10

I have a server racked and its redundant power supplies plugged in two APC Smart-UPS 3000 XLM. Each UPS is connected to two different mains power sources.

Two instances of apcupsd are running, each one connected to its own UPS. They can both detect when an UPS is on Battery, and each UPS can then trigger a shutdown on the server.

Question is : How NOT to shutdown if ONLY ONE UPS runs out of battery ?

Note : Smart-UPS 3000 XLM has a "Power Sync" Function that is able to connect to its peer and detect its status. But when I pulled the plug out of one of them, the Shutdown order was sent anyway. I'm thinking about modifying the shutdown scripts to check with "apcaccess" if the other ups is down. Any experience on this would be appreciated !

Falken
  • 1,682
  • 5
  • 18
  • 27

2 Answers2

12

Currently when one of the two UPS dies, the doshutdown event is triggered, and executes the default script via apccontrol. The doshutdown script ignores the second UPS, as they are not event-connected, and proceed normally with the shutdown.

In order to have the doshutdown events somewhat connected, the two instances of apcupsd need a specifically customized configuration file. The difference will reside in the directory from which the events scripts have to be executed.

Main properties of first ups, in /etc/apcupsd/apcupsd.ups0.conf 

SCRIPTDIR /etc/apcupsd/ups0
UPSNAME ups0
DEVICE /dev/ups0
PWRFAILDIR /etc/apcupsd/ups0
NOLOGINDIR /etc/apcupsd/ups0
NISPORT 3551
EVENTSFILE /var/log/apcupsd.0.events

And for the ups1, in /etc/apcupsd/apcupsd.ups1.conf 

SCRIPTDIR /etc/apcupsd/ups1
UPSNAME ups1
DEVICE /dev/ups1
PWRFAILDIR /etc/apcupsd/ups1
NOLOGINDIR /etc/apcupsd/ups1
NISPORT 3552
EVENTSFILE /var/log/apcupsd.1.events

Each scriptdir should get a copy of the default scripts.
We want to customize the doshutdown script, which will not directly shutdown the machine, but has to check if the other UPS is still on, or is in shutdown mode.

At the top of the doshutdown script, we could add something like

for ups0

if [ ! -f /tmp/ups1.is.down ]
then
  touch /tmp/ups0.is.down
  exit 99
fi

for ups1

if [ ! -f /tmp/ups0.is.down ]
then
  touch /tmp/ups1.is.down
  exit 99
fi

the status 99 has a special meaning, that tells apccontrol to stop the action in progress. The five lines check if the other UPS-down-file has been created ; if no, the down-file is created for the ups being down, and exits. If yes, meaning the other UPS is down, this one is getting down as well, thus the script should continue and shutdown the machine.

The files /tmp/usp[01].is.down indicate if the ups[01] is currently down.

Important: the init.d start script of apcupsd should remove these files, if they have been created in a previous session:

rm -f /tmp/usp[01].is.down

Finally, the directories created above, /etc/apcupsd/ups[01] should be given access to the apcupsd user (or to whichever relevant user running the instances).

chown -R apcupsd /etc/apcupsd/ups[01]

Please have a look at the detailed documentation.

edit fixed the /tmp/ups[01].is.down names, the .is was missing.

Déjà vu
  • 5,408
  • 9
  • 32
  • 52
  • 1
    I would suggest touching your own is.down file BEFORE checking the other one - the way it is now, I think there's a tiny race condition window if both ups go out at exactly the same time. – Michael Kohne Jan 26 '17 at 21:37
  • 1
    and regular users can stop your server with touch /tmp/ups1.is.down ; touch /tmp/ups0.is.down :D So it would be better to use /var/run for example. Btw. if someone cut and pasting the solution, the rm -f /tmp/usp[01].is.down is a typo. And by the way, you should delete the /tmp/ups[01].is.down from the apccontrol's offbattery case, when power returns. – Harka Gyozo Jan 26 '17 at 21:26
4

Look at NUT. It handles this well. Define number of power supplies from each UPS and number of required power supplies. Shutdown will not be triggered as long as there are sufficient power supplies not on UPS.

BillThor
  • 27,354
  • 3
  • 35
  • 69