starlingx
/
integ
Code Issues Proposed changes

Pmon monitoring of luks-fs-mgr service on controllers 

luks-fs-mgr service is modified to create a pidfile which can be
tracked using pmon. Pmon passive monitoring on controllers is
enabled by adding a config file which tracks the pidfile and
tries to restart the service if it fails.

Test Plan:
PASS: build-pkgs -c -p luks-fs-mgr
PASS: build-image
PASS: AIO-SX verify if luks.conf is present at /usr/share/starlingx/pmon.d
PASS: pid file luks-fs-mgr.pid should be created at /var/run
PASS: pid file should be deleted after luks-fs-mgr service is stopped.

Story: 2010872
Task: 49249

Change-Id: I97ccb81c2f6fba6b7d0c1fc462d42fbce21595fa
Signed-off-by: Jagatguru Prasad Mishra <jagatguruprasad.mishra@windriver.com>
This commit is contained in:
Jagatguru Prasad Mishra 2023-12-13 13:45:02 -05:00
parent fe6751521a
commit e4e8866a43
6 changed files with 109 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
filesystem/luks/debian/deb_folder/luks-fs-mgr.dirs
View File

@ -1,3 +1,4 @@
etc/luks-fs-mgr.d
usr/local/sbin
lib/systemd/system
usr/share/starlingx/pmon.d

1
filesystem/luks/debian/deb_folder/luks-fs-mgr.install
View File

@ -1,3 +1,4 @@
usr/local/sbin/luks-fs-mgr
lib/systemd/system/luks-fs-mgr.service
etc/luks-fs-mgr.d/luks_config.json
usr/share/starlingx/pmon.d/luks.conf

1
filesystem/luks/debian/deb_folder/luks-fs-mgr.service
View File

@ -5,6 +5,7 @@ After=local-fs.target network-online.target
[Service]
Type=forking
ExecStart=/usr/local/sbin/luks-fs-mgr start
PIDFile=/var/run/luks-fs-mgr.pid
User=root
Group=root
KillMode=process

5
filesystem/luks/debian/deb_folder/rules
View File

@ -5,6 +5,7 @@ export ROOT = debian/tmp
export LOCAL_SBINDIR = $(ROOT)/usr/local/sbin
export UNITDIR = $(ROOT)/lib/systemd/system
export CONFIGDIR = $(ROOT)/etc/luks-fs-mgr.d
export PMONDIR = $(ROOT)/usr/share/starlingx/pmon.d
%:
dh $@
@ -19,6 +20,10 @@ override_dh_auto_install:
install -p -D -m 644 ./debian/luks-fs-mgr.service ${UNITDIR}/luks-fs-mgr.service
install -p -D -m 644 encryption/scripts/luks_config.json ${CONFIGDIR}/luks_config.json
# Process monitor config files
install -m 755 -d $(PMONDIR)
install -p -D -m 644 encryption/scripts/luks.conf ${PMONDIR}/luks.conf
override_dh_installsystemd:
dh_installsystemd --name luks-fs-mgr

84
filesystem/luks/src/encryption/luks-fs-mgr.cpp
View File

@ -20,9 +20,13 @@
#include <cstdlib>
#include <cstring>
#include <type_traits>
#include <signal.h>
#include "PassphraseGenerator.h"
#define SLEEP_DURATION 60
#define SLEEP_DURATION 60
#define BUFFER 1024
#define FAIL_FILE_WRITE (11)
#define FAIL_PID_OPEN (9)
using namespace std;
@ -31,6 +35,7 @@ const char *configFile = "/etc/luks-fs-mgr.d/luks_config.json";
const char *defaultDirectoryPath = "/var/luks/stx";
const char *defaultMountPath = "/var/luks/stx/luks_fs";
const char *createdConfigFile = "/etc/luks-fs-mgr.d/created_luks.json";
const char *pidFileName = "/var/run/luks-fs-mgr.pid";
// Define a struct to hold configuration variables
struct LuksConfig {
@ -734,6 +739,75 @@ void monitorLUKSVolume(const string& volumeName) {
}
}
/* Creates PID file and adds the pid*/
int daemon_create_pidfile ( void )
{
FILE * pid_file_stream = (FILE *)(NULL);
string errorMessage = "";
/* Create PID file */
pid_t mypid = getpid();
/* Check for another instance running by trying to open in read only mode.
* If it opens then there "may" be another process running.
* If it opens then read the pid and see if that pID exists.
* If it does then this is a duplicate process so exit. */
pid_file_stream = fopen (pidFileName, "r" ) ;
if ( pid_file_stream )
{
int rc = 0 ;
pid_t pid = 0 ;
char buffer[BUFFER];
if ( fgets ( buffer, BUFFER, pid_file_stream) != NULL )
{
rc = sscanf ( &buffer[0], "%d", &pid );
if ( rc == 1 )
{
rc = kill ( pid, 0 );
if ( rc == 0 )
{
errorMessage = "Refusing to start duplicate process pid: "
+ to_string(pid);
log(errorMessage, LOG_ERR);
fclose (pid_file_stream);
exit (0);
}
}
}
}
if ( pid_file_stream )
fclose (pid_file_stream);
/* if we got here then we are ok to run */
pid_file_stream = fopen (pidFileName, "w" ) ;
if ( pid_file_stream == NULL )
{
syslog ( LOG_ERR, "Failed to open or create %s\n", pidFileName);
return ( FAIL_PID_OPEN );
}
else if (!fprintf (pid_file_stream,"%d", mypid))
{
syslog ( LOG_ERR, "Failed to write pid file for %s\n", pidFileName );
fclose ( pid_file_stream ) ;
return ( FAIL_FILE_WRITE ) ;
}
syslog ( LOG_INFO, "opened and written PID file:(pid:%d) FileName: %s\n",mypid, pidFileName);
fflush (pid_file_stream);
fclose (pid_file_stream);
return (0);
}
/* Signal handler to handle termination signals */
void signal_handler(int signo) {
if (signo == SIGTERM) {
// Cleanup tasks and exit the daemon
log("luks daemon: Received SIGTERM. Exiting", LOG_INFO);
exit(EXIT_SUCCESS);
}
}
int main() {
int rc = 0;
int ret = daemon(0, 0);
@ -743,6 +817,14 @@ int main() {
log(errorMessage, LOG_ERR);
return 1;
}
/* create PID file */
ret = daemon_create_pidfile();
if (ret != 0) {
return ret;
}
/* Install signal handler for termination signals */
signal(SIGTERM, signal_handler);
LuksConfig luksConfig;
CreatedLuksConfig createdLuksConfig;

18
filesystem/luks/src/encryption/scripts/luks.conf Normal file
View File

@ -0,0 +1,18 @@
[process]
process = luks-fs-mgr
service = luks-fs-mgr
pidfile = /var/run/luks-fs-mgr.pid
script = /usr/local/sbin/luks-fs-mgr
style = lsb ; ocf or lsb
severity = critical ; minor, major, critical
restarts = 3 ; restart retries before error assertion
interval = 1 ; number of seconds to wait between restarts
debounce = 20 ; number of seconds that a process needs to remain
; running before degrade is removed and retry count
; is cleared.
startuptime = 5 ; Seconds to wait after process start before starting the debounce monitor
mode = passive ; Monitoring mode: passive (default) or active
; passive: process death monitoring (default: always)
; active : heartbeat monitoring, i.e. request / response messaging
; ignore : do not monitor or stop monitoring
quorum = 1 ; process is in the host watchdog quorum