succd: early refuse unsafe operations

2024-09-28 10:22:40 +02:00 · 2024-09-28 10:22:40 +02:00 · dda098f634
parent 960be9cd23
commit dda098f634
2 changed files with 14 additions and 4 deletions
--- a/succbone/succd/process.go
+++ b/succbone/succd/process.go
@ -106,21 +106,21 @@ func (d *daemon) processOnce(_ context.Context) error {
 			// Unrealistic result, Pirani probe probably disconnected. Failsafe mode.
 			if !d.safety.failsafe {
 				d.safety.failsafe = true
-				klog.Errorf("Pirani probe seems disconnected; enabling failsafe mode")
+				klog.Errorf("SAFETY: Pirani probe seems disconnected; enabling failsafe mode")
 			}
 		}
 		if d.safety.failsafe && mbar > 1e2 {
 			d.safety.failsafe = false
-			klog.Infof("Pirani probe value (%s) is plausible again; quitting failsafe mode", formatMbar(mbar))
+			klog.Infof("SAFETY: Pirani probe value (%s) is plausible again; quitting failsafe mode", formatMbar(mbar))
 		}

 		if !d.safety.highPressure && mbar >= 1e-1 {
 			d.safety.highPressure = true
-			klog.Warningf("Pressure is too high (%s mbar); enabling diffusion pump lockout", formatMbar(mbar))
+			klog.Warningf("SAFETY: Pressure is too high (%s mbar); enabling diffusion pump lockout", formatMbar(mbar))
 		}
 		if d.safety.highPressure && mbar < (1e-1)-(1e-2) {
 			d.safety.highPressure = false
-			klog.Infof("Pressure is low enough (%s mbar) for diffusion pump operation; quitting diffusion pump lockout", formatMbar(mbar))
+			klog.Infof("SAFETY: Pressure is low enough (%s mbar) for diffusion pump operation; quitting diffusion pump lockout", formatMbar(mbar))
 		}
 	} else {
 		d.safety.failsafe = true
--- a/succbone/succd/process_controller.go
+++ b/succbone/succd/process_controller.go
@ -1,5 +1,7 @@
 package main

+import "k8s.io/klog"
+
 // daemonController is the control/data interface passed on to external system
 // controllers, eg. the web interface.
 //
@ -27,12 +29,20 @@ func (d *daemon) snapshot() *daemonState {
 func (d *daemon) rpSet(state bool) {
 	d.mu.Lock()
 	defer d.mu.Unlock()
+	if !state && d.dpOn {
+		klog.Errorf("SAFETY: Refusing to disable roughing pump while diffusion pump is active")
+		return
+	}
 	d.rpOn = state
 }

 func (d *daemon) dpSet(state bool) {
 	d.mu.Lock()
 	defer d.mu.Unlock()
+	if state && (d.safety.failsafe || d.safety.highPressure) {
+		klog.Errorf("SAFETY: Refusing to enable diffusion pump with safety alerts present")
+		return
+	}
 	d.dpOn = state
 }