#!/bin/sh # # # OpenStack NovaAPI (nova-api) # # Description: Manages an OpenStack Nova API (nova-api) process as an HA # resource # # Authors: Sébastien Han # Mainly inspired by the Glance API resource agent written by Martin Gerhard # Loschwitz from Hastexo: http://goo.gl/whLpr # # Support: openstack@lists.openstack.org # License: Apache Software License (ASL) 2.0 # # # See usage() function below for more details ... # # OCF instance parameters: # OCF_RESKEY_binary # OCF_RESKEY_config # OCF_RESKEY_user # OCF_RESKEY_pid # OCF_RESKEY_os_username # OCF_RESKEY_os_password # OCF_RESKEY_os_tenant_name # OCF_RESKEY_keystone_get_token_url # OCF_RESKEY_additional_parameters ####################################################################### # Initialization: : ${OCF_FUNCTIONS_DIR=${OCF_ROOT}/lib/heartbeat} . ${OCF_FUNCTIONS_DIR}/ocf-shellfuncs ####################################################################### # Fill in some defaults if no values are specified OCF_RESKEY_binary_default="nova-api" OCF_RESKEY_config_default="/etc/nova/nova.conf" OCF_RESKEY_user_default="nova" OCF_RESKEY_pid_default="$HA_RSCTMP/$OCF_RESOURCE_INSTANCE.pid" OCF_RESKEY_url_default="http://127.0.0.1:8774/v2/" OCF_RESKEY_keystone_get_token_url_def="http://127.0.0.1:5000/v2.0/tokens" : ${OCF_RESKEY_binary=${OCF_RESKEY_binary_default}} : ${OCF_RESKEY_config=${OCF_RESKEY_config_default}} : ${OCF_RESKEY_user=${OCF_RESKEY_user_default}} : ${OCF_RESKEY_pid=${OCF_RESKEY_pid_default}} : ${OCF_RESKEY_url=${OCF_RESKEY_url_default}} : ${OCF_RESKEY_keystone_get_token_url=${OCF_RESKEY_keystone_get_token_url_def}} ####################################################################### usage() { cat < 1.0 Resource agent for the OpenStack Nova API Service (nova-api) May manage a nova-api instance or a clone set that creates a distributed nova-api cluster. Manages the OpenStack Nova API (nova-api) Location of the OpenStack Nova API server binary (nova-api) OpenStack Nova API server binary (nova-api) Location of the OpenStack Nova API (nova-api) configuration file OpenStack Nova API (nova-api registry) config file User running OpenStack Nova API (nova-api) OpenStack Nova API (nova-api) user The pid file to use for this OpenStack Nova API (nova-api) instance OpenStack Nova API (nova-api) pid file The default URL to use for monitoring this instance (nova-api) via curl. Important note: the monitor function doesn't accept http return code different than 200, for instance redirection code will generate an error. Don't forget the '/' at the end of your url endpoint. For example http://127.0.0.1:8774/v1.1 won't work and http://127.0.0.1:8774/v1.1/ will. OpenStack Nova API (nova-api) monitor url The default URL to use to acquire a Nova API (nova-api) token for monitoring this instance of OpenStack Nova API (nova-api) OpenStack Nova API (nova-api) url The username to use when connecting with Nova API (nova-api) for monitoring purposes Nova API (nova-api) monitoring login The password to use when connecting Nova API (nova-api) for monitoring purposes Nova API (nova-api) monitoring password The tenant to use when connecting Nova API (nova-api) for monitoring purposes Nova API (nova-api) monitoring tenant Additional parameters to pass on to the OpenStack NovaAPI (nova-api) Additional parameters for nova-api END } ####################################################################### # Functions invoked by resource manager actions nova_api_validate() { local rc check_binary $OCF_RESKEY_binary check_binary curl check_binary tr check_binary grep check_binary cut check_binary head # A config file on shared storage that is not available # during probes is OK. if [ ! -f $OCF_RESKEY_config ]; then if ! ocf_is_probe; then ocf_log err "Config $OCF_RESKEY_config doesn't exist" return $OCF_ERR_INSTALLED fi ocf_log_warn "Config $OCF_RESKEY_config not available during a probe" fi getent passwd $OCF_RESKEY_user >/dev/null 2>&1 rc=$? if [ $rc -ne 0 ]; then ocf_log err "User $OCF_RESKEY_user doesn't exist" return $OCF_ERR_INSTALLED fi true } nova_api_status() { local pid local rc if [ ! -f $OCF_RESKEY_pid ]; then ocf_log info "OpenStack Nova API (nova-api) is not running" return $OCF_NOT_RUNNING else pid=`cat $OCF_RESKEY_pid` fi ocf_run -warn kill -s 0 $pid rc=$? if [ $rc -eq 0 ]; then return $OCF_SUCCESS else ocf_log info "Old PID file found, but OpenStack Nova API (nova-api)" \ "is not running" return $OCF_NOT_RUNNING fi } nova_api_monitor() { local rc local token local http_code nova_api_status rc=$? # If status returned anything but success, return that immediately if [ $rc -ne $OCF_SUCCESS ]; then return $rc fi # Check detailed information about this specific version of the API. if [ -n "$OCF_RESKEY_os_username" ] && [ -n "$OCF_RESKEY_os_password" ] \ && [ -n "$OCF_RESKEY_os_tenant_name" ] \ && [ -n "$OCF_RESKEY_keystone_get_token_url" ]; then token=`curl -s -d "{\"auth\":{\"passwordCredentials\": \ {\"username\": \"$OCF_RESKEY_os_username\", \ \"password\": \"$OCF_RESKEY_os_password\"}, \ \"tenantName\": \"$OCF_RESKEY_os_tenant_name\"}}" \ -H "Content-type: application/json" \ $OCF_RESKEY_keystone_get_token_url | \ tr ',' '\n' | grep '"id":' \ | cut -d'"' -f4 | head --lines 1` http_code=`curl --write-out %{http_code} --output /dev/null \ -sH "X-Auth-Token: $token" $OCF_RESKEY_url` rc=$? if [ $rc -ne 0 ] || [ $http_code -ne 200 ]; then ocf_log err "Failed to connect to the OpenStack Nova API" \ "(nova-api): $rc and $http_code" return $OCF_NOT_RUNNING fi fi ocf_log debug "OpenStack Nova API (nova-api) monitor succeeded" return $OCF_SUCCESS } nova_api_start() { local rc nova_api_status rc=$? if [ $rc -eq $OCF_SUCCESS ]; then ocf_log info "OpenStack Nova API (nova-api) already running" return $OCF_SUCCESS fi # run the actual nova-api daemon. Don't use ocf_run as we're sending the # tool's output straight to /dev/null anyway and using ocf_run would break # stdout-redirection here. su ${OCF_RESKEY_user} -s /bin/sh -c "${OCF_RESKEY_binary} \ --config-file=$OCF_RESKEY_config \ $OCF_RESKEY_additional_parameters"' >> /dev/null 2>&1 & echo $!' \ > $OCF_RESKEY_pid # Spin waiting for the server to come up. # Let the CRM/LRM time us out if required while true; do nova_api_monitor rc=$? [ $rc -eq $OCF_SUCCESS ] && break if [ $rc -ne $OCF_NOT_RUNNING ]; then ocf_log err "OpenStack Nova API (nova-api) start failed" exit $OCF_ERR_GENERIC fi sleep 1 done ocf_log info "OpenStack Nova API (nova-api) started" return $OCF_SUCCESS } nova_api_stop() { local rc local pid nova_api_status rc=$? if [ $rc -eq $OCF_NOT_RUNNING ]; then ocf_log info "OpenStack Nova API (nova-api) already stopped" return $OCF_SUCCESS fi # Try SIGTERM pid=`cat $OCF_RESKEY_pid` ocf_run kill -s TERM $pid rc=$? if [ $rc -ne 0 ]; then ocf_log err "OpenStack Nova API (nova-api) couldn't be stopped" exit $OCF_ERR_GENERIC fi # stop waiting shutdown_timeout=15 if [ -n "$OCF_RESKEY_CRM_meta_timeout" ]; then shutdown_timeout=$((($OCF_RESKEY_CRM_meta_timeout/1000)-5)) fi count=0 while [ $count -lt $shutdown_timeout ]; do nova_api_status rc=$? if [ $rc -eq $OCF_NOT_RUNNING ]; then break fi count=`expr $count + 1` sleep 1 ocf_log debug "OpenStack Nova API (nova-api) still hasn't stopped" \ "yet. Waiting ..." done nova_api_status rc=$? if [ $rc -ne $OCF_NOT_RUNNING ]; then # SIGTERM didn't help either, try SIGKILL ocf_log info "OpenStack Nova API (nova-api) failed to stop after" \ "${shutdown_timeout}s using SIGTERM. Trying SIGKILL ..." ocf_run kill -s KILL $pid fi ocf_log info "OpenStack Nova API (nova-api) stopped" rm -f $OCF_RESKEY_pid return $OCF_SUCCESS } ####################################################################### case "$1" in meta-data) meta_data exit $OCF_SUCCESS ;; usage|help) usage exit $OCF_SUCCESS ;; esac # Anything except meta-data and help must pass validation nova_api_validate || exit $? # What kind of method was invoked? case "$1" in start) nova_api_start ;; stop) nova_api_stop ;; status) nova_api_status ;; monitor) nova_api_monitor ;; validate-all) ;; *) usage exit $OCF_ERR_UNIMPLEMENTED ;; esac