This source file includes following definitions.
- add_env_params
- add_stonith_device
- add_tolerance
- add_stonith_params
- set_tag
- build_arg_context
- request_fencing
- main
1
2
3
4
5
6
7
8
9
10 #include <crm_internal.h>
11
12 #include <sys/param.h>
13 #include <stdio.h>
14 #include <sys/types.h>
15 #include <sys/stat.h>
16 #include <unistd.h>
17 #include <sys/utsname.h>
18
19 #include <errno.h>
20 #include <fcntl.h>
21 #include <stdbool.h>
22 #include <stdlib.h>
23 #include <string.h>
24
25 #include <crm/crm.h>
26 #include <crm/common/ipc.h>
27 #include <crm/cluster/internal.h>
28 #include <crm/common/cmdline_internal.h>
29 #include <crm/common/output_internal.h>
30
31 #include <crm/stonith-ng.h>
32 #include <crm/fencing/internal.h>
33 #include <crm/cib.h>
34 #include <crm/pengine/status.h>
35
36 #include <crm/common/xml.h>
37 #include <pacemaker-internal.h>
38
39 #define SUMMARY "stonith_admin - Access the Pacemaker fencing API"
40
41 char action = 0;
42
43 struct {
44 gboolean as_nodeid;
45 gboolean broadcast;
46 gboolean cleanup;
47 gboolean installed;
48 gboolean metadata;
49 gboolean registered;
50 gboolean validate_cfg;
51 stonith_key_value_t *devices;
52 stonith_key_value_t *params;
53 int fence_level;
54 int timeout ;
55 long long tolerance_ms;
56 int delay;
57 char *agent;
58 char *confirm_host;
59 char *fence_host;
60 char *history;
61 char *last_fenced;
62 char *query;
63 char *reboot_host;
64 char *register_dev;
65 char *register_level;
66 char *targets;
67 char *terminate;
68 char *unfence_host;
69 char *unregister_dev;
70 char *unregister_level;
71 } options = {
72 .timeout = 120,
73 .delay = 0
74 };
75
76 gboolean add_env_params(const gchar *option_name, const gchar *optarg, gpointer data, GError **error);
77 gboolean add_stonith_device(const gchar *option_name, const gchar *optarg, gpointer data, GError **error);
78 gboolean add_stonith_params(const gchar *option_name, const gchar *optarg, gpointer data, GError **error);
79 gboolean add_tolerance(const gchar *option_name, const gchar *optarg, gpointer data, GError **error);
80 gboolean set_tag(const gchar *option_name, const gchar *optarg, gpointer data, GError **error);
81
82 #define INDENT " "
83
84
85 static GOptionEntry defn_entries[] = {
86 { "register", 'R', 0, G_OPTION_ARG_STRING, &options.register_dev,
87 "Register the named stonith device. Requires: --agent.\n"
88 INDENT "Optional: --option, --env-option.",
89 "DEVICE" },
90 { "deregister", 'D', 0, G_OPTION_ARG_STRING, &options.unregister_dev,
91 "De-register the named stonith device.",
92 "DEVICE" },
93 { "register-level", 'r', 0, G_OPTION_ARG_STRING, &options.register_level,
94 "Register a stonith level for the named target,\n"
95 INDENT "specified as one of NAME, @PATTERN, or ATTR=VALUE.\n"
96 INDENT "Requires: --index and one or more --device entries.",
97 "TARGET" },
98 { "deregister-level", 'd', 0, G_OPTION_ARG_STRING, &options.unregister_level,
99 "Unregister a stonith level for the named target,\n"
100 INDENT "specified as for --register-level. Requires: --index",
101 "TARGET" },
102
103 { NULL }
104 };
105
106 static GOptionEntry query_entries[] = {
107 { "list", 'l', 0, G_OPTION_ARG_STRING, &options.terminate,
108 "List devices that can terminate the specified host.\n"
109 INDENT "Optional: --timeout",
110 "HOST" },
111 { "list-registered", 'L', 0, G_OPTION_ARG_NONE, &options.registered,
112 "List all registered devices. Optional: --timeout.",
113 NULL },
114 { "list-installed", 'I', 0, G_OPTION_ARG_NONE, &options.installed,
115 "List all installed devices. Optional: --timeout.",
116 NULL },
117 { "list-targets", 's', 0, G_OPTION_ARG_STRING, &options.targets,
118 "List the targets that can be fenced by the\n"
119 INDENT "named device. Optional: --timeout.",
120 "DEVICE" },
121 { "metadata", 'M', 0, G_OPTION_ARG_NONE, &options.metadata,
122 "Show agent metadata. Requires: --agent.\n"
123 INDENT "Optional: --timeout.",
124 NULL },
125 { "query", 'Q', 0, G_OPTION_ARG_STRING, &options.query,
126 "Check the named device's status. Optional: --timeout.",
127 "DEVICE" },
128 { "history", 'H', 0, G_OPTION_ARG_STRING, &options.history,
129 "Show last successful fencing operation for named node\n"
130 INDENT "(or '*' for all nodes). Optional: --timeout, --cleanup,\n"
131 INDENT "--quiet (show only the operation's epoch timestamp),\n"
132 INDENT "--verbose (show all recorded and pending operations),\n"
133 INDENT "--broadcast (update history from all nodes available).",
134 "NODE" },
135 { "last", 'h', 0, G_OPTION_ARG_STRING, &options.last_fenced,
136 "Indicate when the named node was last fenced.\n"
137 INDENT "Optional: --as-node-id.",
138 "NODE" },
139 { "validate", 'K', 0, G_OPTION_ARG_NONE, &options.validate_cfg,
140 "Validate a fence device configuration.\n"
141 INDENT "Requires: --agent. Optional: --option, --env-option,\n"
142 INDENT "--quiet (print no output, only return status).",
143 NULL },
144
145 { NULL }
146 };
147
148 static GOptionEntry fence_entries[] = {
149 { "fence", 'F', 0, G_OPTION_ARG_STRING, &options.fence_host,
150 "Fence named host. Optional: --timeout, --tolerance, --delay.",
151 "HOST" },
152 { "unfence", 'U', 0, G_OPTION_ARG_STRING, &options.unfence_host,
153 "Unfence named host. Optional: --timeout, --tolerance, --delay.",
154 "HOST" },
155 { "reboot", 'B', 0, G_OPTION_ARG_STRING, &options.reboot_host,
156 "Reboot named host. Optional: --timeout, --tolerance, --delay.",
157 "HOST" },
158 { "confirm", 'C', 0, G_OPTION_ARG_STRING, &options.confirm_host,
159 "Tell cluster that named host is now safely down.",
160 "HOST", },
161
162 { NULL }
163 };
164
165 static GOptionEntry addl_entries[] = {
166 { "cleanup", 'c', 0, G_OPTION_ARG_NONE, &options.cleanup,
167 "Cleanup wherever appropriate. Requires --history.",
168 NULL },
169 { "broadcast", 'b', 0, G_OPTION_ARG_NONE, &options.broadcast,
170 "Broadcast wherever appropriate.",
171 NULL },
172 { "agent", 'a', 0, G_OPTION_ARG_STRING, &options.agent,
173 "The agent to use (for example, fence_xvm;\n"
174 INDENT "with --register, --metadata, --validate).",
175 "AGENT" },
176 { "option", 'o', 0, G_OPTION_ARG_CALLBACK, add_stonith_params,
177 "Specify a device configuration parameter as NAME=VALUE\n"
178 INDENT "(may be specified multiple times; with --register,\n"
179 INDENT "--validate).",
180 "PARAM" },
181 { "env-option", 'e', 0, G_OPTION_ARG_CALLBACK, add_env_params,
182 "Specify a device configuration parameter with the\n"
183 INDENT "specified name, using the value of the\n"
184 INDENT "environment variable of the same name prefixed with\n"
185 INDENT "OCF_RESKEY_ (may be specified multiple times;\n"
186 INDENT "with --register, --validate).",
187 "PARAM" },
188 { "tag", 'T', 0, G_OPTION_ARG_CALLBACK, set_tag,
189 "Identify fencing operations in logs with the specified\n"
190 INDENT "tag; useful when multiple entities might invoke\n"
191 INDENT "stonith_admin (used with most commands).",
192 "TAG" },
193 { "device", 'v', 0, G_OPTION_ARG_CALLBACK, add_stonith_device,
194 "Device ID (with --register-level, device to associate with\n"
195 INDENT "a given host and level; may be specified multiple times)"
196 #if SUPPORT_CIBSECRETS
197 "\n" INDENT "(with --validate, name to use to load CIB secrets)"
198 #endif
199 ".",
200 "DEVICE" },
201 { "index", 'i', 0, G_OPTION_ARG_INT, &options.fence_level,
202 "The stonith level (1-9) (with --register-level,\n"
203 INDENT "--deregister-level).",
204 "LEVEL" },
205 { "timeout", 't', 0, G_OPTION_ARG_INT, &options.timeout,
206 "Operation timeout in seconds (default 120;\n"
207 INDENT "used with most commands).",
208 "SECONDS" },
209 { "delay", 'y', 0, G_OPTION_ARG_INT, &options.delay,
210 "Apply a fencing delay in seconds. Any static/random delays from\n"
211 INDENT "pcmk_delay_base/max will be added, otherwise all\n"
212 INDENT "disabled with the value -1\n"
213 INDENT "(default 0; with --fence, --reboot, --unfence).",
214 "SECONDS" },
215 { "as-node-id", 'n', 0, G_OPTION_ARG_NONE, &options.as_nodeid,
216 "(Advanced) The supplied node is the corosync node ID\n"
217 INDENT "(with --last).",
218 NULL },
219 { "tolerance", 0, 0, G_OPTION_ARG_CALLBACK, add_tolerance,
220 "(Advanced) Do nothing if an equivalent --fence request\n"
221 INDENT "succeeded less than this many seconds earlier\n"
222 INDENT "(with --fence, --unfence, --reboot).",
223 "SECONDS" },
224
225 { NULL }
226 };
227
228
229 static pcmk__supported_format_t formats[] = {
230 PCMK__SUPPORTED_FORMAT_HTML,
231 PCMK__SUPPORTED_FORMAT_NONE,
232 PCMK__SUPPORTED_FORMAT_TEXT,
233 PCMK__SUPPORTED_FORMAT_XML,
234 { NULL, NULL, NULL }
235 };
236
237 static const int st_opts = st_opt_sync_call|st_opt_allow_self_fencing;
238
239 static char *name = NULL;
240
241 gboolean
242 add_env_params(const gchar *option_name, const gchar *optarg, gpointer data, GError **error) {
243 char *key = crm_strdup_printf("OCF_RESKEY_%s", optarg);
244 const char *env = getenv(key);
245 gboolean retval = TRUE;
246
247 if (env == NULL) {
248 g_set_error(error, PCMK__EXITC_ERROR, CRM_EX_INVALID_PARAM, "Invalid option: -e %s", optarg);
249 retval = FALSE;
250 } else {
251 crm_info("Got: '%s'='%s'", optarg, env);
252 options.params = stonith_key_value_add(options.params, optarg, env);
253 }
254
255 free(key);
256 return retval;
257 }
258
259 gboolean
260 add_stonith_device(const gchar *option_name, const gchar *optarg, gpointer data, GError **error) {
261 options.devices = stonith_key_value_add(options.devices, NULL, optarg);
262 return TRUE;
263 }
264
265 gboolean
266 add_tolerance(const gchar *option_name, const gchar *optarg, gpointer data, GError **error) {
267
268 options.tolerance_ms = crm_get_msec(optarg);
269
270 if (options.tolerance_ms < 0) {
271 crm_warn("Ignoring invalid tolerance '%s'", optarg);
272 options.tolerance_ms = 0;
273 } else {
274 options.tolerance_ms = QB_MIN(options.tolerance_ms, UINT_MAX);
275 }
276 return TRUE;
277 }
278
279 gboolean
280 add_stonith_params(const gchar *option_name, const gchar *optarg, gpointer data, GError **error) {
281 char *name = NULL;
282 char *value = NULL;
283 int rc = 0;
284 gboolean retval = TRUE;
285
286 crm_info("Scanning: -o %s", optarg);
287
288 rc = pcmk__scan_nvpair(optarg, &name, &value);
289
290 if (rc != 2) {
291 rc = pcmk_legacy2rc(rc);
292 g_set_error(error, PCMK__RC_ERROR, rc, "Invalid option: -o %s: %s", optarg, pcmk_rc_str(rc));
293 retval = FALSE;
294 } else {
295 crm_info("Got: '%s'='%s'", name, value);
296 options.params = stonith_key_value_add(options.params, name, value);
297 }
298
299 free(name);
300 free(value);
301 return retval;
302 }
303
304 gboolean
305 set_tag(const gchar *option_name, const gchar *optarg, gpointer data, GError **error) {
306 free(name);
307 name = crm_strdup_printf("%s.%s", crm_system_name, optarg);
308 return TRUE;
309 }
310
311 static GOptionContext *
312 build_arg_context(pcmk__common_args_t *args, GOptionGroup **group) {
313 GOptionContext *context = NULL;
314
315 GOptionEntry extra_prog_entries[] = {
316 { "quiet", 'q', 0, G_OPTION_ARG_NONE, &(args->quiet),
317 "Be less descriptive in output.",
318 NULL },
319
320 { NULL }
321 };
322
323 context = pcmk__build_arg_context(args, "text (default), html, xml", group, NULL);
324
325
326
327
328 pcmk__add_main_args(context, extra_prog_entries);
329
330 pcmk__add_arg_group(context, "definition", "Device Definition Commands:",
331 "Show device definition help", defn_entries);
332 pcmk__add_arg_group(context, "queries", "Queries:",
333 "Show query help", query_entries);
334 pcmk__add_arg_group(context, "fence", "Fencing Commands:",
335 "Show fence help", fence_entries);
336 pcmk__add_arg_group(context, "additional", "Additional Options:",
337 "Show additional options", addl_entries);
338 return context;
339 }
340
341
342 static int
343 request_fencing(stonith_t *st, const char *target, const char *command,
344 GError **error)
345 {
346 char *reason = NULL;
347 int rc = pcmk__request_fencing(st, target, command, name,
348 options.timeout * 1000,
349 options.tolerance_ms, options.delay,
350 &reason);
351
352 if (rc != pcmk_rc_ok) {
353 const char *rc_str = pcmk_rc_str(rc);
354 const char *what = "fence";
355
356 if (strcmp(command, PCMK_ACTION_ON) == 0) {
357 what = "unfence";
358 }
359
360
361 if (pcmk__str_eq(rc_str, reason, pcmk__str_none)) {
362 free(reason);
363 reason = NULL;
364 }
365
366 g_set_error(error, PCMK__RC_ERROR, rc,
367 "Couldn't %s %s: %s%s%s%s",
368 what, target, rc_str,
369 ((reason == NULL)? "" : " ("),
370 ((reason == NULL)? "" : reason),
371 ((reason == NULL)? "" : ")"));
372 }
373 free(reason);
374 return rc;
375 }
376
377 int
378 main(int argc, char **argv)
379 {
380 int rc = 0;
381 crm_exit_t exit_code = CRM_EX_OK;
382 bool no_connect = false;
383 bool required_agent = false;
384
385 char *target = NULL;
386 const char *device = NULL;
387 stonith_t *st = NULL;
388
389 GError *error = NULL;
390
391 pcmk__output_t *out = NULL;
392
393 GOptionGroup *output_group = NULL;
394 pcmk__common_args_t *args = pcmk__new_common_args(SUMMARY);
395 gchar **processed_args = pcmk__cmdline_preproc(argv, "adehilorstvyBCDFHQRTU");
396 GOptionContext *context = build_arg_context(args, &output_group);
397
398 pcmk__register_formats(output_group, formats);
399 if (!g_option_context_parse_strv(context, &processed_args, &error)) {
400 exit_code = CRM_EX_USAGE;
401 goto done;
402 }
403
404 pcmk__cli_init_logging("stonith_admin", args->verbosity);
405
406 if (name == NULL) {
407 name = strdup(crm_system_name);
408 }
409
410 rc = pcmk__output_new(&out, args->output_ty, args->output_dest, argv);
411 if (rc != pcmk_rc_ok) {
412 exit_code = CRM_EX_ERROR;
413 g_set_error(&error, PCMK__EXITC_ERROR, exit_code, "Error creating output format %s: %s",
414 args->output_ty, pcmk_rc_str(rc));
415 goto done;
416 }
417
418 pcmk__output_enable_list_element(out);
419
420 stonith__register_messages(out);
421
422 if (args->version) {
423 out->version(out, false);
424 goto done;
425 }
426
427 if (options.validate_cfg) {
428 required_agent = true;
429 no_connect = true;
430 action = 'K';
431 }
432
433 if (options.installed) {
434 no_connect = true;
435 action = 'I';
436 }
437
438 if (options.registered) {
439 action = 'L';
440 }
441
442 if (options.register_dev != NULL) {
443 required_agent = true;
444 action = 'R';
445 device = options.register_dev;
446 }
447
448 if (options.query != NULL) {
449 action = 'Q';
450 device = options.query;
451 }
452
453 if (options.unregister_dev != NULL) {
454 action = 'D';
455 device = options.unregister_dev;
456 }
457
458 if (options.targets != NULL) {
459 action = 's';
460 device = options.targets;
461 }
462
463 if (options.terminate != NULL) {
464 action = 'L';
465 target = options.terminate;
466 }
467
468 if (options.metadata) {
469 no_connect = true;
470 required_agent = true;
471 action = 'M';
472 }
473
474 if (options.reboot_host != NULL) {
475 no_connect = true;
476 action = 'B';
477 target = options.reboot_host;
478 crm_log_args(argc, argv);
479 }
480
481 if (options.fence_host != NULL) {
482 no_connect = true;
483 action = 'F';
484 target = options.fence_host;
485 crm_log_args(argc, argv);
486 }
487
488 if (options.unfence_host != NULL) {
489 no_connect = true;
490 action = 'U';
491 target = options.unfence_host;
492 crm_log_args(argc, argv);
493 }
494
495 if (options.confirm_host != NULL) {
496 action = 'C';
497 target = options.confirm_host;
498 crm_log_args(argc, argv);
499 }
500
501 if (options.last_fenced != NULL) {
502 action = 'h';
503 target = options.last_fenced;
504 }
505
506 if (options.history != NULL) {
507 action = 'H';
508 target = options.history;
509 }
510
511 if (options.register_level != NULL) {
512 action = 'r';
513 target = options.register_level;
514 }
515
516 if (options.unregister_level != NULL) {
517 action = 'd';
518 target = options.unregister_level;
519 }
520
521 if (action == 0) {
522 char *help = g_option_context_get_help(context, TRUE, NULL);
523
524 out->err(out, "%s", help);
525 g_free(help);
526 exit_code = CRM_EX_USAGE;
527 goto done;
528 }
529
530 if (required_agent && options.agent == NULL) {
531 char *help = g_option_context_get_help(context, TRUE, NULL);
532
533 out->err(out, "Please specify an agent to query using -a,--agent [value]");
534 out->err(out, "%s", help);
535 g_free(help);
536 exit_code = CRM_EX_USAGE;
537 goto done;
538 }
539
540 out->quiet = args->quiet;
541
542 st = stonith_api_new();
543 if (st == NULL) {
544 rc = -ENOMEM;
545 } else if (!no_connect) {
546 rc = st->cmds->connect(st, name, NULL);
547 }
548 if (rc < 0) {
549 out->err(out, "Could not connect to fencer: %s", pcmk_strerror(rc));
550 exit_code = CRM_EX_DISCONNECT;
551 goto done;
552 }
553
554 switch (action) {
555 case 'I':
556 rc = pcmk__fence_installed(out, st, options.timeout*1000);
557 if (rc != pcmk_rc_ok) {
558 out->err(out, "Failed to list installed devices: %s", pcmk_rc_str(rc));
559 }
560
561 break;
562
563 case 'L':
564 rc = pcmk__fence_registered(out, st, target, options.timeout*1000);
565 if (rc != pcmk_rc_ok) {
566 out->err(out, "Failed to list registered devices: %s", pcmk_rc_str(rc));
567 }
568
569 break;
570
571 case 'Q':
572 rc = st->cmds->monitor(st, st_opts, device, options.timeout);
573 if (rc != pcmk_rc_ok) {
574 rc = st->cmds->list(st, st_opts, device, NULL, options.timeout);
575 }
576 rc = pcmk_legacy2rc(rc);
577 break;
578
579 case 's':
580 rc = pcmk__fence_list_targets(out, st, device, options.timeout*1000);
581 if (rc != pcmk_rc_ok) {
582 out->err(out, "Couldn't list targets: %s", pcmk_rc_str(rc));
583 }
584
585 break;
586
587 case 'R':
588 rc = st->cmds->register_device(st, st_opts, device, NULL, options.agent,
589 options.params);
590 rc = pcmk_legacy2rc(rc);
591 if (rc != pcmk_rc_ok) {
592 out->err(out, "Can't register device %s using agent %s: %s",
593 device, options.agent, pcmk_rc_str(rc));
594 }
595 break;
596
597 case 'D':
598 rc = st->cmds->remove_device(st, st_opts, device);
599 rc = pcmk_legacy2rc(rc);
600 if (rc != pcmk_rc_ok) {
601 out->err(out, "Can't unregister device %s: %s",
602 device, pcmk_rc_str(rc));
603 }
604 break;
605
606 case 'd':
607 rc = pcmk__fence_unregister_level(st, target, options.fence_level);
608 if (rc != pcmk_rc_ok) {
609 out->err(out, "Can't unregister topology level %d for %s: %s",
610 options.fence_level, target, pcmk_rc_str(rc));
611 }
612 break;
613
614 case 'r':
615 rc = pcmk__fence_register_level(st, target, options.fence_level, options.devices);
616 if (rc != pcmk_rc_ok) {
617 out->err(out, "Can't register topology level %d for %s: %s",
618 options.fence_level, target, pcmk_rc_str(rc));
619 }
620 break;
621
622 case 'M':
623 rc = pcmk__fence_metadata(out, st, options.agent, options.timeout*1000);
624 if (rc != pcmk_rc_ok) {
625 out->err(out, "Can't get fence agent meta-data: %s",
626 pcmk_rc_str(rc));
627 }
628
629 break;
630
631 case 'C':
632 rc = st->cmds->confirm(st, st_opts, target);
633 rc = pcmk_legacy2rc(rc);
634 break;
635
636 case 'B':
637 rc = request_fencing(st, target, PCMK_ACTION_REBOOT, &error);
638 break;
639
640 case 'F':
641 rc = request_fencing(st, target, PCMK_ACTION_OFF, &error);
642 break;
643
644 case 'U':
645 rc = request_fencing(st, target, PCMK_ACTION_ON, &error);
646 break;
647
648 case 'h':
649 rc = pcmk__fence_last(out, target, options.as_nodeid);
650 break;
651
652 case 'H':
653 rc = pcmk__fence_history(out, st, target, options.timeout*1000, args->verbosity,
654 options.broadcast, options.cleanup);
655 break;
656
657 case 'K':
658 device = options.devices ? options.devices->key : NULL;
659 rc = pcmk__fence_validate(out, st, options.agent, device, options.params,
660 options.timeout*1000);
661 break;
662 }
663
664 crm_info("Command returned: %s (%d)", pcmk_rc_str(rc), rc);
665 exit_code = pcmk_rc2exitc(rc);
666
667 done:
668 g_strfreev(processed_args);
669 pcmk__free_arg_context(context);
670
671 pcmk__output_and_clear_error(&error, out);
672
673 if (out != NULL) {
674 out->finish(out, exit_code, true, NULL);
675 pcmk__output_free(out);
676 }
677 pcmk__unregister_formats();
678 free(name);
679 stonith_key_value_freeall(options.params, 1, 1);
680
681 if (st != NULL) {
682 st->cmds->disconnect(st);
683 stonith_api_delete(st);
684 }
685
686 return exit_code;
687 }