def post_configure(self, address):
""" The steps that must be done after a device is configured """
route = CsRoute()
if not self.get_type() in ["control"]:
route.add_table(self.dev)
CsRule(self.dev).addMark()
interfaces = [CsInterface(address, self.config)]
CsHelper.reconfigure_interfaces(self.cl, interfaces)
self.set_mark()
if 'gateway' in self.address:
self.arpPing()
CsRpsrfs(self.dev).enable()
self.post_config_change("add")
'''For isolated/redundant and dhcpsrvr routers, call this method after the post_config is complete '''
if not self.config.is_vpc():
self.setup_router_control()
if self.config.is_vpc() or self.cl.is_redundant():
# The code looks redundant here, but we actually have to cater for routers and
# VPC routers in a different manner. Please do not remove this block otherwise
# The VPC default route will be broken.
if self.get_type() in ["public"]:
gateway = str(address["gateway"])
route.add_defaultroute(gateway)
else:
# once we start processing public ip's we need to verify there
# is a default route and add if needed
if self.cl.get_gateway():
route.add_defaultroute(self.cl.get_gateway())
def set_fault(self):
""" Set fault mode on this router """
if not self.cl.is_redundant():
logging.error("Set fault called on non-redundant router")
return
self.set_lock()
logging.info("Router switched to fault mode")
interfaces = [interface for interface in self.address.get_interfaces() if interface.is_public()]
for interface in interfaces:
CsHelper.execute("ifconfig %s down" % interface.get_device())
cmd = "%s -C %s" % (self.CONNTRACKD_BIN, self.CONNTRACKD_CONF)
CsHelper.execute("%s -s" % cmd)
CsHelper.service("ipsec", "stop")
CsHelper.service("xl2tpd", "stop")
CsHelper.service("dnsmasq", "stop")
interfaces = [interface for interface in self.address.get_interfaces() if interface.needs_vrrp()]
for interface in interfaces:
CsPasswdSvc(interface.get_gateway()).stop()
self.cl.set_fault_state()
self.cl.save()
self.release_lock()
logging.info("Router switched to fault mode")
interfaces = [interface for interface in self.address.get_interfaces() if interface.is_public()]
CsHelper.reconfigure_interfaces(self.cl, interfaces)
def post_configure(self, address):
""" The steps that must be done after a device is configured """
route = CsRoute()
if not self.get_type() in ["control"]:
route.add_table(self.dev)
CsRule(self.dev).addMark()
interfaces = [CsInterface(address, self.config)]
CsHelper.reconfigure_interfaces(self.cl, interfaces)
self.set_mark()
if 'gateway' in self.address:
self.arpPing()
CsRpsrfs(self.dev).enable()
self.post_config_change("add")
'''For isolated/redundant and dhcpsrvr routers, call this method after the post_config is complete '''
if not self.config.is_vpc():
self.setup_router_control()
if self.config.is_vpc() or self.cl.is_redundant():
# The code looks redundant here, but we actually have to cater for routers and
# VPC routers in a different manner. Please do not remove this block otherwise
# The VPC default route will be broken.
if self.get_type() in ["public"] and address["device"] == CsHelper.PUBLIC_INTERFACES[self.cl.get_type()]:
gateway = str(address["gateway"])
route.add_defaultroute(gateway)
else:
# once we start processing public ip's we need to verify there
# is a default route and add if needed
if(self.cl.get_gateway()):
route.add_defaultroute(self.cl.get_gateway())
def set_fault(self):
""" Set fault mode on this router """
if not self.cl.is_redundant():
logging.error("Set fault called on non-redundant router")
return
self.set_lock()
logging.info("Router switched to fault mode")
interfaces = [interface for interface in self.address.get_interfaces() if interface.is_public()]
for interface in interfaces:
CsHelper.execute("ifconfig %s down" % interface.get_device())
cmd = "%s -C %s" % (self.CONNTRACKD_BIN, self.CONNTRACKD_CONF)
CsHelper.execute("%s -s" % cmd)
CsHelper.service("ipsec", "stop")
CsHelper.service("xl2tpd", "stop")
CsHelper.service("dnsmasq", "stop")
interfaces = [interface for interface in self.address.get_interfaces() if interface.needs_vrrp()]
for interface in interfaces:
CsPasswdSvc(interface.get_ip()).stop()
self.cl.set_fault_state()
self.cl.save()
self.release_lock()
logging.info("Router switched to fault mode")
interfaces = [interface for interface in self.address.get_interfaces() if interface.is_public()]
CsHelper.reconfigure_interfaces(self.cl, interfaces)
def set_master(self):
""" Set the current router to master """
if not self.cl.is_redundant():
logging.error("Set master called on non-redundant router")
return
self.set_lock()
logging.debug("Setting router to master")
dev = ''
interfaces = [interface for interface in self.address.get_interfaces() if interface.is_public()]
route = CsRoute()
for interface in interfaces:
if dev == interface.get_device():
continue
dev = interface.get_device()
logging.info("Will proceed configuring device ==> %s" % dev)
cmd = "ip link set %s up" % dev
if CsDevice(dev, self.config).waitfordevice():
CsHelper.execute(cmd)
logging.info("Bringing public interface %s up" % dev)
try:
gateway = interface.get_gateway()
logging.info("Adding gateway ==> %s to device ==> %s" % (gateway, dev))
if dev == CsHelper.PUBLIC_INTERFACES[self.cl.get_type()]:
route.add_defaultroute(gateway)
except Exception:
logging.error("ERROR getting gateway from device %s" % dev)
else:
logging.error("Device %s was not ready could not bring it up" % dev)
logging.debug("Configuring static routes")
static_routes = CsStaticRoutes("staticroutes", self.config)
static_routes.process()
cmd = "%s -C %s" % (self.CONNTRACKD_BIN, self.CONNTRACKD_CONF)
CsHelper.execute("%s -c" % cmd)
CsHelper.execute("%s -f" % cmd)
CsHelper.execute("%s -R" % cmd)
CsHelper.execute("%s -B" % cmd)
CsHelper.service("ipsec", "restart")
CsHelper.service("xl2tpd", "restart")
interfaces = [interface for interface in self.address.get_interfaces() if interface.needs_vrrp()]
for interface in interfaces:
CsPasswdSvc(interface.get_ip()).restart()
CsPasswdSvc(interface.get_gateway()).restart()
CsHelper.service("dnsmasq", "restart")
self.cl.set_master_state(True)
self.cl.save()
self.release_lock()
interfaces = [interface for interface in self.address.get_interfaces() if interface.is_public()]
CsHelper.reconfigure_interfaces(self.cl, interfaces)
logging.info("Router switched to master mode")
def set_master(self):
""" Set the current router to master """
if not self.cl.is_redundant():
logging.error("Set master called on non-redundant router")
return
self.set_lock()
logging.debug("Setting router to master")
dev = ''
interfaces = [interface for interface in self.address.get_interfaces() if interface.is_public()]
route = CsRoute()
for interface in interfaces:
if dev == interface.get_device():
continue
dev = interface.get_device()
logging.info("Will proceed configuring device ==> %s" % dev)
cmd = "ip link set %s up" % dev
if CsDevice(dev, self.config).waitfordevice():
CsHelper.execute(cmd)
logging.info("Bringing public interface %s up" % dev)
try:
gateway = interface.get_gateway()
logging.info("Adding gateway ==> %s to device ==> %s" % (gateway, dev))
if dev == CsHelper.PUBLIC_INTERFACES[self.cl.get_type()]:
route.add_defaultroute(gateway)
except:
logging.error("ERROR getting gateway from device %s" % dev)
else:
logging.error("Device %s was not ready could not bring it up" % dev)
logging.debug("Configuring static routes")
static_routes = CsStaticRoutes("staticroutes", self.config)
static_routes.process()
cmd = "%s -C %s" % (self.CONNTRACKD_BIN, self.CONNTRACKD_CONF)
CsHelper.execute("%s -c" % cmd)
CsHelper.execute("%s -f" % cmd)
CsHelper.execute("%s -R" % cmd)
CsHelper.execute("%s -B" % cmd)
CsHelper.service("ipsec", "restart")
CsHelper.service("xl2tpd", "restart")
interfaces = [interface for interface in self.address.get_interfaces() if interface.needs_vrrp()]
for interface in interfaces:
# Listen on local ip address, as cloud-init uses the 'dhcp-server-identifier' address,
# which unfortunately is not the gateway address.
CsPasswdSvc(interface.get_ip()).start()
CsHelper.service("dnsmasq", "restart")
self.cl.set_master_state(True)
self.cl.save()
self.release_lock()
interfaces = [interface for interface in self.address.get_interfaces() if interface.is_public()]
CsHelper.reconfigure_interfaces(self.cl, interfaces)
logging.info("Router switched to master mode")
def set_backup(self):
""" Set the current router to backup """
if not self.cl.is_redundant():
logging.error("Set backup called on non-redundant router")
return
self.set_lock()
logging.debug("Setting router to backup")
dev = ''
interfaces = [
interface for interface in self.address.get_interfaces()
if interface.is_public()
]
for interface in interfaces:
if dev == interface.get_device():
continue
logging.info("Bringing public interface %s down" %
interface.get_device())
cmd2 = "ip link set %s down" % interface.get_device()
CsHelper.execute(cmd2)
dev = interface.get_device()
self._remove_ipv6_guest_gateway()
CsHelper.service("conntrackd", "restart")
CsHelper.service("ipsec", "stop")
CsHelper.service("xl2tpd", "stop")
interfaces = [
interface for interface in self.address.get_interfaces()
if interface.needs_vrrp()
]
for interface in interfaces:
CsPasswdSvc(interface.get_gateway() + "," +
interface.get_ip()).stop()
CsHelper.service("dnsmasq", "stop")
self.cl.set_primary_state(False)
self.cl.save()
self.release_lock()
interfaces = [
interface for interface in self.address.get_interfaces()
if interface.is_public()
]
CsHelper.reconfigure_interfaces(self.cl, interfaces)
logging.info("Router switched to backup mode")
def set_backup(self):
""" Set the current router to backup """
if not self.cl.is_redundant():
logging.error("Set backup called on non-redundant router")
return
self.set_lock()
logging.debug("Setting router to backup")
dev = ''
interfaces = [
interface for interface in self.address.get_interfaces()
if interface.is_public() or interface.is_privategateway()
]
for interface in interfaces:
if dev == interface.get_device():
continue
logging.info("Bringing public interface %s down" %
interface.get_device())
cmd2 = "ip link set %s down" % interface.get_device()
CsHelper.execute(cmd2)
dev = interface.get_device()
cmd = "%s -C %s" % (self.CONNTRACKD_BIN, self.CONNTRACKD_CONF)
CsHelper.execute("%s -d" % cmd)
CsHelper.service("strongswan", "stop")
CsHelper.service("xl2tpd", "stop")
interfaces = [
interface for interface in self.address.get_interfaces()
if interface.needs_vrrp()
]
for interface in interfaces:
CsPasswordService(interface.get_ip()).stop()
CsHelper.service("dnsmasq", "stop")
self.cl.set_master_state(False)
self.cl.save()
self.release_lock()
interfaces = [
interface for interface in self.address.get_interfaces()
if interface.is_privategateway()
]
CsHelper.reconfigure_interfaces(self.cl, interfaces)
logging.info("Router switched to backup mode")
def set_backup(self):
""" Set the current router to backup """
if not self.cl.is_redundant():
logging.error("Set backup called on non-redundant router")
return
self.set_lock()
logging.debug("Setting router to backup")
dev = ''
interfaces = [interface for interface in self.address.get_interfaces() if interface.is_public()]
for interface in interfaces:
if dev == interface.get_device():
continue
logging.info("Bringing public interface %s down" % interface.get_device())
cmd2 = "ip link set %s down" % interface.get_device()
CsHelper.execute(cmd2)
dev = interface.get_device()
cmd = "%s -C %s" % (self.CONNTRACKD_BIN, self.CONNTRACKD_CONF)
CsHelper.execute("%s -d" % cmd)
CsHelper.service("ipsec", "stop")
CsHelper.service("xl2tpd", "stop")
interfaces = [interface for interface in self.address.get_interfaces() if interface.needs_vrrp()]
for interface in interfaces:
CsPasswdSvc(interface.get_ip()).stop()
CsPasswdSvc(interface.get_gateway()).stop()
CsHelper.service("dnsmasq", "stop")
self.cl.set_master_state(False)
self.cl.save()
self.release_lock()
interfaces = [interface for interface in self.address.get_interfaces() if interface.is_public()]
CsHelper.reconfigure_interfaces(self.cl, interfaces)
logging.info("Router switched to backup mode")
def set_primary(self):
""" Set the current router to primary """
if not self.cl.is_redundant():
logging.error("Set primary called on non-redundant router")
return
self.set_lock()
logging.debug("Setting router to primary")
dev = ''
interfaces = [
interface for interface in self.address.get_interfaces()
if interface.is_public()
]
route = CsRoute()
for interface in interfaces:
if dev == interface.get_device():
continue
dev = interface.get_device()
logging.info("Will proceed configuring device ==> %s" % dev)
cmd = "ip link set %s up" % dev
if CsDevice(dev, self.config).waitfordevice():
CsHelper.execute(cmd)
logging.info("Bringing public interface %s up" % dev)
try:
gateway = interface.get_gateway()
logging.info("Adding gateway ==> %s to device ==> %s" %
(gateway, dev))
if dev == CsHelper.PUBLIC_INTERFACES[self.cl.get_type()]:
route.add_defaultroute(gateway)
except Exception:
logging.error("ERROR getting gateway from device %s" % dev)
if dev == CsHelper.PUBLIC_INTERFACES[self.cl.get_type()]:
try:
self._add_ipv6_to_interface(interface,
interface.get_ip6())
if interface.get_gateway6():
route.add_defaultroute_v6(interface.get_gateway6())
except Exception as e:
logging.error(
"ERROR adding IPv6, getting IPv6 gateway from device %s: %s"
% (dev, e))
else:
logging.error("Device %s was not ready could not bring it up" %
dev)
self._add_ipv6_guest_gateway()
logging.debug("Configuring static routes")
static_routes = CsStaticRoutes("staticroutes", self.config)
static_routes.process()
cmd = "%s -C %s" % (self.CONNTRACKD_BIN, self.CONNTRACKD_CONF)
CsHelper.execute("%s -c" % cmd)
CsHelper.execute("%s -f" % cmd)
CsHelper.execute("%s -R" % cmd)
CsHelper.execute("%s -B" % cmd)
CsHelper.service("ipsec", "restart")
CsHelper.service("xl2tpd", "restart")
interfaces = [
interface for interface in self.address.get_interfaces()
if interface.needs_vrrp()
]
for interface in interfaces:
if interface.is_added():
CsPasswdSvc(interface.get_gateway() + "," +
interface.get_ip()).restart()
CsHelper.service("dnsmasq", "restart")
self.cl.set_primary_state(True)
self.cl.save()
self.release_lock()
interfaces = [
interface for interface in self.address.get_interfaces()
if interface.is_public()
]
CsHelper.reconfigure_interfaces(self.cl, interfaces)
public_devices = list(
set([interface.get_device() for interface in interfaces]))
if len(public_devices) > 1:
# Handle specific failures when multiple public interfaces
public_devices.sort()
# Ensure the default route is added, or outgoing traffic from VMs with static NAT on
# the subsequent interfaces will go from the wrong IP
route = CsRoute()
dev = ''
for interface in interfaces:
if dev == interface.get_device():
continue
dev = interface.get_device()
gateway = interface.get_gateway()
if gateway:
route.add_route(dev, gateway)
# The first public interface has a static MAC address between VRs. Subsequent ones don't,
# so an ARP announcement is needed on failover
for device in public_devices[1:]:
logging.info("Sending garp messages for IPs on %s" % device)
for interface in interfaces:
if interface.get_device() == device:
CsHelper.execute("arping -I %s -U %s -c 1" %
(device, interface.get_ip()))
logging.info("Router switched to primary mode")
