# Copyright 2017 The Chromium Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
"""Job leasing utilities
Jobs are leased to processes to own and run. A process owning a job
obtain a job lease. Ongoing ownership of the lease is established using
an exclusive fcntl lock on the lease file.
If a lease file is older than a few seconds and is not locked, then its
owning process should be considered crashed.
"""
from __future__ import absolute_import
from __future__ import division
from __future__ import print_function
import contextlib
import errno
import fcntl
import logging
import os
import socket
import time
from scandir import scandir
logger = logging.getLogger(__name__)
@contextlib.contextmanager
def obtain_lease(path):
"""Return a context manager owning a lease file.
The process that obtains the lease will maintain an exclusive,
unlimited fcntl lock on the lock file.
"""
with open(path, 'w') as f:
fcntl.lockf(f.fileno(), fcntl.LOCK_EX | fcntl.LOCK_NB)
try:
yield path
finally:
os.unlink(path)
def leases_iter(jobdir):
"""Yield Lease instances from jobdir.
@param jobdir: job lease file directory
@returns: iterator of Leases
"""
for entry in scandir(jobdir):
if _is_lease_entry(entry):
yield Lease(entry)
class Lease(object):
"Represents a job lease."
# Seconds after a lease file's mtime where its owning process is not
# considered dead.
_FRESH_LIMIT = 5
def __init__(self, entry):
"""Initialize instance.
@param entry: scandir.DirEntry instance
"""
self._entry = entry
@property
def id(self):
"""Return id of leased job."""
return int(self._entry.name)
def expired(self):
"""Return True if the lease is expired.
A lease is considered expired if there is no fcntl lock on it
and the grace period for the owning process to obtain the lock
has passed. The lease is not considered expired if the owning
process removed the lock file normally, as an expired lease
indicates that some error has occurred and clean up operations
are needed.
"""
try:
stat_result = self._entry.stat()
except OSError as e: # pragma: no cover
if e.errno == errno.ENOENT:
return False
raise
mtime = stat_result.st_mtime_ns / (10 ** 9)
if time.time() - mtime < self._FRESH_LIMIT:
return False
return not _fcntl_locked(self._entry.path)
def cleanup(self):
"""Remove the lease file.
This does not need to be called normally, as the owning process
should clean up its files.
"""
try:
os.unlink(self._entry.path)
except OSError as e:
logger.warning('Error removing %s: %s', self._entry.path, e)
try:
os.unlink(self._sock_path)
except OSError as e:
# This is fine; it means that job_reporter crashed, but
# lucifer was able to run its cleanup.
logger.debug('Error removing %s: %s', self._sock_path, e)
def abort(self):
"""Abort the job.
This sends a datagram to the abort socket associated with the
lease.
If the socket is closed, either the connect() call or the send()
call will raise socket.error with ECONNREFUSED.
"""
sock = socket.socket(socket.AF_UNIX, socket.SOCK_DGRAM)
sock.setblocking(0)
logger.debug('Connecting to abort socket %s', self._sock_path)
sock.connect(self._sock_path)
logger.debug('Sending abort to %s', self._sock_path)
# The value sent does not matter.
sent = sock.send('abort')
# TODO(ayatane): I don't know if it is possible for sent to be 0
assert sent > 0
def maybe_abort(self):
"""Abort the job, ignoring errors."""
try:
self.abort()
except socket.error as e:
logger.debug('Error aborting socket: %s', e)
@property
def _sock_path(self):
"""Return the path of the abort socket corresponding to the lease."""
return self._entry.path + ".sock"
def _is_lease_entry(entry):
"""Return True if the DirEntry is for a lease."""
return entry.name.isdigit()
def _fcntl_locked(path):
"""Return True if a file is fcntl locked.
@param path: path to file
"""
try:
fd = os.open(path, os.O_WRONLY)
except (IOError, OSError):
return False
try:
fcntl.lockf(fd, fcntl.LOCK_EX | fcntl.LOCK_NB)
except IOError:
return True
else:
return False
finally:
os.close(fd)