From 5e725a7a0a9cc658e2f513d7323c0bd2620fee38 Mon Sep 17 00:00:00 2001 From: Kam Nasim Date: Tue, 17 Apr 2018 16:26:25 -0400 Subject: [PATCH] Multi-Region: Support shared LDAP service Decouple NSLCD from the open-ldap SM service and manage it by PMOND instead. This is needed because in the Shared LDAP case, we deprovision the open-ldap service on the Secondary Region which renders NSLCD unmanaged. Additionally, we allow the Secondary Region or Sub Clouds to bind anonymously, but still need to support LDAP read operations in these regions such as ldapfinger or lsldap. For this purpose, the ldapscripts runtime library has been modified to allow anonymous binds during LDAP search operations. Change-Id: Ic01a8097e8124348d493c9e0c82fda94700e28e2 Signed-off-by: Jack Ding --- mtce-common/centos/build_srpm.data | 2 +- mtce-common/centos/cgts-mtce-common.spec | 7 +++++-- .../pmon/scripts/nslcd.conf | 17 +++++++++++++++++ 3 files changed, 23 insertions(+), 3 deletions(-) create mode 100644 mtce-common/cgts-mtce-common-1.0/pmon/scripts/nslcd.conf diff --git a/mtce-common/centos/build_srpm.data b/mtce-common/centos/build_srpm.data index 951eace4..0b22bf3f 100644 --- a/mtce-common/centos/build_srpm.data +++ b/mtce-common/centos/build_srpm.data @@ -1,3 +1,3 @@ SRC_DIR="cgts-mtce-common-1.0" -TIS_PATCH_VER=133 +TIS_PATCH_VER=134 BUILD_IS_SLOW=5 diff --git a/mtce-common/centos/cgts-mtce-common.spec b/mtce-common/centos/cgts-mtce-common.spec index 98e1564d..126b677a 100644 --- a/mtce-common/centos/cgts-mtce-common.spec +++ b/mtce-common/centos/cgts-mtce-common.spec @@ -485,6 +485,7 @@ install -m 644 -p -D %{_buildsubdir}/pmon/scripts/acpid.conf %{buildroot}%{local install -m 644 -p -D %{_buildsubdir}/pmon/scripts/sshd.conf %{buildroot}%{local_etc_pmond}/sshd.conf install -m 644 -p -D %{_buildsubdir}/pmon/scripts/ntpd.conf %{buildroot}%{local_etc_pmond}/ntpd.conf install -m 644 -p -D %{_buildsubdir}/pmon/scripts/syslog-ng.conf %{buildroot}%{local_etc_pmond}/syslog-ng.conf +install -m 644 -p -D %{_buildsubdir}/pmon/scripts/nslcd.conf %{buildroot}%{local_etc_pmond}/nslcd.conf install -m 644 -p -D %{_buildsubdir}/rmon/scripts/rmon.conf %{buildroot}%{local_etc_pmond}/rmon.conf install -m 644 -p -D %{_buildsubdir}/fsmon/scripts/fsmon.conf %{buildroot}%{local_etc_pmond}/fsmon.conf install -m 644 -p -D %{_buildsubdir}/scripts/mtclogd.conf %{buildroot}%{local_etc_pmond}/mtclogd.conf @@ -579,7 +580,7 @@ install -m 755 -d %{buildroot}/var/run %{_sysconfdir}/mtc.conf %{_sysconfdir}/mtc/fsmond.conf -# Mainteance Process Monitor Config Files +# Maintenance Process Monitor Config Files %{local_etc_pmond}/sshd.conf %{local_etc_pmond}/ntpd.conf %{local_etc_pmond}/mtcClient.conf @@ -589,8 +590,10 @@ install -m 755 -d %{buildroot}/var/run %{local_etc_pmond}/fsmon.conf %{local_etc_pmond}/mtclogd.conf %{local_etc_pmond}/mtcalarm.conf +%{local_etc_pmond}/nslcd.conf -# Mainteance log rotation config files + +# Maintenance log rotation config files %{local_etc_logrotated}/fsmon.logrotate %{local_etc_logrotated}/mtce.logrotate %{local_etc_logrotated}/mtcalarm.logrotate diff --git a/mtce-common/cgts-mtce-common-1.0/pmon/scripts/nslcd.conf b/mtce-common/cgts-mtce-common-1.0/pmon/scripts/nslcd.conf new file mode 100644 index 00000000..ad9dd838 --- /dev/null +++ b/mtce-common/cgts-mtce-common-1.0/pmon/scripts/nslcd.conf @@ -0,0 +1,17 @@ +[process] +process = nslcd +service = nslcd +pidfile = /var/run/nslcd/nslcd.pid +script = /etc/init.d/openldap +style = lsb ; ocf or lsb +severity = major ; minor, major, critical +restarts = 3 ; restart retries before error assertion +interval = 5 ; number of seconds to wait between restarts +debounce = 20 ; number of seconds that a process needs to remain + ; running before degrade is removed and retry count + ; is cleared. +startuptime = 5 ; Seconds to wait after process start before starting the debounce monitor +mode = passive ; Monitoring mode: passive (default) or active + ; passive: process death monitoring (default: always) + ; active : heartbeat monitoring, i.e. request / response messaging + ; ignore : do not monitor or stop monitoring