Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package resource-agents for openSUSE:Factory
checked in at 2025-07-25 17:04:11
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/resource-agents (Old)
and /work/SRC/openSUSE:Factory/.resource-agents.new.13279 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "resource-agents"
Fri Jul 25 17:04:11 2025 rev:141 rq:1295449 version:4.16.0+git90.968ad701
Changes:
--------
--- /work/SRC/openSUSE:Factory/resource-agents/resource-agents.changes
2025-05-20 09:36:40.017628594 +0200
+++
/work/SRC/openSUSE:Factory/.resource-agents.new.13279/resource-agents.changes
2025-07-25 17:04:34.507395035 +0200
@@ -1,0 +2,20 @@
+Thu Jul 24 07:38:20 UTC 2025 - Peter Varkoly <vark...@suse.com>
+
+- Update to version 4.16.0+git90.968ad701:
+ * OCPBUGS-58324: podman-etcd Add OOM score adjustment for etcd containers
+ * ocf-shellfuncs: remove extra sleep from curl_retry (#2058)
+ * Filesystem: remove validate-all fstype check, as there isnt a reliable and
portable way to check
+ * IPaddr2: add link status DOWN/LOWERLAYERDOWN check
+ * ocf-shellfuncs: set SHELL to default shell if it's set to nologin
+ * mariadb: add SSL/TLS-Support (#2045)
+ * findif.sh: fix to avoid duplicate route issues
+ * podman-etcd: fix listen-peer-urls binding (#2049)
+ * azure-events-az: Update Deployment info section
+ * azure-events: backport relevant changes from azure-events-az
+- Remove unsupported RAs from resource-agents package
+ Remove man pages of unsupported RAs from resource-agents package
+ Adapt drop-deprecated-agents.patch (jsc#PED-8737)
+- Move %{_usr}/lib/ocf/resource.d/heartbeat/ldirectord into the
+ package ldirectord
+
+-------------------------------------------------------------------
Old:
----
resource-agents-4.16.0+git73.99f301e1.tar.xz
New:
----
resource-agents-4.16.0+git90.968ad701.tar.xz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ resource-agents.spec ++++++
--- /var/tmp/diff_new_pack.y4Spqf/_old 2025-07-25 17:04:35.183423085 +0200
+++ /var/tmp/diff_new_pack.y4Spqf/_new 2025-07-25 17:04:35.183423085 +0200
@@ -17,7 +17,7 @@
Name: resource-agents
-Version: 4.16.0+git73.99f301e1
+Version: 4.16.0+git90.968ad701
Release: 0
Summary: HA Reusable Cluster Resource Scripts
License: GPL-2.0-only AND LGPL-2.1-or-later AND GPL-3.0-or-later
@@ -191,6 +191,7 @@
%service_add_pre ldirectord.service
%files
+%exclude %{_usr}/lib/ocf/resource.d/heartbeat/ldirectord
%defattr(-,root,root)
%dir %{_prefix}/lib/ocf
%dir %{_prefix}/lib/ocf/resource.d
@@ -245,5 +246,6 @@
%{_sbindir}/rcldirectord
%exclude %{_sysconfdir}/init.d/ldirectord
%{_sysconfdir}/ha.d/resource.d/ldirectord
+%{_usr}/lib/ocf/resource.d/heartbeat/ldirectord
%config(noreplace) %{_sysconfdir}/logrotate.d/ldirectord
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.y4Spqf/_old 2025-07-25 17:04:35.235425243 +0200
+++ /var/tmp/diff_new_pack.y4Spqf/_new 2025-07-25 17:04:35.239425409 +0200
@@ -1,7 +1,7 @@
<servicedata>
<service name="tar_scm">
<param name="url">https://github.com/ClusterLabs/resource-agents.git</param>
-<param name="changesrevision">06d95bba916b1b39f15eb2615b9412c18e937a52</param>
+<param name="changesrevision">968ad70124518348f8115fc414cf48bd1193e538</param>
</service>
</servicedata>
(No newline at EOF)
++++++ drop-deprecated-agents.patch ++++++
--- /var/tmp/diff_new_pack.y4Spqf/_old 2025-07-25 17:04:35.259426239 +0200
+++ /var/tmp/diff_new_pack.y4Spqf/_new 2025-07-25 17:04:35.259426239 +0200
@@ -1,5 +1,5 @@
---- a/heartbeat/Makefile.am.orig 2025-05-13 13:52:11.405852066 +0200
-+++ b/heartbeat/Makefile.am 2025-05-13 13:51:45.149625303 +0200
+--- a/heartbeat/Makefile.am.orig 2025-07-22 19:05:57.520867141 +0200
++++ b/heartbeat/Makefile.am 2025-07-22 19:06:36.125190546 +0200
@@ -50,94 +50,61 @@
send_ua_SOURCES = send_ua.c IPv6addr_utils.c
send_ua_LDADD = $(LIBNETLIBS)
@@ -110,7 +110,7 @@
oraasm \
oracle \
oralsnr \
-@@ -157,39 +119,22 @@
+@@ -157,39 +119,21 @@
ovsmonitor \
pgagent \
pgsql \
@@ -128,7 +128,7 @@
rsyncd \
- rsyslog \
- scsi2reservation \
- sfex \
+- sfex \
sg_persist \
- mpathpersist \
- slapd \
@@ -154,4 +154,159 @@
if BUILD_AZURE_EVENTS_AZ
ocf_SCRIPTS += azure-events-az
+--- resource-agents/doc/man/Makefile.am.orig 2025-07-24 07:12:57.504178731
+0200
++++ resource-agents/doc/man/Makefile.am 2025-07-24 07:21:55.135798301
+0200
+@@ -77,69 +77,46 @@
+ # 12126 on savannah.gnu.org. But, maybe it gets fixed soon, it was
+ # first reported in 1995 and added to Savannah in in 2005...
+ if BUILD_DOC
+-man_MANS = ocf_heartbeat_AoEtarget.7 \
+- ocf_heartbeat_AudibleAlarm.7 \
+- ocf_heartbeat_ClusterMon.7 \
+- ocf_heartbeat_CTDB.7 \
++man_MANS = ocf_heartbeat_CTDB.7 \
+ ocf_heartbeat_Delay.7 \
+ ocf_heartbeat_Dummy.7 \
+- ocf_heartbeat_EvmsSCC.7 \
+- ocf_heartbeat_Evmsd.7 \
+ ocf_heartbeat_Filesystem.7 \
+- ocf_heartbeat_ICP.7 \
+- ocf_heartbeat_IPaddr.7 \
+ ocf_heartbeat_IPaddr2.7 \
+ ocf_heartbeat_IPsrcaddr.7 \
+ ocf_heartbeat_LVM.7 \
+ ocf_heartbeat_LVM-activate.7 \
+- ocf_heartbeat_LinuxSCSI.7 \
+ ocf_heartbeat_MailTo.7 \
+- ocf_heartbeat_ManageRAID.7 \
+- ocf_heartbeat_ManageVE.7 \
+ ocf_heartbeat_NodeUtilization.7 \
+- ocf_heartbeat_Pure-FTPd.7 \
+ ocf_heartbeat_Raid1.7 \
+ ocf_heartbeat_Route.7 \
+ ocf_heartbeat_SAPDatabase.7 \
+ ocf_heartbeat_SAPInstance.7 \
+ ocf_heartbeat_SendArp.7 \
+- ocf_heartbeat_ServeRAID.7 \
+- ocf_heartbeat_SphinxSearchDaemon.7 \
+ ocf_heartbeat_Squid.7 \
+ ocf_heartbeat_Stateful.7 \
+- ocf_heartbeat_SysInfo.7 \
+- ocf_heartbeat_VIPArip.7 \
+ ocf_heartbeat_VirtualDomain.7 \
+ ocf_heartbeat_WAS.7 \
+ ocf_heartbeat_WAS6.7 \
+- ocf_heartbeat_WinPopup.7 \
+- ocf_heartbeat_Xen.7 \
+ ocf_heartbeat_Xinetd.7 \
+ ocf_heartbeat_ZFS.7 \
+ ocf_heartbeat_aliyun-vpc-move-ip.7 \
+ ocf_heartbeat_anything.7 \
+ ocf_heartbeat_apache.7 \
+- ocf_heartbeat_asterisk.7 \
+ ocf_heartbeat_aws-vpc-move-ip.7 \
+ ocf_heartbeat_aws-vpc-route53.7 \
+ ocf_heartbeat_awseip.7 \
+ ocf_heartbeat_awsvip.7 \
+ ocf_heartbeat_azure-lb.7 \
+- ocf_heartbeat_clvm.7 \
+- ocf_heartbeat_conntrackd.7 \
+ ocf_heartbeat_corosync-qnetd.7 \
+ ocf_heartbeat_crypt.7 \
+ ocf_heartbeat_db2.7 \
+ ocf_heartbeat_dhcpd.7 \
+ ocf_heartbeat_docker.7 \
+ ocf_heartbeat_docker-compose.7 \
+- ocf_heartbeat_dovecot.7 \
+ ocf_heartbeat_dnsupdate.7 \
+ ocf_heartbeat_dummypy.7 \
+- ocf_heartbeat_eDir88.7 \
+ ocf_heartbeat_ethmonitor.7 \
+ ocf_heartbeat_exportfs.7 \
+- ocf_heartbeat_fio.7 \
+ ocf_heartbeat_galera.7 \
+ ocf_heartbeat_garbd.7 \
+ ocf_heartbeat_gcp-ilb.7 \
+@@ -149,23 +126,12 @@
+ ocf_heartbeat_iface-bridge.7 \
+ ocf_heartbeat_iface-macvlan.7 \
+ ocf_heartbeat_iface-vlan.7 \
+- ocf_heartbeat_ipsec.7 \
+- ocf_heartbeat_ids.7 \
+- ocf_heartbeat_iscsi.7 \
+- ocf_heartbeat_jboss.7 \
+- ocf_heartbeat_jira.7 \
+- ocf_heartbeat_kamailio.7 \
+ ocf_heartbeat_lvmlockd.7 \
+- ocf_heartbeat_lxc.7 \
+- ocf_heartbeat_lxd-info.7 \
+- ocf_heartbeat_machine-info.7 \
+ ocf_heartbeat_mariadb.7 \
+ ocf_heartbeat_mdraid.7 \
+- ocf_heartbeat_minio.7 \
+ ocf_heartbeat_mpathpersist.7 \
+ ocf_heartbeat_mysql.7 \
+ ocf_heartbeat_mysql-proxy.7 \
+- ocf_heartbeat_nagios.7 \
+ ocf_heartbeat_named.7 \
+ ocf_heartbeat_nfsnotify.7 \
+ ocf_heartbeat_nfsserver.7 \
+@@ -174,10 +140,6 @@
+ ocf_heartbeat_nvmet-namespace.7 \
+ ocf_heartbeat_nvmet-port.7 \
+ ocf_heartbeat_openstack-info.7 \
+- ocf_heartbeat_ocivip.7 \
+- ocf_heartbeat_openstack-cinder-volume.7 \
+- ocf_heartbeat_openstack-floating-ip.7 \
+- ocf_heartbeat_openstack-virtual-ip.7 \
+ ocf_heartbeat_oraasm.7 \
+ ocf_heartbeat_oracle.7 \
+ ocf_heartbeat_oralsnr.7 \
+@@ -185,42 +147,25 @@
+ ocf_heartbeat_ovsmonitor.7 \
+ ocf_heartbeat_pgagent.7 \
+ ocf_heartbeat_pgsql.7 \
+- ocf_heartbeat_pingd.7 \
+ ocf_heartbeat_podman.7 \
+ ocf_heartbeat_podman-etcd.7 \
+ ocf_heartbeat_portblock.7 \
+ ocf_heartbeat_postfix.7 \
+- ocf_heartbeat_pound.7 \
+- ocf_heartbeat_proftpd.7 \
+ ocf_heartbeat_rabbitmq-cluster.7 \
+ ocf_heartbeat_rabbitmq-server-ha.7 \
+ ocf_heartbeat_redis.7 \
+- ocf_heartbeat_rkt.7 \
+ ocf_heartbeat_rsyncd.7 \
+- ocf_heartbeat_rsyslog.7 \
+- ocf_heartbeat_scsi2reservation.7 \
+- ocf_heartbeat_sfex.7 \
+- ocf_heartbeat_slapd.7 \
+- ocf_heartbeat_smb-share.7 \
+- ocf_heartbeat_sybaseASE.7 \
+ ocf_heartbeat_sg_persist.7 \
+ ocf_heartbeat_storage-mon.7 \
+- ocf_heartbeat_symlink.7 \
+- ocf_heartbeat_syslog-ng.7 \
+- ocf_heartbeat_tomcat.7 \
+- ocf_heartbeat_varnish.7 \
+- ocf_heartbeat_vdo-vol.7 \
+- ocf_heartbeat_vmware.7 \
+- ocf_heartbeat_vsftpd.7 \
+- ocf_heartbeat_zabbixserver.7
++ ocf_heartbeat_symlink.7
+
+ if USE_IPV6ADDR_AGENT
+ man_MANS += ocf_heartbeat_IPv6addr.7
+ endif
+
+-if BUILD_AZURE_EVENTS
+-man_MANS += ocf_heartbeat_azure-events.7
+-endif
++#if BUILD_AZURE_EVENTS
++#man_MANS += ocf_heartbeat_azure-events.7
++#endif
+
+ if BUILD_AZURE_EVENTS_AZ
+ man_MANS += ocf_heartbeat_azure-events-az.7
++++++ resource-agents-4.16.0+git73.99f301e1.tar.xz ->
resource-agents-4.16.0+git90.968ad701.tar.xz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/resource-agents-4.16.0+git73.99f301e1/heartbeat/Filesystem
new/resource-agents-4.16.0+git90.968ad701/heartbeat/Filesystem
--- old/resource-agents-4.16.0+git73.99f301e1/heartbeat/Filesystem
2025-05-12 11:32:08.000000000 +0200
+++ new/resource-agents-4.16.0+git90.968ad701/heartbeat/Filesystem
2025-07-09 15:05:41.000000000 +0200
@@ -978,23 +978,6 @@
#
Filesystem_validate_all()
{
- # Check if the $FSTYPE is workable
- # NOTE: Without inserting the $FSTYPE module, this step may be imprecise
- # TODO: This is Linux specific crap.
- if [ ! -z "$FSTYPE" -a "$FSTYPE" != none ]; then
- cut -f2 /proc/filesystems | grep "^${FSTYPE}$" >/dev/null 2>&1
- if [ $? -ne 0 ]; then
- modpath=/lib/modules/$(uname -r)
- moddep=$modpath/modules.dep
- # Do we have $FSTYPE in modules.dep?
- cut -d' ' -f1 $moddep \
- | grep "^${modpath}.*${FSTYPE}\.k\?o:$"
>/dev/null 2>&1
- if [ $? -ne 0 ]; then
- ocf_log info "It seems we do not have $FSTYPE
support"
- fi
- fi
- fi
-
# If we are supposed to do monitoring with status files, then
# we need a utility to write in O_DIRECT mode.
if [ $OCF_CHECK_LEVEL -gt 0 ]; then
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/resource-agents-4.16.0+git73.99f301e1/heartbeat/IPaddr2
new/resource-agents-4.16.0+git90.968ad701/heartbeat/IPaddr2
--- old/resource-agents-4.16.0+git73.99f301e1/heartbeat/IPaddr2 2025-05-12
11:32:08.000000000 +0200
+++ new/resource-agents-4.16.0+git90.968ad701/heartbeat/IPaddr2 2025-07-09
15:05:41.000000000 +0200
@@ -92,6 +92,19 @@
OCF_RESKEY_noprefixroute_default="false"
OCF_RESKEY_preferred_lft_default="forever"
OCF_RESKEY_network_namespace_default=""
+OCF_RESKEY_check_link_status_default="true"
+
+# RHEL specific defaults
+if is_redhat_based; then
+ get_os_ver
+ ocf_version_cmp "$VER" "10.1" 2>/dev/null
+
+ case "$?" in
+ # RHEL < 10.1
+ 0)
+ OCF_RESKEY_check_link_status_default="false";;
+ esac
+fi
: ${OCF_RESKEY_ip=${OCF_RESKEY_ip_default}}
: ${OCF_RESKEY_cidr_netmask=${OCF_RESKEY_cidr_netmask_default}}
@@ -116,6 +129,7 @@
: ${OCF_RESKEY_noprefixroute=${OCF_RESKEY_noprefixroute_default}}
: ${OCF_RESKEY_preferred_lft=${OCF_RESKEY_preferred_lft_default}}
: ${OCF_RESKEY_network_namespace=${OCF_RESKEY_network_namespace_default}}
+: ${OCF_RESKEY_check_link_status=${OCF_RESKEY_check_link_status_default}}
#######################################################################
@@ -449,6 +463,14 @@
<shortdesc lang="en">Network namespace to use</shortdesc>
<content type="string" default="${OCF_RESKEY_network_namespace_default}"/>
</parameter>
+
+<parameter name="check_link_status">
+<longdesc lang="en">
+Consider the resource failed if the interface has status DOWN or
LOWERLAYERDOWN.
+</longdesc>
+<shortdesc lang="en">Consider the resource failed if the interface has status
DOWN or LOWERLAYERDOWN</shortdesc>
+<content type="string" default="${OCF_RESKEY_check_link_status_default}"/>
+</parameter>
</parameters>
<actions>
@@ -581,6 +603,9 @@
elif [ "$__OCF_ACTION" = stop ]; then
ocf_log warn "[$FINDIF] failed"
exit $OCF_SUCCESS
+ elif [ "$__OCF_ACTION" = start ]; then
+ ocf_exit_reason "[$FINDIF] failed"
+ exit $OCF_ERR_INSTALLED
else
ocf_exit_reason "[$FINDIF] failed"
exit $rc
@@ -1002,6 +1027,12 @@
return 0
fi
+ if ocf_is_true "$OCF_RESKEY_check_link_status" && $IP2UTIL -f $FAMILY
addr show $cur_nic | \
+ grep -q "[[:space:]]\(DOWN\|LOWERLAYERDOWN\)[[:space:]]"; then
+ echo "down"
+ return 0
+ fi
+
if [ -z "$IP_CIP" ]; then
for i in $cur_nic; do
# check address label
@@ -1073,6 +1104,11 @@
exit $OCF_SUCCESS
fi
+ if [ "$ip_status" = "down" ]; then
+ ocf_exit_reason "IP $OCF_RESKEY_ip available, but device has
status $ip_status"
+ exit $OCF_ERR_INSTALLED
+ fi
+
if [ "$ip_status" = "partial3" ]; then
ocf_exit_reason "IP $OCF_RESKEY_ip available, but label missing"
exit $OCF_ERR_GENERIC
@@ -1096,7 +1132,7 @@
echo "+$IP_INC_NO" >$IP_CIP_FILE
fi
- if [ "$ip_status" = "no" ]; then
+ if [ "$ip_status" != "ok" ]; then
if ocf_is_true ${OCF_RESKEY_lvs_support}; then
for i in `find_interface $OCF_RESKEY_ip 32`; do
case $i in
@@ -1213,6 +1249,7 @@
# interface health maybe via a daemon like FailSafe etc...
local ip_status=`ip_served`
+ ocf_log debug "monitor: $ip_status"
case $ip_status in
ok)
run_arp_sender refresh
@@ -1221,6 +1258,9 @@
no)
exit $OCF_NOT_RUNNING
;;
+ down)
+ exit $OCF_ERR_INSTALLED
+ ;;
*)
# Errors on this interface?
return $OCF_ERR_GENERIC
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/resource-agents-4.16.0+git73.99f301e1/heartbeat/azure-events-az.in
new/resource-agents-4.16.0+git90.968ad701/heartbeat/azure-events-az.in
--- old/resource-agents-4.16.0+git73.99f301e1/heartbeat/azure-events-az.in
2025-05-12 11:32:08.000000000 +0200
+++ new/resource-agents-4.16.0+git90.968ad701/heartbeat/azure-events-az.in
2025-07-09 15:05:41.000000000 +0200
@@ -749,10 +749,22 @@
away from the affected node to allow for a graceful shutdown.
Deployment:
- crm configure primitive rsc_azure-events-az
ocf:heartbeat:azure-events-az \
+
+ Set property and location constraint:
+ crm configure property node-health-strategy=custom
+ crm configure location loc_azure_health /'!health-.*'/ rule
'#health-azure': defined '#uname'
+
+ Set #health-azure attribute to 0 (healthy) for every node in the
cluster (example of node1 only):
+ crm_attribute --node node1 --name '#health-azure' --update 0
+
+ Configure the RA:
+ crm configure primitive health-azure-events
ocf:heartbeat:azure-events-az \
params eventTypes="Reboot,Redeploy" verbose=false
retry_count=3 retry_wait=20 request_timeout=15 \
- op monitor interval=10s
- crm configure clone cln_azure-events-az rsc_azure-events-az
+ op start start-delay=60s \
+ op monitor interval=10s \
+ meta failure-timeout=120s
+ crm configure clone health-azure-events-cln health-azure-events
\
+ meta allow-unhealthy-nodes=true
For further information on Microsoft Azure Scheduled Events, please
refer to the following documentation:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/resource-agents-4.16.0+git73.99f301e1/heartbeat/azure-events.in
new/resource-agents-4.16.0+git90.968ad701/heartbeat/azure-events.in
--- old/resource-agents-4.16.0+git73.99f301e1/heartbeat/azure-events.in
2025-05-12 11:32:08.000000000 +0200
+++ new/resource-agents-4.16.0+git90.968ad701/heartbeat/azure-events.in
2025-07-09 15:05:41.000000000 +0200
@@ -602,21 +602,21 @@
ocf.logger.info("handleRemoteEvents: handling remote
event %s (%s; nodes = %s)" % (e.EventId, e.EventType, str(e.Resources)))
# before we can force an event to start, we need to
ensure all nodes involved have stopped their resources
if e.EventStatus == "Scheduled":
- allNodesStopped = True
+ allResourcesNowStopped = True
for azName in e.Resources:
hostName =
clusterHelper.getHostNameFromAzName(azName)
state = self.getState(node=hostName)
if state == STOPPING:
# the only way we can continue
is when node state is STOPPING, but all resources have been stopped
if not
clusterHelper.allResourcesStoppedOnNode(hostName):
-
ocf.logger.info("handleRemoteEvents: (at least) node %s has still resources
running -> wait" % hostName)
- allNodesStopped = False
+
ocf.logger.info("handleRemoteEvents: (at least) node %s still has resources
running -> wait" % hostName)
+ allResourcesNowStopped
= False
break
elif state in (AVAILABLE, IN_EVENT,
ON_HOLD):
ocf.logger.info("handleRemoteEvents: node %s is still %s -> remote event needs
to be picked up locally" % (hostName, nodeStateToString(state)))
- allNodesStopped = False
+ allResourcesNowStopped = False
break
- if allNodesStopped:
+ if allResourcesNowStopped:
ocf.logger.info("handleRemoteEvents:
nodes %s are stopped -> add remote event %s to force list" % (str(e.Resources),
e.EventId))
for n in e.Resources:
hostName =
clusterHelper.getHostNameFromAzName(n)
@@ -698,11 +698,11 @@
ocf.logger.debug("handleLocalEvents: no
local azEvents to handle")
if curState == STOPPING:
if
clusterHelper.noPendingResourcesOnNode(self.hostName):
- ocf.logger.info("handleLocalEvents: all
local resources are started properly -> put node standby")
+ ocf.logger.info("handleLocalEvents: all
local resources are stopped -> put node standby")
self.putNodeStandby()
mayUpdateDocVersion = True
else:
- ocf.logger.info("handleLocalEvents:
some local resources are not clean yet -> wait")
+ ocf.logger.info("handleLocalEvents:
some local resources are not stopped yet -> wait")
ocf.logger.debug("handleLocalEvents: finished;
mayUpdateDocVersion = %s" % str(mayUpdateDocVersion))
return mayUpdateDocVersion
@@ -801,6 +801,7 @@
Deployment:
crm configure primitive rsc_azure-events
ocf:heartbeat:azure-events \
+ params eventTypes=Reboot,Redeploy verbose=false \
op monitor interval=10s
crm configure clone cln_azure-events rsc_azure-events
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/resource-agents-4.16.0+git73.99f301e1/heartbeat/findif.sh
new/resource-agents-4.16.0+git90.968ad701/heartbeat/findif.sh
--- old/resource-agents-4.16.0+git73.99f301e1/heartbeat/findif.sh
2025-05-12 11:32:08.000000000 +0200
+++ new/resource-agents-4.16.0+git90.968ad701/heartbeat/findif.sh
2025-07-09 15:05:41.000000000 +0200
@@ -217,18 +217,14 @@
fi
if [ -n "$nic" ] ; then
# NIC supports more than two.
- routematch=$(ip -o -f $family route list match $match $proto $scope | grep
-v "^\(unreachable\|prohibit\|blackhole\)" | grep "dev $nic " | sed -e
's,^\([0-9.]\+\) ,\1/32 ,;s,^\([0-9a-f:]\+\) ,\1/128 ,' | sort -t/ -k2,2nr)
+ routematch=$(ip -o -f $family route list match $match $proto $scope | grep
"dev $nic " | sed -e 's,^\([0-9.]\+\) ,\1/32 ,;s,^\([0-9a-f:]\+\) ,\1/128 ,' |
sort -t/ -k2,2nr)
else
- routematch=$(ip -o -f $family route list match $match $proto $scope | grep
-v "^\(unreachable\|prohibit\|blackhole\)" | sed -e 's,^\([0-9.]\+\) ,\1/32
,;s,^\([0-9a-f:]\+\) ,\1/128 ,' | sort -t/ -k2,2nr)
- fi
- if [ "$family" = "inet6" ]; then
- routematch=$(echo "$routematch" | grep -v "^default")
+ routematch=$(ip -o -f $family route list match $match $proto $scope | sed
-e 's,^\([0-9.]\+\) ,\1/32 ,;s,^\([0-9a-f:]\+\) ,\1/128 ,' | sort -t/ -k2,2nr)
fi
- if [ $(echo "$routematch" | wc -l) -gt 1 ]; then
- ocf_exit_reason "More than 1 routes match $match. Unable to decide which
route to use."
- return $OCF_ERR_GENERIC
- fi
+ # ignore matches from unrelated tables, and sort by metric to get the route
with the lowest metric
+ routematch=$(echo "$routematch" | awk
'!/^(default|unreachable|prohibit|blackhole)/{match($0, /metric ([^ ]+)/, arr);
print arr[1], $0}' | sort -k 1n -u | cut -d" " -f 2- | head -1)
+
set -- $routematch
if [ $# = 0 ] ; then
case $OCF_RESKEY_ip in
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/resource-agents-4.16.0+git73.99f301e1/heartbeat/mariadb.in
new/resource-agents-4.16.0+git90.968ad701/heartbeat/mariadb.in
--- old/resource-agents-4.16.0+git73.99f301e1/heartbeat/mariadb.in
2025-05-12 11:32:08.000000000 +0200
+++ new/resource-agents-4.16.0+git90.968ad701/heartbeat/mariadb.in
2025-07-09 15:05:41.000000000 +0200
@@ -247,6 +247,39 @@
<content type="string" default="${OCF_RESKEY_replication_port_default}" />
</parameter>
+<parameter name="replication_require_ssl" unique="0" required="0">
+<longdesc lang="en">
+Enables SSL connection to local MySQL service for replication user.
+i.e. if REQUIRE SSL for replication user in MySQL set, this should be set to
"true".
+</longdesc>
+<shortdesc lang="en">MySQL replication require ssl</shortdesc>
+<content type="string" default="${OCF_RESKEY_replication_require_ssl_default}"
/>
+</parameter>
+
+<parameter name="replication_master_ssl_ca" unique="0" required="0">
+<longdesc lang="en">
+The SSL CA certificate to be used for replication over SSL.
+</longdesc>
+<shortdesc lang="en">MySQL replication SSL CA certificate</shortdesc>
+<content type="string"
default="${OCF_RESKEY_replication_master_ssl_ca_default}" />
+</parameter>
+
+<parameter name="replication_master_ssl_cert" unique="0" required="0">
+<longdesc lang="en">
+The SSL CA certificate to be used for replication over SSL.
+</longdesc>
+<shortdesc lang="en">MySQL replication SSL certificate</shortdesc>
+<content type="string"
default="${OCF_RESKEY_replication_master_ssl_cert_default}" />
+</parameter>
+
+<parameter name="replication_master_ssl_key" unique="0" required="0">
+<longdesc lang="en">
+The SSL certificate key to be used for replication over SSL.
+</longdesc>
+<shortdesc lang="en">MySQL replication SSL certificate key</shortdesc>
+<content type="string"
default="${OCF_RESKEY_replication_master_ssl_key_default}" />
+</parameter>
+
</parameters>
<actions>
@@ -255,6 +288,7 @@
<action name="status" timeout="60s" />
<action name="monitor" depth="0" timeout="30s" interval="20s" />
<action name="monitor" role="Promoted" depth="0" timeout="30s" interval="10s"
/>
+<action name="monitor" role="Unpromoted" depth="0" timeout="30s"
interval="30s" />
<action name="promote" timeout="120s" />
<action name="demote" timeout="120s" />
<action name="notify" timeout="90s" />
@@ -600,6 +634,7 @@
set_master() {
local new_master=$($CRM_ATTR_REPL_INFO --query -q)
+ local master_ssl_params
# Informs the MariaDB server of the master to replicate
# from. Accepts one mandatory argument which must contain the host
@@ -607,12 +642,20 @@
# from the laste master the slave replicated from, or freshly
# reset with RESET MASTER.
ocf_log info "Changing MariaDB configuration to replicate from
$new_master."
+ if [ -n "$OCF_RESKEY_replication_master_ssl_ca" ] && [ -n
"$OCF_RESKEY_replication_master_ssl_cert" ] && [ -n
"$OCF_RESKEY_replication_master_ssl_key" ]; then
+ master_ssl_params="MASTER_SSL=1, \
+ MASTER_SSL_CA='$OCF_RESKEY_replication_master_ssl_ca', \
+ MASTER_SSL_CERT='$OCF_RESKEY_replication_master_ssl_cert', \
+ MASTER_SSL_KEY='$OCF_RESKEY_replication_master_ssl_key', "
+ fi
+
ocf_run $MYSQL $MYSQL_OPTIONS_REPL \
-e "CHANGE MASTER TO MASTER_HOST='$new_master', \
MASTER_PORT=$OCF_RESKEY_replication_port, \
MASTER_USER='$OCF_RESKEY_replication_user', \
MASTER_PASSWORD='$OCF_RESKEY_replication_passwd', \
+ $master_ssl_params \
MASTER_USE_GTID=current_pos";
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/resource-agents-4.16.0+git73.99f301e1/heartbeat/mysql-common.sh
new/resource-agents-4.16.0+git90.968ad701/heartbeat/mysql-common.sh
--- old/resource-agents-4.16.0+git73.99f301e1/heartbeat/mysql-common.sh
2025-05-12 11:32:08.000000000 +0200
+++ new/resource-agents-4.16.0+git90.968ad701/heartbeat/mysql-common.sh
2025-07-09 15:05:41.000000000 +0200
@@ -97,7 +97,14 @@
MYSQL=$OCF_RESKEY_client_binary
if ocf_is_true "$OCF_RESKEY_replication_require_ssl"; then
- MYSQL_OPTIONS_LOCAL_SSL_OPTIONS="--ssl-mode=REQUIRED"
+ if [ "${OCF_RESOURCE_TYPE}" = "mariadb" ] ; then
+ MYSQL_OPTIONS_LOCAL_SSL_OPTIONS="--ssl"
+ if [ -n "${OCF_RESKEY_replication_master_ssl_ca}" ] ; then
+ MYSQL_OPTIONS_LOCAL_SSL_OPTIONS="${MYSQL_OPTIONS_LOCAL_SSL_OPTIONS}
--ssl-ca=${OCF_RESKEY_replication_master_ssl_ca}"
+ fi
+ else
+ MYSQL_OPTIONS_LOCAL_SSL_OPTIONS="--ssl-mode=REQUIRED"
+ fi
else
MYSQL_OPTIONS_LOCAL_SSL_OPTIONS=""
fi
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/resource-agents-4.16.0+git73.99f301e1/heartbeat/ocf-shellfuncs.in
new/resource-agents-4.16.0+git90.968ad701/heartbeat/ocf-shellfuncs.in
--- old/resource-agents-4.16.0+git73.99f301e1/heartbeat/ocf-shellfuncs.in
2025-05-12 11:32:08.000000000 +0200
+++ new/resource-agents-4.16.0+git90.968ad701/heartbeat/ocf-shellfuncs.in
2025-07-09 15:05:41.000000000 +0200
@@ -65,6 +65,8 @@
# to make sure that ocf_is_probe() always works
: ${OCF_RESKEY_CRM_meta_interval=0}
+[ "${SHELL##*/}" = "nologin" ] && SHELL="$SH"
+
ocf_is_root() {
if [ X`id -u` = X0 ]; then
true
@@ -706,7 +708,9 @@
[ $? -ne 0 ] && exit $OCF_ERR_GENERIC
args=$(echo "$args" | sed "s/$OLD_TOKEN/$TOKEN/")
fi
- sleep $sleep
+ if [ $try -lt $tries ]; then
+ sleep $sleep
+ fi
done
if [ $rc -ne 0 ]; then
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/resource-agents-4.16.0+git73.99f301e1/heartbeat/podman-etcd
new/resource-agents-4.16.0+git90.968ad701/heartbeat/podman-etcd
--- old/resource-agents-4.16.0+git73.99f301e1/heartbeat/podman-etcd
2025-05-12 11:32:08.000000000 +0200
+++ new/resource-agents-4.16.0+git90.968ad701/heartbeat/podman-etcd
2025-07-09 15:05:41.000000000 +0200
@@ -45,6 +45,7 @@
OCF_RESKEY_authfile_default="/var/lib/kubelet/config.json"
OCF_RESKEY_allow_pull_default="1"
OCF_RESKEY_reuse_default="0"
+OCF_RESKEY_oom_default="-997"
: ${OCF_RESKEY_image=${OCF_RESKEY_image_default}}
: ${OCF_RESKEY_pod_manifest=${OCF_RESKEY_pod_manifest_default}}
@@ -53,6 +54,7 @@
: ${OCF_RESKEY_authfile=${OCF_RESKEY_authfile_default}}
: ${OCF_RESKEY_allow_pull=${OCF_RESKEY_allow_pull_default}}
: ${OCF_RESKEY_reuse=${OCF_RESKEY_reuse_default}}
+: ${OCF_RESKEY_oom=${OCF_RESKEY_oom_default}}
#######################################################################
@@ -230,6 +232,16 @@
<shortdesc lang="en">drop-in dependency</shortdesc>
<content type="boolean"/>
</parameter>
+
+<parameter name="oom" required="0" unique="0">
+<longdesc lang="en">
+Tune the host's Out-Of-Memory (OOM) preferences for containers (accepts values
from -1000 to 1000).
+Default to same OOM score as system-node-critical
+https://kubernetes.io/docs/concepts/scheduling-eviction/node-pressure-eviction/#node-out-of-memory-behavior
+</longdesc>
+<shortdesc lang="en">OOM for container</shortdesc>
+<content type="integer" default="${OCF_RESKEY_oom_default}"/>
+</parameter>
</parameters>
<actions>
@@ -436,15 +448,9 @@
ETCD_PEER_CERT=$(get_env_from_manifest "ETCDCTL_CERT")
ETCD_PEER_KEY=$(get_env_from_manifest "ETCDCTL_KEY")
- if is_learner; then
- LISTEN_CLIENT_URLS="$NODEIP"
- LISTEN_PEER_URLS="$NODEIP"
- LISTEN_METRICS_URLS="$NODEIP"
- else
- LISTEN_CLIENT_URLS="0.0.0.0"
- LISTEN_PEER_URLS="0.0.0.0"
- LISTEN_METRICS_URLS="0.0.0.0"
- fi
+ LISTEN_CLIENT_URLS="0.0.0.0"
+ LISTEN_PEER_URLS="0.0.0.0"
+ LISTEN_METRICS_URLS="0.0.0.0"
}
archive_data_folder()
@@ -1232,7 +1238,10 @@
fi
podman_create_mounts
- local run_opts="-d --name=${CONTAINER}"
+ local run_opts="--detach --name=${CONTAINER}"
+
+ run_opts="$run_opts --oom-score-adj=${OCF_RESKEY_oom}"
+
# check to see if the container has already started
podman_simple_status
if [ $? -eq $OCF_SUCCESS ]; then
@@ -1519,6 +1528,11 @@
exit $OCF_ERR_CONFIGURED
fi
+ if [ "$OCF_RESKEY_oom" -lt -1000 ] || [ "$OCF_RESKEY_oom" -gt 1000 ];
then
+ ocf_exit_reason "'oom' value ${OCF_RESKEY_oom} is out of range
[-1000:1000]"
+ exit $OCF_ERR_CONFIGURED
+ fi
+
return $OCF_SUCCESS
}
