def _create_snat(self, info, iptc):
privnicname = linux.get_nic_name_by_mac(info.privateNicMac)
if not privnicname:
raise virtualrouter.VirtualRouterError(
'cannot get private nic name for mac[%s]' % info.privateNicMac)
pubnicnames = linux.get_nic_names_by_mac(info.publicNicMac)
if not pubnicnames:
raise virtualrouter.VirtualRouterError(
'cannot get public nic name for mac[%s]' % info.publicNicMac)
pubnicname = pubnicnames[0].split(':')[0]
snat_chain_name = self.make_snat_chain_name(privnicname)
iptc.add_rule('-A POSTROUTING -j %s' % snat_chain_name,
iptc.NAT_TABLE_NAME)
iptc.add_rule(
'-A {0} -o {1} -j SNAT --to-source {2}'.format(
snat_chain_name, pubnicname, info.publicIp),
iptc.NAT_TABLE_NAME)
fwd_chain_name = self._make_forward_chain_name(privnicname)
iptc.add_rule('-A FORWARD -i {0} -o {1} -j {2}'.format(
pubnicname, privnicname, fwd_chain_name))
iptc.add_rule('-A FORWARD -i {0} -o {1} -j {2}'.format(
privnicname, pubnicname, fwd_chain_name))
iptc.add_rule('-A FORWARD -i {0} -o {1} -j {2}'.format(
privnicname, privnicname, fwd_chain_name))
iptc.add_rule('-A {0} -j ACCEPT'.format(fwd_chain_name))
def _get_nics(self):
info = shell.ShellCmd('ip link')()
nics = {}
infos = info.split('\n')
lines = []
for i in infos:
i = i.strip().strip('\t').strip('\r').strip('\n')
if i == '':
continue
lines.append(i)
i = 0
while (i < len(lines)):
l1 = lines[i]
dev_name = l1.split(':')[1].strip()
i += 1
l2 = lines[i]
mac = l2.split()[1].strip()
i += 1
if nics.has_key(mac):
wrong_dev_name = nics[mac]
err = 'two nics[%s, %s] has the same mac address[%s], this is not allowed in virtual router' % (
dev_name, wrong_dev_name, mac)
raise virtualrouter.VirtualRouterError(err)
nics[mac] = dev_name
return nics
def _restart_dnsmasq(self):
self._do_dnsmasq_restart()
def check_start(_):
dnsmasq_pid = linux.get_pid_by_process_name('dnsmasq')
return dnsmasq_pid is not None
if not linux.wait_callback_success(check_start, None, 5, 0.5):
logger.debug('dnsmasq is not running, former start failed, try to start it again ...')
cmd = self._do_dnsmasq_start()
if cmd.return_code != 0:
raise virtualrouter.VirtualRouterError('dnsmasq in virtual router is not running, we try to start it but fail, error is %s' % cmd.stdout)
if not linux.wait_callback_success(check_start, None, 5, 0.5):
raise virtualrouter.VirtualRouterError('dnsmasq in virtual router is not running, "/etc/init.d/dnsmasq start" returns success, but the process is not running after 5 seconds')
def check_eip(table):
if not table:
return
for chain in table.children:
vip_nic = self._get_vip_nic_name_from_chain_name(chain.name)
if vip_nic == vip_nic_name:
raise virtualrouter.VirtualRouterError('eip[%s] has been occupied, this is an internal error' % vip)
def _remove_snat(self, info, iptc):
privnicname = linux.get_nic_name_by_mac(info.privateNicMac)
if not privnicname:
raise virtualrouter.VirtualRouterError('cannot get private nic name for mac[%s]' % info.privateNicMac)
snat_chain_name = self.make_snat_chain_name(privnicname)
iptc.delete_chain(snat_chain_name, iptc.NAT_TABLE_NAME)
fwd_chain_name = self._make_forward_chain_name(privnicname)
iptc.delete_chain(fwd_chain_name)
def _refresh_dnsmasq(self):
dnsmasq_pid = linux.get_pid_by_process_name('dnsmasq')
if not dnsmasq_pid:
logger.debug('dnsmasq is not running, try to start it ...')
output = self._do_dnsmasq_start()
dnsmasq_pid = linux.get_pid_by_process_name('dnsmasq')
if not dnsmasq_pid:
raise virtualrouter.VirtualRouterError('dnsmasq in virtual router is not running, we try to start it but fail, error is %s' % output)
shell.call('kill -1 %s' % dnsmasq_pid)
def _refresh_dnsmasq(self):
dnsmasq_pid = linux.get_pid_by_process_name('dnsmasq')
if not dnsmasq_pid:
logger.debug('dnsmasq is not running, try to start it ...')
output = self._do_dnsmasq_start()
dnsmasq_pid = linux.get_pid_by_process_name('dnsmasq')
if not dnsmasq_pid:
raise virtualrouter.VirtualRouterError('dnsmasq in virtual router is not running, we try to start it but fail, error is %s' % output)
if self.signal_count > self.config.init_command.restartDnsmasqAfterNumberOfSIGUSER1:
self._restart_dnsmasq()
self.signal_count = 0
return
shell.call('kill -1 %s' % dnsmasq_pid)
self.signal_count += 1
