Приложение Н. Описание утилиты ecss-control
Скрипт ecss-control служит для создания резервных архивов конфигурации, восстановления ECSS-10 из этих архивов, а также для разделения кластера на 2 независимые ноды для дальнейшего независимого обновления каждой из них. Данный скрипт включен в состав пакета ecss-node. Расположен в /usr/bin.
Для настройки используется файл /etc/ecss/ecss-control.conf:
#BACKUP_CONFIGS=( ) BACKUP_CONFIGS=( /etc/ecss /var/lib/ecss/adaptation /var/lib/ecss/backups /var/lib/ecss/cp /var/lib/ecss/ecss-media-server /var/lib/ecss/eep /var/lib/ecss/modification /var/lib/ecss/mycelium /var/lib/ecss/oasys /var/lib/ecss/oasys.backup /var/lib/ecss/regime /var/lib/ecss/routing /var/lib/ecss/numbers /var/lib/ecss/snmp /var/lib/ecss/ecss-data.json ) #BACKUP_LOGS=( ) BACKUP_LOGS=( /var/log/ecss # always must be first, important for the clean-log command # всегда должен быть первым, важно для работы команды clean-log /var/log/atop /var/log/syslog* ) #BACKUP_MYSQLDB=( ) BACKUP_MYSQLDB=( ecss_audit ecss_subscribers ecss_dialer_db web_conf )
Описание аргументов ecss-control
help
Вывод справки.
Пример:
sasha@ecss1:/$ sudo ecss-control help Usage: sudo /usr/bin/ecss-control [ACTION] where ACTION - one of: attach - back host to opertate detach - isolate current host from other ecss hosts, except SSH/22 and KA/112 debug|de - enable debug trace help - print current help log-clean|lc - clean logs rollback|rb [--no-clean] [--no-stash] <DESTINATION FILE> - rollback configuration ecss10 from selected archive For correct execution before rollback current configuration and logs will be stashed and then cleared. After will be started rollback. Options: --no-clean - current configuration and logs won't be cleared; --no-stash - current configuration and logs won't be stashed; stash [<OPTIONS>] [<DESTINATION DIRECTORY>] [--push [<PUSH OPTIONS>]] - make archive of current configuration and logs ecss10 If <DESTINATION DIRECTORY> not specified, then using current directory Options: --last-log - stash only last logs; --no-sql - skip SQL-database stashing; --no-config - skip configuration stashing$; --no-log - skip logs stashing; --push - push stashed data to tech support; Push options: --clear - archive will be removed after executing; --files - all files or directories specified between this and another option will be included to pushing; --comment - all input between this and another option will be used as issue description in pushing; clean [<OPTIONS>] - clean current configuration and logs ecss10 Options: --no-config - skip configuration cleaning --no-log - skip logs cleaning verbose|v - enable verbose output examples: /usr/bin/ecss-control stash ~/
debug
Данный аргумент является необязательным и используется в связке с другими аргументами. При его использовании на терминале отображается подробный трейс выполняемых команд.
Пример:
sasha@ecss1:/$ sudo ecss-control debug stash [sudo] password for sasha: + export DEBUG=true + DEBUG=true + shift + [[ -n stash ]] + CMD=stash + case "${CMD,,}" in + sudo-test ++ id -u root + [[ 0 -ne 0 ]] + shift + exec-command-with-opts stash-service + local command=stash-service + shift + local no_log= + local no_conf= + local no_sql= + local other= + [[ -n '' ]] + [[ stash-service == \c\l\e\a\n\-\s\e\r\v\i\c\e ]] + BACKUP=(${ECSS_STASH_BACKUP_CONFIGS[*]} ${ECSS_STASH_BACKUP_LOGS[*]}) + [[ -z /etc/ecss /var/lib/ecss/adaptation /var/lib/ecss/backups /var/lib/ecss/cp /var/lib/ecss/ecss-media-server /var/lib/ecss/eep /var/lib/ecss/modification /var/lib/ecss/mycelium /var/lib/ecss/oasys /var/lib/ecss/oasys.backup /var/lib/ecss/regime /var/lib/ecss/routing /var/lib/ecss/numbers /var/lib/ecss/snmp /var/lib/ecss/ecss-data.json /var/log/ecss /var/log/atop /var/log/syslog /var/log/syslog.1 /var/log/syslog.1.gz-2022020706.backup /var/log/syslog.2.gz /var/log/syslog.3.gz /var/log/syslog.4.gz /var/log/syslog.5.gz /var/log/syslog.6.gz /var/log/syslog.7.gz ]] + local mode= + [[ -z '' ]] + STASH_MODE=full + stash-service '' + local dest= + local item ++ date +%Y%m%d-%H%M%S + local date=20220711-111016 + local tmppath=/tmp/ecss-stash-20220711-111016 + local to_stash= + [[ -z '' ]] + dest=/ + local stash_arch=/ecss-stash-full-20220711-111016.tar.gz + for item in ${BACKUP[*]} + [[ -e /etc/ecss ]] + to_stash+=' /etc/ecss' + for item in ${BACKUP[*]} + [[ -e /var/lib/ecss/adaptation ]] + to_stash+=' /var/lib/ecss/adaptation' + for item in ${BACKUP[*]} + [[ -e /var/lib/ecss/backups ]] + to_stash+=' /var/lib/ecss/backups' + for item in ${BACKUP[*]} + [[ -e /var/lib/ecss/cp ]] + to_stash+=' /var/lib/ecss/cp' + for item in ${BACKUP[*]} + [[ -e /var/lib/ecss/ecss-media-server ]] + to_stash+=' /var/lib/ecss/ecss-media-server' + for item in ${BACKUP[*]} + [[ -e /var/lib/ecss/eep ]] + to_stash+=' /var/lib/ecss/eep' + for item in ${BACKUP[*]} + [[ -e /var/lib/ecss/modification ]] + to_stash+=' /var/lib/ecss/modification' + for item in ${BACKUP[*]} + [[ -e /var/lib/ecss/mycelium ]] + to_stash+=' /var/lib/ecss/mycelium' + for item in ${BACKUP[*]} + [[ -e /var/lib/ecss/oasys ]] + to_stash+=' /var/lib/ecss/oasys' + for item in ${BACKUP[*]} + [[ -e /var/lib/ecss/oasys.backup ]] + to_stash+=' /var/lib/ecss/oasys.backup' + for item in ${BACKUP[*]} + [[ -e /var/lib/ecss/regime ]] + to_stash+=' /var/lib/ecss/regime' + for item in ${BACKUP[*]} + [[ -e /var/lib/ecss/routing ]] + to_stash+=' /var/lib/ecss/routing' + for item in ${BACKUP[*]} + [[ -e /var/lib/ecss/numbers ]] + to_stash+=' /var/lib/ecss/numbers' + for item in ${BACKUP[*]} + [[ -e /var/lib/ecss/snmp ]] + to_stash+=' /var/lib/ecss/snmp' + for item in ${BACKUP[*]} + [[ -e /var/lib/ecss/ecss-data.json ]] + to_stash+=' /var/lib/ecss/ecss-data.json' + for item in ${BACKUP[*]} + [[ -e /var/log/ecss ]] + to_stash+=' /var/log/ecss' + for item in ${BACKUP[*]} + [[ -e /var/log/atop ]] + to_stash+=' /var/log/atop' + for item in ${BACKUP[*]} + [[ -e /var/log/syslog ]] + to_stash+=' /var/log/syslog' + for item in ${BACKUP[*]} + [[ -e /var/log/syslog.1 ]] + to_stash+=' /var/log/syslog.1' + for item in ${BACKUP[*]} + [[ -e /var/log/syslog.1.gz-2022020706.backup ]] + to_stash+=' /var/log/syslog.1.gz-2022020706.backup' + for item in ${BACKUP[*]} + [[ -e /var/log/syslog.2.gz ]] + to_stash+=' /var/log/syslog.2.gz' + for item in ${BACKUP[*]} + [[ -e /var/log/syslog.3.gz ]] + to_stash+=' /var/log/syslog.3.gz' + for item in ${BACKUP[*]} + [[ -e /var/log/syslog.4.gz ]] + to_stash+=' /var/log/syslog.4.gz' + for item in ${BACKUP[*]} + [[ -e /var/log/syslog.5.gz ]] + to_stash+=' /var/log/syslog.5.gz' + for item in ${BACKUP[*]} + [[ -e /var/log/syslog.6.gz ]] + to_stash+=' /var/log/syslog.6.gz' + for item in ${BACKUP[*]} + [[ -e /var/log/syslog.7.gz ]] + to_stash+=' /var/log/syslog.7.gz' + trap 'rm -rf /tmp/ecss-stash-20220711-111016' 0 1 2 3 15 + mkdir /tmp/ecss-stash-20220711-111016 + [[ ! -z ecss_audit ecss_subscribers ecss_dialer_db web_conf ]] ++ which mysqldump + [[ -z /usr/bin/mysqldump ]] + local db_file=/tmp/ecss-stash-20220711-111016/stash_db.sql + echo 'please enter root password for mysql db:' please enter root password for mysql db: + mysqldump --user=root --password --single-transaction --quote-names --complete-insert --extended-insert --routines --events --triggers --databases ecss_audit ecss_subscribers ecss_dialer_db web_conf Enter password: + echo 'stashing ECSS-10 ...' stashing ECSS-10 ... ++ stash-service-sysinfo /tmp/ecss-stash-20220711-111016 ++ local path=/tmp/ecss-stash-20220711-111016/info ++ local versions=/tmp/ecss-stash-20220711-111016/info/versions ++ local sysinfo=/tmp/ecss-stash-20220711-111016/info/sysinfo ++ mkdir /tmp/ecss-stash-20220711-111016/info ++ dpkg -l ++ grep -E 'ecss|erlang|elixir' ++ gen-update-info /tmp/ecss-stash-20220711-111016/info/sysinfo /var/lib/ecss/ecss-data.json ++ local dest=/tmp/ecss-stash-20220711-111016/info/sysinfo ++ shift ++ local ecss_info_file=/var/lib/ecss/ecss-data.json ++ local 'ecss_info={"version":"undefined"}' ++ [[ -f /var/lib/ecss/ecss-data.json ]] +++ cat /var/lib/ecss/ecss-data.json ++ ecss_info='{"version":"3.14.12.119","passport":{"ssw_id":"ECSS 010079","description":"Biysk Test","encoder_create_date":"03.10.2014 13:02:55","encoder_user":"ssw"},"licences":{"1":{"ssw_id":"ECSS 010079","active":"true","description":"Biysk Test","encoder_create_date":"21.12.2021 16:09:00","encoder_user":"ssw","expire_date":"01.01.2023 06:59:59"}}}' +++ cat ++++ gen-sys-info +++++ hostnamectl status +++++ sed -E -e 's@^\s+|(:)\s+@\1@g' -e 's@([^:]+):(.*)@"\1":"\2"@g' -e 's@\n*$@,@' -e '$ s@,$@@' ++++ local 'res="Static hostname":"ecss1", "Icon name":"computer-desktop", "Chassis":"desktop", "Machine ID":"ca2801daa7a5403794f89100bbc90106", "Boot ID":"08ff523af01344058bf03cbad2854872", "Operating System":"Ubuntu 18.04.6 LTS", "Kernel":"Linux 5.4.0-99-generic", "Architecture":"x86-64"' ++++ [[ -z "Static hostname":"ecss1", "Icon name":"computer-desktop", "Chassis":"desktop", "Machine ID":"ca2801daa7a5403794f89100bbc90106", "Boot ID":"08ff523af01344058bf03cbad2854872", "Operating System":"Ubuntu 18.04.6 LTS", "Kernel":"Linux 5.4.0-99-generic", "Architecture":"x86-64" ]] ++++ echo -n '{"Static hostname":"ecss1", "Icon name":"computer-desktop", "Chassis":"desktop", "Machine ID":"ca2801daa7a5403794f89100bbc90106", "Boot ID":"08ff523af01344058bf03cbad2854872", "Operating System":"Ubuntu 18.04.6 LTS", "Kernel":"Linux 5.4.0-99-generic", "Architecture":"x86-64"}' ++++ gen-network-info ++++ local 'ip6=[0-9a-z]{0,4}' ++++ local 'ip4=[0-9]{1,3}' ++++ ip6='[0-9a-z]{0,4}:[0-9a-z]{0,4}:[0-9a-z]{0,4}:[0-9a-z]{0,4}:[0-9a-z]{0,4}:[0-9a-z]{0,4}' ++++ ip4='[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' +++++ sed -E -e 's@^\W+@@g' -e 's@(Search)\s*(Domains)@\1\2@gI' -e 's@([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}) on ([^ ]+)@"\2(IPv4)":"\1",@gI' -e 's@([0-9a-z]{0,4}:[0-9a-z]{0,4}:[0-9a-z]{0,4}:[0-9a-z]{0,4}:[0-9a-z]{0,4}:[0-9a-z]{0,4}) on ([^ ]+)@"\2(IPv6)":"\1",@gI' -e 's@,?\s*(\w+): @}, "\1": {@gI' -e '$ s@$@}@' -e 's@^},\s*@@' -e 's@\{([^"]+)\}@"\1"@gI' ++++++ networkctl status +++++ echo -n ● State: routable Address: 192.168.2.21 on bond1.2 192.168.2.61 on bond1.2 192.168.2.62 on bond1.2 10.16.33.21 on bond1.476 192.168.1.21 on bond1.3 192.168.1.71 on bond1.3 fe80::6c85:a1ff:fe0c:bdef on bond1 fe80::6c85:a1ff:fe0c:bdef on bond1.2 fe80::6c85:a1ff:fe0c:bdef on bond1.476 fe80::6c85:a1ff:fe0c:bdef on bond1.3 Gateway: 192.168.1.203 on bond1.3 DNS: 192.168.1.203 ++++ local 'res="State": "routable", "Address": {"bond1.2(IPv4)":"192.168.2.21", "bond1.2(IPv4)":"192.168.2.61", "bond1.2(IPv4)":"192.168.2.62", "bond1.476(IPv4)":"10.16.33.21", "bond1.3(IPv4)":"192.168.1.21", "bond1.3(IPv4)":"192.168.1.71", "bond1(IPv6)":"fe80::6c85:a1ff:fe0c:bdef", "bond1.2(IPv6)":"fe80::6c85:a1ff:fe0c:bdef", "bond1.476(IPv6)":"fe80::6c85:a1ff:fe0c:bdef", "bond1.3(IPv6)":"fe80::6c85:a1ff:fe0c:bdef"}, "Gateway": {"bond1.3(IPv4)":"192.168.1.203"}, "DNS": "192.168.1.203"' ++++ [[ -z "State": "routable", "Address": {"bond1.2(IPv4)":"192.168.2.21", "bond1.2(IPv4)":"192.168.2.61", "bond1.2(IPv4)":"192.168.2.62", "bond1.476(IPv4)":"10.16.33.21", "bond1.3(IPv4)":"192.168.1.21", "bond1.3(IPv4)":"192.168.1.71", "bond1(IPv6)":"fe80::6c85:a1ff:fe0c:bdef", "bond1.2(IPv6)":"fe80::6c85:a1ff:fe0c:bdef", "bond1.476(IPv6)":"fe80::6c85:a1ff:fe0c:bdef", "bond1.3(IPv6)":"fe80::6c85:a1ff:fe0c:bdef"}, "Gateway": {"bond1.3(IPv4)":"192.168.1.203"}, "DNS": "192.168.1.203" ]] ++++ echo -n '{"State": "routable", "Address": {"bond1.2(IPv4)":"192.168.2.21", "bond1.2(IPv4)":"192.168.2.61", "bond1.2(IPv4)":"192.168.2.62", "bond1.476(IPv4)":"10.16.33.21", "bond1.3(IPv4)":"192.168.1.21", "bond1.3(IPv4)":"192.168.1.71", "bond1(IPv6)":"fe80::6c85:a1ff:fe0c:bdef", "bond1.2(IPv6)":"fe80::6c85:a1ff:fe0c:bdef", "bond1.476(IPv6)":"fe80::6c85:a1ff:fe0c:bdef", "bond1.3(IPv6)":"fe80::6c85:a1ff:fe0c:bdef"}, "Gateway": {"bond1.3(IPv4)":"192.168.1.203"}, "DNS": "192.168.1.203"}' ++ local 'rez={ "system_info":{"Static hostname":"ecss1", "Icon name":"computer-desktop", "Chassis":"desktop", "Machine ID":"ca2801daa7a5403794f89100bbc90106", "Boot ID":"08ff523af01344058bf03cbad2854872", "Operating System":"Ubuntu 18.04.6 LTS", "Kernel":"Linux 5.4.0-99-generic", "Architecture":"x86-64"}, "network_info":{"State": "routable", "Address": {"bond1.2(IPv4)":"192.168.2.21", "bond1.2(IPv4)":"192.168.2.61", "bond1.2(IPv4)":"192.168.2.62", "bond1.476(IPv4)":"10.16.33.21", "bond1.3(IPv4)":"192.168.1.21", "bond1.3(IPv4)":"192.168.1.71", "bond1(IPv6)":"fe80::6c85:a1ff:fe0c:bdef", "bond1.2(IPv6)":"fe80::6c85:a1ff:fe0c:bdef", "bond1.476(IPv6)":"fe80::6c85:a1ff:fe0c:bdef", "bond1.3(IPv6)":"fe80::6c85:a1ff:fe0c:bdef"}, "Gateway": {"bond1.3(IPv4)":"192.168.1.203"}, "DNS": "192.168.1.203"}, "ecss_info":{"version":"3.14.12.119","passport":{"ssw_id":"ECSS 010079","description":"Biysk Test","encoder_create_date":"03.10.2014 13:02:55","encoder_user":"ssw"},"licences":{"1":{"ssw_id":"ECSS 010079","active":"true","description":"Biysk Test","encoder_create_date":"21.12.2021 16:09:00","encoder_user":"ssw","expire_date":"01.01.2023 06:59:59"}}}}" }' ++ echo '{' '"system_info":{"Static' 'hostname":"ecss1",' '"Icon' 'name":"computer-desktop",' '"Chassis":"desktop",' '"Machine' 'ID":"ca2801daa7a5403794f89100bbc90106",' '"Boot' 'ID":"08ff523af01344058bf03cbad2854872",' '"Operating' 'System":"Ubuntu' 18.04.6 'LTS",' '"Kernel":"Linux' '5.4.0-99-generic",' '"Architecture":"x86-64"},' '"network_info":{"State":' '"routable",' '"Address":' '{"bond1.2(IPv4)":"192.168.2.21",' '"bond1.2(IPv4)":"192.168.2.61",' '"bond1.2(IPv4)":"192.168.2.62",' '"bond1.476(IPv4)":"10.16.33.21",' '"bond1.3(IPv4)":"192.168.1.21",' '"bond1.3(IPv4)":"192.168.1.71",' '"bond1(IPv6)":"fe80::6c85:a1ff:fe0c:bdef",' '"bond1.2(IPv6)":"fe80::6c85:a1ff:fe0c:bdef",' '"bond1.476(IPv6)":"fe80::6c85:a1ff:fe0c:bdef",' '"bond1.3(IPv6)":"fe80::6c85:a1ff:fe0c:bdef"},' '"Gateway":' '{"bond1.3(IPv4)":"192.168.1.203"},' '"DNS":' '"192.168.1.203"},' '"ecss_info":{"version":"3.14.12.119","passport":{"ssw_id":"ECSS' '010079","description":"Biysk' 'Test","encoder_create_date":"03.10.2014' '13:02:55","encoder_use++ sed -E -e 's@\s*([{}:"],?)\s*@\1@g' r":"ssw"},"licences":{"1":{"ssw_id":"ECSS' '010079","active":"true","description":"Biysk' 'Test","encoder_create_date":"21.12.2021' '16:09:00","encoder_user":"ssw","expire_date":"01.01.2023' '06:59:59"}}}}"' '}' ++ echo -n '/tmp/ecss-stash-20220711-111016/info/versions /tmp/ecss-stash-20220711-111016/info/sysinfo' + tar --absolute-names -p -czf /ecss-stash-full-20220711-111016.tar.gz /etc/ecss /var/lib/ecss/adaptation /var/lib/ecss/backups /var/lib/ecss/cp /var/lib/ecss/ecss-media-server /var/lib/ecss/eep /var/lib/ecss/modification /var/lib/ecss/mycelium /var/lib/ecss/oasys /var/lib/ecss/oasys.backup /var/lib/ecss/regime /var/lib/ecss/routing /var/lib/ecss/numbers /var/lib/ecss/snmp /var/lib/ecss/ecss-data.json /var/log/ecss /var/log/atop /var/log/syslog /var/log/syslog.1 /var/log/syslog.1.gz-2022020706.backup /var/log/syslog.2.gz /var/log/syslog.3.gz /var/log/syslog.4.gz /var/log/syslog.5.gz /var/log/syslog.6.gz /var/log/syslog.7.gz /tmp/ecss-stash-20220711-111016/stash_db.sql /tmp/ecss-stash-20220711-111016/info/versions /tmp/ecss-stash-20220711-111016/info/sysinfo + rm -rf /tmp/ecss-stash-20220711-111016 + echo 'create stashed file: /ecss-stash-full-20220711-111016.tar.gz' create stashed file: /ecss-stash-full-20220711-111016.tar.gz + echo done done + [[ '' == \t\r\u\e ]] + [[ '' == \t\r\u\e ]] + return + rm -rf /tmp/ecss-stash-20220711-111016
verbose
Данный аргумент является необязательным и используется в связке с другими аргументами. При его использовании в терминале отображается последовательность действий, выполняемых той или иной командой.
Пример:
sasha@ecss1:/$ sudo ecss-control verbose stash please enter root password for mysql db: Enter password: -- Connecting to localhost... -- Starting transaction... -- Setting savepoint... -- Retrieving table structure for table ecss_audit_commands... -- Sending SELECT query... -- Retrieving rows... ... /var/log/syslog.5.gz /var/log/syslog.6.gz /var/log/syslog.7.gz /tmp/ecss-stash-20220711-151809/stash_db.sql /tmp/ecss-stash-20220711-151809/info/versions /tmp/ecss-stash-20220711-151809/info/sysinfo removed '/tmp/ecss-stash-20220711-151809/info/sysinfo' removed '/tmp/ecss-stash-20220711-151809/info/versions' removed directory '/tmp/ecss-stash-20220711-151809/info' removed '/tmp/ecss-stash-20220711-151809/stash_db.sql' removed directory '/tmp/ecss-stash-20220711-151809' create stashed file: /ecss-stash-full-20220711-151809.tar.gz done
stash
Синтаксис:
stash [<OPTIONS>] [<DESTINATION DIRECTORY>] [--push [<PUSH OPTIONS>]] - make archive of current configuration and logs ecss10
Данный аргумент без параметров создает резервную копию конфигурации ECSS-10 вместе с логами(/var/log/ecss). При выполнении команды будет запрошен пароль root пользователя базы данных mysql, в которой хранится часть настроек ECSS-10.
Опции:
- --no-sql — не копировать базы MySQL
- --no-log — не копировать логи
- --no-config — не копировать конфигурацию
- --last-log — брать только последние логи;
Push options:
- --clear — удалить архив после успешной отправки;
- --files — все файлы или каталоги, указанные между этим и другим параметром, будут включены в отправку;
- --comment — описание проблемы;
Сохраняемые каталоги конфигурации:
/etc/ecss /var/lib/ecss/adaptation /var/lib/ecss/backups /var/lib/ecss/cp /var/lib/ecss/ecss-media-server /var/lib/ecss/eep /var/lib/ecss/modification /var/lib/ecss/mycelium /var/lib/ecss/oasys /var/lib/ecss/oasys.backup /var/lib/ecss/regime /var/lib/ecss/routing /var/lib/ecss/numbers /var/lib/ecss/snmp /var/lib/ecss/ecss-data.json
Сохраняемые каталоги логов
/var/log/ecss # always must be first, important for the clean-log command # всегда должен быть первым, важно для работы команды clean-log /var/log/atop /var/log/syslog*
Сохраняемые базы:
MYSQLDB=( ecss_audit ecss_subscribers ecss_dialer_db web_conf )
Кроме того, есть возможность задавать эти параметры через окружение:
- ECSS_STASH_BACKUP_CONFIGS — список файлов/каталогов с конфигурациями (должны быть указаны через пробел)
- ECSS_STASH_BACKUP_LOGS — список файлов/каталогов с логами (должны быть указаны через пробел)
- ECSS_STASH_BACKUP_MYSQLDB — список имен БД (должны быть указаны через пробел)
В дальнейшем при помощи созданного архива можно восстановить конфигурацию ECSS-10 при помощи команды Приложение Н. Описание утилиты ecss-control.
Примеры:
Сохранение конфигурации, логов и БД MySQL
sasha@ecss1:~$ sudo ecss-control stah [sudo] password for sasha: unknown args: stah sasha@ecss1:~$ sudo ecss-control stash please enter root password for mysql db: Enter password: stashing ECSS-10 ... create stashed file: /home/sasha/ecss-stash-full-20220719-145630.tar.gz done
Сохранение конфигурации и БД MySQL (без log-файлов)
sasha@ecss1:~$ sudo ecss-control stash --no-log please enter root password for mysql db: Enter password: stashing ECSS-10 ... create stashed file: /home/sasha/ecss-stash-no-log-20220719-145928.tar.gz done
rollback
Данный аргумент позволяет восстановить конфигурацию ECSS-10 из ранее созданного архива.
Синтаксис:
rollback|rb [--no-clean] [--no-stash] <DESTINATION FILE>
rollback работает следующим образом:
выполняется stash текущей конфигурации и логов, при этом парсится имя файла на наличие опций (можно пропустить опцией --no-stash)
выполняется clean с теми же опциями (можно пропустить опцией --no-clean)
выполняется rollback
Пример:
sasha@ecss1:~$ sudo ecss-control rollback ecss-stash-no-log-20220719-145928.tar.gz WARNING: Before rollback current configuration and logs will be stashed and then cleared Stash archive will be saved at /home/sasha please enter root password for mysql db: Enter password: stashing ECSS-10 ... create stashed file: /home/sasha/ecss-stash-no-log-20220719-150243.tar.gz done cleaning ECSS-10... done rollback configuration from ecss-stash-no-log-20220719-145928.tar.gz tar: Removing leading `/' from member names please enter root password for mysql db: Enter password: stashed file successfull rollbacked
detach
Использование данного аргумента позволяет вывести ноду из кластера. Это требуется для обновления обновления ПО на новую версию без перерыва в обслуживании, подробное описание данного процесса приведено в пункте Методика разделения (split) кластера. В результате выполнения команды будет заблокирован весь трафик между нодами за исключением SSH, keepalive/multicast, а в консоле будет вывод о том, от какой ноды было произведено отсоединение + ее IP адрес.
Пример:
sasha@ecss1:/$ sudo ecss-control detach detach host: ecss2, ip: 192.168.1.22 complete
attach
Аргумент возвращает ранее изолированную ноду в кластер и разблокирует весь трафик между ними, подробное описание данного процесса приведено в пункте Методика разделения (split) кластера. В выводе команды будет отображаться разблокированный IP адрес.
Пример:
sasha@ecss1:/$ sudo ecss-control attach unlock ip: 192.168.1.22, rules: 7 complete
status
Позволяет просмотреть статус ноды, находится ли она в кластере или же изолирована от него.
Пример:
sasha@ecss1:/$ sudo ecss-control status all nodes attached
clean
Команда с данным аргументом удаляет логи, сохраняя структуру каталогов, а также файлы конфигурации.
Файлы конфигурации удаляются из тех же каталогов, которые прописаны в /etc/ecss/ecss-control.conf.
Перед запуском команды с этим параметром нужно обязательно остановить все сервисы ecss на данном хосте!
Синтаксис:
clean [<OPTIONS>]
Опции:
--no-log — не удалять логи
--no-config — не удалять конфигурацию (аналогично log-clean)
Пример:
sasha@ecss1:/$ sudo ecss-control clean cleaning ECSS-10... Clean logs... find: cannot delete ‘/var/log/ecss/security/2021-10-week40-events.log.gz’: Operation not permitted find: cannot delete ‘/var/log/ecss/security/2022-01-week52-events.log.gz’: Operation not permitted find: cannot delete ‘/var/log/ecss/security/2021-10-week43-events.log.gz’: Operation not permitted find: cannot delete ‘/var/log/ecss/security/2022-01-week01-events.log.gz’: Operation not permitted find: cannot delete ‘/var/log/ecss/security/2022-02-week05-events.log.gz’: Operation not permitted find: cannot delete ‘/var/log/ecss/security/2021-09-week35-events.log.gz’: Operation not permitted find: cannot delete ‘/var/log/ecss/security/2022-01-week05-events.log.gz’: Operation not permitted find: cannot delete ‘/var/log/ecss/security/2021-08-week35-events.log.gz’: Operation not permitted find: cannot delete ‘/var/log/ecss/security/2021-12-week49-events.log.gz’: Operation not permitted find: cannot delete ‘/var/log/ecss/security/2021-09-week39-events.log.gz’: Operation not permitted find: cannot delete ‘/var/log/ecss/security/2021-12-week50-events.log.gz’: Operation not permitted find: cannot delete ‘/var/log/ecss/security/2021-10-week39-events.log.gz’: Operation not permitted find: cannot delete ‘/var/log/ecss/security/2022-02-week08-events.log.gz’: Operation not permitted find: cannot delete ‘/var/log/ecss/security/2022-02-week07-events.log.gz’: Operation not permitted find: cannot delete ‘/var/log/ecss/security/2021-11-week45-events.log.gz’: Operation not permitted find: cannot delete ‘/var/log/ecss/security/2021-10-week42-events.log.gz’: Operation not permitted find: cannot delete ‘/var/log/ecss/security/2022-01-week03-events.log.gz’: Operation not permitted find: cannot delete ‘/var/log/ecss/security/2021-09-week38-events.log.gz’: Operation not permitted find: cannot delete ‘/var/log/ecss/security/2021-12-week52-events.log.gz’: Operation not permitted find: cannot delete ‘/var/log/ecss/security/2022-01-week04-events.log.gz’: Operation not permitted find: cannot delete ‘/var/log/ecss/security/2021-09-week37-events.log.gz’: Operation not permitted find: cannot delete ‘/var/log/ecss/security/2021-11-week47-events.log.gz’: Operation not permitted
log-clean
Команда с данным аргументом удаляет файлы логов из каталога /var/log/ecss/
Синтаксис:
ecss-conrol log-clean|lc
Пример:
sasha@ecss1:~/ssw1_3.14$ sudo ecss-control debug log-clean + export DEBUG=true + DEBUG=true + shift + [[ -n log-clean ]] + CMD=log-clean + case "${CMD,,}" in + sudo-test ++ id -u root + [[ 0 -ne 0 ]] + clean-log + local ecss_log=/var/log/ecss + echo 'Clean logs...' Clean logs... + find /var/log/ecss -name '*.log' -type f -exec truncate -s0 '{}' ';' + find /var/log/ecss -not -name '*.log' -type f -delete
Если во время выполнения команды сервисы ecss были запущены, нужно перезапустить сервис ecss-web-conf, чтобы создались новые файлы логов.
sudo systemctl restart ecss-web-conf.service
Другие подсистемы перезапускать не нужно.