veyron/services/mgmt/node: making the self-update logic of node
manager robust to failures.
This CL introduces changes that guarantee that if the self-update
operation fails, a working copy of the node manager remains on the
device, and when the node manager fails, it is restarted.
To this end, this CL assumes the latest node manager installation is
pointed by a symbolic link (e.g. /usr/local/bin/nm/stable). When the
node manager is to be updated, the binary of the new version is
downloaded to a new "workspace"
(e.g. /usr/local/bin/nm/2014-05-26T15:00:00Z) and the symbolic link
that points to the latest installation of node manager is updated
accordingly. Further, the host init daemon is (expected to be) used to
make sure node manager is restarted when it crashes. To avoid the need
to modify the init daemon configuration every node manager
installation contains a shell script that sets up the application
envelope (environment variable + command-line arguments) and the init
daemon configuration file points to this shell script
(e.g. /usr/local/bin/nm/stable/noned.sh) that sets up the appropriate
environment variable and command-line arguments.
Change-Id: Ie81e21ac39944655ac6c170b8527b64b7a2e148b
11 files changed
