From 437202517efb772c702271aec6b05b4c5d49e13c Mon Sep 17 00:00:00 2001
From: liupei <liupei@kylinos.cn>
Date: Wed, 10 Jul 2024 11:11:27 +0800
Subject: [PATCH] drbdsetup,v9: show TLS in connection status && Filter DRBD
 devices from LVM commands

---
 ...tup-v9-show-TLS-in-connection-status.patch | 59 +++++++++++++++++++
 ...-resync-Filter-DRBD-devices-from-LVM.patch | 41 +++++++++++++
 drbd.spec                                     | 10 +++-
 3 files changed, 109 insertions(+), 1 deletion(-)
 create mode 100644 backport-drbdsetup-v9-show-TLS-in-connection-status.patch
 create mode 100644 backport-scripts-snapshot-resync-Filter-DRBD-devices-from-LVM.patch

diff --git a/backport-drbdsetup-v9-show-TLS-in-connection-status.patch b/backport-drbdsetup-v9-show-TLS-in-connection-status.patch
new file mode 100644
index 0000000..53ace33
--- /dev/null
+++ b/backport-drbdsetup-v9-show-TLS-in-connection-status.patch
@@ -0,0 +1,59 @@
+From 64953eae60ff332799cc1328d7c308ca0eb82c16 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Moritz=20Wanzenb=C3=B6ck?= <moritz.wanzenboeck@linbit.com>
+Date: Tue, 13 Feb 2024 11:34:53 +0100
+Subject: [PATCH 024/100] drbdsetup,v9: show TLS in connection status
+
+A user might want to make sure that TLS is actually used. With this commit
+this information is displayed in the output of drbdsetup status.
+
+Note that we generally do not show such information (net_conf stuff) in the
+status output: we do not even show the addresses for the connection. For TLS
+we make an exception: if you enable TLS it's probably important, and having a
+simple way to confirm the configuration will help users in their setup.
+---
+ user/v9/drbdsetup.c | 12 ++++++++++--
+ 1 file changed, 10 insertions(+), 2 deletions(-)
+
+diff --git a/user/v9/drbdsetup.c b/user/v9/drbdsetup.c
+index 8332cd78..d2f32995 100644
+--- a/user/v9/drbdsetup.c
++++ b/user/v9/drbdsetup.c
+@@ -2793,18 +2793,21 @@ static void connection_status_json(struct connections_list *connection,
+ 	struct paths_list *path;
+ 	int path_index = 0;
+ 	int i = 0;
++	struct nlattr *tls_nla = nla_find_nested(connection->net_conf, __nla_type(T_tls));
+ 
+ 	printf("    {\n"
+ 	       "      \"peer-node-id\": %d,\n"
+ 	       "      \"name\": \"%s\",\n"
+ 	       "      \"connection-state\": \"%s\", \n"
+ 	       "      \"congested\": %s,\n"
+-	       "      \"peer-role\": \"%s\",\n",
++	       "      \"peer-role\": \"%s\",\n"
++	       "      \"tls\": %s,\n",
+ 	       connection->ctx.ctx_peer_node_id,
+ 	       connection->ctx.ctx_conn_name,
+ 	       drbd_conn_str(connection->info.conn_connection_state),
+ 	       bool2json(connection->statistics.conn_congested),
+-	       drbd_role_str(connection->info.conn_role));
++	       drbd_role_str(connection->info.conn_role),
++	       bool2json(tls_nla && *(uint8_t *)nla_data(tls_nla)));
+ 
+ 	if (connection->statistics.ap_in_flight != -1ULL) {
+ 		printf("      \"ap-in-flight\": "U64",\n"
+@@ -3222,6 +3225,11 @@ static void connection_status(struct connections_list *connection,
+ 			    role_color_start(role, false),
+ 			    drbd_role_str(role),
+ 			    role_color_stop(role, false));
++
++		struct nlattr *tls_nla = nla_find_nested(connection->net_conf, __nla_type(T_tls));
++		if (opt_verbose || (tls_nla && *(uint8_t *)nla_data(tls_nla)))
++			wrap_printf(6, " tls:%s",
++				    tls_nla && *(uint8_t *)nla_data(tls_nla) ? "yes" : "no");
+ 	}
+ 	if (opt_verbose || connection->statistics.conn_congested > 0)
+ 		print_connection_statistics(6, NULL, &connection->statistics, wrap_printf);
+-- 
+2.33.1.windows.1
+
diff --git a/backport-scripts-snapshot-resync-Filter-DRBD-devices-from-LVM.patch b/backport-scripts-snapshot-resync-Filter-DRBD-devices-from-LVM.patch
new file mode 100644
index 0000000..eb00b67
--- /dev/null
+++ b/backport-scripts-snapshot-resync-Filter-DRBD-devices-from-LVM.patch
@@ -0,0 +1,41 @@
+From 1caa04161811e085c7a1c4847c07eb663cf85e3f Mon Sep 17 00:00:00 2001
+From: Rene Peinthor <rene.peinthor@linbit.com>
+Date: Thu, 29 Feb 2024 12:53:03 +0100
+Subject: [PATCH 025/100] scripts/snapshot-resync: Filter DRBD devices from LVM
+ commands
+
+If the primary node is up againg during resync, the script is called
+on the still inconsistent secondary node and so LVM can't read the
+DRBD devices.
+
+With this fix DRBD devices are specially excluded, without the need
+of a global_filter for LVM.
+---
+ scripts/snapshot-resync-target-lvm.sh | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/scripts/snapshot-resync-target-lvm.sh b/scripts/snapshot-resync-target-lvm.sh
+index 0e6b91a8..17ec5ae4 100755
+--- a/scripts/snapshot-resync-target-lvm.sh
++++ b/scripts/snapshot-resync-target-lvm.sh
+@@ -64,7 +64,7 @@ fi
+ set_vg_lv_size()
+ {
+ 	local X
+-	if ! X=$(lvs --noheadings --nosuffix --units s -o vg_name,lv_name,lv_size "$BACKING_BDEV") ; then
++	if ! X=$(lvs --config 'devices { filter=["r|/dev/drbd.*|"] }' --noheadings --nosuffix --units s -o vg_name,lv_name,lv_size "$BACKING_BDEV") ; then
+ 		# if lvs cannot tell me the info I need,
+ 		# this is:
+ 		echo "Cannot create snapshot of $BACKING_BDEV, apparently no LVM LV."
+@@ -150,7 +150,7 @@ else
+ 				p;
+ 				q; }' < /proc/drbd) # unit KiB
+ 		SNAP_SIZE=$((OUT_OF_SYNC + SNAP_ADDITIONAL + LV_SIZE_K * SNAP_PERC / 100))
+-		lvcreate -s -n $SNAP_NAME -L ${SNAP_SIZE}k $LVC_OPTIONS $VG_NAME/$LV_NAME
++		lvcreate --config 'devices { filter=["r|/dev/drbd.*|"] }' -s -n $SNAP_NAME -L ${SNAP_SIZE}k $LVC_OPTIONS $VG_NAME/$LV_NAME
+ 	)
+ 	RV=$?
+ 	[ $DISCONNECT_ON_ERROR = 0 ] && exit 0
+-- 
+2.33.1.windows.1
+
diff --git a/drbd.spec b/drbd.spec
index 7036101..2873844 100644
--- a/drbd.spec
+++ b/drbd.spec
@@ -1,7 +1,7 @@
 Name:           drbd
 Summary:        DRBD user-land tools and scripts
 Version:        9.27.0
-Release:        6
+Release:        7
 Source0:        http://www.linbit.com/downloads/%{name}/utils/%{name}-utils-%{version}.tar.gz
 Patch0:         drbd-utils-9.12.2-disable_xsltproc_network_read.patch
 Patch1:         drbd-utils-9.15.0-make_configure-workaround.patch
@@ -19,6 +19,10 @@ Patch7:        backport-drbdmeta-create-md-new-options-effective-size-and-diskfu
 # https://github.com/LINBIT/drbd-utils/commit/ea4bbf1c80d2bcf1082570f4ea4577d9b22b747b
 Patch8:        backport-drbdadm-create-md-new-options-effective-size-diskful-peers.patch
 # https://github.com/LINBIT/drbd-utils/commit/1203729e95f189410a0b4d0870bb08d91179eb68
+Patch9:        backport-drbdsetup-v9-show-TLS-in-connection-status.patch
+# https://github.com/LINBIT/drbd-utils/commit/64953eae60ff332799cc1328d7c308ca0eb82c16
+Patch10:      backport-scripts-snapshot-resync-Filter-DRBD-devices-from-LVM.patch
+# https://github.com/LINBIT/drbd-utils/commit/1caa04161811e085c7a1c4847c07eb663cf85e3f
 
 License:        GPL-2.0-or-later
 ExclusiveOS:    linux
@@ -229,6 +233,10 @@ management utility.
 %systemd_preun drbd.service
 
 %changelog
+* Wed Jul 10 2024 liupei <liupei@kylinos.cn> - 9.27.0-7
+- drbdsetup,v9: show TLS in connection status
+- Filter DRBD devices from LVM commands
+
 * Fri Jun 28 2024 liupei <liupei@kylinos.cn> - 9.27.0-6
 - add missing include for recently added call to include_file() 
 - drbdmeta: create-md: new options --effective-size and --diskful-peers
-- 
Gitee