b91a1a09cb
When converting a HA control plane to TLS-e, 1) the bootstrap node tells pacemaker to restart all redis instances to take into account the new TLS-e config; 2) a new container redis_tls_proxy is started on every controller to encapsulate redis traffic in TLS tunnels. This happens during step 2. Redis servers have to be restarted everywhere for redis_tls_proxy to be able to start tunnels properly. Since we can't guarantee that across several nodes during the same step, tweak the startup of redis_tls_proxy instead; make sure to only create the tunnels once the targeted host:port can be bound (i.e. redis was restarted). Change-Id: I70560f80775dacddd82262e8079c13f86b0eb0e6 Closes-Bug: #1883096
19 lines
351 B
Bash
Executable File
19 lines
351 B
Bash
Executable File
#!/bin/bash
|
|
set -eu
|
|
|
|
HOST=$1
|
|
PORT=$2
|
|
|
|
echo "$(date -u): Checking whether we can bind to ${HOST}:${PORT}"
|
|
while (ss -Htnl src "${HOST}" "sport = :${PORT}" | grep -wq "${PORT}"); do
|
|
echo "$(date -u): ${HOST}:${PORT} still in use, waiting...";
|
|
sleep 10;
|
|
done
|
|
|
|
shift 2
|
|
COMMAND="$*"
|
|
if [ -z "${COMMAND}" ]; then
|
|
COMMAND="true"
|
|
fi
|
|
exec $COMMAND
|