#
368759 |
|
18-Dec-2020 |
eugen |
MFC r368148: fix hastd(8)
hastd(8) assumes it has no extra file descriptors opened and aborts otherwise, so call closefrom() early.
PR: 227461
|
#
330449 |
|
05-Mar-2018 |
eadler |
MFC r326276:
various: general adoption of SPDX licensing ID tags.
Mainly focus on files that use BSD 2-Clause license, however the tool I was using misidentified many licenses so this was mostly a manual - error prone - task.
The Software Package Data Exchange (SPDX) group provides a specification to make it easier for automated tools to detect and summarize well known opensource licenses. We are gradually adopting the specification, noting that the tags are considered only advisory and do not, in any way, superceed or replace the license texts.
No functional change intended.
|
#
302408 |
|
07-Jul-2016 |
gjb |
Copy head@r302406 to stable/11 as part of the 11.0-RELEASE cycle. Prune svn:mergeinfo from the new branch, as nothing has been merged here.
Additional commits post-branch will follow.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation |
#
298393 |
|
21-Apr-2016 |
araujo |
Use MAX() from sys/param.h.
MFC after: 2 weeks.
|
#
259196 |
|
10-Dec-2013 |
trociny |
Check remote protocol version only for the first connection (when it is actually sent by the remote node).
Otherwise it generated confusing "Negotiated protocol version 1" debug messages when processing the second connection.
MFC after: 2 weeks
|
#
246922 |
|
17-Feb-2013 |
pjd |
- Add support for 'memsync' mode. This is the fastest replication mode that's why it will now be the default. - Bump protocol version to 2 and add backward compatibility for version 1. - Allow to specify hosts by kern.hostid as well (in addition to hostname and kern.hostuuid) in configuration file.
Sponsored by: Panzura Tested by: trociny
|
#
233679 |
|
29-Mar-2012 |
trociny |
If hastd is invoked with "-P pidfile" option always create pidfile regardless of whether -F (foreground) option is set or not.
Also, if -P option is specified, ignore pidfile setting from configuration not only on start but on reload too. This fixes the issue when for hastd run with -P option reload caused the pidfile change.
Reviewed by: pjd MFC after: 1 week
|
#
230457 |
|
22-Jan-2012 |
pjd |
Free memory that won't be used in child.
MFC after: 1 week
|
#
229946 |
|
10-Jan-2012 |
pjd |
- Fix a bug where pidfile was removed in SIGHUP when it hasn't changed in configuration file. - Log the fact that pidfile has changed.
MFC after: 3 days
|
#
229945 |
|
10-Jan-2012 |
pjd |
For functions that return -1 on failure check exactly for -1 and not for any negative number.
MFC after: 3 days
|
#
229944 |
|
10-Jan-2012 |
pjd |
Don't touch pidfiles when running in foreground. Before that change we would create an empty pidfile on start and check if it changed on SIGHUP.
MFC after: 3 days
|
#
229778 |
|
07-Jan-2012 |
uqs |
Spelling fixes for sbin/
|
#
226463 |
|
17-Oct-2011 |
pjd |
Allow to specify pidfile in HAST configuration file.
MFC after: 1 week
|
#
226461 |
|
17-Oct-2011 |
pjd |
When path to the configuration file is relative, obtain full path, so we can always find the file, even after daemonizing and changing working directory to /.
MFC after: 1 week
|
#
225830 |
|
28-Sep-2011 |
pjd |
After every activemap change flush disk's write cache, so that write reordering won't make the actual write to be committed before marking the coresponding extent as dirty.
It can be disabled in configuration file.
If BIO_FLUSH is not supported by the underlying file system we log a warning and never send BIO_FLUSH again to that GEOM provider.
MFC after: 3 days
|
#
222108 |
|
19-May-2011 |
pjd |
In preparation for IPv6 support allow to specify multiple addresses to listen on.
MFC after: 3 weeks
|
#
221076 |
|
26-Apr-2011 |
trociny |
Rename HASTCTL_ defines, which are used for conversion between main hastd process and workers, remove unused one and set different range of numbers. This is done in order not to confuse them with HASTCTL_CMD defines, used for conversation between hastctl and hastd, and to avoid bugs like the one fixed in in r221075.
Approved by: pjd (mentor) MFC after: 1 week
|
#
220899 |
|
20-Apr-2011 |
pjd |
Correct comment.
MFC after: 1 week
|
#
220898 |
|
20-Apr-2011 |
pjd |
When we become primary, we connect to the remote and expect it to be in secondary role. It is possible that the remote node is primary, but only because there was a role change and it didn't finish cleaning up (unmounting file systems, etc.). If we detect such situation, wait for the remote node to switch the role to secondary before accepting I/Os. If we don't wait for it in that case, we will most likely cause split-brain.
MFC after: 1 week
|
#
220890 |
|
20-Apr-2011 |
pjd |
If we act in different role than requested by the remote node, log it as a warning and not an error.
MFC after: 1 week
|
#
219900 |
|
23-Mar-2011 |
pjd |
Don't create socketpair for connection forwarding between parent and secondary. Secondary doesn't need to connect anywhere.
MFC after: 1 week
|
#
219864 |
|
22-Mar-2011 |
pjd |
White space cleanups.
MFC after: 1 week
|
#
219837 |
|
21-Mar-2011 |
pjd |
Before handling any events on descriptors check signals so we can update our info about worker processes if any of them was terminated in the meantime.
This fixes the problem with 'hastctl status' running from a hook called on split-brain: 1. Secondary calls a hooks and terminates. 2. Hook asks for resource status via 'hastctl status'. 3. The main hastd handles the status request by sending it to the secondary worker who is already dead, but because signals weren't checked yet he doesn't know that and we get EPIPE.
MFC after: 1 week
|
#
219818 |
|
21-Mar-2011 |
pjd |
In hast.conf we define the other node's address in 'remote' variable. This way we know how to connect to secondary node when we are primary. The same variable is used by the secondary node - it only accepts connections from the address stored in 'remote' variable. In cluster configurations it is common that each node has its individual IP address and there is one addtional shared IP address which is assigned to primary node. It seems it is possible that if the shared IP address is from the same network as the individual IP address it might be choosen by the kernel as a source address for connection with the secondary node. Such connection will be rejected by secondary, as it doesn't come from primary node individual IP.
Add 'source' variable that allows to specify source IP address we want to bind to before connecting to the secondary node.
MFC after: 1 week
|
#
219814 |
|
21-Mar-2011 |
pjd |
When creating connection on behalf of primary worker, set pjdlog prefix to resource name and role, so that any logs related to that can be identified properly.
MFC after: 1 week
|
#
219813 |
|
21-Mar-2011 |
pjd |
If there is any traffic on one of out descriptors, we were not checking for long running hooks. Fix it by not using select(2) timeout to decide if we want to check hooks or not.
MFC after: 1 week
|
#
219354 |
|
06-Mar-2011 |
pjd |
Allow to compress on-the-wire data using two algorithms: - HOLE - it simply turns all-zero blocks into few bytes header; it is extremely fast, so it is turned on by default; it is mostly intended to speed up initial synchronization where we expect many zeros; - LZF - very fast algorithm by Marc Alexander Lehmann, which shows very decent compression ratio and has BSD license.
MFC after: 2 weeks
|
#
219351 |
|
06-Mar-2011 |
pjd |
Allow to checksum on-the-wire data using either CRC32 or SHA256.
MFC after: 2 weeks
|
#
218376 |
|
06-Feb-2011 |
pjd |
Now that we break the loop on fstat(2) failure we no longer need to satisfy gcc's imperfections.
MFC after: 1 week
|
#
218375 |
|
06-Feb-2011 |
pjd |
Add (void) cast before snprintf(3)s for which we are not interested in return values.
MFC after: 1 week
|
#
218374 |
|
06-Feb-2011 |
pjd |
Treat fstat(2) failure (different than EBADF) as fatal error.
Reported by: Mikolaj Golub <to.my.trociny@gmail.com> MFC after: 1 week
|
#
218373 |
|
06-Feb-2011 |
pjd |
Open syslog when logging sysconf(3) failure.
Reported by: Mikolaj Golub <to.my.trociny@gmail.com> MFC after: 1 week
|
#
218370 |
|
06-Feb-2011 |
pjd |
Close more descriptors that can be open if the worker process for the given resource is already running.
Submitted by: Mikolaj Golub <to.my.trociny@gmail.com> MFC after: 1 week
|
#
218218 |
|
03-Feb-2011 |
pjd |
Setup another socketpair between parent and child, so that primary sandboxed worker can ask the main privileged process to connect in worker's behalf and then we can migrate descriptor using this socketpair to worker. This is not really needed now, but will be needed once we start to use capsicum for sandboxing.
MFC after: 1 week
|
#
218138 |
|
31-Jan-2011 |
pjd |
- Use pjdlog for assertions and aborts as this will log assert/abort message to syslog if we run in background. - Asserts in proto.c that method we want to call is implemented and remove dummy methods from protocols implementation that are only there to abort the program with nice message.
MFC after: 1 week
|
#
218044 |
|
28-Jan-2011 |
pjd |
Add function to assert that the only descriptors we have open are the ones we expect to be open. Also assert that they point at expected type.
Because openlog(3) API is unable to tell us descriptor number it is using, we have to close syslog socket, remember assert message in local buffer and if we fail on assertion, reopen syslog socket and log the message.
MFC after: 1 week
|
#
218041 |
|
28-Jan-2011 |
pjd |
Add function to close all unneeded descriptors after fork(2).
MFC after: 1 week
|
#
217967 |
|
27-Jan-2011 |
pjd |
Close the control socket before exiting, so it will be unlinked.
MFC after: 1 week
|
#
217965 |
|
27-Jan-2011 |
pjd |
Add functions to initialize/finalize pjdlog. This allows to open/close log file at will.
MFC after: 1 week
|
#
217784 |
|
24-Jan-2011 |
pjd |
Don't open configuration file from worker process. Handle SIGHUP in the master process only and pass changes to the worker processes over control socket. This removes access to global namespace in preparation for capsicum sandboxing.
MFC after: 2 weeks
|
#
217729 |
|
22-Jan-2011 |
pjd |
- On primary worker reload, update hr_exec field. - Update comment.
MFC after: 1 week
|
#
217307 |
|
12-Jan-2011 |
pjd |
Install default signal handlers before masking signals we want to handle. It is possible that the parent process ignores some of them and sigtimedwait() will never see them, eventhough they are masked.
The most common situation for this to happen is boot process where init(8) ignores SIGHUP before starting to execute /etc/rc. This in turn caused hastd(8) to ignore SIGHUP.
Reported by: trasz Obtained from: Wheel Systems Sp. z o.o. http://www.wheelsystems.com MFC after: 3 days
|
#
216477 |
|
16-Dec-2010 |
pjd |
Log the fact of launching and include protocol version number.
MFC after: 3 days
|
#
214273 |
|
24-Oct-2010 |
pjd |
Load geom_gate.ko module after parsing arguments.
MFC after: 3 days
|
#
213981 |
|
17-Oct-2010 |
pjd |
Log correct connection when canceling half-open connection.
Submitted by: Mikolaj Golub <to.my.trociny@gmail.com> MFC after: 3 days
|
#
213430 |
|
04-Oct-2010 |
pjd |
Decrease report interval to 5 seconds, as this also means we will check for signals every 5 seconds and not every 10 seconds as before.
MFC after: 3 days
|
#
213429 |
|
04-Oct-2010 |
pjd |
hook_check() is now only used to report about long-running hooks, so the argument is redundant, remove it.
MFC after: 3 days
|
#
213428 |
|
04-Oct-2010 |
pjd |
We can't mask ignored signal, so install dummy signal hander for SIGCHLD before masking it.
This fixes bogus reports about hooks running for too long and other problems related to garbage-collecting child processes.
Reported by: Mikolaj Golub <to.my.trociny@gmail.com> MFC after: 3 days
|
#
213009 |
|
22-Sep-2010 |
pjd |
Switch to sigprocmask(2) API also in the main process and secondary process. This way the primary process inherits signal mask from the main process, which fixes a race where signal is delivered to the primary process before configuring signal mask.
Reported by: Mikolaj Golub <to.my.trociny@gmail.com> MFC after: 3 days
|
#
213008 |
|
22-Sep-2010 |
pjd |
Assert that descriptor numbers are sane.
MFC after: 3 days
|
#
213006 |
|
22-Sep-2010 |
pjd |
Fix descriptor leaks: when child exits, we have to close control and event socket pairs. We did that only in one case out of three.
MFC after: 3 days
|
#
212038 |
|
30-Aug-2010 |
pjd |
Because it is very hard to make fork(2) from threaded process safe (we are limited to async-signal safe functions in the child process), move all hooks execution to the main (non-threaded) process.
Do it by maintaining connection (socketpair) between child and parent and sending events from the child to parent, so it can execute the hook.
This is step in right direction for others reasons too. For example there is one less problem to drop privs in worker processes.
MFC after: 2 weeks Obtained from: Wheel Systems Sp. z o.o. http://www.wheelsystems.com
|
#
212037 |
|
30-Aug-2010 |
pjd |
We only want to know if descriptors are ready for reading.
MFC after: 2 weeks Obtained from: Wheel Systems Sp. z o.o. http://www.wheelsystems.com
|
#
211977 |
|
29-Aug-2010 |
pjd |
Allow to run hooks from the main hastd process.
MFC after: 2 weeks Obtained from: Wheel Systems Sp. z o.o. http://www.wheelsystems.com
|
#
211899 |
|
27-Aug-2010 |
pjd |
When SIGTERM or SIGINT is received, terminate worker processes.
MFC after: 2 weeks Obtained from: Wheel Systems Sp. z o.o. http://www.wheelsystems.com
|
#
211886 |
|
27-Aug-2010 |
pjd |
Allow to execute specified program on various HAST events.
MFC after: 2 weeks Obtained from: Wheel Systems Sp. z o.o. http://www.wheelsystems.com
|
#
210886 |
|
05-Aug-2010 |
pjd |
Implement configuration reload on SIGHUP. This includes: - Load added resources. - Stop and forget removed resources. - Update modified resources in least intrusive way, ie. don't touch /dev/hast/<name> unless path to local component or provider name were modified.
Obtained from: Wheel Systems Sp. z o.o. http://www.wheelsystems.com MFC after: 1 month
|
#
210883 |
|
05-Aug-2010 |
pjd |
Prepare configuration parsing code to be called multiple times: - Don't exit on errors if not requested. - Don't keep configuration in global variable, but allocate memory for configuration. - Call yyrestart() before yyparse() so that on error in configuration file we will start from the begining next time and not from the place we left of.
MFC after: 1 month
|
#
210879 |
|
05-Aug-2010 |
pjd |
- Use pjdlog_exitx() to log errors and exit instead of errx(). - Use 'unable to' (instead of 'cannot') consistently.
MFC after: 1 month
|
#
209185 |
|
14-Jun-2010 |
pjd |
Correct various log messages.
Submitted by: Mikolaj Golub <to.my.trociny@gmail.com> MFC after: 3 days
|
#
209177 |
|
14-Jun-2010 |
pjd |
Remove macros that are not really needed. The idea was to have them in case we grow more descriptors, but I'll reconsider readding them once we get there.
Passing (a = b) expression to FD_ISSET() is bad idea, as FD_ISSET() evaluates its argument twice.
Found by: Coverity Prevent CID: 5243 MFC after: 3 days
|
#
207372 |
|
29-Apr-2010 |
pjd |
- Check if the worker process was killed by signal and restart it. - Improve logging.
Pointed out by: Garrett Cooper <yanefbsd@gmail.com> MFC after: 3 days
|
#
207371 |
|
29-Apr-2010 |
pjd |
Fix a problem where hastd will stuck in recv(2) after sending request to secondary, which died between send(2) and recv(2). Do it by adding timeout to recv(2) for primary incoming and outgoing sockets and secondary outgoing socket.
Reported by: Mikolaj Golub <to.my.trociny@gmail.com> Tested by: Mikolaj Golub <to.my.trociny@gmail.com> MFC after: 3 days
|
#
207348 |
|
28-Apr-2010 |
pjd |
Restart worker thread only if the problem was temporary. In case of persistent problem we don't want to loop forever.
MFC after: 3 days
|
#
207345 |
|
28-Apr-2010 |
pjd |
Use WEXITSTATUS() to obtain real exit code.
MFC after: 3 days
|
#
206696 |
|
16-Apr-2010 |
pjd |
Fix control socket leak when worker process exits.
Submitted by: Mikolaj Golub <to.my.trociny@gmail.com> MFC after: 3 days
|
#
204076 |
|
18-Feb-2010 |
pjd |
Please welcome HAST - Highly Avalable Storage.
HAST allows to transparently store data on two physically separated machines connected over the TCP/IP network. HAST works in Primary-Secondary (Master-Backup, Master-Slave) configuration, which means that only one of the cluster nodes can be active at any given time. Only Primary node is able to handle I/O requests to HAST-managed devices. Currently HAST is limited to two cluster nodes in total.
HAST operates on block level - it provides disk-like devices in /dev/hast/ directory for use by file systems and/or applications. Working on block level makes it transparent for file systems and applications. There in no difference between using HAST-provided device and raw disk, partition, etc. All of them are just regular GEOM providers in FreeBSD.
For more information please consult hastd(8), hastctl(8) and hast.conf(5) manual pages, as well as http://wiki.FreeBSD.org/HAST.
Sponsored by: FreeBSD Foundation Sponsored by: OMCnet Internet Service GmbH Sponsored by: TransIP BV
|