From e4e8866a43df9713b6c757f4120882547c113fe2 Mon Sep 17 00:00:00 2001 From: Jagatguru Prasad Mishra Date: Wed, 13 Dec 2023 13:45:02 -0500 Subject: [PATCH] Pmon monitoring of luks-fs-mgr service on controllers luks-fs-mgr service is modified to create a pidfile which can be tracked using pmon. Pmon passive monitoring on controllers is enabled by adding a config file which tracks the pidfile and tries to restart the service if it fails. Test Plan: PASS: build-pkgs -c -p luks-fs-mgr PASS: build-image PASS: AIO-SX verify if luks.conf is present at /usr/share/starlingx/pmon.d PASS: pid file luks-fs-mgr.pid should be created at /var/run PASS: pid file should be deleted after luks-fs-mgr service is stopped. Story: 2010872 Task: 49249 Change-Id: I97ccb81c2f6fba6b7d0c1fc462d42fbce21595fa Signed-off-by: Jagatguru Prasad Mishra --- .../luks/debian/deb_folder/luks-fs-mgr.dirs | 1 + .../debian/deb_folder/luks-fs-mgr.install | 1 + .../debian/deb_folder/luks-fs-mgr.service | 1 + filesystem/luks/debian/deb_folder/rules | 5 ++ .../luks/src/encryption/luks-fs-mgr.cpp | 84 ++++++++++++++++++- .../luks/src/encryption/scripts/luks.conf | 18 ++++ 6 files changed, 109 insertions(+), 1 deletion(-) create mode 100644 filesystem/luks/src/encryption/scripts/luks.conf diff --git a/filesystem/luks/debian/deb_folder/luks-fs-mgr.dirs b/filesystem/luks/debian/deb_folder/luks-fs-mgr.dirs index a4acf0245..b03515d40 100644 --- a/filesystem/luks/debian/deb_folder/luks-fs-mgr.dirs +++ b/filesystem/luks/debian/deb_folder/luks-fs-mgr.dirs @@ -1,3 +1,4 @@ etc/luks-fs-mgr.d usr/local/sbin lib/systemd/system +usr/share/starlingx/pmon.d \ No newline at end of file diff --git a/filesystem/luks/debian/deb_folder/luks-fs-mgr.install b/filesystem/luks/debian/deb_folder/luks-fs-mgr.install index 79e06aef2..834236dc3 100644 --- a/filesystem/luks/debian/deb_folder/luks-fs-mgr.install +++ b/filesystem/luks/debian/deb_folder/luks-fs-mgr.install @@ -1,3 +1,4 @@ usr/local/sbin/luks-fs-mgr lib/systemd/system/luks-fs-mgr.service etc/luks-fs-mgr.d/luks_config.json +usr/share/starlingx/pmon.d/luks.conf diff --git a/filesystem/luks/debian/deb_folder/luks-fs-mgr.service b/filesystem/luks/debian/deb_folder/luks-fs-mgr.service index c1067619a..5d6612640 100644 --- a/filesystem/luks/debian/deb_folder/luks-fs-mgr.service +++ b/filesystem/luks/debian/deb_folder/luks-fs-mgr.service @@ -5,6 +5,7 @@ After=local-fs.target network-online.target [Service] Type=forking ExecStart=/usr/local/sbin/luks-fs-mgr start +PIDFile=/var/run/luks-fs-mgr.pid User=root Group=root KillMode=process diff --git a/filesystem/luks/debian/deb_folder/rules b/filesystem/luks/debian/deb_folder/rules index b9a4273a1..7a7ef41c9 100644 --- a/filesystem/luks/debian/deb_folder/rules +++ b/filesystem/luks/debian/deb_folder/rules @@ -5,6 +5,7 @@ export ROOT = debian/tmp export LOCAL_SBINDIR = $(ROOT)/usr/local/sbin export UNITDIR = $(ROOT)/lib/systemd/system export CONFIGDIR = $(ROOT)/etc/luks-fs-mgr.d +export PMONDIR = $(ROOT)/usr/share/starlingx/pmon.d %: dh $@ @@ -19,6 +20,10 @@ override_dh_auto_install: install -p -D -m 644 ./debian/luks-fs-mgr.service ${UNITDIR}/luks-fs-mgr.service install -p -D -m 644 encryption/scripts/luks_config.json ${CONFIGDIR}/luks_config.json + # Process monitor config files + install -m 755 -d $(PMONDIR) + install -p -D -m 644 encryption/scripts/luks.conf ${PMONDIR}/luks.conf + override_dh_installsystemd: dh_installsystemd --name luks-fs-mgr diff --git a/filesystem/luks/src/encryption/luks-fs-mgr.cpp b/filesystem/luks/src/encryption/luks-fs-mgr.cpp index 0c99ea822..04984981e 100644 --- a/filesystem/luks/src/encryption/luks-fs-mgr.cpp +++ b/filesystem/luks/src/encryption/luks-fs-mgr.cpp @@ -20,9 +20,13 @@ #include #include #include +#include #include "PassphraseGenerator.h" -#define SLEEP_DURATION 60 +#define SLEEP_DURATION 60 +#define BUFFER 1024 +#define FAIL_FILE_WRITE (11) +#define FAIL_PID_OPEN (9) using namespace std; @@ -31,6 +35,7 @@ const char *configFile = "/etc/luks-fs-mgr.d/luks_config.json"; const char *defaultDirectoryPath = "/var/luks/stx"; const char *defaultMountPath = "/var/luks/stx/luks_fs"; const char *createdConfigFile = "/etc/luks-fs-mgr.d/created_luks.json"; +const char *pidFileName = "/var/run/luks-fs-mgr.pid"; // Define a struct to hold configuration variables struct LuksConfig { @@ -734,6 +739,75 @@ void monitorLUKSVolume(const string& volumeName) { } } +/* Creates PID file and adds the pid*/ +int daemon_create_pidfile ( void ) +{ + FILE * pid_file_stream = (FILE *)(NULL); + string errorMessage = ""; + /* Create PID file */ + pid_t mypid = getpid(); + + /* Check for another instance running by trying to open in read only mode. + * If it opens then there "may" be another process running. + * If it opens then read the pid and see if that pID exists. + * If it does then this is a duplicate process so exit. */ + pid_file_stream = fopen (pidFileName, "r" ) ; + if ( pid_file_stream ) + { + int rc = 0 ; + pid_t pid = 0 ; + char buffer[BUFFER]; + if ( fgets ( buffer, BUFFER, pid_file_stream) != NULL ) + { + rc = sscanf ( &buffer[0], "%d", &pid ); + if ( rc == 1 ) + { + rc = kill ( pid, 0 ); + if ( rc == 0 ) + { + errorMessage = "Refusing to start duplicate process pid: " + + to_string(pid); + log(errorMessage, LOG_ERR); + fclose (pid_file_stream); + exit (0); + } + } + } + } + + if ( pid_file_stream ) + fclose (pid_file_stream); + + /* if we got here then we are ok to run */ + pid_file_stream = fopen (pidFileName, "w" ) ; + + if ( pid_file_stream == NULL ) + { + syslog ( LOG_ERR, "Failed to open or create %s\n", pidFileName); + return ( FAIL_PID_OPEN ); + } + else if (!fprintf (pid_file_stream,"%d", mypid)) + { + syslog ( LOG_ERR, "Failed to write pid file for %s\n", pidFileName ); + fclose ( pid_file_stream ) ; + return ( FAIL_FILE_WRITE ) ; + } + syslog ( LOG_INFO, "opened and written PID file:(pid:%d) FileName: %s\n",mypid, pidFileName); + + fflush (pid_file_stream); + fclose (pid_file_stream); + return (0); +} + +/* Signal handler to handle termination signals */ +void signal_handler(int signo) { + if (signo == SIGTERM) { + // Cleanup tasks and exit the daemon + log("luks daemon: Received SIGTERM. Exiting", LOG_INFO); + exit(EXIT_SUCCESS); + } +} + int main() { int rc = 0; int ret = daemon(0, 0); @@ -743,6 +817,14 @@ int main() { log(errorMessage, LOG_ERR); return 1; } + /* create PID file */ + ret = daemon_create_pidfile(); + if (ret != 0) { + return ret; + } + + /* Install signal handler for termination signals */ + signal(SIGTERM, signal_handler); LuksConfig luksConfig; CreatedLuksConfig createdLuksConfig; diff --git a/filesystem/luks/src/encryption/scripts/luks.conf b/filesystem/luks/src/encryption/scripts/luks.conf new file mode 100644 index 000000000..a087f99b0 --- /dev/null +++ b/filesystem/luks/src/encryption/scripts/luks.conf @@ -0,0 +1,18 @@ +[process] +process = luks-fs-mgr +service = luks-fs-mgr +pidfile = /var/run/luks-fs-mgr.pid +script = /usr/local/sbin/luks-fs-mgr +style = lsb ; ocf or lsb +severity = critical ; minor, major, critical +restarts = 3 ; restart retries before error assertion +interval = 1 ; number of seconds to wait between restarts +debounce = 20 ; number of seconds that a process needs to remain + ; running before degrade is removed and retry count + ; is cleared. +startuptime = 5 ; Seconds to wait after process start before starting the debounce monitor +mode = passive ; Monitoring mode: passive (default) or active + ; passive: process death monitoring (default: always) + ; active : heartbeat monitoring, i.e. request / response messaging + ; ignore : do not monitor or stop monitoring +quorum = 1 ; process is in the host watchdog quorum