mirror of https://github.com/schoebel/mars
marsadm: disallow resume-sync during emergency mode
This commit is contained in:
Thomas Schoebel-Theuer
parent
75186d0253
commit
51e469e756
|
|
@ -2479,8 +2479,8 @@ guaranteed
|
|||
\family typewriter
|
||||
fake-sync
|
||||
\family default
|
||||
, you may startover the fast full sync at your secondary side at any time
|
||||
by saying
|
||||
, you may startover the fast full sync at your secondary side by saying
|
||||
|
||||
\family typewriter
|
||||
marsadm invalidate mydata
|
||||
\family default
|
||||
|
|
@ -16265,8 +16265,9 @@ $res
|
|||
\family default
|
||||
must denote an already existing resource in the cluster (i.e.
|
||||
its symlink tree information must have been received).
|
||||
The resource must have a designated primary, and there must not exist a
|
||||
split brain.
|
||||
The resource must have a designated primary, and it must no be in emergency
|
||||
mode.
|
||||
There must not exist a split brain in the cluster.
|
||||
The local node must not be already member of that resource.
|
||||
The argument
|
||||
\family typewriter
|
||||
|
|
@ -18107,7 +18108,8 @@ status open
|
|||
\begin_layout Plain Layout
|
||||
|
||||
\size scriptsize
|
||||
Precondition: none additionally.
|
||||
Precondition: additionally, a primary must be designated, and it must not
|
||||
be in emergency mode.
|
||||
\end_layout
|
||||
|
||||
\begin_layout Plain Layout
|
||||
|
|
@ -21192,9 +21194,9 @@ reference "sub:Split-Brain-Resolution"
|
|||
\family typewriter
|
||||
marsadm invalidate
|
||||
\family default
|
||||
cannot resolve a split brain at other secondaries (which are neither the
|
||||
old nor the new designated primary).
|
||||
Therefore, use the
|
||||
cannot always resolve a split brain at other secondaries (which are neither
|
||||
the old nor the new designated primary).
|
||||
Therefore, prefer the
|
||||
\family typewriter
|
||||
leave-resource
|
||||
\family default
|
||||
|
|
@ -26782,7 +26784,7 @@ status open
|
|||
\begin_layout Plain Layout
|
||||
|
||||
\size scriptsize
|
||||
This is too dangerous in case you have multiple secondaries.
|
||||
This would be too dangerous in case you have multiple secondaries.
|
||||
A similar effect can be achieved with the
|
||||
\family typewriter
|
||||
--host=
|
||||
|
|
|
|||
|
|
@ -571,6 +571,19 @@ sub check_userspace {
|
|||
}
|
||||
}
|
||||
|
||||
sub check_sync_startable {
|
||||
my ($cmd, $res) = @_;
|
||||
my $primary = _get_designated_primary($res);
|
||||
ldie "Cannot execute '$cmd' because noone is designated as primary.\n" if (!$primary || $primary eq "(none)");
|
||||
# no danger when switch is turned on at the primary side.
|
||||
return if $primary eq $host;
|
||||
my $emergency_path = "$mars/resource-$res/actual-$primary/has-emergency";
|
||||
my $emergency = get_link($emergency_path, 1);
|
||||
if ($emergency) {
|
||||
ldie "Primary '$primary' is in emergency mode. Cannot start sync.\nFree some space there first.\n";
|
||||
}
|
||||
}
|
||||
|
||||
##################################################################
|
||||
|
||||
# state inspection routines
|
||||
|
|
@ -1456,6 +1469,7 @@ sub create_res {
|
|||
ldie "Sorry, joining is only possible if a designated primary exists.\n" if $primary eq "(none)";
|
||||
ldie "implausible state: I ($host) am already designated primary of resource '$res' which I just wanted to join\n" if $primary eq $host;
|
||||
ldie "my ip '$ip' is not registered -- please run 'join-cluster' first\n" unless -l "$mars/ips/ip-$host";
|
||||
check_sync_startable(@_);
|
||||
my $replay = get_link("$resdir/replay-$primary");
|
||||
if ($replay =~ m/^log-([0-9]+)-/) {
|
||||
$replay_nr = $1;
|
||||
|
|
@ -1808,6 +1822,7 @@ sub fetch_local_res {
|
|||
sub pause_sync_global_res {
|
||||
my ($cmd, $res) = @_;
|
||||
my $pause = ($cmd =~ m/pause/);
|
||||
check_sync_startable(@_) if !$pause;
|
||||
my @paths = glob("$mars/resource-$res/todo-*/");
|
||||
for my $path (@paths) {
|
||||
_switch($cmd, $res, "$path/sync", !$pause);
|
||||
|
|
@ -1817,6 +1832,7 @@ sub pause_sync_global_res {
|
|||
sub pause_sync_local_res {
|
||||
my ($cmd, $res) = @_;
|
||||
my $pause = ($cmd =~ m/pause/);
|
||||
check_sync_startable(@_) if !$pause;
|
||||
my $path = "$mars/resource-$res/todo-$host/sync";
|
||||
_switch($cmd, $res, $path, !$pause);
|
||||
}
|
||||
|
|
@ -2093,7 +2109,14 @@ sub invalidate_res_phase3 {
|
|||
_switch($cmd, $res, "$mars/resource-$res/todo-$host/attach", 1);
|
||||
_switch($cmd, $res, "$mars/resource-$res/todo-$host/fetch", 1);
|
||||
_switch($cmd, $res, "$mars/resource-$res/todo-$host/replay", 1);
|
||||
_switch($cmd, $res, "$mars/resource-$res/todo-$host/sync", 1);
|
||||
finish_links();
|
||||
my $emergency_path = "$mars/resource-$res/actual-$primary/has-emergency";
|
||||
my $emergency = get_link($emergency_path, 1);
|
||||
if ($emergency) {
|
||||
lwarn "Primary '$primary' is in emergency mode. Cannot start sync.\n";
|
||||
} else {
|
||||
_switch($cmd, $res, "$mars/resource-$res/todo-$host/sync", 1);
|
||||
}
|
||||
}
|
||||
|
||||
sub resize_res {
|
||||
|
|
|
|||
Loading…
Reference in New Issue