After discussing with Alex, it was agreed that there is no need to mgmt server level locking using the mgmt_server_id. This makes the code easier, as we have one parent acquire and release mechanism, and the complexity is reduced. In accordance, we do not need to maintain cleanup tasks for mgmt server crashes, as the async mechanism deals with this. Also, the schema becomes a tad simpler as the mgmt_server_id column is not needed anymore

2025-10-26 08:42:29 +01:00 · 2010-11-01 17:02:37 -07:00 · 2010-11-01 17:02:37 -07:00 · 3bab616478
commit 3bab616478
parent a1e5e3db15
5 changed files with 27 additions and 110 deletions
--- a/core/src/com/cloud/certificate/CertificateVO.java
+++ b/core/src/com/cloud/certificate/CertificateVO.java
@ -39,9 +39,6 @@ public class CertificateVO {
    @Column(name="updated")
    private String updated;

-	@Column(name="mgmt_server_id")
-    private Long mgmtServerId;
-
    public CertificateVO() {}

    public Long getId() {
@ -62,13 +59,4 @@ public class CertificateVO {
    public void setUpdated(String updated){
    	this.updated = updated;
    }
-
-
-    public Long getMgmtServerId() {
-		return mgmtServerId;
-	}
-
-	public void setMgmtServerId(Long mgmtServerId) {
-		this.mgmtServerId = mgmtServerId;
-	}
 }
--- a/core/src/com/cloud/certificate/dao/CertificateDaoImpl.java
+++ b/core/src/com/cloud/certificate/dao/CertificateDaoImpl.java
@ -35,7 +35,6 @@ public class CertificateDaoImpl extends GenericDaoBase<CertificateVO, Long>  imp
 	        certStr = new String(buffer);
        	cert.setCertificate(certStr);
        	cert.setUpdated("Y");
-        	cert.setMgmtServerId(managementServerId);
        	update(cert.getId(),cert);
        	return cert.getId();
 	    } catch (FileNotFoundException e) {
--- a/server/src/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java
+++ b/server/src/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java
@ -2364,46 +2364,11 @@ public class ConsoleProxyManagerImpl implements ConsoleProxyManager, VirtualMach
        
        _capacityScanScheduler.scheduleAtFixedRate(getCapacityScanTask(), STARTUP_DELAY, _capacityScanInterval, TimeUnit.MILLISECONDS);
        
-		//cert job cleanup
-		cleanupCertTable(_clMgr.getId());
-
        if (s_logger.isInfoEnabled())
            s_logger.info("Console Proxy Manager is configured.");
        return true;
    }

-    @DB
-    protected void cleanupCertTable(Long mServerId){
-    	Transaction.currentTxn();
-    	try {
-			CertificateVO cert = _certDao.listAll().get(0);//always 1 record in db
-			Long mgmtSvrIdForCertJob = null;
-			if(cert!=null){
-				mgmtSvrIdForCertJob = cert.getMgmtServerId();
-			}
-			if(mgmtSvrIdForCertJob!=null && mgmtSvrIdForCertJob.longValue() == (_clMgr.getId())){
-				CertificateVO lockedCert = _certDao.acquire(cert.getId());
-				if(lockedCert == null){
-					s_logger.error("Could not acquire lock on certificate table during cleanupCertTable()");
-				}else{
-					try{
-						lockedCert.setMgmtServerId(null);
-						_certDao.update(cert.getId(), lockedCert);
-					}catch (Exception e){
-						s_logger.error("Unable to update record in cert table during cleanupCertTable()",e);
-					}
-					finally{
-						_certDao.release(cert.getId());
-					}
-				}
-			}
-		} catch (Exception e) {
-			if(e instanceof IndexOutOfBoundsException){
-				s_logger.error("Custom certificate record in the db deleted, this should never happen! Insert a new dummy record in the certificate table and restart the management server again");
-			}
-		}
-    }
-    
    @Override
    public boolean destroyConsoleProxy(DestroyConsoleProxyCmd cmd) throws ServerApiException{
        Long proxyId = cmd.getId();
--- a/server/src/com/cloud/server/ManagementServerImpl.java
+++ b/server/src/com/cloud/server/ManagementServerImpl.java
@ -5881,13 +5881,20 @@ public class ManagementServerImpl implements ManagementServer {

    @Override @DB
    public String uploadCertificate(UploadCustomCertificateCmd cmd) throws ServerApiException{
+    	CertificateVO cert = null;
+    	Long certVOId = null;
    	try 
    	{
        	Transaction.currentTxn();
-        	Long certVOId = null;
-    		CertificateVO cert = _certDao.listAll().get(0); //always 1 record in db (from the deploydb time)
-    		if(cert.getMgmtServerId()!=null)
-    			throw new ResourceUnavailableException("Another management server is in the process of custom cert updating");
+			String certificatePath = cmd.getPath();
+    		cert = _certDao.listAll().get(0); //always 1 record in db (from the deploydb time)
+			cert = _certDao.acquire(cert.getId());
+			//assign mgmt server id to mark as processing under this ms
+			if(cert == null){
+				String msg = "Unable to obtain lock on the cert from uploadCertificate()";
+				s_logger.error(msg);
+				throw new ResourceUnavailableException(msg);
+			}else{
 	    		if(cert.getUpdated().equalsIgnoreCase("Y")){
 					 if(s_logger.isDebugEnabled())
 						 s_logger.debug("A custom certificate already exists in the DB, will replace it with the new one being uploaded");
@ -5895,7 +5902,11 @@ public class ManagementServerImpl implements ManagementServer {
 					 if(s_logger.isDebugEnabled())
 						 s_logger.debug("No custom certificate exists in the DB, will upload a new one");				
 				}
-			String certificatePath = cmd.getPath();
+				certVOId = _certDao.persistCustomCertToDb(certificatePath,cert,this.getId());//0 implies failure
+			}
+
+			if (certVOId != 0) 
+			{
 				//validate if the cert follows X509 format, if not, don't persist to db
 				FileInputStream fis = new FileInputStream(certificatePath);
 				BufferedInputStream bis = new BufferedInputStream(fis);
@ -5906,26 +5917,10 @@ public class ManagementServerImpl implements ManagementServer {
 					   s_logger.debug("The custom certificate generated for validation is:"+localCert.toString());
 				   }
 				}
-			CertificateVO lockedCert = _certDao.acquire(cert.getId());
-			//assigned mgmt server id to mark as processing under this ms
-			if(lockedCert == null){
-				String msg = "Unable to obtain lock on the cert from uploadCertificate()";
-				s_logger.error(msg);
-				throw new ResourceUnavailableException(msg);
-			}else{
-				try{
-					certVOId = _certDao.persistCustomCertToDb(certificatePath,lockedCert,this.getId());//0 implies failure
-				}finally{
-					_certDao.release(cert.getId());					
-				}
-			}
-			if (certVOId!=null && certVOId!=0) 
-			{
 				//certficate uploaded to db successfully	
 				//get a list of all Console proxies from the cp table
 				List<ConsoleProxyVO> cpList = _consoleProxyDao.listAll();
 				if(cpList.size() == 0){
-					releaseCertRecord(cert);
 					String msg = "Unable to find any console proxies in the system for certificate update";
 					s_logger.warn(msg);
 					throw new ResourceUnavailableException(msg);
@ -5933,7 +5928,6 @@ public class ManagementServerImpl implements ManagementServer {
 				//get a list of all hosts in host table for type cp
 				List<HostVO> cpHosts = _hostDao.listByType(com.cloud.host.Host.Type.ConsoleProxy);
 				if(cpHosts.size() == 0){
-					releaseCertRecord(cert);
 					String msg = "Unable to find any console proxy hosts in the system for certificate update";
 					s_logger.warn(msg);
 					throw new ResourceUnavailableException(msg);
@ -5945,7 +5939,6 @@ public class ManagementServerImpl implements ManagementServer {
 				for(HostVO cpHost : cpHosts){
 					hostNameToHostIdMap.put(cpHost.getName(), cpHost.getId());
 				}
-				
 				for(ConsoleProxyVO cp : cpList)
 				{
 					Long cpHostId = hostNameToHostIdMap.get(cp.getName());
@ -5970,7 +5963,6 @@ public class ManagementServerImpl implements ManagementServer {
 					}	
 				}
 				
-				releaseCertRecord(cert);				
 				if(updatedCpIdList.size() == cpList.size()){
 					//success case, all updated
 					return ("Updated:"+updatedCpIdList.size()+" out of:"+cpList.size()+" console proxies");
@ -6004,36 +5996,10 @@ public class ManagementServerImpl implements ManagementServer {
 				s_logger.error(msg);
 				throw new ServerApiException(BaseCmd.CUSTOM_CERT_UPDATE_ERROR, msg);				
 			}
-		}finally{
-			try {
-				releaseCertRecord(_certDao.listAll().get(0));//release record in case of unforseen exceptions
-			} catch (ResourceUnavailableException e) {
-				String msg = "Unable to release the cert record for other mgmt servers";
-				s_logger.error(msg);
-				throw new ServerApiException(BaseCmd.CUSTOM_CERT_UPDATE_ERROR, msg);
-			}
-		}
-		return null;
-    }
-
-	private void releaseCertRecord(CertificateVO cert) throws ResourceUnavailableException {
-		CertificateVO lockedCert = _certDao.acquire(cert.getId());
-		if(lockedCert == null){
-			String msg = "Unable to obtain lock on the cert from releaseCertRecord() in uploadCertificate()";
-			s_logger.error(msg);
-			throw new ResourceUnavailableException(msg);
-		}else{
-			try{
-				lockedCert.setMgmtServerId(null);//release for other ms
-				_certDao.update(lockedCert.getId(), lockedCert);
-			}catch (Exception e){
-				String msg = "Unable to update record in cert table from releaseCertRecord() during uploadCertificate()";
-				s_logger.warn(msg,e);
-				throw new ResourceUnavailableException(msg);
 		}finally{
 				_certDao.release(cert.getId());					
 		}
-		}
+		return null;
    }

    @Override
--- a/setup/db/create-schema.sql
+++ b/setup/db/create-schema.sql
@ -135,7 +135,6 @@ CREATE TABLE `cloud`.`certificate` (
  `id` bigint unsigned NOT NULL AUTO_INCREMENT COMMENT 'id',
  `certificate` text COMMENT 'the actual custom certificate being stored in the db',
  `updated` varchar(1) COMMENT 'status of the certificate',
-  `mgmt_server_id` bigint unsigned DEFAULT NULL COMMENT 'management server instance id',
  PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8;