#!/bin/sh # # # OpenStack Cinder API (cinder-api) # # Description: Manages an OpenStack Cinder API (cinder-api) process as an HA # resource # # Authors: Emilien Macchi # Mainly inspired by the Nova API written by Sebastien Han # # Support: openstack@lists.openstack.org # License: Apache Software License (ASL) 2.0 # # # See usage() function below for more details ... # # OCF instance parameters: # OCF_RESKEY_binary # OCF_RESKEY_config # OCF_RESKEY_user # OCF_RESKEY_pid # OCF_RESKEY_os_username # OCF_RESKEY_os_password # OCF_RESKEY_os_tenant_name # OCF_RESKEY_keystone_get_token_url # OCF_RESKEY_additional_parameters ####################################################################### # Initialization: : ${OCF_FUNCTIONS_DIR=${OCF_ROOT}/lib/heartbeat} . ${OCF_FUNCTIONS_DIR}/ocf-shellfuncs ####################################################################### # Fill in some defaults if no values are specified OCF_RESKEY_binary_default="cinder-api" OCF_RESKEY_config_default="/etc/cinder/cinder.conf" OCF_RESKEY_user_default="cinder" OCF_RESKEY_pid_default="$HA_RSCTMP/$OCF_RESOURCE_INSTANCE.pid" OCF_RESKEY_url_default="http://127.0.0.1:8776/v1/" OCF_RESKEY_keystone_get_token_url_def="http://127.0.0.1:5000/v2.0/tokens" : ${OCF_RESKEY_binary=${OCF_RESKEY_binary_default}} : ${OCF_RESKEY_config=${OCF_RESKEY_config_default}} : ${OCF_RESKEY_user=${OCF_RESKEY_user_default}} : ${OCF_RESKEY_pid=${OCF_RESKEY_pid_default}} : ${OCF_RESKEY_url=${OCF_RESKEY_url_default}} : ${OCF_RESKEY_keystone_get_token_url=${OCF_RESKEY_keystone_get_token_url_def}} ####################################################################### usage() { cat < 1.0 Resource agent for the OpenStack Cinder API Service (cinder-api) May manage a cinder-api instance or a clone set that creates a distributed cinder-api cluster. Manages the OpenStack Cinder API (cinder-api) Location of the OpenStack Cinder API server binary (cinder-api) OpenStack Cinder API server binary (cinder-api) Location of the OpenStack Cinder API (cinder-api) configuration file OpenStack Cinder API (cinder-api registry) config file User running OpenStack Cinder API (cinder-api) OpenStack Cinder API (cinder-api) user The pid file to use for this OpenStack Cinder API (cinder-api) instance OpenStack Cinder API (cinder-api) pid file The default URL to use for monitoring this instance (cinder-api) via curl. Important note: the monitor function doesn't accept http return code different than 200, for instance redirection code will generate an error. Don't forget the '/' at the end of your url endpoint. For example http://127.0.0.1:8776/v1 won't work and http://127.0.0.1:8776/v1/ will. OpenStack Cinder API (cinder-api) monitor url The default URL to use to acquire a Cinder API (cinder-api) token for monitoring this instance of OpenStack Cinder API (cinder-api) OpenStack Cinder API (cinder-api) url The username to use when connecting with Cinder API (cinder-api) for monitoring purposes Cinder API (cinder-api) monitoring login The password to use when connecting Cinder API (cinder-api) for monitoring purposes Cinder API (cinder-api) monitoring password The tenant to use when connecting Cinder API (cinder-api) for monitoring purposes Cinder API (cinder-api) monitoring tenant Additional parameters to pass on to the OpenStack Cinder API (cinder-api) Additional parameters for cinder-api END } ####################################################################### # Functions invoked by resource manager actions cinder_api_validate() { local rc check_binary $OCF_RESKEY_binary check_binary curl check_binary tr check_binary grep check_binary cut check_binary head # A config file on shared storage that is not available # during probes is OK. if [ ! -f $OCF_RESKEY_config ]; then if ! ocf_is_probe; then ocf_log err "Config $OCF_RESKEY_config doesn't exist" return $OCF_ERR_INSTALLED fi ocf_log_warn "Config $OCF_RESKEY_config not available during a probe" fi getent passwd $OCF_RESKEY_user >/dev/null 2>&1 rc=$? if [ $rc -ne 0 ]; then ocf_log err "User $OCF_RESKEY_user doesn't exist" return $OCF_ERR_INSTALLED fi true } cinder_api_status() { local pid local rc if [ ! -f $OCF_RESKEY_pid ]; then ocf_log info "OpenStack Cinder API (cinder-api) is not running" return $OCF_NOT_RUNNING else pid=`cat $OCF_RESKEY_pid` fi ocf_run -warn kill -s 0 $pid rc=$? if [ $rc -eq 0 ]; then return $OCF_SUCCESS else ocf_log info "Old PID file found, but OpenStack Cinder API" \ "(cinder-api) is not running" return $OCF_NOT_RUNNING fi } cinder_api_monitor() { local rc local token local http_code cinder_api_status rc=$? # If status returned anything but success, return that immediately if [ $rc -ne $OCF_SUCCESS ]; then return $rc fi # Check detailed information about this specific version of the API. if [ -n "$OCF_RESKEY_os_username" ] && [ -n "$OCF_RESKEY_os_password" ] \ && [ -n "$OCF_RESKEY_os_tenant_name" ] \ && [ -n "$OCF_RESKEY_keystone_get_token_url" ]; then token=`curl -s -d "{\"auth\":{\"passwordCredentials\": \ {\"username\": \"$OCF_RESKEY_os_username\", \ \"password\": \"$OCF_RESKEY_os_password\"}, \ \"tenantName\": \"$OCF_RESKEY_os_tenant_name\"}}" \ -H "Content-type: application/json" \ $OCF_RESKEY_keystone_get_token_url | \ tr ',' '\n' | grep '"id":' | cut -d'"' -f4 | head --lines 1` http_code=`curl --write-out %{http_code} --output /dev/null \ -sH "X-Auth-Token: $token" $OCF_RESKEY_url` rc=$? if [ $rc -ne 0 ] || [ $http_code -ne 200 ]; then ocf_log err "Failed to connect to the OpenStack Cinder API" \ "(cinder-api): $rc and $http_code" return $OCF_NOT_RUNNING fi fi ocf_log debug "OpenStack Cinder API (cinder-api) monitor succeeded" return $OCF_SUCCESS } cinder_api_start() { local rc cinder_api_status rc=$? if [ $rc -eq $OCF_SUCCESS ]; then ocf_log info "OpenStack Cinder API (cinder-api) already running" return $OCF_SUCCESS fi # run the actual cinder-api daemon. Don't use ocf_run as we're sending the # tool's output straight to /dev/null anyway and using ocf_run would break # stdout-redirection here. su ${OCF_RESKEY_user} -s /bin/sh -c "${OCF_RESKEY_binary} \ --config-file=$OCF_RESKEY_config \ $OCF_RESKEY_additional_parameters"' >> /dev/null 2>&1 & echo $!' \ > $OCF_RESKEY_pid # Spin waiting for the server to come up. # Let the CRM/LRM time us out if required while true; do cinder_api_monitor rc=$? [ $rc -eq $OCF_SUCCESS ] && break if [ $rc -ne $OCF_NOT_RUNNING ]; then ocf_log err "OpenStack Cinder API (cinder-api) start failed" exit $OCF_ERR_GENERIC fi sleep 1 done ocf_log info "OpenStack Cinder API (cinder-api) started" return $OCF_SUCCESS } cinder_api_stop() { local rc local pid cinder_api_status rc=$? if [ $rc -eq $OCF_NOT_RUNNING ]; then ocf_log info "OpenStack Cinder API (cinder-api) already stopped" return $OCF_SUCCESS fi # Try SIGTERM pid=`cat $OCF_RESKEY_pid` ocf_run kill -s TERM $pid rc=$? if [ $rc -ne 0 ]; then ocf_log err "OpenStack Cinder API (cinder-api) couldn't be stopped" exit $OCF_ERR_GENERIC fi # stop waiting shutdown_timeout=15 if [ -n "$OCF_RESKEY_CRM_meta_timeout" ]; then shutdown_timeout=$((($OCF_RESKEY_CRM_meta_timeout/1000)-5)) fi count=0 while [ $count -lt $shutdown_timeout ]; do cinder_api_status rc=$? if [ $rc -eq $OCF_NOT_RUNNING ]; then break fi count=`expr $count + 1` sleep 1 ocf_log debug "OpenStack Cinder API (cinder-api) still hasn't" \ "stopped yet. Waiting ..." done cinder_api_status rc=$? if [ $rc -ne $OCF_NOT_RUNNING ]; then # SIGTERM didn't help either, try SIGKILL ocf_log info "OpenStack Cinder API (cinder-api) failed to stop after" \ "${shutdown_timeout}s using SIGTERM. Trying SIGKILL ..." ocf_run kill -s KILL $pid fi ocf_log info "OpenStack Cinder API (cinder-api) stopped" rm -f $OCF_RESKEY_pid return $OCF_SUCCESS } ####################################################################### case "$1" in meta-data) meta_data exit $OCF_SUCCESS ;; usage|help) usage exit $OCF_SUCCESS ;; esac # Anything except meta-data and help must pass validation cinder_api_validate || exit $? # What kind of method was invoked? case "$1" in start) cinder_api_start ;; stop) cinder_api_stop ;; status) cinder_api_status ;; monitor) cinder_api_monitor ;; validate-all) ;; *) usage exit $OCF_ERR_UNIMPLEMENTED ;; esac