diff options
| author | David Teigland <teigland@redhat.com> | 2009-06-04 16:10:53 -0500 |
|---|---|---|
| committer | David Teigland <teigland@redhat.com> | 2009-06-04 16:10:53 -0500 |
| commit | 44d232131bcf34014e8cb743a436227ab6ae5334 (patch) | |
| tree | dc032ef6c50a199c68ff437691c4122ddb61bbf8 | |
| parent | ac2d3c82e00ba073006b8b406c15d02c5390d6fc (diff) | |
| download | dct-stuff-44d232131bcf34014e8cb743a436227ab6ae5334.tar.gz dct-stuff-44d232131bcf34014e8cb743a436227ab6ae5334.tar.xz dct-stuff-44d232131bcf34014e8cb743a436227ab6ae5334.zip | |
cpgx: use iptables to kill nodes
stop traffic with iptables prior to killing the corosync process;
I think this tends to look more like a real node failure
Signed-off-by: David Teigland <teigland@redhat.com>
| -rw-r--r-- | cpgx/cpgx.c | 43 |
1 files changed, 34 insertions, 9 deletions
diff --git a/cpgx/cpgx.c b/cpgx/cpgx.c index 23748b7..8313d7a 100644 --- a/cpgx/cpgx.c +++ b/cpgx/cpgx.c @@ -38,17 +38,13 @@ #include <sys/wait.h> #include <sys/types.h> -#ifdef WHITETANK -#include <openais/cpg.h> -#else -#include <corosync/cpg.h> -#endif - #include "list.h" #ifdef WHITETANK +#include <openais/cpg.h> static char *exec_name = "aisexec"; #else +#include <corosync/cpg.h> static char *exec_name = "corosync"; #endif @@ -138,6 +134,10 @@ static cpg_handle_t dct_cpg_handle; static int dct_cpg_client; static int dct_cpg_fd; +static char iptables_a[128]; +static char iptables_d[128]; +static char exec_addr[64]; +static int exec_port = 5405; static int exec_join = 0; static int prog_quit; static int cluster_down; @@ -1500,6 +1500,8 @@ void restart_cluster(void) syslog(LOG_WARNING, "%ld killing %s", time(NULL), exec_name); log_debug("killing %s", exec_name); + system(iptables_a); + if (exec_name[0] == 'a') system("killall -9 aisexec"); else @@ -1510,6 +1512,8 @@ void restart_cluster(void) sleep(10); + system(iptables_d); + syslog(LOG_WARNING, "%ld starting %s", time(NULL), exec_name); log_debug("starting %s", exec_name); @@ -1649,7 +1653,10 @@ void print_usage(void) DEFAULT_SYNC_MAX); printf(" -t <sec> timeout after no dispatch for this many seconds, default 0 (never)\n"); printf(" -i <sec> run for this many seconds, default 0 (forever)\n"); - printf(" -p run \"%s\" to join with -d rather than cman_tool\n", exec_name); + printf(" -j join (per -d) by running \"%s\", not cman_tool\n", exec_name); + printf(" -a <addr> IP address used for %s communication\n", exec_name); + printf(" (implies that iptables should be used with -d)\n"); + printf(" -p <port> udp port used for %s communication\n", exec_name); printf(" -c continue after error\n"); printf(" -V print version\n"); printf("\n"); @@ -1673,7 +1680,7 @@ int main(int argc, char **argv) int optchar; while (cont) { - optchar = getopt(argc, argv, "H:D:l:e:d:s:t:i:pchV"); + optchar = getopt(argc, argv, "H:D:l:e:d:s:t:i:ja:p:chV"); switch (optchar) { case 'H': @@ -1708,10 +1715,18 @@ int main(int argc, char **argv) iterations_sec = atoi(optarg); break; - case 'p': + case 'j': exec_join = 1; break; + case 'a': + strncpy(exec_addr, optarg, 63); + break; + + case 'p': + exec_port = atoi(optarg); + break; + case 'c': continue_after_error = 1; break; @@ -1730,6 +1745,16 @@ int main(int argc, char **argv) }; } + if (exec_addr[0]) { + sprintf(iptables_a, + "iptables -A OUTPUT -s %s -p udp --dport %d -j DROP", + exec_addr, exec_port); + + sprintf(iptables_d, + "iptables -D OUTPUT -s %s -p udp --dport %d -j DROP", + exec_addr, exec_port); + } + parent_begin = time(NULL); srandom(time(NULL)); |