locking.py 40.3 KB
Newer Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
#
#

# Copyright (C) 2006, 2007 Google Inc.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
# General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
# 02110-1301, USA.

"""Module implementing the Ganeti locking code."""

23
24
25
26
# pylint: disable-msg=W0212

# W0212 since e.g. LockSet methods use (a lot) the internals of
# SharedLock
27

28
29
import os
import select
30
import threading
31
32
import time
import errno
33

34
from ganeti import errors
35
from ganeti import utils
36
from ganeti import compat
37
38


39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
def ssynchronized(lock, shared=0):
  """Shared Synchronization decorator.

  Calls the function holding the given lock, either in exclusive or shared
  mode. It requires the passed lock to be a SharedLock (or support its
  semantics).

  """
  def wrap(fn):
    def sync_function(*args, **kwargs):
      lock.acquire(shared=shared)
      try:
        return fn(*args, **kwargs)
      finally:
        lock.release()
    return sync_function
  return wrap


58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
class RunningTimeout(object):
  """Class to calculate remaining timeout when doing several operations.

  """
  __slots__ = [
    "_allow_negative",
    "_start_time",
    "_time_fn",
    "_timeout",
    ]

  def __init__(self, timeout, allow_negative, _time_fn=time.time):
    """Initializes this class.

    @type timeout: float
    @param timeout: Timeout duration
    @type allow_negative: bool
    @param allow_negative: Whether to return values below zero
    @param _time_fn: Time function for unittests

    """
    object.__init__(self)

    if timeout is not None and timeout < 0.0:
      raise ValueError("Timeout must not be negative")

    self._timeout = timeout
    self._allow_negative = allow_negative
    self._time_fn = _time_fn

    self._start_time = None

  def Remaining(self):
    """Returns the remaining timeout.

    """
    if self._timeout is None:
      return None

    # Get start time on first calculation
    if self._start_time is None:
      self._start_time = self._time_fn()

    # Calculate remaining time
    remaining_timeout = self._start_time + self._timeout - self._time_fn()

    if not self._allow_negative:
      # Ensure timeout is always >= 0
      return max(0.0, remaining_timeout)

    return remaining_timeout


111
112
class _SingleNotifyPipeConditionWaiter(object):
  """Helper class for SingleNotifyPipeCondition
113
114
115
116
117
118
119

  """
  __slots__ = [
    "_fd",
    "_poller",
    ]

120
121
  def __init__(self, poller, fd):
    """Constructor for _SingleNotifyPipeConditionWaiter
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139

    @type poller: select.poll
    @param poller: Poller object
    @type fd: int
    @param fd: File descriptor to wait for

    """
    object.__init__(self)
    self._poller = poller
    self._fd = fd

  def __call__(self, timeout):
    """Wait for something to happen on the pipe.

    @type timeout: float or None
    @param timeout: Timeout for waiting (can be None)

    """
140
141
142
143
144
    running_timeout = RunningTimeout(timeout, True)

    while True:
      remaining_time = running_timeout.Remaining()

145
146
147
      if remaining_time is not None:
        if remaining_time < 0.0:
          break
148

149
        # Our calculation uses seconds, poll() wants milliseconds
150
        remaining_time *= 1000
151
152
153
154
155
156
157
158
159
160
161
162
163

      try:
        result = self._poller.poll(remaining_time)
      except EnvironmentError, err:
        if err.errno != errno.EINTR:
          raise
        result = None

      # Check whether we were notified
      if result and result[0][0] == self._fd:
        break


164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
class _BaseCondition(object):
  """Base class containing common code for conditions.

  Some of this code is taken from python's threading module.

  """
  __slots__ = [
    "_lock",
    "acquire",
    "release",
    ]

  def __init__(self, lock):
    """Constructor for _BaseCondition.

179
    @type lock: threading.Lock
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
    @param lock: condition base lock

    """
    object.__init__(self)

    # Recursive locks are not supported
    assert not hasattr(lock, "_acquire_restore")
    assert not hasattr(lock, "_release_save")

    self._lock = lock

    # Export the lock's acquire() and release() methods
    self.acquire = lock.acquire
    self.release = lock.release

  def _is_owned(self):
    """Check whether lock is owned by current thread.

    """
    if self._lock.acquire(0):
      self._lock.release()
      return False

    return True

  def _check_owned(self):
    """Raise an exception if the current thread doesn't own the lock.

    """
    if not self._is_owned():
      raise RuntimeError("cannot work with un-aquired lock")


213
214
class SingleNotifyPipeCondition(_BaseCondition):
  """Condition which can only be notified once.
215

216
217
218
219
220
  This condition class uses pipes and poll, internally, to be able to wait for
  notification with a timeout, without resorting to polling. It is almost
  compatible with Python's threading.Condition, with the following differences:
    - notifyAll can only be called once, and no wait can happen after that
    - notify is not supported, only notifyAll
221
222

  """
223

Balazs Lecz's avatar
Balazs Lecz committed
224
  __slots__ = [
225
226
227
228
    "_poller",
    "_read_fd",
    "_write_fd",
    "_nwaiters",
229
    "_notified",
230
231
    ]

232
  _waiter_class = _SingleNotifyPipeConditionWaiter
233

234
235
  def __init__(self, lock):
    """Constructor for SingleNotifyPipeCondition
236
237

    """
238
    _BaseCondition.__init__(self, lock)
239
    self._nwaiters = 0
240
241
242
243
    self._notified = False
    self._read_fd = None
    self._write_fd = None
    self._poller = None
244

245
  def _check_unnotified(self):
246
247
248
    """Throws an exception if already notified.

    """
249
250
    if self._notified:
      raise RuntimeError("cannot use already notified condition")
251

252
253
  def _Cleanup(self):
    """Cleanup open file descriptors, if any.
254
255

    """
256
257
258
    if self._read_fd is not None:
      os.close(self._read_fd)
      self._read_fd = None
259

260
261
262
263
    if self._write_fd is not None:
      os.close(self._write_fd)
      self._write_fd = None
    self._poller = None
264

265
266
  def wait(self, timeout=None):
    """Wait for a notification.
267

268
269
    @type timeout: float or None
    @param timeout: Waiting timeout (can be None)
270
271

    """
272
273
    self._check_owned()
    self._check_unnotified()
274

275
276
277
278
279
280
    self._nwaiters += 1
    try:
      if self._poller is None:
        (self._read_fd, self._write_fd) = os.pipe()
        self._poller = select.poll()
        self._poller.register(self._read_fd, select.POLLHUP)
281

282
283
284
285
286
287
288
289
290
291
292
293
      wait_fn = self._waiter_class(self._poller, self._read_fd)
      self.release()
      try:
        # Wait for notification
        wait_fn(timeout)
      finally:
        # Re-acquire lock
        self.acquire()
    finally:
      self._nwaiters -= 1
      if self._nwaiters == 0:
        self._Cleanup()
294

Iustin Pop's avatar
Iustin Pop committed
295
  def notifyAll(self): # pylint: disable-msg=C0103
296
297
298
    """Close the writing side of the pipe to notify all waiters.

    """
299
300
301
    self._check_owned()
    self._check_unnotified()
    self._notified = True
302
303
304
305
306
    if self._write_fd is not None:
      os.close(self._write_fd)
      self._write_fd = None


307
class PipeCondition(_BaseCondition):
Michael Hanselmann's avatar
Michael Hanselmann committed
308
309
310
311
312
313
314
315
316
  """Group-only non-polling condition with counters.

  This condition class uses pipes and poll, internally, to be able to wait for
  notification with a timeout, without resorting to polling. It is almost
  compatible with Python's threading.Condition, but only supports notifyAll and
  non-recursive locks. As an additional features it's able to report whether
  there are any waiting threads.

  """
Balazs Lecz's avatar
Balazs Lecz committed
317
  __slots__ = [
Michael Hanselmann's avatar
Michael Hanselmann committed
318
    "_nwaiters",
319
    "_single_condition",
Michael Hanselmann's avatar
Michael Hanselmann committed
320
321
    ]

322
  _single_condition_class = SingleNotifyPipeCondition
Michael Hanselmann's avatar
Michael Hanselmann committed
323
324
325
326
327

  def __init__(self, lock):
    """Initializes this class.

    """
328
    _BaseCondition.__init__(self, lock)
Michael Hanselmann's avatar
Michael Hanselmann committed
329
    self._nwaiters = 0
330
    self._single_condition = self._single_condition_class(self._lock)
Michael Hanselmann's avatar
Michael Hanselmann committed
331
332
333
334
335
336
337
338
339
340
341
342

  def wait(self, timeout=None):
    """Wait for a notification.

    @type timeout: float or None
    @param timeout: Waiting timeout (can be None)

    """
    self._check_owned()

    # Keep local reference to the pipe. It could be replaced by another thread
    # notifying while we're waiting.
343
    my_condition = self._single_condition
Michael Hanselmann's avatar
Michael Hanselmann committed
344
345
346
347

    assert self._nwaiters >= 0
    self._nwaiters += 1
    try:
348
      my_condition.wait(timeout)
Michael Hanselmann's avatar
Michael Hanselmann committed
349
350
351
352
    finally:
      assert self._nwaiters > 0
      self._nwaiters -= 1

Iustin Pop's avatar
Iustin Pop committed
353
  def notifyAll(self): # pylint: disable-msg=C0103
Michael Hanselmann's avatar
Michael Hanselmann committed
354
355
356
357
    """Notify all currently waiting threads.

    """
    self._check_owned()
358
359
    self._single_condition.notifyAll()
    self._single_condition = self._single_condition_class(self._lock)
Michael Hanselmann's avatar
Michael Hanselmann committed
360
361
362
363
364
365
366
367
368
369

  def has_waiting(self):
    """Returns whether there are active waiters.

    """
    self._check_owned()

    return bool(self._nwaiters)


370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
class _CountingCondition(object):
  """Wrapper for Python's built-in threading.Condition class.

  This wrapper keeps a count of active waiters. We can't access the internal
  "__waiters" attribute of threading.Condition because it's not thread-safe.

  """
  __slots__ = [
    "_cond",
    "_nwaiters",
    ]

  def __init__(self, lock):
    """Initializes this class.

    """
    object.__init__(self)
    self._cond = threading.Condition(lock=lock)
    self._nwaiters = 0

Iustin Pop's avatar
Iustin Pop committed
390
  def notifyAll(self): # pylint: disable-msg=C0103
391
392
393
394
395
396
397
398
399
    """Notifies the condition.

    """
    return self._cond.notifyAll()

  def wait(self, timeout=None):
    """Waits for the condition to be notified.

    @type timeout: float or None
400
    @param timeout: Waiting timeout (can be None)
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418

    """
    assert self._nwaiters >= 0

    self._nwaiters += 1
    try:
      return self._cond.wait(timeout=timeout)
    finally:
      self._nwaiters -= 1

  def has_waiting(self):
    """Returns whether there are active waiters.

    """
    return bool(self._nwaiters)


class SharedLock(object):
419
420
421
422
423
424
425
426
427
428
429
  """Implements a shared lock.

  Multiple threads can acquire the lock in a shared way, calling
  acquire_shared().  In order to acquire the lock in an exclusive way threads
  can call acquire_exclusive().

  The lock prevents starvation but does not guarantee that threads will acquire
  the shared lock in the order they queued for it, just that they will
  eventually do so.

  """
430
431
432
433
434
435
436
437
438
439
  __slots__ = [
    "__active_shr_c",
    "__inactive_shr_c",
    "__deleted",
    "__exc",
    "__lock",
    "__pending",
    "__shr",
    ]

440
  __condition_class = PipeCondition
441

442
  def __init__(self):
443
444
445
446
447
448
    """Construct a new SharedLock.

    """
    object.__init__(self)

    # Internal lock
449
450
    self.__lock = threading.Lock()

451
452
453
454
455
456
457
458
    # Queue containing waiting acquires
    self.__pending = []

    # Active and inactive conditions for shared locks
    self.__active_shr_c = self.__condition_class(self.__lock)
    self.__inactive_shr_c = self.__condition_class(self.__lock)

    # Current lock holders
459
460
461
    self.__shr = set()
    self.__exc = None

462
463
464
    # is this lock in the deleted state?
    self.__deleted = False

465
466
467
468
469
470
471
  def __check_deleted(self):
    """Raises an exception if the lock has been deleted.

    """
    if self.__deleted:
      raise errors.LockError("Deleted lock")

472
  def __is_sharer(self):
473
474
475
    """Is the current thread sharing the lock at this time?

    """
476
477
478
    return threading.currentThread() in self.__shr

  def __is_exclusive(self):
479
480
481
    """Is the current thread holding the lock exclusively at this time?

    """
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
    return threading.currentThread() == self.__exc

  def __is_owned(self, shared=-1):
    """Is the current thread somehow owning the lock at this time?

    This is a private version of the function, which presumes you're holding
    the internal lock.

    """
    if shared < 0:
      return self.__is_sharer() or self.__is_exclusive()
    elif shared:
      return self.__is_sharer()
    else:
      return self.__is_exclusive()

  def _is_owned(self, shared=-1):
    """Is the current thread somehow owning the lock at this time?

Iustin Pop's avatar
Iustin Pop committed
501
502
503
504
    @param shared:
        - < 0: check for any type of ownership (default)
        - 0: check for exclusive ownership
        - > 0: check for shared ownership
505
506
507
508

    """
    self.__lock.acquire()
    try:
509
      return self.__is_owned(shared=shared)
510
511
512
    finally:
      self.__lock.release()

513
514
  def _count_pending(self):
    """Returns the number of pending acquires.
515

516
    @rtype: int
517
518

    """
519
520
521
522
523
    self.__lock.acquire()
    try:
      return len(self.__pending)
    finally:
      self.__lock.release()
524

525
526
527
528
529
530
531
532
  def __do_acquire(self, shared):
    """Actually acquire the lock.

    """
    if shared:
      self.__shr.add(threading.currentThread())
    else:
      self.__exc = threading.currentThread()
533

534
535
  def __can_acquire(self, shared):
    """Determine whether lock can be acquired.
536
537

    """
538
539
540
541
    if shared:
      return self.__exc is None
    else:
      return len(self.__shr) == 0 and self.__exc is None
542

543
544
  def __is_on_top(self, cond):
    """Checks whether the passed condition is on top of the queue.
545

546
    The caller must make sure the queue isn't empty.
547

548
549
    """
    return self.__pending[0] == cond
Guido Trotter's avatar
Guido Trotter committed
550

551
  def __acquire_unlocked(self, shared, timeout):
552
    """Acquire a shared lock.
553

554
555
556
    @param shared: whether to acquire in shared mode; by default an
        exclusive lock will be acquired
    @param timeout: maximum waiting time before giving up
557
558

    """
559
    self.__check_deleted()
560

561
562
563
564
565
566
567
568
    # We cannot acquire the lock if we already have it
    assert not self.__is_owned(), "double acquire() on a non-recursive lock"

    # Check whether someone else holds the lock or there are pending acquires.
    if not self.__pending and self.__can_acquire(shared):
      # Apparently not, can acquire lock directly.
      self.__do_acquire(shared)
      return True
569

570
571
    if shared:
      wait_condition = self.__active_shr_c
572

573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
      # Check if we're not yet in the queue
      if wait_condition not in self.__pending:
        self.__pending.append(wait_condition)
    else:
      wait_condition = self.__condition_class(self.__lock)
      # Always add to queue
      self.__pending.append(wait_condition)

    try:
      # Wait until we become the topmost acquire in the queue or the timeout
      # expires.
      while not (self.__is_on_top(wait_condition) and
                 self.__can_acquire(shared)):
        # Wait for notification
        wait_condition.wait(timeout)
        self.__check_deleted()

        # A lot of code assumes blocking acquires always succeed. Loop
        # internally for that case.
        if timeout is not None:
          break

      if self.__is_on_top(wait_condition) and self.__can_acquire(shared):
        self.__do_acquire(shared)
        return True
598
    finally:
599
600
601
      # Remove condition from queue if there are no more waiters
      if not wait_condition.has_waiting() and not self.__deleted:
        self.__pending.remove(wait_condition)
602

603
    return False
604

605
  def acquire(self, shared=0, timeout=None, test_notify=None):
606
607
    """Acquire a shared lock.

608
    @type shared: integer (0/1) used as a boolean
Iustin Pop's avatar
Iustin Pop committed
609
610
    @param shared: whether to acquire in shared mode; by default an
        exclusive lock will be acquired
611
612
    @type timeout: float
    @param timeout: maximum waiting time before giving up
613
614
    @type test_notify: callable or None
    @param test_notify: Special callback function for unittesting
615
616
617
618

    """
    self.__lock.acquire()
    try:
619
620
621
622
      # We already got the lock, notify now
      if __debug__ and callable(test_notify):
        test_notify()

623
      return self.__acquire_unlocked(shared, timeout)
624
625
626
627
628
629
630
631
632
633
634
635
    finally:
      self.__lock.release()

  def release(self):
    """Release a Shared Lock.

    You must have acquired the lock, either in shared or in exclusive mode,
    before calling this function.

    """
    self.__lock.acquire()
    try:
636
637
638
      assert self.__is_exclusive() or self.__is_sharer(), \
        "Cannot release non-owned lock"

639
640
641
      # Autodetect release type
      if self.__is_exclusive():
        self.__exc = None
642
      else:
643
644
        self.__shr.remove(threading.currentThread())

645
646
647
648
      # Notify topmost condition in queue
      if self.__pending:
        first_condition = self.__pending[0]
        first_condition.notifyAll()
Guido Trotter's avatar
Guido Trotter committed
649

650
651
652
        if first_condition == self.__active_shr_c:
          self.__active_shr_c = self.__inactive_shr_c
          self.__inactive_shr_c = first_condition
653
654
655
656

    finally:
      self.__lock.release()

657
  def delete(self, timeout=None):
658
659
660
661
662
663
    """Delete a Shared Lock.

    This operation will declare the lock for removal. First the lock will be
    acquired in exclusive mode if you don't already own it, then the lock
    will be put in a state where any future and pending acquire() fail.

664
665
    @type timeout: float
    @param timeout: maximum waiting time before giving up
666
667
668
669

    """
    self.__lock.acquire()
    try:
670
671
672
      assert not self.__is_sharer(), "Cannot delete() a lock while sharing it"

      self.__check_deleted()
673

674
675
      # The caller is allowed to hold the lock exclusively already.
      acquired = self.__is_exclusive()
676

677
      if not acquired:
678
679
680
681
        acquired = self.__acquire_unlocked(0, timeout)

        assert self.__is_exclusive() and not self.__is_sharer(), \
          "Lock wasn't acquired in exclusive mode"
682
683
684
685

      if acquired:
        self.__deleted = True
        self.__exc = None
686

687
688
689
        # Notify all acquires. They'll throw an error.
        while self.__pending:
          self.__pending.pop().notifyAll()
690

691
      return acquired
692
693
694
    finally:
      self.__lock.release()

695

696
# Whenever we want to acquire a full LockSet we pass None as the value
Michael Hanselmann's avatar
Michael Hanselmann committed
697
# to acquire.  Hide this behind this nicely named constant.
698
699
700
ALL_SET = None


701
702
703
704
705
706
class _AcquireTimeout(Exception):
  """Internal exception to abort an acquire on a timeout.

  """


707
708
709
710
711
712
713
714
715
716
717
718
719
720
class LockSet:
  """Implements a set of locks.

  This abstraction implements a set of shared locks for the same resource type,
  distinguished by name. The user can lock a subset of the resources and the
  LockSet will take care of acquiring the locks always in the same order, thus
  preventing deadlock.

  All the locks needed in the same set must be acquired together, though.

  """
  def __init__(self, members=None):
    """Constructs a new LockSet.

721
    @type members: list of strings
Iustin Pop's avatar
Iustin Pop committed
722
    @param members: initial members of the set
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748

    """
    # Used internally to guarantee coherency.
    self.__lock = SharedLock()

    # The lockdict indexes the relationship name -> lock
    # The order-of-locking is implied by the alphabetical order of names
    self.__lockdict = {}

    if members is not None:
      for name in members:
        self.__lockdict[name] = SharedLock()

    # The owner dict contains the set of locks each thread owns. For
    # performance each thread can access its own key without a global lock on
    # this structure. It is paramount though that *no* other type of access is
    # done to this structure (eg. no looping over its keys). *_owner helper
    # function are defined to guarantee access is correct, but in general never
    # do anything different than __owners[threading.currentThread()], or there
    # will be trouble.
    self.__owners = {}

  def _is_owned(self):
    """Is the current thread a current level owner?"""
    return threading.currentThread() in self.__owners

Guido Trotter's avatar
Guido Trotter committed
749
  def _add_owned(self, name=None):
750
    """Note the current thread owns the given lock"""
Guido Trotter's avatar
Guido Trotter committed
751
752
753
    if name is None:
      if not self._is_owned():
        self.__owners[threading.currentThread()] = set()
754
    else:
Guido Trotter's avatar
Guido Trotter committed
755
756
757
758
759
760
      if self._is_owned():
        self.__owners[threading.currentThread()].add(name)
      else:
        self.__owners[threading.currentThread()] = set([name])

  def _del_owned(self, name=None):
761
762
    """Note the current thread owns the given lock"""

763
764
765
    assert not (name is None and self.__lock._is_owned()), \
           "Cannot hold internal lock when deleting owner status"

Guido Trotter's avatar
Guido Trotter committed
766
767
768
769
770
771
    if name is not None:
      self.__owners[threading.currentThread()].remove(name)

    # Only remove the key if we don't hold the set-lock as well
    if (not self.__lock._is_owned() and
        not self.__owners[threading.currentThread()]):
772
773
774
775
776
777
778
779
780
      del self.__owners[threading.currentThread()]

  def _list_owned(self):
    """Get the set of resource names owned by the current thread"""
    if self._is_owned():
      return self.__owners[threading.currentThread()].copy()
    else:
      return set()

781
782
783
  def _release_and_delete_owned(self):
    """Release and delete all resources owned by the current thread"""
    for lname in self._list_owned():
784
785
786
      lock = self.__lockdict[lname]
      if lock._is_owned():
        lock.release()
787
788
      self._del_owned(name=lname)

789
790
791
792
793
794
795
  def __names(self):
    """Return the current set of names.

    Only call this function while holding __lock and don't iterate on the
    result after releasing the lock.

    """
796
    return self.__lockdict.keys()
797
798
799
800
801

  def _names(self):
    """Return a copy of the current set of elements.

    Used only for debugging purposes.
802

803
    """
804
805
806
807
808
809
    # If we don't already own the set-level lock acquired
    # we'll get it and note we need to release it later.
    release_lock = False
    if not self.__lock._is_owned():
      release_lock = True
      self.__lock.acquire(shared=1)
810
811
812
    try:
      result = self.__names()
    finally:
813
814
      if release_lock:
        self.__lock.release()
815
    return set(result)
816

817
  def acquire(self, names, timeout=None, shared=0, test_notify=None):
818
819
    """Acquire a set of resource locks.

820
    @type names: list of strings (or string)
Iustin Pop's avatar
Iustin Pop committed
821
822
    @param names: the names of the locks which shall be acquired
        (special lock names, or instance/node names)
823
    @type shared: integer (0/1) used as a boolean
Iustin Pop's avatar
Iustin Pop committed
824
825
    @param shared: whether to acquire in shared mode; by default an
        exclusive lock will be acquired
826
    @type timeout: float or None
827
    @param timeout: Maximum time to acquire all locks
828
829
    @type test_notify: callable or None
    @param test_notify: Special callback function for unittesting
830

831
    @return: Set of all locks successfully acquired or None in case of timeout
832

Iustin Pop's avatar
Iustin Pop committed
833
834
835
    @raise errors.LockError: when any lock we try to acquire has
        been deleted before we succeed. In this case none of the
        locks requested will be acquired.
836
837

    """
838
    assert timeout is None or timeout >= 0.0
839
840
841
842

    # Check we don't already own locks at this level
    assert not self._is_owned(), "Cannot acquire locks in the same set twice"

843
844
    # We need to keep track of how long we spent waiting for a lock. The
    # timeout passed to this function is over all lock acquires.
845
    running_timeout = RunningTimeout(timeout, False)
846

847
    try:
848
      if names is not None:
849
850
851
852
        # Support passing in a single resource to acquire rather than many
        if isinstance(names, basestring):
          names = [names]

853
        return self.__acquire_inner(names, False, shared,
854
                                    running_timeout.Remaining, test_notify)
855
856
857
858
859
860
861
862
863
864
865
866

      else:
        # If no names are given acquire the whole set by not letting new names
        # being added before we release, and getting the current list of names.
        # Some of them may then be deleted later, but we'll cope with this.
        #
        # We'd like to acquire this lock in a shared way, as it's nice if
        # everybody else can use the instances at the same time. If are
        # acquiring them exclusively though they won't be able to do this
        # anyway, though, so we'll get the list lock exclusively as well in
        # order to be able to do add() on the set while owning it.
        if not self.__lock.acquire(shared=shared,
867
                                   timeout=running_timeout.Remaining()):
868
869
870
871
872
873
          raise _AcquireTimeout()
        try:
          # note we own the set-lock
          self._add_owned()

          return self.__acquire_inner(self.__names(), True, shared,
874
                                      running_timeout.Remaining, test_notify)
875
876
877
878
        except:
          # We shouldn't have problems adding the lock to the owners list, but
          # if we did we'll try to release this lock and re-raise exception.
          # Of course something is going to be really wrong, after this.
879
          self.__lock.release()
880
881
          self._del_owned()
          raise
882
883
884

    except _AcquireTimeout:
      return None
885

886
  def __acquire_inner(self, names, want_all, shared, timeout_fn, test_notify):
887
888
889
890
891
892
893
    """Inner logic for acquiring a number of locks.

    @param names: Names of the locks to be acquired
    @param want_all: Whether all locks in the set should be acquired
    @param shared: Whether to acquire in shared mode
    @param timeout_fn: Function returning remaining timeout
    @param test_notify: Special callback function for unittesting
894
895
896
897
898
899

    """
    acquire_list = []

    # First we look the locks up on __lockdict. We have no way of being sure
    # they will still be there after, but this makes it a lot faster should
900
901
902
    # just one of them be the already wrong. Using a sorted sequence to prevent
    # deadlocks.
    for lname in sorted(utils.UniqueSequence(names)):
903
904
905
906
907
908
909
910
911
912
      try:
        lock = self.__lockdict[lname] # raises KeyError if lock is not there
      except KeyError:
        if want_all:
          # We are acquiring all the set, it doesn't matter if this particular
          # element is not there anymore.
          continue

        raise errors.LockError("Non-existing lock in set (%s)" % lname)

913
914
      acquire_list.append((lname, lock))

915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
    # This will hold the locknames we effectively acquired.
    acquired = set()

    try:
      # Now acquire_list contains a sorted list of resources and locks we
      # want.  In order to get them we loop on this (private) list and
      # acquire() them.  We gave no real guarantee they will still exist till
      # this is done but .acquire() itself is safe and will alert us if the
      # lock gets deleted.
      for (lname, lock) in acquire_list:
        if __debug__ and callable(test_notify):
          test_notify_fn = lambda: test_notify(lname)
        else:
          test_notify_fn = None

        timeout = timeout_fn()

        try:
          # raises LockError if the lock was deleted
          acq_success = lock.acquire(shared=shared, timeout=timeout,
                                     test_notify=test_notify_fn)
        except errors.LockError:
          if want_all:
            # We are acquiring all the set, it doesn't matter if this
            # particular element is not there anymore.
            continue

          raise errors.LockError("Non-existing lock in set (%s)" % lname)

        if not acq_success:
          # Couldn't get lock or timeout occurred
          if timeout is None:
            # This shouldn't happen as SharedLock.acquire(timeout=None) is
            # blocking.
            raise errors.LockError("Failed to get lock %s" % lname)

          raise _AcquireTimeout()

        try:
          # now the lock cannot be deleted, we have it!
          self._add_owned(name=lname)
          acquired.add(lname)

        except:
          # We shouldn't have problems adding the lock to the owners list, but
          # if we did we'll try to release this lock and re-raise exception.
          # Of course something is going to be really wrong after this.
          if lock._is_owned():
            lock.release()
          raise

    except:
      # Release all owned locks
      self._release_and_delete_owned()
      raise

971
    return acquired
972
973
974
975
976
977
978

  def release(self, names=None):
    """Release a set of resource locks, at the same level.

    You must have acquired the locks, either in shared or in exclusive mode,
    before releasing them.

979
    @type names: list of strings, or None
Iustin Pop's avatar
Iustin Pop committed
980
981
    @param names: the names of the locks which shall be released
        (defaults to all the locks acquired at that level).
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997

    """
    assert self._is_owned(), "release() on lock set while not owner"

    # Support passing in a single resource to release rather than many
    if isinstance(names, basestring):
      names = [names]

    if names is None:
      names = self._list_owned()
    else:
      names = set(names)
      assert self._list_owned().issuperset(names), (
               "release() on unheld resources %s" %
               names.difference(self._list_owned()))

998
999
1000
1001
    # First of all let's release the "all elements" lock, if set.
    # After this 'add' can work again
    if self.__lock._is_owned():
      self.__lock.release()
Guido Trotter's avatar
Guido Trotter committed
1002
      self._del_owned()
1003

1004
1005
1006
1007
    for lockname in names:
      # If we are sure the lock doesn't leave __lockdict without being
      # exclusively held we can do this...
      self.__lockdict[lockname].release()
Guido Trotter's avatar
Guido Trotter committed
1008
      self._del_owned(name=lockname)
1009
1010
1011
1012

  def add(self, names, acquired=0, shared=0):
    """Add a new set of elements to the set

1013
    @type names: list of strings
Iustin Pop's avatar
Iustin Pop committed
1014
    @param names: names of the new elements to add
1015
    @type acquired: integer (0/1) used as a boolean
Iustin Pop's avatar
Iustin Pop committed
1016
    @param acquired: pre-acquire the new resource?
1017
    @type shared: integer (0/1) used as a boolean
Iustin Pop's avatar
Iustin Pop committed
1018
    @param shared: is the pre-acquisition shared?
1019
1020

    """
1021
1022
1023
    # Check we don't already own locks at this level
    assert not self._is_owned() or self.__lock._is_owned(shared=0), \
      "Cannot add locks if the set is only partially owned, or shared"
1024

1025
1026
1027
1028
    # Support passing in a single resource to add rather than many
    if isinstance(names, basestring):
      names = [names]

1029
    # If we don't already own the set-level lock acquired in an exclusive way
1030
1031
1032
1033
1034
1035
    # we'll get it and note we need to release it later.
    release_lock = False
    if not self.__lock._is_owned():
      release_lock = True
      self.__lock.acquire()

1036
    try:
1037
      invalid_names = set(self.__names()).intersection(names)
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
      if invalid_names:
        # This must be an explicit raise, not an assert, because assert is
        # turned off when using optimization, and this can happen because of
        # concurrency even if the user doesn't want it.
        raise errors.LockError("duplicate add() (%s)" % invalid_names)

      for lockname in names:
        lock = SharedLock()

        if acquired:
          lock.acquire(shared=shared)
          # now the lock cannot be deleted, we have it!
          try:
Guido Trotter's avatar
Guido Trotter committed
1051
            self._add_owned(name=lockname)
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
          except:
            # We shouldn't have problems adding the lock to the owners list,
            # but if we did we'll try to release this lock and re-raise
            # exception.  Of course something is going to be really wrong,
            # after this.  On the other hand the lock hasn't been added to the
            # __lockdict yet so no other threads should be pending on it. This
            # release is just a safety measure.
            lock.release()
            raise

        self.__lockdict[lockname] = lock

    finally:
1065
1066
1067
      # Only release __lock if we were not holding it previously.
      if release_lock:
        self.__lock.release()
1068
1069
1070

    return True

1071
  def remove(self, names):
1072
1073
1074
1075
1076
    """Remove elements from the lock set.

    You can either not hold anything in the lockset or already hold a superset
    of the elements you want to delete, exclusively.

1077
    @type names: list of strings
Iustin Pop's avatar
Iustin Pop committed
1078
    @param names: names of the resource to remove.
1079

1080
    @return: a list of locks which we removed; the list is always
Iustin Pop's avatar
Iustin Pop committed
1081
1082
        equal to the names list if we were holding all the locks
        exclusively
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094

    """
    # Support passing in a single resource to remove rather than many
    if isinstance(names, basestring):
      names = [names]

    # If we own any subset of this lock it must be a superset of what we want
    # to delete. The ownership must also be exclusive, but that will be checked
    # by the lock itself.
    assert not self._is_owned() or self._list_owned().issuperset(names), (
      "remove() on acquired lockset while not owning all elements")

Guido Trotter's avatar
Guido Trotter committed
1095
    removed = []
1096
1097
1098
1099
1100
1101
1102
1103
1104

    for lname in names:
      # Calling delete() acquires the lock exclusively if we don't already own
      # it, and causes all pending and subsequent lock acquires to fail. It's
      # fine to call it out of order because delete() also implies release(),
      # and the assertion above guarantees that if we either already hold
      # everything we want to delete, or we hold none.
      try:
        self.__lockdict[lname].delete()
Guido Trotter's avatar
Guido Trotter committed
1105
        removed.append(lname)
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
      except (KeyError, errors.LockError):
        # This cannot happen if we were already holding it, verify:
        assert not self._is_owned(), "remove failed while holding lockset"
      else:
        # If no LockError was raised we are the ones who deleted the lock.
        # This means we can safely remove it from lockdict, as any further or
        # pending delete() or acquire() will fail (and nobody can have the lock
        # since before our call to delete()).
        #
        # This is done in an else clause because if the exception was thrown
        # it's the job of the one who actually deleted it.
        del self.__lockdict[lname]
        # And let's remove it from our private list if we owned it.
        if self._is_owned():
Guido Trotter's avatar
Guido Trotter committed
1120
          self._del_owned(name=lname)
1121

Guido Trotter's avatar
Guido Trotter committed
1122
    return removed
1123

1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134

# Locking levels, must be acquired in increasing order.
# Current rules are:
#   - at level LEVEL_CLUSTER resides the Big Ganeti Lock (BGL) which must be
#   acquired before performing any operation, either in shared or in exclusive
#   mode. acquiring the BGL in exclusive mode is discouraged and should be
#   avoided.
#   - at levels LEVEL_NODE and LEVEL_INSTANCE reside node and instance locks.
#   If you need more than one node, or more than one instance, acquire them at
#   the same time.
LEVEL_CLUSTER = 0
1135
1136
LEVEL_INSTANCE = 1
LEVEL_NODE = 2
1137
1138

LEVELS = [LEVEL_CLUSTER,
1139
1140
          LEVEL_INSTANCE,
          LEVEL_NODE]
1141
1142
1143
1144

# Lock levels which are modifiable
LEVELS_MOD = [LEVEL_NODE, LEVEL_INSTANCE]

1145
1146
1147
1148
1149
1150
LEVEL_NAMES = {
  LEVEL_CLUSTER: "cluster",
  LEVEL_INSTANCE: "instance",
  LEVEL_NODE: "node",
  }

1151
# Constant for the big ganeti lock
1152
1153
1154
1155
1156
1157
BGL = 'BGL'


class GanetiLockManager:
  """The Ganeti Locking Library

Michael Hanselmann's avatar
Michael Hanselmann committed
1158
  The purpose of this small library is to manage locking for ganeti clusters
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
  in a central place, while at the same time doing dynamic checks against
  possible deadlocks. It will also make it easier to transition to a different
  lock type should we migrate away from python threads.

  """
  _instance = None

  def __init__(self, nodes=None, instances=None):
    """Constructs a new GanetiLockManager object.

1169
1170
    There should be only a GanetiLockManager object at any time, so this
    function raises an error if this is not the case.
1171

Iustin Pop's avatar
Iustin Pop committed
1172
1173
    @param nodes: list of node names
    @param instances: list of instance names
1174
1175

    """
Iustin Pop's avatar
Iustin Pop committed
1176
1177
1178
    assert self.__class__._instance is None, \
           "double GanetiLockManager instance"

1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
    self.__class__._instance = self

    # The keyring contains all the locks, at their level and in the correct
    # locking order.
    self.__keyring = {
      LEVEL_CLUSTER: LockSet([BGL]),
      LEVEL_NODE: LockSet(nodes),
      LEVEL_INSTANCE: LockSet(instances),
    }

  def _names(self, level):
    """List the lock names at the given level.

Iustin Pop's avatar
Iustin Pop committed
1192
1193
1194
    This can be used for debugging/testing purposes.

    @param level: the level whose list of locks to get
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205

    """
    assert level in LEVELS, "Invalid locking level %s" % level
    return self.__keyring[level]._names()

  def _is_owned(self, level):
    """Check whether we are owning locks at the given level

    """
    return self.__keyring[level]._is_owned()

1206
1207
  is_owned = _is_owned

1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
  def _list_owned(self, level):
    """Get the set of owned locks at the given level

    """
    return self.__keyring[level]._list_owned()

  def _upper_owned(self, level):
    """Check that we don't own any lock at a level greater than the given one.

    """
    # This way of checking only works if LEVELS[i] = i, which we check for in
    # the test cases.
1220
    return compat.any((self._is_owned(l) for l in LEVELS[level + 1:]))
1221

Iustin Pop's avatar
Iustin Pop committed
1222
  def _BGL_owned(self): # pylint: disable-msg=C0103
1223
1224
1225
1226
1227
1228
1229
    """Check if the current thread owns the BGL.

    Both an exclusive or a shared acquisition work.

    """
    return BGL in self.__keyring[LEVEL_CLUSTER]._list_owned()

1230
1231
  @staticmethod
  def _contains_BGL(level, names): # pylint: disable-msg=C0103
Iustin Pop's avatar
Iustin Pop committed
1232
1233
1234
1235
    """Check if the level contains the BGL.

    Check if acting on the given level and set of names will change
    the status of the Big Ganeti Lock.
1236
1237
1238
1239

    """
    return level == LEVEL_CLUSTER and (names is None or BGL in names)

1240
  def acquire(self, level, names, timeout=None, shared=0):
1241
1242
    """Acquire a set of resource locks, at the same level.

1243
1244
1245
    @type level: member of locking.LEVELS
    @param level: the level at which the locks shall be acquired
    @type names: list of strings (or string)
Iustin Pop's avatar
Iustin Pop committed
1246
1247
    @param names: the names of the locks which shall be acquired
        (special lock names, or instance/node names)
1248
    @type shared: integer (0/1) used as a boolean
Iustin Pop's avatar
Iustin Pop committed
1249
1250
    @param shared: whether to acquire in shared mode; by default
        an exclusive lock will be acquired
1251
1252
    @type timeout: float
    @param timeout: Maximum time to acquire all locks
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266

    """
    assert level in LEVELS, "Invalid locking level %s" % level

    # Check that we are either acquiring the Big Ganeti Lock or we already own
    # it. Some "legacy" opcodes need to be sure they are run non-concurrently
    # so even if we've migrated we need to at least share the BGL to be
    # compatible with them. Of course if we own the BGL exclusively there's no
    # point in acquiring any other lock, unless perhaps we are half way through
    # the migration of the current opcode.
    assert (self._contains_BGL(level, names) or self._BGL_owned()), (
            "You must own the Big Ganeti Lock before acquiring any other")

    # Check we don't own locks at the same or upper levels.
1267
    assert not self._upper_owned(level), ("Cannot acquire locks at a level"
1268
1269
1270
           " while owning some at a greater one")

    # Acquire the locks in the set.
1271
    return self.__keyring[level].acquire(names, shared=shared, timeout=timeout)
1272
1273
1274
1275

  def release(self, level, names=None):
    """Release a set of resource locks, at the same level.

Iustin Pop's avatar
Iustin Pop committed
1276
1277
    You must have acquired the locks, either in shared or in exclusive
    mode, before releasing them.
1278

1279
1280
1281
    @type level: member of locking.LEVELS
    @param level: the level at which the locks shall be released
    @type names: list of strings, or None
Iustin Pop's avatar
Iustin Pop committed
1282
1283
    @param names: the names of the locks which shall be released
        (defaults to all the locks acquired at that level)
1284
1285
1286
1287
1288
1289

    """
    assert level in LEVELS, "Invalid locking level %s" % level
    assert (not self._contains_BGL(level, names) or
            not self._upper_owned(LEVEL_CLUSTER)), (
            "Cannot release the Big Ganeti Lock while holding something"
1290
            " at upper levels (%r)" %
1291
1292
            (utils.CommaJoin(["%s=%r" % (LEVEL_NAMES[i], self._list_owned(i))
                              for i in self.__keyring.keys()]), ))
1293
1294
1295
1296
1297
1298
1299

    # Release will complain if we don't own the locks already
    return self.__keyring[level].release(names)

  def add(self, level, names, acquired=0, shared=0):
    """Add locks at the specified level.

1300
1301
1302
    @type level: member of locking.LEVELS_MOD
    @param level: the level at which the locks shall be added
    @type names: list of strings
Iustin Pop's avatar
Iustin Pop committed
1303
    @param names: names of the locks to acquire
1304
    @type acquired: integer (0/1) used as a boolean
Iustin Pop's avatar
Iustin Pop committed
1305
    @param acquired: whether to acquire the newly added locks
1306
    @type shared: integer (0/1) used as a boolean
Iustin Pop's avatar
Iustin Pop committed
1307
1308
    @param shared: whether the acquisition will be shared

1309
1310
1311
1312
1313
1314
1315
1316
    """
    assert level in LEVELS_MOD, "Invalid or immutable level %s" % level
    assert self._BGL_owned(), ("You must own the BGL before performing other"
           " operations")
    assert not self._upper_owned(level), ("Cannot add locks at a level"
           " while owning some at a greater one")
    return self.__keyring[level].add(names, acquired=acquired, shared=shared)

1317
  def remove(self, level, names):
1318
1319
    """Remove locks from the specified level.

Iustin Pop's avatar
Iustin Pop committed
1320
1321
    You must either already own the locks you are trying to remove
    exclusively or not own any lock at an upper level.
1322

1323
1324
1325
    @type level: member of locking.LEVELS_MOD
    @param level: the level at which the locks shall be removed
    @type names: list of strings
Iustin Pop's avatar
Iustin Pop committed
1326
1327
    @param names: the names of the locks which shall be removed
        (special lock names, or instance/node names)
1328
1329
1330
1331
1332

    """
    assert level in LEVELS_MOD, "Invalid or immutable level %s" % level
    assert self._BGL_owned(), ("You must own the BGL before performing other"
           " operations")
1333
1334
1335
    # Check we either own the level or don't own anything from here
    # up. LockSet.remove() will check the case in which we don't own
    # all the needed resources, or we have a shared ownership.
1336
1337
1338
    assert self._is_owned(level) or not self._upper_owned(level), (
           "Cannot remove locks at a level while not owning it or"
           " owning some at a greater one")
1339
    return self.__keyring[level].remove(names)