($node) = @_;
+
+ foreach my $job (values %$fence_jobs) {
+ return 1 if ($job->{node} eq $node);
+ }
+ return undef;
+}
+
+my $virtual_pid = 0; # hack for test framework
+
+sub start_fencing {
+ my ($haenv, $node, $try) = @_;
+
+ $try = 0 if !defined($try) || $try<0;
+
+ my $fence_cfg = $haenv->read_fence_config();
+ my $commands = PVE::HA::FenceConfig::get_commands($node, $try, $fence_cfg);
+
+ if (!$commands) {
+ $haenv->log('err', "no commands for node '$node'");
+ $fenced_nodes->{$node}->{failure} = 1;
+ return 0;
+ }
+
+ my $can_fork = ($haenv->get_max_workers() > 0) ? 1 : 0;
+ my $hw = $haenv->hardware();
+
+ $fenced_nodes->{$node}->{needed} = scalar @$commands;
+ $fenced_nodes->{$node}->{triggered} = 0;
+
+ for my $cmd (@$commands)
+ {
+ my $cmd_str = "$cmd->{agent} " .
+ PVE::HA::FenceConfig::gen_arg_str(@{$cmd->{param}});
+
+ if ($can_fork) {
+ my $pid = fork();
+ if (!defined($pid)) {
+ $haenv->log('err', "forking fence job failed");
+ return 0;
+ } elsif ($pid==0) { # child
+ $hw->exec_fence_agent($cmd->{agent}, $node, @{$cmd->{param}});
+ exit(-1);
+ } else {
+ $fence_jobs->{$pid} = {cmd=>$cmd_str, node=>$node, try=>$try};
+ }
+ } else {
+ my $res = -1;
+ eval {
+ $res = $hw->exec_fence_agent($cmd->{agent}, $node, @{$cmd->{param}});
+ $res = $res << 8 if $res > 0;
+ };
+ if (my $err = $@) {
+ $haenv->log('err', $err);
+ }
+
+ $virtual_pid++;
+ $fence_jobs->{$virtual_pid} = {cmd => $cmd_str, node => $node,
+ try => $try, ec => $res};
+ }
+ }
+
+ return 1;
+}
+
+
+# check childs and process exit status
+my $check_jobs = sub {
+ my ($haenv) = @_;
+
+ my $succeeded = {};
+ my $failed = {};
+
+ my @finished = ();
+
+ # pick up all finsihed childs if we can fork
+ if ($haenv->get_max_workers() > 0) {
+ while((my $res = waitpid(-1, WNOHANG))>0) {
+ $fence_jobs->{$res}->{ec} = $? if $fence_jobs->{$res};
+ push @finished, $res;
+ }
+ } else {
+ @finished = keys %{$fence_jobs};
+ }
+
+ # while((my $res = waitpid(-1, WNOHANG))>0) {
+ foreach my $res (@finished) {
+ if (my $job = $fence_jobs->{$res}) {
+ my $ec = $job->{ec};
+
+ my $status = {
+ exit_code => $ec,
+ cmd => $job->{cmd},
+ try => $job->{try}
+ };
+
+ if ($ec == 0) {
+ $succeeded->{$job->{node}} = $status;
+ } else {
+ $failed->{$job->{node}} = $status;
+ }
+
+ delete $fence_jobs->{$res};
+
+ } else {
+ warn "exit from unknown child (PID=$res)";
+ }
+
+ }
+
+ return ($succeeded, $failed);
+};
+
+
+my $reset_hard = sub {
+ my ($haenv, $node) = @_;
+
+ while (my ($pid, $job) = each %$fence_jobs) {
+ next if $job->{node} ne $node;
+
+ if ($haenv->max_workers() > 0) {
+ kill KILL => $pid;
+ # fixme maybe use an timeout even if kill should not hang?
+ waitpid($pid, 0); # pick it up directly
+ }
+ delete $fence_jobs->{$pid};
+ }
+
+ delete $fenced_nodes->{$node} if $fenced_nodes->{$node};
+};
+
+
+# pick up jobs and process them
+sub process_fencing {
+ my ($haenv) = @_;
+
+ my $fence_cfg = $haenv->read_fence_config();
+
+ my ($succeeded, $failed) = &$check_jobs($haenv);
+
+ foreach my $node (keys %$succeeded) {
+ # count how many fence devices succeeded
+ # this is needed for parallel devices
+ $fenced_nodes->{$node}->{triggered}++;
+ }
+
+ # try next device for failed jobs
+ while(my ($node, $job) = each %$failed) {
+ $haenv->log('err', "fence job failed: '$job->{cmd}' returned '$job->{exit_code}'");
+
+ while($job->{try} < PVE::HA::FenceConfig::count_devices($node, $fence_cfg) )
+ {
+ &$reset_hard($haenv, $node);
+ $job->{try}++;
+
+ return if start_fencing($node, $job->{try});
+
+ $haenv->log('warn', "Couldn't start fence try '$job->{try}'");
+ }
+
+ $haenv->log('err', "Tried all fence devices\n");
+ # fixme: returnproper exit code so CRM waits for the agent lock
+ }
+}
+
+
+sub is_node_fenced {
+ my ($node) = @_;
+
+ my $state = $fenced_nodes->{$node};
+ return 0 if !$state;
+
+ return -1 if $state->{failure} && $state->{failure} == 1;
+
+ return ($state->{needed} && $state->{triggered} &&
+ $state->{triggered} >= $state->{needed}) ? 1 : 0;
+}
+
+
+sub reset {
+ my ($node, $noerr) = @_;
+
+ delete $fenced_nodes->{$node} if $fenced_nodes->{$node};
+}
+
+
+sub bail_out {
+ my ($haenv) = @_;
+
+ if ($haenv->max_workers() > 0) {
+ foreach my $pid (keys %$fence_jobs) {
+ kill KILL => $pid;
+ waitpid($pid, 0); # has to come back directly
+ }
+ }
+
+ $fenced_nodes = {};
+ $fence_jobs = {};
+}
+
+1;
diff --git a/src/PVE/HA/Makefile b/src/PVE/HA/Makefile
index d5f655f..d470dd9 100644
--- a/src/PVE/HA/Makefile
+++ b/src/PVE/HA/Makefile
@@ -1,5 +1,5 @@
SOURCES=CRM.pm Env.pm Groups.pm Resources.pm Config.pm LRM.pm Manager.pm \
- NodeStatus.pm Tools.pm FenceConfig.pm Hardware.pm
+ NodeStatus.pm Tools.pm FenceConfig.pm Hardware.pm Fence.pm
.PHONY: install
install:
--
2.1.4
More information about the pve-devel
mailing list