diff --git a/Anvil/Tools.pm b/Anvil/Tools.pm
index 6b0373c6..6df7b561 100644
--- a/Anvil/Tools.pm
+++ b/Anvil/Tools.pm
@@ -1308,7 +1308,7 @@ sub _set_paths
useradd => "/usr/sbin/useradd",
usermod => "/usr/sbin/usermod",
uuidgen => "/usr/bin/uuidgen",
- virsh => "/usr/bin/virsh",
+ virsh => "/usr/sbin/anvil-virsh-wrapper",
'virt-install' => "/usr/bin/virt-install",
websockify => "/usr/bin/websockify",
wipefs => "/usr/sbin/wipefs",
diff --git a/Anvil/Tools/Cluster.pm b/Anvil/Tools/Cluster.pm
index 61e01b33..35f11640 100644
--- a/Anvil/Tools/Cluster.pm
+++ b/Anvil/Tools/Cluster.pm
@@ -253,7 +253,14 @@ sub add_server
undef $output;
undef $return_code;
- my $resource_command = $anvil->data->{path}{exe}{pcs}." -f ".$pcs_file." resource create ".$server_name." ocf:alteeve:server name=\"".$server_name."\" meta allow-migrate=\"true\" target-role=\"".$target_role."\" op monitor interval=\"60\" start timeout=\"60\" on-fail=\"block\" stop timeout=\"300\" on-fail=\"block\" migrate_to timeout=\"600\" on-fail=\"block\" migrate_from timeout=\"600\" on-fail=\"block\"";
+ my $resource_command = $anvil->data->{path}{exe}{pcs}." -f ".$pcs_file." resource create ".$server_name." ocf:alteeve:server ";
+ $resource_command .= "name=\"".$server_name."\" log_level=".$anvil->Log->level." log_secure=".$anvil->Log->secure." ";
+ $resource_command .= "meta allow-migrate=\"true\" target-role=\"".$target_role."\" ";
+ $resource_command .= "op monitor interval=\"60\" timeout=\"60\" ";
+ $resource_command .= "start timeout=\"60\" on-fail=\"block\" ";
+ $resource_command .= "stop timeout=\"300\" on-fail=\"block\" ";
+ $resource_command .= "migrate_to timeout=\"600\" on-fail=\"block\" ";
+ $resource_command .= "migrate_from timeout=\"600\" on-fail=\"block\"";
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => { resource_command => $resource_command }});
($output, $return_code) = $anvil->System->call({shell_call => $resource_command});
@@ -747,15 +754,14 @@ sub boot_server
if ($node)
{
$anvil->Cluster->_set_server_constraint({
+ debug => $debug,
server => $server,
preferred_node => $node,
});
}
- ### TODO: Make sure that the drbd fence rule exists in pacemaker and add it, if not.
-
# Now boot the server.
- my ($output, $return_code) = $anvil->System->call({debug => 3, shell_call => $anvil->data->{path}{exe}{pcs}." resource enable ".$server});
+ my ($output, $return_code) = $anvil->System->call({debug => $debug, shell_call => $anvil->data->{path}{exe}{pcs}." resource enable ".$server});
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => {
output => $output,
return_code => $return_code,
@@ -965,6 +971,7 @@ sub check_server_constraints
# Make us the preferred node.
$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => 1, key => "log_0641", variables => { server => $resource }});
$anvil->Cluster->_set_server_constraint({
+ debug => $debug,
server => $resource,
preferred_node => $local_node_name,
});
@@ -3079,7 +3086,7 @@ sub migrate_server
if ($node)
{
$anvil->Cluster->_set_server_constraint({
- debug => 2,
+ debug => $debug,
server => $server,
preferred_node => $node,
});
@@ -4703,7 +4710,8 @@ sub _set_server_constraint
}
# Change the location constraint
- my ($output, $return_code) = $anvil->System->call({debug => 3, shell_call => $shell_call});
+ $anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => { shell_call => $shell_call }});
+ my ($output, $return_code) = $anvil->System->call({debug => $debug, shell_call => $shell_call});
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => $debug, list => {
output => $output,
return_code => $return_code,
diff --git a/ocf/alteeve/server b/ocf/alteeve/server
index 1540826b..9d19f6b0 100755
--- a/ocf/alteeve/server
+++ b/ocf/alteeve/server
@@ -110,7 +110,7 @@ $anvil->data->{environment}{OCF_RESKEY_CRM_meta_on_node} = defined $ENV{O
# This says "UUID", but it's the node ID.
$anvil->data->{environment}{OCF_RESKEY_CRM_meta_on_node_uuid} = defined $ENV{OCF_RESKEY_CRM_meta_on_node_uuid} ? $ENV{OCF_RESKEY_CRM_meta_on_node_uuid} : ""; # Not used here, contains the pacemaker node ID
# This is the timeout for the called action in millisecond.
-$anvil->data->{environment}{OCF_RESKEY_CRM_meta_timeout} = defined $ENV{OCF_RESKEY_CRM_meta_timeout} ? $ENV{OCF_RESKEY_CRM_meta_timeout} : ""; # 20000
+$anvil->data->{environment}{OCF_RESKEY_CRM_meta_timeout} = defined $ENV{OCF_RESKEY_CRM_meta_timeout} ? $ENV{OCF_RESKEY_CRM_meta_timeout} : ""; # 60000
# If this is set, we'll bump our log level as well.
$anvil->data->{environment}{PCMK_debug} = defined $ENV{PCMK_debug} ? $ENV{PCMK_debug} : "0"; # Disable debug by default
# These are other variables that are set, but we don't currently care about them
@@ -122,6 +122,8 @@ $anvil->data->{environment}{OCF_RESOURCE_INSTANCE} = defined $ENV{O
$anvil->data->{environment}{OCF_RESOURCE_PROVIDER} = defined $ENV{OCF_RESOURCE_PROVIDER} ? $ENV{OCF_RESOURCE_PROVIDER} : "alteeve";
$anvil->data->{environment}{OCF_RESOURCE_TYPE} = defined $ENV{OCF_RESOURCE_TYPE} ? $ENV{OCF_RESOURCE_TYPE} : "server";
$anvil->data->{environment}{OCF_ROOT} = defined $ENV{OCF_ROOT} ? $ENV{OCF_ROOT} : "/usr/lib/ocf";
+$anvil->data->{environment}{OCF_RESKEY_log_level} = defined $ENV{OCF_RESKEY_log_level} ? $ENV{OCF_RESKEY_log_level} : "";
+$anvil->data->{environment}{OCF_RESKEY_log_secure} = defined $ENV{OCF_RESKEY_log_secure} ? $ENV{OCF_RESKEY_log_secure} : "";
# These are set during a migration
$anvil->data->{environment}{OCF_RESKEY_CRM_meta_migrate_source} = defined $ENV{OCF_RESKEY_CRM_meta_migrate_source} ? $ENV{OCF_RESKEY_CRM_meta_migrate_source} : "";
$anvil->data->{environment}{OCF_RESKEY_CRM_meta_migrate_target} = defined $ENV{OCF_RESKEY_CRM_meta_migrate_target} ? $ENV{OCF_RESKEY_CRM_meta_migrate_target} : "";
@@ -147,6 +149,16 @@ if ($anvil->data->{environment}{PCMK_debug})
$anvil->Log->level({set => 2});
}
+### TODO: Use the running log level in anvil-provision-server is used to set these log levels in the pcs call.
+if (($anvil->data->{environment}{OCF_RESKEY_log_level}) && ($anvil->data->{environment}{OCF_RESKEY_log_level} >= 1) && ($anvil->data->{environment}{OCF_RESKEY_log_level} <= 3))
+{
+ $anvil->Log->level({set => $anvil->data->{environment}{OCF_RESKEY_log_level}});
+}
+if ($anvil->data->{environment}{OCF_RESKEY_log_secure} == 1)
+{
+ $anvil->Log->secure({set => 1});
+}
+
# Originally, this was designed to start and stop a server's DRBD resources on demand. Early testing appears
# to show this prone to higher risk of fencing if something goes wrong. As such, we're changing the default
# behaviour to leave DRBD resources up. Set this to '1' (here or by switch) to revert back to the old
@@ -342,9 +354,11 @@ elsif (($anvil->data->{switches}{help}) or ($anvil->data->{switches}{usage}))
}
elsif ($anvil->data->{switches}{notify})
{
+ ### NOTE: See issue 392 (https://github.com/ClusterLabs/anvil/issues/392) to explain why we switched
+ ### the RC from 3 to 0.
# We don't implement this
$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level =>0, key => "log_0301"});
- $anvil->nice_exit({exit_code => 3});
+ $anvil->nice_exit({exit_code => 0});
}
else
{
@@ -1153,7 +1167,7 @@ sub server_status
if (not $anvil->data->{environment}{OCF_RESKEY_CRM_meta_timeout})
{
# Set a sane default of 20 seconds.
- $anvil->data->{environment}{OCF_RESKEY_CRM_meta_timeout} = 20000;
+ $anvil->data->{environment}{OCF_RESKEY_CRM_meta_timeout} = 60000;
$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => 1, priority => "alert", key => "log_0331", variables => { timeout => $anvil->data->{environment}{OCF_RESKEY_CRM_meta_timeout} }});
}
@@ -2056,7 +2070,7 @@ sub show_metadata
1.0
This resource agent manages KVM+qemu virtual servers on an Anvil! m3 Intelligent Availability(tm) system.
-It manages underlying components like DRBD 9 storage resources, brodge connections and so forth.
+It manages underlying components like DRBD 9 storage resources, bridge connections and so forth.
Anvil! m3 server resource agent
@@ -2067,16 +2081,30 @@ It manages underlying components like DRBD 9 storage resources, brodge connectio
Server name
+
+
+ Set the logging level, valid values are 1 to 3, with 3 being extremely loud.
+
+ Set log level
+
+
+
+
+ Enable logging of potentially sensitive data, like passwords.
+
+ Log secure data.
+
+
-
+
-
-
+
+
-
+
';
diff --git a/tools/Makefile.am b/tools/Makefile.am
index 92974bba..ee9dd223 100644
--- a/tools/Makefile.am
+++ b/tools/Makefile.am
@@ -1,7 +1,5 @@
MAINTAINERCLEANFILES = Makefile.in
-# XXX recheck after rebase!
-
dist_sbin_SCRIPTS = \
anvil-access-module \
anvil-boot-server \
@@ -46,6 +44,7 @@ dist_sbin_SCRIPTS = \
anvil-update-states \
anvil-update-system \
anvil-version-changes \
+ anvil-virsh-wrapper \
anvil-watch-bonds \
anvil-watch-drbd \
anvil-watch-power \
@@ -68,7 +67,7 @@ dist_sbin_SCRIPTS = \
striker-scan-network \
striker-show-db-counts \
striker-update-cluster
-
+
fencedir = ${FASEXECPREFIX}/sbin
dist_fence_SCRIPTS = \
diff --git a/tools/anvil-virsh-wrapper b/tools/anvil-virsh-wrapper
new file mode 100755
index 00000000..c42bc2c4
--- /dev/null
+++ b/tools/anvil-virsh-wrapper
@@ -0,0 +1,10 @@
+#!/bin/sh -e
+
+(
+ if [ "$1" != "list" ]; then
+ virsh $@
+ exit $?
+ fi
+ flock -e 200
+ virsh $@
+) 200>/tmp/virsh.lock