The branch, 2.5 has been updated via 1dd1b97bef36e2409f633e9c46fa5f9829ebcc1a (commit) via 7dfcdd11e2519428facbb9c2fefd611298d909a7 (commit) via 73c48fcb489b3a2ed25ebeaf50c85e17340a7dc3 (commit) via d3c6b91fc969b2e7be33ac5e3199cd00fc24bc2d (commit) via 5c603f8544313921ad9a0cda2e8c363a08630c39 (commit) via 7c6010d81d35e88c837ba7b73f49deb8591e77d9 (commit) via 3187c5bdd1c3b9beb1e8a771be9ec098cfed7905 (commit) via b68b9ee88cde5895d33942bc6272f45c4c569374 (commit) via 12608433cb124d1dfd58871ce415a69e32b11a7b (commit) via f58aa41b38b9780d55b1d18f1825b25918e60ad3 (commit) via 0cf5e3f7f3de6710866464f962759dbb90877aea (commit) via 82fed9c7f7b17f69d8c0841c8dd4fa43ca0559c4 (commit) via 79aadd267337589a614ed55a6bea95d2c99f7dbd (commit) via 35856b396472c0e7e509b5bdc0bc06ce26d0eb91 (commit) via b57299b9bae4708abb56d85c82086876ac6aa6c9 (commit) via d430966587f7df6425527d085ccb9db92f70d3ce (commit) via d46285257b63f973d9a865bf036fa5c35c8e09c8 (commit) via a1b294107c86e2d4ef2c8a497486fa6a41b03611 (commit) via d05fc5d27664659dadb11da5c5577d3a03680c5c (commit) via 18b46d8c48dda6059c1f121b26172595449c85ac (commit) via f9d7b09b6a51fdfb81a36aadc45286d42479fb02 (commit) via 6fbbed56c063f157efc9ede14453337dcd10f261 (commit) via dbfd244e68658199275b21bd7fa6495e5c279fe0 (commit) via 507549952e9468fd37097ad6966bcd7b59b93f32 (commit) via 60522f6ddecbe60b0b25434777883bec601cb05a (commit) via d4c7359586e1b679ae643bab19f8f70e662b50eb (commit) via e2e7c28458c47e5a924a431b0e38736c39ea0724 (commit) via f5c58609588da4b44a3f6d517824e4e4ed44f8dd (commit) via 1c8a0a2a868c933d46a8f64255a41494af5eb444 (commit) via 6ad6c8cd18187e0f527aef9bad34d3d955f1049f (commit) via ce432d80a766a9e6fcee547584e479c0eb464307 (commit) via 829ab70845b4914cab36b2ab53c9d0b2ddb5937c (commit) via 786a9e2d773092460e6b9dc67d25c2d5dea17a8c (commit) via a5736fdf0f715b152d8b36ad906da1abf3c75b98 (commit) via 92a9f9b0ce12606f8283c87d1602ff351a541353 (commit) via 39bf8ca67073b9a8eee95f8f998eaf33a2533608 (commit) via c4bebebece59ced5679b42efd71841554d81745a (commit) via 2707862906b8766d5eeb25a7ef394c58884c95eb (commit) via 3bc598f2c53f0e9bed031ab68dd35ec2c7f53db0 (commit) via d916858a18b7255600be214f0823f3ddfafbc328 (commit) via 27489c80920cae7c30dc33f2b3b4084d41fea61c (commit) from dfed4f36662df4b0fccb45ef390eea36382a3738 (commit)
https://git.samba.org/?p=ctdb.git;a=shortlog;h=2.5 - Log ----------------------------------------------------------------- commit 1dd1b97bef36e2409f633e9c46fa5f9829ebcc1a Author: Led <led...@gmail.com> Date: Sun Dec 14 21:06:44 2014 +0200 scripts: Fix bashism in ctdbd_wrapper script BUG: https://bugzilla.samba.org/show_bug.cgi?id=11007 Signed-off-by: Oleksandr Chumachenko <led...@gmail.com> Reviewed-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Michael Adam <ob...@samba.org> (Imported from commit 2c3672f4249a7d3453b7e82ca96b4cd666aae709) commit 7dfcdd11e2519428facbb9c2fefd611298d909a7 Author: Martin Schwenke <mar...@meltin.net> Date: Sat Dec 20 19:54:13 2014 +1100 tests: Fix tickle sniffing for IPv4 tcptickle_sniff_start() assumes that if $dst contains a ': then it should use the IPv6 sniffing code. However, $dst is a socket, so has a trailing ":<port>". Strip the trailing ":<port>" before checking for ':' as a marker for an IPv6 address. Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Michael Adam <ob...@samba.org> (Imported from commit 82aa6bd2f27775f3fd82931d613379d5d618ef70) commit 73c48fcb489b3a2ed25ebeaf50c85e17340a7dc3 Author: Martin Schwenke <mar...@meltin.net> Date: Wed Dec 3 12:10:07 2014 +1100 tests: Need to drop public IPs in kill-failover tests These tests simulate a dead node rather than a CTDB failure, so drop IP addresses when killing a "node" to avoid problems with duplicates. To cope with a CTDB failure a watchdog would be needed to ensure that the public IPs are dropped when CTDB dies. Let's not do that now. Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> Autobuild-User(master): Martin Schwenke <mart...@samba.org> Autobuild-Date(master): Fri Dec 5 23:29:39 CET 2014 on sn-devel-104 (Imported from commit a07af1bb56a76d1a7ab856547c801499fc17b21b) commit d3c6b91fc969b2e7be33ac5e3199cd00fc24bc2d Author: Martin Schwenke <mar...@meltin.net> Date: Tue Dec 2 10:57:12 2014 +1100 daemon: Gratuitous ARP equivalent for IPv6 is neighbor advertisement Not neighbour solicitation. See: https://tools.ietf.org/html/rfc4861#section-4.4 Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> (Imported from commit 7f3f3b15d52c4047cbcb1c3e81f65675c8708f5f) commit 5c603f8544313921ad9a0cda2e8c363a08630c39 Author: Martin Schwenke <mar...@meltin.net> Date: Wed Dec 3 12:09:12 2014 +1100 tests: More debug on SSH failure Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> (Imported from commit 3a2c8bb906fac4e2611a28ead6b4290ddc93de54) commit 7c6010d81d35e88c837ba7b73f49deb8591e77d9 Author: Martin Schwenke <mar...@meltin.net> Date: Mon Dec 1 13:30:29 2014 +1100 tests: Make tcpdump output more verbose This helps with debugging. Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> (Imported from commit 49449f66fca52d5044d2e486570562df866adf57) commit 3187c5bdd1c3b9beb1e8a771be9ec098cfed7905 Author: Martin Schwenke <mar...@meltin.net> Date: Sat Nov 29 20:01:20 2014 +1100 tests: Use ip neigh command instead of arp Extend select_test_node_and_ips() to set $test_prefix in addition to $test_ip. Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> (Imported from commit a7e7d95de9cf09652cef63d65484bbb0faa42e1c) commit b68b9ee88cde5895d33942bc6272f45c4c569374 Author: Martin Schwenke <mar...@meltin.net> Date: Mon Dec 1 14:07:57 2014 +1100 tests: Generalise the gratarp and tickle sniffing code for IPv6 Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> Pair-programmed-with: Amitay Isaacs <ami...@gmail.com> (Imported from commit 0f3d9752c4677b2f3b5ee47a0b8f973b4260ef57) commit 12608433cb124d1dfd58871ce415a69e32b11a7b Author: Martin Schwenke <mar...@meltin.net> Date: Mon Dec 1 13:51:47 2014 +1100 tests: Match IPv6 connections in netstat output Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> (Imported from commit 3135a8c62551e09a3abada86335882a91d398747) commit f58aa41b38b9780d55b1d18f1825b25918e60ad3 Author: Martin Schwenke <mar...@meltin.net> Date: Mon Dec 1 13:50:42 2014 +1100 tests: Use ping_wrapper to do relevant ping or ping6 Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> (Imported from commit 255705c030135bd54a1f7a7dc40cbf00c2fb39c9) commit 0cf5e3f7f3de6710866464f962759dbb90877aea Author: Martin Schwenke <mar...@meltin.net> Date: Wed Dec 3 15:58:20 2014 +1100 tests: Extend regexps to handle IPv6 address matching Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> (Imported from commit 62acf5986f52a3118ed4e3638c5ac8b1f9c0adf8) commit 82fed9c7f7b17f69d8c0841c8dd4fa43ca0559c4 Author: Martin Schwenke <mar...@meltin.net> Date: Wed Dec 3 15:57:35 2014 +1100 tests: Bracket IP addresses in NFS mounts and scp command (for IPv6) Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> (Imported from commit 62164ec52fd1082863bf5017a5170f74f18a07c3) commit 79aadd267337589a614ed55a6bea95d2c99f7dbd Author: Martin Schwenke <mar...@meltin.net> Date: Wed Nov 26 21:32:22 2014 +1100 tests: Try to handle IPv6 addresses for local daemons If CTDB_USE_IPV6 is set then use IPv6 addresses for nodes and public IPs. This can be useful for some simple tests. However, the node address actually needs to be on lo so that ctdbd can bind to the port on that address, so they actually need to be added as root before running tests, like this: for i in $(seq 1 10) ; do ip addr add "fc00:10::${i}/64" dev lo ; done IPv4 127.0.0.0/8 addresses are somehow magic and only one needs to be on lo so that many can be bound to. Also change the IPv4 node addresses to be (slightly) more exotic. For both IPv4 and IPv6, choose addresses that are compatible with socket wrapper. Signed-off-by: Martin Schwenke <mar...@meltin.net> Signed-off-by: Amitay Isaacs <ami...@gmail.com> (socket wrapper fixes) Reviewed-by: Amitay Isaacs <ami...@gmail.com> Reviewed-by: Martin Schwenke <mar...@meltin.net> (socket wrapper fixes) (Imported from commit d9d07fff34143d251b4987cdb1cff1e8b3384e64) commit 35856b396472c0e7e509b5bdc0bc06ce26d0eb91 Author: Martin Schwenke <mar...@meltin.net> Date: Wed Nov 26 21:31:42 2014 +1100 tests: Extend regexp to match IPv6 addresses Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> (Imported from commit 2a83b74597a3366536e1935e2e8ff23493503117) commit b57299b9bae4708abb56d85c82086876ac6aa6c9 Author: Martin Schwenke <mar...@meltin.net> Date: Fri Nov 28 21:49:08 2014 +1100 tools: Bracket IP addresses in onnode (for IPv6) Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> (Imported from commit 2d480792e7d0b3f6628186dc77f54b708e315dd1) commit d430966587f7df6425527d085ccb9db92f70d3ce Author: Amitay Isaacs <ami...@gmail.com> Date: Tue Nov 25 12:38:23 2014 +1100 daemon: Fix IP address comparisons for IPv6 addresses Before storing node IP address, convert into the correct abbreviated string form for IPv6 addresses. Signed-off-by: Amitay Isaacs <ami...@gmail.com> Reviewed-by: Martin Schwenke <mar...@meltin.net> (Imported from commit e3c59d83d0ace9d7421d40d33fe917fb82bb38d8) commit d46285257b63f973d9a865bf036fa5c35c8e09c8 Author: Martin Schwenke <mar...@meltin.net> Date: Fri Nov 21 17:33:21 2014 +1100 scripts: Wait until IPv6 addresses are not "tentative" There are a few potential failure modes when adding an IPv6 address. It takes a little while of duplicate address detection to complete, so wait for a while. After a timeout, also need to check to see if duplicate address detection failed - if it did then actually drop the IP address. This really needs some careful thinking. If CTDB disappears on a node but the node's IP addresses are still on interfaces then the above failure mode could cause the takeover nodes to become banned. Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> (Imported from commit d0b2375c3d754da3cd68e34617ab3edd36e9317b) commit a1b294107c86e2d4ef2c8a497486fa6a41b03611 Author: Amitay Isaacs <ami...@gmail.com> Date: Thu Nov 20 21:58:31 2014 +1100 eventscripts: Specify broadcast optionally to ip addr add Signed-off-by: Amitay Isaacs <ami...@gmail.com> Reviewed-by: Martin Schwenke <mar...@meltin.net> (Imported from commit d4212bd6a533b4b54b56e376a9246f2396cba253) commit d05fc5d27664659dadb11da5c5577d3a03680c5c Author: Martin Schwenke <mar...@meltin.net> Date: Fri Nov 21 14:52:47 2014 +1100 daemon: Trust vnn->interface for an IP when releasing it ctdb_sys_find_ifname() doesn't work for IPv6 addresses so don't use it. Trust the eventscript to do sanity checking on the interface. Current warnings are replaced with equivalents generated by the eventscript. The unlikely message: Public IP %s is hosted on interface %s but we have no VNN will be replaced by: WARNING: Public IP %s hosted on interface %s but VNN says __none__ which is clear enough. Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> (Imported from commit 108b1be0ee62af7ecb3c775f45c540dd07a527bf) commit 18b46d8c48dda6059c1f121b26172595449c85ac Author: Martin Schwenke <mar...@meltin.net> Date: Fri Nov 21 14:46:00 2014 +1100 scripts: Make 10.interface IPv6-safe Add checking to "releaseip" and "updateip" to ensure that the given IP address is really on the given interface with the given netmask. If reality doesn't match the given arguments then believe reality. Use new function iptables_wrapper() instead of calling iptables() directly. Use new function flush_route_cache() instead of doing IPv4-specific /proc magic. Remove setting of otherwise unused variable "failed". Fix a test for which the error message has changed. Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> (Imported from commit 6471541d6d2bc9f2af0ff92b280abbd1d933cf88) commit f9d7b09b6a51fdfb81a36aadc45286d42479fb02 Author: Martin Schwenke <mar...@meltin.net> Date: Fri Nov 21 14:39:43 2014 +1100 scripts: New functions ip6tables() and iptables_wrapper() ip6tables() uses the same lock as iptables(). This is done on suspicion. iptables_wrapper() takes 1st argument "inet" or "inet6", and the rest is passed to the correct iptables variant. Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> (Imported from commit c314ae0b2af4a902cdd003ec6d663fe5b62b003b) commit 6fbbed56c063f157efc9ede14453337dcd10f261 Author: Martin Schwenke <mar...@meltin.net> Date: Fri Nov 21 14:37:54 2014 +1100 scripts: Add IPv6 addresses support in ip_maskbits_iface() It also prints a third word, the address family. This is either "inet" or "inet6". Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> (Imported from commit ed029ae0a1faa56bf882a71d10828e2a90ab0bc7) commit dbfd244e68658199275b21bd7fa6495e5c279fe0 Author: Martin Schwenke <mar...@meltin.net> Date: Fri Nov 21 10:48:25 2014 +1100 utils: Update Nagios code to use ctdb -X Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> (Imported from commit b41c1bdaa1df92ee6c510ae6749d0524b88ef828) commit 507549952e9468fd37097ad6966bcd7b59b93f32 Author: Martin Schwenke <mar...@meltin.net> Date: Fri Nov 21 10:47:22 2014 +1100 doc: Update examples to use ctdb -X Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> (Imported from commit 0d61b6137306ee0eab2981e3c213023c332da550) commit 60522f6ddecbe60b0b25434777883bec601cb05a Author: Martin Schwenke <mar...@meltin.net> Date: Fri Nov 21 10:45:57 2014 +1100 tool: Fix "ctdb -Y ifaces" output to have trailing delimiters In the CTDB CLI tool source code and the documentation example. Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> (Imported from commit 550fb8ce877cf980b4fd3be4f964449b369cf61e) commit d4c7359586e1b679ae643bab19f8f70e662b50eb Author: Martin Schwenke <mar...@meltin.net> Date: Thu Nov 20 15:03:25 2014 +1100 tests: Update integration tests to use ctdb -X Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> (Imported from commit 2c4de75d8754616891e97222cfb2ec58fdd8eac2) commit e2e7c28458c47e5a924a431b0e38736c39ea0724 Author: Martin Schwenke <mar...@meltin.net> Date: Thu Nov 20 14:39:59 2014 +1100 tools: Update onnode and ctdb-diagnostics to use ctdb -X Also update onnode unit tests. Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> (Imported from commit 55df9c86c19e261a2a384ffc4b77c596c84e53a0) commit f5c58609588da4b44a3f6d517824e4e4ed44f8dd Author: Martin Schwenke <mar...@meltin.net> Date: Thu Nov 20 14:32:46 2014 +1100 scripts: Update eventscripts to use ctdb -X instead of ctdb -Y Also update associated eventscript unit tests and ctdb stub. Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> (Imported from commit 4940f191d37b5deadc8b1edf0cd516674e5d5d64) commit 1c8a0a2a868c933d46a8f64255a41494af5eb444 Author: Martin Schwenke <mar...@meltin.net> Date: Wed Nov 19 18:19:50 2014 +1100 tools: Add -X option for machine parsable output with separator '|' Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> (Imported from commit 7428f809a76044fcbc98fd5f718e331ce183941d) commit 6ad6c8cd18187e0f527aef9bad34d3d955f1049f Author: Martin Schwenke <mar...@meltin.net> Date: Wed Nov 19 17:15:21 2014 +1100 tools: Add -x option to specify delimiter for machine readable output To support this, update printm() to replace ':' in format string with options.machineseparator, which is a string but must contain a single character. Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> (Imported from commit 3b90e45bae555cc4a47fe9958b86628d41084868) commit ce432d80a766a9e6fcee547584e479c0eb464307 Author: Martin Schwenke <mar...@meltin.net> Date: Wed Nov 19 16:35:35 2014 +1100 tools: Produce machine readable output with new function printm() printm() is a printf(3) replacement and must be used to printing any machine readable output. It currently just calls vprintf(3). Later it will change the field delimiter. Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> (Imported from commit fbacbb9c7868e22c04980af3602bae59dd5fe34d) commit 829ab70845b4914cab36b2ab53c9d0b2ddb5937c Author: Martin Schwenke <mar...@meltin.net> Date: Wed Sep 24 17:07:12 2014 +1000 tests: Make the fake log timestamp string easy to modify Use a variable to allow easy change of this string in case future logging changes modify the timestamp format or do not support timestamping. Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Volker Lendecke <v...@samba.org> (Imported from commit 1c8c0be6f97f74169c0b46be4df2245aa631186a) commit 786a9e2d773092460e6b9dc67d25c2d5dea17a8c Author: Martin Schwenke <mar...@meltin.net> Date: Fri Sep 12 13:20:43 2014 +1000 tests: Clean up some tests where IP movement is checked Some of this implements logic that exists in functions. Some of it is overly complicated and potentially failure-prone. Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> (Imported from commit 371543207e8955d6665fcec03b261d80cde2401b) commit a5736fdf0f715b152d8b36ad906da1abf3c75b98 Author: Martin Schwenke <mar...@meltin.net> Date: Fri Sep 12 15:21:49 2014 +1000 tests: Remove dependency on log ringbuffer from missing IP test The log ringbuffer will probably be removed. The test can be implemented just as reliably by checking IP assignments using "ctdb ip". Update wait_until_ips_are_on_node() to print a more useful log message. Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> (Imported from commit 81a8758b9b24bbb7200be4682016f989b904bda8) commit 92a9f9b0ce12606f8283c87d1602ff351a541353 Author: Martin Schwenke <mar...@meltin.net> Date: Wed Sep 17 20:34:39 2014 +1000 tests: Make all_ips_on_node() do what it should The "-n all" is wrong. Simplify the implementation and tighten up some uses of this function. _select_test_node_and_ips() can't use this function anymore. Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> (Imported from commit e3089d7da17e2f25d426005eca0fe55397f2689f) commit 39bf8ca67073b9a8eee95f8f998eaf33a2533608 Author: Martin Schwenke <mar...@meltin.net> Date: Fri Sep 12 13:40:01 2014 +1000 tests: Factor out new function get_test_ip_mask_and_iface() Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> (Imported from commit 81213af32ae17eaae33f9d27c9b7ce63c84ce5df) commit c4bebebece59ced5679b42efd71841554d81745a Author: Martin Schwenke <mar...@meltin.net> Date: Fri Sep 12 13:34:51 2014 +1000 tests: Simplify and rename wait_until_ips_are_on_nodeglob() The glob functionality is unsed so simplify the code by removing it. Rename this function to wait_until_ips_are_on_node(). Update all calls. Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> (Imported from commit 4b8cfe4847477e3cfdb3f4dd7070226a6604bc38) commit 2707862906b8766d5eeb25a7ef394c58884c95eb Author: Amitay Isaacs <ami...@gmail.com> Date: Tue Jul 8 16:31:21 2014 +1000 tests: Do not run ip command if running against local daemons Signed-off-by: Amitay Isaacs <ami...@gmail.com> Reviewed-by: Martin Schwenke <mar...@meltin.net> Autobuild-User(master): Amitay Isaacs <ami...@samba.org> Autobuild-Date(master): Tue Jul 8 12:48:06 CEST 2014 on sn-devel-104 (Imported from commit bf7f2b06e8e36710d0f9bf0684e70538e809dd16) commit 3bc598f2c53f0e9bed031ab68dd35ec2c7f53db0 Author: Martin Schwenke <mar...@meltin.net> Date: Fri Mar 14 13:14:18 2014 +1100 eventscripts: Fix regression in IP add/delete functions Commit 176ae6c704528c021fcc34a41878584f43a00119 caused these functions to exit on failure. This is incorrect and broke NAT gateway. Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> (Imported from commit 058e14cdb0b6eb2e999dca599961ae6734105f99) commit d916858a18b7255600be214f0823f3ddfafbc328 Author: Martin Schwenke <mar...@meltin.net> Date: Tue Jan 28 16:08:50 2014 +1100 tests-eventscripts: Testing support for promote_secondaries Just enable this behaviour by default in the ip command stub, since 10.interface assumes/sets it. The rc.local replacement for set_proc() doesn't do anything... Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> (Imported from commit a226015990356ee989c5b9a472581bb3187de894) commit 27489c80920cae7c30dc33f2b3b4084d41fea61c Author: Martin Schwenke <mar...@meltin.net> Date: Tue Jan 28 14:41:25 2014 +1100 eventscripts: Deleting IPs should use the promote_secondaries option If a primary IP address is being deleted from an interface, the secondaries are remembered and added back after the primary is deleted. This is done under a lock shared by the add/del script code. It is necessary because, by default, Linux deletes secondaries when the corresponding primary is deleted. There is a race here between ctdbd and the scripts, since ctdbd doesn't know about the lock. If ctdbd receives a release IP control and the IP address is not on an interface then it is regarded as a "Redundant release of IP" so no "releaseip" event is generated. This can occur if the IP address in question is a secondary that has been temporarily dropped. It is more likely if the number of secondaries is large. Since Linux 2.6.12 (i.e. 2005) Linux has supported a promote_secondaries option on interfaces. This option is currently undocumented but that will change in Linux 3.14. With promote_secondaries enabled the kernel will not drop secondaries but will promote a corresponding secondary instead. The kernel does all necessary locking. Use promote_secondaries to simplify the code, avoid re-adding secondaries, avoid re-adding routes and provide improved performance. This could be done conditionally, with a fallback to legacy secondary-re-adding code, but no supported Linux distribution is running a pre-2.6.12 kernel so this is unnecessary. Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> (Imported from commit 176ae6c704528c021fcc34a41878584f43a00119) ----------------------------------------------------------------------- Summary of changes: common/ctdb_util.c | 12 +- common/system_linux.c | 49 +++- config/ctdbd_wrapper | 2 +- config/events.d/10.interface | 91 ++++-- config/events.d/13.per_ip_routing | 6 +- config/events.d/62.cnfs | 2 +- config/events.d/70.iscsi | 2 +- config/functions | 166 +++++------ config/statd-callout | 8 +- doc/ctdb.1.xml | 66 +++-- server/ctdb_takeover.c | 25 +- tests/complex/11_ctdb_delip_removes_ip.sh | 81 +----- tests/complex/18_ctdb_reloadips.sh | 4 +- tests/complex/31_nfs_tickle.sh | 7 +- tests/complex/33_gratuitous_arp.sh | 12 +- tests/complex/34_nfs_tickle_restart.sh | 4 +- tests/complex/41_failover_ping_discrete.sh | 12 +- tests/complex/42_failover_ssh_hostname.sh | 17 +- tests/complex/44_failover_nfs_oneway.sh | 2 +- tests/complex/45_failover_nfs_kill.sh | 7 +- tests/complex/scripts/local.bash | 91 +++++- tests/events.d/00.test | 4 +- tests/eventscripts/10.interface.releaseip.002.sh | 5 +- tests/eventscripts/etc-ctdb/rc.local | 3 + tests/eventscripts/scripts/local.sh | 6 +- tests/eventscripts/stubs/ctdb | 22 +- tests/eventscripts/stubs/ip | 11 +- tests/onnode/0070.sh | 10 +- tests/onnode/0071.sh | 10 +- tests/onnode/0072.sh | 10 +- tests/onnode/0075.sh | 10 +- tests/onnode/stubs/onnode-buggy-001 | 12 +- tests/scripts/integration.bash | 151 +++++++--- tests/scripts/unit.sh | 1 + tests/simple/05_ctdb_listnodes.sh | 4 +- tests/simple/11_ctdb_ip.sh | 8 +- tests/simple/12_ctdb_getdebug.sh | 12 +- tests/simple/16_ctdb_config_add_ip.sh | 108 +------- tests/simple/17_ctdb_config_delete_ip.sh | 59 +--- tests/simple/20_delip_iface_gc.sh | 18 +- tests/simple/23_ctdb_moveip.sh | 94 ++----- tests/simple/27_ctdb_detach.sh | 2 +- tests/simple/31_ctdb_disable.sh | 35 +-- tests/simple/32_ctdb_enable.sh | 41 +-- tests/simple/41_ctdb_stop.sh | 33 +-- tests/simple/42_ctdb_continue.sh | 37 +-- tests/simple/60_recoverd_missing_ip.sh | 58 ++-- tests/simple/75_readonly_records_basic.sh | 4 +- tests/simple/scripts/local_daemons.bash | 14 +- tests/takeover/det.001.sh | 14 +- tests/takeover/det.002.sh | 8 +- tests/takeover/det.003.sh | 2 +- tests/takeover/lcp2.004.sh | 12 +- tests/takeover/lcp2.005.sh | 334 +++++++++++------------ tests/takeover/lcp2.023.sh | 132 ++++----- tests/takeover/lcp2.024.sh | 18 +- tests/takeover/lcp2.029.sh | 6 +- tests/takeover/lcp2.031.sh | 196 ++++++------- tests/takeover/nondet.001.sh | 12 +- tests/takeover/nondet.002.sh | 6 +- tests/tool/func.parse_nodestring.003.sh | 2 +- tests/tool/stubby.getcapabilities.003.sh | 2 +- tests/tool/stubby.listnodes.001.sh | 2 +- tests/tool/stubby.lvsmaster.002.sh | 2 +- tests/tool/stubby.natgwlist.009.sh | 8 +- tests/tool/stubby.xpnn.003.sh | 2 +- tools/ctdb.c | 223 +++++++++------ tools/ctdb_diagnostics | 2 +- tools/onnode | 10 +- utils/nagios/check_ctdb | 4 +- 70 files changed, 1202 insertions(+), 1243 deletions(-) mode change 100644 => 100755 utils/nagios/check_ctdb Changeset truncated at 500 lines: diff --git a/common/ctdb_util.c b/common/ctdb_util.c index bdff425..137e0a8 100644 --- a/common/ctdb_util.c +++ b/common/ctdb_util.c @@ -100,12 +100,20 @@ int ctdb_parse_address(struct ctdb_context *ctdb, struct ctdb_address *address) { struct servent *se; + ctdb_sock_addr addr; setservent(0); se = getservbyname("ctdb", "tcp"); endservent(); - - address->address = talloc_strdup(mem_ctx, str); + + /* Parse IP address and re-convert to string. This ensure correct + * string form for IPv6 addresses. + */ + if (! parse_ip(str, NULL, 0, &addr)) { + return -1; + } + + address->address = talloc_strdup(mem_ctx, ctdb_addr_to_str(&addr)); CTDB_NO_MEMORY(ctdb, address->address); if (se == NULL) { diff --git a/common/system_linux.c b/common/system_linux.c index 9aaa1fd..97a57ac 100644 --- a/common/system_linux.c +++ b/common/system_linux.c @@ -75,9 +75,14 @@ int ctdb_sys_send_arp(const ctdb_sock_addr *addr, const char *iface) struct ether_header *eh; struct arphdr *ah; struct ip6_hdr *ip6; - struct nd_neighbor_solicit *nd_ns; + struct nd_neighbor_advert *nd_na; + struct nd_opt_hdr *nd_oh; struct ifreq if_hwaddr; - unsigned char buffer[78]; /* ipv6 neigh solicitation size */ + /* Size of IPv6 neighbor advertisement (with option) */ + unsigned char buffer[sizeof(struct ether_header) + + sizeof(struct ip6_hdr) + + sizeof(struct nd_neighbor_advert) + + sizeof(struct nd_opt_hdr) + ETH_ALEN]; char *ptr; char bdcast[] = {0xff,0xff,0xff,0xff,0xff,0xff}; struct ifreq ifr; @@ -219,31 +224,45 @@ int ctdb_sys_send_arp(const ctdb_sock_addr *addr, const char *iface) memset(buffer, 0 , sizeof(buffer)); eh = (struct ether_header *)buffer; - memset(eh->ether_dhost, 0xff, ETH_ALEN); + /* Ethernet multicast: 33:33:00:00:00:01 (see RFC2464, + * section 7) - note zeroes above! */ + eh->ether_dhost[0] = eh->ether_dhost[1] = 0x33; + eh->ether_dhost[5] = 0x01; memcpy(eh->ether_shost, if_hwaddr.ifr_hwaddr.sa_data, ETH_ALEN); eh->ether_type = htons(ETHERTYPE_IP6); ip6 = (struct ip6_hdr *)(eh+1); ip6->ip6_vfc = 0x60; - ip6->ip6_plen = htons(sizeof(*nd_ns)); + ip6->ip6_plen = htons(sizeof(*nd_na) + + sizeof(struct nd_opt_hdr) + + ETH_ALEN); ip6->ip6_nxt = IPPROTO_ICMPV6; ip6->ip6_hlim = 255; - ip6->ip6_dst = addr->ip6.sin6_addr; - - nd_ns = (struct nd_neighbor_solicit *)(ip6+1); - nd_ns->nd_ns_type = ND_NEIGHBOR_SOLICIT; - nd_ns->nd_ns_code = 0; - nd_ns->nd_ns_reserved = 0; - nd_ns->nd_ns_target = addr->ip6.sin6_addr; - - nd_ns->nd_ns_cksum = tcp_checksum6((uint16_t *)nd_ns, ntohs(ip6->ip6_plen), ip6); + ip6->ip6_src = addr->ip6.sin6_addr; + /* all-nodes multicast */ + inet_pton(AF_INET6, "ff02::1", &ip6->ip6_dst); + + nd_na = (struct nd_neighbor_advert *)(ip6+1); + nd_na->nd_na_type = ND_NEIGHBOR_ADVERT; + nd_na->nd_na_code = 0; + nd_na->nd_na_flags_reserved = ND_NA_FLAG_OVERRIDE; + nd_na->nd_na_target = addr->ip6.sin6_addr; + /* Option: Target link-layer address */ + nd_oh = (struct nd_opt_hdr *)(nd_na+1); + nd_oh->nd_opt_type = ND_OPT_TARGET_LINKADDR; + nd_oh->nd_opt_len = 1; + memcpy(&(nd_oh+1)[0], if_hwaddr.ifr_hwaddr.sa_data, ETH_ALEN); + + nd_na->nd_na_cksum = tcp_checksum6((uint16_t *)nd_na, + ntohs(ip6->ip6_plen), ip6); sall.sll_family = AF_PACKET; sall.sll_halen = 6; - memcpy(&sall.sll_addr[0], bdcast, sall.sll_halen); + memcpy(&sall.sll_addr[0], &eh->ether_dhost[0], sall.sll_halen); sall.sll_protocol = htons(ETH_P_ALL); sall.sll_ifindex = ifr.ifr_ifindex; - ret = sendto(s, buffer, 78, 0, (struct sockaddr *)&sall, sizeof(sall)); + ret = sendto(s, buffer, sizeof(buffer), + 0, (struct sockaddr *)&sall, sizeof(sall)); if (ret < 0 ){ close(s); DEBUG(DEBUG_CRIT,(__location__ " failed sendto\n")); diff --git a/config/ctdbd_wrapper b/config/ctdbd_wrapper index cbde6ba..fa0a269 100755 --- a/config/ctdbd_wrapper +++ b/config/ctdbd_wrapper @@ -156,7 +156,7 @@ kill_ctdbd () start() { if _session=$(ctdbd_is_running) ; then - echo $"CTDB is already running" + echo "CTDB is already running" return 0 fi diff --git a/config/events.d/10.interface b/config/events.d/10.interface index 176b6f3..51d1b97 100755 --- a/config/events.d/10.interface +++ b/config/events.d/10.interface @@ -46,7 +46,7 @@ get_all_interfaces () # Get the interfaces for which CTDB has public IPs configured. # That is, for all but the 1st line, get the 1st field. - ctdb_ifaces=$(ctdb -Y ifaces | sed -e '1d' -e 's@^:@@' -e 's@:.*@@') + ctdb_ifaces=$(ctdb -X ifaces | sed -e '1d' -e 's@^|@@' -e 's@|.*@@') # Add $ctdb_interfaces and uniquify all_interfaces=$(echo $all_interfaces $ctdb_ifaces | tr ' ' '\n' | sort -u) @@ -137,6 +137,34 @@ monitor_interfaces() return 1 } +# Sets: iface, ip, maskbits, family +get_iface_ip_maskbits_family () +{ + _iface_in="$1" + ip="$2" + _maskbits_in="$3" + + set -- $(ip_maskbits_iface "$ip") + if [ -n "$1" ] ; then + maskbits="$1" + iface="$2" + family="$3" + + if [ "$iface" != "$_iface_in" ] ; then + printf \ + 'WARNING: Public IP %s hosted on interface %s but VNN says %s\n' \ + "$ip" "$iface" "$_iface_in" + fi + if [ "$maskbits" != "$_maskbits_in" ] ; then + printf \ + 'WARNING: Public IP %s has %s bit netmask but VNN says %s\n' \ + "$ip" "$maskbits" "$_maskbits_in" + fi + else + die "ERROR: Unable to determine interface for IP ${ip}" + fi +} + ctdb_check_args "$@" case "$1" in @@ -148,6 +176,10 @@ case "$1" in get_proc sys/net/ipv4/conf/all/arp_filter >/dev/null 2>&1 && { set_proc sys/net/ipv4/conf/all/arp_filter 1 } + + _promote="sys/net/ipv4/conf/all/promote_secondaries" + get_proc "$_promote" >/dev/null 2>&1 || \ + die "Public IPs only supported if promote_secondaries is available" ;; ############################# @@ -170,10 +202,13 @@ case "$1" in } # cope with the script being killed while we have the interface blocked - iptables -D INPUT -i $iface -d $ip -j DROP 2> /dev/null + case "$ip" in + *:*) family="inet6" ;; + *) family="inet" ;; + esac + iptables_wrapper $family -D INPUT -i $iface -d $ip -j DROP 2> /dev/null - # flush our route cache - set_proc sys/net/ipv4/route/flush 1 + flush_route_cache ;; @@ -190,25 +225,23 @@ case "$1" in # 2) use netstat -tn to find existing connections, and kill them # 3) remove the IP from the interface # 4) remove the firewall rule - iface=$2 - ip=$3 - maskbits=$4 + shift + get_iface_ip_maskbits_family "$@" - failed=0 # we do an extra delete to cope with the script being killed - iptables -D INPUT -i $iface -d $ip -j DROP 2> /dev/null - iptables -I INPUT -i $iface -d $ip -j DROP + iptables_wrapper $family -D INPUT -i $iface -d $ip -j DROP 2> /dev/null + iptables_wrapper $family -I INPUT -i $iface -d $ip -j DROP kill_tcp_connections $ip delete_ip_from_iface $iface $ip $maskbits || { - iptables -D INPUT -i $iface -d $ip -j DROP 2> /dev/null - exit 1; + iptables_wrapper $family \ + -D INPUT -i $iface -d $ip -j DROP 2> /dev/null + exit 1 } - iptables -D INPUT -i $iface -d $ip -j DROP 2> /dev/null + iptables_wrapper $family -D INPUT -i $iface -d $ip -j DROP 2> /dev/null - # flush our route cache - set_proc sys/net/ipv4/route/flush 1 + flush_route_cache ;; ################################################## @@ -220,34 +253,36 @@ case "$1" in # we finally remove it from the old interface. # # 1) firewall this IP, so no new external packets arrive for it - # 2) add the IP to the new interface - # 3) remove the IP from the old interface + # 2) remove the IP from the old interface (and new interface, to be sure) + # 3) add the IP to the new interface # 4) remove the firewall rule # 5) use ctdb gratiousarp to propagate the new mac address # 6) use netstat -tn to find existing connections, and tickle them - oiface=$2 + _oiface=$2 niface=$3 - ip=$4 - maskbits=$5 + _ip=$4 + _maskbits=$5 + + get_iface_ip_maskbits_family "$_oiface" "$ip" "$maskbits" + oiface="$iface" - failed=0 # we do an extra delete to cope with the script being killed - iptables -D INPUT -i $oiface -d $ip -j DROP 2> /dev/null - iptables -I INPUT -i $oiface -d $ip -j DROP + iptables_wrapper $family -D INPUT -i $oiface -d $ip -j DROP 2> /dev/null + iptables_wrapper $family -I INPUT -i $oiface -d $ip -j DROP delete_ip_from_iface $oiface $ip $maskbits 2>/dev/null delete_ip_from_iface $niface $ip $maskbits 2>/dev/null add_ip_to_iface $niface $ip $maskbits || { - iptables -D INPUT -i $oiface -d $ip -j DROP 2> /dev/null - exit 1; + iptables_wrapper $family \ + -D INPUT -i $oiface -d $ip -j DROP 2> /dev/null + exit 1 } # cope with the script being killed while we have the interface blocked - iptables -D INPUT -i $oiface -d $ip -j DROP 2> /dev/null + iptables_wrapper $family -D INPUT -i $oiface -d $ip -j DROP 2> /dev/null - # flush our route cache - set_proc sys/net/ipv4/route/flush 1 + flush_route_cache # propagate the new mac address ctdb gratiousarp $ip $niface diff --git a/config/events.d/13.per_ip_routing b/config/events.d/13.per_ip_routing index ee83632..cd0020e 100755 --- a/config/events.d/13.per_ip_routing +++ b/config/events.d/13.per_ip_routing @@ -290,7 +290,7 @@ flush_rules_and_routes () # routes. add_missing_routes () { - ctdb ip -v -Y | { + ctdb ip -v -X | { read _x # skip header line # Read the rest of the lines. We're only interested in the @@ -299,7 +299,7 @@ add_missing_routes () # non-local addresses. For each IP local address we check if # the relevant routing table is populated and populate it if # not. - while IFS=":" read _x _ip _x _iface _x ; do + while IFS="|" read _x _ip _x _iface _x ; do [ -n "$_iface" ] || continue _table_id="${table_id_prefix}${_ip}" @@ -317,7 +317,7 @@ add_missing_routes () remove_bogus_routes () { # Get a IPs current hosted by this node, each anchored with '@'. - _ips=$(ctdb ip -v -Y | awk -F: 'NR > 1 && $4 != "" {printf "@%s@\n", $2}') + _ips=$(ctdb ip -v -X | awk -F'|' 'NR > 1 && $4 != "" {printf "@%s@\n", $2}') ip rule show | while read _p _x _i _x _t ; do diff --git a/config/events.d/62.cnfs b/config/events.d/62.cnfs index da02acc..a6ca0c4 100755 --- a/config/events.d/62.cnfs +++ b/config/events.d/62.cnfs @@ -53,7 +53,7 @@ case "$1" in # Wait until we no longer serve any ip addresses at all PNN=`ctdb pnn | cut -d: -f2` - while `ctdb -Y ip | cut -d: -f3 | egrep "^$PNN$" >/dev/null`; do + while `ctdb -X ip | cut -d'|' -f3 | egrep "^$PNN$" >/dev/null`; do sleep 1 done ;; diff --git a/config/events.d/70.iscsi b/config/events.d/70.iscsi index cedaf40..4627822 100755 --- a/config/events.d/70.iscsi +++ b/config/events.d/70.iscsi @@ -36,7 +36,7 @@ case "$1" in # start the iscsi daemon tgtd >/dev/null 2>/dev/null - ips=$(ctdb -Y ip | awk -F: -v pnn=$this_node '$3 == pnn {print $2}') + ips=$(ctdb -X ip | awk -F'|' -v pnn=$this_node '$3 == pnn {print $2}') for ip in $ips ; do script="${CTDB_START_ISCSI_SCRIPTS}/${ip}.sh" if [ -x "$script" ] ; then diff --git a/config/functions b/config/functions index 021f2ad..ef05e35 100755 --- a/config/functions +++ b/config/functions @@ -837,34 +837,51 @@ nfs_statd_update () fi } -add_ip_to_iface() +######################################################## + +add_ip_to_iface () { _iface=$1 _ip=$2 _maskbits=$3 - _lockfile="${CTDB_VARDIR}/state/interface_modify_${_iface}.flock" - mkdir -p "${_lockfile%/*}" # dirname - [ -f "$_lockfile" ] || touch "$_lockfile" - - ( - # Note: use of return/exit/die() below only gets us out of the - # sub-shell, which is actually what we want. That is, the - # function should just return non-zero. + # Ensure interface is up + ip link set "$_iface" up || \ + die "Failed to bringup interface $_iface" - flock --timeout 30 0 || \ - die "add_ip_to_iface: unable to get lock for ${_iface}" + # Only need to define broadcast for IPv4 + case "$ip" in + *:*) _bcast="" ;; + *) _bcast="brd +" ;; + esac - # Ensure interface is up - ip link set "$_iface" up || \ - die "Failed to bringup interface $_iface" + ip addr add "$_ip/$_maskbits" $_bcast dev "$_iface" || { + echo "Failed to add $_ip/$_maskbits on dev $_iface" + return 1 + } - ip addr add "$_ip/$_maskbits" brd + dev "$_iface" || \ - die "Failed to add $_ip/$_maskbits on dev $_iface" - ) <"$_lockfile" + # Wait 5 seconds for IPv6 addresses to stop being tentative... + if [ -z "$_bcast" ] ; then + for _x in $(seq 1 10) ; do + ip addr show to "${_ip}/128" | grep -q "tentative" || break + sleep 0.5 + done - # Do nothing here - return above only gets us out of the subshell - # and doing anything here will affect the return code. + # If the address was a duplicate then it won't be on the + # interface so flag an error. + _t=$(ip addr show to "${_ip}/128") + case "$_t" in + "") + echo "Failed to add $_ip/$_maskbits on dev $_iface" + return 1 + ;; + *tentative*|*dadfailed*) + echo "Failed to add $_ip/$_maskbits on dev $_iface" + ip addr del "$_ip/$_maskbits" dev "$_iface" + return 1 + ;; + esac + fi } delete_ip_from_iface() @@ -873,56 +890,17 @@ delete_ip_from_iface() _ip=$2 _maskbits=$3 - _lockfile="${CTDB_VARDIR}/state/interface_modify_${_iface}.flock" - mkdir -p "${_lockfile%/*}" # dirname - [ -f "$_lockfile" ] || touch "$_lockfile" - - ( - # Note: use of return/exit/die() below only gets us out of the - # sub-shell, which is actually what we want. That is, the - # function should just return non-zero. - - flock --timeout 30 0 || \ - die "delete_ip_from_iface: unable to get lock for ${_iface}" - - _im="$_ip/$_maskbits" # shorthand for readability - - # "ip addr del" will delete all secondary IPs if this is the - # primary. To work around this _very_ annoying behaviour we - # have to keep a record of the secondaries and re-add them - # afterwards. Yuck! - - _secondaries="" - if ip addr list dev "$_iface" primary | grep -Fq "inet $_im " ; then - _secondaries=$(ip addr list dev "$_iface" secondary | \ - awk '$1 == "inet" { print $2 }') - fi - - local _rc=0 - ip addr del "$_im" dev "$_iface" || { - echo "Failed to del $_ip on dev $_iface" - _rc=1 - } + # This could be set globally for all interfaces but it is probably + # better to avoid surprises, so limit it the interfaces where CTDB + # has public IP addresses. There isn't anywhere else convenient + # to do this so just set it each time. This is much cheaper than + # remembering and re-adding secondaries. + set_proc "sys/net/ipv4/conf/${_iface}/promote_secondaries" 1 - if [ -n "$_secondaries" ] ; then - for _i in $_secondaries; do - if ip addr list dev "$_iface" | grep -Fq "inet $_i" ; then - echo "Kept secondary $_i on dev $_iface" - else - echo "Re-adding secondary address $_i to dev $_iface" - ip addr add $_i brd + dev $_iface || { - echo "Failed to re-add address $_i to dev $_iface" - _rc=1 - } - fi - done - fi - - return $_rc - ) <"$_lockfile" - - # Do nothing here - return above only gets us out of the subshell - # and doing anything here will affect the return code. + ip addr del "$_ip/$_maskbits" dev "$_iface" || { + echo "Failed to del $_ip on dev $_iface" + return 1 + } } # If the given IP is hosted then print 2 items: maskbits and iface @@ -930,8 +908,15 @@ ip_maskbits_iface () { _addr="$1" - ip addr show to "${_addr}/32" 2>/dev/null | \ - awk '$1 == "inet" { print gensub(".*/", "", 1, $2), $NF }' + case "$_addr" in + *:*) _family="inet6" ; _bits=128 ;; + *) _family="inet" ; _bits=32 ;; + esac + + ip addr show to "${_addr}/${_bits}" 2>/dev/null | \ + awk -v family="${_family}" \ + 'NR == 1 { iface = gensub(":$", "", 1, $2) } \ + $1 ~ /inet/ { print gensub(".*/", "", 1, $2), iface, family }' } drop_ip () @@ -954,6 +939,12 @@ drop_all_public_ips () done <"${CTDB_PUBLIC_ADDRESSES:-/dev/null}" -- CTDB repository