From abc44ac283dea920f05846c600068d0f8bd4b9f4 Mon Sep 17 00:00:00 2001 From: Sheng Yang Date: Fri, 9 Sep 2011 16:23:28 -0700 Subject: [PATCH] bug 11266: Add lock file for every script in the systemVM To prevent them from racy. status 11266: resolved fixed --- .../debian/config/root/checkrouter.sh | 11 +++++ .../systemvm/debian/config/root/edithosts.sh | 45 +++++-------------- .../systemvm/debian/config/root/firewall.sh | 20 ++++++--- .../debian/config/root/firewall_rule.sh | 14 +++++- patches/systemvm/debian/config/root/func.sh | 13 ++++++ .../systemvm/debian/config/root/ipassoc.sh | 29 +++++++----- .../debian/config/root/loadbalancer.sh | 17 +++++-- .../systemvm/debian/config/root/netusage.sh | 24 +++++++--- .../systemvm/debian/config/root/reconfigLB.sh | 13 +----- .../config/root/redundant_router/backup.sh | 26 +++-------- .../config/root/redundant_router/fault.sh | 11 +++++ .../config/root/redundant_router/master.sh | 28 ++++-------- .../debian/config/root/savepassword.sh | 14 +++++- .../systemvm/debian/config/root/userdata.sh | 16 +++++-- 14 files changed, 161 insertions(+), 120 deletions(-) diff --git a/patches/systemvm/debian/config/root/checkrouter.sh b/patches/systemvm/debian/config/root/checkrouter.sh index 9b297663ecd..6e28a9a278c 100755 --- a/patches/systemvm/debian/config/root/checkrouter.sh +++ b/patches/systemvm/debian/config/root/checkrouter.sh @@ -1,3 +1,14 @@ #!/bin/bash +source /root/func.sh + +lock="rrouter" +locked=$(getLockFile $lock) +if [ "$locked" != "1" ] +then + exit 1 +fi + tail -n 1 /root/keepalived.log | grep "Status" + +unlock_exit $? $lock $locked diff --git a/patches/systemvm/debian/config/root/edithosts.sh b/patches/systemvm/debian/config/root/edithosts.sh index 506c5e68b48..6b566de4b6c 100755 --- a/patches/systemvm/debian/config/root/edithosts.sh +++ b/patches/systemvm/debian/config/root/edithosts.sh @@ -19,12 +19,20 @@ # along with this program. If not, see . # - # edithosts.sh -- edit the dhcphosts file on the routing domain # $1 : the mac address # $2 : the associated ip address # $3 : the hostname +source /root/func.sh + +lock="biglock" +locked=$(getLockFile $lock) +if [ "$locked" != "1" ] +then + exit 1 +fi + grep "redundant_router=1" /var/cache/cloud/cmdline > /dev/null no_redundant=$? @@ -67,33 +75,6 @@ sed -i /"$2 "/d /etc/hosts sed -i /"$3"/d /etc/hosts echo "$2 $3" >> /etc/hosts -locked=0 -if [ $no_redundant -eq 0 ] -then -#for redundant router, grap the lock to prevent racy with keepalived process -LOCK=/tmp/rrouter.lock - -# Wait the lock -for i in `seq 1 5` -do - if [ ! -e $LOCK ] - then - touch $LOCK - locked=1 - break - fi - sleep 1 - logger -t cloud "edithosts: sleep 1 second wait for the redundant router lock" -done - -if [ $locked -eq 0 ] -then - logger -t cloud "edithosts: fail to get the redundant router lock" - logger -t cloud "edithosts: keepalived should able to handle the dnsmasq restart" - exit -fi -fi - # make dnsmasq re-read files pid=$(pidof dnsmasq) if [ "$pid" != "" ] @@ -108,10 +89,4 @@ else fi fi -ret=$? -if [ $locked -eq 1 ] -then - rm $LOCK -fi - -exit $ret +unlock_exit $? $lock $locked diff --git a/patches/systemvm/debian/config/root/firewall.sh b/patches/systemvm/debian/config/root/firewall.sh index e9d5abb5cdb..da83f40c415 100755 --- a/patches/systemvm/debian/config/root/firewall.sh +++ b/patches/systemvm/debian/config/root/firewall.sh @@ -21,6 +21,15 @@ # # @VERSION@ +source /root/func.sh + +lock="biglock" +locked=$(getLockFile $lock) +if [ "$locked" != "1" ] +then + exit 1 +fi + usage() { printf "Usage: %s: (-A|-D) -r -P protocol (-p port_range | -t icmp_type_code) -l -d -s [-G] \n" $(basename $0) >&2 } @@ -231,7 +240,7 @@ do G) Gflag=1 ;; ?) usage - exit 2 + unlock_exit 2 $lock $locked ;; esac done @@ -251,7 +260,7 @@ then result=$? [ "$result" -ne 0 ] && cat $OUTFILE >&2 rm -f $OUTFILE - exit $result + unlock_exit $result $lock $locked fi if [ "$sflag" != "1" ] @@ -265,16 +274,17 @@ case $protocol in result=$? [ "$result" -ne 0 ] && cat $OUTFILE >&2 rm -f $OUTFILE - exit $result + unlock_exit $result $lock $locked ;; "icmp") icmp_entry $instanceIp $icmptype $publicIp $op - exit $? + unlock_exit $? $lock $locked ;; *) printf "Invalid protocol-- must be tcp, udp or icmp\n" >&2 - exit 5 + unlock_exit 5 $lock $locked ;; esac +unlock_exit 0 $lock $locked diff --git a/patches/systemvm/debian/config/root/firewall_rule.sh b/patches/systemvm/debian/config/root/firewall_rule.sh index 41d3927315a..a9a51edbe36 100755 --- a/patches/systemvm/debian/config/root/firewall_rule.sh +++ b/patches/systemvm/debian/config/root/firewall_rule.sh @@ -20,6 +20,15 @@ # # @VERSION@ +source /root/func.sh + +lock="biglock" +locked=$(getLockFile $lock) +if [ "$locked" != "1" ] +then + exit 1 +fi + usage() { printf "Usage: %s: -a \n" $(basename $0) >&2 printf "sourcecidrs format: cidr1-cidr2-cidr3-...\n" @@ -119,7 +128,7 @@ do rules="$OPTARG" ;; ?) usage - exit 2 + unlock_exit 2 $lock $locked ;; esac done @@ -184,5 +193,6 @@ do logger -t cloud "$(basename $0): deleting backup for ip: $p" fw_remove_backup $p done -exit $success + +unlock_exit $success $lock $locked diff --git a/patches/systemvm/debian/config/root/func.sh b/patches/systemvm/debian/config/root/func.sh index c1a921a86c9..c2db06b6948 100644 --- a/patches/systemvm/debian/config/root/func.sh +++ b/patches/systemvm/debian/config/root/func.sh @@ -1,5 +1,8 @@ #!/bin/bash +# IMPORTANT: Ordering of lock: +# biglock --> rrouter + # getLockFile() parameters # $1 lock filename # $2 timeout seconds @@ -42,3 +45,13 @@ releaseLockFile() { rm $__LOCKFILE fi } + +# releaseLockFile() parameters +# $1 exit value +# $2 lock filename +# $3 locked(1) or not(0) +unlock_exit() { + releaseLockFile $2 $3 + exit $1 +} + diff --git a/patches/systemvm/debian/config/root/ipassoc.sh b/patches/systemvm/debian/config/root/ipassoc.sh index afc9fb5b71d..918b67cf67b 100644 --- a/patches/systemvm/debian/config/root/ipassoc.sh +++ b/patches/systemvm/debian/config/root/ipassoc.sh @@ -25,6 +25,14 @@ # # # @VERSION@ + +lock="biglock" +locked=$(getLockFile $lock) +if [ "$locked" != "1" ] +then + exit 1 +fi + usage() { printf "Usage:\n %s -A -l -c [-f] \n" $(basename $0) >&2 printf " %s -D -l -c [-f] \n" $(basename $0) >&2 @@ -236,7 +244,7 @@ do ethDev="$OPTARG" ;; ?) usage - exit 2 + unlock_exit 2 $lock $locked ;; esac done @@ -245,14 +253,14 @@ done #Either the A flag or the D flag but not both if [ "$Aflag$Dflag" != "1" ] then - usage - exit 2 + usage + unlock_exit 2 $lock $locked fi if [ "$lflag$cflag" != "11" ] then - usage - exit 2 + usage + unlock_exit 2 $lock $locked fi @@ -261,14 +269,14 @@ then add_nat_entry $publicIp && add_vpn_chain_for_ip $publicIp && add_fw_chain_for_ip $publicIp - exit $? + unlock_exit $? $lock $locked fi if [ "$Aflag" == "1" ] then add_an_ip $publicIp && add_fw_chain_for_ip $publicIp - exit $? + unlock_exit $? $lock $locked fi if [ "$fflag" == "1" ] && [ "$Dflag" == "1" ] @@ -276,14 +284,15 @@ then del_nat_entry $publicIp && del_fw_chain_for_ip $publicIp && del_vpn_chain_for_ip $publicIp - exit $? + unlock_exit $? $lock $locked fi if [ "$Dflag" == "1" ] then remove_an_ip $publicIp && del_fw_chain_for_ip $publicIp - exit $? + unlock_exit $? $lock $locked fi -exit 0 +unlock_exit 0 $lock $locked + diff --git a/patches/systemvm/debian/config/root/loadbalancer.sh b/patches/systemvm/debian/config/root/loadbalancer.sh index bdd480b4d48..a0ac40b1ee1 100755 --- a/patches/systemvm/debian/config/root/loadbalancer.sh +++ b/patches/systemvm/debian/config/root/loadbalancer.sh @@ -26,6 +26,15 @@ # # @VERSION@ +source /root/func.sh + +lock="biglock" +locked=$(getLockFile $lock) +if [ "$locked" != "1" ] +then + exit 1 +fi + usage() { printf "Usage: %s: -i -a -d -f -s \n" $(basename $0) >&2 } @@ -225,7 +234,7 @@ do statsIp="$OPTARG" ;; ?) usage - exit 2 + unlock_exit 2 $lock $locked ;; esac done @@ -271,7 +280,7 @@ then then ip_entry $removedIps $addedIps fi - exit 1 + unlock_exit 1 $lock $locked fi # iptables entry to ensure that haproxy receives traffic @@ -295,12 +304,12 @@ then ip_entry $removedIps $addedIps fi - exit 1 + unlock_exit 1 $lock $locked else # Remove backedup iptable rules fw_remove_backup fi -exit 0 +unlock_exit 0 $lock $locked diff --git a/patches/systemvm/debian/config/root/netusage.sh b/patches/systemvm/debian/config/root/netusage.sh index 4c204973d63..af7f8fbc281 100644 --- a/patches/systemvm/debian/config/root/netusage.sh +++ b/patches/systemvm/debian/config/root/netusage.sh @@ -22,6 +22,16 @@ # netusage.sh -- create iptable rules to gather network stats, running within DomR # + +source /root/func.sh + +lock="biglock" +locked=$(getLockFile $lock) +if [ "$locked" != "1" ] +then + exit 1 +fi + usage() { printf "Usage: %s -[c|g|r] [-[a|d] ]\n" $(basename $0) >&2 } @@ -95,7 +105,7 @@ do publicIf="$OPTARG" ;; ?) usage - exit 2 + unlock_exit 2 $lock $locked ;; esac done @@ -103,32 +113,32 @@ done if [ "$cflag" == "1" ] then create_usage_rules - exit $? + unlock_exit $? $lock $locked fi if [ "$gflag" == "1" ] then get_usage - exit $? + unlock_exit $? $lock $locked fi if [ "$rflag" == "1" ] then reset_usage - exit $? + unlock_exit $? $lock $locked fi if [ "$aflag" == "1" ] then add_public_interface $publicIf - exit $? + unlock_exit $? $lock $locked fi if [ "$dflag" == "1" ] then delete_public_interface $publicIf - exit $? + unlock_exit $? $lock $locked fi -exit 0 +unlock_exit 0 $lock $locked diff --git a/patches/systemvm/debian/config/root/reconfigLB.sh b/patches/systemvm/debian/config/root/reconfigLB.sh index ef4ac7be011..805ff33de5d 100755 --- a/patches/systemvm/debian/config/root/reconfigLB.sh +++ b/patches/systemvm/debian/config/root/reconfigLB.sh @@ -19,16 +19,6 @@ # along with this program. If not, see . # -name="reconfigLB" - -source func.sh -locked=$(getLockFile $name) -if [ "$locked" != "1" ] -then - logger -t cloud "Fail to get the lock for " $name - exit 1 -fi - ret=0 # save previous state mv /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg.old @@ -52,6 +42,5 @@ ret=0 ret=1 fi -releaseLockFile $name $locked - exit $ret + diff --git a/patches/systemvm/debian/config/root/redundant_router/backup.sh b/patches/systemvm/debian/config/root/redundant_router/backup.sh index 78875e08a8b..0ca4bc783a1 100644 --- a/patches/systemvm/debian/config/root/redundant_router/backup.sh +++ b/patches/systemvm/debian/config/root/redundant_router/backup.sh @@ -1,25 +1,12 @@ #!/bin/bash -LOCK=/tmp/rrouter.lock -locked=0 +source /root/func.sh -# Wait the lock -for i in `seq 1 5` -do - if [ ! -e $LOCK ] - then - touch $LOCK - locked=1 - break - fi - sleep 1 - echo sleep 1 -done - -if [ $locked -eq 0 ] +lock="rrouter" +locked=$(getLockFile $lock) +if [ "$locked" != "1" ] then - echo Status: fail to get the lock! >> /root/keepalived.log - exit + exit 1 fi echo To backup called >> /root/keepalived.log @@ -29,4 +16,5 @@ echo Disable public ip $? >> /root/keepalived.log echo Switch conntrackd mode backup $? >> /root/keepalived.log echo Status: BACKUP >> /root/keepalived.log -rm $LOCK +releaseLockFile $lock $locked +exit 0 diff --git a/patches/systemvm/debian/config/root/redundant_router/fault.sh b/patches/systemvm/debian/config/root/redundant_router/fault.sh index 7e09fd58543..bf0b318e655 100644 --- a/patches/systemvm/debian/config/root/redundant_router/fault.sh +++ b/patches/systemvm/debian/config/root/redundant_router/fault.sh @@ -1,6 +1,17 @@ #!/bin/bash +source /root/func.sh + +lock="rrouter" +locked=$(getLockFile $lock) +if [ "$locked" != "1" ] +then + exit 1 +fi + echo To fault called >> /root/keepalived.log /root/redundant_router/disable_pubip.sh >> /root/keepalived.log 2>&1 /root/redundant_router/primary-backup.sh fault >> /root/keepalived.log 2>&1 echo Status: FAULT >> /root/keepalived.log + +releaseLockFile $lock $locked diff --git a/patches/systemvm/debian/config/root/redundant_router/master.sh b/patches/systemvm/debian/config/root/redundant_router/master.sh index 711a63a000f..d529dcad84c 100644 --- a/patches/systemvm/debian/config/root/redundant_router/master.sh +++ b/patches/systemvm/debian/config/root/redundant_router/master.sh @@ -1,25 +1,12 @@ #!/bin/bash -LOCK=/tmp/rrouter.lock -locked=0 +source /root/func.sh -# Wait the lock -for i in `seq 1 5` -do - if [ ! -e $LOCK ] - then - touch $LOCK - locked=1 - break - fi - sleep 1 - echo sleep 1 -done - -if [ $locked -eq 0 ] +lock="rrouter" +locked=$(getLockFile $lock) +if [ "$locked" != "1" ] then - echo Status: fail to get the lock! >> /root/keepalived.log - exit + exit 1 fi echo To master called >> /root/keepalived.log @@ -34,7 +21,7 @@ then service keepalived stop >> /root/keepalived.log 2>&1 service conntrackd stop >> /root/keepalived.log 2>&1 echo Status: FAULT \($last_msg\) >> /root/keepalived.log - rm $LOCK + releaseLockFile $lock $locked exit fi /root/redundant_router/primary-backup.sh primary >> /root/keepalived.log 2>&1 @@ -46,4 +33,5 @@ then fi echo Status: MASTER >> /root/keepalived.log -rm $LOCK +releaseLockFile $lock $locked +exit 0 diff --git a/patches/systemvm/debian/config/root/savepassword.sh b/patches/systemvm/debian/config/root/savepassword.sh index 28bc05ea5e6..4ac72f9cb2e 100755 --- a/patches/systemvm/debian/config/root/savepassword.sh +++ b/patches/systemvm/debian/config/root/savepassword.sh @@ -23,6 +23,16 @@ # Usage # save_password -v -p # + +source /root/func.sh + +lock="biglock" +locked=$(getLockFile $lock) +if [ "$locked" != "1" ] +then + exit 1 +fi + PASSWD_FILE=/var/cache/cloud/passwords while getopts 'v:p:' OPTION @@ -35,7 +45,7 @@ do PASSWORD=$(echo $ENCODEDPASSWORD | tr '[a-m][n-z][A-M][N-Z]' '[n-z][a-m][N-Z][A-M]') ;; ?) echo "Incorrect usage" - exit 1 + unlock_exit 1 $lock $locked ;; esac done @@ -45,4 +55,4 @@ done sed -i /$VM_IP/d $PASSWD_FILE echo "$VM_IP=$PASSWORD" >> $PASSWD_FILE -exit $? +unlock_exit $? $lock $locked diff --git a/patches/systemvm/debian/config/root/userdata.sh b/patches/systemvm/debian/config/root/userdata.sh index 2842680a2bd..8d959ffb037 100644 --- a/patches/systemvm/debian/config/root/userdata.sh +++ b/patches/systemvm/debian/config/root/userdata.sh @@ -20,10 +20,18 @@ # +source /root/func.sh + +lock="biglock" +locked=$(getLockFile $lock) +if [ "$locked" != "1" ] +then + exit 1 +fi usage() { printf "Usage: %s: -v -F -f -d \n" $(basename $0) >&2 - exit 2 + unlock_exit 2 $lock $locked } set -x @@ -115,7 +123,7 @@ do d) dataFile="$OPTARG" ;; ?) usage - exit 1 + unlock_exit 1 $lock $locked ;; esac done @@ -129,7 +137,7 @@ then if [ $? -gt 0 ] then - exit 1 + unlock_exit 1 $lock $locked fi copy_vm_data_file $vmIp $folder $file $dataFile @@ -137,4 +145,4 @@ else delete_vm_data_file $vmIp $folder $file fi -exit $? +unlock_exit $? $lock $locked