From 0539d581dd588e494e6a42ab7335226162652f1e Mon Sep 17 00:00:00 2001 From: David Kunz Date: Mon, 12 Jul 2021 15:37:46 +0200 Subject: Adding fencing scripts. --- libexec/fence/fence | 110 ++++++++++++++++++++++ libexec/fence/functions/exist | 7 ++ libexec/fence/functions/start | 8 ++ libexec/fence/functions/status | 14 +++ libexec/fence/functions/stop | 8 ++ libexec/fence/ssh-trigger | 64 +++++++++++++ libexec/fence/ssh-trigger.d/1000-service-check.sh | 16 ++++ 7 files changed, 227 insertions(+) create mode 100755 libexec/fence/fence create mode 100755 libexec/fence/functions/exist create mode 100755 libexec/fence/functions/start create mode 100755 libexec/fence/functions/status create mode 100755 libexec/fence/functions/stop create mode 100755 libexec/fence/ssh-trigger create mode 100755 libexec/fence/ssh-trigger.d/1000-service-check.sh diff --git a/libexec/fence/fence b/libexec/fence/fence new file mode 100755 index 0000000..9ab9f41 --- /dev/null +++ b/libexec/fence/fence @@ -0,0 +1,110 @@ +#!/bin/sh -x + +# External FENCE module for container-tools a open-infrastrucutre-container-tools managed +# systemd nspawn container environment. +# +# Copyright (C) 2021 David Kunz +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of version 2 of the GNU General Public License as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it would be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. +# +# Further, this software is distributed without any warranty that it is +# free of the rightful claim of any third person regarding infringement +# or the like. Any license provided herein, whether implied or +# otherwise, applies only to this software file. Patent licenses, if +# any, provided herein do not apply to combinations of this program with +# other software, or any other product whatsoever. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +set -e + +PROJECT="open-infrastructure" +PROGRAM="fence" +#COMMAND="$(basename ${0})" + +# Parameter +PARAMETERS="${1}" + +#for SCRIPT in /usr/share/compute-tools/fence/ssh-trigger.d/*.sh +#do +# . "${SCRIPT}" +#done + +Parameters () +{ + OPTIONS_ALL="" + + GETOPT_LONGOPTIONS="name:,start,stop,status,exist," + GETOPT_OPTIONS="n:," + + PARAMETERS="$(getopt --longoptions ${GETOPT_LONGOPTIONS} --name=${COMMAND} --options ${GETOPT_OPTIONS} --shell sh -- ${@})" + + if [ "${?}" != "0" ] + then + echo "'${COMMAND}': getopt exit" >&2 + exit 1 + fi + + eval set -- "${PARAMETERS}" + + while true + do + case "${1}" in + -n|--name) + NAME="${2}" + shift 2 + ;; + + --start) + COMMAND="start" + shift 1 + ;; + + --stop) + COMMAND="stop" + shift 1 + ;; + + --status) + COMMAND="status" + shift 1 + ;; + + --exist) + COMMAND="exist" + shift 1 + ;; + + --) + shift 1 + break + ;; + + *) + echo "'${COMMAND}': getopt error" >&2 + exit 1 + ;; + esac + done +} + +Usage () +{ + echo "Usage: ${PROGRAM} ${COMMAND} -n|--name NAME" >&2 + echo + echo "See ${COMMAND}(1), ${PROGRAM}(1) and ${PROJECT}(7) for more information." + + exit 1 +} + +Parameters "${@}" + +"/usr/share/compute-tools/${PROGRAM}/functions/${COMMAND}" "${NAME}" diff --git a/libexec/fence/functions/exist b/libexec/fence/functions/exist new file mode 100755 index 0000000..183b5c4 --- /dev/null +++ b/libexec/fence/functions/exist @@ -0,0 +1,7 @@ +#!/bin/sh + +set -e + +NAME="${@}" + +sudo cnt list -f sh | grep -q "^${NAME}" diff --git a/libexec/fence/functions/start b/libexec/fence/functions/start new file mode 100755 index 0000000..b71cd1b --- /dev/null +++ b/libexec/fence/functions/start @@ -0,0 +1,8 @@ +#!/bin/sh + +set -e + +NAME="${@}" + +sudo cnt start -n ${NAME} 2> /dev/null +exit $? diff --git a/libexec/fence/functions/status b/libexec/fence/functions/status new file mode 100755 index 0000000..03eaed2 --- /dev/null +++ b/libexec/fence/functions/status @@ -0,0 +1,14 @@ +#!/bin/sh -x + +set -e + +NAME="${@}" + +if sudo cnt list -f sh -s | grep -qs "^${NAME}" +then + CNT_STATUS="started" +else + CNT_STATUS="stopped" +fi + +export CNT_STATUS=${CNT_STATUS} diff --git a/libexec/fence/functions/stop b/libexec/fence/functions/stop new file mode 100755 index 0000000..5db1616 --- /dev/null +++ b/libexec/fence/functions/stop @@ -0,0 +1,8 @@ +#!/bin/sh + +set -e + +NAME="${@}" + +sudo cnt stop -n ${NAME} +exit $? diff --git a/libexec/fence/ssh-trigger b/libexec/fence/ssh-trigger new file mode 100755 index 0000000..af24028 --- /dev/null +++ b/libexec/fence/ssh-trigger @@ -0,0 +1,64 @@ +#!/bin/sh -x + +# External FENCE module for container-tools a open-infrastrucutre-container-tools managed +# systemd nspawn container environment. +# +# Copyright (C) 2021 David Kunz +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of version 2 of the GNU General Public License as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it would be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. +# +# Further, this software is distributed without any warranty that it is +# free of the rightful claim of any third person regarding infringement +# or the like. Any license provided herein, whether implied or +# otherwise, applies only to this software file. Patent licenses, if +# any, provided herein do not apply to combinations of this program with +# other software, or any other product whatsoever. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +set -e + +PROJECT="open-infrastructure" +PROGRAM="fence" +COMMAND="$(basename ${0})" + +export SENDER_IP="$(echo ${SSH_CLIENT} | awk '{ print $1 }')" + +# Parameter +PARAMETER="${1}" + +if [ -z "${PARAMETER}" ] +then + echo "Usage: ${PROGRAM} COMMAND [OPTIONS]" >&2 + echo "Usage: ${PROGRAM} COMMAND1,COMMAND2,... [COMMON_OPTIONS]" >&2 + echo + echo "See ${PROGRAM}(1) and ${PROJECT}(7) for more information." + exit 1 +fi + +# Command +COMMANDS="${1}" + +# Options +shift 1 +OPTIONS="${*}" + +for COMMAND in $(echo "${COMMANDS}" | sed -e 's|,| |g') +do + if [ ! -e "/usr/share/compute-tools/${PROGRAM}/${COMMAND}" ] + then + echo "'${COMMAND}': no such ${PROGRAM} command, see fence(1)." >&2 + exit 1 + fi + + "/usr/share/compute-tools/${PROGRAM}/${COMMAND}" "${OPTIONS}" + +done diff --git a/libexec/fence/ssh-trigger.d/1000-service-check.sh b/libexec/fence/ssh-trigger.d/1000-service-check.sh new file mode 100755 index 0000000..32f7ae7 --- /dev/null +++ b/libexec/fence/ssh-trigger.d/1000-service-check.sh @@ -0,0 +1,16 @@ +#!/bin/sh -x + +set -e + +SENDER="$(dig -x ${SENDER_IP})" +CLUSTER="$(echo ${SENDER} | awk -F. '{ print $(NF-2)"."$(NF-1)"."$NF }' )" +SERVICE="$(echo ${SENDER} | grep ${CLUSTER})" + +echo "Service: ${SERVICE}." + +# check if the same cluster +if [ -z ${SERVICE} ] +then + echo "Permission denied." + exit 1 +fi -- cgit v1.2.3